Replace the 157 fallbacks originally introduced in Tor 0.3.5.6-rc
in December 2018 (of which ~122 were still functional), with a
list of 148 fallbacks (70 new, 78 existing, 79 removed) generated
in June 2019.

Closes ticket 28795.

Note that we created extra lists from DE and US, but they didn't add
any more fallbacks when we tried to merge them.

Skip test_rebind when the TOR_SKIP_TEST_REBIND environmental variable
is set.

Skip test_rebind on macOS in Travis builds, because it is unreliable
on macOS on Travis.

Fixes bug 30713; bugfix on 0.3.5.1-alpha.

Allow the test-stem job to fail in Travis, because it sometimes hangs.

Fixes bug 30744; bugfix on 0.3.5.4-alpha.

David Goulet authored 5 years ago and Nick Mathewson committed 5 years ago

Signed-off-by: David Goulet <dgoulet@torproject.org>

Closes ticket 30452.

Fortunately, in 0.3.5.1-alpha we improved logging for various
failure cases involved with onion service client auth.

Unfortunately, for this one, we freed the file right before logging
its name.

Fortunately, tor_free() sets its pointer to NULL, so we didn't have
a use-after-free bug.

Unfortunately, passing NULL to %s is not defined.

Fortunately, GCC 9.1.1 caught the issue!

Unfortunately, nobody has actually tried building Tor with GCC 9.1.1
before. Or if they had, they didn't report the warning.

Fixes bug 30475; bugfix on 0.3.5.1-alpha.

Fixes bug 30316; bugfix on 0.3.5.1-alpha.

In this patch we lower the log level of the failures for the three calls
to unlink() in networkstatus_set_current_consensus(). These errors might
trigger on Windows because the memory mapped consensus file keeps the
file in open state even after we have close()'d it. Windows will then
error on the unlink() call with a "Permission denied" error.

The consequences of ignoring these errors is that we leave an unused
file around on the file-system, which is an easier way to fix this
problem right now than refactoring networkstatus_set_current_consensus().

See: https://bugs.torproject.org/29930

Fixes bug 30263; bugfix on 0.4.0.1-alpha.

Closes ticket 30234.

Previously, our use of abort() would break anywhere that we didn't
include stdlib.h.  This was especially troublesome in case where
tor_assert_nonfatal() was used with ALL_BUGS_ARE_FATAL, since that
one seldom gets tested.

As an alternative, we could have just made this header include
stdlib.h.  But that seems bloaty.

Fixes bug 30189; bugfix on 0.3.4.1-alpha.

Part of 29702.

rl1987 authored 6 years ago and teor committed 5 years ago

cherry-pick of tor-github/pr/841 to maint-0.4.0.

Fixes bug 29922; bugfix on 0.2.9.3-alpha when we tried to capture
all these warnings.  No need to backport any farther than 0.3.5,
though -- these warnings don't cause test failures before then.

This one was tricky to find because apparently it only happened on
_some_ windows builds.

Nick Mathewson authored 6 years ago and teor committed 5 years ago

In current NSS versions, these ciphersuites don't work with
SSL_ExportKeyingMaterial(), which was causing relays to fail when
they tried to negotiate the v3 link protocol authentication.

Fixes bug 29241; bugfix on 0.4.0.1-alpha.

Nick Mathewson authored 6 years ago and teor committed 5 years ago

Diagnostic for 29241.

teor authored 6 years ago and Nick Mathewson committed 5 years ago

Fixes bug 29959; bugfix on 0.4.0.2-alpha.

Closes ticket 29357, and comes with appropriate notions of caution.

When classifying a client's selection of TLS ciphers, if the client
ciphers are not yet available, do not cache the result. Previously,
we had cached the unavailability of the cipher list and never looked
again, which in turn led us to assume that the client only supported
the ancient V1 link protocol.  This, in turn, was causing Stem
integration tests to stall in some cases.  Fixes bug 30021; bugfix
on 0.2.4.8-alpha.

(Travis terminates the job after 10 minutes of no output.)

Diagnostic for 29437.

Fixes bug 30011; bugfix on 0.3.5.4-alpha.

When we fixed 28614, our answer was "if we failed to load the
consensus on windows and it had a CRLF, retry it."  But we logged
the failure at "warn", and we only logged the retry at "info".

Now we log the retry at "notice", with more useful information.

Fixes bug 30004.

Try to figure out _where exactly_ we are first encountering NULs in
microdescriptors, and what we are doing when that happens.

Previously we used time(NULL) to set the Expires: header in our HTTP
responses.  This made the actual contents of that header untestable,
since the unit tests have no good way to override time(), or to see
what time() was at the exact moment of the call to time() in
dircache.c.

This gave us a race in dir_handle_get/status_vote_next_bandwidth,
where the time() call in dircache.c got one value, and the call in
the tests got another value.

I'm applying our regular solution here: using approx_time() so that
the value stays the same between the code and the test.  Since
approx_time() is updated on every event callback, we shouldn't be
losing any accuracy here.

Fixes bug 30001. Bug introduced in fb4a40c3; not in any
released Tor.

Otherwise, "make check-changes" will complain when we backport the change.