[tor-commits] [translation/torbutton-abouttorproperties] Update translations for torbutton-abouttorproperties
commit 956e90ab5e5356f2dfa11c4c454b16cb6f8840b1 Author: Translation commit bot Date: Tue Dec 15 08:46:03 2015 + Update translations for torbutton-abouttorproperties --- is/abouttor.properties | 12 ++-- 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/is/abouttor.properties b/is/abouttor.properties index ec02ffe..98df11f 100644 --- a/is/abouttor.properties +++ b/is/abouttor.properties @@ -21,13 +21,13 @@ aboutTor.searchDC.privacy.link=https://disconnect.me/privacy aboutTor.searchDC.search.link=https://search.disconnect.me/ aboutTor.donationBanner.lp.who=â Laura Poitras -aboutTor.donationBanner.lp.quote=Edward Snowden would not have been able to contact me without Tor and other free software encryption projects. Tor is an essential tool, and it needs our support. -aboutTor.donationBanner.lp.speciality=Oscar-Winning Documentary Filmmaker, CitizenFour +aboutTor.donationBanner.lp.quote=Edward Snowden hefði ekki getað verið à sambandi við mig á Tor og annars frjáls dulritunarhugbúnaðar. Tor er ómissandi verkfæri sem hefur þörf fyrir stuðning okkar. +aboutTor.donationBanner.lp.speciality=Ãskarsverðlaunahafi, heimildamyndagerðamaður, CitizenFour aboutTor.donationBanner.cd.who=â Cory Doctorow -aboutTor.donationBanner.cd.quote=Privacy and anonymity matter to all of us. -aboutTor.donationBanner.cd.speciality= Novelist, technology activist, co-editor of Boing Boing +aboutTor.donationBanner.cd.quote=Persónuvernd og nafnleysi skipta máli fyrir okkur öll. +aboutTor.donationBanner.cd.speciality= Rithöfundur, aktÃvisti à tæknigeiranum, meðritstjóri Boing Boing aboutTor.donationBanner.rd.who=â Roger Dingledine -aboutTor.donationBanner.rd.quote=Please help the strongest privacy tool in the world become more sustainable! -aboutTor.donationBanner.rd.speciality=Founder, Acting Executive Director of the Tor Project +aboutTor.donationBanner.rd.quote=Endilega hjálpið öflugasta persónuverndartóli à heiminum að verða sjálfbæru! +aboutTor.donationBanner.rd.speciality=Stofnandi, sitjandi framkvæmdastjóri Tor-verkefnisins ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/torbutton-abouttorproperties_completed] Update translations for torbutton-abouttorproperties_completed
commit 9e3225223d68bd115336be1e07d97fc9e671c1a8 Author: Translation commit bot Date: Tue Dec 15 08:46:09 2015 + Update translations for torbutton-abouttorproperties_completed --- is/abouttor.properties | 12 1 file changed, 12 insertions(+) diff --git a/is/abouttor.properties b/is/abouttor.properties index 59bad91..98df11f 100644 --- a/is/abouttor.properties +++ b/is/abouttor.properties @@ -19,3 +19,15 @@ aboutTor.searchDC.privacy=Leita á öruggan hátt með https://disconnect.me/privacy # The following string is a link which replaces %2$S above. aboutTor.searchDC.search.link=https://search.disconnect.me/ + +aboutTor.donationBanner.lp.who=â Laura Poitras +aboutTor.donationBanner.lp.quote=Edward Snowden hefði ekki getað verið à sambandi við mig á Tor og annars frjáls dulritunarhugbúnaðar. Tor er ómissandi verkfæri sem hefur þörf fyrir stuðning okkar. +aboutTor.donationBanner.lp.speciality=Ãskarsverðlaunahafi, heimildamyndagerðamaður, CitizenFour + +aboutTor.donationBanner.cd.who=â Cory Doctorow +aboutTor.donationBanner.cd.quote=Persónuvernd og nafnleysi skipta máli fyrir okkur öll. +aboutTor.donationBanner.cd.speciality= Rithöfundur, aktÃvisti à tæknigeiranum, meðritstjóri Boing Boing + +aboutTor.donationBanner.rd.who=â Roger Dingledine +aboutTor.donationBanner.rd.quote=Endilega hjálpið öflugasta persónuverndartóli à heiminum að verða sjálfbæru! +aboutTor.donationBanner.rd.speciality=Stofnandi, sitjandi framkvæmdastjóri Tor-verkefnisins ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tails-persistence-setup_completed] Update translations for tails-persistence-setup_completed
commit 3bc62889882d61da1d5a6ae51cd66d268f846bff Author: Translation commit bot Date: Tue Dec 15 09:47:10 2015 + Update translations for tails-persistence-setup_completed --- bg/bg.po | 48 ++--- da/da.po | 48 ++--- de/de.po | 48 ++--- el/el.po | 48 ++--- en_GB/en_GB.po| 48 ++--- es/es.po | 48 ++--- fa/fa.po | 48 ++--- fr/fr.po | 48 ++--- fr_CA/fr_CA.po| 48 ++--- hr_HR/hr_HR.po| 48 ++--- hu/hu.po | 48 ++--- id/id.po | 48 ++--- it/it.po | 48 ++--- lv/lv.po | 48 ++--- nb/nb.po | 48 ++--- nl/nl.po | 48 ++--- pl/pl.po | 48 ++--- pt/pt.po | 48 ++--- pt_BR/pt_BR.po| 48 ++--- ru/ru.po | 48 ++--- sv/sv.po | 48 ++--- templates/tails-persistence-setup.pot | 46 +-- tr/tr.po | 48 ++--- uk/uk.po | 48 ++--- zh_CN/zh_CN.po| 48 ++--- 25 files changed, 499 insertions(+), 699 deletions(-) diff --git a/bg/bg.po b/bg/bg.po index 97de3e9..5e2a86d 100644 --- a/bg/bg.po +++ b/bg/bg.po @@ -15,9 +15,9 @@ msgid "" msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: Tails developers \n" -"POT-Creation-Date: 2015-10-26 14:15+0100\n" -"PO-Revision-Date: 2015-10-27 15:06+\n" -"Last-Translator: 4Joy \n" +"POT-Creation-Date: 2015-12-14 21:35+0100\n" +"PO-Revision-Date: 2015-12-15 09:27+\n" +"Last-Translator: carolyn \n" "Language-Team: Bulgarian (http://www.transifex.com/otf/torproject/language/bg/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -58,82 +58,74 @@ msgid "Pidgin profiles and OTR keyring" msgstr "Pidgin пÑоÑили и OTR клÑÑодÑÑжаÑел" #: ../lib/Tails/Persistence/Configuration/Presets.pm:88 -msgid "Claws Mail" -msgstr "Claws Mail" - -#: ../lib/Tails/Persistence/Configuration/Presets.pm:90 -msgid "Claws Mail profiles and locally stored email" -msgstr "Claws Mail пÑоÑили и локално ÑÑÑ Ñанени имейл" - -#: ../lib/Tails/Persistence/Configuration/Presets.pm:98 msgid "GNOME Keyring" msgstr "GNOME клÑÑодÑÑжаÑел" -#: ../lib/Tails/Persistence/Configuration/Presets.pm:100 +#: ../lib/Tails/Persistence/Configuration/Presets.pm:90 msgid "Secrets stored by GNOME Keyring" msgstr "ТайниÑе, ÑÑÑ ÑанÑвани Ð¾Ñ GNOME клÑÑодÑÑжаÑел" -#: ../lib/Tails/Persistence/Configuration/Presets.pm:108 +#: ../lib/Tails/Persistence/Configuration/Presets.pm:98 msgid "Network Connections" msgstr "ÐÑежовиÑе вÑÑзки" -#: ../lib/Tails/Persistence/Configuration/Presets.pm:110 +#: ../lib/Tails/Persistence/Configuration/Presets.pm:100 msgid "Configuration of network devices and connections" msgstr "ÐонÑигÑÑиÑане на мÑежови ÑÑÑÑойÑÑва и вÑÑзки" -#: ../lib/Tails/Persistence/Configuration/Presets.pm:118 +#: ../lib/Tails/Persistence/Configuration/Presets.pm:108 msgid "Browser bookmarks" msgstr "ÐÑмеÑки на бÑаÑзÑÑа" -#: ../lib/Tails/Persistence/Configuration/Presets.pm:120 +#: ../lib/Tails/Persistence/Configuration/Presets.pm:110 msgid "Bookmarks saved in the Tor Browser" msgstr "ÐÑмеÑкиÑе Ñа запазени в Tor Browser" -#: ../lib/Tails/Persistence/Configuration/Presets.pm:128 +#: ../lib/Tails/Persistence/Configuration/Presets.pm:118 msgid "Printers" msgstr "ÐÑинÑеÑи" -#: ../lib/Tails/Persistence/Configuration/Presets.pm:130 +#: ../lib/Tails/Persistence/Configuration/Presets.pm:120 msgid "Printers configuration" msgstr "ÐонÑигÑÑаÑÐ¸Ñ Ð½Ð° пÑинÑеÑи" -#: ../lib/Tails/Persistence/Configuration/Presets.pm:138 +#: ../lib/Tails/Persistence/Configuration/
[tor-commits] [metrics-lib/master] Introduce a new ExitList.Entry type.
commit b50e961a63a40a4c0d18129d42be351a47f5248e
Author: iwakeh
Date: Sat Dec 12 15:00:00 2015 +
Introduce a new ExitList.Entry type.
Patch for #17821
---
CHANGELOG.md |5 +
src/org/torproject/descriptor/ExitList.java| 26
src/org/torproject/descriptor/ExitListEntry.java |4 +-
.../descriptor/impl/ExitListEntryImpl.java | 115 -
.../torproject/descriptor/impl/ExitListImpl.java | 80
.../descriptor/impl/ExitListImplTest.java | 131
6 files changed, 300 insertions(+), 61 deletions(-)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 03c2940..a56f9f4 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,6 +7,11 @@
- Support parsing of .xz-compressed tarballs using Apache Commons
Compress and XZ for Java. Applications only need to add XZ for
Java as dependency if they want to parse .xz-compressed tarballs.
+ - Introduce a new ExitList.Entry type for exit list entries instead
+ of the ExitListEntry type which is now deprecated. The main
+ difference between the two is that ExitList.Entry can hold more
+ than one exit address and scan time which were previously parsed
+ as multiple ExitListEntry instances.
# Changes in version 1.0.0 - 2015-12-05
diff --git a/src/org/torproject/descriptor/ExitList.java
b/src/org/torproject/descriptor/ExitList.java
index 09d7c25..c813a6b 100644
--- a/src/org/torproject/descriptor/ExitList.java
+++ b/src/org/torproject/descriptor/ExitList.java
@@ -2,15 +2,41 @@
* See LICENSE for licensing information */
package org.torproject.descriptor;
+import java.util.Map;
import java.util.Set;
/* Exit list containing all known exit scan results at a given time. */
public interface ExitList extends Descriptor {
+ public final static String EOL = "\n";
+
+ /* Exit list entry containing results from a single exit scan. */
+ public interface Entry {
+
+/* Return the scanned relay's fingerprint. */
+public String getFingerprint();
+
+/* Return the publication time of the scanned relay's last known
+ * descriptor. */
+public long getPublishedMillis();
+
+/* Return the publication time of the network status that this scan
+ * was based on. */
+public long getLastStatusMillis();
+
+/* Return the IP addresses that were determined in the scan. */
+public Map getExitAddresses();
+ }
+
/* Return the download time of the exit list. */
public long getDownloadedMillis();
/* Return the unordered set of exit scan results. */
+ /* Use getEntries instead. */
+ @Deprecated
public Set getExitListEntries();
+
+ /* Return the unordered set of exit scan results. */
+ public Set getEntries();
}
diff --git a/src/org/torproject/descriptor/ExitListEntry.java
b/src/org/torproject/descriptor/ExitListEntry.java
index 201a172..7b69483 100644
--- a/src/org/torproject/descriptor/ExitListEntry.java
+++ b/src/org/torproject/descriptor/ExitListEntry.java
@@ -3,7 +3,9 @@
package org.torproject.descriptor;
/* Exit list entry containing results from a single exit scan. */
-public interface ExitListEntry {
+/* Use org.torproject.descriptor.ExitList.Entry instead. */
+@Deprecated
+public interface ExitListEntry extends ExitList.Entry {
/* Return the scanned relay's fingerprint. */
public String getFingerprint();
diff --git a/src/org/torproject/descriptor/impl/ExitListEntryImpl.java
b/src/org/torproject/descriptor/impl/ExitListEntryImpl.java
index a03e373..e899bcf 100644
--- a/src/org/torproject/descriptor/impl/ExitListEntryImpl.java
+++ b/src/org/torproject/descriptor/impl/ExitListEntryImpl.java
@@ -3,15 +3,19 @@
package org.torproject.descriptor.impl;
import org.torproject.descriptor.DescriptorParseException;
+import org.torproject.descriptor.ExitList;
+
import java.util.ArrayList;
+import java.util.HashMap;
import java.util.List;
+import java.util.Map;
import java.util.Scanner;
import java.util.SortedSet;
import java.util.TreeSet;
import org.torproject.descriptor.ExitListEntry;
-public class ExitListEntryImpl implements ExitListEntry {
+public class ExitListEntryImpl implements ExitListEntry, ExitList.Entry {
private byte[] exitListEntryBytes;
public byte[] getExitListEntryBytes() {
@@ -26,6 +30,31 @@ public class ExitListEntryImpl implements ExitListEntry {
return lines;
}
+ @Deprecated
+ private ExitListEntryImpl(String fingerprint, long publishedMillis,
+ long lastStatusMillis, String exitAddress, long scanMillis) {
+this.fingerprint = fingerprint;
+this.publishedMillis = publishedMillis;
+this.lastStatusMillis = lastStatusMillis;
+this.exitAddresses.put(exitAddress, scanMillis);
+ }
+
+ @Deprecated
+ List oldEntries() {
+List result = new ArrayList<>();
+if (this.exitAddresses.size() > 1) {
+ for (Map.Entry entry :
+ this.exitAddresses.entrySet()) {
+result.add(n
[tor-commits] [metrics-lib/master] Allow to distinguish between relay and bridge descriptors.
commit 957d57be0e3a721e5dcc6d3515c604ef280cff29
Author: Karsten Loesing
Date: Tue Dec 15 14:04:11 2015 +0100
Allow to distinguish between relay and bridge descriptors.
So far, we did not distinguish between relay and bridge descriptors in
the case of server descriptors and extra-info descriptors. This works
just fine, because we tried hard to re-use existing keywords in relay
descriptors for sanitized contents in bridge descriptors to facilitate
parsing.
However, some applications process both relay and bridge descriptors
and need to add workarounds for distinguishing between the two. For
example, they couldn't just read the contents of CollecTor's recent/
directory, because they wouldn't be able to know whether a
ServerDescriptor instance was published by a relay or bridge. Or even
worse, if an application expects a given directory to contain relay
descriptors and that directory suddenly contains bridge descriptors,
that application wouldn't notice.
This change adds new interfaces to distinguish between relay and
bridge descriptors. It still supports the existing two interfaces
that don't make this distinction. Those two interfaces are not
deprecated, because it's okay if an application does not care whether
a descriptor was published by a relay or bridge.
This change is in parts based on a discussion with atagar. Thanks!
Implements #17000.
---
CHANGELOG.md |6 +++
.../descriptor/BridgeExtraInfoDescriptor.java |9
.../descriptor/BridgeServerDescriptor.java |9
.../torproject/descriptor/ExtraInfoDescriptor.java |1 +
.../descriptor/RelayExtraInfoDescriptor.java |9
.../descriptor/RelayServerDescriptor.java |9
.../torproject/descriptor/ServerDescriptor.java|2 +-
.../impl/BridgeExtraInfoDescriptorImpl.java| 38 ++
.../impl/BridgeServerDescriptorImpl.java | 38 ++
.../torproject/descriptor/impl/DescriptorImpl.java | 15 --
.../descriptor/impl/ExtraInfoDescriptorImpl.java | 23 ++---
.../descriptor/impl/RelayDirectoryImpl.java|5 +-
.../impl/RelayExtraInfoDescriptorImpl.java | 38 ++
.../descriptor/impl/RelayServerDescriptorImpl.java | 38 ++
.../descriptor/impl/ServerDescriptorImpl.java | 23 ++---
.../impl/ExtraInfoDescriptorImplTest.java | 38 +++---
.../descriptor/impl/ServerDescriptorImplTest.java | 52 ++--
17 files changed, 261 insertions(+), 92 deletions(-)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index a56f9f4..5456795 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -12,6 +12,12 @@
difference between the two is that ExitList.Entry can hold more
than one exit address and scan time which were previously parsed
as multiple ExitListEntry instances.
