Commit Graph

597 Commits

Author SHA1 Message Date
Nick Mathewson
4a22046c86 squash! Add crypto_pk_check_key_public_exponent function
Rename crypto_pk_check_key_public_exponent to crypto_pk_public_exponent_ok:
it's nice to name predicates s.t. you can tell how to interpret true
and false.
2011-05-16 14:45:06 -04:00
Robert Ransom
987190c2bc Require that certain public keys have public exponent 65537 2011-05-16 14:28:46 -04:00
Nick Mathewson
b95dd03e5f Log descriptions of nodes, not just nicknames.
This patch introduces a few new functions in router.c to produce a
more helpful description of a node than its nickame, and then tweaks
nearly all log messages taking a nickname as an argument to call these
functions instead.

There are a few cases where I left the old log messages alone: in
these cases, the nickname was that of an authority (whose nicknames
are useful and unique), or the message already included an identity
and/or an address.  I might have missed a couple more too.

This is a fix for bug 3045.
2011-05-15 21:58:46 -04:00
Nick Mathewson
9fba014e3f Merge remote-tracking branch 'public/bug3122_memcmp_022' into bug3122_memcmp_023
Conflicts in various places, mainly node-related.  Resolved them in
favor of HEAD, with copying of tor_mem* operations from bug3122_memcmp_022.

	src/common/Makefile.am
	src/or/circuitlist.c
	src/or/connection_edge.c
	src/or/directory.c
	src/or/microdesc.c
	src/or/networkstatus.c
	src/or/router.c
	src/or/routerlist.c
	src/test/test_util.c
2011-05-11 16:39:45 -04:00
Nick Mathewson
8fb38331c3 Hand-tune the new tor_memcmp instances in 0.2.2 2011-05-11 16:32:30 -04:00
Nick Mathewson
0cbcbc3412 Re-apply the automated conversion to 0.2.2 to make handle any memcmps that snuck in 2011-05-11 16:27:27 -04:00
Nick Mathewson
44ad734573 Merge remote-tracking branch 'public/3122_memcmp_squashed' into bug3122_memcmp_022
Conflicts throughout.  All resolved in favor of taking HEAD and
adding tor_mem* or fast_mem* ops as appropriate.

	src/common/Makefile.am
	src/or/circuitbuild.c
	src/or/directory.c
	src/or/dirserv.c
	src/or/dirvote.c
	src/or/networkstatus.c
	src/or/rendclient.c
	src/or/rendservice.c
	src/or/router.c
	src/or/routerlist.c
	src/or/routerparse.c
	src/or/test.c
2011-05-11 16:24:29 -04:00
Nick Mathewson
59f9097d5c Hand-conversion and audit phase of memcmp transition
Here I looked at the results of the automated conversion and cleaned
them up as follows:

   If there was a tor_memcmp or tor_memeq that was in fact "safe"[*] I
   changed it to a fast_memcmp or fast_memeq.

   Otherwise if there was a tor_memcmp that could turn into a
   tor_memneq or tor_memeq, I converted it.

This wants close attention.

[*] I'm erring on the side of caution here, and leaving some things
as tor_memcmp that could in my opinion use the data-dependent
fast_memcmp variant.
2011-05-11 16:12:51 -04:00
Nick Mathewson
db7b2a33ee Automated conversion of memcmp to tor_memcmp/tor_mem[n]eq
This commit is _exactly_ the result of

perl -i -pe 's/\bmemcmp\(/tor_memcmp\(/g' src/*/*.[ch]
perl -i -pe 's/\!\s*tor_memcmp\(/tor_memeq\(/g' src/*/*.[ch]
perl -i -pe 's/0\s*==\s*tor_memcmp\(/tor_memeq\(/g' src/*/*.[ch]
perl -i -pe 's/0\s*!=\s*tor_memcmp\(/tor_memneq\(/g' src/*/*.[ch]
git checkout src/common/di_ops.[ch]
git checkout src/or/test.c
git checkout src/common/test.h
2011-05-11 16:12:51 -04:00
Nick Mathewson
9d4c32dd2f Now that 0.2.3.1-alpha is out, require it for microdesc fetches 2011-05-05 20:54:14 -04:00
Nick Mathewson
4cc348e896 Code to make clients fetch and use microdescriptors for circuit building
To turn this on, set UseMicrodescriptors to "1" (or "auto" if you
want it on-if-you're-a-client).  It should go auto-by-default once
0.2.3.1-alpha is released.

