Commit Graph

2327 Commits

Author SHA1 Message Date
Nick Mathewson
bd7724a57e Merge remote-tracking branch 'origin/maint-0.2.2' 2012-04-19 17:08:09 -04:00
Roger Dingledine
a0d1e806e0 initial round of changelog stanza cleanup 2012-04-19 15:10:33 -04:00
Nick Mathewson
074bf72a2c If DisableNetwork, don't even try to open non-controller listeners
Fix for 5604; bugfix on 0.2.3.9-alpha, which introduced DisableNetwork.
2012-04-18 23:32:02 -04:00
Nick Mathewson
f6afd4efa6 Fix a log-uninitialized-buffer bug.
Fix for 5647; bugfix on 0.2.1.5-alpha.
2012-04-18 23:02:09 -04:00
Nick Mathewson
e9dae1ff2e Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/rendservice.c

Conflicts were due to new NON_ANONYMOUS_MODE_ENABLED tor2web code; I
think I resolved them correctly.
2012-04-18 22:30:02 -04:00
George Kadianakis
2d276ab9d9 rend_service_introduce(): do protocol violation check before anything else.
(Cherry-picked from 6ba13e4 by nickm)
2012-04-18 22:26:06 -04:00
Nick Mathewson
0b1ec16058 Don't fetch v2 networkstatuses from caches, even if auths are down
Fix for 5635; fix on 0.2.2.26-beta, where caches stopped fetching this
information.
2012-04-17 17:18:59 -04:00
Peter Palfrader
5d7fab9477 Document unit of bandwidth related options in sample torrc. 2012-04-13 16:33:36 -04:00
Nick Mathewson
dc60b5d6a7 Improve our documentation for the NT Service command line options
We explain the --options option, document --nt-service as an
internal-use-only thing (which it is), fix a URL, and generally
improve the prose.
2012-04-11 13:10:35 -04:00
Nick Mathewson
77e51224fa Obsolete GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays
Closes ticket 4572.
2012-04-11 10:59:11 -04:00
Nick Mathewson
ab338e3bb8 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-04-11 10:06:49 -04:00
Nick Mathewson
86c4b750da Merge branch 'bug5593' into maint-0.2.2 2012-04-11 10:04:31 -04:00
Nick Mathewson
5465ac5ea3 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-04-11 09:26:37 -04:00
Karsten Loesing
b395b59353 Update to the April 2012 GeoIP database. 2012-04-11 14:15:49 +02:00
Nick Mathewson
dd3f4f1bdb Include a Host: header with any HTTP/1.1 proxy request
Bugfix on 0.2.2.1-alpha, which added the orginal HTTP proxy
authentication code.  Fix for bug 5593.
2012-04-10 12:00:20 -04:00
Sebastian Hahn
ed8374eb5a Simplify DH prime generation logic some.
This is just refactoring work here. The old logic was kind of
convoluted, especially after the bug 5572 fix. We don't actually need to
distinguish so many cases here. Dropping detection of the
"!old_options || !old_options->DynamicDHGroups" case is fine because
that's the same that we'd do for clients.

Also add a changes file for bug 5572.
2012-04-08 01:11:02 +02:00
Nick Mathewson
15ac8c5711 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-04-04 21:05:42 -04:00
Sebastian Hahn
b24487d106 ides has become turtles, and gotten a new IP address
As per ticket 5569
2012-04-05 01:53:04 +02:00
Nick Mathewson
b8e582255e Merge remote-tracking branch 'asn-mytor/bug5558_take2' 2012-04-03 12:06:07 -04:00
George Kadianakis
b80728a115 tor_vsscanf(): Don't return -1 if '%%' doesn't match.
tor_vsscanf() is supposed to return the current number of matches on
match failure.
2012-04-03 16:20:24 +02:00
Nick Mathewson
6a9e693fbe Suppress "decided to publish new descriptor" message when not a server
The message only means that we're publishing a new descriptor when we
are actually in some kind of server mode, and publication is on.

Fix for bug 3942; bugfix on 0.2.3.2-alpha.
2012-04-02 18:59:21 -04:00
Nick Mathewson
341c6a59db Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/config.c

Conflict was in or_options_free, where two newly added fields had free
calls in the same place.
2012-04-01 00:46:52 -04:00
Nick Mathewson
9a69c24150 Do not use strcmp() to compare an http authenticator to its expected value
This fixes a side-channel attack on the (fortunately unused!)
BridgePassword option for bridge authorities.  Fix for bug 5543;
bugfix on 0.2.0.14-alpha.
2012-04-01 00:42:04 -04:00
George Kadianakis
b03f90b538 Add changes file for #4865. 2012-03-31 14:05:12 +02:00
Nick Mathewson
548f2e32cd Remove the deprecated FooListenAddress options from torrc.sample.in
Bug 5438.
2012-03-30 16:53:02 -04:00
Nick Mathewson
a74905cea4 We allow IPv6 connections, don't use sockaddr_in with getsockname
This fixes client_check_address_changed to work better with IPv6 Tor
clients, and prevents them from spewing errors. Fix for ticket 5537.
2012-03-30 16:43:52 -04:00
Nick Mathewson
cc35157805 Twiddle ROUTER_{MAX_COSMETIC_TIME_DIFFERENCE,MAX_AGE_TO_PUBLISH}
This is ticket 2479. Roger's original explanation was:

   We have a series of bugs where relays publish a descriptor within
   12 hours of their last descriptor, but the authorities drop it
   because it's not different "enough" from the last one and it's
   too close to the last one.

   The original goal of this idea was to a) reduce the number of new
   descriptors authorities accept (and thus have to store) and b)
   reduce the total number of descriptors that clients and mirrors
   fetch. It's a defense against bugs where relays publish a new
   descriptor every minute.

   Now that we're putting out one consensus per hour, we're doing
   better at the total damage that can be caused by 'b'.

   There are broader-scale design changes that would help here, and
   we've had a trac entry open for years about how relays should
   recognize that they're not in the consensus, or recognize when
   their publish failed, and republish sooner.

   In the mean time, I think we should change some of the parameters
   to make the problem less painful.
2012-03-30 15:38:16 -04:00
Nick Mathewson
5193752ca8 Exits don't need to fetch certs for unknown authorities
When we started RefuseUnknownExits back in 0.2.2.11-alpha, we
started making exits act like they cache directory info (since they
need an up-to-date idea of who is really a router).  But this
included fetching needless (unrecognized) authorities' certs, which
doesn't make any sense for them.

This is related to, but not necessarily the same as, the issue that
Ian reported for bug #2297.

(This patch is based on a patch from a user who I believe has asked
not to be named.  If I'm wrong about that, please add the
appropriate name onto the changelog.)
2012-03-30 15:20:06 -04:00
nils
efb8a09f41 Fix tor_strtok_r_impl and test cases per bug #5091
==

Nick here. I tweaked this patch a little to make it apply cleanly to
master, to extract some common code into a function, and to replace
snprintf with tor_snprintf.

-- nickm
2012-03-30 11:01:21 -04:00
Nick Mathewson
affbcded5c Fix a memory leak in an error case of SAFECOOKIE authentication.
Found by Coverity Scan; fix for CID 507; bugfix on 0.2.3.13-alpha.
2012-03-30 10:20:48 -04:00
Nick Mathewson
545cb5f34e Merge remote-tracking branch 'linus/empty_desc_stats' 2012-03-30 10:06:21 -04:00
Linus Nordberg
d2cf90dc88 Add changes file. 2012-03-30 12:06:53 +02:00
Nick Mathewson
f348daa6fb Merge remote-tracking branch 'linus/bug4875_2' 2012-03-29 10:53:09 -04:00
Nick Mathewson
4703bf8792 note that bug 5151 is on 0.2.3.9-alpha 2012-03-28 17:19:24 -04:00
Nick Mathewson
04a1696095 Merge remote-tracking branch 'linus/bug5151' 2012-03-28 17:18:30 -04:00
Linus Nordberg
bd4d8fc744 Add changes file. 2012-03-28 23:11:02 +02:00
Linus Nordberg
734fad4103 Make relays handle an address suggestion from a directory server giving an IPv6 address.
last_guessed_ip becomes a tor_addr_t.

Most parts of router_new_address_suggestion() learns
about IPv6 (resolve_my_address() is still IPv4 only).
2012-03-28 22:16:55 +02:00
Nick Mathewson
54520e49cd Say that bug4438 was a fix on 0.2.1.9-alpha.
Specifically, it was a fix on 33e2053ebc, where we introduced the
WRA_* and ROUTER_* codes for dirserv_add_descriptor.  Previously, we
had checked for a _negative_ return from dirserv_add_descriptor, which
meant "rejected".  An insufficiently new descriptor would give a
0-valued return.  But when we switched from numbers to enums, we got
this check wrong and had init_keys() give an error whenever the
descriptor wasn't accepted.
2012-03-28 10:41:12 -04:00
Nick Mathewson
a9c0e9fec2 Write initial documentation for the contents of the state file
Fixes bug 2987.  There is still some information to go, but now we
have a place to put it.
2012-03-28 04:08:56 -04:00
Nick Mathewson
433d757846 Reject SOCKS requests for "localhost" or ".local"
Sending them on is futile, since we will be told "127.0.0.1" and then
think we've been lied to.  Partial fix for 2822.
2012-03-28 03:19:00 -04:00
Nick Mathewson
70c17134c7 Rate-limit the warnings as a client when asked to connect a private addr
Partial fix for ticket 2822.
2012-03-28 03:06:25 -04:00
Nick Mathewson
d20c6d2a37 Keep separate time-to-downloads for each consensus flavor
This is a fix for bug 4011, where if we have a recent ns consensus we
won't even try fetching a microdesc consensus.  Fix on 0.2.3.1-alpha,
I believe.
2012-03-28 02:55:33 -04:00
Nick Mathewson
01905a6ef9 Excise PK_NO_PADDING entirely: Unpadded RSA is silly.
We never use it, so having it around is pointless.

Suggested by Sebastian
2012-03-27 22:38:06 -04:00
Nick Mathewson
55c3e29669 Use OpenSSL 1.0.1's EVP aes_ctr implementation when available
This should be really fast on Intel chips.
2012-03-27 22:38:06 -04:00
Nick Mathewson
de0dca0de7 Refactor the API for setting up a block cipher.
It allows us more flexibility on the backend if the user needs to
specify the key and IV at setup time.
2012-03-27 22:37:56 -04:00
Nick Mathewson
fc35674567 Changelog for torify changes
Also reinstate the part of the torify script that checks for torsocks
being installed, so that we can give a more useful message in case it
isn't.
2012-03-27 18:46:47 -04:00
Nick Mathewson
80b2756b53 Log statement to help track down bug4091 2012-03-27 18:28:39 -04:00
Nick Mathewson
342e753d31 Merge remote-tracking branch 'karsten/bug5053' 2012-03-27 11:22:32 -04:00
Sebastian Hahn
582f747049 Provide large enough buffer in test_util_sscanf()
This was causing crashes during unit test runs, as stack smashing
protections got triggered. Issue spotted by weasel
2012-03-27 15:16:22 +02:00
Roger Dingledine
de73e3692a merge in the safecookie changelog entry too 2012-03-26 22:15:02 -04:00
Nick Mathewson
5a2d0fbe64 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/control.c
2012-03-26 18:51:37 -04:00
Nick Mathewson
9740f067c4 Safe cookie authentication gets a changes file 2012-03-26 14:06:27 -04:00
Roger Dingledine
a5c78639ae fold in latest changes entries 2012-03-25 23:19:44 -04:00
Sebastian Hahn
fe2b177cfb Never disable debugger attachment for the unit tests 2012-03-22 12:50:44 +01:00
Christian Kujau
d95efdd860 Shorten links to law.cornell.edu for exit-note file
The links we have currently redirect to those new files now.
2012-03-20 11:36:16 +01:00
Florent Daigniere
62f3121a3d fix for bug #5210: enable GCC and LD hardening by default 2012-03-15 10:17:30 +00:00
Roger Dingledine
4ade55ecb9 merge in the changes files so far 2012-03-14 23:54:26 -04:00
Roger Dingledine
12594f27db Stop discarding command-line arguments when TestingTorNetwork is set
Discovered by Kevin Bauer. Fixes bug 5373; bugfix on 0.2.3.9-alpha,
where task 4552 added support for two layers of torrc files.
2012-03-14 02:40:04 -04:00
Nick Mathewson
fecb341d6b Fix spelling of Esteban Manchado Velázquez. 2012-03-12 13:12:13 -04:00
George Kadianakis
aae570b493 Close fds on pipe() error in tor_spawn_background(). 2012-03-12 12:41:29 -04:00
Sebastian Hahn
d916fc38b6 Stop using MAX_PATH, it might not be defined
This broke compilation on Hurd
2012-03-10 16:53:01 +01:00
Nick Mathewson
ec1bc8a979 Use a given name in the bug5090 message, at its holder's request. 2012-03-09 14:50:46 -05:00
Nick Mathewson
9f88c1e14f Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/circuitbuild.c
2012-03-09 14:30:12 -05:00
Nick Mathewson
99bd5400e8 Never choose a bridge as an exit. Bug 5342. 2012-03-09 14:27:50 -05:00
Nick Mathewson
d4526e1d4a Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/routerlist.c
2012-03-09 13:57:32 -05:00
Nick Mathewson
a574f7f3fe Merge branch 'bug5343' into maint-0.2.2 2012-03-09 13:54:04 -05:00
Nick Mathewson
c13dc5170f Merge remote-tracking branch 'origin/maint-0.2.2' 2012-03-09 11:54:45 -05:00
Nick Mathewson
31f253ae6a Oops; credit bug5090 patch to flupzor. estebanm only found the bug. 2012-03-09 11:54:27 -05:00
Nick Mathewson
be0535f00b Correctly handle broken escape sequences in torrc values
Previously, malformatted torrc values could crash us.

Patch by Esteban Manchado.  Fixes bug 5090; fix on 0.2.0.16-alpha.
2012-03-09 11:50:22 -05:00
Nick Mathewson
0f7e96038d changes file for extra-tests branch 2012-03-08 21:16:46 -05:00
Nick Mathewson
ec8a06c5a1 Require a threshold of exit nodes before building circuits
This mitigates an attack proposed by wanoskarnet, in which all of a
client's bridges collude to restrict the exit nodes that the client
knows about.  Fixes bug 5343.
2012-03-08 15:42:54 -05:00
Nick Mathewson
3fc3ed50a1 Merge remote-tracking branch 'public/bug4361'
Conflicts:
	src/or/command.c
2012-03-08 14:23:52 -05:00
Nick Mathewson
5daa765bd1 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-03-08 14:15:18 -05:00
Sebastian Hahn
fe50b676bc Fix compile warnings in openbsd malloc 2012-03-08 19:28:59 +01:00
Nick Mathewson
57ed8fbbdd Merge remote-tracking branch 'origin/maint-0.2.2' 2012-03-08 10:50:33 -05:00
Nick Mathewson
9d5d3a7fd4 Merge remote-tracking branch 'karsten/geoip-march2012' into maint-0.2.2 2012-03-08 10:50:03 -05:00
Karsten Loesing
c5d7ee714f Update to the March 2012 GeoIP database. 2012-03-08 09:35:15 +01:00
Nick Mathewson
298e08132f Merge remote-tracking branch 'public/bug4760' 2012-03-05 10:44:48 -05:00
Nick Mathewson
6a0d809f44 Merge remote-tracking branch 'sebastian/bug5231' 2012-02-29 15:16:15 -05:00
Roger Dingledine
406bc95271 Merge branch 'maint-0.2.2' 2012-02-29 13:23:23 -05:00
Roger Dingledine
e21756908f new ip address for maatuska 2012-02-29 13:22:41 -05:00
Sebastian Hahn
2755b09c52 Don't cannibalize already cannibalized circuits
This ensures we don't build circuits that have 5 hops or more. Patch
contributed by wanoskarnet, thanks!
2012-02-25 17:59:21 +01:00
Daniel Bryg
f7e87f41f7 When not fetching v2 dir info, don't require it for cleaning descriptors
Bugfix on 0.2.2.26-beta, which introduced the idea of caches not
cacheing v2 info.  Fixes bug 4838.
2012-02-23 13:59:37 -05:00
Nick Mathewson
eaedcba493 Merge branch 'bug5105-v2-squashed'
Conflicts:
	src/or/transports.c
2012-02-17 11:50:10 -05:00
Robert Ransom
bf1ce3f53d Rewrite managed proxy environment setup code
Now, the environment setup is entirely OS-independent, as well as less
hacky and brittle.
2012-02-17 11:42:20 -05:00
Nick Mathewson
3cdc46457f Merge remote-tracking branch 'asn/bug4725_take2' 2012-02-16 15:22:15 -05:00
George Kadianakis
c79aa8f3ac Add a belated changes file for #4725. 2012-02-15 01:25:39 +02:00
Sebastian Hahn
19b4df0d46 Include compat.h from natpmp-helper to fix build
This means tor_socket_t is declared.
2012-02-14 23:36:39 +01:00
Nick Mathewson
077b9f19a4 If SOCK_CLOEXEC and friends fail, fall back to regular socket() calls
Since 0.2.3.1-alpha, we've supported the Linux extensions to socket(),
open(), socketpair(), and accept() that enable us to create an fd and
make it close-on-exec with a single syscall.  This not only saves us a
syscall (big deal), but makes us less vulnerable to race conditions
where we open a socket and then exec before we can make it
close-on-exec.

But these extensions are not supported on all Linuxes: They were added
between 2.6.23 or so and 2.6.28 or so.  If you were to build your Tor
against a recent Linux's kernel headers, and then run it with a older
kernel, you would find yourselve unable to open sockets.  Ouch!

The solution here is that, when one of these syscalls fails with
EINVAL, we should try again in the portable way.  This adds an extra
syscall in the case where we built with new headers and are running
with old ones, but it will at least allow Tor to work.

Fixes bug 5112; bugfix on 0.2.3.1-alpha.
2012-02-14 10:34:06 -05:00
Nick Mathewson
9efee31fae Synchronize with upstream tinytest again: remove _identifiers 2012-02-13 17:45:15 -05:00
Nick Mathewson
3b47a11654 Synchronize with upstream tinytest.
The big change here is a patch (first added to Libevent by Ed Day)
to make sure that the CreateProcess forked-test trick works even
when the main test program is invoked without its .exe suffix.
2012-02-13 17:29:31 -05:00
Roger Dingledine
b08ba1cb6c integrate recent changes files 2012-02-12 23:39:30 -05:00
Sebastian Hahn
9857ef0fb5 Properly set up environment for managed-mode obfsproxy 2012-02-12 23:39:58 -05:00
Nick Mathewson
01acce62b9 Add a changes file for bug5084 2012-02-12 23:32:31 -05:00
Nick Mathewson
4aa0aa0300 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/common/Makefile.am
	src/or/Makefile.am
2012-02-12 23:27:31 -05:00
Nick Mathewson
b3abf15342 Fix --enable-static-tor on OpenBSD
Previously we'd been using "we have clock_gettime()" as a proxy for
"we need -lrt to link a static libevent".  But that's not really
accurate: we should only add -lrt if searching for clock_gettime
function adds -lrt to our libraries.
2012-02-12 19:54:13 -05:00
Robert Ransom
0e9663d439 Fix bug #5097: remove bogus envvar from managed proxies' environment 2012-02-12 19:12:51 -05:00
Roger Dingledine
db23aec6f2 fold in changes for 0.2.3.12-alpha 2012-02-11 22:14:59 -05:00
Sebastian Hahn
8ce6722d76 Properly protect paths to sed, sha1sum, openssl
in Makefile.am, we used it without quoting it, causing build failure if
your openssl/sed/sha1sum happened to live in a directory with a space in
it (very common on windows)
2012-02-10 20:12:03 +01:00
Nick Mathewson
64523609c9 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-02-10 12:03:46 -05:00
Nick Mathewson
c8b855082b Downgrade "missing a certificate" from notice to info
It was apparently getting mistaken for a problem, even though it was
at notice.

Fixes 5067; fix on 0.2.0.10-alpha.
2012-02-10 12:01:56 -05:00
Nick Mathewson
34b9bc2829 Add a changes file for bug 5066.
(It appeared in 0.2.3.11-alpha, but never in a released 0.2.2 afaict)
2012-02-10 10:57:57 -05:00
Karsten Loesing
4aca55efd2 Count IPv6 connections in bridge and entry stats. 2012-02-09 11:12:30 +01:00
Roger Dingledine
ef0bc7f8f2 Merge branch 'maint-0.2.2' 2012-02-09 04:21:20 -05:00
Roger Dingledine
a70ff4b2cb Merge branch 'maint-0.2.1' into maint-0.2.2 2012-02-09 04:21:08 -05:00
Roger Dingledine
929ebde2b9 Merge branch 'maint-0.2.2' 2012-02-09 04:02:18 -05:00
Roger Dingledine
85c539009a Revert "add a "docs" to the manual URI as listed in torrc.sample.in"
This reverts commit 55e8cae815.

The conversation from irc:
> weasel: i had intended to leave torrc.sample.in alone in maint-0.2.2,
since i don't want to make all your stable users have to deal with
a torrc change. but nickm changed it. is it in fact the case that a
change in that file means a change in the deb?
<weasel> it means you'll prompt every single user who ever touched
their torrc
<weasel> and they will be asked if they like your new version better
than what they have right now
<weasel> so it's not great

Instead I changed the website to redirect requests for the tor-manual
URL listed in maint-0.2.2's torrc.sample.in so the link will still work.
2012-02-09 03:57:04 -05:00
Karsten Loesing
4180624a7d Update to the February 2012 GeoIP database. 2012-02-09 09:16:24 +01:00
Nick Mathewson
ca431c5400 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-02-08 10:52:34 -05:00
Nick Mathewson
55e8cae815 add a "docs" to the manual URI as listed in torrc.sample.in 2012-02-08 10:52:05 -05:00
Sebastian Hahn
332e96d109 Fix fencepost error with HearbeatPeriod option
We'd only log every HeartbeatPeriod + 1 seconds. Discovered by Scott
Bennett, reported as bug 4942.
2012-02-08 04:44:15 -05:00
Roger Dingledine
9bcf315e9b Update sample torrc file for 0.2.3.x
Fix broken URLs.

Tell readers about the OutboundBindAddress, ExitPolicyRejectPrivate,
and PublishServerDescriptor options.
2012-02-08 04:40:26 -05:00
Roger Dingledine
92862c6d48 Merge branch 'maint-0.2.2' 2012-02-02 02:32:44 -05:00
Roger Dingledine
688903e919 Update "ClientOnly" man page entry
There isn't really any point to messing with it. Resolves ticket 5005.
2012-02-02 02:31:28 -05:00
Nick Mathewson
dd68d596cd Set IPV6_V6ONLY on listener sockets bound to IPv6 addresses.
If we don't do this, [::] can be interpreted to mean all v4 and all
v6 addresses.  Found by dcf.  Fixes bug 4760.  See RFC 3493 section
5.3 for more info.
2012-01-31 16:09:49 -05:00
Nick Mathewson
79a80c88ee Fix straggling MS_WINDOWS issues; add a changes file
There was one MS_WINDOWS that remained because it wasn't on a macro
line; a few remaining uses (and the definition!) in configure.in;
and a now-nonsensical stanza of eventdns_tor.h that previously
defined 'WIN32' if it didn't exist.
2012-01-31 15:48:47 -05:00
Nick Mathewson
2305454327 Merge remote-tracking branch 'arma/bug4013' 2012-01-31 11:25:29 -05:00
Nick Mathewson
48424772aa Actually enable the windows absolute-path code
Checking for "WINDOWS" is wrong; our magic macro is MS_WINDOWS

Fixes bug 4973; bugfix on 0.2.3.11-alpha.
2012-01-31 10:42:41 -05:00
Nick Mathewson
2b29c8f48f Merge remote-tracking branch 'sebastian/osx_deadstrip' 2012-01-27 11:49:34 -05:00
Roger Dingledine
a0f0897795 Allow 0.2.3.x clients to use 0.2.2.x bridges.
Previously the client would ask the bridge for microdescriptors, which are
only supported in 0.2.3.x and later, and then fail to bootstrap when it
didn't get the answers it wanted. Fixes bug 4013; bugfix on 0.2.3.2-alpha.

