mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-27 13:53:31 +01:00
polish r9726-r9903
svn:r10182
This commit is contained in:
parent
028f4783f4
commit
440b7f0c70
13
ChangeLog
13
ChangeLog
@ -121,8 +121,8 @@ Changes in version 0.2.0.1-alpha - 2007-??-??
|
||||
eventdns code.
|
||||
|
||||
o Minor bugfixes (portability):
|
||||
- Even though windows is equally happy with / and \ as path separators,
|
||||
try to use \ consistently on windows and / consistently on unix: it
|
||||
- Even though Windows is equally happy with / and \ as path separators,
|
||||
try to use \ consistently on Windows and / consistently on Unix: it
|
||||
makes the log messages nicer.
|
||||
- Correctly report platform name on Windows 95 OSR2 and Windows 98 SE.
|
||||
|
||||
@ -132,7 +132,7 @@ Changes in version 0.2.0.1-alpha - 2007-??-??
|
||||
- When we are reporting the DirServer line we just parsed, we were
|
||||
logging the second stanza of the key fingerprint, not the first.
|
||||
- When we have k non-v2 authorities in our DirServer config,
|
||||
we ignored as many as k v2 authorities while updating our
|
||||
we ignored the last k authorities in the list when updating our
|
||||
network-statuses.
|
||||
|
||||
o Minor bugfixes (other):
|
||||
@ -152,15 +152,10 @@ Changes in version 0.2.0.1-alpha - 2007-??-??
|
||||
- Fix a typo in an error message when extendcircuit fails that
|
||||
caused us to not follow the \r\n-based delimiter protocol. Reported
|
||||
by daejees.
|
||||
- The control spec described a GUARDS event, but the code
|
||||
implemented a GUARD event. Standardize on GUARD, but support people
|
||||
asking for GUARDS too. Reported by daejees.
|
||||
- Correct the control spec to match how the code actually responds
|
||||
to 'getinfo addr-mappings/*'. Reported by daejees.
|
||||
- Actually set the purpose correctly for descriptors inserted with
|
||||
purpose=controller.
|
||||
|
||||
o Code simplifications and refactoring
|
||||
o Code simplifications and refactoring:
|
||||
- Stop passing around circuit_t and crypt_path_t pointers that are
|
||||
implicit in other procedure arguments.
|
||||
- Drop the old code to choke directory connections when the corresponding
|
||||
|
@ -131,7 +131,7 @@ whistleblowers in firewalled corporate networks; and for people in
|
||||
unanticipated oppressive situations. In fact, by designing with
|
||||
a variety of adversaries in mind, we can take advantage of the fact that
|
||||
adversaries will be in different stages of the arms race at each location,
|
||||
so a server blocked in one locale can still be useful in others.
|
||||
so an address blocked in one locale can still be useful in others.
|
||||
|
||||
We assume that the attackers' goals are somewhat complex.
|
||||
\begin{tightlist}
|
||||
@ -149,9 +149,9 @@ We assume that the attackers' goals are somewhat complex.
|
||||
\item Complete blocking (where nobody at all can ever download censored
|
||||
content) is not a
|
||||
goal. Attackers typically recognize that perfect censorship is not only
|
||||
impossible, but unnecessary: if ``undesirable'' information is known only
|
||||
impossible, it is unnecessary: if ``undesirable'' information is known only
|
||||
to a small few, further censoring efforts can be focused elsewhere.
|
||||
\item Similarly, the censors are not attempting to shut down or block {\it
|
||||
\item Similarly, the censors do not attempt to shut down or block {\it
|
||||
every} anti-censorship tool---merely the tools that are popular and
|
||||
effective (because these tools impede the censors' information restriction
|
||||
goals) and those tools that are highly visible (thus making the censors
|
||||
@ -1667,8 +1667,8 @@ Many people working on this field want to publicize the existence
|
||||
and extent of censorship concurrently with the deployment of their
|
||||
circumvention software. The easy reason for this two-pronged push is
|
||||
to attract volunteers for running proxies in their systems; but in many
|
||||
cases their main goal is not to focus on actually allowing individuals
|
||||
to circumvent the firewall, but rather to educate the world about the
|
||||
cases their main goal is not to focus on getting more users signed up,
|
||||
but rather to educate the rest of the world about the
|
||||
censorship. The media also tries to do its part by broadcasting the
|
||||
existence of each new circumvention system.
