Nick Mathewson
5e2cdc1666
When we get a duplicated certificate, treat it as a failure and increment the download count. Do not claim to be downloading certificates that we merely want.
...
svn:r17209
2008-11-07 14:01:44 +00:00
Nick Mathewson
a15bdd3edd
patch from karsten to not use or accept expired certs. fixes bug 851.
...
svn:r17208
2008-11-07 13:38:49 +00:00
Roger Dingledine
311b8b274c
minor changelog cleanups. declare that friday is when we release it.
...
svn:r17207
2008-11-07 05:11:41 +00:00
Steven Murdoch
9d68ed08e9
Patch from Jacob Appelbaum and me to make User option more robust, properly set supplementary groups, deprecated the Group option, and log more information on credential switching
...
svn:r17200
2008-11-07 02:06:12 +00:00
Nick Mathewson
3ebd1ebeca
The chunk_size field in memarea_t was never actually set. Remove the whole thing.
...
svn:r17195
2008-11-05 20:34:22 +00:00
Nick Mathewson
73c6cb8353
Fix unit test failure related to intro point parsing.
...
svn:r17188
2008-11-03 16:36:15 +00:00
Nick Mathewson
69cda76168
missing changelog for 0x20 hack
...
svn:r17185
2008-11-03 15:45:27 +00:00
Nick Mathewson
8c78a68cc0
Move changelog entry to correct section
...
svn:r17180
2008-11-01 20:28:10 +00:00
Nick Mathewson
c534b96e58
Fix an assertion failure on double-marked circuits, and a double-mark.
...
svn:r17179
2008-11-01 20:27:41 +00:00
Nick Mathewson
c8a5e2d588
Work better with tools that resist DNS poisoning by using the 0x20 hack: make DNSPort replies perserve case.
...
svn:r17170
2008-10-29 15:31:26 +00:00
Nick Mathewson
361086005c
Fix a possible negative shift in address comparison. May fix bug 845 and bug 811
...
svn:r17169
2008-10-29 13:29:54 +00:00
Nick Mathewson
ee31e0829e
Verify cpath_layer match on rendezvous cells too. Fixes another case of bug 446. Based on patch from rovv.
...
svn:r17162
2008-10-27 16:46:45 +00:00
Nick Mathewson
b166a43cb6
Fix another case of refusing to use a chosen exit node because we think it will reject _mostly_ everything. Based on patch from rovv. See bug 752.
...
svn:r17139
2008-10-21 17:09:04 +00:00
Nick Mathewson
5e762e6a5c
Fix the rest of bug 619: reject *:* servers should not do DNS lookups, even if broken clients send them RELAY_BEGIN cells. Patch from rovv.
...
svn:r17138
2008-10-21 16:51:59 +00:00
Nick Mathewson
b593fd5c20
Patch from rovv: send back END cell in response to connect attempts to nonexistent hidden service port.
...
svn:r17137
2008-10-21 16:41:20 +00:00
Roger Dingledine
bca46cc628
backport candidate:
...
The "ClientDNSRejectInternalAddresses" config option wasn't being
consistently obeyed: if an exit relay refuses a stream because its
exit policy doesn't allow it, we would remember what IP address
the relay said the destination address resolves to, even if it's
an internal IP address. Bugfix on 0.2.0.7-alpha; patch by rovv.
svn:r17135
2008-10-17 22:08:49 +00:00
Roger Dingledine
d374dc94e5
fix changelog entry for proposal 155, patch 1
...
svn:r17113
2008-10-15 22:01:17 +00:00
Roger Dingledine
a5769eefa4
patch4 from proposal 155:
...
Hidden services start out building five intro circuits rather
than three, and when the first three finish they publish a service
descriptor using those. Now we publish our service descriptor much
faster after restart.
svn:r17110
2008-10-15 20:59:48 +00:00
Roger Dingledine
d06182f0bd
add patch2 from proposal 155:
...
Launch a second client-side introduction circuit in parallel
after a delay of 15 seconds (based on work by Christian Wilms).
svn:r17108
2008-10-15 18:52:06 +00:00
Roger Dingledine
4520500cde
put in karsten's patch #1 for proposal 155, modified
...
svn:r17106
2008-10-15 00:36:09 +00:00
Nick Mathewson
846e40d193
Patch from rovv: when we have no pending streams, choose exits with choose_good_exit_server_general() rather than with circuit_get_unhandled_ports() and friends. Bugfix on 0.1.1.x, at least.
...
svn:r17091
2008-10-14 17:05:52 +00:00
Roger Dingledine
d7cfa1f56c
Minor fix in the warning messages when you're having problems
...
bootstrapping; also, be more forgiving of bootstrap problems when
we're still making incremental progress on a given bootstrap phase.
svn:r17066
2008-10-13 03:34:29 +00:00
Roger Dingledine
37883ca4bc
put the 0.2.1.6-alpha blurb into the changelog
...
svn:r17059
2008-10-12 00:51:02 +00:00
Roger Dingledine
c7af43a624
Now NodeFamily and MyFamily config options allow spaces in
...
identity fingerprints, so it's easier to paste them in.
Suggested by Lucky Green.
svn:r17021
2008-10-01 03:41:33 +00:00
Roger Dingledine
a04baf14b6
bump to 0.2.1.6-alpha, and note that the exclude*nodes config
...
discussion hasn't finished.
svn:r17011
2008-09-30 09:37:18 +00:00
Nick Mathewson
25f8335528
Include circuit purposes in circuit events. Now all circuit events are extended; this makes the code simpler.
...
svn:r17007
2008-09-29 22:34:22 +00:00
Roger Dingledine
26aa741169
Remove the old v2 directory authority 'lefkada' from the default
...
list. It has been gone for many months.
svn:r17005
2008-09-29 19:27:20 +00:00
Nick Mathewson
ae3ce7b387
Patch from mwenge: update TrackHostExits mapping expiry times when the mappings are used, so that they expire a while after their last use, not a while after their creation.
...
svn:r17004
2008-09-29 14:53:53 +00:00
Nick Mathewson
ee0078ead4
Make tor-resolve take a -p port option in addition to the current host:port syntax.
...
svn:r17002
2008-09-29 14:18:47 +00:00
Roger Dingledine
9678f166a8
If we have correct permissions on $datadir, we complain to stdout
...
and fail to start. But dangerous permissions on
$datadir/cached-status/ would cause us to open a log and complain
there. Now complain to stdout and fail to start in both cases. Fixes
bug 820, reported by seeess.
svn:r16998
2008-09-29 10:09:05 +00:00
Roger Dingledine
c846979ab7
Fix a bug where an unreachable relay would establish enough
...
reachability testing circuits to do a bandwidth test -- if
we already have a connection to the middle hop of the testing
circuit, then it could establish the last hop by using the existing
connection. Bugfix on 0.1.2.2-alpha, exposed when we made testing
circuits no longer use entry guards in 0.2.1.3-alpha.
svn:r16997
2008-09-29 09:36:42 +00:00
Roger Dingledine
81b216086b
rearrange the changelog a bit more
...
svn:r16996
2008-09-29 09:30:06 +00:00
Roger Dingledine
57942415ef
changelog cleanups. give 0.2.1.6-alpha a deadline.
...
svn:r16995
2008-09-29 06:54:32 +00:00
Nick Mathewson
99755f374d
Fix 0/0 calculation in get_weighted_fractional_uptime().
...
svn:r16994
2008-09-28 15:48:36 +00:00
Nick Mathewson
bb1685318c
Commit fix for bug 807 from mwenge: send CLOSED controller event for reverse dns resolve, not FAILED.
...
svn:r16985
2008-09-26 20:25:35 +00:00
Nick Mathewson
e147e867be
Proposal 152 implementation from Josh Albrecht, with tweaks.
...
svn:r16983
2008-09-26 18:58:45 +00:00
Nick Mathewson
e7e12236ac
Code to serve a current stability calculations from /tor/dbg-stability.txt. Untested: somebody please run this on an authority and let me know if it is broken.
...
svn:r16981
2008-09-26 18:02:48 +00:00
Nick Mathewson
ae33d3ead7
Apply rovv's fix for bug 824.
...
svn:r16975
2008-09-26 15:30:26 +00:00
Nick Mathewson
8bbbbaf87b
Add country-code support to configured node lists to implement the ever-popular "no exits in Monaco" feature (ExcludeExitNodes {MC}). Also allow country codes and IP ranges in ExitNodes. (EntryNodes needs more work.) Based on code by Robert Hogan. Needs more testing.
...
svn:r16966
2008-09-25 20:21:35 +00:00
Karsten Loesing
6bb4492a6f
Having two "Major features:" sections seems too much of a good thing.
...
svn:r16962
2008-09-25 09:53:19 +00:00
Karsten Loesing
f2ff3e74ae
All relays now store and serve v2 hidden service descriptors by default (not only directory mirrors).
...
svn:r16961
2008-09-24 22:33:47 +00:00
Karsten Loesing
9a7098487b
If we are not using BEGIN_DIR cells, don't attempt to contact hidden service directories with non-open dir port.
