diff options
| -rw-r--r-- | changes/bug40550 | 3 | ||||
| -rw-r--r-- | changes/ticket40509 | 4 | ||||
| -rw-r--r-- | changes/ticket40544 | 3 | ||||
| -rw-r--r-- | doc/HACKING/ReleasingTor.md | 30 | ||||
| -rwxr-xr-x | scripts/ci/ci-driver.sh | 117 | ||||
| -rw-r--r-- | src/app/main/main.c | 2 | ||||
| -rw-r--r-- | src/core/or/congestion_control_st.h | 8 | ||||
| -rw-r--r-- | src/core/or/protover.c | 4 | ||||
| -rw-r--r-- | src/core/or/trace_probes_cc.c | 1 | ||||
| -rw-r--r-- | src/feature/relay/router.c | 4 | ||||
| -rw-r--r-- | src/feature/relay/selftest.c | 1 | ||||
| -rw-r--r-- | src/test/test_protover.c | 11 |
12 files changed, 103 insertions, 85 deletions
diff --git a/changes/bug40550 b/changes/bug40550 new file mode 100644 index 0000000000..3f829d3794 --- /dev/null +++ b/changes/bug40550 @@ -0,0 +1,3 @@ + o Minor bugfixes (compilation): + - Resume being able to build on old / esoteric gcc versions. Fixes + bug 40550; bugfix on 0.4.7.1-alpha. diff --git a/changes/ticket40509 b/changes/ticket40509 new file mode 100644 index 0000000000..ba4502ff3b --- /dev/null +++ b/changes/ticket40509 @@ -0,0 +1,4 @@ + o Minor bugfix (relay): + - Remove the HSDir and HSIntro onion service v2 protocol versions so relay + stop advertising that they support them. Fixes bug 40509; bugfix on + 0.3.5.17. diff --git a/changes/ticket40544 b/changes/ticket40544 new file mode 100644 index 0000000000..b0754f0fd4 --- /dev/null +++ b/changes/ticket40544 @@ -0,0 +1,3 @@ + o Minor bugfix (logging): + - Update a log notice dead URL to a working one. Fixes bug 40544; bugfix on + 0.3.5.1-alpha. diff --git a/doc/HACKING/ReleasingTor.md b/doc/HACKING/ReleasingTor.md index 86feef754e..9eb89b54de 100644 --- a/doc/HACKING/ReleasingTor.md +++ b/doc/HACKING/ReleasingTor.md @@ -49,10 +49,14 @@ been merged upstream. 1. Download the generated patches from the `Patches` stage. + Apply these patches to the `main` or `release` branch as appropriate. + (Version bumps apply to `maint`; anything touching the changelog should + apply only to `main` or `release`.) + 2. For the ChangeLog and ReleaseNotes, you need to write a blurb at the top explaining a bit the release. - 3. Review, modify if needed, and merged them upstream. + 3. Review, modify if needed, and merge them upstream. 4. Manually trigger the `maintained` job in the `Build` stage so the CI can build the tarballs without errors. @@ -80,12 +84,17 @@ Once all signatures from all selected developers have been committed: 3. Put them on `dist.torproject.org`: - Upload the tarball and its sig to the dist website, i.e. - `/srv/dist-master.torproject.org/htdocs/` on dist-master. Run - "static-update-component dist.torproject.org" on dist-master. + Upload the tarball and its sig to the dist website: + + `rsync -avP tor-0.3.5.18.tar.gz{,.asc} dist-master.torproject.org:/srv/dist-master.torproject.org/htdocs/` + + Then, on dist-master.torproject.org, run: - In the `project/web/tpo.git` repository, update `databags/versions.ini` - to note the new version. Push these changes to `master`. + `static-update-component dist.torproject.org` + + For an alpha or latest stable, open an MR in + https://gitlab.torproject.org/tpo/web/tpo that updates the + `databags/versions.ini` to note the new version. (NOTE: Due to #17805, there can only be one stable version listed at once. Nonetheless, do not call your version "alpha" if it is stable, or people @@ -100,8 +109,13 @@ Once all signatures from all selected developers have been committed: Once the tarballs have been uploaded and are ready to be announced, we need to do the following: - 1. Tag versions (main and maint) using `git tag -s tor-0.x.y.z-<status>` - and then push the tags: `git push origin --tags` + 1. Tag versions (`main` branch or `release` branch as appropriate) using + `git tag -s tor-0.x.y.z-<status>` and then push the tags: + `git push origin --tags` + + (This should be the `main` or `release` branch because that is the one + from which the tarballs are built. We want our tags to match our + tarballs.) 