907 Commits

Author	SHA1	Message	Date
rl1987	2f1068e68a	Adding helper function that checks if string is a valid IPv6 address.	2014-11-04 00:37:21 -05:00
rl1987	e8e45ff13e	Introducing helper function to validate IPv4 address strings.	2014-11-04 00:36:37 -05:00
rl1987	1ea9a6fd72	Introducing helper function to validate DNS name strings.	2014-11-04 00:35:43 -05:00
Nick Mathewson	a142fc29af	Use tor_malloc_zero(x), not tor_calloc(x,sizeof(char)) ... (Also, fixes a wide line.)	2014-11-02 12:08:51 -05:00
Nick Mathewson	bbd8d07167	Apply new calloc coccinelle patch	2014-11-02 11:56:02 -05:00
Nick Mathewson	ded33cb2c7	Use the | trick to save a comparison in our calloc check.	2014-11-02 11:54:42 -05:00
Nick Mathewson	0d8abf5365	Switch to a < comparison for our calloc check; explain how it works	2014-11-02 11:54:42 -05:00
Mansour Moufid	81b452d245	Document the calloc function overflow check.	2014-11-02 11:54:42 -05:00
Mansour Moufid	06b1ef7b76	Remove a duplicate comment.	2014-11-02 11:54:42 -05:00
Mansour Moufid	3206dbdce1	Refactor the tor_reallocarray_ overflow check.	2014-11-02 11:54:42 -05:00
Mansour Moufid	aff6fa0b59	Refactor the tor_calloc_ overflow check.	2014-11-02 11:54:41 -05:00
Nick Mathewson	fcdcb377a4	Add another year to our copyright dates. ... Because in 95 years, we or our successors will surely care about enforcing the BSD license terms on this code. Right?	2014-10-28 15:30:16 -04:00
teor	238b8eaa60	Improve date validation in HTTP headers ... Check all date/time values passed to tor_timegm and parse_rfc1123_time for validity, taking leap years into account. Improves HTTP header validation. Avoid unlikely signed integer overflow in tor_timegm on systems with 32-bit time_t. Fixes bug 13476.	2014-10-20 02:40:27 +11:00
Nick Mathewson	f1782d9c4c	Clean whitespace in last patch.	2014-10-13 13:20:07 -04:00
teor	f51418aabc	Avoid overflow in format_time_interval, create unit tests ... Fix an instance of integer overflow in format_time_interval() when taking the absolute value of the supplied signed interval value. Fixes bug 13393. Create unit tests for format_time_interval().	2014-10-12 20:50:10 +11:00
Nick Mathewson	48558ed1aa	Merge remote-tracking branch 'public/bug13104_025'	2014-09-11 00:11:26 -04:00
Nick Mathewson	284cc9a224	Avoid an overflow on negation in format_helper_exit_status ... Part of 13104; patch from teor.	2014-09-11 00:00:13 -04:00
Nick Mathewson	d2463c0cfe	Avoid overflows and underflows in sscanf and friends ... (Patch from teor on 13104)	2014-09-10 23:57:31 -04:00
Nick Mathewson	1eea7a68ed	Use S?SIZE_MAX, not S?SIZE_T_MAX ... This fixes bug 13102 (not on any released Tor) where using the standard SSIZE_MAX name broke mingw64, and we didn't realize. I did this with perl -i -pe 's/SIZE_T_MAX/SIZE_MAX/' src/*/*.[ch] src/*/*/*.[ch]	2014-09-09 12:08:03 -04:00
David Stainton	b59fd2efb6	Fix permissions logic	2014-09-04 22:21:30 +00:00
David Stainton	59e052b896	Remove HiddenServiceDirGroupReadable from or_options_t ... ...and also fix whitespace.	2014-09-03 17:22:15 +00:00
David Stainton	7203040835	Fix regression nickm pointed out	2014-09-03 03:53:32 +00:00
David Stainton	6e4efb559d	Fix white space	2014-09-02 18:08:57 +00:00
Nick Mathewson	9b850f9200	Add more assertions to esc_for_log to please the clangalyzer.	2014-09-02 13:29:45 -04:00
Nick Mathewson	07a16b3372	Add an assertion to read_file_to_str_until_eof ... The clangalyzer doesn't believe our math here. I'm pretty sure our math is right. Also, add some unit tests.	2014-09-02 13:29:11 -04:00
Nick Mathewson	57c48bf734	Apply the MALLOC_ZERO_WORKS fixup to tor_realloc as well. ... Also, make MALLOC_ZERO_WORKS never get applied when clang analyzer is running. This should make the clangalyzer a little happier.	2014-09-02 12:55:20 -04:00
David Stainton	6b9016fe3c	Correct check_private_dir's dir mode ... This commit attempts to satisfy nickm's comment on check_private_dir() permissions: https://trac.torproject.org/projects/tor/ticket/11291#comment:12 """check_private_dir() ensures that the directory has bits 0700 if CPD_CHECK_MODE_ONLY is not set. Shouldn't it also ensure that the directory has bits 0050 if CPD_CHECK_MODE_ONLY is not set, and CPD_GROUP_READ is set?"""	2014-08-30 15:23:05 -06:00
David Stainton	227b65924b	Clean up patch ... Here I clean up anon's patch with a few of nickm's suggestions from comment 12: https://trac.torproject.org/projects/tor/ticket/11291#comment:12 I did not yet completely implement all his suggestions.	2014-08-30 15:23:05 -06:00
anonymous	c13db1f614	Ticket #11291: patch from "anon": ... test-11291-group-redable-hsdirs-wtests-may8.patch	2014-08-30 15:23:05 -06:00
Nick Mathewson	0de7565dfd	Check return values for fcntl in tor_spawn_background. ... [CID 718609]	2014-08-21 10:38:19 -04:00
Nick Mathewson	4570805efd	Fix whitespace issues	2014-08-13 10:42:20 -04:00
Nick Mathewson	2bfd92d0d1	Apply coccinelle script to replace malloc(a*b)->calloc(a,b)	2014-08-13 10:39:56 -04:00
Nick Mathewson	19b137bc05	Add reallocarray clone so we can stop doing multiply-then-reallocate	2014-08-13 10:39:56 -04:00
Nick Mathewson	5b4ee475aa	Remove code for Windows CE support ... As far as I know, nobody has used this in ages. It would be a pretty big surprise if it had worked. Closes ticket 11446.	2014-06-20 09:49:36 -04:00
Nick Mathewson	a7cafb1ea9	Merge branch 'bug8746_v2_squashed' ... Conflicts: src/common/include.am	2014-06-14 11:46:38 -04:00
Nick Mathewson	34f8723dc7	On Windows, terminate processes by handle, not pid ... When we create a process yourself with CreateProcess, we get a handle to the process in the PROCESS_INFO output structure. But instead of using that handle, we were manually looking up a _new_ handle based on the process ID, which is a poor idea, since the process ID might refer to a new process later on, but the handle can't.	2014-06-14 11:40:27 -04:00
Nick Mathewson	f8344c2d28	Use waitpid code to learn when a controlled process dies ... This lets us avoid sending SIGTERM to something that has already died, since we realize it has already died, and is a fix for the unix version of #8746.	2014-06-14 11:40:27 -04:00
Nick Mathewson	a6eea86a2c	Merge branch 'bug11946'	2014-05-14 22:51:51 -04:00
Nick Mathewson	a88923e455	whitespace fix	2014-05-14 22:50:25 -04:00
Nick Mathewson	9b4ac986cb	Use tor_getpw{nam,uid} wrappers to fix bug 11946 ... When running with User set, we frequently try to look up our information in the user database (e.g., /etc/passwd). The seccomp2 sandbox setup doesn't let us open /etc/passwd, and probably shouldn't. To fix this, we have a pair of wrappers for getpwnam and getpwuid. When a real call to getpwnam or getpwuid fails, they fall back to a cached value, if the uid/gid matches. (Granting access to /etc/passwd isn't possible with the way we handle opening files through the sandbox. It's not desirable either.)	2014-05-14 13:53:14 -04:00
