Merge branch 'maint-0.3.5' into bug31107_035

This commit is contained in:
Nick Mathewson 2019-09-17 09:16:52 -04:00
commit 7589995111
1189 changed files with 208799 additions and 84880 deletions

119
.appveyor.yml Normal file
View File

@ -0,0 +1,119 @@
version: 1.0.{build}
clone_depth: 50
# Appveyor images are named after the Visual Studio version they contain.
# But we compile using MinGW, not Visual Studio.
# We use these images because they have different Windows versions.
image:
# Windows Server 2016
- Visual Studio 2017
# Windows Server 2012 R2
- Visual Studio 2015
environment:
compiler: mingw
matrix:
- target: i686-w64-mingw32
compiler_path: mingw32
mingw_prefix: mingw-w64-i686
hardening:
- target: x86_64-w64-mingw32
compiler_path: mingw64
mingw_prefix: mingw-w64-x86_64
# hardening doesn't work with mingw-w64-x86_64-gcc, because it's gcc 8
hardening: --disable-gcc-hardening
matrix:
# Don't keep building failing jobs
fast_finish: true
# Skip the 32-bit Windows Server 2016 job, and the 64-bit Windows Server
# 2012 R2 job, to speed up the build.
# The environment variables must be listed without the 'environment' tag.
exclude:
- image: Visual Studio 2017
target: i686-w64-mingw32
compiler_path: mingw32
mingw_prefix: mingw-w64-i686
hardening:
- image: Visual Studio 2015
target: x86_64-w64-mingw32
compiler_path: mingw64
mingw_prefix: mingw-w64-x86_64
# hardening doesn't work with mingw-w64-x86_64-gcc, because it's gcc 8
hardening: --disable-gcc-hardening
install:
- ps: >-
Function Execute-Command ($commandPath)
{
& $commandPath $args 2>&1
if ( $LastExitCode -ne 0 ) {
$host.SetShouldExit( $LastExitCode )
}
}
Function Execute-Bash ()
{
Execute-Command 'c:\msys64\usr\bin\bash' '-e' '-c' $args
}
<# mingw packages start with ${env:mingw_prefix}
# unprefixed packages are from MSYS2, which is like Cygwin. Avoid them.
#
# Use pacman --debug to show package downloads and install locations
#>
Execute-Command "C:\msys64\usr\bin\pacman" -Sy --verbose --needed --noconfirm ${env:mingw_prefix}-libevent ${env:mingw_prefix}-pkg-config ${env:mingw_prefix}-xz ${env:mingw_prefix}-zstd ;
build_script:
- ps: >-
if ($env:compiler -eq "mingw") {
<# use the MSYS2 compiler and user binaries to build and install #>
$oldpath = ${env:Path} -split ';'
$buildpath = @("C:\msys64\${env:compiler_path}\bin", "C:\msys64\usr\bin") + $oldpath
$env:Path = @($buildpath) -join ';'
$env:build = @("${env:APPVEYOR_BUILD_FOLDER}", $env:target) -join '\'
Set-Location "${env:APPVEYOR_BUILD_FOLDER}"
Execute-Bash 'autoreconf -i'
mkdir "${env:build}"
Set-Location "${env:build}"
Execute-Bash "which ${env:target}-gcc"
Execute-Bash "${env:target}-gcc --version"
<# compile for mingw
# mingw zstd doesn't come with a pkg-config file, so we manually
# configure its flags. liblzma just works.
#>
Execute-Bash "ZSTD_CFLAGS='-L/${env:compiler_path}/include' ZSTD_LIBS='-L/${env:compiler_path}/lib -lzstd' ../configure --prefix=/${env:compiler_path} --build=${env:target} --host=${env:target} --with-openssl-dir=/${env:compiler_path} --disable-asciidoc --enable-fatal-warnings ${env:hardening}"
Execute-Bash "V=1 make -j2"
Execute-Bash "V=1 make -j2 install"
}
test_script:
- ps: >-
if ($env:compiler -eq "mingw") {
<# use the MSYS2 compiler binaries to make check #>
$oldpath = ${env:Path} -split ';'
$buildpath = @("C:\msys64\${env:compiler_path}\bin") + $oldpath
$env:Path = $buildpath -join ';'
Set-Location "${env:build}"
Execute-Bash "VERBOSE=1 make -j2 check"
}
on_finish:
- ps: >-
if ($env:compiler -eq "mingw") {
<# use the MSYS2 user binaries to archive failures #>
$oldpath = ${env:Path} -split ';'
$buildpath = @("C:\msys64\usr\bin") + $oldpath
$env:Path = @($buildpath) -join ';'
Set-Location "${env:build}"
<# store logs as appveyor artifacts: see the artifacts tab #>
Execute-Bash "7z a logs.zip config.log || true"
Execute-Bash "7z a logs.zip test-suite.log || true"
Execute-Bash "appveyor PushArtifact logs.zip || true"
Execute-Bash "tail -1000 config.log || true"
Execute-Bash "cat test-suite.log || true"
}
# notify the IRC channel of any failures
on_failure:
- cmd: C:\Python27\python.exe %APPVEYOR_BUILD_FOLDER%\scripts\test\appveyor-irc-notify.py irc.oftc.net:6697 tor-ci failure

139
.gitignore vendored
View File

@ -3,6 +3,7 @@
.#*
*~
*.swp
*.swo
# C stuff
*.o
*.obj
@ -18,6 +19,8 @@
.dirstamp
*.trs
*.log
# Calltool stuff
.*.graph
# Stuff made by our makefiles
*.bak
# Python droppings
@ -38,9 +41,11 @@ uptime-*.json
/Makefile
/Makefile.in
/aclocal.m4
/ar-lib
/autom4te.cache
/build-stamp
/compile
/config.rust
/configure
/Doxyfile
/orconfig.h
@ -51,6 +56,7 @@ uptime-*.json
/config.guess
/config.sub
/conftest*
/link_rust.sh
/micro-revision.*
/patch-stamp
/stamp-h
@ -66,7 +72,11 @@ uptime-*.json
/mkinstalldirs
/Tor*Bundle.dmg
/tor-*-win32.exe
/warning_flags
/coverage_html/
/callgraph/
# /contrib/
/contrib/dist/tor.sh
@ -94,11 +104,6 @@ uptime-*.json
/doc/tor.html
/doc/tor.html.in
/doc/tor.1.xml
/doc/tor-fw-helper.1
/doc/tor-fw-helper.1.in
/doc/tor-fw-helper.html
/doc/tor-fw-helper.html.in
/doc/tor-fw-helper.1.xml
/doc/tor-gencert.1
/doc/tor-gencert.1.in
/doc/tor-gencert.html
@ -114,6 +119,11 @@ uptime-*.json
/doc/torify.html
/doc/torify.html.in
/doc/torify.1.xml
/doc/tor-print-ed-signing-cert.1
/doc/tor-print-ed-signing-cert.1.in
/doc/tor-print-ed-signing-cert.html
/doc/tor-print-ed-signing-cert.html.in
/doc/tor-print-ed-signing-cert.1.xml
# /doc/spec/
/doc/spec/Makefile
@ -127,23 +137,8 @@ uptime-*.json
/src/Makefile
/src/Makefile.in
# /src/common/
/src/common/Makefile
/src/common/Makefile.in
/src/common/libor.a
/src/common/libor-testing.a
/src/common/libor.lib
/src/common/libor-ctime.a
/src/common/libor-ctime-testing.a
/src/common/libor-ctime.lib
/src/common/libor-crypto.a
/src/common/libor-crypto-testing.a
/src/common/libor-crypto.lib
/src/common/libor-event.a
/src/common/libor-event-testing.a
/src/common/libor-event.lib
/src/common/libcurve25519_donna.a
/src/common/libcurve25519_donna.lib
# /src/trace
/src/trace/libor-trace.a
# /src/config/
/src/config/Makefile
@ -161,16 +156,81 @@ uptime-*.json
/src/ext/keccak-tiny/libkeccak-tiny.a
/src/ext/keccak-tiny/libkeccak-tiny.lib
# /src/or/
/src/or/Makefile
/src/or/Makefile.in
/src/or/tor
/src/or/tor.exe
/src/or/tor-cov
/src/or/tor-cov.exe
/src/or/libtor.a
/src/or/libtor-testing.a
/src/or/libtor.lib
# /src/lib
/src/lib/libcurve25519_donna.a
/src/lib/libtor-compress.a
/src/lib/libtor-compress-testing.a
/src/lib/libtor-container.a
/src/lib/libtor-container-testing.a
/src/lib/libtor-crypt-ops.a
/src/lib/libtor-crypt-ops-testing.a
/src/lib/libtor-ctime.a
/src/lib/libtor-ctime-testing.a
/src/lib/libtor-encoding.a
/src/lib/libtor-encoding-testing.a
/src/lib/libtor-evloop.a
/src/lib/libtor-evloop-testing.a
/src/lib/libtor-err.a
/src/lib/libtor-err-testing.a
/src/lib/libtor-fdio.a
/src/lib/libtor-fdio-testing.a
/src/lib/libtor-fs.a
/src/lib/libtor-fs-testing.a
/src/lib/libtor-geoip.a
/src/lib/libtor-geoip-testing.a
/src/lib/libtor-intmath.a
/src/lib/libtor-intmath-testing.a
/src/lib/libtor-lock.a
/src/lib/libtor-lock-testing.a
/src/lib/libtor-log.a
/src/lib/libtor-log-testing.a
/src/lib/libtor-malloc.a
/src/lib/libtor-malloc-testing.a
/src/lib/libtor-math.a
/src/lib/libtor-math-testing.a
/src/lib/libtor-memarea.a
/src/lib/libtor-memarea-testing.a
/src/lib/libtor-meminfo.a
/src/lib/libtor-meminfo-testing.a
/src/lib/libtor-net.a
/src/lib/libtor-net-testing.a
/src/lib/libtor-osinfo.a
/src/lib/libtor-osinfo-testing.a
/src/lib/libtor-process.a
/src/lib/libtor-process-testing.a
/src/lib/libtor-sandbox.a
/src/lib/libtor-sandbox-testing.a
/src/lib/libtor-string.a
/src/lib/libtor-string-testing.a
/src/lib/libtor-smartlist-core.a
/src/lib/libtor-smartlist-core-testing.a
/src/lib/libtor-term.a
/src/lib/libtor-term-testing.a
/src/lib/libtor-thread.a
/src/lib/libtor-thread-testing.a
/src/lib/libtor-time.a
/src/lib/libtor-time-testing.a
/src/lib/libtor-tls.a
/src/lib/libtor-tls-testing.a
/src/lib/libtor-trace.a
/src/lib/libtor-wallclock.a
/src/lib/libtor-wallclock-testing.a
# /src/tor
/src/core/libtor-app.a
/src/core/libtor-app-testing.a
# /src/app
/src/app/tor
/src/app/tor.exe
/src/app/tor-cov
/src/app/tor-cov.exe
# /src/rust
/src/rust/.cargo/config
/src/rust/.cargo/registry
/src/rust/target
/src/rust/registry
# /src/test
/src/test/Makefile
@ -183,6 +243,7 @@ uptime-*.json
/src/test/test-child
/src/test/test-memwipe
/src/test/test-ntor-cl
/src/test/test-hs-ntor-cl
/src/test/test-switch-id
/src/test/test-timers
/src/test/test_workqueue
@ -191,16 +252,24 @@ uptime-*.json
/src/test/test-bt-cl.exe
/src/test/test-child.exe
/src/test/test-ntor-cl.exe
/src/test/test-hs-ntor-cl.exe
/src/test/test-memwipe.exe
/src/test/test-switch-id.exe
/src/test/test-timers.exe
/src/test/test_workqueue.exe
# /src/test/fuzz
/src/test/fuzz/fuzz-*
/src/test/fuzz/lf-fuzz-*
# /src/tools/
/src/tools/libtorrunner.a
/src/tools/tor-checkkey
/src/tools/tor-resolve
/src/tools/tor-cov-resolve
/src/tools/tor-gencert
/src/tools/tor-print-ed-signing-cert
/src/tools/tor-print-ed-signing-cert.exe
/src/tools/tor-cov-gencert
/src/tools/tor-checkkey.exe
/src/tools/tor-resolve.exe
@ -214,12 +283,6 @@ uptime-*.json
/src/trunnel/libor-trunnel-testing.a
/src/trunnel/libor-trunnel.a
# /src/tools/tor-fw-helper/
/src/tools/tor-fw-helper/tor-fw-helper
/src/tools/tor-fw-helper/tor-fw-helper.exe
/src/tools/tor-fw-helper/Makefile
/src/tools/tor-fw-helper/Makefile.in
# /src/win32/
/src/win32/Makefile
/src/win32/Makefile.in

