diff options
74 files changed, 404 insertions, 699 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index d033b7ca30..4a4798e3e5 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -97,6 +97,8 @@ variables: - if [ "$STEM" = yes ]; then apt-get install timelimit; fi - if [ "$CC" = clang ]; then apt-get install clang; fi - if [ "$NSS" = yes ]; then apt-get install libnss3 libnss3-dev; fi + # llvm-symbolizer for sanitizer backtrace + - if [ "$HARDENING" = yes ]; then apt-get install llvm; fi # TODO: This next line should not be debian-only. - if [ "$STEM" = yes ]; then git clone --depth 1 https://git.torproject.org/stem.git ; export STEM_PATH="$(pwd)/stem"; fi # TODO: This next line should not be debian-only. @@ -111,7 +113,7 @@ debian-minimal: script: - ./scripts/ci/ci-driver.sh -# Minmal check on debian/i386: just make, make check. +# Minimal check on debian/i386: just make, make check. # debian-i386-minimal: image: i386/debian:buster diff --git a/Makefile.am b/Makefile.am index 280047a71b..c7b8b16d35 100644 --- a/Makefile.am +++ b/Makefile.am @@ -185,7 +185,6 @@ EXTRA_DIST+= \ CODE_OF_CONDUCT \ INSTALL \ LICENSE \ - Makefile.nmake \ README.md \ ReleaseNotes \ scripts/build/combine_libs \ diff --git a/Makefile.nmake b/Makefile.nmake deleted file mode 100644 index 32401b50b7..0000000000 --- a/Makefile.nmake +++ /dev/null @@ -1,19 +0,0 @@ -all:
- cd src/common
- $(MAKE) /F Makefile.nmake
- cd ../../src/ext
- $(MAKE) /F Makefile.nmake
- cd ../../src/or
- $(MAKE) /F Makefile.nmake
- cd ../../src/test
- $(MAKE) /F Makefile.nmake
-
-clean:
- cd src/common
- $(MAKE) /F Makefile.nmake clean
- cd ../../src/ext
- $(MAKE) /F Makefile.nmake clean
- cd ../../src/or
- $(MAKE) /F Makefile.nmake clean
- cd ../../src/test
- $(MAKE) /F Makefile.nmake clean
diff --git a/changes/aarch64_sandbox b/changes/aarch64_sandbox new file mode 100644 index 0000000000..d1d64d6e6c --- /dev/null +++ b/changes/aarch64_sandbox @@ -0,0 +1,5 @@ + o Minor bugfixes (sandbox): + - Fix sandbox support on AArch64 systems. More "*at" variants of syscalls + are now supported. Signed 32 bit syscall parameters are checked more + precisely, which should lead to lower likelihood of breakages with future + compiler and libc releases. Fixes bug 40599; bugfix on 0.4.4.3-alpha. diff --git a/changes/bug40603 b/changes/bug40603 new file mode 100644 index 0000000000..aa00718a48 --- /dev/null +++ b/changes/bug40603 @@ -0,0 +1,5 @@ + o Minor bugfixes (logging): + - Demote a harmless warn log message about finding a second hop to from + warn level to info level, if we do not have enough descriptors yet. + Leave it at notice level for other cases. Fixes bug 40603; + bugfix on 0.4.7.1-alpha. diff --git a/changes/bug40612 b/changes/bug40612 new file mode 100644 index 0000000000..526f23bdd6 --- /dev/null +++ b/changes/bug40612 @@ -0,0 +1,5 @@ + o Minor bugfixes (logging): + - Demote a notice log message about "Unexpected path length" to info + level. These cases seem to happen arbitrarily, and we likely will + never find all of them before the switch to arti. Fixes bug 40612; + bugfix on 0.4.7.5-alpha. diff --git a/changes/bug40619 b/changes/bug40619 new file mode 100644 index 0000000000..e49c2b5260 --- /dev/null +++ b/changes/bug40619 @@ -0,0 +1,3 @@ + o Minor bugfixes (logging): + - Correct a log message when cleaning microdescriptors. + Fixes bug 40619; bugfix on 0.2.5.4-alpha. diff --git a/changes/bug40620 b/changes/bug40620 new file mode 100644 index 0000000000..086a71d3f6 --- /dev/null +++ b/changes/bug40620 @@ -0,0 +1,3 @@ + o Minor bugfixes (relay, logging): + - Demote a harmless XOFF log message to from notice level to info level. + Fixes bug 40620; bugfix on 0.4.7.5-alpha. diff --git a/changes/bug40626 b/changes/bug40626 new file mode 100644 index 0000000000..cda8abe4d7 --- /dev/null +++ b/changes/bug40626 @@ -0,0 +1,6 @@ + o Major bugfixes (congestion control, TROVE-2022-001): + - Fix a scenario where RTT estimation can become wedged, seriously + degrading congestion control performance on all circuits. This impacts + clients, onion services, and relays, and can be triggered remotely by a + malicious endpoint. Tracked as CVE-2022-33903. Fixes bug 40626; bugfix + on 0.4.7.5-alpha. diff --git a/changes/faster_tests b/changes/faster_tests new file mode 100644 index 0000000000..150dff968f --- /dev/null +++ b/changes/faster_tests @@ -0,0 +1,3 @@ + o Minor features (tests): + - Avoid needless key reinitialization with OpenSSL during unit tests, + saving significant time. Patch from Alex Xu. diff --git a/changes/issue40597 b/changes/issue40597 new file mode 100644 index 0000000000..db2220805e --- /dev/null +++ b/changes/issue40597 @@ -0,0 +1,4 @@ + o Minor features (relays): + - Trigger OOS when bind fails with EADDRINUSE. This improves fairness when + a large number of exit connections are requested, and properly signals + exhaustion to the network. Fixes issue 40597; patch by Alex Xu (Hello71). diff --git a/changes/issue40630 b/changes/issue40630 new file mode 100644 index 0000000000..faf04941b6 --- /dev/null +++ b/changes/issue40630 @@ -0,0 +1,3 @@ + o Minor features (portability, compilation): + - Use OpenSSL 1.1 APIs for LibreSSL, fixing LibreSSL 3.5 compatibility. + Fixes issue 40630; patch by Alex Xu (Hello71). diff --git a/changes/log-quotes b/changes/log-quotes new file mode 100644 index 0000000000..7c9308eb44 --- /dev/null +++ b/changes/log-quotes @@ -0,0 +1,3 @@ + o Minor bugfixes (logging): + - Avoid ""double-quoting"" strings in several log messages. + Fixes bug 22723; bugfix on 0.1.2.2-alpha. diff --git a/changes/prop275 b/changes/prop275 new file mode 100644 index 0000000000..bbbf38d959 --- /dev/null +++ b/changes/prop275 @@ -0,0 +1,12 @@ + o Minor features (directory authority): + - Add a new consensus method in which the "published" times on router + entries in a microdesc consensus are all set to a meaningless fixed + date. Doing this will make the download size for compressed microdesc + consensus diffs much smaller. + Part of ticket 40130; implements proposal 275. + + o Minor features (network documents): + - Clients and relays no longer track the "published on" time declared + for relays in any consensus documents. When reporting this time on + the control port, they instead report a fixed date in the future. + Part of ticket 40130. diff --git a/changes/ticket40601 b/changes/ticket40601 new file mode 100644 index 0000000000..529e3badfe --- /dev/null +++ b/changes/ticket40601 @@ -0,0 +1,4 @@ + o Minor bugfixes (linux seccomp2 sandbox): + - Allow the rseq system call in the sandbox. This solves a crash issue with + glibc 2.35 on Linux. Patch from pmu-ipf. Fixes bug 40601; bugfix on + 0.3.5.11. diff --git a/changes/ticket40647 b/changes/ticket40647 new file mode 100644 index 0000000000..ae20aae3f3 --- /dev/null +++ b/changes/ticket40647 @@ -0,0 +1,4 @@ + o Minor bugfixes (relay): + - Remove a "BUG" warning for an acceptable race between a circuit close + and considering that circuit active. Fixes bug 40647; bugfix on + 0.3.5.1-alpha. diff --git a/changes/ticket40648 b/changes/ticket40648 new file mode 100644 index 0000000000..a891e30204 --- /dev/null +++ b/changes/ticket40648 @@ -0,0 +1,3 @@ + o Code simplification and refactoring (bridges): + - Remove unused code related to ExtPort connection ID. Fixes bug 40648; + bugfix on 0.3.5.1-alpha. diff --git a/configure.ac b/configure.ac index 778e485d5c..6ab7903010 100644 --- a/configure.ac +++ b/configure.ac @@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2019, The Tor Project, Inc. dnl See LICENSE for licensing information AC_PREREQ([2.63]) -AC_INIT([tor],[0.4.7.9]) +AC_INIT([tor],[0.4.8.0-alpha-dev]) AC_CONFIG_SRCDIR([src/app/main/tor_main.c]) AC_CONFIG_MACRO_DIR([m4]) @@ -18,7 +18,7 @@ AC_DEFINE_UNQUOTED([CONFIG_FLAGS], ["$configure_flags"], [Flags passed to config # version number changes. Tor uses it to make sure that it # only shuts down for missing "required protocols" when those protocols # are listed as required by a consensus after this date. -AC_DEFINE(APPROX_RELEASE_DATE, ["2022-08-11"], # for 0.4.7.9 +AC_DEFINE(APPROX_RELEASE_DATE, ["2022-04-27"], # for 0.4.8.0-alpha-dev [Approximate date when this software was released. (Updated when the version changes.)]) # "foreign" means we don't follow GNU package layout standards @@ -1022,7 +1022,7 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ AC_MSG_CHECKING([for OpenSSL < 1.0.1]) AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include <openssl/opensslv.h> -#if !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x1000100fL +#if OPENSSL_VERSION_NUMBER < 0x1000100fL #error "too old" #endif ]], [[]])], diff --git a/contrib/win32build/tor-mingw.nsi.in b/contrib/win32build/tor-mingw.nsi.in index 152d19d6b7..9b172331fd 100644 --- a/contrib/win32build/tor-mingw.nsi.in +++ b/contrib/win32build/tor-mingw.nsi.in @@ -8,7 +8,7 @@ !include "LogicLib.nsh" !include "FileFunc.nsh" !insertmacro GetParameters -!define VERSION "0.4.7.9" +!define VERSION "0.4.8.0-alpha-dev" !define INSTALLER "tor-${VERSION}-win32.exe" !define WEBSITE "https://www.torproject.org/" !define LICENSE "LICENSE" diff --git a/contrib/win32build/tor.nsi.in b/contrib/win32build/tor.nsi.in index dd24df454c..2d8c2b9adf 100644 --- a/contrib/win32build/tor.nsi.in +++ b/contrib/win32build/tor.nsi.in @@ -5,8 +5,8 @@ ; NOTE: This file might be obsolete. Look at tor-mingw.nsi.in instead. ;----------------------------------------- ; How to make an installer: -; Step 0. If you are a Tor maintainer, make sure that tor.nsi and -; src/win32/orconfig.h all have the correct version number. +; Step 0. If you are a Tor maintainer, make sure that tor.nsi has +; the correct version number. ; Step 1. Download and install OpenSSL. Make sure that the OpenSSL ; version listed below matches the one you downloaded. ; Step 2. Download and install NSIS (http://nsis.sourceforge.net) diff --git a/doc/HACKING/ReleasingTor.md b/doc/HACKING/ReleasingTor.md index a32bb10dad..f4f1368009 100644 --- a/doc/HACKING/ReleasingTor.md +++ b/doc/HACKING/ReleasingTor.md @@ -132,14 +132,17 @@ do the following: ### New Stable - 1. Create the `maint-x.y.z` and `release-x.y.z` branches and update the - `./scripts/git/git-list-tor-branches.sh` with the new version. + 1. Create the `maint-x.y.z` and `release-x.y.z` branches at the version + tag. Then update the `./scripts/git/git-list-tor-branches.sh` with the + new version. - 2. Add the new version in `./scripts/ci/ci-driver.sh`. - - 3. Forward port the ChangeLog and ReleaseNotes into main branch. Remove any - change logs of stable releases in ReleaseNotes. + 2. Update `./scripts/git/git-list-tor-branches.sh` and + `./scripts/ci/ci-driver.sh` with the new version in `maint-x.y.z` and + then merge forward into main. (If you haven't pushed remotely the new + branches, merge the local branch). + 3. In `main`, bump version to the next series: `tor-x.y.0-alpha-dev` and + then tag it: `git tag -s tor-x.y.0-alpha-dev` ## Appendix: An alternative means to notify packagers diff --git a/doc/asciidoc-helper.sh b/doc/asciidoc-helper.sh index 98e216e68a..a3e2f8f9bf 100755 --- a/doc/asciidoc-helper.sh +++ b/doc/asciidoc-helper.sh @@ -12,7 +12,7 @@ if [ $# != 3 ]; then exit 1 fi -SOURCE_DATE_EPOCH="$(git show --no-patch --format='%ct')" +SOURCE_DATE_EPOCH="$(git -C "$(dirname "$0")" show --no-patch --format='%ct')" export SOURCE_DATE_EPOCH output=$3 diff --git a/doc/building-tor-msvc.txt b/doc/building-tor-msvc.txt deleted file mode 100644 index dbc644d172..0000000000 --- a/doc/building-tor-msvc.txt +++ /dev/null @@ -1,122 +0,0 @@ -Building Tor with MSVC.
