Commit Graph

529 Commits

Author SHA1 Message Date
Roger Dingledine
3b5191d36d various bugfixes and updates
redo all the config files for the new format (we'll redo them again soon)

fix (another! yuck) segfault in log_fn when input is too large
tor_tls_context_new() returns -1 for error, not NULL
fix segfault in check_conn_marked() on conn's that die during tls handshake

make ORs also initialize conn from router when we're the receiving node

make non-dirserver ORs upload descriptor to every dirserver on startup
add our local address to the descriptor
add Content-Length field to POST command
revert the Content-Length search in fetch_from_buf_http() to previous code
fix segfault in memmove in fetch_from_buf_http()
raise maximum allowed headers/body size in directory.c


svn:r484
2003-09-25 10:42:07 +00:00
Nick Mathewson
3d4ccb781a Refactor buffers; implement descriptors.
'buf_t' is now an opaque type defined in buffers.c .

Router descriptors now include all keys; routers generate keys as
needed on startup (in a newly defined "data directory"), and generate
their own descriptors.  Descriptors are now self-signed.

Implementation is not complete: descriptors are never published; and
upon receiving a descriptor, the directory doesn't do anything with
it.

At least "routers.or" and orkeygen are now obsolete, BTW.


svn:r483
2003-09-25 05:17:11 +00:00
Roger Dingledine
a3bd8b5483 a few todo things done
svn:r482
2003-09-24 21:30:12 +00:00
Roger Dingledine
40d0fca63a cleanups, bugfixes, more verbose logs
Fixed up the assert_*_ok funcs some (more work remains)

Changed config so it reads either /etc/torrc or the -f arg, never both

Finally tracked down a nasty bug with our use of tls:
  It turns out that if you ask SSL_read() for no more than n bytes, it
  will read the entire record from the network (and maybe part of the next
  record, I'm not sure), give you n bytes of it, and keep the remaining
  bytes internally. This is fine, except our poll-for-read looks at the
  network, and there are no bytes pending on the network, so we never know
  to ask SSL_read() for more bytes. Currently I've hacked it so if we ask
  for n bytes and it returns n bytes, then it reads again right then. This
  will interact poorly with our rate limiting; we need a cleaner solution.


svn:r481
2003-09-24 21:24:52 +00:00
Roger Dingledine
36ec1792d2 bugfix: we weren't looking for sys/stat.h
svn:r480
2003-09-23 20:04:28 +00:00
Roger Dingledine
a93b44eb3b integrate assert_connection_ok() checks
svn:r479
2003-09-23 19:47:41 +00:00
Roger Dingledine
9cb746ac2e call it tor, not or
svn:r478
2003-09-22 06:22:08 +00:00
Roger Dingledine
39fd5dd405 it's safe to do parallel directory fetches/uploads
svn:r477
2003-09-22 06:22:00 +00:00
Roger Dingledine
9fe1ed26ff get network/host order working right again for socks4
svn:r476
2003-09-21 06:44:53 +00:00
Roger Dingledine
ed51df7453 bugfixes and note missing features
deal with content-length headers better when reading http
don't assume struct socks4_info is a packed struct
fail the socks handshake if destip is zero
flesh out conn_state_to_string() for dir conn
fix typo (bug) in connection_handle_read()
directory get is now called fetch, post is now upload
reopen logs on sighup


svn:r475
2003-09-21 06:15:43 +00:00
Roger Dingledine
7afe2adbaf add a lot of todo entries, from today's meeting
svn:r474
2003-09-20 06:56:15 +00:00
Roger Dingledine
e514ac528c fix a segfault on truncated log lines
svn:r473
2003-09-19 09:30:34 +00:00
Roger Dingledine
078c5ab617 leave the socks handshake on the inbuf until it's complete
this paves the way for supporting socks5 and other handshakes
it also removes those pesky AP-only variables from connection_t

also hacked a fix for a bug where some streams weren't ending properly --
maybe because marked connections weren't flushing properly?


svn:r472
2003-09-18 08:11:31 +00:00
Roger Dingledine
b97945e411 add in directory 'post' support
svn:r471
2003-09-17 20:09:06 +00:00
Roger Dingledine
a66669859e phase out non-tls handshake, now that tls is stable.
svn:r470
2003-09-16 21:20:09 +00:00
Roger Dingledine
6f46316c31 bugfixes and refactorings
svn:r468
2003-09-16 20:57:09 +00:00
Nick Mathewson
5f9ac2bdfd More fine-grained logging messages on ZeroReturn/Syscall error cases
svn:r467
2003-09-16 20:53:09 +00:00
Nick Mathewson
3f3f8921f6 Make sequential ACI selection logic handle HIGHER/LOWER
svn:r466
2003-09-16 20:13:43 +00:00
Nick Mathewson
4dddac706d Use EXIT properly in assert_connection_ok
svn:r465
2003-09-16 19:51:09 +00:00
Nick Mathewson
1b9c2f35eb Add first cut of assert_*_ok functions
svn:r464
2003-09-16 19:36:19 +00:00
Nick Mathewson
7711c2e745 Add backend support for multiple logfiles, including console logs.
Also optimize logging by formatting messages in memory before sending
them through stdio.  (It turns out (according to gprof) that logging
performance matters.)


