Esteban Manchado Velázquez
f81af6d791
Add test for comments in the config parser
2012-03-08 20:49:17 -05:00
Esteban Manchado Velázquez
5a206dbb7a
Remove duplicated macro definition
2012-03-08 20:49:17 -05:00
Esteban Manchado Velázquez
f9ad35c361
Add test for broken hex parsing
...
* The test currently fails, but it's commented out (with an "#if 0")
* As a broken octal actually gives a parse error, it seems fair that this
fails, too
2012-03-08 20:49:17 -05:00
Esteban Manchado Velázquez
a753ef8517
Fix typo in config parser documentation
2012-03-08 20:49:17 -05:00
Esteban Manchado Velázquez
72d455b5eb
Improve config parser escaped content tests
2012-03-08 20:49:17 -05:00
Esteban Manchado Velázquez
4d9dda9bb9
Add tests for escaped content in config
2012-03-08 20:49:17 -05:00
Esteban Manchado Velázquez
57a4e07665
Add quoted content tests for the config parser
2012-03-08 20:49:16 -05:00
Esteban Manchado Velázquez
2a720847ad
Fix documentation URLs in config file comments
2012-03-08 20:49:16 -05:00
Nick Mathewson
ec8a06c5a1
Require a threshold of exit nodes before building circuits
...
This mitigates an attack proposed by wanoskarnet, in which all of a
client's bridges collude to restrict the exit nodes that the client
knows about. Fixes bug 5343.
2012-03-08 15:42:54 -05:00
Nick Mathewson
3fc3ed50a1
Merge remote-tracking branch 'public/bug4361'
...
Conflicts:
src/or/command.c
2012-03-08 14:23:52 -05:00
Nick Mathewson
5daa765bd1
Merge remote-tracking branch 'origin/maint-0.2.2'
2012-03-08 14:15:18 -05:00
Sebastian Hahn
fe50b676bc
Fix compile warnings in openbsd malloc
2012-03-08 19:28:59 +01:00
Nick Mathewson
57ed8fbbdd
Merge remote-tracking branch 'origin/maint-0.2.2'
2012-03-08 10:50:33 -05:00
Nick Mathewson
9d5d3a7fd4
Merge remote-tracking branch 'karsten/geoip-march2012' into maint-0.2.2
2012-03-08 10:50:03 -05:00
Karsten Loesing
c5d7ee714f
Update to the March 2012 GeoIP database.
2012-03-08 09:35:15 +01:00
Roger Dingledine
b5a8c3aa00
Remove misleading function comment (bug 5324)
...
In the distant past, connection_handle_read() could be called when there
are pending bytes in the TLS object during the main loop. The design
since then has been to always read all pending bytes immediately, so
read events only trigger when the socket actually has bytes to read.
Resolves bug 5324.
2012-03-07 21:07:30 -05:00
Nick Mathewson
298e08132f
Merge remote-tracking branch 'public/bug4760'
2012-03-05 10:44:48 -05:00
Nick Mathewson
77a7a980d0
Don't leak the env_vars_sorted smartlist in process_environment_make
...
Found by Coverity.
No changes/ file, because this bug has not been in a release yet.
2012-02-29 19:49:26 -05:00
Nick Mathewson
6a0d809f44
Merge remote-tracking branch 'sebastian/bug5231'
2012-02-29 15:16:15 -05:00
Roger Dingledine
406bc95271
Merge branch 'maint-0.2.2'
2012-02-29 13:23:23 -05:00
Roger Dingledine
e21756908f
new ip address for maatuska
2012-02-29 13:22:41 -05:00
Roger Dingledine
c26aaf9cba
whitespace fix
2012-02-29 13:17:52 -05:00
Sebastian Hahn
2755b09c52
Don't cannibalize already cannibalized circuits
...
This ensures we don't build circuits that have 5 hops or more. Patch
contributed by wanoskarnet, thanks!
2012-02-25 17:59:21 +01:00
Daniel Bryg
f7e87f41f7
When not fetching v2 dir info, don't require it for cleaning descriptors
...
Bugfix on 0.2.2.26-beta, which introduced the idea of caches not
cacheing v2 info. Fixes bug 4838.
2012-02-23 13:59:37 -05:00
Robert Ransom
e111e371b4
Implement 'safe cookie authentication'
2012-02-22 05:46:09 -08:00
Nick Mathewson
a5704b1c62
Add a sha256 hmac function, with tests
...
(cherry picked from commit fdbb9cdf74
)
2012-02-22 05:46:08 -08:00
Nick Mathewson
81fe3e438b
Merge remote-tracking branch 'sebastian/bug5161'
2012-02-20 13:00:17 -05:00
Nick Mathewson
73d2f335c5
Merge remote-tracking branch 'pmezard/armv5'
2012-02-20 12:53:49 -05:00
Patrick Mézard
857ae345c8
Fix off-by-one error in test_util_make_environment
2012-02-20 14:12:50 +01:00
Robert Ransom
cd029f0ca3
Fix crypto_hmac_sha256 documentation comment
2012-02-20 02:47:10 -08:00
Sebastian Hahn
bc66878bde
Don't redeclare environ if std headers already did
...
This would cause a redundant redeclaration warning on some versions of
Linux otherwise.
2012-02-19 16:52:38 +01:00
Roger Dingledine
3a94530595
document a cool attack that we evaluated
2012-02-17 14:02:25 -05:00
Nick Mathewson
1d36693570
Use get_environment(), not environ.
2012-02-17 11:50:19 -05:00
Nick Mathewson
eaedcba493
Merge branch 'bug5105-v2-squashed'
...
Conflicts:
src/or/transports.c
2012-02-17 11:50:10 -05:00
Robert Ransom
773290c09a
Add unit tests for easily tested, non-trivial utility functions
2012-02-17 11:42:21 -05:00
Robert Ransom
33552c16ca
Heap-allocate strings returned by get_current_process_environment_variables
2012-02-17 11:42:21 -05:00
Robert Ransom
c0808b795f
Pass process_environment_t * to tor_spawn_background
...
Now tor_spawn_background's prototype is OS-independent.
2012-02-17 11:42:20 -05:00
Robert Ransom
ee3a49d6ed
Remove (void)envp from tor_spawn_background
...
The envp argument is used on Windows.
2012-02-17 11:42:20 -05:00
Robert Ransom
bf1ce3f53d
Rewrite managed proxy environment setup code
...
Now, the environment setup is entirely OS-independent, as well as less
hacky and brittle.
2012-02-17 11:42:20 -05:00
Robert Ransom
340d906419
Change type of unixoid_environment_block to match tor_spawn_background's arg
2012-02-17 11:42:20 -05:00
Robert Ransom
d37a1ec8c6
Add set_environment_variable_in_smartlist
2012-02-17 11:42:20 -05:00
Robert Ransom
0ba93e184a
Add get_current_process_environment_variables
2012-02-17 11:42:19 -05:00
Robert Ransom
98cec14982
Add process_environment_make and related utilities
2012-02-17 11:42:19 -05:00
Robert Ransom
806e0f7e19
Add tor_calloc
2012-02-17 11:42:19 -05:00
Nick Mathewson
936b7b7b0b
Downgrade "Registered server transport" msg to notice. Bug 5136
2012-02-15 12:58:36 -05:00
Sebastian Hahn
19b4df0d46
Include compat.h from natpmp-helper to fix build
...
This means tor_socket_t is declared.
