Commit Graph

24967 Commits

Author SHA1 Message Date
Nick Mathewson
7e7a4874b8 test_addr.c: use COCCI to suppress macros coccinelle cannot parse. 2019-10-22 09:32:13 -04:00
Nick Mathewson
0da349aa5e test.h: Use COCCI to suppress macros Coccinelle does not understand. 2019-10-22 09:32:13 -04:00
Nick Mathewson
0b862a7616 threads.h: coccinelle cannot understand a macro. 2019-10-22 09:32:13 -04:00
Nick Mathewson
4346e5569e ctassert.h: fix CTASSERT_DECL so coccinelle can parse it. 2019-10-22 09:32:13 -04:00
Nick Mathewson
189375fb5d ratelim.h: use COCCI to hide an initializer. 2019-10-22 09:32:13 -04:00
Nick Mathewson
c77f57d37b util_bug.h: Coccinelle does not understand IF_BUG_ONCE or #nodef. 2019-10-22 09:32:13 -04:00
Nick Mathewson
fb4b6b6436 weakrng.h: use COCCI to hide a macro coccinelle cannot parse. 2019-10-22 09:32:13 -04:00
Nick Mathewson
d1cdb1a24e Use STMT_BEGIN/END in parse_int.c so coccinelle can handle it. 2019-10-22 09:32:13 -04:00
Nick Mathewson
41f44d8760 smartlist.h: use COCCI to hide SMARTLIST_FOREACH_JOIN from Coccinelle 2019-10-22 09:32:13 -04:00
Nick Mathewson
514c61e406 namemap_st.h: Use COCCI to hide an initializer. 2019-10-22 09:32:13 -04:00
Nick Mathewson
2695f7e68c timeval.h: Coccinelle cannot understand timercmp. 2019-10-22 09:32:13 -04:00
Nick Mathewson
9f50a92a7e Fix a macro in address.c so coccinelle can understand it 2019-10-22 09:32:13 -04:00
Nick Mathewson
0abe89519b timers.c: define TIMEOUT_PUBLIC to no tokens when using COCCI. 2019-10-22 09:32:13 -04:00
Nick Mathewson
9453746b5e dispatch_naming.c: when COCCI is defined, disable unparseable macros. 2019-10-22 09:32:13 -04:00
Nick Mathewson
04a74d4aa7 conftesting.h: when COCCI is defined, disable unhandled macros 2019-10-22 09:32:13 -04:00
Nick Mathewson
3e41459dff confmacros.h: fix coccinelle parsing. 2019-10-22 09:32:13 -04:00
Nick Mathewson
54c5366aa1 feature/control: wrap some problem macros in COCCI 2019-10-22 09:32:13 -04:00
Nick Mathewson
ef5d1e6b65 consdiff disable a macro when running with COCCI 2019-10-22 09:32:13 -04:00
Nick Mathewson
d9bad0203b Disable a couple of iterator macros when COCCI is defined. 2019-10-22 09:32:13 -04:00
Nick Mathewson
67247fa9ac Use various COCCI tests to get mainloop.c to parse. 2019-10-22 09:32:13 -04:00
Nick Mathewson
4fad456148 test: Hide some test-declaration macro definitions to COCCI.
(These ones cause parsing failures.)
2019-10-22 09:32:13 -04:00
Nick Mathewson
c1e8e5bb32 Apparently coccinelle can't handle multiline #errors. 2019-10-22 09:32:13 -04:00
Nick Mathewson
b03c8c74ce COCCI: Disable some buffers.c macros that coccinelle can't handle. 2019-10-22 09:32:13 -04:00
Nick Mathewson
b867e97ce6 With COCCI defined, avoid PERIODIC_EVENT.
Coccinelle doesn't understand the particular pattern of token
pasting we have going on here.
2019-10-22 09:32:05 -04:00
Nick Mathewson
48be922160 COCCI: disable DOWLOAD_SCHEDULE macro 2019-10-22 09:31:31 -04:00
Nick Mathewson
630d8c7a1a With coccinelle, avoid includes in the middle of an expression. 2019-10-22 09:24:25 -04:00
Nick Mathewson
9871fcbcd9 Use #warning instead of #warn: one is C and one isn't. 2019-10-22 09:24:25 -04:00
Nick Mathewson
2d013bbe5c Merge remote-tracking branch 'tor-github/pr/1417' 2019-10-22 08:36:32 -04:00
Nick Mathewson
4413b030f2 Simplify CHECK_DEFAULT() logic a little further.
Since each of these tests only applies to testing networks, put them
all into a single block that checks for testing networks.

(I recommend reviewing with the "diff -b" option, since the change
is mostly indentation.)
2019-10-22 08:32:33 -04:00
Nick Mathewson
8d84e10e87 Make options_validate() no longer use its "defaults" argument.
It can just look at what the defaults are.

