Commit Graph

181 Commits

Author SHA1 Message Date
Nick Mathewson
d3af1f2189 Backport candidate: Fix a long-standing server-side DNS bug. When a
client asks us to resolve (not connect to) an address, and we have a
cached answer, give them the cached answer.  Previously, we would give
them no answer at all.



svn:r8478
2006-09-24 17:05:00 +00:00
Nick Mathewson
da7f9d5a33 r8911@Kushana: nickm | 2006-09-22 12:24:52 -0400
Make exitlist only output each result line once.


svn:r8466
2006-09-22 20:20:35 +00:00
Nick Mathewson
4218f09820 r8910@Kushana: nickm | 2006-09-22 12:14:05 -0400
Instead of just checking known-invalid addresses for DNS hijacking, we
 now check randomly generated addresses, and if too many of them map to
 the same IP, we assume that IP is the destination of a DNS hijack
 attempt.
 
 A little bird tells me that some DNS hijackers think that declining to
 give an A record for RFC2606 addresses (like .invalid and .example)
 makes them more standards compliant.  Standardswise, this is like an
 illicit brothel making sure that nobody has pulled the tags off the
 mattresss, but that doesn't get us out of working around it.
 


svn:r8465
2006-09-22 20:20:26 +00:00
Nick Mathewson
213658f117 r8894@Kushana: nickm | 2006-09-21 18:30:42 -0400
Specify and implement SOCKS5 interface for reverse hostname lookup.


svn:r8451
2006-09-22 00:43:55 +00:00
Nick Mathewson
4f13cb82fd r8881@Kushana: nickm | 2006-09-21 17:27:59 -0400
Allow resolve requests to non-exits when they are specifically requested (via resolve foo.bar.exit).


svn:r8446
2006-09-21 21:49:36 +00:00
Nick Mathewson
6a1746f98f r8877@Kushana: nickm | 2006-09-21 17:12:33 -0400
Consider non-exit servers unsuitable for RESOLVE commands.


svn:r8442
2006-09-21 21:48:42 +00:00
Nick Mathewson
e4a9b4de4e r8875@Kushana: nickm | 2006-09-21 16:46:28 -0400
Resolve bug 330: detect ISPs that want to hijack failing DNS requests and basically domain-squat the entire internet.


svn:r8440
2006-09-21 21:48:22 +00:00
Nick Mathewson
04bec67574 r8874@Kushana: nickm | 2006-09-21 15:22:27 -0400
Rename and document SearchDomains and ResolvConf options; warn if ServerDNSResolvConfFile is given but eventdns isnt enabled.


svn:r8439
2006-09-21 21:48:16 +00:00
Nick Mathewson
083e9c2b59 r8873@Kushana: nickm | 2006-09-21 14:38:22 -0400
Fix a bug: Remember, each call to escaped() replaces the value returned from the last call to escaped().


svn:r8438
2006-09-21 21:48:11 +00:00
Nick Mathewson
a942441615 r8872@Kushana: nickm | 2006-09-21 14:00:20 -0400
Implement server-side reverse DNS using eventdns.  Add an option to routerdescs so we can tell which servers have eventdns enabled.


svn:r8437
2006-09-21 21:48:06 +00:00
Nick Mathewson
b2cc52fa02 Speed up eat_whitespace by a lot.
svn:r8434
2006-09-19 23:55:35 +00:00
Nick Mathewson
6b716fdfb9 NEEDS REVIEW. Act on previous comment, and handle named servers differently: now, we allow multiple servers with the same name in the routerlist even if that name is reserved, but we check whether names are reserved when we try to look up routers by nickname. This is a minor security fix. This makes router_add_to_routerlist O(1). This is a backport candidate.
svn:r8433
2006-09-19 23:48:14 +00:00
Nick Mathewson
5ebb949c9f Stop searching routerlist for routers with the same identity as other routers (on router insert): we already have a map for that. (We need to add an index field to routerinfo_t so we can figure out which point in the routerlist to replace.) Also, add a comment to routerlist.c; arma, please advise?
svn:r8432
2006-09-19 23:18:30 +00:00
Nick Mathewson
2d4950c837 Malloc and friends are critical-path: Thus, add an it-wont-happen branch prediction for NULL returns, and skip the malloc(0) check on platforms where malloc(0) returns a pointer.
svn:r8431
2006-09-19 22:36:48 +00:00
Nick Mathewson
7b0ec744bc Switch routerlist.c to using memcmp on digests rather than crypto_pk_cmp_keys(); speed up find_whitespace a lot (8x for me) by using a switch statement. This should speed parsing a lot of routers at once by a lot.
svn:r8430
2006-09-19 22:20:09 +00:00
Roger Dingledine
e744117d4d turn eventdns off by default until we can get some more useful
log messages into it. no use learning that it's broken without
being able to learn what is broken too.


