June 2016 - tor-commits - lists.torproject.org

[torsocks/master] Add freebsd to the libc detection in configure.ac
by dgoulet＠torproject.org 13 Jun '16

13 Jun '16

commit c9d8a947d3ab19376338a3bc61f1b46bec64194a Author: David Goulet <dgoulet(a)ev0ke.net> Date: Mon Jun 13 16:22:12 2016 -0400 Add freebsd to the libc detection in configure.ac Apparently, this works on FreeBSD. Sorry if I broke it for anyone out there. Signed-off-by: David Goulet <dgoulet(a)ev0ke.net> --- configure.ac | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configure.ac b/configure.ac index 7e442f7..544f2d6 100644 --- a/… [View More]

1 0

[torsocks/master] Avoid signed/unsigned comparison. Assert bound on size.
by dgoulet＠torproject.org 13 Jun '16

13 Jun '16

commit 1e6d4cf8965f696e5d8111379ef56ce7ad8497cf Author: Taylor R Campbell <campbell+torsocks(a)mumble.net> Date: Tue Jun 16 20:25:59 2015 +0000 Avoid signed/unsigned comparison. Assert bound on size. --- src/common/utils.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/common/utils.c b/src/common/utils.c index 377dcae..95ec803 100644 --- a/src/common/utils.c +++ b/src/common/utils.c @@ -22,6 +22,7 @@ #include <sys/socket.h> #include <assert.h… [View More]

1 0

[torsocks/master] Switch from Perl to automake tap. No more run-time Perl needed.
by dgoulet＠torproject.org 13 Jun '16

