Commit Graph

25123 Commits

Author SHA1 Message Date
Nick Mathewson
7e7a4874b8 test_addr.c: use COCCI to suppress macros coccinelle cannot parse. 2019-10-22 09:32:13 -04:00
Nick Mathewson
0da349aa5e test.h: Use COCCI to suppress macros Coccinelle does not understand. 2019-10-22 09:32:13 -04:00
Nick Mathewson
0b862a7616 threads.h: coccinelle cannot understand a macro. 2019-10-22 09:32:13 -04:00
Nick Mathewson
4346e5569e ctassert.h: fix CTASSERT_DECL so coccinelle can parse it. 2019-10-22 09:32:13 -04:00
Nick Mathewson
189375fb5d ratelim.h: use COCCI to hide an initializer. 2019-10-22 09:32:13 -04:00
Nick Mathewson
c77f57d37b util_bug.h: Coccinelle does not understand IF_BUG_ONCE or #nodef. 2019-10-22 09:32:13 -04:00
Nick Mathewson
fb4b6b6436 weakrng.h: use COCCI to hide a macro coccinelle cannot parse. 2019-10-22 09:32:13 -04:00
Nick Mathewson
d1cdb1a24e Use STMT_BEGIN/END in parse_int.c so coccinelle can handle it. 2019-10-22 09:32:13 -04:00
Nick Mathewson
41f44d8760 smartlist.h: use COCCI to hide SMARTLIST_FOREACH_JOIN from Coccinelle 2019-10-22 09:32:13 -04:00
Nick Mathewson
514c61e406 namemap_st.h: Use COCCI to hide an initializer. 2019-10-22 09:32:13 -04:00
Nick Mathewson
2695f7e68c timeval.h: Coccinelle cannot understand timercmp. 2019-10-22 09:32:13 -04:00
Nick Mathewson
9f50a92a7e Fix a macro in address.c so coccinelle can understand it 2019-10-22 09:32:13 -04:00
Nick Mathewson
0abe89519b timers.c: define TIMEOUT_PUBLIC to no tokens when using COCCI. 2019-10-22 09:32:13 -04:00
Nick Mathewson
9453746b5e dispatch_naming.c: when COCCI is defined, disable unparseable macros. 2019-10-22 09:32:13 -04:00
Nick Mathewson
04a74d4aa7 conftesting.h: when COCCI is defined, disable unhandled macros 2019-10-22 09:32:13 -04:00
Nick Mathewson
3e41459dff confmacros.h: fix coccinelle parsing. 2019-10-22 09:32:13 -04:00
Nick Mathewson
54c5366aa1 feature/control: wrap some problem macros in COCCI 2019-10-22 09:32:13 -04:00
Nick Mathewson
ef5d1e6b65 consdiff disable a macro when running with COCCI 2019-10-22 09:32:13 -04:00
Nick Mathewson
d9bad0203b Disable a couple of iterator macros when COCCI is defined. 2019-10-22 09:32:13 -04:00
Nick Mathewson
67247fa9ac Use various COCCI tests to get mainloop.c to parse. 2019-10-22 09:32:13 -04:00
Nick Mathewson
4fad456148 test: Hide some test-declaration macro definitions to COCCI.
(These ones cause parsing failures.)
2019-10-22 09:32:13 -04:00
Nick Mathewson
c1e8e5bb32 Apparently coccinelle can't handle multiline #errors. 2019-10-22 09:32:13 -04:00
Nick Mathewson
b03c8c74ce COCCI: Disable some buffers.c macros that coccinelle can't handle. 2019-10-22 09:32:13 -04:00
Nick Mathewson
b867e97ce6 With COCCI defined, avoid PERIODIC_EVENT.
Coccinelle doesn't understand the particular pattern of token
pasting we have going on here.
2019-10-22 09:32:05 -04:00
Nick Mathewson
48be922160 COCCI: disable DOWLOAD_SCHEDULE macro 2019-10-22 09:31:31 -04:00
Nick Mathewson
630d8c7a1a With coccinelle, avoid includes in the middle of an expression. 2019-10-22 09:24:25 -04:00
Nick Mathewson
9871fcbcd9 Use #warning instead of #warn: one is C and one isn't. 2019-10-22 09:24:25 -04:00
Nick Mathewson
2d013bbe5c Merge remote-tracking branch 'tor-github/pr/1417' 2019-10-22 08:36:32 -04:00
Nick Mathewson
4413b030f2 Simplify CHECK_DEFAULT() logic a little further.
Since each of these tests only applies to testing networks, put them
all into a single block that checks for testing networks.

(I recommend reviewing with the "diff -b" option, since the change
is mostly indentation.)
2019-10-22 08:32:33 -04:00
Nick Mathewson
8d84e10e87 Make options_validate() no longer use its "defaults" argument.
It can just look at what the defaults are.

Closes ticket 32185.
2019-10-22 08:30:00 -04:00
Nick Mathewson
a1d5341374 Merge branch 'bug32175' 2019-10-22 07:51:30 -04:00
Nick Mathewson
65e80ce646 Merge branch 'from_setconf_removal_squashed' 2019-10-22 07:50:42 -04:00
Nick Mathewson
6d15fab2dc Extract log-granularity code into its own function.
This pleases practracker.
2019-10-22 07:50:13 -04:00
Nick Mathewson
9ac2c71cbd Add tests for options_init_logs() 2019-10-22 07:50:13 -04:00
Nick Mathewson
f4fc633937 Make a pair of add_*_log() functions mockable. 2019-10-22 07:50:13 -04:00
Nick Mathewson
ac3136a6fb Make options_init_logs STATIC for testing. 2019-10-22 07:50:13 -04:00
Nick Mathewson
98c3b3bb4c Update tests to handle new interpretation of quiet_level.
Two things needed to be changed.  First, we used to set quiet_level
to the default (QUIET_NONE) when running tests, since we would not
call anything that acted based upon it.  But since we sometimes call
options_init_logs(), we need to pre-set quiet_level to QUIET_SILENT
in the logs so that we don't add the default logs.  This did not
cause test failure: just unwanted logs.

Second, we had a test that checked whether options_validate was
messing with options->Logs correctly.  Since options_validate no
longer messes with the logs, we no longer want a test for this.
2019-10-22 07:50:13 -04:00
Nick Mathewson
e07b19d305 Rationalize handling of quiet_level in config.c
Formerly, we would use quiet_level as an excuse to rewrite the log
configuration, adding a default log line if none existed, and if
RunAsDaemon was not set, and if we were not being invoked via
setconf (!).

This is against our best practices for several reasons:
  * We should not be changing configured options except when the
    user tells us to do so.
  * We should especially not be changing options in the options_validate
    function.
  * Distinguishing whether we are being called from setconf adds a
    risky special-case.

Instead, this patch take a simpler approach: it changes the
interpretation of having no logging lines set to mean: If there is a
stdout, add a default log based on quiet_level.

Solves ticket 31999.
2019-10-22 07:50:13 -04:00
Nick Mathewson
cb13930f2b Fix a memory leak introduced by the changes to test_options.c
Since this code passes the same options to options_validate() more
than once, options_validate() needs to be prepared for that.  (This
previously worked by accident, since the smartlist of schedulers
wasn't initialized.)
2019-10-21 18:28:53 -04:00
Nick Mathewson
bd518b9ab1 Fix a memory leak introduced by changes to test_options.c
Since the FirewallPorts smartlist is now initialized, we can't just
overwrite it.
2019-10-21 18:28:08 -04:00
Nick Mathewson
5e2ffd6fd7 Fix up some Windows CI issues. 2019-10-21 15:31:56 -04:00
Nick Mathewson
171a741901 test_options.c: Remove TEST_OPTIONS_DEFAULT_VALUES
This finally became the empty string, since we no longer have to do
anything in individual test_options.c tests to make "" be a valid
set of options.  Now we can remove it at last.
2019-10-21 14:41:27 -04:00
Nick Mathewson
8a8d748837 Stop overriding ConnLimit in tests.
Now that ConnLimit is set to the default value in the
testing helper functions, the individual tests don't all need to
make sure it is set to something valid.
2019-10-21 14:27:55 -04:00
Nick Mathewson
56dddcbbcc test_options.c: remove weird usage of ConnLimit
Several of our tests assumed that ConnLimit would be set to 0 by
default, causing the default options not to be parseable.  These
tests had nothing to do with ConnLimit.
2019-10-21 14:24:58 -04:00
Nick Mathewson
78bf011663 Stop overriding MaxClientCircuitsPending in tests.
Now that MaxClientCircuitsPending is set to the default value in the
testing helper functions, the individual tests don't all need to
make sure it is set to something valid.
2019-10-21 14:19:19 -04:00
Nick Mathewson
b501cd907f test_options.c: remove weird usage of MaxClientCircuitsPending
Several of our tests assumed that MaxClientCircuitsPending would be
set to 0 by default, causing the default options not to be
parseable.  These tests had nothing to do with
MaxClientCircuitsPending.
2019-10-21 14:16:59 -04:00
Nick Mathewson
b6efe37661 Stop overriding KeepalivePeriod in tests.
Now that KeepalivePeriod is set to the default value in the testing
helper functions, the individual tests don't all need to make sure
it is set to something valid.
2019-10-21 14:14:49 -04:00
Nick Mathewson
79cd591228 test_options.c: remove weird usage of KeepalivePeriod.
Several of our tests assumed that KeepalivePeriod would be set to 0
by default, causing the default options not to be parseable.  These
tests had nothing to do with KeepalivePeriod.
2019-10-21 14:12:59 -04:00
Nick Mathewson
3f9920975f Remove a lot of cruft from TEST_OPTIONS_DEFAULT_VALUES.
This macro used to have a big list of "default" values that we
needed to set in the test_options tests in order to have reasonable
behavior.  But now that we initialize options objects to the default
settings in these tests, we no longer need such a long list of
things to replace.
2019-10-21 14:12:59 -04:00
Nick Mathewson
a10e4d737e test_options: use testing options with (almost) real defaults.
Previously, we just used options set to all 0s, but this causes some
pretty severe workarounds throughout the code, as our options fail
to validate, or count as "default" for the wrong reasons.