The fix here is to revert to using normal descriptors if any of our
bridges are known to not support microdescs. This is not ideal, a) because
we'll start downloading a microdesc consensus as soon as we get a bridge
descriptor, and that will waste time if we later get a bridge descriptor
that tells us we don't like microdescriptors; and b) by changing our mind
we're leaking to our other bridges that we have an old-version bridge.

The alternate fix would have been to change
we_use_microdescriptors_for_circuits() to ask if *any* of our bridges
can support microdescriptors, and then change the directory logic that
picks a bridge to only select from those that do. For people living in
the future, where 0.2.2.x is obsolete, there won't be a difference.

Note that in either of these potential fixes, we have risk of oscillation
if our one funny-looking bridges goes away / comes back.
2012-01-25 18:54:59 -05:00
Roger Dingledine
247a21379a set SO_REUSEADDR before we bind, not after
resolves bug 4950 (fixes a bug on commit aba7bb705a from #2850)
2012-01-23 15:54:02 -05:00
Roger Dingledine
110a953156 fold in recent changelog entries 2012-01-22 00:15:45 -05:00
Sebastian Hahn
1f5c5624f4 Use dead_strip to reduce binary size on OS X
This option seems to be supported all the way back to at least 10.4, so
enabling it for OS X in general should be fine. If not, someone will
yell.

With no libs statically linked, that's a 3% win in binary size, with
just libevent linked statically, this gives us an advantage of 5% in
terms of binary size, and with libevent and openssl statically linked,
we gain over 18% or over 500KB.

Implements ticket 2915.
2012-01-20 23:30:53 +01:00
Nick Mathewson
26e789fbfd Rename nonconformant identifiers.
Fixes bug 4893.

These changes are pure mechanical, and were generated with this
perl script:

  /usr/bin/perl -w -i.bak -p

  s/crypto_pk_env_t/crypto_pk_t/g;
  s/crypto_dh_env_t/crypto_dh_t/g;
  s/crypto_cipher_env_t/crypto_cipher_t/g;
  s/crypto_digest_env_t/crypto_digest_t/g;

  s/aes_free_cipher/aes_cipher_free/g;
  s/crypto_free_cipher_env/crypto_cipher_free/g;
  s/crypto_free_digest_env/crypto_digest_free/g;
  s/crypto_free_pk_env/crypto_pk_free/g;

  s/_crypto_dh_env_get_dh/_crypto_dh_get_dh/g;
  s/_crypto_new_pk_env_rsa/_crypto_new_pk_from_rsa/g;
  s/_crypto_pk_env_get_evp_pkey/_crypto_pk_get_evp_pkey/g;
  s/_crypto_pk_env_get_rsa/_crypto_pk_get_rsa/g;

  s/crypto_new_cipher_env/crypto_cipher_new/g;
  s/crypto_new_digest_env/crypto_digest_new/g;
  s/crypto_new_digest256_env/crypto_digest256_new/g;
  s/crypto_new_pk_env/crypto_pk_new/g;

  s/crypto_create_crypto_env/crypto_cipher_new/g;

  s/connection_create_listener/connection_listener_new/g;
  s/smartlist_create/smartlist_new/g;
  s/transport_create/transport_new/g;
2012-01-18 15:53:30 -05:00
Nick Mathewson
d1b40cf2e7 Merge remote-tracking branch 'public/bug4533_part1'
Conflicts:
	src/common/compat.h
2012-01-18 15:33:04 -05:00
Nick Mathewson
1772782e42 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-01-18 15:29:41 -05:00
Nick Mathewson
6d595fa4cf Merge remote-tracking branch 'public/bug4533_part2' into maint-0.2.2 2012-01-18 15:29:25 -05:00
Nick Mathewson
b14ac10b7f Add missing documentation for some options introduced in 0.2.3.x 2012-01-18 14:50:13 -05:00
Nick Mathewson
93d3a917e8 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-01-18 14:45:18 -05:00
Nick Mathewson
676bba8e0c Documentation for GiveGuardFlagTo... option 2012-01-18 14:44:29 -05:00
Nick Mathewson
ee717f35c4 Use tor_socket_t, not unsigned, in tor-fw-helper-natmp.c 2012-01-18 13:14:44 -05:00
Nick Mathewson
dd4b1a2ac6 Fix SOCKET_OK test on win64.
Bugfix on 0.2.2.29-beta; partial fix for 4533; found by wanoskarnet
2012-01-18 10:48:29 -05:00
Nick Mathewson
dea0720dad Warn if sizeof(tor_socket_t) != sizeof(SOCKET) 2012-01-17 16:38:47 -05:00
Nick Mathewson
6e8c2a3e46 Use SOCKET_OK macros in even more places
Add a TOR_INVALID_SOCKET macro to wrap -1/INVALID_SOCKET.

Partial work for bug4533.
2012-01-17 16:35:07 -05:00
Nick Mathewson
875a54dad3 Merge remote-tracking branch 'public/bug3325' 2012-01-16 15:10:38 -05:00
Nick Mathewson
5579bc0eaf whitespace fixes 2012-01-16 15:07:47 -05:00
Nick Mathewson
cc02823d7f Convert instances of tor_snprintf+strdup into tor_asprintf
These were found by looking for tor_snprintf() instances that were
followed closely by tor_strdup(), though I probably converted some
other snprintfs as well.
2012-01-16 15:03:13 -05:00
Nick Mathewson
edcc9981d8 Try to use smartlist_add_asprintf consistently
(To ensure correctness, in every case, make sure that the temporary
variable is deleted, renamed, or lowered in scope, so we can't have
any bugs related to accidentally relying on the no-longer-filled
variable.)
2012-01-16 15:02:51 -05:00
Nick Mathewson
125fba2e99 Provide consensus params to constrain the threshold for Fast
resolves ticket 3946
2012-01-16 14:50:13 -05:00
Nick Mathewson
938531773a Allow authorities to baddir/badexit/invalid/reject nodes by cc
Implements ticket #4207
2012-01-13 12:28:47 -05:00
Nick Mathewson
2cddd1d69f Move logging of bad hostnames into parse_extended_hostname
This fixes bug 3325, where a bad .exit would get logged as a bad .onion
2012-01-11 15:56:14 -05:00
Nick Mathewson
411cf8f714 Make openssl 0.9.8l log message accurate
fixes 4837
2012-01-11 15:41:46 -05:00
Nick Mathewson
f729e1e984 Merge branch 'feature3457-v4-nm-squashed'
Conflicts:
	src/or/rendclient.c
2012-01-11 12:10:14 -05:00
Nick Mathewson
5e9d349979 Merge remote-tracking branch 'public/bug4650_nm_squashed' 2012-01-10 17:59:49 -05:00
Nick Mathewson
eefe8857c2 changes file for bug4746 2012-01-10 16:53:27 -05:00
Nick Mathewson
8d74fba651 Merge branch 'absolute_cookie_file' 2012-01-10 15:00:02 -05:00
Nick Mathewson
3085b76a09 changes file for #4881 2012-01-10 14:59:49 -05:00
Nick Mathewson
d29a390733 Test for broken counter-mode at runtime
To solve bug 4779, we want to avoid OpenSSL 1.0.0's counter mode.
But Fedora (and maybe others) lie about the actual OpenSSL version,
so we can't trust the header to tell us if it's safe.

Instead, let's do a run-time test to see whether it's safe, and if
not, use our built-in version.

fermenthor contributed a pretty essential fixup to this patch. Thanks!
2012-01-10 11:15:35 -05:00
Nick Mathewson
5741aef3dc We no longer need to detect openssl without RAND_poll()
We require openssl 0.9.7 or later, and RAND_poll() was first added in
openssl 0.9.6.
2012-01-10 10:40:31 -05:00
Nick Mathewson
85c7d7659e Add macros to construct openssl version numbers
It's a pain to convert 0x0090813f to and from 0.9.8s-release on the
fly, so these macros should help.
2012-01-10 10:40:30 -05:00
Sebastian Hahn
6b9298ef72 Log which votes we still need to fetch
This might help us see which authorities are problematic in getting
their vote published the first time.
2012-01-10 16:13:30 +01:00
Sebastian Hahn
50a50392b7 Advertise dirport if accountingmax is large enough
When we have an effective bandwidthrate configured so that we cannot
exceed our bandwidth limit in one accounting interval, don't disable
advertising the dirport. Implements ticket 2434.
2012-01-10 09:59:36 -05:00
Nick Mathewson
489db38229 Revise bug4413 changes file 2012-01-09 19:18:48 -05:00
Stephen Palmateer
3fadc074ca Remove (untriggerable) overflow in crypto_random_hostname()
Fixes bug 4413; bugfix on xxxx.

Hostname components cannot be larger than 63 characters.
This simple check makes certain randlen cannot overflow rand_bytes_len.
2012-01-09 19:05:05 -05:00
Nick Mathewson
838ec086be Merge remote-tracking branch 'origin/maint-0.2.2' 2012-01-09 12:22:29 -05:00
Nick Mathewson
6fd61cf767 Fix a trivial log message error in renservice.c
Fixes bug 4856; bugfix on 0.0.6

This bug was introduced in 79fc5217, back in 2004.
2012-01-09 12:21:04 -05:00
Roger Dingledine
36721e940d fold in some new changelog stanzas 2012-01-07 07:42:07 -05:00
Nick Mathewson
37c90319e2 Add a changes file for bug4563 2012-01-06 11:42:00 -05:00
Nick Mathewson
ef69f2f2ab Merge remote-tracking branch 'origin/maint-0.2.2' 2012-01-05 14:17:44 -05:00
Nick Mathewson
ccd8289958 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2012-01-05 14:16:30 -05:00
Nick Mathewson
0a00678e56 Add a changes file for bug4822 2012-01-05 12:28:55 -05:00
Roger Dingledine
9bfb8af265 Merge branch 'maint-0.2.2' 2012-01-05 06:55:34 -05:00
Roger Dingledine
a1074c7aa2 Merge branch 'maint-0.2.1' into maint-0.2.2 2012-01-05 06:45:28 -05:00
Roger Dingledine
df17b62d54 add a changes file for ticket 4825 2012-01-05 06:42:26 -05:00
Nick Mathewson
ff282a1126 changes file for bug4650 2012-01-04 15:12:02 -05:00
Nick Mathewson
65420e4cb5 Merge remote-tracking branch 'rransom-tor/bug1297b-v2' 2012-01-04 13:50:24 -05:00
Nick Mathewson
47b7a27929 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-01-03 13:22:34 -05:00
Sebastian Hahn
d861b4cc9d Fix spelling in a controlsocket log msg
Fixes bug 4803.
2011-12-30 23:27:02 +01:00
Nick Mathewson
bfae41328e Merge remote-tracking branch 'origin/maint-0.2.2' 2011-12-28 16:52:31 -05:00
Nick Mathewson
84bf8e3808 Merge remote-tracking branch 'public/bug4788' into maint-0.2.2 2011-12-28 16:50:45 -05:00
Nick Mathewson
f71d63ec9d changes file for bug1827 2011-12-28 16:40:15 -05:00
Nick Mathewson
e3a6493898 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-12-28 15:57:48 -05:00
Nick Mathewson
c563551eef Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-12-28 15:56:37 -05:00
Nick Mathewson
120a745346 Bug 4786 fix: don't convert EARLY to RELAY on v1 connections
We used to do this as a workaround for older Tors, but now it's never
the correct thing to do (especially since anything that didn't
understand RELAY_EARLY is now deprecated hard).
2011-12-28 15:54:06 -05:00
Robert Ransom
2b189a222b Don't exit when marking a newly created _C_INTRODUCING circ for close 2011-12-28 09:02:14 -08:00
Nick Mathewson
9bcb187387 Authorities reject insecure Tors.
This patch should make us reject every Tor that was vulnerable to
CVE-2011-0427.  Additionally, it makes us reject every Tor that couldn't
handle RELAY_EARLY cells, which helps with proposal 110 (#4339).
2011-12-27 21:47:04 -05:00
Nick Mathewson
78f43c5d03 Require openssl 1.0.0a for using openssl's ctr-mode implementation
Previously we required 1.0.0, but there was a bug in the 1.0.0 counter
mode. Found by Pascal. Fixes bug 4779.

A more elegant solution would be good here if somebody has time to code
one.
2011-12-27 20:31:23 -05:00
Robert Ransom
836161c560 Add an option to close HS service-side rend circs on timeout 2011-12-27 08:02:43 -08:00
Robert Ransom
f88c8ca8c9 Don't close HS service-side rend circs on timeout 2011-12-27 08:02:43 -08:00
Robert Ransom
078e3e9dd5 Add an option to close 'almost-connected' HS client circs on timeout 2011-12-27 08:02:43 -08:00
Robert Ransom
4b13c33c0c Don't close HS client circs which are 'almost connected' on timeout 2011-12-27 08:02:42 -08:00
Nick Mathewson
85d7811456 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-12-26 17:58:51 -05:00
Roger Dingledine
3aade2fab7 Merge remote-tracking branch 'nickm/prop110_v2' 2011-12-25 17:43:09 -05:00
Sebastian Hahn
da876aec63 Provide correct timeradd/timersup replacements
Bug caught and patch provided by Vektor. Fixes bug 4778.t
2011-12-25 23:19:08 +01:00
Robert Ransom
4c3a23b283 Look up the rend circ whose INTRODUCE1 is being ACKed correctly
This change cannibalizes circuit_get_by_rend_query_and_purpose because it
had exactly one caller.
2011-12-22 23:46:09 -08:00
Nick Mathewson
7cb804343b Merge remote-tracking branch 'rransom/feature2411-v4' 2011-12-22 10:51:39 -05:00
Nick Mathewson
782b7f49d8 Fix bug2571: warn on EntryNodes set and UseEntryGuards disabled 2011-12-22 10:31:52 -05:00
Nick Mathewson
e0651bb108 Changes file for bug1101 2011-12-22 10:20:38 -05:00
Nick Mathewson
0187bd8728 Implement the last of proposal 110
Reject all EXTEND requests not received in a relay_early cell
2011-12-22 09:51:59 -05:00
Nick Mathewson
878a684386 Merge remote-tracking branch 'public/bug4697' 2011-12-22 09:45:26 -05:00
Nick Mathewson
f75660958c Merge remote-tracking branch 'origin/maint-0.2.2' 2011-12-21 11:20:56 -05:00
Nick Mathewson
b5e6bbc01d Do not even try to keep going on a socket with socklen==0
Back in #1240, r1eo linked to information about how this could happen
with older Linux kernels in response to nmap.  Bugs #4545 and #4547
are about how our approach to trying to deal with this condition was
broken and stupid.  Thanks to wanoskarnet for reminding us about #1240.

This is a fix for the abovementioned bugs, and is a bugfix on
0.1.0.3-rc.
2011-12-21 11:19:41 -05:00
Nick Mathewson
d7531b2adc duplicate changelog entry for 4531 2011-12-20 14:51:34 -05:00
Nick Mathewson
4080ac9eee Merge branch 'bug3825b-v8-squashed' 2011-12-20 11:15:49 -05:00
Robert Ransom
dae000735e Adjust n_intro_points_wanted when a service's intro points are closed 2011-12-20 11:15:33 -05:00
Nick Mathewson
9cabedd3eb Explain why we are making gcc 3.3 work 2011-12-19 11:29:03 -05:00
Martin Hebnes Pedersen
d5e964731c Fixed build with GCC < 3.3
Preprocessor directives should not be put inside the arguments
of a macro. This is not supported on older GCC releases (< 3.3)
thus broke compilation on Haiku (running gcc2).
2011-12-19 11:27:08 -05:00
Nick Mathewson
e5e50d86ca Ignore all bufferevent events on a marked connection
Bug 4697; fix on 0.2.3.1-alpha
2011-12-17 14:06:10 -05:00
Peter Palfrader
597e428df6 And a changes file for bug#4733 2011-12-17 12:21:56 -05:00
Nick Mathewson
cefff11950 Merge remote-tracking branch 'sebastian/clang-3.0-fixes_022' into maint-0.2.2 2011-12-16 17:49:41 -05:00
Nick Mathewson
9df0bf7a40 Merge remote-tracking branch 'sebastian/clang-3.0-fixes_master' 2011-12-16 17:48:25 -05:00
Nick Mathewson
a7b5e72463 Changelog and blurb for 0.2.3.10-alpha 2011-12-15 11:59:09 -05:00
Nick Mathewson
e402edd960 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-12-15 11:32:49 -05:00
Nick Mathewson
562c974ee7 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-12-15 11:28:44 -05:00
Nick Mathewson
9d0777839b Add a fix for the buf_pullup bug that Vektor reported 2011-12-15 11:28:24 -05:00
Nick Mathewson
960f62bd82 Start a section for the 0.2.3.10-alpha changelog 2011-12-14 16:03:58 -05:00
Sebastian Hahn
bcca541da9 Build with warnings and clang 3.0
--enable-gcc-warnings enables two warnings that clang doesn't support,
so the build fails. We had hoped clang 3.0 would add those, but it
didn't, so let's just always disable those warnings when building with
clang. We can still fix it later once they add support
2011-12-13 07:43:53 +01:00
Robert Ransom
d688a40a0e Don't crash on startup of a dormant relay
If a relay is dormant at startup, it will call init_keys before
crypto_set_tls_dh_prime.  This is bad.  Let's make it not so bad, because
someday it *will* happen again.
2011-12-12 11:25:55 -08:00
Sebastian Hahn
e4cebb76c5 Fix compilation of natpmp-helper on non-windows
Fixes a small oversight in 5dbfb1b3e0.
2011-12-10 03:25:40 +01:00
Robert Ransom
832bfc3c46 Clear stream-isolation state on rend circs if needed to attach streams
Fixes bug 4655; bugfix on 0.2.3.3-alpha.
2011-12-09 11:28:42 -05:00
Roger Dingledine
630337e762 Merge branch 'maint-0.2.2' 2011-12-08 04:40:30 -05:00
Roger Dingledine
0582746e0d Merge branch 'maint-0.2.1' into maint-0.2.2 2011-12-08 04:40:15 -05:00
Roger Dingledine
06b10ccdc4 fold in changes files 2011-12-08 04:38:37 -05:00
Karsten Loesing
ff2c9acbb3 Update to the December 2011 GeoIP database. 2011-12-08 09:55:44 +01:00
Robert Ransom
b5a21d79d8 Add changes file for feature2553 2011-12-07 04:44:13 -08:00
Nick Mathewson
4f47db3280 Merge remote-tracking branch 'sebastian/coverity' 2011-12-05 11:56:03 -05:00
Sebastian Hahn
60c330a251 cid 432: Remove dead code if we don't handle a consensus
Bugfix on 0.2.3.1, fixes the second half of bug 4637.
2011-12-04 17:36:23 +01:00
Robert Ransom
f5730d4698 Don't send two ESTABLISH_RENDEZVOUS cells when opening a new rend circ 2011-12-03 22:06:50 -08:00
Nick Mathewson
682a85ff7c Don't just tell the controller "foo" on id mismatch
Fixes bug 4169; bugfix on 0.2.1.1-alpha.
2011-12-02 16:27:33 -05:00
Nick Mathewson
5303918091 Init conn->addr to "unspec" on cpuworker connections
Fixes bug 4532 reported by "troll_un"
2011-12-02 16:21:50 -05:00
Nick Mathewson
57ff9913b2 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/connection_or.c

The conflict in src/or/connection_or.c is resolved by taking the
version in master, since e27a26d5 already fixed bug 4531 on master.
This merge just adds the changes file from 0.2.2.
2011-12-02 16:17:52 -05:00
Nick Mathewson
6171bdd105 Don't call tor_tls_set_logged_address till after checking conn->tls
Fixes bug 4531; partial backport of e27a26d5.
2011-12-02 16:15:52 -05:00
Nick Mathewson
d9edee3a3b Merge remote-tracking branch 'origin/maint-0.2.2' 2011-12-02 16:10:17 -05:00
Nick Mathewson
2b5a035604 tor_accept_socket() should take tor_addr_t for listener arg
Fixes bug 4535; bugfix on 0.2.2.28-beta; found by "troll_un"
2011-12-02 16:09:16 -05:00
Nick Mathewson
cf14a520c8 Resolve bug 3448: remove mention of tor-ops (which is not in use) 2011-12-02 15:42:15 -05:00
Nick Mathewson
0920cd02f4 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-12-02 15:38:29 -05:00
Nick Mathewson
b7015603fa Fix bug 4530; check return val of tor_addr_lookup correctly
Fix on 0.2.1.5-alpha; reported by troll_un
2011-12-02 15:37:24 -05:00
Nick Mathewson
3b88b63826 Merge branch 'bug933_nm_rebased_v2'
Conflicts:
	src/test/test.c
2011-11-30 14:10:22 -05:00
Robert Hogan
c6d8c6baaa bug933 - Match against super-domains in MapAddress
Allow MapAddress to handle directives such as:

MapAddress .torproject.org .torserver.exit
MapAddress .org 1.1.1.1

Add tests for addressmap_rewrite.
2011-11-30 14:08:10 -05:00
Nick Mathewson
29db095a35 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-11-30 12:41:08 -05:00
Linus Nordberg
192de441e0 Add changes file. 2011-11-30 11:55:46 -05:00
Nick Mathewson
628b735fe3 Merge remote-tracking branch 'rransom-tor/bug3460-v4'
Conflicts:
	src/or/rendservice.c
2011-11-29 20:56:39 -05:00
Nick Mathewson
da6c136817 Merge remote-tracking branch 'asn-mytor/bug4548_take2' 2011-11-29 18:30:41 -05:00
Nick Mathewson
83f66db79e Merge branch 'disable_network' 2011-11-29 17:52:23 -05:00
Nick Mathewson
df9b76460c New 'DisableNetwork' option to prevent Tor from using the network
Some controllers want this so they can mess with Tor's configuration
for a while via the control port before actually letting Tor out of
the house.

We do this with a new DisableNetwork option, that prevents Tor from
making any outbound connections or binding any non-control
listeners.  Additionally, it shuts down the same functionality as
shuts down when we are hibernating, plus the code that launches
directory downloads.

To make sure I didn't miss anything, I added a clause straight to
connection_connect, so that we won't even try to open an outbound
socket when the network is disabled.  In my testing, I made this an
assert, but since I probably missed something, I've turned it into a
BUG warning for testing.
2011-11-28 15:44:10 -05:00
Nick Mathewson
230422b955 Support for a defaults torrc file.
This will mainly help distributors by giving a way to set system or package
defaults that a user can override, and that a later package can replace.

No promises about the particular future location or semantics for this:
we will probably want to tweak it some before 0.2.3.x-rc

The file is searched for in CONFDIR/torrc-defaults , which can be
overridden with the "--defaults-torrc" option on the command line.
2011-11-27 22:25:52 -05:00
Nick Mathewson
73436a1d6f Add the ability to append and clear linelist options from cmdline
This will be important for getting stuff to work right across zones.
2011-11-27 21:32:51 -05:00
Nick Mathewson
9ce5801e22 Make linelists always overridden by the command line
This starts an effort to refactor torrc handling code to make it easier
to live with.  It makes it possible to override exit policies from the
command line, and possible to override (rather than append to) socksport
lists from the command line.