Because of our node logic, directory caches will never use
microdescriptors when they have the right routerinfo available.
2011-05-05 20:54:12 -04:00
Nick Mathewson
78c610eea9 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	doc/tor.1.txt
2011-04-27 15:20:01 -04:00
cypherpunks
247cbab6c8 Fix double-free bug in microdesc parser 2011-04-27 15:15:32 -04:00
Nick Mathewson
4a7f979b54 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-19 12:41:01 -04:00
Nick Mathewson
5cc322e547 Standardize our printf code on %d, not %i. 2011-04-19 12:40:29 -04:00
Nick Mathewson
9eeb902d12 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-19 12:37:18 -04:00
Nick Mathewson
f52cfbfc00 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-19 12:31:55 -04:00
Nick Mathewson
0e554f93d6 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-04-19 12:31:42 -04:00
Nick Mathewson
48bdc2f729 Correct HS descriptor length check
Fixes bug 2948.
2011-04-18 13:53:13 -07:00
Robert Ransom
130db1bdeb Merge branch 'bug2750-v3' into bug2948 2011-04-18 13:36:19 -07:00
Robert Ransom
adc31001c2 Add an XXX 2011-04-18 13:25:48 -07:00
Robert Ransom
bfebc942ea Correct the warning emitted when rejecting an oversized HS desc 2011-04-18 13:17:40 -07:00
Nick Mathewson
67d88a7d60 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/common/address.c
	src/common/compat_libevent.c
	src/common/memarea.c
	src/common/util.h
	src/or/buffers.c
	src/or/circuitbuild.c
	src/or/circuituse.c
	src/or/connection.c
	src/or/directory.c
	src/or/networkstatus.c
	src/or/or.h
	src/or/routerlist.c
2011-04-07 12:17:20 -04:00
Nick Mathewson
05887f10ff Triage the XXX022 and XXX021 comments remaining in the code
Remove some, postpone others, leave some alone.  Now the only
remaining XXX022s are ones that seem important to fix or investigate.
2011-03-25 18:32:27 -04:00
Nick Mathewson
84f27eb051 Merge remote branch 'origin/maint-0.2.2' 2011-03-15 14:50:42 -04:00
Robert Ransom
98abe1420d Fix a log message typo 2011-03-15 09:48:26 -07:00
Nick Mathewson
176e8a0a2a Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	src/or/routerparse.c
2011-03-06 13:46:11 -05:00
Nick Mathewson
35fcec3880 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-03-06 13:42:28 -05:00
Nick Mathewson
2ce132e335 Oops, here's the *REAL* fix for the ipv6 issue
We need to _REJECT_ descriptors with accept6/reject6 lines.  If we
let them onto the network , other un-upgraded tors will crash.
2011-03-06 13:41:55 -05:00
Nick Mathewson
3da0837b0b Revert "Disallow reject6 and accept6 lines in descriptors"
This reverts commit b3918b3bbb.
2011-03-06 13:26:38 -05:00
Nick Mathewson
07b8b439c4 Merge remote branch 'origin/maint-0.2.2' 2011-03-06 13:23:02 -05:00
Sebastian Hahn
9f614507b6 Merge branch 'maint-0.2.1' into maint-0.2.2 2011-03-06 18:25:44 +01:00
Sebastian Hahn
b3918b3bbb Disallow reject6 and accept6 lines in descriptors
This fixes a remotely triggerable assert on directory authorities, who
don't handle descriptors with ipv6 contents well yet. We will want to
revert this once we're ready to handle ipv6.

Issue raised by lorth on #tor, who wasn't able to use Tor anymore.
Analyzed with help from Christian Fromme. Fix suggested by arma. Bugfix
on 0.2.1.3-alpha.
2011-03-06 18:20:28 +01:00
Nick Mathewson
a880429a76 Merge remote branch 'origin/maint-0.2.2' 2011-01-26 11:08:02 -05:00
Nick Mathewson
71862ed763 Fix bug in verifying directory signatures with short digests
If we got a signed digest that was shorter than the required digest
length, but longer than 20 bytes, we would accept it as long
enough.... and then immediately fail when we want to check it.

Fixes bug 2409; bug in 0.2.2.20-alpha; found by piebeer.
2011-01-25 17:15:22 -05:00
Nick Mathewson
f6a25a995e Merge remote branch 'origin/maint-0.2.2' 2011-01-19 13:26:23 -05:00
Nick Mathewson
a793f1f6f2 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-01-19 13:25:38 -05:00
Nick Mathewson
c8f94eed12 Oops; actually add the code to the last patch. :/ 2011-01-19 13:25:17 -05:00
Roger Dingledine
4ff97e3775 Merge branch 'maint-0.2.2' 2011-01-15 22:39:15 -05:00
Sebastian Hahn
026e7987ad Sanity-check consensus param values
We need to make sure that the worst thing that a weird consensus param
can do to us is to break our Tor (and only if the other Tors are
reliably broken in the same way) so that the majority of directory
authorities can't pull any attacks that are worse than the DoS that
they can trigger by simply shutting down.

One of these worse things was the cbtnummodes parameter, which could
lead to heap corruption on some systems if the value was sufficiently
large.

This commit fixes this particular issue and also introduces sanity
checking for all consensus parameters.
2011-01-15 19:42:17 +01:00
Nick Mathewson
1758ef51de Merge remote branch 'origin/maint-0.2.2' 2011-01-15 13:26:02 -05:00
Nick Mathewson
1393985768 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2
Conflicts:
	src/or/routerparse.c
	src/or/test.c
2011-01-15 13:25:13 -05:00
Nick Mathewson
b97b0efec8 Merge branch 'bug2352_obsize' into maint-0.2.1 2011-01-15 13:15:06 -05:00
Nick Mathewson
1b8f2ef550 Merge remote branch 'origin/maint-0.2.2' 2011-01-15 12:03:44 -05:00
Nick Mathewson
ed87738ede Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2
Conflicts:
	src/or/config.c
	src/or/networkstatus.c
	src/or/rendcommon.c
	src/or/routerparse.c
	src/or/test.c
2011-01-15 12:02:55 -05:00
Nick Mathewson
115782bdbe Fix a heap overflow found by debuger, and make it harder to make that mistake again
Our public key functions assumed that they were always writing into a
large enough buffer.  In one case, they weren't.

(Incorporates fixes from sebastian)
2011-01-15 11:49:25 -05:00
Nick Mathewson
1f3b442023 catch another overlong malloc possibility. found by cypherpunks 2011-01-15 10:42:11 -05:00
Nick Mathewson
373a1bc40e Impose maximum sizes on parsed objects
An object, you'll recall, is something between -----BEGIN----- and
-----END----- tags in a directory document.  Some of our code, as
doorss has noted in bug 2352, could assert if one of these ever
overflowed SIZE_T_CEILING but not INT_MAX.  As a solution, I'm setting
a maximum size on a single object such that neither of these limits
will ever be hit.  I'm also fixing the INT_MAX checks, just to be sure.
2011-01-10 12:12:11 -05:00
Nick Mathewson
729f404efe Add logic in routerparse to not read overlong private keys
I am not at all sure that it is possible to trigger a bug here,
but better safe than sorry.
2011-01-10 12:07:34 -05:00
Nick Mathewson
989db9aed1 fix whitespace issues 2011-01-03 11:57:42 -05:00
Nick Mathewson
8730884ebe Merge remote branch 'origin/maint-0.2.2' 2011-01-03 11:53:28 -05:00
Nick Mathewson
f1de329e78 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2
Conflicts:
	src/common/test.h
	src/or/test.c
2011-01-03 11:51:17 -05:00
Nick Mathewson
1a07348a50 Bump copyright statements to 2011 2011-01-03 11:50:39 -05:00
Nick Mathewson
d4e660ff68 Merge remote branch 'origin/maint-0.2.2' 2010-11-10 16:07:04 -05:00
Nick Mathewson
a4bf5b51e9 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2010-11-10 16:06:43 -05:00
Nick Mathewson
2a50dd9359 Enforce multiplicity rules when parsing annotations.
We would never actually enforce multiplicity rules when parsing
annotations, since the counts array never got entries added to it for
annotations in the token list that got added by earlier calls to
tokenize_string.

