Commit Graph

2358 Commits

Author SHA1 Message Date
Roger Dingledine
7f3f88bed3 New config option "CircuitStreamTimeout"
New config option "CircuitStreamTimeout" to override our internal
timeout schedule for how many seconds until we detach a stream from
a circuit and try a new circuit. If your network is particularly
slow, you might want to set this to a number like 60.
2009-11-21 23:36:36 -05:00
Roger Dingledine
fdd58f3bd5 If somebody tries to overflow my dirport, don't log his IP by default.
aka Fix an instance where a Tor directory mirror might accidentally
log the IP address of a misbehaving Tor client. Bugfix on
0.1.0.1-rc.
2009-11-21 23:09:24 -05:00
Roger Dingledine
4f8b36a1e2 clobber connections with different number than we clobber circuits 2009-11-21 23:02:10 -05:00
Roger Dingledine
01a9cc0413 bump to 0.2.2.6-alpha-dev 2009-11-21 22:57:05 -05:00
Nick Mathewson
444eff6286 Fix compilation on OSX 10.3.
On this OSX version, there is a stub mlockall() function
that doesn't work, *and* the declaration for it is hidden by
an '#ifdef _P1003_1B_VISIBLE'.  This would make autoconf
successfully find the function, but our code fail to build
when no declaration was found.

This patch adds an additional test for the declaration.
2009-11-20 13:28:16 -05:00
Roger Dingledine
1ee580407c bump to 0.2.2.6-alpha 2009-11-19 14:16:11 -05:00
Roger Dingledine
55cd2fa310 Merge commit 'origin/maint-0.2.1'
Conflicts:

	debian/changelog
2009-11-17 15:39:46 -05:00
Roger Dingledine
0656c12b07 add the 0.2.1.20 changelog blurb, plus update the releasenotes 2009-11-17 15:35:14 -05:00
Roger Dingledine
2bcb90a308 clean up changelog for the 0.2.2.6-alpha release 2009-11-17 07:02:17 -05:00
Roger Dingledine
22f674fcb8 Fix a memory leak on directory authorities during voting
Fix a memory leak on directory authorities during voting that was
introduced in 0.2.2.1-alpha. Found via valgrind.
2009-11-12 01:31:26 -05:00
Nick Mathewson
2db0256372 Add changelog entry to 0.2.2.x about openssl 0.9.8l fix 2009-11-06 15:25:41 -05:00
Nick Mathewson
0a58567ce3 Merge commit 'origin/maint-0.2.1'
Conflicts:
	src/common/tortls.c
2009-11-06 15:24:52 -05:00
Nick Mathewson
ce0a89e262 Make Tor work with OpenSSL 0.9.8l
To fix a major security problem related to incorrect use of
SSL/TLS renegotiation, OpenSSL has turned off renegotiation by
default.  We are not affected by this security problem, however,
since we do renegotiation right.  (Specifically, we never treat a
renegotiated credential as authenticating previous communication.)
Nevertheless, OpenSSL's new behavior requires us to explicitly
turn renegotiation back on in order to get our protocol working
again.

Amusingly, this is not so simple as "set the flag when you create
the SSL object" , since calling connect or accept seems to clear
the flags.

For belt-and-suspenders purposes, we clear the flag once the Tor
handshake is done.  There's no way to exploit a second handshake
either, but we might as well not allow it.
2009-11-05 18:13:08 -05:00
Jacob Appelbaum
2aac39a779 Implement DisableAllSwap to avoid putting secret info in page files.
This commit implements a new config option: 'DisableAllSwap'
This option probably only works properly when Tor is started as root.
We added two new functions: tor_mlockall() and tor_set_max_memlock().
tor_mlockall() attempts to mlock() all current and all future memory pages.
For tor_mlockall() to work properly we set the process rlimits for memory to
RLIM_INFINITY (and beyond) inside of tor_set_max_memlock().
We behave differently from mlockall() by only allowing tor_mlockall() to be
called one single time. All other calls will result in a return code of 1.
It is not possible to change DisableAllSwap while running.
A sample configuration item was added to the torrc.complete.in config file.
A new item in the man page for DisableAllSwap was added.
Thanks to Moxie Marlinspike and Chris Palmer for their feedback on this patch.

Please note that we make no guarantees about the quality of your OS and its
mlock/mlockall implementation. It is possible that this will do nothing at all.
It is also possible that you can ulimit the mlock properties of a given user
such that root is not required. This has not been extensively tested and is
unsupported. I have included some comments for possible ways we can handle
this on win32.
2009-10-27 04:28:40 -04:00
Karsten Loesing
56c2385157 Fix bug 1113.
Bridges do not use the default exit policy, but reject *:* by default.
2009-10-27 01:03:41 -07:00
Karsten Loesing
19ddee5582 Fix bug 1042.
If your relay can't keep up with the number of incoming create cells, it
would log one warning per failure into your logs. Limit warnings to 1 per
minute.
2009-10-26 22:49:43 -07:00
Roger Dingledine
ad525685f6 Merge commit 'karsten/fix-1066-3' 2009-10-26 22:45:12 -04:00
Nick Mathewson
698aaeb178 Note coverity fixes in changelog. 2009-10-26 22:40:41 -04:00
Nick Mathewson
8519d36633 Merge commit 'origin/maint-0.2.1' 2009-10-26 22:40:24 -04:00
Nick Mathewson
e50e739556 Add changelog to describe coverity fixes for 0.2.1.21 2009-10-26 22:39:42 -04:00
Karsten Loesing
4256a96461 Fix bug 1066.
If all authorities restart at once right before a consensus vote, nobody
will vote about "Running", and clients will get a consensus with no usable
relays. Instead, authorities refuse to build a consensus if this happens.
2009-10-26 19:27:54 -07:00
Nick Mathewson
071521e02f Merge commit 'origin/maint-0.2.1'
Conflicts:
	ChangeLog
2009-10-26 20:15:03 -04:00
Nick Mathewson
56048637a5 Only send the if_modified_since header for a v3 consensus.
Spotted by xmux; bugfix on 0.2.0.10-alpha.
(Bug introduced by 20b10859)
2009-10-26 20:14:11 -04:00
Roger Dingledine
e0b2c84cde add a changelog entry to karsten's fix for bug 1114 2009-10-26 03:16:47 -04:00
Nick Mathewson
d40a814f4f Changelog for microdescriptor branch. 2009-10-19 00:39:20 -04:00
Nick Mathewson
5ef97ddd42 Merge commit 'origin/maint-0.2.1'
Conflicts:
	ChangeLog
	configure.in
	contrib/tor-mingw.nsi.in
	src/or/config.c
	src/win32/orconfig.h
2009-10-15 12:33:22 -04:00
Roger Dingledine
16dc543851 bump to 0.2.1.20 2009-10-15 12:14:18 -04:00
Roger Dingledine
2bee297d57 Move moria1 and Tonga to alternate IP addresses. 2009-10-15 12:14:18 -04:00
Roger Dingledine
2394336426 read the "circwindow" parameter from the consensus
backport of c43859c5c1
backport of 0d13e0ed14
2009-10-14 17:07:32 -04:00
Roger Dingledine
0a9356c4b1 add blurbs for recent dev releases 2009-10-14 15:49:26 -04:00
Nick Mathewson
81eee0ecff Fix a crash when using evdns from Libevent 2.
When we tried to use the deprecated non-threadsafe evdns
interfaces in Libevent 2 without using the also-deprecated
event_init() interface, Libevent 2 would sensibly crash, since it
has no guess where to find the Libevent library.

Here we use the evdns_base_*() functions instead if they're
present, and fake them if they aren't.
2009-10-13 17:54:04 -04:00
Roger Dingledine
27db678985 move nickm's commit to the correct release 2009-10-12 15:01:10 -04:00
Nick Mathewson
6f95435f28 Move android changelog entry to now-correct Tor version. 2009-10-11 23:31:54 -04:00
Nick Mathewson
da990d09c3 Merge commit 'public/android' 2009-10-11 23:30:19 -04:00
Roger Dingledine
6265b9f09d Move dizum to an alternate IP address. 2009-10-11 14:59:14 -04:00
Roger Dingledine
a9e0e2f819 bump to 0.2.2.4-alpha 2009-10-10 17:29:44 -04:00
Nick Mathewson
5a6575c2d4 Don't set unreachable from dirvote unless we've been running a while.
This is a possible fix for bug 1023, where if we vote (or make a v2
consensus networkstatus) right after we come online, we can call
rep_hist_note_router_unreachable() on every router we haven't connected
to yet, and thereby make all their uptime values reset.
2009-10-10 15:23:00 -04:00
Roger Dingledine
746a19e84d remove some dead code. some of it was tickling coverity. 2009-10-10 13:39:41 -04:00
Roger Dingledine
047fdd4104 add blurbs for recent alpha releases 2009-10-10 13:33:17 -04:00
Roger Dingledine
0c70390dd7 amend changelog for recent commits, plus clean up 2009-10-07 16:18:18 -04:00
Roger Dingledine
9325b9269c Ignore one-hop circuits for circuit timeout calc
Don't count one-hop circuits when we're estimating how long it
takes circuits to build on average. Otherwise we'll set our circuit
build timeout lower than we should. Bugfix on 0.2.2.2-alpha.
2009-10-01 04:15:45 -04:00
Roger Dingledine
b9e8f0a013 Move Tonga to an alternate IP address 2009-09-30 22:35:05 -04:00
Roger Dingledine
69ecc127e9 Move moria1 to a nearby IP address 2009-09-30 18:46:55 -04:00
Roger Dingledine
53a7636a05 Dir auths reject relays running < Tor 0.1.2.14
Directory authorities now reject Tor relays with versions less than
0.1.2.14. This step cuts out four relays from the current network,
none of which are very big.
2009-09-30 18:34:21 -04:00
Mike Perry
f7e6e852e8 Fix 1108: Handle corrupt or large build times state.
1108 was actually just a fencepost error in an assert,
but making the state file handling code resilient is a
good idea.
2009-09-29 14:07:04 -04:00
Nick Mathewson
1707b338ee Add changelog entry for Android work. 2009-09-29 01:01:28 -04:00
Sebastian Hahn
6a68b50597 Make sure we can't overflow in connection_ap_handshake_send_resolve
Found by Coverity
2009-09-27 12:02:02 -04:00
Sebastian Hahn
7f1f6984da Fix memory leak
Some memory could be lost in the error case of
circuit_build_times_parse_state.

