Permalink
Commits on Dec 5, 2016
Commits on Dec 2, 2016
-
Use a temporary service list when validating and adding hidden services
This resolves two issues: * the checks in rend_add_services were only being performed when adding the service, and not when the service was validated, (this meant that duplicate checks were not being performed, and some SETCONF commands appeared to succeed when they actually failed), and * if one service failed while services were being added, then the service list would be left in an inconsistent state (tor dies when this happens, but the code is cleaner now). Fixes #20860.
-
-
Clarify the function documentation for rend_get_service_list_mutable
Comment-only change
-
-
-
protover: Fix old tor hardcoded version check
When computing old Tor protocol line version in protover, we were looking at 0.2.7.5 twice instead of the specific case for 0.2.9.1-alpha. Fixes #20810 Signed-off-by: David Goulet <dgoulet@torproject.org>
-
-
-
-
Remove changes files got merged in 0.2.9.6-rc and earlier
These won't appear in the 0.3.0.1-alpha changelog, so we don't want to keep them around here. List generated with ./scripts/maint/findMergedChanges.pl
-
-
-
-
-
-
-
test_single_onion_poisoning: Free dir[12] on all paths
Coverity doesn't like it when there are paths to the end of the function where something doesn't get freed, even when those paths are only reachable on unit test failure. Fixes CID 1372899 and CID 1372900. Bug not in any released Tor.
Commits on Dec 1, 2016
-
-
-
-
-
-
newconn->address is strdup'ed twice when new_type == CONN_TYPE_AP and conn->socket_family == AF_UNIX. Whilst here, juggle code to make sure newconn->port is assigned from an initialised value in the above case.
-
-
-
Stop ignoring misconfigured hidden services
Instead, refuse to start tor until the misconfigurations have been corrected. Fixes bug 20559; bugfix on multiple commits in 0.2.7.1-alpha and earlier.
-
Refactor rend_service_list substitute list selection code
Remove duplicate code. No behaviour change.
-
-
-
-
Stop ignoring hidden service key anonymity when first starting tor
Instead, refuse to start tor if any hidden service key has been used in a different hidden service anonymity mode. Fixes bug 20638; bugfix on 17178 in 0.2.9.3-alpha; reported by ahf. The original single onion service poisoning code checked poisoning state in options_validate, and poisoned in options_act. This was problematic, because the global array of hidden services had not been populated in options_validate (and there were ordrering issues with hidden service directory creation). This patch fixes this issue in rend_service_check_dir_and_add, which: * creates the directory, or checks permissions on an existing directory, then * checks the poisoning state of the directory, then * poisons the directory. When validating, only the permissions checks and the poisoning state checks are perfomed (the directory is not modified).
-
Update unit tests for 20484, 20529
Add extra logging and extra validity checks for hidden services.
-