45
.gitlab-ci.yml Normal file
View File

@ -0,0 +1,45 @@
before_script:
- apt-get update -qq
- apt-get upgrade -qy
build:
script:
- apt-get install -qy --fix-missing automake build-essential
libevent-dev libssl-dev zlib1g-dev
libseccomp-dev liblzma-dev libscrypt-dev
- ./autogen.sh
- ./configure --disable-asciidoc --enable-fatal-warnings
--disable-silent-rules
- make check || (e=$?; cat test-suite.log; exit $e)
- make install
update:
only:
- schedules
script:
- "apt-get install -y --fix-missing git openssh-client"
# Run ssh-agent (inside the build environment)
- eval $(ssh-agent -s)
# Add the SSH key stored in SSH_PRIVATE_KEY variable to the agent store
- ssh-add <(echo "$DEPLOY_KEY")
# For Docker builds disable host key checking. Be aware that by adding that
# you are susceptible to man-in-the-middle attacks.
# WARNING: Use this only with the Docker executor, if you use it with shell
# you will overwrite your user's SSH config.
- mkdir -p ~/.ssh
- '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'
# In order to properly check the server's host key, assuming you created the
# SSH_SERVER_HOSTKEYS variable previously, uncomment the following two lines
# instead.
- mkdir -p ~/.ssh
- '[[ -f /.dockerenv ]] && echo "$SSH_SERVER_HOSTKEYS" > ~/.ssh/known_hosts'
- echo "merging from torgit"
- git config --global user.email "labadmin@oniongit.eu"
- git config --global user.name "gitadmin"
- "mkdir tor"
- "cd tor"
- git clone --bare https://git.torproject.org/tor.git
- git push --mirror git@oniongit.eu:network/tor.git

3
.gitmodules vendored Normal file
View File

@ -0,0 +1,3 @@
[submodule "src/ext/rust"]
path = src/ext/rust
url = https://git.torproject.org/tor-rust-dependencies