Found by Coverity
2009-09-27 12:00:02 -04:00
Roger Dingledine
891b3d8633 Merge branch 'master' of ssh://git.torproject.org/git/tor 2009-09-24 19:17:46 -04:00
Roger Dingledine
cbbd6f9263 Revert to the "June 3 2009" ip-to-country file.
The September one seems to have removed most US IP addresses.
2009-09-24 19:15:24 -04:00
Roger Dingledine
180a4b6a74 Merge commit 'karsten/stats-fixes-master' 2009-09-24 18:54:01 -04:00
Karsten Loesing
457bebe01a Fix a couple of smaller issues with gathering statistics.
- Avoid memmoving 0 bytes which might lead to compiler warnings.

- Don't require relays to be entry node AND bridge at the same to time to
  record clients.

- Fix a memory leak when writing dirreq-stats.

- Don't say in the stats files that measurement intervals are twice as long
  as they really are.

- Reduce minimum observation time for requests to 12 hours, or we might
  never record usage.

- Clear exit stats correctly after writing them, or we accumulate old stats
  over time.

- Reset interval start for buffer stats, too.
2009-09-24 21:58:56 +02:00
Nick Mathewson
b8b2935367 Debugging logs for TLS handshake
The big change is to add a function to display the current SSL handshake
state, and to log it everywhere reasonable.  (A failure in
SSL23_ST_CR_SRVR_HELLO_A is different from one in
SSL3_ST_CR_SESSION_TICKET_A.)

This patch also adds a new log domain for OR handshaking, so you can pull out
all the handshake log messages without having to run at debug for everything.
For example, you'd just say "log notice-err [handshake]debug-err file
tor.log".
2009-09-24 12:31:22 -04:00
Nick Mathewson
2d906e6554 Changelog for unit test refactoring. 2009-09-23 00:49:49 -04:00
Roger Dingledine
0f3417d1db finishing touches on the changelog 2009-09-23 00:13:57 -04:00
Roger Dingledine
8e3af72ed0 bump to 0.2.2.3-alpha, plus add a changelog for bug 1103 2009-09-22 22:15:56 -04:00
Roger Dingledine
0d13e0ed14 Be more robust to bad circwindow values
If the networkstatus consensus tells us that we should use a
negative circuit package window, ignore it. Otherwise we'll
believe it and then trigger an assert.

Also, change the interface for networkstatus_get_param() so we
don't have to lookup the consensus beforehand.
2009-09-22 22:09:33 -04:00
Nick Mathewson
52b75c9a55 Bump version to 0.2.2.2-alpha-dev 2009-09-21 15:51:08 -04:00
Roger Dingledine
3ddd7212e6 Update to the "September 4 2009" ip-to-country file. 2009-09-21 01:44:59 -04:00
Roger Dingledine
5488cda19a bump to 0.2.2.2-alpha 2009-09-21 01:31:39 -04:00
Roger Dingledine
fa63d47f83 Merge branch 'maint-0.2.1' 2009-09-20 23:53:03 -04:00
Roger Dingledine
95008db08d Revert "Teach connection_ap_can_use_exit about Exclude*Nodes"
This reverts commit dc3229313b.

We're going to do this more thoroughly in 0.2.2.x, and not in
maint-0.2.1.
2009-09-20 23:50:48 -04:00
Roger Dingledine
ed62b031d3 fix grammar / add changelog for the torify commit 2009-09-20 23:24:46 -04:00
Roger Dingledine
27fd750d7c draw in a lot of 0.2.1.20 changelog items into 0.2.2.2-alpha 2009-09-17 22:44:11 -04:00
Roger Dingledine
ee89061ef2 give proposal 151 a changelog and other touchups 2009-09-17 01:42:33 -04:00
Nick Mathewson
4b10ba484b Merge commit 'origin/maint-0.2.1' 2009-09-17 00:42:41 -04:00
Nick Mathewson
9c38941195 Work around a memory leak in openssl 0.9.8g (and maybe others) 2009-09-17 00:01:20 -04:00
Nick Mathewson
cb78602379 Merge commit 'origin/maint-0.2.1'
[Do not take conflicting change to rendclient.c]
2009-09-16 23:37:27 -04:00
Nick Mathewson
b3991ea7d1 Merge commit 'karsten/fix-1073' into maint-0.2.1 2009-09-16 23:36:01 -04:00
Roger Dingledine
926ca5befd Merge branch 'maint-0.2.1' 2009-09-16 21:28:49 -04:00
Roger Dingledine
9eb5edc093 Merge commit 'sebastian/specconformance' 2009-09-16 20:37:43 -04:00
Sebastian Hahn
dc3229313b Teach connection_ap_can_use_exit about Exclude*Nodes
To further attempt to fix bug 1090, make sure connection_ap_can_use_exit
always returns 0 when the chosen exit router is excluded. This should fix
bug1090.
2009-09-16 02:29:57 +02:00
Nick Mathewson
ed7283d283 Merge commit 'origin/maint-0.2.1'
Resolved conflicts in:
	src/or/circuitbuild.c
2009-09-15 19:37:26 -04:00
Nick Mathewson
24c740e5fd Merge commit 'sebastian/memleak' into maint-0.2.1 2009-09-15 19:35:16 -04:00
Sebastian Hahn
113ba0e727 make some bug 1090 warnings go away
When we excluded some Exits, we were sometimes warning the user that we
were going to use the node regardless. Many of those warnings were in
fact bogus, because the relay in question was not used to connect to
the outside world.

Based on patch by Rotor, thanks!
2009-09-16 01:17:51 +02:00
Nick Mathewson
f9226ae030 Merge commit 'origin/maint-0.2.1' 2009-09-15 12:53:44 -04:00
Roger Dingledine
c43859c5c1 Read "circwindow=x" from the consensus and use it
Tor now reads the "circwindow" parameter out of the consensus,
and uses that value for its circuit package window rather than the
default of 1000 cells. Begins the implementation of proposal 168.
2009-09-15 06:33:33 -04:00
Nick Mathewson
381766ce4b Implement proposal 167: Authorities vote on network parameters.
This code adds a new field to vote on: "params".  It consists of a list of
sorted key=int pairs.  The output is computed as the median of all the
integers for any key on which anybody voted.

Improved with input from Roger.
2009-09-14 23:21:53 -04:00
Sebastian Hahn
b792afa919 Fix a memory leak when parsing a ns
Adding the same vote to a networkstatus consensus leads to a memory leak
on the client side. Fix that by only using the first vote from any given
voter, and ignoring the others.

Problem found by Rotor, who also helped writing the patch. Thanks!
2009-09-14 22:25:08 +02:00
Sebastian Hahn
c1a6fb42ac Fix a spec conformance issue when parsing a ns vote
A vote may only contain exactly one signature. Make sure we reject
votes that violate this.

Problem found by Rotor, who also helped writing the patch. Thanks!
2009-09-14 22:06:21 +02:00
Roger Dingledine
fcacf22491 Fix obscure 64-bit big-endian hidserv bug
Fix an obscure bug where hidden services on 64-bit big-endian
systems might mis-read the timestamp in v3 introduce cells, and
refuse to connect back to the client. Discovered by "rotor".
Bugfix on 0.2.1.6-alpha.
2009-09-02 20:36:11 -04:00
Roger Dingledine
5fe8d384df spelling, indenting, punctuating 2009-09-01 23:17:21 -04:00
Roger Dingledine
c65a855767 move the packaging change list to 0.2.2.1-alpha 2009-09-01 22:51:46 -04:00
Roger Dingledine
8db3daa0c8 Merge branch 'maint-0.2.1' 2009-09-01 22:49:37 -04:00
Roger Dingledine
3db36d86c4 turns out the packaging changes aren't in 0.2.1.20 2009-09-01 22:46:41 -04:00
Nick Mathewson
a95947b0d7 Merge commit 'origin/maint-0.2.1' 2009-09-01 16:07:40 -04:00
Andrew Lewman
5657e803f8 update changelog with bundle details 2009-09-01 22:04:10 +02:00
Nick Mathewson
1cda6f3e75 Merge commit 'origin/maint-0.2.1' 2009-09-01 15:59:40 -04:00
Nick Mathewson
cdc8ea2976 Merge commit 'public/bug1076' 2009-09-01 02:01:49 -04:00
Roger Dingledine
075c004095 Add getinfo accepted-server-descriptor. Clean spec.
Add a "getinfo status/accepted-server-descriptor" controller
command, which is the recommended way for controllers to learn
whether our server descriptor has been successfully received by at
least on directory authority. Un-recommend good-server-descriptor
getinfo and status events until we have a better design for them.
2009-08-31 18:37:25 -04:00
Roger Dingledine
a225469ded Merge branch 'maint-0.2.1' 2009-08-31 16:26:01 -04:00
Roger Dingledine
4c297f74f7 Only send reachability status events on overall success/failure
We were telling the controller about CHECKING_REACHABILITY and
REACHABILITY_FAILED status events whenever we launch a testing
circuit or notice that one has failed. Instead, only tell the
controller when we want to inform the user of overall success or
overall failure. Bugfix on 0.1.2.6-alpha. Fixes bug 1075. Reported
by SwissTorExit.
2009-08-31 16:14:41 -04:00
Nick Mathewson
00b37f071d Revise parsing of time and memory units to handle spaces.
When we added support for fractional units (like 1.5 MB) I broke
support for giving units with no space (like 2MB).  This patch should
fix that.  It also adds a propoer tor_parse_double().

