mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-30 23:53:32 +01:00
Merge branch 'maint-0.4.3'
This commit is contained in:
commit
d3ded1cc1c
@ -95,7 +95,9 @@ test_script:
|
||||
$buildpath = @("C:\msys64\${env:compiler_path}\bin") + $oldpath
|
||||
$env:Path = $buildpath -join ';'
|
||||
Set-Location "${env:build}"
|
||||
Execute-Bash "VERBOSE=1 make -k -j2 check"
|
||||
Copy-Item "C:/msys64/${env:compiler_path}/bin/libssp-0.dll" -Destination "${env:build}/src/test"
|
||||
Copy-Item "C:/msys64/${env:compiler_path}/bin/zlib1.dll" -Destination "${env:build}/src/test"
|
||||
Execute-Bash "VERBOSE=1 TOR_SKIP_TESTCASES=crypto/openssl_version make -k -j2 check"
|
||||
}
|
||||
|
||||
on_finish:
|
||||
|
16
.gitignore
vendored
16
.gitignore
vendored
@ -158,14 +158,20 @@ uptime-*.json
|
||||
|
||||
# /src/lib
|
||||
/src/lib/libcurve25519_donna.a
|
||||
/src/lib/libtor-buf.a
|
||||
/src/lib/libtor-buf-testing.a
|
||||
/src/lib/libtor-compress.a
|
||||
/src/lib/libtor-compress-testing.a
|
||||
/src/lib/libtor-confmgt.a
|
||||
/src/lib/libtor-confmgt-testing.a
|
||||
/src/lib/libtor-container.a
|
||||
/src/lib/libtor-container-testing.a
|
||||
/src/lib/libtor-crypt-ops.a
|
||||
/src/lib/libtor-crypt-ops-testing.a
|
||||
/src/lib/libtor-ctime.a
|
||||
/src/lib/libtor-ctime-testing.a
|
||||
/src/lib/libtor-dispatch.a
|
||||
/src/lib/libtor-dispatch-testing.a
|
||||
/src/lib/libtor-encoding.a
|
||||
/src/lib/libtor-encoding-testing.a
|
||||
/src/lib/libtor-evloop.a
|
||||
@ -198,6 +204,8 @@ uptime-*.json
|
||||
/src/lib/libtor-osinfo-testing.a
|
||||
/src/lib/libtor-process.a
|
||||
/src/lib/libtor-process-testing.a
|
||||
/src/lib/libtor-pubsub.a
|
||||
/src/lib/libtor-pubsub-testing.a
|
||||
/src/lib/libtor-sandbox.a
|
||||
/src/lib/libtor-sandbox-testing.a
|
||||
/src/lib/libtor-string.a
|
||||
@ -213,6 +221,8 @@ uptime-*.json
|
||||
/src/lib/libtor-tls.a
|
||||
/src/lib/libtor-tls-testing.a
|
||||
/src/lib/libtor-trace.a
|
||||
/src/lib/libtor-version.a
|
||||
/src/lib/libtor-version-testing.a
|
||||
/src/lib/libtor-wallclock.a
|
||||
/src/lib/libtor-wallclock-testing.a
|
||||
|
||||
@ -240,20 +250,22 @@ uptime-*.json
|
||||
/src/test/test
|
||||
/src/test/test-slow
|
||||
/src/test/test-bt-cl
|
||||
/src/test/test-child
|
||||
/src/test/test-process
|
||||
/src/test/test-memwipe
|
||||
/src/test/test-ntor-cl
|
||||
/src/test/test-hs-ntor-cl
|
||||
/src/test/test-rng
|
||||
/src/test/test-switch-id
|
||||
/src/test/test-timers
|
||||
/src/test/test_workqueue
|
||||
/src/test/test.exe
|
||||
/src/test/test-slow.exe
|
||||
/src/test/test-bt-cl.exe
|
||||
/src/test/test-child.exe
|
||||
/src/test/test-process.exe
|
||||
/src/test/test-ntor-cl.exe
|
||||
/src/test/test-hs-ntor-cl.exe
|
||||
/src/test/test-memwipe.exe
|
||||
/src/test/test-rng.exe
|
||||
/src/test/test-switch-id.exe
|
||||
/src/test/test-timers.exe
|
||||
/src/test/test_workqueue.exe
|
||||
|
@ -13,33 +13,3 @@ build:
|
||||
- make check || (e=$?; cat test-suite.log; exit $e)
|
||||
- make install
|
||||
|
||||
update:
|
||||
only:
|
||||
- schedules
|
||||
script:
|
||||
- "apt-get install -y --fix-missing git openssh-client"
|
||||
|
||||
# Run ssh-agent (inside the build environment)
|
||||
- eval $(ssh-agent -s)
|
||||
|
||||
# Add the SSH key stored in SSH_PRIVATE_KEY variable to the agent store
|
||||
- ssh-add <(echo "$DEPLOY_KEY")
|
||||
|
||||
# For Docker builds disable host key checking. Be aware that by adding that
|
||||
# you are susceptible to man-in-the-middle attacks.
|
||||
# WARNING: Use this only with the Docker executor, if you use it with shell
|
||||
# you will overwrite your user's SSH config.
|
||||
- mkdir -p ~/.ssh
|
||||
- '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'
|
||||
# In order to properly check the server's host key, assuming you created the
|
||||
# SSH_SERVER_HOSTKEYS variable previously, uncomment the following two lines
|
||||
# instead.
|
||||
- mkdir -p ~/.ssh
|
||||
- '[[ -f /.dockerenv ]] && echo "$SSH_SERVER_HOSTKEYS" > ~/.ssh/known_hosts'
|
||||
- echo "merging from torgit"
|
||||
- git config --global user.email "labadmin@oniongit.eu"
|
||||
- git config --global user.name "gitadmin"
|
||||
- "mkdir tor"
|
||||
- "cd tor"
|
||||
- git clone --bare https://git.torproject.org/tor.git
|
||||
- git push --mirror git@oniongit.eu:network/tor.git
|
||||
|
88
.travis.yml
88
.travis.yml
@ -29,6 +29,8 @@ env:
|
||||
- HARDENING_OPTIONS="--enable-expensive-hardening"
|
||||
## We turn off asciidoc by default, because it's slow
|
||||
- ASCIIDOC_OPTIONS="--disable-asciidoc"
|
||||
## Our default rust version is the minimum supported version
|
||||
- RUST_VERSION="1.31.0"
|
||||
## Turn off tor's sandbox in chutney, until we fix sandbox errors that are
|
||||
## triggered by Ubuntu Xenial and Bionic. See #32722.
|
||||
- CHUTNEY_TOR_SANDBOX="0"
|
||||
@ -39,44 +41,54 @@ env:
|
||||
matrix:
|
||||
## include creates builds with gcc, linux, unless we override those defaults
|
||||
include:
|
||||
## We run basic tests on macOS
|
||||
## We run chutney on macOS, because macOS Travis has IPv6
|
||||
- env: CHUTNEY="yes" CHUTNEY_ALLOW_FAILURES="2" SKIP_MAKE_CHECK="yes"
|
||||
os: osx
|
||||
|
||||
## We also run basic tests on macOS
|
||||
- compiler: clang
|
||||
os: osx
|
||||
## Turn off some newer features, turn on clang's -Wtypedef-redefinition
|
||||
env: C_DIALECT_OPTIONS="-std=gnu99"
