Not telling the cmux would sometimes cause an assertion failure in
relay.c when we tried to get an active circuit and found an "active"
circuit with no cells.

Additionally, replace that assert with a test and a log message.

Fix for bug 20203. This is actually probably a bugfix on
0.2.8.1-alpha, specifically my code in 8b4e5b7e where I
made circuit_mark_for_close_() do less in order to simplify our call
graph. Thanks to "cypherpunks" for help diagnosing.

Our use of the (mockable) tor_close_socket() in the util/socket_..
tests confused coverity, which could no longer tell that we were
actually closing the sockets.

 * FIXES #20201: https://bugs.torproject.org/20201

Commit 41cc1f61 introduced a "dns_request"
configuration value which wasn't set to 1 for an entry connection on the
DNSPort leading to a refusal to resolve the given hostname.

This commit set the dns_request flag by default for every entry connection
made to the DNSPort.

Fixes #20109

Signed-off-by: David Goulet <dgoulet@torproject.org>

For a brief moment in networkstatus_set_current_consensus(), the old
consensus has been freed, but the node_t objects still have dead
pointers to the routerstatus_t objects within it.  During that
interval, we absolutely must not do anything that would cause Tor to
look at those dangling pointers.

Unfortunately, calling the (badly labeled!) current_consensus macro
or anything else that calls into we_use_microdescriptors_for_circuits(),
can make us look at the nodelist.

The fix is to make sure we identify the main consensus flavor
_outside_ the danger zone, and to make the danger zone much much
smaller.

Fixes bug 20103.  This bug has been implicitly present for AGES; we
just got lucky for a very long time.  It became a crash bug in
0.2.8.2-alpha when we merged 35bbf2e4 to make
find_dl_schedule start looking at the consensus, and 4460feaf
which made node_get_all_orports less (accidentally) tolerant of
nodes with a valid ri pointer but dangling rs pointer.

(This will be used by prop224)

Now that crypto_cipher_t only contains a pointer, it no longer
has any reason for an independent existence.

Previously, the IV and key were stored in the structure, even though
they mostly weren't needed.  The only purpose they had was to
support a seldom-used API where you could pass NULL when creating
a cipher in order to get a random key/IV, and then pull that key/IV
back out.

This saves 32 bytes per AES instance, and makes it easier to support
different key lengths.

Also, change the input types for aes_new_cipher to be unsigned,
as they should have been all along.

Found by coverity.

Bugfix on a4f46ff8. Found by Coverity.

Fixes bug 20141; bugfix on 0.2.9.1-alpha.

Patch from Gisle Vanem.

This requires a recent version of chutney, with the single onion
network flavours (git c72a652 or later).

Closes ticket #20072.

I changed the API here in deb294ff, to be less annoying
to use.

teor authored 8 years ago and Nick Mathewson committed 8 years ago

And make consequential line-length adjustments.