It'll be necessary to make a "base" torrc implementation work at all.
2011-11-27 18:13:32 -05:00
Sebastian Hahn
e5e4bfd167 Implement consensus method 12 (proposal 178) 2011-11-27 09:29:33 -05:00
George Kadianakis
efba71b03c Add a changes file. 2011-11-27 09:03:37 +01:00
Roger Dingledine
58d1aa4402 fold in changes files so far 2011-11-25 19:24:42 -05:00
Nick Mathewson
e5f2f10844 Merge remote-tracking branch 'asn/bug4312' 2011-11-25 17:00:47 -05:00
Nick Mathewson
093e6724c7 Merge remote-tracking branch 'asn/bug3472_act2' 2011-11-25 16:00:31 -05:00
Nick Mathewson
cb8059b42d Merge remote-tracking branch 'sebastian/pure_removal' 2011-11-25 14:54:04 -05:00
Sebastian Hahn
75d8ad7320 Purge ATTR_PURE from the code
We're using it incorrectly in many cases, and it doesn't help as far as
we know.
2011-11-25 17:57:50 +01:00
George Kadianakis
e2a189053d Add a changes file. 2011-11-25 17:44:48 +01:00
Nick Mathewson
25c9e3aab9 Merge branch 'more_aes_hackery_rebased'
Conflicts:
	changes/aes_hackery
2011-11-25 10:36:13 -05:00
Nick Mathewson
9814019a54 Use openssl's counter mode implementation when we have 1.0.0 or later
This shaves about 7% off our per-cell AES crypto time for me; the
effect for accelerated AES crypto should be even more, since the AES
calculation itself will make an even smaller portion of the
counter-mode performance.

(We don't want to do this for pre-1.0.0 OpenSSL, since our AES_CTR
implementation was actually faster than OpenSSL's there, by about
10%.)

Fixes issue #4526.
2011-11-25 10:32:21 -05:00
Nick Mathewson
8143074b3f Use EVP for AES only when hardware accel is present
Fixes bug 4525, fix on 0.2.3.8-alpha.
2011-11-25 10:32:00 -05:00
Peter Palfrader
fcf5c92e21 And add a changelog entry for the 4574 fix. (closes: #4574) 2011-11-25 10:04:49 -05:00
Peter Palfrader
d951e20426 And a changes file for bug3953 2011-11-24 23:58:25 -05:00
Nick Mathewson
916aa8022d Basic support for a "make version" target to declare the source version
This is katmagic's idea.  See issue 4400.
2011-11-24 23:53:18 -05:00
Nick Mathewson
3508de3cd6 Tweak disable_debugger_attachment a little
Don't warn when we have no implementation of this function (since it's
on-by-default); reformat the changes entry; fix an overlong line.
2011-11-24 23:39:52 -05:00
Nick Mathewson
68114ca52c Merge remote-tracking branch 'ioerror/DisableDebuggerAttachment'
Conflicts:
	src/or/config.c
2011-11-24 23:38:32 -05:00
Nick Mathewson
f634228a07 Merge remote-tracking branch 'public/feature4516' 2011-11-24 22:59:37 -05:00
Robert Ransom
17113448d2 Include circ creation time in CIRC events, etc. 2011-11-24 06:55:16 -08:00
Robert Ransom
88e0026d2f Send CIRC2 event when a circuit is cannibalized 2011-11-24 06:55:06 -08:00
Robert Ransom
296b8d0b10 Add CIRC2 control-port event, and send it when a circ's purpose changes 2011-11-24 06:54:55 -08:00
Robert Ransom
104c50fedb Log whenever a circuit's purpose is changed 2011-11-24 06:52:38 -08:00
Robert Ransom
d0ed7cbf8b List service address in CIRC events for HS-related circs 2011-11-24 06:32:55 -08:00
Robert Ransom
c7d01b0541 Report HS circ states stored in circ purpose field in CIRC events 2011-11-24 06:32:55 -08:00
Robert Ransom
b7c765b1b1 Report circuit build_state flags in CIRC events 2011-11-24 06:32:54 -08:00
Sebastian Hahn
11221d0f17 Update check-spaces to remove false positive for timercmp macro
The timercmp macro uses triggers a "space between function name and
opening parentheses" warning for the check spaces script. Work around
this by simply disabling the check for all "functions" named 'op()'.
2011-11-24 09:29:45 +01:00
Sebastian Hahn
46d69cb915 Fix compile warning in tor_inet_pton() (on 64bit)
This slipped through into 0.2.3.8-alpha unfortunately.
2011-11-24 09:19:57 +01:00
Nick Mathewson
3ebe960f3f Detect tor_addr_to_str failure in tor_dup_addr.
This avoids a possible strdup of an uninitialized buffer.

Fixes 4529; fix on 0.2.1.3-alpha; reported by troll_un.
2011-11-23 23:04:10 -05:00
Nick Mathewson
f067067ee6 Merge branch 'bug2474'
Had to resolve conflicts wrt the " (using bufferevents)" addition to the
startup string.

Conflicts:
	src/or/main.c
2011-11-23 17:14:54 -05:00
Nick Mathewson
3890c81e7c Merge remote-tracking branch 'origin/maint-0.2.2' 2011-11-23 16:28:18 -05:00
Nick Mathewson
fbf1c5ee79 Merge remote-tracking branch 'public/bug4230' into maint-0.2.2 2011-11-23 16:22:26 -05:00
Roger Dingledine
b7b2041dbf and rm the old ones 2011-11-21 19:34:30 -05:00
Roger Dingledine
fce107b11e raise AuthDirFastGuarantee from 20KB to 100KB
This patch reverts part of 39ceda7e05 (where it used to be 100KB).
2011-11-21 18:44:59 -05:00
Roger Dingledine
6a76007b08 Merge branch 'maint-0.2.2'
Conflicts:
	src/or/dirserv.c
2011-11-21 18:36:49 -05:00
Roger Dingledine
c0ec4eafc5 parameterize bw cutoffs to guarantee Fast and Guard flags
Now it will be easier for researchers to simulate Tor networks with
different values. Resolves ticket 4484.
2011-11-21 18:22:10 -05:00
Roger Dingledine
c9f24edb13 fold in more changes entries 2011-11-21 18:04:01 -05:00
Nick Mathewson
f4e053d6df Merge branch 'bug4518' into maint-0.2.2 2011-11-21 17:25:51 -05:00
Roger Dingledine
f3452b58ba fold in more changes entries 2011-11-21 16:33:18 -05:00
Nick Mathewson
929074b368 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-11-21 10:52:38 -05:00
Nick Mathewson
b3c988f0d7 Merge remote-tracking branch 'public/bug3963' into maint-0.2.2 2011-11-21 10:52:15 -05:00
Nick Mathewson
0539c34c35 Merge branch 'bug4360' 2011-11-21 10:48:02 -05:00
Nick Mathewson
a6eef61f02 Changes file for bug4360 2011-11-21 10:47:57 -05:00
Nick Mathewson
3e9c86a8f9 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-11-20 20:16:49 -05:00
Nick Mathewson
fbcd7c01e7 Changes file for bug4521 backports. 2011-11-20 20:15:13 -05:00
Nick Mathewson
7992eb43c5 Log more loudly on a bad cert from an authority.
Clock skew made this situation way too frequent so we demoted it to
"protocol_warn", but when there's an authority, it should really just
be warn.
2011-11-20 00:48:25 -05:00
Nick Mathewson
f2f156f0e8 changes file for bug4515 2011-11-19 18:46:15 -05:00
Nick Mathewson
8e388bc39c Only call cull_wedged_cpuworkers once every 60 seconds.
The function is over 10 or 20% on some of Moritz's profiles, depending
on how you could.

Since it's checking for a multi-hour timeout, this is safe to do.

Fixes bug 4518.
2011-11-19 18:30:55 -05:00
Nick Mathewson
53dac6df18 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-11-18 19:09:08 -05:00
Sebastian Hahn
6ef44b7849 Don't log about stats when running as a client without geoip
Completely disable stats if we aren't running as a relay. We won't
collect any anyway, so setting up the infrastructure for them and
logging about them is wrong. This also removes a confusing log
message that clients without a geoip db would have seen.

Fixes bug 4353.
2011-11-19 00:50:03 +01:00
Nick Mathewson
b88db7573c Merge remote-tracking branch 'public/benchmark' 2011-11-18 18:42:49 -05:00
Nick Mathewson
6e6a661296 New UserspaceIOCPBuffers option to set SO_{SND,RCV}BUF to zero
When running with IOCP, we are in theory able to use userspace-
allocated buffers to avoid filling up the stingy amount of kernel
space allocated for sockets buffers.

The bufferevent_async implementation in Libevent provides this
ability, in theory.  (There are likely to be remaining bugs).  This
patch adds a new option that, when using IOCP bufferevents, sets
each socket's send and receive buffers to 0, so that we should use
this ability.

When all the bugs are worked out here, if we are right about bug 98,
this might solve or mitigate bug 98.

This option is experimental and will likely require lots of testing
and debugging.
2011-11-18 17:43:03 -05:00
Nick Mathewson
2408934516 Merge remote-tracking branch 'sebastian/bug2893' 2011-11-16 17:30:24 -05:00
Nick Mathewson
2f3dad10a8 Merge branch 'bug4457_master' 2011-11-16 16:23:15 -05:00
Nick Mathewson
5a02406ae0 Merge branch 'bug4457_022' into maint-0.2.2 2011-11-16 16:22:47 -05:00
Roger Dingledine
67650a869d allow manual control port authenticate via netcat 2011-11-16 18:14:03 +01:00
Sebastian Hahn
9fc7725aba Don't allow building on platforms where AF_UNSPEC != 0 2011-11-16 16:39:04 +01:00
Nick Mathewson
87622e4c7e Allow up to a 30 days future skew, 48 hours past skew in certs. 2011-11-15 15:57:41 -05:00
Nick Mathewson
26fcb4bb8c Merge remote-tracking branch 'sebastian/bug4469' 2011-11-15 11:59:37 -05:00
Nick Mathewson
3ef40f6993 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-11-15 11:42:38 -05:00
Sebastian Hahn
4b8d2ad6f5 Fix compile warnings on windows 2011-11-15 13:34:04 +01:00
Nick Mathewson
5bea660f8e Use real_addr in send_netinfo
Reported by "troll_un"; bugfix on 0.2.0.10-alpha; fixes bug 4349.
2011-11-14 22:43:40 -05:00
Nick Mathewson
4af82fb388 Merge remote-tracking branch 'public/bug4367' 2011-11-14 22:35:49 -05:00
Nick Mathewson
7be50c26e8 Disable IOCP and retry event_base_new_with_config once on failure
This is a fancier bug4457 workaround for 0.2.3.  In 0.2.2, we could
just tell Libevent "Don't enable locking!" so it wouldn't try to make
the event_base notifiable.  But for IOCP, we need a notifiable base.
(Eventually, we'll want a notifiable base for other stuff, like
multithreaded crypto.)  So the solution is to try a full-featured
initialization, and then retry with all the options turned off if that
fails.
2011-11-14 18:12:29 -05:00
Nick Mathewson
cf8117136c Merge remote-tracking branch 'public/bug4457_022' into bug4457_master
Conflicts:
	src/common/compat_libevent.c

Resolving conflict by not taking 7363eae13c ("Use the
EVENT_BASE_FLAG_NOLOCK flag to prevent socketpair() invocation"): in
Tor 0.2.3.x, we _do_ sometimes use notifiable event bases.
2011-11-14 17:59:42 -05:00
Nick Mathewson
0f6c021617 Detect failure from event_init() or event_base_new_with_config() 2011-11-14 17:53:45 -05:00
Nick Mathewson
7363eae13c Use the EVENT_BASE_FLAG_NOLOCK flag to prevent socketpair() invocation
In Tor 0.2.2, we never need the event base to be notifiable, since we
don't call it from other threads.  This is a workaround for bug 4457,
which is not actually a Tor bug IMO.
2011-11-14 17:48:57 -05:00
Nick Mathewson
9292a78722 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-11-14 11:10:45 -05:00
Nick Mathewson
2b7bdc295a Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-11-14 11:10:27 -05:00
Nick Mathewson
13f02c387f Merge remote-tracking branch 'karsten/geoip-november2011' into maint-0.2.1 2011-11-14 11:10:10 -05:00
Gisle Vanem
af12a7ac00 Fix test_util.c compilation on MSVC
"Those '{}' constructs are not well liked by MSVC (cl v.16.xx)."

Received on tor-dev; fixes bug on 0.2.3.3-alpha.
2011-11-11 23:49:53 -05:00
Nick Mathewson
ff93535c71 New src/test/bench.c to allow us to actually _run_ benchmark code
Yes, the timing functions are suboptimal.  Please improve!
2011-11-11 12:35:08 -05:00
Sebastian Hahn
38123ffa23 Fix the bench_{aes,dmap} test functions to work with TT
TT expects them to be named test_bench_{aes,dmap}. Also change the
DISABLED macro to reflect that.
2011-11-11 11:47:25 -05:00
Nick Mathewson
21cf7079fe Dump our internal AES implementation
This thing was pretty pointless on versions of OpenSSL 0.9.8 and later,
and almost totally pointless on OpenSSL 1.0.0.

Also, favor EVP by default, since it lets us get hardware acceleration
where present.  (See issue 4442)
2011-11-11 11:47:24 -05:00
Nick Mathewson
613ff5698a Changes file for patches from 4ZM 2011-11-11 11:11:15 -05:00
Nick Mathewson
e1c6431e42 Correct the handling of overflow behavior in smartlist_ensure_capacity
The old behavior was susceptible to the compiler optimizing out our
assertion check, *and* could still overflow size_t on 32-bit systems
even when it did work.
2011-11-09 14:48:52 -05:00
Nick Mathewson
f0589da0e3 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-11-09 11:04:40 -05:00
Nick Mathewson
8adec87050 Merge remote-tracking branch 'rransom-tor/bug4426' into maint-0.2.2 2011-11-09 11:03:20 -05:00
Nick Mathewson
9452b65680 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-11-09 10:28:43 -05:00
Sebastian Hahn
0cc7a63fc0 Don't warn when compiling with --disable-threads
STMT_VOID semantics suggested by nick, thanks!
2011-11-09 10:26:35 +01:00
Sebastian Hahn
4ccc8d0292 Don't exit on dirauths for some config transitions 2011-11-08 12:44:12 +01:00
Robert Ransom
565463243c Include HiddenServiceDir in some warning messages 2011-11-07 17:02:50 -08:00
Robert Ransom
ef2b0bd528 Add GETINFO md/id/* and md/name/* items for relay microdescs 2011-11-07 15:32:33 -08:00
Roger Dingledine
e26f5553ec fold in changes files 2011-11-07 15:22:23 -05:00
Nick Mathewson
4a7225d4c9 Merge remote-tracking branch 'rransom-tor/bug4411' 2011-11-07 11:57:07 -05:00
Nick Mathewson
25875f533b Merge remote-tracking branch 'origin/maint-0.2.2' 2011-11-07 11:55:11 -05:00
Nick Mathewson
8ba1cf3007 Robert says that this bug was not in fact one of frosty's 2011-11-07 11:54:54 -05:00
Robert Ransom
749b37bcf4 Fix assert on clients of and authorities for v0 HS descs 2011-11-07 08:48:23 -08:00
Nick Mathewson
ceebc8283f Merge remote-tracking branch 'origin/maint-0.2.2' 2011-11-07 11:48:02 -05:00
Nick Mathewson
ca282e5326 Merge branch 'bug4424' into maint-0.2.2 2011-11-07 11:47:28 -05:00
Robert Ransom
65a0d7e7ef Don't leak an extend_info_t in rend_client_any_intro_points_usable 2011-11-07 08:35:51 -08:00
Nick Mathewson
51f53b590e Merge remote-tracking branch 'origin/maint-0.2.2' 2011-11-07 10:44:02 -05:00
Nick Mathewson
4d8306e0e9 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-11-07 10:42:34 -05:00
Karsten Loesing
6d45c6d548 Update to the November 2011 GeoIP database. 2011-11-07 14:23:48 +01:00
Sebastian Hahn
be6928d6e7 Add a changes file for 4410 2011-11-06 18:00:10 +01:00
George Kadianakis
e097bffaed Fix issues pointed out by nickm.
- Rename tor_tls_got_server_hello() to tor_tls_got_client_hello().
- Replaced some aggressive asserts with LD_BUG logging.

  They were the innocent "I believe I understand how these callbacks
  work, and this assert proves it" type of callbacks, and not the "If
  this statement is not true, computer is exploding." type of
  callbacks.
- Added a changes file.
2011-11-03 22:33:50 +01:00
Nick Mathewson
c1005dd6d3 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-11-03 13:24:46 -04:00
George Kadianakis
3ae96845d3 Fix a memleak when fetching descriptors for bridges in ExcludeNodes. 2011-11-03 13:23:50 -04:00
Nick Mathewson
325a659cb1 Even when we can't answer an AUTH_CHALLENGE, send NETINFO.
Fixes bug 4368; fix on 0.2.3.6-alpha; bug found by "frosty".
2011-11-03 12:40:02 -04:00
Nick Mathewson
248b967ce6 Add comments and changes file for 4361; tweak control flow a bit 2011-11-03 12:31:31 -04:00
Nick Mathewson
88c4b425bd Fix bug 4367: correctly detect auth_challenge cells we can't use
Found by frosty_un, bugfix on 0.2.3.6-alpha, fix suggested by arma.
2011-11-03 11:52:35 -04:00
Nick Mathewson
d029c3223a changes file for bug4366 2011-11-03 10:24:31 -04:00
Sebastian Hahn
c98faa1a23 Resolve a crash when running as dirauth
When we're asked for our own descriptor, don't crash.
2011-11-02 20:57:23 +01:00
Robert Ransom
60ed98e184 Reduce lifetime of DH public key replay-detection cache elements 2011-10-31 05:05:45 -07:00
Robert Ransom
272dd90b5c Ignore timestamps of INTRODUCE2 cells 2011-10-31 05:05:45 -07:00
Nick Mathewson
c58f4a8652 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-10-30 21:28:36 -04:00
Erinn Clark
a6ea34977b remove absolute path from contrib/package_nsis-mingw.sh in order to make it easier to automatically build tor expert bundle 2011-10-31 00:52:52 +00:00
Robert Ransom
1a52a947c5 Move the real INTRODUCE2 replay-detection cache into rend_intro_point_t 2011-10-30 04:46:58 -07:00
Robert Ransom
1eba4f0cc3 Make introduction points expire 2011-10-30 02:17:59 -07:00
Roger Dingledine
46296b3fa4 there will be a new alpha release today (oct 30) 2011-10-30 01:58:05 -04:00
Roger Dingledine
eeb6588389 bridges send netinfo cells like clients on outgoing conns
fixes bug 4348
2011-10-29 21:43:23 -04:00
Roger Dingledine
cbdefc70fc fold in changes entries 2011-10-29 15:10:37 -04:00
Nick Mathewson
6be596e2dc Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/config.c
2011-10-29 09:22:58 -04:00
Sebastian Hahn
c5c5f859d3 Add a changes file for the 4340 fix 2011-10-29 11:21:37 +02:00
Nick Mathewson
4dd8d811d6 Merge branch 'bug4343' 2011-10-28 18:05:25 -04:00
Nick Mathewson
212c3acd42 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/command.c
2011-10-28 18:02:57 -04:00
Nick Mathewson
cf8bffa359 Discard all cells on a marked connection
Fix for bug 4299
2011-10-28 17:04:15 -04:00
Nick Mathewson
c2a098e980 Fix a double-free that would occur on an invalid cert in a CERTS cell
We would stash the certs in the handshake state before checking them
for validity... and then if they turned out to be invalid, we'd give
an error and free them.  Then, later, we'd free them again when we
tore down the connection.

Fixes bug 4343; fix on 0.2.3.6-alpha.
2011-10-28 16:38:56 -04:00
Nick Mathewson
a2517fa77c Merge remote-tracking branch 'origin/maint-0.2.2' 2011-10-28 09:53:23 -04:00
Sebastian Hahn
f6b1dc2805 Fix typo, spotted by tmpname0901. Thanks! 2011-10-28 09:52:24 -04:00
Roger Dingledine
0eaebebffa fold in changes entries 2011-10-26 20:31:49 -04:00
Sebastian Hahn
2dec6597af Merge branch 'maint-0.2.2_secfix' into master_secfix
Conflicts:
	src/common/tortls.c
	src/or/connection_or.c
	src/or/dirserv.c
	src/or/or.h
2011-10-27 00:38:45 +02:00
Robert Ransom
00fffbc1a1 Don't give the Guard flag to relays without the CVE-2011-2768 fix 2011-10-26 23:42:39 +02:00
Sebastian Hahn
df05e5ef4d Merge branch 'maint-0.2.1_secfix' into maint-0.2.2_secfix
Conflicts:
	src/or/connection_or.c
2011-10-26 23:30:27 +02:00
Robert Ransom
a74e7fd40f Reject create cells on outgoing OR connections from bridges 2011-10-26 23:21:14 +02:00
Robert Ransom
af12c39d6d Don't use any OR connection which sent us a CREATE_FAST cell for an EXTEND
Fix suggested by Nick Mathewson.
2011-10-26 23:20:56 +02:00
Nick Mathewson
638fdedcf1 Don't send a certificate chain on outgoing TLS connections from non-relays 2011-10-26 23:20:56 +02:00
Nick Mathewson
a166f10414 Remove the -F option from tor-resolve.
It used to mean "Force": it would tell tor-resolve to ask tor to
resolve an address even if it ended with .onion.  But when
AutomapHostsOnResolve was added, automatically refusing to resolve
.onion hosts stopped making sense.  So in 0.2.1.16-rc (commit
298dc95dfd), we made tor-resolve happy to resolve anything.

The -F option stayed in, though, even though it didn't do anything.
Oddly, it never got documented.

Found while fixing GCC 4.6 "set, unused variable" warnings.
2011-10-26 17:13:04 -04:00
Roger Dingledine
a68867b150 manually backport a5232e0c4c 2011-10-26 17:11:52 -04:00
Roger Dingledine
c21c8daaaf closer to a changelog for the next alpha 2011-10-26 16:13:53 -04:00
Nick Mathewson
55d9e4b8ba Reinit keys at the start of options_act().
Previously we did this nearer to the end (in the old_options &&
transition_affects_workers() block).  But other stuff cares about
keys being consistent with options... particularly anything which
tries to access a key, which can die in assert_identity_keys_ok().

Fixes bug 3228; bugfix on 0.2.2.18-alpha.

Conflicts:

	src/or/config.c
2011-10-26 22:09:44 +02:00
Robert Ransom
62c29a93ba Don't crash a bridge authority on SIGHUP if it's not in the consensus
Fixes bug 2572.
2011-10-26 22:09:44 +02:00
Sebastian Hahn
9082898944 Fix assert for relay/bridge state change
When we added support for separate client tls certs on bridges in
a2bb0bfdd5 we forgot to correctly initialize this when changing
from relay to bridge or vice versa while Tor is running. Fix that
by always initializing keys when the state changes.

Fixes bug 2433.

Conflicts:

	src/or/config.c
2011-10-26 22:09:44 +02:00
Nick Mathewson
ce6a2c2f14 Changelog for recent coverity issues 2011-10-26 13:22:20 -04:00
Nick Mathewson
beb9097bed Merge remote-tracking branch 'origin/maint-0.2.2' 2011-10-26 11:08:19 -04:00
Nick Mathewson
4a1a89be0c Merge remote-tracking branch 'public/cov_run224_022' into maint-0.2.2 2011-10-26 11:07:28 -04:00
Nick Mathewson
d0a91386e5 Don't crash when accountingmax is set in non-server Tors
We use a hash of the identity key to seed a prng to tell when an
accounting period should end.  But thanks to the bug998 changes,
clients no longer have server-identity keys to use as a long-term seed
in accounting calculations.  In any case, their identity keys (as used
in TLS) were never never fixed.  So we can just set the wakeup time
from a random seed instead there.  Still open is whether everybody
should be random.

This patch fixes bug 2235, which was introduced in 0.2.2.18-alpha.

Diagnosed with help from boboper on irc.
2011-10-26 14:20:47 +02:00
Nick Mathewson
c5a3664f27 Fix zlib macro brokenness on osx with zlib 1.2.4 and higher.
From the code:
   zlib 1.2.4 and 1.2.5 do some "clever" things with macros.  Instead of
   saying "(defined(FOO) ? FOO : 0)" they like to say "FOO-0", on the theory
   that nobody will care if the compile outputs a no-such-identifier warning.