+ - Introduce four new types to distinguish between relay and bridge
+ descriptors: RelayServerDescriptor, RelayExtraInfoDescriptor,
+ BridgeServerDescriptor, and BridgeExtraInfoDescriptor. The
+ existing types, ServerDescriptor and ExtraInfoDescriptor, are
+ still usable and will not be deprecated, because applications may
+ not care whether a relay or a bridge published a descriptor.
# Changes in version 1.0.0 - 2015-12-05
diff --git a/src/org/torproject/descriptor/BridgeExtraInfoDescriptor.java
b/src/org/torproject/descriptor/BridgeExtraInfoDescriptor.java
new file mode 100644
index 000..b566283
--- /dev/null
+++ b/src/org/torproject/descriptor/BridgeExtraInfoDescriptor.java
@@ -0,0 +1,9 @@
+/* Copyright 2015 The Tor Project
+ * See LICENSE for licensing information */
+package org.torproject.descriptor;
+
+/* Contains a bridge extra-info descriptor. */
+public interface BridgeExtraInfoDescriptor extends ExtraInfoDescriptor {
+
+}
+
diff --git a/src/org/torproject/descriptor/BridgeServerDescriptor.java
b/src/org/torproject/descriptor/BridgeServerDescriptor.java
new file mode 100644
index 000..15b618a
--- /dev/null
+++ b/src/org/torproject/descriptor/BridgeServerDescriptor.java
@@ -0,0 +1,9 @@
+/* Copyright 2015 The Tor Project
+ * See LICENSE for licensing information */
+package org.torproject.descriptor;
+
+/* Contains a bridge server descriptor. */
+public interface BridgeServerDescriptor extends ServerDescriptor {
+
+}
+
diff --git a/src/org/torproject/descriptor/ExtraInfoDescriptor.java
b/src/org/torproject/descriptor/ExtraInfoDescriptor.java
index 7221a57..380be00 100644
--- a/src/org/torproject/descriptor/ExtraInfoDescriptor.java
+++ b/src/org/torproject/descriptor/ExtraInfoDescriptor.java
@@ -5,6 +5,7 @@ package org.torproject.descriptor;
import java.util.List;
import java.util.SortedMap;
+/* Contains a relay or bridge extra-info descriptor. */
public interface ExtraInfoDescriptor extends Descriptor
[tor-commits] [tor/maint-0.2.7] Fix backtrace compilation on FreeBSD
commit 07cca627eaab800d4874f3d0914d3cf7eaa601a9
Author: cypherpunks
Date: Tue Dec 15 16:30:04 2015 +0100
Fix backtrace compilation on FreeBSD
On FreeBSD backtrace(3) uses size_t instead of int (as glibc does). This
causes integer precision loss errors when we used int to store its
results.
The issue is fixed by using size_t to store the results of backtrace(3).
The manual page of glibc does not mention that backtrace(3) returns
negative values. Therefore, no unsigned integer wrapping occurs when its
result is stored in an unsigned data type.
---
changes/bug17827 |3 +++
src/common/backtrace.c | 16
src/common/backtrace.h |2 +-
src/common/sandbox.c |2 +-
4 files changed, 13 insertions(+), 10 deletions(-)
diff --git a/changes/bug17827 b/changes/bug17827
new file mode 100644
index 000..04cd3b5
--- /dev/null
+++ b/changes/bug17827
@@ -0,0 +1,3 @@
+ o Minor bugfixes (compilation):
+- Fix backtrace compilation on FreeBSD. Fixes bug 17827; bugfix on
+ tor-0.2.5.2-alpha.
diff --git a/src/common/backtrace.c b/src/common/backtrace.c
index a2d5378..8d544ed 100644
--- a/src/common/backtrace.c
+++ b/src/common/backtrace.c
@@ -62,16 +62,16 @@ static tor_mutex_t cb_buf_mutex;
* ucontext_t structure.
*/
void
-clean_backtrace(void **stack, int depth, const ucontext_t *ctx)
+clean_backtrace(void **stack, size_t depth, const ucontext_t *ctx)
{
#ifdef PC_FROM_UCONTEXT
#if defined(__linux__)
- const int n = 1;
+ const size_t n = 1;
#elif defined(__darwin__) || defined(__APPLE__) || defined(__OpenBSD__) \
|| defined(__FreeBSD__)
- const int n = 2;
+ const size_t n = 2;
#else
- const int n = 1;
+ const size_t n = 1;
#endif
if (depth <= n)
return;
@@ -89,9 +89,9 @@ clean_backtrace(void **stack, int depth, const ucontext_t
*ctx)
void
log_backtrace(int severity, int domain, const char *msg)
{
- int depth;
+ size_t depth;
char **symbols;
- int i;
+ size_t i;
tor_mutex_acquire(&cb_buf_mutex);
@@ -120,7 +120,7 @@ static void
crash_handler(int sig, siginfo_t *si, void *ctx_)
{
char buf[40];
- int depth;
+ size_t depth;
ucontext_t *ctx = (ucontext_t *) ctx_;
int n_fds, i;
const int *fds = NULL;
@@ -174,7 +174,7 @@ install_bt_handler(void)
* libc has pre-loaded the symbols we need to dump things, so that later
* reads won't be denied by the sandbox code */
char **symbols;
-int depth = backtrace(cb_buf, MAX_DEPTH);
+size_t depth = backtrace(cb_buf, MAX_DEPTH);
symbols = backtrace_symbols(cb_buf, depth);
if (symbols)
free(symbols);
diff --git a/src/common/backtrace.h b/src/common/backtrace.h
index a9151d7..838e18e 100644
--- a/src/common/backtrace.h
+++ b/src/common/backtrace.h
@@ -13,7 +13,7 @@ void clean_up_backtrace_handler(void);
#ifdef EXPOSE_CLEAN_BACKTRACE
#if defined(HAVE_EXECINFO_H) && defined(HAVE_BACKTRACE) && \
defined(HAVE_BACKTRACE_SYMBOLS_FD) && defined(HAVE_SIGACTION)
-void clean_backtrace(void **stack, int depth, const ucontext_t *ctx);
+void clean_backtrace(void **stack, size_t depth, const ucontext_t *ctx);
#endif
#endif
diff --git a/src/common/sandbox.c b/src/common/sandbox.c
index b995762..3a9f2a1 100644
--- a/src/common/sandbox.c
+++ b/src/common/sandbox.c
@@ -1598,7 +1598,7 @@ sigsys_debugging(int nr, siginfo_t *info, void
*void_context)
const char *syscall_name;
int syscall;
#ifdef USE_BACKTRACE
- int depth;
+ size_t depth;
int n_fds, i;
const int *fds = NULL;
#endif
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Fix backtrace compilation on FreeBSD
commit 07cca627eaab800d4874f3d0914d3cf7eaa601a9
Author: cypherpunks
Date: Tue Dec 15 16:30:04 2015 +0100
Fix backtrace compilation on FreeBSD
On FreeBSD backtrace(3) uses size_t instead of int (as glibc does). This
causes integer precision loss errors when we used int to store its
results.
The issue is fixed by using size_t to store the results of backtrace(3).
The manual page of glibc does not mention that backtrace(3) returns
negative values. Therefore, no unsigned integer wrapping occurs when its
result is stored in an unsigned data type.
---
changes/bug17827 |3 +++
src/common/backtrace.c | 16
src/common/backtrace.h |2 +-
src/common/sandbox.c |2 +-
4 files changed, 13 insertions(+), 10 deletions(-)
diff --git a/changes/bug17827 b/changes/bug17827
new file mode 100644
index 000..04cd3b5
--- /dev/null
+++ b/changes/bug17827
@@ -0,0 +1,3 @@
+ o Minor bugfixes (compilation):
+- Fix backtrace compilation on FreeBSD. Fixes bug 17827; bugfix on
+ tor-0.2.5.2-alpha.
diff --git a/src/common/backtrace.c b/src/common/backtrace.c
index a2d5378..8d544ed 100644
--- a/src/common/backtrace.c
+++ b/src/common/backtrace.c
@@ -62,16 +62,16 @@ static tor_mutex_t cb_buf_mutex;
* ucontext_t structure.
*/
void
-clean_backtrace(void **stack, int depth, const ucontext_t *ctx)
+clean_backtrace(void **stack, size_t depth, const ucontext_t *ctx)
{
#ifdef PC_FROM_UCONTEXT
#if defined(__linux__)
- const int n = 1;
+ const size_t n = 1;
#elif defined(__darwin__) || defined(__APPLE__) || defined(__OpenBSD__) \
|| defined(__FreeBSD__)
- const int n = 2;
+ const size_t n = 2;
#else
- const int n = 1;
+ const size_t n = 1;
#endif
if (depth <= n)
return;
@@ -89,9 +89,9 @@ clean_backtrace(void **stack, int depth, const ucontext_t
*ctx)
void
log_backtrace(int severity, int domain, const char *msg)
{
- int depth;
+ size_t depth;
char **symbols;
- int i;
+ size_t i;
tor_mutex_acquire(&cb_buf_mutex);
@@ -120,7 +120,7 @@ static void
crash_handler(int sig, siginfo_t *si, void *ctx_)
{
char buf[40];
- int depth;
+ size_t depth;
ucontext_t *ctx = (ucontext_t *) ctx_;
int n_fds, i;
const int *fds = NULL;
@@ -174,7 +174,7 @@ install_bt_handler(void)
* libc has pre-loaded the symbols we need to dump things, so that later
* reads won't be denied by the sandbox code */
char **symbols;
-int depth = backtrace(cb_buf, MAX_DEPTH);
+size_t depth = backtrace(cb_buf, MAX_DEPTH);
symbols = backtrace_symbols(cb_buf, depth);
if (symbols)
free(symbols);
diff --git a/src/common/backtrace.h b/src/common/backtrace.h
index a9151d7..838e18e 100644
--- a/src/common/backtrace.h
+++ b/src/common/backtrace.h
@@ -13,7 +13,7 @@ void clean_up_backtrace_handler(void);
#ifdef EXPOSE_CLEAN_BACKTRACE
#if defined(HAVE_EXECINFO_H) && defined(HAVE_BACKTRACE) && \
defined(HAVE_BACKTRACE_SYMBOLS_FD) && defined(HAVE_SIGACTION)
-void clean_backtrace(void **stack, int depth, const ucontext_t *ctx);
+void clean_backtrace(void **stack, size_t depth, const ucontext_t *ctx);
#endif
#endif
diff --git a/src/common/sandbox.c b/src/common/sandbox.c
index b995762..3a9f2a1 100644
--- a/src/common/sandbox.c
+++ b/src/common/sandbox.c
@@ -1598,7 +1598,7 @@ sigsys_debugging(int nr, siginfo_t *info, void
*void_context)
const char *syscall_name;
int syscall;
#ifdef USE_BACKTRACE
- int depth;
+ size_t depth;
int n_fds, i;
const int *fds = NULL;
#endif
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Remove obsolete INLINE preprocessor definition
commit e91ccbb4f6e7330aa7097f31dcf07cbfda87b75b Author: cypherpunks Date: Thu Dec 10 16:26:04 2015 +0100 Remove obsolete INLINE preprocessor definition The INLINE keyword is not used anymore in favor of inline. Windows only supports __inline so an inline preprocessor definition is still needed. --- src/common/compat.h |4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/src/common/compat.h b/src/common/compat.h index edc41eb..fb17783 100644 --- a/src/common/compat.h +++ b/src/common/compat.h @@ -75,9 +75,7 @@ /* inline is __inline on windows. */ #ifdef _WIN32 -#define INLINE __inline -#else -#define INLINE inline +#define inline __inline #endif /* Try to get a reasonable __func__ substitute in place. */ ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge branch 'maint-0.2.7'
commit fec5aa75f4c50f6b307edbc7662bdb9c5a73f617 Merge: b463773 07cca62 Author: Nick Mathewson Date: Tue Dec 15 11:55:46 2015 -0500 Merge branch 'maint-0.2.7' changes/bug17827 |3 +++ src/common/backtrace.c | 16 src/common/backtrace.h |2 +- src/common/sandbox.c |2 +- 4 files changed, 13 insertions(+), 10 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Add changes file for 17804
commit b463773fc3862107acdd05ea86016efc8e13e3a5 Author: cypherpunks Date: Thu Dec 10 17:00:49 2015 +0100 Add changes file for 17804 --- changes/bug17804 |3 +++ 1 file changed, 3 insertions(+) diff --git a/changes/bug17804 b/changes/bug17804 new file mode 100644 index 000..bd2a3cb --- /dev/null +++ b/changes/bug17804 @@ -0,0 +1,3 @@ + o Minor bugfixes (compilation): +- Replace usage of 'INLINE' with 'inline'. Fixes bug 17804; bugfix + on tor-0.0.2pre8. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Remove the INLINE coding standard
commit 816207511b75f775d7dcc383875fa26f64ea98bf Author: cypherpunks Date: Thu Dec 10 16:54:52 2015 +0100 Remove the INLINE coding standard --- doc/HACKING/CodingStandards.md |3 --- 1 file changed, 3 deletions(-) diff --git a/doc/HACKING/CodingStandards.md b/doc/HACKING/CodingStandards.md index d2fc784..bec0765 100644 --- a/doc/HACKING/CodingStandards.md +++ b/doc/HACKING/CodingStandards.md @@ -138,9 +138,6 @@ available containers in `src/common/containers*.h`. You should probably familiarize yourself with these modules before you write too much code, or else you'll wind up reinventing the wheel. -Use `INLINE` instead of `inline` -- it's a vestige of an old hack to make -sure that we worked on MSVC6. - We don't use `strcat` or `strcpy` or `sprintf` of any of those notoriously broken old C functions. Use `strlcat`, `strlcpy`, or `tor_snprintf/tor_asprintf` instead. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Remove eventdns specific inline definition
commit 62c4d3880fa0e9929c575a66a7c4f464498a7c5e Author: cypherpunks Date: Thu Dec 10 16:47:39 2015 +0100 Remove eventdns specific inline definition The header includes compat.h which already defines inline. --- src/or/eventdns_tor.h |3 --- 1 file changed, 3 deletions(-) diff --git a/src/or/eventdns_tor.h b/src/or/eventdns_tor.h index 9d51f09..f41c5c0 100644 --- a/src/or/eventdns_tor.h +++ b/src/or/eventdns_tor.h @@ -12,9 +12,6 @@ typedef unsigned int uint; #ifndef HAVE_U_CHAR typedef unsigned char u_char; #endif -#ifdef _WIN32 -#define inline __inline -#endif #include "torint.h" /* These are for debugging possible memory leaks. */ ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Replace usage of INLINE with inline
commit 824a6a2a90ff92edd70b60d4f1a8d5ecacc263a0
Author: cypherpunks
Date: Thu Dec 10 16:19:43 2015 +0100
Replace usage of INLINE with inline
This patch was generated using;
sed -i -e "s/\bINLINE\b/inline/" src/*/*.[ch] src/*/*/*.[ch]
---
src/common/address.h | 32 ++---
src/common/aes.c |2 +-
src/common/compat.c|8 +++---
src/common/compat.h|6 ++--
src/common/container.c | 34 +++
src/common/container.h | 66 ++--
src/common/crypto.c|4 +--
src/common/log.c | 14 +-
src/common/memarea.c |2 +-
src/common/torgzip.c |4 +--
src/common/tortls.c|2 +-
src/common/util.c |4 +--
src/common/util_format.c |2 +-
src/common/util_process.c |4 +--
src/ext/eventdns.c |2 +-
src/ext/ht.h | 26 -
src/or/buffers.c | 28 +--
src/or/channel.c |4 +--
src/or/channel.h |2 +-
src/or/circuitbuild.c |2 +-
src/or/circuitlist.c |6 ++--
src/or/circuitmux.c| 20 +++---
src/or/circuitmux_ewma.c |8 +++---
src/or/connection.h|8 +++---
src/or/control.c |8 +++---
src/or/directory.h |4 +--
src/or/dirserv.c |4 +--
src/or/dns.c |6 ++--
src/or/fp_pair.c |4 +--
src/or/geoip.c |4 +--
src/or/hibernate.c |2 +-
src/or/keypin.c|8 +++---
src/or/microdesc.c |4 +--
src/or/nodelist.c | 10 +++
src/or/or.h| 32 ++---
src/or/policies.c |2 +-
src/or/relay.c |4 +--
src/or/rendcommon.h|2 +-
src/or/rephist.c |6 ++--
src/or/routerlist.c| 10 +++
src/or/routerlist.h|8 +++---
src/or/routerparse.c |6 ++--
src/or/transports.c|6 ++--
src/test/test-memwipe.c|2 +-
src/test/test_channeltls.c |2 +-
45 files changed, 212 insertions(+), 212 deletions(-)
diff --git a/src/common/address.h b/src/common/address.h
index 34959fc..684ba65 100644
--- a/src/common/address.h
+++ b/src/common/address.h
@@ -73,13 +73,13 @@ typedef struct tor_addr_port_t
#define TOR_ADDR_NULL {AF_UNSPEC, {0}}
-static INLINE const struct in6_addr *tor_addr_to_in6(const tor_addr_t *a);
-static INLINE uint32_t tor_addr_to_ipv4n(const tor_addr_t *a);
-static INLINE uint32_t tor_addr_to_ipv4h(const tor_addr_t *a);
-static INLINE uint32_t tor_addr_to_mapped_ipv4h(const tor_addr_t *a);
-static INLINE sa_family_t tor_addr_family(const tor_addr_t *a);
-static INLINE const struct in_addr *tor_addr_to_in(const tor_addr_t *a);
-static INLINE int tor_addr_eq_ipv4h(const tor_addr_t *a, uint32_t u);
+static inline const struct in6_addr *tor_addr_to_in6(const tor_addr_t *a);
+static inline uint32_t tor_addr_to_ipv4n(const tor_addr_t *a);
+static inline uint32_t tor_addr_to_ipv4h(const tor_addr_t *a);
+static inline uint32_t tor_addr_to_mapped_ipv4h(const tor_addr_t *a);
+static inline sa_family_t tor_addr_family(const tor_addr_t *a);
+static inline const struct in_addr *tor_addr_to_in(const tor_addr_t *a);
+static inline int tor_addr_eq_ipv4h(const tor_addr_t *a, uint32_t u);
socklen_t tor_addr_to_sockaddr(const tor_addr_t *a, uint16_t port,
struct sockaddr *sa_out, socklen_t len);
@@ -91,7 +91,7 @@ char *tor_sockaddr_to_str(const struct sockaddr *sa);
/** Return an in6_addr* equivalent to a, or NULL if a is not
* an IPv6 address. */
-static INLINE const struct in6_addr *
+static inline const struct in6_addr *
tor_addr_to_in6(const tor_addr_t *a)
{
return a->family == AF_INET6 ? &a->addr.in6_addr : NULL;
@@ -115,14 +115,14 @@ tor_addr_to_in6(const tor_addr_t *a)
/** Return an IPv4 address in network order for a, or 0 if
* a is not an IPv4 address. */
-static INLINE uint32_t
+static inline uint32_t
tor_addr_to_ipv4n(const tor_addr_t *a)
{
return a->family == AF_INET ? a->addr.in_addr.s_addr : 0;
}
/** Return an IPv4 address in host order for a, or 0 if
* a is not an IPv4 address. */
-static INLINE uint32_t
+static inline uint32_t
tor_addr_to_ipv4h(const tor_addr_t *a)
{
return ntohl(tor_addr_to_ipv4n(a));
@@ -131,7 +131,7 @@ tor_addr_to_ipv4h(const tor_addr_t *a)
* 0 if a is not an IPv6 address.
