Nick Mathewson
edcc9981d8
Try to use smartlist_add_asprintf consistently
...
(To ensure correctness, in every case, make sure that the temporary
variable is deleted, renamed, or lowered in scope, so we can't have
any bugs related to accidentally relying on the no-longer-filled
variable.)
2012-01-16 15:02:51 -05:00
Nick Mathewson
125fba2e99
Provide consensus params to constrain the threshold for Fast
...
resolves ticket 3946
2012-01-16 14:50:13 -05:00
Nick Mathewson
938531773a
Allow authorities to baddir/badexit/invalid/reject nodes by cc
...
Implements ticket #4207
2012-01-13 12:28:47 -05:00
Nick Mathewson
2cddd1d69f
Move logging of bad hostnames into parse_extended_hostname
...
This fixes bug 3325, where a bad .exit would get logged as a bad .onion
2012-01-11 15:56:14 -05:00
Nick Mathewson
411cf8f714
Make openssl 0.9.8l log message accurate
...
fixes 4837
2012-01-11 15:41:46 -05:00
Nick Mathewson
f729e1e984
Merge branch 'feature3457-v4-nm-squashed'
...
Conflicts:
src/or/rendclient.c
2012-01-11 12:10:14 -05:00
Nick Mathewson
5e9d349979
Merge remote-tracking branch 'public/bug4650_nm_squashed'
2012-01-10 17:59:49 -05:00
Nick Mathewson
eefe8857c2
changes file for bug4746
2012-01-10 16:53:27 -05:00
Nick Mathewson
8d74fba651
Merge branch 'absolute_cookie_file'
2012-01-10 15:00:02 -05:00
Nick Mathewson
3085b76a09
changes file for #4881
2012-01-10 14:59:49 -05:00
Nick Mathewson
d29a390733
Test for broken counter-mode at runtime
...
To solve bug 4779, we want to avoid OpenSSL 1.0.0's counter mode.
But Fedora (and maybe others) lie about the actual OpenSSL version,
so we can't trust the header to tell us if it's safe.
Instead, let's do a run-time test to see whether it's safe, and if
not, use our built-in version.
fermenthor contributed a pretty essential fixup to this patch. Thanks!
2012-01-10 11:15:35 -05:00
Nick Mathewson
5741aef3dc
We no longer need to detect openssl without RAND_poll()
...
We require openssl 0.9.7 or later, and RAND_poll() was first added in
openssl 0.9.6.
2012-01-10 10:40:31 -05:00
Nick Mathewson
85c7d7659e
Add macros to construct openssl version numbers
...
It's a pain to convert 0x0090813f to and from 0.9.8s-release on the
fly, so these macros should help.
2012-01-10 10:40:30 -05:00
Sebastian Hahn
6b9298ef72
Log which votes we still need to fetch
...
This might help us see which authorities are problematic in getting
their vote published the first time.
2012-01-10 16:13:30 +01:00
Sebastian Hahn
50a50392b7
Advertise dirport if accountingmax is large enough
...
When we have an effective bandwidthrate configured so that we cannot
exceed our bandwidth limit in one accounting interval, don't disable
advertising the dirport. Implements ticket 2434.
2012-01-10 09:59:36 -05:00
Nick Mathewson
489db38229
Revise bug4413 changes file
2012-01-09 19:18:48 -05:00
Stephen Palmateer
3fadc074ca
Remove (untriggerable) overflow in crypto_random_hostname()
...
Fixes bug 4413; bugfix on xxxx.
Hostname components cannot be larger than 63 characters.
This simple check makes certain randlen cannot overflow rand_bytes_len.
2012-01-09 19:05:05 -05:00
Nick Mathewson
838ec086be
Merge remote-tracking branch 'origin/maint-0.2.2'
2012-01-09 12:22:29 -05:00
Nick Mathewson
6fd61cf767
Fix a trivial log message error in renservice.c
...
Fixes bug 4856; bugfix on 0.0.6
This bug was introduced in 79fc5217
, back in 2004.
2012-01-09 12:21:04 -05:00
Roger Dingledine
36721e940d
fold in some new changelog stanzas
2012-01-07 07:42:07 -05:00
Nick Mathewson
37c90319e2
Add a changes file for bug4563
2012-01-06 11:42:00 -05:00
Nick Mathewson
ef69f2f2ab
Merge remote-tracking branch 'origin/maint-0.2.2'
2012-01-05 14:17:44 -05:00
Nick Mathewson
ccd8289958
Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
2012-01-05 14:16:30 -05:00
Nick Mathewson
0a00678e56
Add a changes file for bug4822
2012-01-05 12:28:55 -05:00
Roger Dingledine
9bfb8af265
Merge branch 'maint-0.2.2'
2012-01-05 06:55:34 -05:00
Roger Dingledine
a1074c7aa2
Merge branch 'maint-0.2.1' into maint-0.2.2
2012-01-05 06:45:28 -05:00
Roger Dingledine
df17b62d54
add a changes file for ticket 4825
2012-01-05 06:42:26 -05:00
Nick Mathewson
ff282a1126
changes file for bug4650
2012-01-04 15:12:02 -05:00
Nick Mathewson
65420e4cb5
Merge remote-tracking branch 'rransom-tor/bug1297b-v2'
2012-01-04 13:50:24 -05:00
Nick Mathewson
47b7a27929
Merge remote-tracking branch 'origin/maint-0.2.2'
2012-01-03 13:22:34 -05:00
Sebastian Hahn
d861b4cc9d
Fix spelling in a controlsocket log msg
...
Fixes bug 4803.
2011-12-30 23:27:02 +01:00
Nick Mathewson
bfae41328e
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-12-28 16:52:31 -05:00
Nick Mathewson
84bf8e3808
Merge remote-tracking branch 'public/bug4788' into maint-0.2.2
2011-12-28 16:50:45 -05:00
Nick Mathewson
f71d63ec9d
changes file for bug1827
2011-12-28 16:40:15 -05:00
Nick Mathewson
e3a6493898
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-12-28 15:57:48 -05:00
Nick Mathewson
c563551eef
Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
2011-12-28 15:56:37 -05:00
Nick Mathewson
120a745346
Bug 4786 fix: don't convert EARLY to RELAY on v1 connections
...
We used to do this as a workaround for older Tors, but now it's never
the correct thing to do (especially since anything that didn't
understand RELAY_EARLY is now deprecated hard).
2011-12-28 15:54:06 -05:00
Robert Ransom
2b189a222b
Don't exit when marking a newly created _C_INTRODUCING circ for close
2011-12-28 09:02:14 -08:00
Nick Mathewson
9bcb187387
Authorities reject insecure Tors.
...
This patch should make us reject every Tor that was vulnerable to
CVE-2011-0427. Additionally, it makes us reject every Tor that couldn't
handle RELAY_EARLY cells, which helps with proposal 110 (#4339 ).
2011-12-27 21:47:04 -05:00
Nick Mathewson
78f43c5d03
Require openssl 1.0.0a for using openssl's ctr-mode implementation
...
Previously we required 1.0.0, but there was a bug in the 1.0.0 counter
mode. Found by Pascal. Fixes bug 4779.
A more elegant solution would be good here if somebody has time to code
one.
2011-12-27 20:31:23 -05:00
Robert Ransom
836161c560
Add an option to close HS service-side rend circs on timeout
2011-12-27 08:02:43 -08:00
Robert Ransom
f88c8ca8c9
Don't close HS service-side rend circs on timeout
2011-12-27 08:02:43 -08:00
Robert Ransom
078e3e9dd5
Add an option to close 'almost-connected' HS client circs on timeout
2011-12-27 08:02:43 -08:00
Robert Ransom
4b13c33c0c
Don't close HS client circs which are 'almost connected' on timeout
2011-12-27 08:02:42 -08:00
Nick Mathewson
85d7811456
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-12-26 17:58:51 -05:00
Roger Dingledine
3aade2fab7
Merge remote-tracking branch 'nickm/prop110_v2'
2011-12-25 17:43:09 -05:00
Sebastian Hahn
da876aec63
Provide correct timeradd/timersup replacements
...
Bug caught and patch provided by Vektor. Fixes bug 4778.t
2011-12-25 23:19:08 +01:00
Robert Ransom
4c3a23b283
Look up the rend circ whose INTRODUCE1 is being ACKed correctly
...
This change cannibalizes circuit_get_by_rend_query_and_purpose because it
had exactly one caller.
2011-12-22 23:46:09 -08:00
Nick Mathewson
7cb804343b
Merge remote-tracking branch 'rransom/feature2411-v4'
2011-12-22 10:51:39 -05:00
Nick Mathewson
782b7f49d8
Fix bug2571: warn on EntryNodes set and UseEntryGuards disabled
2011-12-22 10:31:52 -05:00
Nick Mathewson
e0651bb108
Changes file for bug1101
2011-12-22 10:20:38 -05:00
Nick Mathewson
0187bd8728
Implement the last of proposal 110
...
