Skip to content

Commit

Permalink
Merge 3cda89f into 096cbfb
Browse files Browse the repository at this point in the history
  • Loading branch information
@nmathewson
nmathewson committed Nov 1, 2019
2 parents 096cbfb + 3cda89f commit 772b8a9
Show file tree
Hide file tree
Showing 26 changed files with 837 additions and 169 deletions.
10 changes: 7 additions & 3 deletions Doxyfile.in
View file
Original file line number Diff line number Diff line change
Expand Up @@ -316,7 +316,7 @@ OPTIMIZE_OUTPUT_SLICE = NO
# Note that for custom extensions you also need to set FILE_PATTERNS otherwise
# the files are not read by doxygen.

EXTENSION_MAPPING =
EXTENSION_MAPPING = inc=C

# If the MARKDOWN_SUPPORT tag is enabled then doxygen pre-processes all comments
# according to the Markdown format, which allows for more readable
Expand Down Expand Up @@ -845,7 +845,8 @@ INPUT_ENCODING = UTF-8
# *.f, *.for, *.tcl, *.vhd, *.vhdl, *.ucf, *.qsf and *.ice.

FILE_PATTERNS = *.c \
*.h
*.h \
*.inc

# The RECURSIVE tag can be used to specify whether or not subdirectories should
# be searched for input files as well.
Expand Down Expand Up @@ -2108,7 +2109,10 @@ INCLUDE_FILE_PATTERNS =

PREDEFINED = "MOCK_IMPL(a,b,c)=a b c" \
"MOCK_DECL(a,b,c)=a b c" \
__attribute__(x)=
__attribute__(x)= \
"BEGIN_CONF_STRUCT(x)=struct x {" \
"END_CONF_STRUCT(x)=};" \
"CONF_VAR(a,b,c,d)=b a;"


# If the MACRO_EXPANSION and EXPAND_ONLY_PREDEF tags are set to YES then this
Expand Down
4 changes: 4 additions & 0 deletions changes/ticket32339_relative
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
o Code simplification and refactoring:
- Instead of keeping a list of configuration options to check for
relative paths, check all the options whose type is "FILENAME".
Solves part of ticket 32339.
4 changes: 4 additions & 0 deletions changes/ticket32344
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
o Code simplification and refactoring:
- Immutability is now implemented as a flag on individual configuration
options rather than as part of the option-transition checking
code. Closes ticket 32344.
130 changes: 51 additions & 79 deletions src/app/config/config.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -273,13 +273,23 @@ DUMMY_TYPECHECK_INSTANCE(or_options_t);
#define VAR_NODUMP(varname,conftype,member,initvalue) \
CONFIG_VAR_ETYPE(or_options_t, varname, conftype, member, \
CFLG_NODUMP, initvalue)
#define VAR_NODUMP_IMMUTABLE(varname,conftype,member,initvalue) \
CONFIG_VAR_ETYPE(or_options_t, varname, conftype, member, \
CFLG_NODUMP | CFLG_IMMUTABLE, initvalue)
#define VAR_INVIS(varname,conftype,member,initvalue) \
CONFIG_VAR_ETYPE(or_options_t, varname, conftype, member, \
CFLG_NODUMP | CFLG_NOSET | CFLG_NOLIST, initvalue)

#define V(member,conftype,initvalue) \
VAR(#member, conftype, member, initvalue)

#define VAR_IMMUTABLE(varname, conftype, member, initvalue) \
CONFIG_VAR_ETYPE(or_options_t, varname, conftype, member, \
CFLG_IMMUTABLE, initvalue)

#define V_IMMUTABLE(member,conftype,initvalue) \
VAR_IMMUTABLE(#member, conftype, member, initvalue)

