nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-10 21:23:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,682 Commits 53 Branches 630 Tags 125 MiB
2ebdf91a52
Commit Graph

1344 Commits

Author SHA1 Message Date
Roger Dingledine
37883ca4bc put the 0.2.1.6-alpha blurb into the changelog 
svn:r17059
 2008-10-12 00:51:02 +00:00
Roger Dingledine
c7af43a624 Now NodeFamily and MyFamily config options allow spaces in 
identity fingerprints, so it's easier to paste them in.
Suggested by Lucky Green.


svn:r17021
 2008-10-01 03:41:33 +00:00
Roger Dingledine
a04baf14b6 bump to 0.2.1.6-alpha, and note that the exclude*nodes config 
discussion hasn't finished.


svn:r17011
 2008-09-30 09:37:18 +00:00
Nick Mathewson
25f8335528 Include circuit purposes in circuit events. Now all circuit events are extended; this makes the code simpler. 
svn:r17007
 2008-09-29 22:34:22 +00:00
Roger Dingledine
26aa741169 Remove the old v2 directory authority 'lefkada' from the default 
list. It has been gone for many months.


svn:r17005
 2008-09-29 19:27:20 +00:00
Nick Mathewson
ae3ce7b387 Patch from mwenge: update TrackHostExits mapping expiry times when the mappings are used, so that they expire a while after their last use, not a while after their creation. 
svn:r17004
 2008-09-29 14:53:53 +00:00
Nick Mathewson
ee0078ead4 Make tor-resolve take a -p port option in addition to the current host:port syntax. 
svn:r17002
 2008-09-29 14:18:47 +00:00
Roger Dingledine
9678f166a8 If we have correct permissions on $datadir, we complain to stdout 
and fail to start. But dangerous permissions on
$datadir/cached-status/ would cause us to open a log and complain
there. Now complain to stdout and fail to start in both cases. Fixes
bug 820, reported by seeess.


svn:r16998
 2008-09-29 10:09:05 +00:00
Roger Dingledine
c846979ab7 Fix a bug where an unreachable relay would establish enough 
reachability testing circuits to do a bandwidth test -- if
we already have a connection to the middle hop of the testing
circuit, then it could establish the last hop by using the existing
connection. Bugfix on 0.1.2.2-alpha, exposed when we made testing
circuits no longer use entry guards in 0.2.1.3-alpha.


svn:r16997
 2008-09-29 09:36:42 +00:00
Roger Dingledine
81b216086b rearrange the changelog a bit more 
svn:r16996
 2008-09-29 09:30:06 +00:00
Roger Dingledine
57942415ef changelog cleanups. give 0.2.1.6-alpha a deadline. 
svn:r16995
 2008-09-29 06:54:32 +00:00
Nick Mathewson
99755f374d Fix 0/0 calculation in get_weighted_fractional_uptime(). 
svn:r16994
 2008-09-28 15:48:36 +00:00
Nick Mathewson
bb1685318c Commit fix for bug 807 from mwenge: send CLOSED controller event for reverse dns resolve, not FAILED. 
svn:r16985
 2008-09-26 20:25:35 +00:00
Nick Mathewson
e147e867be Proposal 152 implementation from Josh Albrecht, with tweaks. 
svn:r16983
 2008-09-26 18:58:45 +00:00
Nick Mathewson
e7e12236ac Code to serve a current stability calculations from /tor/dbg-stability.txt. Untested: somebody please run this on an authority and let me know if it is broken. 
svn:r16981
 2008-09-26 18:02:48 +00:00
Nick Mathewson
ae33d3ead7 Apply rovv's fix for bug 824. 
svn:r16975
 2008-09-26 15:30:26 +00:00
Nick Mathewson
8bbbbaf87b Add country-code support to configured node lists to implement the ever-popular "no exits in Monaco" feature (ExcludeExitNodes {MC}). Also allow country codes and IP ranges in ExitNodes. (EntryNodes needs more work.) Based on code by Robert Hogan. Needs more testing. 
svn:r16966
 2008-09-25 20:21:35 +00:00
Karsten Loesing
6bb4492a6f Having two "Major features:" sections seems too much of a good thing. 
svn:r16962
 2008-09-25 09:53:19 +00:00
Karsten Loesing
f2ff3e74ae All relays now store and serve v2 hidden service descriptors by default (not only directory mirrors). 
svn:r16961
 2008-09-24 22:33:47 +00:00
Karsten Loesing
9a7098487b If we are not using BEGIN_DIR cells, don't attempt to contact hidden service directories with non-open dir port. 
svn:r16960
 2008-09-24 22:29:22 +00:00
Roger Dingledine
8dfe8194c9 changelog cleanup / rearranging 
svn:r16957
 2008-09-24 17:01:43 +00:00
Nick Mathewson
8bc1536a9e Add patch 4 from Karsten for proposal 121, slightly modified. Karsten should definitely re-review the bits I changed. 
svn:r16955
 2008-09-24 14:44:29 +00:00
Roger Dingledine
f59c13b7a3 fix a bad typo, add a missing word 
svn:r16946
 2008-09-23 21:01:54 +00:00
Nick Mathewson
75977fd79b Patch from roger for 752, but with more comments: When we get an A.B.exit:P address, and B would reject most connections to P, but we do not know whether it would allow A, then allow the connection to procede. Bugfix, amusingly, on 0.0.9rc5. 
svn:r16944
 2008-09-23 20:25:01 +00:00
Nick Mathewson
545b317e1f Fix for bug 797 (by arma, with tweaks): always use create_fast for circuits where we do not know an onion key. 
svn:r16942
 2008-09-23 20:13:23 +00:00
Nick Mathewson
f28fc83ea5 More logging for mtbf/wfu calculations. 
svn:r16941
 2008-09-23 18:24:20 +00:00
Roger Dingledine
29abfab8bf Update to the "September 1 2008" ip-to-country file. 
svn:r16940
 2008-09-23 09:51:05 +00:00
Nick Mathewson
b0c48d8e45 Oops; we need to make sure that DNS request names are matched in the _questions_ section of the replies. Rejecting answers whether the _answers_ section did not match made us reject A records waiting at the end of a CNAME record. Bug 823. 
svn:r16933
 2008-09-22 20:06:25 +00:00
Roger Dingledine
4fd9880540 give rend_client_desc_here a slightly more accurate name 
svn:r16916
 2008-09-16 10:26:15 +00:00
Roger Dingledine
38f2272d5d patch from karsten for bug 814. whew. 
svn:r16915
 2008-09-16 10:17:04 +00:00
Roger Dingledine
dbb481c169 Serve the latest v3 networkstatus consensus via the control 
port. Use "getinfo dir/status-vote/current/consensus" to fetch it.


