diff options
29 files changed, 182 insertions, 144 deletions
diff --git a/.gitignore b/.gitignore index f1ce903a11..736abbedc3 100644 --- a/.gitignore +++ b/.gitignore @@ -36,6 +36,12 @@ details-*.json uptime-*.json *.full_url *.last_modified +# Core files +core +core.* +!core/ +# ccls file that can be per directory. +*.ccls # / /Makefile @@ -73,6 +79,7 @@ uptime-*.json /Tor*Bundle.dmg /tor-*-win32.exe /warning_flags +/compile_commands.json /coverage_html/ /callgraph/ diff --git a/Makefile.am b/Makefile.am index a868be7362..c7bc514287 100644 --- a/Makefile.am +++ b/Makefile.am @@ -470,3 +470,17 @@ show-libs: show-testing-libs: @echo $(TOR_INTERNAL_TESTING_LIBS) + +# Note here that we hardcode this -j2 because if the user would pass too many +# cores, bear actually chockes and dies :S. For this to work, a make clean +# needs to be done else bear will miss some compile flags. +lsp: + @if test -x "`which bear 2>&1;true`"; then \ + echo "Generating LSP compile_commands.json. Might take few minutes..."; \ + $(MAKE) clean 2>&1 >/dev/null; \ + bear >/dev/null 2>&1 -- $(MAKE) -j2 2>&1 >/dev/null; \ + echo "Generating .ccls file..."; \ + ./scripts/maint/gen_ccls_file.sh \ + else \ + echo "No bear command found. On debian, apt install bear"; \ + fi diff --git a/changes/40241 b/changes/40241 new file mode 100644 index 0000000000..c9b2e2c011 --- /dev/null +++ b/changes/40241 @@ -0,0 +1,4 @@ + o Minor bugfixes (compilation): + - Fix a compilation warning about unreachable fallthrough annotations + when building with "--enable-all-bugs-are-fatal" on some compilers. + Fixes bug 40241; bugfix on 0.3.5.4-alpha. diff --git a/changes/40241_v2 b/changes/40241_v2 new file mode 100644 index 0000000000..85038297f7 --- /dev/null +++ b/changes/40241_v2 @@ -0,0 +1,4 @@ + o Minor bugfixes (compilation): + - Fix another warning about unreachable fallthrough annotations + when building with "--enable-all-bugs-are-fatal" on some compilers. + Fixes bug 40241; bugfix on 0.4.5.3-rc. diff --git a/changes/bug40080 b/changes/bug40080 new file mode 100644 index 0000000000..8162466354 --- /dev/null +++ b/changes/bug40080 @@ -0,0 +1,6 @@ + o Minor bugfixes (security): + - When completing a channel, relays now check more thoroughly to make + sure that it matches any pending circuits before attaching those + circuits. Previously, address correctness and Ed25519 identities were not + checked in this case, but only when extending circuits on an existing + channel. Fixes bug 40080; bugfix on 0.2.7.2-alpha. diff --git a/changes/bug40113 b/changes/bug40113 new file mode 100644 index 0000000000..adf4634097 --- /dev/null +++ b/changes/bug40113 @@ -0,0 +1,3 @@ + o Minor bugfixes (compilation): + - Resolve a compilation warning that could occur in test_connection.c. + Fixes bug 40113; bugfix on 0.2.9.3-alpha. diff --git a/changes/bug40179_part1 b/changes/bug40179_part1 new file mode 100644 index 0000000000..c302373534 --- /dev/null +++ b/changes/bug40179_part1 @@ -0,0 +1,4 @@ + o Minor bugfixes (testing, portability): + - Fix our Python reference-implementation for the v3 onion service + handshake so that it works correctly with the version of hashlib provided + by Python 3.9. Fixes part of bug 40179; bugfix on 0.3.1.6-rc. diff --git a/changes/ticket40133 b/changes/ticket40133 new file mode 100644 index 0000000000..8bbe00b6b2 --- /dev/null +++ b/changes/ticket40133 @@ -0,0 +1,5 @@ + o Minor features (protocol simplification): + - Tor no longer allows subprotocol versions larger than 63. Previously + versions up to UINT32_MAX were allowed, which significantly complicated + our code. + Implements proposal 318; closes ticket 40133. diff --git