|
||||
## We check NSS
|
||||
## Use -std=gnu99 to turn off some newer features, and maybe turn on some
|
||||
## extra gcc warnings?
|
||||
- env: NSS_OPTIONS="--enable-nss" C_DIALECT_OPTIONS="-std=gnu99"
|
||||
|
||||
## We run chutney on Linux, because it's faster than chutney on macOS
|
||||
## Chutney is a fast job, clang is slower on Linux, so we do Chutney clang
|
||||
- env: CHUTNEY="yes" CHUTNEY_ALLOW_FAILURES="2" SKIP_MAKE_CHECK="yes"
|
||||
compiler: clang
|
||||
|
||||
## We check asciidoc with distcheck, to make sure we remove doc products
|
||||
## We use Linux clang, because there are no other Linux clang jobs
|
||||
- env: DISTCHECK="yes" ASCIIDOC_OPTIONS="" SKIP_MAKE_CHECK="yes"
|
||||
compiler: clang
|
||||
## We include a single coverage build with the best options for coverage
|
||||
- env: COVERAGE_OPTIONS="--enable-coverage" HARDENING_OPTIONS=""
|
||||
|
||||
## We check disable module relay
|
||||
- env: MODULES_OPTIONS="--disable-module-relay"
|
||||
## We check disable module dirauth
|
||||
- env: MODULES_OPTIONS="--disable-module-dirauth"
|
||||
|
||||
## We run rust on Linux, because it's faster than rust on macOS
|
||||
## We check rust offline
|
||||
- env: RUST_OPTIONS="--enable-rust" TOR_RUST_DEPENDENCIES=true
|
||||
## We check asciidoc with distcheck, to make sure we remove doc products
|
||||
- env: DISTCHECK="yes" ASCIIDOC_OPTIONS="" SKIP_MAKE_CHECK="yes"
|
||||
## We check disable module dirauth
|
||||
- env: MODULES_OPTIONS="--disable-module-dirauth"
|
||||
|
||||
## We check NSS
|
||||
## Use -std=gnu99 to turn off some newer features, and maybe turn on some
|
||||
## extra gcc warnings?
|
||||
- env: NSS_OPTIONS="--enable-nss" C_DIALECT_OPTIONS="-std=gnu99"
|
||||
|
||||
## We include a single coverage build with the best options for coverage
|
||||
- env: COVERAGE_OPTIONS="--enable-coverage" HARDENING_OPTIONS="" TOR_TEST_RNG_SEED="636f766572616765"
|
||||
|
||||
## We clone our stem repo and run `make test-stem`
|
||||
- env: TEST_STEM="yes" SKIP_MAKE_CHECK="yes"
|
||||
|
||||
## We run `make doxygen` without `make check`.
|
||||
- env: SKIP_MAKE_CHECK="yes" DOXYGEN="yes"
|
||||
|
||||
## macOS builds are very slow, and we have a limited number of
|
||||
## concurrent macOS jobs. We're not actively developing Rust, so it is
|
||||
## the lowest priority.
|
||||
## We run rust on macOS, because we have seen macOS rust failures before
|
||||
#- env: RUST_OPTIONS="--enable-rust --enable-cargo-online-mode"
|
||||
#- env: RUST_VERSION="nightly" RUST_OPTIONS="--enable-rust --enable-cargo-online-mode"
|
||||
# compiler: clang
|
||||
# os: osx
|
||||
## We run chutney on macOS, because macOS Travis has IPv6
|
||||
- env: CHUTNEY="yes" CHUTNEY_ALLOW_FAILURES="2" SKIP_MAKE_CHECK="yes"
|
||||
os: osx
|
||||
## We clone our stem repo and run `make test-stem`
|
||||
- env: TEST_STEM="yes" SKIP_MAKE_CHECK="yes"
|
||||
|
||||
## Allow the build to report success (with non-required sub-builds
|
||||
## continuing to run) if all required sub-builds have succeeded.
|
||||
@ -88,11 +100,17 @@ matrix:
|
||||
## macOS rust and chutney are very slow, so we let the build finish before
|
||||
## they are done. We'd like to fast finish, but still eventually show
|
||||
## any failures in the build status. But Travis doesn't have that ability.
|
||||
- env: RUST_OPTIONS="--enable-rust --enable-cargo-online-mode"
|
||||
compiler: clang
|
||||
os: osx
|
||||
- env: CHUTNEY="yes" CHUTNEY_ALLOW_FAILURES="2" SKIP_MAKE_CHECK="yes"
|
||||
os: osx
|
||||
|
||||
## Since this job is disabled, there's not much point having an exception
|
||||
## for it
|
||||
#- env: RUST_VERSION="nightly" RUST_OPTIONS="--enable-rust --enable-cargo-online-mode"
|
||||
# compiler: clang
|
||||
# os: osx
|
||||
|
||||
## Since we're actively developing IPv6, we want to require the IPv6
|
||||
## chutney tests
|
||||
#- env: CHUTNEY="yes" CHUTNEY_ALLOW_FAILURES="2" SKIP_MAKE_CHECK="yes"
|
||||
# os: osx
|
||||
|
||||
## (Linux only) Use a recent Linux image (Ubuntu Bionic)
|
||||
dist: bionic
|
||||
@ -114,12 +132,16 @@ addons:
|
||||
- libscrypt-dev
|
||||
- libseccomp-dev
|
||||
- libzstd-dev
|
||||
## Optional build dependencies
|
||||
- coccinelle
|
||||
- shellcheck
|
||||
## Conditional build dependencies
|
||||
## Always installed, so we don't need sudo
|
||||
- asciidoc
|
||||
- docbook-xsl
|
||||
- docbook-xml
|
||||
- xmlto
|
||||
- doxygen
|
||||
## Utilities
|
||||
## preventing or diagnosing hangs
|
||||
- timelimit
|
||||
@ -142,6 +164,8 @@ addons:
|
||||
- pkg-config
|
||||
## Optional build dependencies
|
||||
- ccache
|
||||
- coccinelle
|
||||
- shellcheck
|
||||
## Conditional build dependencies
|
||||
## Always installed, because manual brew installs are hard to get right
|
||||
- asciidoc
|
||||
@ -157,6 +181,8 @@ addons:
|
||||
osx_image: xcode11.2
|
||||
|
||||
before_install:
|
||||
## Set pipefail: we use pipes
|
||||
- set -o pipefail || echo "pipefail failed"
|
||||
## Create empty rust directories for non-Rust builds, so caching succeeds
|
||||
- if [[ "$RUST_OPTIONS" == "" ]]; then mkdir -p $HOME/.cargo $TRAVIS_BUILD_DIR/src/rust/target; fi
|
||||
|
||||
@ -172,8 +198,8 @@ install:
|
||||
- if [[ "$ASCIIDOC_OPTIONS" == "" ]] && [[ "$TRAVIS_OS_NAME" == "osx" ]]; then export XML_CATALOG_FILES="/usr/local/etc/xml/catalog"; fi
|
||||
## If we're using Rust, download rustup
|
||||
- if [[ "$RUST_OPTIONS" != "" ]]; then curl -Ssf -o rustup.sh https://sh.rustup.rs; fi
|
||||
## Install the nightly channels of rustc and cargo and setup our toolchain environment
|
||||
- if [[ "$RUST_OPTIONS" != "" ]]; then sh rustup.sh -y --default-toolchain nightly; fi
|
||||
## Install the stable channels of rustc and cargo and setup our toolchain environment
|
||||
- if [[ "$RUST_OPTIONS" != "" ]]; then sh rustup.sh -y --default-toolchain $RUST_VERSION; fi
|
||||
- if [[ "$RUST_OPTIONS" != "" ]]; then source $HOME/.cargo/env; fi
|
||||
## If we're testing rust builds in offline-mode, then set up our vendored dependencies
|
||||
- if [[ "$TOR_RUST_DEPENDENCIES" == "true" ]]; then export TOR_RUST_DEPENDENCIES=$PWD/src/ext/rust/crates; fi
|
||||
@ -198,6 +224,13 @@ install:
|
||||
- if [[ "$CHUTNEY" != "" ]]; then pushd "$CHUTNEY_PATH"; git log -1 ; popd ; fi
|
||||
## If we're running stem, show the stem version and commit
|
||||
- if [[ "$TEST_STEM" != "" ]]; then pushd stem; python -c "from stem import stem; print(stem.__version__);"; git log -1; popd; fi
|
||||
## Get the coccinelle version
|
||||
## Installs are unreliable on macOS, so we just rely on brew list --versions
|
||||
- if [[ "$TRAVIS_OS_NAME" == "linux" ]]; then spatch --version; fi
|
||||
## We don't want Tor tests to depend on default configuration file at
|
||||
## ~/.torrc. So we put some random bytes in there, to make sure we get build
|
||||
## failures in case Tor is reading it during CI jobs.
|
||||
- dd ibs=1 count=1024 if=/dev/urandom > ~/.torrc
|
||||
|
||||
script:
|
||||
# Skip test_rebind on macOS
|
||||
@ -213,6 +246,7 @@ script:
|
||||
## Diagnostic for bug 29437: kill stem if it hangs for 9.5 minutes
|
||||
## Travis will kill the job after 10 minutes with no output
|
||||
- if [[ "$TEST_STEM" != "" ]]; then make src/app/tor; timelimit -p -t 540 -s USR1 -T 30 -S ABRT python3 "$STEM_SOURCE_DIR"/run_tests.py --tor src/app/tor --integ --test control.controller --test control.base_controller --test process --log TRACE --log-file stem.log; fi
