diff options
| -rw-r--r-- | ChangeLog | 45 | ||||
| -rw-r--r-- | changes/bug1141 | 5 | ||||
| -rw-r--r-- | changes/bug1843 | 4 | ||||
| -rw-r--r-- | changes/bug1848 | 3 | ||||
| -rw-r--r-- | changes/bugfoundin1790 | 4 | ||||
| -rw-r--r-- | changes/enhancement1790 | 5 | ||||
| -rw-r--r-- | changes/headercleanup | 3 | ||||
| -rw-r--r-- | changes/openbsd-sysheaders | 4 | ||||
| -rw-r--r-- | configure.in | 13 | ||||
| -rwxr-xr-x | contrib/checkOptionDocs.pl | 20 | ||||
| -rw-r--r-- | contrib/tor-mingw.nsi.in | 2 | ||||
| -rw-r--r-- | doc/spec/rend-spec.txt | 55 | ||||
| -rw-r--r-- | src/or/config.c | 14 | ||||
| -rw-r--r-- | src/or/ntmain.c | 1 | ||||
| -rw-r--r-- | src/or/or.h | 3 | ||||
| -rw-r--r-- | src/or/reasons.c | 2 | ||||
| -rw-r--r-- | src/test/test.c | 2 | ||||
| -rw-r--r-- | src/test/test_util.c | 34 | ||||
| -rw-r--r-- | src/win32/orconfig.h | 2 |
19 files changed, 141 insertions, 80 deletions
@@ -1,4 +1,4 @@ -Changes in version 0.2.2.15-alpha - 2010-08-1? +Changes in version 0.2.2.15-alpha - 2010-08-18 o Major bugfixes: - Stop assigning the HSDir flag to relays that disable their DirPort (and thus will refuse to answer directory requests). This @@ -39,14 +39,9 @@ Changes in version 0.2.2.15-alpha - 2010-08-1? - Add support for the country code "{??}" in torrc options like ExcludeNodes, to indicate all routers of unknown country. Closes bug 1094. - - Remove the old debian/ directory from the main Tor distribution. - The official Tor-for-debian git repository lives at the URL - https://git.torproject.org/debian/tor.git - - Take a first step towards making or.h smaller by splitting out - function definitions for all source files in src/or/. Leave - structures and defines in or.h for now. - - New unit tests for exit-port history statistics; refactored exit - statistics code to be more easily tested. + - Relays report the number of bytes spent on answering directory + requests in extra-info descriptors similar to {read,write}-history. + Implements enhancement 1790. o Minor bugfixes (on 0.2.1.x and earlier): - Complain if PublishServerDescriptor is given multiple arguments that @@ -61,12 +56,14 @@ Changes in version 0.2.2.15-alpha - 2010-08-1? - Fix a bug in the controller interface where "GETINFO ns/asdaskljkl" would return "551 Internal error" rather than "552 Unrecognized key ns/asdaskljkl". Bugfix on 0.1.2.3-alpha. - - Let users configure a regular relay to be their bridge. It didn't + - Users can't configure a regular relay to be their bridge. It didn't work because when Tor fetched the bridge descriptor, it found that it already had it, and didn't realize that the purpose of the descriptor had changed. Now we replace routers with a purpose other than bridge with bridge descriptors when fetching them. Bugfix on - 0.1.1.9-alpha; fixes bug 1776. + 0.1.1.9-alpha. Bug 1776 not yet fixed because now we immediately + refetch the descriptor with router purpose 'general', disabling + it as a bridge. - Fix a rare bug in rend_fn unit tests: we would fail a test when a randomly generated port is 0. Diagnosed by Matt Edman. Bugfix on 0.2.0.10-alpha; fixes bug 1808. @@ -75,10 +72,18 @@ Changes in version 0.2.2.15-alpha - 2010-08-1? stream ending reason for this case: END_STREAM_REASON_NOROUTE. Servers can start sending this code when enough clients recognize it. Also update the spec to reflect this new reason. Bugfix on - 0.1.0.1-rc; fixes bug 1793. + 0.1.0.1-rc; fixes part of bug 1793. + - Delay geoip stats collection by bridges for 6 hours, not 2 hours, + when we switch from being a public relay to a bridge. Otherwise + there will still be clients that see the relay in their consensus, + and the stats will end up wrong. Bugfix on 0.2.1.15-rc; fixes bug + 932 even more. - Instead of giving an assertion failure on an internal mismatch on estimated freelist size, just log a BUG warning and try later. Mitigates but does not fix bug 1125. + - Fix an assertion failure that could occur in caches or bridge users + when using a very short voting interval on a testing network. + Diagnosed by Robert Hogan. Fixes bug 1141; bugfix on 0.2.0.8-alpha. o