nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-11 13:43:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
858 Commits 53 Branches 630 Tags 125 MiB
00de055f43
Commit Graph

606 Commits

Author SHA1 Message Date
Roger Dingledine
aac29076da warn on startup that we don't provide anonymity 
make exit dns cache entries last 15 minutes


svn:r807
 2003-11-13 04:51:34 +00:00
Roger Dingledine
f5829aa723 lay groundwork for EntryNodes and ExitNodes 
svn:r805
 2003-11-12 19:34:34 +00:00
Roger Dingledine
9358381d83 break out the string manipulation routines 
svn:r804
 2003-11-12 19:34:19 +00:00
Roger Dingledine
4ba8bc0a73 make dir parsing robust to invalid but well-formed descriptors 
svn:r800
 2003-11-12 05:12:51 +00:00
Nick Mathewson
5e4b9c6b61 Remove minor biasing problem from crypto_pseudo_rand_int 
svn:r799
 2003-11-12 04:28:30 +00:00
Roger Dingledine
7e4cb9a750 connection_ap_handshake_send_begin always succeeds 
svn:r798
 2003-11-12 04:24:04 +00:00
Nick Mathewson
785f5cdac8 Make crypto_pseudo_rand* never fail. 
svn:r797
 2003-11-12 04:12:35 +00:00
Nick Mathewson
99a6d48f62 Restore erroneously removed assert 
svn:r796
 2003-11-12 03:48:33 +00:00
Nick Mathewson
e0ad4d08be Fix thinko: Failure and success are different things. 
svn:r795
 2003-11-12 03:01:38 +00:00
Nick Mathewson
2e05b9ccf9 Remove dead code 
svn:r794
 2003-11-12 02:58:45 +00:00
Nick Mathewson
7d441ec6b4 Compute paths as we build them. 
svn:r793
 2003-11-12 02:55:38 +00:00
Nick Mathewson
e6296a4e2f Refactor onion_generate_cpath to build cpaths one hop at a time. This 
is a the first step in computing hops one step at a time.  Next, we move
the responsibility for calling onion_extend_cpath into circuit.c

(Later, we may want to special-case onion_extend_cpath to treat entry
and exit routers differently.)


svn:r792
 2003-11-12 02:32:20 +00:00
Roger Dingledine
9a0a638c02 point out bug 
svn:r791
 2003-11-11 19:47:51 +00:00
Roger Dingledine
9c8a54a39f more cleanups and bugfix 
svn:r790
 2003-11-11 17:21:35 +00:00
Roger Dingledine
5a6bb0333e leave conn->socks_request around after the begin 
that way we can reuse it if we need to try another begin later


svn:r788
 2003-11-11 06:42:10 +00:00
Roger Dingledine
84884a79c0 conn->socks_version is obsolete 
svn:r787
 2003-11-11 04:13:37 +00:00
Roger Dingledine
2a3479af5f respond to nick's questions 
svn:r786
 2003-11-11 04:09:34 +00:00
Roger Dingledine
3d19a9b514 fix a bug in handling clock skew 
svn:r785
 2003-11-11 04:08:30 +00:00
Nick Mathewson
7bde42676b Rename aci to circ_id throughout. 
svn:r784
 2003-11-11 03:01:48 +00:00
Nick Mathewson
dafb0e6a6e Make AP connections wait for a circuit if none exists. 
Also:
  - Refactor socks request into a separate struct
  - Add a separate 'waiting for circuit' state to AP connections
    between 'waiting for socks' and 'open'.

Arma: can you check out the XXX's I've added to connection_edge? I may
be mishandling some async and close logic.


svn:r783
 2003-11-11 02:41:31 +00:00
Roger Dingledine
1969c8a92f client now survives going offline better 
fix badness in usage()
if neither socksport nor orrport is defined, quit
obsolete connection_flush_buf()


svn:r780
 2003-11-10 08:06:55 +00:00
Nick Mathewson
3c4b4c8cac Check in a working cross-platform timegm 
svn:r779
 2003-11-10 06:28:53 +00:00
Nick Mathewson
3dddcf4306 Add lots of logging to dns.c; change behavior of often-failing assertion 
svn:r778
 2003-11-08 04:02:05 +00:00
Roger Dingledine
a27b570788 bugfix for win32 with lots of users 
plus general cleanup on switch_id()


svn:r684
 2003-10-27 10:26:44 +00:00
Roger Dingledine
aee3769cf3 remove obsolete config file 
svn:r681
 2003-10-27 10:09:09 +00:00
Roger Dingledine
52589289fe add DirBindAddress, parse the BindAddress's when you bind 
exit if bind fails
add usage printfs
rearrange config options for readability


svn:r674
 2003-10-25 12:01:09 +00:00
Nick Mathewson
faa0f7ffe7 Use daemon(3) function where available. 
svn:r665
 2003-10-23 14:28:44 +00:00
Nick Mathewson
71e5ad714b resolve warning 
svn:r664
 2003-10-23 14:27:53 +00:00
Nick Mathewson
6b79d8a7e9 Two-pronged attack at my overzealous skew fixes. 
The problem was that the fixes had us generating TLS certs with a
2-day lifetime on the assumption that we'd rotate fairly often.  In
fact, we never rotate our TLS keys.