/** As V, but uses a type definition instead of a type enum */
#define V_D(member,type,initvalue) \
VAR_D(#member, type, member, initvalue)
Expand Down Expand Up @@ -349,7 +359,7 @@ static const config_var_t option_vars_[] = {
V(BridgeRecordUsageByCountry, BOOL, "1"),
V(BridgeRelay, BOOL, "0"),
V(BridgeDistribution, STRING, NULL),
VAR("CacheDirectory", FILENAME, CacheDirectory_option, NULL),
VAR_IMMUTABLE("CacheDirectory",FILENAME, CacheDirectory_option, NULL),
V(CacheDirectoryGroupReadable, AUTOBOOL, "auto"),
V(CellStatistics, BOOL, "0"),
V(PaddingStatistics, BOOL, "1"),
Expand Down Expand Up @@ -383,9 +393,9 @@ static const config_var_t option_vars_[] = {
V(UnixSocksGroupWritable, BOOL, "0"),
V(CookieAuthentication, BOOL, "0"),
V(CookieAuthFileGroupReadable, BOOL, "0"),
V(CookieAuthFile, STRING, NULL),
V(CookieAuthFile, FILENAME, NULL),
V(CountPrivateBandwidth, BOOL, "0"),
VAR("DataDirectory", FILENAME, DataDirectory_option, NULL),
VAR_IMMUTABLE("DataDirectory", FILENAME, DataDirectory_option, NULL),
V(DataDirectoryGroupReadable, BOOL, "0"),
V(DisableOOSCheck, BOOL, "1"),
V(DisableNetwork, BOOL, "0"),
Expand All @@ -406,8 +416,8 @@ static const config_var_t option_vars_[] = {
* an order of magnitude, so there isn't too much load shifting to
* authorities when fallbacks go down. */
V(DirAuthorityFallbackRate, DOUBLE, "0.1"),
V(DisableAllSwap, BOOL, "0"),
V(DisableDebuggerAttachment, BOOL, "1"),
V_IMMUTABLE(DisableAllSwap, BOOL, "0"),
V_IMMUTABLE(DisableDebuggerAttachment, BOOL, "1"),
OBSOLETE("DisableIOCP"),
OBSOLETE("DisableV2DirectoryInfo_"),
OBSOLETE("DynamicDHGroups"),
Expand Down Expand Up @@ -453,7 +463,7 @@ static const config_var_t option_vars_[] = {
V(ExtendAllowPrivateAddresses, BOOL, "0"),
V(ExitRelay, AUTOBOOL, "auto"),
VPORT(ExtORPort),
V(ExtORPortCookieAuthFile, STRING, NULL),
V(ExtORPortCookieAuthFile, FILENAME, NULL),
V(ExtORPortCookieAuthFileGroupReadable, BOOL, "0"),
V(ExtraInfoStatistics, BOOL, "1"),
V(ExtendByEd25519ID, AUTOBOOL, "auto"),
Expand Down Expand Up @@ -483,11 +493,8 @@ static const config_var_t option_vars_[] = {
#endif /* defined(_WIN32) */
OBSOLETE("Group"),
V(GuardLifetime, INTERVAL, "0 minutes"),
V(HardwareAccel, BOOL, "0"),
V(HeartbeatPeriod, INTERVAL, "6 hours"),
V(MainloopStats, BOOL, "0"),
V(AccelName, STRING, NULL),
V(AccelDir, FILENAME, NULL),
V(HashedControlPassword, LINELIST, NULL),
OBSOLETE("HidServDirectoryV2"),
VAR("HiddenServiceDir", LINELIST_S, RendConfigLines, NULL),
Expand All @@ -511,8 +518,8 @@ static const config_var_t option_vars_[] = {
V(ClientOnionAuthDir, FILENAME, NULL),
OBSOLETE("CloseHSClientCircuitsImmediatelyOnTimeout"),
OBSOLETE("CloseHSServiceRendCircuitsImmediatelyOnTimeout"),
V(HiddenServiceSingleHopMode, BOOL, "0"),
V(HiddenServiceNonAnonymousMode,BOOL, "0"),
V_IMMUTABLE(HiddenServiceSingleHopMode, BOOL, "0"),
V_IMMUTABLE(HiddenServiceNonAnonymousMode,BOOL, "0"),
V(HTTPProxy, STRING, NULL),
V(HTTPProxyAuthenticator, STRING, NULL),
V(HTTPSProxy, STRING, NULL),
Expand All @@ -527,18 +534,18 @@ static const config_var_t option_vars_[] = {
V(Socks5Proxy, STRING, NULL),
V(Socks5ProxyUsername, STRING, NULL),
V(Socks5ProxyPassword, STRING, NULL),
VAR("KeyDirectory", FILENAME, KeyDirectory_option, NULL),
VAR_IMMUTABLE("KeyDirectory", FILENAME, KeyDirectory_option, NULL),
V(KeyDirectoryGroupReadable, BOOL, "0"),
VAR_D("HSLayer2Nodes", ROUTERSET, HSLayer2Nodes, NULL),
VAR_D("HSLayer3Nodes", ROUTERSET, HSLayer3Nodes, NULL),
V(KeepalivePeriod, INTERVAL, "5 minutes"),
V(KeepBindCapabilities, AUTOBOOL, "auto"),
V_IMMUTABLE(KeepBindCapabilities, AUTOBOOL, "auto"),
VAR("Log", LINELIST, Logs, NULL),
V(LogMessageDomains, BOOL, "0"),
V(LogTimeGranularity, MSEC_INTERVAL, "1 second"),
V(TruncateLogFile, BOOL, "0"),
V(SyslogIdentityTag, STRING, NULL),
V(AndroidIdentityTag, STRING, NULL),
V_IMMUTABLE(SyslogIdentityTag, STRING, NULL),
V_IMMUTABLE(AndroidIdentityTag,STRING, NULL),
V(LongLivedPorts, CSV,
"21,22,706,1863,5050,5190,5222,5223,6523,6667,6697,8300"),
VAR("MapAddress", LINELIST, AddressMap, NULL),
Expand All @@ -560,7 +567,7 @@ static const config_var_t option_vars_[] = {
OBSOLETE("PredictedPortsRelevanceTime"),
OBSOLETE("WarnUnsafeSocks"),
VAR("NodeFamily", LINELIST, NodeFamilies, NULL),
V(NoExec, BOOL, "0"),
V_IMMUTABLE(NoExec, BOOL, "0"),
V(NumCPUs, POSINT, "0"),
V(NumDirectoryGuards, POSINT, "0"),
V(NumEntryGuards, POSINT, "0"),
Expand Down Expand Up @@ -591,8 +598,8 @@ static const config_var_t option_vars_[] = {
V(PathsNeededToBuildCircuits, DOUBLE, "-1"),
V(PerConnBWBurst, MEMUNIT, "0"),
V(PerConnBWRate, MEMUNIT, "0"),
V(PidFile, STRING, NULL),
V(TestingTorNetwork, BOOL, "0"),
V_IMMUTABLE(PidFile, FILENAME, NULL),
V_IMMUTABLE(TestingTorNetwork, BOOL, "0"),
V(TestingMinExitFlagThreshold, MEMUNIT, "0"),
V(TestingMinFastFlagThreshold, MEMUNIT, "0"),

