GitLab

Previously, hashlib.shake_256 was a class (if present); now it can
also be a function.  This change invalidated our old
compatibility/workaround code, and made one of our tests fail.

Fixes bug 40179; bugfix on 0.3.1.6-rc when the workaround code was
added.

In brief: we go through a lot of gymnastics to handle huge protover
numbers, but after years of development we're not even close to 10
for any of our current versions.  We also have a convenient
workaround available in case we ever run out of protocols: if (for
example) we someday need Link=64, we can just add Link2=0 or
something.

This patch is a minimal patch to change tor's behavior; it doesn't
take advantage of the new restrictions.

Implements #40133 and proposal 318.

If at least one service is configured as a version 2, a log warning is emitted
once and only once.

Closes #40003Signed-off-by: David Goulet <dgoulet@torproject.org>

First, we introduce a flag to teach src/test/test to split its work
into chunks.  Then we replace our invocation of src/test/test in our
"make check" target with a set of 8 scripts that invoke the first
8th of the tests, the second 8th, and so on.

This change makes our "make -kj4 check" target in our hardened
gitlab build more than twice as fast, since src/test/test was taking
the longest to finish.

Closes 40098.

Fixes #40135
Signed-off-by: David Goulet <dgoulet@torproject.org>

These are:
  --disable-module-relay
  --disable-module-dirauth
  --enable-all-bugs-are-fatal
  --enable-nss

We already fixed these in #40099 and #40125.

This patch fixes #40126.  Bugfix on 0.2.8.1-alpha.

The rend_cache/entry_free was missing the rend cache allocation increment
before freeing the object.

Without it, it had an underflow bug:

  Sep 17 08:40:13.845 [warn] rend_cache_decrement_allocation(): Bug: Underflow
  in rend_cache_decrement_allocation (on Tor 0.4.5.0-alpha-dev
  7eef9ced)

Fixes #40125
Signed-off-by: David Goulet <dgoulet@torproject.org>

Opening a new listener connection can fail in many ways like a bind()
permission denied on a low port for instance.

And thus, we should expect to handle an error when creating a new one instead
of assert() on it.

To hit the removed assert:

  ORPort 80
  KeepBindCapabilities 0

Start tor. Then edit torrc:

  ORPort <some-IP>:80

HUP tor and the assert is hit.

Fixes #40073
Signed-off-by: David Goulet <dgoulet@torproject.org>

Without this fix, running this test on its own would fail.

Fixes bug 40099. Bugfix on ade50058 in 0.2.8.1-alpha.