Closes ticket 32185.
2019-10-22 08:30:00 -04:00
Nick Mathewson
a1d5341374 Merge branch 'bug32175' 2019-10-22 07:51:30 -04:00
Nick Mathewson
65e80ce646 Merge branch 'from_setconf_removal_squashed' 2019-10-22 07:50:42 -04:00
Nick Mathewson
6d15fab2dc Extract log-granularity code into its own function.
This pleases practracker.
2019-10-22 07:50:13 -04:00
Nick Mathewson
9ac2c71cbd Add tests for options_init_logs() 2019-10-22 07:50:13 -04:00
Nick Mathewson
f4fc633937 Make a pair of add_*_log() functions mockable. 2019-10-22 07:50:13 -04:00
Nick Mathewson
ac3136a6fb Make options_init_logs STATIC for testing. 2019-10-22 07:50:13 -04:00
Nick Mathewson
98c3b3bb4c Update tests to handle new interpretation of quiet_level.
Two things needed to be changed.  First, we used to set quiet_level
to the default (QUIET_NONE) when running tests, since we would not
call anything that acted based upon it.  But since we sometimes call
options_init_logs(), we need to pre-set quiet_level to QUIET_SILENT
in the logs so that we don't add the default logs.  This did not
cause test failure: just unwanted logs.

Second, we had a test that checked whether options_validate was
messing with options->Logs correctly.  Since options_validate no
longer messes with the logs, we no longer want a test for this.
2019-10-22 07:50:13 -04:00
Nick Mathewson
e07b19d305 Rationalize handling of quiet_level in config.c
Formerly, we would use quiet_level as an excuse to rewrite the log
configuration, adding a default log line if none existed, and if
RunAsDaemon was not set, and if we were not being invoked via
setconf (!).

This is against our best practices for several reasons:
  * We should not be changing configured options except when the
    user tells us to do so.
  * We should especially not be changing options in the options_validate
    function.
  * Distinguishing whether we are being called from setconf adds a
    risky special-case.

Instead, this patch take a simpler approach: it changes the
interpretation of having no logging lines set to mean: If there is a
stdout, add a default log based on quiet_level.

Solves ticket 31999.
2019-10-22 07:50:13 -04:00
Nick Mathewson
cb13930f2b Fix a memory leak introduced by the changes to test_options.c
Since this code passes the same options to options_validate() more
than once, options_validate() needs to be prepared for that.  (This
previously worked by accident, since the smartlist of schedulers
wasn't initialized.)
2019-10-21 18:28:53 -04:00
Nick Mathewson
bd518b9ab1 Fix a memory leak introduced by changes to test_options.c
Since the FirewallPorts smartlist is now initialized, we can't just
overwrite it.
2019-10-21 18:28:08 -04:00
Nick Mathewson
5e2ffd6fd7 Fix up some Windows CI issues. 2019-10-21 15:31:56 -04:00
Nick Mathewson
171a741901 test_options.c: Remove TEST_OPTIONS_DEFAULT_VALUES
This finally became the empty string, since we no longer have to do
anything in individual test_options.c tests to make "" be a valid
set of options.  Now we can remove it at last.
2019-10-21 14:41:27 -04:00
Nick Mathewson
8a8d748837 Stop overriding ConnLimit in tests.
Now that ConnLimit is set to the default value in the
testing helper functions, the individual tests don't all need to
make sure it is set to something valid.
2019-10-21 14:27:55 -04:00
Nick Mathewson
56dddcbbcc test_options.c: remove weird usage of ConnLimit
Several of our tests assumed that ConnLimit would be set to 0 by
default, causing the default options not to be parseable.  These
tests had nothing to do with ConnLimit.
2019-10-21 14:24:58 -04:00
Nick Mathewson
78bf011663 Stop overriding MaxClientCircuitsPending in tests.
Now that MaxClientCircuitsPending is set to the default value in the
testing helper functions, the individual tests don't all need to
make sure it is set to something valid.
2019-10-21 14:19:19 -04:00
Nick Mathewson
b501cd907f test_options.c: remove weird usage of MaxClientCircuitsPending
Several of our tests assumed that MaxClientCircuitsPending would be
set to 0 by default, causing the default options not to be
parseable.  These tests had nothing to do with
MaxClientCircuitsPending.
2019-10-21 14:16:59 -04:00
Nick Mathewson
b6efe37661 Stop overriding KeepalivePeriod in tests.
Now that KeepalivePeriod is set to the default value in the testing
helper functions, the individual tests don't all need to make sure
it is set to something valid.
2019-10-21 14:14:49 -04:00
Nick Mathewson
79cd591228 test_options.c: remove weird usage of KeepalivePeriod.
Several of our tests assumed that KeepalivePeriod would be set to 0
by default, causing the default options not to be parseable.  These
tests had nothing to do with KeepalivePeriod.
2019-10-21 14:12:59 -04:00
Nick Mathewson
3f9920975f Remove a lot of cruft from TEST_OPTIONS_DEFAULT_VALUES.
This macro used to have a big list of "default" values that we
needed to set in the test_options tests in order to have reasonable
behavior.  But now that we initialize options objects to the default
settings in these tests, we no longer need such a long list of
things to replace.
2019-10-21 14:12:59 -04:00
Nick Mathewson
a10e4d737e test_options: use testing options with (almost) real defaults.
Previously, we just used options set to all 0s, but this causes some
pretty severe workarounds throughout the code, as our options fail
to validate, or count as "default" for the wrong reasons.