Expand Down Expand Up @@ -626,17 +633,17 @@ static const config_var_t option_vars_[] = {
V(RelayBandwidthRate, MEMUNIT, "0"),
V(RendPostPeriod, INTERVAL, "1 hour"),
V(RephistTrackTime, INTERVAL, "24 hours"),
V(RunAsDaemon, BOOL, "0"),
V_IMMUTABLE(RunAsDaemon, BOOL, "0"),
V(ReducedExitPolicy, BOOL, "0"),
OBSOLETE("RunTesting"), // currently unused
V(Sandbox, BOOL, "0"),
V_IMMUTABLE(Sandbox, BOOL, "0"),
V(SafeLogging, STRING, "1"),
V(SafeSocks, BOOL, "0"),
V(ServerDNSAllowBrokenConfig, BOOL, "1"),
V(ServerDNSAllowNonRFC953Hostnames, BOOL,"0"),
V(ServerDNSDetectHijacking, BOOL, "1"),
V(ServerDNSRandomizeCase, BOOL, "1"),
V(ServerDNSResolvConfFile, STRING, NULL),
V(ServerDNSResolvConfFile, FILENAME, NULL),
V(ServerDNSSearchDomains, BOOL, "0"),
V(ServerDNSTestAddresses, CSV,
"www.google.com,www.mit.edu,www.yahoo.com,www.slashdot.org"),
Expand All @@ -657,7 +664,7 @@ static const config_var_t option_vars_[] = {
V(StrictNodes, BOOL, "0"),
OBSOLETE("Support022HiddenServices"),
V(TestSocks, BOOL, "0"),
V(TokenBucketRefillInterval, MSEC_INTERVAL, "100 msec"),
V_IMMUTABLE(TokenBucketRefillInterval, MSEC_INTERVAL, "100 msec"),
OBSOLETE("Tor2webMode"),
OBSOLETE("Tor2webRendezvousPoints"),
OBSOLETE("TLSECGroup"),
Expand All @@ -674,7 +681,7 @@ static const config_var_t option_vars_[] = {
V(UseGuardFraction, AUTOBOOL, "auto"),
V(UseMicrodescriptors, AUTOBOOL, "auto"),
OBSOLETE("UseNTorHandshake"),
V(User, STRING, NULL),
V_IMMUTABLE(User, STRING, NULL),
OBSOLETE("UserspaceIOCPBuffers"),
V(AuthDirSharedRandomness, BOOL, "1"),
V(AuthDirTestEd25519LinkKeys, BOOL, "1"),
Expand Down Expand Up @@ -702,12 +709,14 @@ static const config_var_t option_vars_[] = {
VAR_NODUMP("__ReloadTorrcOnSIGHUP", BOOL, ReloadTorrcOnSIGHUP, "1"),
VAR_NODUMP("__AllDirActionsPrivate", BOOL, AllDirActionsPrivate, "0"),
VAR_NODUMP("__DisablePredictedCircuits",BOOL,DisablePredictedCircuits, "0"),
VAR_NODUMP("__DisableSignalHandlers", BOOL, DisableSignalHandlers, "0"),
VAR_NODUMP_IMMUTABLE("__DisableSignalHandlers", BOOL,
DisableSignalHandlers, "0"),
VAR_NODUMP("__LeaveStreamsUnattached",BOOL, LeaveStreamsUnattached, "0"),
VAR_NODUMP("__HashedControlSessionPassword", LINELIST,
HashedControlSessionPassword,
NULL),
VAR_NODUMP("__OwningControllerProcess",STRING,OwningControllerProcess, NULL),
VAR_NODUMP_IMMUTABLE("__OwningControllerProcess",STRING,
OwningControllerProcess, NULL),
VAR_NODUMP("__OwningControllerFD", UINT64, OwningControllerFD,
UINT64_MAX_STRING),
V(MinUptimeHidServDirectoryV2, INTERVAL, "96 hours"),
Expand Down Expand Up @@ -917,6 +926,8 @@ get_options_mgr(void)
{
if (PREDICT_UNLIKELY(options_mgr == NULL)) {
options_mgr = config_mgr_new(&options_format);
int rv = subsystems_register_options_formats(options_mgr);
tor_assert(rv == 0);
config_mgr_freeze(options_mgr);
}
return options_mgr;
Expand Down Expand Up @@ -991,7 +1002,8 @@ set_options(or_options_t *new_val, char **msg)
global_options = old_options;
return -1;
}
if (options_act(old_options) < 0) { /* acting on the options failed. die. */
if (subsystems_set_options(get_options_mgr(), new_val) < 0 ||
options_act(old_options) < 0) { /* acting on the options failed. die. */
if (! tor_event_loop_shutdown_is_pending()) {
log_err(LD_BUG,
"Acting on config options left us in a broken state. Dying.");
Expand Down Expand Up @@ -3325,25 +3337,20 @@ warn_about_relative_paths(const or_options_t *options)
{
tor_assert(options);
int n = 0;
const config_mgr_t *mgr = get_options_mgr();

