introduce an authdir_mode() macro to match the others.
don't initialize uptime to the number of seconds since 1970.
non-authoritative dirservers don't cache their directory on disk.
make only authdirservers use clique_mode.
only read approved-routers file if you're an authdirserver.
even authdirservers fetch a new directory in do_hup.
retry_all_connections() is now called retry_all_listeners().
router_parse_list_from_string() correctly reports the router number
it's working on.
only call dirserv_add_own_fingerprint() and
dirserv_add_descriptor() on startup if we're an authdirserver.
if AuthDir and !ORPort then fail.
if AuthDir and ClientOnly then fail.
svn:r2061
More docs and (way more!) testing needed.
Done:
- Authdirservers down directories from others.
- Generate and use running-routers lists
- Cache directories; store across reboots.
- Refactor directory parsing a bit; note potential trouble spots.
svn:r1985
choose an intro point, connect to it,
choose a rend point, connect to it and establish a cookie,
get an ack from the rendezvous point,
and know when both circs are ready for her.
APConns don't use conn->purpose anymore
don't initiate a renddesc lookup if one is already in progress
also fix a buffer overflow in nickname parsing (only exploitable
by the operator though)
svn:r1471
directory is the string that dirserv.c and directory.c deal with
routerlist is routerinfo's that are bundled together in routers.c
rename some of the get_routerlist functions to set_routerlist
preparing to break into router.c for stuff the router does,
and routerlist.c for handling routerlist.
svn:r886
Allow some slop (currently 3 minutes) when checking certificate validity.
Change certificate lifetime from 1 year to 2 days. Since we
regenerate regularly (we regenerate regularly, right??), this
shouldn't be a problem.
Have directories reject descriptors published too far in the future
(currently 30 minutes). If dirservs don't do this:
0) Today is January 1, 2000.
1) A very skewed server publishes descriptor X with a declared
publication time of August 1, 2000.
2) The directory includes X.
3) Because of certificate lifetime issues, nobody can use the
skewed server.
4) The server fixes its skew, and goes to republish a new descriptor Y
with publication time of January 1, 2000.
5) But because the directory already has a "more recent" descriptor X,
it rejects descriptor "Y" as superseded!
This patch should make step 2 go away.
svn:r658
Improve debugging output on fingerprint checking.
Make sure to add our own fingerprint to the fingerprint list _before_
adding our own descriptor, or else we'll reject ourself.
Don't call a directory invalid just because we have a newer descriptor
for some router.
Use router_get_dir_hash to generate hashes for signed directories.
Make sure we add our own descriptor successfully.
Don't fall-through on failed base64-endode.
svn:r514
fix a variety of seg faults
don't try to list OPs in running-routers
write cached-directory to disk when rebuilding the dir
on boot, dirservers load approved-routers file
on boot, dirservers load cached directory file
svn:r508