use tor_assert and PUBLIC_KEY_OK

but don't use tor_assert inside log.c, to avoid loops


svn:r1696

src/common/crypto.c

@@ -80,7 +80,7 @@ crypto_get_rsa_padding_overhead(int padding) {
     case RSA_NO_PADDING: return 0;
     case RSA_PKCS1_OAEP_PADDING: return 42;
     case RSA_PKCS1_PADDING: return 11;
-    default: assert(0); return -1;
+    default: tor_assert(0); return -1;
     }
 }
 
@@ -91,7 +91,7 @@ crypto_get_rsa_padding(int padding) {
     case PK_NO_PADDING: return RSA_NO_PADDING;
     case PK_PKCS1_PADDING: return RSA_PKCS1_PADDING;
     case PK_PKCS1_OAEP_PADDING: return RSA_PKCS1_OAEP_PADDING;
-    default: assert(0); return -1;
+    default: tor_assert(0); return -1;
     }
 }
 
@@ -116,7 +116,7 @@ int crypto_global_cleanup()
 crypto_pk_env_t *_crypto_new_pk_env_rsa(RSA *rsa)
 {
   crypto_pk_env_t *env;
-  assert(rsa);
+  tor_assert(rsa);
   env = tor_malloc(sizeof(crypto_pk_env_t));
   env->refs = 1;
   env->key = rsa;
@@ -134,7 +134,7 @@ EVP_PKEY *_crypto_pk_env_get_evp_pkey(crypto_pk_env_t *env, int private)
 {
   RSA *key = NULL;
   EVP_PKEY *pkey = NULL;
-  assert(env->key);
+  tor_assert(env->key);
   if (private) {
     if (!(key = RSAPrivateKey_dup(env->key)))
       goto error;
@@ -171,7 +171,7 @@ crypto_pk_env_t *crypto_new_pk_env(void)
 
 void crypto_free_pk_env(crypto_pk_env_t *env)
 {
-  assert(env);
+  tor_assert(env);
 
   if(--env->refs > 0)
     return;
@@ -236,9 +236,9 @@ crypto_cipher_env_t *crypto_new_cipher_env()
 
 void crypto_free_cipher_env(crypto_cipher_env_t *env)
 {
-  assert(env);
+  tor_assert(env);
 
-  assert(env->cipher);
+  tor_assert(env->cipher);
   aes_free_cipher(env->cipher);
   tor_free(env);
 }
@@ -246,7 +246,7 @@ void crypto_free_cipher_env(crypto_cipher_env_t *env)
 /* public key crypto */
 int crypto_pk_generate_key(crypto_pk_env_t *env)
 {
-  assert(env);
+  tor_assert(env);
 
   if (env->key)
     RSA_free(env->key);
@@ -259,7 +259,7 @@ int crypto_pk_generate_key(crypto_pk_env_t *env)
 
 int crypto_pk_read_private_key_from_file(crypto_pk_env_t *env, FILE *src)
 {
-  assert(env && src);
+  tor_assert(env && src);
 
   if (env->key)
     RSA_free(env->key);
@@ -274,7 +274,7 @@ int crypto_pk_read_private_key_from_filename(crypto_pk_env_t *env, const char *k
 {
   FILE *f_pr;
 
-  assert(env && keyfile);
+  tor_assert(env && keyfile);
 
   if(strspn(keyfile,CONFIG_LEGAL_FILENAME_CHARACTERS) != strlen(keyfile)) {
     /* filename contains nonlegal characters */
@@ -309,7 +309,7 @@ int crypto_pk_read_private_key_from_filename(crypto_pk_env_t *env, const char *k
 
 int crypto_pk_read_public_key_from_file(crypto_pk_env_t *env, FILE *src)
 {
-  assert(env && src);
+  tor_assert(env && src);
 
   if(env->key)
     RSA_free(env->key);
@@ -324,7 +324,7 @@ int crypto_pk_write_public_key_to_string(crypto_pk_env_t *env, char **dest, int
   BUF_MEM *buf;
   BIO *b;
 
