Commit Graph

365 Commits

Author SHA1 Message Date
Sebastian Hahn
21155204c6 Create circuitbuild.h 2010-07-27 07:58:13 +02:00
Sebastian Hahn
34dfce0d82 Create buffers.h 2010-07-27 07:56:26 +02:00
Sebastian Hahn
cbee969f40 Create routerlist.h 2010-07-27 07:56:25 +02:00
Sebastian Hahn
c53b6cc831 Create router.h 2010-07-27 07:56:25 +02:00
Sebastian Hahn
ff4030f621 Create geoip.h 2010-07-27 07:56:25 +02:00
Roger Dingledine
7e300cbba3 Let bridge users use the non-primary address of a multi-homed bridge 2010-06-03 20:29:29 -04:00
Nick Mathewson
03dc1c786a Clarify 'marking connection as too old' messages
Back when we changed the idea of a connection being "too old" for new
circuits into the connection being "bad" for new circuits, we didn't
actually change the info messages.  This led to telling the user that
we were labelling connections as "too old" for being worse than
connections that were actually older than them.

Found by Scott on or-talk.
2010-05-12 14:15:39 -04:00
Roger Dingledine
1108358e96 let people test the RefuseUnknownExits idea 2010-03-10 22:43:23 -05:00
Nick Mathewson
b006e3279f Merge remote branch 'origin/maint-0.2.1'
Conflicts:
	src/common/test.h
	src/or/test.c
2010-02-27 17:16:31 -05:00
Nick Mathewson
c3e63483b2 Update Tor Project copyright years 2010-02-27 17:14:21 -05:00
Roger Dingledine
4d71d43772 add config options to override.
somebody should add man page entries.
2009-12-29 23:13:03 -05:00
Roger Dingledine
f255272f45 add separate per-conn write limiting 2009-12-29 22:25:02 -05:00
Roger Dingledine
2ef988c065 New consensus params "bwconnrate" and "bwconnburst"
...to let us
rate-limit client connections as they enter the network. It's
controlled in the consensus so we can turn it on and off for
experiments. It's starting out off. Based on proposal 163.
2009-12-23 04:56:24 -05:00
Karsten Loesing
f80672d747 Remove duplicate words and a duplicate newline. 2009-12-18 12:55:05 +01:00
Karsten Loesing
498c293afe Make changes to latest bridge-stats fixes as suggested by Nick. 2009-12-17 11:20:31 +01:00
Nick Mathewson
350181529e Merge branch 'safelogging2'
Conflicts:
	ChangeLog
2009-12-15 17:26:09 -05:00
Nick Mathewson
fcbd65b45c Refactor the safe_str_*() API to make more sense.
The new rule is: safe_str_X() means "this string is a piece of X
information; make it safe to log."  safe_str() on its own means
"this string is a piece of who-knows-what; make it safe to log".
2009-12-15 17:25:34 -05:00
Nick Mathewson
0c1b3070cf Now that FOO_free(NULL) always works, remove checks before calling it. 2009-12-12 02:07:59 -05:00
Sebastian Hahn
3807db001d *_free functions now accept NULL
Some *_free functions threw asserts when passed NULL. Now all of them
accept NULL as input and perform no action when called that way.

This gains us consistence for our free functions, and allows some
code simplifications where an explicit null check is no longer necessary.
2009-12-12 03:29:44 +01:00
Sebastian Hahn
f258647433 Allow SafeLogging to exclude client related information 2009-12-12 02:26:11 +01:00
Nick Mathewson
0a58567ce3 Merge commit 'origin/maint-0.2.1'
Conflicts:
	src/common/tortls.c
2009-11-06 15:24:52 -05:00
Nick Mathewson
ce0a89e262 Make Tor work with OpenSSL 0.9.8l
To fix a major security problem related to incorrect use of
SSL/TLS renegotiation, OpenSSL has turned off renegotiation by
default.  We are not affected by this security problem, however,
since we do renegotiation right.  (Specifically, we never treat a
renegotiated credential as authenticating previous communication.)
Nevertheless, OpenSSL's new behavior requires us to explicitly
turn renegotiation back on in order to get our protocol working
again.

Amusingly, this is not so simple as "set the flag when you create
the SSL object" , since calling connect or accept seems to clear
the flags.

For belt-and-suspenders purposes, we clear the flag once the Tor
handshake is done.  There's no way to exploit a second handshake
either, but we might as well not allow it.
2009-11-05 18:13:08 -05:00
Nick Mathewson
b8b2935367 Debugging logs for TLS handshake
The big change is to add a function to display the current SSL handshake
state, and to log it everywhere reasonable.  (A failure in
SSL23_ST_CR_SRVR_HELLO_A is different from one in
SSL3_ST_CR_SESSION_TICKET_A.)

This patch also adds a new log domain for OR handshaking, so you can pull out
all the handshake log messages without having to run at debug for everything.
For example, you'd just say "log notice-err [handshake]debug-err file
tor.log".
2009-09-24 12:31:22 -04:00
Mike Perry
7ac9a66c8f Recover from changing network connections.
Also add code to keep creating circuits every minute until we
hit our minimum threshhold.
2009-09-16 15:51:16 -07:00
Nick Mathewson
659fc13da5 Change proxy-address type to tor_addr_t to allow ipv6 proxies. 2009-06-19 12:48:00 -04:00
Christopher Davis
75472c19c3 Enable Tor to connect through SOCKS 4/5 proxies
Added a sanity check in config.c and a check in directory.c
directory_initiate_command_rend() to catch any direct connection attempts
when a socks proxy is configured.
2009-06-19 12:16:15 -04:00
Nick Mathewson
1e709c79d1 Isolate Libevent API dependency to just main.c and dns.c in src/or.
The rest of the code was only including event.h so that it could see
EV_READ and EV_WRITE, which we were using as part of the
connection_watch_events interface for no very good reason.
2009-06-12 14:27:53 -04:00
Karsten Loesing
9b32e8c141 Update copyright to 2009. 2009-05-04 11:28:27 -04:00
Karsten Loesing
4ebcc4da34 Update copyright to 2009. 2009-05-02 22:00:54 +02:00
Roger Dingledine
decdf4537a If we're using bridges and our network goes away, be more willing
to forgive our bridges and try again when we get an application
request. Bugfix on 0.2.0.x.


