finish poking and prodding. i'm all happy now.

svn:r8633
This commit is contained in:
Roger Dingledine 2006-10-07 09:13:30 +00:00
parent a339449a41
commit 9fb98b269c
7 changed files with 45 additions and 53 deletions

View File

@ -1,14 +1,13 @@
Changes in version 0.1.2.2-alpha - 2006-10-?? Changes in version 0.1.2.2-alpha - 2006-10-07
o Major features: o Major features:
- Make our async eventdns library on-by-default for Tor servers, - Make our async eventdns library on-by-default for Tor servers,
and plan to deprecate using separate dnsworker threads. Let us and plan to deprecate the separate dnsworker threads.
know if you encounter bugs.
- Add server-side support for "reverse" DNS lookups (using PTR - Add server-side support for "reverse" DNS lookups (using PTR
records so clients can determine the canonical hostname for a given records so clients can determine the canonical hostname for a given
IPv4 address). Only supported by servers using eventdns; servers IPv4 address). Only supported by servers using eventdns; servers
now announce in their descriptors whether they support eventdns. now announce in their descriptors whether they support eventdns.
- Specify and implement client-side SOCKS5 interface for reverse DNS - Specify and implement client-side SOCKS5 interface for reverse DNS
lookups; see doc/socks-extensions.txt for full information. lookups (see doc/socks-extensions.txt).
- Add a BEGIN_DIR relay cell type for an easier in-protocol way to - Add a BEGIN_DIR relay cell type for an easier in-protocol way to
connect to directory servers through Tor. Previously, clients needed connect to directory servers through Tor. Previously, clients needed
to find Tor exits to make private connections to directory servers. to find Tor exits to make private connections to directory servers.
@ -17,18 +16,18 @@ Changes in version 0.1.2.2-alpha - 2006-10-??
the total bandwidth available from Exit nodes. the total bandwidth available from Exit nodes.
- Workaround for name servers (like Earthlink's) that hijack failing - Workaround for name servers (like Earthlink's) that hijack failing
DNS requests and replace the no-such-server answer with a "helpful" DNS requests and replace the no-such-server answer with a "helpful"
redirect to an advertising-driven search portal. We're a little redirect to an advertising-driven search portal. Also work around
clever about this, in order to work around DNS hijackers who DNS hijackers who "helpfully" decline to hijack known-invalid
"helpfully" decline to hijack known-invalid RFC2606 addresses. RFC2606 addresses. Config option "ServerDNSDetectHijacking 0"
Config option "ServerDNSDetectHijacking 0" lets you turn it off. lets you turn it off.
- Send out a burst of long-range padding cells once we've established - Send out a burst of long-range padding cells once we've established
that we're reachable. Spread them over 4 circuits, so hopefully that we're reachable. Spread them over 4 circuits, so hopefully
a few will be fast. This exercises our bandwidth and bootstraps a few will be fast. This exercises our bandwidth and bootstraps
us into the directory quicker. us into the directory more quickly.
o New/improved config options: o New/improved config options:
- Add new config option "ResolvConf" to let the server operator - Add new config option "ResolvConf" to let the server operator
choose an alternate resolve.conf file. choose an alternate resolve.conf file when using eventdns.
- Add an "EnforceDistinctSubnets" option to control our "exclude - Add an "EnforceDistinctSubnets" option to control our "exclude
servers on the same /16" behavior. It's still on by default; this servers on the same /16" behavior. It's still on by default; this
is mostly for people who want to operate private test networks with is mostly for people who want to operate private test networks with
@ -47,14 +46,16 @@ Changes in version 0.1.2.2-alpha - 2006-10-??
o Minor features, controller: o Minor features, controller:
- Fix CIRC controller events so that controllers can learn the - Fix CIRC controller events so that controllers can learn the
identity digests of non-Named servers used in circuit paths. identity digests of non-Named servers used in circuit paths.
- Give more meaningful errors on control authentication failure. - Let controllers ask for more useful identifiers for servers. Instead
- Add an (off by default) feature so that controllers can get of learning identity digests for un-Named servers and nicknames
more useful identifiers for servers. Instead of learning identity for Named servers, the new identifiers include digest, nickname,