13 Jun '16

commit e124961ba739861351e3e674f29798a43e4cd734 Author: Taylor R Campbell <campbell+torsocks(a)mumble.net> Date: Wed Jun 17 17:12:27 2015 +0000 Switch from Perl to automake tap. No more run-time Perl needed. --- .gitignore | 5 + tests/Makefile.am | 31 +-- tests/run.sh | 21 -- tests/tap-driver.sh | 651 +++++++++++++++++++++++++++++++++++++++++++++++++ tests/test_list | 11 - tests/unit/Makefile.am | 12 + 6 files changed, 679 … [View More]insertions(+), 52 deletions(-) diff --git a/.gitignore b/.gitignore index 9eebfbc..89ed3e9 100644 --- a/.gitignore +++ b/.gitignore @@ -55,3 +55,8 @@ tests/unit/test_utils tests/unit/test_config-file tests/unit/test_socks5 tests/unit/test_compat + +tests/*.log +tests/*.trs +tests/unit/*.log +tests/unit/*.trs diff --git a/tests/Makefile.am b/tests/Makefile.am index 27214f8..a1ee8b1 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -1,5 +1,16 @@ SUBDIRS = utils unit +TESTS = \ + test_connect \ + test_dns \ + test_fd_passing \ + test_getpeername \ + test_socket \ + # end of TESTS + +TAP_DRIVER = $(top_srcdir)/tests/tap-driver.sh +TEST_LOG_DRIVER = env AM_TAP_AWK='$(AWK)' $(SHELL) $(TAP_DRIVER) + AM_CFLAGS = -I$(top_srcdir)/include -I$(top_srcdir)/src -I$(top_srcdir)/tests/utils/ -I$(srcdir) LIBTAP=$(top_builddir)/tests/utils/tap/libtap.la @@ -22,23 +33,3 @@ test_fd_passing_LDADD = $(LIBTAP) $(LIBTORSOCKS) -lpthread test_getpeername_SOURCES = test_getpeername.c test_getpeername_LDADD = $(LIBTAP) $(LIBTORSOCKS) - -check-am: - ./run.sh test_list - -dist_noinst_SCRIPTS = test_list run.sh -EXTRA_DIST = run.sh test_list - -all-local: - @if [ x"$(srcdir)" != x"$(builddir)" ]; then \ - for script in $(EXTRA_DIST); do \ - cp -f $(srcdir)/$$script $(builddir); \ - done; \ - fi - -clean-local: - @if [ x"$(srcdir)" != x"$(builddir)" ]; then \ - for script in $(EXTRA_DIST); do \ - rm -f $(builddir)/$$script; \ - done; \ - fi diff --git a/tests/run.sh b/tests/run.sh deleted file mode 100755 index 07d446f..0000000 --- a/tests/run.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash -# -# Copyright (C) 2013 - Christian Babeux <christian.babeux(a)efficios.com> -# -# This program is free software; you can redistribute it and/or modify it under -# the terms of the GNU General Public License as published by the Free Software -# Foundation; only version 2 of the License. -# -# This program is distributed in the hope that it will be useful, but WITHOUT -# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS -# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more -# details. -# -# You should have received a copy of the GNU General Public License along with -# this program; if not, write to the Free Software Foundation, Inc., 59 Temple -# Place - Suite 330, Boston, MA 02111-1307, USA. -# - -[ -z "$1" ] && echo "Error: No testlist. Please specify a testlist to run." && exit 1 - -prove --merge --exec '' - < $1 diff --git a/tests/tap-driver.sh b/tests/tap-driver.sh new file mode 100755 index 0000000..4254e2b --- /dev/null +++ b/tests/tap-driver.sh @@ -0,0 +1,651 @@ +#! /bin/sh +# Copyright (C) 2011-2014 Free Software Foundation, Inc. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2, or (at your option) +# any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + +# This file is maintained in Automake, please report +# bugs to <bug-automake(a)gnu.org> or send patches to +# <automake-patches(a)gnu.org>. + +scriptversion=2013-12-23.17; # UTC + +# Make unconditional expansion of undefined variables an error. This +# helps a lot in preventing typo-related bugs. +set -u + +me=tap-driver.sh + +fatal () +{ + echo "$me: fatal: $*" >&2 + exit 1 +} + +usage_error () +{ + echo "$me: $*" >&2 + print_usage >&2 + exit 2 +} + +print_usage () +{ + cat <<END +Usage: + tap-driver.sh --test-name=NAME --log-file=PATH --trs-file=PATH + [--expect-failure={yes|no}] [--color-tests={yes|no}] + [--enable-hard-errors={yes|no}] [--ignore-exit] + [--diagnostic-string=STRING] [--merge|--no-merge] + [--comments|--no-comments] [--] TEST-COMMAND +The '--test-name', '-log-file' and '--trs-file' options are mandatory. +END +} + +# TODO: better error handling in option parsing (in particular, ensure +# TODO: $log_file, $trs_file and $test_name are defined). +test_name= # Used for reporting. +log_file= # Where to save the result and output of the test script. +trs_file= # Where to save the metadata of the test run. +expect_failure=0 +color_tests=0 +merge=0 +ignore_exit=0 +comments=0 +diag_string='#' +while test $# -gt 0; do + case $1 in + --help) print_usage; exit $?;; + --version) echo "$me $scriptversion"; exit $?;; + --test-name) test_name=$2; shift;; + --log-file) log_file=$2; shift;; + --trs-file) trs_file=$2; shift;; + --color-tests) color_tests=$2; shift;; + --expect-failure) expect_failure=$2; shift;; + --enable-hard-errors) shift;; # No-op. + --merge) merge=1;; + --no-merge) merge=0;; + --ignore-exit) ignore_exit=1;; + --comments) comments=1;; + --no-comments) comments=0;; + --diagnostic-string) diag_string=$2; shift;; + --) shift; break;; + -*) usage_error "invalid option: '$1'";; + esac + shift +done + +test $# -gt 0 || usage_error "missing test command" + +case $expect_failure in + yes) expect_failure=1;; + *) expect_failure=0;; +esac + +if test $color_tests = yes; then + init_colors=' + color_map["red"]="[0;31m" # Red. + color_map["grn"]="[0;32m" # Green. + color_map["lgn"]="[1;32m" # Light green. + color_map["blu"]="[1;34m" # Blue. + color_map["mgn"]="[0;35m" # Magenta. + color_map["std"]="[m" # No