svn:r16907
 2008-09-14 04:07:29 +00:00
Roger Dingledine
2d95accc75 Allow ports 465 and 587 in the default exit policy again. We had 
rejected them in 0.1.0.15, because back in 2005 they were commonly
misconfigured and ended up as spam targets. We hear they are better
locked down these days.


svn:r16898
 2008-09-13 10:04:42 +00:00
Karsten Loesing
f0a5ef804f Directory mirrors store and serve v2 hidden service descriptors by default. 
svn:r16858
 2008-09-11 20:06:04 +00:00
Roger Dingledine
2f18370821 and here too 
svn:r16835
 2008-09-10 19:08:46 +00:00
Nick Mathewson
1203850350 Coverity says it is okay to acknowledge them. Do so. Their tool is awesome. 
svn:r16820
 2008-09-10 00:06:07 +00:00
Nick Mathewson
f95d7c189b Refactor unit test macros and tor_free_all() logic a bit so as to make it easier to free memory on failing tests, in order to suppress scanner warnings and to make dmalloc() usable with tests. 
svn:r16816
 2008-09-09 20:43:31 +00:00
Roger Dingledine
fa64d8041f minor cleanups on karsten's patch 
svn:r16810
 2008-09-09 09:21:21 +00:00
Roger Dingledine
ef7af1d61e karsten's patch for bug 767. 
svn:r16808
 2008-09-09 08:41:58 +00:00
Roger Dingledine
d37fae2f4e Catch and report a few more bootstrapping failure cases when Tor 
fails to establish a TCP connection. Cleanup on 0.2.1.x.


svn:r16803
 2008-09-09 06:25:39 +00:00
Nick Mathewson
aacda9cd8e We should not alter an addr_policy_t that has been canonicalized. 
svn:r16802
 2008-09-09 03:48:01 +00:00
Roger Dingledine
346ca2d48e forward-port the 0.2.0.31 changelog 
svn:r16800
 2008-09-08 19:50:29 +00:00
Nick Mathewson
67327a863a Fix a variable handling mistake when testing for libevent functions in configure.in. Found by Riastradh. 
svn:r16793
 2008-09-08 01:57:02 +00:00
Nick Mathewson
baeb260ad1 Refactor use of connection_new so that we get more verifiable typesafety. 
svn:r16785
 2008-09-05 22:09:44 +00:00
Nick Mathewson
cd5d0f3890 Add changelog for scanner-based stuff. 
svn:r16784
 2008-09-05 21:21:18 +00:00
Nick Mathewson
fa2f72ded7 An asterisk makes a difference sometimes. Fixes bug 809. 
svn:r16758
 2008-09-04 20:42:02 +00:00
Nick Mathewson
f80ac31d74 Add a lockfile to the Tor data directory to avoid situations where two Tors start with the same datadir, or where a --list-fingerprints races with a server to create keys, or such. 
svn:r16722
 2008-09-01 20:06:26 +00:00
Roger Dingledine
6942bd66ea Fix compile on OpenBSD 4.4-current. Bugfix on 0.2.1.5-alpha. 
Reported by Tas.


svn:r16713
 2008-09-01 08:01:22 +00:00
Roger Dingledine
71968e7af9 further changelog cleanups 
svn:r16707
 2008-08-31 22:30:08 +00:00
Karsten Loesing
4347579085 Changelog entry for implementation of proposal 121. 
svn:r16706
 2008-08-31 22:23:32 +00:00
Peter Palfrader
94c3515092 A short changelog entry for the consensus changes 
svn:r16705
 2008-08-31 22:18:37 +00:00
Roger Dingledine
845a7017bc clean up 0.2.1.5-alpha changelog 
svn:r16704
 2008-08-31 22:08:34 +00:00
Roger Dingledine
cfff21e78a backport candidate: 
If not enough of our entry guards are available so we add a new
one, we might use the new one even if it overlapped with the
current circuit's exit relay (or its family). Anonymity bugfix
pointed out by rovv.


svn:r16698
 2008-08-31 06:33:39 +00:00
Nick Mathewson
80168d80d4 r17853@tombo: nickm | 2008-08-22 12:55:00 -0400 
Oops.  We had been telling people to use --with-ssl-dir, which had not worked since 0.2.0.1-alpha: --with-openssl-dir was the one that worked.  Make them both work, document --with-openssl-dir, and mark --with-ssl-dir as obsolete.  Found by "Dave".


svn:r16625
 2008-08-22 16:55:28 +00:00
Nick Mathewson
fc52d85b7c r17846@tombo: nickm | 2008-08-22 11:54:00 -0400 
Make dns resolver code more robust: handle nameservers with IPv6 addresses, make sure names in replies match requested names, make sure origin address of reply matches the address we asked.


svn:r16621
 2008-08-22 16:24:43 +00:00
Roger Dingledine
8f5642edbc Relays now reject risky extend cells: if the extend cell includes 
a digest of all zeroes, or asks to extend back to the relay that
sent the extend cell, tear down the circuit. Ideas suggested
by rovv.


svn:r16605
 2008-08-20 05:21:43 +00:00
Nick Mathewson
fcf817f897 Switch global_identifier on connections to a 64-bit field and move it to connection_t. When procession onionskins, look up the connection by this field rather than by addr:port. This will keep us from dropping onionskins. How many dropped circuits are dropped because of this bug? 
svn:r16558
 2008-08-15 13:55:01 +00:00
Nick Mathewson
30422b5df1 Rate-limit "too-many-sockets" messages; they can get needlessly verbose. 
svn:r16480
 2008-08-09 15:35:37 +00:00
Nick Mathewson
22259a0877 The first of Karsten's proposal 121 patches: configure and maintain client authorization data. Tweaked a bit: see comments on or-dev. 
svn:r16475
 2008-08-08 14:36:11 +00:00
Nick Mathewson
5ab6fe0051 r17680@tombo: nickm | 2008-08-07 16:06:30 -0400 
Add a missing safe_str for a debug_log_message.  Fix the bad part of bug 674.