...
svn:r16960
2008-09-24 22:29:22 +00:00
Roger Dingledine
8dfe8194c9
changelog cleanup / rearranging
...
svn:r16957
2008-09-24 17:01:43 +00:00
Nick Mathewson
8bc1536a9e
Add patch 4 from Karsten for proposal 121, slightly modified. Karsten should definitely re-review the bits I changed.
...
svn:r16955
2008-09-24 14:44:29 +00:00
Roger Dingledine
f59c13b7a3
fix a bad typo, add a missing word
...
svn:r16946
2008-09-23 21:01:54 +00:00
Nick Mathewson
75977fd79b
Patch from roger for 752, but with more comments: When we get an A.B.exit:P address, and B would reject most connections to P, but we do not know whether it would allow A, then allow the connection to procede. Bugfix, amusingly, on 0.0.9rc5.
...
svn:r16944
2008-09-23 20:25:01 +00:00
Nick Mathewson
545b317e1f
Fix for bug 797 (by arma, with tweaks): always use create_fast for circuits where we do not know an onion key.
...
svn:r16942
2008-09-23 20:13:23 +00:00
Nick Mathewson
f28fc83ea5
More logging for mtbf/wfu calculations.
...
svn:r16941
2008-09-23 18:24:20 +00:00
Roger Dingledine
29abfab8bf
Update to the "September 1 2008" ip-to-country file.
...
svn:r16940
2008-09-23 09:51:05 +00:00
Nick Mathewson
b0c48d8e45
Oops; we need to make sure that DNS request names are matched in the _questions_ section of the replies. Rejecting answers whether the _answers_ section did not match made us reject A records waiting at the end of a CNAME record. Bug 823.
...
svn:r16933
2008-09-22 20:06:25 +00:00
Roger Dingledine
4fd9880540
give rend_client_desc_here a slightly more accurate name
...
svn:r16916
2008-09-16 10:26:15 +00:00
Roger Dingledine
38f2272d5d
patch from karsten for bug 814. whew.
...
svn:r16915
2008-09-16 10:17:04 +00:00
Roger Dingledine
dbb481c169
Serve the latest v3 networkstatus consensus via the control
...
port. Use "getinfo dir/status-vote/current/consensus" to fetch it.
svn:r16907
2008-09-14 04:07:29 +00:00
Roger Dingledine
2d95accc75
Allow ports 465 and 587 in the default exit policy again. We had
...
rejected them in 0.1.0.15, because back in 2005 they were commonly
misconfigured and ended up as spam targets. We hear they are better
locked down these days.
svn:r16898
2008-09-13 10:04:42 +00:00
Karsten Loesing
f0a5ef804f
Directory mirrors store and serve v2 hidden service descriptors by default.
...
svn:r16858
2008-09-11 20:06:04 +00:00
Roger Dingledine
2f18370821
and here too
...
svn:r16835
2008-09-10 19:08:46 +00:00
Nick Mathewson
1203850350
Coverity says it is okay to acknowledge them. Do so. Their tool is awesome.
...
svn:r16820
2008-09-10 00:06:07 +00:00
Nick Mathewson
f95d7c189b
Refactor unit test macros and tor_free_all() logic a bit so as to make it easier to free memory on failing tests, in order to suppress scanner warnings and to make dmalloc() usable with tests.
...
svn:r16816
2008-09-09 20:43:31 +00:00
Roger Dingledine
fa64d8041f
minor cleanups on karsten's patch
...
svn:r16810
2008-09-09 09:21:21 +00:00
Roger Dingledine
ef7af1d61e
karsten's patch for bug 767.
...
svn:r16808
2008-09-09 08:41:58 +00:00
Roger Dingledine
d37fae2f4e
Catch and report a few more bootstrapping failure cases when Tor
...
fails to establish a TCP connection. Cleanup on 0.2.1.x.
svn:r16803
2008-09-09 06:25:39 +00:00
Nick Mathewson
aacda9cd8e
We should not alter an addr_policy_t that has been canonicalized.
...
svn:r16802
2008-09-09 03:48:01 +00:00
Roger Dingledine
346ca2d48e
forward-port the 0.2.0.31 changelog
...
svn:r16800
2008-09-08 19:50:29 +00:00
Nick Mathewson
67327a863a
Fix a variable handling mistake when testing for libevent functions in configure.in. Found by Riastradh.
...
svn:r16793
2008-09-08 01:57:02 +00:00
Nick Mathewson
baeb260ad1
Refactor use of connection_new so that we get more verifiable typesafety.
...
svn:r16785
2008-09-05 22:09:44 +00:00
Nick Mathewson
cd5d0f3890
Add changelog for scanner-based stuff.
...
svn:r16784
2008-09-05 21:21:18 +00:00
Nick Mathewson
fa2f72ded7
An asterisk makes a difference sometimes. Fixes bug 809.
...
svn:r16758
2008-09-04 20:42:02 +00:00
Nick Mathewson
f80ac31d74
Add a lockfile to the Tor data directory to avoid situations where two Tors start with the same datadir, or where a --list-fingerprints races with a server to create keys, or such.
...
svn:r16722
2008-09-01 20:06:26 +00:00
Roger Dingledine
6942bd66ea
Fix compile on OpenBSD 4.4-current. Bugfix on 0.2.1.5-alpha.
...
Reported by Tas.
svn:r16713
2008-09-01 08:01:22 +00:00
Roger Dingledine
71968e7af9
further changelog cleanups
...
svn:r16707
2008-08-31 22:30:08 +00:00
Karsten Loesing
4347579085
Changelog entry for implementation of proposal 121.
...
svn:r16706
2008-08-31 22:23:32 +00:00
Peter Palfrader
94c3515092
A short changelog entry for the consensus changes
...
svn:r16705
2008-08-31 22:18:37 +00:00
Roger Dingledine
845a7017bc
clean up 0.2.1.5-alpha changelog
...
svn:r16704
2008-08-31 22:08:34 +00:00
Roger Dingledine
cfff21e78a
backport candidate:
...
If not enough of our entry guards are available so we add a new
one, we might use the new one even if it overlapped with the
current circuit's exit relay (or its family). Anonymity bugfix
pointed out by rovv.
svn:r16698
2008-08-31 06:33:39 +00:00
Nick Mathewson
80168d80d4
r17853@tombo: nickm | 2008-08-22 12:55:00 -0400
...
Oops. We had been telling people to use --with-ssl-dir, which had not worked since 0.2.0.1-alpha: --with-openssl-dir was the one that worked. Make them both work, document --with-openssl-dir, and mark --with-ssl-dir as obsolete. Found by "Dave".
svn:r16625
2008-08-22 16:55:28 +00:00
Nick Mathewson
fc52d85b7c
r17846@tombo: nickm | 2008-08-22 11:54:00 -0400
...
Make dns resolver code more robust: handle nameservers with IPv6 addresses, make sure names in replies match requested names, make sure origin address of reply matches the address we asked.
svn:r16621
2008-08-22 16:24:43 +00:00
Roger Dingledine
8f5642edbc
Relays now reject risky extend cells: if the extend cell includes
...
a digest of all zeroes, or asks to extend back to the relay that
sent the extend cell, tear down the circuit. Ideas suggested
by rovv.
svn:r16605
2008-08-20 05:21:43 +00:00
Nick Mathewson
fcf817f897
Switch global_identifier on connections to a 64-bit field and move it to connection_t. When procession onionskins, look up the connection by this field rather than by addr:port. This will keep us from dropping onionskins. How many dropped circuits are dropped because of this bug?
...
svn:r16558
2008-08-15 13:55:01 +00:00
Nick Mathewson
30422b5df1
Rate-limit "too-many-sockets" messages; they can get needlessly verbose.
...
svn:r16480
2008-08-09 15:35:37 +00:00
Nick Mathewson
22259a0877
The first of Karsten's proposal 121 patches: configure and maintain client authorization data. Tweaked a bit: see comments on or-dev.
...
svn:r16475
2008-08-08 14:36:11 +00:00
Nick Mathewson
5ab6fe0051
r17680@tombo: nickm | 2008-08-07 16:06:30 -0400
...
Add a missing safe_str for a debug_log_message. Fix the bad part of bug 674.
svn:r16462
2008-08-07 20:06:40 +00:00
Nick Mathewson
b81d70addb
Oops. On recent linux kernels we were not detecting the linux/netfilter_ipv4.h header properly, since we needed to have in_addr and in6_addr and __u32 defined before trying to include it. Fix that.
...
svn:r16460
2008-08-07 19:39:52 +00:00
Nick Mathewson
635f3c8aee
r17664@tombo: nickm | 2008-08-06 12:32:09 -0400
...
Patch from Christopher Davis: open /dev/pf before dropping privileges. Fixes bug 782. Backport candidate.
svn:r16450
2008-08-06 16:32:17 +00:00
Nick Mathewson
2905291af2
r17659@tombo: nickm | 2008-08-06 12:22:11 -0400
...
Fix bug 794: recover 3 bytes wasted per memory chunk. Fix from rovv.
svn:r16447
2008-08-06 16:22:25 +00:00
Roger Dingledine
b79fe6a0db
bump to 0.2.1.4-alpha-dev, add a future todo item
...
svn:r16440
2008-08-05 23:33:43 +00:00
Nick Mathewson
960a0f0a99
r17641@31-33-44: nickm | 2008-08-05 16:07:53 -0400
...
