nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-11 13:43:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
22,618 Commits 53 Branches 630 Tags 125 MiB
c9b8d4c086
Commit Graph

16539 Commits

Author SHA1 Message Date
teor (Tim Wilson-Brown)
d3ca6fe475
Call purpose_needs_anonymity in authority_certs_fetch_missing 2016-07-01 14:00:20 +10:00
teor (Tim Wilson-Brown)
b4dcf56768
Hex-encode raw digest before printing in authority_certs_fetch_missing 2016-07-01 14:00:07 +10:00
teor (Tim Wilson-Brown)
596ccbf839
Refactor authority_certs_fetch_missing to call get_options once 2016-07-01 09:35:27 +10:00
Nick Mathewson
64ee7bcd0c Make sure that our tests expect the windows path separator as needed 2016-06-30 18:26:44 -04:00
Nick Mathewson
69e22e294b Set binary mode when checking malformed descriptor. 2016-06-30 18:23:58 -04:00
Nick Mathewson
889cfac676 One more tt_u64_op 2016-06-30 16:46:53 -04:00
Nick Mathewson
591078c76d use tt_u64_op for comparing len_descs_dumped 2016-06-30 15:34:36 -04:00
Nick Mathewson
b750a77e3f fix naked memcmps 2016-06-30 15:34:16 -04:00
Nick Mathewson
2713de2a47 Fix more naked strdup/malloc/free instances 2016-06-30 14:36:31 -04:00
Nick Mathewson
9a92f58219 Avoid naked strdups in test_dir.c 2016-06-30 14:30:28 -04:00
Nick Mathewson
7a7bd1f9ea Fix a memory leak in test_dir_populate_dump_desc_fifo 2016-06-30 14:30:26 -04:00
Nick Mathewson
c3b720fb26 Try to fix warnings when size_t is smaller than st.st_size. 2016-06-30 14:20:04 -04:00
Nick Mathewson
b5beb2afa6 fix a syntax warning 2016-06-30 14:19:55 -04:00
Nick Mathewson
ded7e8093c Fix three -Wtautological-constant-out-of-range-compare warnings. 2016-06-30 14:08:28 -04:00
Nick Mathewson
3627718348 Fix -Wextra-semi warning 2016-06-30 13:50:16 -04:00
Nick Mathewson
6d2f006bf4 Fix a 32-bit compilation failure 2016-06-30 13:47:45 -04:00
Nick Mathewson
8917c4f19f A little more specificity in documentation for getinfo download/ stuff 
Also, a const.
 2016-06-30 13:42:38 -04:00
Nick Mathewson
cb54390e0f Merge remote-tracking branch 'andrea/ticket19323_squashed' 2016-06-30 11:44:58 -04:00
Nick Mathewson
c6846d7bf0 Merge remote-tracking branch 'andrea/bug18322_v3_squashed' 2016-06-30 11:18:00 -04:00
Nick Mathewson
a31f55b16b Merge remote-tracking branch 'teor/bug19483-fix-v2' 2016-06-30 11:04:13 -04:00
Andrea Shepard
13a16e0011 Also check if the sandbox is configured as well as if it's active; sandbox_init() runs rather late in the startup process 2016-06-30 09:37:23 +00:00
Andrea Shepard
34d9dabed1 Do sandbox_is_active() check before reconstructing dump_desc() FIFO on startup too 2016-06-30 07:45:55 +00:00
Andrea Shepard
9580b99dab Add unit test for dump_desc_populate_fifo_from_directory() 2016-06-30 07:03:26 +00:00
Andrea Shepard
f99c9df02b Make things mockable for dump_desc_populate_fifo_from_directory() unit test 2016-06-30 07:03:26 +00:00
Andrea Shepard
42f089473a Unit test for dump_desc_populate_one_file() 2016-06-30 07:03:26 +00:00
Andrea Shepard
2154160a24 Add support for mocking functions declared with attributes without causing gcc warnings 2016-06-30 07:03:26 +00:00
Andrea Shepard
421cf21b3c Reload unparseable descriptor dump FIFO state from on-disk dumped descriptors at startup 2016-06-30 07:03:26 +00:00
Andrea Shepard
38cced90ef Move unparseable descriptor dumps into subdirectory of DataDir 2016-06-30 07:03:25 +00:00
Andrea Shepard
dc37546cff Add sandbox_is_active() check to dump_desc() 2016-06-30 07:03:25 +00:00
Andrea Shepard
603f483092 Use uint64_t for total length of dumped descriptors, nad be careful about overflows in the loop in dump_desc_fifo_add_and_clean() 2016-06-30 07:03:25 +00:00
Andrea Shepard
824ee581b0 Add dir/dump_unparseable_descriptors unit test 2016-06-30 07:03:25 +00:00
Andrea Shepard
2a17b93cc4 Make options_get_datadir_fname2_suffix() mockable 2016-06-30 07:03:25 +00:00
Andrea Shepard
35fc5879fb Expose a few more dump_desc()-related things to the test suite 2016-06-30 07:03:25 +00:00
Andrea Shepard
4e4a760491 Add extern support for file-scope variables in testsupport.h 2016-06-30 07:03:25 +00:00
Andrea Shepard
17ed2fed68 Expose dump_desc() to the test suite and make things it calls mockable 2016-06-30 07:03:24 +00:00
Andrea Shepard
726dc9acf5 Remove old unparseable descriptor logging mechanism, add bump-to-head-of-queue for repeated unparseable descriptors, rename config variable 2016-06-30 07:03:24 +00:00
Andrea Shepard
1cde3e2776 Add multiple descriptor dump support for dump_desc() in routerparse.c; fixes bug 18322 2016-06-30 07:03:24 +00:00
Roger Dingledine
4dc7b3ca28 fix typo 2016-06-29 22:56:56 -04:00
teor (Tim Wilson-Brown)
69535f1284
Add tv_udiff and tv_mdiff unit tests with negative values 2016-06-30 09:29:18 +10:00
teor (Tim Wilson-Brown)
aae14f8346
Fix bug19483: avoid range checks when they are always true 
Some compilers are smart enough to work out that comparisons to
LONG_MAX are a no-op on L64.
 2016-06-30 09:29:14 +10:00
Nick Mathewson
7602b0b31f Merge remote-tracking branch 'weasel/bug19503' 2016-06-29 16:10:10 -04:00
teor (Tim Wilson-Brown)
d36a0c4d22
Add more unit tests for tv_udiff and tv_mdiff 2016-06-29 17:23:42 +10:00
teor (Tim Wilson-Brown)
4234ca3bf2
Improve overflow checks in tv_udiff and tv_mdiff 
Validate that tv_usec inputs to tv_udiff and tv_mdiff are in range.