2012-02-14 23:36:39 +01:00
Sebastian Hahn
efb7b9dec1
Use _NSGetEnviron() instead of environ where required
...
OS X would otherwise crash with a segfault when linked statically to
some libraries.
2012-02-14 11:18:39 -05:00
Nick Mathewson
077b9f19a4
If SOCK_CLOEXEC and friends fail, fall back to regular socket() calls
...
Since 0.2.3.1-alpha, we've supported the Linux extensions to socket(),
open(), socketpair(), and accept() that enable us to create an fd and
make it close-on-exec with a single syscall. This not only saves us a
syscall (big deal), but makes us less vulnerable to race conditions
where we open a socket and then exec before we can make it
close-on-exec.
But these extensions are not supported on all Linuxes: They were added
between 2.6.23 or so and 2.6.28 or so. If you were to build your Tor
against a recent Linux's kernel headers, and then run it with a older
kernel, you would find yourselve unable to open sockets. Ouch!
The solution here is that, when one of these syscalls fails with
EINVAL, we should try again in the portable way. This adds an extra
syscall in the case where we built with new headers and are running
with old ones, but it will at least allow Tor to work.
Fixes bug 5112; bugfix on 0.2.3.1-alpha.
2012-02-14 10:34:06 -05:00
Sebastian Hahn
efcdc930fb
Make ht.h conform to Tor's code style again
...
When porting over changes from libevent, a bunch of tabs and a couple of
long lines got introduced.
2012-02-14 11:13:06 +01:00
Nick Mathewson
a31fb42d2e
Port over the last ht.h changes from libevent: avoid _reserved identifiers
2012-02-13 18:40:30 -05:00
Nick Mathewson
107f604f31
Port over ht.h improvements from Libevent.
...
There is a facility (not used now in Tor) to avoid storing the hash
of a given type if it is a fast-to-calculate hash.
There are also a few ancient-openbsd compilation issues fixed here.
The fact that Tor says INLINE while Libevent says inline remains
unaddressed.
2012-02-13 18:06:40 -05:00
Nick Mathewson
1e9400d9c8
ht.h comment tweaks, upstreamed from libevent
2012-02-13 17:56:13 -05:00
Nick Mathewson
8cae9c53b7
Oops; there were a couple of typos in the upstream tinytest
2012-02-13 17:48:43 -05:00
Nick Mathewson
9efee31fae
Synchronize with upstream tinytest again: remove _identifiers
2012-02-13 17:45:15 -05:00
Nick Mathewson
3b47a11654
Synchronize with upstream tinytest.
...
The big change here is a patch (first added to Libevent by Ed Day)
to make sure that the CreateProcess forked-test trick works even
when the main test program is invoked without its .exe suffix.
2012-02-13 17:29:31 -05:00
Roger Dingledine
184a455293
bump to 0.2.3.12-alpha-dev
2012-02-13 10:53:49 -05:00
Roger Dingledine
ff0059b924
bump to 0.2.3.12-alpha
2012-02-13 00:55:03 -05:00
Nick Mathewson
c08dde7e28
Reinstate TOR_PR_EXTENDED_SERVER_PORT, just a little
2012-02-13 00:13:58 -05:00
Sebastian Hahn
93414707ae
set_managed_proxy_environment() can't fail anymore
...
It already couldn't fail on Windows, now it can't fail on non-Windows,
either.
2012-02-12 23:39:58 -05:00
Sebastian Hahn
9857ef0fb5
Properly set up environment for managed-mode obfsproxy
2012-02-12 23:39:58 -05:00
Nick Mathewson
60b42d68f3
Try to have (and maintain!) an invariant about unconfigured_proxies_n
...
The invariant is: unconfigured_proxies_n is exactly the number of
managed_proxy_t not in state PT_PROTO_COMPLETED.
To maintain this, we need to stop overloading unconfigured_proxies_n
to also count managed_proxy_t items that are in PT_PROTO_COMPLETED but
which might need relaunching. To make it so we can detect those, we
introduce another variable.
This commit also adds a function to assert that we haven't broken the
invariant.
Fix for bug 5084; bugfix on 0.2.3.6-alpha, I think.
2012-02-12 23:30:19 -05:00
Nick Mathewson
fff511a5e7
Don't smartlist_remove a managed proxy from a list we're iterating over.
...
In some cases, we solve this by doing a SMARTLIST_DEL_CURRENT before
calling managed_proxy_destroy. But for a trickier one, we just make a
copy of the list before iterating over it, so that changes to the
manage proxy list don't hurt our iteration.
This could be related to bug 5084.
2012-02-12 23:30:18 -05:00
Sebastian Hahn
d7d6da28d4
Fix a check-spaces complaint
2012-02-12 23:29:22 -05:00
Nick Mathewson
4aa0aa0300
Merge remote-tracking branch 'origin/maint-0.2.2'
...
Conflicts:
src/common/Makefile.am
src/or/Makefile.am
2012-02-12 23:27:31 -05:00
Nick Mathewson
61452299d1
Unpack a smartlist_foreach and add an assert: try to hunt #5102
2012-02-12 19:42:35 -05:00
Robert Ransom
93dbc17a1a
Fix #5097 on Windows, too
2012-02-12 19:13:17 -05:00
Robert Ransom
0e9663d439
Fix bug #5097 : remove bogus envvar from managed proxies' environment
2012-02-12 19:12:51 -05:00
Sebastian Hahn
8ce6722d76
Properly protect paths to sed, sha1sum, openssl
...
in Makefile.am, we used it without quoting it, causing build failure if
your openssl/sed/sha1sum happened to live in a directory with a space in
it (very common on windows)
2012-02-10 20:12:03 +01:00
Nick Mathewson
64523609c9
Merge remote-tracking branch 'origin/maint-0.2.2'
2012-02-10 12:03:46 -05:00
Nick Mathewson
c8b855082b
Downgrade "missing a certificate" from notice to info
...
It was apparently getting mistaken for a problem, even though it was
at notice.
Fixes 5067; fix on 0.2.0.10-alpha.
2012-02-10 12:01:56 -05:00
Nick Mathewson
8855b2a90c
Merge remote-tracking branch 'origin/maint-0.2.2'
...
Conflicts:
src/common/tortls.c
Conflict on comment near use of the new OPENSSL_V macro
2012-02-10 10:56:37 -05:00
Nick Mathewson
2da0efb547
Use correct CVE number for CVE-2011-4576. Found by fermenthor. bug 5066
2012-02-10 10:55:39 -05:00
Karsten Loesing
4741aa48a2
Roger notes that address and addr are two different things.
2012-02-09 15:54:00 +01:00
Karsten Loesing
cc94a48ff4
Simply geoip_get_country_by_addr based on arma's comment.
2012-02-09 15:22:42 +01:00
Karsten Loesing
218193d38d
Add braces around a two-line code block.
2012-02-09 11:25:48 +01:00
Karsten Loesing
4aca55efd2
Count IPv6 connections in bridge and entry stats.
2012-02-09 11:12:30 +01:00
Roger Dingledine
ef0bc7f8f2
Merge branch 'maint-0.2.2'
2012-02-09 04:21:20 -05:00
Roger Dingledine
a70ff4b2cb
Merge branch 'maint-0.2.1' into maint-0.2.2
2012-02-09 04:21:08 -05:00
Roger Dingledine
6c3cffe450
revert the revert in master, since I didn't want to revert it there
2012-02-09 04:03:36 -05:00
Roger Dingledine
929ebde2b9
Merge branch 'maint-0.2.2'
2012-02-09 04:02:18 -05:00
Roger Dingledine
85c539009a
Revert "add a "docs" to the manual URI as listed in torrc.sample.in"
...