color. + color_for_result["ERROR"] = "mgn" + color_for_result["PASS"] = "grn" + color_for_result["XPASS"] = "red" + color_for_result["FAIL"] = "red" + color_for_result["XFAIL"] = "lgn" + color_for_result["SKIP"] = "blu"' +else + init_colors='' +fi + +# :; is there to work around a bug in bash 3.2 (and earlier) which +# does not always set '$?' properly on redirection failure. +# See the Autoconf manual for more details. +:;{ + ( + # Ignore common signals (in this subshell only!), to avoid potential + # problems with Korn shells. Some Korn shells are known to propagate + # to themselves signals that have killed a child process they were + # waiting for; this is done at least for SIGINT (and usually only for + # it, in truth). Without the `trap' below, such a behaviour could + # cause a premature exit in the current subshell, e.g., in case the + # test command it runs gets terminated by a SIGINT. Thus, the awk + # script we are piping into would never seen the exit status it + # expects on its last input line (which is displayed below by the + # last `echo $?' statement), and would thus die reporting an internal + # error. + # For more information, see the Autoconf manual and the threads: + # <http://lists.gnu.org/archive/html/bug-autoconf/2011-09/msg00004.html> + # <http://mail.opensolaris.org/pipermail/ksh93-integration-discuss/2009-Februa…> + trap : 1 3 2 13 15 + if test $merge -gt 0; then + exec 2>&1 + else + exec 2>&3 + fi + "$@" + echo $? + ) | LC_ALL=C ${AM_TAP_AWK-awk} \ + -v me="$me" \ + -v test_script_name="$test_name" \ + -v log_file="$log_file" \ + -v trs_file="$trs_file" \ + -v expect_failure="$expect_failure" \ + -v merge="$merge" \ + -v ignore_exit="$ignore_exit" \ + -v comments="$comments" \ + -v diag_string="$diag_string" \ +' +# TODO: the usages of "cat >&3" below could be optimized when using +# GNU awk, and/on on systems that supports /dev/fd/. + +# Implementation note: in what follows, `result_obj` will be an +# associative array that (partly) simulates a TAP result object +# from the `TAP::Parser` perl module. + +## ----------- ## +## FUNCTIONS ## +## ----------- ## + +function fatal(msg) +{ + print me ": " msg | "cat >&2" + exit 1 +} + +function abort(where) +{ + fatal("internal error " where) +} + +# Convert a boolean to a "yes"/"no" string. +function yn(bool) +{ + return bool ? "yes" : "no"; +} + +function add_test_result(result) +{ + if (!test_results_index) + test_results_index = 0 + test_results_list[test_results_index] = result + test_results_index += 1 + test_results_seen[result] = 1; +} + +# Whether the test script should be re-run by "make recheck". +function must_recheck() +{ + for (k in test_results_seen) + if (k != "XFAIL" && k != "PASS" && k != "SKIP") + return 1 + return 0 +} + +# Whether the content of the log file associated to this test should +# be copied into the "global" test-suite.log. +function copy_in_global_log() +{ + for (k in test_results_seen) + if (k != "PASS") + return 1 + return 0 +} + +function get_global_test_result() +{ + if ("ERROR" in test_results_seen) + return "ERROR" + if ("FAIL" in test_results_seen || "XPASS" in test_results_seen) + return "FAIL" + all_skipped = 1 + for (k in test_results_seen) + if (k != "SKIP") + all_skipped = 0 + if (all_skipped) + return "SKIP" + return "PASS"; +} + +function stringify_result_obj(result_obj) +{ + if (result_obj["is_unplanned"] || result_obj["number"] != testno) + return "ERROR" + + if (plan_seen == LATE_PLAN) + return "ERROR" + + if (result_obj["directive"] == "TODO") + return result_obj["is_ok"] ? "XPASS" : "XFAIL" + + if (result_obj["directive"] == "SKIP") + return result_obj["is_ok"] ? "SKIP" : COOKED_FAIL; + + if (length(result_obj["directive"])) + abort("in function stringify_result_obj()") + + return result_obj["is_ok"] ? COOKED_PASS : COOKED_FAIL +} + +function decorate_result(result) +{ + color_name = color_for_result[result] + if (color_name) + return color_map[color_name] "" result "" color_map["std"] + # If we are not using colorized output, or if we do not know how + # to colorize the given result, we should return it unchanged. + return result +} + +function report(result, details) +{ + if (result ~ /^(X?(PASS|FAIL)|SKIP|ERROR)/) + { + msg = ": " test_script_name + add_test_result(result) + } + else if (result == "#") + { + msg = " " test_script_name ":" + } + else + { + abort("in function report()") + } + if (length(details)) + msg = msg " " details + # Output on console might be colorized. + print decorate_result(result) msg + # Log the result in the log file too, to help debugging (this is + # especially true when said result is a TAP error or "Bail out!"). + print result msg | "cat >&3"; +} + +function testsuite_error(error_message) +{ + report("ERROR", "- " error_message) +} + +function handle_tap_result() +{ + details = result_obj["number"]; + if (length(result_obj["description"])) + details = details " " result_obj["description"] + + if (plan_seen == LATE_PLAN) + { + details = details " # AFTER LATE PLAN"; + } + else if (result_obj["is_unplanned"]) + { + details = details " # UNPLANNED"; + } + else if (result_obj["number"] != testno) + { + details = sprintf("%s # OUT-OF-ORDER (expecting %d)", + details, testno); + } + else if (result_obj["directive"]) + { + details = details " # " result_obj["directive"]; + if (length(result_obj["explanation"])) + details = details " " result_obj["explanation"] + } + + report(stringify_result_obj(result_obj), details) +} + +# `skip_reason` should be empty whenever planned > 0. +function handle_tap_plan(planned, skip_reason) +{ + planned += 0 # Avoid getting confused if, say, `planned` is "00" + if (length(skip_reason) && planned > 0) + abort("in function handle_tap_plan()") + if (plan_seen) + { + # Error, only one plan per stream is acceptable. + testsuite_error("multiple test plans") + return; + } + planned_tests = planned + # The TAP plan can come before or after *all* the TAP results; we speak + # respectively of an "early" or a "late" plan. If we see the plan line + # after at least one TAP result has been seen, assume we have a late + # plan; in this case, any further test result seen after the plan will + # be flagged as an error. + plan_seen = (testno >= 1 ? LATE_PLAN : EARLY_PLAN) + # If testno > 0, we have an error ("too many tests run") that will be + # automatically dealt with later, so do not worry about it here. If + # $plan_seen is true, we have an error due to a repeated plan, and that + # has already been dealt with above. Otherwise, we have a valid "plan + # with SKIP" specification, and should report it as a particular kind + # of SKIP result. + if (planned == 0 && testno == 0) + { + if (length(skip_reason)) + skip_reason = "- " skip_reason; + report("SKIP", skip_reason); + } +} + +function extract_tap_comment(line) +{ + if (index(line, diag_string) == 1) + { + # Strip leading `diag_string` from `line`. + line = substr(line, length(diag_string) + 1) + # And strip any leading and trailing whitespace left. + sub("^[ \t]*", "", line) + sub("[ \t]*$", "", line) + # Return what is left (if any). + return line; + } + return ""; +} + +# When this function is called, we know that line is a TAP result line, +# so that it matches the (perl) RE "^(not )?ok\b". +function setup_result_obj(line) +{ + # Get the result, and remove it from the line. + result_obj["is_ok"] = (substr(line, 1, 2) == "ok" ? 1 : 0) + sub("^(not )?ok[ \t]*", "", line) + + # If the result has an explicit number, get it and strip it; otherwise, + # automatically assing the next progresive number to it. + if (line ~ /^[0-9]+$/ || line ~ /^[0-9]+[^a-zA-Z0-9_]/) + { + match(line, "^[0-9]+") + # The final `+ 0` is to normalize numbers with leading zeros. + result_obj["number"] = substr(line, 1, RLENGTH) + 0 + line = substr(line, RLENGTH + 1) + } + else + { + result_obj["number"] = testno + } + + if (plan_seen == LATE_PLAN) + # No further test results are acceptable after a "late" TAP plan + # has been seen. + result_obj["is_unplanned"] = 1 + else if (plan_seen && testno > planned_tests) + result_obj["is_unplanned"] = 1 + else + result_obj["is_unplanned"] = 0 + + # Strip trailing and leading whitespace. + sub("^[ \t]*", "", line) + sub("[ \t]*$", "", line) + + # This will have to be corrected if we have a "TODO"/"SKIP" directive. + result_obj["description"] = line + result_obj["directive"] = "" + result_obj["explanation"] = "" + + if (index(line, "#") == 0) + return # No possible directive, nothing more to do. + + # Directives are case-insensitive. + rx = "[ \t]*#[ \t]*([tT][oO][dD][oO]|[sS][kK][iI][pP])[ \t]*" + + # See whether we have the directive, and if yes, where. + pos = match(line, rx "$") + if (!pos) + pos = match(line, rx "[^a-zA-Z0-9_]") + + # If there was no TAP directive, we have nothing more to do. + if (!pos) + return + + # Let`s now see if the TAP directive has been escaped. For example: + # escaped: ok \# SKIP + # not escaped: ok \\# SKIP + # escaped: ok \\\\\# SKIP + # not escaped: ok \ # SKIP + if (substr(line, pos, 1) == "#") + { + bslash_count = 0 + for (i = pos; i > 1 && substr(line, i - 1, 1) == "\\"; i--) + bslash_count += 1 + if (bslash_count % 2) + return # Directive was escaped. + } + + # Strip the directive and its explanation (if any) from the test + # description. + result_obj["description"] = substr(line, 1, pos - 1) + # Now remove the test description from the line, that has been dealt + # with already. + line = substr(line, pos) + # Strip the directive, and save its value (normalized to upper case). + sub("^[ \t]*#[ \t]*", "", line) + result_obj["directive"] = toupper(substr(line, 1, 4)) + line = substr(line, 5) + # Now get the explanation for the directive (if any), with leading + # and trailing whitespace removed. + sub("^[ \t]*", "", line) + sub("[ \t]*$", "", line) + result_obj["explanation"] = line +} + +function get_test_exit_message(status) +{ + if (status == 0) + return "" + if (status !~ /^[1-9][0-9]*$/) + abort("getting exit status") + if (status < 127) + exit_details = "" + else if (status == 127) + exit_details = " (command not found?)" + else if (status >= 128 && status <= 255) + exit_details = sprintf(" (terminated by signal %d?)", status - 128) + else if (status > 256 && status <= 384) + # We used to report an "abnormal termination" here, but some Korn + # shells, when a child process die due to signal number n, can leave + # in $? an exit status of 256+n instead of the more standard 128+n. + # Apparently, both behaviours are allowed by POSIX (2008), so be + # prepared to handle them both. See also Austing Group report ID + # 0000051 <http://www.austingroupbugs.net/view.php?id=51> + exit_details = sprintf(" (terminated by signal %d?)", status - 256) + else + # Never seen in practice. + exit_details = " (abnormal termination)" + return sprintf("exited with status %d%s", status, exit_details) +} + +function write_test_results() +{ + print ":global-test-result: " get_global_test_result() > trs_file + print ":recheck: " yn(must_recheck()) > trs_file + print ":copy-in-global-log: " yn(copy_in_global_log()) > trs_file + for (i = 0; i < test_results_index; i += 1) + print ":test-result: " test_results_list[i] > trs_file + close(trs_file); +} + +BEGIN { + +## ------- ## +## SETUP ## +## ------- ## + +'"$init_colors"' + +# Properly initialized once the TAP plan is seen. +planned_tests = 0 + +COOKED_PASS = expect_failure ? "XPASS": "PASS"; +COOKED_FAIL = expect_failure ? "XFAIL": "FAIL"; + +# Enumeration-like constants to remember which kind of plan (if any) +# has been seen. It is important that NO_PLAN evaluates "false" as +# a boolean. +NO_PLAN = 0 +EARLY_PLAN = 1 +LATE_PLAN = 2 + +testno = 0 # Number of test results seen so far. +bailed_out = 0 # Whether a "Bail out!" directive has been seen. + +# Whether the TAP plan has been seen or not, and if yes, which kind +# it is ("early" is seen before any test result, "late" otherwise). +plan_seen = NO_PLAN + +## --------- ## +## PARSING ## +## --------- ## + +is_first_read = 1 + +while (1) + { + # Involutions required so that we are able to read the exit status + # from the last input line. + st = getline + if (st < 0) # I/O error. + fatal("I/O error while reading from input stream") + else if (st == 0) # End-of-input + { + if (is_first_read) + abort("in input loop: only one input line") + break + } + if (is_first_read) + { + is_first_read = 0 + nextline = $0 + continue + } + else + { + curline = nextline + nextline = $0 + $0 = curline + } + # Copy any input line verbatim into the log file. + print | "cat >&3" + # Parsing of TAP input should stop after a "Bail out!" directive. + if (bailed_out) + continue + + # TAP test result. + if ($0 ~ /^(not )?ok$/ || $0 ~ /^(not )?ok[^a-zA-Z0-9_]/) + { + testno += 1 + setup_result_obj($0) + handle_tap_result() + } + # TAP plan (normal or "SKIP" without explanation). + else if ($0 ~ /^1\.\.[0-9]+[ \t]*$/) + { + # The next two lines will put the number of planned tests in $0. + sub("^1\\.\\.", "") + sub("[^0-9]*$", "") + handle_tap_plan($0, "") + continue + } + # TAP "SKIP" plan, with an explanation. + else if ($0 ~ /^1\.\.0+[ \t]*#/) + { + # The next lines will put the skip explanation in $0, stripping + # any leading and trailing whitespace. This is a little more + # tricky in truth, since we want to also strip a potential leading + # "SKIP" string from the message. + sub("^[^#]*#[ \t]*(SKIP[: \t][ \t]*)?", "") + sub("[ \t]*$", ""); + handle_tap_plan(0, $0) + } + # "Bail out!" magic. + # Older versions of prove and TAP::Harness (e.g., 3.17) did not + # recognize a "Bail out!" directive when preceded by leading + # whitespace, but more modern versions (e.g., 3.23) do. So we + # emulate the latter, "more modern" behaviour. + else if ($0 ~ /^[ \t]*Bail out!/) + { + bailed_out = 1 + # Get the bailout message (if any), with leading and trailing + # whitespace stripped. The message remains stored in `$0`. + sub("^[ \t]*Bail out![ \t]*", ""); + sub("[ \t]*$", ""); + # Format the error message for the + bailout_message = "Bail out!" + if (length($0)) + bailout_message = bailout_message " " $0 + testsuite_error(bailout_message) + } + # Maybe we have too look for dianogtic comments too. + else if (comments != 0) + { + comment = extract_tap_comment($0); + if (length(comment)) + report("#", comment); + } + } + +## -------- ## +## FINISH ## +## -------- ## + +# A "Bail out!" directive should cause us to ignore any following TAP +# error, as well as a non-zero exit status from the TAP producer. +if (!bailed_out) + { + if (!plan_seen) + { + testsuite_error("missing test plan") + } + else if (planned_tests != testno) + { + bad_amount = testno > planned_tests ? "many" : "few" + testsuite_error(sprintf("too %s tests run (expected %d, got %d)", + bad_amount, planned_tests, testno)) + } + if (!ignore_exit) + { + # Fetch exit status from the last line. + exit_message = get_test_exit_message(nextline) + if (exit_message) + testsuite_error(exit_message) + } + } + +write_test_results() + +exit 0 + +} # End of "BEGIN" block. +' + +# TODO: document that we consume the file descriptor 3 :-( +} 3>"$log_file" + +test $? -eq 0 || fatal "I/O or internal error" + +# Local Variables: +# mode: shell-script +# sh-indentation: 2 +# eval: (add-hook 'write-file-hooks 'time-stamp) +# time-stamp-start: "scriptversion=" +# time-stamp-format: "%:y-%02m-%02d.%02H" +# time-stamp-time-zone: "UTC" +# time-stamp-end: "; # UTC" +# End: diff --git a/tests/test_list b/tests/test_list deleted file mode 100644 index e66a239..0000000 --- a/tests/test_list +++ /dev/null @@ -1,11 +0,0 @@ -./test_connect -./test_dns -./test_fd_passing -./test_socket -./test_getpeername -./unit/test_onion -./unit/test_connection -./unit/test_utils -./unit/test_config-file -./unit/test_socks5 -./unit/test_compat diff --git a/tests/unit/Makefile.am b/tests/unit/Makefile.am index 66ae37c..3b0fc97 100644 --- a/tests/unit/Makefile.am +++ b/tests/unit/Makefile.am @@ -1,3 +1,15 @@ +TESTS = \ + test_compat \ + test_config-file \ + test_connection \ + test_onion \ + test_socks5 \ + test_utils \ + # end of TESTS + +TAP_DRIVER = $(top_srcdir)/tests/tap-driver.sh +TEST_LOG_DRIVER = env AM_TAP_AWK='$(AWK)' $(SHELL) $(TAP_DRIVER) + AM_CFLAGS = -I$(top_srcdir)/include \ -I$(top_srcdir)/src \ -I$(top_srcdir)/tests/utils/ \ [View Less]