*
* (Does not check whether the address is really a mapped address */
-static INLINE uint32_t
+static inline uint32_t
tor_addr_to_mapped_ipv4h(const tor_addr_t *a)
{
if (a->family == AF_INET6) {
@@ -149,21 +149,21 @@ tor_addr_to_mapped_ipv4h(const tor_addr_t *a)
}
/** Return the address family of a. Possible values are:
* AF_INET6, AF_INET, AF_UNSPEC. */
-static INLINE sa_family_t
+static inline sa_family_t
tor_addr_family(cons
[tor-commits] [tor/master] Merge branch 'feature17576-UseDefaultFallbackDirs-v2-squashed'
commit 54433993c7c84dc9af878ebaf8dd1deae8c595e3 Merge: fec5aa7 080ae03 Author: Nick Mathewson Date: Tue Dec 15 12:19:08 2015 -0500 Merge branch 'feature17576-UseDefaultFallbackDirs-v2-squashed' changes/feature17576-UseDefaultFallbackDirs |4 ++ doc/tor.1.txt |8 ++- src/or/config.c | 13 - src/or/or.h |2 + src/test/test_config.c | 70 --- 5 files changed, 77 insertions(+), 20 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Prop210: Add router_digest_is_fallback_dir
commit d72af1085a1d9ed6f2c9bdb5e9c85eba991db842
Author: teor (Tim Wilson-Brown)
Date: Fri Dec 11 05:49:23 2015 +1100
Prop210: Add router_digest_is_fallback_dir
router_digest_is_fallback_dir returns 1 if the digest is in the
currently loaded list of fallback directories, and 0 otherwise.
This function is for future use.
---
src/or/routerlist.c | 18 +-
src/or/routerlist.h |1 +
2 files changed, 18 insertions(+), 1 deletion(-)
diff --git a/src/or/routerlist.c b/src/or/routerlist.c
index 0027a04..458d19c 100644
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
@@ -1362,7 +1362,9 @@ router_get_trusteddirserver_by_digest(const char *digest)
}
/** Return the dir_server_t for the fallback dirserver whose identity
- * key hashes to digest, or NULL if no such authority is known.
+ * key hashes to digest, or NULL if no such fallback is in the list of
+ * fallback_dir_servers. (fallback_dir_servers is affected by the FallbackDir
+ * and UseDefaultFallbackDirs torrc options.)
*/
dir_server_t *
router_get_fallback_dirserver_by_digest(const char *digest)
@@ -1370,6 +1372,9 @@ router_get_fallback_dirserver_by_digest(const char
*digest)
if (!fallback_dir_servers)
return NULL;
+ if (!digest)
+return NULL;
+
SMARTLIST_FOREACH(fallback_dir_servers, dir_server_t *, ds,
{
if (tor_memeq(ds->digest, digest, DIGEST_LEN))
@@ -1379,6 +1384,17 @@ router_get_fallback_dirserver_by_digest(const char
*digest)
return NULL;
}
+/** Return 1 if any fallback dirserver's identity key hashes to digest,
+ * or 0 if no such fallback is in the list of fallback_dir_servers.
+ * (fallback_dir_servers is affected by the FallbackDir and
+ * UseDefaultFallbackDirs torrc options.)
+ */
+int
+router_digest_is_fallback_dir(const char *digest)
+{
+ return (router_get_fallback_dirserver_by_digest(digest) != NULL);
+}
+
/** Return the dir_server_t for the directory authority whose
* v3 identity key hashes to digest, or NULL if no such authority
* is known.
diff --git a/src/or/routerlist.h b/src/or/routerlist.h
index 100ab58..d660bcd 100644
--- a/src/or/routerlist.h
+++ b/src/or/routerlist.h
@@ -50,6 +50,7 @@ const routerstatus_t
*router_pick_directory_server(dirinfo_type_t type,
dir_server_t *router_get_trusteddirserver_by_digest(const char *d);
dir_server_t *router_get_fallback_dirserver_by_digest(
const char *digest);
+int router_digest_is_fallback_dir(const char *digest);
dir_server_t *trusteddirserver_get_by_v3_auth_digest(const char *d);
const routerstatus_t *router_pick_trusteddirserver(dirinfo_type_t type,
int flags);
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge remote-tracking branch 'teor/feature4483-v10-squashed'
commit a7d44731d9ac831cd68f34ac640b50cdde3a60af
Merge: 5443399 d72af10
Author: Nick Mathewson
Date: Tue Dec 15 12:57:57 2015 -0500
Merge remote-tracking branch 'teor/feature4483-v10-squashed'
changes/bug4483-multiple-consensus-downloads |9 +
doc/tor.1.txt| 61 ++-
src/common/torint.h | 26 +
src/or/config.c | 76 ++-
src/or/connection.c | 230 +---
src/or/connection.h | 59 +-
src/or/directory.c | 479 ++--
src/or/directory.h | 27 +-
src/or/entrynodes.c |2 +-
src/or/main.c| 24 +-
src/or/networkstatus.c | 358 +++-
src/or/networkstatus.h |8 +
src/or/or.h | 120 +++-
src/or/routerlist.c | 37 +-
src/or/routerlist.h |1 +
src/test/Makefile.nmake |3 +-
src/test/include.am |1 +
src/test/test.c |2 +
src/test/test_config.c | 99 +++-
src/test/test_connection.c | 757 ++
src/test/test_dir.c | 431 +++
src/test/test_routerlist.c |4 +-
22 files changed, 2621 insertions(+), 193 deletions(-)
diff --cc doc/tor.1.txt
index 7f8d9b6,2d95a54..d8802bf
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@@ -360,14 -360,11 +360,18 @@@ GENERAL OPTION
[[FallbackDir]] **FallbackDir** __address__:__port__ orport=__port__
id=__fingerprint__ [weight=__num__]::
When we're unable to connect to any directory cache for directory info
- (usually because we don't know about any yet) we try a FallbackDir.
+ (usually because we don't know about any yet) we try a directory
authority.
+ Clients also simultaneously try a FallbackDir, to avoid hangs on client
+ startup if a directory authority is down. Clients retry FallbackDirs more
+ often than directory authorities, to reduce the load on the directory
+ authorities.
+By default, the directory authorities are also FallbackDirs. Specifying a
+FallbackDir replaces Tor's default hard-coded FallbackDirs (if any).
+
+[[UseDefaultFallbackDirs]] **UseDefaultFallbackDirs** **0**|**1**::
+Use Tor's default hard-coded FallbackDirs (if any). (When a
+FallbackDir line is present, it replaces the hard-coded FallbackDirs,
+regardless of the value of UseDefaultFallbackDirs.) (Default: 1)
[[DirAuthority]] **DirAuthority** [__nickname__] [**flags**]
__address__:__port__ __fingerprint__::
Use a nonstandard authoritative directory server at the provided address
diff --cc src/test/test_config.c
index 4ecd514,376dc1a..1d25f86
--- a/src/test/test_config.c
+++ b/src/test/test_config.c
@@@ -3206,44 -3246,47 +3242,86 @@@ test_config_adding_dir_servers(void *ar
}
static void
+test_config_default_dir_servers(void *arg)
+{
+ or_options_t *opts = NULL;
+ (void)arg;
+ int trusted_count = 0;
+ int fallback_count = 0;
+
+ opts = tor_malloc_zero(sizeof(or_options_t));
+ opts->UseDefaultFallbackDirs = 0;
+ consider_adding_dir_servers(opts, opts);
+ trusted_count = smartlist_len(router_get_trusted_dir_servers());
+ fallback_count = smartlist_len(router_get_fallback_dir_servers());
+ or_options_free(opts);
+ opts = NULL;
+
+ /* assume a release will never go out with less than 7 authorities */
+ tt_assert(trusted_count >= 7);
+ /* if we disable the default fallbacks, there must not be any extra */
+ tt_assert(fallback_count == trusted_count);
+
+ opts = tor_malloc_zero(sizeof(or_options_t));
+ opts->UseDefaultFallbackDirs = 1;
+ consider_adding_dir_servers(opts, opts);
+ trusted_count = smartlist_len(router_get_trusted_dir_servers());
+ fallback_count = smartlist_len(router_get_fallback_dir_servers());
+ or_options_free(opts);
+ opts = NULL;
+
+ /* assume a release will never go out with less than 7 authorities */
+ tt_assert(trusted_count >= 7);
+ /* XX/teor - allow for default fallbacks to be added without breaking
+ * the unit tests. Set a minimum fallback count once the list is stable. */
+ tt_assert(fallback_count >= trusted_count);
+
+ done:
+ or_options_free(opts);
+}
+
++static void
+ test_config_use_multiple_directories(void *arg)
+ {
+ (void)arg;
+
+ or_options_t *options = tor_malloc_zero(sizeof(or_options_t));
+
+ /* Clients can use multiple directory mirrors for bootstrap */
+ memset(options, 0, sizeof(or_options_t));
+ options->ClientOnly = 1;
+ tt_assert(networkstatus_consensus_can_use_multiple_directories(options)
+ == 1);
+
+ /* Bridge Clients can use multiple directory mirrors for bootstrap */
[tor-commits] [tor/master] Prop210: Add schedules for simultaneous client consensus downloads
commit 35bbf2e4a4e8ccbc4126ebffda67c48989ec2f06 Author: teor (Tim Wilson-Brown) Date: Mon Dec 7 17:55:38 2015 +1100 Prop210: Add schedules for simultaneous client consensus downloads Prop210: Add attempt-based connection schedules Existing tor schedules increment the schedule position on failure, then retry the connection after the scheduled time. To make multiple simultaneous connections, we need to increment the schedule position when making each attempt, then retry a (potentially simultaneous) connection after the scheduled time. (Also change find_dl_schedule_and_len to find_dl_schedule, as it no longer takes or returns len.) Prop210: Add multiple simultaneous consensus downloads for clients Make connections on TestingClientBootstrapConsensus*DownloadSchedule, incrementing the schedule each time the client attempts to connect. Check if the number of downloads is less than TestingClientBootstrapConsensusMaxInProgressTries before trying any more connections. --- changes/bug4483-multiple-consensus-downloads |9 + doc/tor.1.txt| 55 +++- src/common/torint.h | 26 ++ src/or/config.c | 76 - src/or/directory.c | 250 --- src/or/directory.h | 13 +- src/or/main.c| 19 +- src/or/networkstatus.c | 324 +-- src/or/networkstatus.h |7 + src/or/or.h | 117 ++- src/or/routerlist.c | 15 +- src/test/test_dir.c | 431 ++ 12 files changed, 1249 insertions(+), 93 deletions(-) diff --git a/changes/bug4483-multiple-consensus-downloads b/changes/bug4483-multiple-consensus-downloads new file mode 100644 index 000..23d22a8 --- /dev/null +++ b/changes/bug4483-multiple-consensus-downloads @@ -0,0 +1,9 @@ + o Major features (consensus downloads): +- Schedule multiple in-progress consensus downloads during client + bootstrap. Use the first one that starts downloading, close the + rest. This reduces failures when authorities are slow or down. + With #15775, it reduces failures due to fallback churn. + Implements #4483 (reduce failures when authorities are down). + Patch by "teor". + Implements IPv4 portions of proposal #210 by "mikeperry" and + "teor". diff --git a/doc/tor.1.txt b/doc/tor.1.txt index 041b000..77e4c4e 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -2281,10 +2281,18 @@ The following options are used for running a testing Tor network. TestingClientDownloadSchedule 0, 0, 5, 10, 15, 20, 30, 60 TestingServerConsensusDownloadSchedule 0, 0, 5, 10, 15, 20, 30, 60 TestingClientConsensusDownloadSchedule 0, 0, 5, 10, 15, 20, 30, 60 + TestingClientBootstrapConsensusAuthorityDownloadSchedule 0, 2, + 4 (for 40 seconds), 8, 16, 32, 60 + TestingClientBootstrapConsensusFallbackDownloadSchedule 0, 1, + 4 (for 40 seconds), 8, 16, 32, 60 + TestingClientBootstrapConsensusAuthorityOnlyDownloadSchedule 0, 1, + 4 (for 40 seconds), 8, 16, 32, 60 TestingBridgeDownloadSchedule 60, 30, 30, 60 TestingClientMaxIntervalWithoutRequest 5 seconds TestingDirConnectionMaxStall 30 seconds TestingConsensusMaxDownloadTries 80 + TestingClientBootstrapConsensusMaxDownloadTries 80 + TestingClientBootstrapConsensusAuthorityOnlyMaxDownloadTries 80 TestingDescriptorMaxDownloadTries 80 TestingMicrodescMaxDownloadTries 80 TestingCertMaxDownloadTries 80 @@ -2345,6 +2353,36 @@ The following options are used for running a testing Tor network. requires that **TestingTorNetwork** is set. (Default: 0, 0, 60, 300, 600, 1800, 3600, 3600, 3600, 10800, 21600, 43200) +[[TestingClientBootstrapConsensusAuthorityDownloadSchedule]] **TestingClientBootstrapConsensusAuthorityDownloadSchedule** __N__,__N__,__...__:: +Schedule for when clients should download consensuses from authorities if +they are bootstrapping (that is, they don't have a usable, reasonably live +consensus). Only used by clients fetching from a list of fallback +directory mirrors. This schedule is advanced by (potentially concurrent) +connection attempts, unlike other schedules, which are advanced by +connection failures. Changing this schedule requires that +**TestingTorNetwork** is set. (Default: 10, 11, 3600, 10800, 25200, 54000, +111600, 262800) + +[[TestingClientBootstrapConsensusFallbackDownloadSchedule]] **TestingClientBootstrapConsensusFallbackDownloadSchedule** __N__,__N__,__...__:: +Schedule for when clients should download consensuses from fallback +directory mirrors if they are boots
[tor-commits] [tor/master] Prop210: Close excess connections once a consensus is downloading
commit 2212530bf59acb95ca9bb0278e51306e847105b7
Author: teor (Tim Wilson-Brown)
Date: Mon Dec 7 18:07:44 2015 +1100
Prop210: Close excess connections once a consensus is downloading
Once tor is downloading a usable consensus, any other connection
attempts are not needed.