-  assert(env && env->key && dest);
+  tor_assert(env && env->key && dest);
 
   b = BIO_new(BIO_s_mem()); /* Create a memory BIO */
 
@@ -350,7 +350,7 @@ int crypto_pk_write_public_key_to_string(crypto_pk_env_t *env, char **dest, int
 int crypto_pk_read_public_key_from_string(crypto_pk_env_t *env, const char *src, int len) {
   BIO *b;
 
-  assert(env && src);
+  tor_assert(env && src);
 
   b = BIO_new(BIO_s_mem()); /* Create a memory BIO */
 
@@ -376,7 +376,7 @@ crypto_pk_write_private_key_to_filename(crypto_pk_env_t *env,
   char *s;
   int r;
 
-  assert(PRIVATE_KEY_OK(env));
+  tor_assert(PRIVATE_KEY_OK(env));
 
   if (!(bio = BIO_new(BIO_s_mem())))
     return -1;
@@ -397,7 +397,7 @@ crypto_pk_write_private_key_to_filename(crypto_pk_env_t *env,
 
 int crypto_pk_write_private_key_to_file(crypto_pk_env_t *env, FILE *dest)
 {
-  assert(env && dest);
+  tor_assert(env && dest);
 
   if (!env->key)
     return -1;
@@ -408,7 +408,7 @@ int crypto_pk_write_private_key_to_file(crypto_pk_env_t *env, FILE *dest)
 }
 int crypto_pk_write_public_key_to_file(crypto_pk_env_t *env, FILE *dest)
 {
-  assert(env && dest);
+  tor_assert(env && dest);
 
   if (!env->key)
     return -1;
@@ -420,7 +420,7 @@ int crypto_pk_write_public_key_to_file(crypto_pk_env_t *env, FILE *dest)
 
 int crypto_pk_check_key(crypto_pk_env_t *env)
 {
-  assert(env);
+  tor_assert(env);
 
   return RSA_check_key(env->key);
 }
@@ -434,7 +434,8 @@ int crypto_pk_cmp_keys(crypto_pk_env_t *a, crypto_pk_env_t *b) {
   if (!a->key || !b->key)
     return -1;
 
-  assert((a->key)->n && (a->key)->e && (b->key)->n && (b->key)->e);
+  tor_assert(PUBLIC_KEY_OK(a));
+  tor_assert(PUBLIC_KEY_OK(b));
   result = BN_cmp((a->key)->n, (b->key)->n);
   if (result)
     return result;
@@ -444,13 +445,13 @@ int crypto_pk_cmp_keys(crypto_pk_env_t *a, crypto_pk_env_t *b) {
 /* return the size of the public key modulus in 'env', in bytes. */
 int crypto_pk_keysize(crypto_pk_env_t *env)
 {
-  assert(env && env->key);
+  tor_assert(env && env->key);
 
   return RSA_size(env->key);
 }
 
 crypto_pk_env_t *crypto_pk_dup_key(crypto_pk_env_t *env) {
-  assert(env && env->key);
+  tor_assert(env && env->key);
 
   env->refs++;
   return env;
@@ -458,7 +459,7 @@ crypto_pk_env_t *crypto_pk_dup_key(crypto_pk_env_t *env) {
 
 int crypto_pk_public_encrypt(crypto_pk_env_t *env, const unsigned char *from, int fromlen, unsigned char *to, int padding)
 {
-  assert(env && from && to);
+  tor_assert(env && from && to);
 
   return RSA_public_encrypt(fromlen, (unsigned char*)from, to, env->key,
                             crypto_get_rsa_padding(padding));
@@ -466,7 +467,7 @@ int crypto_pk_public_encrypt(crypto_pk_env_t *env, const unsigned char *from, in
 
 int crypto_pk_private_decrypt(crypto_pk_env_t *env, const unsigned char *from, int fromlen, unsigned char *to, int padding)
 {
-  assert(env && from && to && env->key);
+  tor_assert(env && from && to && env->key);
   if (!env->key->p)
     /* Not a private key */
     return -1;
@@ -477,13 +478,13 @@ int crypto_pk_private_decrypt(crypto_pk_env_t *env, const unsigned char *from, i
 
