The Tor Project issueshttps://gitlab.torproject.org/groups/tpo/-/issues2020-06-27T13:49:05Zhttps://gitlab.torproject.org/tpo/core/tor/-/issues/32175test_options.c uses some very wonky options objects.2020-06-27T13:49:05ZNick Mathewsontest_options.c uses some very wonky options objects.In test_options, see this unfortunate comment:
```
// XXX: Really, all of these options should be set to defaults
// with options_init(), but about a dozen tests break when I do that.
```
This is something we need to fix to make th...In test_options, see this unfortunate comment:
```
// XXX: Really, all of these options should be set to defaults
// with options_init(), but about a dozen tests break when I do that.
```
This is something we need to fix to make the options tests reasonable.Tor: 0.4.3.x-finalNick MathewsonNick Mathewsonhttps://gitlab.torproject.org/tpo/core/tor/-/issues/32172port test suite to Android to run in emulator2020-06-27T13:49:05Zeighthaveport test suite to Android to run in emulatorAttached is the first stab at getting something from the test suite running in Android.
* there is no /tmp on Android, there is /data/local/tmp for root and the shell user
* no use in testing the user ID stuff, Android apps cannot ever ...Attached is the first stab at getting something from the test suite running in Android.
* there is no /tmp on Android, there is /data/local/tmp for root and the shell user
* no use in testing the user ID stuff, Android apps cannot ever change users
To get the full suite running, there will need to be larger changes:
* either switch Python code to plain _sh_ or hack to get Python running in Android emulator
* port _sh_ scripts to Android, it is not a full UNIX environment, so things like _printf_ and others are not always there.
* the shebang will need to be settable to `#!/system/bin/sh` or the tests need to be executed using `sh test_keygen.sh`Tor: 0.4.3.x-finalhttps://gitlab.torproject.org/tpo/core/tor/-/issues/32170update geoip && geoip6 to October 15 2019 database2020-06-27T13:49:05Zteorupdate geoip && geoip6 to October 15 2019 databaseWe've had a first-time contributor submit a GeoIP update pull request:
https://github.com/torproject/tor/pull/1428
But we just had one a few weeks ago, so I am not sure if it is needed.We've had a first-time contributor submit a GeoIP update pull request:
https://github.com/torproject/tor/pull/1428
But we just had one a few weeks ago, so I am not sure if it is needed.Tor: 0.4.3.x-finalNick MathewsonNick Mathewsonhttps://gitlab.torproject.org/tpo/core/tor/-/issues/32167Documentation error on app/config/config.c2020-06-27T13:49:05ZTracDocumentation error on app/config/config.chttps://gitweb.torproject.org/tor.git/tree/src/app/config/config.c#n25
The or_options_t structure in or.h, where the options are stored.
The documentation is out-of-date, or.h should be or_options_st.h
**Trac**:
**Username**: willbarrhttps://gitweb.torproject.org/tor.git/tree/src/app/config/config.c#n25
The or_options_t structure in or.h, where the options are stored.
The documentation is out-of-date, or.h should be or_options_st.h
**Trac**:
**Username**: willbarrTor: 0.4.3.x-finalhttps://gitlab.torproject.org/tpo/core/tor/-/issues/32163Stop using HAVE_MODULE_{DIRAUTH,RELAY} inside functions2020-06-27T13:49:05ZteorStop using HAVE_MODULE_{DIRAUTH,RELAY} inside functionsIn doc/HACKING/Modules.md, we say that we don't use module macros inside functions. But HAVE_MODULE_DIRAUTH and HAVE_MODULE_RELAY are used inside a few functions.
We should stop using HAVE_MODULE_DIRAUTH and HAVE_MODULE_RELAY inside fun...In doc/HACKING/Modules.md, we say that we don't use module macros inside functions. But HAVE_MODULE_DIRAUTH and HAVE_MODULE_RELAY are used inside a few functions.
We should stop using HAVE_MODULE_DIRAUTH and HAVE_MODULE_RELAY inside functions, or update the documentation to say "avoid using".Tor: 0.4.3.x-finalteorteorhttps://gitlab.torproject.org/tpo/core/tor/-/issues/32162Make router.c relay-only2021-11-06T12:58:19ZteorMake router.c relay-onlyIn legacy/trac#32123, we disabled one function in router.c when the relay module is disabled.
But we should disable the whole file.In legacy/trac#32123, we disabled one function in router.c when the relay module is disabled.