This reverts commit 55e8cae815
.
The conversation from irc:
> weasel: i had intended to leave torrc.sample.in alone in maint-0.2.2,
since i don't want to make all your stable users have to deal with
a torrc change. but nickm changed it. is it in fact the case that a
change in that file means a change in the deb?
<weasel> it means you'll prompt every single user who ever touched
their torrc
<weasel> and they will be asked if they like your new version better
than what they have right now
<weasel> so it's not great
Instead I changed the website to redirect requests for the tor-manual
URL listed in maint-0.2.2's torrc.sample.in so the link will still work.
2012-02-09 03:57:04 -05:00
Karsten Loesing
4180624a7d
Update to the February 2012 GeoIP database.
2012-02-09 09:16:24 +01:00
Nick Mathewson
55e8cae815
add a "docs" to the manual URI as listed in torrc.sample.in
2012-02-08 10:52:05 -05:00
Sebastian Hahn
332e96d109
Fix fencepost error with HearbeatPeriod option
...
We'd only log every HeartbeatPeriod + 1 seconds. Discovered by Scott
Bennett, reported as bug 4942.
2012-02-08 04:44:15 -05:00
Roger Dingledine
9bcf315e9b
Update sample torrc file for 0.2.3.x
...
Fix broken URLs.
Tell readers about the OutboundBindAddress, ExitPolicyRejectPrivate,
and PublishServerDescriptor options.
2012-02-08 04:40:26 -05:00
Nick Mathewson
dd68d596cd
Set IPV6_V6ONLY on listener sockets bound to IPv6 addresses.
...
If we don't do this, [::] can be interpreted to mean all v4 and all
v6 addresses. Found by dcf. Fixes bug 4760. See RFC 3493 section
5.3 for more info.
2012-01-31 16:09:49 -05:00
Nick Mathewson
79a80c88ee
Fix straggling MS_WINDOWS issues; add a changes file
...
There was one MS_WINDOWS that remained because it wasn't on a macro
line; a few remaining uses (and the definition!) in configure.in;
and a now-nonsensical stanza of eventdns_tor.h that previously
defined 'WIN32' if it didn't exist.
2012-01-31 15:48:47 -05:00
Nick Mathewson
5cf9167f91
Use the standard _WIN32, not the Torism MS_WINDOWS or deprecated WIN32
...
This commit is completely mechanical; I used this perl script to make it:
#!/usr/bin/perl -w -i.bak -p
if (/^\s*\#/) {
s/MS_WINDOWS/_WIN32/g;
s/\bWIN32\b/_WIN32/g;
}
2012-01-31 15:48:47 -05:00
Nick Mathewson
2305454327
Merge remote-tracking branch 'arma/bug4013'
2012-01-31 11:25:29 -05:00
Nick Mathewson
48424772aa
Actually enable the windows absolute-path code
...
Checking for "WINDOWS" is wrong; our magic macro is MS_WINDOWS
Fixes bug 4973; bugfix on 0.2.3.11-alpha.
2012-01-31 10:42:41 -05:00
Roger Dingledine
b1ee1927b1
if we ever have an old bridge, never again use microdescs
...
should reduce the risk of oscillation if our 0.2.2 bridge comes and goes
2012-01-27 17:22:31 -05:00
Roger Dingledine
a0f0897795
Allow 0.2.3.x clients to use 0.2.2.x bridges.
...
Previously the client would ask the bridge for microdescriptors, which are
only supported in 0.2.3.x and later, and then fail to bootstrap when it
didn't get the answers it wanted. Fixes bug 4013; bugfix on 0.2.3.2-alpha.
The fix here is to revert to using normal descriptors if any of our
bridges are known to not support microdescs. This is not ideal, a) because
we'll start downloading a microdesc consensus as soon as we get a bridge
descriptor, and that will waste time if we later get a bridge descriptor
that tells us we don't like microdescriptors; and b) by changing our mind
we're leaking to our other bridges that we have an old-version bridge.
The alternate fix would have been to change
we_use_microdescriptors_for_circuits() to ask if *any* of our bridges
can support microdescriptors, and then change the directory logic that
picks a bridge to only select from those that do. For people living in
the future, where 0.2.2.x is obsolete, there won't be a difference.
Note that in either of these potential fixes, we have risk of oscillation
if our one funny-looking bridges goes away / comes back.
2012-01-25 18:54:59 -05:00
Roger Dingledine
247a21379a
set SO_REUSEADDR before we bind, not after
...
resolves bug 4950 (fixes a bug on commit aba7bb705a
from #2850 )
2012-01-23 15:54:02 -05:00
Roger Dingledine
0cf873a083
bump to 0.2.3.11-alpha-dev
2012-01-23 02:34:01 -05:00
Sebastian Hahn
9ce9836f85
Use !SOCKET_OK to test if a socket is uninitialized
...
This fixes a compile warning on Windows. Fixes bug 4946, not in any
released version.
2012-01-23 02:07:03 +01:00
Roger Dingledine
2de0eeaa72
update comment to reflect our TOR_INVALID_SOCKET convention
2012-01-22 19:39:29 -05:00
Roger Dingledine
1543d1bd31
bump to 0.2.3.11-alpha
2012-01-22 02:52:38 -05:00
Nick Mathewson
26e789fbfd
Rename nonconformant identifiers.
...
Fixes bug 4893.
These changes are pure mechanical, and were generated with this
perl script:
/usr/bin/perl -w -i.bak -p
s/crypto_pk_env_t/crypto_pk_t/g;
s/crypto_dh_env_t/crypto_dh_t/g;
s/crypto_cipher_env_t/crypto_cipher_t/g;
s/crypto_digest_env_t/crypto_digest_t/g;
s/aes_free_cipher/aes_cipher_free/g;
s/crypto_free_cipher_env/crypto_cipher_free/g;
s/crypto_free_digest_env/crypto_digest_free/g;
s/crypto_free_pk_env/crypto_pk_free/g;
s/_crypto_dh_env_get_dh/_crypto_dh_get_dh/g;
s/_crypto_new_pk_env_rsa/_crypto_new_pk_from_rsa/g;
s/_crypto_pk_env_get_evp_pkey/_crypto_pk_get_evp_pkey/g;
s/_crypto_pk_env_get_rsa/_crypto_pk_get_rsa/g;
s/crypto_new_cipher_env/crypto_cipher_new/g;
s/crypto_new_digest_env/crypto_digest_new/g;
s/crypto_new_digest256_env/crypto_digest256_new/g;
s/crypto_new_pk_env/crypto_pk_new/g;
s/crypto_create_crypto_env/crypto_cipher_new/g;
s/connection_create_listener/connection_listener_new/g;
s/smartlist_create/smartlist_new/g;
s/transport_create/transport_new/g;
2012-01-18 15:53:30 -05:00
Nick Mathewson
d1b40cf2e7
Merge remote-tracking branch 'public/bug4533_part1'
...
