We already fixed these in #40099 and #40125.

This patch fixes #40126.  Bugfix on 0.2.8.1-alpha.

The rend_cache/entry_free was missing the rend cache allocation increment
before freeing the object.

Without it, it had an underflow bug:

  Sep 17 08:40:13.845 [warn] rend_cache_decrement_allocation(): Bug: Underflow
  in rend_cache_decrement_allocation (on Tor 0.4.5.0-alpha-dev
  7eef9ced)

Fixes #40125

Signed-off-by: David Goulet <dgoulet@torproject.org>

Without this fix, running this test on its own would fail.

Fixes bug 40099. Bugfix on ade50058 in 0.2.8.1-alpha.

This is based on @eighthave's templates, and the work we've been
doing to present a uniform testing environment.

Eventually this should be used by every one of our CI scripts.

We found this in #40076, after we started using buf_move_all() in
more places.  Fixes bug #40076; bugfix on 0.3.3.1-alpha.  As far as
I know, the crash only affects master, but I think this warrants a
backport, "just in case".

The failing case is #if'd out for now, but will be fixed in the next
commit.

Testing for a fix for #40076.

Fixes bug 31036; bugfix on 0.2.1.8-alpha when we moved the logging
system to use posix fds.

They are about to be shutdown in September.

Signed-off-by: David Goulet <dgoulet@torproject.org>

David Goulet authored 4 years ago and Nick Mathewson committed 4 years ago

Closes #40061

Signed-off-by: David Goulet <dgoulet@torproject.org>

This warning only affects platforms (like win32) with 32-bit time_t.

Fixes bug 40028; bugfix on 0.3.2.8-rc.

For some reasons, Appveyor started to use the stdio printf format for 64 bit
values (PRIu64, ...). Mingw doesn't like that so force it to use the Windows
specific macros by setting D__USE_MINGW_ANSI_STDIO=0.

Fixes #40026

Alexander Hansen Færøy authored 4 years ago and Nick Mathewson committed 4 years ago

This patch changes our bits-to-bytes conversion logic in the NSS
implementation of `tor_tls_cert_matches_key()` from using (x >> 3) to
((x + 7) >> 3) since DER bit-strings are allowed to contain a number of
bits that is not a multiple of 8.

Additionally, we add a comment on why we cannot use the
`DER_ConvertBitString()` macro from NSS, as we would potentially apply
the bits-to-bytes conversion logic twice, which would lead to an
insignificant amount of bytes being compared in
`SECITEM_ItemsAreEqual()` and thus turn the logic into being a
prefix match instead of a full match.

The `DER_ConvertBitString()` macro is defined in NSS as:

    /*
    ** Macro to convert der decoded bit string into a decoded octet
    ** string. All it needs to do is fiddle with the length code.
    */
    #define DER_ConvertBitString(item)            \
        {                                         \
            (item)->len = ((item)->len + 7) >> 3; \
        }

Thanks to Taylor Yu for spotting this problem.

This patch is part of the fix for TROVE-2020-001.

See: https://bugs.torproject.org/33119

Alexander Hansen Færøy authored 4 years ago and Nick Mathewson committed 4 years ago

We add constness to `peer_info_orig_len` and `cert_info_orig_len` in
`tor_tls_cert_matches_key` to ensure that we don't accidentally alter
the variables.

This patch is part of the fix for TROVE-2020-001.

See: https://bugs.torproject.org/33119

Alexander Hansen Færøy authored 5 years ago and Nick Mathewson committed 4 years ago

This patch fixes an out-of-bound memory read in
`tor_tls_cert_matches_key()` when Tor is compiled to use Mozilla's NSS
instead of OpenSSL.

The NSS library stores some length fields in bits instead of bytes, but
the comparison function found in `SECITEM_ItemsAreEqual()` needs the
length to be encoded in bytes. This means that for a 140-byte,
DER-encoded, SubjectPublicKeyInfo struct (with a 1024-bit RSA public key
in it), we would ask `SECITEM_ItemsAreEqual()` to compare the first 1120
bytes instead of 140 (140bytes * 8bits = 1120bits).

This patch fixes the issue by converting from bits to bytes before
calling `SECITEM_ItemsAreEqual()` and convert the `len`-fields back to
bits before we leave the function.

This patch is part of the fix for TROVE-2020-001.

See: https://bugs.torproject.org/33119

Alexander Hansen Færøy authored 5 years ago and Nick Mathewson committed 4 years ago

This patch lifts the `tor_tls_cert_matches_key()` tests out of the
OpenSSL specific TLS test suite and moves it into the generic TLS test
suite that is executed for both OpenSSL and NSS.

This patch is largely a code movement, but we had to rewrite parts of
the test to avoid using OpenSSL specific data-types (such as `X509 *`)
and replace it with the generic Tor abstraction type
(`tor_x509_cert_impl_t *`).

This patch is part of the fix for TROVE-2020-001.

See: https://bugs.torproject.org/33119

This is not actually a bug!  It can happen for a bunch of reasons,
which all boil down to "trying to add an extrainfo for which we no
longer have the corresponding routerinfo".

Fixes #16016; bugfix on 0.2.6.3-alpha.