Fix for bug 1076.  Bugfix on 0.2.2.1-alpha.
2009-08-31 00:18:55 -04:00
Karsten Loesing
dd8f16beb5 Avoid segfault when accessing hidden service. 2009-08-29 19:41:08 +02:00
Roger Dingledine
0bb59f1c38 Merge branch 'maint-0.2.1' 2009-08-28 03:47:18 -04:00
Roger Dingledine
64f393d56f Only send netinfo clock_skew to controller if an authority told us so
We were triggering a CLOCK_SKEW controller status event whenever
we connect via the v2 connection protocol to any relay that has
a wrong clock. Instead, we should only inform the controller when
it's a trusted authority that claims our clock is wrong. Bugfix
on 0.2.0.20-rc; starts to fix bug 1074. Reported by SwissTorExit.
2009-08-28 03:42:09 -04:00
Roger Dingledine
004110b3d1 start changelog for 0.2.2.2-alpha 2009-08-27 22:27:25 -04:00
Roger Dingledine
5d647db4a5 Merge branch 'maint-0.2.1' 2009-08-27 21:56:10 -04:00
Roger Dingledine
d52284559b extremely infinite? who talks like that? 2009-08-27 21:54:41 -04:00
Roger Dingledine
659552a3c6 Merge branch 'maint-0.2.1' 2009-08-27 21:42:58 -04:00
Roger Dingledine
15462f72eb put karsten's changelog in the right place 2009-08-26 20:20:09 -04:00
Karsten Loesing
889c07f1fc When Tor fails to parse a descriptor of any kind, dump it to disk. 2009-08-26 20:15:47 -04:00
Roger Dingledine
b7e8a4631f changelog and spec changes for the .exit fix 2009-08-26 15:43:18 -04:00
Roger Dingledine
127069f3d2 nobody forward-ported the 0.2.0.35 changelog 2009-08-26 14:11:53 -04:00
Roger Dingledine
b47a27b29a clean up the changelog for 0.2.2.1-alpha 2009-08-26 13:58:19 -04:00
Nick Mathewson
1d9b8a1e16 Merge commit 'karsten/proposal-166-impl-master' 2009-08-26 11:36:40 -04:00
Nick Mathewson
c9203749a2 A changelog entry and a bit more documentation for socks-client 2009-08-26 11:34:45 -04:00
Nick Mathewson
daa0326aaa Add the first 8 bytes of the git commit digest to our versions.
Note that unlike subversion revision numbers, it isn't meaningful to
compare these for anything but equality.  We define a sort-order anyway,
in case one of these accidentally slips into a recommended-versions
list.
2009-08-21 12:31:13 -04:00
Roger Dingledine
eb829cc330 Survive unparseable cached cert file 2009-08-20 16:56:21 -04:00
Roger Dingledine
7f518873eb Notice v3 cert parsing failures
If any the v3 certs we download are unparseable, we should actually
notice the failure so we don't retry indefinitely. Bugfix on 0.2.0.x;
reported by "rotator".
2009-08-20 16:50:51 -04:00
Nick Mathewson
9d11827780 Fix a rare infinite-recursion bug when shutting down.
Once we had called log_free_all(), anything that tried to log a
message (like a failed tor_assert()) would fail like this:

   1. The logging call eventually invokes the _log() function.
   2. _log() calls tor_mutex_lock(log_mutex).
   3. tor_mutex_lock(m) calls tor_assert(m).
   4. Since we freed the log_mutex, tor_assert() fails, and tries to
      log its failure.
   5. GOTO 1.

Now we allocate the mutex statically, and never destroy it on
shutdown.

Bugfix on 0.2.0.16-alpha, which introduced the log mutex.

This bug was found by Matt Edman.
2009-08-20 11:55:33 -04:00
Karsten Loesing
75c59d1a92 Some final (?) cleanups of proposal 166 implementation. 2009-08-19 23:36:27 +02:00
Karsten Loesing
52b17b6ad7 Update ChangeLog with changes from proposal 166. 2009-08-19 17:14:35 +02:00
Nick Mathewson
e0dc2e907e Merge commit 'origin/maint-0.2.1' 2009-08-12 22:02:07 -04:00
Karsten Loesing
a98643c1b5 Fix possible segmentation fault on directory authorities.
The more verbose logs that were added in ee58153 also include a string
that might not have been initialized. This can lead to segfaults, e.g.,
when setting up private Tor networks. Initialize this string with NULL.
2009-08-11 17:33:58 +02:00
Roger Dingledine
afc9da7287 Merge branch 'maint-0.2.1' 2009-08-10 04:17:32 -04:00
Roger Dingledine
e50b7768b9 Send sendmes when we're down 100 cells, not 101.
Send circuit or stream sendme cells when our window has decreased
by 100 cells, not when it has decreased by 101 cells. Bug uncovered
by Karsten when testing the "reduce circuit window" performance
patch. Bugfix on the 54th commit on Tor -- from July 2002,
before the release of Tor 0.0.0. This is the new winner of the
oldest-bug prize.
2009-08-10 04:13:18 -04:00
Roger Dingledine
5f0fb9a109 Merge branch 'maint-0.2.1' into tmp_merge 2009-08-10 01:37:29 -04:00
Roger Dingledine
8abe3bac7e Set up urras as the seventh v3 directory authority. 2009-08-10 01:32:51 -04:00
Jacob Appelbaum
33762b5296 LetsKillNoConnect removes support for .noconnect
This is a patch to remove support for .noconnect.
We are removing .noconnect because of a talk at Defcon 17 by Gregory Fleischer.
2009-08-08 19:15:22 -07:00
Nick Mathewson
df354a002c Merge commit 'origin/maint-0.2.1'
Resolved onflicts in:
	ChangeLog
	src/or/config.c
	src/or/or.h
2009-07-30 10:16:04 -04:00
Roger Dingledine
6a960d515f credit optimist for the bug 1038 diagnosis
also bring the release notes up to date
2009-07-28 20:44:51 -04:00
Roger Dingledine
6249b0fd77 Fix a signed/unsigned compile warning in 0.2.1.19 2009-07-28 18:34:35 -04:00
Roger Dingledine
e8e88922a7 Merge branch 'maint-0.2.1' into master 2009-07-28 18:19:57 -04:00
Roger Dingledine
69706f99e8 bump to 0.2.1.19 2009-07-28 17:39:51 -04:00
Sebastian Hahn
3e45445104 Changing MaxAdvertisedBW may not need a republish
Relays no longer publish a new server descriptor if they change
their MaxAdvertisedBandwidth config option but it doesn't end up
changing their advertised bandwidth numbers. Bugfix on 0.2.0.28-rc;
fixes bug 1026. Patch from Sebastian.
2009-07-27 23:53:06 -04:00
Roger Dingledine
a73acdd46f Write fingerprint to file and log without spaces
Now it will look like the fingerprints in our bridges documentation,
and confuse fewer users.
2009-07-27 22:51:20 -04:00
Roger Dingledine
0a4e2397c0 Don't leak memory if we get too many create cells
Specifically, every time we get a create cell but we have so many already
queued that we refuse it.

Bugfix on 0.2.0.19-alpha; fixes bug 1034. Reported by BarkerJr.
2009-07-27 22:38:09 -04:00
Roger Dingledine
2b63fa40e8 three hacks to workaround bug 1038
The problem is that clients and hidden services are receiving
relay_early cells, and they tear down the circuit.

Hack #1 is for rendezvous points to rewrite relay_early cells to
relay cells. That way there are never any incoming relay_early cells.

Hack #2 is for clients and hidden services to never send a relay_early
cell on an established rendezvous circuit. That works around rendezvous
points that haven't upgraded yet.

Hack #3 is for clients and hidden services to not tear down the circuit
when they receive an inbound relay_early cell. We already refuse extend
cells at clients.
2009-07-27 21:58:32 -04:00
Nick Mathewson
2b0e8fb39f Merge commit 'ioerror/DirFetchInfoExtraEarly'
Conflicts:
	ChangeLog
2009-07-25 00:52:54 -04:00
Roger Dingledine
698ec8d7b9 clean up the 0.2.2.1-alpha changelog entry 2009-07-24 18:58:09 -04:00
Roger Dingledine
c3274c4c43 Merge branch 'maint-0.2.1' into master 2009-07-24 18:37:12 -04:00
Roger Dingledine
575519d9a5 add a changelog entry for the upcoming 0.2.1.18 2009-07-24 17:16:07 -04:00
Roger Dingledine
b2fa8e8622 add blurbs for recent release candidates 2009-07-24 16:53:40 -04:00
Nick Mathewson
022d251cb7 Merge branch 'dirreq-timing' 2009-07-16 15:26:07 -04:00
Karsten Loesing
8c496d1660 Some tweaks to statistics.
Changes to directory request statistics:

- Rename GEOIP statistics to DIRREQ statistics, because they now include
  more than only GeoIP-based statistics, whereas other statistics are
  GeoIP-dependent, too.
- Rename output file from geoip-stats to dirreq-stats.
- Add new config option DirReqStatistics that is required to measure
  directory request statistics.
- Clean up ChangeLog.