   Sorry, but we like -Werror over here, so I guess we need to define these.
   I hope that zlib 1.2.6 doesn't break these too.

Possible fix for bug 1526.
2011-10-26 07:30:11 -04:00
Roger Dingledine
a518dd6650 Merge branch 'maint-0.2.2' 2011-10-25 19:34:42 -04:00
Roger Dingledine
ac115f1125 unmangle the fingerprint example in the man page
Remove a confusing dollar sign from the example fingerprint in the
man page, and also make example fingerprint a valid one.
2011-10-25 18:24:37 -04:00
Sebastian Hahn
7fbc018433 Add percentiles to the desc stats reporting
To get a better idea what's going on on Tonga, add some code to report
how often the most and least frequently fetched descriptor was fetched,
as well as 25, 50, 75 percentile.

Also ensure we only count bridge descriptors here.
2011-10-25 16:47:27 +02:00
George Kadianakis
cf08cd47cc Add a changes file in changes/bug3472. 2011-10-24 16:02:07 +02:00
Roger Dingledine
d5bb0d7789 checkpoint: fold in changes files 2011-10-24 02:56:35 -04:00
Nick Mathewson
4fbc6152ed Fix missing word in changes/ticket4200 2011-10-21 11:25:16 -04:00
Sebastian Hahn
03c06b629f Add new stats type: descriptor fetch stats
This is used for the bridge authority currently, to get a better
intuition on how many descriptors are actually fetched from it and how
many fetches happen in total.

Implements ticket 4200.
2011-10-21 11:21:42 -04:00
Sebastian Hahn
af02c4a9c3 remove code related to tracking descriptor serving times
This had broken due to bitrot - it doesn't know about microdescriptors
at all, and afaik hasn't generally been used in ages.
2011-10-21 06:02:47 +02:00
Nick Mathewson
169c81844d Merge remote-tracking branch 'origin/maint-0.2.2' 2011-10-20 00:03:43 -04:00
Nick Mathewson
3cb79a0286 Merge remote-tracking branch 'rransom-tor/bug4251-022' into maint-0.2.2 2011-10-20 00:01:58 -04:00
Nick Mathewson
384e300cb4 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-10-19 23:16:08 -04:00
Nick Mathewson
5aa45ed6af Fix crash when changing node restrictions with DNS lookup in progress
Fixes bug 4259, bugfix on 0.2.2.25-alpha.  Bugfix by "Tey'".

Original message by submitter:

  Changing nodes restrictions using a controller while Tor is doing
  DNS resolution could makes Tor crashes (on WinXP at least). The
  problem can be repeated by trying to reach a non-existent domain
  using Tor:

    curl --socks4a 127.0.0.1:9050 inexistantdomain.ext

  .. and changing the ExitNodes parameter through the control port
  before Tor returns a DNS resolution error (of course, the following
  command won't work directly if the control port is password
  protected):

    echo SETCONF ExitNodes=TinyTurtle | nc -v 127.0.0.1 9051

  Using a non-existent domain is needed to repeat the issue so that
  Tor takes a few seconds for resolving the domain (which allows us to
  change the configuration). Tor will crash while processing the
  configuration change.

  The bug is located in the addressmap_clear_excluded_trackexithosts
  method which iterates over the entries of the addresses map in order
  to check whether the changes made to the configuration will impact
  those entries. When a DNS resolving is in progress, the new_adress
  field of the associated entry will be set to NULL. The method
  doesn't expect this field to be NULL, hence the crash.
2011-10-19 23:14:05 -04:00
Robert Ransom
739c21e97b Free rend_data and intro_key when extra intro circs become general-purpose 2011-10-18 07:08:02 -07:00
Roger Dingledine
0a083b0188 Merge branch 'maint-0.2.2' 2011-10-13 10:14:38 -04:00
Roger Dingledine
56180d169a Merge branch 'maint-0.2.1' into maint-0.2.2 2011-10-13 10:14:16 -04:00
Karsten Loesing
ee545cd4cb Update to the October 2011 GeoIP database. 2011-10-13 10:13:40 -04:00
Nick Mathewson
00b2b69add Fix names of functions that convert strings to addrs
Now let's have "lookup" indicate that there can be a hostname
resolution, and "parse" indicate that there wasn't.  Previously, we
had one "lookup" function that did resolution; four "parse" functions,
half of which did resolution; and a "from_str()" function that didn't
do resolution.  That's confusing and error-prone!

The code changes in this commit are exactly the result of this perl
script, run under "perl -p -i.bak" :

  s/tor_addr_port_parse/tor_addr_port_lookup/g;
  s/parse_addr_port(?=[^_])/addr_port_lookup/g;
  s/tor_addr_from_str/tor_addr_parse/g;

This patch leaves aton and pton alone: their naming convention and
behavior is is determined by the sockets API.

More renaming may be needed.
2011-10-11 11:30:12 -04:00
Nick Mathewson
cc07b5a129 Changes file for prop176 branch 2011-10-10 23:14:32 -04:00
Nick Mathewson
bc2d9357f5 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-10-10 22:50:52 -04:00
Robert Ransom
274b25de12 Don't launch a useless circuit in rend_client_reextend_intro_circuit
Fixes bug 4212.  Bug reported by katmagic and found by Sebastian.
2011-10-10 03:05:19 -07:00
Nick Mathewson
f37d24c550 Note ticket and source version for feature3951 in changes file 2011-10-07 16:47:43 -04:00
Nick Mathewson
ca597efb22 Merge remote-tracking branch 'karsten/feature3951' into maint-0.2.2 2011-10-07 16:46:50 -04:00
Nick Mathewson
1ec22eac4b Merge remote-tracking branch 'public/bug2003_nm' 2011-10-07 16:43:45 -04:00
Nick Mathewson
b49fcc6cf2 Merge remote-tracking branch 'rransom-tor/bug4018' 2011-10-07 16:32:04 -04:00
Nick Mathewson
e8ed465776 Merge remote-tracking branch 'public/bug2430' 2011-10-07 16:28:32 -04:00
Nick Mathewson
98e5c63eb2 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-10-07 12:20:08 -04:00
warms0x
6d027a3823 Avoid running DNS self-tests if we're operating as a bridge 2011-10-07 12:18:26 -04:00
Nick Mathewson
246afc1b1b Make internal error check for unrecognized digest algorithm more robust
Fixes Coverity CID 479.
2011-10-06 14:13:09 -04:00
Nick Mathewson
2412e0e402 Check return of init_keys() ip_address_changed: fix Coverity CID 484 2011-10-06 14:13:09 -04:00
Karsten Loesing
9dfb884522 Turn on directory request statistics by default.
Change the default values for collecting directory request statistics and
inlcuding them in extra-info descriptors to 1.

Don't break if we are configured to collect directory request or entry
statistics and don't have a GeoIP database. Instead, print out a notice
and skip initializing the affected statistics code.

This is the cherry-picked 499661524b.
2011-10-05 08:03:31 +02:00
Nick Mathewson
2725a88d5e Merge remote-tracking branch 'origin/maint-0.2.2' 2011-10-03 15:19:00 -04:00
Nick Mathewson
4aa4bce474 Merge remote-tracking branch 'rransom-tor/bug3335-v2'
Conflicts:
	src/or/connection_edge.c
	src/or/rendclient.c
2011-10-03 15:06:07 -04:00
Nick Mathewson
a7f93b509c Add changes file for bug 4094 2011-10-03 12:58:07 -04:00
Robert Ransom
c5226bfe1c Remove an HS's last_hid_serv_requests entries when a conn. attempt ends 2011-10-02 16:19:36 -07:00
Robert Ransom
fbea8c8ef1 Detect and remove unreachable intro points 2011-10-02 12:49:35 -07:00
Robert Ransom
34a6b8b7e5 Clear the timed_out flag when an HS connection attempt ends 2011-10-02 12:49:35 -07:00
Sebastian Hahn
103c861dfe Looks like Windows version 6.2 will be Windows 8
Thanks to funkstar for the report
2011-10-01 14:50:44 +02:00
Roger Dingledine
25f786f7ec fold in recent changes entries 2011-09-28 15:41:29 -04:00
Roger Dingledine
36829539d6 Merge branch 'maint-0.2.2' 2011-09-28 15:38:02 -04:00
Roger Dingledine
ff8aba7053 bridges should use create_fast cells for their own circuits
fixes bug 4124, as noticed in bug 4115
2011-09-28 15:35:27 -04:00
Roger Dingledine
4e88a3bc3e Merge branch 'maint-0.2.2' 2011-09-28 15:13:05 -04:00
Roger Dingledine
458cc9d351 start preparing the 0.2.3.5-alpha changelog 2011-09-28 15:12:16 -04:00
Roger Dingledine
0b5d2646d5 bug 4115: make bridges use begindir for their dir fetches
removes another avenue for enumerating bridges.
2011-09-28 14:50:43 -04:00
Nick Mathewson
a4b7525c3c Fix a crash bug in tor_assert(md->held_by_node)
The fix is to turn held_by_node into a reference count.

Fixes bug 4118; bugfix on 0.2.3.1-alpha.
2011-09-28 13:40:21 -04:00
Roger Dingledine
88516f65c9 Merge branch 'maint-0.2.2' 2011-09-24 22:47:53 -04:00
Nick Mathewson
ccceefe136 Add a changes file for Tom Lowenthal's patch for #4063 2011-09-24 22:15:13 -04:00
Nick Mathewson
a8297a301e Changes file for feature3630 2011-09-22 15:07:35 -04:00
Nick Mathewson
40288e1e66 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-09-20 10:25:56 -04:00
Nick Mathewson
bfa75f70bb changes file for bug 4059 2011-09-20 09:56:26 -04:00
Karsten Loesing
679f617345 Update to the September 2011 GeoIP database. 2011-09-15 16:33:36 -04:00
Nick Mathewson
2394c74017 Log errno on listener socket creation failure.
This may help diagnose bug 4027.
2011-09-15 09:51:48 -04:00
Robert Ransom
c1ac0695d5 Fix a bogus warning 2011-09-14 00:05:03 -07:00
Roger Dingledine
c133d71bdd a blurb for 0.2.3.4-alpha 2011-09-13 19:56:59 -04:00
Nick Mathewson
296649fd2b Provide missing description for our FLEXIBLE_ARRAY_MEMBER defines
Apparently autoheader throws a tantrum if you say 'AC_DEFINE([a],
[b])'.  Instead you must say 'AC_DEFINE([a], [b], [description of
a])'.  We were running into this in our replacement definitions for
FLEXIBLE_ARRAY_MEMBER, which were only getting built on autoconf
versions before 2.61 -- and this made us stop working with those
autoconf versinos.

Fixes bug 2430; bugfix on 0.2.3.1-alpha.
2011-09-13 19:51:37 -04:00
Roger Dingledine
1fcaeb6092 Merge branch 'maint-0.2.2' 2011-09-13 18:32:00 -04:00
Roger Dingledine
4a351b4b9e Merge branch 'maint-0.2.1' into maint-0.2.2
Conflicts:
	src/or/main.c
	src/or/router.c
2011-09-13 18:27:13 -04:00
Roger Dingledine
62ec584a30 Generate our ssl session certs with a plausible lifetime
Nobody but Tor uses certs on the wire with 2 hour lifetimes,
and it makes us stand out. Resolves ticket 4014.
2011-09-13 18:24:45 -04:00
Roger Dingledine
1e1cc43b57 Merge branch 'maint-0.2.2' 2011-09-12 05:54:55 -04:00
Karsten Loesing
d679ef623f Update to the September 2011 GeoIP database. 2011-09-12 11:43:51 +02:00
Nick Mathewson
386966142e Merge remote-tracking branch 'origin/maint-0.2.2' 2011-09-11 16:25:14 -04:00
Robert Ransom
8ea6d29fe4 Demote 'INTRODUCE2 cell is too {old,new}' message to info level 2011-09-10 21:56:05 -04:00
Robert Ransom
b10735903b Demote HS 'replay detected' log message for DH public keys to info level 2011-09-10 21:56:05 -04:00
Nick Mathewson
a8838a86fe Changes file for bug3936 changes 2011-09-10 17:51:38 -04:00
Nick Mathewson
35f9be7d04 Merge remote-tracking branch 'rransom-tor/typo-fix-ohkah8Ah' 2011-09-10 17:45:27 -04:00
Robert Ransom
c621e52883 Fix log message typo. 2011-09-10 16:15:52 -04:00
Roger Dingledine
ae2856b6f6 start an 0.2.3.4-alpha changelog 2011-09-09 13:51:15 -04:00
Nick Mathewson
a41f1fc612 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	configure.in
	src/or/circuitbuild.c
2011-09-09 12:58:12 -04:00
Nick Mathewson
b0695c11eb Merge remote-tracking branch 'public/gcc-295-fix' into maint-0.2.2 2011-09-09 12:54:27 -04:00
Nick Mathewson
4467799f45 Merge remote-tracking branch 'public/enhance_replay_detection' into maint-0.2.2 2011-09-09 12:53:45 -04:00
Nick Mathewson
cb9226bcdb Check for replays in PK-encrypted part of intro cell, not just in the g^x value 2011-09-09 12:49:47 -04:00
Nick Mathewson
45ca0d2bfa Add changes file for bsd4 fixes 2011-09-09 10:41:06 -04:00
Nick Mathewson
45eadf3955 All NT service configuration commands should make the process exit.
Fixes bug 3963; fix on 0.2.0.7-alpha.
2011-09-08 21:54:12 -04:00
Jérémy Bobbio
58a0afe30f chown() sockets when User option is set
Fixes bug 3421
2011-09-07 15:49:01 -04:00
Nick Mathewson
3e3480d704 Report reason for generating descriptor in an HTTP header
Suggested by arma; based on 3327.
2011-09-07 15:03:28 -04:00
Nick Mathewson
1f4b6944c0 Upload descriptors more often when recent desc is unlisted
Right now we only force a new descriptor upload every 18 hours.
This can make servers become unlisted if they upload a descriptor at
time T which the authorities reject as being "too similar" to one
they uploaded before. Nothing will actually make the server upload a
new descriptor later on, until another 18 hours have passed.

This patch changes the upload behavior so that the 18 hour interval
applies only when we're listed in a live consensus with a descriptor
published within the last 18 hours.  Otherwise--if we're not listed
in the live consensus, or if we're listed with a publication time
over 18 hours in the past--we upload a new descriptor every 90
minutes.

This is an attempted bugfix for #3327.  If we merge it, it should
obsolete #535.
2011-09-07 15:01:52 -04:00
Nick Mathewson
41eef6680e Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/dirserv.c
	src/or/networkstatus.c

Conflicts were related to routerinfo->node shift.
2011-09-07 14:51:55 -04:00
Nick Mathewson
dfa6cde4d4 Merge remote-tracking branch 'public/bug2649_squashed' into maint-0.2.2 2011-09-07 14:43:06 -04:00
Nick Mathewson
c6ea014b59 changes file for split_entry_conn (ticket 3627) 2011-09-07 14:18:47 -04:00
Robert Ransom
8aad677bb7 Die if tor_vasprintf fails in connection_printf_to_buf
tor_asprintf already asserts if it fails.
2011-09-07 12:14:58 -04:00
Nick Mathewson
b70a0a4375 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	configure.in

Conflict was between two pieces of configure.in logic added to the
same place.  Trivial.
2011-09-07 12:11:35 -04:00
Nick Mathewson
5f9cdee8af Look for correct "ar" to cross-compile
For some reason, autoconf doesn't by default have an "AC_PROG_AR" for
this -- possibly it's assumed that any "ar" you have will work
everyplace.

Fixes bug 3909; found by sid77.

This fixes a build issue first present in fdbdb4dc15, but the bug
(of not using a correct ar) has been in every Tor version ever: it
just didn't matter until then.
2011-09-07 11:59:16 -04:00
Nick Mathewson
947012e153 Merge remote-tracking branch 'public/bug3851' 2011-09-07 11:22:24 -04:00
Nick Mathewson
9ef2cd7776 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/connection_edge.c

Conflicted on a router->node transition; fix was easy.
2011-09-06 20:55:31 -04:00
Nick Mathewson
2bf0e7479b Fix assertion in addressmap_clear_excluded_trackexithosts
Fixes bug 3923; bugfix on 0.2.2.25-alpha; bugfix from 'laruldan' on trac.
2011-09-06 20:26:20 -04:00
Roger Dingledine
01357d6b16 merge in one more 2011-09-02 07:24:25 -04:00
Roger Dingledine
fe0fa91164 Merge branch 'maint-0.2.2' 2011-09-02 07:23:37 -04:00
Roger Dingledine
e0dae64449 Correct man page: multiple control auth styles can be set at once 2011-09-02 07:01:55 -04:00
Roger Dingledine
589ed3f771 fold in last changes item 2011-09-01 20:49:21 -04:00
Sebastian Hahn
d10ae9c028 Don't update AccountingSoftLimitHitAt on startup
Add a "default" state which we use until we've decided whether we're
live or hibernating. This allows us to properly track whether we're
resuming a hibernation period or not. Fixes bug 2003.
2011-09-01 17:21:50 +02:00
Nick Mathewson
ab9874dba4 Changes file for bug3888 2011-09-01 10:45:26 -04:00
Roger Dingledine
44f6be4681 let private tor networks more reliably handle hidden services
this is a tweak on the fix in f87c6f100d (see also #2088)
2011-09-01 03:13:27 -04:00
Nick Mathewson
38ee959ea9 First draft of an 0.2.3.3-alpha changelog 2011-08-31 01:02:51 -04:00
Nick Mathewson
0de8afd8f5 Split out rephist parts of buckets_decrement
For bufferevents, we had all of connection_buckets_decrement() stubbed
out.  But that's not actually right!  The rephist_* parts were
essential for, inter alia, recording our own bandwidth.  This patch
splits out the rephist parts of connection_buckets_decrement() into their
own function, and makes the bufferevent code call that new function.

Fixes bug 3803, and probably 3824 and 3826 too.  Bugfix on 0.2.3.1-alpha.
2011-08-29 13:33:31 -04:00
Nick Mathewson
3b02a959b3 Make FetchUselessDescriptors fetch all desc types
Previously, if you were set up to use microdescriptors, and you
weren't a cache, you'd never fetch router descriptors (except for
bridges).  Now FetchUselessDescriptors causes descriptors and
mirodescs to get cached.  Also, FetchUselessDescriptors changes the
behavior of "UseMicrodescriptors auto" to be off, since there's no
point in saying "UseMicrodescriptors 1" when you have full descriptors
too.

Fix for bug 3851; bugfix on 0.2.3.1-alpha.
2011-08-29 11:18:06 -04:00
Nick Mathewson
81fe1934af Fix a bufferevent-related bug that killed tunneled dirserv conns
Because tunneled connections are implemented with buffervent_pair,
writing to them can cause an immediate flush.  This means that
added to them and then checking to see whether their outbuf is
empty is _not_ an adequate way to see whether you added anything.
This caused a problem in directory server connections, since they
would try spooling a little more data out, and then close the
connection if there was no queued data to send.

This fix should improve matters; it only closes the connection if
there is no more data to spool, and all of the spooling callbacks
are supposed to put the dirconn into dir_spool_none on completion.

This is bug 3814; Sebastian found it; bugfix on 0.2.3.1-alpha.
2011-08-26 16:10:17 -04:00
Nick Mathewson
dfcd3d9ce0 Set write low-watermarks on all bufferevents.
If we don't do this, then we never invoke the bufferevent write
callbacks until all the bufferevent's data is flushed.
2011-08-24 17:31:37 -04:00
Nick Mathewson
f186e16241 Add write watermarks to filtered bufferevents. 2011-08-24 17:31:37 -04:00
Nick Mathewson
59d0f750c9 Apply rate-limiting to the lowest bufferevent in the stack.
When we're doing filtering ssl bufferevents, we want the rate-limits
to apply to the lowest level of the bufferevent stack, so that we're
actually limiting bytes sent on the network. Otherwise, we'll read
from the network aggressively, and only limit stuff as we process it.
2011-08-24 17:31:32 -04:00
Nick Mathewson
ede9cd4f99 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-08-24 13:53:17 -04:00
Gisle Vanem
5939c09d35 lround() missing in MSVC
lround() is missing in MS Visual-C's <math.h>. Not available anywhere.
Here is an easy patch.
2011-08-24 13:52:44 -04:00
Nick Mathewson
d3653063d3 Automatically use filtering bufferevents with IOCP. 2011-08-18 15:16:05 -04:00
Nick Mathewson
52e36feda1 Call evthread_use_windows_threads when running with IOCP on windows 2011-08-17 14:44:16 -04:00
Nick Mathewson
d2cd67c83f Use evbuffer_copyout() in inspect_evbuffer(). 2011-08-17 13:09:05 -04:00
Nick Mathewson
8932919366 Bufferevents now requires Libevent 2.0.13-stable.
(Earlier Libevent versions have bufferevent bugs that affect us, and
are missing some APIs that it would be handy to use.)
2011-08-17 12:53:50 -04:00
Nick Mathewson
06be6105e4 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/config.c
2011-08-17 12:00:44 -04:00
Nick Mathewson
d79d648edc Don't write ControlPorts to disk till after we setuid and make datadir
Fix for bug 3747; bugfix on 0.2.2.26-beta.
2011-08-17 11:22:16 -04:00
Nick Mathewson
aeb27526f8 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-08-15 10:54:55 -04:00
Robert Ransom
03f6ee8c5f Remove extra quotation marks around the result of esc_for_log 2011-08-15 10:54:19 -04:00
Sebastian Hahn
f137ae896e Don't warn on http connection to my orport
Also remove a few other related warnings that could occur during the ssl
handshake. We do this because the relay operator can't do anything about
them, and they aren't their fault.
2011-08-11 20:37:51 +02:00
Sebastian Hahn
cd44145c5b Merge branch 'bug3643' 2011-08-11 07:56:38 +02:00
Sebastian Hahn
92bea30e28 Ignore deprecation warnings on OS X
Starting with Lion, Apple decided to deprecate the system openssl. We
can start requiring users to install their own openssl once OS X doesn't
ship with it anymore.
2011-08-10 23:12:09 +02:00
Nick Mathewson
b76f46c6d8 Merge branch 'bug1692-squashed' 2011-08-10 15:04:36 -04:00
Kamran Riaz Khan
3b85fe8a5d Add changes file. 2011-08-09 03:02:40 +05:00
Nick Mathewson
10d9bcb2a2 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-08-08 17:21:39 -04:00
Nick Mathewson
f570470830 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-08-08 17:21:21 -04:00
Karsten Loesing
c75ee94ab4 Update to the August 2011 GeoIP database. 2011-08-08 16:57:01 +02:00
Nick Mathewson
a72b1815e8 Merge remote-tracking branch 'public/bug3550' 2011-08-08 10:05:41 -04:00
Karsten Loesing
a6a127c833 Replace files in stats/ rather than appending to them.
Right now, we append statistics to files in the stats/ directory for
half of the statistics, whereas we overwrite these files for the other
half. In particular, we append buffer, dirreq, and entry stats and
overwrite exit, connection, and bridge stats.

Appending to files was useful when we didn't include stats in extra-info
descriptors, because otherwise we'd have to copy them away to prevent
Tor from overwriting them.

But now that we include statistics in extra-info descriptors, it makes
no sense to keep the old statistics forever. We should change the
behavior to overwriting instead of appending for all statistics.

Implements #2930.
2011-08-04 20:57:29 +02:00
Nick Mathewson
e5e7b6d718 Make --quiet and --hush apply to default logs, not only initial logs
Fixes bug 3550; bugfix on 0.2.0.10-alpha (where --quiet was introduced).
2011-08-04 14:23:51 -04:00
Nick Mathewson
e802199cb3 Initial patch to build Tor with msvc and nmake
We'll still need to tweak it so that it looks for includes and
libraries somewhere more sensible than "where we happened to find
them on Erinn's system"; so that tests and tools get built too;
so that it's a bit documented; and so that we actually try running
the output.

