From bf8cc22ed44f2ec53151755e6927238cfaaaee1b Mon Sep 17 00:00:00 2001 From: +flatcloud0b3 Date: Tue, 3 Aug 2021 14:19:27 +0200 Subject: [PATCH] upgrade to v0.4.6.6 --- ChangeLog | 19 +++++++++++++++++++ README | 9 --------- ReleaseNotes | 19 +++++++++++++++++++ configure | 22 +++++++++++----------- configure.ac | 4 ++-- contrib/win32build/tor-mingw.nsi.in | 2 +- orconfig.h.in | 2 +- src/feature/dirclient/dirclient.c | 3 +-- src/lib/crypt_ops/crypto_dh_nss.c | 2 ++ src/lib/crypt_ops/crypto_rand.c | 2 ++ src/lib/crypt_ops/crypto_rsa_nss.c | 2 ++ src/lib/crypt_ops/crypto_s2k.c | 2 ++ src/lib/tls/x509_nss.c | 2 ++ src/test/test_address_set.c | 13 +++++++++++++ src/win32/orconfig.h | 2 +- 15 files changed, 78 insertions(+), 27 deletions(-) diff --git a/ChangeLog b/ChangeLog index 39f668a..cbe8f2c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,22 @@ +Changes in version 0.4.6.6 - 2021-06-30 + Tor 0.4.6.6 makes several small fixes on 0.4.6.5, including one that + allows Tor to build correctly on older versions of GCC. You should + upgrade to this version if you were having trouble building Tor + 0.4.6.5; otherwise, there is probably no need. + + o Minor bugfixes (compilation): + - Fix a compilation error when trying to build Tor with a compiler + that does not support const variables in static initializers. + Fixes bug 40410; bugfix on 0.4.6.5. + - Suppress a strict-prototype warning when building with some + versions of NSS. Fixes bug 40409; bugfix on 0.3.5.1-alpha. + + o Minor bugfixes (testing): + - Enable the deterministic RNG for unit tests that covers the + address set bloomfilter-based API's. Fixes bug 40419; bugfix + on 0.3.3.2-alpha. + + Changes in version 0.4.6.5 - 2021-06-14 Tor 0.4.6.5 is the first stable release in its series. The 0.4.6.x series includes numerous features and bugfixes, including a significant diff --git a/README b/README index c0929c7..397f6b9 100644 --- a/README +++ b/README @@ -4,37 +4,28 @@ is reasonably secure, but please ensure you read the instructions and configure it properly. To build Tor from source: - ./configure && make && make install To build Tor from a just-cloned git repository: - sh autogen.sh && ./configure && make && make install Home page: - https://www.torproject.org/ Download new versions: - https://www.torproject.org/download/download.html Documentation, including links to installation and setup instructions: - https://www.torproject.org/docs/documentation.html Making applications work with Tor: - https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorifyHOWTO Frequently Asked Questions: - https://www.torproject.org/docs/faq.html Release timeline: - https://gitlab.torproject.org/tpo/core/team/-/wikis/NetworkTeam/CoreTorReleases To get started working on Tor development: - See the doc/HACKING directory. diff --git a/ReleaseNotes b/ReleaseNotes index c273ee4..4d7b685 100644 --- a/ReleaseNotes +++ b/ReleaseNotes @@ -2,6 +2,25 @@ This document summarizes new features and bugfixes in each stable release of Tor. If you want to see more detailed descriptions of the changes in each development snapshot, see the ChangeLog file. +Changes in version 0.4.6.6 - 2021-06-30 + Tor 0.4.6.6 makes several small fixes on 0.4.6.5, including one that + allows Tor to build correctly on older versions of GCC. You should + upgrade to this version if you were having trouble building Tor + 0.4.6.5; otherwise, there is probably no need. + + o Minor bugfixes (compilation): + - Fix a compilation error when trying to build Tor with a compiler + that does not support const variables in static initializers. + Fixes bug 40410; bugfix on 0.4.6.5. + - Suppress a strict-prototype warning when building with some + versions of NSS. Fixes bug 40409; bugfix on 0.3.5.1-alpha. + + o Minor bugfixes (testing): + - Enable the deterministic RNG for unit tests that covers the + address set bloomfilter-based API's. Fixes bug 40419; bugfix + on 0.3.3.2-alpha. + + Changes in version 0.4.6.5 - 2021-06-14 Tor 0.4.6.5 is the first stable release in its series. The 0.4.6.x series includes numerous features and bugfixes, including a significant diff --git a/configure b/configure index 895e25d..30e7ff0 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for tor 0.4.6.5. +# Generated