Found by piebeer.
2010-11-10 16:02:02 -05:00
Nick Mathewson
089137f011 Fix a bug where seting allow_annotations==0 only ignores annotations, but does not block them 2010-11-10 16:02:02 -05:00
Nick Mathewson
1bb9734e3a Implement policies for nodes (and for microdescriptors too) 2010-10-01 18:14:28 -04:00
Nick Mathewson
45f1e4d5ee Rename routerstatus_t.is_running to is_flagged_running
This was the only flag in routerstatus_t that we would previously
change in a routerstatus_t in a consensus. We no longer have reason
to do so -- and probably never did -- as you can now confirm more
easily than you could have done by grepping for is_running before
this patch.

The name change is to emphasize that the routerstatus_t is_running
flag is only there to tell you whether the consensus says it's
running, not whether it *you* think it's running.
2010-10-01 18:14:27 -04:00
Nick Mathewson
26e897420e Initial conversion to use node_t throughout our codebase.
A node_t is an abstraction over routerstatus_t, routerinfo_t, and
microdesc_t.  It should try to present a consistent interface to all
of them.  There should be a node_t for a server whenever there is
  * A routerinfo_t for it in the routerlist
  * A routerstatus_t in the current_consensus.
(note that a microdesc_t alone isn't enough to make a node_t exist,
since microdescriptors aren't usable on their own.)

There are three ways to get a node_t right now: looking it up by ID,
looking it up by nickname, and iterating over the whole list of
microdescriptors.

All (or nearly all) functions that are supposed to return "a router"
-- especially those used in building connections and circuits --
should return a node_t, not a routerinfo_t or a routerstatus_t.

A node_t should hold all the *mutable* flags about a node.  This
patch moves the is_foo flags from routerinfo_t into node_t.  The
flags in routerstatus_t remain, but they get set from the consensus
and should not change.

Some other highlights of this patch are:

  * Looking up routerinfo and routerstatus by nickname is now
    unified and based on the "look up a node by nickname" function.
    This tries to look only at the values from current consensus,
    and not get confused by the routerinfo_t->is_named flag, which
    could get set for other weird reasons.  This changes the
    behavior of how authorities (when acting as clients) deal with
    nodes that have been listed by nickname.

  * I tried not to artificially increase the size of the diff here
    by moving functions around.  As a result, some functions that
    now operate on nodes are now in the wrong file -- they should
    get moved to nodelist.c once this refactoring settles down.
    This moving should happen as part of a patch that moves
    functions AND NOTHING ELSE.

  * Some old code is now left around inside #if 0/1 blocks, and
    should get removed once I've verified that I don't want it
    sitting around to see how we used to do things.

There are still some unimplemented functions: these are flagged
with "UNIMPLEMENTED_NODELIST()."  I'll work on filling in the
implementation here, piece by piece.

