aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--changes/ticket236375
-rw-r--r--configure.ac2
-rw-r--r--contrib/win32build/tor-mingw.nsi.in2
-rw-r--r--src/common/aes.c2
-rw-r--r--src/common/compat_libevent.c2
-rw-r--r--src/common/compat_time.c4
-rw-r--r--src/common/compat_winthreads.c4
-rw-r--r--src/common/sandbox.c2
-rw-r--r--src/common/util.c24
-rw-r--r--src/or/config.c24
-rw-r--r--src/or/control.c2
-rw-r--r--src/or/hibernate.c4
-rw-r--r--src/or/main.c10
-rw-r--r--src/or/networkstatus.c2
-rw-r--r--src/or/ntmain.c2
-rw-r--r--src/or/or.h6
-rw-r--r--src/or/policies.c13
-rw-r--r--src/or/routerlist.c12
-rw-r--r--src/or/scheduler.c2
-rw-r--r--src/win32/orconfig.h2
20 files changed, 66 insertions, 60 deletions
diff --git a/changes/ticket23637 b/changes/ticket23637
new file mode 100644
index 0000000000..0c524f34c3
--- /dev/null
+++ b/changes/ticket23637
@@ -0,0 +1,5 @@
+ o Minor features (directory authority):
+ - Make the "Exit" flag assignment only depend on whether the exit
+ policy allows connections to ports 80 and 443. Previously relays
+ would get the Exit flag if they allowed connections to one of
+ these ports and also port 6667. Resolves ticket 23637.
diff --git a/configure.ac b/configure.ac
index 668fd4f1fa..c026464269 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2017, The Tor Project, Inc.
dnl See LICENSE for licensing information
AC_PREREQ([2.63])
-AC_INIT([tor],[0.3.2.2-alpha-dev])
+AC_INIT([tor],[0.3.3.0-alpha-dev])
AC_CONFIG_SRCDIR([src/or/main.c])
AC_CONFIG_MACRO_DIR([m4])
diff --git a/contrib/win32build/tor-mingw.nsi.in b/contrib/win32build/tor-mingw.nsi.in
index 02d4ef9072..f3c23ef335 100644
--- a/contrib/win32build/tor-mingw.nsi.in
+++ b/contrib/win32build/tor-mingw.nsi.in
@@ -8,7 +8,7 @@
!include "LogicLib.nsh"
!include "FileFunc.nsh"
!insertmacro GetParameters
-!define VERSION "0.3.2.2-alpha-dev"
+!define VERSION "0.3.3.0-alpha-dev"
!define INSTALLER "tor-${VERSION}-win32.exe"
!define WEBSITE "https://www.torproject.org/"
!define LICENSE "LICENSE"
diff --git a/src/common/aes.c b/src/common/aes.c
index 20b51a6758..df4368fdba 100644
--- a/src/common/aes.c
+++ b/src/common/aes.c
@@ -254,7 +254,7 @@ evaluate_ctr_for_aes(void)
/* LCOV_EXCL_START */
log_err(LD_CRYPTO, "This OpenSSL has a buggy version of counter mode; "
"quitting tor.");
- exit(1);
+ exit(1); // exit ok: openssl is broken.
/* LCOV_EXCL_STOP */
}
return 0;
diff --git a/src/common/compat_libevent.c b/src/common/compat_libevent.c
index 740cc2a11d..1c3a1b9f37 100644
--- a/src/common/compat_libevent.c
+++ b/src/common/compat_libevent.c
@@ -126,7 +126,7 @@ tor_libevent_initialize(tor_libevent_cfg *torcfg)
if (!the_event_base) {
/* LCOV_EXCL_START */
log_err(LD_GENERAL, "Unable to initialize Libevent: cannot continue.");
- exit(1);
+ exit(1); // exit ok: libevent is broken.
