Compare commits
No commits in common. "master" and "maint-0.2.9" have entirely different histories.
master
...
maint-0.2.
|
@ -1,62 +0,0 @@
|
|||
version: 1.0.{build}
|
||||
|
||||
clone_depth: 50
|
||||
|
||||
environment:
|
||||
compiler: mingw
|
||||
|
||||
matrix:
|
||||
- target: i686-w64-mingw32
|
||||
compiler_path: mingw32
|
||||
openssl_path: /c/OpenSSL-Win32
|
||||
- target: x86_64-w64-mingw32
|
||||
compiler_path: mingw64
|
||||
openssl_path: /c/OpenSSL-Win64
|
||||
|
||||
install:
|
||||
- ps: >-
|
||||
Function Execute-Command ($commandPath)
|
||||
{
|
||||
& $commandPath $args 2>&1
|
||||
if ( $LastExitCode -ne 0 ) {
|
||||
$host.SetShouldExit( $LastExitCode )
|
||||
}
|
||||
}
|
||||
Function Execute-Bash ()
|
||||
{
|
||||
Execute-Command 'c:\msys64\usr\bin\bash' '-e' '-c' $args
|
||||
}
|
||||
Execute-Command "C:\msys64\usr\bin\pacman" -Sy --noconfirm openssl-devel openssl libevent-devel libevent mingw-w64-i686-libevent mingw-w64-x86_64-libevent mingw-w64-i686-openssl mingw-w64-x86_64-openssl mingw-w64-i686-zstd mingw-w64-x86_64-zstd
|
||||
|
||||
build_script:
|
||||
- ps: >-
|
||||
if ($env:compiler -eq "mingw") {
|
||||
$oldpath = ${env:Path} -split ';'
|
||||
$buildpath = @("C:\msys64\${env:compiler_path}\bin", "C:\msys64\usr\bin") + $oldpath
|
||||
$env:Path = @($buildpath) -join ';'
|
||||
$env:build = @("${env:APPVEYOR_BUILD_FOLDER}", $env:target) -join '\'
|
||||
Set-Location "${env:APPVEYOR_BUILD_FOLDER}"
|
||||
Execute-Bash 'autoreconf -i'
|
||||
mkdir "${env:build}"
|
||||
Set-Location "${env:build}"
|
||||
Execute-Bash "../configure --prefix=/${env:compiler_path} --build=${env:target} --host=${env:target} --disable-asciidoc --enable-fatal-warnings --with-openssl-dir=${env:openssl_path}"
|
||||
Execute-Bash "V=1 make -j2"
|
||||
Execute-Bash "V=1 make -j2 install"
|
||||
}
|
||||
|
||||
test_script:
|
||||
- ps: >-
|
||||
if ($env:compiler -eq "mingw") {
|
||||
$oldpath = ${env:Path} -split ';'
|
||||
$buildpath = @("C:\msys64\${env:compiler_path}\bin") + $oldpath
|
||||
$env:Path = $buildpath -join ';'
|
||||
Set-Location "${env:build}"
|
||||
Execute-Bash "VERBOSE=1 make -j2 check"
|
||||
}
|
||||
|
||||
on_success:
|
||||
- cmd: C:\Python27\python.exe %APPVEYOR_BUILD_FOLDER%\scripts\test\appveyor-irc-notify.py irc.oftc.net:6697 tor-ci success
|
||||
|
||||
on_failure:
|
||||
- cmd: C:\Python27\python.exe %APPVEYOR_BUILD_FOLDER%\scripts\test\appveyor-irc-notify.py irc.oftc.net:6697 tor-ci failure
|
||||
|
|
@ -3,7 +3,6 @@
|
|||
.#*
|
||||
*~
|
||||
*.swp
|
||||
*.swo
|
||||
# C stuff
|
||||
*.o
|
||||
*.obj
|
||||
|
@ -19,8 +18,6 @@
|
|||
.dirstamp
|
||||
*.trs
|
||||
*.log
|
||||
# Calltool stuff
|
||||
.*.graph
|
||||
# Stuff made by our makefiles
|
||||
*.bak
|
||||
# Python droppings
|
||||
|
@ -41,7 +38,6 @@ uptime-*.json
|
|||
/Makefile
|
||||
/Makefile.in
|
||||
/aclocal.m4
|
||||
/ar-lib
|
||||
/autom4te.cache
|
||||
/build-stamp
|
||||
/compile
|
||||
|
@ -71,7 +67,6 @@ uptime-*.json
|
|||
/Tor*Bundle.dmg
|
||||
/tor-*-win32.exe
|
||||
/coverage_html/
|
||||
/callgraph/
|
||||
|
||||
# /contrib/
|
||||
/contrib/dist/tor.sh
|
||||
|
@ -99,6 +94,11 @@ uptime-*.json
|
|||
/doc/tor.html
|
||||
/doc/tor.html.in
|
||||
/doc/tor.1.xml
|
||||
/doc/tor-fw-helper.1
|
||||
/doc/tor-fw-helper.1.in
|
||||
/doc/tor-fw-helper.html
|
||||
/doc/tor-fw-helper.html.in
|
||||
/doc/tor-fw-helper.1.xml
|
||||
/doc/tor-gencert.1
|
||||
/doc/tor-gencert.1.in
|
||||
/doc/tor-gencert.html
|
||||
|
@ -127,9 +127,6 @@ uptime-*.json
|
|||
/src/Makefile
|
||||
/src/Makefile.in
|
||||
|
||||
# /src/trace
|
||||
/src/trace/libor-trace.a
|
||||
|
||||
# /src/common/
|
||||
/src/common/Makefile
|
||||
/src/common/Makefile.in
|
||||
|
@ -175,12 +172,6 @@ uptime-*.json
|
|||
/src/or/libtor-testing.a
|
||||
/src/or/libtor.lib
|
||||
|
||||
# /src/rust
|
||||
/src/rust/.cargo/config
|
||||
/src/rust/.cargo/registry
|
||||
/src/rust/target
|
||||
/src/rust/registry
|
||||
|
||||
# /src/test
|
||||
/src/test/Makefile
|
||||
/src/test/Makefile.in
|
||||
|
@ -192,7 +183,6 @@ uptime-*.json
|
|||
/src/test/test-child
|
||||
/src/test/test-memwipe
|
||||
/src/test/test-ntor-cl
|
||||
/src/test/test-hs-ntor-cl
|
||||
/src/test/test-switch-id
|
||||
/src/test/test-timers
|
||||
/src/test/test_workqueue
|
||||
|
@ -201,18 +191,12 @@ uptime-*.json
|
|||
/src/test/test-bt-cl.exe
|
||||
/src/test/test-child.exe
|
||||
/src/test/test-ntor-cl.exe
|
||||
/src/test/test-hs-ntor-cl.exe
|
||||
/src/test/test-memwipe.exe
|
||||
/src/test/test-switch-id.exe
|
||||
/src/test/test-timers.exe
|
||||
/src/test/test_workqueue.exe
|
||||
|
||||
# /src/test/fuzz
|
||||
/src/test/fuzz/fuzz-*
|
||||
/src/test/fuzz/lf-fuzz-*
|
||||
|
||||
# /src/tools/
|
||||
/src/tools/libtorrunner.a
|
||||
/src/tools/tor-checkkey
|
||||
/src/tools/tor-resolve
|
||||
/src/tools/tor-cov-resolve
|
||||
|
@ -230,6 +214,12 @@ uptime-*.json
|
|||
/src/trunnel/libor-trunnel-testing.a
|
||||
/src/trunnel/libor-trunnel.a
|
||||
|
||||
# /src/tools/tor-fw-helper/
|
||||
/src/tools/tor-fw-helper/tor-fw-helper
|
||||
/src/tools/tor-fw-helper/tor-fw-helper.exe
|
||||
/src/tools/tor-fw-helper/Makefile
|
||||
/src/tools/tor-fw-helper/Makefile.in
|
||||
|
||||
# /src/win32/
|
||||
/src/win32/Makefile
|
||||
/src/win32/Makefile.in
|
||||
|
|
|
@ -1,45 +0,0 @@
|
|||
before_script:
|
||||
- apt-get update -qq
|
||||
- apt-get upgrade -qy
|
||||
|
||||
build:
|
||||
script:
|
||||
- apt-get install -qy --fix-missing automake build-essential
|
||||
libevent-dev libssl-dev zlib1g-dev
|
||||
libseccomp-dev liblzma-dev libscrypt-dev
|
||||
- ./autogen.sh
|
||||
- ./configure --disable-asciidoc --enable-fatal-warnings
|
||||
--disable-silent-rules
|
||||
- make check || (e=$?; cat test-suite.log; exit $e)
|
||||
- make install
|
||||
|
||||
update:
|
||||
only:
|
||||
- schedules
|
||||
script:
|
||||
- "apt-get install -y --fix-missing git openssh-client"
|
||||
|
||||
# Run ssh-agent (inside the build environment)
|
||||
- eval $(ssh-agent -s)
|
||||
|
||||
# Add the SSH key stored in SSH_PRIVATE_KEY variable to the agent store
|
||||
- ssh-add <(echo "$DEPLOY_KEY")