I wish this patch could have been smaller, but there did not seem to
be any piece of it that was independent from the rest.  Moving flags
forces many functions that once returned routerinfo_t * to return
node_t *, which forces their friends to change, and so on.
2010-10-01 18:14:27 -04:00
Nick Mathewson
f3e8bc391a Remove the has_old_dnsworkers flag. 2010-09-28 23:37:45 -04:00
Nick Mathewson
9f5b752e4f Actually parse the m lines from a microdesc consensus 2010-09-27 18:04:44 -04:00
Sebastian Hahn
05072723cb Create routerparse.h 2010-07-27 10:00:46 +02:00
Sebastian Hahn
df9d42cef5 Create rephist.h 2010-07-27 10:00:46 +02:00
Sebastian Hahn
7bd8dee463 Create policies.h 2010-07-27 10:00:45 +02:00
Sebastian Hahn
69fcbbaa89 Create networkstatus.h 2010-07-27 07:58:16 +02:00
Sebastian Hahn
86d6bfe448 Create microdesc.h 2010-07-27 07:58:16 +02:00
Sebastian Hahn
85f7d54418 Create dirvote.h 2010-07-27 07:58:16 +02:00
Sebastian Hahn
7d4c027fb0 Create dirserv.h 2010-07-27 07:58:16 +02:00
Sebastian Hahn
c4f8f1316e Create config.h 2010-07-27 07:58:14 +02:00
Sebastian Hahn
31e81439e1 Create rendcommon.h 2010-07-27 07:56:25 +02:00
Sebastian Hahn
cbee969f40 Create routerlist.h 2010-07-27 07:56:25 +02:00
Sebastian Hahn
c53b6cc831 Create router.h 2010-07-27 07:56:25 +02:00
Nick Mathewson
9caecc1e48 Merge branch 'fix_routerparse_bug' 2010-02-28 13:48:05 -05:00
Nick Mathewson
b006e3279f Merge remote branch 'origin/maint-0.2.1'
Conflicts:
	src/common/test.h
	src/or/test.c
2010-02-27 17:16:31 -05:00
Nick Mathewson
c3e63483b2 Update Tor Project copyright years 2010-02-27 17:14:21 -05:00
Nick Mathewson
27a8a56e6c Fix a consensus-extension bug found by outofwords
When the bandwidth-weights branch added the "directory-footer"
token, and began parsing the directory footer at the first
occurrence of "directory-footer", it made it possible to fool the
parsing algorithm into accepting unsigned data at the end of a
consensus or vote.  This patch fixes that bug by treating the footer
as starting with the first "directory-footer" or the first
"directory-signature", whichever comes first.
2010-02-27 17:07:05 -05:00
Nick Mathewson
1c25077b1c fix some wide lines in routerparse.c 2010-02-27 16:33:22 -05:00
Nick Mathewson
937b5cdd41 Merge remote branch 'origin/maint-0.2.1'
Conflicts:
	ChangeLog
	src/or/routerparse.c
2010-02-27 15:34:02 -05:00
Sebastian Hahn
b67657bd95 Properly handle non-terminated strings
Treat strings returned from signed_descriptor_get_body_impl() as not
NUL-terminated. Since the length of the strings is available, this is
not a big problem.

Discovered by rieo.
2010-02-27 02:13:22 +01:00
Sebastian Hahn
1c39dbd53a Don't segfault when checking the consensus 2010-02-26 08:01:40 +01:00
Nick Mathewson
1e1d471002 Don't believe unauthenticated info in a consensus.
Don't allow anything but directory-signature tokens in a consensus after
the first directory-signature token.  Fixes bug in bandwidth-weights branch.
Found by "outofwords."
2010-02-26 01:02:20 -05:00
Nick Mathewson
eb10d441b6 Fix 64-bit printf issues in consensus-bw-weights5-merge.
For my 64-bit Linux system running with GCC 4.4.3-fc12-whatever, you
can't do 'printf("%lld", (int64_t)x);' Instead you need to tell the
compiler 'printf("%lld", (long long int)x);' or else it doesn't
believe the types match.  This is why we added U64_PRINTF_ARG; it
looks like we needed an I64_PRINTF_ARG too.
2010-02-25 16:22:40 -05:00
Mike Perry
87a0430a74 Clearly mark directory footer so we parse the new weight line. 2010-02-22 16:52:11 -08:00
Mike Perry
df1ef2f0f0 Add parsing+verification for bw weight values. 2010-02-22 16:52:11 -08:00
Sebastian Hahn
5aa9610dd6 network-status-version must come first in a vote/consensus
Spec conformance issue: The code didn't force the network-status-version
token to be the first token in a v3 vote or consensus.

Problem discovered by Parakeep.
2010-02-22 09:16:26 +01:00
Karsten Loesing
f80672d747 Remove duplicate words and a duplicate newline. 2009-12-18 12:55:05 +01:00
Nick Mathewson
0c1b3070cf Now that FOO_free(NULL) always works, remove checks before calling it. 2009-12-12 02:07:59 -05:00
Sebastian Hahn
3807db001d *_free functions now accept NULL
Some *_free functions threw asserts when passed NULL. Now all of them
accept NULL as input and perform no action when called that way.