Choose a connection to keep, favouring:
* fallback directories over authorities,
* connections initiated earlier over later connections
Close all other connections downloading a consensus.
---
doc/tor.1.txt |7 +-
src/or/directory.c | 218 +++-
src/or/directory.h |4 +
src/or/main.c |5 +
src/or/networkstatus.c | 34 +++
src/or/networkstatus.h |1 +
src/test/test_config.c | 99 ++--
src/test/test_connection.c | 35 ++-
8 files changed, 388 insertions(+), 15 deletions(-)
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index 77e4c4e..2d95a54 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -360,8 +360,11 @@ GENERAL OPTIONS
[[FallbackDir]] **FallbackDir** __address__:__port__ orport=__port__
id=__fingerprint__ [weight=__num__]::
When we're unable to connect to any directory cache for directory info
-(usually because we don't know about any yet) we try a FallbackDir.
-By default, the directory authorities are also FallbackDirs.
+(usually because we don't know about any yet) we try a directory authority.
+Clients also simultaneously try a FallbackDir, to avoid hangs on client
+startup if a directory authority is down. Clients retry FallbackDirs more
+often than directory authorities, to reduce the load on the directory
+authorities.
[[DirAuthority]] **DirAuthority** [__nickname__] [**flags**]
__address__:__port__ __fingerprint__::
Use a nonstandard authoritative directory server at the provided address
diff --git a/src/or/directory.c b/src/or/directory.c
index 0d2a8b2..63bbdaf 100644
--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -961,6 +961,12 @@ directory_initiate_command_rend(const tor_addr_t *_addr,
return;
}
+ /* ensure we don't make excess connections when we're already downloading
+ * a consensus during bootstrap */
+ if (connection_dir_avoid_extra_connection_for_purpose(dir_purpose)) {
+return;
+ }
+
conn = dir_connection_new(tor_addr_family(&addr));
/* set up conn so it's got all the data we need to remember */
@@ -1001,6 +1007,9 @@ directory_initiate_command_rend(const tor_addr_t *_addr,
conn->base_.state = DIR_CONN_STATE_CLIENT_SENDING;
/* fall through */
case 0:
+if (connection_dir_close_consensus_conn_if_extra(conn)) {
+ return;
+}
/* queue the command on the outbuf */
directory_send_command(conn, dir_purpose, 1, resource,
payload, payload_len,
@@ -1044,6 +1053,9 @@ directory_initiate_command_rend(const tor_addr_t *_addr,
connection_mark_for_close(TO_CONN(conn));
return;
}
+if (connection_dir_close_consensus_conn_if_extra(conn)) {
+ return;
+}
conn->base_.state = DIR_CONN_STATE_CLIENT_SENDING;
/* queue the command on the outbuf */
directory_send_command(conn, dir_purpose, 0, resource,
@@ -3426,8 +3438,205 @@ connection_dir_finished_flushing(dir_connection_t *conn)
return 0;
}
+/* A helper function for connection_dir_close_consensus_conn_if_extra()
+ * and connection_dir_close_extra_consensus_conns() that returns 0 if
+ * we can't have, or don't want to close, excess consensus connections. */
+int
+connection_dir_would_close_consensus_conn_helper(void)
+{
+ const or_options_t *options = get_options();
+
+ /* we're only interested in closing excess connections if we could
+ * have created any in the first place */
+ if (!networkstatus_consensus_can_use_multiple_directories(options)) {
+return 0;
+ }
+
+ /* We want to close excess connections downloading a consensus.
+ * If there aren't any excess, we don't have anything to close. */
+ if (!networkstatus_consensus_has_excess_connections()) {
+return 0;
+ }
+
+ /* If we have excess connections, but none of them are downloading a
+ * consensus, and we are still bootstrapping (that is, we have no usable
+ * consensus), we don't want to close any until one starts downloading. */
+ if (!networkstatus_consensus_is_downloading_usable_flavor()
+ && networkstatus_consensus_is_boostrapping(time(NULL))) {
+return 0;
+ }
+
+ /* If we have just stopped bootstrapping (that is, just parsed a consensus),
+ * we might still have some excess connections hanging around. So we still
+ * have to check if we want to close any, even if we've stopped
+ * bootstrapping. */
+ return 1;
+}
+
+/* Check if we would close excess consensus connections. If we would, any
+ * new consensus connection would become excess immediately, so return 1.
+ * Otherwise, retur
[tor-commits] [tor/master] Prop210: Add want_authority to directory_get_from_dirserver
commit d3546aa92bf5c7c1435381b33a42f2a4a3d3c2f5
Author: teor (Tim Wilson-Brown)
Date: Mon Dec 7 17:47:10 2015 +1100
Prop210: Add want_authority to directory_get_from_dirserver
---
src/or/directory.c | 13 -
src/or/directory.h | 10 ++
src/or/entrynodes.c|2 +-
src/or/or.h|9 +
src/or/routerlist.c| 12
src/test/test_routerlist.c |4 +++-
6 files changed, 35 insertions(+), 15 deletions(-)
diff --git a/src/or/directory.c b/src/or/directory.c
index 4e5644b..555462b 100644
--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -425,14 +425,17 @@ directory_pick_generic_dirserver(dirinfo_type_t type, int
pds_flags,
* Use pds_flags as arguments to router_pick_directory_server()
* or router_pick_trusteddirserver().
*/
-MOCK_IMPL(void, directory_get_from_dirserver, (uint8_t dir_purpose,
- uint8_t router_purpose,
- const char *resource,
- int pds_flags))
+MOCK_IMPL(void, directory_get_from_dirserver, (
+uint8_t dir_purpose,
+uint8_t router_purpose,
+const char *resource,
+int pds_flags,
+download_want_authority_t want_authority))
{
const routerstatus_t *rs = NULL;
const or_options_t *options = get_options();
- int prefer_authority = directory_fetches_from_authorities(options);
+ int prefer_authority = (directory_fetches_from_authorities(options)
+ || want_authority == DL_WANT_AUTHORITY);
int require_authority = 0;
int get_via_tor = purpose_needs_anonymity(dir_purpose, router_purpose);
dirinfo_type_t type = dir_fetch_type(dir_purpose, router_purpose, resource);
diff --git a/src/or/directory.h b/src/or/directory.h
index 427183c..bdcc1a2 100644
--- a/src/or/directory.h
+++ b/src/or/directory.h
@@ -16,10 +16,12 @@ int directories_have_accepted_server_descriptor(void);
void directory_post_to_dirservers(uint8_t dir_purpose, uint8_t router_purpose,
dirinfo_type_t type, const char *payload,
size_t payload_len, size_t extrainfo_len);
-MOCK_DECL(void, directory_get_from_dirserver, (uint8_t dir_purpose,
- uint8_t router_purpose,
- const char *resource,
- int pds_flags));
+MOCK_DECL(void, directory_get_from_dirserver, (
+ uint8_t dir_purpose,
+ uint8_t router_purpose,
+ const char *resource,
+ int pds_flags,
+ download_want_authority_t want_authority));
void directory_get_from_all_authorities(uint8_t dir_purpose,
uint8_t router_purpose,
const char *resource);
diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c
index ebf6751..bf71fc3 100644
--- a/src/or/entrynodes.c
+++ b/src/or/entrynodes.c
@@ -2205,7 +2205,7 @@ fetch_bridge_descriptors(const or_options_t *options,
time_t now)
log_info(LD_DIR, "Fetching bridge info '%s' from bridge authority.",
resource);
directory_get_from_dirserver(DIR_PURPOSE_FETCH_SERVERDESC,
-ROUTER_PURPOSE_BRIDGE, resource, 0);
+ROUTER_PURPOSE_BRIDGE, resource, 0, DL_WANT_AUTHORITY);
}
}
SMARTLIST_FOREACH_END(bridge);
diff --git a/src/or/or.h b/src/or/or.h
index 945934e..c5596e3 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -1955,6 +1955,15 @@ typedef enum {
} download_schedule_t;
#define download_schedule_bitfield_t ENUM_BF(download_schedule_t)
+/** Enumeration: do we want to try an authority or a fallback directory
+ * mirror for our download? */
+typedef enum {
+ DL_WANT_FALLBACK = 0,
+ DL_WANT_AUTHORITY = 1,
+} download_want_authority_t;
+#define download_want_authority_bitfield_t \
+ENUM_BF(download_want_authority_t)
+
/** Information about our plans for retrying downloads for a downloadable
* object. */
typedef struct download_status_t {
diff --git a/src/or/routerlist.c b/src/or/routerlist.c
index 5e79064..ca51058 100644
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
@@ -897,8 +897,10 @@ authority_certs_fetch_missing(networkstatus_t *status,
time_t now)
if (smartlist_len(fps) > 1) {
resource = smartlist_join_strings(fps, "", 0, NULL);
+ /* XXX - do we want certs from authorities or mirrors? - teor */
directory_get_from_dirserver(DIR_PURPOSE_FETCH_CERTIFICATE, 0,
- resource, PDS_RETRY_IF_NO_SERVERS);
+ resource, PDS_RETRY_IF_
[tor-commits] [tor/master] Prop210: Refactor connection_get_* to produce lists and counts
commit df0c135d62ab1619843f7825ccd5ad697f6afdcb
Author: teor (Tim Wilson-Brown)
Date: Mon Dec 7 17:40:56 2015 +1100
Prop210: Refactor connection_get_* to produce lists and counts
---
src/or/connection.c| 230 +-
src/or/connection.h| 59 +++-
src/test/Makefile.nmake|3 +-
src/test/include.am|1 +
src/test/test.c|2 +
src/test/test_connection.c | 724
6 files changed, 940 insertions(+), 79 deletions(-)
diff --git a/src/or/connection.c b/src/or/connection.c
index bff994d..7df02b5 100644
--- a/src/or/connection.c
+++ b/src/or/connection.c
@@ -1618,13 +1618,18 @@ connection_init_accepted_conn(connection_t *conn,
return 0;
}
-static int
-connection_connect_sockaddr(connection_t *conn,
+/** Take conn, make a nonblocking socket; try to connect to
+ * sa, binding to bindaddr if sa is not localhost. If fail, return -1 and if
+ * applicable put your best guess about errno into *socket_error.
+ * If connected return 1, if EAGAIN return 0.
+ */
+MOCK_IMPL(STATIC int,
+connection_connect_sockaddr,(connection_t *conn,
const struct sockaddr *sa,
socklen_t sa_len,
const struct sockaddr *bindaddr,
socklen_t bindaddr_len,
-int *socket_error)
+int *socket_error))
{
tor_socket_t s;
int inprogress = 0;
@@ -4222,6 +4227,19 @@ connection_write_to_buf_impl_,(const char *string,
size_t len,
}
}
+/** Return a connection_t * from get_connection_array() that satisfies test on
+ * var, and that is not marked for close. */
+#define CONN_GET_TEMPLATE(var, test) \
+ STMT_BEGIN \
+smartlist_t *conns = get_connection_array(); \
+SMARTLIST_FOREACH(conns, connection_t *, var, \
+{ \
+ if (var && (test) && !var->marked_for_close) \
+return var;\
+});\
+return NULL; \
+ STMT_END
+
/** Return a connection with given type, address, port, and purpose;
* or NULL if no such connection exists (or if all such connections are marked
* for close). */
@@ -4230,17 +4248,11 @@ connection_get_by_type_addr_port_purpose(int type,
const tor_addr_t *addr, uint16_t port,
int purpose)
{
- smartlist_t *conns = get_connection_array();
- SMARTLIST_FOREACH(conns, connection_t *, conn,
- {
-if (conn->type == type &&
+ CONN_GET_TEMPLATE(conn,
+ (conn->type == type &&
tor_addr_eq(&conn->addr, addr) &&
conn->port == port &&
-conn->purpose == purpose &&
-!conn->marked_for_close)
- return conn;
- });
- return NULL;
+conn->purpose == purpose));
}
/** Return the stream with id id if it is not already marked for
@@ -4249,13 +4261,7 @@ connection_get_by_type_addr_port_purpose(int type,
connection_t *
connection_get_by_global_id(uint64_t id)
{
- smartlist_t *conns = get_connection_array();
- SMARTLIST_FOREACH(conns, connection_t *, conn,
- {
-if (conn->global_identifier == id)
- return conn;
- });
- return NULL;
+ CONN_GET_TEMPLATE(conn, conn->global_identifier == id);
}
/** Return a connection of type type that is not marked for close.
@@ -4263,13 +4269,7 @@ connection_get_by_global_id(uint64_t id)
connection_t *
connection_get_by_type(int type)
{
- smartlist_t *conns = get_connection_array();
- SMARTLIST_FOREACH(conns, connection_t *, conn,
- {
-if (conn->type == type && !conn->marked_for_close)
- return conn;
- });
- return NULL;
+ CONN_GET_TEMPLATE(conn, conn->type == type);
}
/** Return a connection of type type that is in state state,
@@ -4278,13 +4278,7 @@ connection_get_by_type(int type)
connection_t *
connection_get_by_type_state(int type, int state)
{
- smartlist_t *conns = get_connection_array();
- SMARTLIST_FOREACH(conns, connection_t *, conn,
- {
-if (conn->type == type && conn->state == state && !conn->marked_for_close)
- return conn;
- });
- return NULL;
+ CONN_GET_TEMPLATE(conn, conn->type == type && conn->state == state);
}
/** Return a connection of type type that has rendquery equal
@@ -4295,55 +4289,142 @@ connection_t *
connection_get_by_type_state_rendquery(int type, int state,
const char *rendquery)
{
- smartlist_t *conns = get_connection_array();
-
tor_assert(type == CONN_TYPE_DIR ||
type == CONN_TYPE_AP || type == CONN_TYPE_EXIT);
tor_assert(rendquery);
- SMARTLIST_FOREACH_BEGIN(conns, connection_t *, conn) {
-if (conn->type == type &&
-!conn->marked_for_close &&
-(!state || state == conn->state)) {
-
[tor-commits] [tor/master] Update KeepCapabilities based on comments from asn
commit 405a8d3fb4884d5e5c5f32881a1a810b733a5aad
Author: Nick Mathewson
Date: Thu Nov 26 11:03:35 2015 -0500
Update KeepCapabilities based on comments from asn
* The option is now KeepBindCapabilities
* We now warn if the user specifically asked for KeepBindCapabilities
and we can't deliver.
* The unit tests are willing to start.
* Fewer unused-variable warnings.
* More documentation, fewer misspellings.
---
changes/feature8195 |2 +-
doc/tor.1.txt |4 ++--
src/common/compat.c | 13 -
src/common/compat.h |5 -
src/or/config.c | 25 ++---
src/or/or.h |2 +-
6 files changed, 34 insertions(+), 17 deletions(-)
diff --git a/changes/feature8195 b/changes/feature8195
index 0c366b5..cb81f2e 100644
--- a/changes/feature8195
+++ b/changes/feature8195
@@ -3,4 +3,4 @@
can now retain the capabilitity to bind to low ports. By default,
Tor will do this only when it's switching user ID and some low
ports have been configured. You can change this behavior with
- the new option KeepCapabilities. Closes ticket 8195.
+ the new option KeepBindCapabilities. Closes ticket 8195.
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index a7bf28b..58313d8 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -601,9 +601,9 @@ GENERAL OPTIONS
[[User]] **User** __UID__::
On startup, setuid to this user and setgid to their primary group.