svn:r18396
2009-02-04 23:27:35 +00:00
Nick Mathewson
e06de61d84 Don't obsolete a very-new connection for having no circuits yet.
This fixes the last known case of bug 891, which could happen if two
hosts, A and B, disagree about how long a circuit has been open,
because of clock drift of some kind.  Host A would then mark the
connection as is_bad_for_new_circs when it got too old and open a new
connection.  In between when B receives a NETINFO cell on the new
conn, and when B receives a conn cell on the new circuit, the new
circuit will seem worse to B than the old one, and so B will mark it
as is_bad_for_new_circs in the second or third loop of
connection_or_group_set_badness().

Bugfix on 0.1.1.13-alpha.  Bug found by rovv.

Not a backport candidate: the bug is too obscure and the fix too tricky.

svn:r18303
2009-01-28 17:36:41 +00:00
Nick Mathewson
c4b8fef362 Remove svn $Id$s from our source, and remove tor --version --version.
The subversion $Id$ fields made every commit force a rebuild of
whatever file got committed.  They were not actually useful for
telling the version of Tor files in the wild.

svn:r17867
2009-01-04 00:35:51 +00:00
Nick Mathewson
83491796ee Explain why the XXXX021 in connection_or.c was there, and explain why it doesn' actually need to get fixed in 0.2.1, I think.
svn:r17819
2008-12-29 19:57:13 +00:00
Nick Mathewson
df608fef45 Checkpoint my big bug-891 patch.
svn:r17757
2008-12-24 02:38:04 +00:00
Nick Mathewson
8c90a4b7ee More approx_time() calls. Noted by forest.
svn:r17702
2008-12-19 18:51:35 +00:00
Nick Mathewson
122170c1d3 Downlgrade tweak, and answer lots of XXX021s. No actual code fixes in this patch.
svn:r17686
2008-12-18 16:11:24 +00:00
Nick Mathewson
26632d59dd Rename or_is_obsolete and move it to or_connection_t where it belongs.
svn:r17642
2008-12-17 14:59:19 +00:00
Nick Mathewson
51c29e1e24 Apply rovv's bug 805 fix: take more care never to prefer a non-canonical connection.
svn:r17627
2008-12-15 21:17:43 +00:00
Nick Mathewson
c36ddcbabf Apparently sparc64 is way more strict about uint16_t access alignment than I had thought: it gave bus errors when messing with var-cell headers. Maybe this patch will fix bug 862.
svn:r17262
2008-11-12 14:41:44 +00:00
Roger Dingledine
d37fae2f4e Catch and report a few more bootstrapping failure cases when Tor
fails to establish a TCP connection. Cleanup on 0.2.1.x.


svn:r16803
2008-09-09 06:25:39 +00:00
Nick Mathewson
baeb260ad1 Refactor use of connection_new so that we get more verifiable typesafety.
svn:r16785
2008-09-05 22:09:44 +00:00
Nick Mathewson
5ab6fe0051 r17680@tombo: nickm | 2008-08-07 16:06:30 -0400
Add a missing safe_str for a debug_log_message.  Fix the bad part of bug 674.


svn:r16462
2008-08-07 20:06:40 +00:00
Nick Mathewson
960a0f0a99 r17641@31-33-44: nickm | 2008-08-05 16:07:53 -0400
Initial conversion of uint32_t addr to tor_addr_t addr in connection_t and related types.  Most of the Tor wire formats using these new types are in, but the code to generate and use it is not.  This is a big patch.  Let me know what it breaks for you.


svn:r16435
2008-08-05 20:08:19 +00:00
Nick Mathewson
3ce6e2fba2 r17346@aud-055: nickm | 2008-07-24 15:37:19 +0200
Make generic address manipulation functions work better.  Switch address policy code to use tor_addr_t, so it can handle IPv6.  That is a good place to start.


svn:r16178
2008-07-24 13:44:04 +00:00
Nick Mathewson
2748afe609 r17322@aud-055: nickm | 2008-07-23 16:50:50 +0200
Make circid_t and streamid_t get used instead of uint16_t; it is possible we will soon want to make circid_t change to uint32_t.


svn:r16155
2008-07-23 15:58:30 +00:00
Roger Dingledine
c6a94718cd Directory authorities shouldn't complain about bootstrapping
problems just because they do a lot of reachability testing and
some of the connection attempts fail. 


svn:r15348
2008-06-18 07:34:04 +00:00
Roger Dingledine
8c85eef9b0 start sending "bootstrap problem" status events when we're having troubles
reaching relays.


svn:r15116
2008-06-11 01:14:23 +00:00
Roger Dingledine
45cc25c019 minor fixes and notes
svn:r15111
2008-06-10 23:00:11 +00:00
Roger Dingledine
baa3cea213 Start noticing and reporting bootstrapping failures too. It looks like
we never bothered learning why OR conns fail, so next step is to add some
infrastructure for that.


svn:r15091
2008-06-09 18:32:43 +00:00
Roger Dingledine
5aeb89447e infrastructure for the 'bootstrap status event' feature, so we can
tell the controller how we're doing at bootstrapping, and it can
tell the user.


svn:r15008
2008-06-07 05:27:34 +00:00