a/changes/ticket40227 b/changes/ticket40227 new file mode 100644 index 0000000000..e5efad0f95 --- /dev/null +++ b/changes/ticket40227 @@ -0,0 +1,4 @@ + o Minor feature (build system): + - New "make lsp" command to auto generate the compile_commands.json file + used by the ccls server. The "bear" program is needed for this. Closes + ticket 40227. diff --git a/configure.ac b/configure.ac index 6c8456d0c7..c7bda74c8b 100644 --- a/configure.ac +++ b/configure.ac @@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2019, The Tor Project, Inc. dnl See LICENSE for licensing information AC_PREREQ([2.63]) -AC_INIT([tor],[0.3.5.11-dev]) +AC_INIT([tor],[0.3.5.13]) AC_CONFIG_SRCDIR([src/app/main/tor_main.c]) AC_CONFIG_MACRO_DIR([m4]) diff --git a/contrib/win32build/tor-mingw.nsi.in b/contrib/win32build/tor-mingw.nsi.in index 638754153b..04a720a171 100644 --- a/contrib/win32build/tor-mingw.nsi.in +++ b/contrib/win32build/tor-mingw.nsi.in @@ -8,7 +8,7 @@ !include "LogicLib.nsh" !include "FileFunc.nsh" !insertmacro GetParameters -!define VERSION "0.3.5.11-dev" +!define VERSION "0.3.5.13" !define INSTALLER "tor-${VERSION}-win32.exe" !define WEBSITE "https://www.torproject.org/" !define LICENSE "LICENSE" diff --git a/scripts/maint/gen_ccls_file.sh b/scripts/maint/gen_ccls_file.sh new file mode 100755 index 0000000000..899e4e9603 --- /dev/null +++ b/scripts/maint/gen_ccls_file.sh @@ -0,0 +1,20 @@ +#!/bin/sh + +############################################################################## +# THIS MUST BE CALLED FROM THE ROOT DIRECTORY. IT IS USED BY THE MAKEFILE SO # +# IN THEORY, YOU SHOULD NEVER CALL THIS. # +############################################################################## + +set -e + +CCLS_FILE=".ccls" + +# Get all #define *_PRIVATE from our source. We need to list them in our .ccls +# file and enable them otherwise ccls will not find their definition thinking +# that they are dead code. +PRIVATE_DEFS=$(grep -r --include \*.h "_PRIVATE" | grep "#ifdef" | cut -d' ' -f2 | sort | uniq) + +echo "clang" > "$CCLS_FILE" +for p in $PRIVATE_DEFS; do + echo "-D$p" >> "$CCLS_FILE" +done diff --git a/src/core/or/channel.c b/src/core/or/channel.c index 3d90bef19f..9649bdf278 100644 --- a/src/core/or/channel.c +++ b/src/core/or/channel.c @@ -664,7 +664,7 @@ channel_find_by_global_id(uint64_t global_identifier) /** Return true iff <b>chan</b> matches <b>rsa_id_digest</b> and <b>ed_id</b>. * as its identity keys. If either is NULL, do not check for a match. */ -static int +int channel_remote_identity_matches(const channel_t *chan, const char *rsa_id_digest, const ed25519_public_key_t *ed_id) diff --git a/src/core/or/channel.h b/src/core/or/channel.h index 78e4d90ea5..d41f0d70bb 100644 --- a/src/core/or/channel.h +++ b/src/core/or/channel.h @@ -738,6 +738,9 @@ int channel_is_outgoing(channel_t *chan); void channel_mark_client(channel_t *chan); void channel_clear_client(channel_t *chan); int channel_matches_extend_info(channel_t *chan, extend_info_t *extend_info); +int channel_remote_identity_matches(const channel_t *chan, + const char *rsa_id_digest, + const ed25519_public_key_t *ed_id); int channel_matches_target_addr_for_extend(channel_t *chan, const tor_addr_t *target); unsigned int channel_num_circuits(channel_t *chan); diff --git a/src/core/or/channeltls.c b/src/core/or/channeltls.c index 299ab88576..18025ff73a 100644 --- a/src/core/or/channeltls.c +++ b/src/core/or/channeltls.c @@ -1225,8 +1225,7 @@ channel_tls_handle_var_cell(var_cell_t *var_cell, or_connection_t *conn) * the v2 and v3 handshakes. */ /* But that should be happening any longer've disabled bufferevents. */ tor_assert_nonfatal_unreached_once(); - - FALLTHROUGH; + FALLTHROUGH_UNLESS_ALL_BUGS_ARE_FATAL; case OR_CONN_STATE_TLS_SERVER_RENEGOTIATING: if (!