 int crypto_pk_public_checksig(crypto_pk_env_t *env, const unsigned char *from, int fromlen, unsigned char *to)
 {
-  assert(env && from && to);
+  tor_assert(env && from && to);
   return RSA_public_decrypt(fromlen, (unsigned char*)from, to, env->key, RSA_PKCS1_PADDING);
 }
 
 int crypto_pk_private_sign(crypto_pk_env_t *env, const unsigned char *from, int fromlen, unsigned char *to)
 {
-  assert(env && from && to);
+  tor_assert(env && from && to);
   if (!env->key->p)
     /* Not a private key */
     return -1;
@@ -499,7 +500,7 @@ int crypto_pk_public_checksig_digest(crypto_pk_env_t *env, const unsigned char *
   char buf[PK_BYTES+1];
   int r;
 
-  assert(env && data && sig);
+  tor_assert(env && data && sig);
 
   if (crypto_digest(data,datalen,digest)<0) {
     log_fn(LOG_WARN, "couldn't compute digest");
@@ -557,7 +558,7 @@ int crypto_pk_public_hybrid_encrypt(crypto_pk_env_t *env,
   crypto_cipher_env_t *cipher = NULL;
   char buf[PK_BYTES+1];
 
-  assert(env && from && to);
+  tor_assert(env && from && to);
 
   overhead = crypto_get_rsa_padding_overhead(crypto_get_rsa_padding(padding));
   pkeylen = crypto_pk_keysize(env);
@@ -748,8 +749,8 @@ crypto_pk_get_fingerprint(crypto_pk_env_t *pk, char *fp_out)
     }
   }
   *bufp = '\0';
-  assert(strlen(buf) == FINGERPRINT_LEN);
-  assert(crypto_pk_check_fingerprint_syntax(buf));
+  tor_assert(strlen(buf) == FINGERPRINT_LEN);
+  tor_assert(crypto_pk_check_fingerprint_syntax(buf));
   strcpy(fp_out, buf);
   return 0;
 }
@@ -772,14 +773,14 @@ crypto_pk_check_fingerprint_syntax(const char *s)
 /* symmetric crypto */
 int crypto_cipher_generate_key(crypto_cipher_env_t *env)
 {
-  assert(env);
+  tor_assert(env);
 
   return crypto_rand(CIPHER_KEY_LEN, env->key);
 }
 
 int crypto_cipher_set_iv(crypto_cipher_env_t *env, const unsigned char *iv)
 {
-  assert(env && (CIPHER_IV_LEN==0 || iv));
+  tor_assert(env && (CIPHER_IV_LEN==0 || iv));
 
   if (!CIPHER_IV_LEN)
     return 0;
@@ -794,7 +795,7 @@ int crypto_cipher_set_iv(crypto_cipher_env_t *env, const unsigned char *iv)
 
 int crypto_cipher_set_key(crypto_cipher_env_t *env, const unsigned char *key)
 {
-  assert(env && key);
+  tor_assert(env && key);
 
   if (!env->key)
     return -1;
@@ -811,7 +812,7 @@ const unsigned char *crypto_cipher_get_key(crypto_cipher_env_t *env)
 
 int crypto_cipher_encrypt_init_cipher(crypto_cipher_env_t *env)
 {
-  assert(env);
+  tor_assert(env);
 
   aes_set_key(env->cipher, env->key, CIPHER_KEY_LEN*8);
   return 0;
@@ -819,7 +820,7 @@ int crypto_cipher_encrypt_init_cipher(crypto_cipher_env_t *env)
 
 int crypto_cipher_decrypt_init_cipher(crypto_cipher_env_t *env)
 {
-  assert(env);
+  tor_assert(env);
 
   aes_set_key(env->cipher, env->key, CIPHER_KEY_LEN*8);
   return 0;
@@ -827,7 +828,7 @@ int crypto_cipher_decrypt_init_cipher(crypto_cipher_env_t *env)
 
 int crypto_cipher_encrypt(crypto_cipher_env_t *env, const unsigned char *from, unsigned int fromlen, unsigned char *to)
 {
-  assert(env && env->cipher && from && fromlen && to);
+  tor_assert(env && env->cipher && from && fromlen && to);
 