Note that in some places, we stop getting spurious warnings or
failures which the tests previously demanded.  In these cases, I've
changed the test behavior.

Fixes 32175.
2019-10-21 14:12:59 -04:00
Nick Mathewson
8378ad29e6 routermode.h: turn a comment into a doxygen comment. 2019-10-21 12:47:17 -04:00
Nick Mathewson
7dc78aca29 Merge remote-tracking branch 'tor-github/pr/1430' 2019-10-21 12:43:26 -04:00
Roger Dingledine
a7ccd9a997 respect accountingmax during soft hibernation
Relays now respect their AccountingMax bandwidth again. When relays
entered "soft" hibernation (which typically starts when we've hit
90% of our AccountingMax), we had stopped checking whether we should
enter hard hibernation. Soft hibernation refuses new connections and
new circuits, but the existing circuits can continue, meaning that
relays could have exceeded their configured AccountingMax.

This commit rolls back some of the cpu-saving fixes, where we tried
to avoid calling so many of our events while we're off the network.

That's because PERIODIC_EVENT_FLAG_NEED_NET checks net_is_disabled(),
which returns true even if we're only in soft hibernation.

Fixes bug 32108; bugfix on 0.4.0.1-alpha.
2019-10-21 04:14:42 -04:00
teor
7a72e71f74
Merge remote-tracking branch 'tor-github/pr/1434' 2019-10-21 15:24:22 +10:00
teor
4fde7699ee
test/getinfo: Remove unnecessary test code
Fix for 31684.
2019-10-21 14:21:41 +10:00
teor
92fa5239fc
control/getinfo: Use standard error handling
Use BUG() for coding errors, and `< 0` for error checks.

Fix to 31684.
2019-10-21 13:57:02 +10:00
teor
3b2525c375
Fix changes file and string typos
Part of 31684.
2019-10-21 13:56:58 +10:00
AmreshVenugopal
6413b2102f
control: Add GETINFO support for dumping microdesc consensus
- Allows control port to read microdesc consensus using:
GETINFO dir/status-vote/microdesc/consensus

add: Helper function `getinfo_helper_current_consensus`
test: check if GETINFO commands return expected consensus data.

Resolves 31684.
2019-10-21 13:54:55 +10:00
teor
77c85360f6
Merge branch 'maint-0.4.2' 2019-10-21 13:28:04 +10:00
teor
3539fdfd7a
Merge remote-tracking branch 'tor-github/pr/1168' 2019-10-21 13:09:48 +10:00
teor
04e9e74f1d
Merge remote-tracking branch 'tor-github/pr/1422' into maint-0.4.2 2019-10-21 13:07:39 +10:00
teor
a1f73cb93d
Merge branch 'maint-0.4.2' 2019-10-21 09:45:34 +10:00
teor
5dbdca0114
Merge remote-tracking branch 'tor-github/pr/1432' into maint-0.4.2 2019-10-21 09:45:18 +10:00
teor
5c8ecf364a
Merge remote-tracking branch 'tor-github/pr/1354' into maint-0.4.2 2019-10-21 09:44:42 +10:00
teor
042116e1fd
Merge branch 'maint-0.4.2' 2019-10-20 22:09:00 +10:00
teor
02e3e8eda5
hibernate: Fix repeated "bytes" in comment 2019-10-20 22:08:23 +10:00
teor
475dffee42
dirauth: Add a macro comment to have_module_dirauth() 2019-10-20 20:26:12 +10:00
teor
b266a804e9
test/parseconf: Add basic dirauth and bridgeauth tests
Part of 32123.
2019-10-20 20:25:58 +10:00
teor
0501ce9f13
test/parseconf: Expect different outputs when relay mode is disabled
Part of 32123.
2019-10-20 20:25:54 +10:00
teor
cf2b00d3f5
test/rebind: Make control formatting and log parsing more robust
* actually sleep when tor has not logged anything
* log at debug level when waiting for tor to log something
* backslash-replace bad UTF-8 characters in logs
* format control messages as ASCII: tor does not accept UTF-8 control commands

Fixes bug 31837; bugfix on 0.3.5.1-alpha.
2019-10-20 20:09:35 +10:00
teor
0a5ce8280c err: Use the correct type for cb_buf
Fixes bug 32060; bug not in any released version of tor.

Resolves CID 1454761.
2019-10-20 20:01:56 +10:00
Roger Dingledine
aab5d90858 Merge branch 'maint-0.4.2' 2019-10-20 05:56:16 -04:00
Roger Dingledine
8b4d7447ae fix easy typos 2019-10-20 05:52:32 -04:00
teor
012c44538c
test: Skip test scripts that require the relay module
When tor is built without the relay module.

Part of 32123.
2019-10-20 19:26:59 +10:00
teor
e2280d6f84
relay: Silence compiler warnings when relay mode is disabled
Part of 32123.
2019-10-20 19:26:55 +10:00
teor
57e86a6d74
relay: Implement HAVE_MODULE_RELAY for routermode.c
Part of 32123.
2019-10-20 19:26:48 +10:00
teor
7944b55ad1 feature: Move proxy_mode() into new files
proxy_mode() was in routermode.[ch], but it's actually a client
mode. Move it into client/proxymode.[ch].

Part of 32123.
2019-10-20 17:52:38 +10:00
Nick Mathewson
264c5312eb Merge branch 'maint-0.4.2' 2019-10-18 12:32:49 -04:00
Nick Mathewson
0994050c4a Merge remote-tracking branch 'tor-github/pr/1426' into maint-0.4.2 2019-10-18 12:32:29 -04:00
Nick Mathewson
7c5716d162 Merge branch 'maint-0.4.2' 2019-10-18 12:27:49 -04:00
Nick Mathewson
57c4af16f0 Merge remote-tracking branch 'tor-github/pr/1396' into maint-0.4.2 2019-10-18 12:27:39 -04:00
Nick Mathewson
fbd2fef220 Merge branch 'maint-0.4.2' of git-rw.torproject.org:/tor into maint-0.4.2 2019-10-18 12:25:55 -04:00
teor
1697019d5f
core: tabify a line in include.am 2019-10-18 16:56:50 +10:00
teor
d616214e47
Merge branch 'maint-0.4.2' 2019-10-18 12:05:20 +10:00
Alexander Færøy
389b37246e Remove overly strict assertions in transports.c.
This patch removes an overly strict tor_assert() and an ignorable BUG()
expression. Both of these would trigger if a PT was unable to configure
itself during startup. The easy way to trigger this is to configure an
obfs4 bridge where you make the obfs4 process try to bind on a port
number under 1024.

See: https://bugs.torproject.org/31091
2019-10-17 21:33:54 +02:00
Alexander Færøy
4ed06acb2a Add test to check if the exit callback is called in process_t upon process_exec() failures.
This patch adds a test to check for whether the exit callback is always
called when process_exec() fails, both on Windows and Unix.

See: https://bugs.torproject.org/31810
2019-10-17 20:52:32 +02:00
Alexander Færøy
7a64f6ea04 Ensure that the exit callback is called if CreateProcessA() fails on Windows.
This patch fixes an issue where the exit handler is not called for the
given process_t in case CreateProcessA() fails. This could, for example,
happen if the user tries to execute a binary that does not exist.

See: https://bugs.torproject.org/31810
2019-10-17 20:52:27 +02:00
Alexander Færøy
85b4a5c276 Handle errors from execve() in the Unix process backend more gracefully.
This patch removes a call to tor_assert_unreached() after execve()
failed. This assertion leads to the child process emitting a stack trace
on its standard output, which makes the error harder for the user to
demystify, since they think it is an internal error in Tor instead of
"just" being a "no such file or directory" error.