Note that in some places, we stop getting spurious warnings or
failures which the tests previously demanded.  In these cases, I've
changed the test behavior.

Fixes 32175.
2019-10-21 14:12:59 -04:00
Nick Mathewson
8378ad29e6 routermode.h: turn a comment into a doxygen comment. 2019-10-21 12:47:17 -04:00
Nick Mathewson
7dc78aca29 Merge remote-tracking branch 'tor-github/pr/1430' 2019-10-21 12:43:26 -04:00
Roger Dingledine
a7ccd9a997 respect accountingmax during soft hibernation
Relays now respect their AccountingMax bandwidth again. When relays
entered "soft" hibernation (which typically starts when we've hit
90% of our AccountingMax), we had stopped checking whether we should
enter hard hibernation. Soft hibernation refuses new connections and
new circuits, but the existing circuits can continue, meaning that
relays could have exceeded their configured AccountingMax.

This commit rolls back some of the cpu-saving fixes, where we tried
to avoid calling so many of our events while we're off the network.

That's because PERIODIC_EVENT_FLAG_NEED_NET checks net_is_disabled(),
which returns true even if we're only in soft hibernation.

Fixes bug 32108; bugfix on 0.4.0.1-alpha.
2019-10-21 04:14:42 -04:00
teor
7a72e71f74
Merge remote-tracking branch 'tor-github/pr/1434' 2019-10-21 15:24:22 +10:00
teor
4fde7699ee
test/getinfo: Remove unnecessary test code
Fix for 31684.
2019-10-21 14:21:41 +10:00
teor
92fa5239fc
control/getinfo: Use standard error handling
Use BUG() for coding errors, and `< 0` for error checks.

Fix to 31684.
2019-10-21 13:57:02 +10:00
teor
3b2525c375
Fix changes file and string typos
Part of 31684.
2019-10-21 13:56:58 +10:00
AmreshVenugopal
6413b2102f
control: Add GETINFO support for dumping microdesc consensus
- Allows control port to read microdesc consensus using:
GETINFO dir/status-vote/microdesc/consensus

add: Helper function `getinfo_helper_current_consensus`
test: check if GETINFO commands return expected consensus data.

Resolves 31684.
2019-10-21 13:54:55 +10:00
teor
77c85360f6
Merge branch 'maint-0.4.2' 2019-10-21 13:28:04 +10:00
teor
3539fdfd7a
Merge remote-tracking branch 'tor-github/pr/1168' 2019-10-21 13:09:48 +10:00
teor
04e9e74f1d
Merge remote-tracking branch 'tor-github/pr/1422' into maint-0.4.2 2019-10-21 13:07:39 +10:00
teor
a1f73cb93d
Merge branch 'maint-0.4.2' 2019-10-21 09:45:34 +10:00
teor
5dbdca0114
Merge remote-tracking branch 'tor-github/pr/1432' into maint-0.4.2 2019-10-21 09:45:18 +10:00
teor
5c8ecf364a
Merge remote-tracking branch 'tor-github/pr/1354' into maint-0.4.2 2019-10-21 09:44:42 +10:00
teor
042116e1fd
Merge branch 'maint-0.4.2' 2019-10-20 22:09:00 +10:00
teor
02e3e8eda5
hibernate: Fix repeated "bytes" in comment 2019-10-20 22:08:23 +10:00
teor
475dffee42
dirauth: Add a macro comment to have_module_dirauth() 2019-10-20 20:26:12 +10:00
teor
b266a804e9
test/parseconf: Add basic dirauth and bridgeauth tests
Part of 32123.
2019-10-20 20:25:58 +10:00
teor
0501ce9f13
test/parseconf: Expect different outputs when relay mode is disabled
Part of 32123.
2019-10-20 20:25:54 +10:00
teor
cf2b00d3f5
test/rebind: Make control formatting and log parsing more robust
* actually sleep when tor has not logged anything
* log at debug level when waiting for tor to log something
* backslash-replace bad UTF-8 characters in logs
* format control messages as ASCII: tor does not accept UTF-8 control commands

Fixes bug 31837; bugfix on 0.3.5.1-alpha.
2019-10-20 20:09:35 +10:00
teor
0a5ce8280c err: Use the correct type for cb_buf
Fixes bug 32060; bug not in any released version of tor.

Resolves CID 1454761.
2019-10-20 20:01:56 +10:00
Roger Dingledine
aab5d90858 Merge branch 'maint-0.4.2' 2019-10-20 05:56:16 -04:00
Roger Dingledine
8b4d7447ae fix easy typos 2019-10-20 05:52:32 -04:00
teor
012c44538c
test: Skip test scripts that require the relay module
When tor is built without the relay module.

Part of 32123.
2019-10-20 19:26:59 +10:00
teor
e2280d6f84
relay: Silence compiler warnings when relay mode is disabled
Part of 32123.
2019-10-20 19:26:55 +10:00
teor
57e86a6d74
relay: Implement HAVE_MODULE_RELAY for routermode.c
Part of 32123.
2019-10-20 19:26:48 +10:00
teor
7944b55ad1 feature: Move proxy_mode() into new files
proxy_mode() was in routermode.[ch], but it's actually a client
mode. Move it into client/proxymode.[ch].