/* LCOV_EXCL_STOP */
}
diff --git a/src/common/compat_time.c b/src/common/compat_time.c
index 1ce6f5ce4e..7fd4281ade 100644
--- a/src/common/compat_time.c
+++ b/src/common/compat_time.c
@@ -90,7 +90,7 @@ tor_gettimeofday(struct timeval *timeval)
if (ft.ft_64 < EPOCH_BIAS) {
/* LCOV_EXCL_START */
log_err(LD_GENERAL,"System time is before 1970; failing.");
- exit(1);
+ exit(1); // exit ok: system clock is broken.
/* LCOV_EXCL_STOP */
}
ft.ft_64 -= EPOCH_BIAS;
@@ -102,7 +102,7 @@ tor_gettimeofday(struct timeval *timeval)
log_err(LD_GENERAL,"gettimeofday failed.");
/* If gettimeofday dies, we have either given a bad timezone (we didn't),
or segfaulted.*/
- exit(1);
+ exit(1); // exit ok: gettimeofday failed.
/* LCOV_EXCL_STOP */
}
#elif defined(HAVE_FTIME)
diff --git a/src/common/compat_winthreads.c b/src/common/compat_winthreads.c
index 50a3c498ca..5f7ec94c23 100644
--- a/src/common/compat_winthreads.c
+++ b/src/common/compat_winthreads.c
@@ -48,10 +48,12 @@ void
spawn_exit(void)
{
_endthread();
+ // LCOV_EXCL_START
//we should never get here. my compiler thinks that _endthread returns, this
//is an attempt to fool it.
tor_assert(0);
- _exit(0);
+ _exit(0); // exit ok: unreachable.
+ // LCOV_EXCL_STOP
}
void
diff --git a/src/common/sandbox.c b/src/common/sandbox.c
index 7a4e3ece38..931837e767 100644
--- a/src/common/sandbox.c
+++ b/src/common/sandbox.c
@@ -1756,7 +1756,7 @@ sigsys_debugging(int nr, siginfo_t *info, void *void_context)
#endif
#if defined(DEBUGGING_CLOSE)
- _exit(1);
+ _exit(1); // exit ok: programming error has led to sandbox failure.
#endif // DEBUGGING_CLOSE
}
diff --git a/src/common/util.c b/src/common/util.c
index 5ff7e104d6..7dc5e8144d 100644
--- a/src/common/util.c
+++ b/src/common/util.c
@@ -156,7 +156,7 @@ tor_malloc_(size_t size DMALLOC_PARAMS)
/* If these functions die within a worker process, they won't call
* spawn_exit, but that's ok, since the parent will run out of memory soon
* anyway. */
- exit(1);
+ exit(1); // exit ok: alloc failed.
/* LCOV_EXCL_STOP */
}
return result;
@@ -244,7 +244,7 @@ tor_realloc_(void *ptr, size_t size DMALLOC_PARAMS)
if (PREDICT_UNLIKELY(result == NULL)) {
/* LCOV_EXCL_START */
log_err(LD_MM,"Out of memory on realloc(). Dying.");
- exit(1);
+ exit(1); // exit ok: alloc failed.
/* LCOV_EXCL_STOP */
}
return result;
@@ -282,7 +282,7 @@ tor_strdup_(const char *s DMALLOC_PARAMS)
if (PREDICT_UNLIKELY(duplicate == NULL)) {
/* LCOV_EXCL_START */
log_err(LD_MM,"Out of memory on strdup(). Dying.");
- exit(1);
+ exit(1); // exit ok: alloc failed.
/* LCOV_EXCL_STOP */
}
return duplicate;
@@ -3590,14 +3590,14 @@ start_daemon(void)
if (pipe(daemon_filedes)) {
/* LCOV_EXCL_START */
log_err(LD_GENERAL,"pipe failed; exiting. Error was %s", strerror(errno));
- exit(1);
+ exit(1); // exit ok: during daemonize, pipe failed.
