[tor-commits] [tor/master] Merge branch 'backtrace_squashed'

nickm at torproject.org nickm at torproject.org
Mon Nov 18 16:04:37 UTC 2013


commit fbc20294aaf67f9434d5b1e107b8e1c43e42a3a4
Merge: 7a2b30f c81f64a
Author: Nick Mathewson <nickm at torproject.org>
Date:   Mon Nov 18 11:00:16 2013 -0500

    Merge branch 'backtrace_squashed'
    
    Conflicts:
    	src/common/sandbox.c
    	src/common/sandbox.h
    	src/common/util.c
    	src/or/main.c
    	src/test/include.am
    	src/test/test.c

 .gitignore              |    2 +
 LICENSE                 |   33 ++++++++
 changes/stack_trace     |    8 ++
 configure.ac            |    9 +++
 m4/pc_from_ucontext.m4  |  131 ++++++++++++++++++++++++++++++
 src/common/backtrace.c  |  202 +++++++++++++++++++++++++++++++++++++++++++++++
 src/common/backtrace.h  |   12 +++
 src/common/include.am   |    2 +
 src/common/log.c        |  140 +++++++++++++++++++++++++++-----
 src/common/sandbox.c    |   47 ++---------
 src/common/sandbox.h    |    3 -
 src/common/torlog.h     |    8 +-
 src/common/util.c       |  111 +++++++++++++++++---------
 src/common/util.h       |   17 ++--
 src/or/config.c         |    3 +-
 src/or/main.c           |   10 ++-
 src/test/bt_test.py     |   42 ++++++++++
 src/test/include.am     |   12 +++
 src/test/test.c         |    3 +
 src/test/test_bt_cl.c   |  110 ++++++++++++++++++++++++++
 src/test/test_logging.c |  135 +++++++++++++++++++++++++++++++
 src/test/test_util.c    |   51 ++++++++++++
 22 files changed, 977 insertions(+), 114 deletions(-)

diff --cc src/common/sandbox.c
index aaba9c7,a37c74e..7ef577d
--- a/src/common/sandbox.c
+++ b/src/common/sandbox.c
@@@ -373,1154 -265,34 +373,1121 @@@ sb_openat(scmp_filter_ctx ctx, sandbox_
    return 0;
  }
  
 -#endif // USE_LIBSECCOMP
 +/**
 + * Function responsible for setting up the socket syscall for
 + * the seccomp filter sandbox.
 + */
 +static int
 +sb_socket(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
 +{
 +  int rc = 0;
 +  (void) filter;
 +
 +#ifdef __i386__
 +  rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(socket), 0);
 +  if (rc)
 +    return rc;
 +#endif
 +
 +  rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(socket), 3,
 +      SCMP_CMP(0, SCMP_CMP_EQ, PF_FILE),
 +      SCMP_CMP(1, SCMP_CMP_EQ, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK),
 +      SCMP_CMP(2, SCMP_CMP_EQ, IPPROTO_IP));
 +  if (rc)
 +    return rc;
 +
 +  rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(socket), 3,
 +      SCMP_CMP(0, SCMP_CMP_EQ, PF_INET),
 +      SCMP_CMP(1, SCMP_CMP_EQ, SOCK_STREAM|SOCK_CLOEXEC),
 +      SCMP_CMP(2, SCMP_CMP_EQ, IPPROTO_TCP));
 +  if (rc)
 +    return rc;
 +
 +  rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(socket), 3,
 +      SCMP_CMP(0, SCMP_CMP_EQ, PF_INET),
 +      SCMP_CMP(1, SCMP_CMP_EQ, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK),
 +      SCMP_CMP(2, SCMP_CMP_EQ, IPPROTO_IP));
 +  if (rc)
 +    return rc;
 +
 +  rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(socket), 3,
 +      SCMP_CMP(0, SCMP_CMP_EQ, PF_NETLINK),
 +      SCMP_CMP(1, SCMP_CMP_EQ, SOCK_RAW),
 +      SCMP_CMP(2, SCMP_CMP_EQ, 0));
 +  if (rc)
 +    return rc;
 +
 +  return 0;
 +}
  
  /**
 - * Enables the stage 1 general sandbox. It applies a syscall filter which does
 - * not restrict any Tor features. The filter is representative for the whole
 - * application.
 + * Function responsible for setting up the socketpair syscall for
 + * the seccomp filter sandbox.
   */
 -int
 -tor_global_sandbox(void)
 +static int
 +sb_socketpair(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
  {
 +  int rc = 0;
 +  (void) filter;
  
 -#if defined(USE_LIBSECCOMP)
 -  return initialise_libseccomp_sandbox();
 +#ifdef __i386__
 +  rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(socketpair), 0);
 +  if (rc)
 +    return rc;
 +#endif
 +
 +  rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(socketpair), 2,
 +      SCMP_CMP(0, SCMP_CMP_EQ, PF_FILE),
 +      SCMP_CMP(1, SCMP_CMP_EQ, SOCK_STREAM|SOCK_CLOEXEC));
 +  if (rc)
 +    return rc;
  
 -#elif defined(_WIN32)
 -  log_warn(LD_BUG,"Windows sandboxing is not implemented. The feature is "
 -      "currently disabled.");
    return 0;
 +}
 +
 +/**
 + * Function responsible for setting up the setsockopt syscall for
 + * the seccomp filter sandbox.
 + */
 +static int
 +sb_setsockopt(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
 +{
 +  int rc = 0;
 +  (void) filter;
 +
 +#ifdef __i386__
 +  rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(setsockopt), 0);
 +  if (rc)
 +    return rc;
 +#endif
 +
 +  rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(setsockopt), 2,
 +      SCMP_CMP(1, SCMP_CMP_EQ, SOL_SOCKET),
 +      SCMP_CMP(2, SCMP_CMP_EQ, SO_REUSEADDR));
 +  if (rc)
 +    return rc;
  