Part of 32123.
2019-10-20 17:52:38 +10:00
Nick Mathewson
264c5312eb Merge branch 'maint-0.4.2' 2019-10-18 12:32:49 -04:00
Nick Mathewson
0994050c4a Merge remote-tracking branch 'tor-github/pr/1426' into maint-0.4.2 2019-10-18 12:32:29 -04:00
Nick Mathewson
7c5716d162 Merge branch 'maint-0.4.2' 2019-10-18 12:27:49 -04:00
Nick Mathewson
57c4af16f0 Merge remote-tracking branch 'tor-github/pr/1396' into maint-0.4.2 2019-10-18 12:27:39 -04:00
Nick Mathewson
fbd2fef220 Merge branch 'maint-0.4.2' of git-rw.torproject.org:/tor into maint-0.4.2 2019-10-18 12:25:55 -04:00
teor
1697019d5f
core: tabify a line in include.am 2019-10-18 16:56:50 +10:00
teor
d616214e47
Merge branch 'maint-0.4.2' 2019-10-18 12:05:20 +10:00
Alexander Færøy
389b37246e Remove overly strict assertions in transports.c.
This patch removes an overly strict tor_assert() and an ignorable BUG()
expression. Both of these would trigger if a PT was unable to configure
itself during startup. The easy way to trigger this is to configure an
obfs4 bridge where you make the obfs4 process try to bind on a port
number under 1024.

See: https://bugs.torproject.org/31091
2019-10-17 21:33:54 +02:00
Alexander Færøy
4ed06acb2a Add test to check if the exit callback is called in process_t upon process_exec() failures.
This patch adds a test to check for whether the exit callback is always
called when process_exec() fails, both on Windows and Unix.

See: https://bugs.torproject.org/31810
2019-10-17 20:52:32 +02:00
Alexander Færøy
7a64f6ea04 Ensure that the exit callback is called if CreateProcessA() fails on Windows.
This patch fixes an issue where the exit handler is not called for the
given process_t in case CreateProcessA() fails. This could, for example,
happen if the user tries to execute a binary that does not exist.

See: https://bugs.torproject.org/31810
2019-10-17 20:52:27 +02:00
Alexander Færøy
85b4a5c276 Handle errors from execve() in the Unix process backend more gracefully.
This patch removes a call to tor_assert_unreached() after execve()
failed. This assertion leads to the child process emitting a stack trace
on its standard output, which makes the error harder for the user to
demystify, since they think it is an internal error in Tor instead of
"just" being a "no such file or directory" error.

The process will now instead output "Error from child process: X" where
X is the stringified version of the errno value.

See: https://bugs.torproject.org/31810
2019-10-17 20:52:22 +02:00
Nick Mathewson
db18ff9120 Move code to add default log into quiet_level.c
I'm about to unify the code for handling this between main.c and
config.c.
2019-10-17 12:48:39 -04:00
Nick Mathewson
3a73f6612a Replace add_temp_log() with add_default_log().
We used to have this function so that we could mark our initial
log-to-stdout as specifically temporary so that we would delete it
once regular logs were configured.  But it's no longer necessary to
mark these logs as temporary, since we now use a mark-and-sweep
process to ensure that _all_ not-configured logs are closed when we
change our configuration.

Instead, this function will be the basis of a refactoring in how we
handle default logs.
2019-10-17 12:30:52 -04:00
Nick Mathewson
800b823c29 Merge branch 'cmdline_refactor' 2019-10-17 12:01:45 -04:00
Nick Mathewson
d97d7f0e48 Use an enum for quiet_level. 2019-10-17 12:01:40 -04:00
Nick Mathewson
b9f002dec6 Rename CMD_OTHER to CMD_IMMEDIATE 2019-10-17 12:01:40 -04:00
Nick Mathewson
d15223a385 fixup! Print the error message for --dump-config even if no arguments are given.
Fix a spelling error.
2019-10-17 12:01:40 -04:00
Nick Mathewson
763d955a17 Add a test for a command-line option without a value. 2019-10-17 12:01:40 -04:00
Nick Mathewson
bfdfaae040 Move responsibility for setting the "quiet level" into a table.
Previously this was done with a big list of options in main.c which
implied "hush" or "quiet".  One of these options ("--digests") no
longer existed, but we still checked for it.

Now we use the table of command-line-only arguments to set this
value.
2019-10-17 12:01:40 -04:00
Nick Mathewson
c529b3f8f1 Make the command-line parser understand "commands".
Previously these were implemented with a search in
options_init_from_torrc(), but that led to each option being
declared more than needed: once to say that it was a valid option,
and once to say what it meant.
2019-10-17 12:01:40 -04:00
Nick Mathewson
9826fb1981 Add a return type for the parsed commandline.
Previously it was stored in two outvars, but this is more
elegant. I'm going to be expanding this struct in later commits.
2019-10-17 12:01:40 -04:00
David Goulet
4a8d491322 mainloop: Disable periodic events before a destroy
When tearing down all periodic events during shutdown, disable them first so
their enable flag is updated.