Also ensure that entry guards statistics have access to a local GeoIP
database.
2009-07-15 16:32:40 +02:00
Karsten Loesing
3c05132575 Directories now also measure download times of network statuses. 2009-07-15 16:12:45 +02:00
Nick Mathewson
d4b31cf98f Allow interval and memunit cfg variables to be set to fractions. 2009-07-15 10:02:49 -04:00
Nick Mathewson
e90843eb68 Merge commit 'karsten/geoipstats-shares-master' 2009-07-14 12:15:24 -04:00
Jacob Appelbaum
e7576f92de Add support for a new option: FetchDirInfoExtraEarly
This new option will allow clients to download the newest fresh consensus
much sooner than they normally would do so, even if they previously set
FetchDirInfoEarly. This includes a proper ChangeLog entry and an updated man
page.
2009-07-13 16:30:42 -07:00
Karsten Loesing
fa2374a163 List unresolved requests in geoip stats as country '??'. 2009-07-09 15:34:53 +02:00
Nick Mathewson
041a7b9896 Merge commit 'karsten/entrystats-master'
Conflicts:
	ChangeLog
	configure.in
	src/or/config.c
	src/or/or.h
2009-07-07 14:26:50 -04:00
Nick Mathewson
1c1b223910 Merge commit 'karsten/bufferstats-master' 2009-07-07 13:21:33 -04:00
Nick Mathewson
aa0cf31c51 Merge commit 'origin/maint-0.2.1'
Conflicts:
	ChangeLog
	configure.in
	contrib/tor-mingw.nsi.in
	src/win32/orconfig.h
2009-07-07 12:42:24 -04:00
Nick Mathewson
258b980331 Make "Invalid onion hostname" msg respect SafeLogging.
Patch by Roger; fixes bug 1027.
2009-07-07 12:19:04 -04:00
Karsten Loesing
c0b6cb132b If configured, write entry-node statistics to disk periodically. 2009-07-05 20:48:16 +02:00
Karsten Loesing
b493a2ccb9 If configured, write cell statistics to disk periodically. 2009-07-05 19:53:25 +02:00
Karsten Loesing
c1f6c2ba30 Estimate v2 and v3 shares as mean values over measurement interval. 2009-07-04 22:17:08 +02:00
Karsten Loesing
4d6af73db8 If configured, write per-port exit statistics to disk periodically.
[Original patch series from Karsten, revised and squashed by Nick]
2009-07-02 12:37:05 -04:00
Nick Mathewson
078c34e28e Merge commit 'origin/maint-0.2.1'
[Didn't take Karsten's full bug 1024 workaround, since 0.2.2 doesn't
use v0 rend descs.]
2009-07-02 10:20:20 -04:00
Roger Dingledine
4e8d22846b Revise 0.2.1.17-rc changelog. 2009-07-02 10:13:01 -04:00
Karsten Loesing
3e6bb050dd Make an attempt to fix bug 1024.
The internal error "could not find intro key" occurs when we want to send
an INTRODUCE1 cell over a recently finished introduction circuit and think
we built the introduction circuit with a v2 hidden service descriptor, but
cannot find the introduction key in our descriptor.

My first guess how we can end up in this situation is that we are wrong in
thinking that we built the introduction circuit based on a v2 hidden
service descriptor. This patch checks if we have a v0 descriptor, too, and
uses that instead.
2009-07-02 10:00:28 -04:00
Nick Mathewson
9f28cfe86a Merge commit 'origin/maint-0.2.1' 2009-06-30 10:13:51 -04:00
Roger Dingledine
1ace3799fa and give the bug 969 fixes a changelog 2009-06-30 10:11:17 -04:00
Roger Dingledine
9fc3d87827 stop capping bandwidths we see in the consensus
but continue capping bandwidths we see in local server
descriptors, if we have no consensus weights for them.
2009-06-25 11:38:05 -04:00
Nick Mathewson
d2cac1afc3 Merge commit 'origin/maint-0.2.1' 2009-06-24 19:02:00 -04:00
Marcus Griep
cea85b4066 Added ChangeLog entry for control port fix 2009-06-24 00:14:08 -04:00
Nick Mathewson
39551b494e Merge commit 'origin/maint-0.2.1' 2009-06-22 14:08:19 -04:00
Roger Dingledine
b91428cfd3 add a changelog entry: clients use bw in consensus 2009-06-22 14:03:02 -04:00
Nick Mathewson
3f4f6f9075 Merge commit 'origin/maint-0.2.1'
Conflicts:
	ChangeLog
2009-06-22 12:36:06 -04:00
Nick Mathewson
262455527a Serve DirPortFrontPage even if the write bucket is low.
arma's rationale: "I think this is a bug, since people intentionally
set DirPortFrontPage, so they really do want their relay to serve that
page when it's asked for. Having it appear only sometimes (or roughly
never in Sebastian's case) makes it way less useful."

Fixes bug 1013; bugfix on 0.2.1.8-alpha.
2009-06-22 12:34:32 -04:00
Nick Mathewson
28f30515ef Merge commit 'origin/maint-0.2.1' 2009-06-20 21:51:38 -04:00
Nick Mathewson
ac3dedacce Bump version to 0.2.1.16-rc 2009-06-20 01:14:07 -04:00
Roger Dingledine
428178dda3 prepare changelog for 0.2.1.16-rc 2009-06-19 11:09:45 -04:00
Karsten Loesing
f266ecbeec Better fix for 997. 2009-06-19 16:26:02 +02:00
Karsten Loesing
20883f5e83 Revert "Backport fix for bug 997."
This reverts commit 3847f54945.
2009-06-19 15:46:13 +02:00
Nick Mathewson
aa88c8d91a Merge commit 'origin/maint-0.2.1' 2009-06-18 11:10:27 -04:00
Nick Mathewson
298dc95dfd tor-resolve: Don't automatically refuse .onion addresses.
If the Tor is running with AutomapHostsOnResolve set, it _is_
reasonable to do a DNS lookup on a .onion address.  So instead we make
tor-resolve willing to try to resolve anything.  Only if Tor refuses
to resolve it do we suggest to the user that resolving a .onion
address may not work.

Fix for bug 1005.
2009-06-18 11:08:10 -04:00
Nick Mathewson
df03d6eca8 Merge commit 'karsten/bug997-hidservfetch' 2009-06-16 16:26:02 -04:00
Karsten Loesing
3847f54945 Backport fix for bug 997.
Backporting 6a32beb and ca8708a.
2009-06-16 16:25:35 -04:00
Karsten Loesing
ca8708a9ce Fix more of bug 997.
Fix refetching of hidden service descriptors when all introduction points
have turned out to not work.
2009-06-13 12:21:58 +02:00
Nick Mathewson
cfce7d5dea Merge commit 'origin/maint-0.2.1' 2009-06-12 11:27:48 -04:00
Roger Dingledine
845326317d Check answer_len in the remap_addr case of process_relay_cell_not_open.
Fix an edge case where a malicious exit relay could convince a
controller that the client's DNS question resolves to an internal IP
address. Bug found and fixed by "optimist"; bugfix on 0.1.2.8-beta.
2009-06-12 11:22:54 -04:00
Roger Dingledine
cb1617f18e Check answer_len in the remap_addr case of process_relay_cell_not_open.
Fix an edge case where a malicious exit relay could convince a
controller that the client's DNS question resolves to an internal IP
address. Bug found and fixed by "optimist"; bugfix on 0.1.2.8-beta.
2009-06-12 11:18:02 -04:00
Karsten Loesing
6a32beb877 Apply fix for bug 997.
Hidden service clients didn't use a cached service descriptor that
was older than 15 minutes, but wouldn't fetch a new one either. Now,
use a cached descriptor no matter how old it is and only fetch a new
one when all introduction points fail. Fix for bug 997. Patch from
Marcus Griep.
2009-06-12 11:39:35 +02:00
Nick Mathewson
358efe1eea Merge commit 'origin/maint-0.2.1' 2009-06-08 00:01:31 -04:00
Nick Mathewson
925d80ba0d Missing changelog entry about geoip 2009-06-08 00:00:54 -04:00
Nick Mathewson
8a02f61ad6 Move and fix a changelog entry. Noticed by optimist. 2009-06-07 00:03:27 -04:00
Nick Mathewson
20193fc7ab Avoid a memory corruption problem related to "private" in DirPolicy.
This is a posible fix for bug 996.
2009-06-05 19:41:40 -04:00
Nick Mathewson
4945fee65a Merge commit 'origin/maint-0.2.1' 2009-06-04 03:31:12 -04:00
Nick Mathewson
b262e76563 Fix gprof bottlenecks on exit nodes found by Jacob.
Apparently all the stuff that does a linear scan over all the DNS
cache entries can get really expensive when your DNS cache is very
large.  It's hard to say how much this will help performance, since
gprof doesn't count time spent in OpenSSL or zlib, but I'd guess 10%.

Also, this patch removes calls to assert_connection_ok() from inside
the read and write callbacks, which are similarly unneeded, and a
little costlier than I'm happy with.