Nick Mathewson	585582fc8c	Merge branch 'bug9781_v2'	2014-05-12 13:35:22 -04:00
Nick Mathewson	b5e142cb1b	Log an error reply from tor-fw-helper correctly. ... Fix for bug 9781; bugfix on cd05f35d2c in 0.2.4.2-alpha.	2014-05-12 13:35:01 -04:00
dana koch	d6e6c63baf	Quench clang's complaints with -Wshorten-64-to-32 when time_t is not long. ... On OpenBSD 5.4, time_t is a 32-bit integer. These instances contain implicit treatment of long and time_t as comparable types, so explicitly cast to time_t.	2014-05-11 23:36:00 -04:00
Nick Mathewson	1adc98b9b5	Split portfw-error-logging code into a new function. ... No code has changed; only moved. Part of a fix for 9781.	2014-05-06 21:22:40 -04:00
Nick Mathewson	c472ac4fb8	Merge remote-tracking branch 'public/bug11233_diagnose'	2014-05-01 12:37:16 -04:00
Nick Mathewson	545e2119f2	Merge remote-tracking branch 'public/bug11605_024'	2014-04-29 14:33:39 -04:00
Nick Mathewson	f0a57bd363	Make compilation of tor_memdup_nulterm() with dmalloc ... Fixes bug 11605; bugfix on 0.2.4.10-alpha.	2014-04-25 13:52:07 -04:00
Nick Mathewson	156eefca45	Make sure everything using an interned string is preceded by a log ... (It's nice to know what we were about to rename before we died from renaming it.)	2014-04-16 22:03:09 -04:00
Nick Mathewson	c0441cca8b	Merge branch 'bug8787_squashed'	2014-03-31 11:57:56 -04:00
Andrea Shepard	abdf1878a3	Always check returns from unlink()	2014-03-31 11:27:08 -04:00
Nick Mathewson	234dfb0c65	Better log message when writing a CR in text mode on windows ... Help to diagnose #11233	2014-03-27 23:48:17 -04:00
Nick Mathewson	d5e11f21cc	Fix warnings from doxygen ... Most of these are simple. The only nontrivial part is that our pattern for using ENUM_BF was confusing doxygen by making declarations that didn't look like declarations.	2014-03-25 11:27:43 -04:00
Nick Hopper	b063ebbc60	fixed long -> int implicit cast warning line 3453	2014-02-20 11:54:01 +00:00
David Fifield	b600495441	Set CREATE_NO_WINDOW in tor_spawn_background. ... This flag prevents the creation of a console window popup on Windows. We need it for pluggable transport executables--otherwise you get blank console windows when you launch the 3.x browser bundle with transports enabled. http://msdn.microsoft.com/en-us/library/ms684863.aspx#CREATE_NO_WINDOW The browser bundles that used Vidalia used to set this flag when launching tor itself; it was apparently inherited by the pluggable transports launched by tor. In the 3.x bundles, tor is launched by some JavaScript code, which doesn't have the ability to set CREATE_NO_WINDOW. tor itself is now being compiled with the -mwindows option, so that it is a GUI application, not a console application, and doesn't show a console window in any case. This workaround doesn't work for pluggable transports, because they need to be able to write control messages to stdout. https://trac.torproject.org/projects/tor/ticket/9444#comment:30	2013-12-05 12:30:11 -05:00
Nick Mathewson	acd8c4f868	Avoid warning about impossible check for flags & 0 ... Fixes CID 743381	2013-11-22 12:42:05 -05:00
Nick Mathewson	4b9ec85e47	Fix whitespace	2013-11-18 11:13:40 -05:00
Nick Mathewson	fbc20294aa	Merge branch 'backtrace_squashed' ... Conflicts: src/common/sandbox.c src/common/sandbox.h src/common/util.c src/or/main.c src/test/include.am src/test/test.c	2013-11-18 11:00:16 -05:00
Nick Mathewson	c2dfae78d3	Refactor format_*_number_sigsafe to have a common implementation	2013-11-18 10:43:16 -05:00
Nick Mathewson	d631ddfb59	Make backtrace handler handle signals correctly. ... This meant moving a fair bit of code around, and writing a signal cleanup function. Still pretty nice from what I can tell, though.	2013-11-18 10:43:15 -05:00
Nick Mathewson	063bea58bc	Basic backtrace ability ... On platforms with the backtrace/backtrace_symbols_fd interface, Tor can now dump stack traces on assertion failure. By default, I log them to DataDir/stack_dump and to stderr.	2013-11-18 10:43:14 -05:00
Nick Mathewson	7a2b30fe16	Merge remote-tracking branch 'origin/maint-0.2.4' ... Conflicts: src/or/relay.c Conflict changes were easy; compilation fixes required were using using TOR_SIMPLEQ_FIRST to get head of cell queue.	2013-11-15 15:35:00 -05:00
Nick Mathewson	59f50c80d4	Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 ... Conflicts: src/or/or.h src/or/relay.c Conflicts were simple to resolve. More fixes were needed for compilation, including: reinstating the tv_to_msec function, and renaming *_conn_cells to *_chan_cells.	2013-11-15 15:29:24 -05:00
Nick Mathewson	0546edde66	Merge branch 'bug1376'	2013-10-11 12:51:15 -04:00
Nick Mathewson	7ef9ecf6b3	Fix some whitespace; tighten the tests.	2013-10-11 12:51:07 -04:00
Nick Mathewson	3d817fa29c	Merge remote-tracking branch 'origin/maint-0.2.4'	2013-10-10 11:18:17 -04:00
Nick Mathewson	7b1b8c3694	Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4	2013-10-10 11:18:07 -04:00
Nick Mathewson	004a9c6dd1	Fix unit test for format_helper_exit_status ... Fix format_helper_exit_status to allow full HEX_ERRNO_SIZE answers, *and* increase the buffer length again.	2013-10-10 11:15:35 -04:00
Nick Mathewson	97285bc465	Merge remote-tracking branch 'origin/maint-0.2.4'	2013-10-10 10:55:58 -04:00
Nick Mathewson	1137817319	Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4	2013-10-10 10:55:24 -04:00
Nick Mathewson	17bcfb2604	Raise buffer size, fix checks for format_exit_helper_status. ... This is probably not an exploitable bug, since you would need to have errno be a large negative value in the unix pluggable-transport launcher case. Still, best avoided. Fixes bug 9928; bugfix on 0.2.3.18-rc.	2013-10-08 11:13:21 -04:00
Nick Mathewson	f4db0f429a	Fix a windows compilation warning from sandboxing branch	2013-09-13 12:43:18 -04:00
Nick Mathewson	e0b2cd061b	Merge remote-tracking branch 'ctoader/gsoc-cap-stage2' ... Conflicts: src/common/sandbox.c	2013-09-13 12:31:41 -04:00
Kevin Butler	0f070e7858	Added test for new write_chunks_to_file behaviour in #1376.	2013-09-04 23:25:41 +01:00
Kevin Butler	1bdb391ed0	Added no_tempfile parameter to write_chunks_to_file to do non-atomic writes. Implements #1376.	2013-09-01 00:24:07 +01:00
Nick Mathewson	74262f1571	Merge branch 'bug5040_4773_rebase_3'	2013-08-15 12:04:56 -04:00
George Kadianakis	c5269a59b0	Test ExtORPort cookie initialization when file writing is broken.	2013-08-15 12:03:38 -04:00