But we should disable the whole file.Nick MathewsonNick Mathewsonhttps://gitlab.torproject.org/tpo/core/tor/-/issues/32158vanguards: 'exit circ' always only '(length 3', 'internal circ' fine with '(l...2020-07-30T18:58:55Zcypherpunksvanguards: 'exit circ' always only '(length 3', 'internal circ' fine with '(length 4' and 5
Running vanguards addon in my Tor client (not server).
Dates and actual nodes (manually) scrambled.
tail -300000 log | grep -A3000 'Oct 13' | grep '(length 5\|(length 4\|(length 3' | grep 'exit circ' | grep -v '(length 3'
[no output...
Running vanguards addon in my Tor client (not server).
Dates and actual nodes (manually) scrambled.
tail -300000 log | grep -A3000 'Oct 13' | grep '(length 5\|(length 4\|(length 3' | grep 'exit circ' | grep -v '(length 3'
[no output]
tail -300000 log | grep -A3000 'Oct 13' | grep 'exit circ (length' | head -7
Oct 13 06:59:11.900 [info] exit circ (length 3, last hop B1111111111111): $29999999999999BBBBBBBBBBBBBBBBCCCCCCC331(open) $2DDAA9999999999999BBBBBBBBBBBBBBBBCCC331(closed) $2DDAA9911111111999BBBBBBBBBBBBBBBBCCC331(closed)
Oct 13 06:59:12.000 [info] exit circ (length 3, last hop n22222222222222): $2DDAA9911111111999BBBBBB333333333BCCC331(open) $2DDAA9911111111999BBBB999999999933CCC331(closed) $2DDAA9911111111999BBBBBB3333333333CCC331(closed)
Oct 13 06:59:12.050 [info] exit circ (length 3, last hop B1111111111111): $29999999999999BBBBBBBBBBBBBBBBCCCCCCC331(open) $2DDAA9999999999999BBBBBBBBBBBBBBBBCCC331(open) $2DDAA9911111111999BBBBBBBBBBBBBBBBCCC331(closed)
Oct 13 06:59:12.100 [info] exit circ (length 3, last hop n22222222222222): $2DDAA9911111111999BBBBBB333333333BCCC331(open) $2DDAA9911111111999BBBB999999999933CCC331(open) $2DDAA9911111111999BBBBBB3333333333CCC331(closed)
Oct 13 06:59:12.150 [info] exit circ (length 3, last hop B1111111111111): $29999999999999BBBBBBBBBBBBBBBBCCCCCCC331(open) $2DDAA9999999999999BBBBBBBBBBBBBBBBCCC331(open) $2DDAA9911111111999BBBBBBBBBBBBBBBBCCC331(open)
Oct 13 06:59:12.150 [info] exit circ (length 3): $29999999999999BBBBBBBBBBBBBBBBCCCCCCC331(open) $2DDAA9999999999999BBBBBBBBBBBBBBBBCCC331(open) $2DDAA9911111111999BBBBBBBBBBBBBBBBCCC331(open)
Oct 13 06:59:12.250 [info] exit circ (length 3, last hop n22222222222222): $2DDAA9911111111999BBBBBB333333333BCCC331(open) $2DDAA9911111111999BBBB999999999933CCC331(open) $2DDAA9911111111999BBBBBB3333333333CCC331(open)
tail -300000 log | grep -A3000 'Oct 13' | grep 'exit circ (length' | tail -7
Oct 13 17:58:24.550 [info] exit circ (length 3): $29999999999999BBBBBBBBBBBBBBBBCCCCCCC331(open) $2DDAA9911111111999BBBBBBBBB9999933CCC331open) $1111111117777777777777788889999933CCC222(open)
Oct 13 17:58:24.700 [info] exit circ (length 3): $29999999999999BBBBBBBBBBBBBBBBCCCCCCC331(open) $2DDAA9911111111999BBBBBBBBB9999933CCC331open) $1111111117777777777777788889999933CCC222(open)
Oct 13 17:58:30.700 [info] exit circ (length 3): $29999999999999BBBBBBBBBBBBBBBBCCCCCCC331(open) $2DDAA9911111111999BBBBBBBBB9999933CCC331open) $1111111117777777777777788889999933CCC222(open)
Oct 13 17:58:30.850 [info] exit circ (length 3): $29999999999999BBBBBBBBBBBBBBBBCCCCCCC331(open) $2DDAA9911111111999BBBBBBBBB9999933CCC331open) $1111111117777777777777788889999933CCC222(open)
Oct 13 18:01:03.350 [info] exit circ (length 3, last hop Dd8d8d8): $2DDAA9911111111999BBBBBB333333333BCCC331(open) $2DDAA99118888888888888888889999933CCC331(closed) $2DDAA9911111999999999B9999933CCC331(closed)