Reject all EXTEND requests not received in a relay_early cell
2011-12-22 09:51:59 -05:00
Nick Mathewson
878a684386
Merge remote-tracking branch 'public/bug4697'
2011-12-22 09:45:26 -05:00
Nick Mathewson
f75660958c
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-12-21 11:20:56 -05:00
Nick Mathewson
b5e6bbc01d
Do not even try to keep going on a socket with socklen==0
...
Back in #1240 , r1eo linked to information about how this could happen
with older Linux kernels in response to nmap. Bugs #4545 and #4547
are about how our approach to trying to deal with this condition was
broken and stupid. Thanks to wanoskarnet for reminding us about #1240 .
This is a fix for the abovementioned bugs, and is a bugfix on
0.1.0.3-rc.
2011-12-21 11:19:41 -05:00
Nick Mathewson
d7531b2adc
duplicate changelog entry for 4531
2011-12-20 14:51:34 -05:00
Nick Mathewson
4080ac9eee
Merge branch 'bug3825b-v8-squashed'
2011-12-20 11:15:49 -05:00
Robert Ransom
dae000735e
Adjust n_intro_points_wanted when a service's intro points are closed
2011-12-20 11:15:33 -05:00
Nick Mathewson
9cabedd3eb
Explain why we are making gcc 3.3 work
2011-12-19 11:29:03 -05:00
Martin Hebnes Pedersen
d5e964731c
Fixed build with GCC < 3.3
...
Preprocessor directives should not be put inside the arguments
of a macro. This is not supported on older GCC releases (< 3.3)
thus broke compilation on Haiku (running gcc2).
2011-12-19 11:27:08 -05:00
Nick Mathewson
e5e50d86ca
Ignore all bufferevent events on a marked connection
...
Bug 4697; fix on 0.2.3.1-alpha
2011-12-17 14:06:10 -05:00
Peter Palfrader
597e428df6
And a changes file for bug#4733
2011-12-17 12:21:56 -05:00
Nick Mathewson
cefff11950
Merge remote-tracking branch 'sebastian/clang-3.0-fixes_022' into maint-0.2.2
2011-12-16 17:49:41 -05:00
Nick Mathewson
9df0bf7a40
Merge remote-tracking branch 'sebastian/clang-3.0-fixes_master'
2011-12-16 17:48:25 -05:00
Nick Mathewson
a7b5e72463
Changelog and blurb for 0.2.3.10-alpha
2011-12-15 11:59:09 -05:00
Nick Mathewson
e402edd960
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-12-15 11:32:49 -05:00
Nick Mathewson
562c974ee7
Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
2011-12-15 11:28:44 -05:00
Nick Mathewson
9d0777839b
Add a fix for the buf_pullup bug that Vektor reported
2011-12-15 11:28:24 -05:00
Nick Mathewson
960f62bd82
Start a section for the 0.2.3.10-alpha changelog
2011-12-14 16:03:58 -05:00
Sebastian Hahn
bcca541da9
Build with warnings and clang 3.0
...
--enable-gcc-warnings enables two warnings that clang doesn't support,
so the build fails. We had hoped clang 3.0 would add those, but it
didn't, so let's just always disable those warnings when building with
clang. We can still fix it later once they add support
2011-12-13 07:43:53 +01:00
Robert Ransom
d688a40a0e
Don't crash on startup of a dormant relay
...
If a relay is dormant at startup, it will call init_keys before
crypto_set_tls_dh_prime. This is bad. Let's make it not so bad, because
someday it *will* happen again.
2011-12-12 11:25:55 -08:00
Sebastian Hahn
e4cebb76c5
Fix compilation of natpmp-helper on non-windows
...
Fixes a small oversight in 5dbfb1b3e0
.
2011-12-10 03:25:40 +01:00
Robert Ransom
832bfc3c46
Clear stream-isolation state on rend circs if needed to attach streams
...
Fixes bug 4655; bugfix on 0.2.3.3-alpha.
2011-12-09 11:28:42 -05:00
Roger Dingledine
630337e762
Merge branch 'maint-0.2.2'
2011-12-08 04:40:30 -05:00
Roger Dingledine
0582746e0d
Merge branch 'maint-0.2.1' into maint-0.2.2
2011-12-08 04:40:15 -05:00
Roger Dingledine
06b10ccdc4
fold in changes files
2011-12-08 04:38:37 -05:00
Karsten Loesing
ff2c9acbb3
Update to the December 2011 GeoIP database.
2011-12-08 09:55:44 +01:00
Robert Ransom
b5a21d79d8
Add changes file for feature2553
2011-12-07 04:44:13 -08:00
Nick Mathewson
4f47db3280
Merge remote-tracking branch 'sebastian/coverity'
2011-12-05 11:56:03 -05:00
Sebastian Hahn
60c330a251
cid 432: Remove dead code if we don't handle a consensus
...
