nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-11 13:43:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
13,269 Commits 53 Branches 630 Tags 125 MiB
2b6e91c2ee
Commit Graph

7425 Commits

Author SHA1 Message Date
Nick Mathewson
2b6e91c2ee Report EADDRNOTAVAIL and EADDRINUSE as RESOURCELIMIT 
These errors usually mean address exhaustion; reporting them as such
lets clients adjust their load to try other exits.

Fix for bug 4710; bugfix on 0.1.0.1-rc, which started using
END_STREAM_REASON_RESOURCELIMIT.
 2012-05-16 12:46:24 -04:00
Nick Mathewson
3ed4c5dc05 Correct the bulletproofing of routerlist_insert() 
The original code updated some variables, but forgot to remove a
replaced old-routerdesc from rl->old_routers.

Related to bug 1776.
 2012-05-16 10:51:02 -04:00
Nick Mathewson
5905a0b2db Merge branch 'bug5796_022_squashed' into maint-0.2.2 2012-05-15 10:04:49 -04:00
Nick Mathewson
f2a6eedded Fix a crash bug on SETCIRCUITPURPOSE. 2012-05-15 10:03:10 -04:00
Roger Dingledine
436654ee96 fix over-wide line from f661747370 2012-05-10 17:46:19 -04:00
Ravi Chandra Padmala
f661747370 Add missing CRLFs to AUTHCHALLENGE failure replies 
Fix #5760
 2012-05-10 11:13:09 +05:30
Nick Mathewson
f6afd4efa6 Fix a log-uninitialized-buffer bug. 
Fix for 5647; bugfix on 0.2.1.5-alpha.
 2012-04-18 23:02:09 -04:00
George Kadianakis
2d276ab9d9 rend_service_introduce(): do protocol violation check before anything else. 
(Cherry-picked from 6ba13e4 by nickm)
 2012-04-18 22:26:06 -04:00
Nick Mathewson
dd3f4f1bdb Include a Host: header with any HTTP/1.1 proxy request 
Bugfix on 0.2.2.1-alpha, which added the orginal HTTP proxy
authentication code.  Fix for bug 5593.
 2012-04-10 12:00:20 -04:00
Nick Mathewson
439fc704f1 Wrap long line; strlen("ides")<strlen("turtles"). 2012-04-04 21:05:19 -04:00
Sebastian Hahn
b24487d106 ides has become turtles, and gotten a new IP address 
As per ticket 5569
 2012-04-05 01:53:04 +02:00
Roger Dingledine
5fed1ccd90 put a _ before or_options_t elements that aren't configurable 
it's fine with me if we change the current convention, but we should
actually decide to change it if we want to.
 2012-04-01 15:59:38 -04:00
Nick Mathewson
9a69c24150 Do not use strcmp() to compare an http authenticator to its expected value 
This fixes a side-channel attack on the (fortunately unused!)
BridgePassword option for bridge authorities.  Fix for bug 5543;
bugfix on 0.2.0.14-alpha.
 2012-04-01 00:42:04 -04:00
Nick Mathewson
6dcbfec82d Merge remote-tracking branch 'rransom-tor/safecookie-022-v3' into maint-0.2.2 2012-03-26 14:03:29 -04:00
Nick Mathewson
99bd5400e8 Never choose a bridge as an exit. Bug 5342. 2012-03-09 14:27:50 -05:00
Nick Mathewson
8abfcc0804 Revise "sufficient exit nodes" check to work with restrictive ExitNodes 
If you set ExitNodes so that only 1 exit node is accepted, the
previous patch would have made you unable to build circuits.
 2012-03-09 14:23:23 -05:00
Nick Mathewson
ec8a06c5a1 Require a threshold of exit nodes before building circuits 
This mitigates an attack proposed by wanoskarnet, in which all of a
client's bridges collude to restrict the exit nodes that the client
knows about.  Fixes bug 5343.
 2012-03-08 15:42:54 -05:00
Roger Dingledine
e21756908f new ip address for maatuska 2012-02-29 13:22:41 -05:00
Robert Ransom
e111e371b4 Implement 'safe cookie authentication' 2012-02-22 05:46:09 -08:00
Sebastian Hahn
8ce6722d76 Properly protect paths to sed, sha1sum, openssl 
in Makefile.am, we used it without quoting it, causing build failure if
your openssl/sed/sha1sum happened to live in a directory with a space in
it (very common on windows)
 2012-02-10 20:12:03 +01:00
Nick Mathewson
c8b855082b Downgrade "missing a certificate" from notice to info 
It was apparently getting mistaken for a problem, even though it was
at notice.