This gains us consistence for our free functions, and allows some
code simplifications where an explicit null check is no longer necessary.
2009-12-12 03:29:44 +01:00
Nick Mathewson
200c39b66c Document the microdescriptor code better. 2009-10-18 18:46:12 -04:00
Nick Mathewson
a19981725d Parse detached signatures and microdesc networkstatuses correctly. 2009-10-15 15:17:13 -04:00
Nick Mathewson
5576a3a094 Parse detached signature documents with multiple flavors and algorithms. 2009-10-15 15:17:13 -04:00
Nick Mathewson
3b2fc659a8 Refactor consensus signature storage for multiple digests and flavors.
This patch introduces a new type called document_signature_t to represent the
signature of a consensus document.  Now, each consensus document can have up
to one document signature per voter per digest algorithm.  Also, each
detached-signatures document can have up to one signature per <voter,
algorithm, flavor>.
2009-10-15 15:17:13 -04:00
Nick Mathewson
e1ddee8bbe Code to generate, store, and parse microdescriptors and consensuses.
The consensus documents are not signed properly, not served, and not
exchanged yet.
2009-10-15 15:17:13 -04:00
Nick Mathewson
a7ba02f3f1 Add ability to parse one or more m line from a vote. 2009-10-15 15:17:13 -04:00
Nick Mathewson
c5f7f04aff Allow signed data to include other hashes later.
Previously, we insisted that a valid signature must be a signature of
the expected digest.  Now we accept anything that starts with the
expected digest.  This lets us include another digest later.
2009-10-15 15:17:12 -04:00
Nick Mathewson
15f4e9600c Signature-checking code can handle longer digests. 2009-10-15 15:17:12 -04:00
Nick Mathewson
8b2f6b27fd Make signature-generation code handle different key and digest lengths. 2009-10-15 15:17:12 -04:00
Nick Mathewson
83c3f118db Code to parse and access network parameters.
Partial backport of 381766ce4b.
Partial backport of 56c6d78520.
2009-10-14 16:15:41 -04:00
Roger Dingledine
9eb5edc093 Merge commit 'sebastian/specconformance' 2009-09-16 20:37:43 -04:00
Nick Mathewson
ed7283d283 Merge commit 'origin/maint-0.2.1'
Resolved conflicts in:
	src/or/circuitbuild.c
2009-09-15 19:37:26 -04:00
Nick Mathewson
381766ce4b Implement proposal 167: Authorities vote on network parameters.
This code adds a new field to vote on: "params".  It consists of a list of
sorted key=int pairs.  The output is computed as the median of all the
integers for any key on which anybody voted.

Improved with input from Roger.
2009-09-14 23:21:53 -04:00
Sebastian Hahn
b792afa919 Fix a memory leak when parsing a ns
Adding the same vote to a networkstatus consensus leads to a memory leak
on the client side. Fix that by only using the first vote from any given
voter, and ignoring the others.

Problem found by Rotor, who also helped writing the patch. Thanks!
2009-09-14 22:25:08 +02:00
Sebastian Hahn
c1a6fb42ac Fix a spec conformance issue when parsing a ns vote
A vote may only contain exactly one signature. Make sure we reject
votes that violate this.