Initial conversion of uint32_t addr to tor_addr_t addr in connection_t and related types. Most of the Tor wire formats using these new types are in, but the code to generate and use it is not. This is a big patch. Let me know what it breaks for you.
svn:r16435
2008-08-05 20:08:19 +00:00
Roger Dingledine
d01813a8dd
Take out the TestVia config option, since it was a workaround for
...
a bug that was fixed in Tor 0.1.1.21.
svn:r16409
2008-08-05 00:12:05 +00:00
Roger Dingledine
18d3153fbb
get closer to a release
...
svn:r16408
2008-08-05 00:00:35 +00:00
Roger Dingledine
d5bb361977
minor fixes
...
svn:r16407
2008-08-04 23:59:38 +00:00
Karsten Loesing
1fe07f66f4
In some edge cases it occurs that the router descriptor of a previously picked introduction point becomes obsolete. In that case, don't stick to using that introduction point, but simply give up on it. Reverts some part of r15825.
...
svn:r16404
2008-08-04 23:35:12 +00:00
Karsten Loesing
f51bf847ab
Add changelog entries for r16372 and r16375.
...
svn:r16376
2008-08-03 19:27:19 +00:00
Karsten Loesing
3c9cd463d2
Fix a false assertion when extending a circuit to a relay to which a connection is already established. In that case the circuit should not need to memorize extend info for that relay. circuitbuild.c:389 contains a similar assertion.
...
svn:r16375
2008-08-03 17:45:24 +00:00
Roger Dingledine
fd4a30d198
bump to 0.2.1.3-alpha
...
svn:r16369
2008-08-03 05:35:42 +00:00
Nick Mathewson
1a76cd179a
When a struct ends with char a[1], the size of all earlier members of the struct is _not_ sizeof(st)-1; compilers add alignment. Problem spotted by rovv. Backport candidate.
...
svn:r16302
2008-07-31 12:18:14 +00:00
Nick Mathewson
186097906d
r17436@tombo: nickm | 2008-07-30 09:03:19 -0400
...
Move n_addr, n_port, and n_conn_id_digest fields of circuit_t into a separately allocated extend_info_t. Saves 22 bytes per connected circuit_t on 32-bit platforms, and makes me more comfortable with using tor_addr_t in place of uint32_t n_addr.
svn:r16257
2008-07-30 13:04:32 +00:00
Nick Mathewson
ea95ce25b6
r17323@aud-055: nickm | 2008-07-23 17:58:25 +0200
...
Implement most of proposal 110.
svn:r16156
2008-07-23 15:58:38 +00:00
Nick Mathewson
15b2b8bd69
r17309@aud-055: nickm | 2008-07-23 16:05:43 +0200
...
Patch from Christian Wilms: remove (HiddenService|Rend)(Exclude)?Nodes options. They never worked properly, and nobody seems to be using them. Resolves bug 754.
svn:r16144
2008-07-23 14:07:32 +00:00
Nick Mathewson
cc46b23248
r17308@aud-055: nickm | 2008-07-23 15:57:41 +0200
...
In connection_edge_destroy, send a stream status control event when we have an AP connection. Previously, we would send an event when the connection was AP and non-AP at the same time. This didn't work so well. Patch from Anonymous Remailer (Austria). Backport candidate.
svn:r16143
2008-07-23 14:07:26 +00:00
Nick Mathewson
087094961b
r17302@aud-055: nickm | 2008-07-23 14:55:28 +0200
...
Never allow a circuit to be created with the same circid as a circuit that has been marked for close. May be a fix for bug 779. Needs testing. Backport candidate.
svn:r16136
2008-07-23 12:55:55 +00:00
Nick Mathewson
c8160bce1f
r17188@tombo: nickm | 2008-07-18 14:35:18 -0400
...
Add new ExcludeExitNodes option. Also add a new routerset type to handle Exclude[Exit]Nodes. It is optimized for O(1) membership tests, so as to make choosing a random router run in O(N_routers) time instead of in O(N_routers*N_Excluded_Routers).
svn:r16061
2008-07-18 18:36:32 +00:00
Nick Mathewson
bdcbd23e23
Stop trying to detect versions of Tor on the server-side older than 0.1.1.15-rc; they simply do not work any more. Also add comment about how or_is_obsolete is a terrible field name.
...
svn:r15982
2008-07-16 13:15:11 +00:00
Roger Dingledine
9d57007119
integrate the 0.2.0.29-rc items into the release notes
...
svn:r15954
2008-07-16 00:04:00 +00:00
Roger Dingledine
267e61d0f3
When relays do their initial bandwidth measurement, don't limit
...
to just our our entry guards for the test circuits. Otherwise we
tend to have multiple test circuits going through a single entry
guard, which makes our bandwidth test less accurate. Fixes part
of bug 654; patch contributed by Josh Albrecht.
(Actually, modify Josh's patch to avoid doing that when you're
a bridge relay, since it would leak more than we want to leak.)
svn:r15850
2008-07-11 21:42:09 +00:00
Karsten Loesing
9231858ff5
Fix bug 763. When a hidden service is giving up on an introduction point candidate that was not included in the last published rendezvous descriptor, don't reschedule publication of the next descriptor.
...
svn:r15825
2008-07-10 21:02:01 +00:00
Nick Mathewson
cb7cc9e12d
r16882@tombo: nickm | 2008-07-10 14:31:25 -0400
...
Fix for session-related bug found by Geoff Goodell. backport candidate, once tested.
svn:r15821
2008-07-10 18:31:33 +00:00
Nick Mathewson
c5ec7a3677
Stop using __attribute__((nonnull)): It gets us occcasional warnings when we do something so foolish it can be detected without dataflow analysis, but it also eliminates some of our error checking code. Suggested by Peter Gutmann.
...
svn:r15803
2008-07-09 15:23:23 +00:00
Roger Dingledine
33a1210ec3
fix up a confusion on the release notes (thanks karsten)
...
svn:r15793
2008-07-09 12:36:26 +00:00
Roger Dingledine
2534bb8fef
remove duplicate changelog entries
...
svn:r15784
2008-07-09 10:28:11 +00:00
Roger Dingledine
dbbcb92cf0
forward-port the 0.2.0.29-rc changelog
...
svn:r15782
2008-07-09 10:10:37 +00:00
Nick Mathewson
133f011c49
Patch from coderman: detect transparent proxy header correctly on some linux versions.
...
svn:r15726
2008-07-07 15:09:26 +00:00
Nick Mathewson
0f8761f9fa
fix typos in last patch spotted by sebastian and karsten
...
svn:r15700
2008-07-06 18:47:27 +00:00
Nick Mathewson
615c64efb8
Apply fix from chrisw: call connection_ap_attach_pending when we get a rendezvous2 or rendezvous_established call. This is a bit brute-foce, but it is better than we had before, and might not even show up on profiles. Backport candidate, once tested.
...
svn:r15699
2008-07-06 18:34:45 +00:00
Nick Mathewson
9d7a2d4eae
r16689@tombo: nickm | 2008-07-03 11:03:14 -0400
...
Fix for bug 742: do not use O_CREAT on 2-option version of open(). Especially do not use it on /dev/null. Fix from Michael Scherer. Bugfix on 0.0.2pre19 (wow).
svn:r15626
2008-07-03 15:04:16 +00:00
Roger Dingledine
8ac852b965
put in some of the release summaries
...
svn:r15535
2008-06-28 04:23:26 +00:00
Nick Mathewson
3ec25c2410
r16587@tombo: nickm | 2008-06-28 00:13:40 -0400
...
fix for bug 704; found by sjmurdoch. Windows and recent openssl both want to define OCSP_RESPONSE; do not let them.
svn:r15533
2008-06-28 04:16:17 +00:00
Roger Dingledine
aec928e0b6
Send a bootstrap problem "warn" event on the first problem if the
...
reason is NO_ROUTE (that is, our network is down).
svn:r15443
2008-06-24 08:00:30 +00:00
Roger Dingledine
470f89119a
annotate some changelog entries
...
svn:r15442
2008-06-24 07:40:46 +00:00
Roger Dingledine
52c5014081
Change the contrib/tor.logrotate script so it makes the new
...
logs as "_tor:_tor" rather than the default, which is generally
"root:wheel". Fixes bug 676, reported by Serge Koksharov.
Andrew, you should check if this breaks the rpm building (or if
it makes it work better)
svn:r15404
2008-06-22 07:15:18 +00:00
Roger Dingledine
21cc898a46
mark changelog bugfixes with what version they're from
...
svn:r15384
2008-06-21 04:25:10 +00:00
Roger Dingledine
a2a3d1e329
prepare for the 0.2.1.2-alpha release. we will tag
...
sometime today. get your fixes in soon. :)
svn:r15371
2008-06-20 06:26:58 +00:00
Roger Dingledine
8fa912a8c5
If we close our OR connection because there's been a circuit
...
pending on it for too long, we were telling our bootstrap status
events "REASON=NONE". Now tell them "REASON=TIMEOUT".
svn:r15369
2008-06-20 04:42:17 +00:00
Roger Dingledine
94dabd2c23
If you're using bridges, generate "bootstrap problem" warnings
...
as soon as you run out of working bridges, rather than waiting
for ten failures -- which will never happen if you have less than
ten bridges.
svn:r15368
2008-06-20 04:34:39 +00:00
Roger Dingledine
dd50ffb1de
Big bridge bugfixes. Backport candidates.
...
If you have more than one bridge but don't know their keys,
you would only learn a request for the descriptor of the first one
on your list. (Tor considered launching requests for the others, but
found that it already had a connection on the way for $0000...0000
so it didn't open another.)
If you have more than one bridge but don't know their keys, and the
connection to one of the bridges failed, you would cancel all
pending bridge connections. (After all, they all have the same
digest.)
svn:r15366
2008-06-20 03:13:16 +00:00
Roger Dingledine
c6a94718cd
Directory authorities shouldn't complain about bootstrapping
...
problems just because they do a lot of reachability testing and
some of the connection attempts fail.
svn:r15348
2008-06-18 07:34:04 +00:00
Karsten Loesing
693d7e3e35
When establishing a hidden service, introduction points that originate from cannibalized circuits are completely ignored and not included in rendezvous service descriptors. Bugfix on 0.2.0.14-alpha. Backport candidate.
...
svn:r15332
2008-06-17 17:10:03 +00:00
Roger Dingledine
1ad83d74b1
Send an initial "Starting" bootstrap status event, so we have a
...
state to start out in.
svn:r15326
2008-06-17 08:15:42 +00:00
Nick Mathewson
dd6324b0c6
More bug 707 fixes: no #if/#endif pairs inside macro arguments.
...
svn:r15307
2008-06-16 18:35:21 +00:00
Nick Mathewson
6299f4429a
Clean up a macro/cpp interaction related to bug 707. Also, add a new "filename" config value type which is currently just a synonym for string, but which might be subject to expansion later.
...
svn:r15305
2008-06-16 18:09:53 +00:00
Nick Mathewson
44452c2756
r16341@tombo: nickm | 2008-06-15 22:04:25 -0400
...
Allow spaces to be omitted in approved-router file fingerprints. Requested by arma.
svn:r15296
2008-06-16 02:08:30 +00:00
Nick Mathewson
0831cc3dbc
Patch from Karsten to implement proposal 135 ("Testing Tor Networks").
...
svn:r15253
2008-06-14 16:01:29 +00:00
Peter Palfrader
4ef606b8fc
implement proposal 138: removing down routers from consensus
...
svn:r15230
2008-06-13 21:22:49 +00:00
Peter Palfrader
1f3dc9b22b
Asking for a conditional consensus at .../consensus/<fingerprints> would crash
...
a dirserver if it did not already have a consensus.
svn:r15227
2008-06-13 18:58:58 +00:00
Nick Mathewson
d4ed91c672
Set dynamic-locking callbacks in openssl. These can be more efficient when openssl uses them.
...
svn:r15222
2008-06-13 16:35:12 +00:00
Roger Dingledine
b2cd61258e
forward-port the 0.2.0.28-rc changelog
...
svn:r15194
2008-06-13 06:40:36 +00:00
Roger Dingledine
52d3be06f1
steal some of the bootstrap phase strings from vidalia
...
svn:r15193
2008-06-13 06:23:46 +00:00
Roger Dingledine
ca902b070e
make some of the 0.2.1.1-alpha changelog items more prominent
...
svn:r15186
2008-06-13 05:13:22 +00:00
Roger Dingledine
d395135e2f
fix a few typos, and give the bootstrap phase stuff a changelog entry.
...
svn:r15183
2008-06-13 04:26:05 +00:00
Roger Dingledine
001e2ac918
rearrange 0.2.1.1-alpha changelog
...
svn:r15177
2008-06-13 02:06:04 +00:00
Nick Mathewson
617843988c
r16215@tombo: nickm | 2008-06-12 18:39:03 -0400
...
Implement code to manually force the OpenSSL client cipher list to match the one recommended in proposal 124, *even if* we do not know all those ciphers. This is a bit of a kludge, but it is at least decently well commented.
svn:r15173
2008-06-12 22:39:13 +00:00
Roger Dingledine
555450ba73
note that weasel's proposal 134 code is off by default. i believe.
...
correct me if i'm wrong. :)
svn:r15156
2008-06-12 00:13:35 +00:00
Roger Dingledine
72cf0206d0
remove some duplicate changelog entries from the upcoming 0.2.1.1-alpha
...
release
svn:r15155
2008-06-12 00:08:25 +00:00
Karsten Loesing
906cf73062
ChangeLog entry for r15149.
...
svn:r15151
2008-06-11 23:40:17 +00:00
Karsten Loesing
f6997c64c0
Added ChangeLog entry for r15113.
...
svn:r15114
2008-06-10 23:42:40 +00:00
Nick Mathewson
b87a7760e0
r16129@tombo: nickm | 2008-06-10 14:28:06 -0400
...
More geoip tweaks. Include in the file a rough estimator of our total share.
svn:r15099
2008-06-10 18:28:10 +00:00
Nick Mathewson
d0a4ad3a1c
r16127@tombo: nickm | 2008-06-10 14:03:01 -0400
...
Improved code for counting clients by country: support recording by number of directory status requests in addition to number of IPs seen.
svn:r15097
2008-06-10 18:08:56 +00:00
Roger Dingledine
9b626988a6
flush some changes in my sandbox -- ancient changelog typos, etc
...
svn:r15007
2008-06-07 05:24:47 +00:00
Roger Dingledine
ebab48769d
Stop reloading the router list from disk for no reason when we
...
run out of reachable directory mirrors. Once upon a time reloading
it would set the 'is_running' flag back to 1 for them. It hasn't
done that for a long time.
svn:r15004
2008-06-07 04:56:08 +00:00
Roger Dingledine
ca416a78e3
When we switched to using v3 directories, we threw away the part of
...
the "do we have enough directory info?" calculation that checked
how many relays we believed to still be running based on our own
experience. So if we went offline, we never gave up trying to make
new circuits; worse, when we came back online we didn't recognize
that we should give all the relays another chance. Bugfix on
0.2.0.9-alpha; fixes bugs 648 and 675.
svn:r14970
2008-06-05 10:57:09 +00:00
Roger Dingledine
953ca6d840
forward-port the 0.2.0.27-rc changelog
...
svn:r14967
2008-06-05 06:27:58 +00:00
Nick Mathewson
61ac80a914
Ouch. We were sometimes getting openssl compression by default. This is pointless for us, since the overwhelming majority of our cells are encrypted, full of compressed data, or both. This is also harmful, since doing piles of compression is not cheap. Backport candidate once more tested.
...
svn:r14830
2008-05-29 14:39:56 +00:00
Nick Mathewson
ac330d9ba7
New code to implement proposal for local geoip stats. Only enabled with --enable-geoip-stats passed to configure.
...
svn:r14802
2008-05-29 02:29:35 +00:00
Nick Mathewson
6bfa96bfc7
Fix bug noted by roger: rebuild extrainfo store from time to time, even if we have never actually downloaded an extrainfo. Bridge authorities need this, or they never clean the extrainfo store.
...
svn:r14792
2008-05-29 00:44:57 +00:00
Nick Mathewson
bd3b86df3b
Several geoip changes/fixes as requested.
...
svn:r14780
2008-05-28 18:31:57 +00:00
Nick Mathewson
4ea2a4595e
Fix the first part of bug 681, as suggested by Robert Hogan on or-talk.
...
svn:r14754
2008-05-27 21:02:36 +00:00
Nick Mathewson
9975c4f6f8
Fix part of bug 681: always reattach tunneled directory connections, regardless of the setting for LeaveStreamsUnattached
...
svn:r14750
2008-05-27 20:26:40 +00:00
Roger Dingledine
a318214f9b
and forward-port the 0.2.0.26-rc notes
...
svn:r14692
2008-05-23 11:54:46 +00:00
Nick Mathewson
da67500336
If the user has an openssl that supports my "release buffer ram" patch, use it.
...
svn:r14671
2008-05-19 18:13:00 +00:00
Nick Mathewson
0b6b356f71
r19725@catbus: nickm | 2008-05-13 08:47:18 -0400
...
Forward-port: update authority keys affected by Debian OpenSSL bug (See CVE-2008-0166 or http://lists.debian.org/debian-security-announce/2008/msg00152.html )
svn:r14603
2008-05-13 12:47:27 +00:00
Nick Mathewson
e1ef199cf6
r19714@catbus: nickm | 2008-05-12 17:11:47 -0400
...
Fwdport Bugfix: an authority signature is "unrecognized" if we lack a dirserver entry for it, even if we have an older cached certificate that says it is recognized. This affects clients who remove entries from their dirserver list without clearing their certificate cache.
svn:r14597
2008-05-12 21:12:21 +00:00
Nick Mathewson
f3f6ecef48
r19690@catbus: nickm | 2008-05-11 22:13:31 -0400
...
Implement a proposal to let a directory authority migrate its identity key without ceasing to sign consensuses.
svn:r14584
2008-05-12 02:14:01 +00:00
Roger Dingledine
db874621f4
forward-port recent releases
...
svn:r14558
2008-05-05 04:08:49 +00:00
Peter Palfrader
3185099126
And a changelog entry
...
svn:r14454
2008-04-24 15:51:55 +00:00
Nick Mathewson
d02d6660a8
r15308@tombo: nickm | 2008-04-23 16:46:48 -0400
...
Free baddir and badexit policy lists on exit. fixes bug 672. only affects authorities.
svn:r14431
2008-04-23 20:47:53 +00:00
Nick Mathewson
41929c2684
r15287@tombo: nickm | 2008-04-22 17:09:25 -0400
...
Periodically launch requests for server/authority.z when it might help us learn our IP. Fix for bug 652.
svn:r14418
2008-04-22 21:10:41 +00:00
Roger Dingledine
d72b256f4f
When we choose to abandon a new entry guard because we think our
...
older ones might be better, close any circuits pending on that
new entry guard connection. Bugfix on 0.1.2.8-beta; found by lodger.
svn:r14417
2008-04-22 18:38:25 +00:00
Nick Mathewson
bc95a4dbcb
r15283@tombo: nickm | 2008-04-22 13:43:45 -0400
...
Correctly notify one-hop connections when a circuit build has failed. possible fix for bug 669. found by lodger.
svn:r14415
2008-04-22 17:44:28 +00:00
Nick Mathewson
21592ad429
r15278@tombo: nickm | 2008-04-22 13:17:37 -0400
...
Apply patch from mwenge to fix bug 646: makes stream events for dns requests get generated more consistently.
svn:r14413
2008-04-22 17:21:12 +00:00
Nick Mathewson
ef9c34688c
r15273@tombo: nickm | 2008-04-22 12:32:28 -0400
...
apply patch from lodger: reject requests for reverse-dns lookup of names in private address space. make non-exits reject all dns requests. Fixes bug 619.
svn:r14410
2008-04-22 16:32:55 +00:00
Nick Mathewson
6e979489dc
r15269@tombo: nickm | 2008-04-22 12:23:30 -0400
...
Fix bug 663: warn less verbosely about clock skew from netinfo cells
svn:r14408
2008-04-22 16:23:47 +00:00
Nick Mathewson
299014b2c7
r15251@tombo: nickm | 2008-04-22 11:59:46 -0400
...
On platforms using pthreads, allow a thread to acquire a lock it already holds. This is crucial for logging: otherwise any log message thrown from inside the logging process (especially from control.c) will deadlock. Win32 CriticalSections are already recursive. Bug spotted by nwf. Bugfix on 0.2.0.16-alpha. Backport candidate. I hope this is portable.
svn:r14406
2008-04-22 15:59:59 +00:00
Nick Mathewson
1b9c06ab96
r15230@tombo: nickm | 2008-04-17 16:18:08 -0400
...
Do not allocate excess space for named_flag and unnamed_flag in dirvote.c. Fixes bug 662. Not a dangerous bug: sizeof(int*) is at least as big as sizeof(int) everywhere.
svn:r14391
2008-04-17 20:23:13 +00:00
Roger Dingledine
335e264fbb
X *still* hasn't fixed its (*%#(*ing copy and paste bug? in how
...
many years?
svn:r14354
2008-04-11 03:44:50 +00:00
Roger Dingledine
fb8dadc5b6
and forward-port that
...
svn:r14352
2008-04-11 03:43:16 +00:00
Nick Mathewson
b927ede48c
r15161@31-33-107: nickm | 2008-04-10 11:11:58 -0400
...
Make dumpstats() log the size and fullness of openssl-internal buffers, so I can test my hypothesis that many of them are empty, and my alternative hypothesis that many of them are mostly empty, against the null hypothesis that we really need to be burning 32K per open OR connection on this.
svn:r14350
2008-04-10 15:12:24 +00:00
Nick Mathewson
20cf4d1f09
r19283@catbus: nickm | 2008-04-09 21:44:18 -0400
...
The optimist calls the glass half full. The pessimist calls it half empty. The engineer says it is twice as large as it needs to be. In this case, the engineer says that the default smartlist size is twice as large as it needs to be and wouldn't it be nice to save half a megabyte with a one-line patch?
svn:r14341
2008-04-10 01:44:23 +00:00
Nick Mathewson
186df044cd
r19262@catbus: nickm | 2008-04-09 14:05:20 -0400
...
When writing relay cells to a buffer, update timestamp_last_added_nonpadding. Bugfix on 0.2.0.1-alpha. Backport candidate.
svn:r14329
2008-04-09 18:05:47 +00:00
Nick Mathewson
a627407fcb
r19233@catbus: nickm | 2008-04-08 13:06:34 -0400
...
When we remove old routers, use Bloom filters rather than a digestmap-based set in order to tell which ones we absolutely need to keep. This will save us roughly a kazillion little short-lived allocations for hash table entries.
svn:r14318
2008-04-08 17:06:41 +00:00
Nick Mathewson
2d68487e7f
r19229@catbus: nickm | 2008-04-07 12:28:22 -0400
...
Add a new SMARTLIST_FOREACH_JOIN macro to iterate through two sorted lists in lockstep. This happens at least 3 times in the code so far, and is likely to happen more in the future. Previous attempts to do so proved touchy, tricky, and error-prone: now, we only need to get it right in one place.
svn:r14309
2008-04-07 16:28:34 +00:00
Peter Palfrader
53e656eaa6
A changelog entry for r14277
...
svn:r14278
2008-04-01 21:07:45 +00:00
Peter Palfrader
9d132fbde6
Add --hush switch.
...
New --hush command-line option similar to --quiet. While --quiet disables all
logging to the console on startup, --hush limits the output to messages of
warning and error severity.
svn:r14222
2008-03-27 17:25:49 +00:00
Nick Mathewson
9ee7f6e826
r19105@catbus: nickm | 2008-03-27 13:01:47 -0400
...
oops. Note bug number in changelog.
svn:r14220
2008-03-27 17:01:52 +00:00
Nick Mathewson
12b217bce8
r19091@catbus: nickm | 2008-03-27 12:42:57 -0400
...
Stop reading torrc when all we want to do is --hash-password. Fix based on patch from Sebastian Hahn. Backport candidate.
svn:r14214
2008-03-27 16:46:34 +00:00
Nick Mathewson
02acee891c
r19089@catbus: nickm | 2008-03-27 11:05:23 -0400
...
Free some static hashtables and the log mutex on exit. Backport candidate.
svn:r14212
2008-03-27 15:05:28 +00:00
Nick Mathewson
fa15ed4b7b
r19079@catbus: nickm | 2008-03-26 17:16:46 -0400
...
Free authority certs on exit. Backport candidate.
svn:r14205
2008-03-26 21:16:56 +00:00
Nick Mathewson
944bd3dbed
r19074@catbus: nickm | 2008-03-26 17:08:32 -0400
...
Start new address policies with refcount of 1, not 2. Backport candidate once tested more.
svn:r14204
2008-03-26 21:08:39 +00:00
Nick Mathewson
745f3c859a
r19066@catbus: nickm | 2008-03-26 13:24:15 -0400
...
Initialize logging before we log anything. Bugfix on 0.2.0.x-alpha.
svn:r14199
2008-03-26 17:25:16 +00:00
Nick Mathewson
e4ebe3409e
r19049@catbus: nickm | 2008-03-26 12:33:25 -0400
...
Add new stacklike, free-all-at-once memory allocation strategy. Use it when parsing directory information. This helps parsing speed, and may well help fragmentation some too. hidden-service-related stuff still uses the old tokenizing strategies.
svn:r14194
2008-03-26 16:33:33 +00:00
Roger Dingledine
55ca7e15fb
forward-port the 0.2.0.23-rc changelog
...
svn:r14181
2008-03-25 18:36:16 +00:00
Nick Mathewson
41deb5cd7b
r19039@catbus: nickm | 2008-03-25 12:15:58 -0400
...
Add some unit tests, particularly for AES counter mode.
svn:r14180
2008-03-25 16:16:05 +00:00
Nick Mathewson
b5b77f8bf3
r19004@catbus: nickm | 2008-03-21 15:18:43 -0400
...
Use RAND_poll() again: the bug that made us stop using it has been fixed.
svn:r14150
2008-03-21 19:18:57 +00:00
Nick Mathewson
64f38f217a
r19003@catbus: nickm | 2008-03-21 15:13:57 -0400
...
Make --enable-gcc-warnings work under the recently released GCC 4.3.
svn:r14149
2008-03-21 19:18:54 +00:00
Roger Dingledine
3fb922f4d5
correct the 0.2.0.22-rc changelog in trunk
...
svn:r14118
2008-03-19 00:23:07 +00:00
Nick Mathewson
e96d22e914
r18941@catbus: nickm | 2008-03-18 14:59:43 -0400
...
Likely fix for bug 632: do not call start_reading on a placeholder connection.
svn:r14109
2008-03-18 19:00:12 +00:00
Nick Mathewson
a62a24036d
r18937@catbus: nickm | 2008-03-18 14:50:39 -0400
...
