Tor merge requestshttps://gitlab.torproject.org/tpo/core/tor/-/merge_requests2023-09-14T19:34:51Zhttps://gitlab.torproject.org/tpo/core/tor/-/merge_requests/763Bug 40858: Cache sendme_inc to avoid purging intro points.2023-09-14T19:34:51ZMike PerryBug 40858: Cache sendme_inc to avoid purging intro points.Bug found and fixed by @hyunsoo.kim676.Bug found and fixed by @hyunsoo.kim676.Tor: 0.4.7.x-post-stableMike PerryMike Perryhttps://gitlab.torproject.org/tpo/core/tor/-/merge_requests/741zstd: Check errors right affer compressing/decompressing2023-08-15T16:39:49ZDavid Gouletdgoulet@torproject.orgzstd: Check errors right affer compressing/decompressingConsidering a compression bomb before looking for errors led to false negative
log warnings. Instead, it is possible the work failed for whatever reasons
which is not indicative of a compression bomb.
Fixes #40739
Signed-off-by: David ...Considering a compression bomb before looking for errors led to false negative
log warnings. Instead, it is possible the work failed for whatever reasons
which is not indicative of a compression bomb.
Fixes #40739
Signed-off-by: David Goulet <dgoulet@torproject.org>Tor: 0.4.8.x-stableDavid Gouletdgoulet@torproject.orgDavid Gouletdgoulet@torproject.orghttps://gitlab.torproject.org/tpo/core/tor/-/merge_requests/667Rely on kernel errno when logging resource exhaustion2022-12-12T20:12:59ZqontinuumRely on kernel errno when logging resource exhaustionBackport of !660 for 0.4.7 to fix #40613Backport of !660 for 0.4.7 to fix #40613https://gitlab.torproject.org/tpo/core/tor/-/merge_requests/662dirauth: rotate moria1 keys and ports2022-12-06T20:25:15ZRoger Dingledinedirauth: rotate moria1 keys and portsRotate the relay identity key and v3 identity key for moria1. They
have been online for more than a decade, there was a known potential
compromise, and anyway refreshing keys periodically is good practice.
Advertise new ports too, to av...Rotate the relay identity key and v3 identity key for moria1. They
have been online for more than a decade, there was a known potential
compromise, and anyway refreshing keys periodically is good practice.
Advertise new ports too, to avoid confusion.
Closes ticket 40722.Tor: 0.4.8.x-freezeRoger DingledineRoger Dingledinehttps://gitlab.torproject.org/tpo/core/tor/-/merge_requests/660Rely on kernel errno when logging resource exhaustion2022-12-12T20:12:54ZqontinuumRely on kernel errno when logging resource exhaustionHello,
Here is my attempt to fix #40613.
I split the socket_failed_from_resource_exhaustion function into 2 different functions that are called in the needed cases depending on the errno value.Hello,
Here is my attempt to fix #40613.
I split the socket_failed_from_resource_exhaustion function into 2 different functions that are called in the needed cases depending on the errno value.Tor: 0.4.8.x-freezeqontinuumqontinuumhttps://gitlab.torproject.org/tpo/core/tor/-/merge_requests/655relay: Make MaxOnionQueueDelay into a consensus param2022-11-09T20:30:24ZDavid Gouletdgoulet@torproject.orgrelay: Make MaxOnionQueueDelay into a consensus paramPart of #40704
Signed-off-by: David Goulet <dgoulet@torproject.org>Part of #40704
Signed-off-by: David Goulet <dgoulet@torproject.org>David Gouletdgoulet@torproject.orgDavid Gouletdgoulet@torproject.orghttps://gitlab.torproject.org/tpo/core/tor/-/merge_requests/643Add several new metrics to MetricsPort2022-10-27T15:46:23ZDavid Gouletdgoulet@torproject.orgAdd several new metrics to MetricsPortRelated to #40194
Signed-off-by: David Goulet <dgoulet@torproject.org>Related to #40194
Signed-off-by: David Goulet <dgoulet@torproject.org>Tor: 0.4.7.x-post-stableDavid Gouletdgoulet@torproject.orgDavid Gouletdgoulet@torproject.orghttps://gitlab.torproject.org/tpo/core/tor/-/merge_requests/642rephist: Track number of streams seen per type2022-10-27T14:47:23ZDavid Gouletdgoulet@torproject.orgrephist: Track number of streams seen per typeRelated to #40194
Signed-off-by: David Goulet <dgoulet@torproject.org>Related to #40194
Signed-off-by: David Goulet <dgoulet@torproject.org>Tor: 0.4.7.x-post-stableDavid Gouletdgoulet@torproject.orgDavid Gouletdgoulet@torproject.orghttps://gitlab.torproject.org/tpo/core/tor/-/merge_requests/641circ: Set proper timeout cutoff for HS circuits2022-10-26T19:13:17ZDavid Gouletdgoulet@torproject.orgcirc: Set proper timeout cutoff for HS circuitsExplicitly set the S_CONNECT_REND purpose to a 4-hop cutoff.