This allows the tor_api.h to relaunch tor properly after a clean shutdown.

Fixes #32058

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-10-17 10:11:32 -04:00
Nick Mathewson
5c09230b45 hs_cache.c: fix HTML tags in doxygen comments. 2019-10-17 08:27:17 -04:00
Nick Mathewson
39cf575ed4 Merge remote-tracking branch 'tor-github/pr/1416' 2019-10-17 08:25:11 -04:00
Nick Mathewson
3430b487d6 hs_cell.[ch]: repair doxygen. 2019-10-16 12:08:38 -04:00
Nick Mathewson
6a2057a9f2 or_options_st.h: repair some doxygen comments. 2019-10-16 12:05:17 -04:00
Nick Mathewson
18ea8855f2 shared_random.[ch]: repair doxygen comments 2019-10-16 12:04:53 -04:00
Nick Mathewson
17b88241db hs_cache.[ch]: repair doxygen comments. 2019-10-16 11:57:44 -04:00
Tobias Stoeckmann
d91ad5112e Check tor_vasprintf for error return values.
In case of error, a negative value will be returned or NULL written into
first supplied argument.

This patch uses both cases to comply with style in the specific files.

A tor_vasprintf error in process_vprintf would lead to a NULL dereference
later on in buf_add, because the return value -1 casted to size_t would
pass an assertion check inside of buf_add.

On the other hand, common systems will fail on such an operation, so it
is not a huge difference to a simple assertion. Yet it is better to
properly fail instead of relying on such behaviour on all systems.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
2019-10-16 17:56:12 +02:00
Nick Mathewson
1b66668e26 hs_client.[ch]: fix doxygen comments by using /**. 2019-10-16 11:51:47 -04:00
Nick Mathewson
06367299c2 shared_random_state.[ch]: Repair a bunch of doxygen comments
These need to start with /**, not /*.
2019-10-16 11:44:30 -04:00
Nick Mathewson
123fe6bdc5 hs_common.[ch]: repair doxygen comments by replacing /* with /** 2019-10-16 11:39:10 -04:00
Nick Mathewson
2127d797e9 hs_descriptor.[ch]: repair doxygen comments.
These are yet more that were not made with "/**"
2019-10-16 11:33:03 -04:00
Nick Mathewson
ca26ea03fc hs_service.c: repair doxygen comments 2019-10-16 11:26:20 -04:00
Nick Mathewson
0e9e5c37b7 hs_service.h: repair doxygen comments. 2019-10-16 11:18:43 -04:00
Nick Mathewson
ba44423cfc address_set.c: doxygen comment repair. 2019-10-16 11:15:25 -04:00
Nick Mathewson
a54c98007a channel.h: fix various doxygen warnings
There were a bunch of items where the doxygen comments were
formatted incorrectly (with /* instead of /**)
2019-10-16 11:11:43 -04:00
Nick Mathewson
ce0739314b voting_schedule: fix doxygen comments to use /**
Previously some of the comments here used /*.
2019-10-16 11:08:34 -04:00
Nick Mathewson
87afe5c260 Rename authcert_members.i to .h, and have it define a macro.
Including a file in the middle of a declaration seems to confuse
Doxygen, and Coccinelle doesn't much like it either.l
2019-10-16 10:53:01 -04:00
Nick Mathewson
f9fac733b9 Doxygen: Fix things that looked like links.
Doxygen thinks that saying #foo is linking to a "foo" anchor
someplace.
2019-10-16 08:44:35 -04:00
Nick Mathewson
591420df20 Doxygen: fix unrecognized commands.
Doxygen seems to interpret anything starting with \ as a command,
even when we don't mean it that way.
2019-10-16 08:39:41 -04:00
Nick Mathewson
98735c40b6 Doxygen: fix warnings about mismatched HTML tags. 2019-10-16 08:27:03 -04:00
Nick Mathewson
5e5e655e32 Doxygen: Fix mismatched filenames.
In 8 places, our \file declarations didn't match the actual files
they were in.
2019-10-16 08:18:26 -04:00
David Goulet
09e6c0f7c7 hs-v3: Fix possible memory leak in error code path
Found by coverity CID 1454769.

There were a second possible leak that is also fixed in this commit.

Fixes #32063

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-10-15 08:54:11 -04:00
Nick Mathewson
6bbeb08f92 Merge branch 'maint-0.4.2' 2019-10-14 15:55:27 -04:00
Nick Mathewson
eebd2d44a1 Merge remote-tracking branch 'tor-github/pr/1393' into maint-0.4.2 2019-10-14 15:55:13 -04:00
Nick Mathewson
9201bbd96c Replace a unicode character which doxygen cannot handle.
Merging without review, as this is an editorial fix in a comment.
2019-10-14 14:05:50 -04:00
Nick Mathewson
61fe3f448c Bump master to 0.4.3.0-alpha-dev. 2019-10-11 17:15:04 -04:00
Nick Mathewson
2e5724d153 Merge branch 'ticket31682_042_01_squashed' 2019-10-11 10:21:58 -04:00
Nick Mathewson
46efc0ff35 Correct comment on build_establish_intro_dos_extension 2019-10-11 10:21:45 -04:00
David Goulet
b356b3907a hs-v3: Fix implicit ssize_t to size_t conversion
Found by Coverity.