svn:r16462
 2008-08-07 20:06:40 +00:00
Nick Mathewson
b81d70addb Oops. On recent linux kernels we were not detecting the linux/netfilter_ipv4.h header properly, since we needed to have in_addr and in6_addr and __u32 defined before trying to include it. Fix that. 
svn:r16460
 2008-08-07 19:39:52 +00:00
Nick Mathewson
635f3c8aee r17664@tombo: nickm | 2008-08-06 12:32:09 -0400 
Patch from Christopher Davis: open /dev/pf before dropping privileges.  Fixes bug 782.  Backport candidate.


svn:r16450
 2008-08-06 16:32:17 +00:00
Nick Mathewson
2905291af2 r17659@tombo: nickm | 2008-08-06 12:22:11 -0400 
Fix bug 794: recover 3 bytes wasted per memory chunk.  Fix from rovv.


svn:r16447
 2008-08-06 16:22:25 +00:00
Roger Dingledine
b79fe6a0db bump to 0.2.1.4-alpha-dev, add a future todo item 
svn:r16440
 2008-08-05 23:33:43 +00:00
Nick Mathewson
960a0f0a99 r17641@31-33-44: nickm | 2008-08-05 16:07:53 -0400 
Initial conversion of uint32_t addr to tor_addr_t addr in connection_t and related types.  Most of the Tor wire formats using these new types are in, but the code to generate and use it is not.  This is a big patch.  Let me know what it breaks for you.


svn:r16435
 2008-08-05 20:08:19 +00:00
Roger Dingledine
d01813a8dd Take out the TestVia config option, since it was a workaround for 
a bug that was fixed in Tor 0.1.1.21.


svn:r16409
 2008-08-05 00:12:05 +00:00
Roger Dingledine
18d3153fbb get closer to a release 
svn:r16408
 2008-08-05 00:00:35 +00:00
Roger Dingledine
d5bb361977 minor fixes 
svn:r16407
 2008-08-04 23:59:38 +00:00
Karsten Loesing
1fe07f66f4 In some edge cases it occurs that the router descriptor of a previously picked introduction point becomes obsolete. In that case, don't stick to using that introduction point, but simply give up on it. Reverts some part of r15825. 
svn:r16404
 2008-08-04 23:35:12 +00:00
Karsten Loesing
f51bf847ab Add changelog entries for r16372 and r16375. 
svn:r16376
 2008-08-03 19:27:19 +00:00
Karsten Loesing
3c9cd463d2 Fix a false assertion when extending a circuit to a relay to which a connection is already established. In that case the circuit should not need to memorize extend info for that relay. circuitbuild.c:389 contains a similar assertion. 
svn:r16375
 2008-08-03 17:45:24 +00:00
Roger Dingledine
fd4a30d198 bump to 0.2.1.3-alpha 
svn:r16369
 2008-08-03 05:35:42 +00:00
Nick Mathewson
1a76cd179a When a struct ends with char a[1], the size of all earlier members of the struct is _not_ sizeof(st)-1; compilers add alignment. Problem spotted by rovv. Backport candidate. 
svn:r16302
 2008-07-31 12:18:14 +00:00
Nick Mathewson
186097906d r17436@tombo: nickm | 2008-07-30 09:03:19 -0400 
Move n_addr, n_port, and n_conn_id_digest fields of circuit_t into a separately allocated extend_info_t.  Saves 22 bytes per connected circuit_t on 32-bit platforms, and makes me more comfortable with using tor_addr_t in place of uint32_t n_addr.


svn:r16257
 2008-07-30 13:04:32 +00:00
Nick Mathewson
ea95ce25b6 r17323@aud-055: nickm | 2008-07-23 17:58:25 +0200 
Implement most of proposal 110.


svn:r16156
 2008-07-23 15:58:38 +00:00
Nick Mathewson
15b2b8bd69 r17309@aud-055: nickm | 2008-07-23 16:05:43 +0200 
Patch from Christian Wilms: remove (HiddenService|Rend)(Exclude)?Nodes options.  They never worked properly, and nobody seems to be using them.  Resolves bug 754.


svn:r16144
 2008-07-23 14:07:32 +00:00
Nick Mathewson
cc46b23248 r17308@aud-055: nickm | 2008-07-23 15:57:41 +0200 
In connection_edge_destroy, send a stream status control event when we have an AP connection.  Previously, we would send an event when the connection was AP and non-AP at the same time.  This didn't work so well.  Patch from Anonymous Remailer (Austria).  Backport candidate.


svn:r16143
 2008-07-23 14:07:26 +00:00
Nick Mathewson
087094961b r17302@aud-055: nickm | 2008-07-23 14:55:28 +0200 
Never allow a circuit to be created with the same circid as a circuit that has been marked for close.  May be a fix for bug 779.  Needs testing.  Backport candidate.


svn:r16136
 2008-07-23 12:55:55 +00:00
Nick Mathewson
c8160bce1f r17188@tombo: nickm | 2008-07-18 14:35:18 -0400 
Add new ExcludeExitNodes option.  Also add a new routerset type to handle Exclude[Exit]Nodes.  It is optimized for O(1) membership tests, so as to make choosing a random router run in O(N_routers) time instead of in O(N_routers*N_Excluded_Routers).


svn:r16061
 2008-07-18 18:36:32 +00:00
Nick Mathewson
bdcbd23e23 Stop trying to detect versions of Tor on the server-side older than 0.1.1.15-rc; they simply do not work any more. Also add comment about how or_is_obsolete is a terrible field name. 
svn:r15982
 2008-07-16 13:15:11 +00:00
Roger Dingledine
9d57007119 integrate the 0.2.0.29-rc items into the release notes 
svn:r15954
 2008-07-16 00:04:00 +00:00
Roger Dingledine
267e61d0f3 When relays do their initial bandwidth measurement, don't limit 
to just our our entry guards for the test circuits. Otherwise we
tend to have multiple test circuits going through a single entry
guard, which makes our bandwidth test less accurate. Fixes part
of bug 654; patch contributed by Josh Albrecht.