This is probably worth backporting to 0.2.0.
2009-06-03 13:52:03 -04:00
Nick Mathewson
77ffd6b2a7 Merge commit 'origin/maint-0.2.1' 2009-05-31 19:17:22 -04:00
Nick Mathewson
c4c7dcd453 Do not report a node as a "chosen exit" when it is not in fact an exit.
Provide a useful warning when launch_circuit tries to make us use a
node we don't want to use.  Just give an info message when this is a
normal and okay situation.  Fix for logging issues in bug 984.
2009-05-31 19:15:36 -04:00
Nick Mathewson
e84ddead34 Merge branch 'hardware_accel_improvements' 2009-05-31 13:36:50 -04:00
Nick Mathewson
3ca10bb62f Fix-ups for dynamic OpenSSL engine patch.
Include a changelog, and don't try to compare strings with !=.
2009-05-31 13:36:18 -04:00
Nick Mathewson
fd992deeea Don't attempt to log messages to a controller from a worker thread.
This patch adds a function to determine whether we're in the main
thread, and changes control_event_logmsg() to return immediately if
we're in a subthread.  This is necessary because otherwise we will
call connection_write_to_buf, which modifies non-locked data
structures.

Bugfix on 0.2.0.x; fix for at least one of the things currently
called "bug 977".
2009-05-30 18:16:24 -04:00
Sebastian Hahn
e70fe116d3 Consider *ListenAddress when warning about low ports and hibernation
Tas (thanks!) noticed that when *ListenAddress is set, Tor would
still warn on startup when *Port is low and hibernation is active.
The patch parses all the *ListenAddress lines, and checks the
ports. Bugfix on 0.2.1.15-rc
2009-05-30 03:09:39 +02:00
Nick Mathewson
0e2618dd54 Merge commit 'origin/maint-0.2.1' 2009-05-27 14:20:18 -04:00
Nick Mathewson
1843f3936c Changelog entry for Karsten's bug-932 patch. 2009-05-27 14:11:38 -04:00
Karsten Loesing
54c97c9133 Change the way how directories that are configured with --enable-geoip-stats write geoip stats to disk.
- Write geoip stats to disk every 24 hours, not every hour.
- Remove configuration options and define reasonable defaults.
- Clear history of client requests every 24 hours (which wasn't done at
  all before).
2009-05-27 19:13:31 +02:00
Nick Mathewson
b805e5debf Merge commit 'origin/maint-0.2.1' into master.
Conflicts:
	ChangeLog
	configure.in
	contrib/tor-mingw.nsi.in
	src/win32/orconfig.h
2009-05-25 16:43:52 -04:00
Nick Mathewson
99c315a473 Use tor_socket_strerror in eventdns.c. Fixes bug 987. 2009-05-25 16:38:50 -04:00
Roger Dingledine
a2c841d555 add the 0.2.1.14-rc blurb 2009-05-25 13:16:45 -04:00
Roger Dingledine
7d9567af2e clean up the 0.2.1.15-rc changelog 2009-05-25 13:14:58 -04:00
Nick Mathewson
b998fed9b9 Remove support for events without the extended format or long names.
Supporting the old formats made our code complex; running without them
has been discouraged since 0.2.1.x.
2009-05-25 12:52:25 -04:00
Nick Mathewson
4201a3735f Merge commit 'origin/maint-0.2.1' 2009-05-22 11:56:51 -04:00
Nick Mathewson
1d002a25a2 Finish up the 0.2.1 version of the bug 957 fix.
Basically, all this means is downgrading our warning messages to debug
messages, since the bug workaround code here is adequate to stop the
bug.
2009-05-22 11:47:09 -04:00
Nick Mathewson
79762aac17 Merge commit 'origin/maint-0.2.1' 2009-05-18 16:17:12 -04:00
Nick Mathewson
34030a3d23 Possible fix for crash bug related to event timeouts. [Bug 957]
If we ever add an event, then set it, then add it again, there will be
now two pointers to the event in the event base.  If we delete one and
free it, the first pointer will still be there, and possibly cause a
crash later.

This patch adds detection for this case to the code paths in
eventdns.c, and works around it.  If the warning message ever
displays, then a cleverer fix is in order.

{I am not too confident that this *is* the fix, since bug 957 is very
tricky.  If it is, it is a bugfix on 0.2.0.}
2009-05-18 16:12:39 -04:00
Nick Mathewson
14a549552a Merge branch 'maint-0.2.1' into merge_tmp 2009-05-17 02:11:34 -04:00
Roger Dingledine
2fa5410218 Fix a memory leak when v3 directory authorities load their keys
and cert from disk. Bugfix on 0.2.0.1-alpha.
2009-05-17 02:04:59 -04:00
Nick Mathewson
c0515b307c Fix valgrind error when marking a descriptor as never-downloadable.
When we got a descriptor that we (as an authority) rejected as totally
bad, we were freeing it, then using the digest in its RAM to look up its
download status.  Caught by arma with valgrind.  Bugfix on 0.2.1.9-alpha.
2009-05-17 02:01:09 -04:00
Nick Mathewson
11b9c839f0 Stop using malloc_usable_size(): valgrind hates it. 2009-05-17 01:55:02 -04:00
Nick Mathewson
87f7059dbc Merge branch 'maint-0.2.1' 2009-05-17 01:23:08 -04:00
Roger Dingledine
c28d25e7a4 minor tweak on changelog entries 2009-05-17 01:22:28 -04:00
Roger Dingledine
095c26f63e minor tweak on changelog entries 2009-05-17 01:21:49 -04:00
Nick Mathewson
e563874045 Merge commit 'origin/maint-0.2.1' 2009-05-17 00:05:38 -04:00
Nick Mathewson
9f25a5529a Fix an assertion-failure in memarea_alloc() on 64-bit platforms.
The trick is that we should assert that our next_mem pointer has not
run off the end of the array _before_ we realign the pointer, since
doing that could take us over the end... but only if we're on a system
where malloc() gives us ram in increments smaller than sizeof(void*).
2009-05-17 00:02:59 -04:00
Mike Perry
29bf271ba2 Fix misreporting of stream bandwidths. 2009-05-14 17:52:26 -04:00
Nick Mathewson
479d21254a Merge commit 'origin/maint-0.2.1' 2009-05-13 16:55:42 -04:00
Nick Mathewson
45171cd9e9 Changelog entries for bug932 fixes 2009-05-13 16:46:21 -04:00
Nick Mathewson
c36efb0c45 Use a mutex to protect the count of open sockets.
This matters because a cpuworker can close its socket when it
finishes.  Cpuworker typically runs in another thread, so without a
lock here, we can have a race condition and get confused about how
many sockets are open.  Possible fix for bug 939.
2009-05-13 09:38:48 -04:00
Nick Mathewson
d9650cfa50 Add sentinel values to the end of memarea chunks.
This might detect some possible causes of bug 930, and will at least
make sure we aren't doing some dumb memory-corruption stuff with the heap
and router-parsing.
2009-05-12 15:10:23 -04:00
Nick Mathewson
5fc08d1920 Merge 0.2.1 onto the development branch.
Manually resolved conflicts on version number; all else applied cleanly.
2009-05-12 13:57:58 -04:00
Nick Mathewson
88d81ead83 Better debugging output for bug 977 case.
(Don't crash immediately if we have leftover chunks to free after
freeing chunks in a buffer freelist; instead log a debugging message
that might help.)
2009-05-12 13:54:21 -04:00
Karsten Loesing
592f957169 Update rend-spec.txt. 2009-05-04 13:46:30 -04:00
Nick Mathewson
596e852c31 Remove the long-deprecated GETINFO addr-mappings/ 2009-05-01 06:25:18 -04:00
Nick Mathewson
4e4be180ec Changelog entry for Jake's torify patch. 2009-04-29 19:05:56 -04:00
Nick Mathewson
6ac3a8b0cd Command-line option to dump SHA1 digests of all source files.
Now, when you call tor --digests, it dumps the SHA1 digest of each
source file that Tor was built with.  We support both 'sha1sum' and
'openssl sha1'.  If the user is building from a tarball and they
haven't edited anything, they don't need any program that calculates
SHA1.  If they _have_ modified a file but they don't have a program to
calculate SHA1, we try to build so we do not output digests.
2009-04-29 14:46:04 -04:00
Sebastian Hahn
5675be39a0 Return -1 in the error case from read_bandwidth_usage.
svn:r19367
2009-04-23 22:04:10 +00:00
Roger Dingledine
72e4d48c7a Update to the "April 3 2009" ip-to-country file.
svn:r19307
2009-04-12 08:09:38 +00:00
Roger Dingledine
39ceda7e05 Raise the minimum bandwidth to be a relay from 20000 bytes to 20480
bytes (aka 20KB/s), to match our documentation. Also update
directory authorities so they always assign the Fast flag to relays
with 20KB/s of capacity. Now people running relays won't suddenly
find themselves not seeing any use, if the network gets faster
on average.


svn:r19305
2009-04-12 07:56:58 +00:00
Roger Dingledine
c024928b63 For belt-and-suspenders, relays that don't set Address in their config
now avoid using begin_dir for all direct connections.


svn:r19296
2009-04-11 19:40:42 +00:00
Roger Dingledine
8d82583d97 Finally fix the bug where dynamic-IP relays disappear when their
IP address changes: directory mirrors were mistakenly telling them
their old address if they asked via begin_dir, so they never got
an accurate answer about their new address, so they just vanished
after a day. Should fix bugs 827, 883, and 900 -- but alas, only
after every directory mirror has upgraded.


svn:r19291
2009-04-11 18:09:15 +00:00
Roger Dingledine
48118b228e Clients replace entry guards that were chosen more than a few months
ago. This change should significantly improve client performance,
especially once more people upgrade, since relays that have been
a guard for a long time are currently overloaded.


svn:r19287
2009-04-11 12:00:18 +00:00
Roger Dingledine
ebadf2b068 general changelog cleanups
svn:r19273
2009-04-11 04:31:46 +00:00
Roger Dingledine
927d35a001 a changelog entry for r19259
svn:r19261
2009-04-11 00:24:06 +00:00
Roger Dingledine
93c0a81491 If the bridge config line doesn't specify a port, assume 443.
This makes bridge lines a bit smaller and easier for users to
understand.

