diff options
-rw-r--r-- | changes/ticket23637 | 5 | ||||
-rw-r--r-- | configure.ac | 2 | ||||
-rw-r--r-- | contrib/win32build/tor-mingw.nsi.in | 2 | ||||
-rw-r--r-- | src/common/aes.c | 2 | ||||
-rw-r--r-- | src/common/compat_libevent.c | 2 | ||||
-rw-r--r-- | src/common/compat_time.c | 4 | ||||
-rw-r--r-- | src/common/compat_winthreads.c | 4 | ||||
-rw-r--r-- | src/common/sandbox.c | 2 | ||||
-rw-r--r-- | src/common/util.c | 24 | ||||
-rw-r--r-- | src/or/config.c | 24 | ||||
-rw-r--r-- | src/or/control.c | 2 | ||||
-rw-r--r-- | src/or/hibernate.c | 4 | ||||
-rw-r--r-- | src/or/main.c | 10 | ||||
-rw-r--r-- | src/or/networkstatus.c | 2 | ||||
-rw-r--r-- | src/or/ntmain.c | 2 | ||||
-rw-r--r-- | src/or/or.h | 6 | ||||
-rw-r--r-- | src/or/policies.c | 13 | ||||
-rw-r--r-- | src/or/routerlist.c | 12 | ||||
-rw-r--r-- | src/or/scheduler.c | 2 | ||||
-rw-r--r-- | src/win32/orconfig.h | 2 |
20 files changed, 66 insertions, 60 deletions
diff --git a/changes/ticket23637 b/changes/ticket23637 new file mode 100644 index 0000000000..0c524f34c3 --- /dev/null +++ b/changes/ticket23637 @@ -0,0 +1,5 @@ + o Minor features (directory authority): + - Make the "Exit" flag assignment only depend on whether the exit + policy allows connections to ports 80 and 443. Previously relays + would get the Exit flag if they allowed connections to one of + these ports and also port 6667. Resolves ticket 23637. diff --git a/configure.ac b/configure.ac index 668fd4f1fa..c026464269 100644 --- a/configure.ac +++ b/configure.ac @@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2017, The Tor Project, Inc. dnl See LICENSE for licensing information AC_PREREQ([2.63]) -AC_INIT([tor],[0.3.2.2-alpha-dev]) +AC_INIT([tor],[0.3.3.0-alpha-dev]) AC_CONFIG_SRCDIR([src/or/main.c]) AC_CONFIG_MACRO_DIR([m4]) diff --git a/contrib/win32build/tor-mingw.nsi.in b/contrib/win32build/tor-mingw.nsi.in index 02d4ef9072..f3c23ef335 100644 --- a/contrib/win32build/tor-mingw.nsi.in +++ b/contrib/win32build/tor-mingw.nsi.in @@ -8,7 +8,7 @@ !include "LogicLib.nsh" !include "FileFunc.nsh" !insertmacro GetParameters -!define VERSION "0.3.2.2-alpha-dev" +!define VERSION "0.3.3.0-alpha-dev" !define INSTALLER "tor-${VERSION}-win32.exe" !define WEBSITE "https://www.torproject.org/" !define LICENSE "LICENSE" diff --git a/src/common/aes.c b/src/common/aes.c index 20b51a6758..df4368fdba 100644 --- a/src/common/aes.c +++ b/src/common/aes.c @@ -254,7 +254,7 @@ evaluate_ctr_for_aes(void) /* LCOV_EXCL_START */ log_err(LD_CRYPTO, "This OpenSSL has a buggy version of counter mode; " "quitting tor."); - exit(1); + exit(1); // exit ok: openssl is broken. /* LCOV_EXCL_STOP */ } return 0; diff --git a/src/common/compat_libevent.c b/src/common/compat_libevent.c index 740cc2a11d..1c3a1b9f37 100644 --- a/src/common/compat_libevent.c +++ b/src/common/compat_libevent.c @@ -126,7 +126,7 @@ tor_libevent_initialize(tor_libevent_cfg *torcfg) if (!the_event_base) { /* LCOV_EXCL_START */ log_err(LD_GENERAL, "Unable to initialize Libevent: cannot continue."); - exit(1); + exit(1); // exit ok: libevent is broken. /* LCOV_EXCL_STOP */ } diff --git a/src/common/compat_time.c b/src/common/compat_time.c index 1ce6f5ce4e..7fd4281ade 100644 --- a/src/common/compat_time.c +++ b/src/common/compat_time.c @@ -90,7 +90,7 @@ tor_gettimeofday(struct timeval *timeval) if (ft.ft_64 < EPOCH_BIAS) { /* LCOV_EXCL_START */ log_err(LD_GENERAL,"System time is before 1970; failing."); - exit(1); + exit(1); // exit ok: system clock is broken. /* LCOV_EXCL_STOP */ } ft.ft_64 -= EPOCH_BIAS; @@ -102,7 +102,7 @@ tor_gettimeofday(struct timeval *timeval) log_err(LD_GENERAL,"gettimeofday failed."); /* If gettimeofday dies, we have either given a bad timezone (we didn't), or segfaulted.