-=======================
-
-NOTE: This is not the preferred method for building Tor on windows: we use
-mingw for our packages.
-
-Last updated 9 September 2014.
-
-
-Requirements:
--------------
-
- * Visual Studio 2010
- https://go.microsoft.com/fwlink/?LinkId=323467
- * CMake 2.8.12.2
- https://www.cmake.org/download/
- * Perl 5.16
- https://www.activestate.com/activeperl/downloads
- * Latest stable OpenSSL tarball
- https://www.openssl.org/source/
- * Latest stable zlib tarball
- https://zlib.net/
- * Latest stable libevent Libevent tarball
- https://github.com/libevent/libevent/releases
-
-Make sure you check signatures for all these packages.
-
-Steps:
-------
-
-Building OpenSSL from source as a shared library:
-
- cd <openssl source dir>
- perl Configure VC-WIN32
- perl util\mkfiles.pl >MINFO
- perl util\mk1mf.pl no-asm dll VC-WIN32 >32dll.mak
- perl util\mkdef.pl 32 libeay > ms\libeay32.def
- perl util\mkdef.pl 32 ssleay > ms\ssleay32.def
- nmake -f 32dll.mak
-
-Making OpenSSL final package:
-
- Create <openssl final package dir>, I'd recommend using a name like <openssl
- source dir>-vc10.
-
- Copy the following directories and files to their respective locations
- <openssl source dir>\inc32\openssl => <openssl final package dir>\include\openssl
- <openssl source dir>\out32dll\libeay32.lib => <openssl final package dir>\lib\libeay32.lib
- <openssl source dir>\out32dll\ssleay32.lib => <openssl final package dir>\lib\ssleay32.lib
- <openssl source dir>\out32dll\libeay32.dll => <openssl final package dir>\bin\libeay32.dll
- <openssl source dir>\out32dll\openssl.exe => <openssl final package dir>\bin\openssl.exe
- <openssl source dir>\out32dll\ssleay32.dll => <openssl final package dir>\bin\ssleay32.dll
-
-Building Zlib from source:
-
- cd <zlib source dir>
- nmake -f win32/Makefile.msc
-
-Building libevent:
-
- cd <libevent source dir>
- mkdir build && cd build
- SET OPENSSL_ROOT_DIR=<openssl final package dir>
- cmake -G "NMake Makefiles" .. -DCMAKE_BUILD_TYPE:STRING=RelWithDebInfo -DCMAKE_C_FLAGS_RELWITHDEBINFO:STRING="/MT /Zi /O2 /Ob1 /D NDEBUG" -DZLIB_LIBRARY:FILEPATH="<zlib source dir>\zdll.lib" -DZLIB_INCLUDE_DIR:PATH="<zlib source dir>"
- nmake event
-
-Building Tor:
-
- Create a dir above tor source dir named build-alpha and two subdirs include
- and lib.
-
- Your build tree should now be similar to this one:
- * build-alpha
- - include
- - lib
- * <libevent source dir>
- - build
- - cmake
- - ...
- * <openssl source dir>
- - ...
- - ms
- - util
- - ...
- * <openssl final package dir>
- - bin
- - include
- - lib
- * <tor source dir>
- - ...
- - src
- - ...
- * <zlib source dir>
- - ...
- - win32
- - ...
-
- Copy the following dirs and files to the following locations:
- <openssl final package dir>\include\openssl => build-alpha\include\openssl
- <libevent source dir>\include => build-alpha\include
- <libevent source dir>\WIN32-Code\nmake\event2 => build-alpha\include\event2
- <zlib source dir>\z*.h => build-alpha\include\z*.h
-
- Now copy the following files to the following locations and rename them
- according new names:
-
- <libevent source dir>\build\lib\event.lib => build-alpha\lib\libevent.lib
- <openssl final package dir>\lib\libeay32.lib => build-alpha\lib\libcrypto.lib
- <openssl final package dir>\lib\ssleay32.lib => build-alpha\lib\libssl.lib
- <zlib source dir>\zdll.lib => build-alpha\lib\libz.lib
-
- And we are now ready for the build process:
-
- cd <tor source dir>
- nmake -f Makefile.nmake
-
- After the above process is completed there should be a tor.exe in <tor
- source dir>\src\or
-
- Copy tor.exe to desired location and also copy zlib1.dll, libeay32.dll and
- ssleay32.dll from built zlib and openssl packages
-
diff --git a/doc/man/tor.1.txt b/doc/man/tor.1.txt index 3672444c5d..712988fa5a 100644 --- a/doc/man/tor.1.txt +++ b/doc/man/tor.1.txt @@ -335,7 +335,7 @@ forward slash (/) in the configuration file and on the command line. to mess with it. (Default: -1) [[ClientTransportPlugin]] **ClientTransportPlugin** __transport__ socks4|socks5 __IP__:__PORT__:: -**ClientTransportPlugin** __transport__ exec __path-to-binary__ [options]:: +[[ClientTransportPlugin-2]] **ClientTransportPlugin** __transport__ exec __path-to-binary__ [options]:: In its first form, when set along with a corresponding Bridge line, the Tor client forwards its traffic to a SOCKS-speaking proxy on "IP:PORT". (IPv4 addresses should written as-is; IPv6 addresses should be wrapped in @@ -3532,7 +3532,7 @@ Service side: configured, the service will be accessible to anyone with the onion address. Revoking a client can be done by removing their ".auth" file, however the - revocation will be in effect only after the tor process gets restarted even if + revocation will be in effect only after the tor process gets restarted or if a SIGHUP takes place. Client side: diff --git a/scripts/maint/checkOptionDocs.pl.in b/scripts/maint/checkOptionDocs.pl.in index 2d4a7884f5..d2c2a838d6 100644 --- a/scripts/maint/checkOptionDocs.pl.in +++ b/scripts/maint/checkOptionDocs.pl.in @@ -41,9 +41,16 @@ loadTorrc("@abs_top_srcdir@/src/config/torrc.sample.in", \%torrcSampleOptions); my $considerNextLine = 0; open(F, "@abs_top_srcdir@/doc/man/tor.1.txt") or die; while (<F>) { - if (m!^(?:\[\[([A-za-z0-9_]+)\]\] *)?\*\*([A-Za-z0-9_]+)\*\*!) { + if (m!^(?:\[\[([A-za-z0-9_]+)\]\] *)?\*\*([A-Za-z0-9_]+)\*\*! && $considerNextLine) { $manPageOptions{$2} = 1; print "Missing an anchor: $2\n" unless (defined $1 or $2 eq 'tor'); + $considerNextLine = 1; + } elsif (m!^\s*$! or + m!^\s*\+\s*$! or + m!^\s*//!) { + $considerNextLine = 1; + } else { + $considerNextLine = 0; } } close F; diff --git a/scripts/maint/geoip/geoip-db-tool/Cargo.lock b/scripts/maint/geoip/geoip-db-tool/Cargo.lock index ba610d4fc3..7441503549 100644 --- a/scripts/maint/geoip/geoip-db-tool/Cargo.lock +++ b/scripts/maint/geoip/geoip-db-tool/Cargo.lock @@ -1,10 +1,12 @@ # This file is automatically @generated by Cargo. # It is not intended for manual editing. +version = 3 + [[package]] name = "argh" -version = "0.1.4" +version = "0.1.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "91792f088f87cdc7a2cfb1d617fa5ea18d7f1dc22ef0e1b5f82f3157cdc522be" +checksum = "a7e7e4aa7e40747e023c0761dafcb42333a9517575bbf1241747f68dd3177a62" dependencies = [ "argh_derive", "argh_shared", @@ -12,9 +14,9 @@ dependencies = [ [[package]] name = "argh_derive" -version = "0.1.4" +version = "0.1.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c4eb0c0c120ad477412dc95a4ce31e38f2113e46bd13511253f79196ca68b067" +checksum = "69f2bd7ff6ed6414f4e5521bd509bae46454bbd513801767ced3f21a751ab4bc" dependencies = [ "argh_shared", "heck", @@ -25,9 +27,9 @@ dependencies = [ [[package]] name = "argh_shared" -version = "0.1.4" +version = "0.1.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "781f336cc9826dbaddb9754cb5db61e64cab4f69668bd19dcc4a0394a86f4cb1" +checksum = "47253b98986dafc7a3e1cf3259194f1f47ac61abb57a57f46ec09e48d004ecda" [[package]] name = "geoip-db-tool" @@ -40,9 +42,9 @@ dependencies = [ [[package]] name = "heck" -version = "0.3.2" +version = "0.3.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "87cbf45460356b7deeb5e3415b5563308c0a9b057c85e12b06ad551f98d0a6ac" +checksum = "6d621efb26863f0e9924c6ac577e8275e5e6b77455db64ffa6c65c904e9e132c" dependencies = [ "unicode-segmentation", ] @@ -58,53 +60,53 @@ dependencies = [ [[package]] name = "proc-macro2" -version = "1.0.24" +version = "1.0.43" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1e0704ee1a7e00d7bb417d0770ea303c1bccbabf0ef1667dae92b5967f5f8a71" +checksum = "0a2ca2c61bc9f3d74d2886294ab7b9853abd9c1ad903a3ac7815c58989bb7bab" dependencies = [ - "unicode-xid", + "unicode-ident", ] [[package]] name = "quote" -version = "1.0.9" +version = "1.0.21" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c3d0b9745dc2debf507c8422de05d7226cc1f0644216dfdfead988f9b1ab32a7" +checksum = "bbe448f377a7d6961e30f5955f9b8d106c3f5e449d493ee1b125c1d43c2b5179" dependencies = [ "proc-macro2", ] [[package]] name = "rangemap" -version = "0.1.10" +version = "0.1.14" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "90531bef860f96441c4cb74a1e43c281cd1366143928f944546ef0b1c60392b0" +checksum = "3929836cb64d09ee7deee59635c3d9bffbc1c0373e247efff6272abd62a11baa" [[package]] name = "serde" -version = "1.0.123" +version = "1.0.143" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "92d5161132722baa40d802cc70b15262b98258453e85e5d1d365c757c73869ae" +checksum = "53e8e5d5b70924f74ff5c6d64d9a5acd91422117c60f48c4e07855238a254553" [[package]] name = "syn" -version = "1.0.60" +version = "1.0.99" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c700597eca8a5a762beb35753ef6b94df201c81cca676604f547495a0d7f0081" +checksum = "58dbef6ec655055e20b86b15a8cc6d439cca19b667537ac6a1369572d151ab13" dependencies = [ "proc-macro2", "quote", - "unicode-xid", + "unicode-ident", ] [[package]] -name = "unicode-segmentation" -version = "1.7.1" +name = "unicode-ident" +version = "1.0.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bb0d2e7be6ae3a5fa87eed5fb451aff96f2573d2694942e40543ae0bbe19c796" +checksum = "c4f5b37a154999a8f3f98cc23a628d850e154479cd94decf3414696e12e31aaf" [[package]] -name = "unicode-xid" -version = "0.2.1" +name = "unicode-segmentation" +version = "1.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f7fe0bb3479651439c9112f72b6c505038574c9fbb575ed1bf3b797fa39dd564" +checksum = "7e8820f5d777f6224dc4be3632222971ac30164d4a258d595640799554ebfd99" diff --git a/scripts/maint/update_versions.py b/scripts/maint/update_versions.py index 07de1c343a..361dbe2cd3 100755 --- a/scripts/maint/update_versions.py +++ b/scripts/maint/update_versions.py @@ -129,8 +129,3 @@ update_file(P("contrib/win32build/tor-mingw.nsi.in"), re.compile(r'!define VERSION .*'), u'!define VERSION "{}"'.format(version), encoding="iso-8859-1") - -# In src/win32/orconfig.h, we replace the definition of VERSION. -update_file(P("src/win32/orconfig.h"), - re.compile(r'#define VERSION .