Work done with Erinn Clark.
2011-08-01 12:36:59 -04:00
Nick Mathewson
6e923ed8cd Add an OptimisticData option to control client-side optimistic data 2011-07-20 14:14:21 -04:00
Nick Mathewson
1d7beea2ab Merge remote-tracking branch 'origin/maint-0.2.2' 2011-07-20 13:17:59 -04:00
Nick Mathewson
718252b253 Check return value in fmt_addr
Previously, if tor_addr_to_str() returned NULL, we would reuse the
last value returned by fmt_addr().  (This could happen if we were
erroneously asked to format an AF_UNSPEC address.)  Now instead we
return "???".
2011-07-20 13:17:48 -04:00
Nick Mathewson
0118d98b13 Add changes file for optimistic client behavior 2011-07-20 10:44:28 -04:00
Nick Mathewson
195bcb6150 Merge remote-tracking branch 'public/prop171_v2' 2011-07-19 20:43:28 -04:00
Nick Mathewson
553ae5dfb5 Fix spurious warning in bufferevent socks parsing
The problem was that we weren't initializing want_length to 0 before
calling parse_socks() the first time, so it looked like we were
risking an infinite loop when in fact we were safe.

Fixes 3615; bugfix on 0.2.3.2-alpha.
2011-07-19 20:40:15 -04:00
Nick Mathewson
c2d3da6303 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-07-19 12:59:10 -04:00
Nick Mathewson
3e3aac5fd5 Untangle first sentence of changes/bug3607 2011-07-19 11:14:01 -04:00
Robert Ransom
f021df5824 Specify text or binary mode in every start_writing_to_stdio_file call 2011-07-19 11:11:34 -04:00
Nick Mathewson
773bfaf91e Implement stream isolation
This is the meat of proposal 171: we change circuit_is_acceptable()
to require that the connection is compatible with every connection
that has been linked to the circuit; we update circuit_is_better to
prefer attaching streams to circuits in the way that decreases the
circuits' usefulness the least; and we update link_apconn_to_circ()
to do the appropriate bookkeeping.
2011-07-19 01:58:45 -04:00
Nick Mathewson
ddc65e2b33 Parse prop171 options; refactor listener/port option code
Proposal 171 gives us a new syntax for parsing client port options.
You can now have as many FooPort options as you want (for Foo in
Socks, Trans, DNS, NATD), and they can have address:port arguments,
and you can specify the level of isolation on those ports.

Additionally, this patch refactors the client port parsing logic to
use a new type, port_cfg_t.  Previously, ports to be bound were
half-parsed in config.c, and later re-parsed in connection.c when
we're about to bind them.  Now, parsing a port means converting it
into a port_cfg_t, and binding it uses only a port_cfg_t, without
needing to parse the user-provided strings at all.

We should do a related refactoring on other port types.  For
control ports, that'll be easy enough.  For ORPort and DirPort,
we'll want to do this when we solve proposal 118 (letting servers
bind to and advertise multiple ports).

This implements tickets 3514 and 3515.
2011-07-19 01:58:43 -04:00
Nick Mathewson
2163e420b2 Merge remote-tracking branch 'public/bug3560' 2011-07-18 17:57:06 -04:00
Roger Dingledine
25ad13ed9c start folding in the 0.2.3.2-alpha changelog entries 2011-07-18 13:18:46 -04:00
Nick Mathewson
be5aa47b55 Remove changes files already merged in 0.2.2.30-rc 2011-07-18 12:43:16 -04:00
Nick Mathewson
b8943461c0 Fix bug in upload/download of hsdesc with microdescs
Previously we were using router_get_by_id(foo) to test "do we have a
descriptor that will let us make an anonymous circuit to foo".  But
that isn't right for microdescs: we should have been using node_t.

Fixes bug 3601; bugfix on 0.2.3.1-alpha.
2011-07-15 18:55:12 -04:00
Nick Mathewson
f40df02f3e Treat null address as "unknown", not "rejected" in md policy
Previously, we had an issue where we'd treat an unknown address as
0, which turned into "0.0.0.0", which looked like a rejected
address.  This meant in practice that as soon as we started doing
comparisons of unknown uint32 addresses to short policies, we'd get
'rejected' right away.  Because of the circumstances under which
this would be called, it would only happen when we had local DNS
cached entries and we were looking to launch new circuits.
2011-07-15 13:04:06 -04:00
Nick Mathewson
44cfa53873 Make WIN32_WINNT defines conditional
Requested by Gisle Vanem on tor-dev.  I'm not quite sure this is the
right solution, but it's probably harmless.
2011-07-15 10:03:59 -04:00
Nick Mathewson
852b131281 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/control.c
2011-07-14 17:22:23 -04:00
Nick Mathewson
866a2828bd Merge branch 'bug3577' into maint-0.2.2 2011-07-14 17:20:01 -04:00
Nick Mathewson
642cff5bca Only download microdesc consensus from caches that support it
Bugfix on 0.2.3.1-alpha; found by arma; never got a bug number.
2011-07-14 14:19:18 -04:00
Nick Mathewson
5000e59b5f Change GETINFO fingerprint to look at server_mode, not my_descriptor
It's possible for us to be a server and have a fingerprint without
having yet generated a descriptor.

Fixes bug 3577; bugfix on 0.2.0.1-alpha
2011-07-13 12:45:18 -04:00
Nick Mathewson
1aab5b6b39 Merge remote-tracking branch 'public/bug1666'
Conflicts:
	doc/spec/socks-extensions.txt
	src/or/buffers.c
	src/or/config.c
	src/or/connection_edge.c
2011-07-13 12:12:16 -04:00
Nick Mathewson
597da4989e Merge branch 'bug2798' 2011-07-11 17:04:21 -04:00
Nick Mathewson
d82384658d Tweaks to bug2798 based on comments by arma 2011-07-11 17:02:03 -04:00
Nick Mathewson
b49e561f01 Turn on microdescriptors for clients 2011-07-11 16:54:43 -04:00
Nick Mathewson
b55e31aeb4 Merge remote-tracking branch 'rransom-tor/bug3427' 2011-07-11 16:32:58 -04:00
Nick Mathewson
b0de8560f6 Report the states of failed TLS connections from bootstrap_problem 2011-07-11 16:13:17 -04:00
Nick Mathewson
a2ad31a92b Split connection_about_to_close_connection into separate functions
This patch does NOTHING but:
  - move code
  - add declarations and includes as needed to make the new code
    work
  - declare the new functions.
2011-07-11 16:13:16 -04:00
Nick Mathewson
a21c4c657a typo in feature2841; spotted by asn 2011-07-11 16:12:35 -04:00
Nick Mathewson
f4ed42eadf Changes file for feature2841. 2011-07-11 16:01:45 -04:00
Nick Mathewson
2797fd8f68 Revise code for adding EntryNodes to guards.
Previously, we'd just take all the nodes in EntryNodes, see which
ones were already in the guard list, and add the ones that weren't.
There were some problems there, though:

   * We'd add _every_ entry in EntryNodes, and add them in the order
     they appeared in the routerlist.  This wasn't a problem
     until we added the ability to give country-code or IP-range
     entries in the EntryNodes set, but now that we did, it is.

     (Fix: We now shuffle the entry nodes before adding them; only
     add up to 10*NumEntryGuards)

   * We didn't screen EntryNodes for the Guard flag.  That's okay
     if the user has specified two or three entry nodes manually,
     but if they have listed a whole subcontinent, we should
     restrict ourselves to the entries that are currently guards.

     (Fix: separate out the new guard from the new non-guard nodes,
     and add the Guards first.)

   * We'd prepend new EntryNodes _before_ the already configured
     EntryNodes.  This could lead to churn.

     (Fix: don't prepend these.)

This patch also pre-screens EntryNodes entries for
reachableaddresses/excludenodes, even though we check for that
later.  This is important now, since we cap the number of entries
we'll add.
2011-07-11 10:58:07 -04:00
Nick Mathewson
60832766ac Look at the right consensus in router_add_to_routerlist()
Just looking at the "latest" consensus could give us a microdesc
consensus, if microdescs were enabled. That would make us decide
that every routerdesc was unlisted in the latest consensus and drop
them all: Ouch.

Fixes bug 3113; bugfix on 0.2.3.1-alpha.
2011-07-11 10:02:24 -04:00
Roger Dingledine
aeb117f62c Merge branch 'maint-0.2.2' 2011-07-07 13:31:08 -04:00
Roger Dingledine
8e3830352f Merge branch 'maint-0.2.1' into maint-0.2.2 2011-07-07 13:29:02 -04:00
Roger Dingledine
51d6e95023 update to the july 2011 geoip db 2011-07-07 13:28:36 -04:00
Nick Mathewson
174cbff8cf Merge remote-tracking branch 'public/bug3153'
Conflicts:
	src/or/nodelist.c
2011-07-07 11:14:04 -04:00
Nick Mathewson
6b670d6032 Merge branch 'bug3263' 2011-07-07 11:08:03 -04:00
Nick Mathewson
586d0abe59 oops; wrong bug number. 2011-07-07 11:02:00 -04:00
Nick Mathewson
57822cbbbe Avoid double-free in bufferevent read/write cbs
Fixes bug 3404; bugfix on 0.2.3.1-alpha.
2011-07-07 11:00:21 -04:00
Nick Mathewson
f883ec09b5 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-07-07 09:56:01 -04:00
Sebastian Hahn
3ab09763ce Correctly send a SUCCEEDED event for rdns requests
The issue was that we overlooked the possibility of reverse DNS success
at the end of connection_ap_handshake_socks_resolved(). Issue discovered
by katmagic, thanks!
2011-07-07 05:38:38 +02:00
Nick Mathewson
0be2934186 Merge remote-tracking branch 'rransom-tor/bug3465-023-v2' 2011-07-05 16:01:07 -04:00
Nick Mathewson
335ff915c7 Merge remote-tracking branch 'rransom-tor/bug3465-022' into maint-0.2.2 2011-07-05 15:52:11 -04:00
Nick Mathewson
e273890b10 Merge branch 'cov217_master' 2011-07-01 12:57:21 -04:00
Nick Mathewson
734e860d98 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-07-01 12:56:40 -04:00
Nick Mathewson
5cf725e3c6 Merge branch 'cid30_changelog' into maint-0.2.2 2011-07-01 12:55:27 -04:00
Nick Mathewson
2ba19f9b4a Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-07-01 12:55:23 -04:00
Nick Mathewson
021cf3f052 Merge branches 'cov217_021' and 'cid_450' into maint-0.2.1 2011-07-01 12:54:51 -04:00
Nick Mathewson
959da6b7f2 Use strlcpy in create_unix_sockaddr()
Using strncpy meant that if listenaddress were ever >=
sizeof(sockaddr_un.sun_path), we would fail to nul-terminate
sun_path.  This isn't a big deal: we never read sun_path, and the
kernel is smart enough to reject the sockaddr_un if it isn't
nul-terminated.  Nonetheless, it's a dumb failure mode.  Instead, we
should reject addresses that don't fit in sockaddr_un.sun_path.

Coverity found this; it's CID 428.  Bugfix on 0.2.0.3-alpha.
2011-07-01 12:54:24 -04:00
Nick Mathewson
359a30d52e Add a changelog entry for cid30 fix. 2011-07-01 12:46:26 -04:00
Nick Mathewson
d25feadebb Fix insanely large stack_allocation in log_credential_status
I'm not one to insist on C's miserly stack limits, but allocating a
256K array on the stack is too much even for me.

Bugfix on 0.2.1.7-alpha.  Found by coverity.  Fixes CID # 450.
2011-07-01 12:38:05 -04:00
Nick Mathewson
a0ae80788c Replace 4 more sscanf()s with tor_sscanf()
For some inexplicable reason, Coverity departs from its usual
standards of avoiding false positives here, and warns about all
sscanf usage, even when the formatting strings are totally safe.

Addresses CID # 447, 446.
2011-07-01 11:26:30 -04:00
Robert Ransom
ca6efcf507 Make handle_control_setevents table-driven 2011-06-25 17:45:33 -07:00
Robert Ransom
c780bc4d0b Merge branch 'bug3465-022' into bug3465-023
* bug3465-022:
  Add BUILDTIMEOUT_SET to the result of GETINFO events/names
  Correct a comment
  Fix minor comment issues
2011-06-25 15:04:07 -07:00
Robert Ransom
93d52f6739 Add BUILDTIMEOUT_SET to the result of GETINFO events/names 2011-06-25 15:02:11 -07:00
Nick Mathewson
64a5a4177f Merge branch 'bug3367' 2011-06-21 11:32:52 -04:00
Nick Mathewson
4186b1362b Merge remote-tracking branch 'public/bug3264' 2011-06-21 10:28:25 -04:00
Nick Mathewson
e617a34d58 Add, use a bufferevent-safe connection_flush()
A couple of places in control.c were using connection_handle_write()
to flush important stuff (the response to a SIGNAL command, an
ERR-level status event) before Tor went down.  But
connection_handle_write() isn't meaningful for bufferevents, so we'd
crash.

This patch adds a new connection_flush() that works for all connection
backends, and makes control.c use that instead.

Fix for bug 3367; bugfix on 0.2.3.1-alpha.
2011-06-21 10:22:54 -04:00
Jacob Appelbaum
8b0d9452ca Fix tor-fw-helper-natpmp.c API usage
libnatpmp-20110618 changed the API that tor-fw-helper used and for a time
tor-fw-helper could not build against the newest libnatpmp. This patch brings
support for libnatpmp to tor-fw-helper.
2011-06-20 20:01:46 -04:00
Nick Mathewson
410e440a8d Log SSL state changes at LOG_DEBUG, LD_HANDSHAKE.
This can be slightly useful for debugging blocking events.

Addresses ticket 3116; based on loud_ssl_states branch.
2011-06-20 17:45:12 -04:00
intrigeri
8b265543eb Add port 6523 (Gobby) to LongLivedPorts. 2011-06-20 12:08:46 -04:00
Nick Mathewson
a046966baf Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/config.c
	src/or/or.h
2011-06-19 21:00:15 -04:00
Nick Mathewson
8e5dfe42a0 Tweak bug2355_revert at suggestion from Roger 2011-06-19 20:58:46 -04:00
Robert Ransom
eeedc5c13c Put hashes of all tor source files into or_sha1.i 2011-06-18 00:54:04 -07:00
Nick Mathewson
1811bef666 Add changes file for bug2355 revert 2011-06-17 16:54:31 -04:00
Nick Mathewson
42d6f34590 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-06-17 15:25:18 -04:00
Nick Mathewson
85d4c290d7 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-06-17 15:24:23 -04:00
Robert Ransom
010b8dd4f6 Abandon rendezvous circuits on SIGNAL NEWNYM 2011-06-17 15:22:23 -04:00
Nick Mathewson
31b9b1a5bb Merge remote-tracking branch 'origin/maint-0.2.2' 2011-06-17 15:04:29 -04:00
Nick Mathewson
209229f100 Merge branch 'bug3407' into maint-0.2.2 2011-06-17 14:59:39 -04:00
Robert Ransom
227896e447 Make send_control_event_impl's behaviour sane 2011-06-17 13:57:25 -04:00
Robert Ransom
68cd0a9abe Make connection_printf_to_buf's behaviour sane 2011-06-17 13:57:25 -04:00
Nick Mathewson
a857f61e27 Merge remote-tracking branch 'rransom-tor/bug3332-v2' 2011-06-15 11:33:40 -04:00
Robert Ransom
44eafa9697 Assert that HS operations are not performed using single-hop circuits
(with fixes by Nick Mathewson to unbreak the build)
2011-06-14 21:32:49 -07:00
Nick Mathewson
875a551409 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-06-14 13:46:46 -04:00
Nick Mathewson
a25c0a5bf8 Merge remote-tracking branch 'public/bug3369' into maint-0.2.2 2011-06-14 13:46:10 -04:00
Nick Mathewson
e70e8367c9 Add changes file for bug3393 2011-06-14 13:45:12 -04:00
Nick Mathewson
19febed9e5 Merge remote-tracking branch 'rransom-tor/bug3349' 2011-06-14 13:39:26 -04:00
Nick Mathewson
8839b86085 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-06-14 12:25:33 -04:00
Nick Mathewson
e470f6a886 changelog entry for bug3369 2011-06-13 13:42:00 -04:00
Sebastian Hahn
910dadd6ea Ensure the release tarball contains all manpages
Thanks to Nick for the idea for the fix.
2011-06-12 13:58:53 +02:00
Nick Mathewson
ecc9a364c2 fix typo in changes/coverity_master spotted by rransom 2011-06-10 16:40:47 -04:00
Nick Mathewson
b2e7c356db Prefer tt_assert in unit tests, not tor_assert 2011-06-08 20:33:53 -04:00
Nick Mathewson
2fd5603057 tweak coverity_master changes file 2011-06-08 20:29:10 -04:00
Sebastian Hahn
8283767365 Fix a memleak in nodelist_assert_ok() 2011-06-08 21:38:42 +02:00
Sebastian Hahn
f303274490 Fix a rare memleak during stats writing
If rep_hist_buffer_stats_write() was called unitinitalized, we'd leak
memory.
2011-06-08 21:35:26 +02:00
Sebastian Hahn
680646e0de Don't use signed 1-bit bitfields
This was harmless, we never compared it to anything but itself or 0.
But Coverity complained, and it had a point.
2011-06-08 21:30:41 +02:00
Sebastian Hahn
e6fff7235e Remove a few dead assignments during router parsing 2011-06-08 21:30:40 +02:00
Sebastian Hahn
3033f8459b Remove a dead variable in the heartbeat code 2011-06-08 21:11:42 +02:00
Sebastian Hahn
ff75e8b02d Check some more return values in unit tests 2011-06-08 21:08:56 +02:00
Sebastian Hahn
db7dd3ee7a remove some dead code, found by coverity 2011-06-08 21:07:54 +02:00
Sebastian Hahn
3bf808c341 Fix a minor coverity-found bug in tests 2011-06-08 20:00:47 +02:00
Nick Mathewson
d696bd1bfc Fix crash bug (3361) when setting off-flavor networkstatus
When we set a networkstatus in the non-preferred flavor, we'd check
the time in the current_consensus.  But that might have been NULL,
which could produce a crash as seen in bug 3361.
2011-06-07 14:46:28 -04:00
Nick Mathewson
8cd5a3c186 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-06-06 16:20:22 -04:00
Nick Mathewson
9e3fc5f616 Merge branch 'bug3306_nm_squashed' into maint-0.2.2 2011-06-06 16:18:24 -04:00
Nick Mathewson
42e4e156d9 Detect insanely large circuit build state; don't give its length to rand_int 2011-06-06 16:18:06 -04:00
Nick Mathewson
5afab5ca19 Check maximum properly in crypto_rand_int()
George Kadianakis notes that if you give crypto_rand_int() a value
above INT_MAX, it can return a negative number, which is not what
the documentation would imply.

The simple solution is to assert that the input is in [1,INT_MAX+1].
If in the future we need a random-value function that can return
values up to UINT_MAX, we can add one.

Fixes bug 3306; bugfix on 0.2.2pre14.
2011-06-06 16:18:06 -04:00
Roger Dingledine
96da10aace Merge branch 'maint-0.2.2' 2011-06-05 11:14:28 -04:00
Roger Dingledine
83e3975c8b Merge branch 'maint-0.2.1' into maint-0.2.2 2011-06-05 11:13:50 -04:00
Roger Dingledine
bf4b819aae move to the june 1 2011 maxmind geoip db 2011-06-05 11:12:28 -04:00
Robert Ransom
8a69cc0468 Report SIGNAL event to controllers when acting on delayed NEWNYM
Fixes bug 3349.
2011-06-05 05:43:27 -07:00
Robert Ransom
f45261cb29 Increase default required uptime for HSDirs to 25 hours 2011-06-03 12:17:53 -04:00
Robert Ransom
1546054d81 Add a VoteOnHidServDirectoriesV2 configuration option 2011-06-03 12:16:55 -04:00
Nick Mathewson
12f9c91c06 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-06-03 11:36:21 -04:00
Nick Mathewson
7aa20b20bf Merge branch 'bug3318c' into maint-0.2.2 2011-06-03 11:34:32 -04:00
Nick Mathewson
bbf2fee8ff Reject 128-byte keys that are not 1024-bit
When we added the check for key size, we required that the keys be
128 bytes.  But RSA_size (which defers to BN_num_bytes) will return
128 for keys of length 1017..1024.  This patch adds a new
crypto_pk_num_bits() that returns the actual number of significant
bits in the modulus, and uses that to enforce key sizes.

Also, credit the original bug3318 in the changes file.
2011-06-03 11:31:19 -04:00
Nick Mathewson
50e4c98a5a Merge remote-tracking branch 'origin/maint-0.2.2' 2011-06-03 11:18:03 -04:00
Nick Mathewson
de069f5ea7 Merge remote-tracking branch 'rransom/bug2748-v2' into maint-0.2.2 2011-06-03 11:16:48 -04:00
Nick Mathewson
13ec1bf5c2 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-06-03 10:47:35 -04:00
Nick Mathewson
b79d50dfcc Changes file for bug2355. 2011-06-02 15:11:21 -04:00
Nick Mathewson
587cc31140 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/rendclient.c
2011-06-02 15:07:08 -04:00
Nick Mathewson
80038b5453 Merge remote-tracking branch 'rransom-tor/bug3309' into maint-0.2.2 2011-06-02 15:06:04 -04:00
Nick Mathewson
6a320b9905 Merge remote-tracking branch 'origin/maint-0.2.2'
This merge was a bit nontrivial, since I had to write a new
node_is_a_configured_bridge to parallel router_is_a_configured_bridge.

Conflicts:
	src/or/circuitbuild.c
2011-06-02 13:05:00 -04:00
Nick Mathewson
385c59798a Merge remote-tracking branch 'arma/bug3321' into maint-0.2.2 2011-06-02 12:55:56 -04:00
Robert Ransom
fc4158dad7 Add info-level log messages during HS-client-state purge
I hope these will never be useful, but having them and not needing them is
better than needing them and not having them.
2011-06-02 03:07:09 -07:00
Robert Ransom
b0e7925c02 Clear last_hid_serv_requests on SIGNAL NEWNYM
Fixes bug #3309.
2011-06-02 02:52:40 -07:00
Jacob Appelbaum
f79a75f597 New configuration option: DisableDebuggerAttachment
If set to 1, Tor will attempt to prevent basic debugging
attachment attempts by other processes. (Default: 1)

Supports Mac OS X and Gnu/Linux.

Sebastian provided useful feedback and refactoring suggestions.

Signed-off-by: Jacob Appelbaum <jacob@appelbaum.net>
2011-06-01 17:35:43 -07:00
Nick Mathewson
a610ebc3a6 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-06-01 11:08:28 -04:00
Nick Mathewson
0fd3ad75da Report wrong key sizes correctly
When we introduced NEED_KEY_1024 in routerparse.c back in
0.2.0.1-alpha, I forgot to add a *8 when logging the length of a
bad-length key.

Bugfix for 3318 on 0.2.0.1-alpha.
2011-06-01 11:07:17 -04:00
Roger Dingledine
7039c34519 fix a bridge edge case similar to 2511
If you had configured a bridge but then switched to a different bridge
via the controller, you would still be willing to use the old one.
2011-05-31 20:43:55 -04:00
Nick Mathewson
d0e7c545ba Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-30 16:14:45 -04:00
Nick Mathewson
e035cea031 Merge branch 'bug3216_v2' into maint-0.2.2 2011-05-30 16:12:53 -04:00
Nick Mathewson
d274f539e5 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-30 15:51:46 -04:00
Sebastian Hahn
ca538290af Warn when two hs use the same directory
This simple implementation has a few issues, but it should do for
0.2.2.x. We will want to revisit this later and make it smarter.
2011-05-30 15:47:06 -04:00
Nick Mathewson
fa1d47293b Merge remote-tracking branch 'origin/maint-0.2.2'
The conflicts were mainly caused by the routerinfo->node transition.