|
||||
|
||||
# For Docker builds disable host key checking. Be aware that by adding that
|
||||
# you are susceptible to man-in-the-middle attacks.
|
||||
# WARNING: Use this only with the Docker executor, if you use it with shell
|
||||
# you will overwrite your user's SSH config.
|
||||
- mkdir -p ~/.ssh
|
||||
- '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'
|
||||
# In order to properly check the server's host key, assuming you created the
|
||||
# SSH_SERVER_HOSTKEYS variable previously, uncomment the following two lines
|
||||
# instead.
|
||||
- mkdir -p ~/.ssh
|
||||
- '[[ -f /.dockerenv ]] && echo "$SSH_SERVER_HOSTKEYS" > ~/.ssh/known_hosts'
|
||||
- echo "merging from torgit"
|
||||
- git config --global user.email "labadmin@oniongit.eu"
|
||||
- git config --global user.name "gitadmin"
|
||||
- "mkdir tor"
|
||||
- "cd tor"
|
||||
- git clone --bare https://git.torproject.org/tor.git
|
||||
- git push --mirror git@oniongit.eu:network/tor.git
|
|
@ -1,3 +0,0 @@
|
|||
[submodule "src/ext/rust"]
|
||||
path = src/ext/rust
|
||||
url = https://git.torproject.org/tor-rust-dependencies
|
41
.travis.yml
41
.travis.yml
|
@ -60,14 +60,6 @@ env:
|
|||
global:
|
||||
## The Travis CI environment allows us two cores, so let's use both.
|
||||
- MAKEFLAGS="-j 2"
|
||||
matrix:
|
||||
## Leave at least one entry here or Travis seems to generate a
|
||||
## matrix entry with empty matrix environment variables. Leaving
|
||||
## more than one entry causes unwanted matrix entries with
|
||||
## unspecified compilers.
|
||||
- RUST_OPTIONS="--enable-rust --enable-cargo-online-mode"
|
||||
# - RUST_OPTIONS="--enable-rust" TOR_RUST_DEPENDENCIES=true
|
||||
# - RUST_OPTIONS=""
|
||||
|
||||
matrix:
|
||||
## Uncomment to allow the build to report success (with non-required
|
||||
|
@ -96,39 +88,22 @@ matrix:
|
|||
## entry under that key outside the "include" clause.
|
||||
include:
|
||||
- compiler: gcc
|
||||
- compiler: gcc
|
||||
env: RUST_OPTIONS="--enable-rust" TOR_RUST_DEPENDENCIES=true
|
||||
- compiler: gcc
|
||||
env: RUST_OPTIONS=""
|
||||
- compiler: gcc
|
||||
env: COVERAGE_OPTIONS="--enable-coverage"
|
||||
- compiler: gcc
|
||||
env: DISTCHECK="yes" RUST_OPTIONS=""
|
||||
- compiler: gcc
|
||||
env: DISTCHECK="yes" RUST_OPTIONS="--enable-rust --enable-cargo-online-mode"
|
||||
- compiler: gcc
|
||||
env: MODULES_OPTIONS="--disable-module-dirauth"
|
||||
env: DISTCHECK="yes"
|
||||
## The "sudo: required" forces non-containerized builds, working
|
||||
## around a Travis CI environment issue: clang LeakAnalyzer fails
|
||||
## because it requires ptrace and the containerized environment no
|
||||
## longer allows ptrace.
|
||||
- compiler: clang
|
||||
sudo: required
|
||||
- compiler: clang
|
||||
sudo: required
|
||||
env: RUST_OPTIONS="--enable-rust" TOR_RUST_DEPENDENCIES=true
|
||||
- compiler: clang
|
||||
sudo: required
|
||||
env: RUST_OPTIONS=""
|
||||
- compiler: clang
|
||||
sudo: required
|
||||
env: MODULES_OPTIONS="--disable-module-dirauth"
|
||||
|
||||
before_install:
|
||||
## If we're on OSX, homebrew usually needs to updated first
|
||||
- if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then brew update ; fi
|
||||
## Download rustup
|
||||
- if [[ "$RUST_OPTIONS" != "" ]]; then curl -Ssf -o rustup.sh https://sh.rustup.rs; fi
|
||||
- curl -Ssf -o rustup.sh https://sh.rustup.rs
|
||||
- if [[ "$COVERAGE_OPTIONS" != "" ]]; then pip install --user cpp-coveralls; fi
|
||||
|
||||
install:
|
||||
|
@ -140,20 +115,10 @@ install:
|
|||
- if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then { brew outdated xz || brew upgrade xz; }; fi
|
||||
- if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then { brew outdated libscrypt || brew upgrade libscrypt; }; fi
|
||||
- if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then { brew outdated zstd || brew upgrade zstd; }; fi
|
||||
## Install the stable channels of rustc and cargo and setup our toolchain environment
|
||||
- if [[ "$RUST_OPTIONS" != "" ]]; then sh rustup.sh -y --default-toolchain stable; fi
|
||||
- if [[ "$RUST_OPTIONS" != "" ]]; then source $HOME/.cargo/env; fi
|
||||
## Get some info about rustc and cargo
|
||||
- if [[ "$RUST_OPTIONS" != "" ]]; then which rustc; fi
|
||||
- if [[ "$RUST_OPTIONS" != "" ]]; then which cargo; fi
|
||||
- if [[ "$RUST_OPTIONS" != "" ]]; then rustc --version; fi
|
||||
- if [[ "$RUST_OPTIONS" != "" ]]; then cargo --version; fi
|
||||
## If we're testing rust builds in offline-mode, then set up our vendored dependencies
|
||||
- if [[ "$TOR_RUST_DEPENDENCIES" == "true" ]]; then export TOR_RUST_DEPENDENCIES=$PWD/src/ext/rust/crates; fi
|
||||
|
||||
script:
|
||||
- ./autogen.sh
|
||||
- ./configure $RUST_OPTIONS $COVERAGE_OPTIONS $MODULES_OPTIONS --disable-asciidoc --enable-fatal-warnings --disable-silent-rules --enable-fragile-hardening
|
||||
- ./configure $RUST_OPTIONS $COVERAGE_OPTIONS --disable-asciidoc --enable-fatal-warnings --disable-silent-rules --enable-fragile-hardening
|
||||
## We run `make check` because that's what https://jenkins.torproject.org does.
|
||||
- if [[ "$DISTCHECK" == "" ]]; then make check; fi
|
||||
- if [[ "$DISTCHECK" != "" ]]; then make distcheck DISTCHECK_CONFIGURE_FLAGS="$RUST_OPTIONS $COVERAGE_OPTIONS --disable-asciidoc --enable-fatal-warnings --disable-silent-rules --enable-fragile-hardening"; fi
|
||||
|
|
39
CONTRIBUTING
39
CONTRIBUTING
|
@ -1,39 +0,0 @@
|
|||
Contributing to Tor
|
||||
-------------------
|
||||
|
||||
### Getting started
|
||||
|
||||
Welcome!
|
||||
|
||||
We have a bunch of documentation about how to develop Tor in the
|
||||
doc/HACKING/ directory. We recommend that you start with
|
||||
doc/HACKING/README.1st.md , and then go from there. It will tell
|
||||
you how to find your way around the source code, how to get
|
||||
involved with the Tor community, how to write patches, and much
|
||||
more!
|
||||
|
||||
You don't have to be a C developer to help with Tor: have a look
|
||||
at https://www.torproject.org/getinvolved/volunteer !
|
||||
|
||||
The Tor Project is committed to fostering a inclusive community
|
||||
where people feel safe to engage, share their points of view, and
|
||||
participate. For the latest version of our Code of Conduct, please
|
||||
see
|
||||
|
||||
https://gitweb.torproject.org/community/policies.git/plain/code_of_conduct.txt
|
||||
|
||||
|
||||
|
||||
### License issues
|
||||
|
||||
Tor is distributed under the license terms in the LICENSE -- in
|
||||
brief, the "3-clause BSD license". If you send us code to
|
||||
distribute with Tor, it needs to be code that we can distribute
|
||||
under those terms. Please don't send us patches unless you agree
|
||||
to allow this.