The process will now instead output "Error from child process: X" where
X is the stringified version of the errno value.

See: https://bugs.torproject.org/31810
2019-10-17 20:52:22 +02:00
Nick Mathewson
db18ff9120 Move code to add default log into quiet_level.c
I'm about to unify the code for handling this between main.c and
config.c.
2019-10-17 12:48:39 -04:00
Nick Mathewson
3a73f6612a Replace add_temp_log() with add_default_log().
We used to have this function so that we could mark our initial
log-to-stdout as specifically temporary so that we would delete it
once regular logs were configured.  But it's no longer necessary to
mark these logs as temporary, since we now use a mark-and-sweep
process to ensure that _all_ not-configured logs are closed when we
change our configuration.

Instead, this function will be the basis of a refactoring in how we
handle default logs.
2019-10-17 12:30:52 -04:00
Nick Mathewson
800b823c29 Merge branch 'cmdline_refactor' 2019-10-17 12:01:45 -04:00
Nick Mathewson
d97d7f0e48 Use an enum for quiet_level. 2019-10-17 12:01:40 -04:00
Nick Mathewson
b9f002dec6 Rename CMD_OTHER to CMD_IMMEDIATE 2019-10-17 12:01:40 -04:00
Nick Mathewson
d15223a385 fixup! Print the error message for --dump-config even if no arguments are given.
Fix a spelling error.
2019-10-17 12:01:40 -04:00
Nick Mathewson
763d955a17 Add a test for a command-line option without a value. 2019-10-17 12:01:40 -04:00
Nick Mathewson
bfdfaae040 Move responsibility for setting the "quiet level" into a table.
Previously this was done with a big list of options in main.c which
implied "hush" or "quiet".  One of these options ("--digests") no
longer existed, but we still checked for it.

Now we use the table of command-line-only arguments to set this
value.
2019-10-17 12:01:40 -04:00
Nick Mathewson
c529b3f8f1 Make the command-line parser understand "commands".
Previously these were implemented with a search in
options_init_from_torrc(), but that led to each option being
declared more than needed: once to say that it was a valid option,
and once to say what it meant.
2019-10-17 12:01:40 -04:00
Nick Mathewson
9826fb1981 Add a return type for the parsed commandline.
Previously it was stored in two outvars, but this is more
elegant. I'm going to be expanding this struct in later commits.
2019-10-17 12:01:40 -04:00
David Goulet
52bf54ecd4 hs-v3: Add a series of decoding error code
This commit introduces the hs_desc_decode_status_t enum which aims at having
more fine grained error code when decoding a descriptor.

This will be useful in later commits when we support keeping a descriptor that
can't be decrypted due to missing or bad client authorization creds.

No behavior change.

Part of #30382.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-10-17 11:31:03 -04:00
David Goulet
8e0d9189c5 hs-v3: Helper function to find all entry connections
No code behavior change. This removes duplicate code that was finding all
entry connections for a specific onion service identity key.

The find_entry_conns() helper function is introduced for that.

Part of #30382

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-10-17 11:31:03 -04:00
David Goulet
4a8d491322 mainloop: Disable periodic events before a destroy
When tearing down all periodic events during shutdown, disable them first so
their enable flag is updated.

This allows the tor_api.h to relaunch tor properly after a clean shutdown.

Fixes #32058

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-10-17 10:11:32 -04:00
David Goulet
84162c1d33 socks: Send back extended error code if set
This commit defines the new extended error codes. It also flags the socks
request object that it can use them.

Part of #30382

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-10-17 08:52:58 -04:00
David Goulet
78a9158bf0 socks: Add SocksPort flag ExtendedErrors
This new flag tells tor that it can send back the SOCKS5 extended error code
detailed in prop304.

Part of #30382

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-10-17 08:52:21 -04:00
Nick Mathewson
5c09230b45 hs_cache.c: fix HTML tags in doxygen comments. 2019-10-17 08:27:17 -04:00
Nick Mathewson
39cf575ed4 Merge remote-tracking branch 'tor-github/pr/1416' 2019-10-17 08:25:11 -04:00
Nick Mathewson
3430b487d6 hs_cell.[ch]: repair doxygen. 2019-10-16 12:08:38 -04:00
Nick Mathewson
6a2057a9f2 or_options_st.h: repair some doxygen comments. 2019-10-16 12:05:17 -04:00
Nick Mathewson
18ea8855f2 shared_random.[ch]: repair doxygen comments 2019-10-16 12:04:53 -04:00
Nick Mathewson
17b88241db hs_cache.[ch]: repair doxygen comments. 2019-10-16 11:57:44 -04:00
Tobias Stoeckmann
d91ad5112e Check tor_vasprintf for error return values.
In case of error, a negative value will be returned or NULL written into
first supplied argument.

This patch uses both cases to comply with style in the specific files.

A tor_vasprintf error in process_vprintf would lead to a NULL dereference
later on in buf_add, because the return value -1 casted to size_t would
pass an assertion check inside of buf_add.

On the other hand, common systems will fail on such an operation, so it
is not a huge difference to a simple assertion. Yet it is better to
properly fail instead of relying on such behaviour on all systems.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
2019-10-16 17:56:12 +02:00
Nick Mathewson
1b66668e26 hs_client.[ch]: fix doxygen comments by using /**. 2019-10-16 11:51:47 -04:00
Nick Mathewson
06367299c2 shared_random_state.[ch]: Repair a bunch of doxygen comments
These need to start with /**, not /*.
2019-10-16 11:44:30 -04:00
Nick Mathewson
123fe6bdc5 hs_common.[ch]: repair doxygen comments by replacing /* with /** 2019-10-16 11:39:10 -04:00
Nick Mathewson
2127d797e9 hs_descriptor.[ch]: repair doxygen comments.
These are yet more that were not made with "/**"
2019-10-16 11:33:03 -04:00
Nick Mathewson
ca26ea03fc hs_service.c: repair doxygen comments 2019-10-16 11:26:20 -04:00
Nick Mathewson
0e9e5c37b7 hs_service.h: repair doxygen comments. 2019-10-16 11:18:43 -04:00
Nick Mathewson
ba44423cfc address_set.c: doxygen comment repair. 2019-10-16 11:15:25 -04:00
Nick Mathewson
a54c98007a channel.h: fix various doxygen warnings
There were a bunch of items where the doxygen comments were
formatted incorrectly (with /* instead of /**)
2019-10-16 11:11:43 -04:00
Nick Mathewson
ce0739314b voting_schedule: fix doxygen comments to use /**
Previously some of the comments here used /*.
2019-10-16 11:08:34 -04:00
Nick Mathewson
87afe5c260 Rename authcert_members.i to .h, and have it define a macro.
Including a file in the middle of a declaration seems to confuse
Doxygen, and Coccinelle doesn't much like it either.l
2019-10-16 10:53:01 -04:00
Nick Mathewson
f9fac733b9 Doxygen: Fix things that looked like links.
Doxygen thinks that saying #foo is linking to a "foo" anchor
someplace.
2019-10-16 08:44:35 -04:00
Nick Mathewson
591420df20 Doxygen: fix unrecognized commands.
Doxygen seems to interpret anything starting with \ as a command,
even when we don't mean it that way.
2019-10-16 08:39:41 -04:00
Nick Mathewson
98735c40b6 Doxygen: fix warnings about mismatched HTML tags. 2019-10-16 08:27:03 -04:00
Nick Mathewson
5e5e655e32 Doxygen: Fix mismatched filenames.
In 8 places, our \file declarations didn't match the actual files
they were in.
2019-10-16 08:18:26 -04:00
David Goulet
09e6c0f7c7 hs-v3: Fix possible memory leak in error code path
Found by coverity CID 1454769.

There were a second possible leak that is also fixed in this commit.

Fixes #32063

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-10-15 08:54:11 -04:00
Nick Mathewson
6bbeb08f92 Merge branch 'maint-0.4.2' 2019-10-14 15:55:27 -04:00
Nick Mathewson
eebd2d44a1 Merge remote-tracking branch 'tor-github/pr/1393' into maint-0.4.2 2019-10-14 15:55:13 -04:00
Nick Mathewson
9201bbd96c Replace a unicode character which doxygen cannot handle.
Merging without review, as this is an editorial fix in a comment.
2019-10-14 14:05:50 -04:00
Nick Mathewson
61fe3f448c Bump master to 0.4.3.0-alpha-dev. 2019-10-11 17:15:04 -04:00
Nick Mathewson
2e5724d153 Merge branch 'ticket31682_042_01_squashed' 2019-10-11 10:21:58 -04:00
Nick Mathewson
46efc0ff35 Correct comment on build_establish_intro_dos_extension 2019-10-11 10:21:45 -04:00
David Goulet
b356b3907a hs-v3: Fix implicit ssize_t to size_t conversion
Found by Coverity.