Do internal calculations in tv_udiff and tv_mdiff in 64-bit,
which makes the function less prone to integer overflow,
particularly on platforms where long and time_t are 32-bit,
but tv_sec is 64-bit, like some BSD configurations.

Check every addition and subtraction that could overflow.
 2016-06-29 17:23:24 +10:00
Andrea Shepard
ad0ce8716d Unit tests for GETINFO download/desc and download/bridge cases 2016-06-29 06:55:57 +00:00
Andrea Shepard
45724beac4 Unit test for GETINFO download/cert case 2016-06-29 05:58:22 +00:00
Andrea Shepard
becf510ef2 Unit test for GETINFO download/networkstatus case 2016-06-29 05:56:21 +00:00
Andrea Shepard
657eaee6ae Expose GETINFO download status statics for test suite and make things mockable 2016-06-29 05:55:42 +00:00
Andrea Shepard
c692900728 Add bridge descriptor download status queries to GETINFO 2016-06-29 05:55:42 +00:00
Andrea Shepard
8798ca4be2 Add router descriptor download status queries to GETINFO 2016-06-29 05:55:42 +00:00
Andrea Shepard
18c6e13993 Expose authority certificate download statuses on the control port 2016-06-29 05:55:42 +00:00
teor (Tim Wilson-Brown)
2e51608a8b
Fix an integer overflow bug in the tv_mdiff range check 
The temporary second used for rounding can cause overflow,
depending on the order the compiler performs the operations.
 2016-06-29 12:53:50 +10:00
Nick Mathewson
f42dbc4e26 Merge branch 'maint-0.2.8' 2016-06-28 19:15:43 -04:00
Nick Mathewson
2c9354fc10 Merge branch 'bug19071-extra-squashed' into maint-0.2.8 2016-06-28 19:15:20 -04:00
teor (Tim Wilson-Brown)
26146dbe9e Comment-out fallbacks in a way the stem fallback parser understands 
If we manually remove fallbacks in C by adding '/*' and '*/' on separate
lines, stem still parses them as being present, because it only looks at
the start of a line.

