commit fbd2fef22014ec5ca553e35147a1b1f0b60cc612
parent eebd2d44a1f45366f372a0ece2a851912607e0a2
Author: Nick Mathewson <nickm@torproject.org>
Date: Fri, 18 Oct 2019 12:25:55 -0400
Merge branch 'maint-0.4.2' of git-rw.torproject.org:/tor into maint-0.4.2
Diffstat:
5 files changed, 55 insertions(+), 54 deletions(-)
diff --git a/.travis.yml b/.travis.yml
@@ -12,14 +12,12 @@ cache:
compiler:
- gcc
- - clang
os:
- linux
- - osx
-## The build matrix in the following stanza expands into builds for each
-## OS and compiler.
+## We don't use the build matrix cross-product, because it makes too many jobs
+## Instead, we list each job under matrix: include:
env:
global:
## The Travis CI environment allows us two cores, so let's use both. Also,
@@ -34,69 +32,58 @@ env:
## Our default rust version is the minimum supported version
- RUST_VERSION="1.31.0"
matrix:
- ## We want to use each build option at least once
- ##
- ## We don't list default variable values, because we set the defaults
- ## in global (or the default is unset)
+ ## This matrix entry is required, but it doesn't actually create any jobs
-
- ## TOR_RUST_DEPENDENCIES is spelt RUST_DEPENDENCIES in 0.3.2
- - RUST_OPTIONS="--enable-rust" TOR_RUST_DEPENDENCIES=true
matrix:
- ## include creates builds with gcc, linux
+ ## include creates builds with gcc, linux, unless we override those defaults
include:
+ ## We run basic tests on macOS
+ - compiler: clang
+ os: osx
+ ## We check NSS
+ ## NSS is a fast job, clang is slower on Linux, so we do NSS clang
+ - env: NSS_OPTIONS="--enable-nss"
+ compiler: clang
+ ## We run chutney on Linux, because it's faster than chutney on macOS
+ - env: CHUTNEY="yes" CHUTNEY_ALLOW_FAILURES="2" SKIP_MAKE_CHECK="yes"
## We include a single coverage build with the best options for coverage
- env: COVERAGE_OPTIONS="--enable-coverage" HARDENING_OPTIONS="" TOR_TEST_RNG_SEED="636f766572616765"
- ## We only want to check these build option combinations once
- ## (they shouldn't vary by compiler or OS)
- ## We run rust and coverage with hardening off, which seems like enough
- # - env: HARDENING_OPTIONS=""
+ ## We run rust on Linux, because it's faster than rust on macOS
+ ## We check rust offline
+ - env: RUST_OPTIONS="--enable-rust" TOR_RUST_DEPENDENCIES=true
## We check asciidoc with distcheck, to make sure we remove doc products
- env: DISTCHECK="yes" ASCIIDOC_OPTIONS="" SKIP_MAKE_CHECK="yes"
- # We also try running a hardened clang build with chutney on Linux.
- - env: CHUTNEY="yes" SKIP_MAKE_CHECK="yes" CHUTNEY_ALLOW_FAILURES="2"
+ ## We check disable module dirauth
+ - env: MODULES_OPTIONS="--disable-module-dirauth"
+ ## We run rust on macOS, because we have seen macOS rust failures before
+ - env: RUST_VERSION="nightly" RUST_OPTIONS="--enable-rust --enable-cargo-online-mode"
compiler: clang
- # We clone our stem repo and run `make test-stem`
+ os: osx
+ ## We run chutney on macOS, because macOS Travis has IPv6
+ - env: CHUTNEY="yes" CHUTNEY_ALLOW_FAILURES="2" SKIP_MAKE_CHECK="yes"
+ os: osx
+ ## We clone our stem repo and run `make test-stem`
- env: TEST_STEM="yes" SKIP_MAKE_CHECK="yes"
- ## Check rust online with distcheck, to make sure we remove rust products
- - env: DISTCHECK="yes" RUST_VERSION="beta" RUST_OPTIONS="--enable-rust --enable-cargo-online-mode"
- ## Check disable module dirauth with and without rust
- - env: MODULES_OPTIONS="--disable-module-dirauth" RUST_VERSION="nightly" RUST_OPTIONS="--enable-rust" TOR_RUST_DEPENDENCIES=true
- - env: MODULES_OPTIONS="--disable-module-dirauth"
- ## Check NSS
- - env: NSS_OPTIONS="--enable-nss"
- ## Uncomment to allow the build to report success (with non-required
- ## sub-builds continuing to run) if all required sub-builds have
- ## succeeded. This is somewhat buggy currently: it can cause
- ## duplicate notifications and prematurely report success if a
- ## single sub-build has succeeded. See
- ## https://github.com/travis-ci/travis-ci/issues/1696
- # fast_finish: true
+ ## Allow the build to report success (with non-required sub-builds
+ ## continuing to run) if all required sub-builds have succeeded.
