Merge remote-tracking branch 'origin/maint-0.2.5' into release-0.2.5
This commit is contained in:
commit
b0fff2a9c5
|
@ -0,0 +1,3 @@
|
|||
o Minor bugfixes (statistics):
|
||||
- Increase period over which bandwidth observations are aggregated
|
||||
from 15 minutes to 4 hours. Fixes bug 13988; bugfix on 0.0.8pre1.
|
|
@ -0,0 +1,6 @@
|
|||
o Major bugfixes:
|
||||
- When reading a hexadecimal, base-32, or base-64 encoded value
|
||||
from a string, always overwrite the complete output buffer. This
|
||||
prevents some bugs where we would look at (but fortunately, not
|
||||
reveal) uninitialized memory on the stack. Fixes bug 14013;
|
||||
bugfix on all versions of Tor.
|
|
@ -0,0 +1,5 @@
|
|||
o Minor bugfixes (dirauth):
|
||||
- Enlarge the buffer to read bw-auth generated files to avoid an
|
||||
issue when parsing the file in dirserv_read_measured_bandwidths().
|
||||
Bugfix on 0.2.2.1-alpha, fixes #14125.
|
||||
|
|
@ -0,0 +1,7 @@
|
|||
o Major bugfixes (exit node stability):
|
||||
|
||||
- Fix an assertion failure that could occur under high DNS load. Fixes
|
||||
bug 14129; bugfix on Tor 0.0.7rc1. Found by "jowr"; diagnosed and fixed
|
||||
by "cypherpunks".
|
||||
|
||||
|
|
@ -0,0 +1,7 @@
|
|||
o Minor bugfixes (client):
|
||||
- Check for a missing option value in parse_virtual_addr_network
|
||||
before asserting on the NULL in tor_addr_parse_mask_ports.
|
||||
This avoids crashing on torrc lines like
|
||||
Vi[rtualAddrNetworkIPv[4|6]] when no value follows the option.
|
||||
Bugfix on 0.2.3 (de4cc126cbb5 on 24 November 2012), fixes #14142.
|
||||
Patch by "teor".
|
|
@ -0,0 +1,3 @@
|
|||
o Minor bugfixes (client):
|
||||
- Fix a memory leak when using AutomapHostsOnResolve.
|
||||
Fixes bug 14195; bugfix on 0.1.0.1-rc.
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (compilation):
|
||||
- Build without warnings with the stock OpenSSL srtp.h header,
|
||||
which has a duplicate declaration of SSL_get_selected_srtp_profile().
|
||||
Fixes bug 14220; this is OpenSSL's bug, not ours.
|
|
@ -0,0 +1,5 @@
|
|||
O Minor bugfixes (directory authority):
|
||||
- Allow directory authorities to fetch more data from one
|
||||
another if they find themselves missing lots of votes.
|
||||
Previously, they had been bumping against the 10 MB queued
|
||||
data limit. Fixes bug 14261. Bugfix on 0.1.2.5-alpha.
|
|
@ -0,0 +1,10 @@
|
|||
o Major bugfixes (relay, stability, possible security):
|
||||
- Fix a bug that could lead to a relay crashing with an assertion
|
||||
failure if a buffer of exactly the wrong layout was passed
|
||||
to buf_pullup() at exactly the wrong time. Fixes bug 15083;
|
||||
bugfix on 0.2.0.10-alpha. Patch from 'cypherpunks'.
|
||||
|
||||
- Do not assert if the 'data' pointer on a buffer is advanced to the very
|
||||
end of the buffer; log a BUG message instead. Only assert if it is
|
||||
past that point. Fixes bug 15083; bugfix on 0.2.0.10-alpha.
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (Linux seccomp2 sandbox):
|
||||
- Upon receiving sighup, do not crash during attempts to call
|
||||
wait4. Fixes bug 15088; bugfix on 0.2.5.1-alpha. Patch from
|
||||
"sanic".
|
|
@ -0,0 +1,3 @@
|
|||
o Minor features:
|
||||
- Update geoip to the January 7 2015 Maxmind GeoLite2 Country database.
|
||||
|
|
@ -0,0 +1,2 @@
|
|||
o Minor features:
|
||||
- Update geoip6 to the January 7 2015 Maxmind GeoLite2 Country database.
|
|
@ -0,0 +1,5 @@
|
|||
o Minor features (controller):
|
||||
- New "GETINFO bw-event-cache" to get information about recent bandwidth
|
||||
events. Closes ticket 14128. Useful for controllers to get recent
|
||||
bandwidth history after the fix for 13988.