2. Merge upstream the artifacts from the `patches` job in the `Post-process` stage of the CI release pipeline. diff --git a/scripts/ci/ci-driver.sh b/scripts/ci/ci-driver.sh index b5a9c5cbf1..c9f63c2f40 100755 --- a/scripts/ci/ci-driver.sh +++ b/scripts/ci/ci-driver.sh @@ -86,6 +86,7 @@ function error() { echo "${T_BOLD}${T_RED}ERROR:${T_RESET} $*" 1>&2 } + function die() { echo "${T_BOLD}${T_RED}FATAL ERROR:${T_RESET} $*" 1>&2 @@ -158,27 +159,27 @@ function show_git_version() if [[ "${ON_GITLAB}" == "yes" ]]; then function start_section() { - local label="$1" - local stamp - stamp=$(date +%s) - printf "section_start:%s:%s\r\e[0K" "$stamp" "$label" - echo "${T_BOLD}${T_GREEN}========= $label${T_RESET}" + local label="$1" + local stamp + stamp=$(date +%s) + printf "section_start:%s:%s\r\e[0K" "$stamp" "$label" + echo "${T_BOLD}${T_GREEN}========= $label${T_RESET}" } function end_section() { - local label="$1" - local stamp - stamp=$(date +%s) - printf "section_end:%s:%s\r\e[0K" "$stamp" "$label" + local label="$1" + local stamp + stamp=$(date +%s) + printf "section_end:%s:%s\r\e[0K" "$stamp" "$label" } else function start_section() { - true + true } function end_section() { - true + true } fi @@ -349,18 +350,18 @@ if [[ "$RUN_STAGE_CONFIGURE" = "yes" ]]; then start_section "Configure" if ! runcmd "${CI_SRCDIR}"/configure "${configure_options[@]}" ; then - error "Here is the end of config.log:" - runcmd tail config.log - die "Unable to continue" + error "Here is the end of config.log:" + runcmd tail config.log + die "Unable to continue" fi end_section "Configure" else debug "Skipping configure stage. Making sure that ${CI_BUILDDIR}/config.log exists." if [[ ! -d "${CI_BUILDDIR}" ]]; then - die "Build directory ${CI_BUILDDIR} did not exist!"; + die "Build directory ${CI_BUILDDIR} did not exist!" fi if [[ ! -f "${CI_BUILDDIR}/config.log" ]]; then - die "Tor was not configured in ${CI_BUILDDIR}!"; + die "Tor was not configured in ${CI_BUILDDIR}!" fi cp config.log "${CI_SRCDIR}"/artifacts @@ -374,26 +375,26 @@ fi if [[ "$RUN_STAGE_BUILD" = "yes" ]] ; then if [[ "$DISTCHECK" = "no" ]]; then - start_section "Build" - runcmd make "${make_options[@]}" all + start_section "Build" + runcmd make "${make_options[@]}" all cp src/app/tor "${CI_SRCDIR}"/artifacts - end_section "Build" + end_section "Build" else - export DISTCHECK_CONFIGURE_FLAGS="${configure_options[*]}" - # XXXX Set make options? - start_section Distcheck - if runcmd make "${make_options[@]}" distcheck ; then + export DISTCHECK_CONFIGURE_FLAGS="${configure_options[*]}" + # XXXX Set make options? + start_section Distcheck + if runcmd make "${make_options[@]}" distcheck ; then hooray "Distcheck was successful. Nothing further will be done." # We have to exit early here, since we can't do any other tests. cp tor-*.tar.gz "${CI_SRCDIR}"/artifacts exit 0 - else + else error "Diagnostics:" runcmd make show-distdir-testlog || true runcmd make show-distdir-core || true die "Unable to continue." - fi - end_section Distcheck + fi + end_section Distcheck fi fi @@ -411,9 +412,9 @@ if [[ "${DOXYGEN}" = 'yes' ]]; then start_section Doxygen if [[ "${TOR_VER_AT_LEAST_043}" = 'yes' ]]; then if runcmd make doxygen; then - hooray "make doxygen has succeeded." + hooray "make doxygen has succeeded." else - FAILED_TESTS="${FAILED_TESTS} doxygen" + FAILED_TESTS="${FAILED_TESTS} doxygen" fi else skipping "make doxygen: doxygen is broken for Tor < 0.4.3" @@ -464,36 +465,36 @@ if [[ "${CHUTNEY}" = "yes" ]]; then fi if [[ "${STEM}" = "yes" ]]; then - start_section "Stem" - # 0.3.5 and onward have now disabled onion service v2 so we need to exclude - # these Stem tests from now on. - EXCLUDE_TESTS="--exclude-test control.controller.test_ephemeral_hidden_services_v2 --exclude-test