 -#elif defined(TARGET_OS_MAC)
 -  log_warn(LD_BUG,"Mac OSX sandboxing is not implemented. The feature is "
 -      "currently disabled");
    return 0;
 -#else
 -  log_warn(LD_BUG,"Sandboxing is not implemented for your platform. The "
 -      "feature is currently disabled");
 +}
 +
 +/**
 + * Function responsible for setting up the getsockopt syscall for
 + * the seccomp filter sandbox.
 + */
 +static int
 +sb_getsockopt(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
 +{
 +  int rc = 0;
 +  (void) filter;
 +
 +#ifdef __i386__
 +  rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(getsockopt), 0);
 +  if (rc)
 +    return rc;
 +#endif
 +
 +  rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(getsockopt), 2,
 +      SCMP_CMP(1, SCMP_CMP_EQ, SOL_SOCKET),
 +      SCMP_CMP(2, SCMP_CMP_EQ, SO_ERROR));
 +  if (rc)
 +    return rc;
 +
 +  return 0;
 +}
 +
 +#ifdef __NR_fcntl64
 +/**
 + * Function responsible for setting up the fcntl64 syscall for
 + * the seccomp filter sandbox.
 + */
 +static int
 +sb_fcntl64(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
 +{
 +  int rc = 0;
 +
 +  rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(fcntl64), 1,
 +      SCMP_CMP(1, SCMP_CMP_EQ, F_GETFL));
 +  if (rc)
 +    return rc;
 +
 +  rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(fcntl64), 2,
 +      SCMP_CMP(1, SCMP_CMP_EQ, F_SETFL),
 +      SCMP_CMP(2, SCMP_CMP_EQ, O_RDWR|O_NONBLOCK));
 +  if (rc)
 +    return rc;
 +
 +  rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(fcntl64), 1,
 +      SCMP_CMP(1, SCMP_CMP_EQ, F_GETFD));
 +  if (rc)
 +    return rc;
 +
 +  rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(fcntl64), 2,
 +      SCMP_CMP(1, SCMP_CMP_EQ, F_SETFD),
 +      SCMP_CMP(2, SCMP_CMP_EQ, FD_CLOEXEC));
 +  if (rc)
 +    return rc;
 +
    return 0;
 +}
  #endif
 +
 +/**
 + * Function responsible for setting up the epoll_ctl syscall for
 + * the seccomp filter sandbox.
 + *
 + *  Note: basically allows everything but will keep for now..
 + */
 +static int
 +sb_epoll_ctl(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
 +{
 +  int rc = 0;
 +  (void) filter;
 +
 +  rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(epoll_ctl), 1,
 +      SCMP_CMP(1, SCMP_CMP_EQ, EPOLL_CTL_ADD));
 +  if (rc)
 +    return rc;
 +
 +  rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(epoll_ctl), 1,
 +      SCMP_CMP(1, SCMP_CMP_EQ, EPOLL_CTL_MOD));
 +  if (rc)
 +    return rc;
 +
 +  rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(epoll_ctl), 1,
 +      SCMP_CMP(1, SCMP_CMP_EQ, EPOLL_CTL_DEL));
 +  if (rc)
 +    return rc;
 +
 +  return 0;
 +}
 +
 +/**
 + * Function responsible for setting up the fcntl64 syscall for
 + * the seccomp filter sandbox.
 + *
 + * NOTE: if multiple filters need to be added, the PR_SECCOMP parameter needs
 + * to be whitelisted in this function.
 + */
 +static int
 +sb_prctl(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
 +{
 +  int rc = 0;
 +  (void) filter;
 +
 +  rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(prctl), 1,
 +      SCMP_CMP(0, SCMP_CMP_EQ, PR_SET_DUMPABLE));
 +  if (rc)
 +    return rc;
 +
 +  return 0;
 +}
 +
 +/**
 + * Function responsible for setting up the fcntl64 syscall for
 + * the seccomp filter sandbox.
 + *
 + * NOTE: does not NEED to be here.. currently only occurs before filter; will
 + * keep just in case for the future.
 + */
 +static int
 +sb_mprotect(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
 +{
 +  int rc = 0;
 +  (void) filter;
 +
 +  rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(mprotect), 1,
 +      SCMP_CMP(2, SCMP_CMP_EQ, PROT_READ));
 +  if (rc)
 +    return rc;
 +
 +  rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(mprotect), 1,
 +      SCMP_CMP(2, SCMP_CMP_EQ, PROT_NONE));
 +  if (rc)
 +    return rc;
 +
 +  return 0;
 +}
 +
 +/**
 + * Function responsible for setting up the rt_sigprocmask syscall for
 + * the seccomp filter sandbox.
 + */
 +static int
 +sb_rt_sigprocmask(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
 +{
 +  int rc = 0;
 +  (void) filter;
 +
 +  rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(rt_sigprocmask), 1,
 +      SCMP_CMP(0, SCMP_CMP_EQ, SIG_UNBLOCK));
 +  if (rc)
 +    return rc;
 +
 +  rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(rt_sigprocmask), 1,
 +      SCMP_CMP(0, SCMP_CMP_EQ, SIG_SETMASK));
 +  if (rc)
 +    return rc;
 +
 +  return 0;
  }
  
