Sebastian Hahn
1f5c5624f4
Use dead_strip to reduce binary size on OS X
...
This option seems to be supported all the way back to at least 10.4, so
enabling it for OS X in general should be fine. If not, someone will
yell.
With no libs statically linked, that's a 3% win in binary size, with
just libevent linked statically, this gives us an advantage of 5% in
terms of binary size, and with libevent and openssl statically linked,
we gain over 18% or over 500KB.
Implements ticket 2915.
2012-01-20 23:30:53 +01:00
Nick Mathewson
26e789fbfd
Rename nonconformant identifiers.
...
Fixes bug 4893.
These changes are pure mechanical, and were generated with this
perl script:
/usr/bin/perl -w -i.bak -p
s/crypto_pk_env_t/crypto_pk_t/g;
s/crypto_dh_env_t/crypto_dh_t/g;
s/crypto_cipher_env_t/crypto_cipher_t/g;
s/crypto_digest_env_t/crypto_digest_t/g;
s/aes_free_cipher/aes_cipher_free/g;
s/crypto_free_cipher_env/crypto_cipher_free/g;
s/crypto_free_digest_env/crypto_digest_free/g;
s/crypto_free_pk_env/crypto_pk_free/g;
s/_crypto_dh_env_get_dh/_crypto_dh_get_dh/g;
s/_crypto_new_pk_env_rsa/_crypto_new_pk_from_rsa/g;
s/_crypto_pk_env_get_evp_pkey/_crypto_pk_get_evp_pkey/g;
s/_crypto_pk_env_get_rsa/_crypto_pk_get_rsa/g;
s/crypto_new_cipher_env/crypto_cipher_new/g;
s/crypto_new_digest_env/crypto_digest_new/g;
s/crypto_new_digest256_env/crypto_digest256_new/g;
s/crypto_new_pk_env/crypto_pk_new/g;
s/crypto_create_crypto_env/crypto_cipher_new/g;
s/connection_create_listener/connection_listener_new/g;
s/smartlist_create/smartlist_new/g;
s/transport_create/transport_new/g;
2012-01-18 15:53:30 -05:00
Nick Mathewson
d1b40cf2e7
Merge remote-tracking branch 'public/bug4533_part1'
...
Conflicts:
src/common/compat.h
2012-01-18 15:33:04 -05:00
Nick Mathewson
1772782e42
Merge remote-tracking branch 'origin/maint-0.2.2'
2012-01-18 15:29:41 -05:00
Nick Mathewson
6d595fa4cf
Merge remote-tracking branch 'public/bug4533_part2' into maint-0.2.2
2012-01-18 15:29:25 -05:00
Nick Mathewson
b14ac10b7f
Add missing documentation for some options introduced in 0.2.3.x
2012-01-18 14:50:13 -05:00
Nick Mathewson
93d3a917e8
Merge remote-tracking branch 'origin/maint-0.2.2'
2012-01-18 14:45:18 -05:00
Nick Mathewson
676bba8e0c
Documentation for GiveGuardFlagTo... option
2012-01-18 14:44:29 -05:00
Nick Mathewson
ee717f35c4
Use tor_socket_t, not unsigned, in tor-fw-helper-natmp.c
2012-01-18 13:14:44 -05:00
Nick Mathewson
dd4b1a2ac6
Fix SOCKET_OK test on win64.
...
Bugfix on 0.2.2.29-beta; partial fix for 4533; found by wanoskarnet
2012-01-18 10:48:29 -05:00
Nick Mathewson
dea0720dad
Warn if sizeof(tor_socket_t) != sizeof(SOCKET)
2012-01-17 16:38:47 -05:00
Nick Mathewson
6e8c2a3e46
Use SOCKET_OK macros in even more places
...
Add a TOR_INVALID_SOCKET macro to wrap -1/INVALID_SOCKET.
Partial work for bug4533.
2012-01-17 16:35:07 -05:00
Nick Mathewson
875a54dad3
Merge remote-tracking branch 'public/bug3325'
2012-01-16 15:10:38 -05:00
Nick Mathewson
5579bc0eaf
whitespace fixes
2012-01-16 15:07:47 -05:00
Nick Mathewson
cc02823d7f
Convert instances of tor_snprintf+strdup into tor_asprintf
...
These were found by looking for tor_snprintf() instances that were
followed closely by tor_strdup(), though I probably converted some
other snprintfs as well.
2012-01-16 15:03:13 -05:00
Nick Mathewson
edcc9981d8
Try to use smartlist_add_asprintf consistently
...
(To ensure correctness, in every case, make sure that the temporary
variable is deleted, renamed, or lowered in scope, so we can't have
any bugs related to accidentally relying on the no-longer-filled
variable.)
2012-01-16 15:02:51 -05:00
Nick Mathewson
125fba2e99
Provide consensus params to constrain the threshold for Fast
...
resolves ticket 3946
2012-01-16 14:50:13 -05:00
Nick Mathewson
938531773a
Allow authorities to baddir/badexit/invalid/reject nodes by cc
...
Implements ticket #4207
2012-01-13 12:28:47 -05:00
Nick Mathewson
2cddd1d69f
Move logging of bad hostnames into parse_extended_hostname
...
This fixes bug 3325, where a bad .exit would get logged as a bad .onion
2012-01-11 15:56:14 -05:00
Nick Mathewson
411cf8f714
Make openssl 0.9.8l log message accurate
...
fixes 4837
2012-01-11 15:41:46 -05:00
Nick Mathewson
f729e1e984
Merge branch 'feature3457-v4-nm-squashed'
...
Conflicts:
src/or/rendclient.c
2012-01-11 12:10:14 -05:00
Nick Mathewson
5e9d349979
Merge remote-tracking branch 'public/bug4650_nm_squashed'
2012-01-10 17:59:49 -05:00
Nick Mathewson
eefe8857c2
changes file for bug4746
2012-01-10 16:53:27 -05:00
Nick Mathewson
8d74fba651
Merge branch 'absolute_cookie_file'
2012-01-10 15:00:02 -05:00
Nick Mathewson
3085b76a09
changes file for #4881
2012-01-10 14:59:49 -05:00
Nick Mathewson
d29a390733
Test for broken counter-mode at runtime
...