|
||||
- if [[ "$DOXYGEN" != "" ]]; then make doxygen; fi
|
||||
## If this build was one that produced coverage, upload it.
|
||||
- if [[ "$COVERAGE_OPTIONS" != "" ]]; then coveralls -b . --exclude src/test --exclude src/trunnel --gcov-options '\-p' || echo "Coverage failed"; fi
|
||||
|
||||
@ -225,7 +259,7 @@ after_failure:
|
||||
## `make distcheck` puts it somewhere different.
|
||||
- if [[ "$DISTCHECK" != "" ]]; then make show-distdir-testlog || echo "make failed"; fi
|
||||
- if [[ "$DISTCHECK" != "" ]]; then make show-distdir-core || echo "make failed"; fi
|
||||
- if [[ "$CHUTNEY" != "" ]]; then ls test_network_log || echo "ls failed"; cat test_network_log/* || echo "cat failed"; fi
|
||||
- if [[ "$CHUTNEY" != "" ]]; then "$CHUTNEY_PATH/tools/diagnostics.sh" || echo "diagnostics failed"; ls test_network_log || echo "ls failed"; cat test_network_log/* || echo "cat failed"; fi
|
||||
- if [[ "$TEST_STEM" != "" ]]; then tail -1000 "$STEM_SOURCE_DIR"/test/data/tor_log || echo "tail failed"; fi
|
||||
- if [[ "$TEST_STEM" != "" ]]; then grep -v "SocketClosed" stem.log | tail -1000 || echo "grep | tail failed"; fi
|
||||
|
||||
|
2567
Doxyfile.in
2567
Doxyfile.in
File diff suppressed because it is too large
Load Diff
3
LICENSE
3
LICENSE
@ -9,7 +9,8 @@
|
||||
there may be other license terms that you should be aware of.
|
||||
|
||||
===============================================================================
|
||||
Tor is distributed under this license:
|
||||
Tor is distributed under the "3-clause BSD" license, a commonly used
|
||||
software license that means Tor is both free software and open source:
|
||||
|
||||
Copyright (c) 2001-2004, Roger Dingledine
|
||||
Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson
|
||||
|
161
Makefile.am
161
Makefile.am
@ -21,7 +21,12 @@ AM_CPPFLAGS=\
|
||||
-I$(top_srcdir)/src/ext/trunnel \
|
||||
-I$(top_srcdir)/src/trunnel
|
||||
|
||||
AM_CFLAGS=@TOR_SYSTEMD_CFLAGS@ @CFLAGS_BUGTRAP@ @TOR_LZMA_CFLAGS@ @TOR_ZSTD_CFLAGS@
|
||||
AM_CFLAGS= \
|
||||
@TOR_SYSTEMD_CFLAGS@ \
|
||||
@CFLAGS_BUGTRAP@ \
|
||||
@TOR_LZMA_CFLAGS@ \
|
||||
@TOR_ZSTD_CFLAGS@
|
||||
|
||||
SHELL=@SHELL@
|
||||
|
||||
if COVERAGE_ENABLED
|
||||
@ -31,9 +36,7 @@ TESTING_TOR_BINARY=$(top_builddir)/src/app/tor$(EXEEXT)
|
||||
endif
|
||||
|
||||
if USE_RUST
|
||||
## this MUST be $(), otherwise am__DEPENDENCIES will not track it
|
||||
rust_ldadd=$(top_builddir)/$(TOR_RUST_LIB_PATH) \
|
||||
$(TOR_RUST_EXTRA_LIBS)
|
||||
rust_ldadd=$(top_builddir)/$(TOR_RUST_LIB_PATH)