   aes_crypt(env->cipher, from, fromlen, to);
   return 0;
@@ -835,7 +836,7 @@ int crypto_cipher_encrypt(crypto_cipher_env_t *env, const unsigned char *from, u
 
 int crypto_cipher_decrypt(crypto_cipher_env_t *env, const unsigned char *from, unsigned int fromlen, unsigned char *to)
 {
-  assert(env && from && to);
+  tor_assert(env && from && to);
 
   aes_crypt(env->cipher, from, fromlen, to);
   return 0;
@@ -857,7 +858,7 @@ crypto_cipher_advance(crypto_cipher_env_t *env, long delta)
 /* SHA-1 */
 int crypto_digest(const unsigned char *m, int len, unsigned char *digest)
 {
-  assert(m && digest);
+  tor_assert(m && digest);
   return (SHA1(m,len,digest) == NULL);
 }
 
@@ -883,8 +884,8 @@ void
 crypto_digest_add_bytes(crypto_digest_env_t *digest, const char *data,
                         size_t len)
 {
-  assert(digest);
-  assert(data);
+  tor_assert(digest);
+  tor_assert(data);
   SHA1_Update(&digest->d, (void*)data, len);
 }
 
@@ -892,8 +893,8 @@ void crypto_digest_get_digest(crypto_digest_env_t *digest,
                               char *out, size_t out_len)
 {
   static char r[DIGEST_LEN];
-  assert(digest && out);
-  assert(out_len <= DIGEST_LEN);
+  tor_assert(digest && out);
+  tor_assert(out_len <= DIGEST_LEN);
   SHA1_Final(r, &digest->d);
   memcpy(out, r, out_len);
 }
@@ -902,7 +903,7 @@ crypto_digest_env_t *
 crypto_digest_dup(const crypto_digest_env_t *digest)
 {
   crypto_digest_env_t *r;
-  assert(digest);
+  tor_assert(digest);
   r = tor_malloc(sizeof(crypto_digest_env_t));
   memcpy(r,digest,sizeof(crypto_digest_env_t));
   return r;
@@ -912,7 +913,7 @@ void
 crypto_digest_assign(crypto_digest_env_t *into,
                      const crypto_digest_env_t *from)
 {
-  assert(into && from);
+  tor_assert(into && from);
   memcpy(into,from,sizeof(crypto_digest_env_t));
 }
 
@@ -928,7 +929,7 @@ static void init_dh_param() {
 
   p = BN_new();
   g = BN_new();
-  assert(p && g);
+  tor_assert(p && g);
 
 #if 0
   /* This is from draft-ietf-ipsec-ike-modp-groups-05.txt.  It's a safe
@@ -957,10 +958,10 @@ static void init_dh_param() {
                 "302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9"
                 "A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE6"
                 "49286651ECE65381FFFFFFFFFFFFFFFF");
-  assert(r);
+  tor_assert(r);
 
   r = BN_set_word(g, 2);
-  assert(r);
+  tor_assert(r);
   dh_param_p = p;
   dh_param_g = g;
 }
@@ -992,7 +993,7 @@ crypto_dh_env_t *crypto_dh_new()
 }
 int crypto_dh_get_bytes(crypto_dh_env_t *dh)
 {
-  assert(dh);
+  tor_assert(dh);
   return DH_size(dh->dh);
 }
 int crypto_dh_generate_public(crypto_dh_env_t *dh)
@@ -1004,13 +1005,13 @@ int crypto_dh_generate_public(crypto_dh_env_t *dh)
 int crypto_dh_get_public(crypto_dh_env_t *dh, char *pubkey, int pubkey_len)
 {
   int bytes;
-  assert(dh);
+  tor_assert(dh);
   if (!dh->dh->pub_key) {
     if (!DH_generate_key(dh->dh))
       return -1;
   }
 
