Age | Commit message (Collapse) | Author |
|
Fixes bug 24633; bugfix on 0.2.9.1-alpha.
|
|
|
|
Add magic comments recognized by default -Wimplicit-fallthrough=3
or break, as required.
|
|
Add magic comments recognized by default -Wimplicit-fallthrough=3
Follow-up to e5f464, fixes Ticket 22446 for 32 bit.
[nick notes: Backport from 0.3.1.3-alpha.]
|
|
Fixes unused-const-variable warnings with GCC on 32-bit x86 systems.
Closes #22895.
|
|
|
|
|
|
|
|
|
|
In nearly all cases, this is a matter of making sure that we include
orconfig.h before we include any standard c headers.
|
|
These appeared on some of the Jenkins platforms. Apparently some
GCCs care when you shadow globals, and some don't.
|
|
|
|
Only some very ancient distributions don't ship with Libevent 2 anymore,
even the oldest supported Ubuntu LTS version has it. This allows us to
get rid of a lot of compat code.
|
|
The Autoconf macro AC_USE_SYSTEM_EXTENSIONS defines preprocessor macros
which turn on extensions to C and POSIX. The macro also makes it easier
for developers to use the extensions without needing (or forgetting) to
define them manually.
The macro can be safely used because it was introduced in Autoconf 2.60
and Tor requires Autoconf 2.63 and above.
|
|
|
|
|
|
This is a big-ish patch, but it's very straightforward. Under this
clang warning, we're not actually allowed to have a global variable
without a previous extern declaration for it. The cases where we
violated this rule fall into three roughly equal groups:
* Stuff that should have been static.
* Stuff that was global but where the extern was local to some
other C file.
* Stuff that was only global when built for the unit tests, that
needed a conditional extern in the headers.
The first two were IMO genuine problems; the last is a wart of how
we build tests.
|
|
This gives more accurate results under Clang, which can only help us
detect more warnings in more places.
Fixes bug 19216; bugfix on 0.2.0.1-alpha
|
|
This caused a trivial warning in curve25519-donna-64bit.h, which
had two unused constants. I commented them out.
|
|
This warning, IIUC, means that the compiler doesn't like it when it
sees a NULL check _after_ we've already dereferenced the
variable. In such cases, it considers itself free to eliminate the
NULL check.
There are a couple of tricky cases:
One was the case related to the fact that tor_addr_to_in6() can
return NULL if it gets a non-AF_INET6 address. The fix was to
create a variant which asserts on the address type, and never
returns NULL.
|
|
So, back long ago, XXX012 meant, "before Tor 0.1.2 is released, we
had better revisit this comment and fix it!"
But we have a huge pile of such comments accumulated for a large
number of released versions! Not cool.
So, here's what I tried to do:
* 0.2.9 and 0.2.8 are retained, since those are not yet released.
* XXX+ or XXX++ or XXX++++ or whatever means, "This one looks
quite important!"
* The others, after one-by-one examination, are downgraded to
plain old XXX. Which doesn't mean they aren't a problem -- just
that they cannot possibly be a release-blocking problem.
|
|
|
|
We need to define this function when compiling with clang -m32 -ftrapv,
since otherwise we get link errors, since apparently some versions
of libclang_rt.builtins don't define a version of it that works? Or
clang doesn't know to look for it?
This definition is taken from the LLVM source at
https://llvm.org/svn/llvm-project/compiler-rt/trunk/lib/builtins/mulodi4.c
I've also included the license (dual BSD-ish/MIT-ish).
|
|
There were some conflicts here, and some breakage to fix concerning
library link order in newer targets.
|
|
We know there are overflows in curve25519-donna-c32, so we'll have
to have that one be fwrapv.
Only apply the asan, ubsan, and trapv options to the code that does
not need to run in constant time. Those options introduce branches
to the code they instrument.
(These introduced branches should never actually be taken, so it
might _still_ be constant time after all, but branch predictors are
complicated enough that I'm not really confident here. Let's aim for
safety.)
Closes 17983.
|
|
Closes 19041.
|
|
|
|
|
|
|
|
|
|
|
|
* SHA-3/SHAKE use little endian for certain things, so byteswap as
needed.
* The code was written under the assumption that unaligned access to
quadwords is allowed, which isn't true particularly on non-Intel.
|
|
|
|
|
|
|
|
|
|
Imported from here: https://github.com/wahern/timeout
Imported as of upstream e5a9e8bfaa9c631bdc54002181795931b65bdc1a.
All sources unmodified.
|
|
Yes, we could cast to unsigned char first, but it's probably safest
to just use our own (in test_util), or remove bad-idea features that
we don't use (in readpassphrase.c).
Fixes 18728.
|
|
|
|
|
|
|
|
|
|
This is where things get tor specific. It's just replacing stdint.h
and memset_s with the tor compat code so going back is trivial...
|
|
The digest routines use init/update/sum, where sum will automatically
copy the internal state to support calculating running digests.
The XOF routines use init/absorb/squeeze, which behave exactly as stated
on the tin.
|
|
As of commit: 64b6647514212b76ae7bca0dea9b7b197d1d8186
|
|
This patch was generated using;
sed -i -e "s/\bINLINE\b/inline/" src/*/*.[ch] src/*/*/*.[ch]
|
|
|
|
(before using it for anything besides feeding the PRNG)
Part of #17694
|
|
always null terminates and returns -1 if result is truncated.
|
|
Code cribbed from Andrew Moon's Public Domain SipHash-2-4
implementation (which IMO is also cleaner).
Fixes bug 17544.
|