1. 14 Jan, 2019 1 commit
  2. 09 Jan, 2019 1 commit
  3. 18 Dec, 2018 1 commit
  4. 17 Dec, 2018 1 commit
  5. 10 Dec, 2018 1 commit
    • Taylor Yu's avatar
      Log bootstrap tag names · 1b855af5
      Taylor Yu authored
      Add the bootstrap tag name to the log messages, so people
      troubleshooting connection problems can look up a symbol instead of a
      number.  Closes ticket 28731.
  6. 04 Dec, 2018 3 commits
  7. 30 Nov, 2018 1 commit
  8. 19 Nov, 2018 1 commit
  9. 14 Nov, 2018 2 commits
  10. 07 Nov, 2018 1 commit
  11. 30 Oct, 2018 1 commit
  12. 23 Oct, 2018 3 commits
  13. 22 Oct, 2018 1 commit
    • David Goulet's avatar
      hs-v3: Create desc signing key cert before uploading · 81c466c3
      David Goulet authored
      Before this commit, we would create the descriptor signing key certificate
      when first building the descriptor.
      In some extreme cases, it lead to the expiry of the certificate which triggers
      a BUG() when encoding the descriptor before uploading.
      Ticket #27838 details a possible scenario in which this can happen. It is an
      edge case where tor losts internet connectivity, notices it and closes all
      circuits. When it came back up, the HS subsystem noticed that it had no
      introduction circuits, created them and tried to upload the descriptor.
      However, in the meantime, if tor did lack a live consensus because it is
      currently seeking to download one, we would consider that we don't need to
      rotate the descriptors leading to using the expired signing key certificate.
      That being said, this commit does a bit more to make this process cleaner.
      There are a series of things that we need to "refresh" before uploading a
      descriptor: signing key cert, intro points and revision counter.
      A refresh function is added to deal with all mutable descriptor fields. It in
      turn simplified a bit the code surrounding the creation of the plaintext data.
      We keep creating the cert when building the descriptor in order to accomodate
      the unit tests. However, it is replaced every single time the descriptor is
      Fixes #27838
      Signed-off-by: David Goulet's avatarDavid Goulet <dgoulet@torproject.org>
  14. 18 Oct, 2018 2 commits
    • David Goulet's avatar
      hs-v3: Close client intro circuits if the descriptor is replaced · 9ba16c4d
      David Goulet authored
      When storing a descriptor in the client cache, if we are about to replace an
      existing descriptor, make sure to close every introduction circuits of the old
      descriptor so we don't have leftovers lying around.
      Ticket 27471 describes a situation where tor is sending an INTRODUCE1 cell on
      an introduction circuit for which it doesn't have a matching intro point
      object (taken from the descriptor).
      The main theory is that, after a new descriptor showed up, the introduction
      points changed which led to selecting an introduction circuit not used by the
      service anymore thus for which we are unable to find the corresponding
      introduction point within the descriptor we just fetched.
      Closes #27471.
      Signed-off-by: David Goulet's avatarDavid Goulet <dgoulet@torproject.org>
    • David Goulet's avatar
      hs-v3: Always generate the descriptor cookie · 56f713b8
      David Goulet authored
      It won't be used if there are no authorized client configured. We do that so
      we can easily support the addition of a client with a HUP signal which allow
      us to avoid more complex code path to generate that cookie if we have at least
      one client auth and we had none before.
      Fixes #27995
      Signed-off-by: David Goulet's avatarDavid Goulet <dgoulet@torproject.org>
  15. 17 Oct, 2018 1 commit
  16. 16 Oct, 2018 1 commit
  17. 14 Oct, 2018 1 commit
  18. 05 Oct, 2018 1 commit
  19. 01 Oct, 2018 16 commits