-  assert(dh->dh->pub_key);
+  tor_assert(dh->dh->pub_key);
   bytes = BN_num_bytes(dh->dh->pub_key);
   if (pubkey_len < bytes)
     return -1;
@@ -1032,8 +1033,8 @@ int crypto_dh_compute_secret(crypto_dh_env_t *dh,
   BIGNUM *pubkey_bn = NULL;
   int secret_len;
   int i;
-  assert(dh);
-  assert(secret_bytes_out/DIGEST_LEN <= 255);
+  tor_assert(dh);
+  tor_assert(secret_bytes_out/DIGEST_LEN <= 255);
 
   if (!(pubkey_bn = BN_bin2bn(pubkey, pubkey_len, NULL)))
     goto error;
@@ -1059,7 +1060,7 @@ int crypto_dh_compute_secret(crypto_dh_env_t *dh,
 }
 void crypto_dh_free(crypto_dh_env_t *dh)
 {
-  assert(dh && dh->dh);
+  tor_assert(dh && dh->dh);
   DH_free(dh->dh);
   free(dh);
 }
@@ -1128,13 +1129,13 @@ int crypto_seed_rng()
 
 int crypto_rand(unsigned int n, unsigned char *to)
 {
-  assert(to);
+  tor_assert(to);
   return (RAND_bytes(to, n) != 1);
 }
 
 void crypto_pseudo_rand(unsigned int n, unsigned char *to)
 {
-  assert(to);
+  tor_assert(to);
   if (RAND_pseudo_bytes(to, n) == -1) {
     log_fn(LOG_ERR, "RAND_pseudo_bytes failed unexpectedly.");
     exit(1);
@@ -1145,8 +1146,8 @@ void crypto_pseudo_rand(unsigned int n, unsigned char *to)
 int crypto_pseudo_rand_int(unsigned int max) {
   unsigned int val;
   unsigned int cutoff;
-  assert(max < UINT_MAX);
-  assert(max > 0); /* don't div by 0 */
+  tor_assert(max < UINT_MAX);
+  tor_assert(max > 0); /* don't div by 0 */
 
   /* We ignore any values that are >= 'cutoff,' to avoid biasing the
    * distribution with clipping at the upper end of unsigned int's

src/common/tortls.c

@@ -153,7 +153,7 @@ tor_tls_create_certificate(crypto_pk_env_t *rsa,
 
   start_time = time(NULL);
 
-  assert(rsa && cname && rsa_sign && cname_sign);
+  tor_assert(rsa && cname && rsa_sign && cname_sign);
   if (!(sign_pkey = _crypto_pk_env_get_evp_pkey(rsa_sign,1)))
     goto error;
   if (!(pkey = _crypto_pk_env_get_evp_pkey(rsa,0)))
@@ -286,7 +286,7 @@ tor_tls_context_new(crypto_pk_env_t *identity,
     goto error;
   SSL_CTX_set_session_cache_mode(result->ctx, SSL_SESS_CACHE_OFF);
   if (isServer) {
-    assert(rsa);
+    tor_assert(rsa);
     if (!(pkey = _crypto_pk_env_get_evp_pkey(rsa,1)))
       goto error;
     if (!SSL_CTX_use_PrivateKey(result->ctx, pkey))
@@ -338,7 +338,7 @@ tor_tls *
 tor_tls_new(int sock, int isServer)
 {
   tor_tls *result = tor_malloc(sizeof(tor_tls));
-  assert(global_tls_context); /* make sure somebody made it first */
+  tor_assert(global_tls_context); /* make sure somebody made it first */
   if (!(result->ssl = SSL_new(global_tls_context->ctx)))
     return NULL;
   result->socket = sock;
@@ -368,8 +368,8 @@ int
 tor_tls_read(tor_tls *tls, char *cp, int len)
 {
   int r, err;
-  assert(tls && tls->ssl);
-  assert(tls->state == TOR_TLS_ST_OPEN);
+  tor_assert(tls && tls->ssl);
+  tor_assert(tls->state == TOR_TLS_ST_OPEN);
   r = SSL_read(tls->ssl, cp, len);
   if (r > 0)
     return r;
@@ -378,7 +378,7 @@ tor_tls_read(tor_tls *tls, char *cp, int len)
     tls->state = TOR_TLS_ST_CLOSED;
     return TOR_TLS_CLOSE;
   } else {
-    assert(err != TOR_TLS_DONE);
+    tor_assert(err != TOR_TLS_DONE);
     return err;
   }
 }
@@ -392,13 +392,13 @@ int
 tor_tls_write(tor_tls *tls, char *cp, int n)
 {
   int r, err;
-  assert(tls && tls->ssl);
-  assert(tls->state == TOR_TLS_ST_OPEN);
+  tor_assert(tls && tls->ssl);
+  tor_assert(tls->state == TOR_TLS_ST_OPEN);
   if (n == 0)
     return 0;
   if(tls->wantwrite_n) {
     /* if WANTWRITE last time, we must use the _same_ n as before */
-    assert(n >= tls->wantwrite_n);
+    tor_assert(n >= tls->wantwrite_n);
     log_fn(LOG_DEBUG,"resuming pending-write, (%d to flush, reusing %d)",
            n, tls->wantwrite_n);
     n = tls->wantwrite_n;
@@ -424,8 +424,8 @@ int
 tor_tls_handshake(tor_tls *tls)
 {
   int r;
-  assert(tls && tls->ssl);
-  assert(tls->state == TOR_TLS_ST_HANDSHAKE);
+  tor_assert(tls && tls->ssl);
+  tor_assert(tls->state == TOR_TLS_ST_HANDSHAKE);
   if (tls->isServer) {
     r = SSL_accept(tls->ssl);
   } else {
@@ -447,7 +447,7 @@ tor_tls_shutdown(tor_tls *tls)
 {
   int r, err;
   char buf[128];
-  assert(tls && tls->ssl);
+  tor_assert(tls && tls->ssl);
 