Conflicts:
src/common/compat.h
2012-01-18 15:33:04 -05:00
Nick Mathewson
1772782e42
Merge remote-tracking branch 'origin/maint-0.2.2'
2012-01-18 15:29:41 -05:00
Nick Mathewson
ee717f35c4
Use tor_socket_t, not unsigned, in tor-fw-helper-natmp.c
2012-01-18 13:14:44 -05:00
Nick Mathewson
dd4b1a2ac6
Fix SOCKET_OK test on win64.
...
Bugfix on 0.2.2.29-beta; partial fix for 4533; found by wanoskarnet
2012-01-18 10:48:29 -05:00
Nick Mathewson
dea0720dad
Warn if sizeof(tor_socket_t) != sizeof(SOCKET)
2012-01-17 16:38:47 -05:00
Nick Mathewson
6e8c2a3e46
Use SOCKET_OK macros in even more places
...
Add a TOR_INVALID_SOCKET macro to wrap -1/INVALID_SOCKET.
Partial work for bug4533.
2012-01-17 16:35:07 -05:00
Roger Dingledine
1e923dd2fb
fix crash bug in original feature4207 branch
...
PLURAL() assumes that the plural is the canonical name for the option,
so now it is.
2012-01-16 21:20:46 -05:00
Nick Mathewson
47aa491f9f
Merge remote-tracking branch 'asn-mytor/bug4751'
2012-01-16 15:16:41 -05:00
Nick Mathewson
875a54dad3
Merge remote-tracking branch 'public/bug3325'
2012-01-16 15:10:38 -05:00
Nick Mathewson
5579bc0eaf
whitespace fixes
2012-01-16 15:07:47 -05:00
Nick Mathewson
9c29369a04
Convert instances of tor_malloc+tor_snprintf into tor_asprintf
...
These were found by looking for tor_snprintf() instances that were
preceeded closely by tor_malloc(), though I probably converted some
more snprintfs as well.
(In every case, make sure that the length variable (if any) is
removed, renamed, or lowered, so that anything else that might have
assumed a longer buffer doesn't exist.)
2012-01-16 15:03:44 -05:00
Nick Mathewson
cc02823d7f
Convert instances of tor_snprintf+strdup into tor_asprintf
...
These were found by looking for tor_snprintf() instances that were
followed closely by tor_strdup(), though I probably converted some
other snprintfs as well.
2012-01-16 15:03:13 -05:00
Nick Mathewson
edcc9981d8
Try to use smartlist_add_asprintf consistently
...
(To ensure correctness, in every case, make sure that the temporary
variable is deleted, renamed, or lowered in scope, so we can't have
any bugs related to accidentally relying on the no-longer-filled
variable.)
2012-01-16 15:02:51 -05:00
Nick Mathewson
9c6d913b9e
Rename smartlist_{v,}asprintf_add to smartlist_add_{v,}asprintf
2012-01-16 15:01:54 -05:00
Sebastian Hahn
88698993a9
check-spaces fix
2012-01-16 14:50:13 -05:00
Nick Mathewson
125fba2e99
Provide consensus params to constrain the threshold for Fast
...
resolves ticket 3946
2012-01-16 14:50:13 -05:00
Nick Mathewson
1810db9bb3
Comment fixups on 4207 suggested by arma
2012-01-16 14:45:12 -05:00
Nick Mathewson
938531773a
Allow authorities to baddir/badexit/invalid/reject nodes by cc
...
Implements ticket #4207
2012-01-13 12:28:47 -05:00
George Kadianakis
39850f03f6
Improve names of some pluggable transport-related functions.
2012-01-13 16:44:30 +02:00
Robert Ransom
fbd243a165
Don't crash when HS circs which have not yet found an OR conn time out
...
Fixes bug #4897 , not yet in any release.
Using n_circ_id alone here (and below, when n_conn is NULL) really sucks,
but that's a separate bug which will need a changes/ file.
2012-01-12 19:21:39 -08:00
Nick Mathewson
2cddd1d69f
Move logging of bad hostnames into parse_extended_hostname
...
This fixes bug 3325, where a bad .exit would get logged as a bad .onion
2012-01-11 15:56:14 -05:00
Nick Mathewson
411cf8f714
Make openssl 0.9.8l log message accurate
...
fixes 4837
2012-01-11 15:41:46 -05:00
Nick Mathewson
b8675e5fe3
Do not pretend to allow PADDING as the first cell of a v3 handshake
2012-01-11 12:34:28 -05:00
Nick Mathewson
f54a10caa6
Merge branch 'prop187_squashed'
2012-01-11 12:27:14 -05:00
Nick Mathewson
fa83397ecd
Fix a missing iso_time_nospace_usec
...
Apparently I missed a case when converting sec,usec to
yyyy-mm-ddThh:mm:ss.uuuuuu .
2012-01-11 12:23:43 -05:00
Nick Mathewson
f729e1e984
Merge branch 'feature3457-v4-nm-squashed'
...
Conflicts:
src/or/rendclient.c
2012-01-11 12:10:14 -05:00
Nick Mathewson
b5af456685
Use spaceless ISO8601 time format, not sec,usec.
2012-01-11 12:08:01 -05:00
Nick Mathewson
3826e058ac
Implement proposal 187: reserve a cell type for client authorization
...
This needs a changes file and more testing.
2012-01-11 11:10:18 -05:00
Nick Mathewson
ce703bd53e
defensive programming to catch duplicate calls to connection_init_or_handshake_state
2012-01-11 11:10:17 -05:00
Nick Mathewson
f371816209
Merge remote-tracking branch 'origin/maint-0.2.2'
2012-01-11 11:07:37 -05:00
Nick Mathewson
0126150c2d
Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
2012-01-11 11:07:13 -05:00
Nick Mathewson
8d5c0e58ea
Fix a compilation warning for our bug4822 fix on 64-bit linux
2012-01-11 11:06:31 -05:00
Nick Mathewson
c5b58df775
Add clarity/typesafety wrappers for control_event_circuit_status_minor
2012-01-11 10:28:20 -05:00
Nick Mathewson
0e911abf27
Rename CIRC2 to CIRC_MINOR
...
Also give the arguments to control_event_circuit_status_minor real
names.
2012-01-11 10:19:24 -05:00
Nick Mathewson
fe4811471d
Chop out the intro point calculation until it is simple enough for nickm to grok
2012-01-10 19:20:00 -05:00
Robert Ransom
31d6350737
Use my original formula for number of replacements for an intro point
...
A fixup commit which was intended to make this formula easier to read
broke it instead.
2012-01-10 19:20:00 -05:00
Nick Mathewson
5e9d349979
Merge remote-tracking branch 'public/bug4650_nm_squashed'
2012-01-10 17:59:49 -05:00
Nick Mathewson
73d4dbe103
whitespace and warning fixes for bug4746
2012-01-10 16:53:37 -05:00
Nick Mathewson
7fbf1e225e
Merge remote-tracking branch 'asn-mytor/bug4746'
2012-01-10 16:44:03 -05:00
Nick Mathewson
8d74fba651
Merge branch 'absolute_cookie_file'
2012-01-10 15:00:02 -05:00
Nick Mathewson
dca3c9fff8
Add missing documentation for counter-mode checks
2012-01-10 11:15:46 -05:00
Nick Mathewson
cc5c14b732
Clean up indentation in aes.c
2012-01-10 11:15:42 -05:00
Nick Mathewson
d29a390733
Test for broken counter-mode at runtime
...
To solve bug 4779, we want to avoid OpenSSL 1.0.0's counter mode.
But Fedora (and maybe others) lie about the actual OpenSSL version,
so we can't trust the header to tell us if it's safe.