|
||||
|
||||
|
@ -289,8 +289,8 @@ $Id$
|
||||
1 if it is not present. Until 0.1.2.1-alpha-dev, this option was
|
||||
not generated, even when eventdns was in use. Versions of Tor
|
||||
before 0.1.2.1-alpha-dev did not parse this option, so it should be
|
||||
marked "opt". With some future version, the old 'dnsworker' logic
|
||||
will be removed, rendering this option of historical interest only.]
|
||||
marked "opt". With 0.2.0.1-alpha, the old 'dnsworker' logic has
|
||||
been removed, rendering this option of historical interest only.]
|
||||
|
||||
2.2. Nonterminals in router descriptors
|
||||
|
||||
|
@ -465,24 +465,6 @@ $Id$
|
||||
|
||||
[See also migration notes in section 2.2.1.]
|
||||
|
||||
"eventdns" bool NL
|
||||
|
||||
[At most once]
|
||||
|
||||
Declare whether this version of Tor is using the newer enhanced
|
||||
dns logic. Versions of Tor without eventdns SHOULD NOT be used for
|
||||
reverse hostname lookups.
|
||||
|
||||
[All versions of Tor before 0.1.2.2-alpha should be assumed to have
|
||||
this option set to 0 if it is not present. All Tor versions at
|
||||
0.1.2.2-alpha or later should be assumed to have this option set to
|
||||
1 if it is not present. Until 0.1.2.1-alpha-dev, this option was
|
||||
not generated, even when eventdns was in use. Versions of Tor
|
||||
before 0.1.2.1-alpha-dev did not parse this option, so it should be
|
||||
marked "opt". With some future version, the old 'dnsworker' logic
|
||||
will be removed, rendering this option of historical interest
|
||||
only.]
|
||||
|
||||
"caches-extra-info" 0|1 NL
|
||||
|
||||
[At most once.]
|
||||
|
@ -104,8 +104,7 @@ _log_prefix(char *buf, size_t buf_len, int severity)
|
||||
t = (time_t)now.tv_sec;
|
||||
|
||||
n = strftime(buf, buf_len, "%b %d %H:%M:%S", tor_localtime_r(&t, &tm));
|
||||
r = tor_snprintf(buf+n, buf_len-n,
|
||||
".%.3ld [%s] ",
|
||||
r = tor_snprintf(buf+n, buf_len-n, ".%.3ld [%s] ",
|
||||
(long)now.tv_usec / 1000, sev_to_string(severity));
|
||||
if (r<0)
|
||||
return buf_len-1;
|
||||
|
@ -1216,11 +1216,11 @@ connection_ap_handshake_attach_chosen_circuit(edge_connection_t *conn,
|
||||
consider_recording_trackhost(conn, circ);
|
||||
/* fall through */
|
||||
case SOCKS_COMMAND_CONNECT_DIR:
|
||||
if (connection_ap_handshake_send_begin(conn)<0)
|
||||
if (connection_ap_handshake_send_begin(conn) < 0)
|
||||
return -1;
|
||||
break;
|
||||
default:
|
||||
if (connection_ap_handshake_send_resolve(conn)<0)
|
||||
if (connection_ap_handshake_send_resolve(conn) < 0)
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
@ -899,8 +899,8 @@ options_act(or_options_t *old_options)
|
||||
if (options->DirServers) {
|
||||
for (cl = options->DirServers; cl; cl = cl->next) {
|
||||
if (parse_dir_server_line(cl->value, 0)<0) {
|
||||
log_err(LD_BUG,
|
||||
"Previously validated DirServer line could not be added!");
|
||||
log_warn(LD_BUG,
|
||||
"Previously validated DirServer line could not be added!");
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
@ -912,15 +912,15 @@ options_act(or_options_t *old_options)
|
||||
if (options->Bridges) {
|
||||
for (cl = options->Bridges; cl; cl = cl->next) {
|
||||
if (parse_bridge_line(cl->value, 0)<0) {
|
||||
log_err(LD_BUG,
|
||||
"Previously validated Bridge line could not be added!");
|
||||
log_warn(LD_BUG,
|
||||
"Previously validated Bridge line could not be added!");
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (running_tor && rend_config_services(options, 0)<0) {
|
||||
log_err(LD_BUG,
|
||||
log_warn(LD_BUG,
|
||||
"Previously validated hidden services line could not be added!");
|
||||
return -1;
|
||||
}
|
||||
@ -931,8 +931,8 @@ options_act(or_options_t *old_options)
|
||||
tor_snprintf(fn, len, "%s"PATH_SEPARATOR"cached-status",
|
||||
options->DataDirectory);
|
||||
if (check_private_dir(fn, CPD_CREATE) != 0) {
|
||||
log_err(LD_CONFIG,
|
||||
"Couldn't access/create private data directory \"%s\"", fn);
|
||||
log_warn(LD_CONFIG,
|
||||
"Couldn't access/create private data directory \"%s\"", fn);
|
||||
tor_free(fn);
|
||||
return -1;
|
||||
}
|
||||
@ -984,13 +984,13 @@ options_act(or_options_t *old_options)
|
||||
|
||||
/* reload keys as needed for rendezvous services. */
|
||||
if (rend_service_load_keys()<0) {
|
||||
log_err(LD_GENERAL,"Error loading rendezvous service keys");
|
||||
log_warn(LD_GENERAL,"Error loading rendezvous service keys");
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* Set up accounting */
|
||||
if (accounting_parse_options(options, 0)<0) {
|
||||
log_err(LD_CONFIG,"Error in accounting options");
|
||||
log_warn(LD_CONFIG,"Error in accounting options");
|
||||
return -1;
|
||||
}
|
||||
if (accounting_is_enabled(options))
|
||||
@ -1013,7 +1013,7 @@ options_act(or_options_t *old_options)
|
||||
"Worker-related options changed. Rotating workers.");
|
||||
if (server_mode(options) && !server_mode(old_options)) {
|
||||
if (init_keys() < 0) {
|
||||
log_err(LD_BUG,"Error initializing keys; exiting");
|
||||
log_warn(LD_BUG,"Error initializing keys; exiting");
|
||||
return -1;
|
||||
}
|
||||
ip_address_changed(0);
|
||||
@ -3689,7 +3689,7 @@ normalize_data_directory(or_options_t *options)
|
||||
if (strncmp(d,"~/",2) == 0) {
|
||||
char *fn = expand_filename(d);
|
||||
if (!fn) {
|
||||
log_err(LD_CONFIG,"Failed to expand filename \"%s\".", d);
|
||||
log_warn(LD_CONFIG,"Failed to expand filename \"%s\".", d);
|
||||
return -1;
|
||||
}
|
||||
if (!options->DataDirectory && !strcmp(fn,"/.tor")) {
|
||||
@ -3719,7 +3719,7 @@ validate_data_directory(or_options_t *options)
|
||||
return -1;
|
||||
tor_assert(options->DataDirectory);
|
||||
if (strlen(options->DataDirectory) > (512-128)) {
|
||||
log_err(LD_CONFIG, "DataDirectory is too long.");
|
||||
log_warn(LD_CONFIG, "DataDirectory is too long.");
|
||||
return -1;
|
||||
}
|
||||
return 0;
|
||||
|
@ -29,8 +29,7 @@ static smartlist_t *redirect_exit_list = NULL;
|
||||
|
||||
static int connection_ap_handshake_process_socks(edge_connection_t *conn);
|
||||
static int connection_ap_process_natd(edge_connection_t *conn);
|
||||
static int connection_exit_connect_dir(edge_connection_t *exit_conn,
|
||||
or_circuit_t *circ);
|
||||
static int connection_exit_connect_dir(edge_connection_t *exitconn);
|
||||
static int hostname_is_noconnect_address(const char *address);
|
||||
|
||||
/** An AP stream has failed/finished. If it hasn't already sent back
|
||||
@ -2226,7 +2225,7 @@ connection_exit_begin_conn(cell_t *cell, circuit_t *circ)
|
||||
tor_assert(or_circ);
|
||||
if (or_circ->p_conn && or_circ->p_conn->_base.addr)
|
||||
n_stream->_base.addr = or_circ->p_conn->_base.addr;
|
||||
return connection_exit_connect_dir(n_stream, or_circ);
|
||||
return connection_exit_connect_dir(n_stream);
|
||||
}
|
||||
|
||||
log_debug(LD_EXIT,"about to start the dns_resolve().");
|
||||
@ -2393,57 +2392,57 @@ connection_exit_connect(edge_connection_t *edge_conn)
|
||||
* bridge connection with a socketpair, create a new directory conn, and join
|
||||
* them together. Return 0 on success (or if there was an error we could send
|
||||
* back an end cell for). Return -(some circuit end reason) if the circuit
|
||||
* needs to be torn down. Either connects exit_conn, frees it, or marks it,
|
||||
* as appropriate.
