Age | Commit message (Collapse) | Author |
|
The Autoconf macro AC_USE_SYSTEM_EXTENSIONS defines preprocessor macros
which turn on extensions to C and POSIX. The macro also makes it easier
for developers to use the extensions without needing (or forgetting) to
define them manually.
The macro can be safely used because it was introduced in Autoconf 2.60
and Tor requires Autoconf 2.63 and above.
|
|
|
|
It triggers on the openssl headers, and doesn't seem to actually
help us.
|
|
FreeBSD uses _Generic() in its system headers, and is within its
rights to do so.
|
|
|
|
|
|
|
|
This is a big-ish patch, but it's very straightforward. Under this
clang warning, we're not actually allowed to have a global variable
without a previous extern declaration for it. The cases where we
violated this rule fall into three roughly equal groups:
* Stuff that should have been static.
* Stuff that was global but where the extern was local to some
other C file.
* Stuff that was only global when built for the unit tests, that
needed a conditional extern in the headers.
The first two were IMO genuine problems; the last is a wart of how
we build tests.
|
|
|
|
|
|
|
|
This gives more accurate results under Clang, which can only help us
detect more warnings in more places.
Fixes bug 19216; bugfix on 0.2.0.1-alpha
|
|
|
|
IMO it's fine for us to make exceptions to this rule in the unit
tests, but not in the code at large.
|
|
This warning triggers on silently promoting a float to a double. In
our code, it's just a sign that somebody used a float by mistake,
since we always prefer double.
|
|
This caught quite a few minor issues in our unit tests and elsewhere
in our code.
|
|
This caused a trivial warning in curve25519-donna-64bit.h, which
had two unused constants. I commented them out.
|
|
|
|
This warning, IIUC, means that the compiler doesn't like it when it
sees a NULL check _after_ we've already dereferenced the
variable. In such cases, it considers itself free to eliminate the
NULL check.
There are a couple of tricky cases:
One was the case related to the fact that tor_addr_to_in6() can
return NULL if it gets a non-AF_INET6 address. The fix was to
create a variant which asserts on the address type, and never
returns NULL.
|
|
They apply to ancient GCC versions and to an unknown set of
configuration options. Notabug.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Suppress it in the one spot in the code where we actually do want to
allow an aggregate return in order to call the mallinfo() API.
|
|
Remove support for "GET /tor/bytes.txt" DirPort request, and
"GETINFO dir-usage" controller request, which were only available
via a compile-time option in Tor anyway.
Feature was added in 0.2.2.1-alpha. Resolves ticket 19035.
|
|
|
|
|
|
Previously, if the header was present, we'd proceed even if the
function wasn't there.
Easy fix for bug 19161. A better fix would involve trying harder to
find libscrypt_scrypt.
|
|
Add --enable-fatal-warnings to control -Werror.
Closes ticket 19044.
|
|
|
|
|
|
We use a pretty specific pair of autoconf tests here to make sure
that we only add this code when:
a) a 64-bit signed multiply fails to link,
AND
b) the same 64-bit signed multiply DOES link correctly when
__mulodi4 is defined.
Closes ticket 19079.
|
|
Previously we'd only check whether the hardening options succeeded
at the compile step. Now we'll try to link with them too, and tell
the user in advance if something seems likely to go wrong.
Closes ticket 18895.
|
|
Fix the new crypto tests, which used truncate(3).
|
|
There were some conflicts here, and some breakage to fix concerning
library link order in newer targets.
|
|
|
|
We know there are overflows in curve25519-donna-c32, so we'll have
to have that one be fwrapv.
Only apply the asan, ubsan, and trapv options to the code that does
not need to run in constant time. Those options introduce branches
to the code they instrument.
(These introduced branches should never actually be taken, so it
might _still_ be constant time after all, but branch predictors are
complicated enough that I'm not really confident here. Let's aim for
safety.)
Closes 17983.
|
|
|
|
|
|
|
|
This makes our compilation options checks in autoconf work better on
systems that already define _FORTIFY_SOURCE.
Fixes at least one case of bug 18841; bugfix on 0.2.3.17-beta. Patch
from "trudokal".
|
|
|
|
Fixes the last case of 17744.
|
|
|
|
|
|
|
|
|