1 0

[torsocks/master] Make sure pipe_fds is initialized in error branch.
by dgoulet＠torproject.org 13 Jun '16

13 Jun '16

commit c36bc4382ae4c0d1cc56fe1d2cd4fbdf489b1bab Author: Taylor R Campbell <campbell+torsocks(a)mumble.net> Date: Wed Jun 17 17:48:09 2015 +0000 Make sure pipe_fds is initialized in error branch. Caught by clang static analyzer. --- tests/test_fd_passing.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/test_fd_passing.c b/tests/test_fd_passing.c index 70d3fef..8d41496 100644 --- a/tests/test_fd_passing.c +++ b/tests/test_fd_passing.c @@ -390,7 +… [View More]

1 0

[torsocks/master] Overflow when parsing config lines with many arguments
by dgoulet＠torproject.org 13 Jun '16

13 Jun '16

commit 3e9490366350114ee48a365f0fdd742614485e6f Author: junglefowl <junglefowl(a)riseup.net> Date: Mon Jun 13 16:42:02 2016 -0400 Overflow when parsing config lines with many arguments It is possible to overflow tokens with a configuration that contains many arguments in one line. At first, the upper limit is specified as sizeof(tokens), which is wrong. It has to be DEFAULT_MAX_CONF_TOKEN or sizeof(tokens) / sizeof(tokens[0]). The former is shorter, … [View More]therefor I took that one. The next issue is in utils_tokenize_ignore_comments, which verifies that enough space is available only with the ' ' separator. Later in the code, '\t' is also allowed as a separator, which means that more arguments could show up than previously taken into account during size checks. This is an unlikely case, so the check will be done while parsing. When the limit is reached, previously allocated memory is released again and error value is returned. Signed-off-by: David Goulet <dgoulet(a)ev0ke.net> --- src/common/config-file.c | 5 +++-- src/common/utils.c | 29 ++++++++++++----------------- 2 files changed, 15 insertions(+), 19 deletions(-) diff --git a/src/common/config-file.c b/src/common/config-file.c index da89ef7..750bfa8 100644 --- a/src/common/config-file.c +++ b/src/common/config-file.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2000-2008 - Shaun Clowes <delius(a)progsoc.org> + * Copyright (C) 2000-2008 - Shaun Clowes <delius(a)progsoc.org> * 2008-2011 - Robert Hogan <robert(a)roberthogan.net> * 2013 - David Goulet <dgoulet(a)ev0ke.net> * @@ -200,7 +200,8 @@ static int parse_config_line(const char *line, struct configuration *config) /* * The line is tokenized and each token is NULL terminated. */ - nb_token = utils_tokenize_ignore_comments(line, sizeof(tokens), tokens); + nb_token = utils_tokenize_ignore_comments(line, DEFAULT_MAX_CONF_TOKEN, + tokens); if (nb_token <= 0) { /* Nothing on this line that is useful to parse. */ ret = 0; diff --git a/src/common/utils.c b/src/common/utils.c index 95ec803..e477f11 100644 --- a/src/common/utils.c +++ b/src/common/utils.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2000-2008 - Shaun Clowes <delius(a)progsoc.org> + * Copyright (C) 2000-2008 - Shaun Clowes <delius(a)progsoc.org> * 2008-2011 - Robert Hogan <robert(a)roberthogan.net> * 2013 - David Goulet <dgoulet(a)ev0ke.net> * @@ -119,7 +119,7 @@ int utils_is_address_ipv6(const char *ip) ATTR_HIDDEN int utils_tokenize_ignore_comments(const char *_line, size_t size, char **tokens) { - int ret, i = 0, argc = 0; + int ret, i = 0; char *c, *line = NULL, *saveptr; assert(_line); @@ -137,23 +137,12 @@ int utils_tokenize_ignore_comments(const char *_line, size_t size, char **tokens goto end; } - /* Count number of token. If larger than size, we return an error. */ - c = line; - while ((c = strchr(c + 1, ' '))) { - /* Skip consecutive spaces. */ - if (*(c + 1) == ' ') { - continue; - } - argc++; - } - - if (argc > (int)size) { - ret = -ENOMEM; - goto error; - } - c = strtok_r(line, " \t", &saveptr); while (c != NULL) { + if ((size_t) i >= size) { + ret = -ENOMEM; + goto error; + } tokens[i] = strdup(c); if (!tokens[i]) { ret = -ENOMEM; @@ -165,8 +154,14 @@ int utils_tokenize_ignore_comments(const char *_line, size_t size, char **tokens end: ret = i; + free(line); + return ret; + error: free(line); + while (i-- > 0) { + free(tokens[i]); + } return ret; } [View Less]

1 0

[torsocks/master] Avoid potential null pointer dereferences in test_connection.
by dgoulet＠torproject.org 13 Jun '16

13 Jun '16

commit 8012de8076f8f6e7ef1fcc7f9cb29ba9e9e0df57 Author: Taylor R Campbell <campbell+torsocks(a)mumble.net> Date: Wed Jun 17 18:05:10 2015 +0000 Avoid potential null pointer dereferences in test_connection. Caught by clang static analyzer. --- tests/unit/test_connection.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/tests/unit/test_connection.c b/tests/unit/test_connection.c index 508e7db..800a75b 100644 --- a/tests/unit/test_connection.c +++ b/tests/unit/… [View More]

1 0

[torsocks/master] Add support for localhost only UDP via `AllowOutboundLocalhost 2`.
by dgoulet＠torproject.org 13 Jun '16