Conflicts:
	src/or/circuitbuild.c
	src/or/command.c
	src/or/connection_edge.c
	src/or/directory.c
	src/or/dirserv.c
	src/or/relay.c
	src/or/rendservice.c
	src/or/routerlist.c
2011-05-30 15:41:46 -04:00
Nick Mathewson
7e67a24038 Merge branch 'bug3045' into maint-0.2.2
Conflicts:
	src/or/circuitbuild.c
2011-05-30 15:18:59 -04:00
Nick Mathewson
21de9d46e2 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/common/compat.c
	src/or/main.c
2011-05-30 14:58:26 -04:00
Nick Mathewson
da7c60dcf3 Merge remote-tracking branch 'public/bug3270' into maint-0.2.2 2011-05-30 14:49:49 -04:00
Nick Mathewson
5dc3c462dc Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-30 12:43:25 -04:00
Nick Mathewson
f08f0e9dde Reinit keys at the start of options_act().
Previously we did this nearer to the end (in the old_options &&
transition_affects_workers() block).  But other stuff cares about
keys being consistent with options... particularly anything which
tries to access a key, which can die in assert_identity_keys_ok().

Fixes bug 3228; bugfix on 0.2.2.18-alpha.
2011-05-30 12:41:46 -04:00
Nick Mathewson
4b57ec6e5e Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/circuituse.c
2011-05-30 12:33:54 -04:00
Robert Ransom
8fc02a8e0c Use the normal four-hop CBT for client intro circuits
Fixes another part of bug 1297.
2011-05-30 12:24:51 -04:00
Robert Ransom
112d204fad Set timestamp_dirty on HS circuits as circuit_expire_building requires
Fixes part of #1297; bugfix on 48e0228f1e,
when circuit_expire_building was changed to assume that timestamp_dirty
was set when a circuit changed purpose to _C_REND_READY.  (It wasn't.)
2011-05-30 12:24:51 -04:00
Nick Mathewson
e676db656d Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-28 02:13:25 -04:00
Nick Mathewson
1f18b5a5d5 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-05-28 02:13:14 -04:00
Nick Mathewson
f43aceb0f1 Fix typo in changes/bug2574. Thanks, rransom 2011-05-28 02:13:04 -04:00
Nick Mathewson
285cf998bc Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/eventdns.c
2011-05-28 02:09:48 -04:00
Nick Mathewson
c319949550 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-05-28 02:08:39 -04:00
Nick Mathewson
ee72557d52 Merge branch 'bug2574' into maint-0.2.1 2011-05-28 02:07:48 -04:00
Nick Mathewson
42b15a0aaa Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-28 01:55:34 -04:00
Nick Mathewson
95ac3ea594 Don't build descriptors if ORPort auto is set and we have no OR listener
This situation can happen easily if you set 'ORPort auto' and
'AccountingMax'.  Doing so means that when you have no ORPort, you
won't be able to set an ORPort in a descriptor, so instead you would
just generate lots of invalid descriptors, freaking out all the time.

Possible fix for 3216; fix on 0.2.2.26-beta.
2011-05-24 21:12:23 +02:00
Nick Mathewson
be76850995 Work correctly if your nameserver is ::1
We had all the code in place to handle this right... except that we
were unconditionally opening a PF_INET socket instead of looking at
sa_family.  Ow.

Fixes bug 2574; not a bugfix on any particular version, since this
never worked before.
2011-05-23 17:42:38 -04:00
Nick Mathewson
a5232e0c4c Fix GCC 4.6's new -Wunused-but-set-variable warnings.
Most instances were dead code; for those, I removed the assignments.
Some were pieces of info we don't currently plan to use, but which
we might in the future.  For those, I added an explicit cast-to-void
to indicate that we know that the thing's unused.  Finally, one was
a case where we were testing the wrong variable in a unit test.
That one I fixed.

This resolves bug 3208.
2011-05-23 17:04:38 -04:00
Nick Mathewson
57810c333a Remove the -F option from tor-resolve.
It used to mean "Force": it would tell tor-resolve to ask tor to
resolve an address even if it ended with .onion.  But when
AutomapHostsOnResolve was added, automatically refusing to resolve
.onion hosts stopped making sense.  So in 0.2.1.16-rc (commit
298dc95dfd), we made tor-resolve happy to resolve anything.

The -F option stayed in, though, even though it didn't do anything.
Oddly, it never got documented.

Found while fixing GCC 4.6 "set, unused variable" warnings.
2011-05-23 16:59:41 -04:00
Nick Mathewson
2527acb2dc Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/common/Makefile.am
	src/or/control.c
2011-05-23 01:23:53 -04:00
Nick Mathewson
b80a8bba19 Merge branch 'feature3049-v2' into maint-0.2.2
Conflicts:
	src/common/Makefile.am
2011-05-23 01:19:04 -04:00
Nick Mathewson
cfeafe5e77 Use a 64-bit type to hold sockets on win64.
On win64, sockets are of type UINT_PTR; on win32 they're u_int;
elsewhere they're int.  The correct windows way to check a socket for
being set is to compare it with INVALID_SOCKET; elsewhere you see if
it is negative.

On Libevent 2, all callbacks take sockets as evutil_socket_t; we've
been passing them int.

This patch should fix compilation and correctness when built for
64-bit windows.  Fixes bug 3270.
2011-05-23 00:17:48 -04:00
Roger Dingledine
af0e8d834e don't mark our descriptor dirty if our onion key hasn't changed 2011-05-21 19:23:27 -04:00
Roger Dingledine
cb7fff193e Merge branch 'maint-0.2.2' 2011-05-21 18:14:16 -04:00
Sebastian Hahn
3ff7925a70 Don't recreate descriptor on sighup
We used to regenerate our descriptor whenever we'd get a sighup. This
was caused by a bug in options_transition_affects_workers() that would
return true even if the options were exactly the same. Down the call
path we'd call init_keys(), which made us make a new descriptor which
the authorities would reject, and the node would subsequently fall out
of the consensus.

This patch fixes only the first part of this bug:
options_transition_affects_workers() behaves correctly now. The second
part still wants a fix.
2011-05-21 16:08:21 -04:00
Robert Ransom
76093af02d Add changes file for #3049 2011-05-20 08:25:43 -07:00
Robert Ransom
90f810801e Fix trailing asterisk in the output of "GETINFO info/names" 2011-05-20 08:25:42 -07:00
Roger Dingledine
0a4649e657 Merge branch 'maint-0.2.2' 2011-05-20 03:03:46 -04:00
Roger Dingledine
b8ffb00cf1 log the reason for publishing a new relay descriptor
now we have a better chance of hunting down the root cause of bug 1810.
2011-05-19 23:59:52 -04:00
Roger Dingledine
18f1b354ec Merge branch 'maint-0.2.2' 2011-05-17 21:15:24 -04:00
Roger Dingledine
073fed06c4 discard circuits when we change our bridge configuration
otherwise we might reuse circuits from the previous configuration,
which could be bad depending on the user's situation
2011-05-17 21:13:59 -04:00
Roger Dingledine
92081f3cdc Merge branch 'maint-0.2.2' 2011-05-17 20:50:18 -04:00
Roger Dingledine
07c5026efa refetch bridge descriptors in a timely fashion
When we configure a new bridge via the controller, don't wait up to ten
seconds before trying to fetch its descriptor. This wasn't so bad when
you listed your bridges in torrc, but it's dreadful if you configure
your bridges via vidalia.
2011-05-17 20:48:46 -04:00
Nick Mathewson
c240efab86 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-17 19:53:06 -04:00
Nick Mathewson
bc89ef0ca8 Merge branch 'bug2752' into maint-0.2.2 2011-05-17 19:51:53 -04:00
Nick Mathewson
9674fe7e2f Add credit to bug2752; correct the issue number in the changes file 2011-05-17 19:50:52 -04:00
Nick Mathewson
e0e8424f1e Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-17 19:47:48 -04:00
Nick Mathewson
21ed575826 Handle NULL argument to get_configured_bridge_by_addr_port_digest
Fixes bug 2313; bugfix on 0.2.2.26-beta.
2011-05-17 19:46:47 -04:00
Robert Ransom
480a75cbbd Check onion keys in microdescriptors, too 2011-05-17 19:39:00 -04:00
Nick Mathewson
2e85c3a5c9 Remove from maint-0.2.2 changes files merged in release-0.2.2 and master 2011-05-16 16:43:04 -04:00
Nick Mathewson
952ae0ea69 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
Conflicts:
	changes/bug2190
	changes/forget-rend-descs-on-newnym
2011-05-16 16:40:57 -04:00
Nick Mathewson
0d94f78705 rm files for changes merged in all of release021, release022, master 2011-05-16 16:17:35 -04:00
Michael Yakubovich
a3707a1052 Fix bug2752 : 48-char HTTPProxyAuthenticator limitation
Bumped the char maximum to 512 for HTTPProxyAuthenticator &
HTTPSProxyAuthenticator. Now stripping all '\n' after base64
encoding in alloc_http_authenticator.
2011-05-16 16:09:35 -04:00
Nick Mathewson
03ccce6d77 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-16 14:50:53 -04:00
Nick Mathewson
e908e3a332 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
Fixed trivial conflict due to headers moving into their own .h files
from or.h.

Conflicts:
	src/or/or.h
2011-05-16 14:49:55 -04:00
Robert Ransom
987190c2bc Require that certain public keys have public exponent 65537 2011-05-16 14:28:46 -04:00
Robert Ransom
7571e9f1cb Check fetched rendezvous descriptors' service IDs 2011-05-16 14:07:24 -04:00
Nick Mathewson
e423447f53 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/connection.c
2011-05-16 11:12:22 -04:00
Nick Mathewson
919bf6ff3c Merge remote-tracking branch 'public/bug2850' into maint-0.2.2
Fixed a trivial conflict where this and the ControlSocketGroupWritable
code both added different functions to the same part of connection.c.

Conflicts:
	src/or/connection.c
2011-05-16 11:10:17 -04:00
Nick Mathewson
de8e0ef0bd Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-15 22:15:06 -04:00
Nick Mathewson
83fe07d3f2 Increase the length of the buffer in smartlist_string_num_isin().
This was harmless, since we only used this for checking for lists of
port values, but it's the principle of the thing.

Fixes 3175; bugfix on 0.1.0.1-rc
2011-05-15 22:13:53 -04:00
Nick Mathewson
b6eee716a8 changes file for bug3045 2011-05-15 22:02:24 -04:00
Nick Mathewson
4ac8ff9c9f Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-15 20:22:44 -04:00
Nick Mathewson
4b800408fa Check permissions on the directory holding a control socket 2011-05-15 20:20:29 -04:00
Sebastian Hahn
4198261291 Clean up the 2972 implementation a little 2011-05-15 20:20:28 -04:00
Nick Mathewson
f2c1702182 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/circuitbuild.h
2011-05-15 20:17:17 -04:00
Nick Mathewson
2b9c5ee301 Preserve bridge download status across SETCONF, HUP
This code changes it so that we don't remove bridges immediately when
we start re-parsing our configuration.  Instead, we mark them all, and
remove all the marked ones after re-parsing our bridge lines.  As we
add a bridge, we see if it's already in the list.  If so, we just
unmark it.

This new behavior will lose the property we used to have that bridges
were in bridge_list in the same order in which they appeared in the
torrc.  I took a quick look through the code, and I'm pretty sure we
didn't actually depend on that anywhere.

This is for bug 3019; it's a fix on 0.2.0.3-alpha.
2011-05-15 20:13:44 -04:00
Nick Mathewson
1f7b9e61ce Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-15 12:18:39 -04:00
Nick Mathewson
69ff26b05c Merge branch 'bug3026' into maint-0.2.2 2011-05-15 12:18:23 -04:00
Nick Mathewson
37e3fb8af2 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/connection_edge.c
2011-05-15 11:44:51 -04:00
Nick Mathewson
a5d40c2d0f Merge branch 'bug1345' into maint-0.2.2 2011-05-15 11:40:14 -04:00
Nick Mathewson
2fd9cfdc23 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/routerlist.c
2011-05-15 11:23:02 -04:00
Nick Mathewson
228b77f64e Merge branch 'bug2732-simpler' into maint-0.2.2 2011-05-15 11:17:54 -04:00
Nick Mathewson
7236bb77e2 Add a changes file for bug3183. 2011-05-15 11:08:46 -04:00
Nick Mathewson
da8297dbcb Handle transitions in Automap*, VirtualAddrNetwork correctly
Previously, if they changed in torrc during a SIGHUP, all was well,
since we would just clear all transient entries from the addrmap
thanks to bug 1345.  But if you changed them from the controller, Tor
would leave old mappings in place.

The VirtualAddrNetwork bug has been here since 0.1.1.19-rc; the
AutomapHosts* bug has been here since 0.2.0.1-alpha.
2011-05-13 16:59:31 -04:00
Nick Mathewson
a3ae591115 When TrackExitHosts changes, remove all no-longer-valid mappings
This bug couldn't happen when TrackExitHosts changed in torrc, since
the SIGHUP to reload the torrc would clear out all the transient
addressmap entries before.  But if you used SETCONF to change
TrackExitHosts, old entries would be left alone: that's a bug, and so
this is a bugfix on Tor 0.1.0.1-rc.
2011-05-13 16:28:50 -04:00
Nick Mathewson
09da83e1e8 Don't clear out transient addressmap entries on HUP
If you really want to purge the client DNS cache, the TrackHostExits
mappings, and the virtual address mappings, you should be using NEWNYM
instead.

Fixes bug 1345; bugfix on Tor 0.1.0.1-rc.

Note that this needs more work: now that we aren't nuking the
transient addressmap entries on HUP, we need to make sure that
configuration changes to VirtualAddressMap and TrackHostExits actually
have a reasonable effect.
2011-05-13 16:20:01 -04:00
Nick Mathewson
600744b4be Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/config.c
	src/or/dirserv.c
	src/or/or.h
2011-05-13 10:48:07 -04:00
Nick Mathewson
7f654a6a6f Add a ControlPortFileGroupWritable option 2011-05-13 10:41:29 -04:00
Nick Mathewson
dad12188a6 Write automatically-chosen control ports to a file. 2011-05-13 10:41:28 -04:00
Nick Mathewson
c55c8f0d49 new GETINFO command to return list of listeners of a given type 2011-05-13 10:41:19 -04:00
Nick Mathewson
5fec8fe559 "(Socks|Control|etc)Port auto" now tells Tor to open an arbitrary port
This is the major part of the implementation for trac issue 3076.
2011-05-13 10:41:18 -04:00
Nick Mathewson
af85017177 Merge remote-tracking branch 'public/bug3122_memcmp_023' 2011-05-12 19:27:18 -04:00
Nick Mathewson
59a6df8882 Merge remote-tracking branch 'public/bug3122_memcmp_022' into maint-0.2.2 2011-05-12 19:25:14 -04:00
Nick Mathewson
1f678277a1 Merge remote-tracking branch 'public/bug3122_memcmp_squashed' into maint-0.2.1 2011-05-12 19:20:40 -04:00
Nick Mathewson
696cd1cfe2 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-12 18:51:33 -04:00
Nick Mathewson
379de3d10a Add changes file for bug2503 2011-05-12 18:49:28 -04:00
Nick Mathewson
621e95a4f3 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-12 11:21:59 -04:00
Nick Mathewson
bdff7e3299 Unmap microdesc cache before replacing it.
If we do a replace-then-munmap, windows will never actually rewrite
the microdesc cache.

Found by wanoskarnet; bugfix on 0.2.2.6-alpha.
2011-05-12 11:19:52 -04:00
Nick Mathewson
4ba9f3e317 Track where microdescs are referenced to prevent free errs
On IRC, wanoskarnet notes that if we ever do microdesc_free() on a
microdesc that's in the nodelist, we're in trouble.  Also, we're in
trouble if we free one that's still in the microdesc_cache map.

This code adds a flag to microdesc_t to note where the microdesc is
referenced from, and checks those flags from microdesc_free().  I
don't believe we have any errors here now, but if we introduce some
later, let's log and recover from them rather than introducing
heisenbugs later on.

Addresses bug 3153.
2011-05-12 11:10:35 -04:00
Nick Mathewson
7779c63e93 Accept hs descriptors even if we don't see an HSDir for us
The old behavior contributed to unreliability when hidden services and
hsdirs had different consensus versions, and so had different opinions
about who should be cacheing hsdir info.

Bugfix on 0.2.0.10-alpha; based on discussions surrounding bug 2732.
2011-05-12 00:53:07 -04:00
Nick Mathewson
6b83b3ba2a bug 3026: do not upload our vote to ourself 2011-05-12 00:47:00 -04:00
Nick Mathewson
3968e8d14b Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-12 00:14:44 -04:00
Nick Mathewson
b47f574c1e Merge branch 'bug1352' into maint-0.2.2 2011-05-12 00:14:10 -04:00
Nick Mathewson
7649adbce6 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-11 22:55:29 -04:00
Nick Mathewson
8057b7363e Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-05-11 22:52:26 -04:00
Nick Mathewson
13847b8db6 Fix crash when read_file_to_string() fails in SAVECONF
The new behavior is to try to rename the old file if there is one there
that we can't read.  In all likelihood, that will fail too, but at least
we tried, and at least it won't crash.
2011-05-11 22:05:41 -04:00
Nick Mathewson
9fba014e3f Merge remote-tracking branch 'public/bug3122_memcmp_022' into bug3122_memcmp_023
Conflicts in various places, mainly node-related.  Resolved them in
favor of HEAD, with copying of tor_mem* operations from bug3122_memcmp_022.

	src/common/Makefile.am
	src/or/circuitlist.c
	src/or/connection_edge.c
	src/or/directory.c
	src/or/microdesc.c
	src/or/networkstatus.c
	src/or/router.c
	src/or/routerlist.c
	src/test/test_util.c
2011-05-11 16:39:45 -04:00
Nick Mathewson
44ad734573 Merge remote-tracking branch 'public/3122_memcmp_squashed' into bug3122_memcmp_022
Conflicts throughout.  All resolved in favor of taking HEAD and
adding tor_mem* or fast_mem* ops as appropriate.

	src/common/Makefile.am
	src/or/circuitbuild.c
	src/or/directory.c
	src/or/dirserv.c
	src/or/dirvote.c
	src/or/networkstatus.c
	src/or/rendclient.c
	src/or/rendservice.c
	src/or/router.c
	src/or/routerlist.c
	src/or/routerparse.c
	src/or/test.c
2011-05-11 16:24:29 -04:00
Nick Mathewson
4b19730c82 Add a data-independent variant of memcmp and a d-i memeq function.
The tor_memcmp code is by Robert Ransom, and the tor_memeq code is
by me.  Both incorporate some ideas from DJB's stuff.
2011-05-11 16:12:33 -04:00
Roger Dingledine
6d5478a8a7 Merge branch 'maint-0.2.2' 2011-05-10 23:06:12 -04:00
Roger Dingledine
7206d784dc Merge branch 'maint-0.2.1' into maint-0.2.2 2011-05-10 23:05:51 -04:00
Roger Dingledine
e7b10e5ecf Update to the May 1 2011 Maxmind GeoLite Country database 2011-05-10 23:04:11 -04:00
Nick Mathewson
e6980faec4 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/directory.c
2011-05-09 13:39:51 -04:00
Nick Mathewson
09d7af7789 Merge remote-tracking branch 'public/bug3022_v2' into maint-0.2.2 2011-05-09 13:37:56 -04:00
Nick Mathewson
acd6a4856b Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/connection.c
2011-05-09 13:36:40 -04:00
Sebastian Hahn
1c668540fe Fix potential null pointer deref during dirvote
Found by using clang's analyzer.
2011-05-09 13:19:46 -04:00
Sebastian Hahn
1827e60976 Fix a potential null deref when rebuilding md cache
Issue discovered using clang's static analyzer
2011-05-09 13:19:45 -04:00
Sebastian Hahn
e36f9d1d9b Link to libevent_openssl statically when requested
When configure tor with --enable-bufferevents and
--enable-static-libevent, libevent_openssl would still be linked
dynamically. Fix this and refactor src/or/Makefile.am along the way.
2011-05-06 15:38:32 +02:00
Nick Mathewson
4cc348e896 Code to make clients fetch and use microdescriptors for circuit building
To turn this on, set UseMicrodescriptors to "1" (or "auto" if you
want it on-if-you're-a-client).  It should go auto-by-default once
0.2.3.1-alpha is released.

Because of our node logic, directory caches will never use
microdescriptors when they have the right routerinfo available.
2011-05-05 20:54:12 -04:00
Nick Mathewson
3b0140b811 Tweak 0.2.3.1-alpha changelog, add more entries. 2011-05-05 13:43:15 -04:00
Nick Mathewson
08efa70c41 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-04 23:29:56 -04:00
Nick Mathewson
9583a534ac Merge remote-tracking branch 'rransom/bug3106' into maint-0.2.2 2011-05-04 23:18:47 -04:00
Robert Ransom
66339f74b4 Handle crypto_pk_get_digest failures semi-sensibly
Fixes bug 3106.
2011-05-04 20:06:24 -07:00
Nick Mathewson
4c9bd06d0d Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-04 17:38:33 -04:00
Nick Mathewson
aba7bb705a Set SO_REUSEADDR on all sockets, not just listeners
See bug 2850 for rationale: it appears that on some busy exits, the OS
decides that every single port is now unusable because they have been
all used too recently.
2011-05-03 22:22:20 -04:00
Nick Mathewson
b04dca448d Add some missing torrc entries to tor.1.txt
Fixes bug 2379
2011-05-03 22:14:40 -04:00
Nick Mathewson
5ee5103f63 Initial draft changelog for 0.2.3.1-alpha 2011-05-03 21:33:10 -04:00
Nick Mathewson
993536e78e Remove changes files already merged into release-0.2.2 2011-05-03 20:54:37 -04:00
Nick Mathewson
599d1b62b4 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/main.c
	src/or/microdesc.c
2011-05-03 17:30:58 -04:00
Nick Mathewson
68ae5afa5a Change who calls microdesc_cache_rebuild().
Previously we ensured that it would get called periodically by doing
it from inside the code that added microdescriptors.  That won't work
though: it would interfere with our code that tried to read microdescs
from disk initially.  Instead, we should consider rebuilding the cache
periodically, and on startup.
2011-05-03 17:28:28 -04:00
Nick Mathewson
56fbd728c2 Backport microdesc_cache_clean to 0.2.2
Otherwise we have no way to keep authorities' microdesc caches in 0.2.2
from growing without bound.
2011-05-03 16:45:15 -04:00
Nick Mathewson
1f97e8322f Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/microdesc.c
2011-05-03 16:33:41 -04:00
Nick Mathewson
970715dd8f Fix a check for when to rebuild the microdesc cache. (Backport from 0.2.3. 2011-05-03 16:29:39 -04:00
Nick Mathewson
698fa0fc67 Add missing code to set cache->journal_len when reading microdesc journal
This could be one reason that authorities' journals would grow without
bound; related to bug 2230. Bugfix on 0.2.2.6-alpha.  Fix by
"cypherpunks".
2011-05-03 16:22:31 -04:00
Nick Mathewson
a23ec308e4 Remove changes files that were merged to changelogs of 0.2.2.25-alpha or earlier 2011-04-29 15:25:33 -04:00
Nick Mathewson
4f7587a5ed Tweak the startup message to be more helpful
Instead of just saying "boogity boogity!" let's actually warn people
that they need to configure stuff right to be safe, and point them
at instructions for how to do that.

Resolves bug 2474.
2011-04-28 22:00:22 -04:00
Nick Mathewson
bcdffc0f80 Rate-limit v2 networkstatus download fail warnings
This fixes part of 1352.  We don't care deeply about these warnings,
since v2 networkstatuses aren't a big deal.
2011-04-28 21:25:24 -04:00
Nick Mathewson
20d6ac3530 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-28 21:17:51 -04:00
Nick Mathewson
f0d9e2d650 Merge remote-tracking branch 'arma/bug3012' into maint-0.2.2 2011-04-28 21:15:14 -04:00
Roger Dingledine
66de6f7eb8 relays checkpoint their state file twice a day 2011-04-28 21:06:25 -04:00
Nick Mathewson
cd42ae7185 Only authorities should automatically download v2 networkstatus documents
Clients and relays haven't used them since early 0.2.0.x.  The only
remaining use by authorities learning about new relays ahead of scedule;
see proposal 147 for what we intend to do about that.