-[[KeepCapabilities]] **KeepCapabilities** **0**|**1**|**auto**::
+[[KeepBindCapabilities]] **KeepBindCapabilities** **0**|**1**|**auto**::
On Linux, when we are started as root and we switch our identity using
-the **User** option, the **KeepCapabilities** option tells us whether to
+the **User** option, the **KeepBindCapabilities** option tells us whether
to
try to retain our ability to bind to low ports. If this value is 1, we
try to keep the capability; if it is 0 we do not; and if it is **auto**,
we keep the capability only if we are configured to listen on a low port.
diff --git a/src/common/compat.c b/src/common/compat.c
index 6551934..217bc00 100644
--- a/src/common/compat.c
+++ b/src/common/compat.c
@@ -1997,8 +1997,11 @@ drop_capabilities(int pre_setuid)
/** Call setuid and setgid to run as user and switch to their
* primary group. Return 0 on success. On failure, log and return -1.
*
- * If SWITCH_ID_KEEP_BINDLOW is set in 'flags', try to use the capabilitity
+ * If SWITCH_ID_KEEP_BINDLOW is set in 'flags', try to use the capability
* system to retain the abilitity to bind low ports.
+ *
+ * If SWITCH_ID_WARN_IF_NO_CAPS is set in flags, also warn if we have
+ * don't have capability support.
*/
int
switch_id(const char *user, const unsigned flags)
@@ -2009,6 +2012,7 @@ switch_id(const char *user, const unsigned flags)
gid_t old_gid;
static int have_already_switched_id = 0;
const int keep_bindlow = !!(flags & SWITCH_ID_KEEP_BINDLOW);
+ const int warn_if_no_caps = !!(flags & SWITCH_ID_WARN_IF_NO_CAPS);
tor_assert(user);
@@ -2033,10 +2037,17 @@ switch_id(const char *user, const unsigned flags)
}
#ifdef HAVE_LINUX_CAPABILITIES
+ (void) warn_if_no_caps;
if (keep_bindlow) {
if (drop_capabilities(1))
return -1;
}
+#else
+ (void) keep_bindlow;
+ if (warn_if_no_caps) {
+log_warn(LD_CONFIG, "KeepBindCapabilities set, but no capability support "
+ "on this system.");
+ }
#endif
/* Properly switch egid,gid,euid,uid here or bail out */
diff --git a/src/common/compat.h b/src/common/compat.h
index b245d7d..df95636 100644
--- a/src/common/compat.h
+++ b/src/common/compat.h
@@ -632,7 +632,10 @@ int tor_disable_debugger_attach(void);
int have_capability_support(void);
-#define SWITCH_ID_KEEP_BINDLOW 1
+/** Flag for switch_id; see switch_id() for documentation */
+#define SWITCH_ID_KEEP_BINDLOW(1<<0)
+/** Flag for switch_id; see switch_id() for documentation */
+#define SWITCH_ID_WARN_IF_NO_CAPS (1<<1)
int switch_id(const char *user, unsigned flags);
#ifdef HAVE_PWD_H
char *get_user_homedir(const char *username);
diff --git a/src/or/config.c b/src/or/config.c
index 5060b1b..0b95f95 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -308,7 +308,7 @@ static config_var_t option_vars_[] = {
V(Socks5ProxyUsername, STRING, NULL),
V(Socks5ProxyPassword, STRING, NULL),
V(KeepalivePeriod, INTERVAL, "5 minutes"),
- V(KeepCapabilities,AUTOBOOL, "auto"),
+ V(KeepBindCapabilities,AUTOBOOL, "auto"),
VAR("Log", LINELIST, Logs, NULL),
V(LogMessageDomains, BOOL, "0"),
V(LogTimeGranularity, MSEC_INTERVAL, "1 second"),
@@ -1183,11 +1183,14 @@ options_act_reversible(const or_options_t *old_options,
char **msg)
}
/* Setuid/setgid as appropriate */
- tor_assert(have_low_ports != -1);
if (options->User) {
+tor_assert(have_lo
[tor-commits] [tor/master] Merge branch 'feature8195_small_squashed'
commit aba39ea39075803c974ab6451a55b52deb425468 Merge: 744958e 405a8d3 Author: Nick Mathewson Date: Tue Dec 15 13:11:06 2015 -0500 Merge branch 'feature8195_small_squashed' .gitignore |2 + changes/feature8195|6 ++ configure.ac | 16 +++- doc/tor.1.txt |8 ++ src/common/compat.c| 108 +- src/common/compat.h| 13 +++- src/or/config.c| 49 ++-- src/or/or.h|3 + src/test/include.am| 17 - src/test/test_switch_id.c | 181 src/test/test_switch_id.sh | 25 ++ 11 files changed, 414 insertions(+), 14 deletions(-) diff --cc src/test/include.am index f593782,3fed3b7..d52867b --- a/src/test/include.am +++ b/src/test/include.am @@@ -1,14 -1,11 +1,15 @@@ - -export PYTHON=@PYTHON@ -export SHELL=@SHELL@ -export abs_top_srcdir=@abs_top_srcdir@ -export builddir=@builddir@ +# When the day comes that Tor requires Automake >= 1.12 change +# TESTS_ENVIRONMENT to AM_TESTS_ENVIRONMENT because the former is reserved for +# users while the later is reserved for developers. +TESTS_ENVIRONMENT = \ + export PYTHON="$(PYTHON)"; \ + export SHELL="$(SHELL)"; \ + export abs_top_srcdir="$(abs_top_srcdir)"; \ + export builddir="$(builddir)"; \ + export TESTING_TOR_BINARY="$(TESTING_TOR_BINARY)"; - TESTSCRIPTS = src/test/test_zero_length_keys.sh + TESTSCRIPTS = src/test/test_zero_length_keys.sh \ + src/test/test_switch_id.sh if USEPYTHON TESTSCRIPTS += src/test/test_ntor.sh src/test/test_bt.sh ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] remove redundant section in tor.1.txt
commit 125e0c7022fa0bf7ac4d09e0a5a07db63bf529ea Author: Nick Mathewson Date: Tue Dec 15 13:18:06 2015 -0500 remove redundant section in tor.1.txt --- doc/tor.1.txt |5 - 1 file changed, 5 deletions(-) diff --git a/doc/tor.1.txt b/doc/tor.1.txt index 7dd8812..562fed9 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -2425,11 +2425,6 @@ The following options are used for running a testing Tor network. fallback directory mirrors before giving up. Changing this requires that **TestingTorNetwork** is set. (Default: 7) -[[TestingClientBootstrapConsensusMaxDownloadTries]] **TestingClientBootstrapConsensusMaxDownloadTries** __NUM__:: -Try this many times to download a consensus while bootstrapping using -only authorities before giving up. Changing this requires that -**TestingTorNetwork** is set. (Default: 4) - [[TestingClientBootstrapConsensusMaxInProgressTries]] **TestingClientBootstrapConsensusMaxInProgressTries** __NUM__:: Try this many simultaneous connections to download a consensus before waiting for one to complete, timeout, or error out. Changing this ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Add unit tests for switch_id(), including tests for capabilities
commit fd0c6671d1f2ddb41e792b40162c841adae6
Author: Nick Mathewson
Date: Fri Nov 6 15:35:15 2015 -0500
Add unit tests for switch_id(), including tests for capabilities
---
.gitignore |2 +
src/test/include.am| 17 -
src/test/test_switch_id.c | 181
src/test/test_switch_id.sh | 25 ++
4 files changed, 222 insertions(+), 3 deletions(-)
diff --git a/.gitignore b/.gitignore
index c1dff8b..dad8be1 100644
--- a/.gitignore
+++ b/.gitignore
@@ -172,6 +172,7 @@ cscope.*
/src/test/test-child
/src/test/test-memwipe
/src/test/test-ntor-cl
+/src/test/test-switch-id
/src/test/test_workqueue
/src/test/test.exe
/src/test/test-slow.exe
@@ -179,6 +180,7 @@ cscope.*
/src/test/test-child.exe
/src/test/test-ntor-cl.exe
/src/test/test-memwipe.exe
+/src/test/test-switch-id.exe
/src/test/test_workqueue.exe
/src/test/test_zero_length_keys.sh
/src/test/test_ntor.sh
diff --git a/src/test/include.am b/src/test/include.am
index d0a819f..3fed3b7 100644
--- a/src/test/include.am
+++ b/src/test/include.am
@@ -4,14 +4,16 @@ export SHELL=@SHELL@
export abs_top_srcdir=@abs_top_srcdir@
export builddir=@builddir@
-TESTSCRIPTS = src/test/test_zero_length_keys.sh
+TESTSCRIPTS = src/test/test_zero_length_keys.sh \
+ src/test/test_switch_id.sh
if USEPYTHON
TESTSCRIPTS += src/test/test_ntor.sh src/test/test_bt.sh
endif
TESTS += src/test/test src/test/test-slow src/test/test-memwipe \
- src/test/test_workqueue src/test/test_keygen.sh $(TESTSCRIPTS)
+ src/test/test_workqueue src/test/test_keygen.sh \
+ $(TESTSCRIPTS)
# These flavors are run using automake's test-driver and test-network.sh
TEST_CHUTNEY_FLAVORS = basic-min bridges-min hs-min bridges+hs
@@ -33,7 +35,8 @@ noinst_PROGRAMS+= \
src/test/test-slow \
src/test/test-memwipe \
src/test/test-child \
- src/test/test_workqueue
+ src/test/test_workqueue \
+ src/test/test-switch-id
endif
src_test_AM_CPPFLAGS = -DSHARE_DATADIR="\"$(datadir)\"" \
@@ -131,6 +134,14 @@ src_test_test_workqueue_SOURCES = \
src_test_test_workqueue_CPPFLAGS= $(src_test_AM_CPPFLAGS)
src_test_test_workqueue_CFLAGS = $(AM_CFLAGS) $(TEST_CFLAGS)
+src_test_test_switch_id_SOURCES = \
+ src/test/test_switch_id.c
+src_test_test_switch_id_CPPFLAGS= $(src_test_AM_CPPFLAGS)
+src_test_test_switch_id_CFLAGS = $(AM_CFLAGS) $(TEST_CFLAGS)
+src_test_test_switch_id_LDADD = \
+ src/common/libor-testing.a \
+ @TOR_ZLIB_LIBS@ @TOR_LIB_MATH@
+
src_test_test_LDFLAGS = @TOR_LDFLAGS_zlib@ @TOR_LDFLAGS_openssl@ \
@TOR_LDFLAGS_libevent@
src_test_test_LDADD = src/or/libtor-testing.a src/common/libor-testing.a \
diff --git a/src/test/test_switch_id.c b/src/test/test_switch_id.c
new file mode 100644
index 000..e85025c
--- /dev/null
+++ b/src/test/test_switch_id.c
@@ -0,0 +1,181 @@
+/* Copyright (c) 2015, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#include "or.h"
+
+#ifdef HAVE_SYS_CAPABILITY_H
+#include
+#endif
+
+#define TEST_BUILT_WITH_CAPS 0
+#define TEST_HAVE_CAPS 1
+#define TEST_ROOT_CAN_BIND_LOW 2
+#define TEST_SETUID 3
+#define TEST_SETUID_KEEPCAPS 4
+#define TEST_SETUID_STRICT 5
+
+static const char *username;
+
+static const struct {
+ const char *name;
+ int test_id;
+} which_test[] = {
+ { "built-with-caps",TEST_BUILT_WITH_CAPS },
+ { "have-caps", TEST_HAVE_CAPS },
+ { "root-bind-low", TEST_ROOT_CAN_BIND_LOW },
+ { "setuid", TEST_SETUID },
+ { "setuid-keepcaps",TEST_SETUID_KEEPCAPS },
+ { "setuid-strict", TEST_SETUID_STRICT },
+ { NULL, 0 }
+};
+
+/* 0 on no, 1 on yes, -1 on failure. */
+static int
+check_can_bind_low_ports(void)
+{
+ int port;
+ struct sockaddr_in sin;
+ memset(&sin, 0, sizeof(sin));
+ sin.sin_family = AF_INET;
+
+ for (port = 600; port < 1024; ++port) {
+sin.sin_port = htons(port);
+tor_socket_t fd = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
+if (! SOCKET_OK(fd)) {
+ perror("socket");
+ return -1;
+}
+
+int one = 1;
+if (setsockopt(fd, SOL_SOCKET,SO_REUSEADDR, &one, sizeof(one))) {
+ perror("setsockopt");
+ tor_close_socket_simple(fd);
+ return -1;
+}
+
+int res = bind(fd, (struct sockaddr *)&sin, sizeof(sin));
+tor_close_socket_simple(fd);
+
+if (res == 0) {
+ /* bind was successful */
+ return 1;
+} else if (errno == EACCES || errno == EPERM) {
+ /* Got a permission-denied error. */
+ return 0;
+} else if (errno == EADDRINUSE) {
+ /* Huh; somebody is using that port. */
+} else {
+ perror("bind");
+}
+ }
+
+ return -1;
+}
+
+int
+main(int argc, char **argv)
+{
+ const char *testname;
+ if (argc != 3) {
+fprintf(stderr, "I want 2 arguments: a username and a command.\n");
+return 1;
+ }
+ if (getuid() != 0) {
+fprintf(s
[tor-commits] [tor/master] Add IPv6 addresses & orports to the default directory authorities
commit 60fc2b25392796ad7c42ee16f43b9b5787ad30ad
Author: teor (Tim Wilson-Brown)
Date: Fri Dec 11 20:40:45 2015 +1100
Add IPv6 addresses & orports to the default directory authorities
Source: Globe entries for each authority.
---
src/or/config.c |8 +++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/src/or/config.c b/src/or/config.c
index 3092a47..d8e9296 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -863,6 +863,7 @@ static const char *default_authorities[] = {
"128.31.0.39:9131 9695 DFC3 5FFE B861 329B 9F1A B04C 4639 7020 CE31",
"tor26 orport=443 "
"v3ident=14C131DFC5C6F93646BE72FA1401C02A8DF2E8B4 "
+"ipv6=[2001:858:2:2:aabb:0:563b:1526]:443 "
"86.59.21.38:80 847B 1F85 0344 D787 6491 A548 92F9 0493 4E4E B85D",
"dizum orport=443 "
"v3ident=E8A9C45EDE6D711294FADF8E7951F4DE6CA56B58 "
@@ -871,21 +872,26 @@ static const char *default_authorities[] = {
"82.94.251.203:80 4A0C CD2D DC79 9508 3D73 F5D6 6710 0C8A 5831 F16D",
"gabelmoo orport=443 "
"v3ident=ED03BB616EB2F60BEC80151114BB25CEF515B226 "
+"ipv6=[2001:638:a000:4140:::189]:443 "
"131.188.40.189:80 F204 4413 DAC2 E02E 3D6B CF47 35A1 9BCA 1DE9 7281",
"dannenberg orport=443 "
"v3ident=585769C78764D58426B8B52B6651A5A71137189A "
"193.23.244.244:80 7BE6 83E6 5D48 1413 21C5 ED92 F075 C553 64AC 7123",
"urras orport=80 "
"v3ident=80550987E1D626E3EBA5E5E75A458DE0626D088C "
-"208.83.223.34:443 0AD3 FA88 4D18 F89E EA2D 89C0 1937 9E0E 7FD9 4417",
+"208.83.223.34:443 0AD3 FA88 4D18 F89E EA2D 89C0 1937 9E0E 7FD9 4417"
+/* XX/teor - urras may have an IPv6 address, but it's not in urras'
+ * descriptor as of 11 Dec 2015. See #17813. */,
"maatuska orport=80 "
"v3ident=49015F787433103580E3B66A1707A00E60F2D15B "
+"ipv6=[2001:67c:289c::9]:80 "
"171.25.193.9:443 BD6A 8292 55CB 08E6 6FBE 7D37 4836 3586 E46B 3810",
"Faravahar orport=443 "
"v3ident=EFCBE720AB3A82B99F9E953CD5BF50F7EEFC7B97 "
"154.35.175.225:80 CF6D 0AAF B385 BE71 B8E1 11FC 5CFF 4B47 9237 33BC",
"longclaw orport=443 "
"v3ident=23D15D965BC35114467363C165C4F724B64B4F66 "
+"ipv6=[2620:13:4000:8000:60:f3ff:fea1:7cff]:443 "
"199.254.238.52:80 74A9 1064 6BCE EFBC D2E8 74FC 1DC9 9743 0F96 8145",
NULL
};
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Authorities on IPv6: minor fixes and unit tests
commit 1c2366ea43d44b2d6d04303fd6086405d7ca4b6c
Author: teor (Tim Wilson-Brown)
Date: Fri Dec 11 22:14:46 2015 +1100
Authorities on IPv6: minor fixes and unit tests
Update the code for IPv6 authorities and fallbacks for function
argument changes.