*'), - u'#define VERSION "{}"'.format(version)) diff --git a/src/config/include.am b/src/config/include.am index ee38934938..351f32f575 100644 --- a/src/config/include.am +++ b/src/config/include.am @@ -12,9 +12,3 @@ EXTRA_DIST+= \ conf_DATA = src/config/torrc.sample tordata_DATA = src/config/geoip src/config/geoip6 -# fallback_consensus - -# If we don't have it, fake it. -src_config_fallback-consensus: - touch src/config/fallback-consensus - diff --git a/src/core/mainloop/connection.c b/src/core/mainloop/connection.c index 9271a70914..883610d7e1 100644 --- a/src/core/mainloop/connection.c +++ b/src/core/mainloop/connection.c @@ -590,7 +590,6 @@ or_connection_new(int type, int socket_family) /* If we aren't told an address for this connection, we should * presume it isn't local, and should be rate-limited. */ TO_CONN(or_conn)->always_rate_limit_as_remote = 1; - connection_or_set_ext_or_identifier(or_conn); } return or_conn; @@ -957,7 +956,6 @@ connection_free_minimal(connection_t *conn) connection_or_clear_identity(TO_OR_CONN(conn)); } if (conn->type == CONN_TYPE_OR || conn->type == CONN_TYPE_EXT_OR) { - tor_free(TO_OR_CONN(conn)->ext_or_conn_id); tor_free(TO_OR_CONN(conn)->ext_or_auth_correct_client_hash); tor_free(TO_OR_CONN(conn)->ext_or_transport); } @@ -2224,21 +2222,27 @@ connection_connect_sockaddr,(connection_t *conn, tor_socket_strerror(errno)); } - /* - * We've got the socket open; give the OOS handler a chance to check - * against configured maximum socket number, but tell it no exhaustion - * failure. - */ - connection_check_oos(get_n_open_sockets(), 0); - if (bindaddr && bind(s, bindaddr, bindaddr_len) < 0) { *socket_error = tor_socket_errno(s); - log_warn(LD_NET,"Error binding network socket: %s", - tor_socket_strerror(*socket_error)); + if (ERRNO_IS_EADDRINUSE(*socket_error)) { + socket_failed_from_resource_exhaustion(); + connection_check_oos(get_n_open_sockets(), 1); + } else { + log_warn(LD_NET,"Error binding network socket: %s", + tor_socket_strerror(*socket_error)); + connection_check_oos(get_n_open_sockets(), 0); + } tor_close_socket(s); return -1; } + /* + * We've got the socket open and bound; give the OOS handler a chance to + * check against configured maximum socket number, but tell it no exhaustion + * failure. + */ + connection_check_oos(get_n_open_sockets(), 0); + tor_assert(options); if (options->ConstrainedSockets) set_constrained_socket_buffers(s, (int)options->ConstrainedSockSize); diff --git a/src/core/mainloop/mainloop.c b/src/core/mainloop/mainloop.c index 526f8c37af..8e1b33e56e 100644 --- a/src/core/mainloop/mainloop.c +++ b/src/core/mainloop/mainloop.c @@ -274,16 +274,8 @@ connection_add_impl(connection_t *conn, int is_connecting) void connection_unregister_events(connection_t *conn) { - if (conn->read_event) { - if (event_del(conn->read_event)) - log_warn(LD_BUG, "Error removing read event for %d", (int)conn->s); - tor_free(conn->read_event); - } - if (conn->write_event) { - if (event_del(conn->write_event)) - log_warn(LD_BUG, "Error removing write event for %d", (int)conn->s); - tor_free(conn->write_event); - } + tor_event_free(conn->read_event); + tor_event_free(conn->write_event); if (conn->type == CONN_TYPE_AP_DNS_LISTENER) { dnsserv_close_listener(conn); } diff --git a/src/core/or/circuitbuild.c b/src/core/or/circuitbuild.c index 511df4112b..257d33f1ab 100644 --- a/src/core/or/circuitbuild.c +++ b/src/core/or/circuitbuild.c @@ -11,7 +11,7 @@ * constructing/sending create/extend cells, and so on). * * On the client side, this module handles launching circuits. Circuit - * launches are srtarted from circuit_establish_circuit(), called from + * launches are started from circuit_establish_circuit(), called from * circuit_launch_by_extend_info()). To choose the path the circuit will * take, onion_extend_cpath() calls into a maze of node selection functions. * diff --git a/src/core/or/dos.c b/src/core/or/dos.c index 2eb5782481..efb6433537 100644 --- a/src/core/or/dos.c +++ b/src/core/or/dos.c @@ -534,7 +534,7 @@ conn_update_on_close(conn_client_stats_t *stats, const tor_addr_t *addr) { /* Extra super duper safety. Going below 0 means an underflow which could * lead to most likely a false positive. In theory, this should never happen - * but lets be extra safe. */ + * but let's be extra safe. */ if (BUG(stats->concurrent_count == 0)) { return; } @@ -607,7 +607,7 @@ dos_cc_new_create_cell(channel_t *chan) /* This is the detection. Assess at every CREATE cell if the client should * get marked as malicious. This should be kept as fast as possible. */ if (cc_has_exhausted_circuits(&entry->dos_stats)) { - /* If this is the first time we mark this entry, log it a info level. + /* If this is the first time we mark this entry, log it. * Under heavy DDoS, logging each time we mark would results in lots and * lots of logs. */ if (entry->dos_stats.cc_stats.marked_until_ts == 0) { diff --git a/src/core/or/or_connection_st.h b/src/core/or/or_connection_st.h index 81ba2091ec..97dfe7a637 100644 --- a/src/core/or/or_connection_st.h +++ b/src/core/or/or_connection_st.h @@ -26,11 +26,9 @@ struct or_connection_t { * if the other side hasn't shown us a valid identity key. */ char identity_digest[DIGEST_LEN]; - /** Extended ORPort connection identifier. */ - char *ext_or_conn_id; /** This is the ClientHash value we expect to receive from the * client during the Extended ORPort authentication protocol. We - * compute it upon receiving the ClientNoce from the client, and we + * compute it upon receiving the ClientNonce from the client, and we * compare it with the actual ClientHash value sent by the * client. */ char *ext_or_auth_correct_client_hash; diff --git a/src/core/or/relay.c b/src/core/or/relay.c index 68fddd1ae7..843d7a8765 100644 --- a/src/core/or/relay.c +++ b/src/core/or/relay.c @@ -3038,10 +3038,23 @@ channel_flush_from_first_active_circuit, (channel_t *chan, int max)) streams_blocked = circ->streams_blocked_on_p_chan; } - /* Circuitmux told us this was active, so it should have cells */ - if (/*BUG(*/ queue->n == 0 /*)*/) { - log_warn(LD_BUG, "Found a supposedly active circuit with no cells " - "to send. Trying to recover."); + /* Circuitmux told us this was active, so it should have cells. + * + * Note: In terms of logic and coherence, this should never happen but the + * cmux dragon is powerful. Reason is that when the OOM is triggered, when + * cleaning up circuits, we mark them for close and then clear their cell + * queues. And so, we can have a circuit considered active by the cmux + * dragon but without cells. The cmux subsystem is only notified of this + * when the circuit is freed which leaves a tiny window between close and + * free to end up here. + * + * We are accepting this as an "ok" race else the changes are likely non + * trivial to make the mark for close to set the num cells to 0 and change + * the free functions to detach the circuit conditionnaly without creating + * a chain effect of madness. + * + * The lesson here is arti will prevail and leave the cmux dragon alone. */ + if (queue->n == 0) { circuitmux_set_num_cells(cmux, circ, 0); if (! circ->marked_for_close) circuit_mark_for_close(circ, END_CIRC_REASON_INTERNAL); @@ -3166,7 +3179,7 @@ channel_flush_from_first_active_circuit, (channel_t *chan, int max)) #define RELAY_CIRC_CELL_QUEUE_SIZE_DEFAULT \ (50 * RELAY_CIRC_CELL_QUEUE_SIZE_MIN) -/* The maximum number of cell a circuit queue can contain. This is updated at +/* The maximum number of cells a circuit queue can contain. This is updated at * every new consensus and controlled by a parameter. */ static int32_t max_circuit_cell_queue_size = RELAY_CIRC_CELL_QUEUE_SIZE_DEFAULT; diff --git a/src/ext/Makefile.nmake b/src/ext/Makefile.nmake deleted file mode 100644 index d02d03bf41..0000000000 --- a/src/ext/Makefile.nmake +++ /dev/null @@ -1,12 +0,0 @@ -all: csiphash.lib - -CFLAGS = /O2 /MT /I ..\win32 /I ..\..\..\build-alpha\include /I ..\common \ - /I ..\ext - -CSIPHASH_OBJECTS = csiphash.obj - -csiphash.lib: $(CSIPHASH_OBJECTS) - lib $(CSIPHASH_OBJECTS) $(CURVE25519_DONNA_OBJECTS) /out:csiphash.lib - -clean: - del *.obj *.lib diff --git a/src/feature/control/getinfo_geoip.c b/src/feature/control/getinfo_geoip.c index be89c2c641..e2d277f256 100644 --- a/src/feature/control/getinfo_geoip.c +++ b/src/feature/control/getinfo_geoip.c @@ -44,10 +44,7 @@ getinfo_helper_geoip(control_connection_t *control_conn, *errmsg = "GeoIP data not loaded"; return -1; } - if (family == AF_INET) - c = geoip_get_country_by_ipv4(tor_addr_to_ipv4h(&addr)); - else /* AF_INET6 */ - c = geoip_get_country_by_ipv6(tor_addr_to_in6(&addr)); + c = geoip_get_country_by_addr(&addr); *answer = tor_strdup(geoip_get_country_name(c)); } return 0; diff --git a/src/feature/dirauth/dirvote.c b/src/feature/dirauth/dirvote.c index cdd2c132ef..b4a9f83f19 100644 --- a/src/feature/dirauth/dirvote.c +++ b/src/feature/dirauth/dirvote.c @@ -390,7 +390,8 @@ format_networkstatus_vote(crypto_pk_t *private_signing_key, rsf = routerstatus_format_entry(&vrs->status, vrs->version, vrs->protocols, NS_V3_VOTE, - vrs); + vrs, + -1); if (rsf) smartlist_add(chunks, rsf); @@ -618,8 +619,8 @@ compare_vote_rs(const vote_routerstatus_t *a, const vote_routerstatus_t *b) * the descriptor digests matched, so somebody is making SHA1 collisions. */ #define CMP_FIELD(utype, itype, field) do { \ - utype aval = (utype) (itype) a->status.field; \ - utype bval = (utype) (itype) b->status.field; \ + utype aval = (utype) (itype) a->field; \ + utype bval = (utype) (itype) b->field; \ utype u = bval - aval; \ itype r2 = (itype) u; \ if (r2 < 0) { \ @@ -638,8 +639,8 @@ compare_vote_rs(const vote_routerstatus_t *a, const vote_routerstatus_t *b) CMP_EXACT))) { return r; } - CMP_FIELD(unsigned, int, ipv4_orport); - CMP_FIELD(unsigned, int, ipv4_dirport); + CMP_FIELD(unsigned, int, status.ipv4_orport); + CMP_FIELD(unsigned, int, status.ipv4_dirport); return 0; } @@ -692,10 +693,10 @@ compute_routerstatus_consensus(smartlist_t *votes, int consensus_method, } else { if (cur && (cur_n > most_n || (cur_n == most_n && - cur->status.published_on > most_published))) { + cur->published_on > most_published))) { most = cur; most_n = cur_n; - most_published = cur->status.published_on; + most_published = cur->published_on; } cur_n = 1; cur = rs; @@ -703,7 +704,7 @@ compute_routerstatus_consensus(smartlist_t *votes, int consensus_method, } SMARTLIST_FOREACH_END(rs); if (cur_n > most_n || - (cur && cur_n == most_n && cur->status.published_on > most_published)) { + (cur && cur_n == most_n && cur->published_on > most_published)) { most = cur; // most_n = cur_n; // unused after this point. // most_published = cur->status.published_on; // unused after this point. @@ -2047,7 +2048,6 @@ networkstatus_compute_consensus(smartlist_t *votes, memcpy(rs_out.descriptor_digest, rs->status.descriptor_digest, DIGEST_LEN); tor_addr_copy(&rs_out.ipv4_addr, &rs->status.ipv4_addr); - rs_out.published_on = rs->status.published_on; rs_out.ipv4_dirport = rs->status.ipv4_dirport; rs_out.ipv4_orport = rs->status.ipv4_orport; tor_addr_copy(&rs_out.ipv6_addr, &alt_orport.addr); @@ -2055,6 +2055,21 @@ networkstatus_compute_consensus(smartlist_t *votes, rs_out.has_bandwidth = 0; rs_out.has_exitsummary = 0; + time_t published_on = rs->published_on; + + /* Starting with this consensus method, we no longer include a + meaningful published_on time for microdescriptor consensuses. This + makes their diffs smaller and more compressible. + + We need to keep including a meaningful published_on time for NS + consensuses, however, until 035 relays are all obsolete. (They use + it for a purpose similar to the current StaleDesc flag.) + */ + if (consensus_method >= MIN_METHOD_TO_SUPPRESS_MD_PUBLISHED && + flavor == FLAV_MICRODESC) { + published_on = -1; + } + if (chosen_name && !naming_conflict) { strlcpy(rs_out.nickname, chosen_name, sizeof(rs_out.nickname)); } else { @@ -2276,7 +2291,7 @@ networkstatus_compute_consensus(smartlist_t *votes, /* Okay!! Now we can write the descriptor... */ /* First line goes into "buf". */ buf = routerstatus_format_entry(&rs_out, NULL, NULL, - rs_format, NULL); + rs_format, NULL, published_on); if (buf) smartlist_add(chunks, buf); } @@ -4745,6 +4760,7 @@ dirserv_generate_networkstatus_vote_obj(crypto_pk_t *private_key, dirauth_set_routerstatus_from_routerinfo(rs, node, ri, now, list_bad_exits, list_middle_only); + vrs->published_on = ri->cache_info.published_on; if (ri->cache_info.signing_key_cert) { memcpy(vrs->ed25519_id, diff --git a/src/feature/dirauth/dirvote.h b/src/feature/dirauth/dirvote.h index 64aaec116e..ae8d43a6f0 100644 --- a/src/feature/dirauth/dirvote.h +++ b/src/feature/dirauth/dirvote.h @@ -53,7 +53,7 @@ #define MIN_SUPPORTED_CONSENSUS_METHOD 28 /** The highest consensus method that we currently support. */ -#define MAX_SUPPORTED_CONSENSUS_METHOD 32 +#define MAX_SUPPORTED_CONSENSUS_METHOD 33 /** * Lowest consensus method where microdescriptor lines are put in canonical @@ -74,6 +74,12 @@ */ #define MIN_METHOD_FOR_MIDDLEONLY 32 +/** + * Lowest consensus method for which we suppress the published time in + * microdescriptor consensuses. + */ +#define MIN_METHOD_TO_SUPPRESS_MD_PUBLISHED 33 + /** Default bandwidth to clip unmeasured bandwidths to using method >= * MIN_METHOD_TO_CLIP_UNMEASURED_BW. (This is not a consensus method; do not * get confused with the above macros.) */ diff --git a/src/feature/dirauth/process_descs.c b/src/feature/dirauth/process_descs.c index 7d61247e23..6a9cc5e95f 100644 --- a/src/feature/dirauth/process_descs.c +++ b/src/feature/dirauth/process_descs.c @@ -110,7 +110,7 @@ add_rsa_fingerprint_to_dir(const char *fp, authdir_config_t *list, tor_strstrip(fingerprint, " "); if (base16_decode(d, DIGEST_LEN, fingerprint, strlen(fingerprint)) != DIGEST_LEN) { - log_warn(LD_DIRSERV, "Couldn't decode fingerprint \"%s\"", + log_warn(LD_DIRSERV, "Couldn't decode fingerprint %s", escaped(fp)); tor_free(fingerprint); return -1; diff --git a/src/feature/dirparse/ns_parse.c b/src/feature/dirparse/ns_parse.c index cd3e2731be..3e1f9a3bd3 100644 --- a/src/feature/dirparse/ns_parse.c +++ b/src/feature/dirparse/ns_parse.c @@ -371,14 +371,17 @@ routerstatus_parse_entry_from_string(memarea_t *area, } } + time_t published_on; if (tor_snprintf(timebuf, sizeof(timebuf), "%s %s", tok->args[3+offset], tok->args[4+offset]) < 0 || - parse_iso_time(timebuf, &rs->published_on)<0) { + parse_iso_time(timebuf, &published_on)<0) { log_warn(LD_DIR, "Error parsing time '%s %s' [%d %d]", tok->args[3+offset], tok->args[4+offset], offset, (int)flav); goto err; } + if (vote_rs) + vote_rs->published_on = published_on; if (tor_inet_aton(tok->args[5+offset], &in) == 0) { log_warn(LD_DIR, "Error parsing router address in network-status %s", diff --git a/src/feature/hs/hs_client.c b/src/feature/hs/hs_client.c index d08b518d94..bc304171ed 100644 --- a/src/feature/hs/hs_client.c +++ b/src/feature/hs/hs_client.c @@ -644,8 +644,8 @@ send_introduce1(origin_circuit_t *intro_circ, goto tran_err; } - /* Check if the rendevous circuit was setup WITHOUT congestion control but if - * it is enabled and the service supports it. This can happen, see + /* Check if the rendezvous circuit was setup WITHOUT congestion control, + * but if it is enabled and the service supports it. This can happen, see * setup_rendezvous_circ_congestion_control() and so close rendezvous circuit * so another one can be created. */ if (TO_CIRCUIT(rend_circ)->ccontrol == NULL && congestion_control_enabled() diff --git a/src/feature/hs/hs_service.c b/src/feature/hs/hs_service.c index ff34e5dc44..716386408a 100644 --- a/src/feature/hs/hs_service.c +++ b/src/feature/hs/hs_service.c @@ -2419,7 +2419,7 @@ should_remove_intro_point(hs_service_intro_point_t *ip, time_t now) goto end; } - /* Pass this point, even though we might be over the retry limit, we check + /* Past this point, even though we might be over the retry limit, we check * if a circuit (established or pending) exists. In that case, we should not * remove it because it might simply be valid and opened at the previous * scheduled event for the last retry. */ diff --git a/src/feature/nodelist/fmt_routerstatus.c b/src/feature/nodelist/fmt_routerstatus.c index 95379a7721..e068c87c9b 100644 --- a/src/feature/nodelist/fmt_routerstatus.c +++ b/src/feature/nodelist/fmt_routerstatus.c @@ -26,6 +26,9 @@ /** Helper: write the router-status information in <b>rs</b> into a newly * allocated character buffer. Use the same format as in network-status * documents. If <b>version</b> is non-NULL, add a "v" line for the platform. + * If <b>declared_publish_time</b> is nonnegative, we declare it as the + * publication time. Otherwise we look for a publication time in <b>vrs</b>, + * and fall back to a default (not useful) publication time. * * Return 0 on success, -1 on failure. * @@ -38,12 +41,14 @@ * NS_V3_VOTE - Output a complete V3 NS vote. If <b>vrs</b> is present, * it contains additional information for the vote. * NS_CONTROL_PORT - Output a NS document for the control port. + * */ char * routerstatus_format_entry(const routerstatus_t *rs, const char *version, const char *protocols, routerstatus_format_type_t format, - const vote_routerstatus_t *vrs) + const vote_routerstatus_t *vrs, + time_t declared_publish_time) { char *summary; char *result = NULL; @@ -53,11 +58,18 @@ routerstatus_format_entry(const routerstatus_t *rs, const char *version, char digest64[BASE64_DIGEST_LEN+1]; smartlist_t *chunks = smartlist_new(); + if (declared_publish_time >= 0) { + format_iso_time(published, declared_publish_time); + } else if (vrs) { + format_iso_time(published, vrs->published_on); + } else { + strlcpy(published, "2038-01-01 00:00:00", sizeof(published)); + } + const char *ip_str = fmt_addr(&rs->ipv4_addr); if (ip_str[0] == '\0') goto err; - format_iso_time(published, rs->published_on); digest_to_base64(identity64, rs->identity_digest); digest_to_base64(digest64, rs->descriptor_digest); diff --git a/src/feature/nodelist/fmt_routerstatus.h b/src/feature/nodelist/fmt_routerstatus.h index 7482f373e1..740ea51dd9 100644 --- a/src/feature/nodelist/fmt_routerstatus.h +++ b/src/feature/nodelist/fmt_routerstatus.h @@ -35,6 +35,7 @@ char *routerstatus_format_entry( const char *version, const char *protocols, routerstatus_format_type_t format, - const vote_routerstatus_t *vrs); + const vote_routerstatus_t *vrs, + time_t declared_publish_time); #endif /* !defined(TOR_FMT_ROUTERSTATUS_H) */ diff --git a/src/feature/nodelist/microdesc.c b/src/feature/nodelist/microdesc.c index a95d535dc0..9e5f0bb9a4 100644 --- a/src/feature/nodelist/microdesc.c +++ b/src/feature/nodelist/microdesc.c @@ -626,7 +626,7 @@ microdesc_cache_clean(microdesc_cache_t *cache, time_t cutoff, int force) (*mdp)->digest, DIGEST256_LEN)) { rs_match = "Microdesc digest in RS matches"; } else { - rs_match = "Microdesc digest in RS does match"; + rs_match = "Microdesc digest in RS does not match"; } if (ns) { /* This should be impossible, but let's see! */ diff --git a/src/feature/nodelist/networkstatus.c b/src/feature/nodelist/networkstatus.c index aaddf2331d..d53c6cc3a8 100644 --- a/src/feature/nodelist/networkstatus.c +++ b/src/feature/nodelist/networkstatus.c @@ -1614,7 +1614,6 @@ routerstatus_has_visibly_changed(const routerstatus_t *a, a->is_hs_dir != b->is_hs_dir || a->is_staledesc != b->is_staledesc || a->has_bandwidth != b->has_bandwidth || - a->published_on != b->published_on || a->ipv6_orport != b->ipv6_orport || a->is_v2_dir != b->is_v2_dir || a->bandwidth_kb != b->bandwidth_kb || @@ -2368,7 +2367,7 @@ char * networkstatus_getinfo_helper_single(const routerstatus_t *rs) { return routerstatus_format_entry(rs, NULL, NULL, NS_CONTROL_PORT, - NULL); + NULL, -1); } /** @@ -2400,7 +2399,6 @@ set_routerstatus_from_routerinfo(routerstatus_t *rs, rs->is_hs_dir = node->is_hs_dir; rs->is_named = rs->is_unnamed = 0; - rs->published_on = ri->cache_info.published_on; memcpy(rs->identity_digest, node->identity, DIGEST_LEN); memcpy(rs->descriptor_digest, ri->cache_info.signed_descriptor_digest, DIGEST_LEN); @@ -2618,15 +2616,12 @@ networkstatus_parse_flavor_name(const char *flavname) int client_would_use_router(const routerstatus_t *rs, time_t now) { + (void) now; if (!rs->is_flagged_running) { /* If we had this router descriptor, we wouldn't even bother using it. * (Fetching and storing depends on by we_want_to_fetch_flavor().) */ return 0; } - if (rs->published_on + OLD_ROUTER_DESC_MAX_AGE < now) { - /* We'd drop it immediately for being too old. */ - return 0; - } if (!routerstatus_version_supports_extend2_cells(rs, 1)) { /* We'd ignore it because it doesn't support EXTEND2 cells. * If we don't know the version, download the descriptor so we can diff --git a/src/feature/nodelist/routerlist.c b/src/feature/nodelist/routerlist.c index c00f7ffb26..8bcc42bc3f 100644 --- a/src/feature/nodelist/routerlist.c +++ b/src/feature/nodelist/routerlist.c @@ -1924,11 +1924,9 @@ routerlist_remove_old_routers(void) retain = digestset_new(n_max_retain); } - cutoff = now - OLD_ROUTER_DESC_MAX_AGE; /* Retain anything listed in the consensus. */ if (consensus) { SMARTLIST_FOREACH(consensus->routerstatus_list, routerstatus_t *, rs, - if (rs->published_on >= cutoff) digestset_add(retain, rs->descriptor_digest)); } @@ -2721,17 +2719,20 @@ update_consensus_router_descriptor_downloads(time_t now, int is_vote, continue; /* We would never use it ourself. */ } if (is_vote && source) { - char time_bufnew[ISO_TIME_LEN+1]; - char time_bufold[ISO_TIME_LEN+1]; + char old_digest_buf[HEX_DIGEST_LEN+1]; + const char *old_digest = "none"; const routerinfo_t *oldrouter; oldrouter = router_get_by_id_digest(rs->identity_digest); - format_iso_time(time_bufnew, rs->published_on); - if (oldrouter) - format_iso_time(time_bufold, oldrouter->cache_info.published_on); + if (oldrouter) { + base16_encode(old_digest_buf, sizeof(old_digest_buf), + oldrouter->cache_info.signed_descriptor_digest, + DIGEST_LEN); + old_digest = old_digest_buf; + } log_info(LD_DIR, "Learned about %s (%s vs %s) from %s's vote (%s)", routerstatus_describe(rs), - time_bufnew, - oldrouter ? time_bufold : "none", + hex_str(rs->descriptor_digest, DIGEST_LEN), + old_digest, source->nickname, oldrouter ? "known" : "unknown"); } smartlist_add(downloadable, rs->descriptor_digest); diff --git a/src/feature/nodelist/routerstatus_st.h b/src/feature/nodelist/routerstatus_st.h index 55b76de581..a36c80917c 100644 --- a/src/feature/nodelist/routerstatus_st.h +++ b/src/feature/nodelist/routerstatus_st.h @@ -21,7 +21,6 @@ struct routerstatus_t { * routerstatus_has_visibly_changed and the printing function * routerstatus_format_entry in NS_CONTROL_PORT mode. */ - time_t published_on; /**< When was this router published? */ char nickname[MAX_NICKNAME_LEN+1]; /**< The nickname this router says it * has. */ char identity_digest[DIGEST_LEN]; /**< Digest of the router's identity diff --git a/src/feature/nodelist/vote_routerstatus_st.h b/src/feature/nodelist/vote_routerstatus_st.h index 6b2f7b92a9..41d465db8f 100644 --- a/src/feature/nodelist/vote_routerstatus_st.h +++ b/src/feature/nodelist/vote_routerstatus_st.h @@ -18,6 +18,7 @@ struct vote_routerstatus_t { routerstatus_t status; /**< Underlying 'status' object for this router. * Flags are redundant. */ + time_t published_on; /**< When was this router published? */ /** How many known-flags are allowed in a vote? This is the width of * the flags field of vote_routerstatus_t */ #define MAX_KNOWN_FLAGS_IN_VOTE 64 diff --git a/src/feature/relay/dns.c b/src/feature/relay/dns.c index 4ae4a8e4b9..be226f4815 100644 --- a/src/feature/relay/dns.c +++ b/src/feature/relay/dns.c @@ -768,11 +768,11 @@ dns_resolve_impl,(edge_connection_t *exitconn, int is_resolve, if (!is_reverse || !is_resolve) { if (!is_reverse) - log_info(LD_EXIT, "Bad .in-addr.arpa address \"%s\"; sending error.", + log_info(LD_EXIT, "Bad .in-addr.arpa address %s; sending error.", escaped_safe_str(exitconn->base_.address)); else if (!is_resolve) log_info(LD_EXIT, - "Attempt to connect to a .in-addr.arpa address \"%s\"; " + "Attempt to connect to a .in-addr.arpa address %s; " "sending error.", escaped_safe_str(exitconn->base_.address)); diff --git a/src/feature/relay/ext_orport.c b/src/feature/relay/ext_orport.c index 3dd884932e..89b287b0b4 100644 --- a/src/feature/relay/ext_orport.c +++ b/src/feature/relay/ext_orport.c @@ -656,19 +656,6 @@ connection_ext_or_start_auth(or_connection_t *or_conn) return 0; } -/** Creates an Extended ORPort identifier for <b>conn</b> and deposits - * it into the global list of identifiers. */ -void -connection_or_set_ext_or_identifier(or_connection_t *conn) -{ - char random_id[EXT_OR_CONN_ID_LEN]; - - if (!conn->ext_or_conn_id) - conn->ext_or_conn_id = tor_malloc_zero(EXT_OR_CONN_ID_LEN); - - memcpy(conn->ext_or_conn_id, random_id, EXT_OR_CONN_ID_LEN); -} - /** Free any leftover allocated memory of the ext_orport.c subsystem. */ void ext_orport_free_all(void) diff --git a/src/feature/relay/ext_orport.h b/src/feature/relay/ext_orport.h index 722dc3787c..5a9063d005 100644 --- a/src/feature/relay/ext_orport.h +++ b/src/feature/relay/ext_orport.h @@ -35,7 +35,6 @@ int connection_ext_or_start_auth(or_connection_t *or_conn); -void connection_or_set_ext_or_identifier(or_connection_t *conn); int connection_ext_or_finished_flushing(or_connection_t *conn); int connection_ext_or_process_inbuf(or_connection_t *or_conn); char *get_ext_or_auth_cookie_file_name(void); @@ -67,9 +66,6 @@ connection_ext_or_process_inbuf(or_connection_t *conn) tor_assert_nonfatal_unreached(); return -1; } -#define connection_or_set_ext_or_identifier(conn) \ - ((void)(conn)) - #define get_ext_or_auth_cookie_file_name() \ (NULL) diff --git a/src/feature/relay/router.c b/src/feature/relay/router.c index bc98fd985c..dddc0b1de5 100644 --- a/src/feature/relay/router.c +++ b/src/feature/relay/router.c @@ -2554,8 +2554,6 @@ mark_my_descriptor_dirty_if_too_old(time_t now) rs = networkstatus_vote_find_entry(ns, server_identitykey_digest); if (rs == NULL) retry_fast_reason = "not listed in consensus"; - else if (rs->published_on < slow_cutoff) - retry_fast_reason = "version listed in consensus is quite old"; else if (rs->is_staledesc && ns->valid_after > desc_clean_since) retry_fast_reason = "listed as stale in consensus"; } diff --git a/src/feature/stats/rephist.c b/src/feature/stats/rephist.c index 52bd94aba9..5738259262 100644 --- a/src/feature/stats/rephist.c +++ b/src/feature/stats/rephist.c @@ -2114,7 +2114,7 @@ static overload_onionskin_assessment_t overload_onionskin_assessment; /** * We combine ntorv3 and ntor into the same stat, so we must - * use this function to covert the cell type to a stat index. + * use this function to convert the cell type to a stat index. */ static inline uint16_t onionskin_type_to_stat(uint16_t type) @@ -2137,7 +2137,7 @@ onionskin_type_to_stat(uint16_t type) * the stats are reset back to 0 and the assessment time period updated. * * This is called when a ntor handshake is _requested_ because we want to avoid - * to have an assymetric situation where requested counter is reset to 0 but + * to have an asymmetric situation where requested counter is reset to 0 but * then a drop happens leading to the drop counter being incremented while the * requested counter is 0. */ static void diff --git a/src/include.am b/src/include.am index 36d323e6eb..29a392a132 100644 --- a/src/include.am +++ b/src/include.am @@ -87,6 +87,5 @@ include src/app/include.am include src/test/include.am include src/tools/include.am -include src/win32/include.am include src/config/include.am include src/test/fuzz/include.am diff --git a/src/lib/crypt_ops/compat_openssl.h b/src/lib/crypt_ops/compat_openssl.h index 0f56f338b5..c5eccdb015 100644 --- a/src/lib/crypt_ops/compat_openssl.h +++ b/src/lib/crypt_ops/compat_openssl.h @@ -20,32 +20,36 @@ * \brief compatibility definitions for working with different openssl forks **/ -#if !defined(LIBRESSL_VERSION_NUMBER) && \ - OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(1,0,1) +#if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(1,0,1) #error "We require OpenSSL >= 1.0.1" #endif -#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0) && \ - ! defined(LIBRESSL_VERSION_NUMBER) +#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0) /* We define this macro if we're trying to build with the majorly refactored * API in OpenSSL 1.1 */ #define OPENSSL_1_1_API #endif /* OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,0) && ... */ -#ifndef OPENSSL_1_1_API -#define OpenSSL_version(v) SSLeay_version(v) -#define tor_OpenSSL_version_num() SSLeay() +/* LibreSSL claims to be OpenSSL 2.0 but lacks these OpenSSL 1.1 APIs */ +#if !defined(OPENSSL_1_1_API) || defined(LIBRESSL_VERSION_NUMBER) #define RAND_OpenSSL() RAND_SSLeay() #define STATE_IS_SW_SERVER_HELLO(st) \ (((st) == SSL3_ST_SW_SRVR_HELLO_A) || \ ((st) == SSL3_ST_SW_SRVR_HELLO_B)) #define OSSL_HANDSHAKE_STATE int #define CONST_IF_OPENSSL_1_1_API -#else /* defined(OPENSSL_1_1_API) */ -#define tor_OpenSSL_version_num() OpenSSL_version_num() +#else #define STATE_IS_SW_SERVER_HELLO(st) \ ((st) == TLS_ST_SW_SRVR_HELLO) #define CONST_IF_OPENSSL_1_1_API const +#endif + +/* OpenSSL 1.1 and LibreSSL both have these APIs */ +#ifndef OPENSSL_1_1_API +#define OpenSSL_version(v) SSLeay_version(v) +#define tor_OpenSSL_version_num() SSLeay() +#else /* defined(OPENSSL_1_1_API) */ +#define tor_OpenSSL_version_num() OpenSSL_version_num() #endif /* !defined(OPENSSL_1_1_API) */ #endif /* defined(ENABLE_OPENSSL) */ diff --git a/src/lib/crypt_ops/crypto_openssl_mgt.h b/src/lib/crypt_ops/crypto_openssl_mgt.h index c6f63ffa08..96a37721dd 100644 --- a/src/lib/crypt_ops/crypto_openssl_mgt.h +++ b/src/lib/crypt_ops/crypto_openssl_mgt.h @@ -54,8 +54,7 @@ #define DISABLE_ENGINES #endif -#if OPENSSL_VERSION_NUMBER >= OPENSSL_VER(1,1,0,0,5) && \ - !defined(LIBRESSL_VERSION_NUMBER) +#if OPENSSL_VERSION_NUMBER >= OPENSSL_VER(1,1,0,0,5) /* OpenSSL as of 1.1.0pre4 has an "new" thread API, which doesn't require * setting up various callbacks. * diff --git a/src/lib/crypt_ops/crypto_rsa_openssl.c b/src/lib/crypt_ops/crypto_rsa_openssl.c index a21c4a65cf..544d72e6ca 100644 --- a/src/lib/crypt_ops/crypto_rsa_openssl.c +++ b/src/lib/crypt_ops/crypto_rsa_openssl.c @@ -572,7 +572,9 @@ static bool rsa_private_key_too_long(RSA *rsa, int max_bits) { const BIGNUM *n, *e, *p, *q, *d, *dmp1, *dmq1, *iqmp; -#ifdef OPENSSL_1_1_API +#if defined(OPENSSL_1_1_API) && \ + (!defined(LIBRESSL_VERSION_NUMBER) || \ + LIBRESSL_VERSION_NUMBER >= OPENSSL_V_SERIES(3,5,0)) #if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,1,1) n = RSA_get0_n(rsa); @@ -591,7 +593,7 @@ rsa_private_key_too_long(RSA *rsa, int max_bits) if (RSA_bits(rsa) > max_bits) return true; -#else /* !defined(OPENSSL_1_1_API) */ +#else /* !defined(OPENSSL_1_1_API) && ... */ n = rsa->n; e = rsa->e; p = rsa->p; @@ -600,7 +602,7 @@ rsa_private_key_too_long(RSA *rsa, int max_bits) dmp1 = rsa->dmp1; dmq1 = rsa->dmq1; iqmp = rsa->iqmp; -#endif /* defined(OPENSSL_1_1_API) */ +#endif /* defined(OPENSSL_1_1_API) && ... */ if (n && BN_num_bits(n) > max_bits) return true; diff --git a/src/lib/dispatch/dispatch_cfg_st.h b/src/lib/dispatch/dispatch_cfg_st.h index 636f2e6df5..503d13e010 100644 --- a/src/lib/dispatch/dispatch_cfg_st.h +++ b/src/lib/dispatch/dispatch_cfg_st.h @@ -24,9 +24,9 @@ struct dispatch_cfg_t { struct smartlist_t *type_by_msg; /** A list of channel_id_t (cast to void*), indexed