 +/**
 + * Function responsible for setting up the flock syscall for
 + * the seccomp filter sandbox.
 + *
 + *  NOTE: does not need to be here, occurs before filter is applied.
 + */
 +static int
 +sb_flock(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
 +{
 +  int rc = 0;
 +  (void) filter;
 +
 +  rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(flock), 1,
 +      SCMP_CMP(1, SCMP_CMP_EQ, LOCK_EX|LOCK_NB));
 +  if (rc)
 +    return rc;
 +
 +  rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(flock), 1,
 +      SCMP_CMP(1, SCMP_CMP_EQ, LOCK_UN));
 +  if (rc)
 +    return rc;
 +
 +  return 0;
 +}
 +
 +/**
 + * Function responsible for setting up the futex syscall for
 + * the seccomp filter sandbox.
 + */
 +static int
 +sb_futex(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
 +{
 +  int rc = 0;
 +  (void) filter;
 +
 +  // can remove
 +  rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(futex), 1,
 +      SCMP_CMP(1, SCMP_CMP_EQ,
 +          FUTEX_WAIT_BITSET_PRIVATE|FUTEX_CLOCK_REALTIME));
 +  if (rc)
 +    return rc;
 +
 +  rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(futex), 1,
 +      SCMP_CMP(1, SCMP_CMP_EQ, FUTEX_WAKE_PRIVATE));
 +  if (rc)
 +    return rc;
 +
 +  rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(futex), 1,
 +      SCMP_CMP(1, SCMP_CMP_EQ, FUTEX_WAIT_PRIVATE));
 +  if (rc)
 +    return rc;
 +
 +  return 0;
 +}
 +
 +/**
 + * Function responsible for setting up the mremap syscall for
 + * the seccomp filter sandbox.
 + *
 + *  NOTE: so far only occurs before filter is applied.
 + */
 +static int
 +sb_mremap(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
 +{
 +  int rc = 0;
 +  (void) filter;
 +
 +  rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(mremap), 1,
 +      SCMP_CMP(3, SCMP_CMP_EQ, MREMAP_MAYMOVE));
 +  if (rc)
 +    return rc;
 +
 +  return 0;
 +}
 +
 +/**
 + * Function responsible for setting up the poll syscall for
 + * the seccomp filter sandbox.
 + */
 +static int
 +sb_poll(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
 +{
 +  int rc = 0;
 +  (void) filter;
 +
 +  rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(poll), 2,
 +      SCMP_CMP(1, SCMP_CMP_EQ, 1),
 +      SCMP_CMP(2, SCMP_CMP_EQ, 10));
 +  if (rc)
 +    return rc;
 +
 +  return 0;
 +}
 +
 +#ifdef __NR_stat64
 +/**
 + * Function responsible for setting up the stat64 syscall for
 + * the seccomp filter sandbox.
 + */
 +static int
 +sb_stat64(scmp_filter_ctx ctx, sandbox_cfg_t *filter)
 +{
 +  int rc = 0;
 +  sandbox_cfg_t *elem = NULL;
 +
 +  // for each dynamic parameter filters
 +  for (elem = filter; elem != NULL; elem = elem->next) {
 +    smp_param_t *param = elem->param;
 +
 +    if (param != NULL && param->prot == 1 && (param->syscall == SCMP_SYS(open)
 +        || param->syscall == SCMP_SYS(stat64))) {
 +      rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(stat64), 1,
 +          SCMP_CMP(0, SCMP_CMP_EQ, param->value));
 +      if (rc != 0) {
 +        log_err(LD_BUG,"(Sandbox) failed to add open syscall, received "
 +            "libseccomp  error %d", rc);
 +        return rc;
 +      }
 +    }
 +  }
 +
 +  return 0;
 +}
 +#endif
 +
 +/**
 + * Array of function pointers responsible for filtering different syscalls at
 + * a parameter level.
 + */
 +static sandbox_filter_func_t filter_func[] = {
 +    sb_rt_sigaction,
 +    sb_rt_sigprocmask,
 +    sb_execve,
 +    sb_time,
 +    sb_accept4,
 +#ifdef __NR_mmap2
 +    sb_mmap2,
 +#endif
 +    sb_open,
 +    sb_openat,
 +#ifdef __NR_fcntl64
 +    sb_fcntl64,
 +#endif
 +    sb_epoll_ctl,
 +    sb_prctl,
 +    sb_mprotect,
 +    sb_flock,
 +    sb_futex,
 +    sb_mremap,
 +    sb_poll,
 +#ifdef __NR_stat64
 +    sb_stat64,
 +#endif
 +
 +    sb_socket,
 +    sb_setsockopt,
 +    sb_getsockopt,
 +    sb_socketpair
 +};
 +
 +const char*
 +sandbox_intern_string(const char *str)
 +{
 +  sandbox_cfg_t *elem;
 +
 +  if (str == NULL)
 +    return NULL;
 +
 +  for (elem = filter_dynamic; elem != NULL; elem = elem->next) {
 +    smp_param_t *param = elem->param;
 +
 +    if (param->prot && !strcmp(str, (char*)(param->value))) {
 +      return (char*)(param->value);
 +    }
 +  }
 +
 +  log_info(LD_GENERAL, "(Sandbox) Parameter %s not found", str);
 +  return str;
 +}
 +
 +/**
 + * Protects all the strings in the sandbox's parameter list configuration. It
 + * works by calculating the total amount of memory required by the parameter
 + * list, allocating the memory using mmap, and protecting it from writes with
 + * mprotect().
 + */
 +static int
 +prot_strings(scmp_filter_ctx ctx, sandbox_cfg_t* cfg)
 +{
 +  int ret = 0;
 +  size_t pr_mem_size = 0, pr_mem_left = 0;
 +  char *pr_mem_next = NULL, *pr_mem_base;
 +  sandbox_cfg_t *el = NULL;
 +
 +  // get total number of bytes required to mmap
 +  for (el = cfg; el != NULL; el = el->next) {
 +    pr_mem_size += strlen((char*) ((smp_param_t*)el->param)->value) + 1;
 +  }
 +
 +  // allocate protected memory with MALLOC_MP_LIM canary
 +  pr_mem_base = (char*) mmap(NULL, MALLOC_MP_LIM + pr_mem_size,
 +      PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANON, -1, 0);
 +  if (pr_mem_base == MAP_FAILED) {
 +    log_err(LD_BUG,"(Sandbox) failed allocate protected memory! mmap: %s",
 +        strerror(errno));
 +    ret = -1;
 +    goto out;
 +  }
 +
 +  pr_mem_next = pr_mem_base + MALLOC_MP_LIM;
 +  pr_mem_left = pr_mem_size;
 +
 +  // change el value pointer to protected
 +  for (el = cfg; el != NULL; el = el->next) {
 +    char *param_val = (char*)((smp_param_t *)el->param)->value;