(Actually, modify Josh's patch to avoid doing that when you're
a bridge relay, since it would leak more than we want to leak.)


svn:r15850
 2008-07-11 21:42:09 +00:00
Karsten Loesing
9231858ff5 Fix bug 763. When a hidden service is giving up on an introduction point candidate that was not included in the last published rendezvous descriptor, don't reschedule publication of the next descriptor. 
svn:r15825
 2008-07-10 21:02:01 +00:00
Nick Mathewson
cb7cc9e12d r16882@tombo: nickm | 2008-07-10 14:31:25 -0400 
Fix for session-related bug found by Geoff Goodell. backport candidate, once tested.


svn:r15821
 2008-07-10 18:31:33 +00:00
Nick Mathewson
c5ec7a3677 Stop using __attribute__((nonnull)): It gets us occcasional warnings when we do something so foolish it can be detected without dataflow analysis, but it also eliminates some of our error checking code. Suggested by Peter Gutmann. 
svn:r15803
 2008-07-09 15:23:23 +00:00
Roger Dingledine
33a1210ec3 fix up a confusion on the release notes (thanks karsten) 
svn:r15793
 2008-07-09 12:36:26 +00:00
Roger Dingledine
2534bb8fef remove duplicate changelog entries 
svn:r15784
 2008-07-09 10:28:11 +00:00
Roger Dingledine
dbbcb92cf0 forward-port the 0.2.0.29-rc changelog 
svn:r15782
 2008-07-09 10:10:37 +00:00
Nick Mathewson
133f011c49 Patch from coderman: detect transparent proxy header correctly on some linux versions. 
svn:r15726
 2008-07-07 15:09:26 +00:00
Nick Mathewson
0f8761f9fa fix typos in last patch spotted by sebastian and karsten 
svn:r15700
 2008-07-06 18:47:27 +00:00
Nick Mathewson
615c64efb8 Apply fix from chrisw: call connection_ap_attach_pending when we get a rendezvous2 or rendezvous_established call. This is a bit brute-foce, but it is better than we had before, and might not even show up on profiles. Backport candidate, once tested. 
svn:r15699
 2008-07-06 18:34:45 +00:00
Nick Mathewson
9d7a2d4eae r16689@tombo: nickm | 2008-07-03 11:03:14 -0400 
Fix for bug 742: do not use O_CREAT on 2-option version of open().  Especially do not use it on /dev/null.  Fix from Michael Scherer. Bugfix on 0.0.2pre19 (wow).


svn:r15626
 2008-07-03 15:04:16 +00:00
Roger Dingledine
8ac852b965 put in some of the release summaries 
svn:r15535
 2008-06-28 04:23:26 +00:00
Nick Mathewson
3ec25c2410 r16587@tombo: nickm | 2008-06-28 00:13:40 -0400 
fix for bug 704; found by sjmurdoch.  Windows and recent openssl both want to define OCSP_RESPONSE; do not let them.


svn:r15533
 2008-06-28 04:16:17 +00:00
Roger Dingledine
aec928e0b6 Send a bootstrap problem "warn" event on the first problem if the 
reason is NO_ROUTE (that is, our network is down).


svn:r15443
 2008-06-24 08:00:30 +00:00
Roger Dingledine
470f89119a annotate some changelog entries 
svn:r15442
 2008-06-24 07:40:46 +00:00
Roger Dingledine
52c5014081 Change the contrib/tor.logrotate script so it makes the new 
logs as "_tor:_tor" rather than the default, which is generally
"root:wheel". Fixes bug 676, reported by Serge Koksharov.

Andrew, you should check if this breaks the rpm building (or if
it makes it work better)


svn:r15404
 2008-06-22 07:15:18 +00:00
Roger Dingledine
21cc898a46 mark changelog bugfixes with what version they're from 
svn:r15384
 2008-06-21 04:25:10 +00:00
Roger Dingledine
a2a3d1e329 prepare for the 0.2.1.2-alpha release. we will tag 
sometime today. get your fixes in soon. :)


svn:r15371
 2008-06-20 06:26:58 +00:00
Roger Dingledine
8fa912a8c5 If we close our OR connection because there's been a circuit 
pending on it for too long, we were telling our bootstrap status
events "REASON=NONE". Now tell them "REASON=TIMEOUT".


svn:r15369
 2008-06-20 04:42:17 +00:00
Roger Dingledine
94dabd2c23 If you're using bridges, generate "bootstrap problem" warnings 
as soon as you run out of working bridges, rather than waiting
for ten failures -- which will never happen if you have less than
ten bridges.


svn:r15368
 2008-06-20 04:34:39 +00:00
Roger Dingledine
dd50ffb1de Big bridge bugfixes. Backport candidates. 
If you have more than one bridge but don't know their keys,
you would only learn a request for the descriptor of the first one
on your list. (Tor considered launching requests for the others, but
found that it already had a connection on the way for $0000...0000
so it didn't open another.)
If you have more than one bridge but don't know their keys, and the
connection to one of the bridges failed, you would cancel all
pending bridge connections. (After all, they all have the same
digest.)


svn:r15366
 2008-06-20 03:13:16 +00:00
Roger Dingledine
c6a94718cd Directory authorities shouldn't complain about bootstrapping 
problems just because they do a lot of reachability testing and
some of the connection attempts fail. 


svn:r15348
 2008-06-18 07:34:04 +00:00
Karsten Loesing
693d7e3e35 When establishing a hidden service, introduction points that originate from cannibalized circuits are completely ignored and not included in rendezvous service descriptors. Bugfix on 0.2.0.14-alpha. Backport candidate. 
svn:r15332
 2008-06-17 17:10:03 +00:00
Roger Dingledine
1ad83d74b1 Send an initial "Starting" bootstrap status event, so we have a 
state to start out in.


