Nick Mathewson [Mon, 15 Jul 2013 16:52:29 +0000 (12:52 -0400)]
Lightly refactor and test format_hex_number_sigsafe
Better tests for upper bounds, and for failing cases.
Also, change the function's interface to take a buffer length rather
than a maximum length, and then NUL-terminate: functions that don't
NUL-terminate are trouble waiting to happen.
Nick Mathewson [Mon, 15 Jul 2013 16:17:23 +0000 (12:17 -0400)]
Don't build format_helper_exit_status on win32
The only thing that used format_helper_exit_status on win32 was the
unit tests. This caused an error when we tried to leave a static
format_helper_exit_status lying around in a production object file.
The easiest solution is to admit that this way of dealing with process
exit status is Unix-only.
Nick Mathewson [Wed, 10 Jul 2013 19:03:01 +0000 (15:03 -0400)]
Add rudimentary test mocking support.
This is not the most beautiful possible implementation (it requires
decorating mockable functions with ugly macros), but it actually
works, and is portable across multiple compilers and architectures.
Nick Mathewson [Tue, 9 Jul 2013 16:54:39 +0000 (12:54 -0400)]
Add a script to compare directories full of gcov output
We can't just use "diff", since we don't care about changes in line
numbers, or changes in the exact number of times a line was called.
We just care about changes that make lines covered or non-coverd. So
pre-process the files before calling diff.
Nick Mathewson [Tue, 9 Jul 2013 16:37:11 +0000 (12:37 -0400)]
Coverage support: build with --enable-coverage to have tests run with gcov
If you pass the --enable-coverage flag on the command line, we build
our testing binaries with appropriate options eo enable coverage
testing. We also build a "tor-cov" binary that has coverage enabled,
for integration tests.
On recent OSX versions, test coverage only works with clang, not gcc.
So we warn about that.
Also add a contrib/coverage script to actually run gcov with the
appropriate options to generate useful .gcov files. (Thanks to
automake, the .o files will not have the names that gcov expects to
find.)
Also, remove generated gcda and gcno files on clean.
Nick Mathewson [Thu, 6 Jun 2013 21:58:28 +0000 (17:58 -0400)]
Completely refactor how FILENAME_PRIVATE works
We previously used FILENAME_PRIVATE identifiers mostly for
identifiers exposed only to the unit tests... but also for
identifiers exposed to the benchmarker, and sometimes for
identifiers exposed to a similar module, and occasionally for no
really good reason at all.
Now, we use FILENAME_PRIVATE identifiers for identifiers shared by
Tor and the unit tests. They should be defined static when we
aren't building the unit test, and globally visible otherwise. (The
STATIC macro will keep us honest here.)
For identifiers used only by the unit tests and never by Tor at all,
on the other hand, we wrap them in #ifdef TOR_UNIT_TESTS.
This is not the motivating use case for the split test/non-test
build system; it's just a test example to see how it works, and to
take a chance to clean up the code a little.
Nick Mathewson [Thu, 6 Jun 2013 18:56:05 +0000 (14:56 -0400)]
Start work on fancy compiler tricks to expose extra stuff to our tests
This is mainly a matter of automake trickery: we build each static
library in two versions now: one with the TOR_UNIT_TESTS macro
defined, and one without. When TOR_UNIT_TESTS is defined, we can
enable mocking and expose more functions. When it's not defined, we
can lock the binary down more.
The alternatives would be to have alternate build modes: a "testing
configuration" for building the libraries with test support, and a
"production configuration" for building them without. I don't favor
that approach, since I think it would mean more people runnning
binaries build for testing, or more people not running unit tests.
Nick Mathewson [Wed, 3 Jul 2013 16:01:37 +0000 (12:01 -0400)]
FIx undefined behavior in dirvote.c
Fix a bug in the voting algorithm that could yield incorrect results
when a non-naming authority declared too many flags. Fixes bug 9200;
bugfix on 0.2.0.3-alpha.
Nick Mathewson [Sun, 16 Jun 2013 13:55:44 +0000 (09:55 -0400)]
Implement a real OOM-killer for too-long circuit queues.
This implements "algorithm 1" from my discussion of bug #9072: on OOM,
find the circuits with the longest queues, and kill them. It's also a
fix for #9063 -- without the side-effects of bug #9072.
The memory bounds aren't perfect here, and you need to be sure to
allow some slack for the rest of Tor's usage.
This isn't a perfect fix; the rest of the solutions I describe on
codeable.
Nick Mathewson [Thu, 21 Mar 2013 18:51:27 +0000 (14:51 -0400)]
Implementation of a fix for bug 7912
I added the code to pass a destroy cell to a queueing function rather
than writing it immediately, and the code to remember that we
shouldn't reuse the circuit id until the destroy is actually sent, and
the code to release the circuit id once the destroy has been sent...
and then I finished by hooking destroy_cell_queue into the rest of
Tor.
Nick Mathewson [Thu, 13 Jun 2013 01:07:27 +0000 (21:07 -0400)]
Remove various outdated documents.
doc/TODO and doc/spec/README were placeholders to tell people where to
look for the real TODO and README stuff -- we replaced them years ago,
though.
authority-policy, v3-authority-howto, and torel-design.txt belong in
torspec. I'm putting them in attic there since I think they may be in
large part obsolete, but someone can rescue them if they're not.
translations.txt is outdated, and refers to lots of programs other
than Tor. We have much better translation resources on the website
now.
tor-win32-mingw-creation.txt is pending review of a revised version
for 0.2.5 (see ticket #4520), but there's no reason to ship this one
while we're waiting for an accurate version.
the tor-rpm-creation.txt isn't obsolete AFAIK, but it belongs in
doc/contrib if anywhere.
projects / thirdparty / tor.git / log