 +    size_t param_size = strlen(param_val) + 1;
 +
 +    if (pr_mem_left >= param_size) {
 +      // copy to protected
 +      memcpy(pr_mem_next, param_val, param_size);
 +
 +      // re-point el parameter to protected
 +      {
 +        void *old_val = (void *) ((smp_param_t*)el->param)->value;
 +        tor_free(old_val);
 +      }
 +      ((smp_param_t*)el->param)->value = (intptr_t) pr_mem_next;
 +      ((smp_param_t*)el->param)->prot = 1;
 +
 +      // move next available protected memory
 +      pr_mem_next += param_size;
 +      pr_mem_left -= param_size;
 +    } else {
 +      log_err(LD_BUG,"(Sandbox) insufficient protected memory!");
 +      ret = -2;
 +      goto out;
 +    }
 +  }
 +
 +  // protecting from writes
 +  if (mprotect(pr_mem_base, MALLOC_MP_LIM + pr_mem_size, PROT_READ)) {
 +    log_err(LD_BUG,"(Sandbox) failed to protect memory! mprotect: %s",
 +        strerror(errno));
 +    ret = -3;
 +    goto out;
 +  }
 +
 +  /*
 +   * Setting sandbox restrictions so the string memory cannot be tampered with
 +   */
 +  // no mremap of the protected base address
 +  ret = seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(mremap), 1,
 +      SCMP_CMP(0, SCMP_CMP_EQ, (intptr_t) pr_mem_base));
 +  if (ret) {
 +    log_err(LD_BUG,"(Sandbox) mremap protected memory filter fail!");
 +    return ret;
 +  }
 +
 +  // no munmap of the protected base address
 +  ret = seccomp_rule_add(ctx, SCMP_ACT_KILL, SCMP_SYS(munmap), 1,
 +        SCMP_CMP(0, SCMP_CMP_EQ, (intptr_t) pr_mem_base));
 +  if (ret) {
 +    log_err(LD_BUG,"(Sandbox) munmap protected memory filter fail!");
 +    return ret;
 +  }
 +
 +  /*
 +   * Allow mprotect with PROT_READ|PROT_WRITE because openssl uses it, but
 +   * never over the memory region used by the protected strings.
 +   *
 +   * PROT_READ|PROT_WRITE was originally fully allowed in sb_mprotect(), but
 +   * had to be removed due to limitation of libseccomp regarding intervals.
 +   *
 +   * There is a restriction on how much you can mprotect with R|W up to the
 +   * size of the canary.
 +   */
 +  ret = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(mprotect), 2,
 +      SCMP_CMP(0, SCMP_CMP_LT, (intptr_t) pr_mem_base),
 +      SCMP_CMP(1, SCMP_CMP_LE, MALLOC_MP_LIM),
 +      SCMP_CMP(2, SCMP_CMP_EQ, PROT_READ|PROT_WRITE));
 +  if (ret) {
 +    log_err(LD_BUG,"(Sandbox) mprotect protected memory filter fail (LT)!");
 +    return ret;
 +  }
 +
 +  ret = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(mprotect), 2,
 +      SCMP_CMP(0, SCMP_CMP_GT, (intptr_t) pr_mem_base + pr_mem_size +
 +          MALLOC_MP_LIM),
 +      SCMP_CMP(1, SCMP_CMP_LE, MALLOC_MP_LIM),
 +      SCMP_CMP(2, SCMP_CMP_EQ, PROT_READ|PROT_WRITE));
 +  if (ret) {
 +    log_err(LD_BUG,"(Sandbox) mprotect protected memory filter fail (GT)!");
 +    return ret;
 +  }
 +
 + out:
 +   return ret;
 +}
 +
 +/**
 + * Auxiliary function used in order to allocate a sandbox_cfg_t element and set
 + * it's values according the the parameter list. All elements are initialised
 + * with the 'prot' field set to false, as the pointer is not protected at this
 + * point.
 + */
 +static sandbox_cfg_t*
 +new_element(int syscall, int index, intptr_t value)
 +{
 +  smp_param_t *param = NULL;
 +
 +  sandbox_cfg_t *elem = tor_malloc(sizeof(sandbox_cfg_t));
 +  elem->param = tor_malloc(sizeof(smp_param_t));
 +
 +  param = elem->param;
 +  param->syscall = syscall;
 +  param->pindex = index;
 +  param->value = value;
 +  param->prot = 0;
 +
 +  return elem;
 +}
 +
 +#ifdef __NR_stat64
 +#define SCMP_stat SCMP_SYS(stat64)
 +#else
 +#define SCMP_stat SCMP_SYS(stat)
 +#endif
 +
 +int
 +sandbox_cfg_allow_stat_filename(sandbox_cfg_t **cfg, char *file, int fr)
 +{
 +  sandbox_cfg_t *elem = NULL;
 +
 +  elem = new_element(SCMP_stat, 0, (intptr_t)(void*) tor_strdup(file));
 +  if (!elem) {
 +    log_err(LD_BUG,"(Sandbox) failed to register parameter!");
 +    return -1;
 +  }
 +
 +  elem->next = *cfg;
 +  *cfg = elem;
 +
 +  if (fr) tor_free(file);
 +  return 0;
 +}
 +
 +int
 +sandbox_cfg_allow_stat_filename_array(sandbox_cfg_t **cfg, ...)
 +{
 +  int rc = 0;
 +  char *fn = NULL;
 +
 +  va_list ap;
 +  va_start(ap, cfg);
 +
 +  while ((fn = va_arg(ap, char*)) != NULL) {
 +    int fr = va_arg(ap, int);
 +
 +    rc = sandbox_cfg_allow_stat_filename(cfg, fn, fr);
 +    if (rc) {
 +      log_err(LD_BUG,"(Sandbox) sandbox_cfg_allow_stat_filename_array fail");
 +      goto end;
 +    }
 +  }
 +
 + end:
 +  va_end(ap);
 +  return 0;
 +}
 +
 +int
 +sandbox_cfg_allow_open_filename(sandbox_cfg_t **cfg, char *file, int fr)
 +{
 +  sandbox_cfg_t *elem = NULL;
 +
 +  elem = new_element(SCMP_SYS(open), 0, (intptr_t)(void *)tor_strdup(file));
 +  if (!elem) {
 +    log_err(LD_BUG,"(Sandbox) failed to register parameter!");
 +    return -1;
 +  }
 +
 +  elem->next = *cfg;
 +  *cfg = elem;
 +
 +  if (fr) tor_free(file);
 +
 +  return 0;
 +}
 +
 +int
 +sandbox_cfg_allow_open_filename_array(sandbox_cfg_t **cfg, ...)
 +{
 +  int rc = 0;
 +  char *fn = NULL;
 +
 +  va_list ap;
 +  va_start(ap, cfg);
 +
 +  while ((fn = va_arg(ap, char*)) != NULL) {
 +    int fr = va_arg(ap, int);
 +
 +    rc = sandbox_cfg_allow_open_filename(cfg, fn, fr);
 +    if (rc) {
 +      log_err(LD_BUG,"(Sandbox) sandbox_cfg_allow_open_filename_array fail");
 +      goto end;
 +    }
 +  }
 +
 + end:
 +  va_end(ap);
 +  return 0;
 +}
 +
 +int
 +sandbox_cfg_allow_openat_filename(sandbox_cfg_t **cfg, char *file, int fr)
 +{
 +  sandbox_cfg_t *elem = NULL;