Cristian Toader	8a85a48b9d	attempt to add stat64 filename filters; failed due to getaddrinfo..	2013-08-12 21:14:43 +03:00
Andrea Shepard	468e44a0ef	Fix tor_get_lines_from_handle() for make check-spaces	2013-08-02 18:49:57 -07:00
Nick Mathewson	5405688223	Fix compilation on Windows ... (Bugfix on tests for #9288 fix; bug not in any released Tor)	2013-07-31 14:19:29 -04:00
Nick Mathewson	904a58d10f	Merge branch 'bug9288_rebased' ... Conflicts: src/test/test_pt.c	2013-07-31 13:51:15 -04:00
George Kadianakis	2e7c531fdc	Prepare some mock functions to test #9288.	2013-07-31 13:34:16 -04:00
Cristian Toader	8022def6f0	added openat parameter filter	2013-07-29 16:30:39 +03:00
Nick Mathewson	f6d8bc9389	Refactor the assertion-failure code into a function	2013-07-19 13:40:20 -04:00
Nick Mathewson	5343ee1a06	Add a signal-safe decimal formatting function	2013-07-19 13:26:25 -04:00
Nick Mathewson	713ff2f5ef	Document what "escape" means in tor_escape_str_for_pt_args	2013-07-18 08:45:03 -04:00
George Kadianakis	1a0cf08841	Rename tor_escape_str_for_socks_arg() to something more generic. ... Since we are going to be using that function to also escape parameters passed to transport proxies using environment variables.	2013-07-18 08:45:03 -04:00
George Kadianakis	ea72958f25	Pass characters to be escaped to tor_escape_str_for_socks_arg(). ... This is in preparation for using tor_escape_str_for_socks_arg() to escape server-side pluggable transport parameters.	2013-07-18 08:45:02 -04:00
Nick Mathewson	9fda7e8cd1	Lightly refactor and test format_hex_number_sigsafe ... Better tests for upper bounds, and for failing cases. Also, change the function's interface to take a buffer length rather than a maximum length, and then NUL-terminate: functions that don't NUL-terminate are trouble waiting to happen.	2013-07-15 12:52:29 -04:00
Nick Mathewson	22977b7c1d	Expose format_hex_number_..., and rename it to ..._sigsafe(). ... There are some other places in the code that will want a signal-safe way to format numbers, so it shouldn't be static to util.c.	2013-07-15 12:26:55 -04:00
Nick Mathewson	449b2b7c58	Don't build format_helper_exit_status on win32 ... The only thing that used format_helper_exit_status on win32 was the unit tests. This caused an error when we tried to leave a static format_helper_exit_status lying around in a production object file. The easiest solution is to admit that this way of dealing with process exit status is Unix-only.	2013-07-15 12:17:23 -04:00
Nick Mathewson	a3e0a87d95	Completely refactor how FILENAME_PRIVATE works ... We previously used FILENAME_PRIVATE identifiers mostly for identifiers exposed only to the unit tests... but also for identifiers exposed to the benchmarker, and sometimes for identifiers exposed to a similar module, and occasionally for no really good reason at all. Now, we use FILENAME_PRIVATE identifiers for identifiers shared by Tor and the unit tests. They should be defined static when we aren't building the unit test, and globally visible otherwise. (The STATIC macro will keep us honest here.) For identifiers used only by the unit tests and never by Tor at all, on the other hand, we wrap them in #ifdef TOR_UNIT_TESTS. This is not the motivating use case for the split test/non-test build system; it's just a test example to see how it works, and to take a chance to clean up the code a little.	2013-07-10 15:20:10 -04:00
Nick Mathewson	bbc049a756	Merge remote-tracking branch 'origin/maint-0.2.4'	2013-04-17 10:48:39 -04:00
Nick Mathewson	42731f69ef	Merge branch 'bug8037_squashed' into maint-0.2.4	2013-04-17 10:45:45 -04:00
Nick Mathewson	acbfc9c8cc	Merge remote-tracking branch 'origin/maint-0.2.4'	2013-03-19 15:32:44 -04:00
Nick Mathewson	a7b46336eb	Merge remote-tracking branch 'public/bug7950' into maint-0.2.4	2013-03-19 15:32:17 -04:00
Nick Mathewson	c101ecc8dc	Merge remote-tracking branch 'asn/bug3594_rebased_and_fixed' ... Conflicts: src/common/util.c src/or/entrynodes.h	2013-03-19 13:25:45 -04:00
Nick Mathewson	a4e9d67292	Remove some functions which were unused except for their tests	2013-02-23 23:38:43 -05:00
Nick Mathewson	5bfa373eee	Remove some totally unused functions	2013-02-23 23:31:31 -05:00
Nick Mathewson	1827be0bd6	Make a parse_config_line_from_str variant that gives error messages ... Without this patch, there's no way to know what went wrong when we fail to parse a torrc line entirely (that is, we can't turn it into a K,V pair.) This patch introduces a new function that yields an error message on failure, so we can at least tell the user what to look for in their nonfunctional torrc. (Actually, it's the same function as before with a new name: parse_config_line_from_str is now a wrapper macro that the unit tests use.) Fixes bug 7950; fix on 0.2.0.16-alpha (58de695f90) which first introduced the possibility of a torrc value not parsing correctly.	2013-02-19 17:36:17 -05:00
Nick Mathewson	da6720e9fa	Make _SC_OPEN_MAX actually get used when closing fds before exec. ... Fixes bug 8209; bugfix on 0.2.3.1-alpha.	2013-02-11 16:27:35 -05:00
George Kadianakis	266f8cddd8	Refactoring to make parse_bridge_line() unittestable. ... - Make parse_bridge_line() return a struct. - Make bridge_add_from_config() accept a struct. - Make string_is_key_value() less hysterical.	2013-02-11 18:07:26 +00:00
George Kadianakis	b5dceab175	Fix various issues pointed out by Nick and Andrea. ... - Document the key=value format. - Constify equal_sign_pos. - Pass some strings that are about to be logged to escape(). - Update documentation and fix some bugs in tor_escape_str_for_socks_arg(). - Use string_is_key_value() in parse_bridge_line(). - Parenthesize a forgotten #define - Add some more comments. - Add some more unit test cases.	2013-02-09 18:46:10 +00:00
George Kadianakis	b8532bcb1e	Add utility functions needed for SOCKS argument parsing.	2013-02-09 16:30:16 +00:00
Nick Mathewson	69ab7cd828	Improve comment at Andrea's request	2013-02-08 17:13:11 -05:00
Nick Mathewson	8cdd8b8353	Fix numerous problems with Tor's weak RNG. ... We need a weak RNG in a couple of places where the strong RNG is both needless and too slow. We had been using the weak RNG from our platform's libc implementation, but that was problematic (because many platforms have exceptionally horrible weak RNGs -- like, ones that only return values between 0 and SHORT_MAX) and because we were using it in a way that was wrong for LCG-based weak RNGs. (We were counting on the low bits of the LCG output to be as random as the high ones, which isn't true.) This patch adds a separate type for a weak RNG, adds an LCG implementation for it, and uses that exclusively where we had been using the platform weak RNG.	2013-02-08 16:28:05 -05:00