Fixes #31682

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-10-11 10:20:36 -04:00
Nick Mathewson
0d82a8be77 Merge remote-tracking branch 'tor-github/pr/1394' 2019-10-09 16:44:12 -04:00
Nick Mathewson
ab064cf762 Merge remote-tracking branch 'tor-github/pr/1399' 2019-10-09 16:37:47 -04:00
Nick Mathewson
755f001600 Merge remote-tracking branch 'tor-github/pr/1401' 2019-10-09 16:29:46 -04:00
Nick Mathewson
99809834a7 Merge branch 'bug30344_squashed_035' 2019-10-09 16:26:31 -04:00
George Kadianakis
841cff6e4f Stop libevent from reading data from closed connections.
Code adapted from Rob's proposed patch in #30344.

Also add a comment in connection_mark_for_close_internal_() on why we should
not be adding extra code there without a very good reason.
2019-10-09 16:24:49 -04:00
Neel Chauhan
7c1b2fceb7 test: New behavior on IP retry for HSv3
Unit test for #31652 where if we are over the retry limit for the IP but we
have an established circuit, we don't remove the IP.

Part of #31652
2019-10-08 17:02:47 -04:00
David Goulet
f50de3a918 hs-v3: Do not remove intro point if circuit exists
When considering introduction point of a service's descriptor, do not remove
an intro point that has an established or pending circuit.

Fixes #31652

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-10-08 17:02:47 -04:00
Nick Mathewson
911b16e6e7 config.c: make a couple of arguments const.
These functions do not modify their inputs, so they can take const
arguments.
2019-10-08 12:59:22 -04:00
Nick Mathewson
bd5ce112c9 Use C99 struct-initializer syntax in COMMANDLINE_ONLY_OPTIONS
I'm about to add more fields to this table, and this syntax change
will make it easier to do so.
2019-10-08 12:59:22 -04:00
Nick Mathewson
6cea2bd498 Document takes_argument_t and its members. 2019-10-08 12:59:22 -04:00
Nick Mathewson
4c25ea6703 Rename TAKES_NO_ARGUMENT to ARGUMENT_NONE.
I'm doing this for consistency, so that all the values for this enum
have the same prefix.

This is an automated commit, generated by the following shell commands:

for fn in $(git ls-tree --name-only -r HEAD src |grep '\.[ch]$'); do \
    perl -i -pe 's!\bTAKES_NO_ARGUMENT\b!ARGUMENT_NONE!g;' "$fn"; \
done
2019-10-08 12:59:22 -04:00
Nick Mathewson
c42a79499a Extract the enumeration that tells Tor what command it is running. 2019-10-08 12:59:18 -04:00
George Kadianakis
081bd37315 Fix flapping of test_service_intro_point() unittest. 2019-10-08 19:00:43 +03:00
Nick Mathewson
7a26f14a37 Merge remote-tracking branch 'tor-github/pr/1317' 2019-10-07 10:23:44 -04:00
Nick Mathewson
56e8d84ea3 Merge branch 'ticket31548_035_01_squashed' 2019-10-07 10:21:40 -04:00
David Goulet
984a28f3e5 hs-v3: Make service pick the exact amount of intro points
When encoding introduction points, we were not checking if that intro points
had an established circuit.

When botting up, the service will pick, by default, 3 + 2 intro points and the
first 3 that establish, we use them and upload the descriptor.

However, the intro point is removed from the service descriptor list only when
the circuit has opened and we see that we have already enough intro points, it
is then removed.

But it is possible that the service establishes 3 intro points successfully
before the other(s) have even opened yet.

This lead to the service encoding extra intro points in the descriptor even
though the circuit is not opened or might never establish (#31561).

Fixes #31548

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-10-07 10:20:09 -04:00
Nick Mathewson
58b87a2c59 Merge remote-tracking branch 'tor-github/pr/1379' 2019-10-07 10:15:46 -04:00
Nick Mathewson
5fb5019a94 bump to 0.4.2.2-alpha-dev 2019-10-07 09:32:26 -04:00
Nick Mathewson
fdfb4b196b Use {mock,unmock}_hostname_resolver() in relevant tests
These tests all invoke the hostname resolver in one way or another,
and therefore potentially block if our DNS server is missing,
absent, or extremely slow.  Closes ticket 31841.
2019-10-04 08:03:19 -04:00
Nick Mathewson
4a0749596c Add a mock replacement for blocking hostname resolution
Based on examination of our tests, this mock function accepts
"localhost" and "torproject.org", and rejects everything else.
2019-10-04 08:03:19 -04:00
Nick Mathewson
9c24ceeb3f Make tor_addr_lookup_host_impl mockable. 2019-10-04 08:02:56 -04:00
teor
ff304f3be7
tls: Log TLS read buffer length bugs once
Rather than filling the logs with similar warnings.

Fixes bug 31939; bugfix on 0.3.0.4-rc.
2019-10-04 12:33:34 +10:00
teor
e5b8bd38ab
Merge remote-tracking branch 'tor-github/pr/1392' 2019-10-04 11:26:43 +10:00
Nick Mathewson
9b73088c14
util/map_anon_nofork: Add a cast to avoid passing -48 to memset
This fixes coverity CID 1454593, and bug 31948. Bug not in any
released version of Tor.
2019-10-04 11:22:43 +10:00
David Goulet
52b7ae71b3 hs: ADD_ONION NEW:BEST now defaults to ED25519-V3
From RSA1024 (v2) to v3 now.

Closes #29669

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-10-03 15:43:03 -04:00
George Kadianakis
9309eaf8ea Merge branch 'tor-github/pr/1377' 2019-10-03 19:13:57 +03:00
George Kadianakis
3778b97cab Merge branch 'tor-github/pr/1276' 2019-10-03 19:13:02 +03:00
Nick Mathewson
49d6990cae Unit tests for dirserv_reject_tor_version(). 2019-10-03 19:12:52 +03:00
Nick Mathewson
4d4e2abd2f Authorities reject relays running unsupported Tor release series.
Our minimum version is now 0.2.9.5-alpha.  Series 0.3.0, 0.3.1,
0.3.2, 0.3.3, and 0.3.4 are now rejected.

Also, extract this version-checking code into a new function, so we
can test it.

Closes ticket 31549.

Also reject 0.3.5.0 through 0.3.5.6-rc as unstable.
2019-10-03 19:12:46 +03:00
Nick Mathewson
065e467e7c bump to 0.4.2.2-alpha 2019-10-03 12:07:50 -04:00
Nick Mathewson
5fd137c482 Merge remote-tracking branch 'tor-github/pr/1358' 2019-10-03 09:11:49 -04:00
Nick Mathewson
de7fcae72a Merge remote-tracking branch 'tor-github/pr/1382' 2019-10-03 09:08:23 -04:00
Nick Mathewson
ac8f6d51f4 Unify backend implementations for blocking hostname lookup
We have a getaddrinfo() implementation that we prefer, and a
gethostbyname*() implementation that we fall back on.  Give them
both the same interface, and let them be called by the same name.

This is a preparatory step for making them both mockable.
2019-10-03 07:47:25 -04:00
Nick Mathewson
b2802ae3c3 util/map_anon_nofork: Add a cast to avoid passing -48 to memset
This fixes coverity CID 1454593, and bug 31948. Bug not in any
released version of Tor.
2019-10-03 07:21:25 -04:00
teor
3d17fafa04
control/control: Refactor some error handling code
Split some protocol error handling out of
connection_control_process_inbuf().

This refactor reduces the size of a practracker exception.

Closes 31840.
2019-10-03 11:35:42 +10:00
Nick Mathewson
bca30bcb90 Merge remote-tracking branch 'tor-github/pr/1374' 2019-10-02 19:19:11 -04:00
David Goulet
ca1f18c159 Merge branch 'tor-github/pr/1385' 2019-10-02 14:15:31 -04:00
David Goulet
014abf86e5 Merge branch 'tor-github/pr/1344' 2019-10-02 10:37:49 -04:00
Nick Mathewson
a74c180691 Merge branch 'maint-0.3.5' into maint-0.4.0 2019-10-02 08:01:34 -04:00
Nick Mathewson
4dcbbe4166 Merge branch 'maint-0.4.0' into maint-0.4.1 2019-10-02 08:01:34 -04:00
Nick Mathewson
c81e1e4542 Merge branch 'maint-0.4.1' 2019-10-02 08:01:34 -04:00
Nick Mathewson
7b9cb4c47b Merge branch 'maint-0.2.9' into maint-0.3.5 2019-10-02 08:01:33 -04:00
Karsten Loesing
90de776ea9 Update geoip and geoip6 to the October 1 2019 database. 2019-10-02 11:11:27 +02:00
teor
3f94441bfe
log: fix a typo in the function comment for log_fn_()
Closes 31923.
2019-10-02 12:12:26 +10:00
Nick Mathewson
2b825a1a2e Fix a crash bug in max_u16_in_sl()
The documentation for this function says that the smartlist can
contain NULLs, but the code only handled NULLs if they were at the
start of the list.