digests for un-Named servers and nicknames for Named servers, and indication of Named status. Off by default; see control-spec.txt
the new identifiers include digest, nickname, and indication of for more information.
Named status. See control-spec.txt for more information.
- Add a "getinfo address" controller command so it can display Tor's - Add a "getinfo address" controller command so it can display Tor's
best guess to the user. best guess to the user.
- New controller event to alert the controller when our server
descriptor has changed.
- Give more meaningful errors on controller authentication failure.
o Minor features, other: o Minor features, other:
- When asked to resolve a hostname, don't use non-exit servers unless - When asked to resolve a hostname, don't use non-exit servers unless
@ -62,23 +63,24 @@ Changes in version 0.1.2.2-alpha - 2006-10-??
useful to the network. useful to the network.
- Divide eventdns log messages into warn and info messages. - Divide eventdns log messages into warn and info messages.
- Reserve the nickname "Unnamed" for routers that can't pick - Reserve the nickname "Unnamed" for routers that can't pick
a hostname; any router can call itself Unnamed; directory a hostname: any router can call itself Unnamed; directory
authorities will never allocate Unnamed to any particular router; authorities will never allocate Unnamed to any particular router;
clients won't believe that any router is the canonical Unnamed. clients won't believe that any router is the canonical Unnamed.
- Only include function names in log messages for info/debug messages. - Only include function names in log messages for info/debug messages.
For notice/warn/err, the content of the message should be clear on For notice/warn/err, the content of the message should be clear on
its own, and printing the function name only seems to confuse users. its own, and printing the function name only confuses users.
- Avoid some false positives during reachability testing: don't try - Avoid some false positives during reachability testing: don't try
to test via a server that's on the same /24 as us. to test via a server that's on the same /24 as us.
- New controller event to alert the controller when our server
descriptor has changed.
- If we fail to build a circuit to an intended enclave, and it's - If we fail to build a circuit to an intended enclave, and it's
not mandatory that we use that enclave, stop wanting it. not mandatory that we use that enclave, stop wanting it.
- When eventdns is enabled, allow multithreaded builds on NetBSD and
OpenBSD. (We had previously disabled threads on these platforms
because they didn't have working thread-safe resolver functions)
o Major bugfixes, anonymity/security: o Major bugfixes, anonymity/security:
- If a client asked for a server by name, and there's a named server - If a client asked for a server by name, and there's a named server
in our network-status but we don't have its descriptor yet, we in our network-status but we don't have its descriptor yet, we
could return an unnamed one instead. could return an unnamed server instead.
- Fix NetBSD bug that could allow someone to force uninitialized RAM - Fix NetBSD bug that could allow someone to force uninitialized RAM
to be sent to a server's DNS resolver. This only affects NetBSD to be sent to a server's DNS resolver. This only affects NetBSD
and other platforms that do not bounds-check tolower(). and other platforms that do not bounds-check tolower().
@ -88,13 +90,9 @@ Changes in version 0.1.2.2-alpha - 2006-10-??
- Just because your DirPort is open doesn't mean people should be - Just because your DirPort is open doesn't mean people should be
able to remotely teach you about hidden service descriptors. Now able to remotely teach you about hidden service descriptors. Now
only accept rendezvous posts if you've got HSAuthoritativeDir set. only accept rendezvous posts if you've got HSAuthoritativeDir set.
- When eventdns is enabled, allow multithreaded builds on NetBSD and
OpenBSD. (We had previously disabled threads on these platforms
because they didn't have working thread-safe resolver functions)
o Major bugfixes, other: o Major bugfixes, other:
- Avoiding crashing on race condition in dns.c: - Don't crash on race condition in dns.c: tor_assert(!resolve->expire)
tor_assert(!resolve->expire)
- When a client asks the server to resolve (not connect to) - When a client asks the server to resolve (not connect to)