|
||||
else
|
||||
rust_ldadd=
|
||||
endif
|
||||
@ -42,6 +45,10 @@ endif
|
||||
TOR_UTIL_LIBS = \
|
||||
src/lib/libtor-geoip.a \
|
||||
src/lib/libtor-process.a \
|
||||
src/lib/libtor-buf.a \
|
||||
src/lib/libtor-confmgt.a \
|
||||
src/lib/libtor-pubsub.a \
|
||||
src/lib/libtor-dispatch.a \
|
||||
src/lib/libtor-time.a \
|
||||
src/lib/libtor-fs.a \
|
||||
src/lib/libtor-encoding.a \
|
||||
@ -62,6 +69,7 @@ TOR_UTIL_LIBS = \
|
||||
src/lib/libtor-malloc.a \
|
||||
src/lib/libtor-wallclock.a \
|
||||
src/lib/libtor-err.a \
|
||||
src/lib/libtor-version.a \
|
||||
src/lib/libtor-intmath.a \
|
||||
src/lib/libtor-ctime.a
|
||||
|
||||
@ -71,6 +79,10 @@ if UNITTESTS_ENABLED
|
||||
TOR_UTIL_TESTING_LIBS = \
|
||||
src/lib/libtor-geoip-testing.a \
|
||||
src/lib/libtor-process-testing.a \
|
||||
src/lib/libtor-buf-testing.a \
|
||||
src/lib/libtor-confmgt-testing.a \
|
||||
src/lib/libtor-pubsub-testing.a \
|
||||
src/lib/libtor-dispatch-testing.a \
|
||||
src/lib/libtor-time-testing.a \
|
||||
src/lib/libtor-fs-testing.a \
|
||||
src/lib/libtor-encoding-testing.a \
|
||||
@ -91,6 +103,7 @@ TOR_UTIL_TESTING_LIBS = \
|
||||
src/lib/libtor-malloc-testing.a \
|
||||
src/lib/libtor-wallclock-testing.a \
|
||||
src/lib/libtor-err-testing.a \
|
||||
src/lib/libtor-version-testing.a \
|
||||
src/lib/libtor-intmath.a \
|
||||
src/lib/libtor-ctime-testing.a
|
||||
endif
|
||||
@ -159,7 +172,43 @@ EXTRA_DIST+= \
|
||||
README \
|
||||
ReleaseNotes \
|
||||
scripts/maint/checkIncludes.py \
|
||||
scripts/maint/checkSpace.pl
|
||||
scripts/maint/checkSpace.pl \
|
||||
scripts/maint/checkSpaceTest.sh \
|
||||
scripts/maint/checkspace_tests/dubious.c \
|
||||
scripts/maint/checkspace_tests/dubious.h \
|
||||
scripts/maint/checkspace_tests/expected.txt \
|
||||
scripts/maint/checkspace_tests/good_guard.h \
|
||||
scripts/maint/checkspace_tests/same_guard.h \
|
||||
scripts/maint/checkspace_tests/subdir/dubious.c \
|
||||
scripts/maint/checkShellScripts.sh \
|
||||
scripts/maint/practracker/README \
|
||||
scripts/maint/practracker/exceptions.txt \
|
||||
scripts/maint/practracker/includes.py \
|
||||
scripts/maint/practracker/metrics.py \
|
||||
scripts/maint/practracker/practracker.py \
|
||||
scripts/maint/practracker/practracker_tests.py \
|
||||
scripts/maint/practracker/problem.py \
|
||||
scripts/maint/practracker/testdata/.may_include \
|
||||
scripts/maint/practracker/testdata/a.c \
|
||||
scripts/maint/practracker/testdata/b.c \
|
||||
scripts/maint/practracker/testdata/ex0-expected.txt \
|
||||
scripts/maint/practracker/testdata/ex0.txt \
|
||||
scripts/maint/practracker/testdata/ex1-expected.txt \
|
||||
scripts/maint/practracker/testdata/ex1.txt \
|
||||
scripts/maint/practracker/testdata/ex1-overbroad-expected.txt \
|
||||
scripts/maint/practracker/testdata/ex1-regen-expected.txt \
|
||||
scripts/maint/practracker/testdata/ex1-regen-overbroad-expected.txt \
|
||||
scripts/maint/practracker/testdata/ex.txt \
|
||||
scripts/maint/practracker/testdata/header.h \
|
||||
scripts/maint/practracker/testdata/not_c_file \
|
||||
scripts/maint/practracker/test_practracker.sh \
|
||||
scripts/maint/practracker/util.py \
|
||||
scripts/coccinelle/apply.sh \
|
||||
scripts/coccinelle/check_cocci_parse.sh \
|
||||
scripts/coccinelle/exceptions.txt \
|
||||
scripts/coccinelle/test-operator-cleanup \
|
||||
scripts/coccinelle/tor-coccinelle.h \
|
||||
scripts/coccinelle/try_parse.sh
|
||||
|
||||
## This tells etags how to find mockable function definitions.
|
||||
AM_ETAGSFLAGS=--regex='{c}/MOCK_IMPL([^,]+,\W*\([a-zA-Z0-9_]+\)\W*,/\1/s'
|
||||
@ -177,7 +226,7 @@ TEST_CFLAGS=
|
||||
TEST_CPPFLAGS=-DTOR_UNIT_TESTS @TOR_MODULES_ALL_ENABLED@
|
||||
TEST_NETWORK_FLAGS=--hs-multi-client 1
|
||||
endif
|
||||
TEST_NETWORK_WARNING_FLAGS=--quiet --only-warnings
|
||||
TEST_NETWORK_SHOW_WARNINGS_FOR_LAST_RUN_FLAGS=--quiet --only-warnings
|
||||
|
||||
if LIBFUZZER_ENABLED
|
||||
TEST_CFLAGS += -fsanitize-coverage=trace-pc-guard,trace-cmp,trace-div
|
||||
@ -207,13 +256,24 @@ dist-rpm: dist-gzip
|
||||
echo "RPM build finished"; \
|
||||
#end of dist-rpm
|
||||
|
||||
doxygen:
|
||||
doxygen && cd doc/doxygen/latex && make
|
||||
.PHONY: doxygen
|
||||
doxygen: Doxyfile
|
||||
mkdir -p doc/doxygen
|
||||
(cd "$(top_srcdir)" && doxygen "$(abs_top_builddir)/Doxyfile")
|
||||
|
||||
test: all
|
||||
$(top_builddir)/src/test/test
|
||||
|
||||
check-local: check-spaces check-changes check-includes
|
||||
shellcheck:
|
||||
$(top_srcdir)/scripts/maint/checkShellScripts.sh
|
||||
|
||||
check-local: \
|
||||
check-spaces \
|
||||
check-changes \
|
||||
check-includes \
|
||||
check-best-practices \
|
||||
shellcheck \
|
||||
check-cocci
|
||||
|
||||
need-chutney-path:
|
||||
@if test ! -d "$$CHUTNEY_PATH"; then \
|
||||
@ -233,12 +293,15 @@ test-network: need-chutney-path $(TESTING_TOR_BINARY) src/tools/tor-gencert
|
||||
$(top_srcdir)/src/test/test-network.sh $(TEST_NETWORK_FLAGS)
|
||||
|
||||
# Run all available tests using automake's test-driver
|
||||
# only run IPv6 tests if we can ping6 ::1 (localhost)
|
||||
# only run IPv6 tests if we can ping ::1 (localhost)
|
||||
# some IPv6 tests will fail without an IPv6 DNS server (see #16971 and #17011)
|
||||
# only run mixed tests if we have a tor-stable binary
|
||||
# Try the syntax for BSD ping6, Linux ping6, and Linux ping -6,
|
||||
# - only run IPv6 tests if we can ping6 or ping -6 ::1 (localhost)
|
||||
# we try the syntax for BSD ping6, Linux ping6, and Linux ping -6,
|
||||
# because they're incompatible
|
||||
# - some IPv6 tests may fail without an IPv6 DNS server
|
||||
# (see #16971 and #17011)
|
||||
# - only run mixed tests if we have a tor-stable binary
|
||||
# - show tor warnings on the console after each network run
|
||||
# (otherwise, warnings go to the logs, and people don't see them unless
|
||||
# there is a network failure)
|
||||
test-network-all: need-chutney-path test-driver $(TESTING_TOR_BINARY) src/tools/tor-gencert
|
||||
mkdir -p $(TEST_NETWORK_ALL_LOG_DIR)
|
||||
rm -f $(TEST_NETWORK_ALL_LOG_DIR)/*.log $(TEST_NETWORK_ALL_LOG_DIR)/*.trs
|
||||
@ -262,7 +325,7 @@ test-network-all: need-chutney-path test-driver $(TESTING_TOR_BINARY) src/tools/
|
||||
done; \
|
||||
for f in $$flavors; do \
|
||||
$(SHELL) $(top_srcdir)/test-driver --test-name $$f --log-file $(TEST_NETWORK_ALL_LOG_DIR)/$$f.log --trs-file $(TEST_NETWORK_ALL_LOG_DIR)/$$f.trs $(TEST_NETWORK_ALL_DRIVER_FLAGS) $(top_srcdir)/src/test/test-network.sh --flavor $$f $(TEST_NETWORK_FLAGS); \
|
||||
$(top_srcdir)/src/test/test-network.sh $(TEST_NETWORK_WARNING_FLAGS); \
|
||||
$(top_srcdir)/src/test/test-network.sh $(TEST_NETWORK_SHOW_WARNINGS_FOR_LAST_RUN_FLAGS); \
|
||||
done; \
|
||||
echo "Log and result files are available in $(TEST_NETWORK_ALL_LOG_DIR)."; \
|
||||
! grep -q FAIL $(TEST_NETWORK_ALL_LOG_DIR)/*.trs
|
||||
@ -280,9 +343,19 @@ test-stem: need-stem-path $(TESTING_TOR_BINARY)
|
||||
test-stem-full: need-stem-path $(TESTING_TOR_BINARY)
|
||||
@$(PYTHON) "$$STEM_SOURCE_DIR"/run_tests.py --tor "$(TESTING_TOR_BINARY)" --all --log notice --target RUN_ALL,ONLINE -v;
|
||||
|
||||
test-full: need-stem-path need-chutney-path check test-network test-stem
|
||||
test-full: \
|
||||
need-stem-path \
|
||||
need-chutney-path \
|
||||
check \
|
||||
test-network \
|
||||
test-stem
|
||||
|
||||
test-full-online: need-stem-path need-chutney-path check test-network test-stem-full
|
||||
test-full-online: \
|
||||
need-stem-path \
|
||||
need-chutney-path \
|
||||
check \
|
||||
test-network \
|
||||
test-stem-full
|
||||
|
||||
# We can't delete the gcno files, because they are created when tor is compiled
|
||||
reset-gcov:
|
||||
@ -317,11 +390,12 @@ coverage-html-full: all
|
||||
lcov --remove "$(HTML_COVER_DIR)/lcov.tmp" --rc lcov_branch_coverage=1 'test/*' 'ext/tinytest*' '/usr/*' --output-file "$(HTML_COVER_DIR)/lcov.info"
|
||||
genhtml --branch-coverage -o "$(HTML_COVER_DIR)" "$(HTML_COVER_DIR)/lcov.info"
|
||||
|
||||
# Avoid strlcpy.c, strlcat.c, aes.c, OpenBSD_malloc_Linux.c, sha256.c,
|
||||
# tinytest*.[ch]
|
||||
check-spaces:
|
||||
if USE_PERL
|
||||
$(PERL) $(top_srcdir)/scripts/maint/checkSpace.pl -C \
|
||||
# For scripts: avoid src/ext and src/trunnel.
|
||||
# Keep these lists consistent:
|
||||
# - OWNED_TOR_C_FILES in Makefile.am
|
||||
# - CHECK_FILES in pre-commit.git-hook and pre-push.git-hook
|
||||
# - try_parse in check_cocci_parse.sh
|
||||
OWNED_TOR_C_FILES=\
|
||||
$(top_srcdir)/src/lib/*/*.[ch] \
|
||||
$(top_srcdir)/src/core/*/*.[ch] \
|
||||
$(top_srcdir)/src/feature/*/*.[ch] \
|
||||
@ -329,13 +403,29 @@ if USE_PERL
|
||||
$(top_srcdir)/src/test/*.[ch] \
|
||||
$(top_srcdir)/src/test/*/*.[ch] \
|
||||
$(top_srcdir)/src/tools/*.[ch]
|
||||
|
||||
check-spaces:
|
||||
if USE_PERL
|
||||
$(PERL) $(top_srcdir)/scripts/maint/checkSpace.pl -C \
|
||||
$(OWNED_TOR_C_FILES)
|
||||
endif
|
||||
|
||||
check-includes:
|
||||
if USEPYTHON
|
||||
$(PYTHON) $(top_srcdir)/scripts/maint/checkIncludes.py
|
||||
$(PYTHON) $(top_srcdir)/scripts/maint/practracker/includes.py $(top_srcdir)
|
||||
endif
|
||||
|
||||
check-best-practices:
|
||||
if USEPYTHON
|
||||
@$(PYTHON) $(top_srcdir)/scripts/maint/practracker/practracker.py $(top_srcdir) $(TOR_PRACTRACKER_OPTIONS)
|
||||
endif
|
||||
|
||||
check-cocci:
|
||||
VERBOSE=1 $(top_srcdir)/scripts/coccinelle/check_cocci_parse.sh $(OWNED_TOR_C_FILES)
|
||||
|
||||
practracker-regen:
|
||||
$(PYTHON) $(top_srcdir)/scripts/maint/practracker/practracker.py --regen $(top_srcdir)
|
||||
|
||||
check-docs: all
|
||||
$(PERL) $(top_builddir)/scripts/maint/checkOptionDocs.pl
|
||||
|
||||
@ -412,17 +502,17 @@ endif
|
||||
check-changes:
|
||||
if USEPYTHON
|
||||
@if test -d "$(top_srcdir)/changes"; then \
|
||||
$(PYTHON) $(top_srcdir)/scripts/maint/lintChanges.py $(top_srcdir)/changes; \
|
||||
PACKAGE_VERSION=$(PACKAGE_VERSION) $(PYTHON) $(top_srcdir)/scripts/maint/lintChanges.py $(top_srcdir)/changes; \
|
||||
fi
|
||||
endif
|
||||
|
||||
.PHONY: update-versions
|
||||
update-versions:
|
||||
$(PERL) $(top_builddir)/scripts/maint/updateVersions.pl
|
||||
abs_top_srcdir="$(abs_top_srcdir)" $(PYTHON) $(top_srcdir)/scripts/maint/update_versions.py
|
||||
|
||||
.PHONY: callgraph
|
||||
callgraph:
|
||||
$(top_builddir)/scripts/maint/run_calltool.sh
|
||||
cd $(top_builddir); $(abs_top_srcdir)/scripts/maint/run_calltool.sh
|
||||
|
||||
version:
|
||||
@echo "Tor @VERSION@"
|
||||
@ -431,6 +521,25 @@ version:
|
||||
(cd "$(top_srcdir)" && git rev-parse --short=16 HEAD); \
|
||||
fi
|
||||
|
||||
.PHONY: autostyle-ifdefs
|
||||
autostyle-ifdefs:
|
||||
$(PYTHON) $(top_srcdir)/scripts/maint/annotate_ifdef_directives.py $(OWNED_TOR_C_FILES)
|
||||
|
||||
.PHONY: autostyle-ifdefs
|
||||
autostyle-operators:
|
||||
$(PERL) $(top_srcdir)/scripts/coccinelle/test-operator-cleanup $(OWNED_TOR_C_FILES)
|
||||
|
||||
.PHONY: rectify-includes
|
||||
rectify-includes:
|
||||
cd $(top_srcdir); $(PYTHON) $(abs_top_srcdir)/scripts/maint/rectify_include_paths.py
|
||||
|
||||
.PHONY: update-copyright
|
||||
update-copyright:
|
||||
$(PERL) $(top_srcdir)/scripts/maint/updateCopyright.pl $(OWNED_TOR_C_FILES)
|
||||
|
||||
.PHONY: autostyle
|
||||
autostyle: update-versions rustfmt autostyle-ifdefs rectify-includes
|
||||
|
||||
mostlyclean-local:
|
||||
rm -f $(top_builddir)/src/*/*.gc{da,no} $(top_builddir)/src/*/*/*.gc{da,no}
|
||||
rm -rf $(HTML_COVER_DIR)
|
||||
|
4184
ReleaseNotes
4184
ReleaseNotes
File diff suppressed because it is too large
Load Diff
@ -1,9 +1,9 @@
|
||||
#!/bin/sh
|
||||
|
||||
if [ -x "`which autoreconf 2>/dev/null`" ] ; then
|
||||
if command -v autoreconf; then
|
||||
opt="-i -f -W all,error"
|
||||
|
||||
for i in $@; do
|
||||
for i in "$@"; do
|
||||
case "$i" in
|
||||
-v)
|
||||
opt="${opt} -v"
|
||||
@ -11,6 +11,7 @@ if [ -x "`which autoreconf 2>/dev/null`" ] ; then
|
||||
esac
|
||||
done
|
||||
|
||||
# shellcheck disable=SC2086
|
||||
exec autoreconf $opt
|
||||
fi
|
||||
|
||||
|
@ -1,4 +0,0 @@
|
||||
o Minor features (NSS, diagnostic):
|
||||
- Try to log an error from NSS (if there is any) and a more useful
|
||||
description of our situation if we are using NSS and a call to
|
||||
SSL_ExportKeyingMaterial() fails. Diagnostic for ticket 29241.
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (logging):
|
||||
- Change log level of message "Hash of session info was not as expected"
|
||||
to LOG_PROTOCOL_WARN. Fixes bug 12399; bugfix on 0.1.1.10-alpha.
|
@ -1,5 +0,0 @@
|
||||
o Minor bugfixes (logging):
|
||||
- Correct a misleading error message when IPv4Only or IPv6Only
|
||||
is used but the resolved address can not be interpreted as an
|
||||
address of the specified IP version. Fixes bug 13221; bugfix
|
||||
on 0.2.3.9-alpha. Patch from Kris Katterjohn.
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (circuit isolation):
|
||||
- Fix a logic error that prevented the SessionGroup sub-option from
|
||||
being accepted. Fixes bug 22619; bugfix on 0.2.7.2-alpha.
|
@ -1,5 +0,0 @@
|
||||
o Minor bugfixes (v3 single onion services):
|
||||
- Make v3 single onion services fall back to a 3-hop intro, when there
|
||||
all intro points are unreachable via a 1-hop path. Previously, v3
|
||||
single onion services failed when all intro nodes were unreachable
|
||||
via a 1-hop path. Fixes bug 23507; bugfix on 0.3.2.1-alpha.
|
@ -1,6 +0,0 @@
|
||||
o Minor bugfixes (v2 single onion services):
|
||||
- Always retry v2 single onion service intro and rend circuits with a
|
||||
3-hop path. Previously, v2 single onion services used a 3-hop path
|
||||
when rend circuits were retried after a remote or delayed failure,
|
||||
but a 1-hop path for immediate retries. Fixes bug 23818;
|
||||
bugfix on 0.2.9.3-alpha.
|
@ -1,6 +0,0 @@
|
||||
o Minor bugfixes (v3 single onion services):
|
||||
- Always retry v3 single onion service intro and rend circuits with a
|
||||
3-hop path. Previously, v3 single onion services used a 3-hop path
|
||||
when rend circuits were retried after a remote or delayed failure,
|
||||
but a 1-hop path for immediate retries. Fixes bug 23818;
|
||||
bugfix on 0.3.2.1-alpha.
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (client, guard selection):
|
||||
- When Tor's consensus has expired, but is still reasonably live, use it
|
||||
to select guards. Fixes bug 24661; bugfix on 0.3.0.1-alpha.
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (protover, rust):
|
||||
- Reject extra commas in version string. Fixes bug 27197; bugfix on
|
||||
0.3.3.3-alpha.
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (rust):
|
||||
- Abort on panic in all build profiles, instead of potentially unwinding
|
||||
into C code. Fixes bug 27199; bugfix on 0.3.3.1-alpha.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (rust):
|
||||
- Return a string that can be safely freed by C code, not one created by
|
||||
the rust allocator, in protover_all_supported(). Fixes bug 27740; bugfix
|
||||
on 0.3.3.1-alpha.
|
@ -1,5 +0,0 @@
|
||||
o Minor bugfixes (rust, directory authority):
|
||||
- Fix an API mismatch in the rust implementation of
|
||||
protover_compute_vote(). This bug could have caused crashes on any
|
||||
directory authorities running Tor with Rust (which we do not yet
|
||||
recommend). Fixes bug 27741; bugfix on 0.3.3.6.
|
@ -1,6 +0,0 @@
|
||||
o Minor bugfixes (connection, relay):
|
||||
- Avoid a wrong BUG() stacktrace in case a closing connection is being held
|
||||
open because the write side is rate limited but not the read side. Now,
|
||||
the connection read side is simply shutdown instead of kept open until tor
|
||||
is able to flush the connection and then fully close it. Fixes bug 27750;
|
||||
bugfix on 0.3.4.1-alpha.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (directory authority):
|
||||
- Log additional info when we get a relay that shares an ed25519
|
||||
ID with a different relay, instead making a BUG() warning.
|
||||
Fixes bug 27800; bugfix on 0.3.2.1-alpha.
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (rust):
|
||||
- Fix a potential null dereference in protover_all_supported().
|
||||
Add a test for it. Fixes bug 27804; bugfix on 0.3.3.1-alpha.
|
@ -1,7 +0,0 @@
|
||||
o Minor bugfixes (onion services):
|
||||
- On an intro point for a version 3 onion service, we do not close
|
||||
an introduction circuit on an NACK. This lets the client decide
|
||||
whether to reuse the circuit or discard it. Previously, we closed
|
||||
intro circuits on NACKs. Fixes bug 27841; bugfix on 0.3.2.1-alpha.
|
||||
Patch by Neel Chaunan
|
||||
|
@ -1,6 +0,0 @@
|
||||
o Minor bugfixes (tests):
|
||||
- Treat backtrace test failures as expected on BSD-derived systems
|
||||
(NetBSD, OpenBSD, and macOS/Darwin) until we solve bug 17808.
|
||||
(FreeBSD failures have been treated as expected since 18204 in 0.2.8.)
|
||||
Fixes bug 27948; bugfix on 0.2.5.2-alpha.
|
||||
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (compilation, opensolaris):
|
||||
- Add a missing include to compat_pthreads.c, to fix compilation
|
||||
on OpenSolaris and its descendants. Fixes bug 27963; bugfix
|
||||
on 0.3.5.1-alpha.
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (testing):
|
||||
- Avoid hangs and race conditions in test_rebind.py.
|
||||
Fixes bug 27968; bugfix on 0.3.5.1-alpha.
|
@ -1,13 +0,0 @@
|
||||
o Minor bugfixes (Windows):
|
||||
- Correctly identify Windows 8.1, Windows 10, and Windows Server 2008
|
||||
and later from their NT versions.
|
||||
Fixes bug 28096; bugfix on 0.2.2.34; reported by Keifer Bly.
|
||||
- On recent Windows versions, the GetVersionEx() function may report
|
||||
an earlier Windows version than the running OS. To avoid user
|
||||
confusion, add "[or later]" to Tor's version string on affected
|
||||
versions of Windows.
|
||||
Fixes bug 28096; bugfix on 0.2.2.34; reported by Keifer Bly.
|
||||
- Remove Windows versions that were never supported by the
|
||||
GetVersionEx() function. Stop duplicating the latest Windows
|
||||
version in get_uname().
|
||||
Fixes bug 28096; bugfix on 0.2.2.34; reported by Keifer Bly.
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (portability):
|
||||
- Make the OPE code (which is used for v3 onion services) run correctly
|
||||
on big-endian platforms. Fixes bug 28115; bugfix on 0.3.5.1-alpha.
|
@ -1,7 +0,0 @@
|
||||
o Minor bugfixes (onion services):
|
||||
- Unless we have explicitly set HiddenServiceVersion, detect the onion
|
||||
service version and then look for invalid options. Previously, we
|
||||
did the reverse, but that broke existing configs which were pointed
|
||||
to a v2 hidden service and had options like HiddenServiceAuthorizeClient
|
||||
set Fixes bug 28127; bugfix on 0.3.5.1-alpha. Patch by Neel Chauhan.
|
||||
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (Linux seccomp2 sandbox):
|
||||
- Permit the "shutdown()" system call, which is apparently
|
||||
used by OpenSSL under some circumstances. Fixes bug 28183;
|
||||
bugfix on 0.2.5.1-alpha.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (C correctness):
|
||||
- Avoid undefined behavior in an end-of-string check when parsing the
|
||||
BEGIN line in a directory object. Fixes bug 28202; bugfix on
|
||||
0.2.0.3-alpha.
|
@ -1,6 +0,0 @@
|
||||
o Major bugfixes (OpenSSL, portability):
|
||||
- Fix our usage of named groups when running as a TLS 1.3 client in
|
||||
OpenSSL 1.1.1. Previously, we only initialized EC groups when running
|
||||
as a server, which caused clients to fail to negotiate TLS 1.3 with
|
||||
relays. Fixes bug 28245; bugfix on 0.2.9.15 when TLS 1.3 support was
|
||||
added.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (configuration):
|
||||
- Resume refusing to start with relative file paths and RunAsDaemon
|
||||
set (regression from the fix for bug 22731). Fixes bug 28298;
|
||||
bugfix on 0.3.3.1-alpha.
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (compilation):
|
||||
- Fix a pair of missing headers on OpenBSD. Fixes bug 28303;
|
||||
bugfix on 0.3.5.1-alpha. Patch from Kris Katterjohn.
|
@ -1,5 +0,0 @@
|
||||
o Major bugfixes (embedding, main loop):
|
||||
- When DisableNetwork becomes set, actually disable periodic events that
|
||||
are already enabled. (Previously, we would refrain from enabling new
|
||||
ones, but we would leave the old ones turned on.)
|
||||
Fixes bug 28348; bugfix on 0.3.4.1-alpha.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (continuous integration, Windows):
|
||||
- Stop using an external OpenSSL install, and stop installing MSYS2
|
||||
packages, when building using mingw on Appveyor Windows CI.
|
||||
Fixes bug 28399; bugfix on 0.3.4.1-alpha.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (compilation):
|
||||
- Initialize a variable in aes_new_cipher(), since some compilers
|
||||
cannot tell that we always initialize it before use. Fixes bug 28413;
|
||||
bugfix on 0.2.9.3-alpha.
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (memory leaks):
|
||||
- Fix a harmless memory leak in libtorrunner.a. Fixes bug 28419;
|
||||
bugfix on 0.3.3.1-alpha. Patch from Martin Kepplinger.
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (documentation):
|
||||
- Make Doxygen work again after the 0.3.5 source tree moves.
|
||||
Fixes bug 28435; bugfix on 0.3.5.1-alpha.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (logging):
|
||||
- Stop talking about the Named flag in log messages. Clients have
|
||||
ignored the Named flag since 0.3.2. Fixes bug 28441;
|
||||
bugfix on 0.3.2.1-alpha.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (continuous integration, Windows):
|
||||
- Manually configure the zstd compiler options, when building using
|
||||
mingw on Appveyor Windows CI. The MSYS2 mingw zstd package does not
|
||||
come with a pkg-config file. Fixes bug 28454; bugfix on 0.3.4.1-alpha.
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (compilation):
|
||||
- Add missing dependency on libgdi32.dll for tor-print-ed-signing-cert.exe
|
||||
on Windows. Fixes bug 28485; bugfix on 0.3.5.1-alpha.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (restart-in-process, boostrap):
|
||||
- Add missing resets of bootstrap tracking state when shutting
|
||||
down (regression caused by ticket 27169). Fixes bug 28524;
|
||||
bugfix on 0.3.5.1-alpha.
|
@ -1,7 +0,0 @@
|
||||
o Minor features (address selection):
|
||||
- Make Tor aware of the RFC 6598 (Carrier Grade NAT) IP range, which is the
|
||||
subnet 100.64.0.0/10. This is deployed by many ISPs as an alternative to
|
||||
RFC 1918 that does not break existing internal networks. This patch fixes
|
||||
security issues caused by RFC 6518 by blocking control ports on these
|
||||
addresses and warns users if client ports or ExtORPorts are listening on
|
||||
a RFC 6598 address. Closes ticket 28525. Patch by Neel Chauhan.
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (unit tests, guard selection):
|
||||
- Stop leaking memory in an entry guard unit test. Fixes bug 28554;
|
||||
bugfix on 0.3.0.1-alpha.
|
@ -1,5 +0,0 @@
|
||||
o Minor bugfixes (testing):
|
||||
- Use a separate DataDirectory for the test_rebind script.
|
||||
Previously, this script would run using the default DataDirectory,
|
||||
and sometimes fail. Fixes bug 28562; bugfix on 0.3.5.1-alpha.
|
||||
Patch from Taylor R Campbell.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (testing):
|
||||
- Stop running stem's unit tests as part of "make test-stem". But continue
|
||||
to run stem's unit and online tests during "make test-stem-full".
|
||||
Fixes bug 28568; bugfix on 0.2.6.3-alpha.