To solve bug 4779, we want to avoid OpenSSL 1.0.0's counter mode.
But Fedora (and maybe others) lie about the actual OpenSSL version,
so we can't trust the header to tell us if it's safe.
Instead, let's do a run-time test to see whether it's safe, and if
not, use our built-in version.
fermenthor contributed a pretty essential fixup to this patch. Thanks!
2012-01-10 11:15:35 -05:00
Nick Mathewson
5741aef3dc
We no longer need to detect openssl without RAND_poll()
...
We require openssl 0.9.7 or later, and RAND_poll() was first added in
openssl 0.9.6.
2012-01-10 10:40:31 -05:00
Nick Mathewson
85c7d7659e
Add macros to construct openssl version numbers
...
It's a pain to convert 0x0090813f to and from 0.9.8s-release on the
fly, so these macros should help.
2012-01-10 10:40:30 -05:00
Sebastian Hahn
6b9298ef72
Log which votes we still need to fetch
...
This might help us see which authorities are problematic in getting
their vote published the first time.
2012-01-10 16:13:30 +01:00
Sebastian Hahn
50a50392b7
Advertise dirport if accountingmax is large enough
...
When we have an effective bandwidthrate configured so that we cannot
exceed our bandwidth limit in one accounting interval, don't disable
advertising the dirport. Implements ticket 2434.
2012-01-10 09:59:36 -05:00
Nick Mathewson
489db38229
Revise bug4413 changes file
2012-01-09 19:18:48 -05:00
Stephen Palmateer
3fadc074ca
Remove (untriggerable) overflow in crypto_random_hostname()
...
Fixes bug 4413; bugfix on xxxx.
Hostname components cannot be larger than 63 characters.
This simple check makes certain randlen cannot overflow rand_bytes_len.
2012-01-09 19:05:05 -05:00
Nick Mathewson
838ec086be
Merge remote-tracking branch 'origin/maint-0.2.2'
2012-01-09 12:22:29 -05:00
Nick Mathewson
6fd61cf767
Fix a trivial log message error in renservice.c
...
Fixes bug 4856; bugfix on 0.0.6
This bug was introduced in 79fc5217
, back in 2004.
2012-01-09 12:21:04 -05:00
Roger Dingledine
36721e940d
fold in some new changelog stanzas
2012-01-07 07:42:07 -05:00
Nick Mathewson
37c90319e2
Add a changes file for bug4563
2012-01-06 11:42:00 -05:00
Nick Mathewson
ef69f2f2ab
Merge remote-tracking branch 'origin/maint-0.2.2'
2012-01-05 14:17:44 -05:00
Nick Mathewson
ccd8289958
Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
2012-01-05 14:16:30 -05:00
Nick Mathewson
0a00678e56
Add a changes file for bug4822
2012-01-05 12:28:55 -05:00
Roger Dingledine
9bfb8af265
Merge branch 'maint-0.2.2'
2012-01-05 06:55:34 -05:00
Roger Dingledine
a1074c7aa2
Merge branch 'maint-0.2.1' into maint-0.2.2
2012-01-05 06:45:28 -05:00
Roger Dingledine
df17b62d54
add a changes file for ticket 4825
2012-01-05 06:42:26 -05:00
Nick Mathewson
ff282a1126
changes file for bug4650
2012-01-04 15:12:02 -05:00
Nick Mathewson
65420e4cb5
Merge remote-tracking branch 'rransom-tor/bug1297b-v2'
2012-01-04 13:50:24 -05:00
Nick Mathewson
47b7a27929
Merge remote-tracking branch 'origin/maint-0.2.2'
2012-01-03 13:22:34 -05:00
Sebastian Hahn
d861b4cc9d
Fix spelling in a controlsocket log msg
...
Fixes bug 4803.
2011-12-30 23:27:02 +01:00
Nick Mathewson
bfae41328e
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-12-28 16:52:31 -05:00
Nick Mathewson
84bf8e3808
Merge remote-tracking branch 'public/bug4788' into maint-0.2.2
2011-12-28 16:50:45 -05:00
Nick Mathewson
f71d63ec9d
changes file for bug1827
2011-12-28 16:40:15 -05:00
Nick Mathewson
e3a6493898
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-12-28 15:57:48 -05:00
Nick Mathewson
c563551eef
Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
2011-12-28 15:56:37 -05:00
Nick Mathewson
120a745346
Bug 4786 fix: don't convert EARLY to RELAY on v1 connections
...
We used to do this as a workaround for older Tors, but now it's never
the correct thing to do (especially since anything that didn't
understand RELAY_EARLY is now deprecated hard).
2011-12-28 15:54:06 -05:00
Robert Ransom
2b189a222b
Don't exit when marking a newly created _C_INTRODUCING circ for close
2011-12-28 09:02:14 -08:00
Nick Mathewson
9bcb187387
Authorities reject insecure Tors.
...
This patch should make us reject every Tor that was vulnerable to
CVE-2011-0427. Additionally, it makes us reject every Tor that couldn't
handle RELAY_EARLY cells, which helps with proposal 110 (#4339 ).
2011-12-27 21:47:04 -05:00
Nick Mathewson
78f43c5d03
Require openssl 1.0.0a for using openssl's ctr-mode implementation
...
Previously we required 1.0.0, but there was a bug in the 1.0.0 counter
mode. Found by Pascal. Fixes bug 4779.
A more elegant solution would be good here if somebody has time to code
one.
