kgess-mirror/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/debian/tor.git synced 2026-01-16 23:12:29 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
39085 commits 41 branches 1006 tags 109 MiB
Commit graph

39085 commits

This branch
This branch
All branches
Author SHA1 Message Date
David Goulet
7ff4a2a0bd Merge branch 'maint-0.4.8' into release-0.4.8 2025-06-09 09:50:24 -04:00
David Goulet
f84d461b55 Merge branch 'tor-gitlab/mr/903' into maint-0.4.8 2025-06-09 09:50:10 -04:00
David Goulet
fd316d7e96 Merge branch 'maint-0.4.8' into release-0.4.8 2025-06-09 09:36:26 -04:00
Waldemar Zimpel
159f0c08c5 Fix: "Bug: Duplicate call to circuit_mark_for_close()" 
Closes issue #40951
 2025-06-09 11:44:05 +02:00
Roger Dingledine
3871742ed1 log "list of supported TLS groups" only once 
We had been logging it every two hours forever, even though it's based
on the version of OpenSSL we're using it so it will never change.

Fixes bug #41093.

The fix is an improvement on commit ba88ad6b which addressed #41058.

Not adding a changes file since those commits haven't gone out in a
release yet either.
 2025-06-08 22:08:43 -04:00
David Goulet
a9f2347793 Merge branch 'maint-0.4.8' into release-0.4.8 2025-05-21 09:29:36 -04:00
David Goulet
6a35cdeedd Merge branch 'tor-gitlab/mr/894' into maint-0.4.8 2025-05-21 09:29:30 -04:00
David Goulet
09bcdd2224 Merge branch 'maint-0.4.8' into release-0.4.8 2025-05-21 08:55:51 -04:00
Nick Mathewson
9a701f4b99 Make an exception to one of the NONSTRINGs 
Older GCCs accept the attribute but don't believe it can appear
before an array.
 2025-05-18 21:52:36 -04:00
Nick Mathewson
a40c4da985 Add a changes file for 41079. 2025-05-18 21:32:20 -04:00
Nick Mathewson
097aab5b60 Fix a new GCC warning about strings. 
When we say something like

```
const char foo[3] = "foo";
```

GCC now complains, because there is no space for the terminating NUL.
But we use this construction in a lot of places in our tests to
initialize test digests, keys, and so on.  So to resolve the issue,
we have to mark these strings with a new attribute.
 2025-05-18 21:32:20 -04:00
Nick Mathewson
dbcccc548d Convince gcc that we will not access an array out of bounds 2025-05-18 20:54:08 -04:00
Nick Mathewson
c06efdd2c9 reindent code from previous commit 2025-05-12 08:44:44 -04:00
Nick Mathewson
3e585d6047 Allow pow-params to appear multiple times. 
Relatedly, we only require that a pow-params line has _1_ argument
(since future versions might have nothing but a scheme).

See torspec#272 for discussion;
also see proposal 356 for why the fingerprinting opportunity here
isn't a big deal.

We probably shouldn't merge this until torspec!390 is in,
just in case we decide _not_ to take this approach.

(I haven't reindented some code here yet, to make the diff easier to read.)
 2025-05-12 08:44:15 -04:00
David Goulet
5f84c428bc Merge branch 'maint-0.4.8' into release-0.4.8 2025-05-05 12:33:59 -04:00
orbea
adb8a870ed crypt_openssl_mgt: define DISABLE_ENGINES after OPENSSL_NO_ENGINE 
With LibreSSL-3.8.1 these engines are no long available causing a build
failure, but LibreSSL correctly defines OPENSSL_NO_ENGINE as part of its
opensslfeatures.h. However Tor includes crypto_openssl_mgt.h before any
of the openssl includes which would define OPENSSL_NO_ENGINE and then
fails to define DISABLE_ENGINES.

As the define is used in only a single .c file it is best to move it
there.