Also, remove a duplicate changelog entry from the past.


svn:r19260
2009-04-11 00:16:05 +00:00
Nick Mathewson
d50501e5ed Fix a few crash bugs related to malormed descriptors. Lark found one; fuzzing found the rest.
svn:r19250
2009-04-09 19:58:16 +00:00
Roger Dingledine
7170c5b4f8 Limit uploaded directory documents to be 16M rather than 500K.
The directory authorities were refusing v3 consensus votes from
other authorities, since the votes are now 504K. Fixes bug 959;
bugfix on 0.0.2pre17 (where we raised it from 50K to 500K ;).


svn:r19194
2009-03-31 04:03:37 +00:00
Roger Dingledine
793f1ce007 Directory authorities should never send a 503 "busy" response to
requests for votes or keys. Bugfix on 0.2.0.8-alpha; exposed by
bug 959.


svn:r19189
2009-03-31 01:29:07 +00:00
Nick Mathewson
0fa01654b9 fix from lark: make memarea_strndup() work even at the end of a mmap chunk. Bug was harmless for now, I think.
svn:r19094
2009-03-21 11:52:53 +00:00
Nick Mathewson
a335b43a67 If we have a routerstatus but no routerinfo to name a router, use the routerstatus instead when generating circuit events. Also refactor a little.
svn:r19078
2009-03-18 19:30:30 +00:00
Nick Mathewson
30ec1d1d50 Don't double-free successful_uploads.
When we used smartlist_free to free the list of succesful uploads
because we had succeeded in uploading everywhere, we did not actually
set the successful_uploads field to NULL, so later it would get freed
again in rend_service_descriptor_free.  Fix for bug 948; bug
introduced in 0.2.1.6-alpha.

svn:r19073
2009-03-18 14:35:24 +00:00
Nick Mathewson
ad7ebec24c Free very-old descriptors that we do not want to add. Fix for bug 672. Backport candidate
svn:r19057
2009-03-16 18:47:45 +00:00
Roger Dingledine
362c4e0d02 add in the blurb
svn:r18945
2009-03-13 04:47:12 +00:00
Karsten Loesing
309080b6aa Make directory usage recording work again. Fixing bug introduced in r17009.
svn:r18924
2009-03-11 22:08:37 +00:00
Steven Murdoch
43145fc9f5 In tor-resolve, when the Tor client to use is specified by <hostname>:<port>, actually use the specified port rather than defaulting to 9050
svn:r18833
2009-03-10 00:52:45 +00:00
Roger Dingledine
4774e593b8 Bugfix on r17756:
Avoid trying to print raw memory to the logs when we decide to
give up on downloading a given relay descriptor. Bugfix on
0.2.1.9-alpha.


svn:r18831
2009-03-09 22:05:17 +00:00
Roger Dingledine
89da31f772 3! 3 not 2.
svn:r18813
2009-03-09 00:55:59 +00:00
Roger Dingledine
5d50bc3e1d We were already rejecting relay begin cells with destination port
of 0. Now also reject extend cells with destination port or address
of 0. Suggested by lark.


svn:r18812
2009-03-09 00:53:42 +00:00
Roger Dingledine
5cb2e4efca declare that i'm going to tag 0.2.1.13-alpha tonight
svn:r18811
2009-03-09 00:43:03 +00:00
Nick Mathewson
18648907c4 Build correctly from outside main source tree. Patch from Michael Gold.
svn:r18809
2009-03-08 23:18:44 +00:00
Roger Dingledine
0f46c1dc6e Update to the "February 26 2009" ip-to-country file
svn:r18774
2009-03-05 10:47:25 +00:00
Nick Mathewson
cbbc0c9c86 Actually use tor_sscanf() to parse untrusted input.
svn:r18761
2009-03-03 18:02:36 +00:00
Nick Mathewson
9f8d095e0f Add and use set/get_uint64 on onion tags. [bug 604; backportable]
It seems that 64-bit Sparc Solaris demands 64-bit-aligned access to
uint64_t, but does not 64-bit-align the stack-allocated char array we
use for cpuworker tags.  So this patch adds a set/get_uint64 pair, and
uses them to access the conn_id field in the tag.

svn:r18743
2009-03-02 19:15:05 +00:00
Nick Mathewson
27c3b43817 Fix one case of bug 929.
svn:r18683
2009-02-23 20:04:51 +00:00
Nick Mathewson
261670b57e Patch from lark: if we get two extend cells for the same circuit id, drop the second. Previously, we had leaked an extend_info if the target connection was not open when the second arrived.
svn:r18668
2009-02-21 19:07:05 +00:00
Nick Mathewson
192b701fac Patch from lark: drop BEGIN cells from a rendevous circuit if they do not originate from the end of the circuit.
svn:r18667
2009-02-21 19:07:01 +00:00
Nick Mathewson
b13496b62a Possible fix for broken country settings in ExcludeExitNodes.
It turns out that we weren't updating the _ExcludeExitNodesUnion set's
country numbers when we reloaded (or first loaded!) the IP-to-country
file.  Spotted by Lark.  Bugfix on 0.2.1.6-alpha.

svn:r18575
2009-02-16 15:15:06 +00:00
Roger Dingledine
d3289c6b87 docdoc and changelog for r18556
svn:r18566
2009-02-16 10:39:10 +00:00
Roger Dingledine
c8474f9d93 If the controller claimed responsibility for a stream, but that
stream never finished making its connection, it would live
forever in circuit_wait state. Now we close it after SocksTimeout
seconds. Bugfix on 0.1.2.7-alpha; reported by Mike Perry.


svn:r18516
2009-02-13 04:11:14 +00:00
Roger Dingledine
b03f78e8af Update to the "January 23 2009" ip-to-country file
svn:r18503
2009-02-12 12:32:14 +00:00
Roger Dingledine
97ff5346df and forward-port the 0.2.0.33 and 0.2.0.34 changelogs
svn:r18497
2009-02-11 22:21:50 +00:00
Nick Mathewson
65dc835773 Revert an erroneous part of the non-fix to bug 326, and add comments to explain why it was erroneous.
svn:r18494
2009-02-11 17:23:11 +00:00
Nick Mathewson
356b40f58b Clients and non-caches do not need to cache unrecognized authority certificates.
svn:r18480
2009-02-10 20:28:30 +00:00
Karsten Loesing
34b285b09f As an exit node, scrub the IP address to which we are exiting in the logs. Bugfix on 0.2.1.8-alpha.
svn:r18477
2009-02-10 18:52:47 +00:00
Nick Mathewson
91fece7be2 Don't extend introduction circuits indefinitely.
Doing so could run you out of relay_early cells and give you a
senselessly long circuit.  Patch from Karsten; may fix bug 878.

svn:r18459
2009-02-10 00:45:30 +00:00
Nick Mathewson
6f90f6f2a2 Retry circuits if the exit node is optional and nonexistant.
Previously, when we had the chosen_exit set but marked optional, and
we failed because we couldn't find an onion key for it, we'd just give
up on the circuit.  But what we really want to do is try again, without
the forced exit node.

Spotted by rovv.  Another case of bug 752.  I think this might be
unreachable in our current code, but proposal 158 could change that.

svn:r18451
2009-02-09 16:55:48 +00:00
Nick Mathewson
c7315e65ae Disable KQUEUE from inside Tor if the OSX version is prior to 10.4.0
svn:r18450
2009-02-09 16:07:02 +00:00
Nick Mathewson
f99098cca4 Use prctl to reenable core dumps when we have setuid to a non-root user.
svn:r18449
2009-02-09 15:20:17 +00:00
Nick Mathewson
f95ab83792 Bump version to 0.2.1.12-alpha-dev
svn:r18448
2009-02-09 15:09:51 +00:00
Roger Dingledine
876a588ced a bit more changelog mucking
svn:r18426
2009-02-09 03:24:53 +00:00
Roger Dingledine
d9f01304ba shuffle the changelog a bit
svn:r18425
2009-02-09 03:21:43 +00:00
Nick Mathewson
2ebdf91a52 Fix a remote-crash bug. This will need a patch release.
svn:r18421
2009-02-09 03:13:02 +00:00
Roger Dingledine
2756824087 Fix a temporary DoS vulnerability that could be performed by
a directory mirror. Bugfix on 0.2.0.9-alpha; reported by lark.


svn:r18420
2009-02-09 03:12:07 +00:00
Roger Dingledine
a5d4c5e7c6 declare tomorrow as the day for 0.2.1.12-alpha too
svn:r18413
2009-02-08 05:00:39 +00:00
Karsten Loesing
88d6e6035d Forward-port ChangeLog for 0.2.0.30.
svn:r18404
2009-02-05 17:52:58 +00:00
Roger Dingledine
decdf4537a If we're using bridges and our network goes away, be more willing
to forgive our bridges and try again when we get an application
request. Bugfix on 0.2.0.x.


svn:r18396
2009-02-04 23:27:35 +00:00
Roger Dingledine
1625467be7 cosmetic changes
svn:r18394
2009-02-04 23:13:51 +00:00
Roger Dingledine
5776dfcdf0 and forward-port the 0.2.0.33 changelog
svn:r18392
2009-02-04 15:20:50 +00:00
Nick Mathewson
261f49fe26 Fix a possible cause of bug 915 when parsing multiple votes one of which was bad. Bugfix on 0.2.0.8-alpha.
svn:r18354
2009-01-31 18:27:38 +00:00
Nick Mathewson
676cfbbf84 When building with GCC, use -fno-strict-aliasing
GCC's interpretation of the C99 aliasing rules, to be charitable,
creates a dialect of C intended for a better programmers than I am
certain of my ability to be in all times.  I just spent 2 hours
tracking down a platform-hyperspecific libevent bug that turned out to
be because of this, and darned if I ever want to do *that* again.