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
o Directory authority IP change:
|
||||
- The directory authority Faravahar has a new IP address. Closes
|
||||
ticket 14487.
|
|
@ -2756,6 +2756,8 @@ base64_decode(char *dest, size_t destlen, const char *src, size_t srclen)
|
|||
if (destlen > SIZE_T_CEILING)
|
||||
return -1;
|
||||
|
||||
memset(dest, 0, destlen);
|
||||
|
||||
EVP_DecodeInit(&ctx);
|
||||
EVP_DecodeUpdate(&ctx, (unsigned char*)dest, &len,
|
||||
(unsigned char*)src, srclen);
|
||||
|
@ -2777,6 +2779,8 @@ base64_decode(char *dest, size_t destlen, const char *src, size_t srclen)
|
|||
if (destlen > SIZE_T_CEILING)
|
||||
return -1;
|
||||
|
||||
memset(dest, 0, destlen);
|
||||
|
||||
/* Iterate over all the bytes in src. Each one will add 0 or 6 bits to the
|
||||
* value we're decoding. Accumulate bits in <b>n</b>, and whenever we have
|
||||
* 24 bits, batch them into 3 bytes and flush those bytes to dest.
|
||||
|
@ -2956,6 +2960,8 @@ base32_decode(char *dest, size_t destlen, const char *src, size_t srclen)
|
|||
tor_assert((nbits/8) <= destlen); /* We need enough space. */
|
||||
tor_assert(destlen < SIZE_T_CEILING);
|
||||
|
||||
memset(dest, 0, destlen);
|
||||
|
||||
/* Convert base32 encoded chars to the 5-bit values that they represent. */
|
||||
tmp = tor_malloc_zero(srclen);
|
||||
for (j = 0; j < srclen; ++j) {
|
||||
|
|
|
@ -164,6 +164,7 @@ static int filter_nopar_gen[] = {
|
|||
#endif
|
||||
SCMP_SYS(stat),
|
||||
SCMP_SYS(uname),
|
||||
SCMP_SYS(wait4),
|
||||
SCMP_SYS(write),
|
||||
SCMP_SYS(writev),
|
||||
SCMP_SYS(exit_group),
|
||||
|
|
|
@ -33,6 +33,20 @@
|
|||
#include <ws2tcpip.h>
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#ifdef __GNUC__
|
||||
#define GCC_VERSION (__GNUC__ * 100 + __GNUC_MINOR__)
|
||||
#endif
|
||||
|
||||
#if __GNUC__ && GCC_VERSION >= 402
|
||||
#if GCC_VERSION >= 406
|
||||
#pragma GCC diagnostic push
|
||||
#endif
|
||||
/* Some versions of OpenSSL declare SSL_get_selected_srtp_profile twice in
|
||||
* srtp.h. Suppress the GCC warning so we can build with -Wredundant-decl. */
|
||||
#pragma GCC diagnostic ignored "-Wredundant-decls"
|
||||
#endif
|
||||
|
||||
#include <openssl/ssl.h>
|
||||
#include <openssl/ssl3.h>
|
||||
#include <openssl/err.h>
|
||||
|
@ -41,6 +55,14 @@
|
|||
#include <openssl/bio.h>
|
||||
#include <openssl/opensslv.h>
|
||||
|
||||
#if __GNUC__ && GCC_VERSION >= 402
|
||||
#if GCC_VERSION >= 406
|
||||
#pragma GCC diagnostic pop
|
||||
#else
|
||||
#pragma GCC diagnostic warning "-Wredundant-decls"
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#ifdef USE_BUFFEREVENTS
|
||||
#include <event2/bufferevent_ssl.h>
|
||||
#include <event2/buffer.h>
|
||||
|
|
|
@ -1129,6 +1129,9 @@ base16_decode(char *dest, size_t destlen, const char *src, size_t srclen)
|
|||
return -1;
|
||||
if (destlen < srclen/2 || destlen > SIZE_T_CEILING)
|
||||
return -1;
|
||||
|
||||
memset(dest, 0, destlen);
|
||||
|
||||
end = src+srclen;
|
||||
while (src<end) {
|
||||
v1 = hex_decode_digit_(*src);
|
||||
|
|
12872
src/config/geoip
12872
src/config/geoip
File diff suppressed because it is too large
Load Diff
1263
src/config/geoip6
1263
src/config/geoip6
File diff suppressed because it is too large
Load Diff
|
@ -738,6 +738,12 @@ parse_virtual_addr_network(const char *val, sa_family_t family,