control.controller.test_hidden_services_conf --exclude-test control.controller.test_with_ephemeral_hidden_services_basic_auth --exclude-test control.controller.test_without_ephemeral_hidden_services --exclude-test control.controller.test_with_ephemeral_hidden_services_basic_auth_no_credentials" - if [[ "${TOR_VER_AT_LEAST_044}" = 'yes' ]]; then - # XXXX This should probably be part of some test-stem make target. - - # Disable the check around EXCLUDE_TESTS that requires double quote. We - # need it to be expanded. - # shellcheck disable=SC2086 - if runcmd timelimit -p -t 520 -s USR1 -T 30 -S ABRT \ - python3 "${STEM_PATH}/run_tests.py" \ - --tor src/app/tor \ - --integ --test control.controller \ - $EXCLUDE_TESTS \ - --test control.base_controller \ - --test process \ - --log TRACE \ - --log-file stem.log ; then - hooray "Stem tests have succeeded" - else - error "Stem output:" - runcmd tail -1000 "${STEM_PATH}"/test/data/tor_log - runcmd grep -v "SocketClosed" stem.log | tail -1000 - FAILED_TESTS="${FAILED_TESTS} stem" - fi - else - skipping "Stem: broken with <= 0.4.3. See bug tor#40077" - fi - end_section "Stem" + start_section "Stem" + # 0.3.5 and onward have now disabled onion service v2 so we need to exclude + # these Stem tests from now on. + EXCLUDE_TESTS="--exclude-test control.controller.test_ephemeral_hidden_services_v2 --exclude-test control.controller.test_hidden_services_conf --exclude-test control.controller.test_with_ephemeral_hidden_services_basic_auth --exclude-test control.controller.test_without_ephemeral_hidden_services --exclude-test control.controller.test_with_ephemeral_hidden_services_basic_auth_no_credentials" + if [[ "${TOR_VER_AT_LEAST_044}" = 'yes' ]]; then + # XXXX This should probably be part of some test-stem make target. + + # Disable the check around EXCLUDE_TESTS that requires double quote. We + # need it to be expanded. + # shellcheck disable=SC2086 + if runcmd timelimit -p -t 520 -s USR1 -T 30 -S ABRT \ + python3 "${STEM_PATH}/run_tests.py" \ + --tor src/app/tor \ + --integ --test control.controller \ + $EXCLUDE_TESTS \ + --test control.base_controller \ + --test process \ + --log TRACE \ + --log-file stem.log ; then + hooray "Stem tests have succeeded" + else + error "Stem output:" + runcmd tail -1000 "${STEM_PATH}"/test/data/tor_log + runcmd grep -v "SocketClosed" stem.log | tail -1000 + FAILED_TESTS="${FAILED_TESTS} stem" + fi + else + skipping "Stem: broken with <= 0.4.3. See bug tor#40077" + fi + end_section "Stem" fi # TODO: Coverage diff --git a/src/app/main/main.c b/src/app/main/main.c index f7b532f0ab..b73d722963 100644 --- a/src/app/main/main.c +++ b/src/app/main/main.c @@ -590,7 +590,7 @@ tor_init(int argc, char *argv[]) log_notice(LD_GENERAL, "Tor can't help you if you use it wrong! " "Learn how to be safe at " - "https://www.torproject.org/download/download#warning"); + "https://support.torproject.org/faq/staying-anonymous/"); if (strstr(version, "alpha") || strstr(version, "beta")) log_notice(LD_GENERAL, "This version is not a stable Tor release. " diff --git a/src/core/or/congestion_control_st.h b/src/core/or/congestion_control_st.h index 251ebd82e3..6038072568 100644 --- a/src/core/or/congestion_control_st.h +++ b/src/core/or/congestion_control_st.h @@ -115,7 +115,7 @@ struct nola_params_t { }; /** Fields common to all congestion control algorithms */ -typedef struct congestion_control_t { +struct congestion_control_t { /** * Smartlist of uint64_t monotime usec timestamps of when we sent a data * cell that is pending a sendme. FIFO queue that is managed similar to @@ -209,7 +209,7 @@ typedef struct congestion_control_t { struct vegas_params_t vegas_params; struct nola_params_t nola_params; }; -} congestion_control_t; +}; /** * Returns the number of sendme acks we will recieve before we update cwnd. @@ -221,7 +221,7 @@ typedef struct congestion_control_t { * If this returns 0 due to high cwnd_inc_rate, the