August 2015 - tor-commits - lists.torproject.org

[tor-browser/tor-browser-38.1.0esr-5.0-1] Merge remote-tracking branch 'brade/bug16715-01' into tor-browser-38.1.0esr-5.0-1
by mikeperry＠torproject.org 06 Aug '15

06 Aug '15

commit 2cdcdb2535957a79a2e6577188e25c9f783d3634 Merge: bfdfccc c127300 Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Thu Aug 6 14:37:02 2015 -0700 Merge remote-tracking branch 'brade/bug16715-01' into tor-browser-38.1.0esr-5.0-1 dom/canvas/CanvasUtils.cpp | 2 +- dom/events/Event.cpp | 2 +- dom/events/KeyboardEvent.cpp | 2 +- layout/style/nsComputedDOMStyle.cpp | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-)

1 0

[webwml/master] Unrecommend 5.0a3.
by mikeperry＠torproject.org 06 Aug '15

06 Aug '15

commit 0991aec63ba827e86836709237e2e6046b25adac Author: Mike Perry <mikeperry-git(a)torproject.org> Date: Thu Aug 6 13:04:24 2015 -0700 Unrecommend 5.0a3. It's not actually outdated, but better to have some more feedback on the 5.0a4 if we can get it. --- projects/torbrowser/RecommendedTBBVersions | 4 ---- 1 file changed, 4 deletions(-) diff --git a/projects/torbrowser/RecommendedTBBVersions b/projects/torbrowser/RecommendedTBBVersions index bfb9c4d..8d99f5c … [View More]

1 0

[tor/master] Do not autoflush control connections as their outbufs get big
by nickm＠torproject.org 06 Aug '15

06 Aug '15

commit aadff62745bfa15816ba8c725d9b9cf17abb53d0 Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Jul 30 13:31:27 2015 -0400 Do not autoflush control connections as their outbufs get big Doing this is no longer necessary, and it leads to weird recursions in our call graph. Closes ticket 16480. --- changes/decouple-write-handle_write | 7 +++++++ src/or/connection.c | 28 ---------------------------- 2 files changed, 7 insertions(+), 28 … [View More]deletions(-) diff --git a/changes/decouple-write-handle_write b/changes/decouple-write-handle_write new file mode 100644 index 0000000..4ef9b3f --- /dev/null +++ b/changes/decouple-write-handle_write @@ -0,0 +1,7 @@ + o Removed features: + - Remove the code that would try to aggressively flush controller + connections while writing to them. This code was introduced in + 0.1.2.7-alpha, in order to keep output buffers from exceeding their + limits. But there is no longer a maximum output buffer size, and + flushing data in this way caused some undesirable recursions + in our call graph. Closes ticket 16480. diff --git a/src/or/connection.c b/src/or/connection.c index 2cca6e4..ac36578 100644 --- a/src/or/connection.c +++ b/src/or/connection.c @@ -4206,34 +4206,6 @@ connection_write_to_buf_impl_,(const char *string, size_t len, conn->outbuf_flushlen += buf_datalen(conn->outbuf) - old_datalen; } else { conn->outbuf_flushlen += len; - - /* Should we try flushing the outbuf now? */ - if (conn->in_flushed_some) { - /* Don't flush the outbuf when the reason we're writing more stuff is - * _because_ we flushed the outbuf. That's unfair. */ - return; - } - - if (conn->type == CONN_TYPE_CONTROL && - !connection_is_rate_limited(conn) && - conn->outbuf_flushlen-len < 1<<16 && - conn->outbuf_flushlen >= 1<<16) { - /* just try to flush all of it */ - } else - return; /* no need to try flushing */ - - if (connection_handle_write(conn, 0) < 0) { - if (!conn->marked_for_close) { - /* this connection is broken. remove it. */ - log_warn(LD_BUG, "unhandled error on write for " - "conn (type %d, fd %d); removing", - conn->type, (int)conn->s); - tor_fragile_assert(); - /* do a close-immediate here, so we don't try to flush */ - connection_close_immediate(conn); - } - return; - } } } [View Less]