13 Jun '16

commit f1301e083ed67752ef89e07f1a961ac5b635d9f2 Author: Yawning Angel <yawning(a)schwanenlied.me> Date: Sat Nov 7 11:14:30 2015 +0000 Add support for localhost only UDP via `AllowOutboundLocalhost 2`. Exactly what it says on the tin, setting `AllowOutboundLocalhost 2` will: * Allow all SOCK_DGRAM socket() calls. * Allow connect() to localhost, even for SOCK_DGRAM. * Allow SOCK_DGRAM sendto() calls, as long as the destination address is … [View More]localhost. Fixes bug #16765. --- doc/torsocks.conf | 4 +++- doc/torsocks.conf.5 | 7 ++++--- src/common/compat.h | 4 ++++ src/common/config-file.c | 3 +++ src/common/config-file.h | 2 +- src/lib/connect.c | 14 ++++++++++---- src/lib/sendto.c | 8 +++++++- src/lib/socket.c | 10 ++++++++++ src/lib/torsocks.h | 1 + 9 files changed, 43 insertions(+), 10 deletions(-) diff --git a/doc/torsocks.conf b/doc/torsocks.conf index 5dd9df6..ec99766 100644 --- a/doc/torsocks.conf +++ b/doc/torsocks.conf @@ -31,7 +31,9 @@ OnionAddrRange 127.42.42.0/24 # Set Torsocks to allow outbound connections to the loopback interface. # If set to 1, connect() will be allowed to be used to the loopback interface -# bypassing Tor. This option should not be used by most users. (Default: 0) +# bypassing Tor. If set to 2, in addition to TCP connect(), UDP operations to +# the loopback interface will also be allowed, bypassing Tor. This option +# should not be used by most users. (Default: 0) #AllowOutboundLocalhost 1 # Set Torsocks to use an automatically generated SOCKS5 username/password based diff --git a/doc/torsocks.conf.5 b/doc/torsocks.conf.5 index 33fba3e..a6cc9b8 100644 --- a/doc/torsocks.conf.5 +++ b/doc/torsocks.conf.5 @@ -78,10 +78,11 @@ allowed for non localhost address so the applicaton can handle incoming connection. Note that Unix socket are allowed. (Default: 0) .TP -.I AllowOutboundLocalhost 0|1 +.I AllowOutboundLocalhost 0|1|2 Allow outbound connections to the loopback interface meaning that connect() -will be allowed to connect to localhost addresses bypassing Tor. This option -should not be used by most users. (Default: 0) +will be allowed to connect to localhost addresses bypassing Tor. If set to 1, +TCP connections will be allowed. If set to 2, both TCP/IP and UDP connections +will be allowed. This option should not be used by most users. (Default: 0) .TP .I IsolatePID 0|1 diff --git a/src/common/compat.h b/src/common/compat.h index 6c8ce32..38bf191 100644 --- a/src/common/compat.h +++ b/src/common/compat.h @@ -220,9 +220,13 @@ void tsocks_once(tsocks_once_t *o, void (*init_routine)(void)); #if defined(__NetBSD__) #define IS_SOCK_STREAM(type) \ ((type & ~(SOCK_NONBLOCK | SOCK_CLOEXEC | SOCK_NOSIGPIPE)) == SOCK_STREAM) +#define IS_SOCK_DGRAM(type) \ + ((type & ~(SOCK_NONBLOCK | SOCK_CLOEXEC | SOCK_NOSIGPIPE)) == SOCK_DGRAM) #else /* __NetBSD__ */ #define IS_SOCK_STREAM(type) \ ((type & ~(SOCK_NONBLOCK | SOCK_CLOEXEC)) == SOCK_STREAM) +#define IS_SOCK_DGRAM(type) \ + ((type & ~(SOCK_NONBLOCK | SOCK_CLOEXEC)) == SOCK_DGRAM) #endif /* __NetBSD__ */ #endif /* TORSOCKS_COMPAT_H */ diff --git a/src/common/config-file.c b/src/common/config-file.c index 2147068..da89ef7 100644 --- a/src/common/config-file.c +++ b/src/common/config-file.c @@ -406,6 +406,9 @@ int conf_file_set_allow_outbound_localhost(const char *val, } else if (ret == 1) { config->allow_outbound_localhost = 1; DBG("[config] Outbound localhost connections allowed."); + } else if (ret == 2) { + config->allow_outbound_localhost = 2; + DBG("[config] Outbound localhost connections + UDP allowed."); } else { ERR("[config] Invalid %s value for %s", val, conf_allow_outbound_localhost_str); diff --git a/src/common/config-file.h b/src/common/config-file.h index 23dd842..48be392 100644 --- a/src/common/config-file.h +++ b/src/common/config-file.h @@ -82,7 +82,7 @@ struct configuration { /* * Allow outbound connections to localhost that bypass Tor. */ - unsigned int allow_outbound_localhost:1; + unsigned int allow_outbound_localhost; /* * Automatically set the SOCKS5 authentication to a unique per-process diff --git a/src/lib/connect.c b/src/lib/connect.c index 2480643..71c5886 100644 --- a/src/lib/connect.c +++ b/src/lib/connect.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2000-2008 - Shaun Clowes <delius(a)progsoc.org> + * Copyright (C) 2000-2008 - Shaun Clowes <delius(a)progsoc.org> * 2008-2011 - Robert Hogan <robert(a)roberthogan.net> * 2013 - David Goulet <dgoulet(a)ev0ke.net> * @@ -45,7 +45,7 @@ TSOCKS_LIBC_DECL(connect, LIBC_CONNECT_RET_TYPE, LIBC_CONNECT_SIG) * On error or if validation fails, errno is set and -1 is returned. The caller * should *return* right away an error. */ -static int validate_socket(int sockfd, const struct sockaddr *addr) +int tsocks_validate_socket(int sockfd, const struct sockaddr *addr) { int ret, sock_type; socklen_t optlen; @@ -76,8 +76,14 @@ static int validate_socket(int sockfd, const struct sockaddr *addr) DBG("[connect] Socket family %s and type %d", addr->sa_family == AF_INET ? "AF_INET" : "AF_INET6", sock_type); - /* Refuse non stream socket since Tor can't handle that. */ if (!IS_SOCK_STREAM(sock_type)) { + if ((tsocks_config.allow_outbound_localhost == 2) && + IS_SOCK_DGRAM(sock_type) && utils_sockaddr_is_localhost(addr)) { + DBG("[connect] Allowing localhost UDP socket."); + goto libc_call; + } + + /* Refuse non stream socket since Tor can't handle that. */ DBG("[connect] UDP or ICMP stream can't be handled. Rejecting."); errno = EPERM; goto error; @@ -115,7 +121,7 @@ LIBC_CONNECT_RET_TYPE tsocks_connect(LIBC_CONNECT_SIG) * Validate socket values in order to see if we can handle this connect * through Tor. */ - ret = validate_socket(sockfd, addr); + ret = tsocks_validate_socket(sockfd, addr); if (ret == 1) { /* Tor can't handle it so send it to the libc. */ goto libc_connect; diff --git a/src/lib/sendto.c b/src/lib/sendto.c index 6b1d3ff..75994f4 100644 --- a/src/lib/sendto.c +++ b/src/lib/sendto.c @@ -43,8 +43,8 @@ TSOCKS_LIBC_DECL(sendto, LIBC_SENDTO_RET_TYPE, LIBC_SENDTO_SIG) */ LIBC_SENDTO_RET_TYPE tsocks_sendto(LIBC_SENDTO_SIG) { -#ifdef MSG_FASTOPEN int ret; +#ifdef MSG_FASTOPEN if ((flags & MSG_FASTOPEN) == 0) { /* No TFO, fallback to libc sendto() */ @@ -64,6 +64,12 @@ LIBC_SENDTO_RET_TYPE tsocks_sendto(LIBC_SENDTO_SIG) libc_sendto: #endif /* MSG_FASTOPEN */ + /* Validate that the socket and address are ok to send traffic to. */ + ret = tsocks_validate_socket(sockfd, dest_addr); + if (ret == -1) { + return ret; + } + return tsocks_libc_sendto(LIBC_SENDTO_ARGS); } diff --git a/src/lib/socket.c b/src/lib/socket.c index edc24ab..331de0b 100644 --- a/src/lib/socket.c +++ b/src/lib/socket.c @@ -48,6 +48,16 @@ LIBC_SOCKET_RET_TYPE tsocks_socket(LIBC_SOCKET_SIG) } /* + * If outbound localhost UDP traffic is allowed, then allow all UDP + * socket creation. Validation on the destination addr is done at + * connect()/sendto() time. + */ + if ((tsocks_config.allow_outbound_localhost == 2) && + IS_SOCK_DGRAM(type)) { + goto end; + } + + /* * Print this message only in debug mode. Very often, applications uses * the libc to do DNS resolution which first tries with UDP and then * with TCP. It's not critical for the user to know that a non TCP diff --git a/src/lib/torsocks.h b/src/lib/torsocks.h index 9531db5..eddd0de 100644 --- a/src/lib/torsocks.h +++ b/src/lib/torsocks.h @@ -445,6 +445,7 @@ extern struct onion_pool tsocks_onion_pool; extern unsigned int tsocks_cleaned_up; +int tsocks_validate_socket(int sockfd, const struct sockaddr *addr); int tsocks_connect_to_tor(struct connection *conn); void *tsocks_find_libc_symbol(const char *symbol, enum tsocks_sym_action action); [View Less]