One of Linus's recent rants will give you a picture of why GCC's
behavior here can lead to fun surprises in your binaries:
http://lwn.net/Articles/316126/

svn:r18351
2009-01-31 07:51:02 +00:00
Nick Mathewson
e1f03572ca Support setting serverdnsrandomizecase during sighup. Backportable, unless too trivial.
svn:r18307
2009-01-28 19:53:03 +00:00
Nick Mathewson
f78793879d Fix a race condition on nameserver reconfiguration.
This resolves bug 526, wherein we would crash if the following
events occurred in this order:
  A: We're an OR, and one of our nameservers goes down.
  B: We launch a probe to it to see if it's up again. (We do this hourly
     in steady-state.)
  C: Before the probe finishes, we reconfigure our nameservers,
     usually because we got a SIGHUP and the resolve.conf file changed.
  D: The probe reply comes back, or times out. (There is a five-second
     window for this, after B has happens).

IOW, if one of our nameservers is down and our nameserver
configuration has changed, there were 5 seconds per hour where HUPing
the server was unsafe.

Bugfix on 0.1.2.1-alpha.  Too obscure to backport.

svn:r18306
2009-01-28 18:26:20 +00:00
Nick Mathewson
e06de61d84 Don't obsolete a very-new connection for having no circuits yet.
This fixes the last known case of bug 891, which could happen if two
hosts, A and B, disagree about how long a circuit has been open,
because of clock drift of some kind.  Host A would then mark the
connection as is_bad_for_new_circs when it got too old and open a new
connection.  In between when B receives a NETINFO cell on the new
conn, and when B receives a conn cell on the new circuit, the new
circuit will seem worse to B than the old one, and so B will mark it
as is_bad_for_new_circs in the second or third loop of
connection_or_group_set_badness().

Bugfix on 0.1.1.13-alpha.  Bug found by rovv.

Not a backport candidate: the bug is too obscure and the fix too tricky.

svn:r18303
2009-01-28 17:36:41 +00:00
Nick Mathewson
62a460d55f Fix an old changelog entry to mention which bug it fixed.
svn:r18302
2009-01-28 17:36:37 +00:00
Nick Mathewson
8027c8c6dd Forward-port: Fix bug 893: check AP connections for markedness before expiring them.
svn:r18299
2009-01-28 16:30:06 +00:00
Nick Mathewson
ef001cf85d Actually send the extra_headers content in write_http_response_header_impl. This make X-Descriptor-Now-New get sent. Bugfix on 0.2.0.10-alpha. Spotted by "multiplication".
svn:r18297
2009-01-28 16:06:46 +00:00
Roger Dingledine
9fdae765e3 clean up r18287
svn:r18288
2009-01-28 07:16:22 +00:00
Nick Mathewson
afc5b61777 Do not use == in our shell code; = is standard.
svn:r18239
2009-01-22 19:06:28 +00:00
Nick Mathewson
25c6ff6f55 Support 64-bit time_t. Patch from Matthias Drochner. Partial backport candidate.
svn:r18234
2009-01-22 16:28:12 +00:00
Nick Mathewson
8ebceeb352 Make sure that even in the weird fiddly paths that lead to init_keys,
crypto_global_init gets called.  Also have it be crypto_global_init
that calls crypto_seed_rng, so we are not dependent on OpenSSL's
RAND_poll in these fiddly cases.

Should fix bug 907.  Bugfix on 0.0.9pre6.  Backport candidate.

svn:r18210
2009-01-21 15:38:39 +00:00
Nick Mathewson
bf2b71beb8 Fix an error in tor_addr_parse that kept us from having a hidden service or a bridge live at an IPv6 address.
svn:r18206
2009-01-21 07:24:50 +00:00
Nick Mathewson
3f8ab367c1 Fix warning on panther compile, and bug 913. Backport candidate.
svn:r18203
2009-01-21 03:51:14 +00:00
Roger Dingledine
a5a6b9a08a Let controllers actually ask for the "clients_seen" event. Bugfix
on 0.2.1.10-alpha; reported by Matt Edman.


svn:r18201
2009-01-21 03:24:27 +00:00
Roger Dingledine
90a5042aeb get ready for more development
svn:r18200
2009-01-21 02:51:30 +00:00
Roger Dingledine
3c668245b7 bump to 0.2.1.11-alpha, clean up changelog
svn:r18192
2009-01-20 23:33:04 +00:00
Peter Palfrader
0636369b83 mention that tsocks only socksifies TCP
In the torify(1) manpage explain that tsocks will only socksify
TCP connections, and that therefore it will most likely leak DNS
requests.

svn:r18160
2009-01-18 01:05:17 +00:00
Nick Mathewson
87124f54d0 This patch changes the default location where config and data files
are stored when the --enable-local-appdata option is configured.  This
changes the Windows path from %APPDATA% to a host local
%USERPROFILE%\Local Settings\Application Data\ path (aka,
LOCAL_APPDATA).

Patch from coderman.



svn:r18122
2009-01-15 23:07:11 +00:00
Nick Mathewson
dbc8a44bae Fix ServerDNSRandomizeCase so that setting it to 0 works.
Bugfix on 0.2.1.7-alpha.  Backport candidate. Fixes bug 905.

svn:r18063
2009-01-10 14:38:14 +00:00
Nick Mathewson
a6504cdea7 Check that Libevent header version matches Libevent library version.
Unfortunately, old Libevents don't _put_ a version in their headers, so
this can get a little tricky.  Fortunately, the only binary-compatibility
issue we care about is the size of struct event.  Even more fortunately,
Libevent 2.0 will let us keep binary compatiblity forever by letting us
decouple ourselves from the structs, if we like.

svn:r18014
2009-01-07 21:05:02 +00:00
Roger Dingledine
c123163043 Discard router descriptors as we load them if they are more than
five days old. Otherwise if Tor is off for a long time and then
starts with cached descriptors, it will try to use the onion
keys in those obsolete descriptors when building circuits. Bugfix
on 0.2.0.x. Fixes bug 887.


svn:r17993
2009-01-07 02:13:42 +00:00
Roger Dingledine
b36a98ff5a When our circuit fails at the first hop (e.g. we get a destroy
cell back), avoid using that OR connection anymore, and also
tell all the one-hop directory requests waiting for it that they
should fail. Bugfix on 0.2.1.3-alpha.


svn:r17984
2009-01-06 21:28:48 +00:00
Nick Mathewson
462f64b6b9 Make outgoing DNS requests respect OutboundBindAddress.
Fixes the bug part of bug 789.

svn:r17983
2009-01-06 20:50:55 +00:00
Roger Dingledine
e61c40e9f4 ok, all set to destabilize it again
svn:r17980
2009-01-06 20:38:05 +00:00
Roger Dingledine
2d9e8a75b8 bump to 0.2.1.10-alpha, reorganize the changelog
svn:r17974
2009-01-06 20:11:47 +00:00
Roger Dingledine
4acf16cb63 and mention the bug # in the changelog
svn:r17971
2009-01-06 19:07:21 +00:00
Roger Dingledine
68806c7fb7 When a relay gets a create cell it can't decrypt (e.g. because it's
using the wrong onion key), we were dropping it and letting the
client time out. Now actually answer with a destroy cell. Bugfix
on 0.0.2pre8.


svn:r17970
2009-01-06 19:03:15 +00:00
Roger Dingledine
d1351750ed Update to the "December 19 2008" ip-to-country file
svn:r17968
2009-01-06 18:03:01 +00:00
Roger Dingledine
fe040342e7 specify it was a bugfix on something from 2007
svn:r17960
2009-01-06 16:11:10 +00:00
Roger Dingledine
e127072318 Prevent bridge relays from serving their 'extrainfo' document
to anybody who asks, now that extrainfo docs include potentially
sensitive aggregated client geoip summaries.


svn:r17958
2009-01-06 16:03:38 +00:00
Roger Dingledine
d95b63f1e4 Bugfix on r13098. Backport candidate.
When we made bridge authorities stop serving bridge descriptors over
unencrypted links, we also broke DirPort reachability testing for
bridges. So bridges with a non-zero DirPort were printing spurious
warns to their logs. Bugfix on 0.2.0.16-alpha. Fixes bug 709.


svn:r17945
2009-01-06 07:13:24 +00:00
Roger Dingledine
55665f25e5 the new alpha release is coming out this week sometime. too many
bugs fixed to keep waiting. i still need to track down bug 709
first though, since i am increasingly thinking it's a real bug.


svn:r17944
2009-01-06 03:57:06 +00:00
Nick Mathewson
f772fc0c36 apply a variant of rovv's bug 872 patch, and document that we want a better solution for 0.2.2.x.
svn:r17924
2009-01-05 20:52:14 +00:00
Roger Dingledine
e3388230c4 Bridge relays that had DirPort set to 0 would stop fetching
descriptors shortly after startup, and then briefly resume
after a new bandwidth test and/or after publishing a new bridge
descriptor. Bridge users that try to bootstrap from them would
get a recent networkstatus but would get descriptors from up to
18 hours earlier, meaning most of the descriptors were obsolete
already. Reported by Tas; bugfix on 0.2.0.13-alpha.