|
|||
const int max_bits = ipv6 ? 40 : 16;
|
||||
virtual_addr_conf_t *conf = ipv6 ? &virtaddr_conf_ipv6 : &virtaddr_conf_ipv4;
|
||||
|
||||
if (!val || val[0] == '\0') {
|
||||
if (msg)
|
||||
tor_asprintf(msg, "Value not present (%s) after VirtualAddressNetwork%s",
|
||||
val?"Empty":"NULL", ipv6?"IPv6":"");
|
||||
return -1;
|
||||
}
|
||||
if (tor_addr_parse_mask_ports(val, 0, &addr, &bits, NULL, NULL) < 0) {
|
||||
if (msg)
|
||||
tor_asprintf(msg, "Error parsing VirtualAddressNetwork%s %s",
|
||||
|
@ -945,7 +951,7 @@ addressmap_register_virtual_address(int type, char *new_address)
|
|||
!strcasecmp(new_address, ent->new_address)) {
|
||||
tor_free(new_address);
|
||||
tor_assert(!vent_needs_to_be_added);
|
||||
return tor_strdup(*addrp);
|
||||
return *addrp;
|
||||
} else {
|
||||
log_warn(LD_BUG,
|
||||
"Internal confusion: I thought that '%s' was mapped to by "
|
||||
|
|
|
@ -447,7 +447,7 @@ buf_pullup(buf_t *buf, size_t bytes, int nulterminate)
|
|||
size_t n = bytes - dest->datalen;
|
||||
src = dest->next;
|
||||
tor_assert(src);
|
||||
if (n > src->datalen) {
|
||||
if (n >= src->datalen) {
|
||||
memcpy(CHUNK_WRITE_PTR(dest), src->data, src->datalen);
|
||||
dest->datalen += src->datalen;
|
||||
dest->next = src->next;
|
||||
|
@ -2624,7 +2624,14 @@ assert_buf_ok(buf_t *buf)
|
|||
total += ch->datalen;
|
||||
tor_assert(ch->datalen <= ch->memlen);
|
||||
tor_assert(ch->data >= &ch->mem[0]);
|
||||
tor_assert(ch->data < &ch->mem[0]+ch->memlen);
|
||||
tor_assert(ch->data <= &ch->mem[0]+ch->memlen);
|
||||
if (ch->data == &ch->mem[0]+ch->memlen) {
|
||||
static int warned = 0;
|
||||
if (! warned) {
|
||||
log_warn(LD_BUG, "Invariant violation in buf.c related to #15083");
|
||||
warned = 1;
|
||||
}
|
||||
}
|
||||
tor_assert(ch->data+ch->datalen <= &ch->mem[0] + ch->memlen);
|
||||
if (!ch->next)
|
||||
tor_assert(ch == buf->tail);
|
||||
|
|
|
@ -871,7 +871,7 @@ add_default_trusted_dir_authorities(dirinfo_type_t type)
|
|||
"171.25.193.9:443 BD6A 8292 55CB 08E6 6FBE 7D37 4836 3586 E46B 3810",
|
||||
"Faravahar orport=443 "
|
||||
"v3ident=EFCBE720AB3A82B99F9E953CD5BF50F7EEFC7B97 "
|
||||
"154.35.32.5:80 CF6D 0AAF B385 BE71 B8E1 11FC 5CFF 4B47 9237 33BC",
|
||||
"154.35.175.225:80 CF6D 0AAF B385 BE71 B8E1 11FC 5CFF 4B47 9237 33BC",
|
||||
"longclaw orport=443 "
|
||||
"v3ident=23D15D965BC35114467363C165C4F724B64B4F66 "
|
||||
"199.254.238.52:80 74A9 1064 6BCE EFBC D2E8 74FC 1DC9 9743 0F96 8145",
|
||||
|
|
|
@ -1424,6 +1424,8 @@ getinfo_helper_misc(control_connection_t *conn, const char *question,
|
|||
(void) conn;
|
||||
if (!strcmp(question, "version")) {
|
||||
*answer = tor_strdup(get_version());
|
||||
} else if (!strcmp(question, "bw-event-cache")) {
|
||||
*answer = get_bw_samples();
|
||||
} else if (!strcmp(question, "config-file")) {
|
||||
*answer = tor_strdup(get_torrc_fname(0));
|
||||
} else if (!strcmp(question, "config-defaults-file")) {
|
||||
|
@ -2099,6 +2101,7 @@ typedef struct getinfo_item_t {
|
|||
* to answer them. */
|
||||
static const getinfo_item_t getinfo_items[] = {
|
||||
ITEM("version", misc, "The current version of Tor."),
|
||||
ITEM("bw-event-cache", misc, "Cached BW events for a short interval."),
|
||||
ITEM("config-file", misc, "Current location of the \"torrc\" file."),
