Commit Graph

34529 Commits

Author SHA1 Message Date
Nick Mathewson
a1b2817abe Sort variables in config_mgr_t.all_vars alphabetically 2019-07-24 15:21:56 -04:00
Nick Mathewson
f8b193a74a Make config_var and config_fmt const.
Now that we have a reasonable implementation for overriding the
default options for TestingTorNetwork, we don't need to modify
config_var_t structs any more.  And therefore, we can have constant
format options, like reasonable people.
2019-07-24 15:21:56 -04:00
Nick Mathewson
dde091ebc7 Add a "freeze" function for config_mgr_t objects.
It's important to make sure that we don't change a config_mgr_t
after we start using it to make objects, or we could get into
inconsistent states.  This feature is the start of a safety
mechanism to prevent this problem.
2019-07-24 15:21:56 -04:00
Nick Mathewson
f306d12b58 Refactor handling of TestingTorNetwork
Previously, when TestingTorNetwork was set, we would manually adjust
the initvalue members of a bunch of other config_var_t, and then
re-run the early parts or parsing the options.

Now we treat the initvalue fields as immutable, but instead assign
to them in options_init(), as early as possible.  Rather than
re-running the early parts of options, we just re-call the
options_init_from_string() function.

This patch de-kludges some of our code pretty handily.  I think it
could later handle authorities and fallbacks, but for now I think we
should leave those alone.
2019-07-24 15:21:56 -04:00
Nick Mathewson
7abd43ac5f Change CONFIG_CHECK() macro to not need a config_format_t
We'll want it to check all the subsidiary structures of the
options object.
2019-07-24 15:21:56 -04:00
Nick Mathewson
627ab9dba3 Fix every place in config.c that knew about option_vars_.
Iterating over this array was once a good idea, but now that we are
going to have a separate structure for each submodule's
configuration variables, we should indirect through the config_mgr_t
object.
2019-07-24 15:21:56 -04:00
Nick Mathewson
89a3051365 Lower responsibility for listing changed options into confparse.c 2019-07-24 15:21:56 -04:00
Nick Mathewson
7e91d4f572 Replace config_find_option with a variant that exposes less 2019-07-24 15:21:56 -04:00
Nick Mathewson
769fe81717 Start teaching config_mgr_t to handle sub-objects and sub-formats
The eventual design here will be that multiple config_format_t
objects get registered with a single config_mgr_t.  That
config_mgr_t manages a "top-level" object, which has a pointer to
the other objects.

I had earlier thought of a different design, where there would be no
top-level object, and config_mgr_t would deal with a container
instead.  But this would require a bunch of invasive refactoring
that I don't think we should do just yet.
2019-07-24 15:21:56 -04:00
Nick Mathewson
e8dc513bd0 Add a config_mgr_t type to wrap config_format_t
Remember that our goal in the present refactoring is to allow each
subsystem to declare its own configuration structure and
variables.  To do this, each module will get its own
config_format_t, and so we'll want a different structure that wraps
several config_format_t objects.  This is a "config_mgr_t".
2019-07-24 15:21:56 -04:00
Nick Mathewson
167d873bde Fix clang-detected errors related to log_domain_mask_t 2019-07-24 09:08:48 -04:00
George Kadianakis
2944b091fc Merge branch 'maint-0.4.1' 2019-07-24 12:32:06 +03:00
George Kadianakis
bb33a2f290 Merge branch 'tor-github/pr/1181' into maint-0.4.1 2019-07-24 12:31:56 +03:00
George Kadianakis
91f04d006b Merge branch 'tor-github/pr/1165' 2019-07-24 12:29:57 +03:00
Nick Mathewson
ab1f82ea2a Merge branch 'ticket24963_042_02' 2019-07-23 14:03:30 -04:00
Nick Mathewson
df12ff3dea Add a test for disallowing single-hop introductions.
Code from dgoulet.
2019-07-23 12:42:33 -04:00
Nick Mathewson
f14ce4bce6 Allow NULL circ->p_chan in circuit_is_suitable_for_introduce1()
This shouldn't be possible while Tor is running, but the tests can
hit this code.  Rather than force the tests to add a dummy channel
object, let's just tolerate their incompletely built circuits.
2019-07-23 12:36:40 -04:00
Nick Mathewson
ab1f39322c Merge remote-tracking branch 'tor-github/pr/1185' 2019-07-23 12:32:14 -04:00
Nick Mathewson
f6db290e5a Merge remote-tracking branch 'tor-github/pr/1186' 2019-07-23 12:30:19 -04:00
David Goulet
ef2dd1ba96 Merge branch 'tor-github/pr/1116' 2019-07-23 09:46:29 -04:00
David Goulet
2fce1274de Merge branch 'tor-github/pr/1153' 2019-07-23 09:43:36 -04:00
David Goulet
f7dc920f4b Merge branch 'maint-0.4.1' 2019-07-23 09:39:51 -04:00
David Goulet
c541258fac Merge branch 'tor-github/pr/1158' into maint-0.4.1 2019-07-23 09:39:43 -04:00
George Kadianakis
fdfee3d06f Changes file for #31113. 2019-07-23 12:44:43 +03:00
pulls
c2f6064325 Improve circpad documentation.
Patch by Tobias Pulls.
2019-07-23 12:44:43 +03:00
George Kadianakis
5aa526c2d8 circpad: some more logging changes.
- Add an info log when receiving a STOP command.
- Keep warning if we receive padding from a wrong hop.
2019-07-23 12:22:26 +03:00
Mike Perry
a3089662c0 More LOG_PROTOCOL_WARN.
Make origin-side messages about padding negotiation failure into
LOG_PROTOCOL_WARN.