|
||||
* needs to be torn down. Either connects <b>exitconn<b/>, frees it,
|
||||
* or marks it, as appropriate.
|
||||
*
|
||||
* DOCDOC no longer uses socketpair
|
||||
*/
|
||||
static int
|
||||
connection_exit_connect_dir(edge_connection_t *exit_conn,
|
||||
or_circuit_t *circ)
|
||||
connection_exit_connect_dir(edge_connection_t *exitconn)
|
||||
{
|
||||
dir_connection_t *dir_conn = NULL;
|
||||
dir_connection_t *dirconn = NULL;
|
||||
or_circuit_t *circ = TO_OR_CIRCUIT(exitconn->on_circuit);
|
||||
|
||||
log_info(LD_EXIT, "Opening local connection for anonymized directory exit");
|
||||
|
||||
exit_conn->_base.state = EXIT_CONN_STATE_OPEN;
|
||||
exitconn->_base.state = EXIT_CONN_STATE_OPEN;
|
||||
|
||||
dir_conn = TO_DIR_CONN(connection_new(CONN_TYPE_DIR));
|
||||
dirconn = TO_DIR_CONN(connection_new(CONN_TYPE_DIR));
|
||||
|
||||
dir_conn->_base.addr = 0x7f000001;
|
||||
dir_conn->_base.port = 0;
|
||||
dir_conn->_base.address = tor_strdup("Tor network");
|
||||
dir_conn->_base.type = CONN_TYPE_DIR;
|
||||
dir_conn->_base.purpose = DIR_PURPOSE_SERVER;
|
||||
dir_conn->_base.state = DIR_CONN_STATE_SERVER_COMMAND_WAIT;
|
||||
dirconn->_base.addr = 0x7f000001;
|
||||
dirconn->_base.port = 0;
|
||||
dirconn->_base.address = tor_strdup("Tor network");
|
||||
dirconn->_base.type = CONN_TYPE_DIR;
|
||||
dirconn->_base.purpose = DIR_PURPOSE_SERVER;
|
||||
dirconn->_base.state = DIR_CONN_STATE_SERVER_COMMAND_WAIT;
|
||||
|
||||
connection_link_connections(TO_CONN(dir_conn), TO_CONN(exit_conn));
|
||||
connection_link_connections(TO_CONN(dir_conn), TO_CONN(exitconn));
|
||||
|
||||
if (connection_add(TO_CONN(exit_conn))<0) {
|
||||
connection_edge_end(exit_conn, END_STREAM_REASON_RESOURCELIMIT);
|
||||
connection_free(TO_CONN(exit_conn));
|
||||
connection_free(TO_CONN(dir_conn));
|
||||
if (connection_add(TO_CONN(exitconn))<0) {
|
||||
connection_edge_end(exitconn, END_STREAM_REASON_RESOURCELIMIT);
|
||||
connection_free(TO_CONN(exitconn));
|
||||
connection_free(TO_CONN(dirconn));
|
||||
return 0;
|
||||
}
|
||||
|
||||
exit_conn->next_stream = circ->n_streams;
|
||||
circ->n_streams = exit_conn;
|
||||
exitconn->next_stream = circ->n_streams;
|
||||
circ->n_streams = exitconn;
|
||||
|
||||
if (connection_add(TO_CONN(dir_conn))<0) {
|
||||
connection_edge_end(exit_conn, END_STREAM_REASON_RESOURCELIMIT);
|
||||
connection_close_immediate(TO_CONN(exit_conn));
|
||||
connection_mark_for_close(TO_CONN(exit_conn));
|
||||
connection_free(TO_CONN(dir_conn));
|
||||
if (connection_add(TO_CONN(dirconn))<0) {
|
||||
connection_edge_end(exitconn, END_STREAM_REASON_RESOURCELIMIT);
|
||||
connection_close_immediate(TO_CONN(exitconn));
|
||||
connection_mark_for_close(TO_CONN(exitconn));
|
||||
connection_free(TO_CONN(dirconn));
|
||||
return 0;
|
||||