by msg_t. */ struct smartlist_t *chan_by_msg; - /** A list of dispatch_rcv_t, indexed by msg_type_id_t. */ + /** A list of dispatch_typefns_t, indexed by msg_type_id_t. */ struct smartlist_t *fns_by_type; - /** A list of dispatch_typefns_t, indexed by msg_t. */ + /** A list of dispatch_rcv_t, indexed by msg_t. */ struct smartlist_t *recv_by_msg; }; diff --git a/src/lib/geoip/geoip.c b/src/lib/geoip/geoip.c index 686040613d..f13354dbe1 100644 --- a/src/lib/geoip/geoip.c +++ b/src/lib/geoip/geoip.c @@ -387,7 +387,7 @@ geoip_load_file(sa_family_t family, const char *filename, int severity) * be less than geoip_get_n_countries(). To decode it, call * geoip_get_country_name(). */ -int +STATIC int geoip_get_country_by_ipv4(uint32_t ipaddr) { geoip_ipv4_entry_t *ent; @@ -403,7 +403,7 @@ geoip_get_country_by_ipv4(uint32_t ipaddr) * 0 for the 'unknown country'. The return value will always be less than * geoip_get_n_countries(). To decode it, call geoip_get_country_name(). */ -int +STATIC int geoip_get_country_by_ipv6(const struct in6_addr *addr) { geoip_ipv6_entry_t *ent; diff --git a/src/lib/geoip/geoip.h b/src/lib/geoip/geoip.h index 764ed1d5a5..e68573fd1a 100644 --- a/src/lib/geoip/geoip.h +++ b/src/lib/geoip/geoip.h @@ -21,14 +21,14 @@ #ifdef GEOIP_PRIVATE STATIC int geoip_parse_entry(const char *line, sa_family_t family); STATIC void clear_geoip_db(void); + +STATIC int geoip_get_country_by_ipv4(uint32_t ipaddr); +STATIC int geoip_get_country_by_ipv6(const struct in6_addr *addr); #endif /* defined(GEOIP_PRIVATE) */ struct in6_addr; struct tor_addr_t; -int geoip_get_country_by_ipv4(uint32_t ipaddr); -int geoip_get_country_by_ipv6(const struct in6_addr *addr); - /** A per-country GeoIP record. */ typedef struct geoip_country_t { /** A nul-terminated two-letter country-code. */ diff --git a/src/lib/malloc/malloc.h b/src/lib/malloc/malloc.h index cc031f843a..48a3ac32cf 100644 --- a/src/lib/malloc/malloc.h +++ b/src/lib/malloc/malloc.h @@ -11,6 +11,7 @@ #ifndef TOR_UTIL_MALLOC_H #define TOR_UTIL_MALLOC_H +#include <assert.h> #include <stddef.h> #include <stdlib.h> #include "lib/cc/compat_compiler.h" @@ -45,6 +46,9 @@ void tor_free_(void *mem); #ifdef __GNUC__ #define tor_free(p) STMT_BEGIN \ typeof(&(p)) tor_free__tmpvar = &(p); \ + _Static_assert(!__builtin_types_compatible_p(typeof(*tor_free__tmpvar), \ + struct event *), \ + "use tor_event_free for struct event *"); \ raw_free(*tor_free__tmpvar); \ *tor_free__tmpvar=NULL; \ STMT_END diff --git a/src/lib/sandbox/sandbox.c b/src/lib/sandbox/sandbox.c index cc00d2048f..7c024d7e37 100644 --- a/src/lib/sandbox/sandbox.c +++ b/src/lib/sandbox/sandbox.c @@ -141,10 +141,12 @@ static sandbox_cfg_t *filter_dynamic = NULL; * the high bits of the value might get masked out improperly. */ #define SCMP_CMP_MASKED(a,b,c) \ SCMP_CMP4((a), SCMP_CMP_MASKED_EQ, ~(scmp_datum_t)(b), (c)) -/* For negative constants, the rule to add depends on the glibc version. */ -#define SCMP_CMP_NEG(a,op,b) (libc_negative_constant_needs_cast() ? \ - (SCMP_CMP((a), (op), (unsigned int)(b))) : \ - (SCMP_CMP_STR((a), (op), (b)))) +/* Negative constants aren't consistently sign extended or zero extended. + * Different compilers, libc, and architectures behave differently. For cases + * where the kernel ABI uses a 32 bit integer, this macro can be used to + * mask-compare only the lower 32 bits of the value. */ +#define SCMP_CMP_LOWER32_EQ(a,b) \ + SCMP_CMP4((a), SCMP_CMP_MASKED_EQ, 0xFFFFFFFF, (unsigned int)(b)) /** Variable used for storing all syscall numbers that will be allowed with the * stage 1 general Tor sandbox. @@ -516,14 +518,6 @@ libc_uses_openat_for_opendir(void) (is_libc_at_least(2, 15) && !is_libc_at_least(2, 22)); } -/* Return true if we think we're running with a libc that needs to cast - * negative arguments like AT_FDCWD for seccomp rules. */ -static int -libc_negative_constant_needs_cast(void) -{ - return is_libc_at_least(2, 27); -} - /** Allow a single file to be opened. If <b>use_openat</b> is true, * we're using a libc that remaps all the opens into openats. */ static int @@ -531,7 +525,7 @@ allow_file_open(scmp_filter_ctx ctx, int use_openat, const char *file) { if (use_openat) { return seccomp_rule_add_2(ctx, SCMP_ACT_ALLOW, SCMP_SYS(openat), - SCMP_CMP_NEG(0, SCMP_CMP_EQ, AT_FDCWD), + SCMP_CMP_LOWER32_EQ(0, AT_FDCWD), SCMP_CMP_STR(1, SCMP_CMP_EQ, file)); } else { return seccomp_rule_add_1(ctx, SCMP_ACT_ALLOW, SCMP_SYS(open), @@ -612,6 +606,32 @@ sb_chmod(scmp_filter_ctx ctx, sandbox_cfg_t *filter) return 0; } +static int +sb_fchmodat(scmp_filter_ctx ctx, sandbox_cfg_t *filter) +{ + int rc; + sandbox_cfg_t *elem = NULL; + + // for each dynamic parameter filters + for (elem = filter; elem != NULL; elem = elem->next) { + smp_param_t *param = elem->param; + + if (param != NULL && param->prot == 1 && param->syscall + == SCMP_SYS(fchmodat)) { + rc = seccomp_rule_add_2(ctx, SCMP_ACT_ALLOW, SCMP_SYS(fchmodat), + SCMP_CMP_LOWER32_EQ(0, AT_FDCWD), + SCMP_CMP_STR(1, SCMP_CMP_EQ, param->value)); + if (rc != 0) { + log_err(LD_BUG,"(Sandbox) failed to add fchmodat syscall, received " + "libseccomp error %d", rc); + return rc; + } + } + } + + return 0; +} + #ifdef __i386__ static int sb_chown32(scmp_filter_ctx ctx, sandbox_cfg_t *filter) @@ -664,6 +684,32 @@ sb_chown(scmp_filter_ctx ctx, sandbox_cfg_t *filter) } #endif /* defined(__i386__) */ +static int +sb_fchownat(scmp_filter_ctx ctx, sandbox_cfg_t *filter) +{ + int rc; + sandbox_cfg_t *elem = NULL; + + // for each dynamic parameter filters + for (elem = filter; elem != NULL; elem = elem->next) { + smp_param_t *param = elem->param; + + if (param != NULL && param->prot == 1 && param->syscall + == SCMP_SYS(fchownat)) { + rc = seccomp_rule_add_2(ctx, SCMP_ACT_ALLOW, SCMP_SYS(fchownat), + SCMP_CMP_LOWER32_EQ(0, AT_FDCWD), + SCMP_CMP_STR(1, SCMP_CMP_EQ, param->value)); + if (rc != 0) { + log_err(LD_BUG,"(Sandbox) failed to add fchownat syscall, received " + "libseccomp error %d", rc); + return rc; + } + } + } + + return 0; +} + /** * Function responsible for setting up the rename syscall for * the seccomp filter sandbox. @@ -696,6 +742,39 @@ sb_rename(scmp_filter_ctx ctx, sandbox_cfg_t *filter) } /** + * Function responsible for setting up the renameat syscall for + * the seccomp filter sandbox. + */ +static int +sb_renameat(scmp_filter_ctx ctx, sandbox_cfg_t *filter) +{ + int rc; + sandbox_cfg_t *elem = NULL; + + // for each dynamic parameter filters + for (elem = filter; elem != NULL; elem = elem->next) { + smp_param_t *param = elem->param; + + if (param != NULL && param->prot == 1 && + param->syscall == SCMP_SYS(renameat)) { + + rc = seccomp_rule_add_4(ctx, SCMP_ACT_ALLOW, SCMP_SYS(renameat), + SCMP_CMP_LOWER32_EQ(0, AT_FDCWD), + SCMP_CMP_STR(1, SCMP_CMP_EQ, param->value), + SCMP_CMP_LOWER32_EQ(2, AT_FDCWD), + SCMP_CMP_STR(3, SCMP_CMP_EQ, param->value2)); + if (rc != 0) { + log_err(LD_BUG,"(Sandbox) failed to add renameat syscall, received " + "libseccomp error %d", rc); + return rc; + } + } + } + + return 0; +} + +/** * Function responsible for setting up the openat syscall for * the seccomp filter sandbox. */ @@ -712,7 +791,7 @@ sb_openat(scmp_filter_ctx ctx, sandbox_cfg_t *filter) if (param != NULL && param->prot == 1 && param->syscall == SCMP_SYS(openat)) { rc = seccomp_rule_add_3(ctx, SCMP_ACT_ALLOW, SCMP_SYS(openat), - SCMP_CMP_NEG(0, SCMP_CMP_EQ, AT_FDCWD), + SCMP_CMP_LOWER32_EQ(0, AT_FDCWD), SCMP_CMP_STR(1, SCMP_CMP_EQ, param->value), SCMP_CMP(2, SCMP_CMP_EQ, O_RDONLY|O_NONBLOCK|O_LARGEFILE|O_DIRECTORY| O_CLOEXEC)); @@ -1315,7 +1394,9 @@ static sandbox_filter_func_t filter_func[] = { #else sb_chown, #endif + sb_fchownat, sb_chmod, + sb_fchmodat, sb_open, sb_openat, sb_opendir, @@ -1323,6 +1404,7 @@ static sandbox_filter_func_t filter_func[] = { sb_ptrace, #endif sb_rename, + sb_renameat, #ifdef __NR_fcntl64 sb_fcntl64, #endif @@ -1590,10 +1672,24 @@ new_element(int syscall, char *value) #ifdef __i386__ #define SCMP_chown SCMP_SYS(chown32) +#elif defined(__aarch64__) && defined(__LP64__) +#define SCMP_chown SCMP_SYS(fchownat) #else #define SCMP_chown SCMP_SYS(chown) #endif +#if defined(__aarch64__) && defined(__LP64__) +#define SCMP_chmod SCMP_SYS(fchmodat) +#else +#define SCMP_chmod SCMP_SYS(chmod) +#endif + +#if defined(__aarch64__) && defined(__LP64__) +#define SCMP_rename SCMP_SYS(renameat) +#else +#define SCMP_rename SCMP_SYS(rename) +#endif + #ifdef __NR_stat64 #define SCMP_stat SCMP_SYS(stat64) #else @@ -1631,7 +1727,7 @@ sandbox_cfg_allow_chmod_filename(sandbox_cfg_t **cfg, char *file) { sandbox_cfg_t *elem = NULL; - elem = new_element(SCMP_SYS(chmod), file); + elem = new_element(SCMP_chmod, file); elem->next = *cfg; *cfg = elem; @@ -1657,7 +1753,7 @@ sandbox_cfg_allow_rename(sandbox_cfg_t **cfg, char *file1, char *file2) { sandbox_cfg_t *elem = NULL; - elem = new_element2(SCMP_SYS(rename), file1, file2); + elem = new_element2(SCMP_rename, file1, file2); elem->next = *cfg; *cfg = elem; diff --git a/src/test/Makefile.nmake b/src/test/Makefile.nmake deleted file mode 100644 index ca6a84cf8a..0000000000 --- a/src/test/Makefile.nmake +++ /dev/null @@ -1,35 +0,0 @@ -all: test.exe bench.exe - -CFLAGS = /I ..\win32 /I ..\..\..\build-alpha\include /I ..\common /I ..\or \ - /I ..\ext - -LIBS = ..\..\..\build-alpha\lib\libevent.lib \ - ..\..\..\build-alpha\lib\libcrypto.lib \ - ..\..\..\build-alpha\lib\libssl.lib \ - ..\..\..\build-alpha\lib\libz.lib \ - ..\or\libtor.lib \ - ws2_32.lib advapi32.lib shell32.lib \ - crypt32.lib gdi32.lib user32.lib - -TEST_OBJECTS = test.obj test_addr.obj test_channel.obj test_channeltls.obj \ - test_consdiff.obj test_containers.obj \ - test_controller_events.obj test_crypto.obj test_data.obj test_dir.obj \ - test_checkdir.obj test_microdesc.obj test_pt.obj test_util.obj \ - test_config.obj test_connection.obj \ - test_cell_formats.obj test_relay.obj test_replay.obj \ - test_channelpadding.obj \ - test_circuitstats.obj \ - test_circuitpadding.obj \ - test_scheduler.obj test_introduce.obj test_hs.obj tinytest.obj - -tinytest.obj: ..\ext\tinytest.c - $(CC) $(CFLAGS) /D snprintf=_snprintf /c ..\ext\tinytest.c - -test.exe: $(TEST_OBJECTS) - $(CC) $(CFLAGS) $(LIBS) ..\common\*.lib $(TEST_OBJECTS) /Fe$@ - -bench.exe: bench.obj - $(CC) $(CFLAGS) bench.obj $(LIBS) ..