Update unit tests affected by the function argument changes in
the patch.
Add unit tests for authority and fallback:
* adding via a function
* line parsing
* adding default authorities
(Adding default fallbacks is unit tested in #15775.)
---
changes/feature17327 |5 ++
src/or/config.c| 13 ++-
src/or/config.h|8 +-
src/test/test_config.c | 175
src/test/test_dir_handle_get.c | 28 +++
5 files changed, 205 insertions(+), 24 deletions(-)
diff --git a/changes/feature17327 b/changes/feature17327
new file mode 100644
index 000..2fab099
--- /dev/null
+++ b/changes/feature17327
@@ -0,0 +1,5 @@
+ o Minor feature (IPv6):
+- Add a flag ipv6=address:orport to the DirAuthority and FallbackDir torrc
+ options. Add hard-coded ipv6 addresses for directory authorities with
+ ipv6 lines in their descriptors.
+ Closes ticket 17327; patch from Nick Mathewson / "teor".
diff --git a/src/or/config.c b/src/or/config.c
index 894bd89..3092a47 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -560,9 +560,6 @@ static int options_transition_affects_descriptor(
static int check_nickname_list(char **lst, const char *name, char **msg);
static char *get_bindaddr_from_transport_listen_line(const char *line,
const char *transport);
-static int parse_dir_authority_line(const char *line,
- dirinfo_type_t required_type,
- int validate_only);
static int parse_ports(or_options_t *options, int validate_only,
char **msg_out, int *n_ports_out,
int *world_writable_control_socket);
@@ -897,7 +894,7 @@ static const char *default_authorities[] = {
* but only add them insofar as they share bits with type.
* Each authority's bits are restricted to the bits shared with type.
* If type is ALL_DIRINFO or NO_DIRINFO (zero), add all authorities. */
-static void
+STATIC void
add_default_trusted_dir_authorities(dirinfo_type_t type)
{
int i;
@@ -5531,7 +5528,7 @@ get_options_for_server_transport(const char *transport)
* (minus whatever bits it's missing) as a valid authority.
* Return 0 on success or filtering out by type,
* or -1 if the line isn't well-formed or if we can't add it. */
-static int
+STATIC int
parse_dir_authority_line(const char *line, dirinfo_type_t required_type,
int validate_only)
{
@@ -5600,7 +5597,8 @@ parse_dir_authority_line(const char *line, dirinfo_type_t
required_type,
log_warn(LD_CONFIG, "Redundant ipv6 addr/port on DirAuthority line");
} else {
if (tor_addr_port_parse(LOG_WARN, flag+strlen("ipv6="),
-&ipv6_addrport.addr, &ipv6_addrport.port) < 0
+&ipv6_addrport.addr, &ipv6_addrport.port,
+-1) < 0
|| tor_addr_family(&ipv6_addrport.addr) != AF_INET6) {
log_warn(LD_CONFIG, "Bad ipv6 addr/port %s on DirAuthority line",
escaped(flag));
@@ -5712,7 +5710,8 @@ parse_dir_fallback_line(const char *line,
log_warn(LD_CONFIG, "Redundant ipv6 addr/port on FallbackDir line");
} else {
if (tor_addr_port_parse(LOG_WARN, cp+strlen("ipv6="),
-&ipv6_addrport.addr, &ipv6_addrport.port) < 0
+&ipv6_addrport.addr, &ipv6_addrport.port,
+-1) < 0
|| tor_addr_family(&ipv6_addrport.addr) != AF_INET6) {
log_warn(LD_CONFIG, "Bad ipv6 addr/port %s on FallbackDir line",
escaped(cp));
diff --git a/src/or/config.h b/src/or/config.h
index 7e88688..bfdd169 100644
--- a/src/or/config.h
+++ b/src/or/config.h
@@ -152,10 +152,12 @@ STATIC int parse_transport_line(const or_options_t
*options,
int server);
STATIC int consider_adding_dir_servers(const or_options_t *options,
const or_options_t *old_options);
+STATIC void add_default_trusted_dir_authorities(dirinfo_type_t type);
MOCK_DECL(STATIC void, add_default_fallback_dir_servers, (void));
-STATIC int
-parse_dir_fallback_line(const char *line,
-int validate_only);
+STATIC int parse_dir_authority_line(const char *line,
+dirinfo_type_t required_type,
+int validate_only);
+STATIC int parse_dir_fallback_line(const char *line, int validate_only);
#endif
#endif
diff --git
[tor-commits] [tor/master] Add ability to keep the CAP_NET_BIND_SERVICE capability on Linux
commit e8cc839e41adc4975a61fee62abe7f6664fd0c0e
Author: Nick Mathewson
Date: Fri Nov 6 13:12:44 2015 -0500
Add ability to keep the CAP_NET_BIND_SERVICE capability on Linux
This feature allows us to bind low ports when starting as root and
switching UIDs.
Based on code by David Goulet.
Implement feature 8195
---
changes/feature8195 |6
configure.ac| 16 -
doc/tor.1.txt |8 +
src/common/compat.c | 97 ++-
src/common/compat.h | 10 +-
src/or/config.c | 46 +++-
src/or/or.h |3 ++
7 files changed, 175 insertions(+), 11 deletions(-)
diff --git a/changes/feature8195 b/changes/feature8195
new file mode 100644
index 000..0c366b5
--- /dev/null
+++ b/changes/feature8195
@@ -0,0 +1,6 @@
+ o Major features:
+- When Tor is started as root on Linux and told to switch user ID, it
+ can now retain the capabilitity to bind to low ports. By default,
+ Tor will do this only when it's switching user ID and some low
+ ports have been configured. You can change this behavior with
+ the new option KeepCapabilities. Closes ticket 8195.
diff --git a/configure.ac b/configure.ac
index 3bf2f47..eb7f2c2 100644
--- a/configure.ac
+++ b/configure.ac
@@ -698,6 +698,19 @@ else
fi
AC_SUBST(TOR_ZLIB_LIBS)
+dnl --
+dnl Check if libcap is available for capabilities.
+
+tor_cap_pkg_debian="libcap2"
+tor_cap_pkg_redhat="libcap"
+tor_cap_devpkg_debian="libcap-dev"
+tor_cap_devpkg_redhat="libcap-devel"
+
+AC_CHECK_LIB([cap], [cap_init], [],
+ AC_MSG_NOTICE([Libcap was not found. Capabilities will not be usable.])
+)
+AC_CHECK_FUNCS(cap_set_proc)
+
dnl -
dnl Now that we know about our major libraries, we can check for compiler
dnl and linker hardening options. We need to do this with the libraries known,
@@ -705,7 +718,7 @@ dnl since sometimes the linker will like an option but not
be willing to
dnl use it with a build of a library.
all_ldflags_for_check="$TOR_LDFLAGS_zlib $TOR_LDFLAGS_openssl
$TOR_LDFLAGS_libevent"
-all_libs_for_check="$TOR_ZLIB_LIBS $TOR_LIB_MATH $TOR_LIBEVENT_LIBS
$TOR_OPENSSL_LIBS $TOR_SYSTEMD_LIBS $TOR_LIB_WS32 $TOR_LIB_GDI"
+all_libs_for_check="$TOR_ZLIB_LIBS $TOR_LIB_MATH $TOR_LIBEVENT_LIBS
$TOR_OPENSSL_LIBS $TOR_SYSTEMD_LIBS $TOR_LIB_WS32 $TOR_LIB_GDI $TOR_CAP_LIBS"
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [
#if !defined(__clang__)
@@ -898,6 +911,7 @@ AC_CHECK_HEADERS(
fcntl.h \
signal.h \
string.h \
+ sys/capability.h \
sys/fcntl.h \
sys/stat.h \
sys/time.h \
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index 916433b..a7bf28b 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -601,6 +601,14 @@ GENERAL OPTIONS
[[User]] **User** __UID__::
On startup, setuid to this user and setgid to their primary group.
+[[KeepCapabilities]] **KeepCapabilities** **0**|**1**|**auto**::
+On Linux, when we are started as root and we switch our identity using
+the **User** option, the **KeepCapabilities** option tells us whether to
+try to retain our ability to bind to low ports. If this value is 1, we
+try to keep the capability; if it is 0 we do not; and if it is **auto**,
+we keep the capability only if we are configured to listen on a low port.
+(Default: auto.)
+
[[HardwareAccel]] **HardwareAccel** **0**|**1**::
If non-zero, try to use built-in (static) crypto hardware acceleration when
available. (Default: 0)
diff --git a/src/common/compat.c b/src/common/compat.c
index 7d72b4b..6551934 100644
--- a/src/common/compat.c
+++ b/src/common/compat.c
@@ -71,6 +71,9 @@
#ifdef HAVE_SYS_STATVFS_H
#include
#endif
+#ifdef HAVE_SYS_CAPABILITY_H
+#include
+#endif
#ifdef _WIN32
#include
@@ -1917,17 +1920,95 @@ tor_getpwuid(uid_t uid)
}
#endif
+/** Return true iff we were compiled with capability support, and capabilities
+ * seem to work. **/
+int
+have_capability_support(void)
+{
+#ifdef HAVE_LINUX_CAPABILITIES
+ cap_t caps = cap_get_proc();
+ if (caps == NULL)
+return 0;
+ cap_free(caps);
+ return 1;
+#else
+ return 0;
+#endif
+}
+
+#ifdef HAVE_LINUX_CAPABILITIES
+/** Helper. Drop all capabilities but a small set, and set PR_KEEPCAPS as
+ * appropriate.
+ *
+ * If pre_setuid, retain only CAP_NET_BIND_SERVICE, CAP_SETUID, and
+ * CAP_SETGID, and use PR_KEEPCAPS to ensure that capabilities persist across
+ * setuid().
+ *
+ * If not pre_setuid, retain only CAP_NET_BIND_SERVICE, and disable
+ * PR_KEEPCAPS.
+ *
+ * Return 0 on success, and -1 on failure.
+ */
+static int
+drop_capabilities(int pre_setuid)
+{
+ /* We keep these three capabilities, and these only, as we setuid.
+ * After we setuid, we drop all but the first. */
+ const cap_value_t caplist[] = {
+CAP_NET
[tor-commits] [tor/master] Add a new ipv6=address:orport flag to DirAuthority and FallbackDir
commit 85003f4c80b7c980099fedca7dba0c0a90209084
Author: Nick Mathewson
Date: Fri Feb 22 16:10:40 2013 -0500
Add a new ipv6=address:orport flag to DirAuthority and FallbackDir
Resolves # 6027
---
changes/bug6027 |4
doc/tor.1.txt |9 ++---
src/or/config.c | 32 +++-
src/or/or.h |2 ++
src/or/router.c |1 +
src/or/routerlist.c | 27 ---
src/or/routerlist.h |2 ++
7 files changed, 70 insertions(+), 7 deletions(-)
diff --git a/changes/bug6027 b/changes/bug6027
new file mode 100644
index 000..5233876
--- /dev/null
+++ b/changes/bug6027
@@ -0,0 +1,4 @@
+ o Minor features:
+- Allow users to configure directory authorities and fallback
+ directory servers with IPv6 addresses and ORPorts. Resolves
+ ticket 6027.
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index 041b000..3ef5674 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -358,7 +358,7 @@ GENERAL OPTIONS
DataDirectory. If the option is set to 1, make the DataDirectory readable
by the default GID. (Default: 0)
-[[FallbackDir]] **FallbackDir** __address__:__port__ orport=__port__
id=__fingerprint__ [weight=__num__]::
+[[FallbackDir]] **FallbackDir** __address__:__port__ orport=__port__
id=__fingerprint__ [weight=__num__] [ipv6=__address__:__orport__]::
When we're unable to connect to any directory cache for directory info
(usually because we don't know about any yet) we try a FallbackDir.
By default, the directory authorities are also FallbackDirs.
@@ -374,9 +374,12 @@ GENERAL OPTIONS
"bridge" flag is set. If a flag "orport=**port**" is given, Tor will use
the
given port when opening encrypted tunnels to the dirserver. If a flag
"weight=**num**" is given, then the directory server is chosen randomly
-with probability proportional to that weight (default 1.0). Lastly, if a
+with probability proportional to that weight (default 1.0). If a
flag "v3ident=**fp**" is given, the dirserver is a v3 directory authority
-whose v3 long-term signing key has the fingerprint **fp**. +
+whose v3 long-term signing key has the fingerprint **fp**. Lastly,
+if an "ipv6=__address__:__orport__" flag is present, then the directory
+authority is listening for IPv6 connections on the indicated IPv6 address
+and OR Port. +
+
If no **DirAuthority** line is given, Tor will use the default directory
authorities. NOTE: this option is intended for setting up a private Tor
diff --git a/src/or/config.c b/src/or/config.c
index 7b42c9f..894bd89 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -5538,6 +5538,7 @@ parse_dir_authority_line(const char *line, dirinfo_type_t
required_type,
smartlist_t *items = NULL;
int r;
char *addrport=NULL, *address=NULL, *nickname=NULL, *fingerprint=NULL;
+ tor_addr_port_t ipv6_addrport, *ipv6_addrport_ptr = NULL;
uint16_t dir_port = 0, or_port = 0;
char digest[DIGEST_LEN];
char v3_digest[DIGEST_LEN];
@@ -5594,6 +5595,19 @@ parse_dir_authority_line(const char *line,
dirinfo_type_t required_type,
} else {
type |= V3_DIRINFO|EXTRAINFO_DIRINFO|MICRODESC_DIRINFO;
}
+} else if (!strcasecmpstart(flag, "ipv6=")) {
+ if (ipv6_addrport_ptr) {
+log_warn(LD_CONFIG, "Redundant ipv6 addr/port on DirAuthority line");
+ } else {
+if (tor_addr_port_parse(LOG_WARN, flag+strlen("ipv6="),
+&ipv6_addrport.addr, &ipv6_addrport.port) < 0
+|| tor_addr_family(&ipv6_addrport.addr) != AF_INET6) {
+ log_warn(LD_CONFIG, "Bad ipv6 addr/port %s on DirAuthority line",
+ escaped(flag));
+ goto err;
+}
+ipv6_addrport_ptr = &ipv6_addrport;
+ }
} else {
log_warn(LD_CONFIG, "Unrecognized flag '%s' on DirAuthority line",
flag);
@@ -5636,6 +5650,7 @@ parse_dir_authority_line(const char *line, dirinfo_type_t
required_type,
log_debug(LD_DIR, "Trusted %d dirserver at %s:%d (%s)", (int)type,
address, (int)dir_port, (char*)smartlist_get(items,0));
if (!(ds = trusted_dir_server_new(nickname, address, dir_port, or_port,
+ ipv6_addrport_ptr,
digest, v3_digest, type, weight)))
goto err;
dir_server_add(ds);
@@ -5673,6 +5688,7 @@ parse_dir_fallback_line(const char *line,
int ok;
char id[DIGEST_LEN];
char *address=NULL;
+ tor_addr_port_t ipv6_addrport, *ipv6_addrport_ptr = NULL;
double weight=1.0;
memset(id, 0, sizeof(id));
@@ -5691,6 +5707,19 @@ parse_dir_fallback_line(const char *line,
} else if (!strcmpstart(cp, "id=")) {
ok = !base16_decode(id, DIGEST_LEN,
cp+strlen("id="), strlen(cp)-strlen("id="));
+} else if (!strcasecmpstart(cp, "ipv6=")) {
+ if (ipv6_addrport_ptr) {
+log_warn(LD_CONF
[tor-commits] [tor/master] clean whitespace
commit efc8b2dbbfa0659405edb1e388f1f84cb8023425 Author: Nick Mathewson Date: Tue Dec 15 13:22:41 2015 -0500 clean whitespace --- src/or/connection.c|1 - src/test/test_connection.c |1 - 2 files changed, 2 deletions(-) diff --git a/src/or/connection.c b/src/or/connection.c index 7df02b5..d6e5fcb 100644 --- a/src/or/connection.c +++ b/src/or/connection.c @@ -4321,7 +4321,6 @@ connection_get_by_type_state_rendquery(int type, int state, } \ STMT_END - /** Return a directory connection (if any one exists) that is fetching * the item described by purpose/resource, otherwise return NULL. */ diff --git a/src/test/test_connection.c b/src/test/test_connection.c index bbd3452..7e466a9 100644 --- a/src/test/test_connection.c +++ b/src/test/test_connection.c @@ -722,7 +722,6 @@ test_conn_download_status(void *arg) tt_assert(connection_dir_avoid_extra_connection_for_purpose( TEST_CONN_RSRC_PURPOSE) == 1); - /* now try closing one that is downloading - it stays open */ tt_assert(connection_dir_close_consensus_conn_if_extra(conn2) == 0); tt_assert(connection_dir_count_by_purpose_and_resource( ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Add UseDefaultFallbackDirs for hard-coded directory mirrors
commit 080ae03ee4c5c5e06f9f813cec4f66c5ab801a19
Author: teor (Tim Wilson-Brown)
Date: Wed Nov 25 08:53:29 2015 +1100
Add UseDefaultFallbackDirs for hard-coded directory mirrors
UseDefaultFallbackDirs enables any hard-coded fallback
directory mirrors. Default is 1, set it to 0 to disable fallbacks.