View File

@ -2,6 +2,13 @@ language: c
cache:
ccache: true
## cargo: true
directories:
- $HOME/.cargo
## caching CARGO_TARGET_DIR actually slows down the build over time,
## because old build products are never deleted.
## where we point CARGO_TARGET_DIR in all our cargo invocations
#- $TRAVIS_BUILD_DIR/src/rust/target
compiler:
- gcc
@ -28,6 +35,8 @@ env:
## We don't list default variable values, because we set the defaults
## in global (or the default is unset)
-
## TOR_RUST_DEPENDENCIES is spelt RUST_DEPENDENCIES in 0.3.2
- RUST_OPTIONS="--enable-rust" TOR_RUST_DEPENDENCIES=true
matrix:
## include creates builds with gcc, linux
@ -36,13 +45,22 @@ matrix:
- env: COVERAGE_OPTIONS="--enable-coverage" HARDENING_OPTIONS=""
## We only want to check these build option combinations once
## (they shouldn't vary by compiler or OS)
## We run coverage with hardening off, which seems like enough
## We run rust and coverage with hardening off, which seems like enough
# - env: HARDENING_OPTIONS=""
## We check asciidoc with distcheck, to make sure we remove doc products
- env: DISTCHECK="yes" ASCIIDOC_OPTIONS="" SKIP_MAKE_CHECK="yes"
# We also try running a hardened clang build with chutney on Linux.
- env: CHUTNEY="yes" SKIP_MAKE_CHECK="yes" CHUTNEY_ALLOW_FAILURES="2"
compiler: clang
# We clone our stem repo and run `make test-stem`
- env: TEST_STEM="yes" SKIP_MAKE_CHECK="yes"
## Check rust online with distcheck, to make sure we remove rust products
- env: DISTCHECK="yes" RUST_OPTIONS="--enable-rust --enable-cargo-online-mode"
## Check disable module dirauth with and without rust
- env: MODULES_OPTIONS="--disable-module-dirauth" RUST_OPTIONS="--enable-rust" TOR_RUST_DEPENDENCIES=true
- env: MODULES_OPTIONS="--disable-module-dirauth"
## Check NSS
- env: NSS_OPTIONS="--enable-nss"
## Uncomment to allow the build to report success (with non-required
## sub-builds continuing to run) if all required sub-builds have
@ -55,6 +73,10 @@ matrix:
## Careful! We use global envs, which makes it hard to exclude or
## allow failures by env:
## https://docs.travis-ci.com/user/customizing-the-build#matching-jobs-with-allow_failures
allow_failures:
## test-stem sometimes hangs on Travis
- env: TEST_STEM="yes" SKIP_MAKE_CHECK="yes"
exclude:
## gcc on OSX is less useful, because the default compiler is clang.
- compiler: gcc
@ -64,6 +86,12 @@ matrix:
- compiler: gcc
os: linux
env:
## offline rust builds for gcc on Linux are redundant, because we do an
## online rust build for gcc on Linux
- compiler: gcc
os: linux
## TOR_RUST_DEPENDENCIES is spelt RUST_DEPENDENCIES in 0.3.2
env: RUST_OPTIONS="--enable-rust" TOR_RUST_DEPENDENCIES=true
## (Linux only) Use the latest Linux image (Ubuntu Trusty)
dist: trusty
@ -80,14 +108,21 @@ addons:
- zlib1g-dev
## Optional dependencies
- libcap-dev
- liblzma-dev
- libnss3-dev
- libscrypt-dev
- libseccomp-dev
## zstd doesn't exist in Ubuntu Trusty
#- libzstd
## Conditional build dependencies
## Always installed, so we don't need sudo
- asciidoc
- docbook-xsl
- docbook-xml
- xmlto
## Utilities
## preventing or diagnosing hangs
- timelimit
## (OSX only)
homebrew:
packages:
@ -100,6 +135,8 @@ addons:
#- zlib
## Optional dependencies
- libscrypt
- xz
- zstd
## Required build dependencies
## Tor needs pkg-config to find some dependencies at build time
- pkg-config
@ -109,12 +146,19 @@ addons:
## Always installed, because manual brew installs are hard to get right
- asciidoc
- xmlto
## Utilities
## preventing or diagnosing hangs
- timelimit
## (OSX only) Use the default OSX image
## See https://docs.travis-ci.com/user/reference/osx#os-x-version
## Default is Xcode 9.4 on macOS 10.13 as of August 2018
#osx_image: xcode9.4
before_install:
## Create empty rust directories for non-Rust builds, so caching succeeds
- if [[ "$RUST_OPTIONS" == "" ]]; then mkdir -p $HOME/.cargo $TRAVIS_BUILD_DIR/src/rust/target; fi
install:
## If we're on OSX, configure ccache (ccache is automatically installed and configured on Linux)
- if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then export PATH="/usr/local/opt/ccache/libexec:$PATH"; fi
@ -125,25 +169,49 @@ install:
- if [[ "$COVERAGE_OPTIONS" != "" ]]; then pip install --user cpp-coveralls; fi
## If we're on OSX, and using asciidoc, configure asciidoc
- if [[ "$ASCIIDOC_OPTIONS" == "" ]] && [[ "$TRAVIS_OS_NAME" == "osx" ]]; then export XML_CATALOG_FILES="/usr/local/etc/xml/catalog"; fi
## If we're using Rust, download rustup
- if [[ "$RUST_OPTIONS" != "" ]]; then curl -Ssf -o rustup.sh https://sh.rustup.rs; fi
## Install the nightly channels of rustc and cargo and setup our toolchain environment
- if [[ "$RUST_OPTIONS" != "" ]]; then sh rustup.sh -y --default-toolchain nightly; fi
- if [[ "$RUST_OPTIONS" != "" ]]; then source $HOME/.cargo/env; fi
## If we're testing rust builds in offline-mode, then set up our vendored dependencies
- if [[ "$TOR_RUST_DEPENDENCIES" == "true" ]]; then export TOR_RUST_DEPENDENCIES=$PWD/src/ext/rust/crates; fi
## If we're running chutney, install it.
- if [[ "$CHUTNEY" != "" ]]; then git clone --depth 1 https://github.com/torproject/chutney.git ; export CHUTNEY_PATH="$(pwd)/chutney"; fi
## If we're running stem, install it.
- if [[ "$TEST_STEM" != "" ]]; then git clone --depth 1 https://github.com/torproject/stem.git ; export STEM_SOURCE_DIR=`pwd`/stem; fi
##
## Finally, list installed package versions
- if [[ "$TRAVIS_OS_NAME" == "linux" ]]; then dpkg-query --show; fi
- if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then brew list --versions; fi
## Get some info about rustup, rustc and cargo
- if [[ "$RUST_OPTIONS" != "" ]]; then which rustup; fi
- if [[ "$RUST_OPTIONS" != "" ]]; then which rustc; fi
- if [[ "$RUST_OPTIONS" != "" ]]; then which cargo; fi
- if [[ "$RUST_OPTIONS" != "" ]]; then rustup --version; fi
- if [[ "$RUST_OPTIONS" != "" ]]; then rustc --version; fi
- if [[ "$RUST_OPTIONS" != "" ]]; then cargo --version; fi
## Get python version
- python --version
## If we're running chutney, show the chutney commit
- if [[ "$CHUTNEY" != "" ]]; then pushd "$CHUTNEY_PATH"; git log -1 ; popd ; fi
## If we're running stem, show the stem version and commit
- if [[ "$TEST_STEM" != "" ]]; then pushd stem; python -c "from stem import stem; print(stem.__version__);"; git log -1; popd; fi
script:
# Skip test_rebind on macOS
- if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then export TOR_SKIP_TEST_REBIND=true; fi
- ./autogen.sh
- CONFIGURE_FLAGS="$ASCIIDOC_OPTIONS $COVERAGE_OPTIONS $HARDENING_OPTIONS $OPENSSL_OPTIONS --enable-fatal-warnings --disable-silent-rules"
- CONFIGURE_FLAGS="$ASCIIDOC_OPTIONS $COVERAGE_OPTIONS $HARDENING_OPTIONS $MODULES_OPTIONS $NSS_OPTIONS $OPENSSL_OPTIONS $RUST_OPTIONS --enable-fatal-warnings --disable-silent-rules"
- echo "Configure flags are $CONFIGURE_FLAGS"
- ./configure $CONFIGURE_FLAGS
## We run `make check` because that's what https://jenkins.torproject.org does.
- if [[ "$SKIP_MAKE_CHECK" == "" ]]; then make check; fi
- if [[ "$DISTCHECK" != "" ]]; then make distcheck DISTCHECK_CONFIGURE_FLAGS="$CONFIGURE_FLAGS"; fi
- if [[ "$CHUTNEY" != "" ]]; then make test-network-all; fi
## Diagnostic for bug 29437: kill stem if it hangs for 9.5 minutes
## Travis will kill the job after 10 minutes with no output
- if [[ "$TEST_STEM" != "" ]]; then make src/app/tor; timelimit -p -t 540 -s USR1 -T 30 -S ABRT python3 "$STEM_SOURCE_DIR"/run_tests.py --tor src/app/tor --integ --test control.controller --test control.base_controller --test process --log TRACE --log-file stem.log; fi
## If this build was one that produced coverage, upload it.
- if [[ "$COVERAGE_OPTIONS" != "" ]]; then coveralls -b . --exclude src/test --exclude src/trunnel --gcov-options '\-p' || echo "Coverage failed"; fi
@ -155,11 +223,17 @@ after_failure:
- if [[ "$SKIP_MAKE_CHECK" == "" ]]; then cat test-suite.log || echo "cat failed"; fi
## `make distcheck` puts it somewhere different.
- if [[ "$DISTCHECK" != "" ]]; then make show-distdir-testlog || echo "make failed"; fi
- if [[ "$DISTCHECK" != "" ]]; then make show-distdir-core || echo "make failed"; fi
- if [[ "$CHUTNEY" != "" ]]; then ls test_network_log || echo "ls failed"; cat test_network_log/* || echo "cat failed"; fi
- if [[ "$TEST_STEM" != "" ]]; then tail -1000 "$STEM_SOURCE_DIR"/test/data/tor_log || echo "tail failed"; fi
- if [[ "$TEST_STEM" != "" ]]; then grep -v "SocketClosed" stem.log | tail -1000 || echo "grep | tail failed"; fi
before_cache:
## Delete all gcov files.
- if [[ "$COVERAGE_OPTIONS" != "" ]]; then make reset-gcov; fi
## Delete the cargo registry before caching .cargo, because it's cheaper to
## download the registry and throw it away, rather than caching it
- rm -rf $HOME/.cargo/registry
notifications:
irc:

7
CODE_OF_CONDUCT Normal file
View File

@ -0,0 +1,7 @@
The Tor Project is committed to fostering a inclusive community
where people feel safe to engage, share their points of view, and
participate. For the latest version of our Code of Conduct, please
see
https://gitweb.torproject.org/community/policies.git/plain/code_of_conduct.txt

39
CONTRIBUTING Normal file
View File

@ -0,0 +1,39 @@
Contributing to Tor
-------------------
### Getting started
Welcome!
We have a bunch of documentation about how to develop Tor in the
doc/HACKING/ directory. We recommend that you start with
doc/HACKING/README.1st.md , and then go from there. It will tell
you how to find your way around the source code, how to get
involved with the Tor community, how to write patches, and much
more!
You don't have to be a C developer to help with Tor: have a look
at https://www.torproject.org/getinvolved/volunteer !
The Tor Project is committed to fostering a inclusive community
where people feel safe to engage, share their points of view, and
participate. For the latest version of our Code of Conduct, please
see
https://gitweb.torproject.org/community/policies.git/plain/code_of_conduct.txt
### License issues
Tor is distributed under the license terms in the LICENSE -- in
brief, the "3-clause BSD license". If you send us code to
distribute with Tor, it needs to be code that we can distribute
under those terms. Please don't send us patches unless you agree
to allow this.
Some compatible licenses include:
- 3-clause BSD
- 2-clause BSD
- CC0 Public Domain Dedication

9099
ChangeLog

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

34
INSTALL
View File

@ -16,37 +16,3 @@ If it doesn't build for you:
./configure --with-libevent-dir=/usr/local
rather than simply ./configure.
If you have mysterious autoconf failures while linking openssl,
consider setting your LD_LIBRARY_PATH to the openssl lib directory.
For example, "setenv LD_LIBRARY_PATH /usr/athena/lib".
Lastly, check out
https://www.torproject.org/docs/faq#DoesntWork
How to do static builds of tor:
Tor supports linking each of the libraries it needs statically. Use the
--enable-static-X ./configure option in conjunction with the --with-X-dir
option for libevent, zlib, and openssl. For this to work sanely, libevent
should be built with --disable-shared --enable-static --with-pic, and
OpenSSL should be built with no-shared no-dso.
If you need to build tor so that system libraries are also statically linked,
use the --enable-static-tor ./configure option. This won't work on OS X
unless you build the required crt0.o yourself. It is also incompatible with
the --enable-gcc-hardening option.
An example of how to build a mostly static tor:
./configure --enable-static-libevent \
--enable-static-openssl \
--enable-static-zlib \
--with-libevent-dir=/tmp/static-tor/libevent-1.4.14b-stable \
--with-openssl-dir=/tmp/static-tor/openssl-0.9.8r/ \
--with-zlib-dir=/tmp/static-tor/zlib-1.2.5
An example of how to build an entirely static tor:
./configure --enable-static-tor \
--with-libevent-dir=/tmp/static-tor/libevent-1.4.14b-stable \
--with-openssl-dir=/tmp/static-tor/openssl-0.9.8r/ \
--with-zlib-dir=/tmp/static-tor/zlib-1.2.5

32
LICENSE
View File

@ -13,7 +13,7 @@ Tor is distributed under this license:
Copyright (c) 2001-2004, Roger Dingledine
Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson
Copyright (c) 2007-2016, The Tor Project, Inc.
Copyright (c) 2007-2019, The Tor Project, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are
@ -155,6 +155,36 @@ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
===============================================================================
getdelim.c is distributed under this license:
Copyright (c) 2011 The NetBSD Foundation, Inc.
All rights reserved.
This code is derived from software contributed to The NetBSD Foundation
by Christos Zoulas.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
===============================================================================
src/config/geoip is licensed under the following license:

View File

@ -1,6 +1,6 @@
# Copyright (c) 2001-2004, Roger Dingledine
# Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson
# Copyright (c) 2007-2015, The Tor Project, Inc.
# Copyright (c) 2007-2019, The Tor Project, Inc.
# See LICENSE for licensing information
ACLOCAL_AMFLAGS = -I m4
@ -9,32 +9,157 @@ noinst_LIBRARIES=
EXTRA_DIST=
noinst_HEADERS=
bin_PROGRAMS=
EXTRA_PROGRAMS=
CLEANFILES=
TESTS=
noinst_PROGRAMS=
DISTCLEANFILES=
bin_SCRIPTS=
AM_CPPFLAGS=
AM_CFLAGS=@TOR_SYSTEMD_CFLAGS@ @CFLAGS_BUGTRAP@
AM_CPPFLAGS=\
-I$(top_srcdir)/src \
-I$(top_srcdir)/src/ext \
-I$(top_srcdir)/src/ext/trunnel \
-I$(top_srcdir)/src/trunnel
AM_CFLAGS=@TOR_SYSTEMD_CFLAGS@ @CFLAGS_BUGTRAP@ @TOR_LZMA_CFLAGS@ @TOR_ZSTD_CFLAGS@
SHELL=@SHELL@
if COVERAGE_ENABLED
TESTING_TOR_BINARY=$(top_builddir)/src/or/tor-cov$(EXEEXT)
TESTING_TOR_BINARY=$(top_builddir)/src/app/tor-cov$(EXEEXT)
else
TESTING_TOR_BINARY=$(top_builddir)/src/or/tor$(EXEEXT)
TESTING_TOR_BINARY=$(top_builddir)/src/app/tor$(EXEEXT)
endif
if USE_RUST
## this MUST be $(), otherwise am__DEPENDENCIES will not track it
rust_ldadd=$(top_builddir)/$(TOR_RUST_LIB_PATH) \
$(TOR_RUST_EXTRA_LIBS)
else
rust_ldadd=
endif
# "Common" libraries used to link tor's utility code.
TOR_UTIL_LIBS = \
src/lib/libtor-geoip.a \
src/lib/libtor-process.a \
src/lib/libtor-time.a \
src/lib/libtor-fs.a \
src/lib/libtor-encoding.a \
src/lib/libtor-sandbox.a \
src/lib/libtor-container.a \
src/lib/libtor-net.a \
src/lib/libtor-thread.a \
src/lib/libtor-memarea.a \
src/lib/libtor-math.a \
src/lib/libtor-meminfo.a \
src/lib/libtor-osinfo.a \
src/lib/libtor-log.a \
src/lib/libtor-lock.a \
src/lib/libtor-fdio.a \
src/lib/libtor-string.a \
src/lib/libtor-term.a \
src/lib/libtor-smartlist-core.a \
src/lib/libtor-malloc.a \
src/lib/libtor-wallclock.a \
src/lib/libtor-err.a \
src/lib/libtor-intmath.a \
src/lib/libtor-ctime.a
# Variants of the above for linking the testing variant of tor (for coverage
# and tests)
if UNITTESTS_ENABLED
TOR_UTIL_TESTING_LIBS = \
src/lib/libtor-geoip-testing.a \
src/lib/libtor-process-testing.a \
src/lib/libtor-time-testing.a \
src/lib/libtor-fs-testing.a \
src/lib/libtor-encoding-testing.a \
src/lib/libtor-sandbox-testing.a \
src/lib/libtor-container-testing.a \
src/lib/libtor-net-testing.a \
src/lib/libtor-thread-testing.a \
src/lib/libtor-memarea-testing.a \
src/lib/libtor-math-testing.a \
src/lib/libtor-meminfo-testing.a \
src/lib/libtor-osinfo-testing.a \
src/lib/libtor-term-testing.a \
src/lib/libtor-log-testing.a \
src/lib/libtor-lock-testing.a \
src/lib/libtor-fdio-testing.a \
src/lib/libtor-string-testing.a \
src/lib/libtor-smartlist-core-testing.a \
src/lib/libtor-malloc-testing.a \
src/lib/libtor-wallclock-testing.a \
src/lib/libtor-err-testing.a \
src/lib/libtor-intmath.a \
src/lib/libtor-ctime-testing.a
endif
# Internal crypto libraries used in Tor
TOR_CRYPTO_LIBS = \
src/lib/libtor-tls.a \
src/lib/libtor-crypt-ops.a \
$(LIBKECCAK_TINY) \
$(LIBDONNA)
# Variants of the above for linking the testing variant of tor (for coverage
# and tests)
if UNITTESTS_ENABLED
TOR_CRYPTO_TESTING_LIBS = \
src/lib/libtor-tls-testing.a \
src/lib/libtor-crypt-ops-testing.a \
$(LIBKECCAK_TINY) \
$(LIBDONNA)
endif
# All static libraries used to link tor.
TOR_INTERNAL_LIBS = \
src/core/libtor-app.a \
src/lib/libtor-compress.a \
src/lib/libtor-evloop.a \
$(TOR_CRYPTO_LIBS) \
$(TOR_UTIL_LIBS) \
src/trunnel/libor-trunnel.a \
src/lib/libtor-trace.a
# Variants of the above for linking the testing variant of tor (for coverage
# and tests)
if UNITTESTS_ENABLED
TOR_INTERNAL_TESTING_LIBS = \
src/core/libtor-app-testing.a \
src/lib/libtor-compress-testing.a \
src/lib/libtor-evloop-testing.a \
$(TOR_CRYPTO_TESTING_LIBS) \
$(TOR_UTIL_TESTING_LIBS) \
src/trunnel/libor-trunnel-testing.a \
src/lib/libtor-trace.a
endif
TOR_LDFLAGS_CRYPTLIB=@TOR_LDFLAGS_openssl@
TOR_LIBS_CRYPTLIB=@TOR_OPENSSL_LIBS@
TOR_CFLAGS_CRYPTLIB=
if USE_NSS
TOR_CFLAGS_CRYPTLIB+=@NSS_CFLAGS@
TOR_LIBS_CRYPTLIB+=@NSS_LIBS@
endif
# All libraries used to link tor-cov
include src/include.am
include doc/include.am
include contrib/include.am
EXTRA_DIST+= \
ChangeLog \
CONTRIBUTING \
CODE_OF_CONDUCT \
INSTALL \
LICENSE \
Makefile.nmake \
README \
ReleaseNotes
ReleaseNotes \
scripts/maint/checkIncludes.py \
scripts/maint/checkSpace.pl
## This tells etags how to find mockable function definitions.
AM_ETAGSFLAGS=--regex='{c}/MOCK_IMPL([^,]+,\W*\([a-zA-Z0-9_]+\)\W*,/\1/s'
@ -42,16 +167,22 @@ AM_ETAGSFLAGS=--regex='{c}/MOCK_IMPL([^,]+,\W*\([a-zA-Z0-9_]+\)\W*,/\1/s'
if COVERAGE_ENABLED
TEST_CFLAGS=-fno-inline -fprofile-arcs -ftest-coverage
if DISABLE_ASSERTS_IN_UNIT_TESTS
TEST_CPPFLAGS=-DTOR_UNIT_TESTS -DTOR_COVERAGE -DDISABLE_ASSERTS_IN_UNIT_TESTS
TEST_CPPFLAGS=-DTOR_UNIT_TESTS -DTOR_COVERAGE -DDISABLE_ASSERTS_IN_UNIT_TESTS @TOR_MODULES_ALL_ENABLED@
else
TEST_CPPFLAGS=-DTOR_UNIT_TESTS -DTOR_COVERAGE
TEST_CPPFLAGS=-DTOR_UNIT_TESTS -DTOR_COVERAGE @TOR_MODULES_ALL_ENABLED@
endif
TEST_NETWORK_FLAGS=--coverage --hs-multi-client 1
else
TEST_CFLAGS=
TEST_CPPFLAGS=-DTOR_UNIT_TESTS
TEST_CPPFLAGS=-DTOR_UNIT_TESTS @TOR_MODULES_ALL_ENABLED@
TEST_NETWORK_FLAGS=--hs-multi-client 1
endif
TEST_NETWORK_WARNING_FLAGS=--quiet --only-warnings
if LIBFUZZER_ENABLED
TEST_CFLAGS += -fsanitize-coverage=trace-pc-guard,trace-cmp,trace-div
# not "edge"
endif
TEST_NETWORK_ALL_LOG_DIR=$(top_builddir)/test_network_log
TEST_NETWORK_ALL_DRIVER_FLAGS=--color-tests yes
@ -82,6 +213,8 @@ doxygen:
test: all
$(top_builddir)/src/test/test
check-local: check-spaces check-changes check-includes
need-chutney-path:
@if test ! -d "$$CHUTNEY_PATH"; then \
echo '$$CHUTNEY_PATH was not set.'; \
@ -101,18 +234,20 @@ test-network: need-chutney-path $(TESTING_TOR_BINARY) src/tools/tor-gencert
# Run all available tests using automake's test-driver
# only run IPv6 tests if we can ping6 ::1 (localhost)
# only run IPv6 tests if we can ping ::1 (localhost)
# some IPv6 tests will fail without an IPv6 DNS server (see #16971 and #17011)
# only run mixed tests if we have a tor-stable binary
# Try both the BSD and the Linux ping6 syntax, because they're incompatible
# Try the syntax for BSD ping6, Linux ping6, and Linux ping -6,
# because they're incompatible
test-network-all: need-chutney-path test-driver $(TESTING_TOR_BINARY) src/tools/tor-gencert
mkdir -p $(TEST_NETWORK_ALL_LOG_DIR)
rm -f $(TEST_NETWORK_ALL_LOG_DIR)/*.log $(TEST_NETWORK_ALL_LOG_DIR)/*.trs
@flavors="$(TEST_CHUTNEY_FLAVORS)"; \