Nick Mathewson	ba7d93db16	Merge remote-tracking branch 'public/bug7816_023' ... Conflicts: src/common/util.c	2013-02-07 15:20:50 -05:00
Nick Mathewson	1dd03fbc77	Fix a silly mistake in the tor_mathlog() documentation. Give it a unit test.	2013-02-01 16:09:16 -05:00
Nick Mathewson	b034d07acd	Remove old wrapper code and defines for keeping log() and log(3) apart ... This is the non-automated portion of bug 7599.	2013-02-01 15:49:51 -05:00
Nick Mathewson	a141430ec3	Rename log() to tor_log() for logging ... This is meant to avoid conflict with the built-in log() function in math.h. It resolves ticket 7599. First reported by dhill. This was generated with the following perl script: #!/usr/bin/perl -w -i -p s/\blog\(LOG_(ERR|WARN|NOTICE|INFO|DEBUG)\s*,\s*/log_\L$1\(/g; s/\blog\(/tor_log\(/g;	2013-02-01 15:43:37 -05:00
Nick Mathewson	acd72d4e3e	Correctly copy microdescs/extrinfos with internal NUL bytes ... Fixes bug 8037; bugfix on 0.2.0.1-alpha; reported by cypherpunks.	2013-01-26 18:01:06 -05:00
Nick Mathewson	b998431a33	Merge branch '024_msvc_squashed' ... Conflicts: src/or/or.h srcwin32/orconfig.h	2013-01-16 22:32:12 -05:00
Nick Mathewson	5e06c4ee32	When building with MSVC, call every enum bitfield unsigned ... Fixes bug 7305.	2013-01-16 22:29:39 -05:00
Nick Mathewson	0558efbd62	Fix a const warning under msvc	2013-01-16 22:29:38 -05:00
Nick Mathewson	4da083db3b	Update the copyright date to 201.	2013-01-16 01:54:56 -05:00
Nick Mathewson	d3aabf4db1	Fix various small leaks on error cases ... Spotted by coverity, bug 7816, bugfix on various versions.	2012-12-28 22:49:32 -05:00
Nick Mathewson	99669c69b3	Note limitation of parse_rfc_1123_time ... RFC1123 suggests that we should handle two-year times, and a full range of time zones, and other stuff too. We don't.	2012-11-23 10:06:16 -05:00
Nick Mathewson	864e15cd1c	In comments and logs, say "UTC" not "GMT" ... Fix for #6113. Note that the RFC1123 times we generate still all say 'GMT'. I'm going to suggest this is not worth changing.	2012-11-23 10:05:16 -05:00
Nick Mathewson	08436b27ff	Merge remote-tracking branch 'origin/maint-0.2.3'	2012-11-08 20:00:54 -05:00
Nick Mathewson	e567b4482a	Turn a memwipe in tor_process_handle_destroy() back to memset ... It broke linking on tor-resolve.c, and it's not actually sanitizing anything sensitive. Fix for bug 7420; bug not on ony released Tor.	2012-11-08 19:59:54 -05:00
Nick Mathewson	81deddb08c	Merge remote-tracking branch 'origin/maint-0.2.3' ... Conflicts: src/common/crypto.c src/or/rendservice.c	2012-11-08 16:48:04 -05:00
Nick Mathewson	49dd5ef3a3	Add and use and unlikely-to-be-eliminated memwipe() ... Apparently some compilers like to eliminate memset() operations on data that's about to go out-of-scope. I've gone with the safest possible replacement, which might be a bit slow. I don't think this is critical path in any way that will affect performance, but if it is, we can work on that in 0.2.4. Fixes bug 7352.	2012-11-08 16:44:50 -05:00
George Kadianakis	a9f786758d	Add warning message when a managed proxy dies during configuration.	2012-11-06 17:53:09 -05:00
Nick Mathewson	56c0baa523	Rename all reserved C identifiers we defined ... For everything we declare that starts with _, make it end with _ instead. This is a machine-generated patch. To make it, start by getting the list of reserved identifiers using: git ls-tree -r --name-only HEAD | grep '\.[ch]$' | \ xargs ctags --c-kinds=defglmpstuvx -o - | grep '^_' | \ cut -f 1 | sort| uniq You might need gnu ctags. Then pipe the output through this script: ============================== use strict; BEGIN { print "#!/usr/bin/perl -w -i -p\n\n"; } chomp; next if ( /^__attribute__/ or /^__func__/ or /^_FILE_OFFSET_BITS/ or /^_FORTIFY_SOURCE/ or /^_GNU_SOURCE/ or /^_WIN32/ or /^_DARWIN_UNLIMITED/ or /^_FILE_OFFSET_BITS/ or /^_LARGEFILE64_SOURCE/ or /^_LFS64_LARGEFILE/ or /^__cdecl/ or /^__attribute__/ or /^__func__/ or /^_WIN32_WINNT/); my $ident = $_; my $better = $ident; $better =~ s/^_//; $better = "${better}_"; print "s/(?<![A-Za-z0-9_])$ident(?![A-Za-z0-9_])/$better/g;\n"; ============================== Then run the resulting script on all the files you want to change. (That is, all the C except that in src/ext.) The resulting script was: ============================== s/(?<![A-Za-z0-9_])_address(?![A-Za-z0-9_])/address_/g; s/(?<![A-Za-z0-9_])_aes_fill_buf(?![A-Za-z0-9_])/aes_fill_buf_/g; s/(?<![A-Za-z0-9_])_AllowInvalid(?![A-Za-z0-9_])/AllowInvalid_/g; s/(?<![A-Za-z0-9_])_AP_CONN_STATE_MAX(?![A-Za-z0-9_])/AP_CONN_STATE_MAX_/g; s/(?<![A-Za-z0-9_])_AP_CONN_STATE_MIN(?![A-Za-z0-9_])/AP_CONN_STATE_MIN_/g; s/(?<![A-Za-z0-9_])_assert_cache_ok(?![A-Za-z0-9_])/assert_cache_ok_/g; s/(?<![A-Za-z0-9_])_A_UNKNOWN(?![A-Za-z0-9_])/A_UNKNOWN_/g; s/(?<![A-Za-z0-9_])_base(?![A-Za-z0-9_])/base_/g; s/(?<![A-Za-z0-9_])_BridgePassword_AuthDigest(?![A-Za-z0-9_])/BridgePassword_AuthDigest_/g; s/(?<![A-Za-z0-9_])_buffer_stats_compare_entries(?![A-Za-z0-9_])/buffer_stats_compare_entries_/g; s/(?<![A-Za-z0-9_])_chan_circid_entries_eq(?![A-Za-z0-9_])/chan_circid_entries_eq_/g; s/(?<![A-Za-z0-9_])_chan_circid_entry_hash(?![A-Za-z0-9_])/chan_circid_entry_hash_/g; s/(?<![A-Za-z0-9_])_check_no_tls_errors(?![A-Za-z0-9_])/check_no_tls_errors_/g; s/(?<![A-Za-z0-9_])_c_hist_compare(?![A-Za-z0-9_])/c_hist_compare_/g; s/(?<![A-Za-z0-9_])_circ(?![A-Za-z0-9_])/circ_/g; s/(?<![A-Za-z0-9_])_circuit_get_global_list(?![A-Za-z0-9_])/circuit_get_global_list_/g; s/(?<![A-Za-z0-9_])_circuit_mark_for_close(?![A-Za-z0-9_])/circuit_mark_for_close_/g; s/(?<![A-Za-z0-9_])_CIRCUIT_PURPOSE_C_MAX(?![A-Za-z0-9_])/CIRCUIT_PURPOSE_C_MAX_/g; s/(?<![A-Za-z0-9_])_CIRCUIT_PURPOSE_MAX(?![A-Za-z0-9_])/CIRCUIT_PURPOSE_MAX_/g; s/(?<![A-Za-z0-9_])_CIRCUIT_PURPOSE_MIN(?![A-Za-z0-9_])/CIRCUIT_PURPOSE_MIN_/g; s/(?<![A-Za-z0-9_])_CIRCUIT_PURPOSE_OR_MAX(?![A-Za-z0-9_])/CIRCUIT_PURPOSE_OR_MAX_/g; s/(?<![A-Za-z0-9_])_CIRCUIT_PURPOSE_OR_MIN(?![A-Za-z0-9_])/CIRCUIT_PURPOSE_OR_MIN_/g; s/(?<![A-Za-z0-9_])_cmp_int_strings(?![A-Za-z0-9_])/cmp_int_strings_/g; s/(?<![A-Za-z0-9_])_compare_cached_resolves_by_expiry(?![A-Za-z0-9_])/compare_cached_resolves_by_expiry_/g; s/(?<![A-Za-z0-9_])_compare_digests(?![A-Za-z0-9_])/compare_digests_/g; s/(?<![A-Za-z0-9_])_compare_digests256(?![A-Za-z0-9_])/compare_digests256_/g; s/(?<![A-Za-z0-9_])_compare_dir_src_ents_by_authority_id(?![A-Za-z0-9_])/compare_dir_src_ents_by_authority_id_/g; s/(?<![A-Za-z0-9_])_compare_duration_idx(?![A-Za-z0-9_])/compare_duration_idx_/g; s/(?<![A-Za-z0-9_])_compare_int(?![A-Za-z0-9_])/compare_int_/g; s/(?