   while (1) {
     if (tls->state == TOR_TLS_ST_SENTCLOSE) {
@@ -593,19 +593,19 @@ tor_tls_verify(tor_tls *tls, crypto_pk_env_t *identity_key)
 int
 tor_tls_get_pending_bytes(tor_tls *tls)
 {
-  assert(tls);
+  tor_assert(tls);
   return SSL_pending(tls->ssl);
 }
 
 /* Return the number of bytes read across the underlying socket. */
 unsigned long tor_tls_get_n_bytes_read(tor_tls *tls)
 {
-  assert(tls);
+  tor_assert(tls);
   return BIO_number_read(SSL_get_rbio(tls->ssl));
 }
 unsigned long tor_tls_get_n_bytes_written(tor_tls *tls)
 {
-  assert(tls);
+  tor_assert(tls);
   return BIO_number_written(SSL_get_wbio(tls->ssl));
 }
 

src/common/util.c

@@ -105,7 +105,7 @@ void *tor_realloc(void *ptr, size_t size) {
 
 char *tor_strdup(const char *s) {
   char *dup;
-  assert(s);
+  tor_assert(s);
 
   dup = strdup(s);
   if(!dup) {
@@ -117,7 +117,7 @@ char *tor_strdup(const char *s) {
 
 char *tor_strndup(const char *s, size_t n) {
   char *dup;
-  assert(s);
+  tor_assert(s);
   dup = tor_malloc(n+1);
   strncpy(dup, s, n);
   dup[n] = 0;
@@ -160,7 +160,7 @@ void hex_encode(const char *from, int fromlen, char *to)
 {
   const unsigned char *fp = from;
   static const char TABLE[] = "0123456789abcdef";
-  assert(from && fromlen>=0 && to);
+  tor_assert(from && fromlen>=0 && to);
   while (fromlen--) {
     *to++ = TABLE[*fp >> 4];
     *to++ = TABLE[*fp & 7];
@@ -222,7 +222,7 @@ void smartlist_clear(smartlist_t *sl) {
 
 void smartlist_truncate(smartlist_t *sl, int len)
 {
-  assert(len <= sl->num_used);
+  tor_assert(len <= sl->num_used);
   sl->num_used = len;
 }
 