if ping6 -q -c 1 -o ::1 >/dev/null 2>&1 || ping6 -q -c 1 -W 1 ::1 >/dev/null 2>&1; then \
echo "ping6 ::1 succeeded, running IPv6 flavors: $(TEST_CHUTNEY_FLAVORS_IPV6)."; \
if ping6 -q -c 1 -o ::1 >/dev/null 2>&1 || ping6 -q -c 1 -W 1 ::1 >/dev/null 2>&1 || ping -6 -c 1 -W 1 ::1 >/dev/null 2>&1; then \
echo "ping6 ::1 or ping ::1 succeeded, running IPv6 flavors: $(TEST_CHUTNEY_FLAVORS_IPV6)."; \
flavors="$$flavors $(TEST_CHUTNEY_FLAVORS_IPV6)"; \
else \
echo "ping6 ::1 failed, skipping IPv6 flavors: $(TEST_CHUTNEY_FLAVORS_IPV6)."; \
echo "ping6 ::1 and ping ::1 failed, skipping IPv6 flavors: $(TEST_CHUTNEY_FLAVORS_IPV6)."; \
skip_flavors="$$skip_flavors $(TEST_CHUTNEY_FLAVORS_IPV6)"; \
fi; \
if command -v tor-stable >/dev/null 2>&1; then \
@ -127,6 +262,7 @@ test-network-all: need-chutney-path test-driver $(TESTING_TOR_BINARY) src/tools/
done; \
for f in $$flavors; do \
$(SHELL) $(top_srcdir)/test-driver --test-name $$f --log-file $(TEST_NETWORK_ALL_LOG_DIR)/$$f.log --trs-file $(TEST_NETWORK_ALL_LOG_DIR)/$$f.trs $(TEST_NETWORK_ALL_DRIVER_FLAGS) $(top_srcdir)/src/test/test-network.sh --flavor $$f $(TEST_NETWORK_FLAGS); \
$(top_srcdir)/src/test/test-network.sh $(TEST_NETWORK_WARNING_FLAGS); \
done; \
echo "Log and result files are available in $(TEST_NETWORK_ALL_LOG_DIR)."; \
! grep -q FAIL $(TEST_NETWORK_ALL_LOG_DIR)/*.trs
@ -139,7 +275,7 @@ need-stem-path:
fi
test-stem: need-stem-path $(TESTING_TOR_BINARY)
@$(PYTHON) "$$STEM_SOURCE_DIR"/run_tests.py --tor "$(TESTING_TOR_BINARY)" --all --log notice --target RUN_ALL;
@$(PYTHON) "$$STEM_SOURCE_DIR"/run_tests.py --tor "$(TESTING_TOR_BINARY)" --integ --test control.controller --test control.base_controller --test process --log notice;
test-stem-full: need-stem-path $(TESTING_TOR_BINARY)
@$(PYTHON) "$$STEM_SOURCE_DIR"/run_tests.py --tor "$(TESTING_TOR_BINARY)" --all --log notice --target RUN_ALL,ONLINE -v;
@ -184,11 +320,21 @@ coverage-html-full: all
# Avoid strlcpy.c, strlcat.c, aes.c, OpenBSD_malloc_Linux.c, sha256.c,
# tinytest*.[ch]
check-spaces:
$(top_srcdir)/scripts/maint/checkSpace.pl -C \
$(top_srcdir)/src/common/*.[ch] \
$(top_srcdir)/src/or/*.[ch] \
if USE_PERL
$(PERL) $(top_srcdir)/scripts/maint/checkSpace.pl -C \
$(top_srcdir)/src/lib/*/*.[ch] \
$(top_srcdir)/src/core/*/*.[ch] \
$(top_srcdir)/src/feature/*/*.[ch] \
$(top_srcdir)/src/app/*/*.[ch] \
$(top_srcdir)/src/test/*.[ch] \
$(top_srcdir)/src/test/*/*.[ch] \
$(top_srcdir)/src/tools/*.[ch]
endif
check-includes:
if USEPYTHON
$(PYTHON) $(top_srcdir)/scripts/maint/checkIncludes.py
endif
check-docs: all
$(PERL) $(top_builddir)/scripts/maint/checkOptionDocs.pl
@ -197,16 +343,87 @@ check-logs:
$(top_srcdir)/scripts/maint/checkLogs.pl \
$(top_srcdir)/src/*/*.[ch] | sort -n
.PHONY: check-typos
check-typos:
@if test -x "`which misspell 2>&1;true`"; then \
echo "Checking for Typos ..."; \
(misspell \
$(top_srcdir)/src/[^e]*/*.[ch] \
$(top_srcdir)/doc \
$(top_srcdir)/contrib \
$(top_srcdir)/scripts \
$(top_srcdir)/README \
$(top_srcdir)/ChangeLog \
$(top_srcdir)/INSTALL \
$(top_srcdir)/ReleaseNotes \
$(top_srcdir)/LICENSE); \
else \
echo "Tor can use misspell to check for typos."; \
echo "It seems that you don't have misspell installed."; \
echo "You can install the latest version of misspell here: https://github.com/client9/misspell#install"; \
fi
.PHONY: rustfmt
rustfmt:
if USE_RUST
@if test -x "`which cargo-fmt 2>&1;true`"; then \
echo "Formatting Rust code ..."; \
(cd "$(top_srcdir)/src/rust" && cargo fmt --all --); \
else \
echo "Tor uses rustfmt (via cargo-fmt) to format Rust code."; \
echo "However, it seems that you don't have rustfmt installed."; \
printf "You can install rustfmt by following the directions here:"; \
echo " https://github.com/rust-lang-nursery/rustfmt"; \
fi
endif
.PHONY: check-rustfmt
check-rustfmt:
if USE_RUST
@if test -x "`which cargo-fmt 2>&1;true`"; then \
printf "Running rustfmt..."; \
(cd "$(top_srcdir)/src/rust" && cargo fmt --all -- --check && echo "done.") || \
(echo "**************** check-rustfmt failed. ****************"; \
echo " Run \`make rustfmt\` to apply the above changes."; \
exit 1); \
else \
echo "Tor uses rustfmt (via cargo-fmt) to format Rust code."; \
echo "However, it seems that you don't have rustfmt installed."; \
printf "You can install rustfmt by following the directions here:"; \
echo " https://github.com/rust-lang-nursery/rustfmt"; \
fi
endif
.PHONY: clippy
clippy:
if USE_RUST
@if test -x "`which cargo-clippy 2>&1;true`"; then \
echo "Running cargo clippy ..."; \
echo "Prepare yourself for the onslaught of suggestions ..."; \
(cd "$(top_srcdir)/src/rust" && cargo clippy); \
else \
echo "Tor can use clippy to lint Rust code."; \
echo "However, it seems that you don't have clippy installed."; \
echo "You can install the latest version of clippy by following the directions here: https://github.com/rust-lang-nursery/rust-clippy"; \
fi
endif
.PHONY: check-changes
check-changes:
if USEPYTHON
@if test -d "$(top_srcdir)/changes"; then \
$(PYTHON) $(top_srcdir)/scripts/maint/lintChanges.py $(top_srcdir)/changes/*; \
$(PYTHON) $(top_srcdir)/scripts/maint/lintChanges.py $(top_srcdir)/changes; \
fi
endif
.PHONY: update-versions
update-versions:
$(PERL) $(top_builddir)/scripts/maint/updateVersions.pl
.PHONY: callgraph
callgraph:
$(top_builddir)/scripts/maint/run_calltool.sh
version:
@echo "Tor @VERSION@"
@if test -d "$(top_srcdir)/.git" && test -x "`which git 2>&1;true`"; then \
@ -220,6 +437,14 @@ mostlyclean-local:
rm -rf $(top_builddir)/doc/doxygen
rm -rf $(TEST_NETWORK_ALL_LOG_DIR)
clean-local:
rm -rf $(top_builddir)/src/rust/target
rm -rf $(top_builddir)/src/rust/.cargo/registry
if USE_RUST
distclean-local: distclean-rust
endif
# This relies on some internal details of how automake implements
# distcheck. We check two directories because automake-1.15 changed
# from $(distdir)/_build to $(distdir)/_build/sub.
@ -228,3 +453,18 @@ show-distdir-testlog:
cat $(distdir)/_build/sub/$(TEST_SUITE_LOG); \
else \
cat $(distdir)/_build/$(TEST_SUITE_LOG); fi
# Similarly, this relies on automake internals to run file on an
# intermittent core file whose provenance is not known to us. See
# ticket 26787.
show-distdir-core:
@if test -d "$(distdir)/_build/sub"; then \
file $(distdir)/_build/sub/core ; \
else \
file $(distdir)/_build/core; fi
show-libs:
@echo $(TOR_INTERNAL_LIBS)
show-testing-libs:
@echo $(TOR_INTERNAL_TESTING_LIBS)

