HACKING 19 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523
  1. Hacking Tor: An Incomplete Guide
  2. ================================
  3. Getting started
  4. ---------------
  5. For full information on how Tor is supposed to work, look at the files in
  6. https://gitweb.torproject.org/torspec.git/tree
  7. For an explanation of how to change Tor's design to work differently, look at
  8. https://gitweb.torproject.org/torspec.git/blob_plain/HEAD:/proposals/001-process.txt
  9. For the latest version of the code, get a copy of git, and
  10. git clone https://git.torproject.org/git/tor
  11. We talk about Tor on the tor-talk mailing list. Design proposals and
  12. discussion belong on the tor-dev mailing list. We hang around on
  13. irc.oftc.net, with general discussion happening on #tor and development
  14. happening on #tor-dev.
  15. How we use Git branches
  16. -----------------------
  17. Each main development series (like 0.2.1, 0.2.2, etc) has its main work
  18. applied to a single branch. At most one series can be the development series
  19. at a time; all other series are maintenance series that get bug-fixes only.
  20. The development series is built in a git branch called "master"; the
  21. maintenance series are built in branches called "maint-0.2.0", "maint-0.2.1",
  22. and so on. We regularly merge the active maint branches forward.
  23. For all series except the development series, we also have a "release" branch
  24. (as in "release-0.2.1"). The release series is based on the corresponding
  25. maintenance series, except that it deliberately lags the maint series for
  26. most of its patches, so that bugfix patches are not typically included in a
  27. maintenance release until they've been tested for a while in a development
  28. release. Occasionally, we'll merge an urgent bugfix into the release branch
  29. before it gets merged into maint, but that's rare.
  30. If you're working on a bugfix for a bug that occurs in a particular version,
  31. base your bugfix branch on the "maint" branch for the first supported series
  32. that has that bug. (As of June 2013, we're supporting 0.2.3 and later.) If
  33. you're working on a new feature, base it on the master branch.
  34. How we log changes
  35. ------------------
  36. When you do a commit that needs a ChangeLog entry, add a new file to
  37. the "changes" toplevel subdirectory. It should have the format of a
  38. one-entry changelog section from the current ChangeLog file, as in
  39. o Major bugfixes:
  40. - Fix a potential buffer overflow. Fixes bug 99999; bugfix on
  41. 0.3.1.4-beta.
  42. To write a changes file, first categorize the change. Some common categories
  43. are: Minor bugfixes, Major bugfixes, Minor features, Major features, Code
  44. simplifications and refactoring. Then say what the change does. If
  45. it's a bugfix, mention what bug it fixes and when the bug was
  46. introduced. To find out which Git tag the change was introduced in,
  47. you can use "git describe --contains <sha1 of commit>".
  48. If at all possible, try to create this file in the same commit where
  49. you are making the change. Please give it a distinctive name that no
  50. other branch will use for the lifetime of your change.
  51. When we go to make a release, we will concatenate all the entries
  52. in changes to make a draft changelog, and clear the directory. We'll
  53. then edit the draft changelog into a nice readable format.
  54. What needs a changes file?::
  55. A not-exhaustive list: Anything that might change user-visible
  56. behavior. Anything that changes internals, documentation, or the build
  57. system enough that somebody could notice. Big or interesting code
  58. rewrites. Anything about which somebody might plausibly wonder "when
  59. did that happen, and/or why did we do that" 6 months down the line.
  60. Why use changes files instead of Git commit messages?::
  61. Git commit messages are written for developers, not users, and they
  62. are nigh-impossible to revise after the fact.
  63. Why use changes files instead of entries in the ChangeLog?::
  64. Having every single commit touch the ChangeLog file tended to create
  65. zillions of merge conflicts.
  66. Useful tools
  67. ------------
  68. These aren't strictly necessary for hacking on Tor, but they can help track
  69. down bugs.