Minor bugfixes (on 0.2.2.x): - Alter directory authorities to always consider Exit-flagged nodes @@ -98,16 +103,30 @@ Changes in version 0.2.2.15-alpha - 2010-08-1? '$(:x)' to 'x' rather than the empty string. This bites us in doc/ when configured with --disable-asciidoc. Bugfix on 0.2.2.9-alpha; fixes bug 1773. - - Fix to remove a spurious hidden service server-side log notice about + - Remove a spurious hidden service server-side log notice about "Ancient non-dirty circuits". Bugfix on 0.2.2.14-alpha; fixes bug 1741. - Fix compilation with --with-dmalloc set. Bugfix on 0.2.2.6-alpha; fixes bug 1832. + - Correctly report written bytes on linked connections. Found while + implementing 1790. Bugfix on 0.2.2.4-alpha. - Fix three memory leaks: one in circuit_build_times_parse_state(), one in dirvote_add_signatures_to_pending_consensus(), and one every time we parse a v3 network consensus. Bugfixes on 0.2.2.14-alpha, 0.2.2.6-alpha, and 0.2.2.10-alpha respectively; fixes bug 1831. + o Code simplifications and refactoring: + - Take a first step towards making or.h smaller by splitting out + function definitions for all source files in src/or/. Leave + structures and defines in or.h for now. + - Remove a bunch of unused function declarations as well as a block of + #if 0'd code from the unit tests. Closes bug 1824. + - New unit tests for exit-port history statistics; refactored exit + statistics code to be more easily tested. + - Remove the old debian/ directory from the main Tor distribution. + The official Tor-for-debian git repository lives at the URL + https://git.torproject.org/debian/tor.git + Changes in version 0.2.2.14-alpha - 2010-07-12 Tor 0.2.2.14-alpha greatly improves client-side handling of diff --git a/changes/bug1141 b/changes/bug1141 deleted file mode 100644 index 9975e418d6..0000000000 --- a/changes/bug1141 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes: - - Fix an assertion failure that could occur in caches or bridge users - when using a very short voting interval on a testing network. - Diagnosed by Robert Hogan. Fixes bug 1141; bugfix on 0.2.0.8-alpha. - diff --git a/changes/bug1843 b/changes/bug1843 new file mode 100644 index 0000000000..f44054ee22 --- /dev/null +++ b/changes/bug1843 @@ -0,0 +1,4 @@ + o Minor features: + - Warn when CookieAuthFileGroupReadable is set but CookieAuthFile is + not. This would lead to a cookie that is still not group readable. + Closes bug 1843. Suggested by katmagic. diff --git a/changes/bug1848 b/changes/bug1848 new file mode 100644 index 0000000000..db00e17f83 --- /dev/null +++ b/changes/bug1848 @@ -0,0 +1,3 @@ + o Minor bugfixes: + - Squash a compile warning on OpenBSD. Reported by Tas, fixes bug 1848. + diff --git a/changes/bugfoundin1790 b/changes/bugfoundin1790 deleted file mode 100644 index 0a18fe181d..0000000000 --- a/changes/bugfoundin1790 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - Correctly report written bytes on linked connections. Found while - implementing 1790. Bugfix on 0.2.2.4-alpha. - diff --git a/changes/enhancement1790 b/changes/enhancement1790 deleted file mode 100644 index d92292a774..0000000000 --- a/changes/enhancement1790 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor features: - - Relays report the number of bytes spent on answering directory - requests in extra-info descriptors similar to {read,write}-history. - Implements enhancement 1790. - diff --git a/changes/headercleanup b/changes/headercleanup deleted file mode 100644 index 25a58fcda8..0000000000 --- a/changes/headercleanup +++ /dev/null @@ -1,3 +0,0 @@ - o Code simplifications and refactoring: - - Remove a bunch of unused function declarations as well as a block of - #if 0'd code from the unit tests. Closes bug 1824. diff --git a/changes/openbsd-sysheaders b/changes/openbsd-sysheaders new file mode 100644 index 0000000000..2babde2d78 --- /dev/null +++ b/changes/openbsd-sysheaders @@ -0,0 +1,4 @@ + o Minor bugfixes: + - When building with --enable-gcc-warnings on OpenBSD, disable + warnings in system headers. This makes --enable-gcc-warnings + pass on OpenBSD 4.8.