<![A-Za-z0-9_])_compare_networkstatus_v2_published_on(?![A-Za-z0-9_])/compare_networkstatus_v2_published_on_/g; s/(?<![A-Za-z0-9_])_compare_old_routers_by_identity(?![A-Za-z0-9_])/compare_old_routers_by_identity_/g; s/(?<![A-Za-z0-9_])_compare_orports(?![A-Za-z0-9_])/compare_orports_/g; s/(?<![A-Za-z0-9_])_compare_pairs(?![A-Za-z0-9_])/compare_pairs_/g; s/(?<![A-Za-z0-9_])_compare_routerinfo_by_id_digest(?![A-Za-z0-9_])/compare_routerinfo_by_id_digest_/g; s/(?<![A-Za-z0-9_])_compare_routerinfo_by_ip_and_bw(?![A-Za-z0-9_])/compare_routerinfo_by_ip_and_bw_/g; s/(?<![A-Za-z0-9_])_compare_signed_descriptors_by_age(?![A-Za-z0-9_])/compare_signed_descriptors_by_age_/g; s/(?<![A-Za-z0-9_])_compare_string_ptrs(?![A-Za-z0-9_])/compare_string_ptrs_/g; s/(?<![A-Za-z0-9_])_compare_strings_for_pqueue(?![A-Za-z0-9_])/compare_strings_for_pqueue_/g; s/(?<![A-Za-z0-9_])_compare_strs(?![A-Za-z0-9_])/compare_strs_/g; s/(?<![A-Za-z0-9_])_compare_tor_version_str_ptr(?![A-Za-z0-9_])/compare_tor_version_str_ptr_/g; s/(?<![A-Za-z0-9_])_compare_vote_rs(?![A-Za-z0-9_])/compare_vote_rs_/g; s/(?<![A-Za-z0-9_])_compare_votes_by_authority_id(?![A-Za-z0-9_])/compare_votes_by_authority_id_/g; s/(?<![A-Za-z0-9_])_compare_without_first_ch(?![A-Za-z0-9_])/compare_without_first_ch_/g; s/(?<![A-Za-z0-9_])_connection_free(?![A-Za-z0-9_])/connection_free_/g; s/(?<![A-Za-z0-9_])_connection_mark_and_flush(?![A-Za-z0-9_])/connection_mark_and_flush_/g; s/(?<![A-Za-z0-9_])_connection_mark_for_close(?![A-Za-z0-9_])/connection_mark_for_close_/g; s/(?<![A-Za-z0-9_])_connection_mark_unattached_ap(?![A-Za-z0-9_])/connection_mark_unattached_ap_/g; s/(?<![A-Za-z0-9_])_connection_write_to_buf_impl(?![A-Za-z0-9_])/connection_write_to_buf_impl_/g; s/(?<![A-Za-z0-9_])_ConnLimit(?![A-Za-z0-9_])/ConnLimit_/g; s/(?<![A-Za-z0-9_])_CONN_TYPE_MAX(?![A-Za-z0-9_])/CONN_TYPE_MAX_/g; s/(?<![A-Za-z0-9_])_CONN_TYPE_MIN(?![A-Za-z0-9_])/CONN_TYPE_MIN_/g; s/(?<![A-Za-z0-9_])_CONTROL_CONN_STATE_MAX(?![A-Za-z0-9_])/CONTROL_CONN_STATE_MAX_/g; s/(?<![A-Za-z0-9_])_CONTROL_CONN_STATE_MIN(?![A-Za-z0-9_])/CONTROL_CONN_STATE_MIN_/g; s/(?<![A-Za-z0-9_])_CPUWORKER_STATE_MAX(?![A-Za-z0-9_])/CPUWORKER_STATE_MAX_/g; s/(?<![A-Za-z0-9_])_CPUWORKER_STATE_MIN(?![A-Za-z0-9_])/CPUWORKER_STATE_MIN_/g; s/(?<![A-Za-z0-9_])_crypto_dh_get_dh(?![A-Za-z0-9_])/crypto_dh_get_dh_/g; s/(?<![A-Za-z0-9_])_crypto_global_initialized(?![A-Za-z0-9_])/crypto_global_initialized_/g; s/(?<![A-Za-z0-9_])_crypto_new_pk_from_rsa(?![A-Za-z0-9_])/crypto_new_pk_from_rsa_/g; s/(?<![A-Za-z0-9_])_crypto_pk_get_evp_pkey(?![A-Za-z0-9_])/crypto_pk_get_evp_pkey_/g; s/(?<![A-Za-z0-9_])_crypto_pk_get_rsa(?![A-Za-z0-9_])/crypto_pk_get_rsa_/g; s/(?<![A-Za-z0-9_])_DIR_CONN_STATE_MAX(?![A-Za-z0-9_])/DIR_CONN_STATE_MAX_/g; s/(?<![A-Za-z0-9_])_DIR_CONN_STATE_MIN(?![A-Za-z0-9_])/DIR_CONN_STATE_MIN_/g; s/(?<![A-Za-z0-9_])_DIR_PURPOSE_MAX(?![A-Za-z0-9_])/DIR_PURPOSE_MAX_/g; s/(?<![A-Za-z0-9_])_DIR_PURPOSE_MIN(?![A-Za-z0-9_])/DIR_PURPOSE_MIN_/g; s/(?<![A-Za-z0-9_])_dirreq_map_get(?![A-Za-z0-9_])/dirreq_map_get_/g; s/(?<![A-Za-z0-9_])_dirreq_map_put(?![A-Za-z0-9_])/dirreq_map_put_/g; s/(?<![A-Za-z0-9_])_dns_randfn(?![A-Za-z0-9_])/dns_randfn_/g; s/(?<![A-Za-z0-9_])_dummy(?![A-Za-z0-9_])/dummy_/g; s/(?<![A-Za-z0-9_])_edge(?![A-Za-z0-9_])/edge_/g; s/(?<![A-Za-z0-9_])_END_CIRC_REASON_MAX(?![A-Za-z0-9_])/END_CIRC_REASON_MAX_/g; s/(?<![A-Za-z0-9_])_END_CIRC_REASON_MIN(?![A-Za-z0-9_])/END_CIRC_REASON_MIN_/g; s/(?<![A-Za-z0-9_])_EOF(?![A-Za-z0-9_])/EOF_/g; s/(?<![A-Za-z0-9_])_ERR(?![A-Za-z0-9_])/ERR_/g; s/(?<![A-Za-z0-9_])_escaped_val(?![A-Za-z0-9_])/escaped_val_/g; s/(?<![A-Za-z0-9_])_evdns_log(?![A-Za-z0-9_])/evdns_log_/g; s/(?<![A-Za-z0-9_])_evdns_nameserver_add_impl(?![A-Za-z0-9_])/evdns_nameserver_add_impl_/g; s/(?<![A-Za-z0-9_])_EVENT_MAX(?![A-Za-z0-9_])/EVENT_MAX_/g; s/(?<![A-Za-z0-9_])_EVENT_MIN(?![A-Za-z0-9_])/EVENT_MIN_/g; s/(?<![A-Za-z0-9_])_ExcludeExitNodesUnion(?![A-Za-z0-9_])/ExcludeExitNodesUnion_/g; s/(?<![A-Za-z0-9_])_EXIT_CONN_STATE_MAX(?![A-Za-z0-9_])/EXIT_CONN_STATE_MAX_/g; s/(?<![A-Za-z0-9_])_EXIT_CONN_STATE_MIN(?![A-Za-z0-9_])/EXIT_CONN_STATE_MIN_/g; s/(?<![A-Za-z0-9_])_EXIT_PURPOSE_MAX(?![A-Za-z0-9_])/EXIT_PURPOSE_MAX_/g; s/(?<![A-Za-z0-9_])_EXIT_PURPOSE_MIN(?![A-Za-z0-9_])/EXIT_PURPOSE_MIN_/g; s/(?<![A-Za-z0-9_])_extrainfo_free(?![A-Za-z0-9_])/extrainfo_free_/g; s/(?<![A-Za-z0-9_])_find_by_keyword(?![A-Za-z0-9_])/find_by_keyword_/g; s/(?<![A-Za-z0-9_])_free_cached_dir(?![A-Za-z0-9_])/free_cached_dir_/g; s/(?<![A-Za-z0-9_])_free_cached_resolve(?![A-Za-z0-9_])/free_cached_resolve_/g; s/(?<![A-Za-z0-9_])_free_duplicate_routerstatus_entry(?![A-Za-z0-9_])/free_duplicate_routerstatus_entry_/g; s/(?<![A-Za-z0-9_])_free_link_history(?![A-Za-z0-9_])/free_link_history_/g; s/(?<![A-Za-z0-9_])_geoip_compare_entries(?![A-Za-z0-9_])/geoip_compare_entries_/g; s/(?<![A-Za-z0-9_])_geoip_compare_key_to_entry(?![A-Za-z0-9_])/geoip_compare_key_to_entry_/g; s/(?<![A-Za-z0-9_])_hex_decode_digit(?![A-Za-z0-9_])/hex_decode_digit_/g; s/(?<![A-Za-z0-9_])_idxplus1(?![A-Za-z0-9_])/idxplus1_/g; s/(?<![A-Za-z0-9_])__libc_enable_secure(?![A-Za-z0-9_])/_libc_enable_secure_/g; s/(?<![A-Za-z0-9_])_log_debug(?![A-Za-z0-9_])/log_debug_/g; s/(?<![A-Za-z0-9_])_log_err(?![A-Za-z0-9_])/log_err_/g; s/(?<![A-Za-z0-9_])_log_fn(?![A-Za-z0-9_])/log_fn_/g; s/(?<![A-Za-z0-9_])_log_fn_function_name(?![A-Za-z0-9_])/log_fn_function_name_/g; s/(?<![A-Za-z0-9_])_log_global_min_severity(?![A-Za-z0-9_])/log_global_min_severity_/g; s/(?<![A-Za-z0-9_])_log_info(?![A-Za-z0-9_])/log_info_/g; s/(?<![A-Za-z0-9_])_log_notice(?![A-Za-z0-9_])/log_notice_/g; s/(?<![A-Za-z0-9_])_log_prefix(?![A-Za-z0-9_])/log_prefix_/g; s/(?<![A-Za-z0-9_])_log_warn(?![A-Za-z0-9_])/log_warn_/g; s/(?<![A-Za-z0-9_])_magic(?![A-Za-z0-9_])/magic_/g; s/(?<![A-Za-z0-9_])_MALLOC_LOCK(?![A-Za-z0-9_])/MALLOC_LOCK_/g; s/(?<![A-Za-z0-9_])_MALLOC_LOCK_INIT(?![A-Za-z0-9_])/MALLOC_LOCK_INIT_/g; s/(?<![A-Za-z0-9_])_MALLOC_UNLOCK(?![A-Za-z0-9_])/MALLOC_UNLOCK_/g; s/(?<![A-Za-z0-9_])_microdesc_eq(?![A-Za-z0-9_])/microdesc_eq_/g; s/(?<![A-Za-z0-9_])_microdesc_hash(?![A-Za-z0-9_])/microdesc_hash_/g; s/(?<![A-Za-z0-9_])_MIN_TOR_TLS_ERROR_VAL(?![A-Za-z0-9_])/MIN_TOR_TLS_ERROR_VAL_/g; s/(?<![A-Za-z0-9_])_mm_free(?![A-Za-z0-9_])/mm_free_/g; s/(?<![A-Za-z0-9_])_NIL(?![A-Za-z0-9_])/NIL_/g; s/(?<![A-Za-z0-9_])_n_openssl_mutexes(?![A-Za-z0-9_])/n_openssl_mutexes_/g; s/(?<![A-Za-z0-9_])_openssl_dynlock_create_cb(?![A-Za-z0-9_])/openssl_dynlock_create_cb_/g; s/(?<![A-Za-z0-9_])_openssl_dynlock_destroy_cb(?![A-Za-z0-9_])/openssl_dynlock_destroy_cb_/g; s/(?<![A-Za-z0-9_])_openssl_dynlock_lock_cb(?![A-Za-z0-9_])/openssl_dynlock_lock_cb_/g; s/(?<![A-Za-z0-9_])_openssl_locking_cb(?![A-Za-z0-9_])/openssl_locking_cb_/g; s/(?