1 0

[torsocks/master] Work around broken declaration of gethostbyaddr on older NetBSD.
by dgoulet＠torproject.org 13 Jun '16

13 Jun '16

commit 44cc23ffa6ad06964719eeb8f4483ad305dc6ac5 Author: Taylor R Campbell <campbell+torsocks(a)mumble.net> Date: Tue Jun 16 20:22:17 2015 +0000 Work around broken declaration of gethostbyaddr on older NetBSD. Signed-off-by: David Goulet <dgoulet(a)ev0ke.net> --- src/lib/torsocks.h | 4 ++++ tests/test_dns.c | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/src/lib/torsocks.h b/src/lib/torsocks.h index f8f798f..9531db5 100644 --- a/src/lib/… [View More]

1 0

[torsocks/master] Use size_t, not int, for indices below size_t bounds.
by dgoulet＠torproject.org 13 Jun '16

13 Jun '16

commit 80e1ffb565bdd3c41063a743617f17faa81ab9aa Author: Taylor R Campbell <campbell+torsocks(a)mumble.net> Date: Tue Jun 16 20:33:49 2015 +0000 Use size_t, not int, for indices below size_t bounds. --- src/lib/recv.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/lib/recv.c b/src/lib/recv.c index 1ff1446..d1bbaea 100644 --- a/src/lib/recv.c +++ b/src/lib/recv.c @@ -39,7 +39,7 @@ TSOCKS_LIBC_DECL(recvmsg, LIBC_RECVMSG_RET_TYPE, LIBC_RECVMSG_SIG) */ … [View More]

1 0

[torsocks/master] Use seconds since epoch, not local time, for log timestamps.
by dgoulet＠torproject.org 13 Jun '16

13 Jun '16

commit 35187508cfaf3fd21ed68159f4635ee2d376aea4 Author: Taylor R Campbell <campbell+torsocks(a)mumble.net> Date: Fri Jun 19 04:23:36 2015 +0000 Use seconds since epoch, not local time, for log timestamps. Local time may require opening files to load the time zone database, which leads to a potential deadlock-against-self when intercepting a close() in the middle of tsocks_once initialization for close(). The same issue applies even if we use UTC, via … [View More]

1 0