We didn't notice this for a long time, because when Tor is run
normally, the sequence of msg_id_t is densely packed, and so this
list (mapping msg_id_t to channel_id_t) contains no NULL elements.
We could only run into this bug:
  * when Tor was running in embedded mode, and starting more than once.
  * when Tor ran first with more pubsub messages enabled, and then
    later with fewer.
  * When the second run (the one with fewer enabled pubsub messages)
    had at least some messages enabled, and those messages were not
    the ones with numerically highest msg_id_t values.

Fixes bug 31898; bugfix on 47de9c7b0a
in 0.4.1.1-alpha.
2019-10-01 13:01:20 -04:00
Nick Mathewson
34bbdaf5d4 Add a test for max_u16_in_sl().
This test does not currently pass, because of bug 31898.
2019-10-01 13:01:20 -04:00
Nick Mathewson
f17591b8e5 Rename max_in_sl to max_in_u16_sl, and expose it as STATIC.
Since we want to make this function slightly more visible for testing
purposes, it needs a better name.
2019-10-01 13:01:20 -04:00
Nick Mathewson
39640728c3 Add comments to try to prevent recurrence of #31495.
There is a bad design choice in two of our configuration types,
where the empty string encodes a value that is not the same as the
default value.  This design choice, plus an implementation mistake,
meant that config_dup() did not preserve the value of routerset_t,
and thereby caused bug #31495.

This comment-only patch documents the two types with the problem,
and suggests that implementors try to avoid it in the future.

Closes ticket 31907.
2019-10-01 09:45:12 -04:00
George Kadianakis
e8e42f4af9 Help users who try to use v2 client auth in v3 onions. 2019-10-01 13:41:21 +03:00
teor
56d0655ed8 err: Remove a duplicate header in backtrace.c 2019-09-30 23:17:04 +10:00
teor
c23986246b err: Always lock the backtrace buffer before it is used
Fixes bug 31734; bugfix on 0.2.5.3-alpha.
2019-09-30 23:17:04 +10:00
Nick Mathewson
53116ca0b7 Re-run "make autostyle" with improved annotate_ifdef_directives 2019-09-30 08:57:37 -04:00
teor
db329522ef
log: When initialising log domain masks, only set known log domains
And add a runtime test that checks for unknown domains and flags.

Fixes bug 31854; bugfix on 0.2.1.1-alpha.
2019-09-30 22:05:00 +10:00
teor
25c5322dfe
log: Define count, boundary, and all macros for domains and flags
And do static checks on those macro definitions.

Part of 31854.
2019-09-30 22:04:03 +10:00
teor
4c88ebcf47
log: Remove duplicate code and an outdated comment
Preparation for 31854.
2019-09-30 22:03:59 +10:00
George Kadianakis
9318682109 Merge branch 'tor-github/pr/1346' 2019-09-30 13:56:51 +03:00
George Kadianakis
ae8d36db31 Merge branch 'tor-github/pr/1302' 2019-09-30 13:47:53 +03:00
George Kadianakis
fc760c5088 Merge branch 'tor-github/pr/1356' 2019-09-30 13:47:06 +03:00
George Kadianakis
4673cb8168 Merge branch 'tor-github/pr/1339' 2019-09-30 13:44:59 +03:00
teor
2420c8c936 test: Avoid a map_anon_nofork test failure on SunOS
This test failure happened due to a signed/unsigned integer
comparison.

This bug occurred on SunOS, it may also occur on other systems that
use signed char as the default. (And cast 1-byte integer constants
to an unsigned integer.)

Fixes bug 31897; bugfix on 0.4.1.1-alpha.
2019-09-30 14:54:56 +10:00
Nick Mathewson
194dbea24d Run "make autostyle" with new "annotate_ifdef_directives" 2019-09-26 15:52:45 -04:00
Nick Mathewson
ffd857bbe1 Merge remote-tracking branch 'tor-github/pr/1308' 2019-09-26 14:36:37 -04:00
teor
d1eab05834
lock: Avoid some undefined behaviour when freeing mutexes.
Fixes bug 31736; bugfix on 0.0.7.
2019-09-26 12:37:25 +10:00
teor
749c2e1761
log: explain why it is safe to leave the log mutex initialized
The log mutex is dynamically initialized, guarded by log_mutex_initialized.
We don't want to destroy it, because after it is destroyed, we won't see
any more logs.

If tor is re-initialized, log_mutex_initialized will still be 1. So we
won't trigger any undefined behaviour by trying to re-initialize the
log mutex.

Part of 31736, but committed in this branch to avoid merge conflicts.
2019-09-26 12:22:34 +10:00
teor
2f8a9a2db6
sandbox: Allow backtrace signals to be disabled
Part of 31614.
2019-09-26 12:22:30 +10:00
teor
315f14c709
backtrace: avoid undefined behaviour on re-initialisation
cb_buf_mutex is statically initialised, so we can not destroy it when
we are shutting down the err subsystem. If we destroy it, and then
re-initialise tor, all our backtraces will fail.

Part of 31736, but committed in this branch to avoid merge conflicts.
2019-09-26 12:07:25 +10:00
Nick Mathewson
40a22fb707 Merge remote-tracking branch 'tor-github/pr/1349' 2019-09-25 13:07:19 -04:00
George Kadianakis
01a797be4e Merge branch 'tor-github/pr/1334' 2019-09-25 14:19:02 +03:00
George Kadianakis
0a77e5f1c2 Merge branch 'tor-github/pr/1341' 2019-09-25 14:18:15 +03:00
George Kadianakis
09769779a0 Merge branch 'tor-github/pr/1357' 2019-09-25 14:17:35 +03:00
George Kadianakis
2199629648 Merge branch 'tor-github/pr/1345' 2019-09-25 14:14:30 +03:00
George Kadianakis
99f75373de Merge branch 'tor-github/pr/1309' 2019-09-25 14:12:42 +03:00
teor
d30a042fa8 test: Use SEVERITY_MASK_IDX() to find the LOG_* mask indexes
In the unit tests and fuzzers.

Fixes bug 31334; bugfix on 0.2.5.2-alpha.
2019-09-25 16:40:09 +10:00
teor
1ad1e84b17 log: Move SEVERITY_MASK_IDX() to log.h
Move SEVERITY_MASK_IDX() to log.h private/unit tests section, so that
we can use it in log.c, the unit tests, and the fuzzers.

(The test and fuzzer code changes are in a subsequent commit.)

Preparation for bug 31334.
2019-09-25 16:37:07 +10:00
teor
0cb57a4908
feature/control: add a missing word to the send_control_done() comment 2019-09-24 15:08:37 +10:00
teor
dfea789203
log: Improve the documentation for tor_log_update_sigsafe_err_fds()
Part of 31839.
2019-09-24 15:04:03 +10:00
teor
ab7bfdf404
backtrace: Add a missing check for HAVE_PTHREAD_H before using mutexes
Fixes bug 31614; bugfix on 0.2.5.2-alpha.
2019-09-24 13:35:55 +10:00
teor
6b97a5a843
backtrace: Disable signal handlers in remove_bt_handler()
Fixes bug 31614; bugfix on 0.2.5.2-alpha.
2019-09-24 13:35:48 +10:00
teor
83fa962c1a
test: a file with no config options, at the end of an %include directory
(The file must contain whitespace or comments to trigger the bug.)

Regression test for 31408.
2019-09-24 11:10:50 +10:00
teor
876b3e2775
Merge branch 'bug31408_035' into bug31408_master 2019-09-24 11:07:38 +10:00
Roger Dingledine
e1429d9148 fix typo in comment 2019-09-23 18:32:05 -04:00
AmreshVenugopal
3e45260594 fix: Ticket #31589
- The function `decrypt_desc_layer` has a cleaner interface.
- `is_superencrypted_layer` changed from `int` -> `bool`

[ticket details](https://trac.torproject.org/projects/tor/ticket/31589)

add(changes/*): changes file
fix(src/features/hs): is_superencrypted changed from `int` -> `bool`
fix(changes/ticket31589): header
add(changes/ticket31589): subsystem(onion services) to change
2019-09-23 23:52:01 +05:30
Daniel Pinto
15490816da
Fix bug when %including folder with comment only files. #31408
When processing a %included folder, a bug caused the pointer to
the last element of the options list to be set to NULL when
processing a file with only comments or whitepace. This could
cause options from other files on the same folder to be
discarded depending on the lines after the affected %include.
2019-09-23 10:39:08 +10:00
Nick Mathewson
c309169217 microdesc_parse: convert some ints to bools
Noted by ahf during review of #31675
2019-09-19 14:37:24 -04:00
Nick Mathewson
194884977c microdesc_parse: Rename "next" label to "err". 2019-09-19 14:37:24 -04:00
Nick Mathewson
2094796c24 Reindent microdesc_parse_fields().
I suggest reviewing this with -b: it should be whitespace-only.
2019-09-19 14:37:24 -04:00
Nick Mathewson
ec368409fa Extract field-parsing code for microdesc_parse.c
The code here parses the fields from the microdescriptor, including
possible annotations, and stores them into a microdesc_t object.