Add a comment to this effect in the generated source code.
 2016-06-28 19:15:08 -04:00
Nick Mathewson
d793a988cd Merge branch 'maint-0.2.8' 2016-06-28 11:22:48 -04:00
Nick Mathewson
bc9a0f82b3 whitespace fixes 2016-06-28 11:14:42 -04:00
Nick Mathewson
f87aa4555d Merge remote-tracking branch 'teor/bug18812' into maint-0.2.8 2016-06-28 11:12:51 -04:00
teor (Tim Wilson-Brown)
608c12baaf
Resolve bug18812 by logging fallback key changes at info level 2016-06-28 14:18:16 +10:00
teor (Tim Wilson-Brown)
812fd416ef
Make it clear that fallbacks include authorities 
Comment-only change
 2016-06-28 14:14:04 +10:00
teor (Tim Wilson-Brown)
14b1c7a66e
Refactor connection_or_client_learned_peer_id for bug18812 
No behavioural change.
Also clarify some comments.
 2016-06-28 14:12:18 +10:00
Nick Mathewson
4e2a7cd3ae Add missing braces around conditional. 2016-06-27 13:19:49 -04:00
Nick Mathewson
14169a3d70 Remove an always-true condition: all ints are <= INT_MAX 2016-06-27 13:18:54 -04:00
Nick Mathewson
2197bfcc6a Merge branch 'maint-0.2.8' 2016-06-27 13:17:42 -04:00
Andrea Shepard
8cf9fe5ba6 Expose consensus download statuses on the control port 2016-06-27 16:38:37 +00:00
Peter Palfrader
54c3066c72 Fix a typo in the getting passphrase prompt for the ed25519 identity key 2016-06-25 13:33:35 +02:00
Yawning Angel
0116eae59a Bug19499: Fix GCC warnings when building against bleeding edge OpenSSL. 
The previous version of the new accessors didn't specify const but it
was changed in master.
 2016-06-24 22:20:41 +00:00
Nick Mathewson
703254a832 Merge remote-tracking branch 'public/bug15942_v2_alternative' 2016-06-23 09:01:24 -04:00
teor (Tim Wilson-Brown)
828e2e1a2e
Remove a fallback that changed DirPort 
The operator has confirmed that the DirPort change is perament.
The relay will be reconsidered as a fallback in 0.2.9.
 2016-06-23 10:38:03 +10:00
Nick Mathewson
61dac57aa3 Merge branch 'maint-0.2.8' 2016-06-22 08:20:11 -04:00
teor (Tim Wilson-Brown)
69635e41c8
Remove and blacklist 3 fallbacks which disappeared 
Blacklist them in case they appear again.
 2016-06-22 12:18:10 +10:00
teor (Tim Wilson-Brown)
b15cecd4f8
Remove 2 fallbacks: one lost guard, the other had bad uptime 
Leave these fallbacks in the whitelist, they may improve before 0.2.9.
 2016-06-22 12:18:06 +10:00
teor (Tim Wilson-Brown)
7e9532b9be
Remove and blacklist 4 fallbacks which are unsuitable 
Remove a fallback that changed its fingerprint after it was listed
This happened after to a software update:
https://lists.torproject.org/pipermail/tor-relays/2016-June/009473.html

Remove a fallback that changed IPv4 address

Remove two fallbacks that were slow to deliver consensuses,
we can't guarantee they'll be fast in future.

Blacklist all these fallbacks until operators confirm they're stable.
 2016-06-22 12:16:57 +10:00
Nick Mathewson
cb8557f7c9 Merge branch 'maint-0.2.8' 2016-06-21 09:00:40 -04:00
Ivan Markin
b432efb838 Remove useless message about nonexistent onion services after uploading a descriptor 2016-06-21 09:00:22 -04:00
Nick Mathewson
dd9cebf109 Merge branch 'maint-0.2.8' 2016-06-21 08:54:49 -04:00
George Kadianakis
f038e9cb00 Fix bug when disabling heartbeats. 
Callbacks can't return 0.
 2016-06-21 08:54:30 -04:00
David Goulet
b3b4ffce2e prop250: Add memory and disk state in new files 
This commit introduces two new files with their header.

"shared_random.c" contains basic functions to initialize the state and allow
commit decoding for the disk state to be able to parse them from disk.

"shared_random_state.c" contains everything that has to do with the state
for both our memory and disk. Lots of helper functions as well as a
mechanism to query the state in a synchronized way.

Signed-off-by: David Goulet <dgoulet@torproject.org>
Signed-off-by: George Kadianakis <desnacked@riseup.net>
 2016-06-20 15:26:58 -04:00
David Goulet
9744a40f7a Add tor_htonll/ntohll functions 
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
 2016-06-20 15:26:58 -04:00
David Goulet
49e8f47505 util: zero target buffer of base*_encode/decode 
Make sure to memset(0) the destination buffer so we don't leave any
uninitialized data.

Fixes #19462

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2016-06-20 13:47:19 -04:00
Nick Mathewson
2f75b34dce Patch from dgoulet: fix a base16 problem that manifested w stem 2016-06-20 13:37:45 -04:00
Nick Mathewson
5fbd195918 Coverage hack for test_switch_id.sh 
This hack provides a way to make sure we can see coverage from
test-switch-id.  If you set OVERRIDE_GCDA_PERMISSIONS_HACK, we
temporarily make the .gcda files mode 0666 before we run the
test scripts, and then we set them to 0644 again afterwards.