Implements ticket 17576.
Patch by "teor".
---
changes/feature17576-UseDefaultFallbackDirs |4 ++
doc/tor.1.txt |8 ++-
src/or/config.c | 13 -
src/or/or.h |2 +
src/test/test_config.c | 70 ---
5 files changed, 77 insertions(+), 20 deletions(-)
diff --git a/changes/feature17576-UseDefaultFallbackDirs
b/changes/feature17576-UseDefaultFallbackDirs
new file mode 100644
index 000..68843c4
--- /dev/null
+++ b/changes/feature17576-UseDefaultFallbackDirs
@@ -0,0 +1,4 @@
+ o Minor feature (fallback directories):
+- Add UseDefaultFallbackDirs, which enables any hard-coded fallback
+ directory mirrors. Default is 1, set it to 0 to disable fallbacks.
+ Implements ticket 17576. Patch by "teor".
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index aba0c1c..5dcfb45 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -356,7 +356,13 @@ GENERAL OPTIONS
[[FallbackDir]] **FallbackDir** __address__:__port__ orport=__port__
id=__fingerprint__ [weight=__num__]::
When we're unable to connect to any directory cache for directory info
(usually because we don't know about any yet) we try a FallbackDir.
-By default, the directory authorities are also FallbackDirs.
+By default, the directory authorities are also FallbackDirs. Specifying a
+FallbackDir replaces Tor's default hard-coded FallbackDirs (if any).
+
+[[UseDefaultFallbackDirs]] **UseDefaultFallbackDirs** **0**|**1**::
+Use Tor's default hard-coded FallbackDirs (if any). (When a
+FallbackDir line is present, it replaces the hard-coded FallbackDirs,
+regardless of the value of UseDefaultFallbackDirs.) (Default: 1)
[[DirAuthority]] **DirAuthority** [__nickname__] [**flags**]
__address__:__port__ __fingerprint__::
Use a nonstandard authoritative directory server at the provided address
diff --git a/src/or/config.c b/src/or/config.c
index 9028414..1cd99e5 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -251,6 +251,7 @@ static config_var_t option_vars_[] = {
V(ExtORPortCookieAuthFileGroupReadable, BOOL, "0"),
V(ExtraInfoStatistics, BOOL, "1"),
V(FallbackDir, LINELIST, NULL),
+ V(UseDefaultFallbackDirs, BOOL, "1"),
OBSOLETE("FallbackNetworkstatusFile"),
V(FascistFirewall, BOOL, "0"),
@@ -990,6 +991,7 @@ consider_adding_dir_servers(const or_options_t *options,
!smartlist_len(router_get_fallback_dir_servers()) || !old_options ||
!config_lines_eq(options->DirAuthorities, old_options->DirAuthorities) ||
!config_lines_eq(options->FallbackDir, old_options->FallbackDir) ||
+(options->UseDefaultFallbackDirs != old_options->UseDefaultFallbackDirs) ||
!config_lines_eq(options->AlternateBridgeAuthority,
old_options->AlternateBridgeAuthority) ||
!config_lines_eq(options->AlternateDirAuthority,
@@ -1018,8 +1020,8 @@ consider_adding_dir_servers(const or_options_t *options,
type |= V3_DIRINFO | EXTRAINFO_DIRINFO | MICRODESC_DIRINFO;
/* Only add the default fallback directories when the DirAuthorities,
* AlternateDirAuthority, and FallbackDir directory config options
- * are set to their defaults. */
- if (!options->FallbackDir) {
+ * are set to their defaults, and when UseDefaultFallbackDirs is 1. */
+ if (!options->FallbackDir && options->UseDefaultFallbackDirs) {
add_default_fallback_dir_servers();
}
}
@@ -3532,6 +3534,13 @@ options_validate(or_options_t *old_options, or_options_t
*options,
if (validate_addr_policies(options, msg) < 0)
return -1;
+ /* If FallbackDir is set, we don't UseDefaultFallbackDirs */
+ if (options->UseDefaultFallbackDirs && options->FallbackDir) {
+log_info(LD_CONFIG, "You have set UseDefaultFallbackDirs 1 and "
+ "FallbackDir(s). Ignoring UseDefaultFallbackDirs, and "
+ "using the FallbackDir(s) you have set.");
+ }
+
if (validate_dir_servers(options, old_options) < 0)
REJECT("Directory authority/fallback line did not parse. See logs "
"for details.");
diff --git a/src/or/or.h b/src/or/or.h
index 97fa9dc..c5e1b9c 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -3757,6 +3757,8 @@ typedef struct {
/** List of fallback directory servers */
config_line_t *FallbackDir;
+ /** Whether to use the default hard-coded FallbackDirs */
+ int UseDefaultFallbackDirs;
/** Weight to apply to all directory authority rates if considering them
* along with fallbackdirs */
diff --git
[tor-commits] [tor/master] Fix a few compilation warnings and errors
commit 744958e0ddc74e7f4db12a5d078d1188bf9f48e1
Author: Nick Mathewson
Date: Tue Dec 15 13:03:21 2015 -0500
Fix a few compilation warnings and errors
---
src/or/connection.h|4 ++--
src/or/directory.c |2 +-
src/or/directory.h |2 +-
src/test/test_connection.c |2 +-
4 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/src/or/connection.h b/src/or/connection.h
index 7479faa..59ea6d8 100644
--- a/src/or/connection.h
+++ b/src/or/connection.h
@@ -216,7 +216,7 @@ smartlist_t
*connection_dir_list_by_purpose_resource_and_state(
/** Return a count of directory connections that are fetching the item
* described by purpose/resource. */
-static INLINE int
+static inline int
connection_dir_count_by_purpose_and_resource(
int purpose,
const char *resource)
@@ -229,7 +229,7 @@ connection_dir_count_by_purpose_and_resource(
/** Return a count of directory connections that are fetching the item
* described by purpose/resource/state. */
-static INLINE int
+static inline int
connection_dir_count_by_purpose_resource_and_state(
int purpose,
const char *resource,
diff --git a/src/or/directory.c b/src/or/directory.c
index 63bbdaf..8370095 100644
--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -3441,7 +3441,7 @@ connection_dir_finished_flushing(dir_connection_t *conn)
/* A helper function for connection_dir_close_consensus_conn_if_extra()
* and connection_dir_close_extra_consensus_conns() that returns 0 if
* we can't have, or don't want to close, excess consensus connections. */
-int
+STATIC int
connection_dir_would_close_consensus_conn_helper(void)
{
const or_options_t *options = get_options();
diff --git a/src/or/directory.h b/src/or/directory.h
index 22d7b66..2644e57 100644
--- a/src/or/directory.h
+++ b/src/or/directory.h
@@ -142,7 +142,7 @@ STATIC int directory_handle_command_get(dir_connection_t
*conn,
const char *headers,
const char *req_body,
size_t req_body_len);
-int connection_dir_would_close_consensus_conn_helper(void);
+STATIC int connection_dir_would_close_consensus_conn_helper(void);
STATIC int download_status_schedule_get_delay(download_status_t *dls,
const smartlist_t *schedule,
time_t now);
diff --git a/src/test/test_connection.c b/src/test/test_connection.c
index 1067b5f..bbd3452 100644
--- a/src/test/test_connection.c
+++ b/src/test/test_connection.c
@@ -312,7 +312,7 @@ test_conn_download_status_setup(const struct testcase_t *tc)
(void)tc;
/* Don't return NULL, that causes the test to fail */
- return "ok";
+ return (void*)"ok";
}
static int
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Add Fallback Directory Candidate Selection Script
commit 4c1c2a313dcd3638eededd4a1a83ed5f0b8b9fed Author: teor Date: Wed May 13 04:10:39 2015 +1000 Add Fallback Directory Candidate Selection Script "Tor has included a feature to fetch the initial consensus from nodes other than the authorities for a while now. We just haven't shipped a list of alternate locations for clients to go to yet. Reasons why we might want to ship tor with a list of additional places where clients can find the consensus is that it makes authority reachability and BW less important. We want them to have been around and using their current key, address, and port for a while now (120 days), and have been running, a guard, and a v2 directory mirror for most of that time." Features: * whitelist and blacklist for an opt-in/opt-out trial. * excludes BadExits, tor versions that aren't recommended, and low consensus weight directory mirrors. * reduces the weighting of Exits to avoid overloading them. * places limits on the weight of any one fallback. * includes an IPv6 address and orport for each FallbackDir, as implemented in #17327. (Tor won't bootstrap using IPv6 fallbacks until #17840 is merged.) * generated output includes timestamps & Onionoo URL for traceability. * unit test ensures that we successfully load all included default fallback directories. Closes ticket #15775. Patch by "teor". OnionOO script by "weasel", "teor", "gsathya", and "karsten". --- .gitignore |5 + changes/feature15775-fallback | 19 + scripts/maint/fallback.blacklist| 19 + scripts/maint/fallback.whitelist| 13 + scripts/maint/updateFallbackDirs.py | 1225 +++ src/or/config.c |1 + src/or/fallback_dirs.inc|1 + src/or/include.am |1 + src/or/routerlist.c | 11 +- src/test/test_config.c | 48 +- 10 files changed, 1321 insertions(+), 22 deletions(-) diff --git a/.gitignore b/.gitignore index c1dff8b..f88d382 100644 --- a/.gitignore +++ b/.gitignore @@ -28,6 +28,11 @@ cscope.* # OSX junk *.dSYM .DS_Store +# updateFallbackDirs.py temp files +details-*.json +uptime-*.json +*.full_url +*.last_modified # / /Makefile diff --git a/changes/feature15775-fallback b/changes/feature15775-fallback new file mode 100644 index 000..567d01c --- /dev/null +++ b/changes/feature15775-fallback @@ -0,0 +1,19 @@ + o Major features (directory mirrors): +- Include an opt-in trial list of Default Fallback Directories in + add_default_fallback_dir_servers(). + "Tor has included a feature to fetch the initial consensus from nodes + other than the authorities for a while now. We just haven't shipped a + list of alternate locations for clients to go to yet. + Reasons why we might want to ship tor with a list of additional places + where clients can find the consensus is that it makes authority + reachability and BW less important. + We want them to have been around and using their current key, address, + and port for a while now (120 days), and have been running, a guard, + and a v2 directory mirror for most of that time." + We exclude BadExits and tor versions that aren't recommended. + We include an IPv6 address for each FallbackDir (#8374). + (Tor might not use IPv6 fallbacks until #6027 is merged.) + The unit test ensures that we successfully load all included + default fallback directories. + Closes ticket #15775. Patch by "teor". + OnionOO script by "weasel", "teor", "gsathya", and "karsten". diff --git a/scripts/maint/fallback.blacklist b/scripts/maint/fallback.blacklist new file mode 100644 index 000..919ae33 --- /dev/null +++ b/scripts/maint/fallback.blacklist @@ -0,0 +1,19 @@ +# updateFallbackDirs.py directory mirror blacklist +# +# Format: +# [ IPv4[:DirPort] ] [ orport= ] [ id= ] ... +# [ ipv6=[:] ] +# +# If a sufficiently specific group of attributes matches, the directory mirror +# will be excluded: (each group is listed on its own line) +# , +# , +# +# , +# , +# If DirPort and ORPort are not present, the entire IP address is blacklisted. +# (The blacklist overrides the whitelist.) + +# If a relay operator doesn't want their relay to be a FallbackDir, +# enter the following information here: +# : orport= id= ipv6=: diff --git a/scripts/maint/fallback.whitelist b/scripts/maint/fallback.whitelist new file mode 100644 index 000..a88dfaa --- /dev/null +++ b/scripts/maint/fallback.whitelist @@ -0,0 +1,13 @@ +# updateFallbackDirs.py directory mirror whitelist +# +# Format: +# IPv4:DirPort orport= id= [ ipv6=: ] +# +# All attributes must match for the directory mirror to be included. +# If the fallback has an ipv6 key, the whitelist line must also have +# it, and vice versa, otherwise they don't matc
[tor-commits] [tor/master] Merge remote-tracking branch 'teor/feature17327-v4'
commit aa4be914f06baa92857de201a212b9fc9856bdb1
Merge: 125e0c7 60fc2b2
Author: Nick Mathewson
Date: Tue Dec 15 13:19:18 2015 -0500
Merge remote-tracking branch 'teor/feature17327-v4'
changes/bug6027|4 +
changes/feature17327 |5 ++
doc/tor.1.txt |9 ++-
src/or/config.c| 49 +--
src/or/config.h|8 +-
src/or/or.h|2 +
src/or/router.c|1 +
src/or/routerlist.c| 27 ++-
src/or/routerlist.h|2 +
src/test/test_config.c | 175
src/test/test_dir_handle_get.c | 28 +++
11 files changed, 280 insertions(+), 30 deletions(-)
diff --cc doc/tor.1.txt
index 562fed9,3ef5674..f173a97
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@@ -358,20 -358,10 +358,20 @@@ GENERAL OPTION
DataDirectory. If the option is set to 1, make the DataDirectory readable
by the default GID. (Default: 0)
- [[FallbackDir]] **FallbackDir** __address__:__port__ orport=__port__
id=__fingerprint__ [weight=__num__]::
+ [[FallbackDir]] **FallbackDir** __address__:__port__ orport=__port__
id=__fingerprint__ [weight=__num__] [ipv6=__address__:__orport__]::
When we're unable to connect to any directory cache for directory info
-(usually because we don't know about any yet) we try a FallbackDir.
-By default, the directory authorities are also FallbackDirs.
+(usually because we don't know about any yet) we try a directory
authority.
+Clients also simultaneously try a FallbackDir, to avoid hangs on client
+startup if a directory authority is down. Clients retry FallbackDirs more
+often than directory authorities, to reduce the load on the directory
+authorities.
+By default, the directory authorities are also FallbackDirs. Specifying a
+FallbackDir replaces Tor's default hard-coded FallbackDirs (if any).