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (unit tests, directory clients):
|
||||
- Mark outdated dirservers when Tor only has a reasonably live consensus.
|
||||
Fixes bug 28569; bugfix on 0.3.2.5-alpha.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (windows services):
|
||||
- Make Tor start correctly as an NT service again: previously it
|
||||
was broken by refactoring. Fixes bug 28612; bugfix on 0.3.5.3-alpha.
|
||||
|
@ -1,6 +0,0 @@
|
||||
o Minor bugfixes (hidden service v3):
|
||||
- When deleting an ephemeral onion service (DEL_ONION), do not close any
|
||||
rendezvous circuits in order to let the existing client connections
|
||||
finish by themselves or closed by the application. The HS v2 is doing
|
||||
that already so now we have the same behavior for all versions. Fixes
|
||||
bug 28619; bugfix on 0.3.3.1-alpha.
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (logging):
|
||||
- Stop logging a BUG() warning when tor is waiting for exit descriptors.
|
||||
Fixes bug 28656; bugfix on 0.3.5.1-alpha.
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfix (logging):
|
||||
- Avoid logging about relaxing circuits when their time is fixed.
|
||||
Fixes bug 28698; bugfix on 0.2.4.7-alpha
|
@ -1,5 +0,0 @@
|
||||
o Minor bugfixes (usability):
|
||||
- Stop saying "Your Guard ..." in pathbias_measure_{use,close}_rate()
|
||||
as that confusingly suggests that mentioned guard node is under control
|
||||
and responsibility of end user, which it is not. Fixes bug 28895;
|
||||
bugfix on Tor 0.3.0.1-alpha.
|
@ -1,6 +0,0 @@
|
||||
o Minor bugfixes (logging):
|
||||
- Rework rep_hist_log_link_protocol_counts() to iterate through all link
|
||||
protocol versions when logging incoming/outgoing connection counts. Tor
|
||||
no longer skips version 5 and we don't have to remember to update this
|
||||
function when new link protocol version is developed. Fixes bug 28920;
|
||||
bugfix on 0.2.6.10.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (compilation):
|
||||
- Fix missing headers required for proper detection of
|
||||
OpenBSD. Fixes bug 28938; bugfix on 0.3.5.1-alpha.
|
||||
Patch from Kris Katterjohn.
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (compilation):
|
||||
- Fix compilation for Android by adding a missing header to
|
||||
freespace.c. Fixes bug 28974; bugfix on 0.3.5.1-alpha.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (documentation):
|
||||
- Describe the contents of the v3 onion service client authorization
|
||||
files correctly: They hold public keys, not private keys. Fixes bug
|
||||
28979; bugfix on 0.3.5.1-alpha. Spotted by "Felixix".
|
@ -1,5 +0,0 @@
|
||||
o Minor bugfixes (misc):
|
||||
- The amount of total available physical memory is now determined
|
||||
using the sysctl identifier HW_PHYSMEM (rather than HW_USERMEM)
|
||||
when it is defined and a 64-bit variant is not available. Fixes
|
||||
bug 28981; bugfix on 0.2.5.4-alpha. Patch from Kris Katterjohn.
|
@ -1,5 +0,0 @@
|
||||
o Minor bugfix (IPv6):
|
||||
Fix tor_ersatz_socketpair on IPv6-only systems. Previously,
|
||||
the IPv6 socket was bound using an address family of AF_INET
|
||||
instead of AF_INET6. Fixes bug 28995; bugfix on 0.3.5.1-alpha.
|
||||
Patch from Kris Katterjohn.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (stats):
|
||||
- When ExtraInfoStatistics is 0, stop including PaddingStatistics in
|
||||
relay and bridge extra-info documents. Fixes bug 29017;
|
||||
bugfix on 0.3.1.1-alpha.
|
@ -1,5 +0,0 @@
|
||||
o Minor bugfixes (logging, onion services):
|
||||
- Stop logging "Tried to establish rendezvous on non-OR circuit..." as
|
||||
a warning. Instead, log it as a protocol warning, because there is
|
||||
nothing that relay operators can do to fix it. Fixes bug 29029;
|
||||
bugfix on 0.2.5.7-rc.
|
@ -1,5 +0,0 @@
|
||||
o Major bugfixes (Onion service reachability):
|
||||
- Properly clean up the introduction point map when circuits change purpose
|
||||
from onion service circuits to pathbias, measurement, or other circuit types.
|
||||
This should fix some service-side instances of introduction point failure.
|
||||
Fixes bug 29034; bugfix on 0.3.2.1-alpha.
|
@ -1,5 +0,0 @@
|
||||
o Minor bugfix (continuous integration):
|
||||
- Reset coverage state on disk after Travis CI has finished. This is being
|
||||
done to prevent future gcda file merge errors which causes the test suite
|
||||
for the process subsystem to fail. The process subsystem was introduced
|
||||
in 0.4.0.1-alpha. Fixes bug 29036; bugfix on 0.2.9.15.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (onion services):
|
||||
- Avoid crashing if ClientOnionAuthDir (incorrectly) contains
|
||||
more than one private key for a hidden service. Fixes bug 29040;
|
||||
bugfix on 0.3.5.1-alpha.
|
@ -1,5 +0,0 @@
|
||||
o Minor bugfixes (logging):
|
||||
- Log more information at "warning" level when unable to read a private
|
||||
key; log more information ad "info" level when unable to read a public
|
||||
key. We had warnings here before, but they were lost during our
|
||||
NSS work. Fixes bug 29042; bugfix on 0.3.5.1-alpha.
|
@ -1,5 +0,0 @@
|
||||
o Minor bugfixes (onion services, logging):
|
||||
- In hs_cache_store_as_client() log an HSDesc we failed to parse at Debug
|
||||
loglevel. Tor used to log it at Warning loglevel, which caused
|
||||
very long log lines to appear for some users. Fixes bug 29135; bugfix on
|
||||
0.3.2.1-alpha.
|
@ -1,5 +0,0 @@
|
||||
o Minor bugfixes (logging):
|
||||
- Log the correct port number for listening sockets when "auto" is
|
||||
used to let Tor pick the port number. Previously, port 0 was
|
||||
logged instead of the actual port number. Fixes bug 29144;
|
||||
bugfix on 0.3.5.1-alpha. Patch from Kris Katterjohn.
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (compilation, testing):
|
||||
- Silence a compiler warning in test-memwipe.c on OpenBSD. Fixes
|
||||
bug 29145; bugfix on 0.2.9.3-alpha. Patch from Kris Katterjohn.
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (tests):
|
||||
- Detect and suppress "bug" warnings from the util/time test on Windows.
|
||||
Fixes bug 29161; bugfix on 0.2.9.3-alpha.
|
@ -1,4 +0,0 @@
|
||||
o Major bugfixes (networking):
|
||||
- Gracefully handle empty username/password fields in SOCKS5
|
||||
username/password auth messsage and allow SOCKS5 handshake to
|
||||
continue. Fixes bug 29175; bugfix on 0.3.5.1-alpha.
|
@ -1,6 +0,0 @@
|
||||
o Major bugfixes (NSS, relay):
|
||||
- When running with NSS, disable TLS 1.2 ciphersuites that use SHA384
|
||||
for their PRF. Due to an NSS bug, the TLS key exporters for these
|
||||
ciphersuites don't work -- which caused relays to fail to handshake
|
||||
with one another when these ciphersuites were enabled.
|
||||
Fixes bug 29241; bugfix on 0.3.5.1-alpha.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (build, compatibility):
|
||||
- Update Cargo.lock file to match the version made by the latest
|
||||
version of Rust, so that "make distcheck" will pass again.
|
||||
Fixes bug 29244; bugfix on 0.3.3.4-alpha.
|
@ -1,5 +0,0 @@
|
||||
o Minor bugfixes (testing):
|
||||
- Downgrade some LOG_ERR messages in the address/* tests to warnings.
|
||||
The LOG_ERR messages were occurring when we had no configured network.
|
||||
We were failing the unit tests, because we backported 28668 to 0.3.5.8,
|
||||
but did not backport 29530. Fixes bug 29530; bugfix on 0.3.5.8.