|
||||
ITEM("config-defaults-file", misc, "Current location of the defaults file."),
|
||||
ITEM("config-text", misc,
|
||||
|
@ -4133,11 +4136,29 @@ control_event_tb_empty(const char *bucket, uint32_t read_empty_time,
|
|||
return 0;
|
||||
}
|
||||
|
||||
/* about 5 minutes worth. */
|
||||
#define N_BW_EVENTS_TO_CACHE 300
|
||||
/* Index into cached_bw_events to next write. */
|
||||
static int next_measurement_idx = 0;
|
||||
/* number of entries set in n_measurements */
|
||||
static int n_measurements = 0;
|
||||
static struct cached_bw_event_s {
|
||||
uint32_t n_read;
|
||||
uint32_t n_written;
|
||||
} cached_bw_events[N_BW_EVENTS_TO_CACHE];
|
||||
|
||||
/** A second or more has elapsed: tell any interested control
|
||||
* connections how much bandwidth we used. */
|
||||
int
|
||||
control_event_bandwidth_used(uint32_t n_read, uint32_t n_written)
|
||||
{
|
||||
cached_bw_events[next_measurement_idx].n_read = n_read;
|
||||
cached_bw_events[next_measurement_idx].n_written = n_written;
|
||||
if (++next_measurement_idx == N_BW_EVENTS_TO_CACHE)
|
||||
next_measurement_idx = 0;
|
||||
if (n_measurements < N_BW_EVENTS_TO_CACHE)
|
||||
++n_measurements;
|
||||
|
||||
if (EVENT_IS_INTERESTING(EVENT_BANDWIDTH_USED)) {
|
||||
send_control_event(EVENT_BANDWIDTH_USED, ALL_FORMATS,
|
||||
"650 BW %lu %lu\r\n",
|
||||
|
@ -4148,6 +4169,38 @@ control_event_bandwidth_used(uint32_t n_read, uint32_t n_written)
|
|||
return 0;
|
||||
}
|
||||
|
||||
STATIC char *
|
||||
get_bw_samples(void)
|
||||
{
|
||||
int i;
|
||||
int idx = (next_measurement_idx + N_BW_EVENTS_TO_CACHE - n_measurements)
|
||||
% N_BW_EVENTS_TO_CACHE;
|
||||
smartlist_t *elements = smartlist_new();
|
||||
tor_assert(0 <= idx && idx < N_BW_EVENTS_TO_CACHE);
|
||||
|
||||
for (i = 0; i < n_measurements; ++i) {
|
||||
tor_assert(0 <= idx && idx < N_BW_EVENTS_TO_CACHE);
|
||||
{
|
||||
const struct cached_bw_event_s *bwe = &cached_bw_events[idx];
|
||||
|
||||
smartlist_add_asprintf(elements, "%u,%u",
|
||||
(unsigned)bwe->n_read,
|
||||
(unsigned)bwe->n_written);
|
||||
|
||||
idx = (idx + 1) % N_BW_EVENTS_TO_CACHE;
|
||||
}
|
||||
}
|
||||
|
||||
{
|
||||
char *result = smartlist_join_strings(elements, " ", 0, NULL);
|
||||
|
||||
SMARTLIST_FOREACH(elements, char *, cp, tor_free(cp));
|
||||
smartlist_free(elements);
|
||||
|
||||
return result;
|
||||
}
|
||||
}
|
||||
|
||||
/** Called when we are sending a log message to the controllers: suspend
|
||||
* sending further log messages to the controllers until we're done. Used by
|
||||
* CONN_LOG_PROTECT. */
|
||||
|
|
|
@ -201,6 +201,7 @@ void append_cell_stats_by_command(smartlist_t *event_parts,
|
|||
const uint64_t *number_to_include);
|
||||
void format_cell_stats(char **event_string, circuit_t *circ,
|
||||
cell_stats_t *cell_stats);
|
||||
STATIC char *get_bw_samples(void);
|
||||
#endif
|
||||
|
||||
#endif
|
||||
|
|
|
@ -2183,12 +2183,15 @@ connection_dir_reached_eof(dir_connection_t *conn)
|
|||
*/
|
||||
#define MAX_DIRECTORY_OBJECT_SIZE (10*(1<<20))
|
||||
|
||||
#define MAX_VOTE_DL_SIZE (MAX_DIRECTORY_OBJECT_SIZE * 5)
|
||||
|
||||
/** Read handler for directory connections. (That's connections <em>to</em>
|
||||
* directory servers and connections <em>at</em> directory servers.)