Fix the other lingering part of bug 617: make ClientDNSRejectInternalAddresses actually work.
svn:r14107
2008-03-18 18:51:34 +00:00
Nick Mathewson
7dd78f1576
r18929@catbus: nickm | 2008-03-18 12:08:16 -0400
...
Detect errors from directory listing correctly on win32. Bug found by lodger.
svn:r14102
2008-03-18 16:08:49 +00:00
Nick Mathewson
05f5d778a2
r18919@catbus: nickm | 2008-03-18 10:53:38 -0400
...
Forward-port bug 622 fix as diagnosed by lodger.
svn:r14096
2008-03-18 14:53:41 +00:00
Roger Dingledine
2117abbe3f
forward-port the 0.2.0.22-rc changelog entry, plus remove
...
some duplicate items.
svn:r14086
2008-03-18 02:39:34 +00:00
Nick Mathewson
9a24158c69
r18880@catbus: nickm | 2008-03-17 12:51:24 -0400
...
Fix policy-related crash bug found by lodger.
svn:r14077
2008-03-17 16:51:48 +00:00
Peter Palfrader
0cccf7375b
And use 16k pages on ia64. Maybe this should be a configure thing
...
svn:r14073
2008-03-17 09:46:18 +00:00
Nick Mathewson
e6b617bf05
r18872@catbus: nickm | 2008-03-16 23:56:48 -0400
...
Only dump all guard node status to the log when the guard node status actually changes. Downgrade the 4 most common remaining INFO log messages to DEBUG.
svn:r14069
2008-03-17 04:07:51 +00:00
Nick Mathewson
c59f66709d
r18862@catbus: nickm | 2008-03-16 23:33:11 -0400
...
Part of fix for bug 617: allow connection_ap_handshake_attach_circuit() to mark connections, to avoid double-mark warnings. Note that this is an incomplete refactoring.
svn:r14066
2008-03-17 03:37:54 +00:00
Nick Mathewson
0b941640df
r18852@catbus: nickm | 2008-03-16 22:47:19 -0400
...
Downgrade "sslv3 alert handshake failure" message to info.
svn:r14057
2008-03-17 02:47:49 +00:00
Nick Mathewson
b29f763ee1
r18850@catbus: nickm | 2008-03-16 22:35:38 -0400
...
Use 8k pages in openbsd malloc code on alpha. Bug and solution found by weasel. Also, when initializing openbsd malloc code, check that compiled page size matches output of getpagesize().
svn:r14056
2008-03-17 02:47:40 +00:00
Nick Mathewson
0c6fc51909
r18793@catbus: nickm | 2008-03-13 14:09:19 -0400
...
Add a malloc_good_size() implementation to OpenBSD_malloc_Linux.c. Also, make configure.in not use support functions for the platform malloc when we are not using the platform mallocs.
svn:r14010
2008-03-13 18:11:33 +00:00
Peter Palfrader
56580ae84e
Add a changelog entry for rr14003/r14005
...
svn:r14007
2008-03-13 16:56:20 +00:00
Peter Palfrader
e6b2d119e8
Assert that severity in logv() is sane. Interesting effects otherwise (It is being used as an array index)
...
svn:r14006
2008-03-13 16:56:14 +00:00
Nick Mathewson
cad3d651d0
r18783@catbus: nickm | 2008-03-13 11:06:45 -0400
...
Oops, do a better fix for that.
svn:r14001
2008-03-13 15:06:49 +00:00
Nick Mathewson
ac6cc43047
r18781@catbus: nickm | 2008-03-13 11:00:51 -0400
...
Have OpenBSD_malloc_Linux.c use SIZE_T_MAX from torint.h, instead of checking cpu macros. There is always one more cpu you havent checked for.
svn:r14000
2008-03-13 15:06:26 +00:00
Nick Mathewson
4d32c2e81f
r18751@catbus: nickm | 2008-03-11 14:22:43 -0400
...
Fix for bug 614: always look at the network BIO for the SSL object, not at the buffering BIO (if one exists because we are renegotiating or something). Bugfix on 0.1.2.x, oddly enough, though it should be impossible to trigger the problem there. Backport candidate. See comments in tortls.c for detailed implementation note.
svn:r13975
2008-03-11 18:22:49 +00:00
Nick Mathewson
24f91d2876
r18747@catbus: nickm | 2008-03-11 13:21:25 -0400
...
Request client certs when renegotiating on server-side. Spotted by lodger. Bugfix on 0.2.0.x.
svn:r13973
2008-03-11 17:21:44 +00:00
Nick Mathewson
4b65ea0ec0
r18730@catbus: nickm | 2008-03-11 00:47:04 -0400
...
Forward-port: Fix the SVK version detection logic to work right on a branch: tolerate multiple "copied from" tags and only look at the first.
svn:r13959
2008-03-11 04:47:07 +00:00
Nick Mathewson
8b24e01599
r18723@catbus: nickm | 2008-03-11 00:25:30 -0400
...
Fix bug spotted by mwenge: a server_event should not be a sever_event. Also, fix compile errors in config.c and control.c with --enable-gcc-warnings.
svn:r13957
2008-03-11 04:30:14 +00:00
Nick Mathewson
f56ba5f3d6
r18630@catbus: nickm | 2008-03-05 17:31:33 -0500
...
Implement domain-selection for logging. Source is documented; needs documentation in manpage (maybe). For now, see doxygen comment on parse_log_severity_config in log.c
svn:r13875
2008-03-05 22:31:39 +00:00
Roger Dingledine
5bf0a01011
forward-port r13799 and the 0.2.0.21-rc changelog
...
svn:r13808
2008-03-02 22:29:04 +00:00
Nick Mathewson
77d1654c50
r18535@catbus: nickm | 2008-03-01 09:58:33 -0500
...
Whoo. People diagnosed and fixed bug 616. See changelog for details. Bugfix on 0.2.0.20-rc.
svn:r13793
2008-03-01 14:59:03 +00:00
Roger Dingledine
c5a7ff8e43
forward-port r13777
...
svn:r13778
2008-02-29 01:45:06 +00:00
Nick Mathewson
eefe2a3562
r18462@catbus: nickm | 2008-02-27 14:15:57 -0500
...
Add better warnings for the error that produced bug 614, and downgrade from a tor_assert() to a tor_fragile_assert().
svn:r13752
2008-02-27 19:19:34 +00:00
Roger Dingledine
f24b7a3f8f
a blurb for 0.2.0.20-rc
...
svn:r13732
2008-02-26 03:11:37 +00:00
Roger Dingledine
3dd9a3a23a
bump to 0.2.0.20-rc
...
svn:r13715
2008-02-25 00:39:58 +00:00
Nick Mathewson
ee8dce3084
r14421@tombo: nickm | 2008-02-24 17:05:18 -0500
...
Patch from mwenge: always willingly serve our own extrainfo from the controlport
svn:r13699
2008-02-24 22:11:12 +00:00
Nick Mathewson
dde81de3dd
r14419@tombo: nickm | 2008-02-24 16:55:11 -0500
...
Patch from tup: use sizeof sockaddr_un as the size of a unix sockaddr. Fixes unix controlsocket binding on openbsd.
svn:r13697
2008-02-24 22:11:00 +00:00
Roger Dingledine
31f72a3d80
Servers that don't know their own IP address should go to the
...
authorities for their first directory fetch, even if their DirPort
is off or if they don't know they're reachable yet. This will help
them bootstrap better. Bugfix on 0.2.0.18-alpha; fixes bug 609.
svn:r13688
2008-02-23 23:39:16 +00:00
Roger Dingledine
cd4b95e402
Make "HashedControlPassword" an alias for "__HashedControlSessionPassword"
...
if it appears on the commandline. should help with bug 586.
svn:r13683
2008-02-22 23:20:28 +00:00
Nick Mathewson
7589765ae9
r14401@tombo: nickm | 2008-02-22 15:33:42 -0500
...
Fix a really stupid parthensis error noticed by mwenge.
svn:r13681
2008-02-22 20:33:47 +00:00
Nick Mathewson
a20eda5669
r14396@tombo: nickm | 2008-02-22 14:07:37 -0500
...
Add --passphrase-fd to tor-gencert.
svn:r13679
2008-02-22 19:07:52 +00:00
Nick Mathewson
b21a122ef6
r14379@tombo: nickm | 2008-02-21 17:14:24 -0500
...
Enable v2 handshakes.
svn:r13666
2008-02-21 22:14:32 +00:00
Nick Mathewson
e790dbe779
r18347@catbus: nickm | 2008-02-21 15:54:40 -0500
...
Make autoconf autodetect -Wshorten-64-to-32 when --enable-gcc-warnings is given to the configure script.
svn:r13661
2008-02-21 20:54:45 +00:00
Nick Mathewson
5c03f82a65
r18345@catbus: nickm | 2008-02-21 13:45:04 -0500
...
Do the last part of arma's fix for bug 437: Track the origin of every addrmap, and use this info so we can remove all the trackhostexits-originated mappings for a given exit.
svn:r13660
2008-02-21 18:45:11 +00:00
Nick Mathewson
e2f25558b9
r14362@31-33-219: nickm | 2008-02-21 11:01:10 -0500
...