Oct 13 18:01:03.400 [info] exit circ (length 3, last hop Dd8d8d8): $2DDAA9911111111999BBBBBB333333333BCCC331(open) $2DDAA99118888888888888888889999933CCC331(open) $2DDAA9911111999999999B9999933CCC331(closed)
Oct 13 18:01:03.650 [info] exit circ (length 3, last hop Dd8d8d8): $2DDAA9911111111999BBBBBB333333333BCCC331(open) $2DDAA99118888888888888888889999933CCC331(open) $2DDAA9911111999999999B9999933CCC331(open)
tail -300000 log | grep -A3000 'Oct 13' | grep 'exit circ (length' | sed 's/.*\(exit circ (length.*\)/\1/' | uniq | wc -l
472
tail -300000 log | grep -A3000 'Oct 13' | grep 'exit circ (length' | sed 's/.*\(exit circ (length.*\)/\1/' | uniq
exit circ (length 3, last hop B1111111111111): $29999999999999BBBBBBBBBBBBBBBBCCCCCCC331(open) $2DDAA9999999999999BBBBBBBBBBBBBBBBCCC331(closed) $2DDAA9911111111999BBBBBBBBBBBBBBBBCCC331(closed)
exit circ (length 3, last hop n22222222222222): $2DDAA9911111111999BBBBBB333333333BCCC331(open) $2DDAA9911111111999BBBB999999999933CCC331(closed) $2DDAA9911111111999BBBBBB3333333333CCC331(closed)
exit circ (length 3, last hop B1111111111111): $29999999999999BBBBBBBBBBBBBBBBCCCCCCC331(open) $2DDAA9999999999999BBBBBBBBBBBBBBBBCCC331(open) $2DDAA9911111111999BBBBBBBBBBBBBBBBCCC331(closed)
exit circ (length 3, last hop n22222222222222): $2DDAA9911111111999BBBBBB333333333BCCC331(open) $2DDAA9911111111999BBBB999999999933CCC331(open) $2DDAA9911111111999BBBBBB3333333333CCC331(closed)
exit circ (length 3, last hop B1111111111111): $29999999999999BBBBBBBBBBBBBBBBCCCCCCC331(open) $2DDAA9999999999999BBBBBBBBBBBBBBBBCCC331(open) $2DDAA9911111111999BBBBBBBBBBBBBBBBCCC331(open)
exit circ (length 3): $1111111118888888888888888889999933CCC331(open) $61F3A840F61EEFFF682C6243534ECEB09ADFE3B3(open) $1111111118888888888888888889999933CCC222(open)
exit circ (length 3): $1111111118888888888888888889999933CCC331(open) $61F3A840F61EEFFF682C6243534ECEB09ADFE3B3(open) $1111111118888888888888888889999933CCC222(open)
exit circ (length 3): $1111111118888888888888888889999933CCC331(open) $61F3A840F61EEFFF682C6243534ECEB09ADFE3B3(open) $1111111118888888888888888889999933CCC222(open)
exit circ (length 3): $1111111118888888888888888889999933CCC331(open) $61F3A840F61EEFFF682C6243534ECEB09ADFE3B3(open) $1111111118888888888888888889999933CCC222(open)
exit circ (length 3): $1111111118888888888888888889999933CCC331(open) $61F3A840F61EEFFF682C6243534ECEB09ADFE3B3(open) $1111111118888888888888888889999933CCC222(open)
exit circ (length 3): $29999999999999BBBBBBBBBBBBBBBBCCCCCCC331(open) $2DDAA9911111111999BBBBBBBBB9999933CCC331open) $1111111117777777777777788889999933CCC222(open)
exit circ (length 3, last hop Dd8d8d8): $2DDAA9911111111999BBBBBB333333333BCCC331(open) $2DDAA99118888888888888888889999933CCC331(closed) $2DDAA9911111999999999B9999933CCC331(closed)
exit circ (length 3, last hop Dd8d8d8): $2DDAA9911111111999BBBBBB333333333BCCC331(open) $2DDAA99118888888888888888889999933CCC331(open) $2DDAA9911111999999999B9999933CCC331(closed)
exit circ (length 3, last hop Dd8d8d8): $2DDAA9911111111999BBBBBB333333333BCCC331(open) $2DDAA99118888888888888888889999933CCC331(open) $2DDAA9911111999999999B9999933CCC331(open)
--------
Now grepping logs for 'internal circ'
tail -300000 log | grep -A3000 'Oct 13' | grep '(length 5\|(length 4\|(length 3' | grep 'internal circ' | grep '(length 3'
[no output, the opposite!]