2011-12-27 20:31:23 -05:00
Robert Ransom
836161c560
Add an option to close HS service-side rend circs on timeout
2011-12-27 08:02:43 -08:00
Robert Ransom
f88c8ca8c9
Don't close HS service-side rend circs on timeout
2011-12-27 08:02:43 -08:00
Robert Ransom
078e3e9dd5
Add an option to close 'almost-connected' HS client circs on timeout
2011-12-27 08:02:43 -08:00
Robert Ransom
4b13c33c0c
Don't close HS client circs which are 'almost connected' on timeout
2011-12-27 08:02:42 -08:00
Nick Mathewson
85d7811456
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-12-26 17:58:51 -05:00
Roger Dingledine
3aade2fab7
Merge remote-tracking branch 'nickm/prop110_v2'
2011-12-25 17:43:09 -05:00
Sebastian Hahn
da876aec63
Provide correct timeradd/timersup replacements
...
Bug caught and patch provided by Vektor. Fixes bug 4778.t
2011-12-25 23:19:08 +01:00
Robert Ransom
4c3a23b283
Look up the rend circ whose INTRODUCE1 is being ACKed correctly
...
This change cannibalizes circuit_get_by_rend_query_and_purpose because it
had exactly one caller.
2011-12-22 23:46:09 -08:00
Nick Mathewson
7cb804343b
Merge remote-tracking branch 'rransom/feature2411-v4'
2011-12-22 10:51:39 -05:00
Nick Mathewson
782b7f49d8
Fix bug2571: warn on EntryNodes set and UseEntryGuards disabled
2011-12-22 10:31:52 -05:00
Nick Mathewson
e0651bb108
Changes file for bug1101
2011-12-22 10:20:38 -05:00
Nick Mathewson
0187bd8728
Implement the last of proposal 110
...
Reject all EXTEND requests not received in a relay_early cell
2011-12-22 09:51:59 -05:00
Nick Mathewson
878a684386
Merge remote-tracking branch 'public/bug4697'
2011-12-22 09:45:26 -05:00
Nick Mathewson
f75660958c
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-12-21 11:20:56 -05:00
Nick Mathewson
b5e6bbc01d
Do not even try to keep going on a socket with socklen==0
...
Back in #1240 , r1eo linked to information about how this could happen
with older Linux kernels in response to nmap. Bugs #4545 and #4547
are about how our approach to trying to deal with this condition was
broken and stupid. Thanks to wanoskarnet for reminding us about #1240 .
This is a fix for the abovementioned bugs, and is a bugfix on
0.1.0.3-rc.
2011-12-21 11:19:41 -05:00
Nick Mathewson
d7531b2adc
duplicate changelog entry for 4531
2011-12-20 14:51:34 -05:00
Nick Mathewson
4080ac9eee
Merge branch 'bug3825b-v8-squashed'
2011-12-20 11:15:49 -05:00
Robert Ransom
dae000735e
Adjust n_intro_points_wanted when a service's intro points are closed
2011-12-20 11:15:33 -05:00
Nick Mathewson
9cabedd3eb
Explain why we are making gcc 3.3 work
2011-12-19 11:29:03 -05:00
Martin Hebnes Pedersen
d5e964731c
Fixed build with GCC < 3.3
...
Preprocessor directives should not be put inside the arguments
of a macro. This is not supported on older GCC releases (< 3.3)
thus broke compilation on Haiku (running gcc2).
2011-12-19 11:27:08 -05:00
Nick Mathewson
e5e50d86ca
Ignore all bufferevent events on a marked connection
...
Bug 4697; fix on 0.2.3.1-alpha
2011-12-17 14:06:10 -05:00
Peter Palfrader
597e428df6
And a changes file for bug#4733
2011-12-17 12:21:56 -05:00
Nick Mathewson
cefff11950
Merge remote-tracking branch 'sebastian/clang-3.0-fixes_022' into maint-0.2.2
2011-12-16 17:49:41 -05:00
Nick Mathewson
9df0bf7a40
Merge remote-tracking branch 'sebastian/clang-3.0-fixes_master'
2011-12-16 17:48:25 -05:00
Nick Mathewson
a7b5e72463
Changelog and blurb for 0.2.3.10-alpha
2011-12-15 11:59:09 -05:00
Nick Mathewson
e402edd960
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-12-15 11:32:49 -05:00
Nick Mathewson
562c974ee7
Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
2011-12-15 11:28:44 -05:00
Nick Mathewson
9d0777839b
Add a fix for the buf_pullup bug that Vektor reported
2011-12-15 11:28:24 -05:00
Nick Mathewson
960f62bd82
Start a section for the 0.2.3.10-alpha changelog
2011-12-14 16:03:58 -05:00
Sebastian Hahn
bcca541da9
Build with warnings and clang 3.0
...
--enable-gcc-warnings enables two warnings that clang doesn't support,
so the build fails. We had hoped clang 3.0 would add those, but it
didn't, so let's just always disable those warnings when building with
clang. We can still fix it later once they add support
2011-12-13 07:43:53 +01:00
Robert Ransom
d688a40a0e
Don't crash on startup of a dormant relay
...
If a relay is dormant at startup, it will call init_keys before
crypto_set_tls_dh_prime. This is bad. Let's make it not so bad, because
someday it *will* happen again.
2011-12-12 11:25:55 -08:00
Sebastian Hahn
e4cebb76c5
Fix compilation of natpmp-helper on non-windows
...
Fixes a small oversight in 5dbfb1b3e0
.
2011-12-10 03:25:40 +01:00
Robert Ransom
832bfc3c46
Clear stream-isolation state on rend circs if needed to attach streams
...
Fixes bug 4655; bugfix on 0.2.3.3-alpha.
2011-12-09 11:28:42 -05:00
Roger Dingledine
630337e762
Merge branch 'maint-0.2.2'
2011-12-08 04:40:30 -05:00
Roger Dingledine
0582746e0d
Merge branch 'maint-0.2.1' into maint-0.2.2
2011-12-08 04:40:15 -05:00
Roger Dingledine
06b10ccdc4
fold in changes files
2011-12-08 04:38:37 -05:00
Karsten Loesing
ff2c9acbb3
Update to the December 2011 GeoIP database.