As for the established rendezvous circuit waiting on the RENDEZVOUS2,
set one that is very long considering the possible waiting time for the
service to get the request and jo...Explicitly set the S_CONNECT_REND purpose to a 4-hop cutoff.
As for the established rendezvous circuit waiting on the RENDEZVOUS2,
set one that is very long considering the possible waiting time for the
service to get the request and join our rendezvous.
Part of #40694
Signed-off-by: David Goulet <dgoulet@torproject.org>Tor: 0.4.7.x-post-stableDavid Gouletdgoulet@torproject.orgDavid Gouletdgoulet@torproject.orghttps://gitlab.torproject.org/tpo/core/tor/-/merge_requests/640hs: Retry rdv circuit if repurposed2022-10-26T19:09:32ZDavid Gouletdgoulet@torproject.orghs: Retry rdv circuit if repurposedThis can happen if our measurement subsystem decides to snatch it.
Fixes #40696
Signed-off-by: David Goulet <dgoulet@torproject.org>This can happen if our measurement subsystem decides to snatch it.
Fixes #40696
Signed-off-by: David Goulet <dgoulet@torproject.org>Tor: 0.4.7.x-post-stableDavid Gouletdgoulet@torproject.orgDavid Gouletdgoulet@torproject.orghttps://gitlab.torproject.org/tpo/core/tor/-/merge_requests/639hs: Change the error for a collapsing client circuit2022-10-26T18:59:38ZDavid Gouletdgoulet@torproject.orghs: Change the error for a collapsing client circuitChange it to an "unreachable" error so the intro point can be retried
and not flagged as a failure and never retried again.
Closes #40692
Signed-off-by: David Goulet <dgoulet@torproject.org>Change it to an "unreachable" error so the intro point can be retried
and not flagged as a failure and never retried again.
Closes #40692
Signed-off-by: David Goulet <dgoulet@torproject.org>Tor: 0.4.7.x-post-stableDavid Gouletdgoulet@torproject.orgDavid Gouletdgoulet@torproject.orghttps://gitlab.torproject.org/tpo/core/tor/-/merge_requests/638circ: Set proper timeout cutoff for HS circuits2022-10-26T19:13:14ZDavid Gouletdgoulet@torproject.orgcirc: Set proper timeout cutoff for HS circuitsExplicitly set the S_CONNECT_REND purpose to a 4-hop cutoff.
As for the established rendezvous circuit waiting on the RENDEZVOUS2,
set one that is very long considering the possible waiting time for the
service to get the request and jo...Explicitly set the S_CONNECT_REND purpose to a 4-hop cutoff.
As for the established rendezvous circuit waiting on the RENDEZVOUS2,
set one that is very long considering the possible waiting time for the
service to get the request and join our rendezvous.
Part of #40694
Signed-off-by: David Goulet <dgoulet@torproject.org>Tor: 0.4.8.x-freezeDavid Gouletdgoulet@torproject.orgDavid Gouletdgoulet@torproject.orghttps://gitlab.torproject.org/tpo/core/tor/-/merge_requests/637hs: Retry rdv circuit if repurposed2022-10-26T19:09:28ZDavid Gouletdgoulet@torproject.orghs: Retry rdv circuit if repurposedThis can happen if our measurement subsystem decides to snatch it.
Fixes #40696
Signed-off-by: David Goulet <dgoulet@torproject.org>This can happen if our measurement subsystem decides to snatch it.
Fixes #40696
Signed-off-by: David Goulet <dgoulet@torproject.org>Tor: 0.4.8.x-freezeDavid Gouletdgoulet@torproject.orgDavid Gouletdgoulet@torproject.orghttps://gitlab.torproject.org/tpo/core/tor/-/merge_requests/635dir auths now omit Measured= if rs->is_authority2022-10-26T20:32:32ZRoger Dingledinedir auths now omit Measured= if rs->is_authority dir auths now omit Measured= if rs->is_authority
Directory authorities stop voting a consensus "Measured" weight
for relays with the Authority flag. Now these relays will be
considered unmeasured, which should reserv... dir auths now omit Measured= if rs->is_authority
Directory authorities stop voting a consensus "Measured" weight
for relays with the Authority flag. Now these relays will be
considered unmeasured, which should reserve their bandwidth
for their dir auth role and minimize distractions from other roles.
In place of the "Measured" weight, they now include a
"MeasuredButAuthority" weight (not used by anything) so the bandwidth
authority's opinion on this relay can be recorded for posterity.
Resolves ticket 40698.Tor: 0.4.7.x-post-stableRoger DingledineRoger Dingledinehttps://gitlab.torproject.org/tpo/core/tor/-/merge_requests/633hs: Change the error for a collapsing client circuit2022-10-26T18:59:34ZDavid Gouletdgoulet@torproject.orghs: Change the error for a collapsing client circuitChange it to an "unreachable" error so the intro point can be retried
and not flagged as a failure and never retried again.
Closes #40692
Signed-off-by: David Goulet <dgoulet@torproject.org>Change it to an "unreachable" error so the intro point can be retried
and not flagged as a failure and never retried again.
Closes #40692
Signed-off-by: David Goulet <dgoulet@torproject.org>Tor: 0.4.8.x-freezeDavid Gouletdgoulet@torproject.orgDavid Gouletdgoulet@torproject.orghttps://gitlab.torproject.org/tpo/core/tor/-/merge_requests/631dirauth: Remove Faravahar2022-11-01T09:18:10ZDavid Gouletdgoulet@torproject.orgdirauth: Remove FaravaharCloses #40688
Signed-off-by: David Goulet <dgoulet@torproject.org>Closes #40688
Signed-off-by: David Goulet <dgoulet@torproject.org>Tor: 0.4.8.x-freezeDavid Gouletdgoulet@torproject.orgDavid Gouletdgoulet@torproject.orghttps://gitlab.torproject.org/tpo/core/tor/-/merge_requests/630dirauth: Change dizum IP address2022-10-26T18:33:49ZDavid Gouletdgoulet@torproject.orgdirauth: Change dizum IP addressCloses #40687
Signed-off-by: David Goulet <dgoulet@torproject.org>Closes #40687
Signed-off-by: David Goulet <dgoulet@torproject.org>Tor: 0.4.8.x-freezeDavid Gouletdgoulet@torproject.orgDavid Gouletdgoulet@torproject.orghttps://gitlab.torproject.org/tpo/core/tor/-/merge_requests/608relay: Don't send DESTROY remote reason backward or forward2022-08-02T20:25:20ZDavid Gouletdgoulet@torproject.orgrelay: Don't send DESTROY remote reason backward or forwardFixes #40649
Signed-off-by: David Goulet <dgoulet@torproject.org>Fixes #40649
Signed-off-by: David Goulet <dgoulet@torproject.org>Tor: 0.4.7.x-post-stableDavid Gouletdgoulet@torproject.orgDavid Gouletdgoulet@torproject.orghttps://gitlab.torproject.org/tpo/core/tor/-/merge_requests/606conn: Notify btrack subsys on normal OR conn close2022-08-02T20:11:22ZDavid Gouletdgoulet@torproject.orgconn: Notify btrack subsys on normal OR conn closeFixes #40604
Signed-off-by: David Goulet <dgoulet@torproject.org>Fixes #40604
Signed-off-by: David Goulet <dgoulet@torproject.org>Tor: 0.4.7.x-post-stableDavid Gouletdgoulet@torproject.orgDavid Gouletdgoulet@torproject.orghttps://gitlab.torproject.org/tpo/core/tor/-/merge_requests/605Fix a check, make a netflow padding function more safe.2022-07-27T15:35:14ZNick MathewsonFix a check, make a netflow padding function more safe.Previously, `channelpadding_get_netflow_inactive_timeout_ms` would
crash with an assertion failure if `low_timeout` was greater than
`high_timeout`. That wasn't possible in practice because of checks
in `channelpadding_update_padding_for...Previously, `channelpadding_get_netflow_inactive_timeout_ms` would
crash with an assertion failure if `low_timeout` was greater than
`high_timeout`. That wasn't possible in practice because of checks
in `channelpadding_update_padding_for_channel`, but it's better not
to have a function whose correctness is this tricky to prove.
Fixes #40645. Bugfix on 0.3.1.1-alpha.
I've made this patch against 0.4.5 in case we decide to ~Backport.Tor: 0.4.5.x-post-stableNick MathewsonNick Mathewson