That's necessary because the test_switch_id.sh script does a
setuid() to 'nobody' part way through, and drops the ability to
change its mind back.
 2016-06-20 11:15:47 -04:00
Nick Mathewson
603cb712ef Small coverage improvements on compat.c 2016-06-20 11:03:13 -04:00
Nick Mathewson
ba28da8de5 compat.c coverage: simplify under-tested alloc_getcwd. 
Yes, HURD lacks PATH_MAX.  But we already limited the maximum buffer
to 4096, so why not just use that?
 2016-06-20 10:47:31 -04:00
Nick Mathewson
2b74e13a7c More coverage in backtrace.c 2016-06-20 10:31:36 -04:00
Nick Mathewson
c1f0ec3058 Merge remote-tracking branch 'dgoulet/bug19465_029_01' 2016-06-20 10:20:41 -04:00
Nick Mathewson
ba88d78127 Fix unit test crash on 32-bit. 2016-06-20 10:20:03 -04:00
Nick Mathewson
a09ec22a9b Simpler implementation of random exponential backoff. 
Consumes more entropy, but is easier to read.
 2016-06-20 10:10:02 -04:00
David Goulet
85edef27eb test: Increase offset to rendcache descriptor time 
Slow system can sometime take more than 10 seconds to reach the test
callsite resulting in the unit test failing when using time in the future or
in the past.

Fixes #19465

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2016-06-20 09:53:11 -04:00
Nick Mathewson
6cedd49323 Merge branch 'bug14013_029_01_squashed' 2016-06-20 08:48:09 -04:00
nikkolasg
568dc27a19 Make base16_decodes return number of decoded bytes 
base16_decodes() now returns the number of decoded bytes. It's interface
changes from returning a "int" to a "ssize_t". Every callsite now checks the
returned value.

Fixes #14013

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2016-06-20 08:44:58 -04:00
Nick Mathewson
1160ac1283 Changes file for 19063; use the BUG macro 2016-06-19 12:38:15 -04:00
U+039b
58e6a6aaeb Fix #19063: Add check in utility macro 2016-06-19 12:34:49 -04:00
Nick Mathewson
81cfd5c9a1 Merge branch 'zlib_coverage_squashed' 2016-06-19 12:20:38 -04:00
Nick Mathewson
d937b86699 Unindent block 2016-06-19 12:20:24 -04:00
Nick Mathewson
5a725dab0a Mark some torgzip lines as unreachable/untestable. 2016-06-19 12:20:24 -04:00
Nick Mathewson
358fc026d9 Remove a ridiculous realloc call from torgzip.c 
realloc()ing a thing in order to try to save memory on it just
doesn't make sense with today's allocators.  Instead, let's use the
fact that whenever we decompress something, either it isn't too big,
or we chop it up, or we reallocate it.
 2016-06-19 12:20:24 -04:00
Nick Mathewson
808015316a Remove support for zlib <= 1.1 
zlib 1.2 came out in 2003; earlier versions should be dead by now.

Our workaround code was only preventing us from using the gzip
encoding (if we decide to do so), and having some dead code linger
around in torgzip.c
 2016-06-19 12:20:24 -04:00
Nick Mathewson
b421648da2 Merge remote-tracking branch 'public/thread_coverage' 2016-06-19 12:15:55 -04:00
Andrea Shepard
5a4ed29f01 Better comments on exponential-backoff related members of download_status_t 2016-06-18 19:05:46 +00:00
Andrea Shepard
1f1df4ab74 Move exponential-random backoff computation out of download_status_schedule_get_delay() into separate function, per code review 2016-06-18 18:23:55 +00:00
Andrea Shepard
1dfbfd319e Better comment for download_status_schedule_get_delay() per code review 2016-06-18 17:11:32 +00:00
Andrea Shepard
6370c4ee87 Use exponential backoff for router descriptor downloads from consensuses 2016-06-18 16:32:17 +00:00
Andrea Shepard
5cb27d8991 Use exponential backoffs for bridge descriptor downloads 2016-06-18 16:32:17 +00:00
Andrea Shepard
36d45a9f64 Use exponential backoffs for certificate downloads 2016-06-18 16:32:17 +00:00
Andrea Shepard
5104e5645f Use exponential backoffs for consensus downloads 2016-06-18 16:32:16 +00:00
Andrea Shepard
1553512af4 Unit test for DL_SCHED_RANDOM_EXPONENTIAL 2016-06-18 16:32:16 +00:00
Andrea Shepard
695b0bd1d5 Implement DL_SCHED_RANDOM_EXPONENTIAL support for download_status_t 2016-06-18 16:32:16 +00:00
Andrea Shepard
033cf30b3c Keep make check-spaces happy 2016-06-18 16:07:44 +00:00
Nick Mathewson
48b25e6811 Merge branch 'bug18280_029_03_nm_squashed' 2016-06-17 13:53:57 -04:00
David Goulet
f4f9a9be40 test: Add base32_encode/decode unit tests 
Signed-off-by: David Goulet <dgoulet@torproject.org>
 2016-06-17 13:53:47 -04:00
David Goulet
4e4a7d2b0c Fix base32 API to take any source length in bytes 
Fixes #18280