Instead, let's do a run-time test to see whether it's safe, and if
not, use our built-in version.
fermenthor contributed a pretty essential fixup to this patch. Thanks!
2012-01-10 11:15:35 -05:00
Nick Mathewson
5741aef3dc
We no longer need to detect openssl without RAND_poll()
...
We require openssl 0.9.7 or later, and RAND_poll() was first added in
openssl 0.9.6.
2012-01-10 10:40:31 -05:00
Nick Mathewson
85c7d7659e
Add macros to construct openssl version numbers
...
It's a pain to convert 0x0090813f to and from 0.9.8s-release on the
fly, so these macros should help.
2012-01-10 10:40:30 -05:00
Sebastian Hahn
6b9298ef72
Log which votes we still need to fetch
...
This might help us see which authorities are problematic in getting
their vote published the first time.
2012-01-10 16:13:30 +01:00
Sebastian Hahn
50a50392b7
Advertise dirport if accountingmax is large enough
...
When we have an effective bandwidthrate configured so that we cannot
exceed our bandwidth limit in one accounting interval, don't disable
advertising the dirport. Implements ticket 2434.
2012-01-10 09:59:36 -05:00
Nick Mathewson
2a9b279163
Merge remote-tracking branch 'rransom-tor/bug4883'
2012-01-10 09:33:55 -05:00
Robert Ransom
72ed4a41f5
Fix brown-paper-bag bug in #4759 fix
...
Fixes #4883 , not yet in any release.
2012-01-09 22:03:04 -08:00
Sebastian Hahn
2367f7e559
Make sure MAX_DNS_LABEL_SIZE is defined
...
MAX_DNS_LABEL_SIZE was only defined for old versions of openssl, which
broke the build. Spotted by xiando. Fixes bug 4413; not in any released
version.
2012-01-10 06:14:35 +01:00
Nick Mathewson
b1ee1a719d
Tweaks for bug4413 fix
...
The thing that's limited to 63 bytes is a "label", not a hostname.
Docment input constraints and behavior on bogus inputs.
Generally it's better to check for overflow-like conditions before
than after. In this case, it's not a true overflow, so we're okay,
but let's be consistent.
pedantic less->fewer in the documentation
2012-01-09 19:14:51 -05:00
Stephen Palmateer
3fadc074ca
Remove (untriggerable) overflow in crypto_random_hostname()
...
Fixes bug 4413; bugfix on xxxx.
Hostname components cannot be larger than 63 characters.
This simple check makes certain randlen cannot overflow rand_bytes_len.
2012-01-09 19:05:05 -05:00
Nick Mathewson
1e5d66997b
Merge remote-tracking branch 'origin/maint-0.2.2'
2012-01-09 16:40:42 -05:00
Nick Mathewson
c78a314e95
Fix comment about TLSv1_method() per comments by wanoskarnet
2012-01-09 16:40:21 -05:00
Nick Mathewson
4e14ce4dba
Report cookie file location as absolute in protocolinfo message
2012-01-09 13:20:48 -05:00
Nick Mathewson
838ec086be
Merge remote-tracking branch 'origin/maint-0.2.2'
2012-01-09 12:22:29 -05:00
Nick Mathewson
6fd61cf767
Fix a trivial log message error in renservice.c
...
Fixes bug 4856; bugfix on 0.0.6
This bug was introduced in 79fc5217
, back in 2004.
2012-01-09 12:21:04 -05:00
Nick Mathewson
d4de312b3c
Merge remote-tracking branch 'rransom-tor/bug4842'
2012-01-09 11:59:08 -05:00
Roger Dingledine
ecdea4eeaf
Merge branch 'maint-0.2.2'
2012-01-08 12:17:16 -05:00
Roger Dingledine
cc1580dbe0
when the consensus fails, list which dir auths were in or out
2012-01-08 12:14:44 -05:00
Roger Dingledine
04bf17c50c
nickname, not identity fingerprint, will help more
2012-01-08 12:09:01 -05:00
Roger Dingledine
78e95b7b71
tell me who votes are actually for, not just where they're from
2012-01-08 10:03:46 -05:00
Roger Dingledine
1416dd47a9
add a note from wanoskarnet
...
he disagrees about what the code that we decided not to use would do
2012-01-08 09:03:03 -05:00
Roger Dingledine
19c372daf0
clean up a comment that confused arturo
2012-01-07 07:41:46 -05:00
Robert Ransom
b46a7ebb2b
Don't remove rend cpath element from relaunched service-side rend circs
...
Fixes bug 4842, not in any release.
2012-01-06 22:44:20 -08:00
Emile Snyder
d7eaa4b396
Change to use SSL_state_string_long() instead of homebrew ssl_state_to_string() function.
2012-01-06 05:31:34 -08:00
Nick Mathewson
ef69f2f2ab
Merge remote-tracking branch 'origin/maint-0.2.2'
2012-01-05 14:17:44 -05:00
Nick Mathewson
ccd8289958
Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
2012-01-05 14:16:30 -05:00
Robert Ransom
4752b34879
Log at info level when disabling SSLv3
2012-01-05 12:28:56 -05:00
Nick Mathewson
db78fe4589
Disable SSLv3 when using a not-up-to-date openssl
...
This is to address bug 4822, and CVE-2011-4576.
2012-01-05 12:28:55 -05:00
Roger Dingledine
9bfb8af265
Merge branch 'maint-0.2.2'
2012-01-05 06:55:34 -05:00
Roger Dingledine
a1074c7aa2
Merge branch 'maint-0.2.1' into maint-0.2.2
2012-01-05 06:45:28 -05:00
Roger Dingledine
ff03347579
note some dead code. if i'm right, should this be removed?
2012-01-05 05:37:06 -05:00
Karsten Loesing
1db1b23a7b
Update to the January 2012 GeoIP database.
2012-01-05 11:10:57 +01:00
Sebastian Hahn
98959f63ac
Disallow disabling DisableDebuggerAttachment on runnning Tor
...
Also, have tor_disable_debugger_attach() return a tristate of
success/failure/don't-know-how , and only log appropriately.
2012-01-04 15:09:02 -05:00
Nick Mathewson
65420e4cb5
Merge remote-tracking branch 'rransom-tor/bug1297b-v2'
2012-01-04 13:50:24 -05:00
Robert Ransom
0bd53b8d87
Verbotify documentation comments for the #1297-fix flags
2012-01-04 09:37:49 -08:00
Nick Mathewson
47b7a27929
Merge remote-tracking branch 'origin/maint-0.2.2'
2012-01-03 13:22:34 -05:00
Sebastian Hahn
5d9be49540
Fix a check-spaces violation in compat.c
...
Also fix a comment typo
2011-12-30 23:30:57 +01:00
Sebastian Hahn
d861b4cc9d
Fix spelling in a controlsocket log msg
...
Fixes bug 4803.
2011-12-30 23:27:02 +01:00
Nick Mathewson
bfae41328e
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-12-28 16:52:31 -05:00
Nick Mathewson
84bf8e3808
Merge remote-tracking branch 'public/bug4788' into maint-0.2.2
2011-12-28 16:50:45 -05:00
Nick Mathewson
9f06ec0c13
Add interface enumeration based on SIOCGIFCONF for older unixes
2011-12-28 16:34:16 -05:00
Nick Mathewson
5d44a6b334
Multicast addresses, if any were configured, would not be good if addrs
2011-12-28 16:34:16 -05:00
Nick Mathewson
aa529f6c32
Use getifaddrs, not connect+getsockname, to find our address
...