Fixes #31682

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-10-11 10:20:36 -04:00
Nick Mathewson
0d82a8be77 Merge remote-tracking branch 'tor-github/pr/1394' 2019-10-09 16:44:12 -04:00
Nick Mathewson
ab064cf762 Merge remote-tracking branch 'tor-github/pr/1399' 2019-10-09 16:37:47 -04:00
Nick Mathewson
755f001600 Merge remote-tracking branch 'tor-github/pr/1401' 2019-10-09 16:29:46 -04:00
Nick Mathewson
99809834a7 Merge branch 'bug30344_squashed_035' 2019-10-09 16:26:31 -04:00
George Kadianakis
841cff6e4f Stop libevent from reading data from closed connections.
Code adapted from Rob's proposed patch in #30344.

Also add a comment in connection_mark_for_close_internal_() on why we should
not be adding extra code there without a very good reason.
2019-10-09 16:24:49 -04:00
Neel Chauhan
7c1b2fceb7 test: New behavior on IP retry for HSv3
Unit test for #31652 where if we are over the retry limit for the IP but we
have an established circuit, we don't remove the IP.

Part of #31652
2019-10-08 17:02:47 -04:00
David Goulet
f50de3a918 hs-v3: Do not remove intro point if circuit exists
When considering introduction point of a service's descriptor, do not remove
an intro point that has an established or pending circuit.

Fixes #31652

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-10-08 17:02:47 -04:00
Nick Mathewson
911b16e6e7 config.c: make a couple of arguments const.
These functions do not modify their inputs, so they can take const
arguments.
2019-10-08 12:59:22 -04:00
Nick Mathewson
bd5ce112c9 Use C99 struct-initializer syntax in COMMANDLINE_ONLY_OPTIONS
I'm about to add more fields to this table, and this syntax change
will make it easier to do so.
2019-10-08 12:59:22 -04:00
Nick Mathewson
6cea2bd498 Document takes_argument_t and its members. 2019-10-08 12:59:22 -04:00
Nick Mathewson
4c25ea6703 Rename TAKES_NO_ARGUMENT to ARGUMENT_NONE.
I'm doing this for consistency, so that all the values for this enum
have the same prefix.

This is an automated commit, generated by the following shell commands:

for fn in $(git ls-tree --name-only -r HEAD src |grep '\.[ch]$'); do \
    perl -i -pe 's!\bTAKES_NO_ARGUMENT\b!ARGUMENT_NONE!g;' "$fn"; \
done
2019-10-08 12:59:22 -04:00
Nick Mathewson
c42a79499a Extract the enumeration that tells Tor what command it is running. 2019-10-08 12:59:18 -04:00
George Kadianakis
081bd37315 Fix flapping of test_service_intro_point() unittest. 2019-10-08 19:00:43 +03:00
Nick Mathewson
7a26f14a37 Merge remote-tracking branch 'tor-github/pr/1317' 2019-10-07 10:23:44 -04:00
Nick Mathewson
56e8d84ea3 Merge branch 'ticket31548_035_01_squashed' 2019-10-07 10:21:40 -04:00
David Goulet
984a28f3e5 hs-v3: Make service pick the exact amount of intro points
When encoding introduction points, we were not checking if that intro points
had an established circuit.

When botting up, the service will pick, by default, 3 + 2 intro points and the
first 3 that establish, we use them and upload the descriptor.

However, the intro point is removed from the service descriptor list only when
the circuit has opened and we see that we have already enough intro points, it
is then removed.

But it is possible that the service establishes 3 intro points successfully
before the other(s) have even opened yet.

This lead to the service encoding extra intro points in the descriptor even
though the circuit is not opened or might never establish (#31561).

Fixes #31548

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-10-07 10:20:09 -04:00
Nick Mathewson
58b87a2c59 Merge remote-tracking branch 'tor-github/pr/1379' 2019-10-07 10:15:46 -04:00
Nick Mathewson
5fb5019a94 bump to 0.4.2.2-alpha-dev 2019-10-07 09:32:26 -04:00
Nick Mathewson
fdfb4b196b Use {mock,unmock}_hostname_resolver() in relevant tests
These tests all invoke the hostname resolver in one way or another,
and therefore potentially block if our DNS server is missing,
absent, or extremely slow.  Closes ticket 31841.
2019-10-04 08:03:19 -04:00
Nick Mathewson
4a0749596c Add a mock replacement for blocking hostname resolution
Based on examination of our tests, this mock function accepts
"localhost" and "torproject.org", and rejects everything else.
2019-10-04 08:03:19 -04:00
Nick Mathewson
9c24ceeb3f Make tor_addr_lookup_host_impl mockable. 2019-10-04 08:02:56 -04:00
teor
ff304f3be7
tls: Log TLS read buffer length bugs once
Rather than filling the logs with similar warnings.

