Tomasz Torcz [Fri, 9 Jan 2015 22:42:16 +0000 (23:42 +0100)]
fix and enable systemd watchdog
There were following problems:
- configure.ac wrongly checked for defined HAVE_SYSTEMD; this
wasn't working, so the watchdog code was not compiled in.
Replace library search with explicit version check
- sd_notify() watchdog call was unsetting NOTIFY_SOCKET from env;
this means only first "watchdog ping" was delivered, each
subsequent one did not have socket to be sent to and systemd
was killing service
- after those fixes, enable Watchdog in systemd unit with one
minute intervals
Tomasz Torcz [Fri, 9 Jan 2015 21:44:00 +0000 (22:44 +0100)]
send more details about daemon status to supervisor
If running under systemd, send back information when reloading
configuration and gracefully shutting down. This gives administator
more information about current Tor daemon state.
Tomasz Torcz [Fri, 9 Jan 2015 21:17:50 +0000 (22:17 +0100)]
send PID of the main daemon to supervisor
If running under systemd, notify the supervisor about current PID
of Tor daemon. This makes systemd unit simpler and more robust:
it will do the right thing regardless of RunAsDaemon settings.
teor [Sun, 11 Jan 2015 08:33:04 +0000 (19:33 +1100)]
Don't crash on torrc Vi[rtualAddrNetworkIPv[4|6]] with no option value
Check for a missing option value in parse_virtual_addr_network
before asserting on the NULL in tor_addr_parse_mask_ports.
This avoids crashing on torrc lines like Vi[rtualAddrNetworkIPv[4|6]]
when no value follows the option.
Bugfix on 0.2.3 (de4cc126cbb5 on 24 November 2012), fixes #14142.
Nick Mathewson [Sat, 10 Jan 2015 22:21:11 +0000 (17:21 -0500)]
Better workaround for CFLAGS issues from #14072; fixes #14162
When I applied patch fcc78e5f8a3249eadfea31db, I somehow broke
stack trace symbols on Linux. I'll leave it to others to figure out
why that happens. This should be better. Really.
Fixes bug 14162; bug not in any released version of Tor.
teor [Sat, 10 Jan 2015 10:43:31 +0000 (21:43 +1100)]
Create TestingDirAuthVoteHSDir like TestingDirAuthVoteExit/Guard
TestingDirAuthVoteHSDir ensures that authorities vote the HSDir flag
for the listed relays regardless of uptime or ORPort connectivity.
Respects the value of VoteOnHidServDirectoriesV2.
Nick Mathewson [Fri, 19 Jul 2013 03:45:40 +0000 (23:45 -0400)]
Stop accepting milliseconds in various directory contexts
Have clients and authorities both have new behavior, since the
fix for bug 11243 has gone in. But make clients still accept
accept old bogus HSDir descriptors, to avoid fingerprinting trickery.
Nick Mathewson [Thu, 13 Nov 2014 15:48:15 +0000 (10:48 -0500)]
Add an ExitRelay option to override ExitPolicy
If we're not a relay, we ignore it.
If it's set to 1, we obey ExitPolicy.
If it's set to 0, we force ExitPolicy to 'reject *:*'
And if it's set to auto, then we warn the user if they're running an
exit, and tell them how they can stop running an exit if they didn't
mean to do that.
Nick Mathewson [Tue, 6 Jan 2015 19:05:35 +0000 (14:05 -0500)]
Use package-config output for -lsystemd correctly
In systemd 209, they deprecated -lsystemd-daemon in favor of
-lsystemd. So we'd better actually look at the pkg-config output,
or we'll get warnings on newer distributions.
For some as-yet-unknown-to-me reason, setting CFLAGS so early makes
it so -O2 -g doesn't get added to it later. So, adding it myself
later. Perhaps a better fix here can be found.