|
||||
|
||||
Some compatible licenses include:
|
||||
|
||||
- 3-clause BSD
|
||||
- 2-clause BSD
|
||||
- CC0 Public Domain Dedication
|
26
Doxyfile.in
26
Doxyfile.in
|
@ -446,6 +446,12 @@ MAX_INITIALIZER_LINES = 30
|
|||
|
||||
SHOW_USED_FILES = YES
|
||||
|
||||
# If the sources in your project are distributed over multiple directories
|
||||
# then setting the SHOW_DIRECTORIES tag to YES will show the directory hierarchy
|
||||
# in the documentation. The default is NO.
|
||||
|
||||
SHOW_DIRECTORIES = NO
|
||||
|
||||
# Set the SHOW_FILES tag to NO to disable the generation of the Files page.
|
||||
# This will remove the Files entry from the Quick Index and from the
|
||||
# Folder Tree View (if specified). The default is YES.
|
||||
|
@ -754,6 +760,12 @@ HTML_FOOTER =
|
|||
|
||||
HTML_STYLESHEET =
|
||||
|
||||
# If the HTML_ALIGN_MEMBERS tag is set to YES, the members of classes,
|
||||
# files or namespaces will be aligned in HTML using tables. If set to
|
||||
# NO a bullet list will be used.
|
||||
|
||||
HTML_ALIGN_MEMBERS = YES
|
||||
|
||||
# If the GENERATE_HTMLHELP tag is set to YES, additional index files
|
||||
# will be generated that can be used as input for tools like the
|
||||
# Microsoft HTML help workshop to generate a compiled HTML help file (.chm)
|
||||
|
@ -1035,6 +1047,18 @@ GENERATE_XML = NO
|
|||
|
||||
XML_OUTPUT = xml
|
||||
|
||||
# The XML_SCHEMA tag can be used to specify an XML schema,
|
||||
# which can be used by a validating XML parser to check the
|
||||
# syntax of the XML files.
|
||||
|
||||
XML_SCHEMA =
|
||||
|
||||
# The XML_DTD tag can be used to specify an XML DTD,
|
||||
# which can be used by a validating XML parser to check the
|
||||
# syntax of the XML files.
|
||||
|
||||
XML_DTD =
|
||||
|
||||
# If the XML_PROGRAMLISTING tag is set to YES Doxygen will
|
||||
# dump the program listings (including syntax highlighting
|
||||
# and cross-referencing information) to the XML output. Note that
|
||||
|
@ -1240,7 +1264,7 @@ HAVE_DOT = NO
|
|||
# DOTFONTPATH environment variable or by setting DOT_FONTPATH to the directory
|
||||
# containing the font.
|
||||
|
||||
DOT_FONTNAME =
|
||||
DOT_FONTNAME = FreeSans
|
||||
|
||||
# By default doxygen will tell dot to use the output directory to look for the
|
||||
# FreeSans.ttf font (which doxygen will put there itself). If you specify a
|
||||
|
|
2
LICENSE
2
LICENSE
|
@ -13,7 +13,7 @@ Tor is distributed under this license:
|
|||
|
||||
Copyright (c) 2001-2004, Roger Dingledine
|
||||
Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson
|
||||
Copyright (c) 2007-2017, The Tor Project, Inc.
|
||||
Copyright (c) 2007-2016, The Tor Project, Inc.
|
||||
|
||||
Redistribution and use in source and binary forms, with or without
|
||||
modification, are permitted provided that the following conditions are
|
||||
|
|
82
Makefile.am
82
Makefile.am
|
@ -1,6 +1,6 @@
|
|||
# Copyright (c) 2001-2004, Roger Dingledine
|
||||
# Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson
|
||||
# Copyright (c) 2007-2017, The Tor Project, Inc.
|
||||
# Copyright (c) 2007-2015, The Tor Project, Inc.
|
||||
# See LICENSE for licensing information
|
||||
|
||||
ACLOCAL_AMFLAGS = -I m4
|
||||
|
@ -9,14 +9,13 @@ noinst_LIBRARIES=
|
|||
EXTRA_DIST=
|
||||
noinst_HEADERS=
|
||||
bin_PROGRAMS=
|
||||
EXTRA_PROGRAMS=
|
||||
CLEANFILES=
|
||||
TESTS=
|
||||
noinst_PROGRAMS=
|
||||
DISTCLEANFILES=
|
||||
bin_SCRIPTS=
|
||||
AM_CPPFLAGS=
|
||||
AM_CFLAGS=@TOR_SYSTEMD_CFLAGS@ @CFLAGS_BUGTRAP@ @TOR_LZMA_CFLAGS@ @TOR_ZSTD_CFLAGS@
|
||||
AM_CFLAGS=@TOR_SYSTEMD_CFLAGS@ @CFLAGS_BUGTRAP@
|
||||
SHELL=@SHELL@
|
||||
|
||||
if COVERAGE_ENABLED
|
||||
|
@ -25,26 +24,17 @@ else
|
|||
TESTING_TOR_BINARY=$(top_builddir)/src/or/tor$(EXEEXT)
|
||||
endif
|
||||
|
||||
if USE_RUST
|
||||
rust_ldadd=$(top_builddir)/src/rust/target/release/@TOR_RUST_STATIC_NAME@ \
|
||||
@TOR_RUST_EXTRA_LIBS@
|
||||
else
|
||||
rust_ldadd=
|
||||
endif
|
||||
|
||||
include src/include.am
|
||||
include doc/include.am
|
||||
include contrib/include.am
|
||||
|
||||
EXTRA_DIST+= \
|
||||
ChangeLog \
|
||||
CONTRIBUTING \
|
||||
INSTALL \
|
||||
LICENSE \
|
||||
Makefile.nmake \
|
||||
README \
|
||||
ReleaseNotes \
|
||||
scripts/maint/checkSpace.pl
|
||||
ReleaseNotes
|
||||
|
||||
## This tells etags how to find mockable function definitions.
|
||||
AM_ETAGSFLAGS=--regex='{c}/MOCK_IMPL([^,]+,\W*\([a-zA-Z0-9_]+\)\W*,/\1/s'
|
||||
|
@ -52,22 +42,16 @@ AM_ETAGSFLAGS=--regex='{c}/MOCK_IMPL([^,]+,\W*\([a-zA-Z0-9_]+\)\W*,/\1/s'
|
|||
if COVERAGE_ENABLED
|
||||
TEST_CFLAGS=-fno-inline -fprofile-arcs -ftest-coverage
|
||||
if DISABLE_ASSERTS_IN_UNIT_TESTS
|
||||
TEST_CPPFLAGS=-DTOR_UNIT_TESTS -DTOR_COVERAGE -DDISABLE_ASSERTS_IN_UNIT_TESTS @TOR_MODULES_ALL_ENABLED@
|
||||
TEST_CPPFLAGS=-DTOR_UNIT_TESTS -DTOR_COVERAGE -DDISABLE_ASSERTS_IN_UNIT_TESTS
|
||||
else
|
||||
TEST_CPPFLAGS=-DTOR_UNIT_TESTS -DTOR_COVERAGE @TOR_MODULES_ALL_ENABLED@
|
||||
TEST_CPPFLAGS=-DTOR_UNIT_TESTS -DTOR_COVERAGE
|
||||
endif
|
||||
TEST_NETWORK_FLAGS=--coverage --hs-multi-client 1
|
||||
else
|
||||
TEST_CFLAGS=
|
||||
TEST_CPPFLAGS=-DTOR_UNIT_TESTS @TOR_MODULES_ALL_ENABLED@
|
||||
TEST_CPPFLAGS=-DTOR_UNIT_TESTS
|
||||
TEST_NETWORK_FLAGS=--hs-multi-client 1
|
||||
endif
|
||||
TEST_NETWORK_WARNING_FLAGS=--quiet --only-warnings
|
||||
|
||||
if LIBFUZZER_ENABLED
|
||||
TEST_CFLAGS += -fsanitize-coverage=trace-pc-guard,trace-cmp,trace-div
|
||||
# not "edge"
|
||||
endif
|
||||
|
||||
TEST_NETWORK_ALL_LOG_DIR=$(top_builddir)/test_network_log
|
||||
TEST_NETWORK_ALL_DRIVER_FLAGS=--color-tests yes
|
||||
|
@ -98,8 +82,6 @@ doxygen:
|
|||
test: all
|
||||
$(top_builddir)/src/test/test
|
||||
|
||||
check-local: check-spaces check-changes
|
||||
|
||||
need-chutney-path:
|
||||
@if test ! -d "$$CHUTNEY_PATH"; then \
|