svn:r8245
2006-08-27 07:26:00 +00:00
Roger Dingledine
8cd6e0c0a1 clean up the 0.1.2.1-alpha changelog
svn:r8240
2006-08-27 06:55:48 +00:00
Roger Dingledine
628089b1f8 checkpoint in-progress changelog notes
svn:r7054
2006-08-14 10:16:42 +00:00
Roger Dingledine
8112829a9b forward-port the 0.1.1.23 changelog.
svn:r6946
2006-07-30 05:36:17 +00:00
Roger Dingledine
dad1e27440 forward-port the 0.1.1.22 changelog, minus the line about
the osx uninstaller.


svn:r6738
2006-07-06 16:19:00 +00:00
Roger Dingledine
0b91a2bab9 forward-port the 0.1.1.21 changelog.
svn:r6600
2006-06-11 01:42:21 +00:00
Roger Dingledine
2df426d1c1 interim changelog for 0.1.2.1-alpha
svn:r6599
2006-06-11 01:41:30 +00:00
Roger Dingledine
614bb7d7b5 final changelog for 0.1.1.20. it is done.
svn:r6479
2006-05-23 17:00:49 +00:00
Roger Dingledine
3ff02556fc continue messing with the changelog. it's getting better now.
svn:r6468
2006-05-23 06:20:35 +00:00
Roger Dingledine
7263e6a0cf my current notes on a 0.1.1.20 changelog
svn:r6459
2006-05-22 20:00:12 +00:00
Roger Dingledine
ec22b6346b remove all the interim changelog stuff for 0.1.1.x
svn:r6458
2006-05-22 19:56:32 +00:00
Roger Dingledine
f1dad00bd3 forward-port the changelog
svn:r6433
2006-05-03 18:32:15 +00:00
Roger Dingledine
327e1e6944 a last item on the changelog
svn:r6350
2006-04-10 05:55:53 +00:00
Roger Dingledine
901ff3e1ce first cut of a changelog for 0.1.1.18-rc
svn:r6334
2006-04-09 01:30:47 +00:00
Roger Dingledine
837a0fcbdb while we're fixing wording, ...
svn:r6260
2006-03-28 07:43:10 +00:00
Roger Dingledine
e715946508 change wording in changelog
svn:r6259
2006-03-28 07:40:05 +00:00
Roger Dingledine
0a11032f59 a final changelog for 0.1.1.17-rc
svn:r6258
2006-03-28 07:34:44 +00:00
Roger Dingledine
90a40e0e66 another interim changelog for 0.1.1.17-rc
svn:r6253
2006-03-27 07:39:27 +00:00
Roger Dingledine
eee9db49a7 interim 0.1.1.17-rc changelog
svn:r6222
2006-03-22 03:07:49 +00:00
Roger Dingledine
9895df3ab4 first cut of a changelog for 0.1.1.16-rc
svn:r6194
2006-03-19 04:00:23 +00:00
Roger Dingledine
44ca1a997d bump to 0.1.1.15-rc
svn:r6126
2006-03-11 18:44:11 +00:00
Roger Dingledine
40bd6467a5 first cut of a 0.1.1.15-rc changelog
svn:r6108
2006-03-09 01:42:42 +00:00
Roger Dingledine
cf4809258e forward-port the 0.1.0.17 changelog
svn:r6096
2006-03-08 06:56:28 +00:00
Roger Dingledine
722fcb97e8 last changes in 0.1.1.14-alpha
svn:r6057
2006-02-21 03:46:49 +00:00
Roger Dingledine
69af25ecbf an interim changelog for 0.1.1.14-alpha
svn:r6042
2006-02-19 08:33:43 +00:00
Roger Dingledine
b274857c61 and fix typo in changelog
svn:r5977
2006-02-12 00:15:32 +00:00
Roger Dingledine
5a306077a7 clean up some formatting in the changelog
svn:r5959
2006-02-11 00:15:35 +00:00
Roger Dingledine
ef03d35c7c first cut of a changelog for 0.1.1.13-alpha
svn:r5948
2006-02-09 05:20:26 +00:00
Peter Palfrader
20183cf559 Lasse and Paul's attack has a CVE: CVE-2006-0414
svn:r5868
2006-01-25 20:51:04 +00:00
Peter Palfrader
17e0d9f238 The reading-arbitrary-memory bug in June had a CVE too
svn:r5866
2006-01-25 12:26:21 +00:00
Peter Palfrader
ef8787b7ee Add CVE number for the crypto handshake bug from August to changelogs
svn:r5865
2006-01-25 12:19:23 +00:00
Roger Dingledine
e27bf78f7a changelog for 0.1.1.12-alpha
svn:r5810
2006-01-11 23:07:04 +00:00
Roger Dingledine
a8bb654c2b bump to 0.1.1.11-alpha-cvs
svn:r5799
2006-01-11 06:19:00 +00:00
Roger Dingledine
4f7749dd97 and give the changelog a date
svn:r5797
2006-01-11 04:36:13 +00:00
Roger Dingledine
f9f42deb7c more changelog futzing
svn:r5796
2006-01-11 04:35:56 +00:00