svn:r15326
 2008-06-17 08:15:42 +00:00
Nick Mathewson
dd6324b0c6 More bug 707 fixes: no #if/#endif pairs inside macro arguments. 
svn:r15307
 2008-06-16 18:35:21 +00:00
Nick Mathewson
6299f4429a Clean up a macro/cpp interaction related to bug 707. Also, add a new "filename" config value type which is currently just a synonym for string, but which might be subject to expansion later. 
svn:r15305
 2008-06-16 18:09:53 +00:00
Nick Mathewson
44452c2756 r16341@tombo: nickm | 2008-06-15 22:04:25 -0400 
Allow spaces to be omitted in approved-router file fingerprints. Requested by arma.


svn:r15296
 2008-06-16 02:08:30 +00:00
Nick Mathewson
0831cc3dbc Patch from Karsten to implement proposal 135 ("Testing Tor Networks"). 
svn:r15253
 2008-06-14 16:01:29 +00:00
Peter Palfrader
4ef606b8fc implement proposal 138: removing down routers from consensus 
svn:r15230
 2008-06-13 21:22:49 +00:00
Peter Palfrader
1f3dc9b22b Asking for a conditional consensus at .../consensus/<fingerprints> would crash 
a dirserver if it did not already have a consensus.


svn:r15227
 2008-06-13 18:58:58 +00:00
Nick Mathewson
d4ed91c672 Set dynamic-locking callbacks in openssl. These can be more efficient when openssl uses them. 
svn:r15222
 2008-06-13 16:35:12 +00:00
Roger Dingledine
b2cd61258e forward-port the 0.2.0.28-rc changelog 
svn:r15194
 2008-06-13 06:40:36 +00:00
Roger Dingledine
52d3be06f1 steal some of the bootstrap phase strings from vidalia 
svn:r15193
 2008-06-13 06:23:46 +00:00
Roger Dingledine
ca902b070e make some of the 0.2.1.1-alpha changelog items more prominent 
svn:r15186
 2008-06-13 05:13:22 +00:00
Roger Dingledine
d395135e2f fix a few typos, and give the bootstrap phase stuff a changelog entry. 
svn:r15183
 2008-06-13 04:26:05 +00:00
Roger Dingledine
001e2ac918 rearrange 0.2.1.1-alpha changelog 
svn:r15177
 2008-06-13 02:06:04 +00:00
Nick Mathewson
617843988c r16215@tombo: nickm | 2008-06-12 18:39:03 -0400 
Implement code to manually force the OpenSSL client cipher list to match the one recommended in proposal 124, *even if* we do not know all those ciphers.  This is a bit of a kludge, but it is at least decently well commented.


svn:r15173
 2008-06-12 22:39:13 +00:00
Roger Dingledine
555450ba73 note that weasel's proposal 134 code is off by default. i believe. 
correct me if i'm wrong. :)


svn:r15156
 2008-06-12 00:13:35 +00:00
Roger Dingledine
72cf0206d0 remove some duplicate changelog entries from the upcoming 0.2.1.1-alpha 
release


svn:r15155
 2008-06-12 00:08:25 +00:00
Karsten Loesing
906cf73062 ChangeLog entry for r15149. 
svn:r15151
 2008-06-11 23:40:17 +00:00
Karsten Loesing
f6997c64c0 Added ChangeLog entry for r15113. 
svn:r15114
 2008-06-10 23:42:40 +00:00
Nick Mathewson
b87a7760e0 r16129@tombo: nickm | 2008-06-10 14:28:06 -0400 
More geoip tweaks.  Include in the file a rough estimator of our total share.


svn:r15099
 2008-06-10 18:28:10 +00:00
Nick Mathewson
d0a4ad3a1c r16127@tombo: nickm | 2008-06-10 14:03:01 -0400 
Improved code for counting clients by country: support recording by number of directory status requests in addition to number of IPs seen.


svn:r15097
 2008-06-10 18:08:56 +00:00
Roger Dingledine
9b626988a6 flush some changes in my sandbox -- ancient changelog typos, etc 
svn:r15007
 2008-06-07 05:24:47 +00:00
Roger Dingledine
ebab48769d Stop reloading the router list from disk for no reason when we 
run out of reachable directory mirrors. Once upon a time reloading
it would set the 'is_running' flag back to 1 for them. It hasn't
done that for a long time.


svn:r15004
 2008-06-07 04:56:08 +00:00
Roger Dingledine
ca416a78e3 When we switched to using v3 directories, we threw away the part of 
the "do we have enough directory info?" calculation that checked
how many relays we believed to still be running based on our own
experience. So if we went offline, we never gave up trying to make
new circuits; worse, when we came back online we didn't recognize
that we should give all the relays another chance. Bugfix on
0.2.0.9-alpha; fixes bugs 648 and 675.


svn:r14970
 2008-06-05 10:57:09 +00:00
Roger Dingledine
953ca6d840 forward-port the 0.2.0.27-rc changelog 
svn:r14967
 2008-06-05 06:27:58 +00:00
Nick Mathewson
61ac80a914 Ouch. We were sometimes getting openssl compression by default. This is pointless for us, since the overwhelming majority of our cells are encrypted, full of compressed data, or both. This is also harmful, since doing piles of compression is not cheap. Backport candidate once more tested. 
svn:r14830
 2008-05-29 14:39:56 +00:00
Nick Mathewson
ac330d9ba7 New code to implement proposal for local geoip stats. Only enabled with --enable-geoip-stats passed to configure. 
svn:r14802
 2008-05-29 02:29:35 +00:00
Nick Mathewson
6bfa96bfc7 Fix bug noted by roger: rebuild extrainfo store from time to time, even if we have never actually downloaded an extrainfo. Bridge authorities need this, or they never clean the extrainfo store. 
svn:r14792
 2008-05-29 00:44:57 +00:00
Nick Mathewson
bd3b86df3b Several geoip changes/fixes as requested. 
svn:r14780
 2008-05-28 18:31:57 +00:00
Nick Mathewson
4ea2a4595e Fix the first part of bug 681, as suggested by Robert Hogan on or-talk. 
svn:r14754
 2008-05-27 21:02:36 +00:00
Nick Mathewson
9975c4f6f8 Fix part of bug 681: always reattach tunneled directory connections, regardless of the setting for LeaveStreamsUnattached 
svn:r14750
 2008-05-27 20:26:40 +00:00
Roger Dingledine
a318214f9b and forward-port the 0.2.0.26-rc notes 
svn:r14692
 2008-05-23 11:54:46 +00:00
Nick Mathewson
da67500336 If the user has an openssl that supports my "release buffer ram" patch, use it. 
svn:r14671
 2008-05-19 18:13:00 +00:00
Nick Mathewson
0b6b356f71 r19725@catbus: nickm | 2008-05-13 08:47:18 -0400 
Forward-port: update authority keys affected by Debian OpenSSL bug (See CVE-2008-0166 or http://lists.debian.org/debian-security-announce/2008/msg00152.html )