|
||||
*/
|
||||
int
|
||||
connection_dir_process_inbuf(dir_connection_t *conn)
|
||||
{
|
||||
size_t max_size;
|
||||
tor_assert(conn);
|
||||
tor_assert(conn->base_.type == CONN_TYPE_DIR);
|
||||
|
||||
|
@ -2207,7 +2210,11 @@ connection_dir_process_inbuf(dir_connection_t *conn)
|
|||
return 0;
|
||||
}
|
||||
|
||||
if (connection_get_inbuf_len(TO_CONN(conn)) > MAX_DIRECTORY_OBJECT_SIZE) {
|
||||
max_size =
|
||||
(TO_CONN(conn)->purpose == DIR_PURPOSE_FETCH_STATUS_VOTE) ?
|
||||
MAX_VOTE_DL_SIZE : MAX_DIRECTORY_OBJECT_SIZE;
|
||||
|
||||
if (connection_get_inbuf_len(TO_CONN(conn)) > max_size) {
|
||||
log_warn(LD_HTTP, "Too much data received from directory connection: "
|
||||
"denial of service attempt, or you need to upgrade?");
|
||||
connection_mark_for_close(TO_CONN(conn));
|
||||
|
|
|
@ -2487,7 +2487,7 @@ int
|
|||
dirserv_read_measured_bandwidths(const char *from_file,
|
||||
smartlist_t *routerstatuses)
|
||||
{
|
||||
char line[256];
|
||||
char line[512];
|
||||
FILE *fp = tor_fopen_cloexec(from_file, "r");
|
||||
int applied_lines = 0;
|
||||
time_t file_time, now;
|
||||
|
|
|
@ -558,6 +558,8 @@ purge_expired_resolves(time_t now)
|
|||
/* Connections should only be pending if they have no socket. */
|
||||
tor_assert(!SOCKET_OK(pend->conn->base_.s));
|
||||
pendconn = pend->conn;
|
||||
/* Prevent double-remove */
|
||||
pendconn->base_.state = EXIT_CONN_STATE_RESOLVEFAILED;
|
||||
if (!pendconn->base_.marked_for_close) {
|
||||
connection_edge_end(pendconn, END_STREAM_REASON_TIMEOUT);
|
||||
circuit_detach_stream(circuit_get_by_edge_conn(pendconn), pendconn);
|
||||
|
@ -1133,7 +1135,9 @@ connection_dns_remove(edge_connection_t *conn)
|
|||
return; /* more are pending */
|
||||
}
|
||||
}
|
||||
tor_assert(0); /* not reachable unless onlyconn not in pending list */
|
||||
log_warn(LD_BUG, "Connection (fd "TOR_SOCKET_T_FORMAT") was not waiting "
|
||||
"for a resolve of %s, but we tried to remove it.",
|
||||
conn->base_.s, escaped_safe_str(conn->base_.address));
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -1131,9 +1131,7 @@ rep_hist_load_mtbf_data(time_t now)
|
|||
* totals? */
|
||||
#define NUM_SECS_ROLLING_MEASURE 10
|
||||
/** How large are the intervals for which we track and report bandwidth use? */
|
||||
/* XXXX Watch out! Before Tor 0.2.2.21-alpha, using any other value here would
|
||||
* generate an unparseable state file. */
|
||||
#define NUM_SECS_BW_SUM_INTERVAL (15*60)
|
||||
#define NUM_SECS_BW_SUM_INTERVAL (4*60*60)
|
||||
/** How far in the past do we remember and publish bandwidth use? */
|
||||
#define NUM_SECS_BW_SUM_IS_VALID (24*60*60)
|
||||
/** How many bandwidth usage intervals do we remember? (derived) */
|
||||
|
|
|
@ -104,7 +104,7 @@ test_relaycell_resolved(void *arg)
|
|||
tt_int_op(srm_answer_is_set, ==, 0); \
|
||||
} \
|
||||
tt_int_op(srm_ttl, ==, ttl); \
|
||||
tt_int_op(srm_expires, ==, expires); \
|
||||
tt_i64_op((int64_t)srm_expires, ==, (int64_t)expires); \
|
||||
} while (0)
|
||||
|
||||
(void)arg;
|
||||
|
|
|
@ -3741,7 +3741,7 @@ test_util_max_mem(void *arg)
|
|||
} else {
|
||||
/* You do not have a petabyte. */
|
||||
#if SIZEOF_SIZE_T == SIZEOF_UINT64_T
|
||||
tt_uint_op(memory1, <, (U64_LITERAL(1)<<50));
|
||||
tt_u64_op(memory1, <, (U64_LITERAL(1)<<50));
|
||||
#endif
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue