Nick Mathewson [Wed, 30 May 2012 16:14:38 +0000 (12:14 -0400)]
Add __attribute__(format)s for our varargs printf/scanf wrappers
It turns out that if you set the third argument of
__attribute__(format) to 0, GCC and Clang will check the format
argument without expecting to find variadic arguments. This is the
correct behavior for vsnprintf, vasprintf, and vscanf.
I'm hoping this will fix bug 5969 (a clang warning) by telling clang that
the format argument to tor_vasprintf is indeed a format string.
Nick Mathewson [Fri, 18 May 2012 16:21:46 +0000 (12:21 -0400)]
Fix a hard-to-trigger memory leak in launch_resolve
To hit this leak, you need to be a relay that gets a RESOLVE request
or an exit node getting a BEGIN or RESOLVE request. You must either
have unconfigured (and unconfigurable) nameservers, or you must have
somehow set DisableNetwork after a network request arrived but
before you managed to process it.
So, I doubt this is reached often. Still, a leak's a leak. Fix for
bug 5916; bugfix on 0.2.3.9-alpha and 0.1.2.1-alpha.
Nick Mathewson [Wed, 16 May 2012 16:19:56 +0000 (12:19 -0400)]
Make the succeeding parse_http_time tests more obviously right
(When the correct answer is given in terms of seconds since the
epoch, it's hard to be sure that it really is the right answer
just by reading the code.)
* It seems parse_http_time wasn't parsing correctly any date with commas (RFCs
1123 and 850). Fix that.
* It seems parse_http_time was reporting the wrong month (they start at 0, not
1). Fix that.
* Add some tests for parse_http_time, covering all three formats.
In connection_ap_handshake_process_socks(), mark the socks request as finished if a reply is send after a parse error
Silences the log message:
[warn] {BUG} _connection_mark_unattached_ap(): Bug: stream (marked at connection_edge.c:2224) sending two socks replies?
after the client triggered the "Tor is not an HTTP Proxy" response.
Roger Dingledine [Wed, 16 May 2012 15:28:36 +0000 (11:28 -0400)]
Remove over-two-months-old entry guards even while running.
Previously, we only did this check at startup, which could lead to
us holding a guard indefinitely, and give weird results. Fixes bug
5380; bugfix on 0.2.1.14-rc.
(Patch by Roger; changes file and commit message by Nick)
Nick Mathewson [Wed, 11 Apr 2012 18:47:42 +0000 (14:47 -0400)]
When ReloadTorrcOnSIGHUP=1, do non-reload activities anyway
Previously, we skipped everything that got invoked from
options_init_from_torrc. But some of the stuff in
options_act_reversible and options_act is actually important, like
reopening the logs.
Now, a SIGHUP always makes the effects of an options_set() happen,
even though the options haven't changed.
Fix for bug 5095; bugfix on 0.2.1.9-alpha, which introduced
__ReloadTorrcOnSIGHUP.
Nick Mathewson [Mon, 14 May 2012 17:05:00 +0000 (13:05 -0400)]
MSVC build issue: make 'const' in declaration match 'const' in definition
MSVC warns if you declare a function as having a "int foo" argument
and then implement it with a "const int foo" argument, even though
the latter "const" is not a part of the function's interface.
Nick Mathewson [Fri, 11 May 2012 22:06:12 +0000 (18:06 -0400)]
Do not publish the "git-XXX" tag in server descriptors
Instead, allow packagers to put a 'TOR_BUILD_TAG' field in the
server descriptor to indicate a platform-specific value, if they
need to. (According to weasel, this was his use for the git- tag
previously.)
Nick Mathewson [Fri, 11 May 2012 21:50:30 +0000 (17:50 -0400)]
Cut down on the OS information we give.
For uname-based detection, we now give only the OS name (e.g.,
"Darwin", "Linux".) For Windows, we give only the Operating System
name as inferred from dw(Major|Minor)version, (e.g., "Windows XP",
"Windows 7"), and whether the VER_NT_SERVER flag is set.
Nick Mathewson [Thu, 10 May 2012 21:27:16 +0000 (17:27 -0400)]
Fix O(n^2) performance when parsing a big pile of extrainfos
We were doing an O(n) strlen in router_get_extrainfo_hash() for
every one we tried to parse. Instead, have
router_get_extrainfo_hash() take the length of the extrainfo as an
argument, so that when it's called from
extrainfo_parse_from_string(), it doesn't do a strlen() over the
whole pile of extrainfos.
Nick Mathewson [Mon, 7 May 2012 16:44:34 +0000 (12:44 -0400)]
Detect out-of-bounds bwweightscale values early in the voting process
If the authorities agreed on a sufficiently bad bwweightscale value
(<=0 or == INT32_MAX), the bandwidth algorithm could make the voters
assert while computing the consensus.
Nick Mathewson [Mon, 7 May 2012 16:25:59 +0000 (12:25 -0400)]
Handle out-of-range values in tor_parse_* integer functions
The underlying strtoX functions handle overflow by saturating and
setting errno to ERANGE. If the min/max arguments to the
tor_parse_* functions are equal to the minimum/maximum of the
underlying type, then with the old approach, we wouldn't treat a
too-large value as genuinely broken.
Found this while looking at bug 5786; bugfix on 19da1f36 (in Tor
0.0.9), which introduced these functions.
Nick Mathewson [Mon, 7 May 2012 15:31:08 +0000 (11:31 -0400)]
Apply a patch from Gisle Vanem to make tor-gencert build under MSVC
(Note: It makes sense to use tor-gencert on Windows for testing
purposes only. If you are a directory authority operator, and you
are contemplating running tor-gencert on a Windows box in an actual
production environment, you are probably making a mistake.)
projects / thirdparty / tor.git / log