@@ -293,13 +293,13 @@ void *smartlist_choose(const smartlist_t *sl) {
 
 void *smartlist_get(const smartlist_t *sl, int idx)
 {
-  assert(sl && idx>=0 && idx < sl->num_used);
+  tor_assert(sl && idx>=0 && idx < sl->num_used);
   return sl->list[idx];
 }
 void *smartlist_set(smartlist_t *sl, int idx, void *val)
 {
   void *old;
-  assert(sl && idx>=0 && idx < sl->num_used);
+  tor_assert(sl && idx>=0 && idx < sl->num_used);
   old = sl->list[idx];
   sl->list[idx] = val;
   return old;
@@ -307,7 +307,7 @@ void *smartlist_set(smartlist_t *sl, int idx, void *val)
 void *smartlist_del(smartlist_t *sl, int idx)
 {
   void *old;
-  assert(sl && idx>=0 && idx < sl->num_used);
+  tor_assert(sl && idx>=0 && idx < sl->num_used);
   old = sl->list[idx];
   sl->list[idx] = sl->list[--sl->num_used];
   return old;
@@ -315,7 +315,7 @@ void *smartlist_del(smartlist_t *sl, int idx)
 void *smartlist_del_keeporder(smartlist_t *sl, int idx)
 {
   void *old;
-  assert(sl && idx>=0 && idx < sl->num_used);
+  tor_assert(sl && idx>=0 && idx < sl->num_used);
   old = sl->list[idx];
   --sl->num_used;
   if (idx < sl->num_used)
@@ -328,7 +328,7 @@ int smartlist_len(const smartlist_t *sl)
 }
 void smartlist_insert(smartlist_t *sl, int idx, void *val)
 {
-  assert(sl && idx >= 0 && idx <= sl->num_used);
+  tor_assert(sl && idx >= 0 && idx <= sl->num_used);
   if (idx == sl->num_used) {
     smartlist_add(sl, val);
   } else {
@@ -388,7 +388,7 @@ void* strmap_set(strmap_t *map, const char *key, void *val)
   strmap_entry_t *resolve;
   strmap_entry_t search;
   void *oldval;
-  assert(map && key && val);
+  tor_assert(map && key && val);
   search.key = (char*)key;
   resolve = SPLAY_FIND(strmap_tree, &map->head, &search);
   if (resolve) {
@@ -411,7 +411,7 @@ void* strmap_get(strmap_t *map, const char *key)
 {
   strmap_entry_t *resolve;
   strmap_entry_t search;
-  assert(map && key);
+  tor_assert(map && key);
   search.key = (char*)key;
   resolve = SPLAY_FIND(strmap_tree, &map->head, &search);
   if (resolve) {
@@ -432,7 +432,7 @@ void* strmap_remove(strmap_t *map, const char *key)
   strmap_entry_t *resolve;
   strmap_entry_t search;
   void *oldval;
-  assert(map && key);
+  tor_assert(map && key);
   search.key = (char*)key;
   resolve = SPLAY_FIND(strmap_tree, &map->head, &search);
   if (resolve) {
@@ -510,7 +510,7 @@ void strmap_foreach(strmap_t *map,
                     void *data)
 {
   strmap_entry_t *ptr, *next;
-  assert(map && fn);
+  tor_assert(map && fn);
   for (ptr = SPLAY_MIN(strmap_tree, &map->head); ptr != NULL; ptr = next) {
     /* This remove-in-place usage is specifically blessed in tree(3). */
     next = SPLAY_NEXT(strmap_tree, &map->head, ptr);
@@ -549,14 +549,14 @@ void strmap_foreach(strmap_t *map,
  */
 strmap_iter_t *strmap_iter_init(strmap_t *map)
 {
-  assert(map);
+  tor_assert(map);
   return SPLAY_MIN(strmap_tree, &map->head);
 }
 /* Advance the iterator 'iter' for map a single step to the next entry.
  */
 strmap_iter_t *strmap_iter_next(strmap_t *map, strmap_iter_t *iter)
 {
-  assert(map && iter);
+  tor_assert(map && iter);
   return SPLAY_NEXT(strmap_tree, &map->head, iter);
 }
 /* Advance the iterator 'iter' a single step to the next entry, removing
@@ -565,7 +565,7 @@ strmap_iter_t *strmap_iter_next(strmap_t *map, strmap_iter_t *iter)
 strmap_iter_t *strmap_iter_next_rmv(strmap_t *map, strmap_iter_t *iter)
 {
   strmap_iter_t *next;
-  assert(map && iter);
+  tor_assert(map && iter);
   next = SPLAY_NEXT(strmap_tree, &map->head, iter);
   SPLAY_REMOVE(strmap_tree, &map->head, iter);
   tor_free(iter->key);
@@ -576,7 +576,7 @@ strmap_iter_t *strmap_iter_next_rmv(strmap_t *map, strmap_iter_t *iter)
  */
 void strmap_iter_get(strmap_iter_t *iter, const char **keyp, void **valp)
 {
-  assert(iter && keyp && valp);
+  tor_assert(iter && keyp && valp);
   *keyp = iter->key;
   *valp = iter->val;
 }
@@ -599,7 +599,7 @@ void strmap_free(strmap_t *map, void (*free_val)(void*))
     if (free_val)
       tor_free(ent->val);
   }
-  assert(SPLAY_EMPTY(&map->head));
+  tor_assert(SPLAY_EMPTY(&map->head));
   tor_free(map);
 }
 
