1. 11 Aug, 2020 1 commit
  2. 30 Jul, 2020 1 commit
  3. 29 Jul, 2020 1 commit
  4. 28 Jul, 2020 1 commit
  5. 23 Jul, 2020 2 commits
  6. 22 Jul, 2020 2 commits
    • Nick Mathewson's avatar
      Treat all extorport connections with un-set addresses as remote · ceb6585a
      Nick Mathewson authored
      Without this fix, if an PT forgets to send a USERADDR command, that
      results in a connection getting treated as local for the purposes of
      rate-limiting.
      
      If the PT _does_ use USERADDR, we still believe it.
      
      Closes ticket 33747.
      ceb6585a
    • Nick Mathewson's avatar
      Adjust the rules for warning about too many connections. · faa752f3
      Nick Mathewson authored
      Previously we tolerated up to 1.5 connections for every relay we
      were connected to, and didn't warn if we had fewer than 5
      connections total.
      
      Now we tolerate up to 1.5 connections per relay, and up to 4
      connections per authority, and we don't warn at all when we have
      fewer than 25 connections total.
      
      Fixes bug 33880, which seems to have been provoked by our #17592
      change in 0.3.5.
      faa752f3
  7. 20 Jul, 2020 3 commits
    • Jigsaw52's avatar
      Fix seccomp sandbox rules for openat #27315 · d75e7daa
      Jigsaw52 authored
      The need for casting negative syscall arguments depends on the
      glibc version. This affects the rules for the openat syscall which
      uses the constant AT_FDCWD that is defined as a negative number.
      This commit adds logic to only apply the cast when necessary, on
      glibc versions from 2.27 onwards.
      d75e7daa
    • Jigsaw52's avatar
      Fix seccomp sandbox rules for opening directories #40020 · d28bfb2c
      Jigsaw52 authored
      Different versions of glibc use either open or openat for the
      opendir function. This commit adds logic to use the correct rule
      for each glibc version, namely:
      - Until 2.14 open is used
      - From 2.15 to to 2.21 openat is used
      - From 2.22 to 2.26 open is used
      - From 2.27 onwards openat is used
      d28bfb2c
    • Jigsaw52's avatar
      Fix seccomp sandbox rules for openat #27315 · c79b4397
      Jigsaw52 authored
      The need for casting negative syscall arguments depends on the
      glibc version. This affects the rules for the openat syscall which
      uses the constant AT_FDCWD that is defined as a negative number.
      This commit adds logic to only apply the cast when necessary, on
      glibc versions from 2.27 onwards.
      c79b4397
  8. 13 Jul, 2020 2 commits
  9. 10 Jul, 2020 1 commit
  10. 09 Jul, 2020 2 commits
  11. 08 Jul, 2020 1 commit
    • Guinness's avatar
      socks: Returns 0xF6 only if BAD_HOSTNAME · 562957e0
      Guinness authored and David Goulet's avatar David Goulet committed
      
      
      This commit modifies the behavior of `parse_extended_address` in such a way
      that if it fails, it will always return a `BAD_HOSTNAME` value, which is then
      used to return the 0xF6 extended error code.  This way, in any case that is
      not a valid v2 address, we return the 0xF6 error code, which is the expected
      behavior.
      
      Signed-off-by: David Goulet's avatarDavid Goulet <dgoulet@torproject.org>
      562957e0
  12. 07 Jul, 2020 3 commits
  13. 06 Jul, 2020 1 commit
    • Alexander Færøy's avatar
      Fix out-of-bound memory read in `tor_tls_cert_matches_key()` for NSS. · b46984e9
      Alexander Færøy authored and Nick Mathewson's avatar Nick Mathewson committed
      This patch fixes an out-of-bound memory read in
      `tor_tls_cert_matches_key()` when Tor is compiled to use Mozilla's NSS
      instead of OpenSSL.
      
      The NSS library stores some length fields in bits instead of bytes, but
      the comparison function found in `SECITEM_ItemsAreEqual()` needs the
      length to be encoded in bytes. This means that for a 140-byte,
      DER-encoded, SubjectPublicKeyInfo struct (with a 1024-bit RSA public key
      in it), we would ask `SECITEM_ItemsAreEqual()` to compare the first 1120
      bytes instead of 140 (140bytes * 8bits = 1120bits).
      
      This patch fixes the issue by converting from bits to bytes before
      calling `SECITEM_ItemsAreEqual()` and convert the `len`-fields back to
      bits before we leave the function.
      
      This patch is part of the fix for TROVE-2020-001.
      
      See: https://bugs.torproject.org/33119
      b46984e9
  14. 03 Jul, 2020 1 commit
  15. 02 Jul, 2020 1 commit
  16. 30 Jun, 2020 1 commit
  17. 23 Jun, 2020 1 commit
  18. 22 Jun, 2020 1 commit
  19. 17 Jun, 2020 1 commit
    • Nick Mathewson's avatar
      Update the list of recommended protocol versions to match >=0.3.5. · b67f7d72
      Nick Mathewson authored
      Since Tor 0.2.9 has been unsupported since January, 0.3.5 is the
      oldest supported version, and its features constitute the oldest
      recommended feature-set.
      
      This patch updates these recommendations:
      
         DirCache=2
      
            Support for consensus diffs.
            New in 0.3.1.1-alpha.
      
         HSDir=2
      
            Support for v3 onion service descriptors.
            New in 0.3.0.4-alpha.
      
         HSIntro=4
      
            Support for Ed25519 intropoint authentication keys.
            New in 0.3.0-4-alpha.
      
         HSRend=2
      
            Support for rendezvous cells longer than 20 bytes.
            New in 0.2.9.4-alpha.
      
         Link=5
      
            Link padding and link padding negotiation.
            New in 0.3.3.2-alpha.
      
         LinkAuth=3
      
             Ed25519 link authentication.
             New in 0.3.0.1-alpha.
      b67f7d72
  20. 11 Jun, 2020 1 commit
  21. 04 Jun, 2020 2 commits
  22. 30 May, 2020 1 commit
    • Roger Dingledine's avatar
      Preemptive circs should work with UseEntryGuards 0 · 39f2411b
      Roger Dingledine authored
      Resume being willing to use preemptively-built circuits when
      UseEntryGuards is set to 0. We accidentally disabled this feature with
      that config setting (in our fix for #24469), leading to slower load times.
      
      Fixes bug 34303; bugfix on 0.3.3.2-alpha.
      39f2411b
  23. 28 May, 2020 1 commit
  24. 27 May, 2020 1 commit
  25. 23 May, 2020 1 commit
  26. 21 May, 2020 1 commit
  27. 20 May, 2020 1 commit
  28. 19 May, 2020 1 commit
  29. 15 May, 2020 2 commits
  30. 12 May, 2020 1 commit