||||
echo '$$CHUTNEY_PATH was not set.'; \
|
||||
|
@ -119,19 +101,17 @@ test-network: need-chutney-path $(TESTING_TOR_BINARY) src/tools/tor-gencert
|
|||
|
||||
# Run all available tests using automake's test-driver
|
||||
# only run IPv6 tests if we can ping6 ::1 (localhost)
|
||||
# only run IPv6 tests if we can ping ::1 (localhost)
|
||||
# some IPv6 tests will fail without an IPv6 DNS server (see #16971 and #17011)
|
||||
# only run mixed tests if we have a tor-stable binary
|
||||
# Try the syntax for BSD ping6, Linux ping6, and Linux ping -6,
|
||||
# because they're incompatible
|
||||
# Try both the BSD and the Linux ping6 syntax, because they're incompatible
|
||||
test-network-all: need-chutney-path test-driver $(TESTING_TOR_BINARY) src/tools/tor-gencert
|
||||
mkdir -p $(TEST_NETWORK_ALL_LOG_DIR)
|
||||
@flavors="$(TEST_CHUTNEY_FLAVORS)"; \
|
||||
if ping6 -q -c 1 -o ::1 >/dev/null 2>&1 || ping6 -q -c 1 -W 1 ::1 >/dev/null 2>&1 || ping -6 -c 1 -W 1 ::1 >/dev/null 2>&1; then \
|
||||
echo "ping6 ::1 or ping ::1 succeeded, running IPv6 flavors: $(TEST_CHUTNEY_FLAVORS_IPV6)."; \
|
||||
if ping6 -q -c 1 -o ::1 >/dev/null 2>&1 || ping6 -q -c 1 -W 1 ::1 >/dev/null 2>&1; then \
|
||||
echo "ping6 ::1 succeeded, running IPv6 flavors: $(TEST_CHUTNEY_FLAVORS_IPV6)."; \
|
||||
flavors="$$flavors $(TEST_CHUTNEY_FLAVORS_IPV6)"; \
|
||||
else \
|
||||
echo "ping6 ::1 and ping ::1 failed, skipping IPv6 flavors: $(TEST_CHUTNEY_FLAVORS_IPV6)."; \
|
||||
echo "ping6 ::1 failed, skipping IPv6 flavors: $(TEST_CHUTNEY_FLAVORS_IPV6)."; \
|
||||
skip_flavors="$$skip_flavors $(TEST_CHUTNEY_FLAVORS_IPV6)"; \
|
||||
fi; \
|
||||
if command -v tor-stable >/dev/null 2>&1; then \
|
||||
|
@ -146,7 +126,6 @@ test-network-all: need-chutney-path test-driver $(TESTING_TOR_BINARY) src/tools/
|
|||
done; \
|
||||
for f in $$flavors; do \
|
||||
$(SHELL) $(top_srcdir)/test-driver --test-name $$f --log-file $(TEST_NETWORK_ALL_LOG_DIR)/$$f.log --trs-file $(TEST_NETWORK_ALL_LOG_DIR)/$$f.trs $(TEST_NETWORK_ALL_DRIVER_FLAGS) $(top_srcdir)/src/test/test-network.sh --flavor $$f $(TEST_NETWORK_FLAGS); \
|
||||
$(top_srcdir)/src/test/test-network.sh $(TEST_NETWORK_WARNING_FLAGS); \
|
||||
done; \
|
||||
echo "Log and result files are available in $(TEST_NETWORK_ALL_LOG_DIR)."; \
|
||||
! grep -q FAIL test_network_log/*.trs
|
||||
|
@ -202,14 +181,11 @@ coverage-html-full: all
|
|||
# Avoid strlcpy.c, strlcat.c, aes.c, OpenBSD_malloc_Linux.c, sha256.c,
|
||||
# tinytest*.[ch]
|
||||
check-spaces:
|
||||
if USE_PERL
|
||||
$(PERL) $(top_srcdir)/scripts/maint/checkSpace.pl -C \
|
||||
$(top_srcdir)/scripts/maint/checkSpace.pl -C \
|
||||
$(top_srcdir)/src/common/*.[ch] \
|
||||
$(top_srcdir)/src/or/*.[ch] \
|
||||
$(top_srcdir)/src/test/*.[ch] \
|
||||
$(top_srcdir)/src/test/*/*.[ch] \
|
||||
$(top_srcdir)/src/tools/*.[ch]
|
||||
endif
|
||||
|
||||
check-docs: all
|
||||
$(PERL) $(top_builddir)/scripts/maint/checkOptionDocs.pl
|
||||
|
@ -218,42 +194,16 @@ check-logs:
|
|||
$(top_srcdir)/scripts/maint/checkLogs.pl \
|
||||
$(top_srcdir)/src/*/*.[ch] | sort -n
|
||||
|
||||
.PHONY: check-typos
|
||||
check-typos:
|
||||
@if test -x "`which misspell 2>&1;true`"; then \
|
||||
echo "Checking for Typos ..."; \
|
||||
(misspell \
|
||||
$(top_srcdir)/src/[^e]*/*.[ch] \
|
||||
$(top_srcdir)/doc \
|
||||
$(top_srcdir)/contrib \
|
||||
$(top_srcdir)/scripts \
|
||||
$(top_srcdir)/README \
|
||||
$(top_srcdir)/ChangeLog \
|
||||
$(top_srcdir)/INSTALL \
|
||||
$(top_srcdir)/ReleaseNotes \
|
||||
$(top_srcdir)/LICENSE); \
|
||||
else \
|
||||
echo "Tor can use misspell to check for typos."; \
|
||||
echo "It seems that you don't have misspell installed."; \
|
||||
echo "You can install the latest version of misspell here: https://github.com/client9/misspell#install"; \
|
||||
fi
|
||||
|
||||
.PHONY: check-changes
|
||||
check-changes:
|
||||
if USEPYTHON
|
||||
@if test -d "$(top_srcdir)/changes"; then \
|
||||
$(PYTHON) $(top_srcdir)/scripts/maint/lintChanges.py $(top_srcdir)/changes; \
|
||||
$(PYTHON) $(top_srcdir)/scripts/maint/lintChanges.py $(top_srcdir)/changes/*; \
|
||||
fi
|
||||
endif
|
||||
|
||||
.PHONY: update-versions
|
||||
update-versions:
|
||||
$(PERL) $(top_builddir)/scripts/maint/updateVersions.pl
|
||||
|
||||
.PHONY: callgraph
|
||||
callgraph:
|
||||
$(top_builddir)/scripts/maint/run_calltool.sh
|
||||
|
||||
version:
|
||||
@echo "Tor @VERSION@"
|
||||
@if test -d "$(top_srcdir)/.git" && test -x "`which git 2>&1;true`"; then \
|
||||
|
@ -267,14 +217,6 @@ mostlyclean-local:
|
|||
rm -rf $(top_builddir)/doc/doxygen
|
||||
rm -rf $(TEST_NETWORK_ALL_LOG_DIR)
|
||||
|
||||
clean-local:
|
||||
rm -rf $(top_builddir)/src/rust/target
|
||||
rm -rf $(top_builddir)/src/rust/.cargo/registry
|
||||
|
||||
if USE_RUST
|
||||
distclean-local: distclean-rust
|
||||
endif
|
||||
|
||||
# This relies on some internal details of how automake implements
|
||||
# distcheck. We check two directories because automake-1.15 changed
|
||||
# from $(distdir)/_build to $(distdir)/_build/sub.
|
||||
|
|
3
README
3
README
|
@ -27,6 +27,3 @@ Frequently Asked Questions:
|
|||
|
||||
To get started working on Tor development:
|
||||
See the doc/HACKING directory.
|
||||
|
||||
Release timeline:
|
||||
https://trac.torproject.org/projects/tor/wiki/org/teams/NetworkTeam/CoreTorReleases
|
||||
|
|
5815
ReleaseNotes
5815
ReleaseNotes
File diff suppressed because it is too large
Load Diff
25
acinclude.m4
25
acinclude.m4
|
@ -2,7 +2,7 @@ dnl Helper macros for Tor configure.ac
|
|||
dnl Copyright (c) 2001-2004, Roger Dingledine
|
||||
dnl Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson
|
||||
dnl Copyright (c) 2007-2008, Roger Dingledine, Nick Mathewson
|
||||
dnl Copyright (c) 2007-2017, The Tor Project, Inc.
|
||||
dnl Copyright (c) 2007-2015, The Tor Project, Inc.