  70. Jenkins
  71. ~~~~~~~
  72. http://jenkins.torproject.org
  73. Dmalloc
  74. ~~~~~~~
  75. The dmalloc library will keep track of memory allocation, so you can find out
  76. if we're leaking memory, doing any double-frees, or so on.
  77. dmalloc -l ~/dmalloc.log
  78. (run the commands it tells you)
  79. ./configure --with-dmalloc
  80. Valgrind
  81. ~~~~~~~~
  82. valgrind --leak-check=yes --error-limit=no --show-reachable=yes src/or/tor
  83. (Note that if you get a zillion openssl warnings, you will also need to
  84. pass --undef-value-errors=no to valgrind, or rebuild your openssl
  85. with -DPURIFY.)
  86. Running gcov for unit test coverage
  87. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  88. -----
  89. make clean
  90. make CFLAGS='-g -fprofile-arcs -ftest-coverage'
  91. ./src/test/test
  92. gcov -o src/common src/common/*.[ch]
  93. gcov -o src/or src/or/*.[ch]
  94. cd ../or; gcov *.[ch]
  95. -----
  96. Then, look at the .gcov files. '-' before a line means that the
  97. compiler generated no code for that line. '######' means that the
  98. line was never reached. Lines with numbers were called that number
  99. of times.
  100. If that doesn't work:
  101. * Try configuring Tor with --disable-gcc-hardening
  102. * On recent OSX versions, you might need to add CC=clang to your
  103. build line, as in:
  104. make CFLAGS='-g -fprofile-arcs -ftest-coverage' CC=clang
  105. Their llvm-gcc doesn't work so great for me.
  106. Profiling Tor with oprofile
  107. ~~~~~~~~~~~~~~~~~~~~~~~~~~~
  108. The oprofile tool runs (on Linux only!) to tell you what functions Tor is
  109. spending its CPU time in, so we can identify berformance pottlenecks.
  110. Here are some basic instructions
  111. - Build tor with debugging symbols (you probably already have, unless
  112. you messed with CFLAGS during the build process).
  113. - Build all the libraries you care about with debugging symbols
  114. (probably you only care about libssl, maybe zlib and Libevent).
  115. - Copy this tor to a new directory
  116. - Copy all the libraries it uses to that dir too (ldd ./tor will
  117. tell you)
  118. - Set LD_LIBRARY_PATH to include that dir. ldd ./tor should now
  119. show you it's using the libs in that dir
  120. - Run that tor
  121. - Reset oprofiles counters/start it
  122. * "opcontrol --reset; opcontrol --start", if Nick remembers right.
  123. - After a while, have it dump the stats on tor and all the libs
  124. in that dir you created.
  125. * "opcontrol --dump;"
  126. * "opreport -l that_dir/*"
  127. - Profit
  128. Coding conventions
  129. ------------------
  130. Patch checklist
  131. ~~~~~~~~~~~~~~~
  132. If possible, send your patch as one of these (in descending order of
  133. preference)
  134. - A git branch we can pull from
  135. - Patches generated by git format-patch
  136. - A unified diff
  137. Did you remember...
  138. - To build your code while configured with --enable-gcc-warnings?
  139. - To run "make check-spaces" on your code?
  140. - To run "make check-docs" to see whether all new options are on
  141. the manpage?
  142. - To write unit tests, as possible?
  143. - To base your code on the appropriate branch?
  144. - To include a file in the "changes" directory as appropriate?
  145. Whitespace and C conformance
  146. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  147. Invoke "make check-spaces" from time to time, so it can tell you about
  148. deviations from our C whitespace style. Generally, we use:
  149. - Unix-style line endings
  150. - K&R-style indentation
  151. - No space before newlines
  152. - A blank line at the end of each file
  153. - Never more than one blank line in a row
  154. - Always spaces, never tabs
  155. - No more than 79-columns per line.
  156. - Two spaces per indent.