(command_allowed_before_handshake(var_cell->command))) { log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, diff --git a/src/core/or/circuitbuild.c b/src/core/or/circuitbuild.c index 1a5025cd71..70b5d8215a 100644 --- a/src/core/or/circuitbuild.c +++ b/src/core/or/circuitbuild.c @@ -623,21 +623,37 @@ circuit_n_chan_done(channel_t *chan, int status, int close_origin_circuits) circ->state != CIRCUIT_STATE_CHAN_WAIT) continue; - if (tor_digest_is_zero(circ->n_hop->identity_digest)) { + const char *rsa_ident = NULL; + const ed25519_public_key_t *ed_ident = NULL; + if (! tor_digest_is_zero(circ->n_hop->identity_digest)) { + rsa_ident = circ->n_hop->identity_digest; + } + if (! ed25519_public_key_is_zero(&circ->n_hop->ed_identity)) { + ed_ident = &circ->n_hop->ed_identity; + } + + if (rsa_ident == NULL && ed_ident == NULL) { /* Look at addr/port. This is an unkeyed connection. */ if (!channel_matches_extend_info(chan, circ->n_hop)) continue; } else { - /* We expected a key. See if it's the right one. */ - if (tor_memneq(chan->identity_digest, - circ->n_hop->identity_digest, DIGEST_LEN)) + /* We expected a key or keys. See if they matched. */ + if (!channel_remote_identity_matches(chan, rsa_ident, ed_ident)) continue; + + /* If the channel is canonical, great. If not, it needs to match + * the requested address exactly. */ + if (! chan->is_canonical && + ! channel_matches_extend_info(chan, circ->n_hop)) { + continue; + } } if (!status) { /* chan failed; close circ */ log_info(LD_CIRC,"Channel failed; closing circ."); circuit_mark_for_close(circ, END_CIRC_REASON_CHANNEL_CLOSED); continue; } + if (close_origin_circuits && CIRCUIT_IS_ORIGIN(circ)) { log_info(LD_CIRC,"Channel deprecated for origin circs; closing circ."); circuit_mark_for_close(circ, END_CIRC_REASON_CHANNEL_CLOSED); diff --git a/src/core/or/circuitlist.c b/src/core/or/circuitlist.c index 03d495cdfd..ccf3041bb4 100644 --- a/src/core/or/circuitlist.c +++ b/src/core/or/circuitlist.c @@ -787,7 +787,7 @@ circuit_purpose_to_controller_hs_state_string(uint8_t purpose) "Unrecognized circuit purpose: %d", (int)purpose); tor_fragile_assert(); - FALLTHROUGH; + FALLTHROUGH_UNLESS_ALL_BUGS_ARE_FATAL; case CIRCUIT_PURPOSE_OR: case CIRCUIT_PURPOSE_C_GENERAL: diff --git a/src/core/or/protover.c b/src/core/or/protover.c index 17979d04ea..dfb0e9e303 100644 --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@ -113,13 +113,13 @@ proto_entry_free_(proto_entry_t *entry) } /** The largest possible protocol version. */ -#define MAX_PROTOCOL_VERSION (UINT32_MAX-1) +#define MAX_PROTOCOL_VERSION (63) /** * Given a string <b>s</b> and optional end-of-string pointer * <b>end_of_range</b>, parse the protocol range and store it in * <b>low_out</b> and <b>high_out</b>. A protocol range has the format U, or - * U-U, where U is an unsigned 32-bit integer. + * U-U, where U is an unsigned integer between 0 and 63 inclusive. */ static int parse_version_range(const char *s, const char *end_of_range, diff --git a/src/feature/client/entrynodes.c b/src/feature/client/entrynodes.c index 8d9230b66b..6c7f8057bd 100644 --- a/src/feature/client/entrynodes.c +++ b/src/feature/client/entrynodes.c @@ -2263,7 +2263,7 @@ entry_guards_note_guard_success(guard_selection_t *gs, break; default: tor_assert_nonfatal_unreached(); - FALLTHROUGH; + FALLTHROUGH_UNLESS_ALL_BUGS_ARE_FATAL; case GUARD_CIRC_STATE_USABLE_IF_NO_BETTER_GUARD: if (guard->is_primary) { /* XXXX #20832 -- I don't actually like this logic. It seems to make diff --git a/src/feature/rend/rendclient.c