This resolves bug1827, and lets us avoid freaking people out.
Later, we can use it to get a complete list of our interfaces.
2011-12-28 16:34:16 -05:00
Nick Mathewson
e3a6493898
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-12-28 15:57:48 -05:00
Nick Mathewson
c563551eef
Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
2011-12-28 15:56:37 -05:00
Nick Mathewson
120a745346
Bug 4786 fix: don't convert EARLY to RELAY on v1 connections
...
We used to do this as a workaround for older Tors, but now it's never
the correct thing to do (especially since anything that didn't
understand RELAY_EARLY is now deprecated hard).
2011-12-28 15:54:06 -05:00
Robert Ransom
2b189a222b
Don't exit when marking a newly created _C_INTRODUCING circ for close
2011-12-28 09:02:14 -08:00
Nick Mathewson
9bcb187387
Authorities reject insecure Tors.
...
This patch should make us reject every Tor that was vulnerable to
CVE-2011-0427. Additionally, it makes us reject every Tor that couldn't
handle RELAY_EARLY cells, which helps with proposal 110 (#4339 ).
2011-12-27 21:47:04 -05:00
Nick Mathewson
78f43c5d03
Require openssl 1.0.0a for using openssl's ctr-mode implementation
...
Previously we required 1.0.0, but there was a bug in the 1.0.0 counter
mode. Found by Pascal. Fixes bug 4779.
A more elegant solution would be good here if somebody has time to code
one.
2011-12-27 20:31:23 -05:00
Robert Ransom
836161c560
Add an option to close HS service-side rend circs on timeout
2011-12-27 08:02:43 -08:00
Robert Ransom
f88c8ca8c9
Don't close HS service-side rend circs on timeout
2011-12-27 08:02:43 -08:00
Robert Ransom
078e3e9dd5
Add an option to close 'almost-connected' HS client circs on timeout
2011-12-27 08:02:43 -08:00
Robert Ransom
4b13c33c0c
Don't close HS client circs which are 'almost connected' on timeout
2011-12-27 08:02:42 -08:00
Nick Mathewson
334a0513de
Downgrade relay_early-related warning
2011-12-26 18:11:41 -05:00
Nick Mathewson
85d7811456
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-12-26 17:58:51 -05:00
Roger Dingledine
3aade2fab7
Merge remote-tracking branch 'nickm/prop110_v2'
2011-12-25 17:43:09 -05:00
Sebastian Hahn
da876aec63
Provide correct timeradd/timersup replacements
...
Bug caught and patch provided by Vektor. Fixes bug 4778.t
2011-12-25 23:19:08 +01:00
Robert Ransom
4c3a23b283
Look up the rend circ whose INTRODUCE1 is being ACKed correctly
...
This change cannibalizes circuit_get_by_rend_query_and_purpose because it
had exactly one caller.
2011-12-22 23:46:09 -08:00
Nick Mathewson
7cb804343b
Merge remote-tracking branch 'rransom/feature2411-v4'
2011-12-22 10:51:39 -05:00
Nick Mathewson
782b7f49d8
Fix bug2571: warn on EntryNodes set and UseEntryGuards disabled
2011-12-22 10:31:52 -05:00
Kamran Riaz Khan
a1c1fc72d1
Prepend cwd for relative config file paths.
...
Modifies filenames which do not start with '/' or '.' on non-Windows
platforms; uses _fullpath on Windows.
2011-12-22 10:17:48 -05:00
Nick Mathewson
2710a96ba4
Allow prop110 violations if AllowNonearlyExtend is set in consensus
2011-12-22 10:12:49 -05:00
Nick Mathewson
847541ce5d
Log what fraction of EXTEND cells have died for being non-early
2011-12-22 09:51:59 -05:00
Nick Mathewson
0187bd8728
Implement the last of proposal 110
...
Reject all EXTEND requests not received in a relay_early cell
2011-12-22 09:51:59 -05:00
Robert Ransom
66f77561c0
Mark each intro circ with the rend cookie sent in its INTRODUCE1 cell
...
Needed by fix for #4759 .
2011-12-22 06:45:45 -08:00
Nick Mathewson
878a684386
Merge remote-tracking branch 'public/bug4697'
2011-12-22 09:45:26 -05:00
Nick Mathewson
8cdeaedf86
Convert a couple of char[256]s into sockaddr_storage
2011-12-21 11:23:13 -05:00
Nick Mathewson
f75660958c
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-12-21 11:20:56 -05:00
Nick Mathewson
b5e6bbc01d
Do not even try to keep going on a socket with socklen==0
...
Back in #1240 , r1eo linked to information about how this could happen
with older Linux kernels in response to nmap. Bugs #4545 and #4547
are about how our approach to trying to deal with this condition was
broken and stupid. Thanks to wanoskarnet for reminding us about #1240 .
This is a fix for the abovementioned bugs, and is a bugfix on
0.1.0.3-rc.
2011-12-21 11:19:41 -05:00
Nick Mathewson
14127f226d
Merge remote-tracking branch 'asn-mytor/bug4531'
2011-12-20 14:40:16 -05:00
Nick Mathewson
26053bd7c9
Merge remote-tracking branch 'asn-mytor/bug4725_take2'
2011-12-20 14:28:31 -05:00
George Kadianakis
0cfdd88adb
Don't call tor_tls_set_logged_address till after checking conn->tls.
...
Fixes bug 4531.
2011-12-20 19:21:15 +01:00
Nick Mathewson
ba1766bc3f
Add explicit cast to make gcc happy
2011-12-20 11:19:57 -05:00
Nick Mathewson
4080ac9eee
Merge branch 'bug3825b-v8-squashed'
2011-12-20 11:15:49 -05:00
Robert Ransom
dae000735e
Adjust n_intro_points_wanted when a service's intro points are closed
2011-12-20 11:15:33 -05:00
Robert Ransom
46783eb6d7
Extract function to determine how many intros an intro point has handled
2011-12-20 11:15:31 -05:00
Nick Mathewson
e535c8a460
Tweak the haiku-support patches
2011-12-19 11:27:08 -05:00
Martin Hebnes Pedersen
d5e964731c
Fixed build with GCC < 3.3
...
Preprocessor directives should not be put inside the arguments
of a macro. This is not supported on older GCC releases (< 3.3)
thus broke compilation on Haiku (running gcc2).
2011-12-19 11:27:08 -05:00
Martin Hebnes Pedersen
f783a326b8
-lm should not be hardcoded.
...
On some platforms (Haiku/BeOS) libm lives in libcore.
Also added 'network' to the list of libraries to search for connect().
2011-12-19 11:27:08 -05:00
George Kadianakis
d05bc02192
Add an informative header on the 'keys/dynamic_dh_params' file.
2011-12-19 16:06:22 +01:00
George Kadianakis
539cb627f7
Server transports should be instructed to bind on INADDR_ANY by default.
2011-12-18 13:21:58 +01:00
Nick Mathewson
e5e50d86ca
Ignore all bufferevent events on a marked connection
...
Bug 4697; fix on 0.2.3.1-alpha
2011-12-17 14:06:10 -05:00
Nick Mathewson
37504b5efa
Merge remote-tracking branch 'asn-mytor/bug4726'
2011-12-17 12:49:15 -05:00
Peter Palfrader
f6b19ac79c
test_util_spawn_background_ok: fix expectation
...
test_util_spawn_background_ok() hardcoded the expected value
for ENOENT to 2. This isn't portable as error numbers are
platform specific, and particularly the hurd has ENOENT at
0x40000002.