We're leaving in an option (FetchV2Networkstatus) to manually fetch v2
networkstatuses, because apparently dnsel and maybe bwauth want them.

This fixes bug 3022.
2011-04-28 21:06:07 -04:00
Nick Mathewson
b0a7e0d6ca Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-28 20:55:03 -04:00
Nick Mathewson
4010427b51 Merge remote-tracking branch 'arma/bug3039' into maint-0.2.2 2011-04-28 20:53:44 -04:00
Roger Dingledine
df3cf881d1 stop putting wacky values into state->lastwritten 2011-04-28 20:40:15 -04:00
Nick Mathewson
9d67d16c6a Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-28 20:38:50 -04:00
Nick Mathewson
6b9aadd557 Merge remote-tracking branches 'rransom/bug2722' and 'rransom/bug2722b' into maint-0.2.2 2011-04-28 20:36:38 -04:00
Nick Mathewson
bb8689b864 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-28 20:05:48 -04:00
Sebastian Hahn
525d2700dd Correctly check elapsed time in last hibernation period
Fix bug 3020.
2011-04-29 01:18:32 +02:00
Nick Mathewson
f38ecd5ac0 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-28 18:14:50 -04:00
Robert Ransom
b8708b5bd3 Fix bug 1930 2011-04-28 18:11:58 -04:00
Robert Ransom
ddd1b7be2d Ignore SIGNAL NEWNYM on relay-only Tor instances 2011-04-28 18:10:17 -04:00
Robert Ransom
df5c7fedbd Don't allow v0 HS auths to act as clients
A v0 HS authority stores v0 HS descriptors in the same descriptor
cache that its HS client functionality uses.  Thus, if the HS
authority operator clears its client HS descriptor cache, ALL v0
HS descriptors will be lost.  That would be bad.
2011-04-28 18:10:16 -04:00
Nick Mathewson
8b33928676 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-28 17:15:31 -04:00
Nick Mathewson
51e551d383 Detect and handle NULL returns from (gm/local)time_r
These functions can return NULL for otherwise-valid values of
time_t.  Notably, the glibc gmtime manpage says it can return NULL
if the year if greater than INT_MAX, and the windows MSDN gmtime
page says it can return NULL for negative time_t values.

Also, our formatting code is not guaranteed to correctly handle
years after 9999 CE.

This patch tries to correct this by detecting NULL values from
gmtime/localtime_r, and trying to clip them to a reasonable end of
the scale.  If they are in the middle of the scale, we call it a
downright error.

Arguably, it's a bug to get out-of-bounds dates like this to begin
with.  But we've had bugs of this kind in the past, and warning when
we see a bug is much kinder than doing a NULL-pointer dereference.

Boboper found this one too.
2011-04-28 17:12:54 -04:00
Nick Mathewson
88638d40ca Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-28 16:05:59 -04:00
Nick Mathewson
3055acbdbe Merge remote-tracking branch 'sebastian/bug2497' into maint-0.2.2 2011-04-28 16:05:34 -04:00
Nick Mathewson
32918e954f Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/rendcommon.h
2011-04-28 15:57:27 -04:00
Sebastian Hahn
4b13ebd5ab Merge branch 'bug3k_021' into bug3k_022
Conflicts:
	src/or/or.h
	src/or/rendclient.c
2011-04-28 19:00:34 +02:00
Robert Ransom
2ad18ae736 Allow rend_client_send_introduction to fail transiently
i.e. without closing the AP connection.
2011-04-28 18:14:50 +02:00
Robert Ransom
440e48ddf2 Forget all rendezvous client state on SIGNAL NEWNYM 2011-04-28 18:14:50 +02:00
Nick Mathewson
26456d3354 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-27 22:14:54 -04:00
Nick Mathewson
0130e7c9d2 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
Conflicts:
	src/common/torint.h
2011-04-27 22:14:28 -04:00
Nick Mathewson
26c022ecbc Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-27 17:26:40 -04:00
Nick Mathewson
7f85509a59 I guess that had a bug number: add it to the changes file. 2011-04-27 17:26:28 -04:00
Nick Mathewson
34510f9278 Fix clear_trackhostexits_mapping() to actually work as advertised
Previously, it would remove every trackhostexits-derived mapping
*from* xyz.<exitname>.exit; it was supposed to remove every
trackhostexits-derived mapping *to* xyz.<exitname>.exit.

Bugfix on 0.2.0.20-rc: fixes an XXX020 added while staring at bug-1090
issues.
2011-04-27 17:23:05 -04:00
Nick Mathewson
78c610eea9 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	doc/tor.1.txt
2011-04-27 15:20:01 -04:00
cypherpunks
247cbab6c8 Fix double-free bug in microdesc parser 2011-04-27 15:15:32 -04:00
Nick Mathewson
8b686d98c4 Merge maint-0.2.2 for the bug1090-part1-squashed branch
Resolved conflicts in:
	doc/tor.1.txt
	src/or/circuitbuild.c
	src/or/circuituse.c
	src/or/connection_edge.c
	src/or/connection_edge.h
	src/or/directory.c
	src/or/rendclient.c
	src/or/routerlist.c
	src/or/routerlist.h

These were mostly releated to the routerinfo_t->node_t conversion.
2011-04-27 14:36:30 -04:00
Nick Mathewson
c49f660c1a Add a big changelog entry for bug 1090 fixes 2011-04-27 13:33:38 -04:00
Roger Dingledine
f7a5bc16d6 warn if we launch too many circuits for a given stream 2011-04-27 00:01:41 -04:00
Nick Mathewson
4851de554d Do not automatically ignore Fast/Stable for exits when ExitNodes is set
This once maybe made sense when ExitNodes meant "Here are 3 exits;
use them all", but now it more typically means "Here are 3
countries; exit from there."  Using non-Fast/Stable exits created a
potential partitioning opportunity and an annoying stability
problem.

(Don't worry about the case where all of our ExitNodes are non-Fast
or non-Stable: we handle that later in the function by retrying with
need_capacity and need_uptime set to 0.)
2011-04-26 23:54:16 -04:00
Nick Mathewson
3256627a45 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/main.h
2011-04-26 15:30:51 -04:00
Nick Mathewson
a7a906603e Merge remote-tracking branch 'sebastian/bug2917' into maint-0.2.2 2011-04-26 15:17:03 -04:00
Nick Mathewson
43ffd023e9 Make SIZE_T_CEILING unsigned; add a signed SSIZE_T_CEILING
None of the comparisons were _broken_ previously, but avoiding
signed/unsigned comparisons makes everybody happier.

Fixes bug2475.
2011-04-26 13:03:58 -04:00
Nick Mathewson
47f472510f Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/rephist.c
2011-04-26 12:49:58 -04:00
Nick Mathewson
bb6d45af1f Downgrade notice to info when downloading a cert. 2011-04-26 12:47:09 -04:00
Nick Mathewson
6a726d34e1 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-26 11:15:03 -04:00
Nick Mathewson
f083347adf Merge remote-tracking branch 'sebastian/bug2704' into maint-0.2.2 2011-04-26 11:07:48 -04:00
Nick Mathewson
075d904d39 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/dirserv.h
2011-04-26 11:05:54 -04:00
Sebastian Hahn
6fde2b46d2 Fix more of bug 2704
The last entry of the *Maxima values in the state file was inflated by a
factor of NUM_SECS_ROLLING_MEASURE (currently 10). This could lead to
a wrong maximum value propagating through the state file history.
2011-04-26 15:36:17 +02:00
Sebastian Hahn
4c789ec08c Don't leak the local hostname in relay nicknames
Fixes bug 2979, reported by tagnaq.
2011-04-26 05:08:32 +02:00
Nick Mathewson
5230cc4fe7 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-25 19:04:13 -04:00
Nick Mathewson
f3b58dfa53 Merge commit '91aa6f08bcf0acbdfa038aaffe73e327ddd87c67' into maint-0.2.2 2011-04-25 19:03:15 -04:00
Sebastian Hahn
91aa6f08bc Make the Log configuration option expand ~ 2011-04-22 16:06:52 +02:00
Nick Mathewson
fdbdaf8fab Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-21 13:41:38 -04:00
Nick Mathewson
a0514ba531 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-04-21 13:40:00 -04:00
Nick Mathewson
e98583594d Fix a bug in removing DNSPort requests from their circular list
Under heavy load, this could result in an assertion failure.  Fix for
bug 2933; bugfix on 0.2.0.10-alpha.
2011-04-21 13:39:00 -04:00
Nick Mathewson
7c83d4043d Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-19 15:39:04 -04:00
Sebastian Hahn
3f7f96d9e7 Prevent hugely inflated observed bandwidth values
When reading the bw history from the state file, we'd add the 900-second
value as traffic that occured during one second. Fix that by adding the
average value to each second.

This bug was present since 0.2.0.5-alpha, but was hidden until
0.2.23-alpha when we started using the saved values.
2011-04-19 15:38:26 -04:00
Sebastian Hahn
13c3884ff6 Don't sometimes undercount bw average
This fixes the first part of bug 2704. It should occur only rarely when
no bw maxima are known. Bugfix on 0.2.2.23-alpha. Fixes bug 2704.
2011-04-19 15:38:10 -04:00
Nick Mathewson
9eeb902d12 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-19 12:37:18 -04:00
Nick Mathewson
f52cfbfc00 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-19 12:31:55 -04:00
Nick Mathewson
0e554f93d6 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-04-19 12:31:42 -04:00
Nick Mathewson
bba47a836c Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-19 12:30:36 -04:00
Sebastian Hahn
c1927d7d5f Don't report empty bw-history lines in extrainfo
Some tor relays would report lines like these in their extrainfo
documents:
dirreq-write-history 2011-03-14 16:46:44 (900 s)

This was confusing to some people who look at the stats. It would happen
whenever a relay first starts up, or when a relay has dirport disabled.
Change this so that lines without actual bw entries are omitted.
Implements ticket 2497.
2011-04-19 14:51:40 +02:00
Nick Mathewson
48bdc2f729 Correct HS descriptor length check
Fixes bug 2948.
2011-04-18 13:53:13 -07:00
Robert Ransom
130db1bdeb Merge branch 'bug2750-v3' into bug2948 2011-04-18 13:36:19 -07:00
Robert Ransom
bfebc942ea Correct the warning emitted when rejecting an oversized HS desc 2011-04-18 13:17:40 -07:00
Sebastian Hahn
5114e3e442 Make SIGNAL DUMP work on FreeBSD
While doing so, get rid of the now unnecessary function
control_signal_act().

Fixes bug 2917, reported by Robert Ransom. Bugfix on commit
9b4aa8d2ab. This patch is loosely based on
a patch by Robert (Changelog entry).
2011-04-15 05:35:30 +02:00
Sebastian Hahn
4cbbb92e7f Add a changes file for the osx 10.6 compile fix
We forgot to put it into 0.2.2.24-alpha.
2011-04-08 22:56:28 +02:00
Nick Mathewson
85ac832a14 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-07 20:27:39 -04:00
Gisle Vanem
70e0291468 Use GetTempDir instead of hardcoded path to c:\windows\tmp for unittests 2011-04-07 18:34:11 -04:00
Nick Mathewson
67d88a7d60 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/common/address.c
	src/common/compat_libevent.c
	src/common/memarea.c
	src/common/util.h
	src/or/buffers.c
	src/or/circuitbuild.c
	src/or/circuituse.c
	src/or/connection.c
	src/or/directory.c
	src/or/networkstatus.c
	src/or/or.h
	src/or/routerlist.c
2011-04-07 12:17:20 -04:00
Nick Mathewson
ba0cd8094f Merge remote-tracking branch 'public/xxx_fixups' into maint-0.2.2
Conflicts:
	src/or/or.h
2011-04-07 12:03:04 -04:00
Nick Mathewson
07ab483e62 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-07 11:55:17 -04:00
Nick Mathewson
118d8ffdcb Allow controllers a more up-to-date view of bridge usage.
Instead of answering GETINFO requests about our geoip usage only after
running for 24 hours, this patch makes us answer GETINFO requests
immediately.  We still round and quantize as before.

Implements bug2711.

Also, refactor the heck out of the bridge usage formatting code.  No
longer should we need to do a generate-parse-and-regenerate cycle to
get the controller string, and that lets us simplify the code a lot.
2011-04-07 11:53:37 -04:00
Nick Mathewson
32341ac467 Merge remote-tracking branch 'public/bug2402_again' into maint-0.2.1 2011-04-06 16:13:22 -04:00
Nick Mathewson
1a49fdecf8 Tweaks to Cagara's CountPrivateBandwidth patch:
- Document it in the manpage
  - Add a changes entry
  - No need to log when it is set: we don't log for other options.
  - Use doxygen to document the new flag.
  - Test truth of C variables with "if (x)", not "if (x == 1)".
  - Simplify a complex boolean expression by breaking it up.
2011-04-05 16:24:42 -04:00
Nick Mathewson
3a9d0b4b9c remove duplicate changes file for 2702 2011-04-04 16:09:44 -04:00
Nick Mathewson
3cf23be712 Merge branch 'static-work' 2011-04-04 15:35:23 -04:00
Nick Mathewson
ad1ae44154 Changes file for static-work branch 2011-04-04 15:35:16 -04:00
Roger Dingledine
1587e0d470 Merge branch 'maint-0.2.2' 2011-04-04 03:54:03 -04:00
Roger Dingledine
9d2b3849b2 Merge branch 'maint-0.2.1' into maint-0.2.2 2011-04-04 03:53:38 -04:00
Roger Dingledine
0cdd262941 switch to the apr 2011 geoip db 2011-04-04 03:52:58 -04:00
Sebastian Hahn
e97f78d789 Small fixes for the 2702 implementation
Improve the INSTALL documentation for static builds, remove a few
unnecessary lines from configure.in and tweak the changelog message
slightly.
2011-04-02 12:15:08 +02:00
Jacob Appelbaum
fe051a43c1 add --enable-static-tor to our configure script
This implements the feature request in bug #2702
2011-04-02 11:09:38 +02:00
Nick Mathewson
ee871e7a0e Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/common/compat.h
	src/or/circuitlist.c
	src/or/circuituse.c
	src/or/or.h
	src/or/rephist.c
2011-03-30 14:55:50 -04:00
Nick Mathewson
65eb0e41ac Use cbt to tell when to launch parallel intro circuit
Implement feature from trac #2799
2011-03-30 14:41:53 -04:00
Nick Mathewson
aa950e6c48 Use timevals, not time_t, when expiring circuits.
We've got millisecond timers now, we might as well use them.

This change won't actually make circuits get expiered with microsecond
precision, since we only call the expiry functions once per second.
Still, it should avoid the situation where we have a circuit get
expired too early because of rounding.

A couple of the expiry functions now call tor_gettimeofday: this
should be cheap since we're only doing it once per second.  If it gets
to be called more often, though, we should onsider having the current
time be an argument again.
2011-03-30 14:41:41 -04:00
Nick Mathewson
22f7042b91 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-03-28 17:49:34 -04:00
Erinn Clark
3a7cee9d29 Fix configure.in zlib package names. 2011-03-28 17:48:22 -04:00
Nick Mathewson
fc64783278 Send END_STREAM_REASON_NOROUTE: clients that didn't grok it are now obsolete 2011-03-28 13:42:59 -04:00
Nick Mathewson
18126f92a7 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-03-28 12:17:35 -04:00
Sebastian Hahn
4762118832 Small tweaks for bug2698 bugfix 2011-03-27 05:38:53 +02:00
Jacob Appelbaum
b62abf9f21 Fix libevent autoconf bug #2698 2011-03-27 05:38:51 +02:00
Nick Mathewson
432734279d Fix handling of StreamID exhaustion.
Since svn r1475/git 5b6099e8 in tor-0.0.6, we have responded to an
exhaustion of all 65535 stream IDs on a circuit by marking that
circuit for close.  That's not the right response.  Instead, we
should mark the circuit as "too dirty for new circuits".

Of course in reality this isn't really right either.  If somebody
has managed to cram 65535 streams onto a circuit, the circuit is
probably not going to work well for any of those streams, so maybe
we should be limiting the number of streams on an origin circuit
concurrently.

Also, closing the stream in this case is probably the wrong thing to
do as well, but fixing that can also wait.
2011-03-25 18:32:28 -04:00
Nick Mathewson
550749555c Remove workaround code for bug539
We fixed bug 539 (where directories would say "503" but send data
anyway) back in 0.2.0.16-alpha/0.1.2.19.  Because most directory
versions were affected, we added workaround to make sure that we
examined the contents of 503-replies to make sure there wasn't any
data for them to find.  But now that such routers are nonexistent,
we can remove this code.  (Even if somebody fired up an 0.1.2.19
directory cache today, it would still be fine to ignore data in its
erroneous 503 replies.)
2011-03-25 18:32:28 -04:00
Nick Mathewson
dddd333a80 Fix some 'impossible' overflow bugs in byte counting
The first was genuinely impossible, I think: it could only happen
when the amount we read differed from the amount we wanted to read
by more than INT_MAX.

The second is just very unlikely: it would give incorrect results to
the controller if you somehow wrote or read more than 4GB on one
edge conn in one second.  That one is a bugfix on 0.1.2.8-beta.
2011-03-25 18:32:28 -04:00
Nick Mathewson
6a5b94de6c Look at the right errno when sending reason for connect() failure
In afe414 (tor-0.1.0.1-rc~173), when we moved to
connection_edge_end_errno(), we used it in handling errors from
connection_connect().  That's not so good, since by the time
connection_connect() returns, the socket is no longer set, and we're
supposed to be looking at the socket_errno return value from
connection_connect() instead.  So do what we should've done, and
look at the socket_errno value that we get from connection_connect().
2011-03-25 18:32:28 -04:00
Nick Mathewson
444e46d96d Remove the "fuzzy time" code
It was the start of a neat idea, but it only got used in 3 places,
none of which really needed it.
2011-03-25 16:28:37 -04:00
Nick Mathewson
8b393afa94 Merge remote branch 'origin/maint-0.2.2'
Trivial Conflicts:
	configure.in
2011-03-18 12:44:37 -04:00
Nick Mathewson
f3d6663665 Merge remote branch 'sebastian/bug2696' into maint-0.2.2 2011-03-18 12:39:40 -04:00
Sebastian Hahn
4aac35cafa Add 2696 changes file 2011-03-18 17:13:43 +01:00
Nick Mathewson
b1b6552251 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/common/crypto.c
2011-03-16 17:16:54 -04:00
Nick Mathewson
cf399f1034 add changes file for the doxygen issues 2011-03-16 17:13:27 -04:00
Nick Mathewson
415caba967 Merge remote branch 'arma/optimistic_server' 2011-03-15 17:20:41 -04:00
Nick Mathewson
737228ed8e Merge remote branch 'origin/maint-0.2.2' 2011-03-15 17:18:29 -04:00
Nick Mathewson
c5ffd44ccd Merge branch 'bug2756_relay' into maint-0.2.2 2011-03-15 17:13:07 -04:00
Nick Mathewson
4dde69a6d0 Merge remote branch 'origin/maint-0.2.2' 2011-03-15 15:19:38 -04:00
Nick Mathewson
ab418447eb Merge branch 'bug2757' into maint-0.2.2 2011-03-15 15:18:15 -04:00
Nick Mathewson
84f27eb051 Merge remote branch 'origin/maint-0.2.2' 2011-03-15 14:50:42 -04:00
Robert Ransom
98abe1420d Fix a log message typo 2011-03-15 09:48:26 -07:00
Robert Ransom
3af59dcaee Log the source of a rejected POSTed v3 vote
Related to ticket 2683.
2011-03-15 09:16:58 -07:00
Nick Mathewson
06f026de66 Check newconn, not conn, before marking newconn for close
This fixes bug 2757.  It's a bugfix on 85da676108.
2011-03-14 18:52:15 -04:00
Nick Mathewson
6a97450cbd Add changes file for server-side optimistic data patch 2011-03-14 18:25:20 -04:00
Nick Mathewson
1d36a8e9ae Consider sending stream-level SENDME cells on partial flushes.
Right now, we only consider sending stream-level SENDME cells when we
have completely flushed a connection_edge's outbuf, or when it sends
us a DATA cell.  Neither of these is ideal for throughput.

This patch changes the behavior so we now call
connection_edge_consider_sending_sendme when we flush _some_ data from
an edge outbuf.

Fix for bug 2756; bugfix on svn r152.
2011-03-14 17:48:45 -04:00
Nick Mathewson
ebf6786ab3 Merge remote branch 'origin/maint-0.2.2'
Fixed conflict: router_get_my_routerinfo now returns const

Conflicts:
	src/or/router.c
2011-03-14 17:22:38 -04:00
Nick Mathewson
b97d9abd09 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-03-14 17:04:53 -04:00
Nick Mathewson
e91a8c5589 Merge remote branch 'origin/maint-0.2.2'
Resolved nontrivial conflict around rewrite_x_address_for_bridge and
learned_bridge_descriptor.  Now, since leanred_bridge_descriptor works
on nodes, we must make sure that rewrite_node_address_for_bridge also
works on nodes.

Conflicts:
	src/or/circuitbuild.c
2011-03-14 16:34:33 -04:00
Nick Mathewson
0588330c1d Merge remote branch 'arma/bug2510' into maint-0.2.2 2011-03-14 16:14:54 -04:00
Nick Mathewson
f1c365b032 Merge remote branch 'origin/maint-0.2.2'
Fix trivial add/add conflict in main.c

Conflicts:
	src/or/main.c
2011-03-14 15:31:24 -04:00
Nick Mathewson
b639add1a0 Merge remote branch 'arma/bug2716' into maint-0.2.2 2011-03-14 15:29:02 -04:00
Robert Ransom
96b929e743 Log malformed HS descriptor requests at the proper level
This log message should be a 'protocol warning', not a 'warning'.
2011-03-14 01:15:36 -07:00
Robert Ransom
c90097e74a Remove dead code from rend_cache_lookup_v2_desc_as_dir
hid_serv_responsible_for_desc_id's return value is never negative, and
there is no need to search through the consensus to find out whether we
are responsible for a descriptor ID before we look in our cache for a
descriptor.
2011-03-14 01:14:05 -07:00
Roger Dingledine
1a9d19e972 we're not reachable if we don't have a routerinfo yet 2011-03-13 15:47:59 -04:00
Robert Ransom
eb50e3d6bf Add changes file for previous commit 2011-03-12 07:30:24 -08:00
Nick Mathewson
d52a99dc77 Merge remote branch 'origin/maint-0.2.2' 2011-03-11 23:34:46 -05:00
Nick Mathewson
3a0c602155 Clarify threat description and avoid negative uptimes. 2011-03-11 23:27:53 -05:00
Roger Dingledine
977e396e86 improve accuracy for when a relay went unreachable 2011-03-11 22:12:15 -05:00
Sebastian Hahn
f7a3cdc8f2 Use observed instead of declared uptime for HSDir
It is important to verify the uptime claim of a relay instead of just
trusting it, otherwise it becomes too easy to blackhole a specific
hidden service. rephist already has data available that we can use here.

Bugfix on 0.2.0.10-alpha.
2011-03-11 18:44:35 +01:00
Nick Mathewson
02d93caa09 Backport: Generate version tags using Git, not (broken) svn revisions.
Partial backport of daa0326aaa .
Resolves bug 2402.  Bugfix on 0.2.1.15 (for the part where we switched to
git) and on 0.2.1.30 (for the part where we dumped micro-revisions.)
2011-03-11 11:01:17 -05:00
Nick Mathewson
671318c3a8 Revert "Simplest fix to bug2402: do not include SVN versions"
This reverts commit a1073ee956.