by GNU Autoconf 2.69 for tor 0.4.6.6. # # # Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. @@ -577,8 +577,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='tor' PACKAGE_TARNAME='tor' -PACKAGE_VERSION='0.4.6.5' -PACKAGE_STRING='tor 0.4.6.5' +PACKAGE_VERSION='0.4.6.6' +PACKAGE_STRING='tor 0.4.6.6' PACKAGE_BUGREPORT='' PACKAGE_URL='' @@ -1498,7 +1498,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures tor 0.4.6.5 to adapt to many kinds of systems. +\`configure' configures tor 0.4.6.6 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1569,7 +1569,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of tor 0.4.6.5:";; + short | recursive ) echo "Configuration of tor 0.4.6.6:";; esac cat <<\_ACEOF @@ -1796,7 +1796,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -tor configure 0.4.6.5 +tor configure 0.4.6.6 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -2501,7 +2501,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by tor $as_me 0.4.6.5, which was +It was created by tor $as_me 0.4.6.6, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -2867,7 +2867,7 @@ _ACEOF # only shuts down for missing "required protocols" when those protocols # are listed as required by a consensus after this date. -$as_echo "#define APPROX_RELEASE_DATE \"2021-06-07\"" >>confdefs.h +$as_echo "#define APPROX_RELEASE_DATE \"2021-06-30\"" >>confdefs.h # "foreign" means we don't follow GNU package layout standards @@ -3388,7 +3388,7 @@ fi # Define the identity of the package. PACKAGE='tor' - VERSION='0.4.6.5' + VERSION='0.4.6.6' cat >>confdefs.h <<_ACEOF @@ -29877,7 +29877,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by tor $as_me 0.4.6.5, which was +This file was extended by tor $as_me 0.4.6.6, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -29943,7 +29943,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -tor config.status 0.4.6.5 +tor config.status 0.4.6.6 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff --git a/configure.ac b/configure.ac index 016b666..7dcbdde 100644 --- a/configure.ac +++ b/configure.ac @@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2019, The Tor Project, Inc. dnl See LICENSE for licensing information AC_PREREQ([2.63]) -AC_INIT([tor],[0.4.6.5]) +AC_INIT([tor],[0.4.6.6]) AC_CONFIG_SRCDIR([src/app/main/tor_main.c]) AC_CONFIG_MACRO_DIR([m4]) @@ -18,7 +18,7 @@ AC_DEFINE_UNQUOTED([CONFIG_FLAGS], ["$configure_flags"], [Flags passed to config # version number changes. Tor uses it to make sure that it # only shuts down for missing "required protocols" when those protocols # are listed as required by a consensus after this date. -AC_DEFINE(APPROX_RELEASE_DATE, ["2021-06-07"], # for 0.4.6.5 +AC_DEFINE(APPROX_RELEASE_DATE, ["2021-06-30"], # for 0.4.6.6 [Approximate date when this software was released. (Updated when the version changes.)]) # "foreign" means we don't follow GNU package layout standards diff --git a/contrib/win32build/tor-mingw.nsi.in b/contrib/win32build/tor-mingw.nsi.in index 062333e..9728648 100644 --- a/contrib/win32build/tor-mingw.nsi.in +++ b/contrib/win32build/tor-mingw.nsi.in @@ -8,7 +8,7 @@ !include "LogicLib.nsh" !include "FileFunc.nsh" !insertmacro GetParameters -!define VERSION "0.4.6.5" +!define VERSION "0.4.6.6" !define INSTALLER "tor-${VERSION}-win32.exe" !define WEBSITE "https://www.torproject.org/" !define LICENSE "LICENSE" diff --git a/orconfig.h.in b/orconfig.h.in index 1c2b388..f8545f0 100644 --- a/orconfig.h.in +++ b/orconfig.h.in @@ -6,7 +6,7 @@ /* All assert failures are fatal */ #undef ALL_BUGS_ARE_FATAL -/* # for 0.4.6.5 Approximate date when this software was released. (Updated +/* # for 0.4.6.6 Approximate date when this software was released. (Updated when the version changes.) */ #undef APPROX_RELEASE_DATE diff --git a/src/feature/dirclient/dirclient.c b/src/feature/dirclient/dirclient.c index 79ec518..fd677d3 100644 --- a/src/feature/dirclient/dirclient.c +++ b/src/feature/dirclient/dirclient.c @@ -1873,8 +1873,7 @@ dir_client_decompress_response_body(char **bodyp, size_t *bodylenp, /* If we're pretty sure that we have a compressed directory, and * we didn't manage to uncompress it, then warn and bail. */ if (!plausible && !new_body) { - const int LOG_INTERVAL = 3600; - static