This commit is almost pure code movement; I recommend using
--color-moved to review it.
2019-09-19 14:37:24 -04:00
Nick Mathewson
b1552e8814 Reindent microdesc_extract_body().
This commit is whitespace-only; I suggest reviewing with -b.
2019-09-19 14:37:24 -04:00
Nick Mathewson
9cbc166ea0 Extract the body-copying portion of microdesc parsing
This code is logically independent of the rest of the function, and
goes better in its own function.

This is almost purely code movement; I suggest reviewing with
--color-moved.
2019-09-19 14:37:24 -04:00
Nick Mathewson
6f3f93d86c bump to 0.4.1.6-dev 2019-09-19 08:52:15 -04:00
teor
69a1f9c8a7
test: test dirserv_router_has_valid_address() with DirAllowPrivateAddresses
Part of 31793.
2019-09-19 16:19:19 +10:00
teor
c2ceede376
test: refactor dirserv_router_has_valid_address() tests
Cleanup after 31793.
2019-09-19 16:19:16 +10:00
teor
03c2b1be8d
dirauth: reorder the checks in dirserv_router_has_valid_address()
To avoid a bug warning.

Fixes 31793. Bug not in any release, no changes file required.
2019-09-19 16:19:12 +10:00
teor
46fea1dfee
test: dirserv_router_has_valid_address() with zero-family addresses
Sometimes tor doesn't initialise an address, so its family is zero.

Failing test for 31793. Future commits will fix the code.
2019-09-19 16:19:04 +10:00
Nick Mathewson
37c616aeaf Merge branch 'bug31466_035' into bug31466_042 2019-09-18 15:48:25 -04:00
Nick Mathewson
bf4a27c0ea Merge branch 'bug31466_029' into bug31466_035_tmp 2019-09-18 15:42:40 -04:00
Nick Mathewson
f0e4120996 Add a rate-limit to our warning about the disabled .exit notation
This warning would previously be given every time we tried to open a
connection to a foo.exit address, which could potentially be used to
flood the logs.  Now, we don't allow this warning to appear more
than once every 15 minutes.

Fixes bug 31466; bugfix on 0.2.2.1-alpha, when .exit was first
deprecated.
2019-09-18 15:38:33 -04:00
Nick Mathewson
4bbefc2aac Merge branch 'bug30916_035' into bug30916_041 2019-09-18 11:19:41 -04:00
Nick Mathewson
2da4d64a64 Avoid a crash if our "current" and "old" ntor onion keys are equal
Our dimap code asserts if you try to add the same key twice; this
can't happen if everything is running smoothly, but it's possible if
you try to start a relay where secret_onion_key_ntor is the same as
secret_onion_key_ntor.old.

Fixes bug 30916; bugfix on 0.2.4.8-alpha when ntor keys were
introduced.
2019-09-18 11:14:45 -04:00
Nick Mathewson
1e9488f2fd Extract expressions in construct_ntor_key_map()
No behavioral change here: this is just refactoring.
2019-09-18 11:12:43 -04:00
Nick Mathewson
d6d3e829dd Merge branch 'maint-0.4.1' 2019-09-18 08:07:56 -04:00
Nick Mathewson
70bcff6010 Merge branch 'bug31772_041' into maint-0.4.1 2019-09-18 08:07:50 -04:00
Nick Mathewson
5f00c03ed0 Merge branch 'maint-0.4.0' into maint-0.4.1 2019-09-17 21:28:38 -04:00
Nick Mathewson
9e674d0eb4 Merge branch 'maint-0.3.5' into maint-0.4.0 2019-09-17 21:28:37 -04:00
Nick Mathewson
02840169d8 Merge remote-tracking branch 'tor-github/pr/1300' into maint-0.3.5 2019-09-17 21:28:29 -04:00
Nick Mathewson
25af8ada30 Correct the syntax description for the MAPADDRESS command.
In 0.4.1.1-alpha I introduced a bug where we would require and
ignore a single positional argument.

Fixes bug 31772.
2019-09-17 19:26:45 -04:00
Nick Mathewson
a3342b382a Bump version to 0.4.1.6 2019-09-17 19:11:56 -04:00
Nick Mathewson
c6f7943269 Merge branch 'bug31570_041' into maint-0.4.1 2019-09-17 19:04:25 -04:00
Nick Mathewson
50f981719f Merge branch 'maint-0.4.0' into maint-0.4.1 2019-09-17 18:58:44 -04:00
Nick Mathewson
ef35435584 Merge branch 'maint-0.3.5' into maint-0.4.0 2019-09-17 18:58:43 -04:00
Nick Mathewson
dc41e6a80c Merge remote-tracking branch 'tor-github/pr/1307' into maint-0.3.5 2019-09-17 18:58:06 -04:00
Nick Mathewson
cec42be570 Merge branch 'maint-0.4.0' into maint-0.4.1 2019-09-17 18:56:52 -04:00
Nick Mathewson
ab74c3560a Merge branch 'ticket31552_041' into maint-0.4.1 2019-09-17 18:54:05 -04:00
Nick Mathewson
2d744de355 Correct a comment in channel_tls_process_cell. 2019-09-17 11:42:19 -04:00
Nick Mathewson
7f5c6a603c Move PROCESS_CELL macros outside of channel_tls_process_cell().
These macros are used in multiple functions, and as such really
don't belong within a single function.

Also #undef them once we are done with them.

This change makes practracker pass again.
2019-09-17 11:40:14 -04:00
Nick Mathewson
75d3c08219 bump to 0.4.2.1-alpha-dev 2019-09-17 11:36:43 -04:00
Nick Mathewson
4d7ce27105 Merge branch 'bug31107_041' into bug31107_master 2019-09-17 09:16:53 -04:00
Nick Mathewson
6ee19e57c2 Merge branch 'bug31107_040' into bug31107_041 2019-09-17 09:16:52 -04:00
Nick Mathewson
da8ba5010b Merge branch 'bug31107_035' into bug31107_040 2019-09-17 09:16:52 -04:00
Nick Mathewson
7589995111 Merge branch 'maint-0.3.5' into bug31107_035 2019-09-17 09:16:52 -04:00
Nick Mathewson
3c97ab3c24 Treat an unexpected constant-sized VERSIONS cell as a PROTOCOL_WARN.
We previously used tor_fragile_assert() to declare that this case
could not happen: VERSIONS cells are always supposed to be
variable-sized, right?

This is incorrect, though.  On a v1 link protocol connection, all
cells are fixed-sized.  There aren't supposed to be any VERSIONS
cells with this version of the protocol, but apparently, somebody
was messing up.  (The v1 link protocol is obsolete, so probably the
implementer responsible didn't mean to be using it.)

Fixes bug 31107.  Bugfix on 0.2.4.4-alpha, when we introduced a
tor_fragile_assert() for this case.
2019-09-17 09:13:25 -04:00
George Kadianakis
585eaa123f Merge branch 'tor-github/pr/1323' 2019-09-17 14:51:43 +03:00
Nick Mathewson
a28a682a1f bump version to 0.4.2.1-alpha 2019-09-16 16:24:24 -04:00
Nick Mathewson
68a0106bf3 Run "make autostyle" and fix wide lines. 2019-09-16 13:27:42 -04:00
Nick Mathewson
8ad419744f On windows, allow failures in test_parseconf.sh
There seems to be some unreliability issue with this test on
appveyor.