I'm not sure I like this either.. But the negotiation refusal case might
happen naturally due to consensus drift, and is functionally no different than
a corrupted cell.
2019-07-23 12:22:25 +03:00
Mike Perry
86f298441b Make some warns into protocol warns
I'm not sure I agree with this option.
2019-07-23 12:22:24 +03:00
Mike Perry
ec38b662f2 Bug 30649: Changes file. 2019-07-23 12:22:23 +03:00
Mike Perry
065f25c2ce Bug 30649: Check that machine is absent before warn 2019-07-23 12:22:15 +03:00
George Kadianakis
aed82bf410 Add changes file for #31112 and #31098. 2019-07-23 11:52:25 +03:00
pulls
fd1f285189 transition when we send our first padding packet, not on received 2019-07-23 11:52:25 +03:00
pulls
5f95b37f6c remove specified target_hopnum from relay-side machines (only for origin-side machines) 2019-07-23 11:52:25 +03:00
Neel Chauhan
232aa8570d Space out first connection_edge_process_relay_cell() line in circuit_receive_relay_cell() 2019-07-19 20:50:25 -04:00
Nick Mathewson
5fb070a14d Extract the log_domain_t type to a lower-level header
This way, both err and log may depend on it.
2019-07-19 10:17:22 -04:00
Nick Mathewson
f682de609b Adjust tor_log.rs for 64-bit log domains. 2019-07-19 10:07:32 -04:00
Nick Mathewson
a9379d6750 Set 'routerlist' global to NULL before freeing it.
There is other code that uses this value, and some of it is
apparently reachable from inside router_dir_info_changed(), which
routerlist_free() apparently calls.  (ouch!)  This is a minimal fix
to try to resolve the issue without causing other problems.

Fixes bug 31003. I'm calling this a bugfix on 0.1.2.2-alpha, where
the call to router_dir_info_changed() was added to routerlist_free().
2019-07-19 09:49:52 -04:00
Nick Mathewson
8bbec36b3b Changes file for bug 31001 2019-07-19 09:21:45 -04:00
Tobias Stoeckmann
17458a87d7 Prevent UB on signed overflow.
Overflowing a signed integer in C is an undefined behaviour.
It is possible to trigger this undefined behaviour in tor_asprintf on
Windows or systems lacking vasprintf.

On these systems, eiter _vscprintf or vsnprintf is called to retrieve
the required amount of bytes to hold the string. These functions can
return INT_MAX. The easiest way to recreate this is the use of a
specially crafted configuration file, e.g. containing the line:

FirewallPorts AAAAA<in total 2147483610 As>

This line triggers the needed tor_asprintf call which eventually
leads to an INT_MAX return value from _vscprintf or vsnprintf.

The needed byte for \0 is added to the result, triggering the
overflow and therefore the undefined behaviour.

Casting the value to size_t before addition fixes the behaviour.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
2019-07-19 09:21:32 -04:00
Nick Mathewson
97d73db7c3 Changes file for bug 31001 2019-07-19 09:21:08 -04:00
Tobias Stoeckmann
0d4a689d3a Prevent UB on signed overflow.
Overflowing a signed integer in C is an undefined behaviour.
It is possible to trigger this undefined behaviour in tor_asprintf on
Windows or systems lacking vasprintf.

On these systems, eiter _vscprintf or vsnprintf is called to retrieve
the required amount of bytes to hold the string. These functions can
return INT_MAX. The easiest way to recreate this is the use of a
specially crafted configuration file, e.g. containing the line:

FirewallPorts AAAAA<in total 2147483610 As>

This line triggers the needed tor_asprintf call which eventually
leads to an INT_MAX return value from _vscprintf or vsnprintf.

The needed byte for \0 is added to the result, triggering the
overflow and therefore the undefined behaviour.

Casting the value to size_t before addition fixes the behaviour.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
2019-07-19 09:17:25 -04:00
Nick Mathewson
3efe5cc57a changes file for 30752 2019-07-18 09:28:08 -04:00
Nick Mathewson
d6a3636cdc Add a TOR_DISABLE_PRACTRACKER envvar for use by folks who don't care
Fixes part of bug 30752
2019-07-18 09:28:08 -04:00
Nick Mathewson
6303c9aa26 Practracker: add tolerances for exceptions
When an exception is present, we can now violate the limit by a little
bit and only produce a warning.  The strict flag overrides this
behavior.

I've given file sizes a 2% tolerances and function sizes/include
counts a 10% tolerance.

Part of 30752
2019-07-18 09:28:08 -04:00
Nick Mathewson
a5e1fa3a03 Practracker: add a --list-overstrict option
This option lists every exception that is stricter than it needs to
be.

Part of 30752
2019-07-18 09:28:08 -04:00
Nick Mathewson
78768aafe1 Changes file for 29746. 2019-07-18 09:28:08 -04:00
Nick Mathewson
43f163de80 Practracker: improve exclude-directory logic
Instead of excluding directories at the last minute if they happen
to appear in our filenames, we exclude them early, before recursing
into all their subdirectories.

Part of 29746.
2019-07-17 14:33:49 +02:00
Nick Mathewson
f93057fc0a Pracktracker: give the number of new errors found.
Part of 29746.
2019-07-17 14:33:49 +02:00
Nick Mathewson
86d3d310f5 Practracker: allow tabs in include lines
This isn't actually something that Tor does, but it's cleaner to do
it this way.  Part of 29746.
2019-07-17 14:33:49 +02:00
Nick Mathewson
4c09532996 Fix practracker_tests.py and practracker line counting.
The practracker_tests.py unit test file called a function by its old
name.

Also, practracker counted functions as starting one line after the
function name, and ending with the closing brace.  Now they start
with the open brace and end with the closing brace.
2019-07-17 14:33:49 +02:00