Fixes bug 31939; bugfix on 0.3.0.4-rc.
2019-10-04 12:33:34 +10:00
teor
e5b8bd38ab
Merge remote-tracking branch 'tor-github/pr/1392' 2019-10-04 11:26:43 +10:00
David Goulet
52b7ae71b3 hs: ADD_ONION NEW:BEST now defaults to ED25519-V3
From RSA1024 (v2) to v3 now.

Closes #29669

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-10-03 15:43:03 -04:00
George Kadianakis
9309eaf8ea Merge branch 'tor-github/pr/1377' 2019-10-03 19:13:57 +03:00
George Kadianakis
3778b97cab Merge branch 'tor-github/pr/1276' 2019-10-03 19:13:02 +03:00
Nick Mathewson
49d6990cae Unit tests for dirserv_reject_tor_version(). 2019-10-03 19:12:52 +03:00
Nick Mathewson
4d4e2abd2f Authorities reject relays running unsupported Tor release series.
Our minimum version is now 0.2.9.5-alpha.  Series 0.3.0, 0.3.1,
0.3.2, 0.3.3, and 0.3.4 are now rejected.

Also, extract this version-checking code into a new function, so we
can test it.

Closes ticket 31549.

Also reject 0.3.5.0 through 0.3.5.6-rc as unstable.
2019-10-03 19:12:46 +03:00
Nick Mathewson
065e467e7c bump to 0.4.2.2-alpha 2019-10-03 12:07:50 -04:00
Nick Mathewson
5fd137c482 Merge remote-tracking branch 'tor-github/pr/1358' 2019-10-03 09:11:49 -04:00
Nick Mathewson
de7fcae72a Merge remote-tracking branch 'tor-github/pr/1382' 2019-10-03 09:08:23 -04:00
Nick Mathewson
ac8f6d51f4 Unify backend implementations for blocking hostname lookup
We have a getaddrinfo() implementation that we prefer, and a
gethostbyname*() implementation that we fall back on.  Give them
both the same interface, and let them be called by the same name.

This is a preparatory step for making them both mockable.
2019-10-03 07:47:25 -04:00
Nick Mathewson
b2802ae3c3 util/map_anon_nofork: Add a cast to avoid passing -48 to memset
This fixes coverity CID 1454593, and bug 31948. Bug not in any
released version of Tor.
2019-10-03 07:21:25 -04:00
teor
3d17fafa04
control/control: Refactor some error handling code
Split some protocol error handling out of
connection_control_process_inbuf().

This refactor reduces the size of a practracker exception.

Closes 31840.
2019-10-03 11:35:42 +10:00
Nick Mathewson
bca30bcb90 Merge remote-tracking branch 'tor-github/pr/1374' 2019-10-02 19:19:11 -04:00
David Goulet
ca1f18c159 Merge branch 'tor-github/pr/1385' 2019-10-02 14:15:31 -04:00
David Goulet
014abf86e5 Merge branch 'tor-github/pr/1344' 2019-10-02 10:37:49 -04:00
Nick Mathewson
a74c180691 Merge branch 'maint-0.3.5' into maint-0.4.0 2019-10-02 08:01:34 -04:00
Nick Mathewson
c81e1e4542 Merge branch 'maint-0.4.1' 2019-10-02 08:01:34 -04:00
Nick Mathewson
4dcbbe4166 Merge branch 'maint-0.4.0' into maint-0.4.1 2019-10-02 08:01:34 -04:00
Nick Mathewson
7b9cb4c47b Merge branch 'maint-0.2.9' into maint-0.3.5 2019-10-02 08:01:33 -04:00
Karsten Loesing
90de776ea9 Update geoip and geoip6 to the October 1 2019 database. 2019-10-02 11:11:27 +02:00
teor
3f94441bfe
log: fix a typo in the function comment for log_fn_()
Closes 31923.
2019-10-02 12:12:26 +10:00
Nick Mathewson
2b825a1a2e Fix a crash bug in max_u16_in_sl()
The documentation for this function says that the smartlist can
contain NULLs, but the code only handled NULLs if they were at the
start of the list.

We didn't notice this for a long time, because when Tor is run
normally, the sequence of msg_id_t is densely packed, and so this
list (mapping msg_id_t to channel_id_t) contains no NULL elements.
We could only run into this bug:
  * when Tor was running in embedded mode, and starting more than once.
  * when Tor ran first with more pubsub messages enabled, and then
    later with fewer.
  * When the second run (the one with fewer enabled pubsub messages)
    had at least some messages enabled, and those messages were not
    the ones with numerically highest msg_id_t values.

Fixes bug 31898; bugfix on 47de9c7b0a
in 0.4.1.1-alpha.
2019-10-01 13:01:20 -04:00
Nick Mathewson
34bbdaf5d4 Add a test for max_u16_in_sl().
This test does not currently pass, because of bug 31898.
2019-10-01 13:01:20 -04:00
Nick Mathewson
f17591b8e5 Rename max_in_sl to max_in_u16_sl, and expose it as STATIC.
Since we want to make this function slightly more visible for testing
purposes, it needs a better name.
2019-10-01 13:01:20 -04:00
Nick Mathewson
39640728c3 Add comments to try to prevent recurrence of #31495.
There is a bad design choice in two of our configuration types,
where the empty string encodes a value that is not the same as the
default value.  This design choice, plus an implementation mistake,
meant that config_dup() did not preserve the value of routerset_t,
and thereby caused bug #31495.