Change some of our log messages related to closed TLS connections in order to better reflect reality.
svn:r13657
2008-02-21 16:11:58 +00:00
Nick Mathewson
e18ee2a2ab
r14357@31-33-219: nickm | 2008-02-21 10:39:11 -0500
...
Fix bug-handling code for unhandled write errors, so that it does not try to flush any data on the failed connection. Bugfix on 0.1.2.x.
svn:r13655
2008-02-21 15:39:26 +00:00
Roger Dingledine
18a209ffe6
Even though the man page said that "TrackHostExits ." should
...
work, nobody had ever implemented it. Bugfix on 0.1.0.x.
svn:r13647
2008-02-21 08:08:13 +00:00
Roger Dingledine
828c707812
Change the behavior of "getinfo status/good-server-descriptor"
...
so it doesn't return failure when any authority disappears.
svn:r13645
2008-02-21 06:06:45 +00:00
Roger Dingledine
1812a22a60
If we're trying to flush the last bytes on a connection (for
...
example, when answering a directory request), reset the
time-to-give-up timeout every time we manage to write something
on the socket. Bugfix on 0.1.2.x.
svn:r13643
2008-02-21 05:51:09 +00:00
Nick Mathewson
1df0647c66
r18291@catbus: nickm | 2008-02-20 22:35:32 -0500
...
Resolve all DOCDOC issues, and document some other undocumented code, and fix a changelog entry.
svn:r13638
2008-02-21 03:38:46 +00:00
Nick Mathewson
ae507a61cc
r18288@catbus: nickm | 2008-02-20 21:18:38 -0500
...
Recover from bad tracked-since value in mtbf history file. This may finally close bug 537.
svn:r13636
2008-02-21 02:18:41 +00:00
Nick Mathewson
0e9dcfab97
r18286@catbus: nickm | 2008-02-20 21:10:33 -0500
...
Fix a bug that kept buf_find_string_offset from finding a string at the very end of the buffer. Add a unit test for this. Also, do not save a pointer to a chunk that might get reallocated by buf_pullup().
svn:r13635
2008-02-21 02:10:38 +00:00
Nick Mathewson
1c5d641d89
r18277@catbus: nickm | 2008-02-20 18:28:45 -0500
...
Fix spelling
svn:r13631
2008-02-20 23:38:53 +00:00
Nick Mathewson
f0e523c6ef
r18272@catbus: nickm | 2008-02-20 18:20:33 -0500
...
add a flag to suppress overwriting the certificates file with new certificates, so we do not overwrite all certs when starting as an authority.
svn:r13630
2008-02-20 23:20:36 +00:00
Nick Mathewson
93aa335516
r18269@catbus: nickm | 2008-02-20 17:28:24 -0500
...
Apply patch from Sebastian Hahn: stop imposing an arbitrary maximum on the number of file descriptors used for busy servers. Bug reported by Olaf Selke.
svn:r13626
2008-02-20 22:28:26 +00:00
Nick Mathewson
7521ef9a00
r18264@catbus: nickm | 2008-02-20 12:48:21 -0500
...
fix bufs in buf_pos_t implementation.
svn:r13623
2008-02-20 17:48:39 +00:00
Roger Dingledine
f2ed011813
We were comparing the raw BridgePassword entry with a base64'ed
...
version of it, when handling a "/tor/networkstatus-bridges"
directory request. Now compare correctly. Noticed by Veracode.
svn:r13609
2008-02-20 02:05:28 +00:00
Nick Mathewson
9479dd3768
r18226@catbus: nickm | 2008-02-19 18:01:01 -0500
...
Brown-paper-bag time. We were failing to count all the sockets from accept().
svn:r13595
2008-02-19 23:01:07 +00:00
Nick Mathewson
4ccffd7aea
r18218@catbus: nickm | 2008-02-19 17:27:40 -0500
...
When SafeLogging is off, have TLS errors and messages logged with their associated addresses.
svn:r13591
2008-02-19 22:27:44 +00:00
Nick Mathewson
749735215b
r18208@catbus: nickm | 2008-02-19 17:02:30 -0500
...
Add some checks in torgzip.c to make sure we never overflow size_t there. Also make sure we do not realloc(list,0) in container.c. Backport candidate.
svn:r13587
2008-02-19 22:05:49 +00:00
Roger Dingledine
da7f0315e6
maybe it should compile too.
...
svn:r13585
2008-02-19 21:41:43 +00:00
Roger Dingledine
d964beac16
If we only ever used Tor for hidden service lookups or posts, we
...
would stop building circuits and start refusing connections after
24 hours, since we false believed that Tor was dormant. Reported
by nwf; bugfix on 0.1.2.x.
svn:r13583
2008-02-19 21:30:24 +00:00
Nick Mathewson
952a3cb8fb
r14240@tombo: nickm | 2008-02-17 14:26:52 -0500
...
Add a --with-tcmalloc argument to configure.
svn:r13546
2008-02-17 19:26:55 +00:00
Nick Mathewson
a8b371c333
r14238@tombo: nickm | 2008-02-17 14:03:44 -0500
...
Add openbsd memory allocator discussed in bug 468, to make it easier for linux users to get non-awful allocation patterns. Use --enable-openbsd-malloc to turn it on. Needs more testing.
svn:r13544
2008-02-17 19:03:49 +00:00
Nick Mathewson
faa56a500b
r14236@tombo: nickm | 2008-02-17 13:44:55 -0500
...
Partial fix for bug 586: Add an ephemeral __HashedControlSessionPassword.
svn:r13543
2008-02-17 18:45:07 +00:00
Roger Dingledine
4c1e516a09
cleanups and changelog entry for r13540
...
svn:r13542
2008-02-17 16:52:24 +00:00
Nick Mathewson
24e8e1fb36
r14185@tombo: nickm | 2008-02-15 18:05:54 -0500
...
Replace the hefty tor_strpartition with a simple function to replace its only (trivial) use.
svn:r13532
2008-02-15 23:39:14 +00:00
Nick Mathewson
275bb57a77
r18068@catbus: nickm | 2008-02-13 11:33:19 -0500
...
Patch from karsten: make hidden service code respect SafeLogging.
svn:r13493
2008-02-13 16:34:00 +00:00
Roger Dingledine
740097a65e
We were leaking a file descriptor if Tor started with a zero-length
...
cached-descriptors file. Patch by freddy77; bugfix on 0.1.2.
svn:r13488
2008-02-13 07:23:37 +00:00
Roger Dingledine
3abafccd0e
Start choosing which bridge to use proportional to its advertised
...
bandwidth, rather than uniformly at random. This should speed up Tor
for bridge users. Also do this for people who set StrictEntryNodes.
svn:r13486
2008-02-12 22:02:47 +00:00
Nick Mathewson
f3eaeb99a3
r18051@catbus: nickm | 2008-02-12 15:20:43 -0500
...
Re-tune mempool parametes based on testing on peacetime: use smaller chuncks, free them a little more aggressively, and try very hard to concentrate allocations on fuller chunks. Also, lots of new documentation.
svn:r13484
2008-02-12 20:20:52 +00:00
Roger Dingledine
dc94b1a226
blurbs for 0.2.0.18-alpha and 0.2.0.19-alpha
...
svn:r13481
2008-02-12 05:18:24 +00:00
Roger Dingledine
28483467d0
Directory mirrors no longer include a guess at the client's IP
...
address if the connection appears to be coming from the same /24
network; it was producing too many wrong guesses.
svn:r13464
2008-02-11 05:31:56 +00:00
Nick Mathewson
bc4d6515fc
r14111@tombo: nickm | 2008-02-10 20:52:19 -0500
...
"0 bytes in 1 empty chunks" is hardly likely.
svn:r13463
2008-02-11 01:52:24 +00:00
Roger Dingledine
c254ba70c0
rearrange the changelog
...
svn:r13446
2008-02-09 17:13:28 +00:00
Roger Dingledine
965afb4970
cleanups on r13442.
...
oh, and this should be backported too.
svn:r13444
2008-02-09 10:46:22 +00:00
Nick Mathewson
a378bb5f5a
r17985@catbus: nickm | 2008-02-08 16:30:02 -0500
...
Bugfix from Karsten Loesing: Retry v2 rend descriptors on intro point failure.
svn:r13431
2008-02-08 21:30:07 +00:00
Nick Mathewson
141a5877f3
r14063@tombo: nickm | 2008-02-08 15:48:32 -0500
...
Add a bunch more code documentation; change the interface of fetch_var_cell_from_buf() so it takes the current link protocol into account and can't get confused by weird command bytes on v1 connections.
svn:r13430
2008-02-08 21:13:15 +00:00
Nick Mathewson
de827f89df
r14062@tombo: nickm | 2008-02-08 15:17:07 -0500
...
Change DNs in x509 certificates to be harder to fingerprint. Raise common code. Refactor random hostname generation into crypto.c
svn:r13429
2008-02-08 21:13:12 +00:00
Nick Mathewson
809227a121
r14061@tombo: nickm | 2008-02-08 14:30:42 -0500
...