2011-12-08 09:55:44 +01:00
Robert Ransom
b5a21d79d8
Add changes file for feature2553
2011-12-07 04:44:13 -08:00
Nick Mathewson
4f47db3280
Merge remote-tracking branch 'sebastian/coverity'
2011-12-05 11:56:03 -05:00
Sebastian Hahn
60c330a251
cid 432: Remove dead code if we don't handle a consensus
...
Bugfix on 0.2.3.1, fixes the second half of bug 4637.
2011-12-04 17:36:23 +01:00
Robert Ransom
f5730d4698
Don't send two ESTABLISH_RENDEZVOUS cells when opening a new rend circ
2011-12-03 22:06:50 -08:00
Nick Mathewson
682a85ff7c
Don't just tell the controller "foo" on id mismatch
...
Fixes bug 4169; bugfix on 0.2.1.1-alpha.
2011-12-02 16:27:33 -05:00
Nick Mathewson
5303918091
Init conn->addr to "unspec" on cpuworker connections
...
Fixes bug 4532 reported by "troll_un"
2011-12-02 16:21:50 -05:00
Nick Mathewson
57ff9913b2
Merge remote-tracking branch 'origin/maint-0.2.2'
...
Conflicts:
src/or/connection_or.c
The conflict in src/or/connection_or.c is resolved by taking the
version in master, since e27a26d5
already fixed bug 4531 on master.
This merge just adds the changes file from 0.2.2.
2011-12-02 16:17:52 -05:00
Nick Mathewson
6171bdd105
Don't call tor_tls_set_logged_address till after checking conn->tls
...
Fixes bug 4531; partial backport of e27a26d5
.
2011-12-02 16:15:52 -05:00
Nick Mathewson
d9edee3a3b
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-12-02 16:10:17 -05:00
Nick Mathewson
2b5a035604
tor_accept_socket() should take tor_addr_t for listener arg
...
Fixes bug 4535; bugfix on 0.2.2.28-beta; found by "troll_un"
2011-12-02 16:09:16 -05:00
Nick Mathewson
cf14a520c8
Resolve bug 3448: remove mention of tor-ops (which is not in use)
2011-12-02 15:42:15 -05:00
Nick Mathewson
0920cd02f4
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-12-02 15:38:29 -05:00
Nick Mathewson
b7015603fa
Fix bug 4530; check return val of tor_addr_lookup correctly
...
Fix on 0.2.1.5-alpha; reported by troll_un
2011-12-02 15:37:24 -05:00
Nick Mathewson
3b88b63826
Merge branch 'bug933_nm_rebased_v2'
...
Conflicts:
src/test/test.c
2011-11-30 14:10:22 -05:00
Robert Hogan
c6d8c6baaa
bug933 - Match against super-domains in MapAddress
...
Allow MapAddress to handle directives such as:
MapAddress .torproject.org .torserver.exit
MapAddress .org 1.1.1.1
Add tests for addressmap_rewrite.
2011-11-30 14:08:10 -05:00
Nick Mathewson
29db095a35
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-11-30 12:41:08 -05:00
Linus Nordberg
192de441e0
Add changes file.
2011-11-30 11:55:46 -05:00
Nick Mathewson
628b735fe3
Merge remote-tracking branch 'rransom-tor/bug3460-v4'
...
Conflicts:
src/or/rendservice.c
2011-11-29 20:56:39 -05:00
Nick Mathewson
da6c136817
Merge remote-tracking branch 'asn-mytor/bug4548_take2'
2011-11-29 18:30:41 -05:00
Nick Mathewson
83f66db79e
Merge branch 'disable_network'
2011-11-29 17:52:23 -05:00
Nick Mathewson
df9b76460c
New 'DisableNetwork' option to prevent Tor from using the network
...
Some controllers want this so they can mess with Tor's configuration
for a while via the control port before actually letting Tor out of
the house.
We do this with a new DisableNetwork option, that prevents Tor from
making any outbound connections or binding any non-control
listeners. Additionally, it shuts down the same functionality as
shuts down when we are hibernating, plus the code that launches
directory downloads.
To make sure I didn't miss anything, I added a clause straight to
connection_connect, so that we won't even try to open an outbound
socket when the network is disabled. In my testing, I made this an
assert, but since I probably missed something, I've turned it into a
BUG warning for testing.
2011-11-28 15:44:10 -05:00
Nick Mathewson
230422b955
Support for a defaults torrc file.
...
This will mainly help distributors by giving a way to set system or package
defaults that a user can override, and that a later package can replace.
No promises about the particular future location or semantics for this:
we will probably want to tweak it some before 0.2.3.x-rc
The file is searched for in CONFDIR/torrc-defaults , which can be
overridden with the "--defaults-torrc" option on the command line.
2011-11-27 22:25:52 -05:00
Nick Mathewson
73436a1d6f
Add the ability to append and clear linelist options from cmdline
...
This will be important for getting stuff to work right across zones.
2011-11-27 21:32:51 -05:00
Nick Mathewson
9ce5801e22
Make linelists always overridden by the command line
...
This starts an effort to refactor torrc handling code to make it easier
to live with. It makes it possible to override exit policies from the
command line, and possible to override (rather than append to) socksport
lists from the command line.
It'll be necessary to make a "base" torrc implementation work at all.
2011-11-27 18:13:32 -05:00
Sebastian Hahn
e5e4bfd167
Implement consensus method 12 (proposal 178)
2011-11-27 09:29:33 -05:00
George Kadianakis
efba71b03c
Add a changes file.