Signed-off-by: orbea <orbea@riseup.net>
 2025-05-05 12:33:48 -04:00
orbea
d11d1ded89 compat_openssl: fix for LibreSSL 4.1.0 
Starting with LibreSSL 4.1.0 this now causes a build failure:

src/lib/tls/tortls_openssl.c: In function 'tor_tls_setup_session_secret_cb':
src/lib/tls/tortls_openssl.c:1059:39: error: passing argument 2 of 'SSL_set_session_secret_cb' from incompatible pointer type [-Wincompatible-pointer-types]
 1059 |   SSL_set_session_secret_cb(tls->ssl, tor_tls_session_secret_cb, NULL);
      |                                       ^~~~~~~~~~~~~~~~~~~~~~~~~
      |                                       |
      |                                       int (*)(SSL *, void *, int *, struct stack_st_SSL_CIPHER *, SSL_CIPHER **, void *) {aka int (*)(struct ssl_st *, void *, int *, struct stack_st_SSL_CIPHER *, struct ssl_cipher_st **, void *)}
In file included from src/lib/tls/tortls_openssl.c:48:
/usr/include/openssl/ssl.h:1489:30: note: expected 'tls_session_secret_cb_fn' {aka 'int (*)(struct ssl_st *, void *, int *, struct stack_st_SSL_CIPHER *, const struct ssl_cipher_st **, void *)'} but argument is of type 'int (*)(SSL *, void *, int *, struct stack_st_SSL_CIPHER *, SSL_CIPHER **, void *)' {aka 'int (*)(struct ssl_st *, void *, int *, struct stack_st_SSL_CIPHER *, struct ssl_cipher_st **, void *)'}
 1489 |     tls_session_secret_cb_fn tls_session_secret_cb, void *arg);
      |     ~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~

Signed-off-by: orbea <orbea@riseup.net>
 2025-05-05 12:33:03 -04:00
David Goulet
aace7a5e18 Merge branch 'maint-0.4.8' into release-0.4.8 2025-04-23 14:35:27 -04:00
Nick Mathewson
ba88ad6b09 Promote "list of supported groups" message to notice. 
I have a feeling that this might help diagnosing
any other problems similar to #41058.
 2025-04-23 14:13:30 -04:00
Nick Mathewson
4d2a6bff4c Only try more complex OpenSSL group list syntax with OpenSSL 3.5. 
Closes #41058.
 2025-04-23 14:10:43 -04:00
David Goulet
1f77326b3d Merge branch 'maint-0.4.8' into release-0.4.8 2025-04-23 11:00:53 -04:00
Nick Mathewson
a64db5adaf TLS: When possible, enable ML-KEM768. 
Closes ticket 41041.
 2025-04-23 10:02:32 -04:00
Nick Mathewson
b7927946fd Correctly detect error from SSL_CTX_set1_groups_list. 
Previously our code was checking for '< 0', but the error return value for
this function _is_ zero.
 2025-04-23 08:46:17 -04:00
Nick Mathewson
cc9a9b1bdd Remove TOR_TLS_USE_ECDHE_P* flags. 
They have been unused since 0.3.1.1-alpha, when we removed the
TLSECGroups option.
 2025-04-23 08:38:05 -04:00
Sebastian Hahn
650fabc6ad Make two 1-bit fields unsigned 
This should be a completely harmless warning as we only check whether
the fields are true or false.

Closes #40911.

(Backported by nickm so that I can compile 0.4.8 without warnings.)
 2025-04-23 08:33:35 -04:00
David Goulet
6f2815511e Merge branch 'maint-0.4.8' into release-0.4.8 2025-03-31 13:32:28 -04:00
Waldemar Zimpel
f79afc54dd Fix: Crash on SIGSEGV if at least one worker thread cannot be launched 
Perform a clean shutdown in case worker threads cannot be lauched.
 2025-03-27 23:15:05 +01:00
David Goulet
942615e119 Merge branch 'maint-0.4.8' into release-0.4.8 2025-03-27 15:56:13 -04:00
David Goulet
dd25a8c7de Merge branch 'tor-gitlab/mr/874' into maint-0.4.8 2025-03-27 15:56:02 -04:00
David Goulet
4a4aef4977 Merge branch 'fix/memleaks-cpuworker' into 'maint-0.4.8' 
Re: Coverity report Oct 31st, 2024 (Issue #40991)