Bugfix on 0.2.3.1, fixes the second half of bug 4637.
2011-12-04 17:36:23 +01:00
Robert Ransom
f5730d4698
Don't send two ESTABLISH_RENDEZVOUS cells when opening a new rend circ
2011-12-03 22:06:50 -08:00
Nick Mathewson
682a85ff7c
Don't just tell the controller "foo" on id mismatch
...
Fixes bug 4169; bugfix on 0.2.1.1-alpha.
2011-12-02 16:27:33 -05:00
Nick Mathewson
5303918091
Init conn->addr to "unspec" on cpuworker connections
...
Fixes bug 4532 reported by "troll_un"
2011-12-02 16:21:50 -05:00
Nick Mathewson
57ff9913b2
Merge remote-tracking branch 'origin/maint-0.2.2'
...
Conflicts:
src/or/connection_or.c
The conflict in src/or/connection_or.c is resolved by taking the
version in master, since e27a26d5
already fixed bug 4531 on master.
This merge just adds the changes file from 0.2.2.
2011-12-02 16:17:52 -05:00
Nick Mathewson
6171bdd105
Don't call tor_tls_set_logged_address till after checking conn->tls
...
Fixes bug 4531; partial backport of e27a26d5
.
2011-12-02 16:15:52 -05:00
Nick Mathewson
d9edee3a3b
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-12-02 16:10:17 -05:00
Nick Mathewson
2b5a035604
tor_accept_socket() should take tor_addr_t for listener arg
...
Fixes bug 4535; bugfix on 0.2.2.28-beta; found by "troll_un"
2011-12-02 16:09:16 -05:00
Nick Mathewson
cf14a520c8
Resolve bug 3448: remove mention of tor-ops (which is not in use)
2011-12-02 15:42:15 -05:00
Nick Mathewson
0920cd02f4
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-12-02 15:38:29 -05:00
Nick Mathewson
b7015603fa
Fix bug 4530; check return val of tor_addr_lookup correctly
...
Fix on 0.2.1.5-alpha; reported by troll_un
2011-12-02 15:37:24 -05:00
Nick Mathewson
3b88b63826
Merge branch 'bug933_nm_rebased_v2'
...
Conflicts:
src/test/test.c
2011-11-30 14:10:22 -05:00
Robert Hogan
c6d8c6baaa
bug933 - Match against super-domains in MapAddress
...
Allow MapAddress to handle directives such as:
MapAddress .torproject.org .torserver.exit
MapAddress .org 1.1.1.1
Add tests for addressmap_rewrite.
2011-11-30 14:08:10 -05:00
Nick Mathewson
29db095a35
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-11-30 12:41:08 -05:00
Linus Nordberg
192de441e0
Add changes file.
2011-11-30 11:55:46 -05:00
Nick Mathewson
628b735fe3
Merge remote-tracking branch 'rransom-tor/bug3460-v4'
...
Conflicts:
src/or/rendservice.c
2011-11-29 20:56:39 -05:00
Nick Mathewson
da6c136817
Merge remote-tracking branch 'asn-mytor/bug4548_take2'
2011-11-29 18:30:41 -05:00
Nick Mathewson
83f66db79e
Merge branch 'disable_network'
2011-11-29 17:52:23 -05:00
Nick Mathewson
df9b76460c
New 'DisableNetwork' option to prevent Tor from using the network
...
Some controllers want this so they can mess with Tor's configuration
for a while via the control port before actually letting Tor out of
the house.
We do this with a new DisableNetwork option, that prevents Tor from
making any outbound connections or binding any non-control
listeners. Additionally, it shuts down the same functionality as
shuts down when we are hibernating, plus the code that launches
directory downloads.
To make sure I didn't miss anything, I added a clause straight to
connection_connect, so that we won't even try to open an outbound
socket when the network is disabled. In my testing, I made this an
assert, but since I probably missed something, I've turned it into a
BUG warning for testing.
2011-11-28 15:44:10 -05:00
Nick Mathewson
230422b955
Support for a defaults torrc file.
...
This will mainly help distributors by giving a way to set system or package
defaults that a user can override, and that a later package can replace.
No promises about the particular future location or semantics for this:
we will probably want to tweak it some before 0.2.3.x-rc
The file is searched for in CONFDIR/torrc-defaults , which can be
overridden with the "--defaults-torrc" option on the command line.
2011-11-27 22:25:52 -05:00
Nick Mathewson
73436a1d6f
Add the ability to append and clear linelist options from cmdline
...
This will be important for getting stuff to work right across zones.
2011-11-27 21:32:51 -05:00