This patch fixes the situation in 2 ways:
   1. It bumps the default lifetime back up to one year until we get
      rotation in place.
   2. It changes tor_tls_context_new() so that it doesn't leak memory
      when you call it more than once.


svn:r663
 2003-10-23 14:20:51 +00:00
Steven Hazel
4fef6f4566 switch_id() no longer tries to log the user name when it's calld on 
Windows, since we don't know whether it's the user or the group that
was set.


svn:r659
 2003-10-22 17:25:58 +00:00
Nick Mathewson
7604cfe61b Clock skew fixes. 
Allow some slop (currently 3 minutes) when checking certificate validity.

Change certificate lifetime from 1 year to 2 days.  Since we
regenerate regularly (we regenerate regularly, right??), this
shouldn't be a problem.

Have directories reject descriptors published too far in the future
(currently 30 minutes).  If dirservs don't do this:
    0) Today is January 1, 2000.
    1) A very skewed server publishes descriptor X with a declared
       publication time of August 1, 2000.
    2) The directory includes X.
    3) Because of certificate lifetime issues, nobody can use the
       skewed server.
    4) The server fixes its skew, and goes to republish a new descriptor Y
       with publication time of January 1, 2000.
    5) But because the directory already has a "more recent" descriptor X,
       it rejects descriptor "Y" as superseded!

This patch should make step 2 go away.


svn:r658
 2003-10-22 16:41:35 +00:00
Steven Hazel
4139c1c86a - fixed a bug in the id switching code -- setgid has to happen before 
setuid, because after we setuid we don't have the priviledges we
  need to setgid anymore, duh.  merged switch_user() and
  switch_group() into switch_id(), since that code has to be wound
  together.

- return -1 from switch_id() if it's not defined to do anything else.

- moved daemoinize(), write_pidfile(), and switch_id() from main.c to
  util.c


svn:r656
 2003-10-22 11:21:29 +00:00
Roger Dingledine
c78d5d7d30 play with connection_edge_send_command 
maybe more robust now


svn:r655
 2003-10-22 09:08:10 +00:00
Roger Dingledine
c35fc271d2 move default exit policy into config files 
svn:r654
 2003-10-22 07:56:11 +00:00
Roger Dingledine
c6b442a346 make end relay cells have payloads 
move default exit policy into config files


svn:r653
 2003-10-22 07:55:44 +00:00
Steven Hazel
b1eca56b77 added User and Group options -- if you set them, tor will try to 
setuid and setgid respectively, and die if it can't.

(If the User option is set, tor will setgid to the user's gid as well.)

This happens after the pidfile is created, so that in cases where tor
needs to be root to work with the pidfile, it will at least be able to
create it, although it won't be able to delete it.  That sucks, but
it's somewhat better than not being able to create the pidfile in the
first place.


svn:r652
 2003-10-22 06:03:11 +00:00
Nick Mathewson
009f2f6dbb Update .cvsignores to exclude files generated due to recent build improvements 
svn:r647
 2003-10-21 17:49:52 +00:00
Roger Dingledine
0e137e413f APPort is now SocksPort 
svn:r644
 2003-10-21 09:49:39 +00:00
Roger Dingledine
069227db5b introduce new tor_free() macro 
svn:r643
 2003-10-21 09:48:58 +00:00
Roger Dingledine
e4127e4d36 move closer to being able to reload config on HUP 
rename APPort to SocksPort
introduce new tor_free() macro


svn:r642
 2003-10-21 09:48:17 +00:00
Roger Dingledine
80d428b225 remove obsolete config file 
svn:r641
 2003-10-21 09:22:38 +00:00
Roger Dingledine
4a66865d0b send the end cell when we realize we're going to end, 
not when we're closing the stream.

this lets us put a payload in the end cell if we want to,
to describe why we're closing the stream.

there are still some places where we don't send the end cell
immediately. i need to track them down. but it's a low priority,
since i've made it send the end cell when we close the stream if
we haven't already sent it.


svn:r640
 2003-10-21 08:37:07 +00:00
Roger Dingledine
5f1750a288 include our own timegm() impl, since it's not portable 
svn:r635
 2003-10-20 20:19:59 +00:00
Roger Dingledine
b40d0bffa7 a skeletal print_usage() function 
svn:r634
 2003-10-20 01:19:54 +00:00
Roger Dingledine
db33eac4c4 add an Address line to the sample server rc file 
svn:r633
 2003-10-19 05:50:52 +00:00
Roger Dingledine
b4117d2a37 move to 0.0.2pre13 
svn:r631
 2003-10-19 05:45:22 +00:00
Roger Dingledine
dc85b7af3c warn, not err 
svn:r630
 2003-10-19 01:15:36 +00:00
Roger Dingledine
efce1b8b3e put small buffers back in place 
svn:r629
 2003-10-19 01:10:38 +00:00
Nick Mathewson
0142a568d3 Example code to get nickname from cert 
svn:r628
 2003-10-19 00:47:03 +00:00
Nick Mathewson
0ec2a34a1d Code to get nicknames from peer certs 
svn:r627
 2003-10-19 00:46:51 +00:00
Roger Dingledine
ec96419109 let tls tolerate reallocing the buf 
and also remember the params for ssl_write if it returns wantread.


svn:r626
 2003-10-19 00:39:48 +00:00
Roger Dingledine
c627ba2632 first steps toward a WANTWRITE SSL_write tls bug fix 
how exactly the same do the arguments need to be? :(


svn:r625
 2003-10-18 08:00:19 +00:00
Roger Dingledine
9d3f2b232b another minor memory leak 
make dnsconn->address reflect what it's currently resolving


svn:r624
 2003-10-18 07:09:09 +00:00
Roger Dingledine
61e180ceb1 start to track down the 'peer has invalid cert' bug 
svn:r623
 2003-10-18 06:48:46 +00:00
Roger Dingledine
a73a3a21f7 no more memory leaks 
when you run it under normal operation
for as many as three minutes


svn:r622
 2003-10-18 04:18:26 +00:00
Roger Dingledine
a3962bf6fc fix two more memory problems 
one remains :)


svn:r621
 2003-10-18 03:23:26 +00:00
Roger Dingledine
af3fc006a5 clean up memory leaks, confusions 
still one memory leak remaining here.


svn:r620
 2003-10-18 02:18:22 +00:00
Roger Dingledine
2093f60760 we've been stomping on memory while reading config 
doesn't seem to have bitten us yet, but let's fix that :)


svn:r619
 2003-10-18 01:28:39 +00:00
Roger Dingledine
193383b70a log to stdout while parsing config, 
otherwise we log to nothing and give no feedback!


svn:r617
 2003-10-18 00:13:08 +00:00
Roger Dingledine
82aa621b47 rewrite close_logs so it could possibly work 
remove deadbeef memory-clobber testing (for now)


svn:r616
 2003-10-18 00:07:58 +00:00
Roger Dingledine
35dcfcb145 put a blank line in the directory, before the first router 
this makes it easier to read (at least for me)


svn:r613
 2003-10-17 10:24:58 +00:00
Roger Dingledine
f96f964a19 try to make cvs more stable for now. need to test this more in a bit. 
svn:r612
 2003-10-17 10:00:01 +00:00
Roger Dingledine
0b1afa951e reload the fingerprints file on HUP 
svn:r611
 2003-10-17 05:23:48 +00:00
Roger Dingledine
5c563939ef catch misconfigured machines that return hostname as fqdn 
svn:r610
 2003-10-17 04:48:20 +00:00
Nick Mathewson
f32c1c3127 Log TLS errors even harder 
svn:r604
 2003-10-15 23:50:25 +00:00
Nick Mathewson
f81178a312 Add more logging on some ssl errors. 
svn:r603
 2003-10-15 23:42:44 +00:00
Roger Dingledine
b3471bbc55 closing stdout *should* be safe (we'll see) 
svn:r601
 2003-10-15 19:27:51 +00:00
Nick Mathewson
ba9b542e93 Report delivery cell fullness correctly 
svn:r600
 2003-10-15 19:25:28 +00:00
Roger Dingledine
afd8fa5a97 change buf->buf to buf->mem 
maybe this will mean fewer dumb errors


svn:r599
 2003-10-15 19:17:21 +00:00
Nick Mathewson
75170f052b fix bug with overzealous shrinking; add more comments. 
svn:r597
 2003-10-15 19:07:07 +00:00
Roger Dingledine
11a23fc280 clean up logging, allow user to specify log files 
If DebugLogFile is specified, log to it at -l debug
If LogFile is specified, log to it at the -l from the commandline
  (default info)
If no LogFile *and* not a Daemon, then log to stdout.
Make conn->s = -1 by default (this might break things)
When kill -USR1, prefer to log at INFO, but make sure they always see it.