svn:r14603
 2008-05-13 12:47:27 +00:00
Nick Mathewson
e1ef199cf6 r19714@catbus: nickm | 2008-05-12 17:11:47 -0400 
Fwdport Bugfix: an authority signature is "unrecognized" if we lack a dirserver entry for it, even if we have an older cached certificate that says it is recognized.  This affects clients who remove entries from their dirserver list without clearing their certificate cache.


svn:r14597
 2008-05-12 21:12:21 +00:00
Nick Mathewson
f3f6ecef48 r19690@catbus: nickm | 2008-05-11 22:13:31 -0400 
Implement a proposal to let a directory authority migrate its identity key without ceasing to sign consensuses.


svn:r14584
 2008-05-12 02:14:01 +00:00
Roger Dingledine
db874621f4 forward-port recent releases 
svn:r14558
 2008-05-05 04:08:49 +00:00
Peter Palfrader
3185099126 And a changelog entry 
svn:r14454
 2008-04-24 15:51:55 +00:00
Nick Mathewson
d02d6660a8 r15308@tombo: nickm | 2008-04-23 16:46:48 -0400 
Free baddir and badexit policy lists on exit.  fixes bug 672. only affects authorities.


svn:r14431
 2008-04-23 20:47:53 +00:00
Nick Mathewson
41929c2684 r15287@tombo: nickm | 2008-04-22 17:09:25 -0400 
Periodically launch requests for server/authority.z when it might help us learn our IP.  Fix for bug 652.


svn:r14418
 2008-04-22 21:10:41 +00:00
Roger Dingledine
d72b256f4f When we choose to abandon a new entry guard because we think our 
older ones might be better, close any circuits pending on that
new entry guard connection. Bugfix on 0.1.2.8-beta; found by lodger.


svn:r14417
 2008-04-22 18:38:25 +00:00
Nick Mathewson
bc95a4dbcb r15283@tombo: nickm | 2008-04-22 13:43:45 -0400 
Correctly notify one-hop connections when a circuit build has failed. possible fix for bug 669. found by lodger.


svn:r14415
 2008-04-22 17:44:28 +00:00
Nick Mathewson
21592ad429 r15278@tombo: nickm | 2008-04-22 13:17:37 -0400 
Apply patch from mwenge to fix bug 646: makes stream events for dns requests get generated more consistently.


svn:r14413
 2008-04-22 17:21:12 +00:00
Nick Mathewson
ef9c34688c r15273@tombo: nickm | 2008-04-22 12:32:28 -0400 
apply patch from lodger: reject requests for reverse-dns lookup of names in private address space.  make non-exits reject all dns requests.  Fixes bug 619.


svn:r14410
 2008-04-22 16:32:55 +00:00
Nick Mathewson
6e979489dc r15269@tombo: nickm | 2008-04-22 12:23:30 -0400 
Fix bug 663: warn less verbosely about clock skew from netinfo cells


svn:r14408
 2008-04-22 16:23:47 +00:00
Nick Mathewson
299014b2c7 r15251@tombo: nickm | 2008-04-22 11:59:46 -0400 
On platforms using pthreads, allow a thread to acquire a lock it already holds.  This is crucial for logging: otherwise any log message thrown from inside the logging process (especially from control.c) will deadlock.  Win32 CriticalSections are already recursive.  Bug spotted by nwf.  Bugfix on 0.2.0.16-alpha.  Backport candidate. I hope this is portable.


svn:r14406
 2008-04-22 15:59:59 +00:00
Nick Mathewson
1b9c06ab96 r15230@tombo: nickm | 2008-04-17 16:18:08 -0400 
Do not allocate excess space for named_flag and unnamed_flag in dirvote.c.  Fixes bug 662.  Not a dangerous bug: sizeof(int*) is at least as big as sizeof(int) everywhere.


svn:r14391
 2008-04-17 20:23:13 +00:00
Roger Dingledine
335e264fbb X *still* hasn't fixed its (*%#(*ing copy and paste bug? in how 
many years?


svn:r14354
 2008-04-11 03:44:50 +00:00
Roger Dingledine
fb8dadc5b6 and forward-port that 
svn:r14352
 2008-04-11 03:43:16 +00:00
Nick Mathewson
b927ede48c r15161@31-33-107: nickm | 2008-04-10 11:11:58 -0400 
Make dumpstats() log the size and fullness of openssl-internal buffers, so I can test my hypothesis that many of them are empty, and my alternative hypothesis that many of them are mostly empty, against the null hypothesis that we really need to be burning 32K per open OR connection on this.


svn:r14350
 2008-04-10 15:12:24 +00:00
Nick Mathewson
20cf4d1f09 r19283@catbus: nickm | 2008-04-09 21:44:18 -0400 
The optimist calls the glass half full.  The pessimist calls it half empty.  The engineer says it is twice as large as it needs to be.  In this case, the engineer says that the default smartlist size is twice as large as it needs to be and wouldn't it be nice to save half a megabyte with a one-line patch?


svn:r14341
 2008-04-10 01:44:23 +00:00
Nick Mathewson
186df044cd r19262@catbus: nickm | 2008-04-09 14:05:20 -0400 
When writing relay cells to a buffer, update timestamp_last_added_nonpadding.  Bugfix on 0.2.0.1-alpha. Backport candidate.