|
||||
dnl See LICENSE for licensing information
|
||||
|
||||
AC_DEFUN([TOR_EXTEND_CODEPATH],
|
||||
|
@ -51,12 +51,12 @@ AC_DEFUN([TOR_TRY_COMPILE_WITH_CFLAGS], [
|
|||
AC_CACHE_CHECK([whether the compiler accepts $1], VAR, [
|
||||
tor_saved_CFLAGS="$CFLAGS"
|
||||
CFLAGS="$CFLAGS -pedantic -Werror $1"
|
||||
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]], [[]])],
|
||||
AC_TRY_COMPILE([], [return 0;],
|
||||
[AS_VAR_SET(VAR,yes)],
|
||||
[AS_VAR_SET(VAR,no)])
|
||||
if test x$2 != x; then
|
||||
AS_VAR_PUSHDEF([can_link],[tor_can_link_$1])
|
||||
AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[]])],
|
||||
AC_TRY_LINK([], [return 0;],
|
||||
[AS_VAR_SET(can_link,yes)],
|
||||
[AS_VAR_SET(can_link,no)])
|
||||
AS_VAR_POPDEF([can_link])
|
||||
|
@ -93,7 +93,7 @@ AC_DEFUN([TOR_CHECK_LDFLAGS], [
|
|||
AC_RUN_IFELSE([AC_LANG_PROGRAM([#include <stdio.h>], [fputs("", stdout)])],
|
||||
[AS_VAR_SET(VAR,yes)],
|
||||
[AS_VAR_SET(VAR,no)],
|
||||
[AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[]])],
|
||||
[AC_TRY_LINK([], [return 0;],
|
||||
[AS_VAR_SET(VAR,yes)],
|
||||
[AS_VAR_SET(VAR,no)])])
|
||||
CFLAGS="$tor_saved_CFLAGS"
|
||||
|
@ -113,21 +113,21 @@ if test x$2 = xdevpkg; then
|
|||
h=" headers for"
|
||||
fi
|
||||
if test -f /etc/debian_version && test x"$tor_$1_$2_debian" != x; then
|
||||
AC_MSG_WARN([On Debian, you can install$h $1 using "apt-get install $tor_$1_$2_debian"])
|
||||
AC_WARN([On Debian, you can install$h $1 using "apt-get install $tor_$1_$2_debian"])
|
||||
if test x"$tor_$1_$2_debian" != x"$tor_$1_devpkg_debian"; then
|
||||
AC_MSG_WARN([ You will probably need $tor_$1_devpkg_debian too.])
|
||||
AC_WARN([ You will probably need $tor_$1_devpkg_debian too.])
|
||||
fi
|
||||
fi
|
||||
if test -f /etc/fedora-release && test x"$tor_$1_$2_redhat" != x; then
|
||||
AC_MSG_WARN([On Fedora, you can install$h $1 using "dnf install $tor_$1_$2_redhat"])
|
||||
AC_WARN([On Fedora, you can install$h $1 using "dnf install $tor_$1_$2_redhat"])
|
||||
if test x"$tor_$1_$2_redhat" != x"$tor_$1_devpkg_redhat"; then
|
||||
AC_MSG_WARN([ You will probably need to install $tor_$1_devpkg_redhat too.])
|
||||
AC_WARN([ You will probably need to install $tor_$1_devpkg_redhat too.])
|
||||
fi
|
||||
else
|
||||
if test -f /etc/redhat-release && test x"$tor_$1_$2_redhat" != x; then
|
||||
AC_MSG_WARN([On most Redhat-based systems, you can get$h $1 by installing the $tor_$1_$2_redhat RPM package])
|
||||
AC_WARN([On most Redhat-based systems, you can get$h $1 by installing the $tor_$1_$2_redhat RPM package])
|
||||
if test x"$tor_$1_$2_redhat" != x"$tor_$1_devpkg_redhat"; then
|
||||
AC_MSG_WARN([ You will probably need to install $tor_$1_devpkg_redhat too.])
|
||||
AC_WARN([ You will probably need to install $tor_$1_devpkg_redhat too.])
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
@ -245,10 +245,7 @@ if test "$cross_compiling" != yes; then
|
|||
LDFLAGS="$tor_tryextra $orig_LDFLAGS"
|
||||
fi
|
||||
AC_RUN_IFELSE([AC_LANG_PROGRAM([$5], [$6])],
|
||||
[runnable=yes], [runnable=no],
|
||||
[AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[]])],
|
||||
[runnable=yes],
|
||||
[runnable=no])])
|
||||
[runnable=yes], [runnable=no])
|
||||
if test "$runnable" = yes; then
|
||||
tor_cv_library_$1_linker_option=$tor_tryextra
|
||||
break
|
||||
|
|
|
@ -1,12 +1,12 @@
|
|||
#!/bin/sh
|
||||
|
||||
if [ -x "`which autoreconf 2>/dev/null`" ] ; then
|
||||
opt="-i -f -W all,error"
|
||||
opt="-if"
|
||||
|
||||
for i in $@; do
|
||||
case "$i" in
|
||||
-v)
|
||||
opt="${opt} -v"
|
||||
opt=$opt"v"
|
||||
;;
|
||||
esac
|
||||
done
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
o Minor bugfixes (unit tests):
|
||||
- Fix tolerances in unit tests for monotonic time comparisons between
|
||||
nanoseconds and microseconds. Previously, we accepted a 10 us
|
||||
difference only, which is not realistic on every platform's
|
||||
clock_gettime(). Fixes bug 19974; bugfix on 0.2.9.1-alpha.
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (testing):
|
||||
- Use ECDHE ciphers instead of ECDH in tortls tests. LibreSSL has
|
||||
removed the ECDH ciphers which caused the tests to fail on
|
||||
platforms which use it. Fixes bug 20460; bugfix on 0.2.8.1-alpha.
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfix (build):
|
||||
- The current Git revision when building from a local repository is now
|
||||
detected correctly when using git worktrees. Fixes bug 20492; bugfix on
|
||||
0.2.3.9-alpha.
|
|
@ -0,0 +1,8 @@
|
|||
|
||||
o Minor features (portability, compilationc)
|
||||
- Support building with recent LibreSSL code that uses opaque
|
||||
structures. Closes ticket 21359.
|
||||
- Autoconf now check to determine if OpenSSL
|
||||
structures are opaque, instead of explicitly checking for
|
||||
OpenSSL version numbers.
|
||||
Part of ticket 21359.
|
|
@ -1,6 +0,0 @@
|
|||
o Major bugfixes (security, directory authority, denial-of-service):
|
||||
- Fix a bug that could have allowed an attacker to force a
|
||||
directory authority to use up all its RAM by passing it a
|
||||
maliciously crafted protocol versions string. Fixes bug 25517;
|
||||
bugfix on 0.2.9.4-alpha. This issue is also tracked as
|
||||
TROVE-2018-005.
|
|
@ -0,0 +1,4 @@
|
|||
o Minor features (directory authority):
|
||||
- Add an IPv6 address for the "bastet" directory authority.
|
||||
Closes ticket 24394.
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (compilation):
|
||||
- Avoid compiler warnings in the unit tests for running tor_sscanf()
|
||||
with wide string outputs. Fixes bug 15582; bugfix on 0.2.6.2-alpha.
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
o Major bugfixes (linux TPROXY support):
|
||||
- Fix a typo that had prevented TPROXY-based transparent proxying from
|
||||
working under Linux. Fixes bug 18100; bugfix on 0.2.6.3-alpha.
|
||||
Patch from "d4fq0fQAgoJ".
|
||||
|
|
@ -0,0 +1,6 @@
|
|||
o Minor features (bridge):
|
||||
- Bridges now include notice in their descriptors that they are bridges,
|
||||
and notice of their distribution status, based on their publication
|
||||
settings. Implements ticket 18329. For more fine-grained control of
|
||||
how a bridge is distributed, upgrade to 0.3.2.x or later.
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
o Major bugfixes (DNS):
|
||||
- Fix a bug that prevented exit nodes from caching DNS records for more
|
||||
than 60 seconds.
|
||||
Fixes bug 19025; bugfix on 0.2.4.7-alpha.
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (DNSPort):
|
||||
- On DNSPort, stop logging a BUG warning on a failed hostname lookup.
|
||||
Fixes bug 19869; bugfix on 0.2.9.1-alpha.
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
o Minor bugfixes (logging):
|
||||
- Downgrade a harmless log message about the pending_entry_connections
|
||||
list from "warn" to "info". Mitigates bug 19926.