2011-11-27 09:03:37 +01:00
Roger Dingledine
58d1aa4402
fold in changes files so far
2011-11-25 19:24:42 -05:00
Nick Mathewson
e5f2f10844
Merge remote-tracking branch 'asn/bug4312'
2011-11-25 17:00:47 -05:00
Nick Mathewson
093e6724c7
Merge remote-tracking branch 'asn/bug3472_act2'
2011-11-25 16:00:31 -05:00
Nick Mathewson
cb8059b42d
Merge remote-tracking branch 'sebastian/pure_removal'
2011-11-25 14:54:04 -05:00
Sebastian Hahn
75d8ad7320
Purge ATTR_PURE from the code
...
We're using it incorrectly in many cases, and it doesn't help as far as
we know.
2011-11-25 17:57:50 +01:00
George Kadianakis
e2a189053d
Add a changes file.
2011-11-25 17:44:48 +01:00
Nick Mathewson
25c9e3aab9
Merge branch 'more_aes_hackery_rebased'
...
Conflicts:
changes/aes_hackery
2011-11-25 10:36:13 -05:00
Nick Mathewson
9814019a54
Use openssl's counter mode implementation when we have 1.0.0 or later
...
This shaves about 7% off our per-cell AES crypto time for me; the
effect for accelerated AES crypto should be even more, since the AES
calculation itself will make an even smaller portion of the
counter-mode performance.
(We don't want to do this for pre-1.0.0 OpenSSL, since our AES_CTR
implementation was actually faster than OpenSSL's there, by about
10%.)
Fixes issue #4526 .
2011-11-25 10:32:21 -05:00
Nick Mathewson
8143074b3f
Use EVP for AES only when hardware accel is present
...
Fixes bug 4525, fix on 0.2.3.8-alpha.
2011-11-25 10:32:00 -05:00
Peter Palfrader
fcf5c92e21
And add a changelog entry for the 4574 fix. ( closes : #4574 )
2011-11-25 10:04:49 -05:00
Peter Palfrader
d951e20426
And a changes file for bug3953
2011-11-24 23:58:25 -05:00
Nick Mathewson
916aa8022d
Basic support for a "make version" target to declare the source version
...
This is katmagic's idea. See issue 4400.
2011-11-24 23:53:18 -05:00
Nick Mathewson
3508de3cd6
Tweak disable_debugger_attachment a little
...
Don't warn when we have no implementation of this function (since it's
on-by-default); reformat the changes entry; fix an overlong line.
2011-11-24 23:39:52 -05:00
Nick Mathewson
68114ca52c
Merge remote-tracking branch 'ioerror/DisableDebuggerAttachment'
...
Conflicts:
src/or/config.c
2011-11-24 23:38:32 -05:00
Nick Mathewson
f634228a07
Merge remote-tracking branch 'public/feature4516'
2011-11-24 22:59:37 -05:00
Robert Ransom
17113448d2
Include circ creation time in CIRC events, etc.
2011-11-24 06:55:16 -08:00
Robert Ransom
88e0026d2f
Send CIRC2 event when a circuit is cannibalized
2011-11-24 06:55:06 -08:00
Robert Ransom
296b8d0b10
Add CIRC2 control-port event, and send it when a circ's purpose changes
2011-11-24 06:54:55 -08:00
Robert Ransom
104c50fedb
Log whenever a circuit's purpose is changed
2011-11-24 06:52:38 -08:00
Robert Ransom
d0ed7cbf8b
List service address in CIRC events for HS-related circs
2011-11-24 06:32:55 -08:00
Robert Ransom
c7d01b0541
Report HS circ states stored in circ purpose field in CIRC events
2011-11-24 06:32:55 -08:00
Robert Ransom
b7c765b1b1
Report circuit build_state flags in CIRC events
2011-11-24 06:32:54 -08:00
Sebastian Hahn
11221d0f17
Update check-spaces to remove false positive for timercmp macro
...
The timercmp macro uses triggers a "space between function name and
opening parentheses" warning for the check spaces script. Work around
this by simply disabling the check for all "functions" named 'op()'.
2011-11-24 09:29:45 +01:00
Sebastian Hahn
46d69cb915
Fix compile warning in tor_inet_pton() (on 64bit)
...
This slipped through into 0.2.3.8-alpha unfortunately.
2011-11-24 09:19:57 +01:00
Nick Mathewson
3ebe960f3f
Detect tor_addr_to_str failure in tor_dup_addr.
...
This avoids a possible strdup of an uninitialized buffer.
Fixes 4529; fix on 0.2.1.3-alpha; reported by troll_un.
2011-11-23 23:04:10 -05:00
Nick Mathewson
f067067ee6
Merge branch 'bug2474'
...
Had to resolve conflicts wrt the " (using bufferevents)" addition to the
startup string.
Conflicts:
src/or/main.c
2011-11-23 17:14:54 -05:00
Nick Mathewson
3890c81e7c
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-11-23 16:28:18 -05:00
Nick Mathewson
fbf1c5ee79
Merge remote-tracking branch 'public/bug4230' into maint-0.2.2
2011-11-23 16:22:26 -05:00
Roger Dingledine
b7b2041dbf
and rm the old ones
2011-11-21 19:34:30 -05:00
Roger Dingledine
fce107b11e
raise AuthDirFastGuarantee from 20KB to 100KB
...
This patch reverts part of 39ceda7e05
(where it used to be 100KB).
2011-11-21 18:44:59 -05:00
Roger Dingledine
6a76007b08
Merge branch 'maint-0.2.2'
...
Conflicts:
src/or/dirserv.c
2011-11-21 18:36:49 -05:00
Roger Dingledine
c0ec4eafc5
parameterize bw cutoffs to guarantee Fast and Guard flags
...
Now it will be easier for researchers to simulate Tor networks with
different values. Resolves ticket 4484.