Problem found by Rotor, who also helped writing the patch. Thanks!
2009-09-14 22:06:21 +02:00
Sebastian Hahn
0a71d1c6a7 Fix compile warnings on Snow Leopard
Big thanks to nickm and arma for helping me with this!
2009-09-01 22:16:46 +02:00
Nick Mathewson
1cda6f3e75 Merge commit 'origin/maint-0.2.1' 2009-09-01 15:59:40 -04:00
Sebastian Hahn
aea9cf1011 Fix compile warnings on Snow Leopard
Big thanks to nickm and arma for helping me with this!
2009-09-01 18:36:27 +02:00
Karsten Loesing
889c07f1fc When Tor fails to parse a descriptor of any kind, dump it to disk. 2009-08-26 20:15:47 -04:00
Nick Mathewson
1d9b8a1e16 Merge commit 'karsten/proposal-166-impl-master' 2009-08-26 11:36:40 -04:00
Nick Mathewson
daa0326aaa Add the first 8 bytes of the git commit digest to our versions.
Note that unlike subversion revision numbers, it isn't meaningful to
compare these for anything but equality.  We define a sort-order anyway,
in case one of these accidentally slips into a recommended-versions
list.
2009-08-21 12:31:13 -04:00
Karsten Loesing
9179bcb923 Include contents of *-stats files in descriptor. 2009-08-17 13:30:10 +02:00
Mike Perry
6fbdf635fa Implement measured bw parsing + unit tests. 2009-08-06 11:48:03 -07:00
Nick Mathewson
ec7e054668 Spell-check Tor. 2009-05-27 17:55:51 -04:00
Karsten Loesing
9b32e8c141 Update copyright to 2009. 2009-05-04 11:28:27 -04:00
Nick Mathewson
d50501e5ed Fix a few crash bugs related to malormed descriptors. Lark found one; fuzzing found the rest.
svn:r19250
2009-04-09 19:58:16 +00:00
Roger Dingledine
28d97f8262 uh, and commit the patch too.
svn:r18423
2009-02-09 03:13:14 +00:00
Nick Mathewson
261f49fe26 Fix a possible cause of bug 915 when parsing multiple votes one of which was bad. Bugfix on 0.2.0.8-alpha.
svn:r18354
2009-01-31 18:27:38 +00:00
Nick Mathewson
a33452c401 Fix up (I hope) most ot the things that coverity suddenly claimed were REVERSE_INULL. This is what we get for bragging about being down to 0 issues.
svn:r18096
2009-01-13 14:43:51 +00:00
Nick Mathewson
c4b8fef362 Remove svn $Id$s from our source, and remove tor --version --version.
The subversion $Id$ fields made every commit force a rebuild of
whatever file got committed.  They were not actually useful for
telling the version of Tor files in the wild.

svn:r17867
2009-01-04 00:35:51 +00:00
Nick Mathewson
76a2e11f91 Downgrade the last xxx021 in routerparse. The duplicate code stands for now.
svn:r17817
2008-12-29 19:57:04 +00:00
Nick Mathewson
a332805a55 Extact parse-the-token-arguments to its own function, and change it to a single-pass algorithm. This simplifies the parsing code and speeds it up a little.
svn:r17812
2008-12-29 16:54:56 +00:00
Nick Mathewson
fa6e72dc4b Remove a call to find_whitespace_eos that didn't actually do anything.
svn:r17811
2008-12-29 16:54:51 +00:00
Nick Mathewson
870fd18b8f Refactor some exit-policy-related functions that showed up in oprofile.
Specifically, split compare_tor_addr_to_addr_policy() from a loop with a bunch
of complicated ifs inside into some ifs, each with a simple loop.  Rearrange
router_find_exact_exit_enclave() to run a little faster.  Bizarrely,
router_policy_rejects_all() shows up on oprofile, so precalculate it per
routerinfo.

svn:r17802
2008-12-29 01:47:28 +00:00
Nick Mathewson
558e9899e4 Document most undocumented variables.
svn:r17754
2008-12-23 17:56:31 +00:00
Nick Mathewson
b68379b13b Add DOCDOC entries for undocumented static and global variables.
svn:r17739
2008-12-22 19:00:05 +00:00
Nick Mathewson
1e5f457461 Fix most DOCDOCs remaining and/or added by redox.
svn:r17734
2008-12-22 17:53:04 +00:00
Nick Mathewson
1725c0c8a5 Add DOCDOC comments for all undocumented functions. Add missing *s to other comments so that they will get recognized as doxygen.
svn:r17729
2008-12-22 14:56:28 +00:00
Nick Mathewson
f43bcdc063 Use ctags and a python script to find identifiers that are never used anywhere, and remove the ones that we really want gone.
svn:r17651
2008-12-17 17:20:42 +00:00
Nick Mathewson
69ce955484 Add cross-certification to authority key certificates. Partial implementation of proposal 157.
svn:r17610
2008-12-12 18:31:39 +00:00
Nick Mathewson
04ec7d1f98 Now that tor_assert is no longer using a broken force-to-boolean formulation, we can tor_assert a bitfield without a gcc compile error.
svn:r17598
2008-12-11 20:28:50 +00:00
Nick Mathewson
bb02f919f1 Refactor find_first_by_keyword into one variant that can return NULL and one that can't.
This makes it easier for us to avoid errors where we we forgot to list a keyword as mandatory, and easier for Coverity to detect cases like this too.