b/src/feature/rend/rendclient.c index 5c9dbea8e3..6e95142c0b 100644 --- a/src/feature/rend/rendclient.c +++ b/src/feature/rend/rendclient.c @@ -819,7 +819,7 @@ rend_client_report_intro_point_failure(extend_info_t *failed_intro, log_warn(LD_BUG, "Unknown failure type %u. Removing intro point.", failure_type); tor_fragile_assert(); - FALLTHROUGH; + FALLTHROUGH_UNLESS_ALL_BUGS_ARE_FATAL; case INTRO_POINT_FAILURE_GENERIC: rend_cache_intro_failure_note(failure_type, (uint8_t *)failed_intro->identity_digest, diff --git a/src/lib/log/util_bug.h b/src/lib/log/util_bug.h index 2a4d68127e..17e8d0c5a7 100644 --- a/src/lib/log/util_bug.h +++ b/src/lib/log/util_bug.h @@ -215,6 +215,17 @@ IF_BUG_ONCE__(ASSERT_PREDICT_UNLIKELY_(cond), \ IF_BUG_ONCE_VARNAME__(__LINE__)) +/** + * Use this macro after a nonfatal assertion, and before a case statement + * where you would want to fall through. + */ +#ifdef ALL_BUGS_ARE_FATAL +#define FALLTHROUGH_UNLESS_ALL_BUGS_ARE_FATAL \ + abort() +#else +#define FALLTHROUGH_UNLESS_ALL_BUGS_ARE_FATAL FALLTHROUGH +#endif + /** Define this if you want Tor to crash when any problem comes up, * so you can get a coredump and track things down. */ // #define tor_fragile_assert() tor_assert_unreached(0) diff --git a/src/rust/protover/errors.rs b/src/rust/protover/errors.rs index dc0d8735f4..04397ac4fe 100644 --- a/src/rust/protover/errors.rs +++ b/src/rust/protover/errors.rs @@ -36,7 +36,7 @@ impl Display for ProtoverError { ProtoverError::Unparseable => write!(f, "The protover string was unparseable."), ProtoverError::ExceedsMax => write!( f, - "The high in a (low, high) protover range exceeds u32::MAX." + "The high in a (low, high) protover range exceeds 63." ), ProtoverError::ExceedsExpansionLimit => write!( f, diff --git a/src/rust/protover/protoset.rs b/src/rust/protover/protoset.rs index 3b283983c8..0ab94457c5 100644 --- a/src/rust/protover/protoset.rs +++ b/src/rust/protover/protoset.rs @@ -294,6 +294,10 @@ impl ProtoSet { } } +/// Largest allowed protocol version. +/// C_RUST_COUPLED: protover.c `MAX_PROTOCOL_VERSION` +const MAX_PROTOCOL_VERSION: Version = 63; + impl FromStr for ProtoSet { type Err = ProtoverError; @@ -370,7 +374,7 @@ impl FromStr for ProtoSet { let pieces: ::std::str::Split<char> = version_string.split(','); for p in pieces { - if p.contains('-') { + let (lo,hi) = if p.contains('-') { let mut pair = p.splitn(2, '-'); let low = pair.next().ok_or(ProtoverError::Unparseable)?; @@ -379,12 +383,17 @@ impl FromStr for ProtoSet { let lo: Version = low.parse().or(Err(ProtoverError::Unparseable))?; let hi: Version = high.parse().or(Err(ProtoverError::Unparseable))?; - pairs.push((lo, hi)); + (lo,hi) } else { let v: u32 = p.parse().or(Err(ProtoverError::Unparseable))?; - pairs.push((v, v)); + (v, v) + }; + + if lo > MAX_PROTOCOL_VERSION || hi > MAX_PROTOCOL_VERSION { + return Err(ProtoverError::ExceedsMax); } + pairs.push((lo, hi)); } ProtoSet::from_slice(&pairs[..]) @@ -674,12 +683,11 @@ mod test { #[test] fn test_protoset_into_vec() { - let ps: ProtoSet = "1-13,42,9001,4294967294".parse().unwrap(); + let ps: ProtoSet = "1-13,42".parse().unwrap(); let v: Vec<Version> = ps.into(); assert!(v.contains(&7)); - assert!(v.contains(&9001)); - assert!(v.contains(&4294967294)); + assert!(v.contains(&42)); } } diff --git a/src/rust/protover/protover.rs b/src/rust/protover/protover.rs index 06fdf56c69..536667f61b 100644 --- a/src/rust/protover/protover.rs +++ b/src/rust/protover/protover.rs @@ -866,12 +866,12 @@ mod test { #[test] fn test_protoentry_from_str_allowed_number_of_versions() { - assert_protoentry_is_parseable!("Desc=1-4294967294"); + assert_protoentry_is_parseable!