svn:r463
2003-09-16 17:58:36 +00:00
Nick Mathewson
c09de55fb8 Add #ifdef'd code (on by default) to allocate ACIs sequentially.
svn:r462
2003-09-16 17:17:39 +00:00
Roger Dingledine
8b71b7338f clean up exported api's
svn:r461
2003-09-16 05:41:49 +00:00
Roger Dingledine
9c6343fdf8 refactor connects into connection_connect()
svn:r460
2003-09-16 01:58:46 +00:00
Nick Mathewson
e4dfc3c8fe Cipher lists need to be colon separated. Also make initialization more bulletproof
svn:r459
2003-09-15 19:38:52 +00:00
Nick Mathewson
633a5ffc0b Fix TLS error logging
svn:r458
2003-09-15 18:37:49 +00:00
Nick Mathewson
408bff4a23 Log protocol errors
svn:r457
2003-09-15 18:18:37 +00:00
Roger Dingledine
ebc23f690c bugfix: onion pending queue now works
and fixed recent memory leak


svn:r456
2003-09-14 08:17:14 +00:00
Roger Dingledine
b63013e847 finally tracked down the seg fault
svn:r455
2003-09-14 06:43:18 +00:00
Roger Dingledine
e585dad887 fix the cpuworker circ-had-vanished bug (maybe)
still several (many) tls-related bugs outstanding.


svn:r454
2003-09-14 02:58:50 +00:00
Roger Dingledine
429fb381f8 let tor compile with tls on rh9
nick: is this the right way to do the autoconf stuff? what happens when
/usr/kerberos/include/ doesn't exist?
an alternate way is to add `pkg-config --cflags openssl` to CFLAGS, but
it seems that command only works on rh9. yay portability issues.


svn:r453
2003-09-14 01:44:44 +00:00
Roger Dingledine
05612786e4 fix two more bugs
svn:r452
2003-09-13 21:53:38 +00:00
Roger Dingledine
31bf3ec420 reshuffle functions for cleaner organization
svn:r451
2003-09-12 22:45:31 +00:00
Roger Dingledine
1738af9620 tls works between routers now too
things are still a bit shaky


svn:r450
2003-09-12 06:50:21 +00:00
Roger Dingledine
b1078b7a3c tls works with onion proxies now.
svn:r449
2003-09-12 06:20:36 +00:00
Roger Dingledine
556bea4b6d serious bug in cpuworker. need to think about redesign or how to handle it.
svn:r448
2003-09-12 06:18:38 +00:00
Nick Mathewson
001cd08b2e Fix bugs in certificate generation and SSL context creation. Both seem to work now.
svn:r447
2003-09-11 23:26:31 +00:00
Roger Dingledine
ec23ebc4e6 update onion router configs for tls
svn:r446
2003-09-11 22:20:16 +00:00
Roger Dingledine
fa1bfaa349 check for funny business from the remote peer
svn:r445
2003-09-11 22:19:48 +00:00
Nick Mathewson
5082ee8ae0 Non-debugging messages are nice to log too
svn:r444
2003-09-11 22:13:13 +00:00
Nick Mathewson
529d3bc56f Resolve XXXXs in tortls.c
svn:r443
2003-09-11 21:38:57 +00:00
Nick Mathewson
f5b4ef1fa2 Simplify some code paths in TLS; cut down on memory leaks; use
reasonable ciphers if not everyone has OpenSSL 0.9.7.


svn:r442
2003-09-11 21:12:39 +00:00
Nick Mathewson
36a3086434 Add router_get_by_pk function; use in connection_tls_finish_handshake.
svn:r441
2003-09-11 20:32:15 +00:00
Roger Dingledine
0761bc7b83 fix typo that's been bugging me
svn:r440
2003-09-11 20:10:39 +00:00
Roger Dingledine
44c3a7c2d7 collect info from peer we just handshaked with
svn:r439
2003-09-11 20:06:55 +00:00
Nick Mathewson
e22b271895 Add certificate verification functions
svn:r438
2003-09-10 00:47:39 +00:00
Nick Mathewson
9955b265ab Make crypto structures private to crypto.c
svn:r437
2003-09-10 00:47:24 +00:00
Nick Mathewson
67697d5ab1 Add prototypes for functions to check whether the peer certificate is
valid (if it is present); and to get a public key from a peer
certificate (in order to identify the peer).


svn:r436
2003-09-10 00:10:37 +00:00
Roger Dingledine
c0f5ddcf33 fix confirmed win32 bug
svn:r435
2003-09-08 23:10:24 +00:00
Roger Dingledine
0bac4247ca tls infrastructure now in place, give or take
svn:r434
2003-09-08 10:59:00 +00:00