\common\*.lib /Fe$@ - -clean: - del *.obj *.lib test.exe bench.exe diff --git a/src/test/test_connection.c b/src/test/test_connection.c index fbf9d6a5ab..ed94fe8aaa 100644 --- a/src/test/test_connection.c +++ b/src/test/test_connection.c @@ -22,6 +22,7 @@ #include "feature/dircommon/directory.h" #include "core/or/connection_or.h" #include "lib/net/resolve.h" +#include "lib/evloop/compat_libevent.h" #include "test/test_connection.h" #include "test/test_helpers.h" @@ -113,14 +114,8 @@ test_conn_get_basic_teardown(const struct testcase_t *tc, void *arg) /* We didn't call tor_libevent_initialize(), so event_base was NULL, * so we can't rely on connection_unregister_events() use of event_del(). */ - if (conn->linked_conn->read_event) { - tor_free(conn->linked_conn->read_event); - conn->linked_conn->read_event = NULL; - } - if (conn->linked_conn->write_event) { - tor_free(conn->linked_conn->write_event); - conn->linked_conn->write_event = NULL; - } + tor_event_free(conn->linked_conn->read_event); + tor_event_free(conn->linked_conn->write_event); if (!conn->linked_conn->marked_for_close) { connection_close_immediate(conn->linked_conn); @@ -142,14 +137,8 @@ test_conn_get_basic_teardown(const struct testcase_t *tc, void *arg) /* We didn't set the events up properly, so we can't use event_del() in * close_closeable_connections() > connection_free() * > connection_unregister_events() */ - if (conn->read_event) { - tor_free(conn->read_event); - conn->read_event = NULL; - } - if (conn->write_event) { - tor_free(conn->write_event); - conn->write_event = NULL; - } + tor_event_free(conn->read_event); + tor_event_free(conn->write_event); if (!conn->marked_for_close) { connection_close_immediate(conn); diff --git a/src/test/test_dir.c b/src/test/test_dir.c index 186e09f236..248fd8ab5d 100644 --- a/src/test/test_dir.c +++ b/src/test/test_dir.c @@ -2971,7 +2971,7 @@ test_vrs_for_v3ns(vote_routerstatus_t *vrs, int voter, time_t now) (voter == 1)) { /* Check the first routerstatus. */ tt_str_op(vrs->version,OP_EQ, "0.1.2.14"); - tt_int_op(rs->published_on,OP_EQ, now-1500); + tt_int_op(vrs->published_on,OP_EQ, now-1500); tt_str_op(rs->nickname,OP_EQ, "router2"); tt_mem_op(rs->identity_digest,OP_EQ, "\x3\x3\x3\x3\x3\x3\x3\x3\x3\x3\x3\x3\x3\x3\x3\x3" @@ -2996,7 +2996,7 @@ test_vrs_for_v3ns(vote_routerstatus_t *vrs, int voter, time_t now) if (voter == 1) { /* Check the second routerstatus. */ tt_str_op(vrs->version,OP_EQ, "0.2.0.5"); - tt_int_op(rs->published_on,OP_EQ, now-1000); + tt_int_op(vrs->published_on,OP_EQ, now-1000); tt_str_op(rs->nickname,OP_EQ, "router1"); } tt_mem_op(rs->descriptor_digest,OP_EQ, "MMMMMMMMMMMMMMMMMMMM", DIGEST_LEN); @@ -3057,6 +3057,7 @@ test_consensus_for_v3ns(networkstatus_t *con, time_t now) static void test_routerstatus_for_v3ns(routerstatus_t *rs, time_t now) { + (void)now; tor_addr_t addr_ipv6; tt_assert(rs); @@ -3093,7 +3094,6 @@ test_routerstatus_for_v3ns(routerstatus_t *rs, time_t now) DIGEST_LEN); tt_str_op(rs->nickname,OP_EQ, "router1"); tt_mem_op(rs->descriptor_digest,OP_EQ, "MMMMMMMMMMMMMMMMMMMM", DIGEST_LEN); - tt_int_op(rs->published_on,OP_EQ, now-1000); tt_assert(tor_addr_eq_ipv4h(&rs->ipv4_addr, 0x99009901)); tt_int_op(rs->ipv4_orport,OP_EQ, 443); tt_int_op(rs->ipv4_dirport,OP_EQ, 0); @@ -3968,7 +3968,7 @@ gen_routerstatus_for_umbw(int idx, time_t now) vrs = tor_malloc_zero(sizeof(vote_routerstatus_t)); rs = &vrs->status; vrs->version = tor_strdup("0.1.2.14"); - rs->published_on = now-1500; + vrs->published_on = now-1500; strlcpy(rs->nickname, "router2", sizeof(rs->nickname)); memset(rs->identity_digest, 3, DIGEST_LEN); memset(rs->descriptor_digest, 78, DIGEST_LEN); @@ -3993,7 +3993,7 @@ gen_routerstatus_for_umbw(int idx, time_t now) vrs = tor_malloc_zero(sizeof(vote_routerstatus_t)); rs = &vrs->status; vrs->version = tor_strdup("0.2.0.5"); - rs->published_on = now-1000; + vrs->published_on = now-1000; strlcpy(rs->nickname, "router1", sizeof(rs->nickname)); memset(rs->identity_digest, 5, DIGEST_LEN); memset(rs->descriptor_digest, 77, DIGEST_LEN); @@ -4020,7 +4020,7 @@ gen_routerstatus_for_umbw(int idx, time_t now) vrs = tor_malloc_zero(sizeof(vote_routerstatus_t)); rs = &vrs->status; vrs->version = tor_strdup("0.1.0.3"); - rs->published_on = now-1000; + vrs->published_on = now-1000; strlcpy(rs->nickname, "router3", sizeof(rs->nickname)); memset(rs->identity_digest, 0x33, DIGEST_LEN); memset(rs->descriptor_digest, 79, DIGEST_LEN); @@ -4046,7 +4046,7 @@ gen_routerstatus_for_umbw(int idx, time_t now) vrs = tor_malloc_zero(sizeof(vote_routerstatus_t)); rs = &vrs->status; vrs->version = tor_strdup("0.1.6.3"); - rs->published_on = now-1000; + vrs->published_on = now-1000; strlcpy(rs->nickname, "router4", sizeof(rs->nickname)); memset(rs->identity_digest, 0x34, DIGEST_LEN); memset(rs->descriptor_digest, 47, DIGEST_LEN); @@ -4146,7 +4146,7 @@ test_vrs_for_umbw(vote_routerstatus_t *vrs, int voter, time_t now) * cutoff. */ tt_str_op(vrs->version,OP_EQ, "0.1.2.14"); - tt_int_op(rs->published_on,OP_EQ, now-1500); + tt_int_op(vrs->published_on,OP_EQ, now-1500); tt_str_op(rs->nickname,OP_EQ, "router2"); tt_mem_op(rs->identity_digest,OP_EQ, "\x3\x3\x3\x3\x3\x3\x3\x3\x3\x3" @@ -4170,7 +4170,7 @@ test_vrs_for_umbw(vote_routerstatus_t *vrs, int voter, time_t now) * cutoff. */ tt_str_op(vrs->version,OP_EQ, "0.2.0.5"); - tt_int_op(rs->published_on,OP_EQ, now-1000); + tt_int_op(vrs->published_on,OP_EQ, now-1000); tt_str_op(rs->nickname,OP_EQ, "router1"); tt_mem_op(rs->identity_digest,OP_EQ, "\x5\x5\x5\x5\x5\x5\x5\x5\x5\x5" @@ -4245,6 +4245,7 @@ test_consensus_for_umbw(networkstatus_t *con, time_t now) static void test_routerstatus_for_umbw(routerstatus_t *rs, time_t now) { + (void)now; tor_addr_t addr_ipv6; uint32_t max_unmeasured_bw_kb = (alternate_clip_bw > 0) ? alternate_clip_bw : DEFAULT_MAX_UNMEASURED_BW_KB; @@ -4285,7 +4286,6 @@ test_routerstatus_for_umbw(routerstatus_t *rs, time_t now) DIGEST_LEN); tt_str_op(rs->nickname,OP_EQ, "router1"); tt_mem_op(rs->descriptor_digest,OP_EQ, "MMMMMMMMMMMMMMMMMMMM", DIGEST_LEN); - tt_int_op(rs->published_on,OP_EQ, now-1000); tt_assert(tor_addr_eq_ipv4h(&rs->ipv4_addr, 0x99009901)); tt_int_op(rs->ipv4_orport,OP_EQ, 443); tt_int_op(rs->ipv4_dirport,OP_EQ, 0); @@ -4385,7 +4385,6 @@ test_dir_fmt_control_ns(void *arg) (void)arg; memset(&rs, 0, sizeof(rs)); - rs.published_on = 1364925198; strlcpy(rs.nickname, "TetsuoMilk", sizeof(rs.nickname)); memcpy(rs.identity_digest, "Stately, plump Buck ", DIGEST_LEN); memcpy(rs.descriptor_digest, "Mulligan came up fro", DIGEST_LEN); @@ -4403,7 +4402,7 @@ test_dir_fmt_control_ns(void *arg) tt_assert(s); tt_str_op(s, OP_EQ, "r TetsuoMilk U3RhdGVseSwgcGx1bXAgQnVjayA " - "TXVsbGlnYW4gY2FtZSB1cCBmcm8 2013-04-02 17:53:18 " + "TXVsbGlnYW4gY2FtZSB1cCBmcm8 2038-01-01 00:00:00 " "32.48.64.80 9001 9002\n" "s Exit Fast Running V2Dir\n" "w Bandwidth=1000\n"); diff --git a/src/test/test_dir_common.c b/src/test/test_dir_common.c index 201ea900ff..50ba32b562 100644 --- a/src/test/test_dir_common.c +++ b/src/test/test_dir_common.c @@ -93,7 +93,7 @@ dir_common_gen_routerstatus_for_v3ns(int idx, time_t now) vrs = tor_malloc_zero(sizeof(vote_routerstatus_t)); rs = &vrs->status; vrs->version = tor_strdup("0.1.2.14"); - rs->published_on = now-1500; + vrs->published_on = now-1500; strlcpy(rs->nickname, "router2", sizeof(rs->nickname)); memset(rs->identity_digest, TEST_DIR_ROUTER_ID_1, DIGEST_LEN); memset(rs->descriptor_digest, TEST_DIR_ROUTER_DD_1, DIGEST_LEN); @@ -111,7 +111,7 @@ dir_common_gen_routerstatus_for_v3ns(int idx, time_t now) vrs = tor_malloc_zero(sizeof(vote_routerstatus_t)); rs = &vrs->status; vrs->version = tor_strdup("0.2.0.5"); - rs->published_on = now-1000; + vrs->published_on = now-1000; strlcpy(rs->nickname, "router1", sizeof(rs->nickname)); memset(rs->identity_digest, TEST_DIR_ROUTER_ID_2, DIGEST_LEN); memset(rs->descriptor_digest, TEST_DIR_ROUTER_DD_2, DIGEST_LEN); @@ -130,7 +130,7 @@ dir_common_gen_routerstatus_for_v3ns(int idx, time_t now) vrs = tor_malloc_zero(sizeof(vote_routerstatus_t)); rs = &vrs->status; vrs->version = tor_strdup("0.1.0.3"); - rs->published_on = now-1000; + vrs->published_on = now-1000; strlcpy(rs->nickname, "router3", sizeof(rs->nickname)); memset(rs->identity_digest, TEST_DIR_ROUTER_ID_3, DIGEST_LEN); memset(rs->descriptor_digest, TEST_DIR_ROUTER_DD_3, DIGEST_LEN); @@ -147,7 +147,7 @@ dir_common_gen_routerstatus_for_v3ns(int idx, time_t now) vrs = tor_malloc_zero(sizeof(vote_routerstatus_t)); rs = &vrs->status; vrs->version = tor_strdup("0.1.6.3"); - rs->published_on = now-1000; + vrs->published_on = now-1000; strlcpy(rs->nickname, "router4", sizeof(rs->nickname)); memset(rs->identity_digest, TEST_DIR_ROUTER_ID_4, DIGEST_LEN); memset(rs->descriptor_digest, TEST_DIR_ROUTER_DD_4, DIGEST_LEN); diff --git a/src/test/test_nodelist.c b/src/test/test_nodelist.c index 250db9a964..ecd29f5464 100644 --- a/src/test/test_nodelist.c +++ b/src/test/test_nodelist.c @@ -1273,7 +1273,6 @@ test_nodelist_routerstatus_has_visibly_changed(void *arg) memcpy(rs_orig.descriptor_digest, "abcdefghijklmnopqrst", 20); tor_addr_from_ipv4h(&rs_orig.ipv4_addr, 0x7f000001); rs_orig.ipv4_orport = 3; - rs_orig.published_on = time(NULL); rs_orig.has_bandwidth = 1; rs_orig.bandwidth_kb = 20; @@ -1284,9 +1283,9 @@ test_nodelist_routerstatus_has_visibly_changed(void *arg) tor_free(fmt); \ fmt_orig = routerstatus_format_entry(&rs_orig, NULL, NULL, \ NS_CONTROL_PORT, \ - NULL); \ + NULL, -1); \ fmt = routerstatus_format_entry(&rs, NULL, NULL, NS_CONTROL_PORT, \ - NULL); \ + NULL, -1); \ tt_assert(fmt_orig); \ tt_assert(fmt); \ STMT_END @@ -1322,9 +1321,6 @@ test_nodelist_routerstatus_has_visibly_changed(void *arg) strlcpy(rs.nickname, "fr1end1y", sizeof(rs.nickname)); ASSERT_CHANGED(); - rs.published_on += 3600; - ASSERT_CHANGED(); - rs.ipv4_orport = 55; ASSERT_CHANGED(); diff --git a/src/test/test_router.c b/src/test/test_router.c index 15cc93fbfc..47084bba01 100644 --- a/src/test/test_router.c +++ b/src/test/test_router.c @@ -282,7 +282,6 @@ test_router_mark_if_too_old(void *arg) mock_ns = &ns; mock_ns->valid_after = now-3600; mock_rs = &rs; - mock_rs->published_on = now - 10; // no reason to mark this time. desc_clean_since = now-10; @@ -302,25 +301,14 @@ test_router_mark_if_too_old(void *arg) tt_i64_op(desc_clean_since, OP_EQ, 0); tt_str_op(desc_dirty_reason, OP_EQ, "time for new descriptor"); - // Version in consensus published a long time ago? We won't mark it - // if it's been clean for only a short time. desc_clean_since = now - 10; desc_dirty_reason = NULL; - mock_rs->published_on = now - 3600 * 96; mark_my_descriptor_dirty_if_too_old(now); tt_i64_op(desc_clean_since, OP_EQ, now - 10); - // ... but if it's been clean a while, we mark. - desc_clean_since = now - 2 * 3600; - mark_my_descriptor_dirty_if_too_old(now); - tt_i64_op(desc_clean_since, OP_EQ, 0); - tt_str_op(desc_dirty_reason, OP_EQ, - "version listed in consensus is quite old"); - - // same deal if we're marked stale. + // Version in consensus marked as stale? We'll mark it. desc_clean_since = now - 2 * 3600; desc_dirty_reason = NULL; - mock_rs->published_on = now - 10; mock_rs->is_staledesc = 1; mark_my_descriptor_dirty_if_too_old(now); tt_i64_op(desc_clean_since, OP_EQ, 0); diff --git a/src/test/test_voting_flags.c b/src/test/test_voting_flags.c index 457b0fa796..a5b1248cc1 100644 --- a/src/test/test_voting_flags.c +++ b/src/test/test_voting_flags.c @@ -40,7 +40,6 @@ setup_cfg(flag_vote_test_cfg_t *c) memset(c->ri.cache_info.signed_descriptor_digest, 0xee, DIGEST_LEN); c->ri.cache_info.published_on = c->now - 100; - c->expected.published_on = c->now - 100; tor_addr_from_ipv4h(&c->ri.ipv4_addr, 0x7f010105); tor_addr_from_ipv4h(&c->expected.ipv4_addr, 0x7f010105); @@ -65,7 +64,6 @@ check_result(flag_vote_test_cfg_t *c) dirauth_set_routerstatus_from_routerinfo(&rs, &c->node, &c->ri, c->now, 0, 0); - tt_i64_op(rs.published_on, OP_EQ, c->expected.published_on); tt_str_op(rs.nickname, OP_EQ, c->expected.nickname); // identity_digest and descriptor_digest are not set here. @@ -144,13 +142,11 @@ test_voting_flags_staledesc(void *arg) time_t now = cfg->now; cfg->ri.cache_info.published_on = now - DESC_IS_STALE_INTERVAL + 10; - cfg->expected.published_on = now - DESC_IS_STALE_INTERVAL + 10; // no change in expectations for is_staledesc if (!check_result(cfg)) goto done; cfg->ri.cache_info.published_on = now - DESC_IS_STALE_INTERVAL - 10; - cfg->expected.published_on = now - DESC_IS_STALE_INTERVAL - 10; cfg->expected.is_staledesc = 1; if (!check_result(cfg)) goto done; diff --git a/src/test/testing_common.c b/src/test/testing_common.c index 2fd424c07e..88d04e6082 100644 --- a/src/test/testing_common.c +++ b/src/test/testing_common.c @@ -244,14 +244,18 @@ void tinytest_postfork(void); void tinytest_prefork(void) { +#ifdef ENABLE_NSS free_pregenerated_keys(); +#endif subsystems_prefork(); } void tinytest_postfork(void) { subsystems_postfork(); +#ifdef ENABLE_NSS init_pregenerated_keys(); +#endif } static void diff --git a/src/tools/Makefile.nmake b/src/tools/Makefile.nmake deleted file mode 100644 index e223d9b135..0000000000 --- a/src/tools/Makefile.nmake +++ /dev/null @@ -1,22 +0,0 @@ -all: tor-resolve.exe tor-gencert.exe tor-print-ed-signing-cert.exe - -CFLAGS = /I ..\win32 /I ..\..\..\build-alpha\include /I ..\common /I ..\or - -LIBS = ..\..\..\build-alpha\lib\libevent.lib \ - ..\..\..\build-alpha\lib\libcrypto.lib \ - ..\..\..\build-alpha\lib\libssl.lib \ - ..\..\..\build-alpha\lib\libz.lib \ - ws2_32.lib advapi32.lib shell32.lib \ - crypt32.lib gdi32.lib user32.lib - -tor-gencert.exe: tor-gencert.obj - $(CC) $(CFLAGS) $(LIBS) ..\common\*.lib tor-gencert.obj - -tor-resolve.exe: tor-resolve.obj - $(CC) $(CFLAGS) $(LIBS) ..\common\*.lib tor-resolve.obj - -tor-print-ed-signing-cert.exe: tor-print-ed-signing-cert.obj - $(CC) $(CFLAGS) $(LIBS) ..\common\*.lib tor-print-ed-signing-cert.obj - -clean: - del *.obj *.lib *.exe diff --git a/src/win32/include.am b/src/win32/include.am deleted file mode 100644 index dad59af3ae..0000000000 --- a/src/win32/include.am +++ /dev/null @@ -1,3 +0,0 @@ - -EXTRA_DIST+= src/win32/orconfig.h - diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h deleted file mode 100644 index b6a6c69e49..0000000000 --- a/src/win32/orconfig.h +++ /dev/null @@ -1,242 +0,0 @@ -/* orconfig.h for Windows -- This file is *not* generated by autoconf. - * Instead, it has to be hand-edited to keep Win32 happy. - */ - -/* Windows-only defines. */ -#define CONFDIR "" - -/* Define to 1 if you have the <arpa/inet.h> header file. */ -#undef HAVE_ARPA_INET_H - -/* Define to 1 if you have the <assert.h> header file. */ -#define HAVE_ASSERT_H - -/* Define to 1 if you have the <ctype.h> header file. */ -#define HAVE_CTYPE_H - -/* Define to 1 if you have the <errno.h> header file. */ -#define HAVE_ERRNO_H - -/* Define to 1 if you have the <fcntl.h> header file. */ -#define HAVE_FCNTL_H - -/* Define to 1 if you have the `ftime' function. */ -#define HAVE_FTIME - -/* Define to 1 if you have the `gettimeofday' function. */ -#undef HAVE_GETTIMEOFDAY - -/* Define to 1 if you have the <grp.h> header file. */ -#undef HAVE_GRP_H - -/* Define to 1 if you have the `inet_aton' function. */ -#undef HAVE_INET_ATON - -/* Define to 1 if you have the <inttypes.h> header file. */ -/* #define HAVE_INTTYPES_H */ - -/* Define to 1 if you have the <limits.h> header file. */ -#define HAVE_LIMITS_H - -/* Define to 1 if you have the <machine/limits.h> header file. */ -#undef HAVE_MACHINE_LIMITS_H - -/* Define to 1 if you have the <memory.h> header file. */ -#define HAVE_MEMORY_H - -/* Define to 1 if you have the <netdb.h> header file. */ -#undef HAVE_NETDB_H - -/* Define to 1 if you have the <netinet/in.h> header file. */ -#undef HAVE_NETINET_IN_H - -/* Define to 1 if you have the <poll.h> header file. */ -#undef HAVE_POLL_H - -/* Define to 1 if you have the <pwd.h> header file. */ -#undef HAVE_PWD_H - -/* Define to 1 if you have the <signal.h> header file. */ -#define HAVE_SIGNAL_H - -/* Define to 1 if you have the `socketpair' function. */ -#undef HAVE_SOCKETPAIR - -/* Define to 1 if you have the <stdint.h> header file. */ -#undef HAVE_STDINT_H - -/* Define to 1 if you have the <stdlib.h> header file. */ -#define HAVE_STDLIB_H - -/* Define to 1 if you have the <strings.h> header file. */ -#undef HAVE_STRINGS_H - -/* Define to 1 if you have the <string.h> header file. */ -#define HAVE_STRING_H - -/* Define to 1 if you have the `strlcat' function. */ -#undef HAVE_STRLCAT - -/* Define to 1 if you have the `strlcpy' function. */ -#undef HAVE_STRLCPY - -/* Define to 1 if you have the `strptime' function. */ -#undef HAVE_STRPTIME - -/* Define to 1 if your timeval has a tv_sec element. */ -#define HAVE_STRUCT_TIMEVAL_TV_SEC -/* Change to #undef if you're using BCC */ - -/* Define to 1 if you have the <sys/fcntl.h> header file. */ -#undef HAVE_SYS_FCNTL_H - -/* Define to 1 if you have the <sys/ioctl.h> header file. */ -#undef HAVE_SYS_IOCTL_H - -/* Define to 1 if you have the <sys/limits.h> header file. */ -#undef HAVE_SYS_LIMITS_H - -/* Define to 1 if you have the <sys/poll.h> header file. */ -#undef HAVE_SYS_POLL_H - -/* Define to 1 if you have the <sys/socket.h> header file. */ -#undef HAVE_SYS_SOCKET_H - -/* Define to 1 if you have the <sys/stat.h> header file. */ -#define HAVE_SYS_STAT_H - -/* Define to 1 if you have the <sys/time.h> header file. */ -#undef HAVE_SYS_TIME_H - -/* Define to 1 if you have the <sys/types.h> header file. */ -#define HAVE_SYS_TYPES_H - -/* Define to 1 if you have the <sys/utime.h> header file. */ -#define HAVE_SYS_UTIME_H - -/* Define to 1 if you have the <sys/wait.h> header file. */ -#undef HAVE_SYS_WAIT_H - -/* Define to 1 if you have the <time.h> header file. */ -#define HAVE_TIME_H - -/* Define to 1 if you have the `uname' function. */ -#undef HAVE_UNAME - -/* Define to 1 if you have the <unistd.h> header file. */ -#undef HAVE_UNISTD_H - -/* Define to 1 if you have the `_vscprintf' function. */ -#define HAVE__VSCPRINTF 1 - -/* Define to 1 iff NULL is represented by a 0 in memory. */ -#define NULL_REP_IS_ZERO_BYTES 1 - -/* Define to 1 iff memset(0) sets doubles to 0.0 */ -#define DOUBLE_0_REP_IS_ZERO_BYTES 1 - -/* Name of package */ -#define PACKAGE "tor" - -/* Define to the address where bug reports for this package should be sent. */ -#undef PACKAGE_BUGREPORT - -/* Define to the full name of this package. */ -#undef PACKAGE_NAME - -/* Define to the full name and version of this package. */ -#undef PACKAGE_STRING - -/* Define to the one symbol short name of this package. */ -#undef PACKAGE_TARNAME - -/* Define to the version of this package. */ -#undef PACKAGE_VERSION - -/* The size of a `char', as computed by sizeof. */ -#define SIZEOF_CHAR 1 - -/* The size of a `int', as computed by sizeof. */ -#define SIZEOF_INT 4 - -/* The size of a `int16_t', as computed by sizeof. */ -#undef SIZEOF_INT16_T - -/* The size of a `int32_t', as computed by sizeof. */ -#undef SIZEOF_INT32_T - -/* The size of a `int64_t', as computed by sizeof. */ -#undef SIZEOF_INT64_T - -/* The size of a `int8_t', as computed by sizeof. */ -#undef SIZEOF_INT8_T - -/* The size of a `long', as computed by sizeof. */ -#define SIZEOF_LONG 4 - -/* The size of a `long long', as computed by sizeof. */ -#undef SIZEOF_LONG_LONG - -/* The size of `pid_t', as computed by sizeof. */ -#define SIZEOF_PID_T 0 - -/* The size of a `short', as computed by sizeof. */ -#define SIZEOF_SHORT 2 - -/* The size of a `time_t', as computed by sizeof. */ -#define SIZEOF_TIME_T 4 - -/* The size of a `uint16_t', as computed by sizeof. */ -#undef SIZEOF_UINT16_T - -/* The size of a `uint32_t', as computed by sizeof. */ -#undef SIZEOF_UINT32_T - -/* The size of a `uint64_t', as computed by sizeof. */ -#undef SIZEOF_UINT64_T - -/* The size of a `uint8_t', as computed by sizeof. */ -#undef SIZEOF_UINT8_T - -/* The size of a `void *', as computed by sizeof. */ -#define SIZEOF_VOID_P 4 - -/* The size of a `__int64', as computed by sizeof. */ -#define SIZEOF___INT64 8 - -/* The sizeof a size_t, as computed by sizeof. */ -#define SIZEOF_SIZE_T 4 - -/* Define to 1 if you have the ANSI C header files. */ -#define STDC_HEADERS - -/* Define to 1 iff unaligned int access is allowed */ -#define UNALIGNED_INT_ACCESS_OK - -/* Define to 1 iff we represent negative integers with two's complement */ -#define USING_TWOS_COMPLEMENT - -/* Version number of package */ -#define VERSION "0.4.7.9" - -#define HAVE_STRUCT_SOCKADDR_IN6 -#define HAVE_STRUCT_IN6_ADDR -#define RSHIFT_DOES_SIGN_EXTEND -#define FLEXIBLE_ARRAY_MEMBER 0 -#define SHARE_DATADIR "" -#define USE_CURVE25519_DONNA - -#define ENUM_VALS_ARE_SIGNED 1 - -#ifndef STDOUT_FILENO -#define STDOUT_FILENO 1 -#endif - -#ifndef STDERR_FILENO -#define STDERR_FILENO 2 -#endif - -#define WINVER 0x0501 -#define _WIN32_WINNT 0x0501 -#define WIN32_LEAN_AND_MEAN 1 - |