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (memory management, testing):
|
||||
- Stop leaking parts of the shared random state in the shared-random unit
|
||||
tests. Fixes bug 29599; bugfix on 0.2.9.1-alpha.
|
@ -1,6 +0,0 @@
|
||||
o Minor bugfixes (Windows, CI):
|
||||
- Skip the Appveyor 32-bit Windows Server 2016 job, and 64-bit Windows
|
||||
Server 2012 R2 job. The remaining 2 jobs still provide coverage of
|
||||
64/32-bit, and Windows Server 2016/2012 R2. Also set fast_finish, so
|
||||
failed jobs terminate the build immediately.
|
||||
Fixes bug 29601; bugfix on 0.3.5.4-alpha.
|
@ -1,7 +0,0 @@
|
||||
o Minor bugfixes (single onion services):
|
||||
- Allow connections to single onion services to remain idle without
|
||||
being disconnected. Relays acting as rendezvous points for
|
||||
single onion services were mistakenly closing idle established
|
||||
rendezvous circuits after 60 seconds, thinking that they are unused
|
||||
directory-fetching circuits that had served their purpose. Fixes
|
||||
bug 29665; bugfix on 0.2.1.26.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (configuration, proxies):
|
||||
- Fix a bug that prevented us from supporting SOCKS5 proxies that want
|
||||
authentication along with configued (but unused!)
|
||||
ClientTransportPlugins. Fixes bug 29670; bugfix on 0.2.6.1-alpha.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (testing):
|
||||
- Backport the 0.3.4 src/test/test-network.sh to 0.2.9.
|
||||
We need a recent test-network.sh to use new chutney features in CI.
|
||||
Fixes bug 29703; bugfix on 0.2.9.1-alpha.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (memory management, testing):
|
||||
- Stop leaking parts of the shared random state in the shared-random unit
|
||||
tests. The previous fix in 29599 was incomplete.
|
||||
Fixes bug 29706; bugfix on 0.2.9.1-alpha.
|
@ -1,8 +0,0 @@
|
||||
o Minor bugfixes (linux seccomp sandbox):
|
||||
- Correct how we use libseccomp. Particularly, stop assuming that
|
||||
rules are applied in a particular order or that more rules are
|
||||
processed after the first match. Neither is the case! In libseccomp
|
||||
<2.4.0 this lead to some rules having no effect. Libseccomp 2.4.0
|
||||
changed how rules are generated leading to a different ordering
|
||||
which in turn lead to a fatal crash during startup. Fixes bug
|
||||
29819; bugfix on 0.2.5.1-alpha. Patch by Peter Gerber.
|
@ -1,11 +0,0 @@
|
||||
o Major bugfixes (bridges):
|
||||
- Do not count previously configured working bridges towards our total of
|
||||
working bridges. Previously, when Tor's list of bridges changed, it
|
||||
would think that the old bridges were still usable, and delay fetching
|
||||
router descriptors for the new ones. Fixes part of bug 29875; bugfix
|
||||
on 0.3.0.1-alpha.
|
||||
- Consider our directory information to have changed when our list of
|
||||
bridges changes. Previously, Tor would not re-compute the status of its
|
||||
directory information when bridges changed, and therefore would not
|
||||
realize that it was no longer able to build circuits. Fixes part of bug
|
||||
29875.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (testing, windows):
|
||||
- Fix a test failure caused by an unexpected bug warning in
|
||||
our test for tor_gmtime_r(-1). Fixes bug 29922;
|
||||
bugfix on 0.2.9.3-alpha.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (CI):
|
||||
- Terminate test-stem if it takes more than 9.5 minutes to run.
|
||||
(Travis terminates the job after 10 minutes of no output.)
|
||||
Diagnostic for 29437. Fixes bug 30011; bugfix on 0.3.5.4-alpha.
|
@ -1,8 +0,0 @@
|
||||
o Minor bugfixes (TLS protocol, integration tests):
|
||||
- When classifying a client's selection of TLS ciphers, if the client
|
||||
ciphers are not yet available, do not cache the result. Previously,
|
||||
we had cached the unavailability of the cipher list and never looked
|
||||
again, which in turn led us to assume that the client only supported
|
||||
the ancient V1 link protocol. This, in turn, was causing Stem
|
||||
integration tests to stall in some cases.
|
||||
Fixes bug 30021; bugfix on 0.2.4.8-alpha.
|
@ -1,9 +0,0 @@
|
||||
o Minor bugfixes (security):
|
||||
- Fix a potential double free bug when reading huge bandwidth files. The
|
||||
issue is not exploitable in the current Tor network because the
|
||||
vulnerable code is only reached when directory authorities read bandwidth
|
||||
files, but bandwidth files come from a trusted source (usually the
|
||||
authorities themselves). Furthermore, the issue is only exploitable in
|
||||
rare (non-POSIX) 32-bit architectures which are not used by any of the
|
||||
current authorities. Fixes bug 30040; bugfix on 0.3.5.1-alpha. Bug found
|
||||
and fixed by Tobias Stoeckmann.
|
@ -1,5 +0,0 @@
|
||||
o Minor bugfixes (hardening):
|
||||
- Verify in more places that we are not about to create a buffer
|
||||
with more than INT_MAX bytes, to avoid possible OOB access in the event
|
||||
of bugs. Fixes bug 30041; bugfix on 0.2.0.16. Found and fixed by
|
||||
Tobias Stoeckmann.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (memory leak):
|
||||
- Avoid a minor memory leak that could occur on relays when
|
||||
creating a keys directory failed. Fixes bug 30148; bugfix on
|
||||
0.3.3.1-alpha.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (compilation, unusual configuration):
|
||||
- Avoid failures when building with ALL_BUGS_ARE_FAILED due to
|
||||
missing declarations of abort(), and prevent other such failures
|
||||
in the future. Fixes bug 30189; bugfix on 0.3.4.1-alpha.
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (lib):
|
||||
do not log a warning for OpenSSL versions that should be compatible
|
||||
Fixes bug 30190; bugfix on 0.2.4.2-alpha
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (directory authority):
|
||||
- Move the "bandwidth-file-headers" line in directory authority votes
|
||||
so that it conforms to dir-spec.txt. Fixes bug 30316; bugfix on
|
||||
0.3.5.1-alpha.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (connection):
|
||||
- Avoid reading data from closed connections, which can cause needless
|
||||
loops in libevent and infinite loops in Shadow. Fixes bug 30344; bugfix
|
||||
on 0.1.1.1-alpha.
|
@ -1,3 +0,0 @@
|
||||
o Minor features (compile-time modules):
|
||||
- Add a --list-modules command to print a list of which compile-time
|
||||
modules are enabled. Closes ticket 30452.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes ():
|
||||
- Avoid a GCC 9.1.1 warning (and possible crash depending on libc
|
||||
implemenation) when failing to load a hidden service client authorization
|
||||
file. Fixes bug 30475; bugfix on 0.3.5.1-alpha.
|
@ -1,6 +0,0 @@
|
||||
o Minor bugfixes (portability):
|
||||
- Avoid crashing in our tor_vasprintf() implementation on systems that
|
||||
define neither vasprintf() nor _vscprintf(). (This bug has been here
|
||||
long enough that we question whether people are running Tor on such
|
||||
systems, but we're applying the fix out of caution.) Fixes bug 30561;
|
||||
bugfix on 0.2.8.2-alpha. Found and fixed by Tobias Stoeckmann.
|
@ -1,5 +0,0 @@
|
||||
o Minor bugfixes (testing):
|
||||
- Skip test_rebind when the TOR_SKIP_TEST_REBIND environmental variable is
|
||||
set. Fixes bug 30713; bugfix on 0.3.5.1-alpha.
|
||||
- Skip test_rebind on macOS in Travis, because it is unreliable on
|
||||
macOS on Travis. Fixes bug 30713; bugfix on 0.3.5.1-alpha.
|
@ -1,3 +0,0 @@
|
||||
o Minor bugfixes (continuous integration):
|
||||
- Allow the test-stem job to fail in Travis, because it sometimes hangs.
|
||||
Fixes bug 30744; bugfix on 0.3.5.4-alpha.
|
@ -1,4 +0,0 @@
|
||||
o Minor bugfixes (directory authorities):
|
||||
- Stop crashing after parsing an unknown descriptor purpose annotation.
|
||||
We think this bug can only be triggered by modifying a local file.
|
||||
Fixes bug 30781; bugfix on 0.2.0.8-alpha.
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user