 +
 +  elem = new_element(SCMP_SYS(openat), 1, (intptr_t)(void *)tor_strdup(file));
 +  if (!elem) {
 +    log_err(LD_BUG,"(Sandbox) failed to register parameter!");
 +    return -1;
 +  }
 +
 +  elem->next = *cfg;
 +  *cfg = elem;
 +
 +  if (fr) tor_free(file);
 +
 +  return 0;
 +}
 +
 +int
 +sandbox_cfg_allow_openat_filename_array(sandbox_cfg_t **cfg, ...)
 +{
 +  int rc = 0;
 +  char *fn = NULL;
 +
 +  va_list ap;
 +  va_start(ap, cfg);
 +
 +  while ((fn = va_arg(ap, char*)) != NULL) {
 +    int fr = va_arg(ap, int);
 +
 +    rc = sandbox_cfg_allow_openat_filename(cfg, fn, fr);
 +    if (rc) {
 +      log_err(LD_BUG,"(Sandbox) sandbox_cfg_allow_openat_filename_array fail");
 +      goto end;
 +    }
 +  }
 +
 + end:
 +  va_end(ap);
 +  return 0;
 +}
 +
 +int
 +sandbox_cfg_allow_execve(sandbox_cfg_t **cfg, const char *com)
 +{
 +  sandbox_cfg_t *elem = NULL;
 +
 +  elem = new_element(SCMP_SYS(execve), 1, (intptr_t)(void *)tor_strdup(com));
 +  if (!elem) {
 +    log_err(LD_BUG,"(Sandbox) failed to register parameter!");
 +    return -1;
 +  }
 +
 +  elem->next = *cfg;
 +  *cfg = elem;
 +
 +  return 0;
 +}
 +
 +int
 +sandbox_cfg_allow_execve_array(sandbox_cfg_t **cfg, ...)
 +{
 +  int rc = 0;
 +  char *fn = NULL;
 +
 +  va_list ap;
 +  va_start(ap, cfg);
 +
 +  while ((fn = va_arg(ap, char*)) != NULL) {
 +
 +    rc = sandbox_cfg_allow_execve(cfg, fn);
 +    if (rc) {
 +      log_err(LD_BUG,"(Sandbox) sandbox_cfg_allow_execve_array failed");
 +      goto end;
 +    }
 +  }
 +
 + end:
 +  va_end(ap);
 +  return 0;
 +}
 +
 +int
 +sandbox_getaddrinfo(const char *name, const char *servname,
 +                    const struct addrinfo *hints,
 +                    struct addrinfo **res)
 +{
 +  sb_addr_info_t *el;
 +
 +  if (servname != NULL)
 +    return -1;
 +
 +  *res = NULL;
 +
 +  for (el = sb_addr_info; el; el = el->next) {
 +    if (!strcmp(el->name, name)) {
 +      *res = tor_malloc(sizeof(struct addrinfo));
 +
 +      memcpy(*res, el->info, sizeof(struct addrinfo));
 +      /* XXXX What if there are multiple items in the list? */
 +      return 0;
 +    }
 +  }
 +
 +  if (!sandbox_active) {
 +    if (getaddrinfo(name, NULL, hints, res)) {
 +      log_err(LD_BUG,"(Sandbox) getaddrinfo failed!");
 +      return -1;
 +    }
 +
 +    return 0;
 +  }
 +
 +  // getting here means something went wrong
 +  log_err(LD_BUG,"(Sandbox) failed to get address %s!", name);
 +  if (*res) {
 +    tor_free(*res);
 +    res = NULL;
 +  }
 +  return -1;
 +}
 +
 +int
 +sandbox_add_addrinfo(const char* name)
 +{
 +  int ret;
 +  struct addrinfo hints;
 +  sb_addr_info_t *el = NULL;
 +
 +  el = tor_malloc(sizeof(sb_addr_info_t));
 +
 +  memset(&hints, 0, sizeof(hints));
 +  hints.ai_family = AF_INET;
 +  hints.ai_socktype = SOCK_STREAM;
 +
 +  ret = getaddrinfo(name, NULL, &hints, &(el->info));
 +  if (ret) {
 +    log_err(LD_BUG,"(Sandbox) failed to getaddrinfo");
 +    ret = -2;
 +    tor_free(el);
 +    goto out;
 +  }
 +
 +  el->name = tor_strdup(name);
 +  el->next = sb_addr_info;
 +  sb_addr_info = el;
 +
 + out:
 +  return ret;
 +}
 +
 +/**
 + * Function responsible for going through the parameter syscall filters and
 + * call each function pointer in the list.
 + */
 +static int
 +add_param_filter(scmp_filter_ctx ctx, sandbox_cfg_t* cfg)
 +{
 +  unsigned i;
 +  int rc = 0;
 +
 +  // function pointer
 +  for (i = 0; i < ARRAY_LENGTH(filter_func); i++) {
 +    if ((filter_func[i])(ctx, cfg)) {
 +      log_err(LD_BUG,"(Sandbox) failed to add syscall %d, received libseccomp "
 +          "error %d", i, rc);
 +      return rc;
 +    }
 +  }
 +
 +  return 0;
 +}
 +
 +/**
 + * Function responsible of loading the libseccomp syscall filters which do not
 + * have parameter filtering.
 + */
 +static int
 +add_noparam_filter(scmp_filter_ctx ctx)
 +{
 +  unsigned i;
 +  int rc = 0;
 +
 +  // add general filters
 +  for (i = 0; i < ARRAY_LENGTH(filter_nopar_gen); i++) {
 +    rc = seccomp_rule_add(ctx, SCMP_ACT_ALLOW, filter_nopar_gen[i], 0);
 +    if (rc != 0) {
 +      log_err(LD_BUG,"(Sandbox) failed to add syscall index %d (NR=%d), "
 +          "received libseccomp error %d", i, filter_nopar_gen[i], rc);
 +      return rc;
 +    }
 +  }
 +
 +  return 0;
 +}
 +
 +/**
 + * Function responsible for setting up and enabling a global syscall filter.
 + * The function is a prototype developed for stage 1 of sandboxing Tor.
 + * Returns 0 on success.
 + */
 +static int
 +install_syscall_filter(sandbox_cfg_t* cfg)
 +{
 +  int rc = 0;
 +  scmp_filter_ctx ctx;
 +
 +  ctx = seccomp_init(SCMP_ACT_TRAP);
 +  if (ctx == NULL) {
 +    log_err(LD_BUG,"(Sandbox) failed to initialise libseccomp context");
 +    rc = -1;
 +    goto end;
 +  }
 +
 +  // protectign sandbox parameter strings
 +  if ((rc = prot_strings(ctx, cfg))) {
 +    goto end;
 +  }
 +
 +  // add parameter filters
 +  if ((rc = add_param_filter(ctx, cfg))) {
 +    log_err(LD_BUG, "(Sandbox) failed to add param filters!");
 +    goto end;
 +  }
 +
 +  // adding filters with no parameters
 +  if ((rc = add_noparam_filter(ctx))) {
 +    log_err(LD_BUG, "(Sandbox) failed to add param filters!");
 +    goto end;
 +  }
 +
 +  // loading the seccomp2 filter
 +  if ((rc = seccomp_load(ctx))) {
 +    log_err(LD_BUG, "(Sandbox) failed to load!");
 +    goto end;
 +  }
 +
 +  // marking the sandbox as active
 +  sandbox_active = 1;
 +
 + end:
 +  seccomp_release(ctx);
 +  return (rc < 0 ? -rc : rc);
 +}
 +
- /** Additional file descriptor to use when logging seccomp2 failures */