/* LCOV_EXCL_STOP */
}
pid = fork();
if (pid < 0) {
/* LCOV_EXCL_START */
log_err(LD_GENERAL,"fork failed. Exiting.");
- exit(1);
+ exit(1); // exit ok: during daemonize, fork failed
/* LCOV_EXCL_STOP */
}
if (pid) { /* Parent */
@@ -3612,9 +3612,9 @@ start_daemon(void)
}
fflush(stdout);
if (ok == 1)
- exit(0);
+ exit(0); // exit ok: during daemonize, daemonizing.
else
- exit(1); /* child reported error */
+ exit(1); /* child reported error. exit ok: daemonize failed. */
} else { /* Child */
close(daemon_filedes[0]); /* we only write */
@@ -3626,7 +3626,7 @@ start_daemon(void)
* _Advanced Programming in the Unix Environment_.
*/
if (fork() != 0) {
- exit(0);
+ exit(0); // exit ok: during daemonize, fork failed (2)
}
set_main_thread(); /* We are now the main thread. */
@@ -3655,14 +3655,14 @@ finish_daemon(const char *desired_cwd)
/* Don't hold the wrong FS mounted */
if (chdir(desired_cwd) < 0) {
log_err(LD_GENERAL,"chdir to \"%s\" failed. Exiting.",desired_cwd);
- exit(1);
+ exit(1); // exit ok: during daemonize, chdir failed.
}
nullfd = tor_open_cloexec("/dev/null", O_RDWR, 0);
if (nullfd < 0) {
/* LCOV_EXCL_START */
log_err(LD_GENERAL,"/dev/null can't be opened. Exiting.");
- exit(1);
+ exit(1); // exit ok: during daemonize, couldn't open /dev/null
/* LCOV_EXCL_STOP */
}
/* close fds linking to invoking terminal, but
@@ -3674,7 +3674,7 @@ finish_daemon(const char *desired_cwd)
dup2(nullfd,2) < 0) {
/* LCOV_EXCL_START */
log_err(LD_GENERAL,"dup2 failed. Exiting.");
- exit(1);
+ exit(1); // exit ok: during daemonize, dup2 failed.
/* LCOV_EXCL_STOP */
}
if (nullfd > 2)
@@ -4474,7 +4474,7 @@ tor_spawn_background(const char *const filename, const char **argv,
err += (nbytes < 0);
}
- _exit(err?254:255);
+ _exit(err?254:255); // exit ok: in child.
}
/* Never reached, but avoids compiler warning */
diff --git a/src/or/config.c b/src/or/config.c
index b123d49358..63a1cac99e 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -837,7 +837,7 @@ set_options(or_options_t *new_val, char **msg)
if (options_act(old_options) < 0) { /* acting on the options failed. die. */
log_err(LD_BUG,
"Acting on config options left us in a broken state. Dying.");
- exit(1);
+ exit(1); // XXXX bad exit
}
/* Issues a CONF_CHANGED event to notify controller of the change. If Tor is
* just starting up then the old_options will be undefined. */
@@ -5044,22 +5044,22 @@ options_init_from_torrc(int argc, char **argv)
if (config_line_find(cmdline_only_options, "-h") ||
config_line_find(cmdline_only_options, "--help")) {
print_usage();
- exit(0);
+ exit(0); // XXXX bad exit, though probably harmless
}
if (config_line_find(cmdline_only_options, "--list-torrc-options")) {
/* For validating whether we've documented everything. */
list_torrc_options();
- exit(0);
+ exit(0); // XXXX bad exit, though probably harmless
}
if (config_line_find(cmdline_only_options, "--list-deprecated-options")) {
/* For validating whether what we have deprecated really exists. */
list_deprecated_options();
- exit(0);
+ exit(0); // XXXX bad exit, though probably harmless
}
if (config_line_find(cmdline_only_options, "--version")) {
printf("Tor version %s.\n",get_version());
- exit(0);
+ exit(0); // XXXX bad exit, though probably harmless
}
if (config_line_find(cmdline_only_options, "--library-versions")) {
@@ -5087,7 +5087,7 @@ options_init_from_torrc(int argc, char **argv)
tor_compress_header_version_str(ZSTD_METHOD));
}
//TODO: Hex versions?