1 0

[tor/master] Merge remote-tracking branch 'public/decouple-write'
by nickm＠torproject.org 06 Aug '15

06 Aug '15

commit 887d86b76d0c10883c1516fc19e8b796a70479cf Merge: e86c3b2 aadff62 Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Aug 6 12:58:18 2015 -0400 Merge remote-tracking branch 'public/decouple-write' changes/decouple-write-handle_write | 7 +++++++ src/or/connection.c | 28 ---------------------------- 2 files changed, 7 insertions(+), 28 deletions(-)

1 0

[tor/master] Merge remote-tracking branch 'public/bug16286'
by nickm＠torproject.org 06 Aug '15

06 Aug '15

commit e86c3b283a20e496e387f5d0fffbd408eee0e0d9 Merge: 574344b 2025490 Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Aug 6 12:44:13 2015 -0400 Merge remote-tracking branch 'public/bug16286' changes/bug16286 | 8 ++++++++ src/or/dirserv.c | 37 +++++++++++++++++++------------------ src/or/dirserv.h | 3 ++- src/or/nodelist.c | 2 +- 4 files changed, 30 insertions(+), 20 deletions(-)

1 0

[tor/master] Improve log messages for problems about ed25519 keypinning
by nickm＠torproject.org 06 Aug '15

06 Aug '15

commit 20254907d7f49ae706393cf3708e9cf343875199 Author: Nick Mathewson <nickm(a)torproject.org> Date: Fri Jul 31 10:47:39 2015 -0400 Improve log messages for problems about ed25519 keypinning Fixes 16286; bugfix on 0.2.7.2-alpha. --- changes/bug16286 | 8 ++++++++ src/or/dirserv.c | 37 +++++++++++++++++++------------------ src/or/dirserv.h | 3 ++- src/or/nodelist.c | 2 +- 4 files changed, 30 insertions(+), 20 deletions(-) diff --git a/changes/bug16286 b/… [View More]changes/bug16286 new file mode 100644 index 0000000..7b30493 --- /dev/null +++ b/changes/bug16286 @@ -0,0 +1,8 @@ + o Minor bugfixes (authority): + - Downgrade log messages about Ed25519 key issues, if they are in + old cached router descriptors. Fixes part of bug 16286; bugfix on + 0.2.7.2-alpha. + + - When we find an Ed25519 key issue in a cached descriptor, stop saying + the descriptor was just "uploaded". Fixes another part of bug 16286; + bugfix on 0.2.7.2-alpha. diff --git a/src/or/dirserv.c b/src/or/dirserv.c index 0a15332..072a339 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -244,7 +244,8 @@ dirserv_load_fingerprint_file(void) * If the status is 'FP_REJECT' and <b>msg</b> is provided, set * *<b>msg</b> to an explanation of why. */ uint32_t -dirserv_router_get_status(const routerinfo_t *router, const char **msg) +dirserv_router_get_status(const routerinfo_t *router, const char **msg, + int severity) { char d[DIGEST_LEN]; @@ -263,7 +264,8 @@ dirserv_router_get_status(const routerinfo_t *router, const char **msg) if (msg) { *msg = "Ed25519 identity key or RSA identity key has changed."; } - log_warn(LD_DIR, "Router %s uploaded a descriptor with a Ed25519 key " + log_fn(severity, LD_DIR, + "Descriptor from router %s has an Ed25519 key, " "but the <rsa,ed25519> keys don't match what they were before.", router_describe(router)); return FP_REJECT; @@ -272,7 +274,8 @@ dirserv_router_get_status(const routerinfo_t *router, const char **msg) /* No ed25519 key */ if (KEYPIN_MISMATCH == keypin_check_lone_rsa( (const uint8_t*)router->cache_info.identity_digest)) { - log_warn(LD_DIR, "Router %s uploaded a descriptor with no Ed25519 key, " + log_fn(severity, LD_DIR, + "Descriptor from router %s has no Ed25519 key, " "when we previously knew an Ed25519 for it. Ignoring for now, " "since Tor 0.2.6 is under development.", router_describe(router)); @@ -299,7 +302,7 @@ dirserv_would_reject_router(const routerstatus_t *rs) res = dirserv_get_status_impl(rs->identity_digest, rs->nickname, rs->addr, rs->or_port, - NULL, NULL, 0); + NULL, NULL, LOG_DEBUG); return (res & FP_REJECT) != 0; } @@ -308,13 +311,13 @@ dirserv_would_reject_router(const routerstatus_t *rs) * (hex, no spaces), nickname, address (used for logging only), IP address, OR * port and