svn:r14329
 2008-04-09 18:05:47 +00:00
Nick Mathewson
a627407fcb r19233@catbus: nickm | 2008-04-08 13:06:34 -0400 
When we remove old routers, use Bloom filters rather than a digestmap-based set in order to tell which ones we absolutely need to keep.  This will save us roughly a kazillion little short-lived allocations for hash table entries.


svn:r14318
 2008-04-08 17:06:41 +00:00
Nick Mathewson
2d68487e7f r19229@catbus: nickm | 2008-04-07 12:28:22 -0400 
Add a new SMARTLIST_FOREACH_JOIN macro to iterate through two sorted lists in lockstep.  This happens at least 3 times in the code so far, and is likely to happen more in the future.  Previous attempts to do so proved touchy, tricky, and error-prone: now, we only need to get it right in one place.


svn:r14309
 2008-04-07 16:28:34 +00:00
Peter Palfrader
53e656eaa6 A changelog entry for r14277 
svn:r14278
 2008-04-01 21:07:45 +00:00
Peter Palfrader
9d132fbde6 Add --hush switch. 
New --hush command-line option similar to --quiet.  While --quiet disables all
logging to the console on startup, --hush limits the output to messages of
warning and error severity.


svn:r14222
 2008-03-27 17:25:49 +00:00
Nick Mathewson
9ee7f6e826 r19105@catbus: nickm | 2008-03-27 13:01:47 -0400 
oops. Note bug number in changelog.


svn:r14220
 2008-03-27 17:01:52 +00:00
Nick Mathewson
12b217bce8 r19091@catbus: nickm | 2008-03-27 12:42:57 -0400 
Stop reading torrc when all we want to do is --hash-password.  Fix based on patch from Sebastian Hahn. Backport candidate.


svn:r14214
 2008-03-27 16:46:34 +00:00
Nick Mathewson
02acee891c r19089@catbus: nickm | 2008-03-27 11:05:23 -0400 
Free some static hashtables and the log mutex on exit. Backport candidate.


svn:r14212
 2008-03-27 15:05:28 +00:00
Nick Mathewson
fa15ed4b7b r19079@catbus: nickm | 2008-03-26 17:16:46 -0400 
Free authority certs on exit.  Backport candidate.


svn:r14205
 2008-03-26 21:16:56 +00:00
Nick Mathewson
944bd3dbed r19074@catbus: nickm | 2008-03-26 17:08:32 -0400 
Start new address policies with refcount of 1, not 2.  Backport candidate once tested more.


svn:r14204
 2008-03-26 21:08:39 +00:00
Nick Mathewson
745f3c859a r19066@catbus: nickm | 2008-03-26 13:24:15 -0400 
Initialize logging before we log anything.  Bugfix on 0.2.0.x-alpha.


svn:r14199
 2008-03-26 17:25:16 +00:00
Nick Mathewson
e4ebe3409e r19049@catbus: nickm | 2008-03-26 12:33:25 -0400 
Add new stacklike, free-all-at-once memory allocation strategy.  Use it when parsing directory information.  This helps parsing speed, and may well help fragmentation some too.  hidden-service-related stuff still uses the old tokenizing strategies.


svn:r14194
 2008-03-26 16:33:33 +00:00
Roger Dingledine
55ca7e15fb forward-port the 0.2.0.23-rc changelog 
svn:r14181
 2008-03-25 18:36:16 +00:00
Nick Mathewson
41deb5cd7b r19039@catbus: nickm | 2008-03-25 12:15:58 -0400 
Add some unit tests, particularly for AES counter mode.


svn:r14180
 2008-03-25 16:16:05 +00:00
Nick Mathewson
b5b77f8bf3 r19004@catbus: nickm | 2008-03-21 15:18:43 -0400 
Use RAND_poll() again: the bug that made us stop using it has been fixed.


svn:r14150
 2008-03-21 19:18:57 +00:00
Nick Mathewson
64f38f217a r19003@catbus: nickm | 2008-03-21 15:13:57 -0400 
Make --enable-gcc-warnings work under the recently released GCC 4.3.


svn:r14149
 2008-03-21 19:18:54 +00:00
Roger Dingledine
3fb922f4d5 correct the 0.2.0.22-rc changelog in trunk 
svn:r14118
 2008-03-19 00:23:07 +00:00
Nick Mathewson
e96d22e914 r18941@catbus: nickm | 2008-03-18 14:59:43 -0400 
Likely fix for bug 632: do not call start_reading on a placeholder connection.


svn:r14109
 2008-03-18 19:00:12 +00:00
Nick Mathewson
a62a24036d r18937@catbus: nickm | 2008-03-18 14:50:39 -0400 
Fix the other lingering part of bug 617: make ClientDNSRejectInternalAddresses actually work.


svn:r14107
 2008-03-18 18:51:34 +00:00
Nick Mathewson
7dd78f1576 r18929@catbus: nickm | 2008-03-18 12:08:16 -0400 
Detect errors from directory listing correctly on win32.  Bug found by lodger.


svn:r14102
 2008-03-18 16:08:49 +00:00
Nick Mathewson
05f5d778a2 r18919@catbus: nickm | 2008-03-18 10:53:38 -0400 
Forward-port bug 622 fix as diagnosed by lodger.


svn:r14096
 2008-03-18 14:53:41 +00:00
Roger Dingledine
2117abbe3f forward-port the 0.2.0.22-rc changelog entry, plus remove 
some duplicate items.


svn:r14086
 2008-03-18 02:39:34 +00:00
Nick Mathewson
9a24158c69 r18880@catbus: nickm | 2008-03-17 12:51:24 -0400 
Fix policy-related crash bug found by lodger.


svn:r14077
 2008-03-17 16:51:48 +00:00
Peter Palfrader
0cccf7375b And use 16k pages on ia64. Maybe this should be a configure thing 
svn:r14073
 2008-03-17 09:46:18 +00:00
Nick Mathewson
e6b617bf05 r18872@catbus: nickm | 2008-03-16 23:56:48 -0400 
Only dump all guard node status to the log when the guard node status actually changes.  Downgrade the 4 most common remaining INFO log messages to DEBUG.