*/ - exit(1); + exit(1); // exit ok: gettimeofday failed. /* LCOV_EXCL_STOP */ } #elif defined(HAVE_FTIME) diff --git a/src/common/compat_winthreads.c b/src/common/compat_winthreads.c index 50a3c498ca..5f7ec94c23 100644 --- a/src/common/compat_winthreads.c +++ b/src/common/compat_winthreads.c @@ -48,10 +48,12 @@ void spawn_exit(void) { _endthread(); + // LCOV_EXCL_START //we should never get here. my compiler thinks that _endthread returns, this //is an attempt to fool it. tor_assert(0); - _exit(0); + _exit(0); // exit ok: unreachable. + // LCOV_EXCL_STOP } void diff --git a/src/common/sandbox.c b/src/common/sandbox.c index 7a4e3ece38..931837e767 100644 --- a/src/common/sandbox.c +++ b/src/common/sandbox.c @@ -1756,7 +1756,7 @@ sigsys_debugging(int nr, siginfo_t *info, void *void_context) #endif #if defined(DEBUGGING_CLOSE) - _exit(1); + _exit(1); // exit ok: programming error has led to sandbox failure. #endif // DEBUGGING_CLOSE } diff --git a/src/common/util.c b/src/common/util.c index 5ff7e104d6..7dc5e8144d 100644 --- a/src/common/util.c +++ b/src/common/util.c @@ -156,7 +156,7 @@ tor_malloc_(size_t size DMALLOC_PARAMS) /* If these functions die within a worker process, they won't call * spawn_exit, but that's ok, since the parent will run out of memory soon * anyway. */ - exit(1); + exit(1); // exit ok: alloc failed. /* LCOV_EXCL_STOP */ } return result; @@ -244,7 +244,7 @@ tor_realloc_(void *ptr, size_t size DMALLOC_PARAMS) if (PREDICT_UNLIKELY(result == NULL)) { /* LCOV_EXCL_START */ log_err(LD_MM,"Out of memory on realloc(). Dying."); - exit(1); + exit(1); // exit ok: alloc failed. /* LCOV_EXCL_STOP */ } return result; @@ -282,7 +282,7 @@ tor_strdup_(const char *s DMALLOC_PARAMS) if (PREDICT_UNLIKELY(duplicate == NULL)) { /* LCOV_EXCL_START */ log_err(LD_MM,"Out of memory on strdup(). Dying."); - exit(1); + exit(1); // exit ok: alloc failed. /* LCOV_EXCL_STOP */ } return duplicate; @@ -3590,14 +3590,14 @@ start_daemon(void) if (pipe(daemon_filedes)) { /* LCOV_EXCL_START */ log_err(LD_GENERAL,"pipe failed; exiting. Error was %s", strerror(errno)); - exit(1); + exit(1); // exit ok: during daemonize, pipe failed. /* LCOV_EXCL_STOP */ } pid = fork(); if (pid < 0) { /* LCOV_EXCL_START */ log_err(LD_GENERAL,"fork failed. Exiting."); - exit(1); + exit(1); // exit ok: during daemonize, fork failed /* LCOV_EXCL_STOP */ } if (pid) { /* Parent */ @@ -3612,9 +3612,9 @@ start_daemon(void) } fflush(stdout); if (ok == 1) - exit(0); + exit(0); // exit ok: during daemonize, daemonizing. else - exit(1); /* child reported error */ + exit(1); /* child reported error. exit ok: daemonize failed. */ } else { /* Child */ close(daemon_filedes[0]); /* we only write */ @@ -3626,7 +3626,7 @@ start_daemon(void) * _Advanced Programming in the Unix Environment_. */ if (fork() != 0) { - exit(0); + exit(0); // exit ok: during daemonize, fork failed (2) } set_main_thread(); /* We are now the main thread. */ @@ -3655,14 +3655,14 @@ finish_daemon(const char *desired_cwd) /* Don't hold the wrong FS mounted */ if (chdir(desired_cwd) < 0) { log_err(LD_GENERAL,"chdir to \"%s\" failed. Exiting.",desired_cwd); - exit(1); + exit(1); // exit ok: during daemonize, chdir failed. } nullfd = tor_open_cloexec("/dev/null", O_RDWR, 0); if (nullfd < 0) { /* LCOV_EXCL_START */ log_err(LD_GENERAL,"/dev/null can't be opened. Exiting."); - exit(1); + exit(1); // exit ok: during daemonize, couldn't open /dev/null /* LCOV_EXCL_STOP */ } /* close fds linking to invoking terminal, but @@ -3674,7 +3674,7 @@ finish_daemon(const char *desired_cwd) dup2(nullfd,2) < 0) { /* LCOV_EXCL_START */ log_err(LD_GENERAL,"dup2 failed. Exiting."); - exit(1); + exit(1); // exit ok: during daemonize, dup2 