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (netbsd, unit tests):
|
||||
- Stop expecting NetBSD unit tests to report success for ipfw;
|
||||
on NetBSD, it's only pf that's supported.
|
||||
Part of a fix for bug 19960; bugfix on 0.2.9.5-alpha.
|
|
@ -0,0 +1,11 @@
|
|||
o Minor bugfixes (relay):
|
||||
- Do not try to parallelize workers more than 16x without the
|
||||
user explicitly configuring us to do so, even if we do detect more than
|
||||
16 CPU cores. Fixes bug 19968; bugfix on
|
||||
0.2.3.1-alpha.
|
||||
|
||||
|
||||
o Minor bugfixes (testing):
|
||||
- Avoid a unit test failure on systems with over 16 detectable
|
||||
CPU cores. Fixes bug 19968; bugfix on
|
||||
0.2.3.1-alpha.
|
|
@ -0,0 +1,10 @@
|
|||
o Major bugfixes (client performance):
|
||||
- Clients now respond to new application stream requests when
|
||||
they arrive, rather than waiting up to one second before starting
|
||||
to handle them. Fixes part of bug 19969; bugfix on 0.2.8.1-alpha.
|
||||
|
||||
o Major bugfixes (clients on flaky network connections):
|
||||
- When Tor leaves standby because of a new application request, open
|
||||
circuits as needed to serve that request. Previously, we would
|
||||
potentially wait a very long time. Fixes part of bug 19969; bugfix
|
||||
on 0.2.8.1-alpha.
|
|
@ -0,0 +1,3 @@
|
|||
o Minor bugfixes (relay):
|
||||
- Avoid a double-marked-circuit warning that can happen when we receive
|
||||
DESTROY cells under heavy load. Fixes bug 20059; bugfix on 0.1.0.1-rc.
|
|
@ -0,0 +1,4 @@
|
|||
o Documentation:
|
||||
- Correct the minimum bandwidth value in torrc.sample, and queue a
|
||||
corresponding change for torrc.minimal. Closes ticket 20085.
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
o Minor features (compatibility):
|
||||
- Work around a bug in the OSX 10.12 SDK that would prevent us
|
||||
from successfully targetting earlier versions of OSX.
|
||||
Resolves ticket 20235.
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (linux seccomp2 sandbox):
|
||||
- Avoid a sandbox failure when trying to re-bind to a socket and mark
|
||||
it as IPv6-only. Fixes bug 20247; bugfix on 0.2.5.1-alpha.
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (fascistfirewall):
|
||||
- Avoid spurious warnings when ReachableAddresses or FascistFirewall
|
||||
is set. Fixes bug 20306; bugfix on 0.2.8.2-alpha.
|
||||
|
|
@ -0,0 +1,7 @@
|
|||
o Minor bugfixes (circuit, hidden service)
|
||||
- When closing a circuit, the reason for doing so was assigned from an int
|
||||
value to a uint16_t which is quite a problem for negative values that are
|
||||
our internal reasons (ex: END_CIRC_REASON_IP_NOW_REDUNDANT). On the HS
|
||||
side, this was causing introduction points to be flagged as unusable
|
||||
because the reason wasn't the right one due to the bad conversion.
|
||||
Partially fixes bug 21056 and fixes bug 20307; Bugfix on 0.2.8.1-alpha.
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (relay):
|
||||
- Avoid a small memory leak when informing worker threads about rotated
|
||||
onion keys. Fixes bug 20401; bugfix on 0.2.6.3-alpha.
|
||||
|
|
@ -0,0 +1,6 @@
|
|||
o Major bugfixes:
|
||||
- For relays that don't know their own address, avoid attempting
|
||||
a local hostname resolve for each descriptor we download. Also cut
|
||||
down on the number of "Success: chose address 'x.x.x.x'" log lines.
|
||||
Fixes bugs 20423 and 20610; bugfix on 0.2.8.1-alpha.
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
o Minor bugfixes (circuits):
|
||||
- Remove a BUG warning in circuit_pick_extend_handshake. Instead, assume
|
||||
all nodes support EXTEND2. Use ntor whenever a key is available.
|
||||
Fixes bug 20472; bugfix on 0.2.9.3-alpha.
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
o Minor bugfixes (single onion services):
|
||||
- Start correctly when creating a single onion service in a
|
||||
directory that did not previously exist. Fixes bug 20484; bugfix on
|
||||
0.2.9.3-alpha.
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
o Documentation:
|
||||
- Clarify that setting HiddenServiceNonAnonymousMode requires
|
||||
you to also set "SOCKSPort 0". Fixes bug 20487; bugfix on
|
||||
0.2.9.3-alpha.
|
|
@ -0,0 +1,5 @@
|
|||
o Minor features:
|
||||
- Directory authorities now reject relays running versions
|
||||
0.2.9.1-alpha through 0.2.9.4-alpha, because those relays
|
||||
suffer from bug 20499 and don't keep their consensus cache
|
||||
up-to-date. Resolves ticket 20509.
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (hidden services):
|
||||
- When configuring hidden services, check every hidden service directory's
|
||||
permissions. Previously, we only checked the last hidden service.
|
||||
Fixes bug 20529; bugfix on 13942 commit 85bfad1 in 0.2.6.2-alpha.
|
|
@ -0,0 +1,7 @@
|
|||
o Minor bugfixes (consensus downloads):
|
||||
- If a consensus expires while we are waiting for certificates to download,
|
||||
stop waiting for certificates.
|
||||
- If we stop waiting for certificates less than a minute after we started
|
||||
downloading them, do not consider the certificate download failure a
|
||||
separate failure.
|
||||
Fixes bug 20533; bugfix on commit e0204f21 in 0.2.0.9-alpha.
|
|
@ -0,0 +1,8 @@
|
|||
o Minor bugfixes (directory download scheduling):
|
||||
- Remove the maximum delay on exponential-backoff scheduling.
|
||||
Since we now allow an infinite number of failures (see ticket
|
||||
20536), we must now allow the time to grow longer on each failure.
|
||||
Fixes part of bug 20534; bugfix on 0.2.9.1-alpha.
|
||||
- Use initial delays and decrements in download scheduling closer to
|
||||
those from 0.2.8. Fixes another part of bug 20534; bugfix on
|
||||
0.2.9.1-alpha.
|
|
@ -0,0 +1,6 @@
|
|||
o Major bugfixes (download scheduling):
|
||||
- When using an exponential backoff schedule, do not give up on
|
||||
dowloading just because we have failed a bunch of times. Since
|
||||
each delay is longer than the last, retrying indefinitely won't
|
||||
hurt. Fixes bug 20536; bugfix on 0.2.9.1-alpha.
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
o Minor bugfixes (compilation):
|
||||
- Fix implicit conversion warnings under OpenSSL 1.1.
|
||||
Fixes bug 20551; bugfix on 0.2.1.1-alpha.
|
|
@ -0,0 +1,3 @@
|
|||
o Minor bugfixes (memory leak):
|
||||
- Work around a memory leak in OpenSSL 1.1 when encoding public keys.
|
||||
Fixes bug 20553; bugfix on 0.0.2pre8.
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (portability):
|
||||
- Run correctly when built on Windows build environments that require
|
||||
_vcsprintf(). Fixes bug 20560; bugfix on 0.2.2.11-alpha.
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
o Minor bugfixes (download timing):
|
||||
- When determining when to download a directory object, handle times
|
||||
after 2038 if the operating system supports that. (Someday this will be
|
||||
important!) Fixes bug 20587; bugfix on 0.2.8.1-alpha.
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
o Minor features (portability):
|
||||
- Fix compilation with OpenSSL 1.1 and less commonly-used
|
||||
CPU architectures. Closes ticket 20588.
|
|
@ -0,0 +1,3 @@
|
|||
o Minor bugfixes (relay bootstrap):
|
||||
- Ensure relays don't make multiple connections during bootstrap.
|
||||
Fixes bug 20591; bugfix on 0.2.8.1-alpha.
|
|
@ -0,0 +1,6 @@
|
|||
o Minor bugfixes (client directory scheduling):
|
||||
- Treat "relay too busy to answer request" as a failed request and a
|
||||
reason to back off on our retry frequency. This is safe now that
|
||||
exponential backups retry indefinitely, and avoids a bug where we would
|
||||
reset our download schedule erroneously.
|
||||
Fixes bug 20593; bugfix on 0.2.9.1-alpha.
|
|
@ -0,0 +1,5 @@
|
|||
o Minor bugfixes (test networks, exponential backoff):
|
||||
- When using exponential backoff in test networks, use a lower exponent,
|
||||
so the delays do not vary as much. This helps test networks bootstrap
|
||||
consistently. Fixes bug 20597; bugfix on 20499; not in any released
|
||||
version of tor.
|
|
@ -0,0 +1,6 @@
|
|||
o Minor bugfixes (single onion services, Tor2web):
|
||||
- Stop logging long-term one-hop circuits deliberately created by single
|
||||
onion services and Tor2web. These log messages are intended to diagnose
|
||||
issue 8387, which relates to circuits hanging around forever for no
|
||||
reason.
|
||||
Fixes bug 20613; bugfix on 0.2.9.1-alpha. Reported by "pastly".
|
|
@ -0,0 +1,3 @@
|
|||
o Minor bugfixes (unit tests):
|
||||
- Stop spurious failures in the local interface address discovery unit
|
||||
tests. Fixes bug 20634; bugfix on 0.2.8.1-alpha; patch by Neel Chauhan.
|
|
@ -0,0 +1,5 @@
|
|||
o Minor bugfixes (hidden services):
|
||||
- Stop ignoring hidden service key anonymity when first starting tor.
|
||||
Instead, refuse to start tor if any hidden service key has been used in
|
||||
a different hidden service anonymity mode.
|
||||
Fixes bug 20638; bugfix on 17178 in 0.2.9.3-alpha; reported by ahf.