Add a couple of (currently disabled) strategies for trying to avoid using too much ram in memory pools: prefer putting new cells in almost-full chunks, and be willing to free the last empty chunk if we have not needed it for a while. Also add better output to mp_pool_log_status to track how many mallocs a given memory pool strategy is saving us, so we can tune the mempool parameters.
svn:r13428
2008-02-08 21:13:08 +00:00
Nick Mathewson
eecc44dab8
r17963@catbus: nickm | 2008-02-07 10:14:25 -0500
...
Be more thorough about memory poisoning and clearing. Add an in-place version of aes_crypt in order to remove a memcpy from relay_crypt_one_payload.
svn:r13414
2008-02-07 16:10:33 +00:00
Nick Mathewson
f77b8338d2
r17957@catbus: nickm | 2008-02-06 20:08:29 -0500
...
Oops; left a dquote out of acinclude.m4
svn:r13410
2008-02-07 01:08:33 +00:00
Nick Mathewson
6e2946fb5d
r17949@catbus: nickm | 2008-02-06 13:21:12 -0500
...
Fix bandwidth bucked calculations again, I think. Bugfix on 0.1.2.x. Backport candidate.
svn:r13406
2008-02-06 18:21:16 +00:00
Nick Mathewson
368f62c79d
r17933@catbus: nickm | 2008-02-05 19:54:28 -0500
...
Stamp out a bunch of atoi users; make more tor_parse_long() users check their outputs.
svn:r13395
2008-02-06 00:54:47 +00:00
Nick Mathewson
12071df6c8
r17930@catbus: nickm | 2008-02-05 18:20:40 -0500
...
Initial attempts to track down bug 600, and refactor possibly offending code. 1) complain early if circuit state is set to OPEN when an onionskin is pending. 2) refactor onionskin field into one only used when n_conn is pending, and a separate onionskin field waiting for attention by a cpuworker. This might even fix the bug. More likely, it will make it fail with a more useful core.
svn:r13394
2008-02-05 23:20:49 +00:00
Nick Mathewson
fac2cd3b03
r17916@catbus: nickm | 2008-02-05 16:29:35 -0500
...
Fix some XXX020 items in control.c: add a maximum line length and note that the number of versioning authorities is no longer apparent to clients.
svn:r13390
2008-02-05 21:39:49 +00:00
Nick Mathewson
c11c48fc78
r17913@catbus: nickm | 2008-02-05 16:11:33 -0500
...
Correctly register failures in connection_add() in dnsserv_launch_request()
svn:r13387
2008-02-05 21:39:40 +00:00
Roger Dingledine
fdbefc8934
If we're a relay, avoid picking ourselves as an introduction point,
...
a rendezvous point, or as the final hop for internal circuits. Bug
reported by taranis and lodger. Bugfix on 0.1.2.x.
svn:r13372
2008-02-04 17:25:24 +00:00
Roger Dingledine
426a9bbde1
Don't trigger an assert if we start a directory authority with a
...
private IP address (like 127.0.0.1).
svn:r13371
2008-02-04 16:58:50 +00:00
Nick Mathewson
91bac90310
r17863@catbus: nickm | 2008-02-01 00:27:07 -0500
...
Bugfix from weasel: possible fix for 593: make connection_write_to_buf("") work when using zlib compression.
svn:r13347
2008-02-01 05:27:12 +00:00
Nick Mathewson
f013fb5e31
r17854@catbus: nickm | 2008-01-30 17:52:43 -0500
...
Periodically check whether we have an expired consensus networkstatus. If we do, and we think we have enough directory info, then call router_dir_info_changed(). Fixes bug 401. This bug was deferred from 0.1.2.x, but fixing it there is nontrivial.
svn:r13342
2008-01-30 22:52:46 +00:00
Nick Mathewson
1793aeafae
r17852@catbus: nickm | 2008-01-30 17:23:36 -0500
...
Correctly insert connections into the identity->connection map when we connect to a bridge without having specified its key. Fixes bug 574.
svn:r13341
2008-01-30 22:23:44 +00:00
Nick Mathewson
b4ebe55d12
r13971@tombo: nickm | 2008-01-30 14:25:25 -0500
...
Write a new autoconf macro to test whether a function is declared. It is suboptimal and possibly buggy in some way, but it seems to work for me. use it to test for a declaration of malloc_good_size, so we can workaround operating systems (like older OSX) that have the function in their libc but do not deign to declare it in their headers. Should resolve bug 587.
svn:r13339
2008-01-30 19:25:31 +00:00
Nick Mathewson
0b06546620
r17844@catbus: nickm | 2008-01-30 13:31:37 -0500
...
Fix bug 597: stop telling people to email Tor-ops. Also give a better suggestion when some other identity has been assigned the nickname we are using.
svn:r13337
2008-01-30 18:32:30 +00:00
Nick Mathewson
68cf666d04
Fix bug 571: associate certificates with keys, not dirservers, so that we can have certificates for dirservers we do not recognize.
...
svn:r13304
2008-01-26 23:18:30 +00:00
Roger Dingledine
596b822337
bump to 0.2.0.18-alpha-dev
...
svn:r13295
2008-01-26 05:38:44 +00:00
Roger Dingledine
65ecbdad76
a changelog entry for the various patches from karsten
...
svn:r13293
2008-01-26 04:35:16 +00:00
Roger Dingledine
ea0afb6c39
bump to 0.2.0.18-alpha
...
svn:r13291
2008-01-26 03:48:03 +00:00
Roger Dingledine
1445e17a21
We were computing the wrong Content-Length: header for directory
...
responses that need to be compressed on the fly, causing clients
asking for those items to always fail. Bugfix on 0.2.0.x; fixes
bug 593.
svn:r13268
2008-01-25 01:45:06 +00:00
Roger Dingledine
980fcb1ca7
When we get a consensus that's been signed by more people than
...
we expect, don't log about it; it's not a big deal.
svn:r13249
2008-01-24 02:31:37 +00:00
Roger Dingledine
9d1832dd5a
Set up dannenberg (run by CCC) as the sixth v3 directory
...
authority.
svn:r13231
2008-01-22 22:38:38 +00:00
Roger Dingledine
a9aa8917fc
a changelog entry for r13218
...
svn:r13220
2008-01-21 22:42:16 +00:00
Roger Dingledine
750ed3d015
We accidentally enabled the under-development v2 TLS handshake
...
code, which is causing log entries like "TLS error while
renegotiating handshake". Disable it again. Resolves bug 590.
svn:r13219
2008-01-21 22:33:01 +00:00
Roger Dingledine
a49f14d0d4
When we setconf ClientOnly to 1, close any current OR and Dir
...
listeners. Reported by mwenge.
svn:r13214
2008-01-21 21:21:19 +00:00
Roger Dingledine
b79850d574
Make "ClientOnly 1" config option disable directory ports too.
...
svn:r13213
2008-01-21 21:00:50 +00:00
Roger Dingledine
ff62154ba3
New config options WarnPlaintextPorts and RejectPlaintextPorts so
...
Tor can warn and/or refuse connections to ports commonly used with
vulnerable-plaintext protocols.
We still need to figure out some good defaults for them.
svn:r13198
2008-01-20 05:54:15 +00:00
Roger Dingledine
250590b9e7
and add blurbs for 0.2.0.1[67]-alpha
...
svn:r13189
2008-01-19 18:05:19 +00:00
Roger Dingledine
1ee96aa48c
and forward-port those
...
svn:r13188
2008-01-19 17:58:09 +00:00
Roger Dingledine
43dce232ad
If we've gone 12 hours since our last bandwidth check, and we
...
estimate we have less than 50KB bandwidth capacity but we could
handle more, do another bandwidth test.
svn:r13176
2008-01-18 04:58:40 +00:00
Roger Dingledine
3d3663a123
Don't answer "/tor/networkstatus-bridges" directory requests if
...
the request isn't encrypted.
svn:r13175
2008-01-18 04:51:12 +00:00
Roger Dingledine
06047bcec9
Avoid going directly to the directory authorities even if you're a
...
relay, if you haven't found yourself reachable yet or if you've
decided not to advertise your dirport yet. Addresses bug 556.
svn:r13172
2008-01-18 04:42:22 +00:00
Roger Dingledine
b4b3472b9f
Make the tor-gencert man page get included correctly in the tarball.
...
svn:r13163
2008-01-17 20:32:37 +00:00
Roger Dingledine
fe2f9a29f8
muck with the 0.2.0.16-alpha some more
...
svn:r13159
2008-01-17 19:56:21 +00:00
Roger Dingledine
55e052b0a5
Assert error introduced in r11957:
...
Fix an assert if we post a general-purpose descriptor via the
control port but that descriptor isn't mentioned in our current
network consensus. Bug reported by Jon McLachlan; bugfix on
0.2.0.9-alpha.
svn:r13153
2008-01-17 05:25:21 +00:00
Nick Mathewson
4a3b7496f0
r17639@catbus: nickm | 2008-01-15 19:09:21 -0500
...
Fix some hard to trigger but nonetheless real memory leaks spotted by an anonymous contributor. Needs review. Partial backport candidate.
svn:r13147
2008-01-16 05:27:19 +00:00
Nick Mathewson
24aae484c9
r17624@catbus: nickm | 2008-01-15 00:42:01 -0500
...
Fixes to more anonymously-reported typos and logic errors.
svn:r13136
2008-01-15 05:57:19 +00:00