an address, and it has a cached answer, give them the cached answer. an address, and it has a cached answer, give them the cached answer.
Previously, the server would give them no answer at all. Previously, the server would give them no answer at all.
@ -117,13 +115,13 @@ Changes in version 0.1.2.2-alpha - 2006-10-??
- Avoid controller-triggered crash when misusing certain commands - Avoid controller-triggered crash when misusing certain commands
from a v0 controller on platforms that do not handle from a v0 controller on platforms that do not handle
printf("%s",NULL) gracefully. printf("%s",NULL) gracefully.
- Don't crash when the controller receives a third argument to an - Don't crash when a controller sends a third argument to an
"extendcircuit" request. "extendcircuit" request.
- Controller protocol fixes: fix encoding in "getinfo addr-mappings" - Controller protocol fixes: fix encoding in "getinfo addr-mappings"
response; fix error code when "getinfo dir/status/" fails. response; fix error code when "getinfo dir/status/" fails.
- Avoid crash when telling controller stream-status and a stream - Avoid crash when telling controller stream-status and a stream
is detached. is detached.
- Apply patch from Adam Langley: fix assert() in eventdns.c. - Patch from Adam Langley to fix assert() in eventdns.c.
- Fix a debug log message in eventdns to say "X resolved to Y" - Fix a debug log message in eventdns to say "X resolved to Y"
instead of "X resolved to X". instead of "X resolved to X".
- Make eventdns give strings for DNS errors, not just error numbers. - Make eventdns give strings for DNS errors, not just error numbers.
@ -132,7 +130,7 @@ Changes in version 0.1.2.2-alpha - 2006-10-??
authorities'. With the old code, if a guard was unreachable by authorities'. With the old code, if a guard was unreachable by
us but listed as running, it would clog our guard list forever. us but listed as running, it would clog our guard list forever.
- Behave correctly in case we ever have a network with more than - Behave correctly in case we ever have a network with more than
2GB per second total advertised capacity. 2GB/s total advertised capacity.
- Make TrackExitHosts case-insensitive, and fix the behavior of - Make TrackExitHosts case-insensitive, and fix the behavior of
".suffix" TrackExitHosts items to avoid matching in the middle of ".suffix" TrackExitHosts items to avoid matching in the middle of
an address. an address.
@ -143,6 +141,8 @@ Changes in version 0.1.2.2-alpha - 2006-10-??
result more than once. result more than once.
- Patch from Steve Hildrey: Generate network status correctly on - Patch from Steve Hildrey: Generate network status correctly on
non-versioning dirservers. non-versioning dirservers.
- Don't listen to the X-Your-Address-Is hint if you did the lookup
via Tor; otherwise you'll think you're the exit node's IP address.
o Minor bugfixes, performance: o Minor bugfixes, performance:
- Two small performance improvements on parsing descriptors. - Two small performance improvements on parsing descriptors.
@ -163,10 +163,11 @@ Changes in version 0.1.2.2-alpha - 2006-10-??
o Packaging, bugfixes: o Packaging, bugfixes:
- Patches so Tor builds with MinGW on Windows. - Patches so Tor builds with MinGW on Windows.
- Patches so Tor might build and run on Cygwin again. - Patches so Tor might run on Cygwin again.
- Resume building on non-gcc compilers and ancient gcc. Resume - Resume building on non-gcc compilers and ancient gcc. Resume
building with the -O0 compile flag. Resume building cleanly on building with the -O0 compile flag. Resume building cleanly on
Debian woody. Debian woody.
- Run correctly on OS X platforms with case-sensitive filesystems.
- Correct includes for net/if.h and net/pfvar.h on OpenBSD (from Tup). - Correct includes for net/if.h and net/pfvar.h on OpenBSD (from Tup).
- Add autoconf checks so Tor can build on Solaris x86 again. - Add autoconf checks so Tor can build on Solaris x86 again.
@ -176,14 +177,6 @@ Changes in version 0.1.2.2-alpha - 2006-10-??
- Be clearer that the *ListenAddress directives can be repeated - Be clearer that the *ListenAddress directives can be repeated
multiple times. multiple times.
(stopped at r8571)
- Build correctly for use on OS X platforms with case-sensitive
filesystems.
- Bugfix: when we tunnel our dir fetches via tor, don't believe
the X-Forwarded-For header.
- stop trying to hammer router_rebuild_descriptor() when we don't
have a public address we like yet.
Changes in version 0.1.2.1-alpha - 2006-08-27 Changes in version 0.1.2.1-alpha - 2006-08-27
o Major features: o Major features:

View File

@ -78,7 +78,7 @@ P - Figure out why openssl 0.9.8c "make test" fails at sha256t test.
Items for 0.1.2.x: Items for 0.1.2.x:
- Now that we're avoiding exits when picking non-exit positions, - Now that we're avoiding exits when picking non-exit positions,
we need to consider how to pick nodes for internal circuits. If we need to consider how to pick nodes for internal circuits. If
we avoid exits for all positions, we skew the load balancig. If we avoid exits for all positions, we skew the load balancing. If
we accept exits for all positions, we leak whether it's an internal we accept exits for all positions, we leak whether it's an internal
circuit at every step. If we accept exits only at the last hop, we circuit at every step. If we accept exits only at the last hop, we
reintroduce Lasse's attacks from the Oakland paper. reintroduce Lasse's attacks from the Oakland paper.

View File

@ -92,7 +92,7 @@ $Id$
; $Digest -- The router whose identity key hashes to the given digest. ; $Digest -- The router whose identity key hashes to the given digest.
; This is the preferred way to refer to an OR. ; This is the preferred way to refer to an OR.
; $Digest~Name -- The router whose identity key hashes to the given ; $Digest~Name -- The router whose identity key hashes to the given
; digest, but only if the routes has the given nickname. ; digest, but only if the router has the given nickname.
; $Digest=Name -- The router whose identity key hashes to the given ; $Digest=Name -- The router whose identity key hashes to the given
; digest, but only if the router is Named and has the given ; digest, but only if the router is Named and has the given
; nickname. ; nickname.
@ -601,7 +601,7 @@ $Id$
Sometimes extensions to the controller protocol break compatibility with Sometimes extensions to the controller protocol break compatibility with
older controllers. In this case, whenever possible, the extensions are older controllers. In this case, whenever possible, the extensions are
first included in Tor disabled by default, and only enabled on a given first included in Tor disabled by default, and only enabled on a given
controller connection when the 'USEFEATURE' command is given. Once a controller connection when the "USEFEATURE" command is given. Once a
"USEFEATURE" command is given, it applies to all subsequent interactions on "USEFEATURE" command is given, it applies to all subsequent interactions on
the same connection; to disable an enabled feature, a new controller the same connection; to disable an enabled feature, a new controller
connection must be opened. connection must be opened.
@ -624,10 +624,10 @@ $Id$
VERBOSE_NAMES VERBOSE_NAMES
Instead of ServerID as specified elsewhere, the controller should Instead of ServerID as specified above, the controller should
identify ORs by LongName in events and GETINFO results. This format is identify ORs by LongName in events and GETINFO results. This format is
strictly more informative, since rather than including Nickname for strictly more informative: rather than including Nickname for
known Named routers and Fingerprint for unknown or unNamed routers; the known Named routers and Fingerprint for unknown or unNamed routers, the
LongName format includes a Fingerprint, an indication of Named status, LongName format includes a Fingerprint, an indication of Named status,
and a Nickname (if one is known). and a Nickname (if one is known).

View File

@ -218,7 +218,7 @@ circuit_log_path(int severity, unsigned int domain, origin_circuit_t *circ)
* extended; the _first_ hop that isn't open (if any) is marked as * extended; the _first_ hop that isn't open (if any) is marked as
* unable to extend. * unable to extend.
*/ */
/* XXXX Someday we should learn from or circuits too. */ /* XXXX Someday we should learn from OR circuits too. */
void void
circuit_rep_hist_note_result(origin_circuit_t *circ) circuit_rep_hist_note_result(origin_circuit_t *circ)
{ {

View File

@ -2144,7 +2144,7 @@ connection_exit_connect(edge_connection_t *edge_conn)
* bridge connection with a socketpair, create a new directory conn, and join * bridge connection with a socketpair, create a new directory conn, and join
* them together. Return 0 on success (or if there was an error we could send * them together. Return 0 on success (or if there was an error we could send
* back an end cell for). Return -1 if the circuit needs to be torn down. * back an end cell for). Return -1 if the circuit needs to be torn down.
* Either connects exit_conn, or frees it, or marks it, as appropriate. * Either connects exit_conn, frees it, or marks it, as appropriate.
*/ */
static int static int
connection_exit_connect_dir(edge_connection_t *exit_conn) connection_exit_connect_dir(edge_connection_t *exit_conn)

View File

@ -63,7 +63,7 @@ const char control_c_id[] =
#define ERR_NO_ROUTER 0x000C #define ERR_NO_ROUTER 0x000C
/* Recognized asynchronous event types. It's okay to expand this list /* Recognized asynchronous event types. It's okay to expand this list
* because it use used both as a list of v0 event types, and as indices * because it is used both as a list of v0 event types, and as indices
* into the bitfield to determine which controllers want which events. * into the bitfield to determine which controllers want which events.
*/ */
#define _EVENT_MIN 0x0001 #define _EVENT_MIN 0x0001
@ -1058,8 +1058,8 @@ handle_control_authenticate(control_connection_t *conn, uint32_t len,
if (base16_decode(password, i/2+1, body, i)<0) { if (base16_decode(password, i/2+1, body, i)<0) {
connection_write_str_to_buf( connection_write_str_to_buf(
"551 Invalid hexadecimal encoding. Maybe you tried a plain text " "551 Invalid hexadecimal encoding. Maybe you tried a plain text "
"password? If so, the standard requires you put it in double " "password? If so, the standard requires that you put it in "
"quotes.\r\n", conn); "double quotes.\r\n", conn);
tor_free(password); tor_free(password);
return 0; return 0;
} }
@ -1108,7 +1108,7 @@ handle_control_authenticate(control_connection_t *conn, uint32_t len,
else else
errstr = "Password did not match HashedControlPassword value from " errstr = "Password did not match HashedControlPassword value from "
"configuration. Maybe you tried a plain text password? " "configuration. Maybe you tried a plain text password? "
"If so, the standard requires you put it in double quotes."; "If so, the standard requires that you put it in double quotes.";
goto err; goto err;
} else { } else {
/* if Tor doesn't demand any stronger authentication, then /* if Tor doesn't demand any stronger authentication, then

View File

@ -2558,7 +2558,6 @@ typedef enum {
V1_AUTHORITY, V2_AUTHORITY, HIDSERV_AUTHORITY, V1_AUTHORITY, V2_AUTHORITY, HIDSERV_AUTHORITY,
} authority_type_t; } authority_type_t;
routerstatus_t *router_pick_trusteddirserver(authority_type_t type, routerstatus_t *router_pick_trusteddirserver(authority_type_t type,
int requireother, int requireother,
int fascistfirewall, int fascistfirewall,
int retry_if_no_servers); int retry_if_no_servers);