n += warn_if_option_path_is_relative("CookieAuthFile",
options->CookieAuthFile);
n += warn_if_option_path_is_relative("ExtORPortCookieAuthFile",
options->ExtORPortCookieAuthFile);
n += warn_if_option_path_is_relative("DirPortFrontPage",
options->DirPortFrontPage);
n += warn_if_option_path_is_relative("V3BandwidthsFile",
options->V3BandwidthsFile);
n += warn_if_option_path_is_relative("ControlPortWriteToFile",
options->ControlPortWriteToFile);
n += warn_if_option_path_is_relative("GeoIPFile",options->GeoIPFile);
n += warn_if_option_path_is_relative("GeoIPv6File",options->GeoIPv6File);
n += warn_if_option_path_is_relative("Log",options->DebugLogFile);
n += warn_if_option_path_is_relative("AccelDir",options->AccelDir);
n += warn_if_option_path_is_relative("DataDirectory",options->DataDirectory);
n += warn_if_option_path_is_relative("PidFile",options->PidFile);
n += warn_if_option_path_is_relative("ClientOnionAuthDir",
options->ClientOnionAuthDir);
smartlist_t *vars = config_mgr_list_vars(mgr);
SMARTLIST_FOREACH_BEGIN(vars, const config_var_t *, cv) {
config_line_t *line;
if (cv->member.type != CONFIG_TYPE_FILENAME)
continue;
const char *name = cv->member.name;
line = config_get_assigned_option(mgr, options, name, 0);
if (line)
n += warn_if_option_path_is_relative(name, line->value);
config_free_lines(line);
} SMARTLIST_FOREACH_END(cv);
smartlist_free(vars);

for (config_line_t *hs_line = options->RendConfigLines; hs_line;
hs_line = hs_line->next) {
Expand Down Expand Up @@ -4660,11 +4667,6 @@ options_validate_cb(const void *old_options_, void *options_, char **msg)
"testing Tor network!");
}

if (options->AccelName && !options->HardwareAccel)
options->HardwareAccel = 1;
if (options->AccelDir && !options->AccelName)
REJECT("Can't use hardware crypto accelerator dir without engine name.");

if (options->PublishServerDescriptor)
SMARTLIST_FOREACH(options->PublishServerDescriptor, const char *, pubdes, {
if (!strcmp(pubdes, "1") || !strcmp(pubdes, "0"))
Expand Down Expand Up @@ -4845,36 +4847,6 @@ options_check_transition_cb(const void *old_,
return -1; \
} while (0)