3
README
View File

@ -27,3 +27,6 @@ Frequently Asked Questions:
To get started working on Tor development:
See the doc/HACKING directory.
Release timeline:
https://trac.torproject.org/projects/tor/wiki/org/teams/NetworkTeam/CoreTorReleases

File diff suppressed because it is too large Load Diff

View File

@ -2,7 +2,7 @@ dnl Helper macros for Tor configure.ac
dnl Copyright (c) 2001-2004, Roger Dingledine
dnl Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson
dnl Copyright (c) 2007-2008, Roger Dingledine, Nick Mathewson
dnl Copyright (c) 2007-2015, The Tor Project, Inc.
dnl Copyright (c) 2007-2019, The Tor Project, Inc.
dnl See LICENSE for licensing information
AC_DEFUN([TOR_EXTEND_CODEPATH],
@ -51,12 +51,12 @@ AC_DEFUN([TOR_TRY_COMPILE_WITH_CFLAGS], [
AC_CACHE_CHECK([whether the compiler accepts $1], VAR, [
tor_saved_CFLAGS="$CFLAGS"
CFLAGS="$CFLAGS -pedantic -Werror $1"
AC_TRY_COMPILE([], [return 0;],
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]], [[]])],
[AS_VAR_SET(VAR,yes)],
[AS_VAR_SET(VAR,no)])
if test x$2 != x; then
AS_VAR_PUSHDEF([can_link],[tor_can_link_$1])
AC_TRY_LINK([], [return 0;],
AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[]])],
[AS_VAR_SET(can_link,yes)],
[AS_VAR_SET(can_link,no)])
AS_VAR_POPDEF([can_link])
@ -93,7 +93,7 @@ AC_DEFUN([TOR_CHECK_LDFLAGS], [
AC_RUN_IFELSE([AC_LANG_PROGRAM([#include <stdio.h>], [fputs("", stdout)])],
[AS_VAR_SET(VAR,yes)],
[AS_VAR_SET(VAR,no)],
[AC_TRY_LINK([], [return 0;],
[AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[]])],
[AS_VAR_SET(VAR,yes)],
[AS_VAR_SET(VAR,no)])])
CFLAGS="$tor_saved_CFLAGS"
@ -113,21 +113,21 @@ if test x$2 = xdevpkg; then
h=" headers for"
fi
if test -f /etc/debian_version && test x"$tor_$1_$2_debian" != x; then
AC_WARN([On Debian, you can install$h $1 using "apt-get install $tor_$1_$2_debian"])
AC_MSG_WARN([On Debian, you can install$h $1 using "apt-get install $tor_$1_$2_debian"])
if test x"$tor_$1_$2_debian" != x"$tor_$1_devpkg_debian"; then
AC_WARN([ You will probably need $tor_$1_devpkg_debian too.])
AC_MSG_WARN([ You will probably need $tor_$1_devpkg_debian too.])
fi
fi
if test -f /etc/fedora-release && test x"$tor_$1_$2_redhat" != x; then
AC_WARN([On Fedora, you can install$h $1 using "dnf install $tor_$1_$2_redhat"])
AC_MSG_WARN([On Fedora, you can install$h $1 using "dnf install $tor_$1_$2_redhat"])
if test x"$tor_$1_$2_redhat" != x"$tor_$1_devpkg_redhat"; then
AC_WARN([ You will probably need to install $tor_$1_devpkg_redhat too.])
AC_MSG_WARN([ You will probably need to install $tor_$1_devpkg_redhat too.])
fi
else
if test -f /etc/redhat-release && test x"$tor_$1_$2_redhat" != x; then
AC_WARN([On most Redhat-based systems, you can get$h $1 by installing the $tor_$1_$2_redhat RPM package])
AC_MSG_WARN([On most Redhat-based systems, you can get$h $1 by installing the $tor_$1_$2_redhat RPM package])
if test x"$tor_$1_$2_redhat" != x"$tor_$1_devpkg_redhat"; then
AC_WARN([ You will probably need to install $tor_$1_devpkg_redhat too.])
AC_MSG_WARN([ You will probably need to install $tor_$1_devpkg_redhat too.])
fi
fi
fi
@ -245,7 +245,10 @@ if test "$cross_compiling" != yes; then
LDFLAGS="$tor_tryextra $orig_LDFLAGS"
fi
AC_RUN_IFELSE([AC_LANG_PROGRAM([$5], [$6])],
[runnable=yes], [runnable=no])
[runnable=yes], [runnable=no],
[AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[]])],
[runnable=yes],
[runnable=no])])
if test "$runnable" = yes; then
tor_cv_library_$1_linker_option=$tor_tryextra
break

View File

@ -1,12 +1,12 @@
#!/bin/sh
if [ -x "`which autoreconf 2>/dev/null`" ] ; then
opt="-if"
opt="-i -f -W all,error"
for i in $@; do
case "$i" in
-v)
opt=$opt"v"
opt="${opt} -v"
;;
esac
done

4
changes/29241_diagnostic Normal file
View File

@ -0,0 +1,4 @@
o Minor features (NSS, diagnostic):
- Try to log an error from NSS (if there is any) and a more useful
description of our situation if we are using NSS and a call to
SSL_ExportKeyingMaterial() fails. Diagnostic for ticket 29241.

5
changes/bug13221 Normal file
View File

@ -0,0 +1,5 @@
o Minor bugfixes (logging):
- Correct a misleading error message when IPv4Only or IPv6Only
is used but the resolved address can not be interpreted as an
address of the specified IP version. Fixes bug 13221; bugfix
on 0.2.3.9-alpha. Patch from Kris Katterjohn.

View File

@ -1,7 +0,0 @@
o Minor bugfix (Exit node DNS retries):
- Re-attempt timed-out DNS queries 3 times before failure, since our
timeout is 5 seconds for them, but clients wait 10-15. Also allow
slightly more timeouts per resolver before giving up on it in the
case where an exit has multiple resolvers configured. Fixes bug 21394;
bugfix on 0.3.1.9.

3
changes/bug22619 Normal file
View File

@ -0,0 +1,3 @@
o Minor bugfixes (circuit isolation):
- Fix a logic error that prevented the SessionGroup sub-option from
being accepted. Fixes bug 22619; bugfix on 0.2.7.2-alpha.

View File

@ -1,6 +0,0 @@
o Major bugfix (Relay bandwidth statistics):
- When we close relayed circuits, report the data in the circuit queues
as being written in our relay bandwidth stats. This mitigates guard
discovery and other attacks that close circuits for the explicit purpose
of noticing this discrepancy in statistics. Fixes bug 23512; bugfix
on 0.0.8pre3.

View File

@ -1,5 +0,0 @@
o Minor bugfixes (hidden service client):
- The introduction circuit was being timed out too quickly while waiting
for the rendezvous circuit to complete. Keep the intro circuit around
longer instead of timing out and reopening new ones constantly. Fixes
bug 23681; bugfix on 0.2.4.8-alpha.

View File

@ -1,6 +0,0 @@
o Minor bugfixes (hidden service v2):
- When reloading tor (HUP) configured with hidden service(s), some
information weren't copy to the new service object. One problem with this
was that tor would wait at least the RendPostPeriod time before uploading
the descriptor if the reload happened before the descriptor needed to be
published. Fixes bug 23790; bugfix on 0.2.1.9-alpha.

View File

@ -1,4 +0,0 @@
o Minor bugfix (relay statistics):
- Update relay descriptor on bandwidth changes only when the uptime is
smaller than 24h in order to reduce the efficiency of guard discovery
attacks. Fixes bug 24104; bugfix on 0.1.1.6-alpha.

3
changes/bug24661 Normal file
View File

@ -0,0 +1,3 @@
o Minor bugfixes (client, guard selection):
- When Tor's consensus has expired, but is still reasonably live, use it
to select guards. Fixes bug 24661; bugfix on 0.3.0.1-alpha.

View File

@ -1,5 +0,0 @@
o Minor bugfixes (controller, reliability):
- Avoid a (nonfatal) assertion failure when extending a one-hop circuit
from the controller to become a multihop circuit. Fixes bug 24903;
bugfix on 0.2.5.2-alpha.

View File

@ -1,5 +0,0 @@
o Minor bugfixes (unit test, monotonic time):
- Bump a gap of 1msec to 10msec used in the monotonic time test that makes
sure the nsec/usec/msec time read are synchronized. This change was
needed to accommodate slow system like armel or when the clock_gettime()
is not a VDSO on the running kernel. Fixes bug 25113; bugfix on 0.2.9.1.

View File

@ -1,4 +0,0 @@
o Minor bugfixes (hidden service, heartbeat):
- Don't log in the heartbeat any long term established one hop rendezvous
points if tor is a single onion service. Fixes bug 25116; bugfix on
0.2.9.6-rc;

View File

@ -1,4 +0,0 @@
o Minor bugfixes (Assert crash):
- Avoid an assert in the circuit build timeout code if we fail to
allow any circuits to actually complete. Fixes bug 25733;
bugfix on 0.2.2.2-alpha.

View File

@ -1,4 +0,0 @@
o Minor bugfixes (testing):
- Revise the "conditionvar_timeout" test so that it succeeds even
on heavily loaded systems where the test threads are not scheduled
within 200 msec. Fixes bug 27073; bugfix on 0.2.6.3-alpha.

3
changes/bug27197 Normal file
View File

@ -0,0 +1,3 @@
o Minor bugfixes (protover, rust):
- Reject extra commas in version string. Fixes bug 27197; bugfix on
0.3.3.3-alpha.

3
changes/bug27199 Normal file
View File

@ -0,0 +1,3 @@
o Minor bugfixes (rust):
- Abort on panic in all build profiles, instead of potentially unwinding
into C code. Fixes bug 27199; bugfix on 0.3.3.1-alpha.

View File

@ -1,3 +0,0 @@
o Minor bugfixes (protover):
- Reject protocol names containing bytes other than alphanumeric characters
and hyphens ([A-Za-z0-9-]). Fixes bug 27316; bugfix on 0.2.9.4-alpha.

View File

@ -1,6 +0,0 @@
o Minor bugfixes (testing):
- If a unit test running in a subprocess exits abnormally or with a
nonzero status code, treat the test as having failed, even if
the test reported success. Without this fix, memory leaks don't cause
cause the tests to fail, even with LeakSanitizer. Fixes bug 27658;
bugfix on 0.2.2.4-alpha.

View File

@ -1,4 +0,0 @@
o Minor bugfixes (code safety):
- Rewrite our assertion macros so that they no longer suppress
the compiler's -Wparentheses warnings on their inputs. Fixes bug 27709;
bugfix on 0.0.6.

4
changes/bug27740 Normal file
View File

@ -0,0 +1,4 @@
o Minor bugfixes (rust):
- Return a string that can be safely freed by C code, not one created by
the rust allocator, in protover_all_supported(). Fixes bug 27740; bugfix
on 0.3.3.1-alpha.

5
changes/bug27741 Normal file
View File

@ -0,0 +1,5 @@
o Minor bugfixes (rust, directory authority):
- Fix an API mismatch in the rust implementation of
protover_compute_vote(). This bug could have caused crashes on any
directory authorities running Tor with Rust (which we do not yet
recommend). Fixes bug 27741; bugfix on 0.3.3.6.

6
changes/bug27750 Normal file
View File

@ -0,0 +1,6 @@
o Minor bugfixes (connection, relay):
- Avoid a wrong BUG() stacktrace in case a closing connection is being held
open because the write side is rate limited but not the read side. Now,
the connection read side is simply shutdown instead of kept open until tor
is able to flush the connection and then fully close it. Fixes bug 27750;
bugfix on 0.3.4.1-alpha.

4
changes/bug27800 Normal file
View File

@ -0,0 +1,4 @@
o Minor bugfixes (directory authority):
- Log additional info when we get a relay that shares an ed25519
ID with a different relay, instead making a BUG() warning.
Fixes bug 27800; bugfix on 0.3.2.1-alpha.