ratelim_t warning_limit = RATELIM_INIT(LOG_INTERVAL); + static ratelim_t warning_limit = RATELIM_INIT(60 * 60); log_fn_ratelim(&warning_limit, LOG_WARN, LD_HTTP, "Unable to decompress HTTP body (tried %s%s%s, on %s).", description1, diff --git a/src/lib/crypt_ops/crypto_dh_nss.c b/src/lib/crypt_ops/crypto_dh_nss.c index 793a774..e0bed5c 100644 --- a/src/lib/crypt_ops/crypto_dh_nss.c +++ b/src/lib/crypt_ops/crypto_dh_nss.c @@ -17,9 +17,11 @@ #include "lib/log/util_bug.h" #include "lib/malloc/malloc.h" +DISABLE_GCC_WARNING("-Wstrict-prototypes") #include #include #include +ENABLE_GCC_WARNING("-Wstrict-prototypes") static int dh_initialized = 0; static SECKEYDHParams tls_dh_param, circuit_dh_param; diff --git a/src/lib/crypt_ops/crypto_rand.c b/src/lib/crypt_ops/crypto_rand.c index 83b709c..5bf3a65 100644 --- a/src/lib/crypt_ops/crypto_rand.c +++ b/src/lib/crypt_ops/crypto_rand.c @@ -50,9 +50,11 @@ ENABLE_GCC_WARNING("-Wredundant-decls") #endif /* defined(ENABLE_OPENSSL) */ #ifdef ENABLE_NSS +DISABLE_GCC_WARNING("-Wstrict-prototypes") #include #include #include +ENABLE_GCC_WARNING("-Wstrict-prototypes") #endif #if __GNUC__ && GCC_VERSION >= 402 diff --git a/src/lib/crypt_ops/crypto_rsa_nss.c b/src/lib/crypt_ops/crypto_rsa_nss.c index 932e9b8..bda35ec 100644 --- a/src/lib/crypt_ops/crypto_rsa_nss.c +++ b/src/lib/crypt_ops/crypto_rsa_nss.c @@ -23,9 +23,11 @@ #include +DISABLE_GCC_WARNING("-Wstrict-prototypes") #include #include #include +ENABLE_GCC_WARNING("-Wstrict-prototypes") #ifdef ENABLE_OPENSSL #include diff --git a/src/lib/crypt_ops/crypto_s2k.c b/src/lib/crypt_ops/crypto_s2k.c index de42efe..ae781f2 100644 --- a/src/lib/crypt_ops/crypto_s2k.c +++ b/src/lib/crypt_ops/crypto_s2k.c @@ -26,7 +26,9 @@ #include #endif #ifdef ENABLE_NSS +DISABLE_GCC_WARNING("-Wstrict-prototypes") #include +ENABLE_GCC_WARNING("-Wstrict-prototypes") #endif #if defined(HAVE_LIBSCRYPT_H) && defined(HAVE_LIBSCRYPT_SCRYPT) diff --git a/src/lib/tls/x509_nss.c b/src/lib/tls/x509_nss.c index f29f946..1034d1c 100644 --- a/src/lib/tls/x509_nss.c +++ b/src/lib/tls/x509_nss.c @@ -20,11 +20,13 @@ #include "lib/encoding/time_fmt.h" #include "lib/string/printf.h" +DISABLE_GCC_WARNING("-Wstrict-prototypes") #include #include #include #include #include +ENABLE_GCC_WARNING("-Wstrict-prototypes") /* Units of PRTime per second. * diff --git a/src/test/test_address_set.c b/src/test/test_address_set.c index 1aacc58..6860906 100644 --- a/src/test/test_address_set.c +++ b/src/test/test_address_set.c @@ -17,6 +17,7 @@ #include "feature/nodelist/routerstatus_st.h" #include "test/test.h" +#include "test/rng_test_helpers.h" static networkstatus_t *dummy_ns = NULL; static networkstatus_t * @@ -62,6 +63,10 @@ test_contains(void *arg) tor_addr_parse(&addr_v4, "42.42.42.42"); uint32_t ipv4h = tor_addr_to_ipv4h(&addr_v4); + /* Use our deterministic RNG since the address set uses a bloom filter + * internally. */ + testing_enable_deterministic_rng(); + /* Make it very big so the chance of failing the contain test will be * extremely rare. */ set = address_set_new(1024); @@ -89,6 +94,8 @@ test_contains(void *arg) done: address_set_free(set); + + testing_disable_deterministic_rng(); } static void @@ -108,6 +115,10 @@ test_nodelist(void *arg) MOCK(dirlist_add_trusted_dir_addresses, mock_dirlist_add_trusted_dir_addresses); + /* Use our deterministic RNG since the address set, used for + * nodelist_probably_contains_address() uses a bloom filter internally. */ + testing_enable_deterministic_rng(); + dummy_ns = tor_malloc_zero(sizeof(*dummy_ns)); dummy_ns->flavor = FLAV_MICRODESC; dummy_ns->routerstatus_list = smartlist_new(); @@ -179,6 +190,8 @@ test_nodelist(void *arg) UNMOCK(networkstatus_get_latest_consensus_by_flavor); UNMOCK(get_estimated_address_per_node); UNMOCK(dirlist_add_trusted_dir_addresses); + + testing_disable_deterministic_rng(); } /** Test that the no-reentry exit filter works as intended */ diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h index 8443e04..f18b7a5 100644 --- a/src/win32/orconfig.h +++ b/src/win32/orconfig.h @@ -217,7 +217,7 @@ #define USING_TWOS_COMPLEMENT /* Version number of package */ -#define VERSION "0.4.6.5" +#define VERSION "0.4.6.6" #define HAVE_STRUCT_SOCKADDR_IN6 #define HAVE_STRUCT_IN6_ADDR