diff options
Diffstat (limited to 'src/app/main')
| -rw-r--r-- | src/app/main/include.am | 2 | ||||
| -rw-r--r-- | src/app/main/main.c | 50 | ||||
| -rw-r--r-- | src/app/main/risky_options.c | 35 | ||||
| -rw-r--r-- | src/app/main/risky_options.h | 17 | ||||
| -rw-r--r-- | src/app/main/shutdown.c | 2 | ||||
| -rw-r--r-- | src/app/main/subsysmgr.c | 2 | ||||
| -rw-r--r-- | src/app/main/subsystem_list.c | 7 |
7 files changed, 99 insertions, 16 deletions
diff --git a/src/app/main/include.am b/src/app/main/include.am index ea392a8581..576c750377 100644 --- a/src/app/main/include.am +++ b/src/app/main/include.am @@ -2,6 +2,7 @@ # ADD_C_FILE: INSERT SOURCES HERE. LIBTOR_APP_A_SOURCES += \ src/app/main/main.c \ + src/app/main/risky_options.c \ src/app/main/shutdown.c \ src/app/main/subsystem_list.c \ src/app/main/subsysmgr.c @@ -10,6 +11,7 @@ LIBTOR_APP_A_SOURCES += \ noinst_HEADERS += \ src/app/main/main.h \ src/app/main/ntmain.h \ + src/app/main/risky_options.h \ src/app/main/shutdown.h \ src/app/main/subsysmgr.h diff --git a/src/app/main/main.c b/src/app/main/main.c index fd166638db..56478a0f71 100644 --- a/src/app/main/main.c +++ b/src/app/main/main.c @@ -16,6 +16,7 @@ #include "app/config/quiet_level.h" #include "app/main/main.h" #include "app/main/ntmain.h" +#include "app/main/risky_options.h" #include "app/main/shutdown.h" #include "app/main/subsysmgr.h" #include "core/mainloop/connection.h" @@ -53,18 +54,21 @@ #include "feature/rend/rendcache.h" #include "feature/rend/rendservice.h" #include "feature/stats/predict_ports.h" +#include "feature/stats/bwhist.h" #include "feature/stats/rephist.h" #include "lib/compress/compress.h" #include "lib/buf/buffers.h" #include "lib/crypt_ops/crypto_rand.h" #include "lib/crypt_ops/crypto_s2k.h" #include "lib/net/resolve.h" +#include "lib/trace/trace.h" #include "lib/process/waitpid.h" #include "lib/pubsub/pubsub_build.h" #include "lib/meminfo/meminfo.h" #include "lib/osinfo/uname.h" +#include "lib/osinfo/libc.h" #include "lib/sandbox/sandbox.h" #include "lib/fs/lockfile.h" #include "lib/tls/tortls.h" @@ -295,7 +299,7 @@ process_signal(int sig) } #ifdef _WIN32 -/** Activate SIGINT on reciving a control signal in console */ +/** Activate SIGINT on receiving a control signal in console. */ static BOOL WINAPI process_win32_console_ctrl(DWORD ctrl_type) { @@ -335,16 +339,12 @@ dumpstats(int severity) SMARTLIST_FOREACH_BEGIN(get_connection_array(), connection_t *, conn) { int i = conn_sl_idx; tor_log(severity, LD_GENERAL, - "Conn %d (socket %d) type %d (%s), state %d (%s), created %d secs ago", - i, (int)conn->s, conn->type, conn_type_to_string(conn->type), - conn->state, conn_state_to_string(conn->type, conn->state), + "Conn %d (socket %d) is a %s, created %d secs ago", + i, (int)conn->s, + connection_describe(conn), (int)(now - conn->timestamp_created)); if (!connection_is_listener(conn)) { tor_log(severity,LD_GENERAL, - "Conn %d is to %s:%d.", i, - safe_str_client(conn->address), - conn->port); - tor_log(severity,LD_GENERAL, "Conn %d: %d bytes waiting on inbuf (len %d, last read %d secs ago)", i, (int)connection_get_inbuf_len(conn), @@ -539,6 +539,7 @@ tor_init(int argc, char *argv[]) { char progname[256]; quiet_level_t quiet = QUIET_NONE; + bool running_tor = false; time_of_process_start = time(NULL); tor_init_connection_lists(); @@ -548,6 +549,7 @@ tor_init(int argc, char *argv[]) /* Initialize the history structures. */ rep_hist_init(); + bwhist_init(); /* Initialize the service cache. */ rend_cache_init(); addressmap_init(); /* Init the client dns cache. Do it always, since it's @@ -561,8 +563,10 @@ tor_init(int argc, char *argv[]) whether we log anything at all to stdout. */ parsed_cmdline_t *cmdline; cmdline = config_parse_commandline(argc, argv, 1); - if (cmdline) + if (cmdline) { quiet = cmdline->quiet_level; + running_tor = (cmdline->command == CMD_RUN_TOR); + } parsed_cmdline_free(cmdline); } @@ -574,7 +578,8 @@ tor_init(int argc, char *argv[]) const char *version = get_version(); log_notice(LD_GENERAL, "Tor %s running on %s with Libevent %s, " - "%s %s, Zlib %s, Liblzma %s, and Libzstd %s.", version, + "%s %s, Zlib %s, Liblzma %s, Libzstd %s and %s %s as libc.", + version, get_uname(), tor_libevent_get_version_str(), crypto_get_library_name(), @@ -584,7 +589,10 @@ tor_init(int argc, char *argv[]) tor_compress_supports_method(LZMA_METHOD) ? tor_compress_version_str(LZMA_METHOD) : "N/A", tor_compress_supports_method(ZSTD_METHOD) ? - tor_compress_version_str(ZSTD_METHOD) : "N/A"); + tor_compress_version_str(ZSTD_METHOD) : "N/A", + tor_libc_get_name() ? + tor_libc_get_name() : "Unknown", + tor_libc_get_version_str()); log_notice(LD_GENERAL, "Tor can't help you if you use it wrong! " "Learn how to be safe at " @@ -594,6 +602,12 @@ tor_init(int argc, char *argv[]) log_notice(LD_GENERAL, "This version is not a stable Tor release. " "Expect more bugs than usual."); + if (strlen(risky_option_list) && running_tor) { + log_warn(LD_GENERAL, "This build of Tor has been compiled with one " + "or more options that might make it less reliable or secure! " + "They are:%s", risky_option_list); + } + tor_compress_log_init_warnings(); } @@ -601,6 +615,9 @@ tor_init(int argc, char *argv[]) rust_log_welcome_string(); #endif /* defined(HAVE_RUST) */ + /* Warn _if_ the tracing subsystem is built in. */ + tracing_log_warning(); + int init_rv = options_init_from_torrc(argc,argv); if (init_rv < 0) { log_err(LD_CONFIG,"Reading config failed--see warnings above."); @@ -774,12 +791,14 @@ do_dump_config(void) if (!strcmp(arg, "short")) { how = OPTIONS_DUMP_MINIMAL; } else if (!strcmp(arg, "non-builtin")) { - how = OPTIONS_DUMP_DEFAULTS; + // Deprecated since 0.4.5.1-alpha. + fprintf(stderr, "'non-builtin' is deprecated; use 'short' instead.\n"); + how = OPTIONS_DUMP_MINIMAL; } else if (!strcmp(arg, "full")) { how = OPTIONS_DUMP_ALL; } else { fprintf(stderr, "No valid argument to --dump-config found!\n"); - fprintf(stderr, "Please select 'short', 'non-builtin', or 'full'.\n"); + fprintf(stderr, "Please select 'short' or 'full'.\n"); return -1; } @@ -794,8 +813,7 @@ do_dump_config(void) static void init_addrinfo(void) { - if (! server_mode(get_options()) || - (get_options()->Address && strlen(get_options()->Address) > 0)) { + if (! server_mode(get_options()) || get_options()->Address) { /* We don't need to seed our own hostname, because we won't be calling * resolve_my_address on it. */ @@ -1064,12 +1082,14 @@ sandbox_init_filter(void) OPEN_DATADIR("approved-routers"); OPEN_DATADIR_SUFFIX("fingerprint", ".tmp"); + OPEN_DATADIR_SUFFIX("fingerprint-ed25519", ".tmp"); OPEN_DATADIR_SUFFIX("hashed-fingerprint", ".tmp"); OPEN_DATADIR_SUFFIX("router-stability", ".tmp"); OPEN("/etc/resolv.conf"); RENAME_SUFFIX("fingerprint", ".tmp"); + RENAME_SUFFIX("fingerprint-ed25519", ".tmp"); RENAME_KEYDIR_SUFFIX("secret_onion_key_ntor", ".tmp"); RENAME_KEYDIR_SUFFIX("secret_id_key", ".tmp"); diff --git a/src/app/main/risky_options.c b/src/app/main/risky_options.c new file mode 100644 index 