failed. /* LCOV_EXCL_STOP */ } if (nullfd > 2) @@ -4474,7 +4474,7 @@ tor_spawn_background(const char *const filename, const char **argv, err += (nbytes < 0); } - _exit(err?254:255); + _exit(err?254:255); // exit ok: in child. } /* Never reached, but avoids compiler warning */ diff --git a/src/or/config.c b/src/or/config.c index b123d49358..63a1cac99e 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -837,7 +837,7 @@ set_options(or_options_t *new_val, char **msg) if (options_act(old_options) < 0) { /* acting on the options failed. die. */ log_err(LD_BUG, "Acting on config options left us in a broken state. Dying."); - exit(1); + exit(1); // XXXX bad exit } /* Issues a CONF_CHANGED event to notify controller of the change. If Tor is * just starting up then the old_options will be undefined. */ @@ -5044,22 +5044,22 @@ options_init_from_torrc(int argc, char **argv) if (config_line_find(cmdline_only_options, "-h") || config_line_find(cmdline_only_options, "--help")) { print_usage(); - exit(0); + exit(0); // XXXX bad exit, though probably harmless } if (config_line_find(cmdline_only_options, "--list-torrc-options")) { /* For validating whether we've documented everything. */ list_torrc_options(); - exit(0); + exit(0); // XXXX bad exit, though probably harmless } if (config_line_find(cmdline_only_options, "--list-deprecated-options")) { /* For validating whether what we have deprecated really exists. */ list_deprecated_options(); - exit(0); + exit(0); // XXXX bad exit, though probably harmless } if (config_line_find(cmdline_only_options, "--version")) { printf("Tor version %s.\n",get_version()); - exit(0); + exit(0); // XXXX bad exit, though probably harmless } if (config_line_find(cmdline_only_options, "--library-versions")) { @@ -5087,7 +5087,7 @@ options_init_from_torrc(int argc, char **argv) tor_compress_header_version_str(ZSTD_METHOD)); } //TODO: Hex versions? - exit(0); + exit(0); // XXXX bad exit, though probably harmless } command = CMD_RUN_TOR; @@ -5148,7 +5148,7 @@ options_init_from_torrc(int argc, char **argv) get_options_mutable()->keygen_force_passphrase = FORCE_PASSPHRASE_OFF; } else { log_err(LD_CONFIG, "--no-passphrase specified without --keygen!"); - exit(1); + exit(1); // XXXX bad exit } } @@ -5157,7 +5157,7 @@ options_init_from_torrc(int argc, char **argv) get_options_mutable()->change_key_passphrase = 1; } else { log_err(LD_CONFIG, "--newpass specified without --keygen!"); - exit(1); + exit(1); // XXXX bad exit } } @@ -5167,17 +5167,17 @@ options_init_from_torrc(int argc, char **argv) if (fd_line) { if (get_options()->keygen_force_passphrase == FORCE_PASSPHRASE_OFF) { log_err(LD_CONFIG, "--no-passphrase specified with --passphrase-fd!"); - exit(1); + exit(1); // XXXX bad exit } else if (command != CMD_KEYGEN) { log_err(LD_CONFIG, "--passphrase-fd specified without --keygen!"); - exit(1); + exit(1); // XXXX bad exit } else { const char *v = fd_line->value; int ok = 1; long fd = tor_parse_long(v, 10, 0, INT_MAX, &ok, NULL); if (fd < 0 || ok == 0) { log_err(LD_CONFIG, "Invalid --passphrase-fd value %s", escaped(v)); - exit(1); + exit(1); // XXXX bad exit } get_options_mutable()->keygen_passphrase_fd = (int)fd; get_options_mutable()->use_keygen_passphrase_fd = 1; @@ -5192,7 +5192,7 @@ options_init_from_torrc(int argc, char **argv) if (key_line) { if (command != CMD_KEYGEN) { log_err(LD_CONFIG, "--master-key without --keygen!"); - exit(1); + exit(1); // XXXX bad exit } else { get_options_mutable()->master_key_fname = tor_strdup(key_line->value); } diff --git a/src/or/control.c b/src/or/control.c index 8173cb1e56..ab164700e6 100644 --- a/src/or/control.c +++ b/src/or/control.c @@ -6572,7 +6572,7 @@ monitor_owning_controller_process(const