Commit Graph

626 Commits

Author SHA1 Message Date
Roger Dingledine
00aefaab6b think harder about my logic
svn:r6806
2006-07-22 07:19:11 +00:00
Roger Dingledine
2d6a4d283b i lied, that won't work at all. maybe this will.
svn:r6805
2006-07-22 07:15:34 +00:00
Roger Dingledine
444f096d2d more bulletproof reachability testing
svn:r6804
2006-07-22 05:29:31 +00:00
Roger Dingledine
9db7b2c068 Allow servers with no hostname or IP address to learn their IP address
by asking the directory authorities. This code only kicks in when you
would normally have exited with a "no address" error.

This design is flawed, though, since the X-Your-Address-Is header is not
authenticated, and doing it this way introduces too many new attacks. The
right answer is to give IP address hints inside the HELLO cell; much of
this code can be reused when we switch.


svn:r6774
2006-07-17 06:35:06 +00:00
Roger Dingledine
ee5f512e13 parameterize the loudness of resolve_my_address(), and call things
IP addresses, not IPs.


svn:r6764
2006-07-15 20:26:05 +00:00
Roger Dingledine
51454157a0 Fix a crash if you enable FascistFirewall but not FirewallPorts.
Reported by Frediano Ziglio.


svn:r6746
2006-07-08 17:38:46 +00:00
Nick Mathewson
a40ad152b1 When using eventdns: suppress logging of addresses when SafeLogging is active, and make set of nameservers configurable from torrc.
svn:r6744
2006-07-07 17:33:30 +00:00
Roger Dingledine
fad85f173a when an exit node gets a malformed begin cell, don't complain to
the node operator, since he can't do anything about it.


svn:r6733
2006-07-06 02:44:07 +00:00
Roger Dingledine
98c6bf6192 oops, we were ignoring options->ExcludeNodes when picking entry guards.
it is still the case that we ignore it with respect to entry guards
that we've already picked.


svn:r6726
2006-07-04 20:25:17 +00:00
Roger Dingledine
cbc4cd93ac allow people to start their tor with runasdaemon set but
with no logs set at all.


svn:r6604
2006-06-12 06:03:15 +00:00
Roger Dingledine
889b8d5bac Add a new config option TestVia, that lets you specify preferred middle
hops to use for testing circuits. Perhaps this will let me debug the
reachability problem better.


svn:r6581
2006-06-10 00:26:39 +00:00
Roger Dingledine
11dcb7f4ae try a better string at the top of torrc's autogenerated torrc.
svn:r6569
2006-06-09 02:20:42 +00:00
Roger Dingledine
91bd12c20d re-enable per-connection rate limiting. get rid of the "OP bandwidth"
concept. lay groundwork for "bandwidth classes" -- separate global
buckets that apply depending on what sort of conn it is.


svn:r6563
2006-06-07 09:18:53 +00:00
Nick Mathewson
853e2d99b6 Add a new warning to our "warn a lot" list: unused parameters. This means we have to explicitly "use" unuseds, but it can catch bugs. (It caught two coding mistakes so far.)
svn:r6532
2006-06-04 22:42:13 +00:00
Roger Dingledine
6066d68ac3 make options->RedirectExit work again; resolve bug 293.
svn:r6492
2006-05-24 11:13:03 +00:00
Roger Dingledine
13c4590dd1 ignore RunAsDaemon more thoroughly when we're running on windows.
svn:r6471
2006-05-23 07:04:55 +00:00
Nick Mathewson
7484ca06a5 [Forward-port ]Test and document last patch.
svn:r6400
2006-04-18 03:51:18 +00:00
Nick Mathewson
0df40a393b [forward-port] Implement an option, VirtualAddrMask, to set which addresses get handed out in response to mapaddress requests. Needs testing and docs!
svn:r6398
2006-04-18 03:36:28 +00:00
Roger Dingledine
64041d2dbf ok, put moria1 back in, since it's v1 and thus we need to send
our rendezvous descriptors to it.

eventually we might make a 'v1only' tag that explains it's only
for rendezvous descriptors.


svn:r6382
2006-04-11 14:12:04 +00:00
Roger Dingledine
e720cc6589 drop moria1 from the list of authorities.
svn:r6381
2006-04-10 21:40:43 +00:00
Peter Palfrader
beb9e0721a Stop assuming every authority is a v1 authority
svn:r6377
2006-04-10 21:29:29 +00:00
Roger Dingledine
12d461a245 make DirFetchPeriod and StatusFetchPeriod truly obsolete.
svn:r6373
2006-04-10 20:16:46 +00:00
Nick Mathewson
1064bbc62a Fix a wide line
svn:r6357
2006-04-10 08:05:00 +00:00
Roger Dingledine
ed38f46ebc lower the minimum required number of fd's to 1000, so we can
have some overhead for valgrind on linux, where the default
ulimit -n is 1024.


svn:r6338
2006-04-09 10:28:00 +00:00
Roger Dingledine
a589650496 i like the name FetchUselessDescriptors better.
svn:r6327
2006-04-08 21:48:14 +00:00
Roger Dingledine
2a94c8b493 add a new config option FetchUselessRouters, off by default, for
when you plan to run "exitlist" on this client and you want to know
about even the non-running descriptors.


svn:r6326
2006-04-08 21:35:17 +00:00
Roger Dingledine
b5737aab91 add dizum as the fifth authoritative directory server.
svn:r6323
2006-04-08 21:03:49 +00:00
Nick Mathewson
5d466b7611 Fix a couple of things that make GCC complain with verbose warnings on. Also, fix some whitespace.
svn:r6317
2006-04-08 05:43:52 +00:00
Roger Dingledine
1e04b70d49 make NoPublish (even though deprecated) work again.
svn:r6287
2006-04-02 02:59:48 +00:00
Roger Dingledine
6f08d121d9 Refactor and consolidate addr/exit policies into a new policies.c.
Fix some minor bugs and memory leaks along the way.


svn:r6246
2006-03-27 02:25:34 +00:00
Roger Dingledine
e1c8e3ca6e also send syntax and parse errors back to the controller.
svn:r6242
2006-03-26 08:09:19 +00:00
Roger Dingledine
b899b9592a When the controller's *setconf commands fail, collect an error message
in a string and hand it back. This starts to resolve bug 275.


svn:r6241
2006-03-26 06:51:26 +00:00
Peter Palfrader
e90bebf27b Say private address instead of internal address.
Both are wrong or at least not entirely correct but nobody would
understand "special-use address as listed in RFC3330" I guess.


svn:r6236
2006-03-25 21:24:28 +00:00
Roger Dingledine
216e349cb2 parameterize two more timeout constants in circuit-land.
svn:r6220
2006-03-22 00:52:37 +00:00
Roger Dingledine
ad236d4b8b freeing is not the same as setting to null
svn:r6219
2006-03-22 00:03:51 +00:00
Roger Dingledine
28fafb9022 new config option SocksTimeout: How long do we let a socks connection
wait unattached before we fail it?

Use this value for controller socks timeout, for normal socks
timeout, and for hidden-service socks timeout.


svn:r6217
2006-03-21 23:27:43 +00:00
Roger Dingledine
f11509e494 when upgrading to newer versions, throw away entry guards
picked by the old wrong algorithms.


svn:r6215
2006-03-21 23:06:47 +00:00
Roger Dingledine
0e68ec0846 put lefkada on port 80, officially.
svn:r6209
2006-03-21 16:57:03 +00:00
Roger Dingledine
415c9e878a add lefkada as a fourth auth dir server.
svn:r6205
2006-03-21 04:41:20 +00:00
Roger Dingledine
d8195e4128 Implement Jason Holt's SafeSocks config option.
Also put a URL in the warning message for unsafe socks4 use --
previously we'd only had the URL for unsafe socks5 use. Oops.


svn:r6190
2006-03-19 01:44:53 +00:00
Roger Dingledine
c06e6ddadd Finish the transition from the word 'verified' to the words
'named' and 'valid'.


svn:r6188
2006-03-19 01:21:59 +00:00
Roger Dingledine
868d456c3b make it so there is one place to edit for new dirservers, not two.
svn:r6186
2006-03-18 22:37:27 +00:00
Roger Dingledine
4f14826cb3 Actually, only v1 auth dir servers need to define recommendedversions.
But versioning dirservers do need to cause recommendclientversions
and recommendedserverversions to somehow be non-empty.


svn:r6181
2006-03-17 23:25:40 +00:00
Roger Dingledine
c7839a17f5 when we're an auth dir server but don't claim to be a versioning
auth dir server, don't demand that we define RecommendedVersions.


svn:r6180
2006-03-17 23:21:42 +00:00
Roger Dingledine
51fc6799ad right now we don't support entryguards on auth dirservers,
but that doesn't mean we need to remind them every time
they start up.


svn:r6179
2006-03-17 23:19:51 +00:00
Nick Mathewson
053411e827 Comments: cleanups and additions.
svn:r6174
2006-03-17 05:50:41 +00:00
Peter Palfrader
866f6293ff I wonder what an internal internet protocol is
svn:r6159
2006-03-14 22:52:20 +00:00
Peter Palfrader
86a964d868 When we try to be a server and Address is not explicitly set
and our hostname resolves to a private IP address, try
to use an interface address if it has a public address.


svn:r6158
2006-03-14 22:51:15 +00:00
Peter Palfrader
ebfb3fea6d Fix minor semantic error with no real effect:
we were doing "is_internal_IP(htonl(in.s_addr))" but in.s_addr is
in network order and is_internal_IP wants host order.  Change to
"is_internal_IP(ntohl(in.s_addr))".


svn:r6155
2006-03-13 19:09:52 +00:00
Nick Mathewson
bd8ffccae7 More cleanups noticed by weasel; also, remove macros that nobody uses.
svn:r6143
2006-03-12 23:31:16 +00:00
Nick Mathewson
474c60b743 Cleanup on time-relaqted constants. New conventions:
1) Surround all constants by (parens), whether we'll be using them
     in a denominator or not.
  2) Express all time periods as products (24*60*60), not as multiplied-out
     constants (86400).
  3) Comments like "(60*60) /* one hour */" are as pointless as comments
     like "c = a + b; /* set c to the sum of a and b */".  Remove them.
  4) All time periods should be #defined constants, not given inline.
  5) All time periods should have doxygen comments.
  6) All time periods, unless specified, are in seconds.  It's not necessary
     to say so.

To summarize, the old (lack of) style would allow:

  #define FOO_RETRY_INTERVAL 60*60 /* one hour (seconds) */
  next_try = now + 3600;

The new style is:

  /** How often do we reattempt foo? */
  #define FOO_RETRY_INTERVAL (60*60)

  next_try = now + RETRY_INTERVAL;


svn:r6142
2006-03-12 22:48:18 +00:00
Roger Dingledine
98476c71d2 make tor --verify-config closer to working
svn:r6137
2006-03-12 20:46:00 +00:00
Roger Dingledine
0bd46086c3 fix bug reported by gozu: if we get a linelist or linelist_s
config option from the torrc and it has no value, warn and
skip rather than silently resetting it to its default.


svn:r6125
2006-03-11 18:40:33 +00:00
Nick Mathewson
5777ee0e1a Add some functions to escape values from the network before sending them to the log. Use them everywhere except for routerinfo->plaftorm, routerinfo->contact_info, and rend*.c. (need sleep now)
svn:r6087
2006-03-05 09:50:26 +00:00
Nick Mathewson
6a4e304d9e Allow private:* in routerdescs; not generated yet (because older Tors do not understand it); needs testing.
svn:r6086
2006-03-05 05:27:59 +00:00
Roger Dingledine
498c13b4df make the NoPublish option obsolete.
svn:r6052
2006-02-20 01:21:48 +00:00
Roger Dingledine
276a7bd038 the other half of fixing bug 257. catch an error in more places.
svn:r6050
2006-02-20 01:06:27 +00:00
Roger Dingledine
57bcdcecf1 try to address bug 257: if rename() fails during saveconf, tell
the controller.


svn:r6049
2006-02-19 23:12:26 +00:00
Roger Dingledine
6a52867846 New config options to address bug 251:
FetchServerDescriptors and FetchHidServDescriptors for whether
to fetch server info and hidserv info or let the controller do it,
and also PublishServerDescriptor and PublishHidServDescriptors.