  157. - A space between control keywords and their corresponding paren
  158. "if (x)", "while (x)", and "switch (x)", never "if(x)", "while(x)", or
  159. "switch(x)".
  160. - A space between anything and an open brace.
  161. - No space between a function name and an opening paren. "puts(x)", not
  162. "puts (x)".
  163. - Function declarations at the start of the line.
  164. We try hard to build without warnings everywhere. In particular, if you're
  165. using gcc, you should invoke the configure script with the option
  166. "--enable-gcc-warnings". This will give a bunch of extra warning flags to
  167. the compiler, and help us find divergences from our preferred C style.
  168. Getting emacs to edit Tor source properly
  169. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  170. Nick likes to put the following snippet in his .emacs file:
  171. -----
  172. (add-hook 'c-mode-hook
  173. (lambda ()
  174. (font-lock-mode 1)
  175. (set-variable 'show-trailing-whitespace t)
  176. (let ((fname (expand-file-name (buffer-file-name))))
  177. (cond
  178. ((string-match "^/home/nickm/src/libevent" fname)
  179. (set-variable 'indent-tabs-mode t)
  180. (set-variable 'c-basic-offset 4)
  181. (set-variable 'tab-width 4))
  182. ((string-match "^/home/nickm/src/tor" fname)
  183. (set-variable 'indent-tabs-mode nil)
  184. (set-variable 'c-basic-offset 2))
  185. ((string-match "^/home/nickm/src/openssl" fname)
  186. (set-variable 'indent-tabs-mode t)
  187. (set-variable 'c-basic-offset 8)
  188. (set-variable 'tab-width 8))
  189. ))))
  190. -----
  191. You'll note that it defaults to showing all trailing whitespace. The "cond"
  192. test detects whether the file is one of a few C free software projects that I
  193. often edit, and sets up the indentation level and tab preferences to match
  194. what they want.
  195. If you want to try this out, you'll need to change the filename regex
  196. patterns to match where you keep your Tor files.
  197. If you use emacs for editing Tor and nothing else, you could always just say:
  198. -----
  199. (add-hook 'c-mode-hook
  200. (lambda ()
  201. (font-lock-mode 1)
  202. (set-variable 'show-trailing-whitespace t)
  203. (set-variable 'indent-tabs-mode nil)
  204. (set-variable 'c-basic-offset 2)))
  205. -----
  206. There is probably a better way to do this. No, we are probably not going
  207. to clutter the files with emacs stuff.
  208. Functions to use
  209. ~~~~~~~~~~~~~~~~
  210. We have some wrapper functions like tor_malloc, tor_free, tor_strdup, and
  211. tor_gettimeofday; use them instead of their generic equivalents. (They
  212. always succeed or exit.)
  213. You can get a full list of the compatibility functions that Tor provides by
  214. looking through src/common/util.h and src/common/compat.h. You can see the
  215. available containers in src/common/containers.h. You should probably
  216. familiarize yourself with these modules before you write too much code, or
  217. else you'll wind up reinventing the wheel.
  218. Use 'INLINE' instead of 'inline', so that we work properly on Windows.
  219. Calling and naming conventions
  220. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  221. Whenever possible, functions should return -1 on error and 0 on success.
  222. For multi-word identifiers, use lowercase words combined with
  223. underscores. (e.g., "multi_word_identifier"). Use ALL_CAPS for macros and
  224. constants.
  225. Typenames should end with "_t".
  226. Function names should be prefixed with a module name or object name. (In
  227. general, code to manipulate an object should be a module with the same name
  228. as the object, so it's hard to tell which convention is used.)
  229. Functions that do things should have imperative-verb names
  230. (e.g. buffer_clear, buffer_resize); functions that return booleans should
  231. have predicate names (e.g. buffer_is_empty, buffer_needs_resizing).
  232. If you find that you have four or more possible return code values, it's
  233. probably time to create an enum. If you find that you are passing three or
  234. more flags to a function, it's probably time to create a flags argument that
  235. takes a bitfield.