tail -300000 log | grep -A3000 'Oct 13' | grep '(length 5\|(length 4\|(length 3' | grep 'internal circ' | grep '(length 4' | wc -l
2943
tail -300000 log | grep -A3000 'Oct 13' | grep '(length 5\|(length 4\|(length 3' | grep 'internal circ' | grep '(length 5' | wc -l
1759
tail -300000 log | grep -A3000 'Oct 13' | grep 'internal circ (length' | head -7
Oct 13 06:59:11.000 [info] internal circ (length 1, last hop B393939393939): $29999999999999BBBBBBBBBBBBBBBBCCCCCCC331(open)
Oct 13 06:59:11.000 [info] internal circ (length 1): $29999999999999BBBBBBBBBBBBBBBBCCCCCCC331(open)
Oct 13 06:59:11.100 [info] internal circ (length 1): $29999999999999BBBBBBBBBBBBBBBBCCCCCCC331(open)
Oct 13 06:59:11.900 [info] internal circ (length 4, last hop BobsHouseLU04): $29999999999999BBBBBBBBBBBBBBBBCCCCCCC331(open) $1111111117777755555555555555999933CCC222(closed) $DBE82FA23B9FE3CB2462A6FCF5289DED3CBF4AEE(closed) $F9A9E0968D512A22B8967C5458D5B0163C11F856(closed)
Oct 13 06:59:11.900 [info] internal circ (length 5, last hop $111111111777775511111111111111111111C222): $29999999999999BBBBBBBBBBBBBBBBCCCCCCC331(open) $C2D85BC549361717FDEFAE89607F4A9DF2D4C0E4(closed) $FFF78C44BA6E6B6F7525095BBE14EF7CBEB89744(closed) $AFC69ACD47E4CBD5CF8EA47F9B5622C91BF2DA60(closed) $111111111777775511111111111111111111C222(closed)
Oct 13 06:59:12.000 [info] internal circ (length 5, last hop $111111111777775511111111111111111111C222): $29999999999999BBBBBBBBBBBBBBBBCCCCCCC331(open) $C2D85BC549361717FDEFAE89607F4A9DF2D4C0E4(open) $FFF78C44BA6E6B6F7525095BBE14EF7CBEB89744(closed) $AFC69ACD47E4CBD5CF8EA47F9B5622C91BF2DA60(closed) $111111111777775511111111111111111111C222(closed)
Oct 13 06:59:12.000 [info] internal circ (length 4, last hop BobsHouseLU04): $29999999999999BBBBBBBBBBBBBBBBCCCCCCC331(open) $1111111117777755555555555555999933CCC222(open) $DBE82FA23B9FE3CB2462A6FCF5289DED3CBF4AEE(closed) $F9A9E0968D512A22B8967C5458D5B0163C11F856(closed)
tail -300000 log | grep -A3000 'Oct 13' | grep 'exit circ (length' | sed 's/.*\(exit circ (length.*\)/\1/' | uniq | wc -l
internal circ (length 1, last hop B393939393939): $29999999999999BBBBBBBBBBBBBBBBCCCCCCC331(open)
internal circ (length 1): $29999999999999BBBBBBBBBBBBBBBBCCCCCCC331(open)
internal circ (length 1): $29999999999999BBBBBBBBBBBBBBBBCCCCCCC331(open)
internal circ (length 4, last hop BobsHouseLU04): $29999999999999BBBBBBBBBBBBBBBBCCCCCCC331(open) $1111111117777755555555555555999933CCC222(closed) $DBE82FA23B9FE3CB2462A6FCF5289DED3CBF4AEE(closed) $F9A9E0968D512A22B8967C5458D5B0163C11F856(closed)
internal circ (length 5, last hop $111111111777775511111111111111111111C222): $29999999999999BBBBBBBBBBBBBBBBCCCCCCC331(open) $C2D85BC549361717FDEFAE89607F4A9DF2D4C0E4(closed) $FFF78C44BA6E6B6F7525095BBE14EF7CBEB89744(closed) $AFC69ACD47E4CBD5CF8EA47F9B5622C91BF2DA60(closed) $111111111777775511111111111111111111C222(closed)
...