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
 2016-06-17 13:53:47 -04:00
cypherpunks
94762e37b9 Use the Autoconf macro AC_USE_SYSTEM_EXTENSIONS 
The Autoconf macro AC_USE_SYSTEM_EXTENSIONS defines preprocessor macros
which turn on extensions to C and POSIX. The macro also makes it easier
for developers to use the extensions without needing (or forgetting) to
define them manually.

The macro can be safely used because it was introduced in Autoconf 2.60
and Tor requires Autoconf 2.63 and above.
 2016-06-17 10:17:44 -04:00
Nick Mathewson
9a63f059b9 Merge remote-tracking branch 'dgoulet/bug18604_029_01' 2016-06-17 09:07:41 -04:00
Nick Mathewson
a8c766220f Mark an abort() as unreachable. 2016-06-16 15:53:05 -04:00
Nick Mathewson
a418904962 Coverage on parse_config_line_from_str_verbose. 2016-06-16 15:52:19 -04:00
Nick Mathewson
c9ea9de806 Remove parse_config_line_from_str alias 
All of our code just uses parse_config_line_from_str_verbose.
 2016-06-16 15:40:56 -04:00
Nick Mathewson
128ab31c64 Mark code unreachable in unescape_string() 
Also, add tests for it in case someday it does become reachable.
 2016-06-16 15:36:08 -04:00
Nick Mathewson
dd73787190 On Windows, tv_sec is long, not time_t. 
I'm not angry, Windows: just very disappointed.
 2016-06-16 13:57:16 -04:00
David Goulet
ab35f9de46 Correctly close intro circuit when deleting ephemeral HS 
When deleting an ephemeral HS, we were only iterating on circuit with an
OPEN state. However, it could be possible that an intro point circuit didn't
reached the open state yet.

This commit makes it that we close the circuit regardless of its state
except if it was already marked for close.

Fixes #18604

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2016-06-16 13:09:24 -04:00
Nick Mathewson
6ceb37971e Try to fix memarea test on 32-bit systems 2016-06-16 11:59:51 -04:00
Nick Mathewson
5c596cdbc0 Tests for message rate-limiting 
Also note a bug in the rate-limiting message.
 2016-06-16 11:54:50 -04:00
Nick Mathewson
9b0bd65f22 I believe I found some dead code in our time parsing functions 2016-06-16 11:14:12 -04:00
Nick Mathewson
79370914d1 tests for size_mul_check__() 
it's important, and we should make sure we got it right.
 2016-06-16 10:43:01 -04:00
Nick Mathewson
41cb26c169 Correct the rounding behavior on tv_mdiff. 
Fix for bug 19428.
 2016-06-16 10:16:04 -04:00
Nick Mathewson
f05a213fe1 Improve coverage on tv_udiff, and tv_mdiff. 
I found some bugs in tv_mdiff; separate commit for that
 2016-06-16 10:07:44 -04:00
Nick Mathewson
6dc2b605b8 Improve coverage on esc_for_log, esc_for_log_len 2016-06-16 09:58:53 -04:00
Nick Mathewson
d1ab295d7b add LCOV_EXCL for unreachable exit() blocks in src/common 2016-06-16 09:50:52 -04:00
Nick Mathewson
f986e26850 Reach 100% line coverage on memarea.c 2016-06-16 09:37:44 -04:00
Nick Mathewson
7b54d7ebbd Mark src/common tor_assert(0)/tor_fragile_assert() unreached for coverage 
I audited this to make sure I was only marking ones that really
should be unreachable.
 2016-06-15 17:28:26 -04:00
Nick Mathewson
e718a582af Bump to 0.2.8.4-rc-dev 2016-06-15 12:55:17 -04:00
David Goulet
c7f1b46a10 Perform cache lookup when FetchHidServDescriptors is set 
The FetchHidServDescriptors check was placed before the descriptor cache
lookup which made the option not working because it was never using the
cache in the first place.

Fixes #18704

Patched-by: twim
Signef-off-by: David Goulet <dgoulet@torproject.org>
 2016-06-15 10:04:07 -04:00
Nick Mathewson
3a0d42fbf9 bump version to 0.2.8.4-rc 2016-06-14 20:36:35 -04:00
Nick Mathewson
05e2750ea7 whoops; blank line 2016-06-14 20:21:59 -04:00
Nick Mathewson
227d3b3d6b Use ENABLE/DISABLE_GCC_WARNING in masater. 2016-06-14 20:21:02 -04:00
Nick Mathewson
8486dea8d7 Merge branch 'maint-0.2.8' 2016-06-14 20:16:46 -04:00
Nick Mathewson
d6b01211b9 Resolve the remaining openssl "-Wredundant-decls" warnings. 
Another part of 19406
 2016-06-14 20:14:53 -04:00
Nick Mathewson
3bffdf05d1 use new-form macros to disable -Wredundant-decls 2016-06-14 12:22:52 -04:00
Nick Mathewson
df4fa92a88 Merge branch 'maint-0.2.8' 2016-06-14 12:17:24 -04:00
Nick Mathewson
71aacbe427 Suppress the Wredundant-decls warning in another set of openssl headers 2016-06-14 12:17:02 -04:00
Yawning Angel
c5e2f7b944 Bug 19406: Fix the unit tests to work with OpenSSL 1.1.x 
Just as it says on the tin.  Don't need to fully disable any tests and
reduce coverage either.  Yay me.
 2016-06-14 12:13:09 -04:00
Yawning Angel
6ddef1f7e0 Bug 19406: OpenSSL removed SSL_R_RECORD_TOO_LARGE in 1.1.0. 
This is a logging onlu change, we were suppressing the severity down to
INFO when it occured (treating it as "Mostly harmless").  Now it is no
more.
 2016-06-14 12:13:09 -04:00
Yawning Angel
b563a3a09d Bug 19406: OpenSSL made RSA and DH opaque in 1.1.0. 
There's accessors to get at things, but it ends up being rather
cumbersome.  The only place where behavior should change is that the
code will fail instead of attempting to generate a new DH key if our
internal sanity check fails.

Like the previous commit, this probably breaks snapshots prior to pre5.
 2016-06-14 12:13:09 -04:00
Yawning Angel
86f0b80681 Bug 19406: OpenSSL changed the Thread API in 1.1.0 again. 
Instead of `ERR_remove_thread_state()` having a modified prototype, it
now has the old prototype and a deprecation annotation.  Since it's
pointless to add extra complexity just to remain compatible with an old
OpenSSL development snapshot, update the code to work with 1.1.0pre5
and later.
 2016-06-14 12:13:09 -04:00
Nick Mathewson
4c90cdc0e7 Coverity dislikes (double) (int/int). 
When you divide an int by an int and get a fraction and _then_ cast
to double, coverity assumes that you meant to cast to a double
first.

In my fix for -Wfloat-conversion in 493499a339, I
did something like this that coverity didn't like.

Instead, I'm taking another approach here.

Fixes CID 1232089, I hope.
 2016-06-13 11:25:19 -04:00
Nick Mathewson
6a7d11f38a Merge branch 'maint-0.2.8' 2016-06-13 10:49:24 -04:00
Nick Mathewson
2ee3dbe801 Merge branch 'maint-0.2.7' into maint-0.2.8 2016-06-13 10:49:05 -04:00
Nick Mathewson
80089c9e7c Merge branch 'maint-0.2.6' into maint-0.2.7 2016-06-13 10:48:56 -04:00
Nick Mathewson
b4bb88606e Merge branch 'maint-0.2.5' into maint-0.2.6 2016-06-13 10:48:48 -04:00
Nick Mathewson
f25f7b759c Merge branch 'maint-0.2.4' into maint-0.2.5 2016-06-13 10:48:35 -04:00
Andrea Shepard
925f76b486 Keep make check-spaces happy 2016-06-12 21:47:14 +00:00
Roger Dingledine
0616fd6fb6 typo/comment/log fixes i found in my sandbox from montreal 2016-06-12 16:14:15 -04:00
Karsten Loesing
c14c662758 Update geoip and geoip6 to the June 7 2016 database. 2016-06-12 11:35:50 +02:00
Nick Mathewson
47edbd4fad Fix build on 32-bit systems. 2016-06-11 13:26:05 -04:00
Nick Mathewson
ada5668c5e Merge remote-tracking branch 'public/bug19203_027' into maint-0.2.8 2016-06-11 10:16:00 -04:00
Nick Mathewson
d6b2af7a3a Merge branch 'bug19180_easy_squashed' 2016-06-11 10:15:40 -04:00
Nick Mathewson
e80a032b61 Add clang's -Wstring-conversion, and fix the one place it hits 2016-06-11 10:11:54 -04:00
Nick Mathewson
53a3b39da1 Add -Wmissing-variable-declarations, with attendant fixes 
This is a big-ish patch, but it's very straightforward.  Under this
clang warning, we're not actually allowed to have a global variable
without a previous extern declaration for it.  The cases where we
violated this rule fall into three roughly equal groups:
  * Stuff that should have been static.
  * Stuff that was global but where the extern was local to some
    other C file.
  * Stuff that was only global when built for the unit tests, that
    needed a conditional extern in the headers.

The first two were IMO genuine problems; the last is a wart of how
we build tests.
 2016-06-11 10:11:54 -04:00
Nick Mathewson
80f1a2cbbd Add the -Wextra-semi warning from clang, and fix the cases where it triggers 2016-06-11 10:11:54 -04:00
Nick Mathewson
c3adbf755b Resolve some warnings from OSX clang. 2016-06-11 10:11:53 -04:00
Nick Mathewson
9bbd6502f0 Use autoconf, not gcc version, to decide which warnings we have 
This gives more accurate results under Clang, which can only help us
detect more warnings in more places.

Fixes bug 19216; bugfix on 0.2.0.1-alpha
 2016-06-11 10:11:53 -04:00
Nick Mathewson
4caed2424a Enable -Woverlength-strings for GCC>=4.6 on MOST of the code. 
IMO it's fine for us to make exceptions to this rule in the unit
tests, but not in the code at large.
 2016-06-11 10:11:52 -04:00
Nick Mathewson
8f2d2933f9 Use -Wdouble-promotion in GCC >= 4.6 
This warning triggers on silently promoting a float to a double.  In
our code, it's just a sign that somebody used a float by mistake,
since we always prefer double.
 2016-06-11 10:11:52 -04:00
Nick Mathewson
493499a339 Add -Wfloat-conversion for GCC >= 4.9 
This caught quite a few minor issues in our unit tests and elsewhere
in our code.
 2016-06-11 10:11:52 -04:00
Nick Mathewson
2ff20c93a5 Add -Wunused-const-variable=2 on GCC >=6.1 
This caused a trivial warning in curve25519-donna-64bit.h, which
had two unused constants.  I commented them out.
 2016-06-11 10:11:52 -04:00
Nick Mathewson
b14c1f4082 Merge remote-tracking branch 'public/bug19203_027' into HEAD 2016-06-11 10:11:44 -04:00
Nick Mathewson
4f8086fb20 Enable -Wnull-dereference (GCC >=6.1), and fix the easy cases 
This warning, IIUC, means that the compiler doesn't like it when it
sees a NULL check _after_ we've already dereferenced the
variable. In such cases, it considers itself free to eliminate the
NULL check.

There are a couple of tricky cases:

One was the case related to the fact that tor_addr_to_in6() can
return NULL if it gets a non-AF_INET6 address.  The fix was to
create a variant which asserts on the address type, and never
returns NULL.
 2016-06-11 10:10:29 -04:00
Nick Mathewson
c274f825da Merge remote-tracking branch 'asn/bug17688' 2016-06-11 10:07:15 -04:00
Andrea Shepard
9eeaeddbb1 Reduce make check-spaces noise 2016-06-09 11:50:25 +00:00
Nick Mathewson
f016213f7f Unit tests for our zlib code to test and reject compression bombs. 2016-06-08 18:08:30 -04:00
Nick Mathewson
429d15c529 Mark the unreachable lines in compat_{,p}threads and workqueue 
These are all related to failures from functions that either can't
fail as we call them, or where we cannot provoke failure.
 2016-06-08 17:30:22 -04:00
Nick Mathewson
3cc374456b Add several test scripts wrapping test_workqueue 
This is a fairly easy way for us to get our test coverage up on
compat_threads.c and workqueue.c -- I already implemented these
tests, so we might as well enable them.
 2016-06-08 17:29:06 -04:00
George Kadianakis
36dd9538d9 Don't rely on consensus parameter to use a single guard. 2016-06-07 17:22:47 +03:00
Nick Mathewson
1e330e1947 Repair test_crypto_openssl_version with LibreSSL 2016-06-06 10:45:23 -04:00
Nick Mathewson
c19a3d1bf8 Merge branch 'maint-0.2.8' 2016-06-06 10:18:07 -04:00
Nick Mathewson
83513a93a1 Check tor_sscanf return value in test_crypto.c 
Coverity noticed that we check tor_sscanf's return value everywhere
else.
 2016-06-06 10:01:50 -04:00
Nick Mathewson
6eeedc02d8 Use directory_must_use_begindir to predict we'll surely use begindir 
Previously, we used !directory_fetches_from_authorities() to predict
that we would tunnel connections.  But the rules have changed
somewhat over the course of 0.2.8
 2016-06-02 10:40:39 -04:00
Nick Mathewson
ed0ecd9f13 Use tor_sscanf, not sscanf, in test_crypto.c 
Fixes the 0.2.9 instance of bug #19213, which prevented mingw64 from
working.  This case wasn't in any released Tor.
 2016-06-02 10:16:15 -04:00
Nick Mathewson
b458a81cc5 Merge branch 'maint-0.2.8' 2016-06-02 10:13:35 -04:00
Nick Mathewson
a32ca313c4 Merge branch 'maint-0.2.7' into maint-0.2.8 2016-06-02 10:12:56 -04:00
Nick Mathewson
5854b19816 Use tor_sscanf, not sscanf, in test_util.c. 
Fixes the 0.2.7 case of bug #19213, which prevented mingw64 from
working.
 2016-06-02 10:11:29 -04:00
Nick Mathewson
3cdc8bfa2c Let's not even talk about those errors, ok? 2016-05-30 17:14:46 -04:00
Nick Mathewson
97f2c1c58e Wait, we had sprintf() in our unit tests?? FOR SHAME! 2016-05-30 16:50:57 -04:00
Nick Mathewson
4f1a04ff9c Replace nearly all XXX0vv comments with smarter ones 
So, back long ago, XXX012 meant, "before Tor 0.1.2 is released, we
had better revisit this comment and fix it!"

But we have a huge pile of such comments accumulated for a large
number of released versions!  Not cool.

So, here's what I tried to do:

  * 0.2.9 and 0.2.8 are retained, since those are not yet released.

  * XXX+ or XXX++ or XXX++++ or whatever means, "This one looks
    quite important!"

  * The others, after one-by-one examination, are downgraded to
    plain old XXX.  Which doesn't mean they aren't a problem -- just
    that they cannot possibly be a release-blocking problem.
 2016-05-30 16:18:16 -04:00
Nick Mathewson
ce31db4326 We no longer generate v0 directories. Remove the code to do so 2016-05-30 16:05:37 -04:00
Nick Mathewson
bdc59e33c1 Fix a warning on unnamed nodes in node_get_by_nickname(). 
There was a > that should have been an ==, and a missing !.  These
together prevented us from issuing a warning in the case that a
nickname matched an Unnamed node only.

Fixes bug 19203; bugfix on 0.2.3.1-alpha.
 2016-05-30 12:03:03 -04:00
Nick Mathewson
1e5ad15688 Merge remote-tracking branch 'arma/task19035-fixedup' 2016-05-27 13:22:16 -04:00
Roger Dingledine
3b83da1069 remove a now-unused section of or.h 2016-05-27 12:32:41 -04:00
Nick Mathewson
ce1dbbc4fd Enable the -Waggregate-return warning 
Suppress it in the one spot in the code where we actually do want to
allow an aggregate return in order to call the mallinfo() API.
 2016-05-27 11:26:14 -04:00
Nick Mathewson
0df2c5677a Use ENABLE_GCC_WARNING and DISABLE_GCC_WARNING in tortls.c 
Previously we'd done this ad hoc.
 2016-05-27 11:25:42 -04:00
Nick Mathewson
0279e48473 Add support for temporarily suppressing a warning 
There are a few places where we want to disable a warning: for
example, when it's impossible to call a legacy API without
triggering it, or when it's impossible to include an external header
without triggering it.

This pile of macros uses GCC's c99 _Pragma support, plus the usual
macro trickery, to enable and disable warnings.
 2016-05-27 11:23:52 -04:00
Roger Dingledine
500c4bf807 remove an unneeded layer of indentation 
no actual behavior changes
 2016-05-27 11:15:21 -04:00
Roger Dingledine
11d52a449c Disable GET /tor/bytes.txt and GETINFO dir-usage 
Remove support for "GET /tor/bytes.txt" DirPort request, and
"GETINFO dir-usage" controller request, which were only available
via a compile-time option in Tor anyway.

Feature was added in 0.2.2.1-alpha. Resolves ticket 19035.
 2016-05-27 11:15:21 -04:00
Nick Mathewson
437cbb17c2 Merge remote-tracking branch 'asn/feature19036' 2016-05-27 10:37:11 -04:00
Nick Mathewson
476714e1a4 Merge remote-tracking branch 'arma/bug18840' 2016-05-27 10:35:55 -04:00
Nick Mathewson
f25806409d Bump to 0.2.8.3-alpha-dev 2016-05-26 21:09:01 -04:00
Nick Mathewson
0a74346fe4 Bump to 0.2.8.3-alpha 2016-05-26 12:29:45 -04:00
Nick Mathewson
8c1c71aa2c Merge branch 'maint-0.2.8' 2016-05-26 12:12:54 -04:00
Nick Mathewson
a873ba8edd Fix two long lines 2016-05-26 12:11:57 -04:00
George Kadianakis
d875101e03 Functionify code that writes votes to disk. 2016-05-26 15:35:13 +03:00
Nick Mathewson
b7fac185a6 Merge branch 'maint-0.2.8' 2016-05-25 16:59:46 -04:00