This comment-only patch documents the two types with the problem,
and suggests that implementors try to avoid it in the future.

Closes ticket 31907.
2019-10-01 09:45:12 -04:00
George Kadianakis
e8e42f4af9 Help users who try to use v2 client auth in v3 onions. 2019-10-01 13:41:21 +03:00
teor
56d0655ed8 err: Remove a duplicate header in backtrace.c 2019-09-30 23:17:04 +10:00
teor
c23986246b err: Always lock the backtrace buffer before it is used
Fixes bug 31734; bugfix on 0.2.5.3-alpha.
2019-09-30 23:17:04 +10:00
Nick Mathewson
53116ca0b7 Re-run "make autostyle" with improved annotate_ifdef_directives 2019-09-30 08:57:37 -04:00
teor
db329522ef
log: When initialising log domain masks, only set known log domains
And add a runtime test that checks for unknown domains and flags.

Fixes bug 31854; bugfix on 0.2.1.1-alpha.
2019-09-30 22:05:00 +10:00
teor
25c5322dfe
log: Define count, boundary, and all macros for domains and flags
And do static checks on those macro definitions.

Part of 31854.
2019-09-30 22:04:03 +10:00
teor
4c88ebcf47
log: Remove duplicate code and an outdated comment
Preparation for 31854.
2019-09-30 22:03:59 +10:00
George Kadianakis
9318682109 Merge branch 'tor-github/pr/1346' 2019-09-30 13:56:51 +03:00
George Kadianakis
ae8d36db31 Merge branch 'tor-github/pr/1302' 2019-09-30 13:47:53 +03:00
George Kadianakis
fc760c5088 Merge branch 'tor-github/pr/1356' 2019-09-30 13:47:06 +03:00
George Kadianakis
4673cb8168 Merge branch 'tor-github/pr/1339' 2019-09-30 13:44:59 +03:00
teor
2420c8c936 test: Avoid a map_anon_nofork test failure on SunOS
This test failure happened due to a signed/unsigned integer
comparison.

This bug occurred on SunOS, it may also occur on other systems that
use signed char as the default. (And cast 1-byte integer constants
to an unsigned integer.)

Fixes bug 31897; bugfix on 0.4.1.1-alpha.
2019-09-30 14:54:56 +10:00
Nick Mathewson
194dbea24d Run "make autostyle" with new "annotate_ifdef_directives" 2019-09-26 15:52:45 -04:00
Nick Mathewson
ffd857bbe1 Merge remote-tracking branch 'tor-github/pr/1308' 2019-09-26 14:36:37 -04:00
teor
d1eab05834
lock: Avoid some undefined behaviour when freeing mutexes.
Fixes bug 31736; bugfix on 0.0.7.
2019-09-26 12:37:25 +10:00
teor
749c2e1761
log: explain why it is safe to leave the log mutex initialized
The log mutex is dynamically initialized, guarded by log_mutex_initialized.
We don't want to destroy it, because after it is destroyed, we won't see
any more logs.

If tor is re-initialized, log_mutex_initialized will still be 1. So we
won't trigger any undefined behaviour by trying to re-initialize the
log mutex.

Part of 31736, but committed in this branch to avoid merge conflicts.
2019-09-26 12:22:34 +10:00
teor
2f8a9a2db6
sandbox: Allow backtrace signals to be disabled
Part of 31614.
2019-09-26 12:22:30 +10:00
teor
315f14c709
backtrace: avoid undefined behaviour on re-initialisation
cb_buf_mutex is statically initialised, so we can not destroy it when
we are shutting down the err subsystem. If we destroy it, and then
re-initialise tor, all our backtraces will fail.

Part of 31736, but committed in this branch to avoid merge conflicts.
2019-09-26 12:07:25 +10:00
Nick Mathewson
40a22fb707 Merge remote-tracking branch 'tor-github/pr/1349' 2019-09-25 13:07:19 -04:00
George Kadianakis
01a797be4e Merge branch 'tor-github/pr/1334' 2019-09-25 14:19:02 +03:00
George Kadianakis
0a77e5f1c2 Merge branch 'tor-github/pr/1341' 2019-09-25 14:18:15 +03:00
George Kadianakis
09769779a0 Merge branch 'tor-github/pr/1357' 2019-09-25 14:17:35 +03:00
George Kadianakis
2199629648 Merge branch 'tor-github/pr/1345' 2019-09-25 14:14:30 +03:00
George Kadianakis
99f75373de Merge branch 'tor-github/pr/1309' 2019-09-25 14:12:42 +03:00
teor
d30a042fa8 test: Use SEVERITY_MASK_IDX() to find the LOG_* mask indexes
In the unit tests and fuzzers.

Fixes bug 31334; bugfix on 0.2.5.2-alpha.
2019-09-25 16:40:09 +10:00