2011-11-21 18:22:10 -05:00
Roger Dingledine
c9f24edb13
fold in more changes entries
2011-11-21 18:04:01 -05:00
Nick Mathewson
f4e053d6df
Merge branch 'bug4518' into maint-0.2.2
2011-11-21 17:25:51 -05:00
Roger Dingledine
f3452b58ba
fold in more changes entries
2011-11-21 16:33:18 -05:00
Nick Mathewson
929074b368
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-11-21 10:52:38 -05:00
Nick Mathewson
b3c988f0d7
Merge remote-tracking branch 'public/bug3963' into maint-0.2.2
2011-11-21 10:52:15 -05:00
Nick Mathewson
0539c34c35
Merge branch 'bug4360'
2011-11-21 10:48:02 -05:00
Nick Mathewson
a6eef61f02
Changes file for bug4360
2011-11-21 10:47:57 -05:00
Nick Mathewson
3e9c86a8f9
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-11-20 20:16:49 -05:00
Nick Mathewson
fbcd7c01e7
Changes file for bug4521 backports.
2011-11-20 20:15:13 -05:00
Nick Mathewson
7992eb43c5
Log more loudly on a bad cert from an authority.
...
Clock skew made this situation way too frequent so we demoted it to
"protocol_warn", but when there's an authority, it should really just
be warn.
2011-11-20 00:48:25 -05:00
Nick Mathewson
f2f156f0e8
changes file for bug4515
2011-11-19 18:46:15 -05:00
Nick Mathewson
8e388bc39c
Only call cull_wedged_cpuworkers once every 60 seconds.
...
The function is over 10 or 20% on some of Moritz's profiles, depending
on how you could.
Since it's checking for a multi-hour timeout, this is safe to do.
Fixes bug 4518.
2011-11-19 18:30:55 -05:00
Nick Mathewson
53dac6df18
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-11-18 19:09:08 -05:00
Sebastian Hahn
6ef44b7849
Don't log about stats when running as a client without geoip
...
Completely disable stats if we aren't running as a relay. We won't
collect any anyway, so setting up the infrastructure for them and
logging about them is wrong. This also removes a confusing log
message that clients without a geoip db would have seen.
Fixes bug 4353.
2011-11-19 00:50:03 +01:00
Nick Mathewson
b88db7573c
Merge remote-tracking branch 'public/benchmark'
2011-11-18 18:42:49 -05:00
Nick Mathewson
6e6a661296
New UserspaceIOCPBuffers option to set SO_{SND,RCV}BUF to zero
...
When running with IOCP, we are in theory able to use userspace-
allocated buffers to avoid filling up the stingy amount of kernel
space allocated for sockets buffers.
The bufferevent_async implementation in Libevent provides this
ability, in theory. (There are likely to be remaining bugs). This
patch adds a new option that, when using IOCP bufferevents, sets
each socket's send and receive buffers to 0, so that we should use
this ability.
When all the bugs are worked out here, if we are right about bug 98,
this might solve or mitigate bug 98.
This option is experimental and will likely require lots of testing
and debugging.
2011-11-18 17:43:03 -05:00
Nick Mathewson
2408934516
Merge remote-tracking branch 'sebastian/bug2893'
2011-11-16 17:30:24 -05:00
Nick Mathewson
2f3dad10a8
Merge branch 'bug4457_master'
2011-11-16 16:23:15 -05:00
Nick Mathewson
5a02406ae0
Merge branch 'bug4457_022' into maint-0.2.2
2011-11-16 16:22:47 -05:00
Roger Dingledine
67650a869d
allow manual control port authenticate via netcat
2011-11-16 18:14:03 +01:00
Sebastian Hahn
9fc7725aba
Don't allow building on platforms where AF_UNSPEC != 0
2011-11-16 16:39:04 +01:00
Nick Mathewson
87622e4c7e
Allow up to a 30 days future skew, 48 hours past skew in certs.
2011-11-15 15:57:41 -05:00
Nick Mathewson
26fcb4bb8c
Merge remote-tracking branch 'sebastian/bug4469'
2011-11-15 11:59:37 -05:00
Nick Mathewson
3ef40f6993
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-11-15 11:42:38 -05:00
Sebastian Hahn
4b8d2ad6f5
Fix compile warnings on windows
2011-11-15 13:34:04 +01:00
Nick Mathewson
5bea660f8e
Use real_addr in send_netinfo
...
Reported by "troll_un"; bugfix on 0.2.0.10-alpha; fixes bug 4349.
2011-11-14 22:43:40 -05:00
Nick Mathewson
4af82fb388
Merge remote-tracking branch 'public/bug4367'
2011-11-14 22:35:49 -05:00
Nick Mathewson
7be50c26e8
Disable IOCP and retry event_base_new_with_config once on failure
...
This is a fancier bug4457 workaround for 0.2.3. In 0.2.2, we could
just tell Libevent "Don't enable locking!" so it wouldn't try to make
the event_base notifiable. But for IOCP, we need a notifiable base.
(Eventually, we'll want a notifiable base for other stuff, like
multithreaded crypto.) So the solution is to try a full-featured
initialization, and then retry with all the options turned off if that
fails.
2011-11-14 18:12:29 -05:00
Nick Mathewson
cf8117136c
Merge remote-tracking branch 'public/bug4457_022' into bug4457_master
...
Conflicts:
src/common/compat_libevent.c
Resolving conflict by not taking 7363eae13c
("Use the
EVENT_BASE_FLAG_NOLOCK flag to prevent socketpair() invocation"): in
Tor 0.2.3.x, we _do_ sometimes use notifiable event bases.
2011-11-14 17:59:42 -05:00
Nick Mathewson
0f6c021617
Detect failure from event_init() or event_base_new_with_config()
2011-11-14 17:53:45 -05:00
Nick Mathewson
7363eae13c
Use the EVENT_BASE_FLAG_NOLOCK flag to prevent socketpair() invocation
...
In Tor 0.2.2, we never need the event base to be notifiable, since we
don't call it from other threads. This is a workaround for bug 4457,
which is not actually a Tor bug IMO.
2011-11-14 17:48:57 -05:00
Nick Mathewson
9292a78722
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-11-14 11:10:45 -05:00
Nick Mathewson
2b7bdc295a
Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
2011-11-14 11:10:27 -05:00
Nick Mathewson
13f02c387f
Merge remote-tracking branch 'karsten/geoip-november2011' into maint-0.2.1
2011-11-14 11:10:10 -05:00
Gisle Vanem
af12a7ac00
Fix test_util.c compilation on MSVC
...