svn:r14069
 2008-03-17 04:07:51 +00:00
Nick Mathewson
c59f66709d r18862@catbus: nickm | 2008-03-16 23:33:11 -0400 
Part of fix for bug 617: allow connection_ap_handshake_attach_circuit() to mark connections, to avoid double-mark warnings.  Note that this is an incomplete refactoring.


svn:r14066
 2008-03-17 03:37:54 +00:00
Nick Mathewson
0b941640df r18852@catbus: nickm | 2008-03-16 22:47:19 -0400 
Downgrade "sslv3 alert handshake failure" message to info.


svn:r14057
 2008-03-17 02:47:49 +00:00
Nick Mathewson
b29f763ee1 r18850@catbus: nickm | 2008-03-16 22:35:38 -0400 
Use 8k pages in openbsd malloc code on alpha. Bug and solution found by weasel.  Also, when initializing openbsd malloc code, check that compiled page size matches output of getpagesize().


svn:r14056
 2008-03-17 02:47:40 +00:00
Nick Mathewson
0c6fc51909 r18793@catbus: nickm | 2008-03-13 14:09:19 -0400 
Add a malloc_good_size() implementation to OpenBSD_malloc_Linux.c.  Also, make configure.in not use support functions for the platform malloc when we are not using the platform mallocs.


svn:r14010
 2008-03-13 18:11:33 +00:00
Peter Palfrader
56580ae84e Add a changelog entry for rr14003/r14005 
svn:r14007
 2008-03-13 16:56:20 +00:00
Peter Palfrader
e6b2d119e8 Assert that severity in logv() is sane. Interesting effects otherwise (It is being used as an array index) 
svn:r14006
 2008-03-13 16:56:14 +00:00
Nick Mathewson
cad3d651d0 r18783@catbus: nickm | 2008-03-13 11:06:45 -0400 
Oops, do a better fix for that.


svn:r14001
 2008-03-13 15:06:49 +00:00
Nick Mathewson
ac6cc43047 r18781@catbus: nickm | 2008-03-13 11:00:51 -0400 
Have OpenBSD_malloc_Linux.c use SIZE_T_MAX from torint.h, instead of checking cpu macros.  There is always one more cpu you havent checked for.


svn:r14000
 2008-03-13 15:06:26 +00:00
Nick Mathewson
4d32c2e81f r18751@catbus: nickm | 2008-03-11 14:22:43 -0400 
Fix for bug 614: always look at the network BIO for the SSL object, not at the buffering BIO (if one exists because we are renegotiating or something).  Bugfix on 0.1.2.x, oddly enough, though it should be impossible to trigger the problem there.  Backport candidate.  See comments in tortls.c for detailed implementation note.


svn:r13975
 2008-03-11 18:22:49 +00:00
Nick Mathewson
24f91d2876 r18747@catbus: nickm | 2008-03-11 13:21:25 -0400 
Request client certs when renegotiating on server-side. Spotted by lodger.  Bugfix on 0.2.0.x.


svn:r13973
 2008-03-11 17:21:44 +00:00
Nick Mathewson
4b65ea0ec0 r18730@catbus: nickm | 2008-03-11 00:47:04 -0400 
Forward-port: Fix the SVK version detection logic to work right on a branch: tolerate multiple "copied from" tags and only look at the first.


svn:r13959
 2008-03-11 04:47:07 +00:00
Nick Mathewson
8b24e01599 r18723@catbus: nickm | 2008-03-11 00:25:30 -0400 
Fix bug spotted by mwenge: a server_event should not be a sever_event.  Also, fix compile errors in config.c and control.c with --enable-gcc-warnings.


svn:r13957
 2008-03-11 04:30:14 +00:00
Nick Mathewson
f56ba5f3d6 r18630@catbus: nickm | 2008-03-05 17:31:33 -0500 
Implement domain-selection for logging.  Source is documented; needs documentation in manpage (maybe).  For now, see doxygen comment on parse_log_severity_config in log.c


svn:r13875
 2008-03-05 22:31:39 +00:00
Roger Dingledine
5bf0a01011 forward-port r13799 and the 0.2.0.21-rc changelog 
svn:r13808
 2008-03-02 22:29:04 +00:00
Nick Mathewson
77d1654c50 r18535@catbus: nickm | 2008-03-01 09:58:33 -0500 
Whoo.  People diagnosed and fixed bug 616. See changelog for details.  Bugfix on 0.2.0.20-rc.


svn:r13793
 2008-03-01 14:59:03 +00:00
Roger Dingledine
c5a7ff8e43 forward-port r13777 
svn:r13778
 2008-02-29 01:45:06 +00:00
Nick Mathewson
eefe2a3562 r18462@catbus: nickm | 2008-02-27 14:15:57 -0500 
Add better warnings for the error that produced bug 614, and downgrade from a tor_assert() to a tor_fragile_assert().


svn:r13752
 2008-02-27 19:19:34 +00:00
Roger Dingledine
f24b7a3f8f a blurb for 0.2.0.20-rc 
svn:r13732
 2008-02-26 03:11:37 +00:00
Roger Dingledine
3dd9a3a23a bump to 0.2.0.20-rc 
svn:r13715
 2008-02-25 00:39:58 +00:00
Nick Mathewson
ee8dce3084 r14421@tombo: nickm | 2008-02-24 17:05:18 -0500 
Patch from mwenge: always willingly serve our own extrainfo from the controlport


svn:r13699
 2008-02-24 22:11:12 +00:00
Nick Mathewson
dde81de3dd r14419@tombo: nickm | 2008-02-24 16:55:11 -0500 
Patch from tup: use sizeof sockaddr_un as the size of a unix sockaddr.  Fixes unix controlsocket binding on openbsd.


svn:r13697
 2008-02-24 22:11:00 +00:00
Roger Dingledine
31f72a3d80 Servers that don't know their own IP address should go to the 
authorities for their first directory fetch, even if their DirPort
is off or if they don't know they're reachable yet. This will help
them bootstrap better. Bugfix on 0.2.0.18-alpha; fixes bug 609.


svn:r13688
 2008-02-23 23:39:16 +00:00