<![A-Za-z0-9_])_openssl_mutexes(?![A-Za-z0-9_])/openssl_mutexes_/g; s/(?<![A-Za-z0-9_])_option_abbrevs(?![A-Za-z0-9_])/option_abbrevs_/g; s/(?<![A-Za-z0-9_])_option_vars(?![A-Za-z0-9_])/option_vars_/g; s/(?<![A-Za-z0-9_])_OR_CONN_STATE_MAX(?![A-Za-z0-9_])/OR_CONN_STATE_MAX_/g; s/(?<![A-Za-z0-9_])_OR_CONN_STATE_MIN(?![A-Za-z0-9_])/OR_CONN_STATE_MIN_/g; s/(?<![A-Za-z0-9_])_OutboundBindAddressIPv4(?![A-Za-z0-9_])/OutboundBindAddressIPv4_/g; s/(?<![A-Za-z0-9_])_OutboundBindAddressIPv6(?![A-Za-z0-9_])/OutboundBindAddressIPv6_/g; s/(?<![A-Za-z0-9_])_PDS_PREFER_TUNNELED_DIR_CONNS(?![A-Za-z0-9_])/PDS_PREFER_TUNNELED_DIR_CONNS_/g; s/(?<![A-Za-z0-9_])_port(?![A-Za-z0-9_])/port_/g; s/(?<![A-Za-z0-9_])__progname(?![A-Za-z0-9_])/_progname_/g; s/(?<![A-Za-z0-9_])_PublishServerDescriptor(?![A-Za-z0-9_])/PublishServerDescriptor_/g; s/(?<![A-Za-z0-9_])_remove_old_client_helper(?![A-Za-z0-9_])/remove_old_client_helper_/g; s/(?<![A-Za-z0-9_])_rend_cache_entry_free(?![A-Za-z0-9_])/rend_cache_entry_free_/g; s/(?<![A-Za-z0-9_])_routerlist_find_elt(?![A-Za-z0-9_])/routerlist_find_elt_/g; s/(?<![A-Za-z0-9_])_SafeLogging(?![A-Za-z0-9_])/SafeLogging_/g; s/(?<![A-Za-z0-9_])_SHORT_FILE_(?![A-Za-z0-9_])/SHORT_FILE__/g; s/(?<![A-Za-z0-9_])_state_abbrevs(?![A-Za-z0-9_])/state_abbrevs_/g; s/(?<![A-Za-z0-9_])_state_vars(?![A-Za-z0-9_])/state_vars_/g; s/(?<![A-Za-z0-9_])_t(?![A-Za-z0-9_])/t_/g; s/(?<![A-Za-z0-9_])_t32(?![A-Za-z0-9_])/t32_/g; s/(?<![A-Za-z0-9_])_test_op_ip6(?![A-Za-z0-9_])/test_op_ip6_/g; s/(?<![A-Za-z0-9_])_thread1_name(?![A-Za-z0-9_])/thread1_name_/g; s/(?<![A-Za-z0-9_])_thread2_name(?![A-Za-z0-9_])/thread2_name_/g; s/(?<![A-Za-z0-9_])_thread_test_func(?![A-Za-z0-9_])/thread_test_func_/g; s/(?<![A-Za-z0-9_])_thread_test_mutex(?![A-Za-z0-9_])/thread_test_mutex_/g; s/(?<![A-Za-z0-9_])_thread_test_start1(?![A-Za-z0-9_])/thread_test_start1_/g; s/(?<![A-Za-z0-9_])_thread_test_start2(?![A-Za-z0-9_])/thread_test_start2_/g; s/(?<![A-Za-z0-9_])_thread_test_strmap(?![A-Za-z0-9_])/thread_test_strmap_/g; s/(?<![A-Za-z0-9_])_tor_calloc(?![A-Za-z0-9_])/tor_calloc_/g; s/(?<![A-Za-z0-9_])_TOR_CHANNEL_INTERNAL(?![A-Za-z0-9_])/TOR_CHANNEL_INTERNAL_/g; s/(?<![A-Za-z0-9_])_TOR_CIRCUITMUX_EWMA_C(?![A-Za-z0-9_])/TOR_CIRCUITMUX_EWMA_C_/g; s/(?<![A-Za-z0-9_])_tor_free(?![A-Za-z0-9_])/tor_free_/g; s/(?<![A-Za-z0-9_])_tor_malloc(?![A-Za-z0-9_])/tor_malloc_/g; s/(?<![A-Za-z0-9_])_tor_malloc_zero(?![A-Za-z0-9_])/tor_malloc_zero_/g; s/(?<![A-Za-z0-9_])_tor_memdup(?![A-Za-z0-9_])/tor_memdup_/g; s/(?<![A-Za-z0-9_])_tor_realloc(?![A-Za-z0-9_])/tor_realloc_/g; s/(?<![A-Za-z0-9_])_tor_strdup(?![A-Za-z0-9_])/tor_strdup_/g; s/(?<![A-Za-z0-9_])_tor_strndup(?![A-Za-z0-9_])/tor_strndup_/g; s/(?<![A-Za-z0-9_])_TOR_TLS_SYSCALL(?![A-Za-z0-9_])/TOR_TLS_SYSCALL_/g; s/(?<![A-Za-z0-9_])_TOR_TLS_ZERORETURN(?![A-Za-z0-9_])/TOR_TLS_ZERORETURN_/g; s/(?<![A-Za-z0-9_])__USE_ISOC99(?![A-Za-z0-9_])/_USE_ISOC99_/g; s/(?<![A-Za-z0-9_])_UsingTestNetworkDefaults(?![A-Za-z0-9_])/UsingTestNetworkDefaults_/g; s/(?<![A-Za-z0-9_])_val(?![A-Za-z0-9_])/val_/g; s/(?<![A-Za-z0-9_])_void_for_alignment(?![A-Za-z0-9_])/void_for_alignment_/g; ==============================	2012-10-12 12:22:13 -04:00
Nick Mathewson	c3f526ed64	Merge branch '6044_nm_squashed'	2012-09-17 10:03:11 -04:00
meejah	d64bf286a1	Handle FIFOs in read_file_to_str ... add read_file_to_str_until_eof which is used by read_file_to_str if the file happens to be a FIFO. change file_status() to return FN_FILE if st_mode matches S_IFIFO (on not-windows) so that init_key_from_file() will read from a FIFO.	2012-09-17 10:02:24 -04:00
Nick Mathewson	523b0ec288	Merge remote-tracking branch 'origin/maint-0.2.3'	2012-09-14 12:40:23 -04:00
Nick Mathewson	b1447a4312	Use file-size-fixup code on cygwin too. ... We already had code on windows to fix our file sizes when we're reading a file in text mode and its size doesn't match the size from fstat. But that code was only enabled when _WIN32 was defined, and Cygwin defines __CYGWIN__ instead. Fixes bug 6844; bugfix on 0.1.2.7-alpha.	2012-09-14 12:39:18 -04:00
Nick Mathewson	e4ce8cd969	Fix compilation with older gccs ... They don't like to have #preprocessor directives inside macro arguments. Fixes #6842; fix on 0.2.4.2-alpha. Found by grarpamp.	2012-09-14 10:06:00 -04:00
Nick Mathewson	37953497d8	Don't compute ((uint64_t)1)<<64 in round_to_power_of_2 ... This would be undefined behavior if it happened. (It can't actually happen as we're using round_to_power_of_2, since we would have to be trying to allocate exabytes of data.) While we're at it, fix the behavior of round_to_power_of_2(0), and document the function better. Fix for bug 6831.	2012-09-14 09:51:24 -04:00
Roger Dingledine	5977da6c60	hot: we fixed incancations to be intancations.	2012-09-12 02:51:33 -04:00
Nick Mathewson	75c9ccd4f8	Merge remote-tracking branch 'public/bug6538' ... Conflicts: configure.ac	2012-09-11 17:51:36 -04:00
Nick Mathewson	f8a665c87d	Merge remote-tracking branch 'origin/maint-0.2.3'	2012-09-11 13:21:20 -04:00
Nick Mathewson	5833861f62	Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3 ... Conflicts: src/test/test_util.c	2012-09-11 13:20:15 -04:00
Nick Mathewson	973c18bf0e	Fix assertion failure in tor_timegm. ... Fixes bug 6811.	2012-09-11 13:13:07 -04:00
Nick Mathewson	e9684405ac	Merge remote-tracking branch 'asn/bug4567_rebased'	2012-09-06 10:12:28 -04:00
George Kadianakis	93c38b679f	Log more information when we fail to terminate a process.	2012-09-06 17:03:11 +03:00
George Kadianakis	b9551fd074	Fix some bugs that did not allow compilation on Windows.	2012-09-05 18:23:29 +03:00
George Kadianakis	44fe717524	General tweaks and fixes for Nick's comments. ... * Add changes/ files. * Edit the tor-fw-helper manpage. * Fix check-spaces. * Add prototype for get_list_of_ports_to_forward(). * Fix tor_parse_long() TCP port range. * Improve doc. of tor_check_port_forwarding(). * Check for overflows in tor_check_port_forwarding(). * Demote successful port forwarding to LOG_INFO. Conflicts: src/common/address.c src/or/circuitbuild.c	2012-09-05 18:23:28 +03:00
George Kadianakis	cd05f35d2c	Refactor tor to support the new tor-fw-helper protocol. ... Add handle_fw_helper_output(), a function responsible for parsing the output of tor-fw-helper. Refactor tor_check_port_forwarding() and run_scheduled_events() accordingly too. We now issue warnings when we get control output from tor-fw-helper, and we log the verbose output of tor-fw-helper in LOG_INFO. Conflicts: src/common/util.c	2012-09-05 18:04:34 +03:00