"Those '{}' constructs are not well liked by MSVC (cl v.16.xx)."
Received on tor-dev; fixes bug on 0.2.3.3-alpha.
2011-11-11 23:49:53 -05:00
Nick Mathewson
ff93535c71
New src/test/bench.c to allow us to actually _run_ benchmark code
...
Yes, the timing functions are suboptimal. Please improve!
2011-11-11 12:35:08 -05:00
Sebastian Hahn
38123ffa23
Fix the bench_{aes,dmap} test functions to work with TT
...
TT expects them to be named test_bench_{aes,dmap}. Also change the
DISABLED macro to reflect that.
2011-11-11 11:47:25 -05:00
Nick Mathewson
21cf7079fe
Dump our internal AES implementation
...
This thing was pretty pointless on versions of OpenSSL 0.9.8 and later,
and almost totally pointless on OpenSSL 1.0.0.
Also, favor EVP by default, since it lets us get hardware acceleration
where present. (See issue 4442)
2011-11-11 11:47:24 -05:00
Nick Mathewson
613ff5698a
Changes file for patches from 4ZM
2011-11-11 11:11:15 -05:00
Nick Mathewson
e1c6431e42
Correct the handling of overflow behavior in smartlist_ensure_capacity
...
The old behavior was susceptible to the compiler optimizing out our
assertion check, *and* could still overflow size_t on 32-bit systems
even when it did work.
2011-11-09 14:48:52 -05:00
Nick Mathewson
f0589da0e3
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-11-09 11:04:40 -05:00
Nick Mathewson
8adec87050
Merge remote-tracking branch 'rransom-tor/bug4426' into maint-0.2.2
2011-11-09 11:03:20 -05:00
Nick Mathewson
9452b65680
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-11-09 10:28:43 -05:00
Sebastian Hahn
0cc7a63fc0
Don't warn when compiling with --disable-threads
...
STMT_VOID semantics suggested by nick, thanks!
2011-11-09 10:26:35 +01:00
Sebastian Hahn
4ccc8d0292
Don't exit on dirauths for some config transitions
2011-11-08 12:44:12 +01:00
Robert Ransom
565463243c
Include HiddenServiceDir in some warning messages
2011-11-07 17:02:50 -08:00
Robert Ransom
ef2b0bd528
Add GETINFO md/id/* and md/name/* items for relay microdescs
2011-11-07 15:32:33 -08:00
Roger Dingledine
e26f5553ec
fold in changes files
2011-11-07 15:22:23 -05:00
Nick Mathewson
4a7225d4c9
Merge remote-tracking branch 'rransom-tor/bug4411'
2011-11-07 11:57:07 -05:00
Nick Mathewson
25875f533b
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-11-07 11:55:11 -05:00
Nick Mathewson
8ba1cf3007
Robert says that this bug was not in fact one of frosty's
2011-11-07 11:54:54 -05:00
Robert Ransom
749b37bcf4
Fix assert on clients of and authorities for v0 HS descs
2011-11-07 08:48:23 -08:00
Nick Mathewson
ceebc8283f
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-11-07 11:48:02 -05:00
Nick Mathewson
ca282e5326
Merge branch 'bug4424' into maint-0.2.2
2011-11-07 11:47:28 -05:00
Robert Ransom
65a0d7e7ef
Don't leak an extend_info_t in rend_client_any_intro_points_usable
2011-11-07 08:35:51 -08:00
Nick Mathewson
51f53b590e
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-11-07 10:44:02 -05:00
Nick Mathewson
4d8306e0e9
Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
2011-11-07 10:42:34 -05:00
Karsten Loesing
6d45c6d548
Update to the November 2011 GeoIP database.
2011-11-07 14:23:48 +01:00
Sebastian Hahn
be6928d6e7
Add a changes file for 4410
2011-11-06 18:00:10 +01:00
George Kadianakis
e097bffaed
Fix issues pointed out by nickm.
...
- Rename tor_tls_got_server_hello() to tor_tls_got_client_hello().
- Replaced some aggressive asserts with LD_BUG logging.
They were the innocent "I believe I understand how these callbacks
work, and this assert proves it" type of callbacks, and not the "If
this statement is not true, computer is exploding." type of
callbacks.
- Added a changes file.
2011-11-03 22:33:50 +01:00
Nick Mathewson
c1005dd6d3
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-11-03 13:24:46 -04:00
George Kadianakis
3ae96845d3
Fix a memleak when fetching descriptors for bridges in ExcludeNodes.
2011-11-03 13:23:50 -04:00
Nick Mathewson
325a659cb1
Even when we can't answer an AUTH_CHALLENGE, send NETINFO.
...
Fixes bug 4368; fix on 0.2.3.6-alpha; bug found by "frosty".
2011-11-03 12:40:02 -04:00
Nick Mathewson
248b967ce6
Add comments and changes file for 4361; tweak control flow a bit
2011-11-03 12:31:31 -04:00
Nick Mathewson
88c4b425bd
Fix bug 4367: correctly detect auth_challenge cells we can't use
...
Found by frosty_un, bugfix on 0.2.3.6-alpha, fix suggested by arma.
2011-11-03 11:52:35 -04:00
Nick Mathewson
d029c3223a
changes file for bug4366
2011-11-03 10:24:31 -04:00
Sebastian Hahn
c98faa1a23
Resolve a crash when running as dirauth
...
When we're asked for our own descriptor, don't crash.