char *process_spec) msg); owning_controller_process_spec = NULL; tor_cleanup(); - exit(1); + exit(1); // XXXX bad exit: or questionable, at least. } } diff --git a/src/or/hibernate.c b/src/or/hibernate.c index 74ab766468..be2bc7ce95 100644 --- a/src/or/hibernate.c +++ b/src/or/hibernate.c @@ -819,7 +819,7 @@ hibernate_begin(hibernate_state_t new_state, time_t now) hibernate_state == HIBERNATE_STATE_EXITING ? "a second time" : "while hibernating"); tor_cleanup(); - exit(0); + exit(0); // XXXX bad exit } if (new_state == HIBERNATE_STATE_LOWBANDWIDTH && @@ -981,7 +981,7 @@ consider_hibernation(time_t now) if (shutdown_time <= now) { log_notice(LD_GENERAL, "Clean shutdown finished. Exiting."); tor_cleanup(); - exit(0); + exit(0); // XXXX bad exit } return; /* if exiting soon, don't worry about bandwidth limits */ } diff --git a/src/or/main.c b/src/or/main.c index 65b0b8f4df..be61628341 100644 --- a/src/or/main.c +++ b/src/or/main.c @@ -1555,7 +1555,7 @@ check_ed_keys_callback(time_t now, const or_options_t *options) generate_ed_link_cert(options, now, new_signing_key > 0)) { log_err(LD_OR, "Unable to update Ed25519 keys! Exiting."); tor_cleanup(); - exit(1); + exit(1); // XXXX bad exit } } return 30; @@ -2709,13 +2709,13 @@ process_signal(int sig) case SIGTERM: log_notice(LD_GENERAL,"Catching signal TERM, exiting cleanly."); tor_cleanup(); - exit(0); + exit(0); // XXXX bad exit break; case SIGINT: if (!server_mode(get_options())) { /* do it now */ log_notice(LD_GENERAL,"Interrupt: exiting cleanly."); tor_cleanup(); - exit(0); + exit(0); // XXXX bad exit } #ifdef HAVE_SYSTEMD sd_notify(0, "STOPPING=1"); @@ -2745,7 +2745,7 @@ process_signal(int sig) if (do_hup() < 0) { log_warn(LD_CONFIG,"Restart failed (config error?). Exiting."); tor_cleanup(); - exit(1); + exit(1); // XXXX bad exit } #ifdef HAVE_SYSTEMD sd_notify(0, "READY=1"); @@ -3198,7 +3198,7 @@ try_locking(const or_options_t *options, int err_if_locked) r = try_locking(options, 0); if (r<0) { log_err(LD_GENERAL, "No, it's still there. Exiting."); - exit(1); + exit(1); // XXXX bad exit } return r; } diff --git a/src/or/networkstatus.c b/src/or/networkstatus.c index 93bb8643d8..3a4f06fb7b 100644 --- a/src/or/networkstatus.c +++ b/src/or/networkstatus.c @@ -1671,7 +1671,7 @@ handle_missing_protocol_warning_impl(const networkstatus_t *c, } tor_free(protocol_warning); if (should_exit) - exit(1); + exit(1); // XXXX bad exit: should return from main. } /** Called when we have received a networkstatus <b>c</b>. If there are diff --git a/src/or/ntmain.c b/src/or/ntmain.c index 508e5844eb..9ce03e1f5a 100644 --- a/src/or/ntmain.c +++ b/src/or/ntmain.c @@ -195,7 +195,7 @@ nt_service_loadlibrary(void) return; err: printf("Unable to load library support for NT services: exiting.\n"); - exit(1); + exit(1); // exit ok: ntmain can't read libraries } /** If we're compiled to run as an NT service, and the service wants to diff --git a/src/or/or.h b/src/or/or.h index d9ab815cbc..d1746d9a6e 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -2234,18 +2234,18 @@ typedef struct { * uploaded it. */ #define ROUTER_PURPOSE_GENERAL 0 /** Tor should avoid using this router for circuit-building: we got it - * from a crontroller. If the controller wants to use it, it'll have to + * from a controller. If the controller wants to use it, it'll have to * ask for it by identity. */ #define ROUTER_PURPOSE_CONTROLLER 1 /** Tor should use this router only for bridge positions in circuits: we got * it via a directory request from the bridge itself, or a bridge - * authority. x*/ + * authority. */ #define ROUTER_PURPOSE_BRIDGE 2 /** Tor should not use this router; it was marked in cached-descriptors with * a purpose we didn't recognize. */ #define ROUTER_PURPOSE_UNKNOWN 255 - /* In what way did we find out about this router? One of ROUTER_PURPOSE_*. + /** In what way did we find out about this router? One of ROUTER_PURPOSE_*. * Routers of different purposes are kept segregated and used for different * things; see notes on ROUTER_PURPOSE_* macros above. */ diff --git a/src/or/policies.c b/src/or/policies.c index 4c24bfbc32..78451db8fc 100644 --- a/src/or/policies.c +++ b/src/or/policies.c @@ -2186,21 +2186,16 @@ exit_policy_is_general_exit_helper(smartlist_t *policy, int port) } /** Return true iff <b>ri</b> is "useful as an exit node", meaning - * it allows exit to at least one /8 address space for at least - * two of ports 80, 443, and 6667. */ + * it allows exit to at least one /8 address space for each of ports 80 + * and 443. */ int exit_policy_is_general_exit(smartlist_t *policy) { - static const int ports[] = { 80, 443, 6667 }; - int n_allowed = 0; - int i; if (!policy) /*XXXX disallow NULL policies? */ return 0; - for (i = 0; i < 3; ++i) { - n_allowed += exit_policy_is_general_exit_helper(policy, ports[i]); - } - return n_allowed >= 2; + return (exit_policy_is_general_exit_helper(policy, 80) && + exit_policy_is_general_exit_helper(policy, 443)); } /** Return false if <b>policy</b> might permit access to some addr:port; diff --git a/src/or/routerlist.c b/src/or/routerlist.c index c7c1092539..b59f318fc8 100644 --- a/src/or/routerlist.c +++ b/src/or/routerlist.c @@ -3082,7 +3082,7 @@ signed_descriptor_get_body_impl(const signed_descriptor_t *desc, log_err(LD_DIR, "We couldn't read a descriptor that is supposedly " "mmaped in our cache. Is another process running in our data " "directory? Exiting."); - exit(1); + exit(1); // XXXX bad exit: should recover. } } if (!r) /* no mmap, or not in cache. */ @@ -3096,7 +3096,7 @@ signed_descriptor_get_body_impl(const signed_descriptor_t *desc, log_err(LD_DIR, "descriptor at %p begins with unexpected string %s. " "Is another process running in our data directory? Exiting.", desc, escaped(cp)); - exit(1); + exit(1); // XXXX bad exit: should recover. } } @@ -5358,8 +5358,10 @@ update_extrainfo_downloads(time_t now) smartlist_free(wanted); } -/** Reset the descriptor download failure count on all routers, so that we - * can retry any long-failed routers immediately. +/** Reset the consensus and extra-info download failure count on all routers. + * When we get a new consensus, + * routers_update_status_from_consensus_networkstatus() will reset the + * download statuses on the descriptors in that consensus. */ void router_reset_descriptor_download_failures(void) @@ -5371,6 +5373,8 @@ router_reset_descriptor_download_failures(void) last_descriptor_download_attempted = 0; if (!routerlist) return; + /* We want to download *all* extra-info descriptors, not just those in + * the consensus we currently have (or are about to have) */ SMARTLIST_FOREACH(routerlist->routers, routerinfo_t *, ri, { download_status_reset(&ri->cache_info.ei_dl_status); diff --git a/src/or/scheduler.c b/src/or/scheduler.c index 22a9b574ac..3ac3f406af 100644 --- a/src/or/scheduler.c +++ b/src/or/scheduler.c @@ -281,7 +281,7 @@ select_scheduler(void) * wishes of using what it has been configured and don't do a sneaky * fallback. Because this can be changed at runtime, we have to stop tor * right now. */ - exit(1); + exit(1); // XXXX bad exit } /* Set the chosen scheduler. */ diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h index 6c3000a714..5e3c5d87fe 100644 --- a/src/win32/orconfig.h +++ b/src/win32/orconfig.h @@ -218,7 +218,7 @@ #define USING_TWOS_COMPLEMENT /* Version number of package */ -#define VERSION "0.3.2.2-alpha-dev" +#define VERSION "0.3.3.0-alpha-dev" |