"ours" merge to avoid version bump.

Replace the 81 remaining fallbacks of the 100 originally introduced
in Tor 0.2.8.3-alpha in March 2016, with a list of 177 fallbacks
(123 new, 54 existing, 27 removed) generated in December 2016.

Resolves ticket 20170.

In get_token(), we could read one byte past the end of the
region. This is only a big problem in the case where the region
itself is (a) potentially hostile, and (b) not explicitly
nul-terminated.

This patch fixes the underlying bug, and also makes sure that the
one remaining case of not-NUL-terminated potentially hostile data
gets NUL-terminated.

Fix for bug 21018, TROVE-2016-12-002, and CVE-2016-1254

Fixes 20935.

Closes #20938

Signed-off-by: David Goulet <dgoulet@torproject.org>

Makes 19926 less annoying in 0.2.9.  In 0.3.0, we should actually
fix this.

David Goulet authored 8 years ago and Nick Mathewson committed 8 years ago

The signed_descriptor_move() was not releasing memory inside the destination
object before overwriting it with the source object. This commit adds a reset
function that free that memory inside a signed descriptor object and zero it.

Closes #20715.

Signed-off-by: David Goulet <dgoulet@torproject.org>

"Ours" merge to avoid bumping version.

cypherpunks authored 8 years ago and Nick Mathewson committed 8 years ago

Also combine all of the checks into one if-tree as only one of them
should actually succeed.

(ours merge, to avoid taking 20865 fix)

They added clock_gettime(), but with tv_nsec as a long, whereas
tv_usec is a __darwin_suseconds_t (a.k.a. 'int').  Now, why would
they do that? Are they preparing for a world where there are more
than 2 billion nanoseconds per second?  Are they planning for having
int be less than 32 bits again?  Or are they just not paying
attention to the Darwin API?

Also, they forgot to mark clock_gettime() as Sierra-only, so even
if we fixed the issue here, we'd still be stick with portability
breakage like we were for 0.2.9.

So, just disable clock_gettime() on apple.

Attempted fix for 19960.

Also, fixes a typo.

This is an attempt to figure out what's up with #19960

Fixes 20875; this code is as suggested by teor on the ticket.  Thanks!

This is an attempt to fix #19974.