George Kadianakis	03e89f0b72	Introduce get_lines_from_handle(). ... get_lines_from_handle() is a multiplatform function which drains lines from a stream and stuffs it into a smartlist. It's useful for line-based protocols, like the one managed proxy and the tor-fw-helper protocols.	2012-09-05 18:02:27 +03:00
Nick Mathewson	ef628649c8	Spelling fix in util.c comments	2012-08-27 16:44:54 -04:00
Nick Mathewson	f45cde05f9	Remove tor_malloc_roundup(). ... This function never actually did us any good, and it added a little complexity. See the changes file for more info.	2012-08-13 13:27:32 -04:00
Nick Mathewson	e106812a77	Change smartlist_choose_node_by_bandwidth to avoid double ... This should make our preferred solution to #6538 easier to implement, avoid a bunch of potential nastiness with excessive int-vs-double math, and generally make the code there a little less scary. "But wait!" you say. "Is it really safe to do this? Won't the results come out differently?" Yes, but not much. We now round every weighted bandwidth to the nearest byte before computing on it. This will make every node that had a fractional part of its weighted bandwidth before either slighty more likely or slightly less likely. Further, the rand_bw value was only ever set with integer precision, so it can't accurately sample routers with tiny fractional bandwidth values anyway. Finally, doing repeated double-vs-uint64 comparisons is just plain sad; it will involve an implicit cast to double, which is never a fun thing.	2012-08-09 12:21:37 -04:00
Nick Mathewson	da3edc4df0	Fix clang warning on d4285f03df. Not in any released tor.	2012-06-29 00:22:57 -04:00
Nick Mathewson	19a81ef020	Merge commit '81cd3d7ad641a8dbf'	2012-06-28 15:52:57 -04:00
Roger Dingledine	81cd3d7ad6	add a blurb for 0.2.3.18-rc, other minor cleanups	2012-06-28 15:32:36 -04:00
Nick Mathewson	d4285f03df	Extend tor_sscanf so it can replace sscanf in rephist.c ... Fixes bug 4195 and Coverity CID 448	2012-06-28 09:54:05 -04:00
Nick Mathewson	05dd0a9cd9	Merge remote-tracking branch 'origin/maint-0.2.3'	2012-06-26 11:03:32 -04:00
Nick Mathewson	5fad3dc36b	Fix a warning when using glibc's strcspn with clang. ... With glibc 2.15 and clang 3.0, I get warnings from where we use the strcpsn implementation in the header as strcspn(string, "="). This is apparently because clang sees that part of the strcspn macro expands to "="[2], and doesn't realize that that part of the macro is only evaluated when "="[1] != 0.	2012-06-26 11:02:44 -04:00
Nick Mathewson	201b852c27	Fix a compilation warning with clang 3.0 ... In b1ad1a1d02 we introduced an implicit (but safe) long-to-int shortening that clang didn't like. Warning not in any released version of Tor.	2012-06-26 10:48:31 -04:00
Nick Mathewson	888d5d08fe	Merge remote-tracking branch 'public/bug2385'	2012-06-25 12:05:36 -04:00
Nick Mathewson	ffd7189b3f	Don't assert in get_string_from_pipe() on len==0 ... We can treat this case as an EAGAIN (probably because of an unexpected internal NUL) rather than a crash-worthy problem. Fixes bug 6225, again. Bug not in any released version of Tor.	2012-06-23 15:35:43 -04:00
Nick Mathewson	b1ad1a1d02	Resolve crash caused by format_helper_exit_status changes in #5557 ... Because the string output was no longer equal in length to HEX_ERRNO_SIZE, the write() call would add some extra spaces and maybe a NUL, and the NUL would trigger an assert in get_string_from_pipe. Fixes bug 6225; bug not in any released version of Tor.	2012-06-23 15:32:04 -04:00
Nick Mathewson	4a7e4129af	Style tweaks and add a warning about NUL-termination	2012-06-22 22:21:20 -04:00
Andrea Shepard	c21af69f29	Refactor unsigned int hex formatting out of format_helper_exit_status() in util.c	2012-06-22 22:21:20 -04:00
Andrea Shepard	4c62cc6f99	Make format_helper_exit_status() avoid unnecessary spaces	2012-06-22 22:21:19 -04:00
Nick Mathewson	4a8eaad7ef	Clear a couple more fields in rend_service_load_auth_keys	2012-06-18 13:13:53 -04:00
Nick Mathewson	bf9252587b	Fix mingw build with -DUNICODE -D_UNICODE ... This is a very blunt fix, and mostly just turns some func() calls into FuncA() to make things build again. Fixes bug 6097.	2012-06-07 11:59:32 -04:00
Nick Mathewson	1e5683b167	Be more careful calling wcstombs ... The function is not guaranteed to NUL-terminate its output. It *is*, however, guaranteed not to generate more than two bytes per multibyte character (plus terminating nul), so the general approach I'm taking is to try to allocate enough space, AND to manually add a NUL at the end of each buffer just in case I screwed up the "enough space" thing. Fixes bug 5909.	2012-06-07 11:09:38 -04:00
Nick Mathewson	b482c870ca	Fix some mingw build warnings ... These include: - Having a weird in_addr that can't be initialized with {0} - Needing INVALID_HANDLE_VALUE instead of -1 for file handles. - Having a weird dependent definition for struct stat. - pid is signed, not unsigned.	2012-06-05 11:06:26 -04:00
Nick Mathewson	7f45ea5c41	Merge remote-tracking branch 'public/bug3894'	2012-06-05 10:31:00 -04:00
Nick Mathewson	0fa107a6aa	Update copyright dates to 2012; add a few missing copyright statements	2012-06-04 20:58:17 -04:00
Nick Mathewson	173b18c79b	Add about 60 more DOCDOC comments to 0.2.3 ... Also, try to resolve some doxygen issues. First, define a magic "This is doxygen!" macro so that we take the correct branch in various #if/#else/#endifs in order to get the right documentation. Second, add in a few grouping @{ and @} entries in order to get some variables and fields to get grouped together.	2012-06-04 19:59:08 -04:00
Nick Mathewson	f68c042637	Resolve all currently pending DOCDOC items in master	2012-06-04 19:05:51 -04:00
Nick Mathewson	f35271bf3e	Fix some more FreeBSD4 issues (based on a patch from grarpamp) ... Apparently, freebsd 4 doesn't like malloc.h, needs sys/param.h for MIN/MAX, and doesn't have a SIZE_MAX. For bug 3894.	2012-05-16 14:34:17 -04:00
Nick Mathewson	d732b87e60	Merge remote-tracking branch 'origin/maint-0.2.2'	2012-05-16 12:20:56 -04:00
Sebastian Hahn	679aa93e23	Fix month check in parse_http_time, add test	2012-05-16 12:15:13 -04:00
Nick Mathewson	801923ac21	Remove more dubiosity in struct tm handling. related to bug5346	2012-05-16 12:15:08 -04:00
Nick Mathewson	1abe533b33	Reject an additional type of bad date in parse_http_time	2012-05-16 12:14:48 -04:00
Esteban Manchado Velázquez	d0d9c3d71e	Fix parse_http_time and add tests ... * It seems parse_http_time wasn't parsing correctly any date with commas (RFCs 1123 and 850). Fix that. * It seems parse_http_time was reporting the wrong month (they start at 0, not 1). Fix that. * Add some tests for parse_http_time, covering all three formats.	2012-05-16 12:14:48 -04:00
