I'm doing this to storagedir to used config_line_t.

David Goulet authored Apr 04, 2017 and Nick Mathewson committed Apr 04, 2017

In order to avoid src/or/hs_service.o to contain no symbols and thus making
clang throw a warning, the functions are now exposed not just to unit tests.

Signed-off-by: David Goulet <dgoulet@torproject.org>

Capture the warning for the unhandled circuit purpose test case, both
to clean up the test log and to confirm that it gets logged.

Taylor Yu authored Mar 28, 2017 and Nick Mathewson committed Apr 03, 2017

Check that route_len_for_purpose() (helper for new_route_len())
correctly fails a non-fatal bug assertion if it encounters an
unhandled circuit purpose when it is called with exit node info.

Taylor Yu authored Mar 28, 2017 and Nick Mathewson committed Apr 03, 2017

Add a new helper function route_len_for_purpose(), which explicitly
lists all of the known circuit purposes for a circuit with a chosen
exit node (unlike previously, where the default route length for a
chosen exit was DEFAULT_ROUTE_LEN + 1 except for two purposes).  Add a
non-fatal assertion for unhandled purposes that conservatively returns
DEFAULT_ROUTE_LEN + 1.

Add copious comments documenting which circuits need an extra hop and
why.

Thanks to nickm and dgoulet for providing background information.

In an effort to better communicate with our users that they might need
to take certain actions when upgrading, we should extract from the
changelog the items that require some action (example: the new version
automatically generates keys, if you want them to be offline - make sure
to create them before upgrading).

("Ours" merge to avoid version bump.)

The old implementation had duplicated code in a bunch of places, and
it interspersed spool-management with resource management.  The new
implementation should make it easier to add new resource types and
maintain the spooling code.

Closing ticket 21651.

George Kadianakis authored Mar 27, 2017 and Nick Mathewson committed Mar 27, 2017

When calculating max sampled size, Tor would only count the number of
bridges in torrc, without considering that our state file might already
have sampled bridges in it. This caused problems when people swap
bridges, since the following error would trigger:

         [warn] Not expanding the guard sample any further; just hit the
                maximum sample threshold of 1

This prevents an i386 compilation warning and fixes bug 21828. Bug not
in any released Tor.

Fixes bug21799.

Leak caused by clean_up_backtrace_handler not being called
on shutdown.

Alexander Færøy authored Mar 17, 2017 and Nick Mathewson committed Mar 17, 2017

This patch changes the way we decide when to check for whether it's time
to rotate and/or expiry our onion keys. Due to proposal #274 we can now
have the keys rotate at different frequencies than before and we thus
do the check once an hour when our Tor daemon is running in server mode.

This should allow us to quickly notice if the network consensus
parameter have changed while we are running instead of having to wait
until the current parameters timeout value have passed.

See: See: https://bugs.torproject.org/21641

Alexander Færøy authored Mar 10, 2017 and Nick Mathewson committed Mar 17, 2017

This patch adds a new timer that is executed when it is time to expire
our current set of old onion keys. Because of proposal #274 this can no
longer be assumed to be at the same time we rotate our onion keys since
they will be updated less frequently.

See: https://bugs.torproject.org/21641

Alexander Færøy authored Mar 10, 2017 and Nick Mathewson committed Mar 17, 2017

This patch adds an API to get the current grace period, in days, defined
as the consensus parameter "onion-key-grace-period-days".

As per proposal #274 the values for "onion-key-grace-period-days" is a
default value of 7 days, a minimum value of 1 day, and a maximum value
defined by other consensus parameter "onion-key-rotation-days" also
defined in days.

See: https://bugs.torproject.org/21641

Alexander Færøy authored Mar 10, 2017 and Nick Mathewson committed Mar 17, 2017

This patch turns `MIN_ONION_KEY_LIFETIME` into a new function
`get_onion_key_lifetime()` which gets its value from a network consensus
parameter named "onion-key-rotation-days". This allows us to tune the
value at a later point in time with no code modifications.

We also bump the default onion key lifetime from 7 to 28 days as per
proposal #274.

See: https://bugs.torproject.org/21641