ERR is if something fatal just happened
WARNING is something bad happened, but we're still running. The bad thing
is either a bug in the code, an attack or buggy protocol/implementation
of the remote peer, etc. The operator should examine the bad thing and
try to correct it.
(No error or warning messages should be expected. I expect most people
to run on -l warning eventually.)
NOTICE is never ever used.
INFO means something happened (maybe bad, maybe ok), but there's nothing
you need to (or can) do about it.
DEBUG is for everything louder than INFO.
svn:r486
redo all the config files for the new format (we'll redo them again soon)
fix (another! yuck) segfault in log_fn when input is too large
tor_tls_context_new() returns -1 for error, not NULL
fix segfault in check_conn_marked() on conn's that die during tls handshake
make ORs also initialize conn from router when we're the receiving node
make non-dirserver ORs upload descriptor to every dirserver on startup
add our local address to the descriptor
add Content-Length field to POST command
revert the Content-Length search in fetch_from_buf_http() to previous code
fix segfault in memmove in fetch_from_buf_http()
raise maximum allowed headers/body size in directory.c
svn:r484
'buf_t' is now an opaque type defined in buffers.c .
Router descriptors now include all keys; routers generate keys as
needed on startup (in a newly defined "data directory"), and generate
their own descriptors. Descriptors are now self-signed.
Implementation is not complete: descriptors are never published; and
upon receiving a descriptor, the directory doesn't do anything with
it.
At least "routers.or" and orkeygen are now obsolete, BTW.
svn:r483
Fixed up the assert_*_ok funcs some (more work remains)
Changed config so it reads either /etc/torrc or the -f arg, never both
Finally tracked down a nasty bug with our use of tls:
It turns out that if you ask SSL_read() for no more than n bytes, it
will read the entire record from the network (and maybe part of the next
record, I'm not sure), give you n bytes of it, and keep the remaining
bytes internally. This is fine, except our poll-for-read looks at the
network, and there are no bytes pending on the network, so we never know
to ask SSL_read() for more bytes. Currently I've hacked it so if we ask
for n bytes and it returns n bytes, then it reads again right then. This
will interact poorly with our rate limiting; we need a cleaner solution.
svn:r481
we still use bandwidth on a per-connection basis for rate
limiting. but it's unclear if we need this infrastructure in
addition to the total-bandwidth rate limiting that we also do.
i'll leave both infrastructures in, and we'll remove the
per-connection one if it starts rotting too much.
svn:r413
- signal support
- forking for DNS farm
- changes for async IO
- daemonizing
In other words, some files still don't build, and the ones that do build,
do nonblocking IO incorrectly.
I'm also not checking in the project files till I have a good place
for them.
svn:r380
prkey is only fetched when it's needed
tor nodes who aren't dirservers now fetch directories and autoconnect
to new nodes listed in the directory
default role is a non-dirserver node
svn:r120
revamped the router reading section
reference counting for crypto pk env's (so we can dup them)
we now read and write pem pk keys from string rather than from FILE*,
in anticipation of fetching directories over a socket
(so now on startup we slurp in the whole file, then parse it as a string)
fixed a bug in the proxy side, where you could get some circuits
wedged if they showed up while the connection was being made
svn:r110
this is a checkpoint before i fix the fact that port is always kept in
network order -- which makes no sense, because network order is different
on different machines, which is the whole point.
svn:r81