+ fast_finish: true
- ## Careful! We use global envs, which makes it hard to exclude or
- ## allow failures by env:
+ ## Careful! We use global envs, which makes it hard to allow failures by env:
## https://docs.travis-ci.com/user/customizing-the-build#matching-jobs-with-allow_failures
allow_failures:
+ ## macOS rust and chutney are very slow, so we let the build finish before
+ ## they are done. We'd like to fast finish, but still eventually show
+ ## any failures in the build status. But Travis doesn't have that ability.
+ - env: RUST_VERSION="nightly" RUST_OPTIONS="--enable-rust --enable-cargo-online-mode"
+ compiler: clang
+ os: osx
+ - env: CHUTNEY="yes" CHUTNEY_ALLOW_FAILURES="2" SKIP_MAKE_CHECK="yes"
+ os: osx
## test-stem sometimes hangs on Travis
- env: TEST_STEM="yes" SKIP_MAKE_CHECK="yes"
- exclude:
- ## gcc on OSX is less useful, because the default compiler is clang.
- - compiler: gcc
- os: osx
- ## gcc on Linux with no env is redundant, because all the custom builds use
- ## gcc on Linux
- - compiler: gcc
- os: linux
- env:
- ## offline rust builds for gcc on Linux are redundant, because we do an
- ## online rust build for gcc on Linux
- - compiler: gcc
- os: linux
- ## TOR_RUST_DEPENDENCIES is spelt RUST_DEPENDENCIES in 0.3.2
- env: RUST_OPTIONS="--enable-rust" TOR_RUST_DEPENDENCIES=true
-
## (Linux only) Use the latest Linux image (Ubuntu Trusty)
dist: trusty
diff --git a/changes/ticket30860 b/changes/ticket30860
@@ -0,0 +1,3 @@
+ o Testing:
+ - Run the chutney IPv6 networks as part of Travis CI.
+ Closes ticket 30860.
diff --git a/changes/ticket31859 b/changes/ticket31859
@@ -0,0 +1,3 @@
+ o Testing:
+ - Simplify the Travis CI build matrix, and optimise for build time.
+ Closes ticket 31859.
diff --git a/changes/ticket32063 b/changes/ticket32063
@@ -0,0 +1,3 @@
+ o Minor bugfixes (hs-v3, memory leak):
+ - Fix memory leak in unlikely error code path when encoding HS DoS establish
+ intro extension cell. Fixes bug 32063; bugfix on 0.4.2.1-alpha.
diff --git a/src/feature/hs/hs_cell.c b/src/feature/hs/hs_cell.c
@@ -503,8 +503,8 @@ build_establish_intro_dos_extension(const hs_service_config_t *service_config,
ssize_t ret;
size_t dos_ext_encoded_len;
uint8_t *field_array;
- trn_cell_extension_field_t *field;
- trn_cell_extension_dos_t *dos_ext;
+ trn_cell_extension_field_t *field = NULL;
+ trn_cell_extension_dos_t *dos_ext = NULL;
tor_assert(service_config);
tor_assert(extensions);
@@ -530,7 +530,7 @@ build_establish_intro_dos_extension(const hs_service_config_t *service_config,
/* Set the field with the encoded DoS extension. */
ret = trn_cell_extension_dos_encoded_len(dos_ext);
if (BUG(ret <= 0)) {
- return -1;
+ goto err;
}
dos_ext_encoded_len = ret;
/* Set length field and the field array size length. */
@@ -541,7 +541,7 @@ build_establish_intro_dos_extension(const hs_service_config_t *service_config,
ret = trn_cell_extension_dos_encode(field_array,
trn_cell_extension_field_getlen_field(field), dos_ext);
if (BUG(ret <= 0)) {
- return -1;
+ goto err;
}
tor_assert(ret == (ssize_t) dos_ext_encoded_len);
@@ -557,6 +557,11 @@ build_establish_intro_dos_extension(const hs_service_config_t *service_config,
trn_cell_extension_dos_free(dos_ext);
return 0;
+
+ err:
+ trn_cell_extension_field_free(field);
+ trn_cell_extension_dos_free(dos_ext);
+ return -1;
}
/* ========== */