Apparently, we totally misunderstood how the debian packages were using
microrevisions.  Better fix that!
2011-03-11 10:47:25 -05:00
Nick Mathewson
78d5955e5b oops. I got the bug number wrong. 2011-03-09 16:22:18 -05:00
Nick Mathewson
dc0bb6b709 oops. I got the bug number wrong. 2011-03-09 16:21:34 -05:00
Nick Mathewson
19baca4837 Merge remote branch 'origin/maint-0.2.2' 2011-03-09 16:20:14 -05:00
Andreas Stieger
f31ba6a356 openSUSE initscript create /var/run/tor fixes Ticket #2573
(changes file added by nickm)
2011-03-09 16:18:44 -05:00
Roger Dingledine
e569e6b201 Merge branch 'maint-0.2.2' 2011-03-08 18:16:27 -05:00
Roger Dingledine
6426cd14f3 Merge branch 'maint-0.2.1' into maint-0.2.2 2011-03-08 18:16:06 -05:00
Roger Dingledine
d080fe8db1 move to march 2011 geoip file 2011-03-08 18:15:17 -05:00
Nick Mathewson
63651b9191 Merge remote branch 'origin/maint-0.2.2'
Trivial conflicts fixed in or.h

Conflicts:
	src/or/or.h
2011-03-08 16:20:53 -05:00
Nick Mathewson
00446973f2 Merge remote branch 'sebastian/bug2250' into maint-0.2.2 2011-03-08 16:13:28 -05:00
Nick Mathewson
f9bb3ced51 Merge remote branch 'origin/maint-0.2.2'
Resolved trivial one-line conflicts.

Conflicts:
	src/or/dirserv.c
	src/or/rephist.c
2011-03-08 16:10:40 -05:00
Nick Mathewson
0d78a16c36 Merge remote branch 'sebastian/bug1035' into maint-0.2.2 2011-03-08 15:52:43 -05:00
Nick Mathewson
d5907e7d9d Merge remote branch 'origin/maint-0.2.2' 2011-03-08 15:23:30 -05:00
Nick Mathewson
9ad083d573 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-03-08 15:20:48 -05:00
Nick Mathewson
9a6df21539 Avoid crash in any_pending_bridge_descriptor_fetches
This is based on shitlei's fix for bug2629, with extra parens removed.
Fixes bug 2629, bugfix on 0.2.1.2-alpha.
2011-03-08 15:17:41 -05:00
Nick Mathewson
26009a3ed0 Merge remote branch 'origin/maint-0.2.2' 2011-03-07 17:12:08 -05:00
Nick Mathewson
3bd83b8fb6 Merge remote branch 'sebastian/bug2660' into maint-0.2.2 2011-03-07 17:09:23 -05:00
Nick Mathewson
176e8a0a2a Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	src/or/routerparse.c
2011-03-06 13:46:11 -05:00
Nick Mathewson
35fcec3880 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-03-06 13:42:28 -05:00
Nick Mathewson
4fa70e11ed Merge branch 'real_ipv6_fix' into maint-0.2.1 2011-03-06 13:42:05 -05:00
Nick Mathewson
2ce132e335 Oops, here's the *REAL* fix for the ipv6 issue
We need to _REJECT_ descriptors with accept6/reject6 lines.  If we
let them onto the network , other un-upgraded tors will crash.
2011-03-06 13:41:55 -05:00
Nick Mathewson
0f637492e3 Merge branch 'careful_with_all_descs' into maint-0.2.1 2011-03-06 13:35:42 -05:00
Nick Mathewson
b231026c42 changes file for careful_with_all_descs 2011-03-06 13:35:24 -05:00
Nick Mathewson
07b8b439c4 Merge remote branch 'origin/maint-0.2.2' 2011-03-06 13:23:02 -05:00
Nick Mathewson
ed14888e7e Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2
Conflicts:
	src/or/policies.c
2011-03-06 13:20:21 -05:00
Nick Mathewson
fb421c0005 Changes file for ipv6 parsing issue 2011-03-06 13:15:32 -05:00
Sebastian Hahn
f83debb51d Fix setting target port in get_interface_address6
We want to use the discard port correctly, so a htons() was missing.
Also we need to set it correctly depending on address family.

Review provided by danieldg
2011-03-05 16:58:20 +01:00
Sebastian Hahn
865ea5d263 Fix connect() failures in get_interface_address6()
The third argument for connect should be dependent on the address
family. Issue spotted by piebeer who also wrote the patch.
2011-03-05 16:57:05 +01:00
Robert Ransom
4d21fe2870 Emend changes/tls-hash 2011-03-03 17:54:53 -08:00
Gladys Shufflebottom
49de5431d5 remove tls related hash table code 2011-03-01 18:11:25 -05:00
Sebastian Hahn
5c7c5e593f Tweak the bug2250 fix slightly
Rename the _UsingTestingTorNetwork hidden option to
_UsingTestNetworkDefaults (thanks Nick for the suggestion) and added a
changes file.
2011-03-01 10:05:18 +01:00
Nick Mathewson
42c1a47123 Revert bug1074_launch_authconn* branch: needs more design, less crashing 2011-02-28 12:58:29 -05:00
Nick Mathewson
a47fdaf9a0 Merge branch 'bug1074_launch_conn_on_skew'
Fixed conflict on rename of router_get_by_digest->router_get_by_id_digest

Conflicts:
	src/or/command.c
2011-02-25 12:12:44 -05:00
Nick Mathewson
22810d740c Changes file for altf4's bug1074 stuff 2011-02-25 12:12:02 -05:00
Nick Mathewson
a2a8adeee5 Merge remote branch 'origin/maint-0.2.2' 2011-02-25 11:24:35 -05:00
Nick Mathewson
aa178aae03 Merge branch 'bug1863_bwhist' into maint-0.2.2 2011-02-25 11:22:12 -05:00
Nick Mathewson
9265164180 Merge remote branch 'origin/maint-0.2.2'
There was a conflict from the node_t transition, but it was an easy fix.

Conflicts:
	src/or/circuitbuild.c
2011-02-22 18:41:06 -05:00
Nick Mathewson
16b8b9b00f Merge remote branch 'arma/bug2403' into maint-0.2.2 2011-02-22 18:38:03 -05:00
Roger Dingledine
a2727f6249 prevent same entry and exit for insane edge case 2011-02-22 17:54:25 -05:00
Nick Mathewson
491abbc65e Merge remote branch 'public/bug1859_021' into maint-0.2.1 2011-02-22 17:19:41 -05:00
Nick Mathewson
3d4c2ffa30 Merge remote branch 'origin/maint-0.2.2' 2011-02-22 15:58:50 -05:00
Roger Dingledine
e606f19fa3 changes file for removing torspec from the tarball 2011-02-22 15:58:19 -05:00
Nick Mathewson
7605985b3f Merge remote branch 'public/bug2402_nothing' into maint-0.2.1 2011-02-22 15:54:13 -05:00
Roger Dingledine
372773d681 changes file for removing torspec from the tarball 2011-02-22 14:50:00 -05:00
Nick Mathewson
b7f201f746 Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	src/or/policies.c
	src/or/policies.h
2011-02-22 14:10:42 -05:00
Nick Mathewson
cdc59c198a Don't let bad DNS make exit policy and declared exit policy get out of sync
Patch from "postman" on trac. Fixes bg 2366. Bug on 0.1.2.5-alpha.
2011-02-22 14:06:28 -05:00
Nick Mathewson
46b07462ae Merge remote branch 'origin/maint-0.2.2' 2011-02-22 13:02:42 -05:00
Nick Mathewson
9d5873cdae Merge branch 'log_domains' into maint-0.2.2 2011-02-22 13:01:02 -05:00
Nick Mathewson
933ffd536d Merge remote branch 'origin/maint-0.2.2' 2011-02-22 12:47:47 -05:00
Nick Mathewson
613073e449 Merge remote branch 'sebastian/bug2504' into maint-0.2.2 2011-02-22 12:47:21 -05:00
Nick Mathewson
ce4f879101 Add a changes file for the heartbeat code 2011-02-22 12:41:22 -05:00
Nick Mathewson
0ba69714b4 Merge remote branch 'sebastian/bug2444' 2011-02-22 11:10:57 -05:00
Nick Mathewson
d120ee1c63 Merge remote branch 'origin/maint-0.2.2' 2011-02-22 01:03:06 -05:00
Nick Mathewson
e9fb50c797 Remove changes files that predate current origin/release-0.2.2 2011-02-21 14:22:12 -05:00
Robert Ransom
444a955e4a Don't crash a bridge authority on SIGHUP if it's not in the consensus
Fixes bug 2572.
2011-02-16 04:12:37 -08:00
Sebastian Hahn
5dbaf9dbd5 Windows has EACCES, not EACCESS
Once again spotted by mobmix

Also add a changes file for the fix
2011-02-11 17:02:26 +01:00
Roger Dingledine
1c5b19a31a Merge branch 'maint-0.2.2' 2011-02-11 01:21:04 -05:00
Roger Dingledine
9b745cdbf9 Merge branch 'maint-0.2.1' into maint-0.2.2 2011-02-11 01:20:47 -05:00
Roger Dingledine
28de4d83fd fix the other half of bug 1074 2011-02-10 17:11:06 -05:00
Nick Mathewson
50c259d763 Make the DH parameter we use for TLS match the one from Apache's mod_ssl
Our regular DH parameters that we use for circuit and rendezvous
crypto are unchanged.  This is yet another small step on the path of
protocol fingerprinting resistance.

(Backport from 0.2.2's 5ed73e3807)
2011-02-10 15:55:06 -05:00
Nick Mathewson
f1a004797e Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	doc/tor.1.txt
2011-02-10 15:52:04 -05:00
Robert Ransom
449d895f06 Merge branch 'bug2408-v2-021-common' into bug2408-v2-022 2011-02-09 03:05:21 -08:00
Robert Ransom
7bf06d4a4f Ignore and warn about "PublishServerDescriptor hidserv"
Fixes #2408.
2011-02-09 02:33:24 -08:00
Nick Mathewson
cc9809c1f7 Merge remote branch 'origin/maint-0.2.2' 2011-02-08 14:37:31 -05:00
Nick Mathewson
d43470ad8a Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-02-08 14:37:02 -05:00
Roger Dingledine
7d2a91f5e5 support multihomed bridges (bug 2510) 2011-02-08 09:10:14 -05:00
Roger Dingledine
9a1a96ba09 don't use old non-configured bridges (bug 2511) 2011-02-08 08:08:47 -05:00
Roger Dingledine
20b75989ac dtrt when only relaybandwidthburst is set
fixes bug 2470
2011-02-07 23:21:33 -05:00
Roger Dingledine
4b6b398cff Merge branch 'maint-0.2.2' 2011-02-07 22:21:01 -05:00
Roger Dingledine
54ccc80a4a Merge branch 'maint-0.2.1' into maint-0.2.2 2011-02-07 22:20:35 -05:00
Karsten Loesing
9c2cb6fc89 Update to the February 1 2011 Maxmind GeoLite Country database. 2011-02-07 22:19:37 -05:00
Sebastian Hahn
9b64227ffd Routers count as down when they change ORPort, too
rransom noticed that a change of ORPort is just as bad as a change of IP
address from a client's perspective, because both mean that the relay is
not available to them while the new information hasn't propagated.
Change the bug1035 fix accordingly.

Also make sure we don't log a bridge's IP address (which might happen
when we are the bridge authority).
2011-02-08 00:38:48 +01:00
Nick Mathewson
ff5810aea9 Merge remote branch 'origin/maint-0.2.2' 2011-02-07 12:47:04 -05:00
Nick Mathewson
98cef0ac1e Merge branch 'bug2279' into maint-0.2.2 2011-02-07 12:43:54 -05:00
Nick Mathewson
69f7c0385b Merge remote branch 'origin/maint-0.2.2' for bug2203_rebased
There was a merge conflict in routerlist.c due to the new node_t logic.

Conflicts:
	src/or/routerlist.c
2011-02-04 12:26:59 -05:00
Nick Mathewson
e9803aa710 Merge branch 'bug2203_rebased' into maint-0.2.2 2011-02-04 12:22:18 -05:00
Nick Mathewson
a6c811313a Merge remote branch 'origin/maint-0.2.2' 2011-02-03 14:21:14 -05:00
Nick Mathewson
f9e251ccf8 changes file for ASLR/DEP build on windows 2011-02-03 14:20:08 -05:00
Nick Mathewson
e94ee583d6 Merge remote branch 'sebastian/bug2450' into maint-0.2.2 2011-02-03 13:59:58 -05:00
Nick Mathewson
912b76a1bf Merge remote branch 'origin/maint-0.2.2' 2011-02-03 13:56:37 -05:00
Nick Mathewson
2fa9ddb958 Merge remote branch 'public/bug2378' into maint-0.2.2 2011-02-03 13:54:28 -05:00
Sebastian Hahn
f2bb7b17d7 Remove country codes from EntryNodes manpage entry 2011-01-28 14:19:28 +01:00
Sebastian Hahn
490d397dbf Log which config file we read
It is often not entirely clear what options Tor was built with, so it
might not be immediately obvious which config file Tor is using when it
found one. Log the config file at startup.
2011-01-27 15:31:34 +01:00
Nick Mathewson
0337fc7b06 Merge remote branch 'origin/maint-0.2.2' 2011-01-26 11:49:41 -05:00
Nick Mathewson
e6da9a98e9 Merge branch 'bug2181' into maint-0.2.2 2011-01-26 11:46:13 -05:00
Nick Mathewson
d92a415bed Add an option to disable the block-private-addresses feature
Suggested by rransom.  Probably necessary for testing network mode.
2011-01-26 11:35:24 -05:00
Nick Mathewson
a880429a76 Merge remote branch 'origin/maint-0.2.2' 2011-01-26 11:08:02 -05:00
Nick Mathewson
ba3b03def0 Merge branch 'bug2409' into maint-0.2.2 2011-01-26 11:06:59 -05:00
Nick Mathewson
411ec3c0f8 Add client code to detect attempts to connect to 127.0.0.1 etc
We detect and reject said attempts if there is no chosen exit node or
circuit: connecting to a private addr via a randomly chosen exit node
will usually fail (if all exits reject private addresses), is always
ill-defined (you're not asking for any particular host or service),
and usually an error (you've configured all requests to go over Tor
when you really wanted to configure all _remote_ requests to go over
Tor).

This can also help detect forwarding loop requests.

Found as part of bug2279.
2011-01-25 20:39:44 -05:00
Nick Mathewson
85da676108 Fix double-mark bug when failing to init transparent connection
Fixes part of bug 2279.  Bugfix on 0.1.2.1-alpha.
2011-01-25 19:07:03 -05:00
Nick Mathewson
5ce8182bdb Log more about soft-hibernation 2011-01-25 18:45:13 -05:00
Nick Mathewson
e80bdfb4a0 Correctly detect BIO_new failures
This bug was noticed by cypherpunks; fixes bug 2378.

Bugfix on svn commit r110.
2011-01-25 18:26:49 -05:00
Nick Mathewson
bfde636aad Always treat failure to allocate an RSA key as an unrecoverable allocation error 2011-01-25 18:19:09 -05:00
Mike Perry
3ede94159e Add changelog entry for bug2203. 2011-01-25 17:49:02 -05:00
Nick Mathewson
a38274b1ce Merge remote branch 'origin/maint-0.2.2' 2011-01-25 17:40:41 -05:00
Nick Mathewson
3d1057c712 Add changes file for bug2004 2011-01-25 17:37:37 -05:00
Nick Mathewson
71862ed763 Fix bug in verifying directory signatures with short digests
If we got a signed digest that was shorter than the required digest
length, but longer than 20 bytes, we would accept it as long
enough.... and then immediately fail when we want to check it.

Fixes bug 2409; bug in 0.2.2.20-alpha; found by piebeer.
2011-01-25 17:15:22 -05:00
Nick Mathewson
991b50c5a3 Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	src/or/geoip.c
2011-01-25 15:58:01 -05:00
Sebastian Hahn
7a446e6754 Tell which geoip file we're parsing 2011-01-25 15:54:51 -05:00
Nick Mathewson
89ee779f92 Add a torrc option to report log domains 2011-01-25 15:53:15 -05:00
Nick Mathewson
e261a1a3e6 Simplify syntax for negated log domains
Previously if you wanted to say "All messages except network
messages", you needed to say "[*,~net]" and if you said "[~net]" by
mistake, you would get no messages at all.  Now, if you say "[~net]",
you get everything except networking messages.
2011-01-25 15:03:36 -05:00
Nick Mathewson
23f8bedddb Add manpage entry for logging domains
Fixes issue 2215.
2011-01-25 15:02:36 -05:00
Nick Mathewson
36880b3f17 Merge remote branch 'origin/maint-0.2.2' 2011-01-25 14:30:01 -05:00
Sebastian Hahn
68f8ca357f Fix assert for relay/bridge state change
When we added support for separate client tls certs on bridges in
a2bb0bfdd5 we forgot to correctly initialize this when changing
from relay to bridge or vice versa while Tor is running. Fix that
by always initializing keys when the state changes.

Fixes bug 2433.
2011-01-25 14:13:06 -05:00
Nick Mathewson
a1073ee956 Simplest fix to bug2402: do not include SVN versions
When we stopped using svn, 0.2.1.x lost the ability to notice its svn
revision and report it in the version number.  However, it kept
looking at the micro-revision.i file... so if you switched to master,
built tor, then switched to 0.2.1.x, you'd get a micro-revision.i file
from master reported as an SVN tag.  This patch takes out the "include
the svn tag" logic entirely.

Bugfix on 0.2.1.15-rc; fixes bug 2402.
2011-01-25 14:08:13 -05:00
Nick Mathewson
aaa5737a2e Merge remote branch 'origin/maint-0.2.2' 2011-01-24 17:51:52 -05:00
Nick Mathewson
5ed73e3807 Make the DH parameter we use for TLS match the one from Apache's mod_ssl
Our regular DH parameters that we use for circuit and rendezvous
crypto are unchanged.  This is yet another small step on the path of
protocol fingerprinting resistance.
2011-01-24 16:50:11 -05:00
Nick Mathewson
c496229b0a Merge remote branch 'origin/maint-0.2.2' 2011-01-20 15:00:42 -05:00
Nick Mathewson
13e9a2b19d Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-01-20 15:00:24 -05:00
Nick Mathewson
1471e57743 Merge remote branch 'rransom/policy_summarize-assert' into maint-0.2.1 2011-01-20 14:59:23 -05:00
Robert Ransom
43414eb988 Fix bounds-checking in policy_summarize
Found by piebeer.
2011-01-20 11:17:57 -08:00
Nick Mathewson
f6a25a995e Merge remote branch 'origin/maint-0.2.2' 2011-01-19 13:26:23 -05:00
Nick Mathewson
a793f1f6f2 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-01-19 13:25:38 -05:00
Nick Mathewson
971e83ef9c Fix two more SIZE_T_CEILING issues
This patch imposes (very long) limits on the length of a line in a
directory document, and on the length of a certificate.  I don't
think it should actually be possible to overrun these remotely,
since we already impose a maximum size on any directory object we're
downloading, but a little defensive programming never hurt anybody.

Roger emailed me that doorss reported these on IRC, but nobody seems
to have put them on the bugtracker.
2011-01-19 13:22:50 -05:00
Roger Dingledine
4ff97e3775 Merge branch 'maint-0.2.2' 2011-01-15 22:39:15 -05:00
Roger Dingledine
7699014e1e Merge commit 'sebastian/bug2317' into maint-0.2.2 2011-01-15 21:54:49 -05:00
Nick Mathewson
07888ed8e4 Merge remote branch 'origin/maint-0.2.2' 2011-01-15 14:17:59 -05:00
Nick Mathewson
a7790d48af Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-01-15 14:15:19 -05:00
Nick Mathewson
ef6fa07e48 Fix a couple of non-cleared key issues in hidden services
we need to do more hunting, but this fixes the ones mentioned in 2385.
2011-01-15 14:10:54 -05:00
Nick Mathewson
9b09627edd Zero out some more key data before freeing it
Found by cypherpunks; fixes bug 2384.
2011-01-15 14:10:52 -05:00
Sebastian Hahn
026e7987ad Sanity-check consensus param values
We need to make sure that the worst thing that a weird consensus param
can do to us is to break our Tor (and only if the other Tors are
reliably broken in the same way) so that the majority of directory
authorities can't pull any attacks that are worse than the DoS that
they can trigger by simply shutting down.

One of these worse things was the cbtnummodes parameter, which could
lead to heap corruption on some systems if the value was sufficiently
large.

This commit fixes this particular issue and also introduces sanity
checking for all consensus parameters.
2011-01-15 19:42:17 +01:00
Nick Mathewson
1758ef51de Merge remote branch 'origin/maint-0.2.2' 2011-01-15 13:26:02 -05:00
Nick Mathewson
1393985768 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2
Conflicts:
	src/or/routerparse.c
	src/or/test.c
2011-01-15 13:25:13 -05:00
Nick Mathewson
b97b0efec8 Merge branch 'bug2352_obsize' into maint-0.2.1 2011-01-15 13:15:06 -05:00
Nick Mathewson
f550c96ade Merge remote branch 'origin/maint-0.2.2' 2011-01-15 12:16:18 -05:00
Nick Mathewson
cff4cfef4f Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-01-15 12:13:50 -05:00
Nick Mathewson
8f11642ceb Merge branch 'bug2324_uncompress' into maint-0.2.1 2011-01-15 12:12:34 -05:00
Nick Mathewson
1b8f2ef550 Merge remote branch 'origin/maint-0.2.2' 2011-01-15 12:03:44 -05:00
Nick Mathewson
ed87738ede Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2
Conflicts:
	src/or/config.c
	src/or/networkstatus.c
	src/or/rendcommon.c
	src/or/routerparse.c
	src/or/test.c
2011-01-15 12:02:55 -05:00
Nick Mathewson
50b06a2b76 make the description of tolen_asserts more dire
We have a CVE # for this bug.
2011-01-15 11:49:26 -05:00
Nick Mathewson
115782bdbe Fix a heap overflow found by debuger, and make it harder to make that mistake again
Our public key functions assumed that they were always writing into a
large enough buffer.  In one case, they weren't.

(Incorporates fixes from sebastian)
2011-01-15 11:49:25 -05:00
Nick Mathewson
a16902b9d4 Always nul-terminate the result passed to evdns_server_add_ptr_reply
In dnsserv_resolved(), we carefully made a nul-terminated copy of the
answer in a PTR RESOLVED cell... then never used that nul-terminated
copy.  Ouch.

Surprisingly this one isn't as huge a security problem as it could be.
The only place where the input to dnsserv_resolved wasn't necessarily
nul-terminated was when it was called indirectly from relay.c with the
contents of a relay cell's payload.  If the end of the payload was
filled with junk, eventdns.c would take the strdup() of the name [This
part is bad; we might crash there if the cell is in a bad part of the
stack or the heap] and get a name of at least length
495[*]. eventdns.c then rejects any name of length over 255, so the
bogus data would be neither transmitted nor altered.

  [*] If the name was less than 495 bytes long, the client wouldn't
     actually be reading off the end of the cell.

Nonetheless this is a reasonably annoying bug.  Better fix it.

Found while looking at bug 2332, reported by doorss.  Bugfix on
0.2.0.1-alpha.
2011-01-15 11:49:25 -05:00
Nick Mathewson
468da1c28a Merge remote branch 'origin/maint-0.2.2' 2011-01-12 14:00:56 -05:00
Nick Mathewson
43e12a7988 Merge remote branch 'public/bug2363' into maint-0.2.2 2011-01-12 14:00:20 -05:00
Nick Mathewson
a84c6e86fe Merge remote branch 'origin/maint-0.2.2' 2011-01-12 13:05:19 -05:00
Nick Mathewson
a2c41aa3e8 Merge remote branch 'sebastian/bug2337' into maint-0.2.2 2011-01-12 12:55:09 -05:00
Nick Mathewson
3dbfc6a734 Merge remote branch 'origin/maint-0.2.2' 2011-01-12 12:43:30 -05:00
Nick Mathewson
1e37d8678a Merge branch 'bug2331' into maint-0.2.2 2011-01-12 12:42:40 -05:00
Nick Mathewson
f4756051fe add a missing "not" in bug2331 changelog 2011-01-12 12:42:21 -05:00