rl1987 authored 10 years ago and Nick Mathewson committed 10 years ago

Now the code has separate implementation and examination functions,
uses smartlists sanely, and has relatively decent test coverage.

These are needed under some circumstances if we are running with
expensive-hardening and sandbox at the same time.

fixes 11477, bugfix on 0.2.5.4-alpha (where we introduced
expensive-hardening)

Fixes bug 12032; bugfix on 0.2.5.1-alpha

See discussion on 9553: Some of the build scripts don't like it when
you can't merge maint into release.

Also, don't tolerate changing DirPortFrontPage.

Fixes bug 12028; bugfix on 0.2.5.1-alpha.

None of the things we might exec() can possibly run under the
sanbox, so rather than crash later, we have to refuse to accept the
configuration nice and early.

The longer-term solution is to have an exec() helper, but wow is
that risky.

fixes 12043; bugfix on 0.2.5.1-alpha

This prevents a crash when rotating logs with dirreq-stats enabled

fixes 12035; bugfix on 0.2.5.1-alpha.

Fix for 12041; bugfix on 0.2.5.1-alpha.

This is an "ours" merge, to avoid taking the commit that bumped
maint-0.2.4's version to 0.2.4.22-dev.

(See discussion on #9553)

(ticket 9553)

When we converted the horrible set of options that previously
controlled "use ORPort or DirPort? Anonymously or Non-anonymouly?" to
a single 'indirection' argument, we missed
directory_post_to_dirservers.

The problematic code was introduced in 5cbeb608, which went into
0.2.4.3-alpha.  This is a fix for bug 11469.

When running with User set, we frequently try to look up our
information in the user database (e.g., /etc/passwd).  The seccomp2
sandbox setup doesn't let us open /etc/passwd, and probably
shouldn't.

To fix this, we have a pair of wrappers for getpwnam and getpwuid.
When a real call to getpwnam or getpwuid fails, they fall back to a
cached value, if the uid/gid matches.

(Granting access to /etc/passwd isn't possible with the way we
handle opening files through the sandbox.  It's not desirable either.)

We'll use these to deal with being unable to access the user DB
after we install the sandbox, to fix bug 11946.

Fix for bug 9781; bugfix on cd05f35d in 0.2.4.2-alpha.

dana koch authored 10 years ago and Nick Mathewson committed 10 years ago

On OpenBSD 5.4, time_t is a 32-bit integer. These instances contain
implicit treatment of long and time_t as comparable types, so explicitly
cast to time_t.

Before the 11825 fix, these were all silently ignored.

Remove tinytest casts that were suppressing them.

Fix for #11825.

These are actually tests for #311.  It appears to me that we didn't
fix #311 properly when we thought we did in 475eb5d6; instead, the
real fix was 05eff35a, a few minutes earlier.