2011-11-02 20:57:23 +01:00
Robert Ransom
60ed98e184
Reduce lifetime of DH public key replay-detection cache elements
2011-10-31 05:05:45 -07:00
Robert Ransom
272dd90b5c
Ignore timestamps of INTRODUCE2 cells
2011-10-31 05:05:45 -07:00
Nick Mathewson
c58f4a8652
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-10-30 21:28:36 -04:00
Erinn Clark
a6ea34977b
remove absolute path from contrib/package_nsis-mingw.sh in order to make it easier to automatically build tor expert bundle
2011-10-31 00:52:52 +00:00
Robert Ransom
1a52a947c5
Move the real INTRODUCE2 replay-detection cache into rend_intro_point_t
2011-10-30 04:46:58 -07:00
Robert Ransom
1eba4f0cc3
Make introduction points expire
2011-10-30 02:17:59 -07:00
Roger Dingledine
46296b3fa4
there will be a new alpha release today (oct 30)
2011-10-30 01:58:05 -04:00
Roger Dingledine
eeb6588389
bridges send netinfo cells like clients on outgoing conns
...
fixes bug 4348
2011-10-29 21:43:23 -04:00
Roger Dingledine
cbdefc70fc
fold in changes entries
2011-10-29 15:10:37 -04:00
Nick Mathewson
6be596e2dc
Merge remote-tracking branch 'origin/maint-0.2.2'
...
Conflicts:
src/or/config.c
2011-10-29 09:22:58 -04:00
Sebastian Hahn
c5c5f859d3
Add a changes file for the 4340 fix
2011-10-29 11:21:37 +02:00
Nick Mathewson
4dd8d811d6
Merge branch 'bug4343'
2011-10-28 18:05:25 -04:00
Nick Mathewson
212c3acd42
Merge remote-tracking branch 'origin/maint-0.2.2'
...
Conflicts:
src/or/command.c
2011-10-28 18:02:57 -04:00
Nick Mathewson
cf8bffa359
Discard all cells on a marked connection
...
Fix for bug 4299
2011-10-28 17:04:15 -04:00
Nick Mathewson
c2a098e980
Fix a double-free that would occur on an invalid cert in a CERTS cell
...
We would stash the certs in the handshake state before checking them
for validity... and then if they turned out to be invalid, we'd give
an error and free them. Then, later, we'd free them again when we
tore down the connection.
Fixes bug 4343; fix on 0.2.3.6-alpha.
2011-10-28 16:38:56 -04:00
Nick Mathewson
a2517fa77c
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-10-28 09:53:23 -04:00
Sebastian Hahn
f6b1dc2805
Fix typo, spotted by tmpname0901. Thanks!
2011-10-28 09:52:24 -04:00
Roger Dingledine
0eaebebffa
fold in changes entries
2011-10-26 20:31:49 -04:00
Sebastian Hahn
2dec6597af
Merge branch 'maint-0.2.2_secfix' into master_secfix
...
Conflicts:
src/common/tortls.c
src/or/connection_or.c
src/or/dirserv.c
src/or/or.h
2011-10-27 00:38:45 +02:00
Robert Ransom
00fffbc1a1
Don't give the Guard flag to relays without the CVE-2011-2768 fix
2011-10-26 23:42:39 +02:00
Sebastian Hahn
df05e5ef4d
Merge branch 'maint-0.2.1_secfix' into maint-0.2.2_secfix
...
Conflicts:
src/or/connection_or.c
2011-10-26 23:30:27 +02:00
Robert Ransom
a74e7fd40f
Reject create cells on outgoing OR connections from bridges
2011-10-26 23:21:14 +02:00
Robert Ransom
af12c39d6d
Don't use any OR connection which sent us a CREATE_FAST cell for an EXTEND
...
Fix suggested by Nick Mathewson.
2011-10-26 23:20:56 +02:00
Nick Mathewson
638fdedcf1
Don't send a certificate chain on outgoing TLS connections from non-relays
2011-10-26 23:20:56 +02:00
Nick Mathewson
a166f10414
Remove the -F option from tor-resolve.
...
It used to mean "Force": it would tell tor-resolve to ask tor to
resolve an address even if it ended with .onion. But when
AutomapHostsOnResolve was added, automatically refusing to resolve
.onion hosts stopped making sense. So in 0.2.1.16-rc (commit
298dc95dfd
), we made tor-resolve happy to resolve anything.
The -F option stayed in, though, even though it didn't do anything.
Oddly, it never got documented.
Found while fixing GCC 4.6 "set, unused variable" warnings.
2011-10-26 17:13:04 -04:00
Roger Dingledine
a68867b150
manually backport a5232e0c4c
2011-10-26 17:11:52 -04:00
Roger Dingledine
c21c8daaaf
closer to a changelog for the next alpha
2011-10-26 16:13:53 -04:00
Nick Mathewson
55d9e4b8ba
Reinit keys at the start of options_act().
...
Previously we did this nearer to the end (in the old_options &&
transition_affects_workers() block). But other stuff cares about
keys being consistent with options... particularly anything which
tries to access a key, which can die in assert_identity_keys_ok().
Fixes bug 3228; bugfix on 0.2.2.18-alpha.
Conflicts:
src/or/config.c
2011-10-26 22:09:44 +02:00
Robert Ransom
62c29a93ba
Don't crash a bridge authority on SIGHUP if it's not in the consensus
...
Fixes bug 2572.
2011-10-26 22:09:44 +02:00
Sebastian Hahn
9082898944
Fix assert for relay/bridge state change
...
When we added support for separate client tls certs on bridges in
a2bb0bfdd5
we forgot to correctly initialize this when changing
from relay to bridge or vice versa while Tor is running. Fix that
by always initializing keys when the state changes.
Fixes bug 2433.
Conflicts:
src/or/config.c
2011-10-26 22:09:44 +02:00
Nick Mathewson
ce6a2c2f14
Changelog for recent coverity issues
2011-10-26 13:22:20 -04:00
Nick Mathewson
beb9097bed
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-10-26 11:08:19 -04:00
Nick Mathewson
4a1a89be0c
Merge remote-tracking branch 'public/cov_run224_022' into maint-0.2.2
2011-10-26 11:07:28 -04:00