svn:r17595
2008-12-11 19:40:58 +00:00
Nick Mathewson
e06442b648 Add a couple of sanity-checks for return values that coverity thinks we ought to have. CIDs 337, 335.
svn:r17485
2008-12-05 01:35:49 +00:00
Nick Mathewson
a26188cee9 fix bug 880: find the end of an authority cert by looking for the first ----END SIGNATURE----- after the first dir-key-certification, not for the first ----END SIGNATURE. Harmless bug, but it made us non-spec-compliant.
svn:r17470
2008-12-03 03:42:19 +00:00
Nick Mathewson
3ebd1ebeca The chunk_size field in memarea_t was never actually set. Remove the whole thing.
svn:r17195
2008-11-05 20:34:22 +00:00
Nick Mathewson
73c6cb8353 Fix unit test failure related to intro point parsing.
svn:r17188
2008-11-03 16:36:15 +00:00
Nick Mathewson
e147e867be Proposal 152 implementation from Josh Albrecht, with tweaks.
svn:r16983
2008-09-26 18:58:45 +00:00
Nick Mathewson
8bbbbaf87b Add country-code support to configured node lists to implement the ever-popular "no exits in Monaco" feature (ExcludeExitNodes {MC}). Also allow country codes and IP ranges in ExitNodes. (EntryNodes needs more work.) Based on code by Robert Hogan. Needs more testing.
svn:r16966
2008-09-25 20:21:35 +00:00
Roger Dingledine
cc8b2247bf make r16598 compile on 64-bit too
svn:r16604
2008-08-20 05:15:08 +00:00
Nick Mathewson
24f1d29be1 Apply proposal 121 patch 3, with minor tweaks and a few comments.
svn:r16598
2008-08-19 15:41:28 +00:00
Peter Palfrader
e27b448c57 Do not split stored exit policy summary into type(accept/reject) and portlist. At least not just yet
svn:r16553
2008-08-14 23:01:21 +00:00
Peter Palfrader
41730a893c Rename a field so weasel likes it better
svn:r16552
2008-08-14 23:01:09 +00:00
Peter Palfrader
ceae7ed960 Add bw to consensus
svn:r16551
2008-08-14 23:00:57 +00:00
Peter Palfrader
82f8050ac4 Parse policies and weight (bw) into routerstatuses
svn:r16550
2008-08-14 23:00:44 +00:00
Peter Palfrader
b246c4de9b asserting(s) is better than segfaulting if it turns out to be NULL later
svn:r16538
2008-08-14 12:37:14 +00:00
Nick Mathewson
60a0ae198d Patch cleanups from karsten
svn:r16479
2008-08-09 15:13:28 +00:00
Nick Mathewson
22259a0877 The first of Karsten's proposal 121 patches: configure and maintain client authorization data. Tweaked a bit: see comments on or-dev.
svn:r16475
2008-08-08 14:36:11 +00:00
Nick Mathewson
960a0f0a99 r17641@31-33-44: nickm | 2008-08-05 16:07:53 -0400
Initial conversion of uint32_t addr to tor_addr_t addr in connection_t and related types.  Most of the Tor wire formats using these new types are in, but the code to generate and use it is not.  This is a big patch.  Let me know what it breaks for you.


svn:r16435
2008-08-05 20:08:19 +00:00
Nick Mathewson
3ce6e2fba2 r17346@aud-055: nickm | 2008-07-24 15:37:19 +0200
Make generic address manipulation functions work better.  Switch address policy code to use tor_addr_t, so it can handle IPv6.  That is a good place to start.


svn:r16178
2008-07-24 13:44:04 +00:00
Nick Mathewson
dff1ef7d06 r17337@aud-055: nickm | 2008-07-24 10:17:43 +0200
Refactor the is_vote field of networkstatus_t to add a third possibility ("opinion") in addition to vote and opinion.  First part of implementing proposal 147.


svn:r16166
2008-07-24 09:22:27 +00:00
Nick Mathewson
787c66b70f r16917@tombo: nickm | 2008-07-11 12:55:26 -0400
Remove token enum constant in routerparse.c that we do not actually use.


svn:r15841
2008-07-11 17:08:05 +00:00