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (memory leak, use-after-free, linux seccomp2 sandbox):
|
||||
- Fix a memory leak and use-after-free error when removing entries
|
||||
from the sandbox's getaddrinfo() cache. Fixes bug 20710; bugfix on
|
||||
0.2.5.5-alpha. Patch from "cypherpunks".
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (memory leak)
|
||||
- When moving a signed descriptor object from a source to an existing
|
||||
destination, free the allocated memory inside that destination object.
|
||||
Bugfix on tor-0.2.8.3-alpha; Closes #20715.
|
|
@ -0,0 +1,3 @@
|
|||
o Minor bugfixes (client, memory leak):
|
||||
- Fix a small memory leak when receiving AF_UNIX connections on
|
||||
a SocksPort. Fixes bug 20716; bugfix on 0.2.6.3-alpha.
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (relay)
|
||||
- When computing old Tor protocol line version in protover, we were
|
||||
looking at 0.2.7.5 twice instead of a specific case for 0.2.9.1-alpha.
|
||||
Bugfix on tor-0.2.9.4-alpha.
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (unit tests, hidden services):
|
||||
- Remove a double-free in the single onion service unit test. Stop
|
||||
ignoring a return value. Make future changes less error-prone.
|
||||
Fixes bug 20864; bugfix on 0.2.9.6-rc.
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (download scheduling)
|
||||
- Resolve a "bug" warning when considering a download schedule whose
|
||||
delay had approached INT_MAX. Fixes 20875; bugfix on 0.2.9.5-alpha.
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
o Minor bugfixes (portability):
|
||||
- Use the correct spelling of MAC_OS_X_VERSION_10_12 on configure.ac
|
||||
Fixes bug 20935; bugfix on 0.2.9.6-rc.
|
|
@ -0,0 +1,11 @@
|
|||
o Major bugfixes (parsing, security):
|
||||
|
||||
- Fix a bug in parsing that could cause clients to read a single
|
||||
byte past the end of an allocated region. This bug could be
|
||||
used to cause hardened clients (built with
|
||||
--enable-expensive-hardening) to crash if they tried to visit
|
||||
a hostile hidden service. Non-hardened clients are only
|
||||
affected depending on the details of their platform's memory
|
||||
allocator. Fixes bug 21018; bugfix on 0.2.0.8-alpha. Found by
|
||||
using libFuzzer. Also tracked as TROVE-2016-12-002 and as
|
||||
CVE-2016-1254.
|
|
@ -0,0 +1,6 @@
|
|||
o Minor bugfixes (portability):
|
||||
- Avoid crashing when Tor is built using headers that contain
|
||||
CLOCK_MONOTONIC_COARSE, but then tries to run on an older kernel
|
||||
without CLOCK_MONOTONIC_COARSE. Fixes bug 21035; bugfix on
|
||||
0.2.9.1-alpha.
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
o Minor bugfixes (compilation):
|
||||
- Fix Libevent detection on platforms without Libevent 1 headers
|
||||
installed. Fixes bug 21051; bugfix on 0.2.9.1-alpha.
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (portability):
|
||||
- Don't exit the Tor process if setrlimit() fails to change the file
|
||||
limit (which can happen sometimes on some versions of OSX). Fixes
|
||||
bug 21074; bugfix on 0.0.9pre5.
|
|
@ -0,0 +1,6 @@
|
|||
o Major bugfixes (directory authority):
|
||||
- During voting, when marking a node as a probable sybil, do not
|
||||
clear its BadExit flag: sybils can still be bad in other ways
|
||||
too. (We still clear the other flags.) Fixes bug 21108; bugfix
|
||||
on 0.2.0.13-alpha.
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
o Minor bugfixes (code correctness):
|
||||
- Repair a couple of (unreachable or harmless) cases of the risky
|
||||
comparison-by-subtraction pattern that caused bug 21278.
|
|
@ -0,0 +1,4 @@
|
|||
o Minor features (directory authority):
|
||||
- Directory authorities now reject descriptors that claim to be
|
||||
malformed versions of Tor. Helps prevent exploitation of bug 21278.
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
o Minor bugfixes (tor-resolve):
|
||||
- The tor-resolve command line tool now rejects hostnames over 255
|
||||
characters in length. Previously, it would silently truncate
|
||||
them, which could lead to bugs. Fixes bug 21280; bugfix on 0.0.9pre5.
|
||||
Patch by "junglefowl".
|
|
@ -0,0 +1,7 @@
|
|||
o Major bugfixes (IPv6 Exits):
|
||||
- Stop rejecting all IPv6 traffic on Exits whose exit policy rejects IPv6
|
||||
addresses. Instead, only reject a port over IPv6 if the exit policy
|
||||
rejects that port on more than an IPv6 /16 of addresses. This bug was
|
||||
made worse by 17027 in 0.2.8.1-alpha, which rejects a relay's own IPv6
|
||||
address by default.
|
||||
Fixes bug 21357; bugfix on commit 004f3f4e53 in 0.2.4.7-alpha.
|
|
@ -0,0 +1,9 @@
|
|||
o Major bugfixes (Exit nodes):
|
||||
- Fix an issue causing high-bandwidth exit nodes to fail a majority
|
||||
or all of their DNS requests, making them basically unsuitable for
|
||||
regular usage in Tor circuits. The problem is related to
|
||||
libevent's DNS handling, but we can work around it in Tor. Fixes
|
||||
bugs 21394 and 18580; bugfix on 0.1.2.2-alpha which introduced
|
||||
eventdns. Credit goes to Dhalgren for identifying and finding a
|
||||
workaround to this bug and to gamambel, arthuredelstein and
|
||||
arma in helping to track it down and analyze it.
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (voting consistency):
|
||||
- Reject version numbers with components that exceed INT32_MAX.
|
||||
Otherwise 32-bit and 64-bit platforms would behave inconsistently.
|
||||
Fixes bug 21450; bugfix on 0.0.8pre1.
|
|
@ -0,0 +1,5 @@
|
|||
o Minor bugfixes (voting consistency):
|
||||
- Reject version numbers with non-numeric prefixes (such as +, -, and
|
||||
whitespace). Disallowing whitespace prevents differential version
|
||||
parsing between POSIX-based and Windows platforms.
|
||||
Fixes bug 21507 and part of 21508; bugfix on 0.0.8pre1.
|
|
@ -0,0 +1,4 @@
|
|||
o Major bugfixes (crash, directory connections):
|
||||
- Fix a rare crash when sending a begin cell on a circuit whose linked
|
||||
directory connection has already been closed. Fixes bug 21576;
|
||||
bugfix on Tor 0.2.9.3-alpha. Reported by alecmuffett.
|
|
@ -0,0 +1,6 @@
|
|||
o Minor bugfixes (Linux seccomp2 sandbox):
|
||||
- The getpid() system call is now permitted under the Linux seccomp2
|
||||
sandbox, to avoid crashing with versions of OpenSSL (and other
|
||||
libraries) that attempt to learn the process's PID by using the
|
||||
syscall rather than the VDSO code. Fixes bug 21943; bugfix on
|
||||
0.2.5.1-alpha.
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (control port, regression):
|
||||
- The GETINFO extra-info/digest/<digest> command was broken because of a
|
||||
wrong base16 decode return value check. In was introduced in a refactor
|
||||
of that API. Fixex bug #22034; bugfix on tor-0.2.9.1-alpha.
|
|
@ -0,0 +1,5 @@
|
|||
o Minor bugfixes (bandwidth accounting):
|
||||
- Roll over monthly accounting at the configured hour and minute,
|
||||
rather than always at 00:00.
|
||||
Fixes bug 22245; bugfix on 0.0.9rc1.
|
||||
Found by Andrey Karpov with PVS-Studio.
|
|
@ -0,0 +1,9 @@
|
|||
o Minor bugfixes (directory authority):
|
||||
- When a directory authority rejects a descriptor or extrainfo with
|
||||
a given digest, mark that digest as undownloadable, so that we
|
||||
do not attempt to download it again over and over. We previously
|
||||
tried to avoid downloading such descriptors by other means, but
|
||||
we didn't notice if we accidentally downloaded one anyway. This
|
||||
behavior became problematic in 0.2.7.2-alpha, when authorities
|
||||
began pinning Ed25519 keys. Fixes ticket
|
||||
22349; bugfix on 0.2.1.19-alpha.