Construct expected string at runtime, using the correct value
for ENOENT (closes : #4733 ).
2011-12-17 12:21:51 -05:00
Nick Mathewson
663913e5ca
Increment version in master to 0.2.3.10-alpha-dev
2011-12-16 12:09:42 -05:00
George Kadianakis
6d35f08e01
Doxygenize the file-level documentation of transports.c.
2011-12-16 11:01:56 +01:00
Nick Mathewson
1fbce83f8c
Bump version to Tor 0.2.3.10-alpha
2011-12-15 12:04:52 -05:00
Nick Mathewson
e402edd960
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-12-15 11:32:49 -05:00
Nick Mathewson
562c974ee7
Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
2011-12-15 11:28:44 -05:00
Nick Mathewson
9d0777839b
Add a fix for the buf_pullup bug that Vektor reported
2011-12-15 11:28:24 -05:00
Robert Ransom
d688a40a0e
Don't crash on startup of a dormant relay
...
If a relay is dormant at startup, it will call init_keys before
crypto_set_tls_dh_prime. This is bad. Let's make it not so bad, because
someday it *will* happen again.
2011-12-12 11:25:55 -08:00
Sebastian Hahn
e4cebb76c5
Fix compilation of natpmp-helper on non-windows
...
Fixes a small oversight in 5dbfb1b3e0
.
2011-12-10 03:25:40 +01:00
Robert Ransom
59b5379424
Remove comment complaining that we try to attach all streams to circs
...
It's inefficient, but the more efficient solution (only try to attach
streams aiming for this HS) would require far more complexity for a gain
that should be tiny.
2011-12-09 11:28:42 -05:00
Robert Ransom
832bfc3c46
Clear stream-isolation state on rend circs if needed to attach streams
...
Fixes bug 4655; bugfix on 0.2.3.3-alpha.
2011-12-09 11:28:42 -05:00
Robert Ransom
7b6b2d5fb8
Refactor stream attachment in circuit_has_opened
...
Put the 'try attaching streams, clear isolation state if possible, retry
attaching streams' loop in its own separate function, where it belongs.
2011-12-09 11:28:33 -05:00
Roger Dingledine
7a76994d62
bump to 0.2.3.9-alpha-dev
2011-12-08 16:25:36 -05:00
Roger Dingledine
d65f6ceee1
bump to 0.2.3.9-alpha
2011-12-08 04:53:12 -05:00
Roger Dingledine
97bd03661c
Merge remote-tracking branch 'sebastian/bug4672'
2011-12-08 04:45:59 -05:00
Roger Dingledine
ae07af564e
paint bug2474's fix a different neon color
...
this way people with 80-column logs may read more of the warning
2011-12-08 04:41:56 -05:00
Roger Dingledine
630337e762
Merge branch 'maint-0.2.2'
2011-12-08 04:40:30 -05:00
Roger Dingledine
0582746e0d
Merge branch 'maint-0.2.1' into maint-0.2.2
2011-12-08 04:40:15 -05:00
Karsten Loesing
ff2c9acbb3
Update to the December 2011 GeoIP database.
2011-12-08 09:55:44 +01:00
Sebastian Hahn
0f8026ec23
Some more check-spaces stuff
...
This re-applies a check-spaces fix that was part of
7920ea55b8
and got reverted along with the
rest of that commit in df1f72329a
.
2011-12-08 08:47:09 +01:00
Nick Mathewson
71ecfaa52f
indent; add comment
...
This re-applies 40a87c4c08
which got
accidentally reverted in 75134c6c86
.
Thanks asn for spotting this.
2011-12-08 08:45:24 +01:00
Sebastian Hahn
ee8b4b4e6e
appease check-spaces
...
This re-applies f77f9bddb8
which got
accidentally reverted in 53f535aeb8
.
Thanks asn for spotting this.
2011-12-08 08:43:32 +01:00
Nick Mathewson
8bb853b2a2
Merge remote-tracking branch 'public/revert_4312'
2011-12-07 21:12:20 -05:00
Roger Dingledine
299034edf5
clarify a debug line
2011-12-07 18:12:11 -05:00
Nick Mathewson
0ebcf345ce
Revert "Refactor the SSL_set_info_callback() callbacks."
...
This reverts commit 69a821ea1c
.
2011-12-06 19:49:21 -05:00
Nick Mathewson
9727d21f68
Revert "Detect renegotiation when it actually happens."
...
This reverts commit 4fd79f9def
.
2011-12-06 19:49:21 -05:00
Nick Mathewson
e09dd43ab3
Revert "Detect and deny excess renegotiations attempts."
...
This reverts commit ecd239e3b5
.
2011-12-06 19:49:21 -05:00
Nick Mathewson
021ff31ba6
Revert "Get rid of tor_tls_block_renegotiation()."
...
This reverts commit 340809dd22
.
2011-12-06 19:49:21 -05:00
Nick Mathewson
fa74af0cfa
Revert "Also handle needless renegotiations in SSL_write()."
...
This reverts commit e2b3527106
.
2011-12-06 19:49:20 -05:00
Nick Mathewson
45c46129ed
Revert "Fix issues pointed out by nickm."
...
This reverts commit e097bffaed
.
2011-12-06 19:49:20 -05:00
Nick Mathewson
616b60cef3
Revert "Use callback-driven approach to block renegotiations."
...
This reverts commit 406ae1ba5a
.
2011-12-06 19:49:20 -05:00
Nick Mathewson
53f535aeb8
Revert "appease check-spaces"
...
This reverts commit f77f9bddb8
.
2011-12-06 19:49:20 -05:00
Nick Mathewson
df1f72329a
Revert "Refactor tor_event_base_once to do what we actually want"
...
This reverts commit 7920ea55b8
.
2011-12-06 19:49:20 -05:00
Nick Mathewson
3a17a1a62f
Revert "Avoid a double-mark in connection_or_close_connection_cb"
...
This reverts commit 633071eb3b
.
2011-12-06 19:49:20 -05:00
Nick Mathewson
17880e4c0a
Revert "Fix some wide lines in tortls.c"
...
This reverts commit e8dde3aabd
.
2011-12-06 19:49:20 -05:00
Nick Mathewson
e83e720c8b
Revert "use event_free() wrapper; fix bug 4582"
...
This reverts commit 9a88c0cd32
.
2011-12-06 19:49:20 -05:00
Nick Mathewson
acc1806eb8
Revert "Don't schedule excess_renegotiations_callback unless it's set"
...
This reverts commit 617617e21a
.
2011-12-06 19:49:20 -05:00
Nick Mathewson
75134c6c86
Revert "indent; add comment"
...
This reverts commit 40a87c4c08
.
2011-12-06 19:49:20 -05:00
Nick Mathewson
135a5102a3
Revert "Make pending libevent actions cancelable"
...
This reverts commit aba25a6939
.
2011-12-06 19:49:20 -05:00
Nick Mathewson
50fd99d7ef
Revert "Set renegotiation callbacks immediately on tls inititation"
...
This reverts commit e27a26d568
.