svn:r596
 2003-10-15 18:50:16 +00:00
Nick Mathewson
695920d09f Build without warnings on OS X. 
svn:r595
 2003-10-15 18:48:48 +00:00
Nick Mathewson
22ef733058 Make add_file_log return 0 on success. 
svn:r594
 2003-10-15 18:38:38 +00:00
Nick Mathewson
7432d97336 Make last commit build 
svn:r593
 2003-10-15 18:37:19 +00:00
Nick Mathewson
959b5585a5 Stop using stdout for non-debugging cases 
svn:r592
 2003-10-15 18:28:32 +00:00
Roger Dingledine
4f1a84b772 and in OP config files 
svn:r589
 2003-10-15 07:27:29 +00:00
Roger Dingledine
b24b846069 less confusing comments in config files 
svn:r588
 2003-10-15 07:26:39 +00:00
Steven Hazel
a54a65dfb6 - cause configure to create a tor.sh which will have directories set 
correctly based on how configure was run

- cause tor to guess the location of torrc more intelligently

- cause cause src/config/torrc and src/conf/sample-server-torrc to be
  generated with contents that are correct for the way configure was
  run

- cause "make install" to put torrc, sample-server-torrc, and
  dirservers somewhere intelligent


svn:r587
 2003-10-15 07:19:38 +00:00
Roger Dingledine
f5cb7887d9 clean up the sample or rc 
svn:r585
 2003-10-14 03:21:39 +00:00
Roger Dingledine
58ec05877a make the buffer resize stuff work 
and make listener connections not have bufs


svn:r584
 2003-10-14 03:06:48 +00:00
Nick Mathewson
ee9e54b434 Make buffers grow and shrink as needed. 
svn:r583
 2003-10-14 01:34:31 +00:00
Nick Mathewson
77be56fbdd Add tor_realloc to mirror tor_malloc 
svn:r582
 2003-10-14 01:11:42 +00:00
Roger Dingledine
6115813de3 i'm a little teapot, short and stout 
cvs compiles again


svn:r581
 2003-10-14 01:10:22 +00:00
Roger Dingledine
737760f071 fix segfault (connecting to dirserver when network is down) 
svn:r580
 2003-10-13 19:58:21 +00:00
Roger Dingledine
411a18e34c put out 0.0.2pre12 
(mainly doc and log changes)


svn:r579
 2003-10-12 07:19:10 +00:00
Roger Dingledine
4d0b8f00b1 clarify the warning for unrecognized socks version 
(generally happens when people use tor as an httpd proxy)


svn:r576
 2003-10-11 23:38:20 +00:00
Roger Dingledine
8df0eee16a oops, bugfix 
svn:r572
 2003-10-10 01:50:20 +00:00
Roger Dingledine
b9628f266f change WARNING to WARN 
and fix a few typos


svn:r571
 2003-10-10 01:48:32 +00:00
Roger Dingledine
36fb8e839d change WARNING to WARN 
svn:r570
 2003-10-10 01:48:03 +00:00
Nick Mathewson
ecfb36823e Refactor, rename, and clarify 
svn:r569
 2003-10-09 18:45:14 +00:00
Roger Dingledine
746d64e631 add in basic support for pidfiles 
(patch courtesy aaron turner)


svn:r565
 2003-10-08 08:54:52 +00:00
Roger Dingledine
8b80362c76 0.0.2pre11, new license 
svn:r564
 2003-10-08 04:10:59 +00:00
Nick Mathewson
36939303c9 Update LICENSE and copyright dates. 
svn:r560
 2003-10-08 02:04:08 +00:00
Roger Dingledine
543e4e8fd5 more details to track a warning in tls handshakes 
plus make exit policy comparisons not always reject


svn:r559
 2003-10-07 23:54:02 +00:00
Roger Dingledine
aca4bc5126 successfully parse exit policies on future attempts too 
svn:r558
 2003-10-07 23:25:10 +00:00
Roger Dingledine
c42d928b30 pull exit policies from config into desc_routerinfo 
svn:r557
 2003-10-07 23:04:31 +00:00
Nick Mathewson
3b2943d845 lowercase exit policies. 
svn:r556
 2003-10-07 23:02:37 +00:00
Roger Dingledine
9e30ac2870 obey exit policies for addresses too 
svn:r555
 2003-10-07 22:18:14 +00:00
Nick Mathewson
686fce453b Stop requiring newline at end of exit policy. 
svn:r554
 2003-10-07 22:15:47 +00:00
Nick Mathewson
499bbe72d4 Add a "router_add_exit_policy_from_string" function. 
svn:r553
 2003-10-07 22:09:09 +00:00