("Desc=1-63"); } #[test] fn test_protoentry_from_str_too_many_versions() { - assert_protoentry_is_unparseable!("Desc=1-4294967295"); + assert_protoentry_is_unparseable!("Desc=1-64"); } #[test] @@ -910,10 +910,10 @@ mod test { #[test] fn test_protoentry_all_supported_unsupported_high_version() { - let protocols: UnvalidatedProtoEntry = "HSDir=12-100".parse().unwrap(); + let protocols: UnvalidatedProtoEntry = "HSDir=12-60".parse().unwrap(); let unsupported: Option<UnvalidatedProtoEntry> = protocols.all_supported(); assert_eq!(true, unsupported.is_some()); - assert_eq!("HSDir=12-100", &unsupported.unwrap().to_string()); + assert_eq!("HSDir=12-60", &unsupported.unwrap().to_string()); } #[test] @@ -962,7 +962,7 @@ mod test { ProtoSet::from_str(&versions).unwrap().to_string() ); - versions = "1-3,500"; + versions = "1-3,50"; assert_eq!( String::from(versions), ProtoSet::from_str(&versions).unwrap().to_string() diff --git a/src/rust/protover/tests/protover.rs b/src/rust/protover/tests/protover.rs index 942fe3c6ab..d563202d87 100644 --- a/src/rust/protover/tests/protover.rs +++ b/src/rust/protover/tests/protover.rs @@ -98,10 +98,10 @@ fn protocol_all_supported_with_unsupported_protocol() { #[test] fn protocol_all_supported_with_unsupported_versions() { - let protocols: UnvalidatedProtoEntry = "Link=3-999".parse().unwrap(); + let protocols: UnvalidatedProtoEntry = "Link=3-63".parse().unwrap(); let unsupported: Option<UnvalidatedProtoEntry> = protocols.all_supported(); assert_eq!(true, unsupported.is_some()); - assert_eq!("Link=6-999", &unsupported.unwrap().to_string()); + assert_eq!("Link=6-63", &unsupported.unwrap().to_string()); } #[test] @@ -114,10 +114,10 @@ fn protocol_all_supported_with_unsupported_low_version() { #[test] fn protocol_all_supported_with_unsupported_high_version() { - let protocols: UnvalidatedProtoEntry = "Cons=1-2,999".parse().unwrap(); + let protocols: UnvalidatedProtoEntry = "Cons=1-2,60".parse().unwrap(); let unsupported: Option<UnvalidatedProtoEntry> = protocols.all_supported(); assert_eq!(true, unsupported.is_some()); - assert_eq!("Cons=999", &unsupported.unwrap().to_string()); + assert_eq!("Cons=60", &unsupported.unwrap().to_string()); } #[test] @@ -195,27 +195,27 @@ fn protover_compute_vote_returns_protocols_that_it_doesnt_currently_support() { #[test] fn protover_compute_vote_returns_matching_for_mix() { - let protocols: &[UnvalidatedProtoEntry] = &["Link=1-10,500 Cons=1,3-7,8".parse().unwrap()]; + let protocols: &[UnvalidatedProtoEntry] = &["Link=1-10,50 Cons=1,3-7,8".parse().unwrap()]; let listed = ProtoverVote::compute(protocols, &1); - assert_eq!("Cons=1,3-8 Link=1-10,500", listed.to_string()); + assert_eq!("Cons=1,3-8 Link=1-10,50", listed.to_string()); } #[test] fn protover_compute_vote_returns_matching_for_longer_mix() { let protocols: &[UnvalidatedProtoEntry] = &[ - "Desc=1-10,500 Cons=1,3-7,8".parse().unwrap(), - "Link=123-456,78 Cons=2-6,8 Desc=9".parse().unwrap(), + "Desc=1-10,50 Cons=1,3-7,8".parse().unwrap(), + "Link=12-45,8 Cons=2-6,8 Desc=9".parse().unwrap(), ]; let listed = ProtoverVote::compute(protocols, &1); - assert_eq!("Cons=1-8 Desc=1-10,500 Link=78,123-456", listed.to_string()); + assert_eq!("Cons=1-8 Desc=1-10,50 Link=8,12-45", listed.to_string()); } #[test] fn protover_compute_vote_returns_matching_for_longer_mix_with_threshold_two() { let protocols: &[UnvalidatedProtoEntry] = &[ - "Desc=1-10,500 Cons=1,3-7,8".parse().unwrap(), - "Link=123-456,78 Cons=2-6,8 Desc=9".parse().unwrap(), + "Desc=1-10,50 Cons=1,3-7,8".parse().unwrap(), + "Link=8,12-45 Cons=2-6,8 Desc=9".parse().unwrap(), ]; let listed = ProtoverVote::compute(protocols, &2); @@ -320,30 +320,20 @@ fn protocol_all_supported_with_single_protocol_and_protocol_range() { assert_eq!