Addresses ticket 31757; This isn't a final fix for this issue, but
it should make CI pass.
2019-09-16 11:01:03 -04:00
Nick Mathewson
a1694b7363 Fix a shellcheck warning in test_parseconf.sh.
I wonder why this didn't show up before.
2019-09-16 09:22:43 -04:00
George Kadianakis
cd72850e08 Merge branch 'tor-github/pr/1316' 2019-09-16 15:22:18 +03:00
George Kadianakis
5ec751b38b Merge branch 'tor-github/pr/1324' 2019-09-16 15:21:28 +03:00
George Kadianakis
a1192b6b4a Merge branch 'tor-github/pr/1273' 2019-09-16 15:20:25 +03:00
George Kadianakis
bdd17da9fd Merge branch 'tor-github/pr/1318' 2019-09-16 15:19:38 +03:00
Nick Mathewson
11cf4d9c3a test_parseconf.sh: On --dump-config failure, --verify-config 2019-09-14 19:00:41 -04:00
Nick Mathewson
7e9ee3a58d Add a test with many non-default options. 2019-09-14 19:00:41 -04:00
Nick Mathewson
617679df42 Add a few error test cases 2019-09-14 19:00:41 -04:00
Nick Mathewson
80e858e3e6 Add an integration test for %include. 2019-09-14 19:00:41 -04:00
Nick Mathewson
28025698a1 test_parseconf: run each test from inside its directory.
We need this to test includes and relative paths.
2019-09-14 19:00:41 -04:00
Nick Mathewson
850a00dc07 Add test for +Option, /Option, and Option
Here we use these directives to replace, extend, or clear values in
torrc.defaults and in torrc.
2019-09-14 19:00:41 -04:00
Nick Mathewson
2f7be9620b Move our first 3 example conf_examples to named directories
I'm not planning to use "example" as the name for all of them, but
these first three _are_ simple examples.
2019-09-14 19:00:41 -04:00
Nick Mathewson
7c7e8402b5 Add a test script to try parsing and encoding Tor configurations
This script takes a set of example torrcs and command-lines from
src/test/conf_examples.  If a success is expected, it runs "tor
--dump-config" and compares the result with the one we expect.  If a
failure is expected, it runs "tor --verify-config" and greps for the
error we expect.
2019-09-14 19:00:41 -04:00
Nick Mathewson
bfc5f09979 Detect overflow or underflow on double config values.
Any floating point value too positive or negative to distinguish
from +/-Inf, or too small to distinguish from +/-0, is an
over/underflow.
2019-09-13 18:26:16 -04:00
David Goulet
286b129b09 Merge branch 'tor-github/pr/1319' 2019-09-12 13:53:59 -04:00
David Goulet
c39c9ce26b Merge branch 'tor-github/pr/1285' 2019-09-12 13:47:09 -04:00
George Kadianakis
028733e8b6 Merge branch 'tor-github/pr/1303' 2019-09-12 18:09:35 +03:00
George Kadianakis
3aaa4d416b Merge branch 'tor-github/pr/1299' 2019-09-12 18:08:00 +03:00
Nick Mathewson
c3b1a25d46 Workaround for GCC "note" about "variable tracking size limit"
GCC complains that we are using too many variables here, probably
because of the sheer number of locals used for our tinytest macros.
Eventually we should fix that (see 30968), but this commit just
makes the "note" go away by splitting the test function into two.
2019-09-12 18:07:47 +03:00
Nick Mathewson
261ec900db Remove variable declarations from macros in test_addr_parse()
Instead, put them in the function itself.

This is an attempt to fix the gcc warning about the "variable
tracking size limit exceeded".
2019-09-12 18:07:47 +03:00
Nick Mathewson
34bab120df Ticket 31687: fix for tor_isinf() as well
tor_isinf() was new in 0.4.0, and also needs to look at the
same rules as clamp_double_to_i64()
2019-09-12 09:53:13 -04:00
Nick Mathewson
0327f9a075 Merge branch 'ticket31687_035' into ticket31687_040 2019-09-12 09:51:04 -04:00
Nick Mathewson
87944cecfc Merge remote-tracking branch 'tor-github/pr/1300' 2019-09-12 08:50:09 -04:00
Nick Mathewson
ded6d9fcb4 Run test_operator_cleanup on our unit tests
Coccinelle doesn't understand it when we use "==" and "!=" and so on as
arguments to macros.  To solve this, we prefer OP_EQ, OP_NE, and so
on.

This commit is automatically generated by running
./scripts/coccinelle/test_operator_cleanup over all of the source
code in src.
2019-09-11 18:47:19 -04:00
Nick Mathewson
ae6e60281c Update include.am files to refer to new location of confparse.[ch]
Tests should now pass again.
2019-09-11 10:22:01 -04:00
Nick Mathewson
a90d1918af Update #includes to point to confparse.h in its new location.
This commit was automatically generated by running
scripts/maint/rectify_include_paths.py .
2019-09-11 10:17:20 -04:00
Nick Mathewson
87ca9e4d2a Move confparse.[ch] into src/lib/confmgt/
This commit only does code movement, and does not clean up after
itself.  As such, it will break compilation.  I'm separating it for
ease of review.
2019-09-11 10:16:10 -04:00
Nick Mathewson
bf8c3164b6 Add new entries to lib/confmgt ".may_include" file
confparse.[ch] will need these; checkIncludes confirms that we have
not introduced a cycle.
2019-09-11 10:13:57 -04:00
David Goulet
41261c3b5c Merge branch 'tor-github/pr/1296' 2019-09-11 09:42:31 -04:00
Nick Mathewson
478141e617 Document inconsistent usage of config_var_is_listable()
See also ticket 31654.
2019-09-11 09:42:19 -04:00
Nick Mathewson
e61bfd0bfd Extract common list of flags to use for obsolete variables. 2019-09-11 09:42:19 -04:00
Nick Mathewson
fe5033d3b0 Clarify documentation on config_var_is_listable()
Here we make it clear we're only looking at listable variable names,
not at whether the variables themselves are gettable.

Also, remove an extraneous h.

(This commit is not a fixup, because of rebase conflicts.)
2019-09-11 09:42:19 -04:00
Nick Mathewson
14f48cb083 Add test_cmdline.sh to distribution. 2019-09-11 09:42:19 -04:00
Nick Mathewson
7a8ea0d3c3 integration test for --list-torrc-options
(This option tests our existing behavior, not necessarily the most
sensible behavior.)
2019-09-11 09:42:19 -04:00
Nick Mathewson
5ffe6ec0e3 Test: Make sure NOLIST options are not listed. 2019-09-11 09:42:19 -04:00
Nick Mathewson
bbd40e690e Revise documentation on CFLG_* flags 2019-09-11 09:42:19 -04:00
Nick Mathewson
0d6d96396c Remove all CVFLAG_* usage. 2019-09-11 09:42:19 -04:00
Nick Mathewson
5ca5d196ac Remove all VTFLAG_* usage. 2019-09-11 09:42:19 -04:00
Nick Mathewson
9b571d4729 confparse, conftypes: Replace flags with their new names.
The old names remain as #defines that cause variables to get one or
more flags.

Now every flag-testing function in confparse.c tests exactly one flag.
2019-09-11 09:42:19 -04:00
Nick Mathewson
1b3b6d9f2d Replace low-level {var_type,struct_var}_is_*() with flag inspection
Since the flags are now stored with compatible numbering, we can
just OR them together and see whether the flag we want is in the
result.

(Net code removal!)
2019-09-11 09:42:19 -04:00
Nick Mathewson
4b92f4c83a Re-number VTFLAG_* values so they don't conflict with CVFLAG_* 2019-09-11 09:42:19 -04:00
Nick Mathewson
c650ab8061 Move VTFLAG_* declarations to conftypes.h 2019-09-11 09:42:19 -04:00
Nick Mathewson
03e4183043 typed_var: Make flags into an unsigned OR of bits.
Using a bitfield here will enable us to unify the var_type_def_t flags
with the config_var_t flags.

(This commit does not yet do that unification, and does not yet
rename or refactor any flags.  It only changes booleans into bits.)
2019-09-11 09:42:19 -04:00
Nick Mathewson
4f6b592691 struct_var: refactor struct_var_is*() functions to delegate
Previously they checked the individual flags inside var_type_def_t;
now they call the appropriate var_type_is_*() functions.

(These functions will be removed entirely by the end of this branch.)
2019-09-11 09:42:19 -04:00
Nick Mathewson
7171ce2a2a config: make config_var_is_dumpable static. 2019-09-11 09:42:19 -04:00
Nick Mathewson
8d685aee7c config: rename "contained" to "derived", and explain it better.
Don't use "derived" directly, but check its implications for listing
and copying.
2019-09-11 09:42:19 -04:00
Nick Mathewson
668e3a7709 config: Introduce the concept of an "ungettable" variable.
We had though to make all obsolete and invisible variables
ungettable, so that GETCONF would reject them.  But it turns out
that this isn't the current behavior of GETCONF with those
variables.  So for now, I'm leaving the current behavior unchanged.
(See ticket 31647 for a proposal to change the behavior.)
2019-09-11 09:42:19 -04:00
Nick Mathewson
3bf38ffff5 Document config_var_is_dumpable and config_var_is_settable. 2019-09-11 09:42:19 -04:00
David Goulet
049705fc1c Merge branch 'tor-github/pr/1311' 2019-09-11 09:36:28 -04:00
George Kadianakis
3b32f2508c Merge branch 'tor-github/pr/1307' 2019-09-11 16:19:21 +03:00
Nick Mathewson
0891a31ad3 madvise: tolerate EINVAL and ENOSYS when minherit fails
These errors can occur if we are built on a system with support for
madvise(MADV_NOFORK) but then we are run on a system whose kernel
does not support that flag.

If the error is something that we don't tolerate at all, we now log
it before crashing.

Fixes bug 31696.  I am calling this a bugfix on 0.4.1.1-alpha, where
we actually started using the map_anon code.