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (memory handling):
|
||||
- When directory authorities reject a router descriptor due to keypinning,
|
||||
free the router descriptor rather than leaking the memory.
|
||||
Fixes bug 22370; bugfix on 0.2.7.2-alpha.
|
|
@ -0,0 +1,4 @@
|
|||
o Minor features (code style, backport from 0.3.1.3-alpha):
|
||||
- Add "Falls through" comments to our codebase, in order to silence
|
||||
GCC 7's -Wimplicit-fallthrough warnings. Patch from Andreas
|
||||
Stieger. Closes ticket 22446.
|
|
@ -0,0 +1,8 @@
|
|||
o Major bugfixes (relay, link handshake):
|
||||
|
||||
- When performing the v3 link handshake on a TLS connection, report that
|
||||
we have the x509 certificate that we actually used on that connection,
|
||||
even if we have changed certificates since that connection was first
|
||||
opened. Previously, we would claim to have used our most recent x509
|
||||
link certificate, which would sometimes make the link handshake fail.
|
||||
Fixes one case of bug 22460; bugfix on 0.2.3.6-alpha.
|
|
@ -0,0 +1,3 @@
|
|||
o Minor bugfixes (correctness):
|
||||
- Avoid undefined behavior when parsing IPv6 entries from the geoip6
|
||||
file. Fixes bug 22490; bugfix on 0.2.4.6-alpha.
|
|
@ -0,0 +1,5 @@
|
|||
o Minor bugfixes (linux seccomp2 sandbox):
|
||||
- Permit the fchmod system call, to avoid crashing on startup when
|
||||
starting with the seccomp2 sandbox and an unexpected set of permissions
|
||||
on the data directory or its contents. Fixes bug 22516; bugfix on
|
||||
0.2.5.4-alpha.
|
|
@ -0,0 +1,8 @@
|
|||
o Build features:
|
||||
- Tor's repository now includes a Travis Continuous Integration (CI)
|
||||
configuration file (.travis.yml). This is meant to help new developers and
|
||||
contributors who fork Tor to a Github repository be better able to test
|
||||
their changes, and understand what we expect to pass. To use this new build
|
||||
feature, you must fork Tor to your Github account, then go into the
|
||||
"Integrations" menu in the repository settings for your fork and enable
|
||||
Travis, then push your changes.
|
|
@ -0,0 +1,5 @@
|
|||
o Minor bugfixes (controller):
|
||||
- Do not crash when receiving a POSTDESCRIPTOR command with an
|
||||
empty body. Fixes part of bug 22644; bugfix on 0.2.0.1-alpha.
|
||||
- Do not crash when receiving a HSPOST command with an empty body.
|
||||
Fixes part of bug 22644; bugfix on 0.2.7.1-alpha.
|
|
@ -0,0 +1,12 @@
|
|||
o Minor bugfixes (defensive programming, undefined behavior):
|
||||
|
||||
- Fix a memset() off the end of an array when packing cells. This
|
||||
bug should be harmless in practice, since the corrupted bytes
|
||||
are still in the same structure, and are always padding bytes,
|
||||
ignored, or immediately overwritten, depending on compiler
|
||||
behavior. Nevertheless, because the memset()'s purpose is to
|
||||
make sure that any other cell-handling bugs can't expose bytes
|
||||
to the network, we need to fix it. Fixes bug 22737; bugfix on
|
||||
0.2.4.11-alpha. Fixes CID 1401591.
|
||||
|
||||
|
|
@ -0,0 +1,7 @@
|
|||
o Major bugfixes (openbsd, denial-of-service):
|
||||
- Avoid an assertion failure bug affecting our implementation of
|
||||
inet_pton(AF_INET6) on certain OpenBSD systems whose strtol()
|
||||
handling of "0xfoo" differs from what we had expected.
|
||||
Fixes bug 22789; bugfix on 0.2.3.8-alpha. Also tracked as
|
||||
TROVE-2017-007.
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes (file limits):
|
||||
- When setting the maximum number of connections allowed by the OS,
|
||||
always allow some extra file descriptors for other files.
|
||||
Fixes bug 22797; bugfix on 0.2.0.10-alpha.
|
|
@ -0,0 +1,5 @@
|
|||
o Minor bugfixes (compilation):
|
||||
- When building with certain versions the mingw C header files, avoid
|
||||
float-conversion warnings when calling the C functions isfinite(),
|
||||
isnan(), and signbit(). Fixes bug 22801; bugfix on 0.2.8.1-alpha.
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
o Minor bugfixes (compilation, mingw, backport from 0.3.1.1-alpha):
|
||||
- Backport a fix for an "unused variable" warning that appeared
|
||||
in some versions of mingw. Fixes bug 22838; bugfix on
|
||||
0.2.8.1-alpha.
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
o Minor bugfixes (compilation warnings):
|
||||
- Suppress -Wdouble-promotion warnings with clang 4.0. Fixes bug 22915;
|
||||
bugfix on 0.2.8.1-alpha.
|
|
@ -0,0 +1,3 @@
|
|||
o Minor bugfixes (Compilation):
|
||||
- Fix warnings when building with libscrypt and openssl scrypt support
|
||||
on Clang. Fixes bug 22916; bugfix on 0.2.7.2-alpha.
|
|
@ -0,0 +1,7 @@
|
|||
o Minor bugfixes (coverity builds):
|
||||
- Avoid Coverity build warnings related to our BUG() macro. By
|
||||
default, Coverity treats BUG() as the Linux kernel does: an
|
||||
instant abort(). We need to override that so our BUG() macro
|
||||
doesn't prevent Coverity from analyzing functions that use it.
|
||||
Fixes bug 23030; bugfix on 0.2.9.1-alpha.
|
||||
|
|
@ -0,0 +1,8 @@
|
|||
o Minor bugfixes (Windows service):
|
||||
- When running as a Windows service, set the ID of the main thread
|
||||
correctly. Failure to do so made us fail to send log messages
|
||||
to the controller in 0.2.1.16-rc, slowed down controller
|
||||
event delivery in 0.2.7.3-rc and later, and crash with an assertion
|
||||
failure in 0.3.1.1-alpha. Fixes bug 23081; bugfix on 0.2.1.6-alpha.
|
||||
Patch and diagnosis from "Vort".
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
o Minor bugfixes (testing):
|
||||
- Fix an undersized buffer in test-memwipe.c. Fixes bug 23291; bugfix on
|
||||
0.2.7.2-alpha. Found and patched by Ties Stuij.
|
|
@ -0,0 +1,11 @@
|
|||
o Minor bugfixes (path selection):
|
||||
- When selecting relays by bandwidth, avoid a rounding error that
|
||||
could sometimes cause load to be imbalanced incorrectly. Previously,
|
||||
we would always round upwards; now, we round towards the nearest
|
||||
integer. This had the biggest effect when a relay's weight adjustments
|
||||
should have given it weight 0, but it got weight 1 instead.
|
||||
Fixes bug 23318; bugfix on 0.2.4.3-alpha.
|
||||
- When calculating the fraction of nodes that have descriptors, and all
|
||||
all nodes in the network have zero bandwidths, count the number of nodes
|
||||
instead.
|
||||
Fixes bug 23318; bugfix on 0.2.4.10-alpha.
|
|
@ -0,0 +1,6 @@
|
|||
o Minor bugfix (relay address resolution):
|
||||
- Avoid unnecessary calls to directory_fetches_from_authorities()
|
||||
on relays. This avoids spurious address resolutions and
|
||||
descriptor rebuilds. This is a mitigation for 21789. The original
|
||||
bug was introduced in commit 35bbf2e as part of prop210.
|
||||
Fixes 23470 in 0.2.8.1-alpha.
|
|
@ -0,0 +1,5 @@
|
|||
o Major bugfixes (relay, crash, assertion failure):
|
||||
- Fix a timing-based assertion failure that could occur when the
|
||||
circuit out-of-memory handler freed a connection's output buffer.
|
||||
Fixes bug 23690; bugfix on 0.2.6.1-alpha.
|
||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue