Commit Graph

781 Commits

Author SHA1 Message Date
Roger Dingledine
7562a62ef0 Get rid of the notion of a separate default default exit policy.
Create ExitPolicyPrepend config parameter, to customize the default
exit policy.


svn:r1103
2004-02-18 03:56:12 +00:00
Roger Dingledine
c9d9b9b2a7 we define some big constant arrays but don't use them
svn:r1102
2004-02-18 03:17:35 +00:00
Roger Dingledine
3456adec31 adding the reattach-after-timeout feature wasn't so easy after all.
maybe it works now.


svn:r1101
2004-02-18 01:21:20 +00:00
Roger Dingledine
39efb0ed52 retry streams where the connected cell hasn't arrived in 15 seconds
svn:r1100
2004-02-17 21:07:15 +00:00
Nick Mathewson
72568d2620 Another case of the same.
svn:r1099
2004-02-17 08:52:57 +00:00
Nick Mathewson
bab6c0a332 Fix the Big Bug in router_compare_addr_to_exit_policy: we used port 0
to mean "unknown port".  But no exit policy supports (nonexistant)
port 0, except accept *:*, and we had no special handling for 'unknown port'.

Now we do.


svn:r1098
2004-02-17 08:52:03 +00:00
Roger Dingledine
46ffc5984d best_support_idx is obsolete
(also doesn't fix the bug)


svn:r1097
2004-02-17 08:42:25 +00:00
Nick Mathewson
bd14023afd Propagate yes/no/maybe a little farther forward.
svn:r1096
2004-02-17 08:29:22 +00:00
Roger Dingledine
d081d1d061 make braces cleaner, bug still persists
svn:r1095
2004-02-17 08:10:07 +00:00
Nick Mathewson
61756b5893 Fix router_compare_addr_to_exit_policy, and name its return codes. The bug was: "maybe reject,accept" should be "maybe", not "accept".
svn:r1093
2004-02-17 07:56:33 +00:00
Roger Dingledine
d508a194f7 Let paranoid exit nodes (which default to reject) be exit nodes
Before we resolve the hostname, we don't know whether its IP will                        be accepted or rejected by the exit policy of each host. So we                           were only going with nodes that would certainly accept -- which
was just itys and poblano.

(This bug was hidden until now by the earlier port bug.)

(Actual bugfix pending on Nick's next commit, hopefully.)


svn:r1092
2004-02-17 07:45:44 +00:00
Roger Dingledine
1801bd7592 prevent picking middleman nodes as the last node in the circuit
svn:r1088
2004-02-17 06:39:20 +00:00
Roger Dingledine
a8d8b82662 install the 'tor' binary to usr/sbin by default
svn:r1082
2004-02-17 04:48:01 +00:00
Nick Mathewson
17adfa9dfd log when exit situation is hopeless.
svn:r1057
2004-02-04 22:35:58 +00:00
Roger Dingledine
f00dc6fe1e last minute fix: don't early-flush non-tls streams
e.g., this breaks directory service


svn:r1033
2004-01-31 00:36:00 +00:00
Roger Dingledine
f6f9b1d94d for perf testing, paths are always 3 hops, not "3 or more"
svn:r1030
2004-01-30 23:43:17 +00:00
Roger Dingledine
e05d39d1af fix a per-circuit memory leak
svn:r1029
2004-01-30 21:32:40 +00:00
Nick Mathewson
a81435c64e Another related leak
svn:r1028
2004-01-30 21:16:51 +00:00
Nick Mathewson
e4ad1f1629 Freeing twice does *not* make the heap twice as clean.
svn:r1027
2004-01-30 21:05:47 +00:00
Nick Mathewson
88b579dd33 Fix a bug that might have caused the leak, but which might have been hiding other bugs.
svn:r1026
2004-01-30 20:59:15 +00:00
Nick Mathewson
6c3f55526a Fix possible (but unlikely) mem leak.
svn:r1025
2004-01-30 20:38:08 +00:00
Roger Dingledine
7651b09c8a finally locate the memory leak,
plus commit a patch that doesn't fix it
(but doesn't hurt? i dunno)


svn:r1024
2004-01-30 20:33:04 +00:00
Roger Dingledine
afdaff63ef turn some knobs, add more debugging
svn:r1023
2004-01-30 19:31:39 +00:00
Roger Dingledine
b42b16357f note an assert trigger, if you use an old broken netscape socks4
svn:r1022
2004-01-30 15:15:11 +00:00
Roger Dingledine
deda0d93dd Let AP edges receive 'end' relay cells while waiting for 'connected'
svn:r1012
2004-01-20 18:17:43 +00:00
Roger Dingledine
3516ae1a26 add an ap_conn connecting state; report connecting delay
svn:r1011
2004-01-20 09:21:46 +00:00
Roger Dingledine
61723a1f69 small default route when doing speed testing
svn:r1010
2004-01-20 03:12:46 +00:00
Roger Dingledine
f5ebf4c712 push out a tls record's worth of data once you've got it
svn:r1009
2004-01-20 02:14:51 +00:00
Roger Dingledine
585c2efe87 add TOR_PERF macro options
svn:r1008
2004-01-20 02:14:30 +00:00
Roger Dingledine
c12a6f58b5 fix typo
svn:r1007
2004-01-20 02:14:12 +00:00
Roger Dingledine
fb81a32c68 setuid to User _before_ complaining about running as root
svn:r1006
2004-01-19 06:12:32 +00:00
Roger Dingledine
522982f8e9 fix assert trigger in server
Jan 18 04:11:43.312 [warn] connection_edge_send_command(): no circ. Closing.

i think it was while sending a connected relay cell back.
reason for having the circ gone is still not known. presumably the end cell
arrived at just the right time.


svn:r1005
2004-01-19 04:58:39 +00:00
Roger Dingledine
561c6236af fix some errors in logs and comments
svn:r999
2004-01-16 08:27:17 +00:00
Nick Mathewson
793c65e60f Note discrepency between N bytes transmitted over TLS and actual bandwidth use; add 2 functions to help resolve.
svn:r986
2004-01-13 01:19:02 +00:00
Roger Dingledine
b669b1d57c oh, and make it compile
still need to make a decision about per-connection rate limiting
(take it out? update it?)


svn:r984
2004-01-11 07:41:01 +00:00
Roger Dingledine
5086300815 split the token bucket into 'rate' and 'burst' params
we're not entirely migrated to burst yet, for backward compatibility

note some win32 probable-bugs

clean up routerlist.c


svn:r982
2004-01-10 23:40:38 +00:00
Roger Dingledine
db0c27b362 resolve cygwin warnings for pre19
svn:r981
2004-01-08 22:48:18 +00:00
Roger Dingledine
c485725c5a Fix the dns bug: children weren't dying
We were telling a child to die by closing the parent's file descriptor
to him. But newer children were inheriting the open file descriptor from
the parent, and since they weren't closing them, the socket never closed,
so the child never read eof, so he never knew to exit.

As a side effect to this bug, we were probably failing to properly close
connections to remote hosts, ORs, and OPs, after a dns child was born.

I'm surprised Tor worked at all.


svn:r974
2004-01-06 07:53:40 +00:00
Roger Dingledine
d6ce65afd6 the onionskin challenge length was 30 bytes longer than necessary
(i think ;)


svn:r971
2004-01-05 05:23:03 +00:00
Roger Dingledine
607078cf70 print an entry at the top of the logfile so you know it's working
clean up a minor bug in a debugfile log entry


svn:r970
2004-01-05 05:22:04 +00:00
Nick Mathewson
cacacfe2b1 Integrate new daemon code, adapted from submission by christian grothoff
svn:r969
2004-01-03 22:40:49 +00:00
Roger Dingledine
53061b3778 fix endian issue: rh.integrity was getting sent wrong
now it's a char[4] rather than an int


svn:r966
2004-01-02 09:03:38 +00:00
Roger Dingledine
c2e37901be stop a bug that straycat may have found
svn:r964
2004-01-01 07:01:09 +00:00
Roger Dingledine
8085235e5f make loglevel info less noisy
svn:r961
2003-12-30 22:49:35 +00:00
Roger Dingledine
f3fdbadfdf randomize the initial circ_id and stream_id, so an adversary who
breaks in part-way through can't learn how many circs/streams have
been made


svn:r960
2003-12-28 04:46:09 +00:00
Roger Dingledine
71739b486a back out the insert-padding-if-conflict code
use recognized + digest instead, just assume it's enough bits


svn:r959
2003-12-26 06:29:57 +00:00
Roger Dingledine
43fcb70bad checkpoint: revamp relay cell packaging and handling
include the infrastructure for inserting padding cells when there's
a relay-recognized conflict, but it does not work currently.


svn:r958
2003-12-23 07:45:31 +00:00
Roger Dingledine
bc8c6732cb add crypto_cipher_rewind to reverse crypto_cipher_advance
svn:r957
2003-12-23 07:43:05 +00:00
Roger Dingledine
55a94cd497 correct a warn message in mark_if_closed
svn:r956
2003-12-23 07:42:01 +00:00
Roger Dingledine
ad93c0a2bd make sure there's no conflict when generating stream_ids
svn:r955
2003-12-19 21:25:44 +00:00
Roger Dingledine
a5e6ec244f rename circ_id_t to uint16_t for code clarity
change message when using non-recommended tor version


svn:r954
2003-12-19 19:55:02 +00:00
Roger Dingledine
45a66c6955 make a relay_header_t struct and pack/unpack funcs
split 7-byte stream_id string into 2-byte recognized and 2-byte stream_id
fix two seg faults in fetch_from_buf_http
fix several lurking seg faults in handling unexpected relay cells

still need to
 * clean up relay_crypt
 * use relay dummies if there's going to be a conflict with rh.recognized
 * check for a conflict when generating stream_ids


svn:r953
2003-12-19 05:09:51 +00:00
Roger Dingledine
eb730c41c8 clean tabs, trailing whitespace
svn:r952
2003-12-17 21:14:13 +00:00
Roger Dingledine
6a19e64066 remove trailing whitespace
svn:r951
2003-12-17 21:09:31 +00:00
Roger Dingledine
5ecd6b6bad make fetch_from_buf_http malloc its strings rather
than use fixed-size strings

reorganize directory_handle_command so it'll be easier to do more with
our directory servers


svn:r950
2003-12-17 09:42:28 +00:00
Roger Dingledine
4a1e05de51 betcha didn't know strncpy could leave an unterminated string
svn:r949
2003-12-17 09:20:29 +00:00
Roger Dingledine
aba237e3e2 end-to-end integrity checking now works
initialize digests from shared secrets at handshake
make circuit_send_next_onion_skin use connection_edge_send_command


svn:r948
2003-12-17 05:58:30 +00:00
Roger Dingledine
389eb48690 document an openssl gotcha
svn:r947
2003-12-17 05:31:52 +00:00
Roger Dingledine
21cc01299b infrastructure for integrity-checks in relay cells
make circuit_consider_sending_sendme use connection_edge_send_command
fix endian bug in relay length handling (maybe)


svn:r946
2003-12-16 22:56:50 +00:00
Roger Dingledine
4e50f79b11 resolve an edge case in get_unique_circ_id_by_conn
svn:r944
2003-12-16 20:45:10 +00:00
Roger Dingledine
8712a30e91 move cell size to 512 bytes
move length to 2 bytes, put it in the relay header
remove 4 reserved bytes in cell
add 4 bytes to relay header for the integrity check


svn:r942
2003-12-16 09:48:17 +00:00
Roger Dingledine
961ecf7abf add H(K|1) to the onionskin reply
verify it at the client end
abstract the onionskin handshake lengths

breaks backward compatibility (again)


svn:r941
2003-12-16 08:21:58 +00:00
Roger Dingledine
f3b165fdc0 change crypto_digest_new_env to crypto_new_digest_env
(and same with _free_)
to match our conventions
i think our conventions may be getting too ad hoc


svn:r940
2003-12-16 08:13:26 +00:00
Roger Dingledine
e358a362ee rename digest_copy to digest_dup, make it return, make gcc happier
svn:r939
2003-12-16 05:47:21 +00:00
Nick Mathewson
7c439c30d0 Resolve format warnings on MacOS X 10.3
svn:r938
2003-12-16 05:33:11 +00:00
Nick Mathewson
eeae6157ed Add more fine-grained SHA1 functionality.
svn:r937
2003-12-16 05:29:04 +00:00
Nick Mathewson
4885e90490 Make compile warning-free on cygwin
svn:r936
2003-12-15 21:35:52 +00:00
Roger Dingledine
a5aa80cc41 make --debuglogfile (or any second log file) work
svn:r935
2003-12-14 09:58:43 +00:00
Roger Dingledine
08534a6271 start tracking the 'It appears I've already sent the end' warning
svn:r932
2003-12-14 08:32:14 +00:00
Roger Dingledine
0ea88d508d oops, i broke buffers. fixed.
svn:r931
2003-12-14 08:15:41 +00:00
Roger Dingledine
f9bdb8a0da document aborted attempt to merge client dns cache with server dns cache
svn:r930
2003-12-14 07:50:45 +00:00
Roger Dingledine
7d58bfbd50 change dns notation from question/answer to address/addr
svn:r929
2003-12-14 07:40:47 +00:00
Roger Dingledine
8f573c06c3 start to track the 'unexpected relay cell' warning
svn:r928
2003-12-14 06:50:44 +00:00
Roger Dingledine
36ea39ec9c on hup, close and rebind listener ports too (in case their config has changed)
svn:r926
2003-12-14 06:03:46 +00:00
Roger Dingledine
50e17d633b clean up some file-scope-global directory variables
svn:r925
2003-12-14 05:25:23 +00:00
Roger Dingledine
1096eae543 add options.ExcludedNodes -- nodes that are never picked in path building
svn:r924
2003-12-14 05:08:28 +00:00
Roger Dingledine
3465c4dee4 make it compile
svn:r923
2003-12-14 05:00:09 +00:00
Roger Dingledine
f4cb5d8c93 extend smartlist with _remove() and _subtract()
svn:r922
2003-12-14 04:57:47 +00:00
Roger Dingledine
2997ef8dd9 warn if you're running tor as root
svn:r921
2003-12-14 04:39:23 +00:00
Roger Dingledine
25e7e97d73 on HUP, retry OR connections, and stop clobbering the dirserver's routerlist
svn:r920
2003-12-14 04:33:18 +00:00
Roger Dingledine
05c05d6444 more friendly warning when there are too many dns workers
svn:r919
2003-12-14 04:19:12 +00:00
Roger Dingledine
9e3608ce7b more friendly warning when a connection buffer overflows
svn:r918
2003-12-14 04:18:43 +00:00
Roger Dingledine
a1745b6895 slightly different default default exit policy.
svn:r917
2003-12-14 00:18:57 +00:00
Roger Dingledine
55d3ec028d reject 0.0.0.0/8,reject 169.254.0.0/16
svn:r916
2003-12-14 00:17:44 +00:00
Roger Dingledine
29adf04683 more general cleanup
svn:r915
2003-12-14 00:12:02 +00:00
Roger Dingledine
444798dfb9 remove obsolete code
svn:r914
2003-12-14 00:11:48 +00:00
Nick Mathewson
fb95d99f79 Accept 1.2.3.4/x as a synonym for 1.2.3.4/x:* .
svn:r912
2003-12-14 00:04:29 +00:00
Roger Dingledine
78a7de300c make options.ExitNodes work
if your best choices happen to include any of your preferred exit nodes,
you choose among just those preferred exit nodes.


svn:r911
2003-12-13 23:32:57 +00:00
Roger Dingledine
4d3d99fa0c extend smartlist with a few smarter operations
svn:r910
2003-12-13 23:32:03 +00:00
Roger Dingledine
8222fe8e4f clean up some copyrights
svn:r907
2003-12-13 22:53:17 +00:00
Roger Dingledine
03616803e6 bughunt: start tracking the bug mutiny found
svn:r906
2003-12-13 08:06:03 +00:00
Roger Dingledine
7a3a3ae1df bugfix: a circuit that immediately failed still counts as a failed circuit
svn:r905
2003-12-13 07:42:18 +00:00
Roger Dingledine
9e6f4a3029 revamp circuit node selection to use smartlists:
* now we know for sure if an acceptable node is available; we
    don't have to keep guessing and checking
  * we try options.EntryNodes first for picking the first node


svn:r904
2003-12-13 07:01:46 +00:00
Roger Dingledine
5458ca39e8 minor tweaks to the smartlist operations
svn:r903
2003-12-13 06:56:21 +00:00
Nick Mathewson
911f155f94 Make default exit policy reject 127.*:*
svn:r902
2003-12-13 03:37:25 +00:00
Roger Dingledine
41bb717241 reasonably permissive exit policy if you don't set one
svn:r901
2003-12-13 02:53:35 +00:00
Roger Dingledine
865173d7a1 put the default exit policy in place
svn:r900
2003-12-13 02:52:54 +00:00
Nick Mathewson
f37f7daa2f Add port ranges to exit policies
svn:r899
2003-12-13 02:44:02 +00:00
Roger Dingledine
c425f2e0ec use the smartlist to pick random routers, rather than our own idiom
svn:r898
2003-12-13 01:43:21 +00:00
Roger Dingledine
1ae84fcbc1 add a 'smartlist' building block that picks random elements from a list
svn:r897
2003-12-13 01:42:44 +00:00