#define NO_CHANGE_BOOL(opt) \
if (! CFG_EQ_BOOL(old, new_val, opt)) BAD_CHANGE_TO(opt,"")
#define NO_CHANGE_INT(opt) \
if (! CFG_EQ_INT(old, new_val, opt)) BAD_CHANGE_TO(opt,"")
#define NO_CHANGE_STRING(opt) \
if (! CFG_EQ_STRING(old, new_val, opt)) BAD_CHANGE_TO(opt,"")

NO_CHANGE_STRING(PidFile);
NO_CHANGE_BOOL(RunAsDaemon);
NO_CHANGE_BOOL(Sandbox);
NO_CHANGE_STRING(DataDirectory);
NO_CHANGE_STRING(KeyDirectory);
NO_CHANGE_STRING(CacheDirectory);
NO_CHANGE_STRING(User);
NO_CHANGE_BOOL(KeepBindCapabilities);
NO_CHANGE_STRING(SyslogIdentityTag);
NO_CHANGE_STRING(AndroidIdentityTag);
NO_CHANGE_BOOL(HardwareAccel);
NO_CHANGE_STRING(AccelName);
NO_CHANGE_STRING(AccelDir);
NO_CHANGE_BOOL(TestingTorNetwork);
NO_CHANGE_BOOL(DisableAllSwap);
NO_CHANGE_INT(TokenBucketRefillInterval);
NO_CHANGE_BOOL(HiddenServiceSingleHopMode);
NO_CHANGE_BOOL(HiddenServiceNonAnonymousMode);
NO_CHANGE_BOOL(DisableDebuggerAttachment);
NO_CHANGE_BOOL(NoExec);
NO_CHANGE_INT(OwningControllerFD);
NO_CHANGE_BOOL(DisableSignalHandlers);

if (sandbox_is_active()) {
#define SB_NOCHANGE_STR(opt) \
if (! CFG_EQ_STRING(old, new_val, opt)) \
Expand Down
4 changes: 0 additions & 4 deletions src/app/config/or_options_st.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -536,12 +536,8 @@ struct or_options_t {
* protocol, is it a warn or an info in our logs? */
int TestSocks; /**< Boolean: when we get a socks connection, do we loudly
* log whether it was DNS-leaking or not? */
int HardwareAccel; /**< Boolean: Should we enable OpenSSL hardware
* acceleration where available? */
/** Token Bucket Refill resolution in milliseconds. */
int TokenBucketRefillInterval;
char *AccelName; /**< Optional hardware acceleration engine name. */
char *AccelDir; /**< Optional hardware acceleration engine search dir. */

/** Boolean: Do we try to enter from a smallish number
* of fixed nodes? */
Expand Down
7 changes: 7 additions & 0 deletions src/app/config/statefile.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,7 @@
#include "feature/relay/routermode.h"
#include "lib/sandbox/sandbox.h"
#include "app/config/statefile.h"
#include "app/main/subsysmgr.h"
#include "lib/encoding/confline.h"
#include "lib/net/resolve.h"
#include "lib/version/torversion.h"
Expand Down Expand Up @@ -179,6 +180,8 @@ get_state_mgr(void)
{
if (PREDICT_UNLIKELY(state_mgr == NULL)) {
state_mgr = config_mgr_new(&state_format);
int rv = subsystems_register_state_formats(state_mgr);
tor_assert(rv == 0);
config_mgr_freeze(state_mgr);
}
return state_mgr;
Expand Down Expand Up @@ -312,6 +315,9 @@ or_state_set(or_state_t *new_state)
tor_assert(new_state);
config_free(get_state_mgr(), global_state);
global_state = new_state;
if (subsystems_set_state(get_state_mgr(), global_state) < 0) {
ret = -1;
}
if (entry_guards_parse_state(global_state, 1, &err)<0) {
log_warn(LD_GENERAL,"%s",err);
tor_free(err);
Expand Down Expand Up @@ -515,6 +521,7 @@ or_state_save(time_t now)

/* Call everything else that might dirty the state even more, in order
* to avoid redundant writes. */
(void) subsystems_flush_state(get_state_mgr(), global_state);
entry_guards_update_state(global_state);
rep_hist_update_state(global_state);
circuit_build_times_update_state(get_circuit_build_times(), global_state);
Expand Down

0 comments on commit 772b8a9

Please sign in to comment.