\ No newline at end of file diff --git a/configure.in b/configure.in index f7cb277f44..cb07b2f7b0 100644 --- a/configure.in +++ b/configure.in @@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2008, The Tor Project, Inc. dnl See LICENSE for licensing information AC_INIT -AM_INIT_AUTOMAKE(tor, 0.2.2.14-alpha-dev) +AM_INIT_AUTOMAKE(tor, 0.2.2.15-alpha-dev) AM_CONFIG_HEADER(orconfig.h) AC_CANONICAL_HOST @@ -869,6 +869,15 @@ if test x$enable_gcc_warnings = xyes || test x$enable_gcc_warnings_advisory = xy have_shorten64_flag=no) CFLAGS="$save_CFLAGS" + case $host in + *-*-openbsd*) + # Some OpenBSD versions (like 4.8) have -Wsystem-headers by default. + # That's fine, except that the headers don't pass -Wredundant-decls. + # Therefore, let's disable -Wsystem-headers when we're building + # with maximal warnings on OpenBSD. + CFLAGS="$CFLAGS -Wno-system-headers" ;; + esac + CFLAGS="$CFLAGS -W -Wfloat-equal -Wundef -Wpointer-arith -Wstrict-prototypes -Wmissing-prototypes -Wwrite-strings -Wredundant-decls -Wchar-subscripts -Wcomment -Wformat=2 -Wwrite-strings -Wmissing-declarations -Wredundant-decls -Wnested-externs -Wbad-function-cast -Wswitch-enum" if test x$enable_gcc_warnings = xyes; then CFLAGS="$CFLAGS -Werror" @@ -876,7 +885,7 @@ if test x$enable_gcc_warnings = xyes || test x$enable_gcc_warnings_advisory = xy # Disabled, so we can use mallinfo(): -Waggregate-return - if test x$have_gcc4 = xyes ; then + if test x$have_gcc4 = xyes ; then # These warnings break gcc 3.3.5 and work on gcc 4.0.2 CFLAGS="$CFLAGS -Winit-self -Wmissing-field-initializers -Wdeclaration-after-statement -Wold-style-definition" fi diff --git a/contrib/checkOptionDocs.pl b/contrib/checkOptionDocs.pl index c2e8757362..26fb81d049 100755 --- a/contrib/checkOptionDocs.pl +++ b/contrib/checkOptionDocs.pl @@ -15,12 +15,6 @@ while (<F>) { if (m!^([A-Za-z0-9_]+)!) { $mostRecentOption = lc $1; $options{$mostRecentOption} = 1; - } elsif (m!^ !) { - $descOptions{$mostRecentOption} = 1; - if (m!\{DEPRECATED\}!) { - delete $descOptions{$mostRecentOption}; - delete $options{$mostRecentOption}; - } } else { print "Unrecognized output> "; print; @@ -49,18 +43,10 @@ loadTorrc("./src/config/torrc.complete.in", \%torrcCompleteOptions); # Try to figure out what's in the man page. my $considerNextLine = 0; -open(F, "./doc/tor.1.in") or die; +open(F, "./doc/tor.1.txt") or die; while (<F>) { - if ($considerNextLine and - m!^\\fB([A-Za-z0-9_]+)!) { + if (m!^\*\*([A-Za-z0-9_]+)\*\*!) { $manPageOptions{lc $1} = 1; - next; - } - - if (m!^\.(?:SH|TP|PP)!) { - $considerNextLine = 1; next; - } else { - $considerNextLine = 0; } } close F; @@ -77,7 +63,7 @@ sub subtractHashes { 0; } -subtractHashes("No online docs", \%options, \%descOptions); +# subtractHashes("No online docs", \%options, \%descOptions); # subtractHashes("Orphaned online docs", \%descOptions, \%options); subtractHashes("Not in torrc.complete.in", \%options, \%torrcCompleteOptions); diff --git a/contrib/tor-mingw.nsi.in b/contrib/tor-mingw.nsi.in index e324e4c29f..fadc162533 100644 --- a/contrib/tor-mingw.nsi.in +++ b/contrib/tor-mingw.nsi.in @@ -8,7 +8,7 @@ !include "LogicLib.nsh" !include "FileFunc.nsh" !insertmacro GetParameters -!define VERSION "0.2.2.14-alpha-dev" +!define VERSION "0.2.2.15-alpha-dev" !define INSTALLER "tor-${VERSION}-win32.exe" !define WEBSITE "https://www.torproject.org/" !define LICENSE "LICENSE" diff --git a/doc/spec/rend-spec.txt b/doc/spec/rend-spec.txt index 12e20df659..3c14ebc662 100644 --- a/doc/spec/rend-spec.txt +++ b/doc/spec/rend-spec.txt @@ -150,7 +150,7 @@ The first time the OP provides an advertised service, it generates a public/private keypair (stored locally). - The OP choses a small number of Tor servers as introduction points. + The OP chooses a small number of Tor servers as introduction points. The OP establishes a new introduction circuit to each introduction point. These circuits MUST NOT be used for anything but hidden service introduction. To establish the introduction, Bob sends a @@ -238,6 +238,9 @@ permanent-id = H(public-key)[:10] + Note: If Bob's OP has "stealth" authorization enabled (see Section 2.2), + it uses the client key in place of the public hidden service key. + "H(time-period | descriptor-cookie | replica)" is the (possibly secret) id part that is necessary to verify that the hidden service is the true originator of this descriptor and that is therefore contained @@ -668,8 +671,8 @@ circuit. (If the PK_ID is unrecognized, the RELAY_COMMAND_INTRODUCE1 cell is discarded.) - After sending the RELAY_COMMAND_INTRODUCE2 cell, the OR replies to Alice - with an empty RELAY_COMMAND_INTRODUCE_ACK cell. If no + After sending the RELAY_COMMAND_INTRODUCE2 cell to Bob, the OR replies to + Alice with an empty RELAY_COMMAND_INTRODUCE_ACK cell. If no RELAY_COMMAND_INTRODUCE2 cell can be sent, the OR replies to Alice with a non-empty cell to indicate an error. (The semantics of the cell body may be determined later; the current implementation sends a single '1' byte on @@ -759,11 +762,11 @@ 2.1. Service with large-scale client authorization The first client authorization protocol aims at performing access control - while consuming as few additional resources as possible. A service - provider should be able to permit access to a large number of clients - while denying access for everyone else. However, the price for - scalability is that the service won't be able to hide its activity from - unauthorized or formerly authorized clients. + while consuming as few additional resources as possible. This is the "basic" + authorization protocol. A service provider should be able to permit access + to a large number of clients while denying access for everyone else. + However, the price for scalability is that the service won't be able to hide + its activity from unauthorized or formerly authorized clients. The main idea of this protocol is to encrypt the introduction-point part in hidden service descriptors to authorized clients using symmetric keys. @@ -822,19 +825,19 @@ 2.2. Authorization for limited number of clients A second, more sophisticated client authorization protocol goes the extra - mile of hiding service activity from unauthorized clients. With all else - being equal to the preceding authorization protocol, the second protocol - publishes hidden service descriptors for each user separately and gets - along with encrypting the introduction-point part of descriptors to a - single client. This allows the service to stop publishing descriptors for - removed clients. As long as a removed client cannot link descriptors - issued for other clients to the service, it cannot derive service - activity any more. The downside of this approach is limited scalability. - Even though the distributed storage of descriptors (cf. proposal 114) - tackles the problem of limited scalability to a certain extent, this - protocol should not be used for services with more than 16 clients. (In - fact, Tor should