Fixes 5067; fix on 0.2.0.10-alpha.
 2012-02-10 12:01:56 -05:00
Nick Mathewson
6fd61cf767 Fix a trivial log message error in renservice.c 
Fixes bug 4856; bugfix on 0.0.6

This bug was introduced in 79fc5217, back in 2004.
 2012-01-09 12:21:04 -05:00
Roger Dingledine
cc1580dbe0 when the consensus fails, list which dir auths were in or out 2012-01-08 12:14:44 -05:00
Roger Dingledine
04bf17c50c nickname, not identity fingerprint, will help more 2012-01-08 12:09:01 -05:00
Roger Dingledine
78e95b7b71 tell me who votes are actually for, not just where they're from 2012-01-08 10:03:46 -05:00
Sebastian Hahn
d861b4cc9d Fix spelling in a controlsocket log msg 
Fixes bug 4803.
 2011-12-30 23:27:02 +01:00
Nick Mathewson
84bf8e3808 Merge remote-tracking branch 'public/bug4788' into maint-0.2.2 2011-12-28 16:50:45 -05:00
Nick Mathewson
c563551eef Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-12-28 15:56:37 -05:00
Nick Mathewson
120a745346 Bug 4786 fix: don't convert EARLY to RELAY on v1 connections 
We used to do this as a workaround for older Tors, but now it's never
the correct thing to do (especially since anything that didn't
understand RELAY_EARLY is now deprecated hard).
 2011-12-28 15:54:06 -05:00
Nick Mathewson
9bcb187387 Authorities reject insecure Tors. 
This patch should make us reject every Tor that was vulnerable to
CVE-2011-0427.  Additionally, it makes us reject every Tor that couldn't
handle RELAY_EARLY cells, which helps with proposal 110 (#4339).
 2011-12-27 21:47:04 -05:00
Nick Mathewson
b5e6bbc01d Do not even try to keep going on a socket with socklen==0 
Back in #1240, r1eo linked to information about how this could happen
with older Linux kernels in response to nmap.  Bugs #4545 and #4547
are about how our approach to trying to deal with this condition was
broken and stupid.  Thanks to wanoskarnet for reminding us about #1240.

This is a fix for the abovementioned bugs, and is a bugfix on
0.1.0.3-rc.
 2011-12-21 11:19:41 -05:00
Nick Mathewson
562c974ee7 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-12-15 11:28:44 -05:00
Nick Mathewson
9d0777839b Add a fix for the buf_pullup bug that Vektor reported 2011-12-15 11:28:24 -05:00
Nick Mathewson
6171bdd105 Don't call tor_tls_set_logged_address till after checking conn->tls 
Fixes bug 4531; partial backport of e27a26d5.
 2011-12-02 16:15:52 -05:00
Sebastian Hahn
841247a586 Fix a compile warning on 64bit OS X 
Backport of 68475fc5c5 which accidentally
only made it into master. Fixes bug 4547. Bug isn't in any released
version.
 2011-11-23 12:06:55 -05:00
Roger Dingledine
c0ec4eafc5 parameterize bw cutoffs to guarantee Fast and Guard flags 
Now it will be easier for researchers to simulate Tor networks with
different values. Resolves ticket 4484.
 2011-11-21 18:22:10 -05:00
Nick Mathewson
f4e053d6df Merge branch 'bug4518' into maint-0.2.2 2011-11-21 17:25:51 -05:00
Nick Mathewson
b3c988f0d7 Merge remote-tracking branch 'public/bug3963' into maint-0.2.2 2011-11-21 10:52:15 -05:00
Nick Mathewson
8e388bc39c Only call cull_wedged_cpuworkers once every 60 seconds. 
The function is over 10 or 20% on some of Moritz's profiles, depending
on how you could.

Since it's checking for a multi-hour timeout, this is safe to do.

Fixes bug 4518.
 2011-11-19 18:30:55 -05:00
Sebastian Hahn
6ef44b7849 Don't log about stats when running as a client without geoip 
Completely disable stats if we aren't running as a relay. We won't
collect any anyway, so setting up the infrastructure for them and
logging about them is wrong. This also removes a confusing log
message that clients without a geoip db would have seen.

Fixes bug 4353.
 2011-11-19 00:50:03 +01:00
Nick Mathewson
5bea660f8e Use real_addr in send_netinfo 
Reported by "troll_un"; bugfix on 0.2.0.10-alpha; fixes bug 4349.
 2011-11-14 22:43:40 -05:00
Robert Ransom
565463243c Include HiddenServiceDir in some warning messages 2011-11-07 17:02:50 -08:00
Nick Mathewson
ca282e5326 Merge branch 'bug4424' into maint-0.2.2 2011-11-07 11:47:28 -05:00
Nick Mathewson
02d89c5c66 Remove an extraneous "if" in the 4424 fix 2011-11-07 11:46:51 -05:00
Robert Ransom
65a0d7e7ef Don't leak an extend_info_t in rend_client_any_intro_points_usable 2011-11-07 08:35:51 -08:00
Nick Mathewson
4d8306e0e9 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-11-07 10:42:34 -05:00
Dan Rosenberg
d5161ab895 Fix remotely triggerable assert during ip decryption 
Fixes bug 4410.
 2011-11-06 17:23:14 +01:00
George Kadianakis
3ae96845d3 Fix a memleak when fetching descriptors for bridges in ExcludeNodes. 2011-11-03 13:23:50 -04:00
Sebastian Hahn
dfdb4fde1a Disable stats requiring geoip info if we have none 
In other parts of the code we will otherwise attempt to collect these
statistics, and that will lead to crashes.
 2011-10-29 11:20:02 +02:00
Nick Mathewson
cf8bffa359 Discard all cells on a marked connection 
Fix for bug 4299
 2011-10-28 17:04:15 -04:00