This is similar to, but not the same as, the fix for #31570.
2019-09-11 09:13:50 -04:00
Nick Mathewson
9d60495903 Use strtod, not atof, for parsing doubles in the configuration.
This lets us detect erroneous doubles, which previously we could not
do.

Fixes bug 31475; bugfix on commit 00a9e3732e, a.k.a svn:r136.
2019-09-10 19:01:32 -04:00
Nick Mathewson
97f7efa9e3 pf: when extracting an IPv6 address, make sure we got an IPv6 address
Our code assumes that when we're configured to get IPv6 addresses
out of a TRANS_PF transparent proxy connection, we actually will.
But we didn't check that, and so FreeBSD started warning us about a
potential NULL pointer dereference.

Fixes part of bug 31687; bugfix on 0.2.3.4-alpha when this code was
added.
2019-09-10 11:07:25 -04:00
Nick Mathewson
51475aee57 fp.c: Suppress float-conversion warnings on FreeBSD.
We used to do this on Windows only, but it appears to affect
multiple platforms when building with certain versions of GCC, and a
common pattern for defining the floating-point classifier functions.

Fixes part of 31687. I'm calling this a bugfux on 31687, when we
started suppressing these warnings on Windows.
2019-09-10 10:55:44 -04:00
Nick Mathewson
e7d7e04155 Do not look inside bogus microdesc when listing its digest as invalid
We have code in microdescs_parse_from_string() to record the digests
of microdescriptors that we could not parse.  But right now, that
code looks at the md->digest field, which is a bit inelegant, and
will stand in the way of sensible refactoring.

Instead, use a local variable to hold the digest.
2019-09-10 09:10:49 -04:00
Nick Mathewson
7282213bd3 Extract saved_location_to_string() from microdesc parsing.
We may be able to use this function in other places in the future;
if so, we should move it to somewhere more useful.

Part of 31675.
2019-09-10 09:10:49 -04:00
Nick Mathewson
d8ef6b1548 Add a unit test for ed25519 identity parsing in microdescriptors
This test makes sure that we parse ed25519 identities to get the
correct data from them.  It also tests:

   * That a microdescriptor may not have two ed25519 identities.
   * That a microdescriptor may not have an ed25519 identity that is
     not a valid base64-encoded ed25519 key.
   * That a microdescriptor may have an unrecognized identity type.

It will help test the refactoring of ticket31675.
2019-09-10 09:10:49 -04:00
teor
39c7f46d36
main: add some newlines to the subsystem list, for readability 2019-09-10 09:06:36 +10:00
teor
5fa75a6cd4
main: remove level number comments from the subsystem list (master)
Part of 31615.
2019-09-10 09:04:38 +10:00
teor
987768b077
Merge branch 'bug31615_041' into bug31615_master
Merged modified lines from bug31615_041, and unmodified lines
from master.
2019-09-10 09:03:37 +10:00
teor
f1c57cd1e5
main: remove level number comments from the subsystem list (0.4.1)
Part of 31615.
2019-09-10 08:44:35 +10:00
teor
7e22d99346
Merge branch 'bug31615_040' into bug31615_041
Merged modified lines from bug31615_040, and unmodified lines
from maint-0.4.1.
2019-09-10 08:43:13 +10:00
teor
2e2a35b694 main: remove level number comments from the subsystem list (0.4.0)
These levels get out of date really easily: we'll implement a level
dump command in tor in 31614.

They also cause conflicts and inconsistencies when merging forward
level changes.

Part of 31615.
2019-09-10 08:35:56 +10:00
David Goulet
409df19b5a build: The <sys/sysctl.h> is now deprecated on Linux
Closes #31673
2019-09-09 17:07:08 -04:00
David Goulet
484710f25b build: The <sys/sysctl.h> is now deprecated on Linux
Closes #31673
2019-09-09 17:05:23 -04:00
Nick Mathewson
6846d14868 Merge branch 'ticket30924_042_04_squashed_merged' 2019-09-09 12:35:27 -04:00
Nick Mathewson
a642a4cbd7 Merge branch 'ticket30924_042_04_squashed' into ticket30924_042_04_squashed_merged 2019-09-09 11:10:53 -04:00
David Goulet
622c2c7884 hs-v3: Rename validation function in hs_intropoint.c
Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-09-09 11:07:51 -04:00
David Goulet
385f6bcfcc hs-v3: Move DoS parameter check against 0
Move it outside of the validation function since 0 is a valid value but
disables defenses.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-09-09 11:07:36 -04:00
David Goulet
f16fc262e5 Merge branch 'tor-github/pr/1298' 2019-09-09 11:05:51 -04:00
David Goulet
1e7c7870e8 Merge branch 'tor-github/pr/1287' 2019-09-09 10:51:19 -04:00
teor
1609916c79
log: Close log and err file descriptors before aborting
Part of 31594.
2019-09-09 14:56:42 +10:00
teor
a22fbab986
log: Don't close file log fds that are being used by the err module
Instead, dup() file log fds, before passing them to the err module.

Closes 31613, part of 31594.
2019-09-09 14:56:28 +10:00
teor
d02ced4caf
torerr: Close sigsafe fds on shutdown
And clear the list of error fds.

Part of 31594.
2019-09-09 14:56:17 +10:00
teor
612b0a4139 subsys: Make the subsystem init order match the module dependencies
Fix levels for subsystems that depend on log/err
* winprocess (security) doesn't use err:
  * call windows process security APIs as early as possible
  * init err after winprocess
  * move wallclock so it's still after err
* network and time depend on log:
  * make sure that network and time can use logging.
  * init network and time after log

Add comments explaining the module init order.

Fixes bug 31615; bugfix on 0.4.0.1-alpha.
2019-09-06 16:58:53 +10:00
teor
670d402621 entrynodes: Make routine descriptor expiry notice logs less alarming
When tor is missing descriptors for some primary entry guards, make the
log message less alarming. It's normal for descriptors to expire, as long
as tor fetches new ones soon after.

Fixes bug 31657; bugfix on 0.3.3.1-alpha.
2019-09-06 16:43:14 +10:00
Nick Mathewson
a727d4a3a1 Remove unused struct_var_* functions.
These turned out to be unnecessary, so let's not keep them around
and let them start getting complicated.

Closes ticket 31630.
2019-09-05 15:24:54 -04:00
Nick Mathewson
16cf9424c1 config: Invert sense of _is_invisible, and rename to is_listable() 2019-09-05 11:32:32 -04:00
Nick Mathewson
22e7d33735 config: replace config_var_is_cumulative with is_replaced_on_set()
This change replaces the higher-level property check to match our
intended flag factoring.
2019-09-05 11:32:32 -04:00
George Kadianakis
545c21e23d Merge branch 'tor-github/pr/1295' 2019-09-05 17:13:29 +03:00
George Kadianakis
ddd01541b9 Merge branch 'tor-github/pr/1294' 2019-09-05 17:12:19 +03:00
George Kadianakis
fb56b4c2bf Merge branch 'tor-github/pr/1293' 2019-09-05 17:10:07 +03:00
George Kadianakis
c750ec20ab Merge branch 'tor-github/pr/1291' 2019-09-05 17:09:20 +03:00
George Kadianakis
c29f05b159 Merge branch 'tor-github/pr/1292' 2019-09-05 17:06:58 +03:00
George Kadianakis
cdd7e88970 Merge branch 'tor-github/pr/1261' 2019-09-05 17:02:53 +03:00
Neel Chauhan
0127888b06 Add tests for IPv6 exit policies on microdescriptors 2019-09-05 17:02:45 +03:00
Neel Chauhan
be4a60945d Check IPv6 exit policies on microdescriptors in node_exit_policy_rejects_all() 2019-09-05 17:02:45 +03:00
Nick Mathewson
eb909c4e43 config: note that some arguments are required. 2019-09-05 07:57:36 -04:00
teor
1203e137be
Merge commit '763fd0ad66' into maint-0.4.0
tor-github/pr/1174, but with the last commit re-worded to remove
the fixup, because fixups break our push rules.
2019-09-05 11:42:26 +10:00
Nick Mathewson
88839ab2ac Remove _ex suffix from typed_var_*_ex() functions.
Now that the variants of these functions that took config_line_t are
gone, there is no longer any reason for the remaining variants to
have "ex" at the end of their names.

This commit was made by running this perl script over all the files
in src/:

#!/usr/bin/perl -w -i -p

s{typed_var_(assign|free|encode|copy|eq|ok|kvassign|kvencode|mark_fragile)_ex}
 {typed_var_$1}g;
2019-09-04 15:01:49 -04:00
Nick Mathewson
161c392a4f typedvar: remove now-unused functions taking config_type_t.
These functions are no longer used.

Part of 31629.
2019-09-04 14:54:59 -04:00
Nick Mathewson
b3c2867715 Document fields of struct_magic_decl_t. 2019-09-04 14:23:19 -04:00
Nick Mathewson
3db56aeeb8 Document warn_deprecated_option(). 2019-09-04 14:23:19 -04:00