Age | Commit message (Collapse) | Author |
|
Probably releasing within ~22 hours, pending testing
|
|
Conflicts:
src/or/main.c
|
|
|
|
|
|
Libevent uses an arc4random implementation (I know, I know) to
generate DNS transaction IDs and capitalization. But it liked to
initialize it either with opening /dev/urandom (which won't work
under the sandbox if it doesn't use the right pointer), or with
sysctl({CTL_KERN,KERN_RANDOM,RANDOM_UUIC}). To make _that_ work, we
were permitting sysctl unconditionally. That's not such a great
idea.
Instead, we try to initialize the libevent PRNG _before_ installing
the sandbox, and make sysctl always fail with EPERM under the
sandbox.
|
|
It turns on -fsanitize=address and -fsanitize=ubsan if they work.
Most relays won't want this. Some clients may. Ticket 11477.
|
|
|
|
|
|
|
|
This should make more platforms (in particular, ones with compilers
where -fomit-frame-pointer is on by default but table generation
isn't) support backtrace generation. Thanks to cypherpunks for this
one.
Fixes bug 11047; bugfix on 0.2.5.2-alpha.
|
|
|
|
|
|
|
|
It's not guaranteed that every package symlinks a2x to a2x.py; OpenBSD
does not do this, so let's just look for a2x.py as well.
|
|
|
|
Conflicts:
src/common/sandbox.c
src/common/sandbox.h
src/common/util.c
src/or/main.c
src/test/include.am
src/test/test.c
|
|
This M4 module lets us learn the right way (out of at least 18
possibilities) to extract the current PC for stack-trace-fixup-in-signal
purposes. The Google Performance Tools license is 3-clause BSD.
|
|
|
|
On platforms with the backtrace/backtrace_symbols_fd interface, Tor
can now dump stack traces on assertion failure. By default, I log
them to DataDir/stack_dump and to stderr.
|
|
It generates an apparently spurious warning with gcc 4.4 in debian;
we haven't tested 4.5.
|
|
|
|
Fixes bug 9869; patch from Benedikt Gollatz.
|
|
Fix for 9948; patch from Benedikt Gollatz.
|
|
|
|
|
|
|
|
Since torify has been removed from tsocks, it doesn't need to be
preprocessed. Closes #5505.
|
|
Conflicts:
src/common/sandbox.c
|
|
|
|
|
|
|
|
|
|
Conflicts:
src/common/include.am
Conflict was from adding testsupport.h near where sandbox.h had
already been added.
|
|
|
|
It's controlled by the new Sandbox argument. Right now, it's rather
coarse-grained, it's Linux-only, and it may break some features.
|
|
If you pass the --enable-coverage flag on the command line, we build
our testing binaries with appropriate options eo enable coverage
testing. We also build a "tor-cov" binary that has coverage enabled,
for integration tests.
On recent OSX versions, test coverage only works with clang, not gcc.
So we warn about that.
Also add a contrib/coverage script to actually run gcov with the
appropriate options to generate useful .gcov files. (Thanks to
automake, the .o files will not have the names that gcov expects to
find.)
Also, remove generated gcda and gcno files on clean.
|
|
This is mainly a matter of automake trickery: we build each static
library in two versions now: one with the TOR_UNIT_TESTS macro
defined, and one without. When TOR_UNIT_TESTS is defined, we can
enable mocking and expose more functions. When it's not defined, we
can lock the binary down more.
The alternatives would be to have alternate build modes: a "testing
configuration" for building the libraries with test support, and a
"production configuration" for building them without. I don't favor
that approach, since I think it would mean more people runnning
binaries build for testing, or more people not running unit tests.
|
|
This is a bashism; on systems where sh is not bash (eg., non-Linux, or
Ubuntu using dash), this breaks with a syntax error. This also doesn't
work properly in bash: only the first item is iterated on.
|
|
|
|
See #6506
|
|
If USE_ASCIIDOC is enabled but asciidoc isn't present and manpages
aren't already generated, it'll throw a warning during configure.
Works with the current git / tarball split.
Caveat: regular_mans are listed in the configure.ac
See #6506
|
|
|
|
Clang 3.2 does constant-folding and variable substitution to determine
that the program is equivalent to "return 1". Splitting the 128-bit
math into a new function seems sufficient to fix this.
|
|
Dumb bug 1: == has higher precedence than &.
Dumb bug 2: the main() function in an AC_RUN_IFELSE test is expected
to return 0 on success, not 1.
|
|
|
|
(This is the part of the Bug 8042 patch that warns about unsigned time_t)
|
|
|
|
Resolves the user experience part of #8014.
|
|
|
|
In 81d69f4c2d8a451 (0.2.21-alpha) we added a compile-time check for
a (totally broken) signed size_t. In 0e597471af (not yet released)
I switched to a better configure-time check, which stored its output
in a different variable. I didn't change the code which looked at
the output, however.
This bug is not in any released version of Tor, and would not affect
anybody with a working Tor.
|