platform (logging only) as arguments. * - * If should_log is false, do not log messages. (There's not much point in + * Log messages at 'severity'. (There's not much point in * logging that we're rejecting servers we'll not download.) */ static uint32_t dirserv_get_status_impl(const char *id_digest, const char *nickname, uint32_t addr, uint16_t or_port, - const char *platform, const char **msg, int should_log) + const char *platform, const char **msg, int severity) { uint32_t result = 0; router_status_t *status_by_digest; @@ -322,10 +325,9 @@ dirserv_get_status_impl(const char *id_digest, const char *nickname, if (!fingerprint_list) fingerprint_list = authdir_config_new(); - if (should_log) - log_debug(LD_DIRSERV, "%d fingerprints, %d digests known.", - strmap_size(fingerprint_list->fp_by_name), - digestmap_size(fingerprint_list->status_by_digest)); + log_debug(LD_DIRSERV, "%d fingerprints, %d digests known.", + strmap_size(fingerprint_list->fp_by_name), + digestmap_size(fingerprint_list->status_by_digest)); /* Versions before Tor 0.2.4.18-rc are too old to support, and are * missing some important security fixes too. Disable them. */ @@ -350,23 +352,22 @@ dirserv_get_status_impl(const char *id_digest, const char *nickname, } if (authdir_policy_badexit_address(addr, or_port)) { - if (should_log) - log_info(LD_DIRSERV, "Marking '%s' as bad exit because of address '%s'", + log_fn(severity, LD_DIRSERV, + "Marking '%s' as bad exit because of address '%s'", nickname, fmt_addr32(addr)); result |= FP_BADEXIT; } if (!authdir_policy_permits_address(addr, or_port)) { - if (should_log) - log_info(LD_DIRSERV, "Rejecting '%s' because of address '%s'", + log_fn(severity, LD_DIRSERV, "Rejecting '%s' because of address '%s'", nickname, fmt_addr32(addr)); if (msg) *msg = "Authdir is rejecting routers in this range."; return FP_REJECT; } if (!authdir_policy_valid_address(addr, or_port)) { - if (should_log) - log_info(LD_DIRSERV, "Not marking '%s' valid because of address '%s'", + log_fn(severity, LD_DIRSERV, + "Not marking '%s' valid because of address '%s'", nickname, fmt_addr32(addr)); result |= FP_INVALID; } @@ -422,9 +423,9 @@ authdir_wants_to_reject_router(routerinfo_t *ri, const char **msg, int complain, int *valid_out) { /* Okay. Now check whether the fingerprint is recognized. */ - uint32_t status = dirserv_router_get_status(ri, msg); time_t now; int severity = (complain && ri->contact_info) ? LOG_NOTICE : LOG_INFO; + uint32_t status = dirserv_router_get_status(ri, msg, severity); tor_assert(msg); if (status & FP_REJECT) return -1; /* msg is already set. */ @@ -734,7 +735,7 @@ directory_remove_invalid(void) uint32_t r; if (!ent) continue; - r = dirserv_router_get_status(ent, &msg); + r = dirserv_router_get_status(ent, &msg, LOG_INFO); router_get_description(description, ent); if (r & FP_REJECT) { log_info(LD_DIRSERV, "Router %s is now rejected: %s", diff --git a/src/or/dirserv.h b/src/or/dirserv.h index 311a513..8a4e68d 100644 --- a/src/or/dirserv.h +++ b/src/or/dirserv.h @@ -84,7 +84,8 @@ int authdir_wants_to_reject_router(routerinfo_t *ri, const char **msg, int complain, int *valid_out); uint32_t dirserv_router_get_status(const routerinfo_t *router, - const char **msg); + const char **msg, + int severity); void dirserv_set_node_flags_from_authoritative_status(node_t *node, uint32_t authstatus); diff --git a/src/or/nodelist.c b/src/or/nodelist.c index 8f8adb4..2f272a1 100644 --- a/src/or/nodelist.c +++ b/src/or/nodelist.c @@ -176,7 +176,7 @@ nodelist_set_routerinfo(routerinfo_t *ri, routerinfo_t **ri_old_out) if (authdir_mode(get_options()) && !had_router) { const char *discard=NULL; - uint32_t status = dirserv_router_get_status(ri, &discard); + uint32_t status = dirserv_router_get_status(ri, &discard, LOG_INFO); dirserv_set_node_flags_from_authoritative_status(node, status); } [View Less]

1 0

[tor/master] add dSYM files to gitignore (they are an osx thing)
by nickm＠torproject.org 06 Aug '15

06 Aug '15

commit 574344b9ab1b533d69e0fdcced7dee12d1fcbe95 Author: Nick Mathewson <nickm(a)torproject.org> Date: Wed Aug 5 21:41:31 2015 -0400 add dSYM files to gitignore (they are an osx thing) --- .gitignore | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.gitignore b/.gitignore index cfa8e7e..135df7b 100644 --- a/.gitignore +++ b/.gitignore @@ -25,6 +25,8 @@ *.pyo # Cscope cscope.* +# OSX junk +*.dSYM # / /Makefile

1 0

[torbutton/master] Bug 16731: TBB 5.0 a3/a4 fails to download a file on right click
by gk＠torproject.org 06 Aug '15

06 Aug '15

commit 97796d37738679b232a226f039e9b407b1a47c98 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Wed Aug 5 15:02:19 2015 -0400 Bug 16731: TBB 5.0 a3/a4 fails to download a file on right click Account for an nsIExternalHelperAppService.idl interface change (the parameters to the doContent() method were changed between ESR31 and ESR38). See Mozilla bug #903022. --- src/components/external-app-blocker.js | 6 ++++-- 1 file changed, 4 insertions(+), 2 … [View More]

1 0

[tor-browser/tor-browser-38.1.0esr-5.0-1] fixup! Bug 13670.1: Isolate favicon requests by first party.
by gk＠torproject.org 06 Aug '15

06 Aug '15

commit bfdfcccae99d1af38b3320eb7409377bd0ebc154 Author: Kathy Brade <brade(a)pearlcrescent.com> Date: Wed Aug 5 11:16:12 2015 -0400 fixup! Bug 13670.1: Isolate favicon requests by first party. Fix debug build error: Inside nsContentUtils::LoadImage(), remove the NS_PRECONDITION() call that references the aLoadingDocument parameter (which had been removed). --- dom/base/nsContentUtils.cpp | 1 - 1 file changed, 1 deletion(-) diff --git a/dom/base/nsContentUtils.… [View More]

1 0

[tor-messenger-build/master] Update build repositories for Instanbird and Mozilla
by sukhbir＠torproject.org 06 Aug '15

06 Aug '15

commit 603512bd8255f156b255c31cc2efd4f7b080177c Author: Sukhbir Singh <sukhbir(a)torproject.org> Date: Wed Aug 5 20:16:58 2015 -0400 Update build repositories for Instanbird and Mozilla --- projects/instantbird/config | 4 ++-- projects/mozilla/config | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/projects/instantbird/config b/projects/instantbird/config index 9cd0343..49d76af 100644 --- a/projects/instantbird/config +++ b/projects/instantbird/… [View More]

1 0