2011-12-06 19:49:19 -05:00
Nick Mathewson
4f47db3280
Merge remote-tracking branch 'sebastian/coverity'
2011-12-05 11:56:03 -05:00
Nick Mathewson
15d99fe4eb
Add comment about bug4651 fix
2011-12-05 11:29:43 -05:00
Sebastian Hahn
60c330a251
cid 432: Remove dead code if we don't handle a consensus
...
Bugfix on 0.2.3.1, fixes the second half of bug 4637.
2011-12-04 17:36:23 +01:00
Robert Ransom
f5730d4698
Don't send two ESTABLISH_RENDEZVOUS cells when opening a new rend circ
2011-12-03 22:06:50 -08:00
Nick Mathewson
682a85ff7c
Don't just tell the controller "foo" on id mismatch
...
Fixes bug 4169; bugfix on 0.2.1.1-alpha.
2011-12-02 16:27:33 -05:00
Nick Mathewson
5303918091
Init conn->addr to "unspec" on cpuworker connections
...
Fixes bug 4532 reported by "troll_un"
2011-12-02 16:21:50 -05:00
Nick Mathewson
6171bdd105
Don't call tor_tls_set_logged_address till after checking conn->tls
...
Fixes bug 4531; partial backport of e27a26d5
.
2011-12-02 16:15:52 -05:00
Nick Mathewson
d9edee3a3b
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-12-02 16:10:17 -05:00
Nick Mathewson
2b5a035604
tor_accept_socket() should take tor_addr_t for listener arg
...
Fixes bug 4535; bugfix on 0.2.2.28-beta; found by "troll_un"
2011-12-02 16:09:16 -05:00
Nick Mathewson
f78fc8cfb4
Give DirAllowPrivateAddress an explicit default
...
By convention, we say whether each bool's default is 0 or 1
Fixes 4536; found by "troll_un"
2011-12-02 16:04:18 -05:00
Nick Mathewson
cf14a520c8
Resolve bug 3448: remove mention of tor-ops (which is not in use)
2011-12-02 15:42:15 -05:00
Nick Mathewson
0920cd02f4
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-12-02 15:38:29 -05:00
Nick Mathewson
b7015603fa
Fix bug 4530; check return val of tor_addr_lookup correctly
...
Fix on 0.2.1.5-alpha; reported by troll_un
2011-12-02 15:37:24 -05:00
Nick Mathewson
cd10013218
Merge remote-tracking branch 'sebastian/coverity_strlen_fp'
2011-12-02 00:24:33 -05:00
Sebastian Hahn
95af91565b
Work around a false positive in Coverity.
...
Fixes cid 501 and 502.
2011-12-02 06:16:57 +01:00
Sebastian Hahn
c811b8f3a0
Appease check-spaces
2011-12-02 06:16:57 +01:00
Robert Ransom
5ffa7102c0
Don't segfault when checking whether a not-yet-used intro point should expire
...
Found by katmagic. Bugfix on the #3460 branch, not yet in any release.
2011-12-01 15:26:45 -08:00
Linus Nordberg
c06c80b7f7
Fix warnings.
...
Remove environ declaration.
Use ORPort->value. And it's a string.
Make tmp a char *.
2011-12-01 09:40:47 +01:00
Nick Mathewson
d106caaadc
Add an initializer to appease older gcc
2011-11-30 18:08:07 -05:00
Murdoch@cl.cam.ac.uk
b0d3c6a878
Only define set_buffer_lengths_to_zero if bufferevents are enabled
...
Otherwise, on Windows, gcc will warn about the function being unused
2011-11-30 18:06:55 -05:00
Nick Mathewson
0530e80e5d
Merge remote-tracking branch 'sjmurdoch/bug1983-port-tor-fw-helper-to-windows'
2011-11-30 17:51:01 -05:00
Steven Murdoch
a65212e371
Make file descriptor type an unsigned integer
...
This avoids a warning from gcc (comparison between signed and unsigned
integer expressions [-Werror=sign-compare]), under Windows
2011-11-30 22:04:14 +00:00
Nick Mathewson
d04f21bf39
Merge branch 'feature2553-v4-rebased'
2011-11-30 14:54:33 -05:00
Arturo Filastò
db648fe886
Add some more documentation
2011-11-30 14:54:15 -05:00
Robert Ransom
c90c33fd53
Turn off LearnCircuitBuildTimeout when tor2web mode is on
2011-11-30 14:54:15 -05:00
Robert Ransom
328c9582a9
Add ifdefs to disable assertion in connection_ap_handshake_send_begin
2011-11-30 14:54:15 -05:00
Robert Ransom
a364f88477
Add ifdefs to disable #3332 assertions
2011-11-30 14:54:15 -05:00
Robert Ransom
826f1d5b0a
Use single-hop intro and rend circuits when in tor2web mode
2011-11-30 14:54:15 -05:00
Robert Ransom
29287ed0ed
Perform single-hop HS desc fetches when in tor2web mode
2011-11-30 14:54:15 -05:00
Robert Ransom
ebf524b48b
Don't allow tor2web-mode Tors to connect to non-HS addresses
...
The client's anonymity when accessing a non-HS address in tor2web-mode
would be easily nuked by inserting an inline image with a .onion URL, so
don't even pretend to access non-HS addresses through Tor.
2011-11-30 14:54:15 -05:00
Robert Ransom
5f3e6eb0b9
Warn loudly on startup and SIGHUP if Tor is built for a non-anonymous mode
2011-11-30 14:54:14 -05:00
Robert Ransom
543a36a55b
Add a compile-time #define to control whether Tor runs in 'tor2web mode'
...
The Tor2webMode torrc option is still required to run a Tor client in
'tor2web mode', but now it can't be turned on at runtime in a normal build
of Tor. (And a tor2web build of Tor can't be used as a normal Tor client,
so we don't have to worry as much about someone distributing packages with
this particular pistol accessible to normal users.)
2011-11-30 14:54:14 -05:00
Steven Murdoch
5dbfb1b3e0
Support NAT-PMP on Windows
...
- Link in libws32 and libiphlpapi, needed for libnatpmp (both in
./configure and when compiling tor-fw-helper-natpmp.c)
- Define STATICLIB under Windows, to allow tor-fw-helper-natpmp.c to link
- Don't include arpa/inet.h which isn't present in Mingw32 and doesn't
appear to be needed on either Windows or MacOS X
2011-11-30 19:46:38 +00:00
Nick Mathewson
3b88b63826
Merge branch 'bug933_nm_rebased_v2'
...
Conflicts:
src/test/test.c
2011-11-30 14:10:22 -05:00
Nick Mathewson
e8d598c4ac
Tweak addressmap_rewrite a little more
...
This resolves a loop warning on "MapAddress *.example.com
example.com", makes the rewrite log messages correct, and fixes the
behavior of "MapAddress *.a *.b" when just given "a" as an input.
2011-11-30 14:08:11 -05:00
Nick Mathewson
66859e2d4a
Fix an issue in my mapaddress domains code spotted by arma
...
MapAddress *.torproject.org torproject.org would have been interpreted
as a map from a domain to itself, and would have cleared the mapping.
Now we require not only a match of domains, but of wildcards.
2011-11-30 14:08:11 -05:00
Nick Mathewson
04c622d720
Add some post-comma spaces to please arma
...
Incidentally, we've got 30969 lines in master with a comma
in them, of which 1995 have a comma followed by a non-newline,
non-space character. So about 93% of our commas are right,
but we have a substantial number of "crowded" lines.
2011-11-30 14:08:11 -05:00