Skip to content
Snippets Groups Projects
Select Git revision
  • main default protected
  • release-0.4.7
  • maint-0.4.7
  • release-0.4.5
  • maint-0.4.5
  • release-0.4.6
  • maint-0.4.6
  • release-0.3.5
  • maint-0.3.5
  • release-0.4.4
  • maint-0.4.4
  • release-0.4.3
  • maint-0.4.3
  • maint-0.4.2
  • release-0.4.2
  • maint-0.4.1
  • release-0.4.1
  • maint-0.4.0
  • release-0.4.0
  • release-0.2.9
  • tor-0.4.7.12
  • tor-0.4.5.15
  • tor-0.4.7.11
  • tor-0.4.7.10
  • tor-0.4.6.12
  • tor-0.4.5.14
  • tor-0.4.7.9
  • tor-0.4.6.11
  • tor-0.4.5.13
  • tor-0.4.7.8
  • tor-0.4.8.0-alpha-dev
  • tor-0.4.7.7
  • tor-0.4.7.6-rc
  • tor-0.4.7.5-alpha
  • tor-0.4.7.4-alpha
  • tor-0.4.6.10
  • tor-0.4.5.12
  • tor-0.3.5.18
  • tor-0.4.7.3-alpha
  • tor-0.4.6.9
40 results
Search by author
  • Any Author
  • sergi sergi sergi
1 author
  1. Feb 08, 2021
  3. Feb 03, 2021
  5. Feb 01, 2021
  7. Jan 29, 2021
  9. Jan 27, 2021
  11. Jan 21, 2021
  13. Jan 20, 2021
  15. Jan 19, 2021
  17. Jan 15, 2021
  19. Jan 14, 2021
  21. Jan 13, 2021
    • Nick Mathewson's avatar
      Better fix for #40241 (--enable-all-bugs-are-fatal and fallthrough) · fa8ecf88
      Nick Mathewson authored 
      This one should work on GCC _and_ on Clang.  The previous version
made Clang happier by not having unreachable "fallthrough"
statements, but made GCC sad because GCC didn't think that the
unconditional failures were really unconditional, and therefore
_wanted_ a FALLTHROUGH.

This patch adds a FALLTHROUGH_UNLESS_ALL_BUGS_ARE_FATAL macro that
seems to please both GCC and Clang in this case: ordinarily it is a
FALLTHROUGH, but when ALL_BUGS_ARE_FATAL is defined, it's an
abort().

Fixes bug 40241 again.  Bugfix on earlier fix for 40241, which was
merged into maint-0.3.5 and forward, and released in 0.4.5.3-rc.
      fa8ecf88
    • Nick Mathewson's avatar
      Remove BUG() when checking TOO_MANY_OUTDATED_DIRSERVERS. · 4d6d3b3c
      Nick Mathewson authored 
      Fixes bug #40234; bugfix on 0.3.2.5-alpha.
      4d6d3b3c
  23. Jan 12, 2021
    • David Goulet's avatar
      hs-v3: Require reasonably live consensus · 04b02639
      David Goulet authored 
      
Some days before this commit, the network experienced a DDoS on the directory
authorities that prevented them to generate a consensus for more than 5 hours
straight.

That in turn entirely disabled onion service v3, client and service side, due
to the subsystem requiring a live consensus to function properly.

We know require a reasonably live consensus which means that the HSv3
subsystem will to its job for using the best consensus tor can find. If the
entire network is using an old consensus, than this should be alright.

If the service happens to use a live consensus while a client is not, it
should still work because the client will use the current SRV it sees which
might be the previous SRV for the service for which it still publish
descriptors for.

If the service is using an old one and somehow can't get a new one while
clients are on a new one, then reachability issues might arise. However, this
is a situation we already have at the moment since the service will simply not
work if it doesn't have a live consensus while a client has one.

Fixes #40237

Signed-off-by: David Goulet's avatarDavid Goulet <dgoulet@torproject.org>
      04b02639
  25. Jan 11, 2021
    • Nick Mathewson's avatar
      Reject obsolete router/extrainfo descs more quietly. · ca6ccd37
      Nick Mathewson authored 
      Thanks to proposal 315 / ticket #30132, more fields are now
required in these documents.  But ancient Tors that try to upload
obsolete documents were causing the authorities to log warnings
about missing fields, and to do so very spammily.

We now detect the missing fields before tokenizing, and log at
debug.  This is a bit of ugliness, but it's probably a safer choice
than making _all_ unparseable-desc warnings into debug-level logs.

I'm looking at identity-ed25519 in extrainfos and proto in
routerdescs because they were (I believe) the latest-added fields in
Tor's history: any Tor that lacks them will also lack the other
newly required fields.

Fixes bug #40238; bugfix on 0.4.5.1-alpha.
      ca6ccd37
    • Nick Mathewson's avatar
      Fix warnings in current debian-hardened CI. · ccdbbae4
      Nick Mathewson authored 
      We're getting "fallback annotation annotation in unreachable code"
warnings when we build with ALL_BUGS_ARE_FATAL. This patch fixes
that.

Fixes bug 40241.  Bugfix on 0.3.5.4-alpha.
      ccdbbae4
  27. Dec 21, 2020
    • Karsten Loesing's avatar
      Fix timestamp parser in new load_stats_file. · 5dd6304f
      Karsten Loesing authored and Nick Mathewson's avatar Nick Mathewson committed 
      The previous parser only considered stats files _starting_ with the
timestamp tag, not stats files having the timestamp tag in a later
position. While this applies to all current stats files, a future
stats file might look differently. Better to fix the function now than
be surprised in another 9 years from now.

This commit also adds a test case for such future stats, and it fixes
stats file paths in newly added unit tests.
      5dd6304f
    • David Goulet's avatar
      relay: Report the entire content of a stats file · c934fced
      David Goulet authored and Nick Mathewson's avatar Nick Mathewson committed 
      
It turns out that 9 years ago, we stopped appending data into stats file and
rather overwrite everytime we have new stats (see commit
a6a127c8)

The load_stats_file() function was still thinking that we could have the same
line many times in the file which turns out to be false since 9 years ago.
However, that did not cause problem until IPv6 connection stats came along
which introduced a new line in conn-stats: "ipv6-conn-bi-direct ...".

Before, that file contained a single line starting with the tag
"conn-bi-direct".  That very tag appears also in the IPv6 tag (see above) so
the load_stats_file() function would consider that the IPv6 line as the last
tag to be appeneded to the file and fail to report the line above (for IPv4).
It would actually truncate the IPv6 line and report it (removing the "ipv6-"
part).

In other words, "conn-bi-direct" was not reported and instead
"ipv6-conn-bi-direct" was used without the "ipv6-" part.

This commit refactors the entire function so that now it looks for a
"timestamp tag" to validate and then if everything is fine, returns the entire
content of the file. The refactor simplifies the function, adds logging in
case of failures and modernize it in terms of coding standard.

Unit tests are also added that makes sure the loaded content matches the
entire file if timestamp validation passes.

Fixes #40226

Signed-off-by: David Goulet's avatarDavid Goulet <dgoulet@torproject.org>
      c934fced
  29. Dec 16, 2020
  31. Dec 08, 2020
  33. Nov 18, 2020
  35. Nov 17, 2020
    • David Goulet's avatar
      config: Really ignore non ORPorts when removing duplicates · d04a27be
      David Goulet authored 
      
The function in charge of removing duplicate ORPorts from our configured ports
was skipping all non ORPorts port but only for the outer loop thus resulting
in comparing an ORPort with a non-ORPort which lead to problems.

For example, tor configured with the following would fail:

  ORPort auto
  DirPort auto

Both end up being the same configuration except that one is a OR listener and
one is a Dir listener. Thus because of the missing check in the inner loop,
they looked exactly the same and thus one is removed.

Fixes #40195

Signed-off-by: David Goulet's avatarDavid Goulet <dgoulet@torproject.org>
      d04a27be
    • David Goulet's avatar
      relay: Launch dummy circuit only when descriptor build fails · bc5f26ff
      David Goulet authored and Nick Mathewson's avatar Nick Mathewson committed 
      
First, this commit moves the launch_dummy_circuit_as_needed() function into
relay_find_addr.c and renames it to relay_addr_learn_from_dirauth(). This is
an attempt to centralize anything relate with address discovery in the right
module.

Second, when building a descriptor and we fail to discover our address,
immediately launch a dummy circuit to an authority in an attempt to learn our
descriptor.

It is still only done every 20 minutes even though the descriptor build is
done every minute. We ought to avoid load on the authority and if we can't
learn in the first place our address from them, chances are more things are
wrong.

Related to #40071

Signed-off-by: David Goulet's avatarDavid Goulet <dgoulet@torproject.org>
      bc5f26ff
    • David Goulet's avatar
      relay: Look at our cache when looking for an IP change · a5538a36
      David Goulet authored and Nick Mathewson's avatar Nick Mathewson committed 
      
Regularly, tor looks if its IP has changed. It does the entire auto discovery
process again. However, it is possible that it does not find anything.

Instead of thinking the IP changed to an unknown address, look at our cache
and see if that value has changed.

The reason for this is because if tor gets its address as a suggestion from a
directory authority, it is because the auto discovery failed and thus that
address should be consider for the IP change check.

Related to #40071

Signed-off-by: David Goulet's avatarDavid Goulet <dgoulet@torproject.org>
      a5538a36
    • David Goulet's avatar
      relay: Use testing circuit instead of dummy descriptor fetch · 4b981407
      David Goulet authored and Nick Mathewson's avatar Nick Mathewson committed 
      
Tor now can learn its address from a NETINFO cell coming from an authority.
Thus, instead from launching a dummy descriptor fetch to learn the address
from the directory response (unauthenticated), we simply now launch a one-hop
testing circuit.

Related to #40071

Signed-off-by: David Goulet's avatarDavid Goulet <dgoulet@torproject.org>
      4b981407
  37. Nov 13, 2020
    • David Goulet's avatar
      port: Don't ignore ports of a different family · d425dbf0
      David Goulet authored 
      
Commit c3a0f757 added this feature for ORPort
that we ignore any port that is not the family of our default address when
parsing the port. So if port_parse_config() was called with an IPv4 default
address, all IPv6 address would be ignored.

That makes sense for ORPort since we call twice port_parse_config() for
0.0.0.0 and [::] but for the rest of the ports, it is not good since a
perfectly valid configuration can be:

  SocksPort 9050
  SocksPort [::1]:9050

Any non-ORPort only binds by default to an IPv4 except the ORPort that binds
to both IPv4 and IPv6 by default.

The fix here is to always parse all ports within port_parse_config() and then,
specifically for ORPort, remove the duplicates or superseding ones. The
warning is only emitted when a port supersedes another.

A unit tests is added to make sure SocksPort of different family always exists
together.

Fixes #40183

Signed-off-by: David Goulet's avatarDavid Goulet <dgoulet@torproject.org>
      d425dbf0
  39. Nov 12, 2020
    • Samanta Navarro's avatar
      Fix typos. · 4a0cd795
      Samanta Navarro authored and David Goulet's avatar David Goulet committed 
      Typos found with codespell.

Please keep in mind that this should have impact on actual code
and must be carefully evaluated:

src/core/or/lttng_circuit.inc
-    ctf_enum_value("CONTROLER", CIRCUIT_PURPOSE_CONTROLLER)
+    ctf_enum_value("CONTROLLER", CIRCUIT_PURPOSE_CONTROLLER)
      4a0cd795