}
|
||||
|
||||
connection_start_reading(TO_CONN(dir_conn));
|
||||
connection_start_reading(TO_CONN(exit_conn));
|
||||
connection_start_reading(TO_CONN(dirconn));
|
||||
connection_start_reading(TO_CONN(exitconn));
|
||||
|
||||
if (connection_edge_send_command(exit_conn,
|
||||
if (connection_edge_send_command(exitconn,
|
||||
RELAY_COMMAND_CONNECTED, NULL, 0) < 0) {
|
||||
connection_mark_for_close(TO_CONN(exit_conn));
|
||||
connection_mark_for_close(TO_CONN(dir_conn));
|
||||
connection_mark_for_close(TO_CONN(exitconn));
|
||||
connection_mark_for_close(TO_CONN(dirconn));
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
@ -7,7 +7,7 @@ const char control_c_id[] =
|
||||
/**
|
||||
* \file control.c
|
||||
* \brief Implementation for Tor's control-socket interface.
|
||||
* See control-spec.txt for full details on protocol.
|
||||
* See doc/spec/control-spec.txt for full details on protocol.
|
||||
**/
|
||||
|
||||
#define CONTROL_PRIVATE
|
||||
|
@ -647,7 +647,7 @@ directory_send_command(dir_connection_t *conn,
|
||||
|
||||
if (strlen(proxystring) + strlen(url) >= 4096) {
|
||||
log_warn(LD_BUG,
|
||||
"Squid does not like URLs longer than 4095 bytes, this "
|
||||
"Squid does not like URLs longer than 4095 bytes, and this "
|
||||
"one is %d bytes long: %s%s",
|
||||
(int)(strlen(proxystring) + strlen(url)), proxystring, url);
|
||||
}
|
||||
|
@ -8,7 +8,7 @@ const char dns_c_id[] =
|
||||
/**
|
||||
* \file dns.c
|
||||
* \brief Implements a local cache for DNS results for Tor servers.
|
||||
* This is implemetned as a wrapper around Adam Langley's eventdns.c code.
|
||||
* This is implemented as a wrapper around Adam Langley's eventdns.c code.
|
||||
* (We can't just use gethostbyname() and friends because we really need to
|
||||
* be nonblocking.)
|
||||
**/
|
||||
|
@ -515,8 +515,8 @@ conn_write_callback(int fd, short events, void *_conn)
|
||||
if (!conn->marked_for_close) {
|
||||
/* this connection is broken. remove it. */
|
||||
log_fn(LOG_WARN,LD_BUG,
|
||||
"unhandled error on write for %s connection (fd %d); removing",
|
||||
conn_type_to_string(conn->type), conn->s);
|
||||
"unhandled error on write for %s connection (fd %d); removing",
|
||||
conn_type_to_string(conn->type), conn->s);
|
||||
tor_fragile_assert();
|
||||
if (CONN_IS_EDGE(conn)) {
|
||||
/* otherwise we cry wolf about duplicate close */
|
||||
|
@ -4344,7 +4344,7 @@ update_router_descriptor_cache_downloads(time_t now)
|
||||
continue;
|
||||
if (router_get_by_descriptor_digest(rs->descriptor_digest)) {
|
||||
log_warn(LD_BUG,
|
||||
"We have a router descriptor, but need_to_mirror=1.");
|
||||
"We have a router descriptor, but need_to_mirror=1.");
|
||||
rs->need_to_mirror = 0;
|
||||
continue;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user