- static int sigsys_debugging_fd = -1;
- 
- /** Use the file descriptor <b>fd</b> to log seccomp2 failures. */
- static void
- sigsys_set_debugging_fd(int fd)
- {
-   sigsys_debugging_fd = fd;
- }
- 
 +/**
 + * Function called when a SIGSYS is caught by the application. It notifies the
 + * user that an error has occurred and either terminates or allows the
 + * application to continue execution, based on the DEBUGGING_CLOSE symbol.
 + */
 +static void
 +sigsys_debugging(int nr, siginfo_t *info, void *void_context)
 +{
 +  ucontext_t *ctx = (ucontext_t *) (void_context);
-   char message[256];
-   int rv = 0, syscall, length, err;
++  char number[32];
++  int syscall;
 +  (void) nr;
 +
 +  if (info->si_code != SYS_SECCOMP)
 +    return;
 +
 +  if (!ctx)
 +    return;
 +
 +  syscall = ctx->uc_mcontext.gregs[REG_SYSCALL];
 +
-   strlcpy(message, "\n\n(Sandbox) Caught a bad syscall attempt (syscall 0x",
-           sizeof(message));
-   (void) format_hex_number_sigsafe(syscall, message+strlen(message),
-                                    sizeof(message)-strlen(message));
-   strlcat(message, ")\n", sizeof(message));
-   length = strlen(message);
- 
-   err = 0;
-   if (sigsys_debugging_fd >= 0) {
-     rv = write(sigsys_debugging_fd, message, length);
-     err += rv != length;
-   }
- 
-   rv = write(STDOUT_FILENO, message, length);
-   err += rv != length;
- 
-   if (err)
-     _exit(2);
++  format_dec_number_sigsafe(syscall, number, sizeof(number));
++  tor_log_err_sigsafe("(Sandbox) Caught a bad syscall attempt (syscall ",
++                      number,
++                      ")\n",
++                      NULL);
 +
 +#if defined(DEBUGGING_CLOSE)
 +  _exit(1);
 +#endif // DEBUGGING_CLOSE
 +}
 +
 +/**
 + * Function that adds a handler for SIGSYS, which is the signal thrown
 + * when the application is issuing a syscall which is not allowed. The
 + * main purpose of this function is to help with debugging by identifying
 + * filtered syscalls.
 + */
 +static int
 +install_sigsys_debugging(void)
 +{
 +  struct sigaction act;
 +  sigset_t mask;
 +
 +  memset(&act, 0, sizeof(act));
 +  sigemptyset(&mask);
 +  sigaddset(&mask, SIGSYS);
 +
 +  act.sa_sigaction = &sigsys_debugging;
 +  act.sa_flags = SA_SIGINFO;
 +  if (sigaction(SIGSYS, &act, NULL) < 0) {
 +    log_err(LD_BUG,"(Sandbox) Failed to register SIGSYS signal handler");
 +    return -1;
 +  }
 +
 +  if (sigprocmask(SIG_UNBLOCK, &mask, NULL)) {
 +    log_err(LD_BUG,"(Sandbox) Failed call to sigprocmask()");
 +    return -2;
 +  }
 +
 +  return 0;
 +}
 +
 +/**
 + * Function responsible of registering the sandbox_cfg_t list of parameter
 + * syscall filters to the existing parameter list. This is used for incipient
 + * multiple-sandbox support.
 + */
 +static int
 +register_cfg(sandbox_cfg_t* cfg)
 +{
 +  sandbox_cfg_t *elem = NULL;
 +
 +  if (filter_dynamic == NULL) {
 +    filter_dynamic = cfg;
 +    return 0;
 +  }
 +
 +  for (elem = filter_dynamic; elem->next != NULL; elem = elem->next);
 +
 +  elem->next = cfg;
 +
 +  return 0;
 +}
 +
 +#endif // USE_LIBSECCOMP
 +
 +#ifdef USE_LIBSECCOMP
 +/**
 + * Initialises the syscall sandbox filter for any linux architecture, taking
 + * into account various available features for different linux flavours.
 + */
 +static int
 +initialise_libseccomp_sandbox(sandbox_cfg_t* cfg)
 +{
 +  if (install_sigsys_debugging())
 +    return -1;
 +
 +  if (install_syscall_filter(cfg))
 +    return -2;
 +
 +  if (register_cfg(cfg))
 +    return -3;
 +
 +  return 0;
 +}
 +
 +#endif // USE_LIBSECCOMP
 +
 +sandbox_cfg_t*
 +sandbox_cfg_new(void)
 +{
 +  return NULL;
 +}
 +
 +int
 +sandbox_init(sandbox_cfg_t *cfg)
 +{
 +#if defined(USE_LIBSECCOMP)
 +  return initialise_libseccomp_sandbox(cfg);
 +
 +#elif defined(_WIN32)
 +  (void)cfg;
 +  log_warn(LD_BUG,"Windows sandboxing is not implemented. The feature is "
 +      "currently disabled.");
 +  return 0;
 +
 +#elif defined(TARGET_OS_MAC)
 +  (void)cfg;
 +  log_warn(LD_BUG,"Mac OSX sandboxing is not implemented. The feature is "
 +      "currently disabled");
 +  return 0;
 +#else
 +  (void)cfg;
 +  log_warn(LD_BUG,"Sandboxing is not implemented for your platform. The "
 +      "feature is currently disabled");
 +  return 0;
- #endif
- }
- 
- void
- sandbox_set_debugging_fd(int fd)
- {
- #ifdef USE_LIBSECCOMP
-   sigsys_set_debugging_fd(fd);
- #else
-   (void)fd;
 +#endif
 +}
 +
 +#ifndef USE_LIBSECCOMP
 +int
 +sandbox_cfg_allow_open_filename(sandbox_cfg_t **cfg, char *file,
 +                                int fr)
 +{
 +  (void)cfg; (void)file; (void)fr;
 +  return 0;
 +}
 +
 +int
 +sandbox_cfg_allow_open_filename_array(sandbox_cfg_t **cfg, ...)
 +{
 +  (void)cfg;
 +  return 0;
 +}
 +
 +int
 +sandbox_cfg_allow_openat_filename(sandbox_cfg_t **cfg, char *file,
 +                                  int fr)
 +{
 +  (void)cfg; (void)file; (void)fr;
 +  return 0;
 +}
 +
 +int
 +sandbox_cfg_allow_openat_filename_array(sandbox_cfg_t **cfg, ...)
 +{
 +  (void)cfg;
 +  return 0;
 +}
 +
 +int
 +sandbox_cfg_allow_execve(sandbox_cfg_t **cfg, const char *com)
 +{
 +  (void)cfg; (void)com;
 +  return 0;
 +}
 +
 +int
 +sandbox_cfg_allow_execve_array(sandbox_cfg_t **cfg, ...)
 +{
 +  (void)cfg;
 +  return 0;
 +}
 +
 +int
 +sandbox_cfg_allow_stat_filename(sandbox_cfg_t **cfg, char *file,
 +                                int fr)
 +{
 +  (void)cfg; (void)file; (void)fr;
 +  return 0;
 +}
 +
 +int
 +sandbox_cfg_allow_stat_filename_array(sandbox_cfg_t **cfg, ...)
 +{
 +  (void)cfg;
 +  return 0;
 +}
 +#endif
  