calling code will * update every sendme ack. */ -static inline uint64_t CWND_UPDATE_RATE(const congestion_control_t *cc) +static inline uint64_t CWND_UPDATE_RATE(const struct congestion_control_t *cc) { /* We add cwnd_inc_rate*sendme_inc/2 to round to nearest integer number * of acks */ @@ -241,7 +241,7 @@ static inline uint64_t CWND_UPDATE_RATE(const congestion_control_t *cc) * allows us to specify the percent of the current consensus window * to update by. */ -static inline uint64_t CWND_INC_SS(const congestion_control_t *cc) +static inline uint64_t CWND_INC_SS(const struct congestion_control_t *cc) { return (cc->cwnd_inc_pct_ss*cc->cwnd/100); } diff --git a/src/core/or/protover.c b/src/core/or/protover.c index 199fc830a0..bd9cc60115 100644 --- a/src/core/or/protover.c +++ b/src/core/or/protover.c @@ -435,8 +435,8 @@ protover_get_supported_protocols(void) "Desc=1-2 " "DirCache=2 " "FlowCtrl=1 " - "HSDir=1-2 " - "HSIntro=3-5 " + "HSDir=2 " + "HSIntro=4-5 " "HSRend=1-2 " "Link=1-5 " #ifdef HAVE_WORKING_TOR_TLS_GET_TLSSECRETS diff --git a/src/core/or/trace_probes_cc.c b/src/core/or/trace_probes_cc.c index d52646da4f..b0ca23e208 100644 --- a/src/core/or/trace_probes_cc.c +++ b/src/core/or/trace_probes_cc.c @@ -19,6 +19,7 @@ #include "core/or/channel.h" #include "core/or/circuit_st.h" #include "core/or/circuitlist.h" +#include "core/or/congestion_control_common.h" #include "core/or/congestion_control_st.h" #include "core/or/connection_st.h" #include "core/or/edge_connection_st.h" diff --git a/src/feature/relay/router.c b/src/feature/relay/router.c index a2ca472307..bc98fd985c 100644 --- a/src/feature/relay/router.c +++ b/src/feature/relay/router.c @@ -565,8 +565,8 @@ log_new_relay_greeting(void) tor_log(LOG_NOTICE, LD_GENERAL, "You are running a new relay. " "Thanks for helping the Tor network! If you wish to know " "what will happen in the upcoming weeks regarding its usage, " - "have a look at https://blog.torproject.org/blog/lifecycle-of" - "-a-new-relay"); + "have a look at https://blog.torproject.org/lifecycle-of-a" + "-new-relay"); already_logged = 1; } diff --git a/src/feature/relay/selftest.c b/src/feature/relay/selftest.c index a791079bd8..d029c05053 100644 --- a/src/feature/relay/selftest.c +++ b/src/feature/relay/selftest.c @@ -256,6 +256,7 @@ router_do_orport_reachability_checks(const routerinfo_t *me, const tor_addr_port_t *ap = extend_info_get_orport(ei, family); if (BUG(!ap)) { /* Not much we can do here to recover apart from screaming loudly. */ + extend_info_free(ei); return; } log_info(LD_CIRC, "Testing %s of my %s ORPort: %s.", diff --git a/src/test/test_protover.c b/src/test/test_protover.c index 8cc3bcf0e5..ae40556220 100644 --- a/src/test/test_protover.c +++ b/src/test/test_protover.c @@ -334,13 +334,10 @@ test_protover_supports_version(void *arg) /* Deprecated HSIntro versions */ #define PROTOVER_HS_INTRO_DEPRECATED_1 1 #define PROTOVER_HS_INTRO_DEPRECATED_2 2 -/* Highest supported HSv2 introduce protocol version. - * It's not clear if we actually support version 2, see #25068. */ -#define PROTOVER_HS_INTRO_V2 3 /* HSv2 Rend and HSDir protocol versions. */ #define PROTOVER_HS_RENDEZVOUS_POINT_V2 1 -#define PROTOVER_HSDIR_V2 1 +#define PROTOVER_HSDIR_V2 2 /* DirCache, Desc, Microdesc, and Cons protocol versions. */ #define PROTOVER_DIRCACHE_V1 1 @@ -419,12 +416,6 @@ test_protover_supported_protocols(void *arg) tt_assert(!protocol_list_supports_protocol(supported_protocols, PRT_HSINTRO, PROTOVER_HS_INTRO_DEPRECATED_2)); - /* We could test legacy HSIntro by calling rend_service_update_descriptor(), - * and checking the protocols field. But that's unlikely to change, so - * we just use a hard-coded value. */ - tt_assert(protocol_list_supports_protocol(supported_protocols, - PRT_HSINTRO, - PROTOVER_HS_INTRO_V2)); /* Test for HSv3 HSIntro */ tt_assert(protocol_list_supports_protocol(supported_protocols, PRT_HSINTRO, |