internal circ (length 4): $29999999999999BBBBBBBBBBBBBBBBCCCCCCC331(open) $70F09E981D6D4A34A35F248F0C873CBA356A0612(open) $58BC63142C881F88D08E071DEB63DBA09DE62141(open) $322C6E3A973BC10FC36DE3037AD27BC89F14723B(open)
internal circ (length 4): $29999999999999BBBBBBBBBBBBBBBBCCCCCCC331(open) $70F09E981D6D4A34A35F248F0C873CBA356A0612(open) $58BC63142C881F88D08E071DEB63DBA09DE62141(open) $322C6E3A973BC10FC36DE3037AD27BC89F14723B(open)
internal circ (length 4): $29999999999999BBBBBBBBBBBBBBBBCCCCCCC331(open) $70F09E981D6D4A34A35F248F0C873CBA356A0612(open) $58BC63142C881F88D08E071DEB63DBA09DE62141(open) $322C6E3A973BC10FC36DE3037AD27BC89F14723B(open)
internal circ (length 4): $29999999999999BBBBBBBBBBBBBBBBCCCCCCC331(open) $70F09E981D6D4A34A35F248F0C873CBA356A0612(open) $58BC63142C881F88D08E071DEB63DBA09DE62141(open) $322C6E3A973BC10FC36DE3037AD27BC89F14723B(open)
internal circ (length 4): $29999999999999BBBBBBBBBBBBBBBBCCCCCCC331(open) $70F09E981D6D4A34A35F248F0C873CBA356A0612(open) $58BC63142C881F88D08E071DEB63DBA09DE62141(open) $322C6E3A973BC10FC36DE3037AD27BC89F14723B(open)
...
internal circ (length 1): $2DDAA9911111111999BBBBBB333333333BCCC331(open)
internal circ (length 1): $2DDAA9911111111999BBBBBB333333333BCCC331(open)
internal circ (length 1, last hop B393939393939): $29999999999999BBBBBBBBBBBBBBBBCCCCCCC331(open)
internal circ (length 1): $29999999999999BBBBBBBBBBBBBBBBCCCCCCC331(open)
internal circ (length 1): $29999999999999BBBBBBBBBBBBBBBBCCCCCCC331(open)
I hope this is still realistic enough (I even did leave a few nodes unmodified). I hope Mike and the Tor Team can fix this.
Regards!https://gitlab.torproject.org/tpo/core/tor/-/issues/32141single onion v3 IPv6 intro circuit BUG() warnings2021-06-23T17:23:06Zteorsingle onion v3 IPv6 intro circuit BUG() warningsLooks like some of our assertions are wrong in single onion IPv6 mode, but chutney still succeeds:
```
Warning: Bug: Tor 0.4.3.0-alpha-dev (git-d616214e474084fd): Non-fatal assertion !(!hs_ident_intro_circ_is_valid(circ->hs_ident)) fail...Looks like some of our assertions are wrong in single onion IPv6 mode, but chutney still succeeds:
```
Warning: Bug: Tor 0.4.3.0-alpha-dev (git-d616214e474084fd): Non-fatal assertion !(!hs_ident_intro_circ_is_valid(circ->hs_ident)) failed in intro_circ_is_ok at src/feature/hs/hs_client.c:491. Stack trace: (on Tor 0.4.3.0-alpha-dev d616214e474084fd) Number: 1
Warning: Bug: Tor 0.4.3.0-alpha-dev (git-d616214e474084fd): Non-fatal assertion !(desc == NULL) failed in setup_intro_circ_auth_key at src/feature/hs/hs_client.c:685. Stack trace: (on Tor 0.4.3.0-alpha-dev d616214e474084fd) Number: 1
Warning: tor_bug_occurred_: Bug: src/feature/hs/hs_client.c:491: intro_circ_is_ok: Non-fatal assertion !(!hs_ident_intro_circ_is_valid(circ->hs_ident)) failed. (Future instances of this warning will be silenced.) (on Tor 0.4.3.0-alpha-dev d616214e474084fd) Number: 1
Warning: tor_bug_occurred_: Bug: src/feature/hs/hs_client.c:685: setup_intro_circ_auth_key: Non-fatal assertion !(desc == NULL) failed. (Future instances of this warning will be silenced.) (on Tor 0.4.3.0-alpha-dev d616214e474084fd) Number: 1
```
https://travis-ci.org/torproject/tor/jobs/599435523#L3431Tor: 0.4.2.x-finalDavid Gouletdgoulet@torproject.orgDavid Gouletdgoulet@torproject.orghttps://gitlab.torproject.org/tpo/core/tor/-/issues/32139Disable all dirauth options when those modules are disabled2021-09-16T14:22:37ZteorDisable all dirauth options when those modules are disabledHere's what we want to change in this ticket:
* --disable-module-dirauth (and, by implication, --disable-module-relay)
* Disables *AuthoritativeDir*, and MinUptimeHidServDirectoryV2 options
* Maybe these options should move under ...Here's what we want to change in this ticket:
* --disable-module-dirauth (and, by implication, --disable-module-relay)
* Disables *AuthoritativeDir*, and MinUptimeHidServDirectoryV2 options
* Maybe these options should move under Directory Authority Server Options in the man page
* Disables all the options under Directory Authority Server Optionshttps://gitlab.torproject.org/tpo/core/tor/-/issues/32137Split {feature,core,app}/*/include.am out of core/include.am2020-06-27T13:49:07ZteorSplit {feature,core,app}/*/include.am out of core/include.amIt seems a bit weird that we're missing feature/include.am, maybe it's time to fix that.It seems a bit weird that we're missing feature/include.am, maybe it's time to fix that.Tor: 0.4.3.x-finalNick MathewsonNick Mathewsonhttps://gitlab.torproject.org/tpo/core/tor/-/issues/32124Interpret --disable-module-dirauth=no correctly2020-07-14T18:40:29ZteorInterpret --disable-module-dirauth=no correctlyCurrently, we treat --disable-module-dirauth=no as enabling the C macro, but disabling the Makefile variable.