See merge request tpo/core/tor!844
 2025-03-27 14:29:11 +00:00
excurso
ee9b3c127c Re: Coverity report Oct 31st, 2024 (Issue #40991) 2025-03-27 14:29:11 +00:00
David Goulet
46161b194f conflux: Avoid non fatal assert in CIRCUIT_IS_CONFLUX() 
In the circuit_about_to_free(), we clear the circ->conflux object and then we
end up trying to emit an event on the control port which calls
CIRCUIT_IS_CONFLUX() and non fatal assert on the false branch.

Fixes #41037

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2025-03-27 08:49:40 -04:00
David Goulet
88ea04d04b Merge branch 'maint-0.4.8' into release-0.4.8 2025-03-26 14:09:15 -04:00
Nick Mathewson
4edf0bf960 Require FlowCtrl=1 (authenticated sendmes) for clients 
This will cause clients before 0.4.1.1-alpha to shut down.

Part of #40836.
 2025-03-25 15:14:28 -04:00
Nick Mathewson
b9cd5c2848 protover: Vote for additional protocols to be required/recommended 
Note that the changes here will require all relays
to be 0.4.7.4-alpha or later, which is lower than
our current lowest-supported relay version.

Part of #40836.
 2025-03-25 15:13:12 -04:00
David Goulet
52ac23f82d Merge branch 'maint-0.4.8' into release-0.4.8 2025-03-25 13:06:24 -04:00
Roger Dingledine
18c1697e20 fix two comment typos from 0.4.8.15 2025-03-25 11:22:24 -04:00
David Goulet
56c1c0d6f2 Merge branch 'maint-0.4.8' into release-0.4.8 2025-03-24 12:52:37 -04:00
Tor CI Release
0314e431f4 version: Bump version to 0.4.8.16-dev 2025-03-24 12:52:29 -04:00
David Goulet
64ccafd811 Merge branch 'maint-0.4.8' into release-0.4.8 2025-03-24 11:23:12 -04:00
Tor CI Release
5d3887fe32 version: Bump version to 0.4.8.16 2025-03-24 11:23:00 -04:00
David Goulet
a1a4301872 release: ChangeLog and ReleaseNotes for 0.4.8.16 
Signed-off-by: David Goulet <dgoulet@torproject.org>
 2025-03-24 11:18:46 -04:00
David Goulet
c44793543a Merge branch 'maint-0.4.8' into release-0.4.8 2025-03-24 11:16:19 -04:00
Tor CI Release
294461e227 Update geoip files to match ipfire location db, 2025/03/24. 2025-03-24 11:14:51 -04:00
David Goulet
e280bcef9b Merge branch 'maint-0.4.8' into release-0.4.8 2025-03-24 10:39:13 -04:00
David Goulet
52c68b80de dirauth: Fix typo in flag relay assignment token 
Unfortunately, we wanted to be able to control the Guard flag here but the
token used mentionned "exit" instead.

Oh well, s*** happens :).

Fixes #41035

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2025-03-24 09:20:12 -04:00
David Goulet
5d13314e08 Merge branch 'maint-0.4.8' into release-0.4.8 2025-03-20 11:22:27 -04:00
Tor CI Release
77021a0f15 version: Bump version to 0.4.8.15-dev 2025-03-20 11:22:06 -04:00
David Goulet
294881b2eb Merge branch 'maint-0.4.8' into release-0.4.8 2025-03-20 10:55:23 -04:00
Tor CI Release
04b459cffd version: Bump version to 0.4.8.15 2025-03-20 10:53:14 -04:00