Add AllDirActionsPrivate undocumented option -- if you set it, you'll
need the controller to bootstrap you enough to build your first circuits.


svn:r6047
2006-02-19 22:02:02 +00:00
Roger Dingledine
266254f42b clean up the Reachable*Addresses changes
svn:r6041
2006-02-19 08:31:47 +00:00
Roger Dingledine
a9fcf4ced2 this is why you're not supposed to cut-and-paste code
svn:r6037
2006-02-18 06:46:01 +00:00
Peter Palfrader
aa5443551d Make it compile with VC7. It does not yet link.
svn:r6033
2006-02-18 02:02:21 +00:00
Peter Palfrader
0cc2390f8c Warn if ReachableAddresses is set when also ReachableDirAddresses and ReachableORAddresses are set.
svn:r6010
2006-02-13 22:29:37 +00:00
Peter Palfrader
5eea6c76df Split ReachableAddresses into ReachableDirAddresses and ReachableORAddresses
svn:r6009
2006-02-13 21:17:20 +00:00
Roger Dingledine
d113b75da6 more log conversions.
whee.


svn:r6003
2006-02-13 09:02:35 +00:00
Roger Dingledine
7d80921afa resolve too-long-lines
svn:r6001
2006-02-13 08:22:57 +00:00
Nick Mathewson
2a4555fedd Style on config_addr_policy_intersectes, which looks ok to me.
svn:r5998
2006-02-13 07:16:32 +00:00
Roger Dingledine
350313d77a Let the users set ControlListenAddress in the torrc.
This can be dangerous, but there are some cases (like a secured
LAN) where it makes sense.


svn:r5997
2006-02-13 06:25:16 +00:00
Peter Palfrader
6c4d873591 Compress exit policies even more. please review
svn:r5995
2006-02-13 01:54:31 +00:00
Nick Mathewson
dba155ecff Generate 18.0.0.0/8 address policy format in descs when we can; warn when the mask is not reducible to a bit-prefix.
svn:r5991
2006-02-12 23:58:22 +00:00
Nick Mathewson
98ec124c6a Drop redundant exit policy entries, not just identical ones.
svn:r5987
2006-02-12 22:59:38 +00:00
Nick Mathewson
e7b2d5cd47 Retain unrecognized options in state file, so that we can be forward-compatible.
svn:r5985
2006-02-12 22:28:30 +00:00
Roger Dingledine
b5ac6fc707 more helpful log message when running servers on obsolete windows.
svn:r5975
2006-02-12 00:14:58 +00:00
Roger Dingledine
094ccd34a9 bump up the period for forcing a hidden service descriptor upload
from 20 minutes to 1 hour.


svn:r5972
2006-02-12 00:12:36 +00:00
Roger Dingledine
981815146a compress exit policies even more -- look for duplicate lines
and remove them.


svn:r5971
2006-02-12 00:03:06 +00:00
Roger Dingledine
6c093a17a9 bugfix in config_cmp_addr_policies() -- we were treating a pair
of exit policies if they were equal even if one said accept and
the other said reject.


svn:r5970
2006-02-11 23:47:24 +00:00
Nick Mathewson
f1b91924b2 Keep running if we ask for an impossible stdout log; just warn.
svn:r5964
2006-02-11 21:56:03 +00:00
Nick Mathewson
91847124bf Warn if running obsolete windows as a server.
svn:r5961
2006-02-11 21:26:40 +00:00
Roger Dingledine
5f051574d5 Happy new year!
svn:r5949
2006-02-09 05:46:49 +00:00
Nick Mathewson
97bff8edaa Fix a const-non-const warning
svn:r5923
2006-02-06 04:55:27 +00:00
Roger Dingledine
92ef9e37e7 Add a new config option ExitPolicyRejectPrivate which defaults to 1.
This means all exit policies will begin with rejecting private addresses,
unless the server operator explicitly turns it off.

Also, make our code to remove redundancies in the exit policy smarter,
so it can detect "reject foo, reject bar, reject *" patterns.

Lastly, we can get rid of the "exit policy implicitly accepts" code,
since we make everything more explicit now.


svn:r5888
2006-02-01 03:53:52 +00:00
Roger Dingledine
f8b9a8d457 bump the default bandwidthrate to 3 MB, and burst to 6 MB
svn:r5874
2006-01-28 08:28:15 +00:00
Roger Dingledine
21be9dc3c0 when you tried to set orport through the controller, it would
trigger an assert because you hadn't made your onion keys yet
you wanted to launch cpu workers.

now init keys first, reset uptime, and tell the user that we're
starting the reachability testing.


svn:r5835
2006-01-17 04:01:32 +00:00
Roger Dingledine
f0d4b3d18f turn crypto hardware acceleration off by default, until we find
somebody smart who can test it for us.


svn:r5829
2006-01-16 20:08:33 +00:00
Nick Mathewson
c562ca494a add missing warning
svn:r5806
2006-01-11 20:09:37 +00:00
Nick Mathewson
fefa34d525 Fix double-free of torrc_fname
svn:r5805
2006-01-11 20:01:47 +00:00
Nick Mathewson
adbe0f0ada Fix bug 240: dont dump descriptions when not dumping actual config lines.
svn:r5804
2006-01-11 19:43:14 +00:00
Nick Mathewson
099b9ce2f9 Fix bug 230: add a rollback function to reverse all changes since the last mark_logs_temp(), and move log initialization into the two-phase part of option setting.
svn:r5803
2006-01-11 19:40:14 +00:00
Nick Mathewson
d60faa7c93 Fix another memleak. I love you, valgrind!
svn:r5794
2006-01-11 04:09:40 +00:00
Roger Dingledine
d1baa0c4a6 we were leaking 3KB every time the entry guards changed, every time
the controller called saveconf, and every 20 minutes.


svn:r5788
2006-01-11 03:20:53 +00:00
Roger Dingledine
8f271f2f5a we changed the name of AccountingBytesReadInInterval
change its state file description too


svn:r5785
2006-01-10 23:26:59 +00:00
Roger Dingledine
7d1f675c85 entry nodes are now entry guards.
this is our last easy chance for a wholesale change. heave ho.


svn:r5782
2006-01-10 22:42:44 +00:00
Roger Dingledine
b2d79f278b or_state_validate() needs an extra arg too or it will crash
svn:r5772
2006-01-10 20:38:33 +00:00
Roger Dingledine
f4299f0f44 hack to address bug 238.
needs a better fix, but not for 0.1.1.11.


svn:r5771
2006-01-10 20:27:47 +00:00
Roger Dingledine
f71273c216 fix bug 235
svn:r5768
2006-01-10 20:06:24 +00:00
Nick Mathewson
7fc62029d4 Refuse to use RunAsDaemon when torrc is a relative path. Fixes bug 229.
svn:r5767
2006-01-10 20:00:20 +00:00
Roger Dingledine
f88fa3efc1 helper nodes are dead
svn:r5743
2006-01-07 00:41:50 +00:00
Nick Mathewson
65f76bad4f Add descriptions for state variables; rename AccountingBytesRead{In}Interval; remove extraneous and unused struct member.
svn:r5739
2006-01-06 15:43:03 +00:00
Roger Dingledine
c5a5161fb5 prevent auth dir servers from enabling entry nodes.
svn:r5702
2006-01-02 08:40:58 +00:00
Roger Dingledine
358052416d bugfix: only try to use the EntryNodes config option if it is set.
svn:r5701
2006-01-02 05:14:21 +00:00