Apparently lots of people make this mistake:
```
The most common mistake for this macro is to consider the two actions as acti...Currently, we treat --disable-module-dirauth=no as enabling the C macro, but disabling the Makefile variable.
Apparently lots of people make this mistake:
```
The most common mistake for this macro is to consider the two actions as action-if-enabled and action-if-disabled.
This is not the case!
Since using --disable-foo or --enable-foo=no are equivalent, for the macro, you cannot really use this macro with those meanings.
```
https://autotools.io/autoconf/arguments.html
I don't know if we should backport this change, it just didn't work before, so maybe it should just go in master?Tor: 0.4.2.x-finalteorteorhttps://gitlab.torproject.org/tpo/core/tor/-/issues/32123Implement minimal --disable-relay-mode2020-06-27T13:49:07ZteorImplement minimal --disable-relay-modeAdd:
* --disable-relay-mode
* Build tor with relay mode disabled: tor can not run as a relay, bridge, or authority. Implies --disable-dirauth-mode.
* disable DirPort, DirCache, ORPort, and sets ClientOnly to 1
* pick one quick mod...Add:
* --disable-relay-mode
* Build tor with relay mode disabled: tor can not run as a relay, bridge, or authority. Implies --disable-dirauth-mode.
* disable DirPort, DirCache, ORPort, and sets ClientOnly to 1
* pick one quick module/function to disable
Update:
* --disable-dirauth-mode
* hidden alias --disable-module-dirauth
* Build tor with authority mode disabled: tor can not run as a directory authority or bridge authority.Tor: 0.4.3.x-finalteorteorhttps://gitlab.torproject.org/tpo/core/tor/-/issues/32122Add tests for the git scripts2022-06-16T18:02:36ZteorAdd tests for the git scriptsIf we have time, we might want to add tests and CI for the git scripts. Here are the ones I used to test legacy/trac#29603:
```
$ TOR_FULL_GIT_PATH=/tmp/test-origin git-setup-dirs.sh
$ TOR_FULL_GIT_PATH=/tmp/test-upstream TOR_UPSTREAM_R...If we have time, we might want to add tests and CI for the git scripts. Here are the ones I used to test legacy/trac#29603:
```
$ TOR_FULL_GIT_PATH=/tmp/test-origin git-setup-dirs.sh
$ TOR_FULL_GIT_PATH=/tmp/test-upstream TOR_UPSTREAM_REMOTE_NAME=upstream git-setup-dirs.sh
$ TOR_FULL_GIT_PATH=/tmp/test-wkt TOR_WKT_NAME=. TOR_MASTER_NAME=master git-setup-dirs.sh
```
We might also want to test them with -n, -u, git-pull-all.sh, and git-merge-forward.sh.https://gitlab.torproject.org/tpo/core/tor/-/issues/32115Hidden Service in TestingTorNetwork connected to non-Exit Nodes2020-06-27T13:49:07ZTracHidden Service in TestingTorNetwork connected to non-Exit NodesHi folks,
I set up a testing environment made of lxd containers on Ubuntu 18.04. Each container is based on the Ubuntu 18.04 image and runs Tor version 0.4.1.6.
Specifically, I have the following running machines:
* 3 Authorities (nam...Hi folks,
I set up a testing environment made of lxd containers on Ubuntu 18.04. Each container is based on the Ubuntu 18.04 image and runs Tor version 0.4.1.6.