(true, unsupported.is_none()); } -// By allowing us to add to votes, the C implementation allows us to -// exceed the limit. -#[test] -fn protover_compute_vote_may_exceed_limit() { - let proto1: UnvalidatedProtoEntry = "Sleen=1-65535".parse().unwrap(); - let proto2: UnvalidatedProtoEntry = "Sleen=100000".parse().unwrap(); - - let _result: UnvalidatedProtoEntry = ProtoverVote::compute(&[proto1, proto2], &1); -} - #[test] fn protover_all_supported_should_exclude_versions_we_actually_do_support() { - let proto: UnvalidatedProtoEntry = "Link=3-999".parse().unwrap(); + let proto: UnvalidatedProtoEntry = "Link=3-63".parse().unwrap(); let result: String = proto.all_supported().unwrap().to_string(); - assert_eq!(result, "Link=6-999".to_string()); + assert_eq!(result, "Link=6-63".to_string()); } #[test] fn protover_all_supported_should_exclude_versions_we_actually_do_support_complex1() { - let proto: UnvalidatedProtoEntry = "Link=1-3,345-666".parse().unwrap(); + let proto: UnvalidatedProtoEntry = "Link=1-3,30-63".parse().unwrap(); let result: String = proto.all_supported().unwrap().to_string(); - assert_eq!(result, "Link=345-666".to_string()); + assert_eq!(result, "Link=30-63".to_string()); } #[test] @@ -356,26 +346,10 @@ fn protover_all_supported_should_exclude_versions_we_actually_do_support_complex #[test] fn protover_all_supported_should_exclude_some_versions_and_entire_protocols() { - let proto: UnvalidatedProtoEntry = "Link=1-3,5-12 Quokka=9000-9001".parse().unwrap(); - let result: String = proto.all_supported().unwrap().to_string(); - - assert_eq!(result, "Link=6-12 Quokka=9000-9001".to_string()); -} - -#[test] -fn protover_all_supported_should_not_dos_anyones_computer() { - let proto: UnvalidatedProtoEntry = "Link=1-2147483648".parse().unwrap(); - let result: String = proto.all_supported().unwrap().to_string(); - - assert_eq!(result, "Link=6-2147483648".to_string()); -} - -#[test] -fn protover_all_supported_should_not_dos_anyones_computer_max_versions() { - let proto: UnvalidatedProtoEntry = "Link=1-4294967294".parse().unwrap(); + let proto: UnvalidatedProtoEntry = "Link=1-3,5-12 Quokka=50-51".parse().unwrap(); let result: String = proto.all_supported().unwrap().to_string(); - assert_eq!(result, "Link=6-4294967294".to_string()); + assert_eq!(result, "Link=6-12 Quokka=50-51".to_string()); } #[test] diff --git a/src/test/hs_ntor_ref.py b/src/test/hs_ntor_ref.py index 1b9772a5d6..d58ac3ca23 100644 --- a/src/test/hs_ntor_ref.py +++ b/src/test/hs_ntor_ref.py @@ -65,14 +65,16 @@ except ImportError: try: # Pull the sha3 functions in. from hashlib import sha3_256, shake_256 - shake_squeeze = shake_256.digest + def shake_squeeze(obj, n): + return obj.digest(n) except ImportError: if hasattr(sha3, "SHA3256"): # If this happens, then we have the old "sha3" module which # hashlib and pysha3 superseded. sha3_256 = sha3.SHA3256 shake_256 = sha3.SHAKE256 - shake_squeeze = shake_256.squeeze + def shake_squeeze(obj, n): + return obj.squeeze(n) else: # error code 77 tells automake to skip this test sys.exit(77) diff --git a/src/test/test_connection.c b/src/test/test_connection.c index ebe7c6d36f..6f716f5758 100644 --- a/src/test/test_connection.c +++ b/src/test/test_connection.c @@ -592,7 +592,8 @@ test_conn_download_status(void *arg) connection_t *ap_conn = NULL; const struct testcase_t *tc = arg; - consensus_flavor_t usable_flavor = (consensus_flavor_t)tc->setup_data; + consensus_flavor_t usable_flavor = + networkstatus_parse_flavor_name((const char*) tc->setup_data); /* The "other flavor" trick only works if there are two flavors */ tor_assert(N_CONSENSUS_FLAVORS == 2); @@ -893,9 +894,9 @@ struct testcase_t connection_tests[] = { CONNECTION_TESTCASE(get_rend, TT_FORK, test_conn_get_rend_st), CONNECTION_TESTCASE(get_rsrc, TT_FORK, test_conn_get_rsrc_st), CONNECTION_TESTCASE_ARG(download_status, TT_FORK, - test_conn_download_status_st, FLAV_MICRODESC), + test_conn_download_status_st, "microdesc"), CONNECTION_TESTCASE_ARG(download_status, TT_FORK, - test_conn_download_status_st, FLAV_NS), + test_conn_download_status_st, "ns"), //CONNECTION_TESTCASE(func_suffix, TT_FORK, setup_func_pair), { "failed_orconn_tracker", test_failed_orconn_tracker, TT_FORK, NULL, NULL }, END_OF_TESTCASES diff --git a/src/test/test_protover.c b/src/test/test_protover.c index 63c508bd13..b4689045cf 100644 --- a/src/test/test_protover.c +++ b/src/test/test_protover.c @@ -25,7 +25,7 @@ test_protover_parse(void *arg) #else char *re_encoded = NULL; - const char *orig = "Foo=1,3 Bar=3 Baz= Quux=9-12,14,15-16,900"; + const char *orig = "Foo=1,3 Bar=3 Baz= Quux=9-12,14,15-16"; smartlist_t *elts = parse_protocol_list(orig); tt_assert(elts); @@ -61,7 +61,7 @@ test_protover_parse(void *arg) e = smartlist_get(elts, 3); tt_str_op(e->name, OP_EQ, "Quux"); - tt_int_op(smartlist_len(e->ranges), OP_EQ, 4); + tt_int_op(smartlist_len(e->ranges), OP_EQ, 3); { r = smartlist_get(e->ranges, 0); tt_int_op(r->low, OP_EQ, 9); @@ -74,10 +74,6 @@ test_protover_parse(void *arg) r = smartlist_get(e->ranges, 2); tt_int_op(r->low, OP_EQ, 15); tt_int_op(r->high, OP_EQ, 16); - - r = smartlist_get(e->ranges, 3); - tt_int_op(r->low, OP_EQ, 900); - tt_int_op(r->high, OP_EQ, 900); } re_encoded = encode_protocol_list(elts); @@ -149,14 +145,14 @@ test_protover_vote(void *arg) tt_str_op(result, OP_EQ, ""); tor_free(result); - smartlist_add(lst, (void*) "Foo=1-10,500 Bar=1,3-7,8"); + smartlist_add(lst, (void*) "Foo=1-10,63 Bar=1,3-7,8"); result = protover_compute_vote(lst, 1); - tt_str_op(result, OP_EQ, "Bar=1,3-8 Foo=1-10,500"); + tt_str_op(result, OP_EQ, "Bar=1,3-8 Foo=1-10,63"); tor_free(result); - smartlist_add(lst, (void*) "Quux=123-456,78 Bar=2-6,8 Foo=9"); + smartlist_add(lst, (void*) "Quux=12-45 Bar=2-6,8 Foo=9"); result = protover_compute_vote(lst, 1); - tt_str_op(result, OP_EQ, "Bar=1-8 Foo=1-10,500 Quux=78,123-456"); + tt_str_op(result, OP_EQ, "Bar=1-8 Foo=1-10,63 Quux=12-45"); tor_free(result); result = protover_compute_vote(lst, 2); @@ -194,45 +190,16 @@ test_protover_vote(void *arg) /* Just below the threshold: Rust */ smartlist_clear(lst); - smartlist_add(lst, (void*) "Sleen=1-500"); + smartlist_add(lst, (void*) "Sleen=1-50"); result = protover_compute_vote(lst, 1); - tt_str_op(result, OP_EQ, "Sleen=1-500"); + tt_str_op(result, OP_EQ, "Sleen=1-50"); tor_free(result); /* Just below the threshold: C */ smartlist_clear(lst); - smartlist_add(lst, (void*) "Sleen=1-65536"); - result = protover_compute_vote(lst, 1); - tt_str_op(result, OP_EQ, "Sleen=1-65536"); - tor_free(result); - - /* Large protover lists that exceed the threshold */ - - /* By adding two votes, C allows us to exceed the limit */ - smartlist_add(lst, (void*) "Sleen=1-65536"); - smartlist_add(lst, (void*) "Sleen=100000"); - result = protover_compute_vote(lst, 1); - tt_str_op(result, OP_EQ, "Sleen=1-65536,100000"); - tor_free(result); - - /* Large integers */ - smartlist_clear(lst); - smartlist_add(lst, (void*) "Sleen=4294967294"); + smartlist_add(lst, (void*) "Sleen=1-63"); result = protover_compute_vote(lst, 1); - tt_str_op(result, OP_EQ, "Sleen=4294967294"); - tor_free(result); - - /* This parses, but fails at the vote stage */ - smartlist_clear(lst); - smartlist_add(lst, (void*) "Sleen=4294967295"); - result = protover_compute_vote(lst, 1); - tt_str_op(result, OP_EQ, ""); - tor_free(result); - - smartlist_clear(lst); - smartlist_add(lst, (void*) "Sleen=4294967296"); - result = protover_compute_vote(lst, 1); - tt_str_op(result, OP_EQ, ""); + tt_str_op(result, OP_EQ, "Sleen=1-63"); tor_free(result); /* Protocol name too long */ @@ -272,8 +239,8 @@ test_protover_all_supported(void *arg) tt_assert(! protover_all_supported("Wombat=9", &msg)); tt_str_op(msg, OP_EQ, "Wombat=9"); tor_free(msg); - tt_assert(! protover_all_supported("Link=999", &msg)); - tt_str_op(msg, OP_EQ, "Link=999"); + tt_assert(! protover_all_supported("Link=60", &msg)); + tt_str_op(msg, OP_EQ, "Link=60"); tor_free(msg); // Mix of things we support and things we don't @@ -283,11 +250,11 @@ test_protover_all_supported(void *arg) /* Mix of things we support and don't support within a single protocol * which we do support */ - tt_assert(! protover_all_supported("Link=3-999", &msg)); - tt_str_op(msg, OP_EQ, "Link=6-999"); + tt_assert(! protover_all_supported("Link=3-60", &msg)); + tt_str_op(msg, OP_EQ, "Link=6-60"); tor_free(msg); - tt_assert(! protover_all_supported("Link=1-3,345-666", &msg)); - tt_str_op(msg, OP_EQ, "Link=345-666"); + tt_assert(! protover_all_supported("Link=1-3,50-63", &msg)); + tt_str_op(msg, OP_EQ, "Link=50-63"); tor_free(msg); tt_assert(! protover_all_supported("Link=1-3,5-12", &msg)); tt_str_op(msg, OP_EQ, "Link=6-12"); @@ -295,18 +262,8 @@ test_protover_all_supported(void *arg) /* Mix of protocols we do support and some we don't, where the protocols * we do support have some versions we don't support. */ - tt_assert(! protover_all_supported("Link=1-3,5-12 Quokka=9000-9001", &msg)); - tt_str_op(msg, OP_EQ, "Link=6-12 Quokka=9000-9001"); - tor_free(msg); - - /* We shouldn't be able to DoS ourselves parsing a large range. */ - tt_assert(! protover_all_supported("Sleen=1-2147483648", &msg)); - tt_str_op(msg, OP_EQ, "Sleen=1-2147483648"); - tor_free(msg); - - /* This case is allowed. */ - tt_assert(! protover_all_supported("Sleen=1-4294967294", &msg)); - tt_str_op(msg, OP_EQ, "Sleen=1-4294967294"); + tt_assert(! protover_all_supported("Link=1-3,5-12 Quokka=40-41", &msg)); + tt_str_op(msg, OP_EQ, "Link=6-12 Quokka=40-41"); tor_free(msg); /* If we get a (barely) valid (but unsupported list, we say "yes, that's @@ -566,9 +523,9 @@ test_protover_vote_roundtrip(void *args) /* Will fail because of 4294967295. */ { "Foo=1,3 Bar=3 Baz= Quux=9-12,14,15-16,900 Zn=1,4294967295", NULL }, - { "Foo=1,3 Bar=3 Baz= Quux=9-12,14,15-16,900 Zn=1,4294967294", - "Bar=3 Foo=1,3 Quux=9-12,14-16,900 Zn=1,4294967294" }, - { "Zu16=1,65536", "Zu16=1,65536" }, + { "Foo=1,3 Bar=3 Baz= Quux=9-12,14,15-16,50 Zn=1,42", + "Bar=3 Foo=1,3 Quux=9-12,14-16,50 Zn=1,42" }, + { "Zu16=1,63", "Zu16=1,63" }, { "N-1=1,2", "N-1=1-2" }, { "-1=4294967295", NULL }, { "-1=3", "-1=3" }, @@ -602,12 +559,8 @@ test_protover_vote_roundtrip(void *args) /* Large integers */ { "Link=4294967296", NULL }, /* Large range */ - { "Sleen=1-501", "Sleen=1-501" }, + { "Sleen=1-63", "Sleen=1-63" }, { "Sleen=1-65537", NULL }, - /* Both C/Rust implementations should be able to handle this mild DoS. */ - { "Sleen=1-2147483648", NULL }, - /* Rust tests are built in debug mode, so ints are bounds-checked. */ - { "Sleen=1-4294967295", NULL }, }; unsigned u; smartlist_t *votes = smartlist_new(); diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h index ec7a5b2429..1c0ce18e73 100644 --- a/src/win32/orconfig.h +++ b/src/win32/orconfig.h @@ -218,7 +218,7 @@ #define USING_TWOS_COMPLEMENT /* Version number of package */ -#define VERSION "0.3.5.11-dev" +#define VERSION "0.3.5.13" |