David Goulet [Thu, 24 Mar 2016 17:57:53 +0000 (13:57 -0400)]
Fix broken directory request to the DirPort
Commit e72cbf7a4 introduced a change to directory_initiate_command_rend()
that made tor use the ORPort when making a directory request to the DirPort.
The primary consequence was that a relay couldn't selftest its DirPort thus
failing to work and join the network properly.
The main issue was we were always considering an anonymized connection to be
an OR connection which is not true.
Check if fallbacks support extrainfo descriptors before requesting them
When requesting extrainfo descriptors from a trusted directory
server, check whether it is an authority or a fallback directory
which supports extrainfo descriptors.
Fixes bug 18489; bugfix on 90f6071d8d in tor-0.2.4.7-alpha.
Make it clearer that they are about outgoing connection attempts.
Specify the options involved where they were missing from one log
message.
Clarify a comment.
Nick Mathewson [Tue, 22 Mar 2016 12:29:51 +0000 (08:29 -0400)]
Fix an fd leak in check_private_dir().
The fd would leak when the User wasn't recogniezed by
getpwnam(). Since we'd then go on to exit, this wasn't a terribad
leak, but it's still not as nice as no leak at all.
Roger Dingledine [Mon, 21 Mar 2016 21:11:18 +0000 (17:11 -0400)]
remove extraneous breaks
commit edeba3d4 removed a switch, but left the "break" lines in
from that switch. fortunately the resulting behavior was not wrong,
since there was an outer switch that it was ok to break from.
Roger Dingledine [Mon, 21 Mar 2016 21:08:02 +0000 (17:08 -0400)]
fix indentation after #18332 patches
no actual changes here -- but the new indenting makes it clear
that the fixes in #18332 were not as good as they should have been.
the next commit will deal with that.
Nick Mathewson [Tue, 15 Mar 2016 14:15:59 +0000 (10:15 -0400)]
After we strip out duplicate entries from 'routers', don't use 'rl'.
We've got to make sure that every single subsequent calculation in
dirserv_generate_networkstatus_vote_obj() are based on the list of
routerinfo_t *after* we've removed possible duplicates, not before.
Fortunately, none of the functions that were taking a routerlist_t
as an argument were actually using any fields other than this list
of routers.
Nick Mathewson [Tue, 23 Feb 2016 14:31:23 +0000 (09:31 -0500)]
Fix another case of 17668: Add NoEdConsensus
I had a half-built mechanism to track, during the voting process,
whether the Ed25519 value (or lack thereof) reflected a true
consensus among the authorities. But we never actually inserted this
field in the consensus.
The key idea here is that we first attempt to match up votes by pairs
of <Ed,RSA>, where <Ed> can be NULL if we're told that there is no
Ed key. If this succeeds, then we can treat all those votes as 'a
consensus for Ed'. And we can include all other votes with a
matching RSA key and no statement about Ed keys as being "also about
the same relay."
After that, we look for RSA keys we haven't actually found an entry
for yet, and see if there are enough votes for them, NOT considering
Ed keys. If there are, we match them as before, but we treat them
as "not a consensus about ed".
When we include an entry in a consensus, if it does not reflect a
consensus about ed keys, then we include a new NoEdConsensus flag on
it.
This is all only for consensus method 22 or later.
Nick Mathewson [Mon, 22 Feb 2016 16:43:59 +0000 (11:43 -0500)]
Never vote for an ed key twice.
When generating a vote, and we have two routerinfos with the same ed
key, omit the one published earlier.
This was supposed to have been solved by key pinning, but when I
made key pinning optional, I didn't realize that this would jump up
and bite us. It is part of bug 18318, and the root cause of 17668.
Nick Mathewson [Tue, 15 Mar 2016 15:19:59 +0000 (11:19 -0400)]
Sandbox: Don't preseed getaddrinfo(gethostname()) in client mode.
If we're a server with no address configured, resolve_my_hostname
will need this. But not otherwise. And the preseeding itself can
consume a few seconds if like tails we have no resolvers.
Nick Mathewson [Mon, 14 Mar 2016 18:07:02 +0000 (14:07 -0400)]
Make unix sockets work with the linux seccomp2 sandbox again
I didn't want to grant blanket permissions for chmod() and chown(),
so here's what I had to do:
* Grant open() on all parent directories of a unix socket
* Write code to allow chmod() and chown() on a given file only.
* Grant chmod() and chown() on the unix socket.
David Goulet [Mon, 14 Mar 2016 15:00:46 +0000 (11:00 -0400)]
hs: Do not close desc fetch conn. if we can't pick an HSDir
Launching 7 descriptor fetches makes a connection to each HSDir that is 6
and the seventh one fails to pick an HSDir because they are all being used
already so it was killing all pending connections at once.
Roger Dingledine [Fri, 11 Mar 2016 15:45:03 +0000 (10:45 -0500)]
rip out hid_serv_acting_as_directory()
When we made HidServDirectoryV2 always 1, we removed the situation
where a relay could choose not to be an HSDir. Now simplify the
rest of the code to reflect this decision.
(We have to remove two apparently unrelated free() calls in the unit
tests, since they used to free stuff that we created as a side effect
of calling router_get_my_routerinfo(), and now we no longer call that.)
Roger Dingledine [Fri, 11 Mar 2016 15:40:31 +0000 (10:40 -0500)]
rip out hid_serv_responsible_for_desc_id()
This simplifies relay behavior, because the relay offers the hsdir
functionality independent of whether the directory authorities have
decided this relay is suitable for clients to use yet.
enable and test transproxy on FreeBSD derivatives #18448
The transproxy feature is only enabled when __FreeBSD__ is defined, and
only regular FreeBSD does that. Change this to __FreeBSD_kernel__ which
is defined on derivatives as well.
This enables the relevant options/validate__transproxy test on FreeBSD
derivatives.
projects / thirdparty / tor.git / log