Nick Mathewson	c78a42685f	Merge remote-tracking branch 'origin/maint-0.2.2' ... Conflicts: src/common/util.c src/test/test_util.c	2012-05-10 15:41:04 -04:00
Nick Mathewson	9b344628ed	Handle out-of-range values in tor_parse_* integer functions ... The underlying strtoX functions handle overflow by saturating and setting errno to ERANGE. If the min/max arguments to the tor_parse_* functions are equal to the minimum/maximum of the underlying type, then with the old approach, we wouldn't treat a too-large value as genuinely broken. Found this while looking at bug 5786; bugfix on 19da1f36 (in Tor 0.0.9), which introduced these functions.	2012-05-07 12:25:59 -04:00
Nick Mathewson	9dddfe83f3	Several mingw/msvc/cross-compilation fixes ... They boil down to: - MS_WINDOWS is dead and replaced with _WIN32, but we let a few instances creep in when we merged Esteban's tests. - Capitalizing windows header names confuses mingw. - #ifdef 0 ain't C. - One unit test wasn't compiled on windows, but was being listed anyway. - One unit test was checking for the wrong value. Gisle Vanem found and fixed the latter 3 issues.	2012-04-26 18:36:25 -04:00
George Kadianakis	b80728a115	tor_vsscanf(): Don't return -1 if '%%' doesn't match. ... tor_vsscanf() is supposed to return the current number of matches on match failure.	2012-04-03 16:20:24 +02:00
Nick Mathewson	56e0959d2a	Have tor_parse_*long functions check for negative bases ... One of our unit tests checks that they behave correctly (giving an error) when the base is negative. But there isn't a guarantee that strtol and friends actually handle negative bases correctly. Found by Coverity Scan; fix for CID 504.	2012-03-30 10:34:05 -04:00
George Kadianakis	aae570b493	Close fds on pipe() error in tor_spawn_background().	2012-03-12 12:41:29 -04:00
Nick Mathewson	c13dc5170f	Merge remote-tracking branch 'origin/maint-0.2.2'	2012-03-09 11:54:45 -05:00
Nick Mathewson	be0535f00b	Correctly handle broken escape sequences in torrc values ... Previously, malformatted torrc values could crash us. Patch by Esteban Manchado. Fixes bug 5090; fix on 0.2.0.16-alpha.	2012-03-09 11:50:22 -05:00
Esteban Manchado Velázquez	8a633a3ebd	Small fix in tor_sscanf documentation	2012-03-08 20:49:23 -05:00
Esteban Manchado Velázquez	a753ef8517	Fix typo in config parser documentation	2012-03-08 20:49:17 -05:00
Nick Mathewson	77a7a980d0	Don't leak the env_vars_sorted smartlist in process_environment_make ... Found by Coverity. No changes/ file, because this bug has not been in a release yet.	2012-02-29 19:49:26 -05:00
Nick Mathewson	1d36693570	Use get_environment(), not environ.	2012-02-17 11:50:19 -05:00
Robert Ransom	33552c16ca	Heap-allocate strings returned by get_current_process_environment_variables	2012-02-17 11:42:21 -05:00
Robert Ransom	c0808b795f	Pass process_environment_t * to tor_spawn_background ... Now tor_spawn_background's prototype is OS-independent.	2012-02-17 11:42:20 -05:00
Robert Ransom	ee3a49d6ed	Remove (void)envp from tor_spawn_background ... The envp argument is used on Windows.	2012-02-17 11:42:20 -05:00
Robert Ransom	d37a1ec8c6	Add set_environment_variable_in_smartlist	2012-02-17 11:42:20 -05:00
Robert Ransom	0ba93e184a	Add get_current_process_environment_variables	2012-02-17 11:42:19 -05:00
Robert Ransom	98cec14982	Add process_environment_make and related utilities	2012-02-17 11:42:19 -05:00
Robert Ransom	806e0f7e19	Add tor_calloc	2012-02-17 11:42:19 -05:00
Nick Mathewson	79a80c88ee	Fix straggling MS_WINDOWS issues; add a changes file ... There was one MS_WINDOWS that remained because it wasn't on a macro line; a few remaining uses (and the definition!) in configure.in; and a now-nonsensical stanza of eventdns_tor.h that previously defined 'WIN32' if it didn't exist.	2012-01-31 15:48:47 -05:00
Nick Mathewson	5cf9167f91	Use the standard _WIN32, not the Torism MS_WINDOWS or deprecated WIN32 ... This commit is completely mechanical; I used this perl script to make it: #!/usr/bin/perl -w -i.bak -p if (/^\s*\#/) { s/MS_WINDOWS/_WIN32/g; s/\bWIN32\b/_WIN32/g; }	2012-01-31 15:48:47 -05:00
Nick Mathewson	26e789fbfd	Rename nonconformant identifiers. ... Fixes bug 4893. These changes are pure mechanical, and were generated with this perl script: /usr/bin/perl -w -i.bak -p s/crypto_pk_env_t/crypto_pk_t/g; s/crypto_dh_env_t/crypto_dh_t/g; s/crypto_cipher_env_t/crypto_cipher_t/g; s/crypto_digest_env_t/crypto_digest_t/g; s/aes_free_cipher/aes_cipher_free/g; s/crypto_free_cipher_env/crypto_cipher_free/g; s/crypto_free_digest_env/crypto_digest_free/g; s/crypto_free_pk_env/crypto_pk_free/g; s/_crypto_dh_env_get_dh/_crypto_dh_get_dh/g; s/_crypto_new_pk_env_rsa/_crypto_new_pk_from_rsa/g; s/_crypto_pk_env_get_evp_pkey/_crypto_pk_get_evp_pkey/g; s/_crypto_pk_env_get_rsa/_crypto_pk_get_rsa/g; s/crypto_new_cipher_env/crypto_cipher_new/g; s/crypto_new_digest_env/crypto_digest_new/g; s/crypto_new_digest256_env/crypto_digest256_new/g; s/crypto_new_pk_env/crypto_pk_new/g; s/crypto_create_crypto_env/crypto_cipher_new/g; s/connection_create_listener/connection_listener_new/g; s/smartlist_create/smartlist_new/g; s/transport_create/transport_new/g;	2012-01-18 15:53:30 -05:00
Nick Mathewson	9c29369a04	Convert instances of tor_malloc+tor_snprintf into tor_asprintf ... These were found by looking for tor_snprintf() instances that were preceeded closely by tor_malloc(), though I probably converted some more snprintfs as well. (In every case, make sure that the length variable (if any) is removed, renamed, or lowered, so that anything else that might have assumed a longer buffer doesn't exist.)	2012-01-16 15:03:44 -05:00
Nick Mathewson	9c6d913b9e	Rename smartlist_{v,}asprintf_add to smartlist_add_{v,}asprintf	2012-01-16 15:01:54 -05:00
Nick Mathewson	f729e1e984	Merge branch 'feature3457-v4-nm-squashed' ... Conflicts: src/or/rendclient.c	2012-01-11 12:10:14 -05:00
Nick Mathewson	b5af456685	Use spaceless ISO8601 time format, not sec,usec.	2012-01-11 12:08:01 -05:00
Sebastian Hahn	0f8026ec23	Some more check-spaces stuff ... This re-applies a check-spaces fix that was part of 7920ea55b8 and got reverted along with the rest of that commit in df1f72329a.	2011-12-08 08:47:09 +01:00
Nick Mathewson	df1f72329a	Revert "Refactor tor_event_base_once to do what we actually want" ... This reverts commit 7920ea55b8.	2011-12-06 19:49:20 -05:00
Nick Mathewson	da6c136817	Merge remote-tracking branch 'asn-mytor/bug4548_take2'	2011-11-29 18:30:41 -05:00
George Kadianakis	f28014bf1a	Introduce write_bytes_to_new_file(). ... Introduce write_bytes_to_new_file(), a function which writes bytes to a file only if that file did not exist.	2011-11-26 18:56:49 +01:00