3
changes/bug27804 Normal file
View File

@ -0,0 +1,3 @@
o Minor bugfixes (rust):
- Fix a potential null dereference in protover_all_supported().
Add a test for it. Fixes bug 27804; bugfix on 0.3.3.1-alpha.

7
changes/bug27841 Normal file
View File

@ -0,0 +1,7 @@
o Minor bugfixes (onion services):
- On an intro point for a version 3 onion service, we do not close
an introduction circuit on an NACK. This lets the client decide
whether to reuse the circuit or discard it. Previously, we closed
intro circuits on NACKs. Fixes bug 27841; bugfix on 0.3.2.1-alpha.
Patch by Neel Chaunan

View File

@ -0,0 +1,4 @@
o Minor bugfixes (compilation, opensolaris):
- Add a missing include to compat_pthreads.c, to fix compilation
on OpenSolaris and its descendants. Fixes bug 27963; bugfix
on 0.3.5.1-alpha.

3
changes/bug27968 Normal file
View File

@ -0,0 +1,3 @@
o Minor bugfixes (testing):
- Avoid hangs and race conditions in test_rebind.py.
Fixes bug 27968; bugfix on 0.3.5.1-alpha.

3
changes/bug28115 Normal file
View File

@ -0,0 +1,3 @@
o Minor bugfixes (portability):
- Make the OPE code (which is used for v3 onion services) run correctly
on big-endian platforms. Fixes bug 28115; bugfix on 0.3.5.1-alpha.

7
changes/bug28127 Normal file
View File

@ -0,0 +1,7 @@
o Minor bugfixes (onion services):
- Unless we have explicitly set HiddenServiceVersion, detect the onion
service version and then look for invalid options. Previously, we
did the reverse, but that broke existing configs which were pointed
to a v2 hidden service and had options like HiddenServiceAuthorizeClient
set Fixes bug 28127; bugfix on 0.3.5.1-alpha. Patch by Neel Chauhan.

4
changes/bug28183 Normal file
View File

@ -0,0 +1,4 @@
o Minor bugfixes (Linux seccomp2 sandbox):
- Permit the "shutdown()" system call, which is apparently
used by OpenSSL under some circumstances. Fixes bug 28183;
bugfix on 0.2.5.1-alpha.

4
changes/bug28298 Normal file
View File

@ -0,0 +1,4 @@
o Minor bugfixes (configuration):
- Resume refusing to start with relative file paths and RunAsDaemon
set (regression from the fix for bug 22731). Fixes bug 28298;
bugfix on 0.3.3.1-alpha.

3
changes/bug28303 Normal file
View File

@ -0,0 +1,3 @@
o Minor bugfixes (compilation):
- Fix a pair of missing headers on OpenBSD. Fixes bug 28303;
bugfix on 0.3.5.1-alpha. Patch from Kris Katterjohn.

5
changes/bug28348_034 Normal file
View File

@ -0,0 +1,5 @@
o Major bugfixes (embedding, main loop):
- When DisableNetwork becomes set, actually disable periodic events that
are already enabled. (Previously, we would refrain from enabling new
ones, but we would leave the old ones turned on.)
Fixes bug 28348; bugfix on 0.3.4.1-alpha.

4
changes/bug28399 Normal file
View File

@ -0,0 +1,4 @@
o Minor bugfixes (continuous integration, Windows):
- Stop using an external OpenSSL install, and stop installing MSYS2
packages, when building using mingw on Appveyor Windows CI.
Fixes bug 28399; bugfix on 0.3.4.1-alpha.

3
changes/bug28419 Normal file
View File

@ -0,0 +1,3 @@
o Minor bugfixes (memory leaks):
- Fix a harmless memory leak in libtorrunner.a. Fixes bug 28419;
bugfix on 0.3.3.1-alpha. Patch from Martin Kepplinger.

3
changes/bug28435 Normal file
View File

@ -0,0 +1,3 @@
o Minor bugfixes (documentation):
- Make Doxygen work again after the 0.3.5 source tree moves.
Fixes bug 28435; bugfix on 0.3.5.1-alpha.

4
changes/bug28441 Normal file
View File

@ -0,0 +1,4 @@
o Minor bugfixes (logging):
- Stop talking about the Named flag in log messages. Clients have
ignored the Named flag since 0.3.2. Fixes bug 28441;
bugfix on 0.3.2.1-alpha.

4
changes/bug28454 Normal file
View File

@ -0,0 +1,4 @@
o Minor bugfixes (continuous integration, Windows):
- Manually configure the zstd compiler options, when building using
mingw on Appveyor Windows CI. The MSYS2 mingw zstd package does not
come with a pkg-config file. Fixes bug 28454; bugfix on 0.3.4.1-alpha.

3
changes/bug28485 Normal file
View File

@ -0,0 +1,3 @@
o Minor bugfixes (compilation):
- Add missing dependency on libgdi32.dll for tor-print-ed-signing-cert.exe
on Windows. Fixes bug 28485; bugfix on 0.3.5.1-alpha.

4
changes/bug28524 Normal file
View File

@ -0,0 +1,4 @@
o Minor bugfixes (restart-in-process, boostrap):
- Add missing resets of bootstrap tracking state when shutting
down (regression caused by ticket 27169). Fixes bug 28524;
bugfix on 0.3.5.1-alpha.

3
changes/bug28554 Normal file
View File

@ -0,0 +1,3 @@
o Minor bugfixes (unit tests, guard selection):
- Stop leaking memory in an entry guard unit test. Fixes bug 28554;
bugfix on 0.3.0.1-alpha.

5
changes/bug28562 Normal file
View File

@ -0,0 +1,5 @@
o Minor bugfixes (testing):
- Use a separate DataDirectory for the test_rebind script.
Previously, this script would run using the default DataDirectory,
and sometimes fail. Fixes bug 28562; bugfix on 0.3.5.1-alpha.
Patch from Taylor R Campbell.

4
changes/bug28568 Normal file
View File

@ -0,0 +1,4 @@
o Minor bugfixes (testing):
- Stop running stem's unit tests as part of "make test-stem". But continue
to run stem's unit and online tests during "make test-stem-full".
Fixes bug 28568; bugfix on 0.2.6.3-alpha.

3
changes/bug28569 Normal file
View File

@ -0,0 +1,3 @@
o Minor bugfixes (unit tests, directory clients):
- Mark outdated dirservers when Tor only has a reasonably live consensus.
Fixes bug 28569; bugfix on 0.3.2.5-alpha.

4
changes/bug28612 Normal file
View File

@ -0,0 +1,4 @@
o Minor bugfixes (windows services):
- Make Tor start correctly as an NT service again: previously it
was broken by refactoring. Fixes bug 28612; bugfix on 0.3.5.3-alpha.

6
changes/bug28619 Normal file
View File

@ -0,0 +1,6 @@
o Minor bugfixes (hidden service v3):
- When deleting an ephemeral onion service (DEL_ONION), do not close any
rendezvous circuits in order to let the existing client connections
finish by themselves or closed by the application. The HS v2 is doing
that already so now we have the same behavior for all versions. Fixes
bug 28619; bugfix on 0.3.3.1-alpha.

3
changes/bug28656 Normal file
View File

@ -0,0 +1,3 @@
o Minor bugfixes (logging):
- Stop logging a BUG() warning when tor is waiting for exit descriptors.
Fixes bug 28656; bugfix on 0.3.5.1-alpha.

3
changes/bug28698 Normal file
View File

@ -0,0 +1,3 @@
o Minor bugfix (logging):
- Avoid logging about relaxing circuits when their time is fixed.
Fixes bug 28698; bugfix on 0.2.4.7-alpha

5
changes/bug28895 Normal file
View File

@ -0,0 +1,5 @@
o Minor bugfixes (usability):
- Stop saying "Your Guard ..." in pathbias_measure_{use,close}_rate()
as that confusingly suggests that mentioned guard node is under control
and responsibility of end user, which it is not. Fixes bug 28895;
bugfix on Tor 0.3.0.1-alpha.

6
changes/bug28920 Normal file
View File

@ -0,0 +1,6 @@
o Minor bugfixes (logging):
- Rework rep_hist_log_link_protocol_counts() to iterate through all link
protocol versions when logging incoming/outgoing connection counts. Tor
no longer skips version 5 and we don't have to remember to update this
function when new link protocol version is developed. Fixes bug 28920;
bugfix on 0.2.6.10.

4
changes/bug28938 Normal file
View File

@ -0,0 +1,4 @@
o Minor bugfixes (compilation):
- Fix missing headers required for proper detection of
OpenBSD. Fixes bug 28938; bugfix on 0.3.5.1-alpha.
Patch from Kris Katterjohn.

3
changes/bug28974 Normal file
View File

@ -0,0 +1,3 @@
o Minor bugfixes (compilation):
- Fix compilation for Android by adding a missing header to
freespace.c. Fixes bug 28974; bugfix on 0.3.5.1-alpha.

4
changes/bug28979 Normal file
View File

@ -0,0 +1,4 @@
o Minor bugfixes (documentation):
- Describe the contents of the v3 onion service client authorization
files correctly: They hold public keys, not private keys. Fixes bug
28979; bugfix on 0.3.5.1-alpha. Spotted by "Felixix".

5
changes/bug28981 Normal file
View File

@ -0,0 +1,5 @@
o Minor bugfixes (misc):
- The amount of total available physical memory is now determined
using the sysctl identifier HW_PHYSMEM (rather than HW_USERMEM)
when it is defined and a 64-bit variant is not available. Fixes
bug 28981; bugfix on 0.2.5.4-alpha. Patch from Kris Katterjohn.

5
changes/bug28995 Normal file
View File

@ -0,0 +1,5 @@
o Minor bugfix (IPv6):
Fix tor_ersatz_socketpair on IPv6-only systems. Previously,
the IPv6 socket was bound using an address family of AF_INET
instead of AF_INET6. Fixes bug 28995; bugfix on 0.3.5.1-alpha.
Patch from Kris Katterjohn.