Specifically, I have the following running machines:
* 3 Authorities (named as TorAuthoritity[01,02,03])
* 3 Exit Relays (named as TorRelay[01,02,03]Exit)
* 3 non-Exit Relays (named as TorRelay[04,05,06])
* 1 Hidden Service (named as TorHs01)
* 1 Client (named as TorClient01)
The torrc file has the "TestingTorNetwork 1" configuration value.
Moreover, only the torrc of Exit Relays has the following configuration values:
ExitRelay 1 ExitPolicy accept *:*
whereas all the other torrc files (i.e., Authorities and non-Exit Relays) have the following configuration values:
ExitRelay 0 ExitPolicy reject *:*
All the Tor relays and hidden service are configured in order to use the three Authorities
However, I noticed that the Hidden Service is always connected to one or more non-Exit Relays whereas I expected to see only connections to Exit Relays.
For example, by running the command `lsof -i` on the container providing the Hidden Service, I get the following result:
root@TorHs01:~# lsof -i COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME systemd-n 180 systemd-network 14u IPv4 128314 0t0 UDP TorHs01.lxd:bootpc systemd-r 182 systemd-resolve 12u IPv4 52219 0t0 UDP !localhost:domain systemd-r 182 systemd-resolve 13u IPv4 52240 0t0 TCP !localhost:domain (LISTEN) sshd 251 root 3u IPv4 77216 0t0 TCP *:ssh (LISTEN) sshd 251 root 4u IPv6 77314 0t0 TCP *:ssh (LISTEN) apache2 260 root 4u IPv6 81261 0t0 TCP *:8050 (LISTEN) apache2 272 www-data 4u IPv6 81261 0t0 TCP *:8050 (LISTEN) apache2 273 www-data 4u IPv6 81261 0t0 TCP *:8050 (LISTEN) apache2 274 www-data 4u IPv6 81261 0t0 TCP *:8050 (LISTEN) apache2 275 www-data 4u IPv6 81261 0t0 TCP *:8050 (LISTEN) apache2 276 www-data 4u IPv6 81261 0t0 TCP *:8050 (LISTEN) tor 396 tor 9u IPv4 116948 0t0 TCP !localhost:9050 (LISTEN) tor 396 tor 14u IPv4 117902 0t0 TCP TorHs01.lxd:54948->TorAuthority03.lxd:5000 (ESTABLISHED) tor 396 tor 15u IPv4 117904 0t0 TCP TorHs01.lxd:41538->TorRelay02Exit.lxd:5000 (ESTABLISHED)
where the last two lines represent connections to TorAuthority03 (which is configured as a non-Exit Relay) and TorRelay02Exit (which is configured as an Exit Relay) respectively.
Generally, the Hidden Service is always connected at least to a non-Exit Relay (e.g., TorRelay04, TorAuthority03, etc) whereas I expected that the Hidden Service was only connected to Exit Relays (in my lxd environment, TorRelay01Exit, TorRelay02Exit, TorRelay03Exit).
Looking at the network traffic through Wireshark, it looks like the Hidden Service is using a non-Exit Relay as an exit node, although the consensus already includes the three Exit Relays in my testing environment.
Is this behavior related to the testing environment only? If yes, do you already know why this happens? Is it possible to avoid this behavior?
Sincerely,
lewis85
**Trac**:
**Username**: lewis85https://gitlab.torproject.org/tpo/core/tor/-/issues/32113Make "make doxygen" work with out-of-tree builds2021-07-22T16:19:26ZNick MathewsonMake "make doxygen" work with out-of-tree buildsTor: 0.4.3.x-finalNick MathewsonNick Mathewsonhttps://gitlab.torproject.org/tpo/core/tor/-/issues/32110Doxygen: update Doxyfile.in to latest version2021-07-22T16:19:26ZNick MathewsonDoxygen: update Doxyfile.in to latest versionOur Doxyfile.in is based on a template from 1.5.6 from back in 2011. Let's update to a more recent version.Our Doxyfile.in is based on a template from 1.5.6 from back in 2011. Let's update to a more recent version.Tor: 0.4.3.x-finalNick MathewsonNick Mathewsonhttps://gitlab.torproject.org/tpo/core/tor/-/issues/32108tor can overrun its accountingmax if it enters soft hibernation first2020-11-04T14:18:22ZRoger Dingledinetor can overrun its accountingmax if it enters soft hibernation firstI'll put the punchline first: second_elapsed_callback(), which is where we check if it's time to go dormant for hibernation, is no longer called when we've entered soft hibernation.