refuse to advertise services for more than this number - of clients.) + mile of hiding service activity from unauthorized clients. This is the + "stealth" authorization protocol. With all else being equal to the preceding + authorization protocol, the second protocol publishes hidden service + descriptors for each user separately and gets along with encrypting the + introduction-point part of descriptors to a single client. This allows the + service to stop publishing descriptors for removed clients. As long as a + removed client cannot link descriptors issued for other clients to the + service, it cannot derive service activity any more. The downside of this + approach is limited scalability. Even though the distributed storage of + descriptors (cf. proposal 114) tackles the problem of limited scalability to + a certain extent, this protocol should not be used for services with more + than 16 clients. (In fact, Tor should refuse to advertise services for more + than this number of clients.) A hidden service generates an asymmetric "client key" and a symmetric "descriptor cookie" for each client. The client key is used as @@ -882,14 +885,16 @@ A hidden service that is meant to perform client authorization adds a new option HiddenServiceAuthorizeClient to its hidden service configuration. This option contains the authorization type which is - either "1" for the protocol described in 2.1 or "2" for the protocol in - 2.2 and a comma-separated list of human-readable client names, so that - Tor can create authorization data for these clients: + either "basic" for the protocol described in 2.1 or "stealth" for the + protocol in 2.2 and a comma-separated list of human-readable client + names, so that Tor can create authorization data for these clients: HiddenServiceAuthorizeClient auth-type client-name,client-name,... If this option is configured, HiddenServiceVersion is automatically - reconfigured to contain only version numbers of 2 or higher. + reconfigured to contain only version numbers of 2 or higher. There is + a maximum of 512 client names for basic auth and a maximum of 16 for + stealth auth. Tor stores all generated authorization data for the authorization protocols described in Sections 2.1 and 2.2 in a new file using the diff --git a/src/or/config.c b/src/or/config.c index d020c889c8..7ad272f74c 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -1255,8 +1255,9 @@ options_act(or_options_t *old_options) /* How long should we delay counting bridge stats after becoming a bridge? * We use this so we don't count people who used our bridge thinking it is * a relay. If you change this, don't forget to change the log message - * below. */ -#define RELAY_BRIDGE_STATS_DELAY (2 * 60 * 60) + * below. It's 4 hours (the time it takes to stop being used by clients) + * plus some extra time for clock skew. */ +#define RELAY_BRIDGE_STATS_DELAY (6 * 60 * 60) if (! bool_eq(options->BridgeRelay, old_options->BridgeRelay)) { int was_relay = 0; @@ -1268,7 +1269,7 @@ options_act(or_options_t *old_options) } geoip_bridge_stats_init(int_start); log_info(LD_CONFIG, "We are acting as a bridge now. Starting new " - "GeoIP stats interval%s.", was_relay ? " in 2 " + "GeoIP stats interval%s.", was_relay ? " in 6 " "hours from now" : ""); } else { geoip_bridge_stats_term(); @@ -3500,6 +3501,13 @@ options_validate(or_options_t *old_options, or_options_t *options, "upgrade your Tor controller as soon as possible."); } + if (options->CookieAuthFileGroupReadable && !options->CookieAuthFile) { + log_warn(LD_CONFIG, "You set the CookieAuthFileGroupReadable but did " + "not configure a the path for the cookie file via " + "CookieAuthFile. This means your cookie will not be group " + "readable."); + } + if (options->UseEntryGuards && ! options->NumEntryGuards) REJECT("Cannot enable UseEntryGuards with NumEntryGuards set to 0"); diff --git a/src/or/ntmain.c b/src/or/ntmain.c index 9bcb7047eb..7163f5c9a7 100644 --- a/src/or/ntmain.c +++ b/src/or/ntmain.c @@ -7,6 +7,7 @@ #include "or.h" #include "config.h" #include "main.h" +#include "ntmain.h" #ifdef HAVE_EVENT2_EVENT_H #include <event2/event.h> diff --git a/src/or/or.h b/src/or/or.h index e6307e3eea..48641c8115 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -59,6 +59,9 @@ #ifdef HAVE_SYS_STAT_H #include <sys/stat.h> #endif +#ifdef HAVE_NETINET_IN_H +#include <netinet/in.h> +#endif #ifdef HAVE_ARPA_INET_H #include <arpa/inet.h> #endif diff --git a/src/or/reasons.c b/src/or/reasons.c index db0f2e9345..ade9a3abfc 100644 --- a/src/or/reasons.c +++ b/src/or/reasons.c @@ -168,7 +168,7 @@ errno_to_stream_end_reason(int e) S_CASE(ENOTCONN): S_CASE(ENETUNREACH): return END_STREAM_REASON_INTERNAL; - E_CASE(EHOSTUNREACH): + S_CASE(EHOSTUNREACH): /* XXXX022 * The correct behavior is END_STREAM_REASON_NOROUTE, but older * clients don't recognize it. So we're going to continue sending diff --git a/src/test/test.c b/src/test/test.c index 16ac1e4a67..d9528328b8 100644 --- a/src/test/test.c +++ b/src/test/test.c @@ -107,6 +107,8 @@ get_fname(const char *name) { static char buf[1024]; setup_directory(); + if (!name) + return temp_dir; tor_snprintf(buf,sizeof(buf),"%s/%s",temp_dir,name); return buf; } diff --git a/src/test/test_util.c b/src/test/test_util.c index 22f2707d75..8a13597978 100644 --- a/src/test/test_util.c +++ b/src/test/test_util.c @@ -1106,6 +1106,39 @@ test_util_asprintf(void *ptr) tor_free(cp2); } +static void +test_util_listdir(void *ptr) +{ + smartlist_t *dir_contents = NULL; + char *fname1=NULL, *fname2=NULL, *dirname=NULL; + (void)ptr; + + fname1 = tor_strdup(get_fname("hopscotch")); + fname2 = tor_strdup(get_fname("mumblety-peg")); + dirname = tor_strdup(get_fname(NULL)); + + tt_int_op(write_str_to_file(fname1, "X\n", 0), ==, 0); + tt_int_op(write_str_to_file(fname2, "Y\n", 0), ==, 0); + + dir_contents = tor_listdir(dirname); + tt_assert(dir_contents); + /* make sure that each filename is listed. */ + tt_assert(smartlist_string_isin_case(dir_contents, "hopscotch")); + tt_assert(smartlist_string_isin_case(dir_contents, "mumblety-peg")); + + tt_assert(!smartlist_string_isin(dir_contents, ".")); + tt_assert(!smartlist_string_isin(dir_contents, "..")); + + done: + tor_free(fname1); + tor_free(fname2); + tor_free(dirname); + if (dir_contents) { + SMARTLIST_FOREACH(dir_contents, char *, cp, tor_free(cp)); + smartlist_free(dir_contents); + } +} + #define UTIL_LEGACY(name) \ { #name, legacy_test_helper, 0, &legacy_setup, test_util_ ## name } @@ -1128,6 +1161,7 @@ struct testcase_t util_tests[] = { UTIL_LEGACY(strtok), UTIL_TEST(find_str_at_start_of_line, 0), UTIL_TEST(asprintf, 0), + UTIL_TEST(listdir, 0), END_OF_TESTCASES }; diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h index 78e713f4c9..427ca01ae9 100644 --- a/src/win32/orconfig.h +++ b/src/win32/orconfig.h @@ -233,5 +233,5 @@ #define USING_TWOS_COMPLEMENT /* Version number of package */ -#define VERSION "0.2.2.14-alpha-dev" +#define VERSION "0.2.2.15-alpha-dev" |