4
changes/bug29017 Normal file
View File

@ -0,0 +1,4 @@
o Minor bugfixes (stats):
- When ExtraInfoStatistics is 0, stop including PaddingStatistics in
relay and bridge extra-info documents. Fixes bug 29017;
bugfix on 0.3.1.1-alpha.

5
changes/bug29034 Normal file
View File

@ -0,0 +1,5 @@
o Major bugfixes (Onion service reachability):
- Properly clean up the introduction point map when circuits change purpose
from onion service circuits to pathbias, measurement, or other circuit types.
This should fix some service-side instances of introduction point failure.
Fixes bug 29034; bugfix on 0.3.2.1-alpha.

4
changes/bug29040 Normal file
View File

@ -0,0 +1,4 @@
o Minor bugfixes (onion services):
- Avoid crashing if ClientOnionAuthDir (incorrectly) contains
more than one private key for a hidden service. Fixes bug 29040;
bugfix on 0.3.5.1-alpha.

5
changes/bug29042 Normal file
View File

@ -0,0 +1,5 @@
o Minor bugfixes (logging):
- Log more information at "warning" level when unable to read a private
key; log more information ad "info" level when unable to read a public
key. We had warnings here before, but they were lost during our
NSS work. Fixes bug 29042; bugfix on 0.3.5.1-alpha.

5
changes/bug29135 Normal file
View File

@ -0,0 +1,5 @@
o Minor bugfixes (onion services, logging):
- In hs_cache_store_as_client() log an HSDesc we failed to parse at Debug
loglevel. Tor used to log it at Warning loglevel, which caused
very long log lines to appear for some users. Fixes bug 29135; bugfix on
0.3.2.1-alpha.

5
changes/bug29144 Normal file
View File

@ -0,0 +1,5 @@
o Minor bugfixes (logging):
- Log the correct port number for listening sockets when "auto" is
used to let Tor pick the port number. Previously, port 0 was
logged instead of the actual port number. Fixes bug 29144;
bugfix on 0.3.5.1-alpha. Patch from Kris Katterjohn.

3
changes/bug29161 Normal file
View File

@ -0,0 +1,3 @@
o Minor bugfixes (tests):
- Detect and suppress "bug" warnings from the util/time test on Windows.
Fixes bug 29161; bugfix on 0.2.9.3-alpha.

4
changes/bug29175_035 Normal file
View File

@ -0,0 +1,4 @@
o Major bugfixes (networking):
- Gracefully handle empty username/password fields in SOCKS5
username/password auth messsage and allow SOCKS5 handshake to
continue. Fixes bug 29175; bugfix on 0.3.5.1-alpha.

6
changes/bug29241 Normal file
View File

@ -0,0 +1,6 @@
o Major bugfixes (NSS, relay):
- When running with NSS, disable TLS 1.2 ciphersuites that use SHA384
for their PRF. Due to an NSS bug, the TLS key exporters for these
ciphersuites don't work -- which caused relays to fail to handshake
with one another when these ciphersuites were enabled.
Fixes bug 29241; bugfix on 0.3.5.1-alpha.

4
changes/bug29244 Normal file
View File

@ -0,0 +1,4 @@
o Minor bugfixes (build, compatibility):
- Update Cargo.lock file to match the version made by the latest
version of Rust, so that "make distcheck" will pass again.
Fixes bug 29244; bugfix on 0.3.3.4-alpha.

5
changes/bug29530_035 Normal file
View File

@ -0,0 +1,5 @@
o Minor bugfixes (testing):
- Downgrade some LOG_ERR messages in the address/* tests to warnings.
The LOG_ERR messages were occurring when we had no configured network.
We were failing the unit tests, because we backported 28668 to 0.3.5.8,
but did not backport 29530. Fixes bug 29530; bugfix on 0.3.5.8.

6
changes/bug29601 Normal file
View File

@ -0,0 +1,6 @@
o Minor bugfixes (Windows, CI):
- Skip the Appveyor 32-bit Windows Server 2016 job, and 64-bit Windows
Server 2012 R2 job. The remaining 2 jobs still provide coverage of
64/32-bit, and Windows Server 2016/2012 R2. Also set fast_finish, so
failed jobs terminate the build immediately.
Fixes bug 29601; bugfix on 0.3.5.4-alpha.

4
changes/bug29670 Normal file
View File

@ -0,0 +1,4 @@
o Minor bugfixes (configuration, proxies):
- Fix a bug that prevented us from supporting SOCKS5 proxies that want
authentication along with configued (but unused!)
ClientTransportPlugins. Fixes bug 29670; bugfix on 0.2.6.1-alpha.

11
changes/bug29875 Normal file
View File

@ -0,0 +1,11 @@
o Major bugfixes (bridges):
- Do not count previously configured working bridges towards our total of
working bridges. Previously, when Tor's list of bridges changed, it
would think that the old bridges were still usable, and delay fetching
router descriptors for the new ones. Fixes part of bug 29875; bugfix
on 0.3.0.1-alpha.
- Consider our directory information to have changed when our list of
bridges changes. Previously, Tor would not re-compute the status of its
directory information when bridges changed, and therefore would not
realize that it was no longer able to build circuits. Fixes part of bug
29875.

4
changes/bug29922 Normal file
View File

@ -0,0 +1,4 @@
o Minor bugfixes (testing, windows):
- Fix a test failure caused by an unexpected bug warning in
our test for tor_gmtime_r(-1). Fixes bug 29922;
bugfix on 0.2.9.3-alpha.

4
changes/bug30011 Normal file
View File

@ -0,0 +1,4 @@
o Minor bugfixes (CI):
- Terminate test-stem if it takes more than 9.5 minutes to run.
(Travis terminates the job after 10 minutes of no output.)
Diagnostic for 29437. Fixes bug 30011; bugfix on 0.3.5.4-alpha.

9
changes/bug30040 Normal file
View File

@ -0,0 +1,9 @@
o Minor bugfixes (security):
- Fix a potential double free bug when reading huge bandwidth files. The
issue is not exploitable in the current Tor network because the
vulnerable code is only reached when directory authorities read bandwidth
files, but bandwidth files come from a trusted source (usually the
authorities themselves). Furthermore, the issue is only exploitable in
rare (non-POSIX) 32-bit architectures which are not used by any of the
current authorities. Fixes bug 30040; bugfix on 0.3.5.1-alpha. Bug found
and fixed by Tobias Stoeckmann.

4
changes/bug30148 Normal file
View File

@ -0,0 +1,4 @@
o Minor bugfixes (memory leak):
- Avoid a minor memory leak that could occur on relays when
creating a keys directory failed. Fixes bug 30148; bugfix on
0.3.3.1-alpha.

4
changes/bug30189 Normal file
View File

@ -0,0 +1,4 @@
o Minor bugfixes (compilation, unusual configuration):
- Avoid failures when building with ALL_BUGS_ARE_FAILED due to
missing declarations of abort(), and prevent other such failures
in the future. Fixes bug 30189; bugfix on 0.3.4.1-alpha.

3
changes/bug30190 Normal file
View File

@ -0,0 +1,3 @@
o Minor bugfixes (lib):
do not log a warning for OpenSSL versions that should be compatible
Fixes bug 30190; bugfix on 0.2.4.2-alpha

4
changes/bug30316 Normal file
View File

@ -0,0 +1,4 @@
o Minor bugfixes (directory authority):
- Move the "bandwidth-file-headers" line in directory authority votes
so that it conforms to dir-spec.txt. Fixes bug 30316; bugfix on
0.3.5.1-alpha.

3
changes/bug30452 Normal file
View File

@ -0,0 +1,3 @@
o Minor features (compile-time modules):
- Add a --list-modules command to print a list of which compile-time
modules are enabled. Closes ticket 30452.

4
changes/bug30475 Normal file
View File

@ -0,0 +1,4 @@
o Minor bugfixes ():
- Avoid a GCC 9.1.1 warning (and possible crash depending on libc
implemenation) when failing to load a hidden service client authorization
file. Fixes bug 30475; bugfix on 0.3.5.1-alpha.

5
changes/bug30713 Normal file
View File

@ -0,0 +1,5 @@
o Minor bugfixes (testing):
- Skip test_rebind when the TOR_SKIP_TEST_REBIND environmental variable is
set. Fixes bug 30713; bugfix on 0.3.5.1-alpha.
- Skip test_rebind on macOS in Travis, because it is unreliable on
macOS on Travis. Fixes bug 30713; bugfix on 0.3.5.1-alpha.

3
changes/bug30744 Normal file
View File

@ -0,0 +1,3 @@
o Minor bugfixes (continuous integration):
- Allow the test-stem job to fail in Travis, because it sometimes hangs.
Fixes bug 30744; bugfix on 0.3.5.4-alpha.

4
changes/bug30894 Normal file
View File

@ -0,0 +1,4 @@
o Minor bugfixes (memory leaks):
- Fix a trivial memory leak when parsing an invalid value
from a download schedule in the configuration. Fixes bug
30894; bugfix on 0.3.4.1-alpha.

4
changes/bug31003 Normal file
View File

@ -0,0 +1,4 @@
o Minor bugfixes (crash on exit):
- Avoid a set of possible code paths that could use try to use freed memory
in routerlist_free() while Tor was exiting. Fixes bug 31003; bugfix on
0.1.2.2-alpha.

3
changes/bug31463 Normal file
View File

@ -0,0 +1,3 @@
o Minor bugfixes (rust):
- Correctly exclude a redundant rust build job in Travis. Fixes bug 31463;
bugfix on 0.3.5.4-alpha.

3
changes/cid1444119 Normal file
View File

@ -0,0 +1,3 @@
o Minor bugfixes (C correctness):
- Fix an unlikely memory leak in consensus_diff_apply(). Fixes bug 29824;
bugfix on 0.3.1.1-alpha. This is Coverity warning CID 1444119.

Some files were not shown because too many files have changed in this diff Show More