  236. What To Optimize
  237. ~~~~~~~~~~~~~~~~
  238. Don't optimize anything if it's not in the critical path. Right now, the
  239. critical path seems to be AES, logging, and the network itself. Feel free to
  240. do your own profiling to determine otherwise.
  241. Log conventions
  242. ~~~~~~~~~~~~~~~
  243. https://trac.torproject.org/projects/tor/wiki/doc/TorFAQ#loglevel
  244. No error or warning messages should be expected during normal OR or OP
  245. operation.
  246. If a library function is currently called such that failure always means ERR,
  247. then the library function should log WARN and let the caller log ERR.
  248. Every message of severity INFO or higher should either (A) be intelligible
  249. to end-users who don't know the Tor source; or (B) somehow inform the
  250. end-users that they aren't expected to understand the message (perhaps
  251. with a string like "internal error"). Option (A) is to be preferred to
  252. option (B).
  253. Doxygen
  254. ~~~~~~~~
  255. We use the 'doxygen' utility to generate documentation from our
  256. source code. Here's how to use it:
  257. 1. Begin every file that should be documented with
  258. /**
  259. * \file filename.c
  260. * \brief Short description of the file.
  261. **/
  262. (Doxygen will recognize any comment beginning with /** as special.)
  263. 2. Before any function, structure, #define, or variable you want to
  264. document, add a comment of the form:
  265. /** Describe the function's actions in imperative sentences.
  266. *
  267. * Use blank lines for paragraph breaks
  268. * - and
  269. * - hyphens
  270. * - for
  271. * - lists.
  272. *
  273. * Write <b>argument_names</b> in boldface.
  274. *
  275. * \code
  276. * place_example_code();
  277. * between_code_and_endcode_commands();
  278. * \endcode
  279. */
  280. 3. Make sure to escape the characters "<", ">", "\", "%" and "#" as "\<",
  281. "\>", "\\", "\%", and "\#".
  282. 4. To document structure members, you can use two forms:
  283. struct foo {
  284. /** You can put the comment before an element; */
  285. int a;
  286. int b; /**< Or use the less-than symbol to put the comment
  287. * after the element. */
  288. };
  289. 5. To generate documentation from the Tor source code, type:
  290. $ doxygen -g
  291. To generate a file called 'Doxyfile'. Edit that file and run
  292. 'doxygen' to generate the API documentation.
  293. 6. See the Doxygen manual for more information; this summary just
  294. scratches the surface.
  295. Doxygen comment conventions
  296. ^^^^^^^^^^^^^^^^^^^^^^^^^^^
  297. Say what functions do as a series of one or more imperative sentences, as
  298. though you were telling somebody how to be the function. In other words, DO
  299. NOT say:
  300. /** The strtol function parses a number.
  301. *
  302. * nptr -- the string to parse. It can include whitespace.
  303. * endptr -- a string pointer to hold the first thing that is not part
  304. * of the number, if present.
  305. * base -- the numeric base.
  306. * returns: the resulting number.
  307. */
  308. long strtol(const char *nptr, char **nptr, int base);
  309. Instead, please DO say:
  310. /** Parse a number in radix <b>base</b> from the string <b>nptr</b>,
  311. * and return the result. Skip all leading whitespace. If
  312. * <b>endptr</b> is not NULL, set *<b>endptr</b> to the first character
  313. * after the number parsed.
  314. **/
  315. long strtol(const char *nptr, char **nptr, int base);
  316. Doxygen comments are the contract in our abstraction-by-contract world: if
  317. the functions that call your function rely on it doing something, then your
  318. function should mention that it does that something in the documentation. If
  319. you rely on a function doing something beyond what is in its documentation,
  320. then you should watch out, or it might do something else later.
  321. Putting out a new release
  322. -------------------------
  323. Here are the steps Roger takes when putting out a new Tor release:
  324. 1) Use it for a while, as a client, as a relay, as a hidden service,
  325. and as a directory authority. See if it has any obvious bugs, and
  326. resolve those.
  327. 1.5) As applicable, merge the maint-X branch into the release-X branch.
  328. 2) Gather the changes/* files into a changelog entry, rewriting many
  329. of them and reordering to focus on what users and funders would find
  330. interesting and understandable.
  331. 2.1) Make sure that everything that wants a bug number has one.
  332. 2.2) Concatenate them.
  333. 2.3) Sort them by section. Within each section, try to make the
  334. first entry or two and the last entry most interesting: they're
  335. the ones that skimmers tend to read.
  336. 2.4) Clean them up:
  337. Standard idioms:
  338. "Fixes bug 9999; bugfix on 0.3.3.3-alpha."
  339. One period after a space.
  340. Make stuff very terse
  341. Make sure each section name ends with a colon
  342. Describe the user-visible problem right away
  343. Mention relevant config options by name. If they're rare or unusual,
  344. remind people what they're for
  345. Avoid starting lines with open-paren
  346. Present and imperative tense: not past.
  347. Try not to let any given section be longer than about a page. Break up
  348. long sections into subsections by some sort of common subtopic. This
  349. guideline is especially important when organizing Release Notes for
  350. new stable releases.
  351. If a given changes stanza showed up in a different release (e.g.
  352. maint-0.2.1), be sure to make the stanzas identical (so people can
  353. distinguish if these are the same change).
  354. 2.5) Merge them in.
  355. 2.6) Clean everything one last time.
  356. 2.7) Run it through fmt to make it pretty.
  357. 3) Compose a short release blurb to highlight the user-facing
  358. changes. Insert said release blurb into the ChangeLog stanza. If it's
  359. a stable release, add it to the ReleaseNotes file too. If we're adding
  360. to a release-0.2.x branch, manually commit the changelogs to the later
  361. git branches too.
  362. 4) Bump the version number in configure.ac and rebuild.
  363. 5) Make dist, put the tarball up somewhere, and tell #tor about it. Wait
  364. a while to see if anybody has problems building it. Try to get Sebastian
  365. or somebody to try building it on Windows.
  366. 6) Get at least two of weasel/arma/sebastian to put the new version number
  367. in their approved versions list.
  368. 7) Sign the tarball, then sign and push the git tag:
  369. gpg -ba <the_tarball>
  370. git tag -u <keyid> tor-0.2.x.y-status
  371. git push origin tag tor-0.2.x.y-status
  372. 8) scp the tarball and its sig to the website in the dist/ directory
  373. (i.e. /srv/www-master.torproject.org/htdocs/dist/ on vescum). Edit
  374. include/versions.wmi to note the new version. From your website checkout,
  375. run ./publish to build and publish the website.
  376. Try not to delay too much between scp'ing the tarball and running
  377. ./publish -- the website has multiple A records and your scp only sent
  378. it to one of them.
  379. 9) Email Erinn and weasel (cc'ing tor-assistants) that a new tarball
  380. is up. This step should probably change to mailing more packagers.
  381. 10) Add the version number to Trac. To do this, go to Trac, log in,
  382. select "Admin" near the top of the screen, then select "Versions" from
  383. the menu on the left. At the right, there will be an "Add version"
  384. box. By convention, we enter the version in the form "Tor:
  385. 0.2.2.23-alpha" (or whatever the version is), and we select the date as
  386. the date in the ChangeLog.
  387. 11) Forward-port the ChangeLog.
  388. 12) Update the topic in #tor to reflect the new version.
  389. 12) Wait up to a day or two (for a development release), or until most
  390. packages are up (for a stable release), and mail the release blurb and
  391. changelog to tor-talk or tor-announce.
  392. (We might be moving to faster announcements, but don't announce until
  393. the website is at least updated.)