+
+[[UseDefaultFallbackDirs]] **UseDefaultFallbackDirs** **0**|**1**::
+Use Tor's default hard-coded FallbackDirs (if any). (When a
+FallbackDir line is present, it replaces the hard-coded FallbackDirs,
+regardless of the value of UseDefaultFallbackDirs.) (Default: 1)
[[DirAuthority]] **DirAuthority** [__nickname__] [**flags**]
__address__:__port__ __fingerprint__::
Use a nonstandard authoritative directory server at the provided address
diff --cc src/test/test_config.c
index 1d25f86,580dae4..0137d1c
--- a/src/test/test_config.c
+++ b/src/test/test_config.c
@@@ -3326,8 -3383,12 +3496,13 @@@ test_config_use_multiple_directories(vo
{ #name, test_config_ ## name, flags, NULL, NULL }
struct testcase_t config_tests[] = {
+ CONFIG_TEST(adding_trusted_dir_server, TT_FORK),
+ CONFIG_TEST(adding_fallback_dir_server, TT_FORK),
+ CONFIG_TEST(parsing_trusted_dir_server, 0),
+ CONFIG_TEST(parsing_fallback_dir_server, 0),
+ CONFIG_TEST(adding_default_trusted_dir_servers, TT_FORK),
CONFIG_TEST(adding_dir_servers, TT_FORK),
+ CONFIG_TEST(default_dir_servers, TT_FORK),
CONFIG_TEST(resolve_my_address, TT_FORK),
CONFIG_TEST(addressmap, 0),
CONFIG_TEST(parse_bridge_line, 0),
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Fix some memory leaks in the unit tests
commit a56fb58d6e1e93b95e2a060b61f3d00eab95a298
Author: Nick Mathewson
Date: Tue Dec 15 14:00:08 2015 -0500
Fix some memory leaks in the unit tests
---
src/test/test_connection.c | 21 +
src/test/test_dns.c|2 ++
src/test/test_tortls.c |4
src/test/testing_common.c |1 +
4 files changed, 20 insertions(+), 8 deletions(-)
diff --git a/src/test/test_connection.c b/src/test/test_connection.c
index 7e466a9..f6e08fd 100644
--- a/src/test/test_connection.c
+++ b/src/test/test_connection.c
@@ -501,21 +501,26 @@ test_conn_get_rend(void *arg)
;
}
-#define sl_is_conn_assert(sl, conn) \
- do { \
-tt_assert(smartlist_len((sl)) == 1); \
-tt_assert(smartlist_get((sl), 0) == (conn)); \
+#define sl_is_conn_assert(sl_input, conn) \
+ do { \
+the_sl = (sl_input); \
+tt_assert(smartlist_len((the_sl)) == 1); \
+tt_assert(smartlist_get((the_sl), 0) == (conn)); \
+smartlist_free(the_sl); the_sl = NULL; \
} while (0)
-#define sl_no_conn_assert(sl) \
- do { \
-tt_assert(smartlist_len((sl)) == 0); \
+#define sl_no_conn_assert(sl_input) \
+ do { \
+the_sl = (sl_input); \
+tt_assert(smartlist_len((the_sl)) == 0); \
+smartlist_free(the_sl); the_sl = NULL; \
} while (0)
static void
test_conn_get_rsrc(void *arg)
{
dir_connection_t *conn = DOWNCAST(dir_connection_t, arg);
+ smartlist_t *the_sl = NULL;
tt_assert(conn);
assert_connection_ok(&conn->base_, time(NULL));
@@ -630,7 +635,7 @@ test_conn_get_rsrc(void *arg)
== 0);
done:
- ;
+ smartlist_free(the_sl);
}
static void
diff --git a/src/test/test_dns.c b/src/test/test_dns.c
index b40a482..b781d6d 100644
--- a/src/test/test_dns.c
+++ b/src/test/test_dns.c
@@ -579,6 +579,7 @@ NS(test_main)(void *arg)
tor_free(TO_CONN(exitconn)->address);
tor_free(cache_entry->pending_connections);
tor_free(cache_entry);
+ tor_free(exitconn);
return;
}
@@ -739,6 +740,7 @@ NS(test_main)(void *arg)
tor_free(TO_CONN(exitconn)->address);
tor_free(cache_entry->pending_connections);
tor_free(cache_entry);
+ tor_free(exitconn);
return;
}
diff --git a/src/test/test_tortls.c b/src/test/test_tortls.c
index b4a3435..8602d9e 100644
--- a/src/test/test_tortls.c
+++ b/src/test/test_tortls.c
@@ -145,6 +145,7 @@ test_tortls_tor_tls_new(void *data)
tt_want(tls);
tor_tls_free(tls); tls = NULL;
+ SSL_CTX_free(client_tls_context->ctx);
client_tls_context->ctx = NULL;
tls = tor_tls_new(-1, 0);
tt_assert(!tls);
@@ -1140,6 +1141,7 @@ test_tortls_check_lifetime(void *ignored)
tor_free(tls->ssl->session);
tor_free(tls->ssl);
tor_free(tls);
+ X509_free(validCert);
}
#endif
@@ -1465,6 +1467,7 @@ test_tortls_try_to_extract_certs_from_tls(void *ignored)
tt_assert(id_cert);
done:
+ sk_X509_free(sess->cert_chain);
tor_free(sess);
tor_free(tls->ssl->session);
tor_free(tls->ssl);
@@ -2166,6 +2169,7 @@ test_tortls_write(void *ignored)
done:
teardown_capture_of_logs(previous_log);
+ BIO_free(tls->ssl->rbio);
tor_free(tls->ssl);
tor_free(tls);
tor_free(method);
diff --git a/src/test/testing_common.c b/src/test/testing_common.c
index 2ea158f..e20e9e6 100644
--- a/src/test/testing_common.c
+++ b/src/test/testing_common.c
@@ -297,6 +297,7 @@ main(int c, const char **v)
tor_free_all(0);
dmalloc_log_unfreed();
#endif
+ crypto_global_cleanup();
if (have_failed)
return 1;
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge remote-tracking branch 'teor/feature15775-fallback-v9-squashed'
commit 6ba8afe5f87a1edd16f4c61cbb59a29f9126c6c6
Merge: a56fb58 4c1c2a3
Author: Nick Mathewson
Date: Tue Dec 15 14:04:00 2015 -0500
Merge remote-tracking branch 'teor/feature15775-fallback-v9-squashed'
.gitignore |5 +
changes/feature15775-fallback | 19 +
scripts/maint/fallback.blacklist| 19 +
scripts/maint/fallback.whitelist| 13 +
scripts/maint/updateFallbackDirs.py | 1225 +++
src/or/config.c |1 +
src/or/fallback_dirs.inc|1 +
src/or/include.am |1 +
src/or/routerlist.c | 11 +-
src/test/test_config.c | 32 +-
10 files changed, 1320 insertions(+), 7 deletions(-)
diff --cc src/test/test_config.c
index 0137d1c,00489d1..53fc693
--- a/src/test/test_config.c
+++ b/src/test/test_config.c
@@@ -3412,97 -3196,38 +3412,125 @@@ test_config_adding_dir_servers(void *ar
}
static void
+test_config_default_dir_servers(void *arg)
+{
+ or_options_t *opts = NULL;
+ (void)arg;
+ int trusted_count = 0;
+ int fallback_count = 0;
+
+ opts = tor_malloc_zero(sizeof(or_options_t));
+ opts->UseDefaultFallbackDirs = 0;
+ consider_adding_dir_servers(opts, opts);
+ trusted_count = smartlist_len(router_get_trusted_dir_servers());
+ fallback_count = smartlist_len(router_get_fallback_dir_servers());
+ or_options_free(opts);
+ opts = NULL;
+
+ /* assume a release will never go out with less than 7 authorities */
+ tt_assert(trusted_count >= 7);
+ /* if we disable the default fallbacks, there must not be any extra */
+ tt_assert(fallback_count == trusted_count);
+
+ opts = tor_malloc_zero(sizeof(or_options_t));
+ opts->UseDefaultFallbackDirs = 1;
+ consider_adding_dir_servers(opts, opts);
+ trusted_count = smartlist_len(router_get_trusted_dir_servers());
+ fallback_count = smartlist_len(router_get_fallback_dir_servers());
+ or_options_free(opts);
+ opts = NULL;
+
+ /* assume a release will never go out with less than 7 authorities */
+ tt_assert(trusted_count >= 7);
+ /* XX/teor - allow for default fallbacks to be added without breaking
+ * the unit tests. Set a minimum fallback count once the list is stable. */
+ tt_assert(fallback_count >= trusted_count);
+
+ done:
+ or_options_free(opts);
+}
+
+static void
+test_config_use_multiple_directories(void *arg)
+{
+ (void)arg;
+
+ or_options_t *options = tor_malloc_zero(sizeof(or_options_t));
+
+ /* Clients can use multiple directory mirrors for bootstrap */
+ memset(options, 0, sizeof(or_options_t));
+ options->ClientOnly = 1;
+ tt_assert(networkstatus_consensus_can_use_multiple_directories(options)
+== 1);
+
+ /* Bridge Clients can use multiple directory mirrors for bootstrap */
+ memset(options, 0, sizeof(or_options_t));
+ options->UseBridges = 1;
+ tt_assert(networkstatus_consensus_can_use_multiple_directories(options)
+== 1);
+
+ /* Bridge Relays (Bridges) must act like clients, and use multiple
+ * directory mirrors for bootstrap */
+ memset(options, 0, sizeof(or_options_t));
+ options->BridgeRelay = 1;
+ tt_assert(networkstatus_consensus_can_use_multiple_directories(options)
+== 1);
+
+ /* Clients set to FetchDirInfoEarly must fetch it from the authorities */
+ memset(options, 0, sizeof(or_options_t));
+ options->FetchDirInfoEarly = 1;
+ tt_assert(networkstatus_consensus_can_use_multiple_directories(options)
+== 0);
+
+ /* OR servers must fetch the consensus from the authorities */
+ memset(options, 0, sizeof(or_options_t));
+ options->ORPort_set = 1;
+ tt_assert(networkstatus_consensus_can_use_multiple_directories(options)
+== 0);
+
+ done:
+ tor_free(options);
+}
+
++static void
+ test_config_default_fallback_dirs(void *arg)
+ {
+ const char *fallback[] = {
+ #include "../or/fallback_dirs.inc"
+ NULL
+ };
+
+ int n_included_fallback_dirs = 0;
+ int n_added_fallback_dirs = 0;
+
+ (void)arg;
+ clear_dir_servers();
+
+ while (fallback[n_included_fallback_dirs])
+ n_included_fallback_dirs++;
+
+ add_default_fallback_dir_servers();
+
+ n_added_fallback_dirs = smartlist_len(router_get_fallback_dir_servers());
+
+ tt_assert(n_included_fallback_dirs == n_added_fallback_dirs);
+
+ done:
+ clear_dir_servers();
+ }
+
#define CONFIG_TEST(name, flags) \
{ #name, test_config_ ## name, flags, NULL, NULL }
struct testcase_t config_tests[] = {
- CONFIG_TEST(adding_dir_servers, 0),
+ CONFIG_TEST(adding_trusted_dir_server, TT_FORK),
+ CONFIG_TEST(adding_fallback_dir_server, TT_FORK),
+ CONFIG_TEST(parsing_trusted_dir_server, 0),
+ CONFIG_TEST(parsing_fallback_dir_server, 0),
+ CONFIG_TEST(adding_default_trusted_dir_servers, TT_FORK),
+ CONFIG_TEST(adding_dir_servers, TT_FORK),
+ CONFIG_TEST(default_dir_servers, TT_FORK),
+ CON
[tor-commits] [translation/tails-persistence-setup] Update translations for tails-persistence-setup
commit 8c9e43d947d2c8bb3b5abb8b29f61673c69fe7f6 Author: Translation commit bot Date: Tue Dec 15 19:15:23 2015 + Update translations for tails-persistence-setup --- lt/lt.po |8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/lt/lt.po b/lt/lt.po index eb79cbf..19bf216 100644 --- a/lt/lt.po +++ b/lt/lt.po @@ -9,8 +9,8 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: Tails developers \n" "POT-Creation-Date: 2015-12-14 21:35+0100\n" -"PO-Revision-Date: 2015-12-15 09:27+\n" -"Last-Translator: carolyn \n" +"PO-Revision-Date: 2015-12-15 19:02+\n" +"Last-Translator: Moo\n" "Language-Team: Lithuanian (http://www.transifex.com/otf/torproject/language/lt/)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" @@ -52,7 +52,7 @@ msgstr "" #: ../lib/Tails/Persistence/Configuration/Presets.pm:88 msgid "GNOME Keyring" -msgstr "" +msgstr "GNOME raktinÄ" #: ../lib/Tails/Persistence/Configuration/Presets.pm:90 msgid "Secrets stored by GNOME Keyring" @@ -108,7 +108,7 @@ msgstr "APT atsisiųsti sÄ raÅ¡ai" #: ../lib/Tails/Persistence/Configuration/Presets.pm:158 msgid "Icedove" -msgstr "" +msgstr "Icedove" #: ../lib/Tails/Persistence/Configuration/Presets.pm:160 msgid "Icedove profiles and locally stored email" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [atlas/master] Removed deprecated family field. Displaying effective and alleged family instead.
commit d7bbd232b69cce930cb97abca79769207cfa976b
Author: orlando
Date: Sat Nov 28 00:27:13 2015 -0300
Removed deprecated family field. Displaying effective and alleged family
instead.
---
css/style.css |4
js/models/relay.js|8 +++-
templates/details/router.html |6 --
3 files changed, 15 insertions(+), 3 deletions(-)
diff --git a/css/style.css b/css/style.css
index 5040128..71a63b9 100644
--- a/css/style.css
+++ b/css/style.css
@@ -48,3 +48,7 @@
.container #content {
padding-top: 60px;
}
+
+a.alleged {
+ color: #FE9F30;
+}
diff --git a/js/models/relay.js b/js/models/relay.js
index ea5c987..c8604db 100644
--- a/js/models/relay.js
+++ b/js/models/relay.js
@@ -154,7 +154,13 @@ define([
relay.obandwidth = relay.observed_bandwidth ?
hrBandwidth(relay.observed_bandwidth) : null;
relay.bandwidth = relay.advertised_bandwidth ?
relay.advertised_bandwidth : null;
relay.bandwidth_hr = relay.advertised_bandwidth ?
hrBandwidth(relay.advertised_bandwidth) : null;
-relay.family = relay.family ? relay.family : null;
+if(relay.alleged_family || relay.effective_family) {
+ relay.effective_family =
relay.effective_family ? relay.effective_family : null;
+ relay.alleged_family =
relay.alleged_family ? relay.alleged_family : null;
+ relay.empty_family = false;
+ } else {
+ relay.empty_family = true;
+ }
if (relay.is_bridge) {
var new_addresses = [];
_.each(relay.or_addresses, function(or_addr) {
diff --git a/templates/details/router.html b/templates/details/router.html
index 1aedfe5..50d0ccc 100644
--- a/templates/details/router.html
+++ b/templates/details/router.html
@@ -91,8 +91,10 @@
<%= relay.get('last_restarted') %>
Family Members
-<% _.each(relay.get('family'), function(member) { %><% var valid
= member.match(RegExp("^\$[A-F0-9]{40}$")); %>
-<% if (valid) { %><% } %><%=
member %><% if (valid) { %><% }}); %>
+<% if (relay.get('effective_family') !== null) { %><%
_.each(relay.get('effective_family'), function(member) { %><% var valid =
member.match(RegExp("^\$[A-F0-9]{40}$")); %>
+<% if (valid) { %><% } %><%= member %><% if (valid) { %><%
}}); %><% } %>
+<% if (relay.get('alleged_family') !== null) { %><%
_.each(relay.get('alleged_family'), function(member) { %><% var valid =
member.match(RegExp("^\$[A-F0-9]{40}$")); %>
+<% if (valid) { %><% } %><%= member %><% if (valid)
{ %><% }}); %><% } %>
Descriptor Published
<%= relay.get('desc_published') %>
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser-bundle/master] Avoid language prompt on first start in alphas
commit a0e1b93bd6b0c28a36edb71fcc8e71c43b708548
Author: Georg Koppen
Date: Wed Dec 16 07:58:27 2015 +
Avoid language prompt on first start in alphas
---
Bundle-Data/Docs/ChangeLog.txt |4
gitian/versions.alpha |2 +-
2 files changed, 1 insertion(+), 5 deletions(-)
diff --git a/Bundle-Data/Docs/ChangeLog.txt b/Bundle-Data/Docs/ChangeLog.txt
index 237fdf9..4812fc4 100644
--- a/Bundle-Data/Docs/ChangeLog.txt
+++ b/Bundle-Data/Docs/ChangeLog.txt
@@ -13,10 +13,6 @@ Tor Browser 5.5a5 -- December 15 2015
* Bug 17108: Polish about:tor appearance
* Bug 17568: Clean up tor-control-port.js
* Translation updates
- * Update Tor Launcher to 0.2.8.1
- * Bug 17344: Enumerate available language packs for language prompt
- * Code clean-up
- * Translation updates
* Bug 9659: Avoid loop due to optimistic data SOCKS code (fix of #3875)
* Bug 15564: Isolate SharedWorkers by first-party domain
* Bug 16940: After update, load local change notes
diff --git a/gitian/versions.alpha b/gitian/versions.alpha
index ae70b91..2691a1d 100755
--- a/gitian/versions.alpha
+++ b/gitian/versions.alpha
@@ -13,7 +13,7 @@ TORBROWSER_UPDATE_CHANNEL=alpha
TORBROWSER_TAG=tor-browser-${FIREFOX_VERSION}-5.5-1-build1
TOR_TAG=tor-0.2.7.6
-TORLAUNCHER_TAG=0.2.8.1
+TORLAUNCHER_TAG=0.2.7.7
TORBUTTON_TAG=1.9.4.2
HTTPSE_TAG=5.1.1
NSIS_TAG=v0.3
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