- exit(0);
+ exit(0); // XXXX bad exit, though probably harmless
}
command = CMD_RUN_TOR;
@@ -5148,7 +5148,7 @@ options_init_from_torrc(int argc, char **argv)
get_options_mutable()->keygen_force_passphrase = FORCE_PASSPHRASE_OFF;
} else {
log_err(LD_CONFIG, "--no-passphrase specified without --keygen!");
- exit(1);
+ exit(1); // XXXX bad exit
}
}
@@ -5157,7 +5157,7 @@ options_init_from_torrc(int argc, char **argv)
get_options_mutable()->change_key_passphrase = 1;
} else {
log_err(LD_CONFIG, "--newpass specified without --keygen!");
- exit(1);
+ exit(1); // XXXX bad exit
}
}
@@ -5167,17 +5167,17 @@ options_init_from_torrc(int argc, char **argv)
if (fd_line) {
if (get_options()->keygen_force_passphrase == FORCE_PASSPHRASE_OFF) {
log_err(LD_CONFIG, "--no-passphrase specified with --passphrase-fd!");
- exit(1);
+ exit(1); // XXXX bad exit
} else if (command != CMD_KEYGEN) {
log_err(LD_CONFIG, "--passphrase-fd specified without --keygen!");
- exit(1);
+ exit(1); // XXXX bad exit
} else {
const char *v = fd_line->value;
int ok = 1;
long fd = tor_parse_long(v, 10, 0, INT_MAX, &ok, NULL);
if (fd < 0 || ok == 0) {
log_err(LD_CONFIG, "Invalid --passphrase-fd value %s", escaped(v));
- exit(1);
+ exit(1); // XXXX bad exit
}
get_options_mutable()->keygen_passphrase_fd = (int)fd;
get_options_mutable()->use_keygen_passphrase_fd = 1;
@@ -5192,7 +5192,7 @@ options_init_from_torrc(int argc, char **argv)
if (key_line) {
if (command != CMD_KEYGEN) {
log_err(LD_CONFIG, "--master-key without --keygen!");
- exit(1);
+ exit(1); // XXXX bad exit
} else {
get_options_mutable()->master_key_fname = tor_strdup(key_line->value);
}
diff --git a/src/or/control.c b/src/or/control.c
index 8173cb1e56..ab164700e6 100644
--- a/src/or/control.c
+++ b/src/or/control.c
@@ -6572,7 +6572,7 @@ monitor_owning_controller_process(const char *process_spec)
msg);
owning_controller_process_spec = NULL;
tor_cleanup();
- exit(1);
+ exit(1); // XXXX bad exit: or questionable, at least.
}
}
diff --git a/src/or/hibernate.c b/src/or/hibernate.c
index 74ab766468..be2bc7ce95 100644
--- a/src/or/hibernate.c
+++ b/src/or/hibernate.c
@@ -819,7 +819,7 @@ hibernate_begin(hibernate_state_t new_state, time_t now)
hibernate_state == HIBERNATE_STATE_EXITING ?
"a second time" : "while hibernating");
tor_cleanup();
- exit(0);
+ exit(0); // XXXX bad exit
}
if (new_state == HIBERNATE_STATE_LOWBANDWIDTH &&
@@ -981,7 +981,7 @@ consider_hibernation(time_t now)
if (shutdown_time <= now) {
log_notice(LD_GENERAL, "Clean shutdown finished. Exiting.");
tor_cleanup();
- exit(0);
+ exit(0); // XXXX bad exit
}
return; /* if exiting soon, don't worry about bandwidth limits */
}
diff --git a/src/or/main.c b/src/or/main.c
index 65b0b8f4df..be61628341 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -1555,7 +1555,7 @@ check_ed_keys_callback(time_t now, const or_options_t *options)
generate_ed_link_cert(options, now, new_signing_key > 0)) {
log_err(LD_OR, "Unable to update Ed25519 keys! Exiting.");
tor_cleanup();
- exit(1);
+ exit(1); // XXXX bad exit
}
}
return 30;
@@ -2709,13 +2709,13 @@ process_signal(int sig)
case SIGTERM:
log_notice(LD_GENERAL,"Catching signal TERM, exiting cleanly.");
tor_cleanup();
- exit(0);
+ exit(0); // XXXX bad exit
break;
case SIGINT:
if (!server_mode(get_options())) { /* do it now */
log_notice(LD_GENERAL,"Interrupt: exiting cleanly.");
tor_cleanup();
- exit(0);
+ exit(0); // XXXX bad exit
}
#ifdef HAVE_SYSTEMD
sd_notify(0, "STOPPING=1");
@@ -2745,7 +2745,7 @@ process_signal(int sig)
if (do_hup() < 0) {
log_warn(LD_CONFIG,"Restart failed (config error?). Exiting.");
tor_cleanup();
- exit(1);
+ exit(1); // XXXX bad exit
}
#ifdef HAVE_SYSTEMD
sd_notify(0, "READY=1");
@@ -3198,7 +3198,7 @@ try_locking(const or_options_t *options, int err_if_locked)
r = try_locking(options, 0);
if (r<0) {
log_err(LD_GENERAL, "No, it's still there. Exiting.");
- exit(1);
+ exit(1); // XXXX bad exit
}
return r;
}
diff --git a/src/or/networkstatus.c b/src/or/networkstatus.c
index 93bb8643d8..3a4f06fb7b 100644
--- a/src/or/networkstatus.c
+++ b/src/or/networkstatus.c
@@ -1671,7 +1671,7 @@ handle_missing_protocol_warning_impl(const networkstatus_t *c,
}
tor_free(protocol_warning);
if (should_exit)
- exit(1);
+ exit(1); // XXXX bad exit: should return from main.
}
/** Called when we have received a networkstatus <b>c</b>. If there are
diff --git a/src/or/ntmain.c b/src/or/ntmain.c
index 508e5844eb..9ce03e1f5a 100644
--- a/src/or/ntmain.c
+++ b/src/or/ntmain.c
@@ -195,7 +195,7 @@ nt_service_loadlibrary(void)
return;
err:
printf("Unable to load library support for NT services: exiting.\n");
- exit(1);
+ exit(1); // exit ok: ntmain can't read libraries
}
/** If we're compiled to run as an NT service, and the service wants to
diff --git a/src/or/or.h b/src/or/or.h
index d9ab815cbc..d1746d9a6e 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -2234,18 +2234,18 @@ typedef struct {
* uploaded it. */
#define ROUTER_PURPOSE_GENERAL 0
/** Tor should avoid using this router for circuit-building: we got it
- * from a crontroller. If the controller wants to use it, it'll have to
+ * from a controller. If the controller wants to use it, it'll have to
* ask for it by identity. */
#define ROUTER_PURPOSE_CONTROLLER 1
/** Tor should use this router only for bridge positions in circuits: we got
* it via a directory request from the bridge itself, or a bridge
- * authority. x*/
+ * authority. */
#define ROUTER_PURPOSE_BRIDGE 2
/** Tor should not use this router; it was marked in cached-descriptors with
* a purpose we didn't recognize. */
#define ROUTER_PURPOSE_UNKNOWN 255
- /* In what way did we find out about this router? One of ROUTER_PURPOSE_*.
+ /** In what way did we find out about this router? One of ROUTER_PURPOSE_*.
* Routers of different purposes are kept segregated and used for different
* things; see notes on ROUTER_PURPOSE_* macros above.
*/
diff --git a/src/or/policies.c b/src/or/policies.c
index 4c24bfbc32..78451db8fc 100644
--- a/src/or/policies.c
+++ b/src/or/policies.c
@@ -2186,21 +2186,16 @@ exit_policy_is_general_exit_helper(smartlist_t *policy, int port)
}
/** Return true iff <b>ri</b> is "useful as an exit node", meaning
- * it allows exit to at least one /8 address space for at least
- * two of ports 80, 443, and 6667. */
+ * it allows exit to at least one /8 address space for each of ports 80
+ * and 443. */
int
exit_policy_is_general_exit(smartlist_t *policy)
{
- static const int ports[] = { 80, 443, 6667 };
- int n_allowed = 0;
- int i;
if (!policy) /*XXXX disallow NULL policies? */
return 0;
- for (i = 0; i < 3; ++i) {
- n_allowed += exit_policy_is_general_exit_helper(policy, ports[i]);
- }
- return n_allowed >= 2;
+ return (exit_policy_is_general_exit_helper(policy, 80) &&
+ exit_policy_is_general_exit_helper(policy, 443));
}
/** Return false if <b>policy</b> might permit access to some addr:port;
diff --git a/src/or/routerlist.c b/src/or/routerlist.c
index c7c1092539..b59f318fc8 100644
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
@@ -3082,7 +3082,7 @@ signed_descriptor_get_body_impl(const signed_descriptor_t *desc,
log_err(LD_DIR, "We couldn't read a descriptor that is supposedly "
"mmaped in our cache. Is another process running in our data "
"directory? Exiting.");
- exit(1);
+ exit(1); // XXXX bad exit: should recover.
}
}
if (!r) /* no mmap, or not in cache. */
@@ -3096,7 +3096,7 @@ signed_descriptor_get_body_impl(const signed_descriptor_t *desc,
log_err(LD_DIR, "descriptor at %p begins with unexpected string %s. "
"Is another process running in our data directory? Exiting.",
desc, escaped(cp));
- exit(1);
+ exit(1); // XXXX bad exit: should recover.
}
}
@@ -5358,8 +5358,10 @@ update_extrainfo_downloads(time_t now)
smartlist_free(wanted);
}
-/** Reset the descriptor download failure count on all routers, so that we
- * can retry any long-failed routers immediately.
+/** Reset the consensus and extra-info download failure count on all routers.
+ * When we get a new consensus,
+ * routers_update_status_from_consensus_networkstatus() will reset the
+ * download statuses on the descriptors in that consensus.
*/
void
router_reset_descriptor_download_failures(void)
@@ -5371,6 +5373,8 @@ router_reset_descriptor_download_failures(void)
last_descriptor_download_attempted = 0;
if (!routerlist)
return;
+ /* We want to download *all* extra-info descriptors, not just those in
+ * the consensus we currently have (or are about to have) */
SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, ri,
{
download_status_reset(&ri->cache_info.ei_dl_status);
diff --git a/src/or/scheduler.c b/src/or/scheduler.c
index 22a9b574ac..3ac3f406af 100644
--- a/src/or/scheduler.c
+++ b/src/or/scheduler.c
@@ -281,7 +281,7 @@ select_scheduler(void)
* wishes of using what it has been configured and don't do a sneaky
* fallback. Because this can be changed at runtime, we have to stop tor
* right now. */
- exit(1);
+ exit(1); // XXXX bad exit
}
/* Set the chosen scheduler. */
diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h
index 6c3000a714..5e3c5d87fe 100644
--- a/src/win32/orconfig.h
+++ b/src/win32/orconfig.h
@@ -218,7 +218,7 @@
#define USING_TWOS_COMPLEMENT
/* Version number of package */
-#define VERSION "0.3.2.2-alpha-dev"
+#define VERSION "0.3.3.0-alpha-dev"