I assume this is because of the new "periodic event fl...I'll put the punchline first: second_elapsed_callback(), which is where we check if it's time to go dormant for hibernation, is no longer called when we've entered soft hibernation.
I assume this is because of the new "periodic event flag" feature, where we try to avoid calling callbacks when we're in a state that won't need them. See the "online and active" note here:
```
/* This is a legacy catch-all callback that runs once per second if
* we are online and active. */
CALLBACK(second_elapsed, NET_PARTICIPANT,
FL(NEED_NET)|FL(RUN_ON_DISABLE)),
```
The impact is limited, since we stop accepting new connections and new circuits when we enter soft hibernation, but it can still be bad: existing connections and circuits can last for a long time and use a lot of bandwidth.
A secondary impact is that accounting_run_housekeeping() never gets called, which means that the state file never gets updated after we've entered soft hibernation, which means these bandwidth overspends are never recorded to disk.
I think the bug went in during commit 4bf79fa4f which is part of Tor 0.4.0.1-alpha.
The PERIODIC_EVENT_FLAG_NEED_NET flag (what FL(NEED_NET) expands into) checks net_is_disabled(), but there is another function right after net_is_disabled in netstatus.c called net_is_completely_disabled(), and the only difference is that it checks we_are_fully_hibernating() vs we_are_hibernating().
I confirmed the overall bug happens in practice: there's a relay operator in #tor who hit soft hibernation, and then saw his tor proceed to use more bytes than expected. I had him do a 'gdb attach' to his tor and break on 'second_elapsed_callback' and the function never got called.
It seems like the immediate fix, and best backport plan, would be to resume calling second_elapsed_callback even when net_is_disabled(). The longer term plan can be to audit our calls to net_is_disabled() and net_is_completely_disabled() and we_are_hibernating(), with an eye towards "should we be doing this behavior while soft hibernating", and see what other bugs we find.Tor: 0.4.0.x-finalRoger DingledineRoger Dingledinehttps://gitlab.torproject.org/tpo/core/tor/-/issues/32106tor man page should clarify that KBytes is 1024 bytes2021-07-22T16:19:26ZRoger Dingledinetor man page should clarify that KBytes is 1024 bytesWe say K as if everybody knows its 2^10^. But it has confused peripheral apps, like apparently nyx looks at "15 GBytes" in a torrc file, and helpfully visualizes 15 billion bytes for the user, when actually Tor means 15 << 30 (a bit over...We say K as if everybody knows its 2^10^. But it has confused peripheral apps, like apparently nyx looks at "15 GBytes" in a torrc file, and helpfully visualizes 15 billion bytes for the user, when actually Tor means 15 << 30 (a bit over 16 billion bytes) the whole time.
This distinction doesn't matter much in the kbyte range, but in the gbyte range it can add up. And for folks who are trying to do bandwidth accounting properly, it could be a nasty surprise -- especially if their ISP counts gigabytes as billions of bytes.Tor: 0.4.2.x-finalhttps://gitlab.torproject.org/tpo/core/tor/-/issues/32102Add build information to binary2020-11-19T15:46:43ZTracAdd build information to binary```
[root@test ~]# nginx -V
nginx version: nginx/1.12.2
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-36) (GCC)
built with OpenSSL 1.0.2k-fips 26 Jan 2017
TLS SNI support enabled
configure arguments: --prefix=/usr/share/nginx --sbin-path=...```
[root@test ~]# nginx -V
nginx version: nginx/1.12.2
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-36) (GCC)
built with OpenSSL 1.0.2k-fips 26 Jan 2017
TLS SNI support enabled
configure arguments: --prefix=/usr/share/nginx --sbin-path=/usr/sbin/nginx etc....
```
As tor versions up rapidly stable repos sometimes host legacy versions of tor.
Some people like me tend to just compile it ourselves and replace the binary, to enjoy the benefit of packaging and to follow up on new versions.
It would be nice to add build informations, such as gcc version, library versions and configure arguments. That way people like me can replicate exactly what the package managers are doing.
**Trac**:
**Username**: willbarrhttps://gitlab.torproject.org/tpo/core/tor/-/issues/32101Generate and publish doxygen output automatically2021-07-22T16:19:26ZNick MathewsonGenerate and publish doxygen output automaticallyWe should have a cron job or a jenkins process or something that runs "doxygen" in our codebase and publishes it at some official location.We should have a cron job or a jenkins process or something that runs "doxygen" in our codebase and publishes it at some official location.Tor: 0.4.3.x-final