diff --cc src/common/sandbox.h
index 1d39be4,54f16ec..d64d427
--- a/src/common/sandbox.h
+++ b/src/common/sandbox.h
@@@ -135,116 -46,9 +135,113 @@@ typedef struct 
  
  #endif
  
 -#endif // __linux__
 +#endif // USE_LIBSECCOMP
 +
 +#ifdef USE_LIBSECCOMP
 +/** Pre-calls getaddrinfo in order to pre-record result. */
 +int sandbox_add_addrinfo(const char *addr);
 +
 +struct addrinfo;
 +/** Replacement for getaddrinfo(), using pre-recorded results. */
 +int sandbox_getaddrinfo(const char *name, const char *servname,
 +                        const struct addrinfo *hints,
 +                        struct addrinfo **res);
 +#else
 +#define sandbox_getaddrinfo(name, servname, hints, res)  \
 +  getaddrinfo((name),(servname), (hints),(res))
 +#define sandbox_add_addrinfo(name) \
 +  ((void)(name))
 +#endif
 +
- /** Use <b>fd</b> to log non-survivable sandbox violations. */
- void sandbox_set_debugging_fd(int fd);
- 
 +#ifdef USE_LIBSECCOMP
 +/** Returns a registered protected string used with the sandbox, given that
 + * it matches the parameter.
 + */
 +const char* sandbox_intern_string(const char *param);
 +#else
 +#define sandbox_intern_string(s) (s)
 +#endif
 +
 +/** Creates an empty sandbox configuration file.*/
 +sandbox_cfg_t * sandbox_cfg_new(void);
 +
 +/**
 + * Function used to add a open allowed filename to a supplied configuration.
 + * The (char*) specifies the path to the allowed file, fr = 1 tells the
 + * function that the char* needs to be free-ed, 0 means the pointer does not
 + * need to be free-ed.
 + */
 +int sandbox_cfg_allow_open_filename(sandbox_cfg_t **cfg, char *file,
 +    int fr);
 +
 +/** Function used to add a series of open allowed filenames to a supplied
 + * configuration.
 + *  @param cfg  sandbox configuration.
 + *  @param ... all future parameters are specified as pairs of <(char*), 1 / 0>
 + *    the char* specifies the path to the allowed file, 1 tells the function
 + *    that the char* needs to be free-ed, 0 means the pointer does not need to
 + *    be free-ed; the final parameter needs to be <NULL, 0>.
 + */
 +int sandbox_cfg_allow_open_filename_array(sandbox_cfg_t **cfg, ...);
 +
 +/**
 + * Function used to add a openat allowed filename to a supplied configuration.
 + * The (char*) specifies the path to the allowed file, fr = 1 tells the
 + * function that the char* needs to be free-ed, 0 means the pointer does not
 + * need to be free-ed.
 + */
 +int sandbox_cfg_allow_openat_filename(sandbox_cfg_t **cfg, char *file,
 +    int fr);
 +
 +/** Function used to add a series of openat allowed filenames to a supplied
 + * configuration.
 + *  @param cfg  sandbox configuration.
 + *  @param ... all future parameters are specified as pairs of <(char*), 1 / 0>
 + *    the char* specifies the path to the allowed file, 1 tells the function
 + *    that the char* needs to be free-ed, 0 means the pointer does not need to
 + *    be free-ed; the final parameter needs to be <NULL, 0>.
 + */
 +int sandbox_cfg_allow_openat_filename_array(sandbox_cfg_t **cfg, ...);
 +
 +/**
 + * Function used to add a execve allowed filename to a supplied configuration.
 + * The (char*) specifies the path to the allowed file, fr = 1 tells the
 + * function that the char* needs to be free-ed, 0 means the pointer does not
 + * need to be free-ed.
 + */
 +int sandbox_cfg_allow_execve(sandbox_cfg_t **cfg, const char *com);
 +
 +/** Function used to add a series of execve allowed filenames to a supplied
 + * configuration.
 + *  @param cfg  sandbox configuration.
 + *  @param ... all future parameters are specified as pairs of <(char*), 1 / 0>
 + *    the char* specifies the path to the allowed file, 1 tells the function
 + *    that the char* needs to be free-ed, 0 means the pointer does not need to
 + *    be free-ed; the final parameter needs to be <NULL, 0>.
 + */
 +int sandbox_cfg_allow_execve_array(sandbox_cfg_t **cfg, ...);
 +
 +/**
 + * Function used to add a stat/stat64 allowed filename to a configuration.
 + * The (char*) specifies the path to the allowed file, fr = 1 tells the
 + * function that the char* needs to be free-ed, 0 means the pointer does not
 + * need to be free-ed.
 + */
 +int sandbox_cfg_allow_stat_filename(sandbox_cfg_t **cfg, char *file,
 +    int fr);
 +
 +/** Function used to add a series of stat64 allowed filenames to a supplied
 + * configuration.
 + *  @param cfg  sandbox configuration.
 + *  @param ... all future parameters are specified as pairs of <(char*), 1 / 0>
 + *    the char* specifies the path to the allowed file, 1 tells the function
 + *    that the char* needs to be free-ed, 0 means the pointer does not need to
 + *    be free-ed; the final parameter needs to be <NULL, 0>.
 + */
 +int sandbox_cfg_allow_stat_filename_array(sandbox_cfg_t **cfg, ...);
  
 -int tor_global_sandbox(void);
 +/** Function used to initialise a sandbox configuration.*/
 +int sandbox_init(sandbox_cfg_t* cfg);
  
  #endif /* SANDBOX_H_ */
  
diff --cc src/common/util.c
index 0771c94,cb23e7e..17d6c22
--- a/src/common/util.c
+++ b/src/common/util.c
@@@ -24,7 -24,7 +24,8 @@@
  #include "torint.h"
  #include "container.h"
  #include "address.h"
- #include "../common/sandbox.h"
++#include "sandbox.h"
+ #include "backtrace.h"
  
  #ifdef _WIN32
  #include <io.h>
diff --cc src/or/main.c
index aa56425,a8f1c23..e14001f
--- a/src/or/main.c
+++ b/src/or/main.c
@@@ -10,9 -10,9 +10,10 @@@
   * connections, implements main loop, and drives scheduled events.
   **/
  
 +#define MAIN_PRIVATE
  #include "or.h"
  #include "addressmap.h"
+ #include "backtrace.h"
  #include "buffers.h"
  #include "channel.h"
  #include "channeltls.h"
@@@ -2330,13 -2305,18 +2331,14 @@@ handle_signals(int is_parent
  int
  tor_init(int argc, char *argv[])
  {
-   char buf[256];
+   char progname[256];
 -  int i, quiet = 0;
 +  int quiet = 0;
++
    time_of_process_start = time(NULL);
 -  if (!connection_array)
 -    connection_array = smartlist_new();
 -  if (!closeable_connection_lst)
 -    closeable_connection_lst = smartlist_new();
 -  if (!active_linked_connection_lst)
 -    active_linked_connection_lst = smartlist_new();
 +  init_connection_lists();
    /* Have the log set up with our application name. */
-   tor_snprintf(buf, sizeof(buf), "Tor %s", get_version());
-   log_set_application_name(buf);
+   tor_snprintf(progname, sizeof(progname), "Tor %s", get_version());
+   log_set_application_name(progname);
    /* Initialize the history structures. */
    rep_hist_init();
    /* Initialize the service cache. */
diff --cc src/test/include.am
index 5510293,e879c20..c16dd14
--- a/src/test/include.am
+++ b/src/test/include.am
@@@ -28,8 -26,8 +28,9 @@@ src_test_test_SOURCES = 
  	src/test/test_cell_queue.c \
  	src/test/test_data.c \
  	src/test/test_dir.c \
 +	src/test/test_extorport.c \
  	src/test/test_introduce.c \
+ 	src/test/test_logging.c \
  	src/test/test_microdesc.c \
  	src/test/test_options.c \
  	src/test/test_pt.c \
@@@ -75,22 -74,14 +76,33 @@@ src_test_test_ntor_cl_LDADD = src/or/li
  	@TOR_OPENSSL_LIBS@ @TOR_LIB_WS32@ @TOR_LIB_GDI@ @CURVE25519_LIBS@
  src_test_test_ntor_cl_AM_CPPFLAGS =	       \
  	-I"$(top_srcdir)/src/or"
 +NTOR_TEST_DEPS=src/test/test-ntor-cl
 +else
 +NTOR_TEST_DEPS=
 +endif
  
 +if COVERAGE_ENABLED
 +CMDLINE_TEST_TOR = ./src/or/tor-cov
 +else
 +CMDLINE_TEST_TOR = ./src/or/tor
  endif
  
+ noinst_PROGRAMS += src/test/test-bt-cl
+ src_test_test_bt_cl_SOURCES = src/test/test_bt_cl.c
+ src_test_test_bt_cl_LDADD = src/common/libor-testing.a \
+ 	@TOR_LIB_MATH@ \
+ 	@TOR_LIB_WS32@ @TOR_LIB_GDI@
+ src_test_test_bt_cl_CFLAGS = $(AM_CFLAGS) $(TEST_CFLAGS)
+ src_test_test_bt_cl_CPPFLAGS= $(src_test_AM_CPPFLAGS)
+ 
++
 +check-local: $(NTOR_TEST_DEPS) $(CMDLINE_TEST_TOR)
 +if USEPYTHON
 +	$(PYTHON) $(top_srcdir)/src/test/test_cmdline_args.py $(CMDLINE_TEST_TOR) "${top_srcdir}"
 +if CURVE25519_ENABLED
 +	$(PYTHON) $(top_srcdir)/src/test/ntor_ref.py test-tor
 +	$(PYTHON) $(top_srcdir)/src/test/ntor_ref.py self-test
 +endif
++	./src/test/test-bt-cl assert | $(PYTHON) $(top_srcdir)/src/test/bt_test.py
++	./src/test/test-bt-cl crash | $(PYTHON) $(top_srcdir)/src/test/bt_test.py
 +endif
diff --cc src/test/test.c
index 562de48,ae4ab44..752f8d7
--- a/src/test/test.c
+++ b/src/test/test.c
@@@ -1618,9 -2136,8 +1618,11 @@@ extern struct testcase_t circuitlist_te
  extern struct testcase_t circuitmux_tests[];
  extern struct testcase_t cell_queue_tests[];
  extern struct testcase_t options_tests[];
 +extern struct testcase_t socks_tests[];
 +extern struct testcase_t extorport_tests[];
 +extern struct testcase_t controller_event_tests[];
+ extern struct testcase_t logging_tests[];
+ extern struct testcase_t backtrace_tests[];
  
  static struct testgroup_t testgroups[] = {
    { "", test_array },






More information about the tor-commits mailing list