@@ -609,7 +609,7 @@ void strmap_free(strmap_t *map, void (*free_val)(void*))
 
 /* return the first char of s that is not whitespace and not a comment */
 const char *eat_whitespace(const char *s) {
-  assert(s);
+  tor_assert(s);
 
   while(isspace((int)*s) || *s == '#') {
     while(isspace((int)*s))
@@ -632,7 +632,7 @@ const char *eat_whitespace_no_nl(const char *s) {
 
 /* return the first char of s that is whitespace or '#' or '\0 */
 const char *find_whitespace(const char *s) {
-  assert(s);
+  tor_assert(s);
 
   while(*s && !isspace((int)*s) && *s != '#')
     s++;
@@ -722,8 +722,8 @@ time_t tor_timegm (struct tm *tm) {
   unsigned long year, days, hours, minutes;
   int i;
   year = tm->tm_year + 1900;
-  assert(year >= 1970);
-  assert(tm->tm_mon >= 0 && tm->tm_mon <= 11);
+  tor_assert(year >= 1970);
+  tor_assert(tm->tm_mon >= 0 && tm->tm_mon <= 11);
   days = 365 * (year-1970) + n_leapdays(1970,year);
   for (i = 0; i < tm->tm_mon; ++i)
     days += days_per_month[i];
@@ -812,7 +812,7 @@ int spawn_func(int (*func)(void *), void *data)
   if (pid==0) {
     /* Child */
     func(data);
-    assert(0); /* Should never reach here. */
+    tor_assert(0); /* Should never reach here. */
     return 0; /* suppress "control-reaches-end-of-non-void" warning. */
   } else {
     /* Parent */
@@ -941,7 +941,7 @@ tor_socketpair(int family, int type, int protocol, int fd[2])
 int correct_socket_errno(int s)
 {
   int optval, optvallen=sizeof(optval);
-  assert(errno == WSAEWOULDBLOCK);
+  tor_assert(errno == WSAEWOULDBLOCK);
   if (getsockopt(s, SOL_SOCKET, SO_ERROR, (void*)&optval, &optvallen))
     return errno;
   if (optval)
@@ -1065,7 +1065,7 @@ char *read_file_to_str(const char *filename) {
   struct stat statbuf;
   char *string;
 
-  assert(filename);
+  tor_assert(filename);
 
   if(strcspn(filename,CONFIG_LEGAL_FILENAME_CHARACTERS) != 0) {
     log_fn(LOG_WARN,"Filename %s contains illegal characters.",filename);
@@ -1352,7 +1352,7 @@ int tor_inet_aton(const char *c, struct in_addr* addr)
   return inet_aton(c, addr);
 #else
   uint32_t r;
-  assert(c && addr);
+  tor_assert(c && addr);
   if (strcmp(c, "255.255.255.255") == 0) {
     addr->s_addr = 0xFFFFFFFFu;
     return 1;