Fixes 14072; bugfix on 0.2.6.2-alpha. Based on a patch from h.venev
Nick Mathewson [Sun, 4 Jan 2015 22:28:54 +0000 (17:28 -0500)]
Prevent changes to other options from removing . from AutomapHostsSuffixes
This happened because we changed AutomapHostsSuffixes to replace "."
with "", since a suffix of "" means "match everything." But our
option handling code for CSV options likes to remove empty entries
when it re-parses stuff.
Instead, let "." remain ".", and treat it specially when we're
checking for a match.
Yawning Angel [Tue, 30 Dec 2014 16:36:16 +0000 (16:36 +0000)]
Allow IPv4 and IPv6 addresses in SOCKS5 FQDN requests.
Supposedly there are a decent number of applications that "support"
IPv6 and SOCKS5 using the FQDN address type. While said applications
should be using the IPv6 address type, allow the connection if
SafeSocks is not set.
teor [Sat, 20 Dec 2014 10:44:16 +0000 (21:44 +1100)]
Fix Reachability self-tests in test networks
Stop assuming that private addresses are local when checking
reachability in a TestingTorNetwork. Instead, when testing, assume
all OR connections are remote. (This is necessary due to many test
scenarios running all nodes on localhost.)
This assists in bootstrapping a testing Tor network.
teor [Thu, 25 Dec 2014 13:43:58 +0000 (00:43 +1100)]
Add "internal" to some bootstrap statuses when no exits are available.
If the consensus does not contain Exits, Tor will only build internal
circuits. In this case, relevant statuses will contain the word "internal"
as indicated in the Tor control-spec.txt. When bootstrap completes,
Tor will be ready to handle an application requesting an internal
circuit to hidden services at ".onion" addresses.
If a future consensus contains Exits, exit circuits may become available.
Tor already notifies the user at "notice" level if they have no exits in
the consensus, and can therefor only build internal paths.
teor [Thu, 25 Dec 2014 13:31:16 +0000 (00:31 +1100)]
Avoid building exit circuits from a consensus with no exits
Tor can now build circuits from a consensus with no exits.
But if it tries to build exit circuits, they fail and flood the logs.
The circuit types in the Exit Circuits list below will only be
built if the current consensus has exits. If it doesn't,
only the Internal Circuits will be built. (This can change
with each new consensus.)
Fixes bug #13814, causes fewer path failures due to #13817.
Exit Circuits:
Predicted Exit Circuits
User Traffic Circuits
Most AP Streams
Circuits Marked Exit
Build Timeout Circuits (with exits)
Internal Circuits:
Hidden Service Server Circuits
Hidden Service Client Circuits
Hidden Service AP Streams
Hidden Service Intro Point Streams
Circuits Marked Internal
Build Timeout Circuits (with no exits)
Other Circuits?
teor [Thu, 25 Dec 2014 12:42:38 +0000 (23:42 +1100)]
Avoid excluding guards from path building in minimal test networks
choose_good_entry_server() now excludes current entry
guards and their families, unless we're in a test network,
and excluding guards would exclude all nodes.
This typically occurs in incredibly small tor networks,
and those using TestingAuthVoteGuard *
This is an incomplete fix, but is no worse than the previous
behaviour, and only applies to minimal, testing tor networks
(so it's no less secure).
David Goulet [Tue, 25 Nov 2014 15:37:55 +0000 (10:37 -0500)]
Fix: mitigate as much as we can HS port scanning
Make hidden service port scanning harder by sending back REASON_DONE which
does not disclose that it was in fact an exit policy issue. After that, kill
the circuit immediately to avoid more bad requests on it.
This means that everytime an hidden service exit policy does match, the user
(malicious or not) needs to build a new circuit.
Nick Mathewson [Mon, 29 Dec 2014 15:06:12 +0000 (10:06 -0500)]
Wipe all of the target space in tor_addr_{to,from}_sockaddr()
Otherwise we risk a subsequent memdup or memcpy copying
uninitialized RAM into some other place that might eventually expose
it. Let's make sure that doesn't happen.
projects / thirdparty / tor.git / log
