George Kadianakis authored 5 years ago and Nick Mathewson committed 4 years ago

Given that ed25519 public key validity checks are usually not needed
and (so far) they are only necessary for onion addesses in the Tor
protocol, we decided to fix this specific bug instance without
modifying the rest of the codebase (see below for other fix
approaches).

In our minimal fix we check that the pubkey in
hs_service_add_ephemeral() is valid and error out otherwise.

In the openssl that I have, it should be safe to only check the size
of n.  But if I'm wrong, or if other openssls work differently, we
should check whether any of the fields are too large.

Issue spotted by Teor.

This function does a nonfatal assertion to make sure that a machine
is not registered twice, but Tobias Pulls found a case where it
happens.  Instead, make the function exit early so that it doesn't
cause a remotely triggered memory leak.

Fixes bug 33619; bugfix on 0.4.0.1-alpha.  This is also tracked as
TROVE-2020-004.

When a Travis chutney job fails, use chutney's new "diagnostics.sh" tool
to produce detailed diagnostic output.

Closes ticket 32792.

(Deep, deep thanks to Taylor for reminding me to test this!)

Although OpenSSL before 1.1.1 is no longer supported, it's possible
that somebody is still using it with 0.3.5, so we probably shouldn't
break it with this fix.

"ours" to avoid version bump.

Conflicts:
* Keep TOR_TEST_RNG_SEED from maint-0.4.1
* Keep the ordering from bug33195_035

Putting the slowest jobs first takes full advantage of Travis
concurrency.

Closes 33194.

Part of 33194.

The job was previously set to fast_finish / allow_failure, to
speed up the build.

Closes ticket 33195.

Alexander Hansen Færøy authored 5 years ago and teor committed 5 years ago

This patch ensures that we always lowercase the BridgeDistribution from
torrc in descriptors before submitting it.

See: https://bugs.torproject.org/32753

This will our "git push" hook not complain about pushing from
maint-0.4.1.

Resolved Conflicts:
	src/feature/dirparse/parsecommon.c

Private-key validation is fairly expensive for long keys in openssl,
so we need to avoid it sooner.