0000000000..747dda766b --- /dev/null +++ b/src/app/main/risky_options.c @@ -0,0 +1,35 @@ +/* Copyright (c) 2001 Matej Pfajfar. + * Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2020, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file risky_options.c + * \brief List compile-time options that might make Tor less reliable. + **/ + +#include "orconfig.h" +#include "app/main/risky_options.h" + +/** A space-separated list of the compile-time options might make Tor less + * reliable or secure. These options mainly exist for testing or debugging. + */ +const char risky_option_list[] = + "" +#ifdef DISABLE_ASSERTS_IN_TEST + " --disable-asserts-in-test" +#endif +#ifdef TOR_UNIT_TESTS + " TOR_UNIT_TESTS" +#endif +#ifdef ENABLE_RESTART_DEBUGGING + " --enable-restart-debugging" +#endif +#ifdef ALL_BUGS_ARE_FATAL + " --enable-all-bugs-are-fatal" +#endif +#ifdef DISABLE_MEMORY_SENTINELS + " --disable-memory-sentinels" +#endif + ; diff --git a/src/app/main/risky_options.h b/src/app/main/risky_options.h new file mode 100644 index 0000000000..4548ae3efb --- /dev/null +++ b/src/app/main/risky_options.h @@ -0,0 +1,17 @@ +/* Copyright (c) 2001 Matej Pfajfar. + * Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2020, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file risky_options.h + * \brief Header for risky_options.c + **/ + +#ifndef TOR_RISKY_OPTIONS_H +#define TOR_RISKY_OPTIONS_H + +extern const char risky_option_list[]; + +#endif diff --git a/src/app/main/shutdown.c b/src/app/main/shutdown.c index aac15246b9..4a556333db 100644 --- a/src/app/main/shutdown.c +++ b/src/app/main/shutdown.c @@ -47,6 +47,7 @@ #include "feature/relay/relay_config.h" #include "feature/rend/rendcache.h" #include "feature/rend/rendclient.h" +#include "feature/stats/bwhist.h" #include "feature/stats/geoip_stats.h" #include "feature/stats/rephist.h" #include "lib/evloop/compat_libevent.h" @@ -121,6 +122,7 @@ tor_free_all(int postfork) rend_cache_free_all(); rend_service_authorization_free_all(); rep_hist_free_all(); + bwhist_free_all(); circuit_free_all(); circpad_machines_free(); entry_guards_free_all(); diff --git a/src/app/main/subsysmgr.c b/src/app/main/subsysmgr.c index de601d28cd..349803cd46 100644 --- a/src/app/main/subsysmgr.c +++ b/src/app/main/subsysmgr.c @@ -300,7 +300,7 @@ subsystems_thread_cleanup(void) void subsystems_dump_list(void) { - for (unsigned i = 0; i < n_tor_subsystems - 1; ++i) { + for (unsigned i = 0; i < n_tor_subsystems; ++i) { const subsys_fns_t *sys = tor_subsystems[i]; printf("% 4d\t%16s\t%s\n", sys->level, sys->name, sys->location?sys->location:""); diff --git a/src/app/main/subsystem_list.c b/src/app/main/subsystem_list.c index e32083537f..cb79909e69 100644 --- a/src/app/main/subsystem_list.c +++ b/src/app/main/subsystem_list.c @@ -26,10 +26,13 @@ #include "lib/thread/thread_sys.h" #include "lib/time/time_sys.h" #include "lib/tls/tortls_sys.h" +#include "lib/trace/trace_sys.h" #include "lib/wallclock/wallclock_sys.h" #include "lib/evloop/evloop_sys.h" #include "feature/dirauth/dirauth_sys.h" +#include "feature/hs/hs_sys.h" +#include "feature/metrics/metrics_sys.h" #include "feature/relay/relay_sys.h" #include <stddef.h> @@ -47,6 +50,8 @@ const subsys_fns_t *tor_subsystems[] = { &sys_logging, &sys_threads, + &sys_tracing, + &sys_time, &sys_crypto, @@ -61,10 +66,12 @@ const subsys_fns_t *tor_subsystems[] = { &sys_or, &sys_relay, + &sys_hs, &sys_btrack, &sys_dirauth, + &sys_metrics, }; const unsigned n_tor_subsystems = ARRAY_LENGTH(tor_subsystems); |