svn:r17920
2009-01-05 18:54:11 +00:00
Roger Dingledine
9e75c06197 If the cached networkstatus consensus is more than five days old,
discard it rather than trying to use it. In theory it could
be useful because it lists alternate directory mirrors, but in
practice it just means we spend many minutes trying directory
mirrors that are long gone from the network. Helps bug 887 a bit;
bugfix on 0.2.0.x.


svn:r17917
2009-01-05 16:56:11 +00:00
Roger Dingledine
cec0a57dc8 mark what version of tor mike's bug was in
svn:r17912
2009-01-05 14:32:58 +00:00
Mike Perry
da430cfcf7 Preserve reporting of stream end reasons to the local control
port.  They were lost in the changes for Proposal 148.



svn:r17911
2009-01-05 14:14:57 +00:00
Nick Mathewson
9c94b428d9 Fix the oldest bug in a while: stop accepting 1.2.3 as a valid IPv4 address on any platform.
svn:r17887
2009-01-04 19:47:17 +00:00
Nick Mathewson
360a059948 Fix an xxx021: do not remove routerinfos as too old and unlisted unless we have a consensus. Backport candidate.
svn:r17886
2009-01-04 19:47:12 +00:00
Nick Mathewson
c4b8fef362 Remove svn $Id$s from our source, and remove tor --version --version.
The subversion $Id$ fields made every commit force a rebuild of
whatever file got committed.  They were not actually useful for
telling the version of Tor files in the wild.

svn:r17867
2009-01-04 00:35:51 +00:00
Nick Mathewson
d3e57378ec Mention that our documentation is better in 0.2.1.10-x.
svn:r17862
2009-01-03 23:06:08 +00:00
Nick Mathewson
b07baba879 Increment n_download_failures up to IMPOSSIBLE_TO_DOWNLOAD-1, not up to IMPOSSIBLE_TO_DOWNLOAD.
svn:r17835
2008-12-31 17:22:18 +00:00
Nick Mathewson
ffe22fab9b Indeed, arma was right. There was one ntohl too many in debug_ntop in eventdns.c
svn:r17826
2008-12-30 04:08:45 +00:00
Roger Dingledine
f6b7e108e4 for some reason nickm removed this major feature from
the 0.2.1.3-alpha changelog. put it back.


svn:r17824
2008-12-30 02:03:23 +00:00
Nick Mathewson
d640e2ab00 Spec compliance: if weighted MTBF of a router is at least 5 days, always vote it as Stable.
svn:r17821
2008-12-29 20:17:18 +00:00
Nick Mathewson
c1c7f982d9 Do not not cannibalize a circuit that has run out of RELAY_EARLY cells. Partial bug 878 fix.
svn:r17815
2008-12-29 19:55:17 +00:00
Nick Mathewson
145ead96ed Do not cannibalize a circuit that has run out of RELAY_EARLY cells. Partial bug 878 fix.
svn:r17814
2008-12-29 19:55:13 +00:00
Nick Mathewson
e8a3fa91a6 Use a consistent naming standard for header file guard macros, taking care not to collide with any system headers. This tripped us up on Android.
svn:r17805
2008-12-29 02:21:02 +00:00
Nick Mathewson
b0a8ecd193 Use RSA_generate_key_ex where available.
svn:r17804
2008-12-29 02:20:57 +00:00
Nick Mathewson
870fd18b8f Refactor some exit-policy-related functions that showed up in oprofile.
Specifically, split compare_tor_addr_to_addr_policy() from a loop with a bunch
of complicated ifs inside into some ifs, each with a simple loop.  Rearrange
router_find_exact_exit_enclave() to run a little faster.  Bizarrely,
router_policy_rejects_all() shows up on oprofile, so precalculate it per
routerinfo.

svn:r17802
2008-12-29 01:47:28 +00:00
Roger Dingledine
5519e633ec New controller event "clients_seen" to report a geoip-based summary
of which countries we've seen clients from recently. Now controllers
like Vidalia can show bridge operators that they're actually making
a difference.


svn:r17796
2008-12-27 06:50:07 +00:00
Nick Mathewson
616f6643ef get_interface_addr6(), and by extension get_interface_addr(), were pretty borked. Copying a tor_addr_t from a sockaddr_storage using memcpy is a poor notion.
svn:r17789
2008-12-26 21:26:03 +00:00
Roger Dingledine
41aef35963 last cleanups
svn:r17779
2008-12-25 21:02:50 +00:00
Roger Dingledine
20f964c6da prepare for 0.2.1.9-alpha
svn:r17778
2008-12-25 20:32:49 +00:00
Roger Dingledine
a12c3f2c86 some fixes i found in my sandbox
svn:r17771
2008-12-25 15:37:47 +00:00
Nick Mathewson
5dd7e018cb Changelog entries for bug 891 fix as checkpointed.
svn:r17759
2008-12-24 02:41:36 +00:00
Nick Mathewson
ac2f6b608a Patch from Sebiastian for bug 888: mark a descriptor as "Impossible" if we reject it after downloading it so that we do not download it again
svn:r17756
2008-12-23 21:17:52 +00:00
Nick Mathewson
029be5ad02 Move in-addr.arpa parsing and generation into address.c, and simplify the code that does it elsewhere. Incidentally, this lets exit servers answer requests for ip6.arpa addresses.
svn:r17707
2008-12-19 18:52:00 +00:00
Nick Mathewson
c67bd80487 Make cell pools always-on.
svn:r17692
2008-12-18 17:28:50 +00:00
Nick Mathewson
bf80e2df3f Replace calls to time(NULL) that occur on the order of once per read, one per write, or once per cell with calls to a function that looks at a cached value of time. This is tricksy to benchmark, since it will only help on systems where time() is a syscall and syscalls are relatively slow.
svn:r17690
2008-12-18 17:19:04 +00:00
Nick Mathewson
b6f89a647a One log.c XXX021 was a misunderstanding. Also, clip log messages passed to syslog to their maximum length when there is a maximum.
svn:r17688
2008-12-18 17:18:06 +00:00
Nick Mathewson
cebdf93949 Fix bug 889: share deep-copied keys between threads to avoid races in reference counts. Bugfix on 0.1.0.1-rc.
svn:r17672
2008-12-18 05:28:27 +00:00
Nick Mathewson
676175103d Fix a valgrind-located memory stomp. Bugfix on 0.2.1.6-alpha.
svn:r17667
2008-12-18 04:27:23 +00:00
Nick Mathewson
5c235cb5ec Fix memory leak in rend_cache_store_v2_desc_as_client(), and refactor the function to use the "goto err" idiom.
svn:r17665
2008-12-18 00:11:49 +00:00
Nick Mathewson
7d92053286 Remove RedirectExit feature; it has been deprecated since 0.2.0.3-alpha
svn:r17663
2008-12-17 23:02:04 +00:00
Nick Mathewson
2ad36f68c8 Rename ServerDNSAllowBrokenResolvConf to ServerDNSAllowBrokenConfig.
(Many users have no idea what a resolv.conf is, and shouldn't be forced to learn.  The old option will keep working for now.)
Also, document it.

svn:r17661
2008-12-17 22:58:14 +00:00
Roger Dingledine
03f413f5c7 declare that we're putting out 0.2.1.9-alpha next week
svn:r17659
2008-12-17 22:46:00 +00:00
Roger Dingledine
048f2a179b Clip the MaxCircuitDirtiness config option to a minimum of 10
seconds. Warn the user if lower values are given in the
configuration. Bugfix on 0.1.0.1-rc. Patch by Sebastian.
Clip the CircuitBuildTimeout to a minimum of 30 seconds. Warn the
user if lower values are given in the configuration. Bugfix on
0.1.1.17-rc. Patch by Sebastian.


svn:r17657
2008-12-17 22:32:17 +00:00
Nick Mathewson
7678ac5193 Move edge-only flags from connection_t to edge_connection_t.
svn:r17643
2008-12-17 14:59:28 +00:00
Nick Mathewson
26632d59dd Rename or_is_obsolete and move it to or_connection_t where it belongs.
svn:r17642
2008-12-17 14:59:19 +00:00
Nick Mathewson
e53ffaa4e4 Don't extend circuits over noncanonical connections with mismatched addresses.
Also, refactor the logic to check whether we will use a connection or
launch a new one into a new function.

svn:r17628
2008-12-15 21:17:53 +00:00
Nick Mathewson
51c29e1e24 Apply rovv's bug 805 fix: take more care never to prefer a non-canonical connection.
svn:r17627
2008-12-15 21:17:43 +00:00
Roger Dingledine
5822e14dc9 When a stream at an exit relay is in state "resolving" or
"connecting" and it receives an "end" relay cell, the exit relay
would silently ignore the end cell and not close the stream. If
the client never closes the circuit, then the exit relay never
closes the TCP connection. Bug introduced in Tor 0.1.2.1-alpha;
reported by "wood".


svn:r17625
2008-12-14 19:40:56 +00:00
Nick Mathewson
a4a481d81c Implement proposal 148: Make client stream end reasons uniform.
This patch makes every RELAY_COMMAND_END cell that we send pass through one of two functions: connection_edge_end and relay_send_end_cell_from_edge.  Both of these functions check the circuit purpose, and change the reason to MISC if the circuit purpose means that it's for client use.

svn:r17612
2008-12-12 20:30:42 +00:00
Nick Mathewson
5fb2ab1e65 Implement the /tor/keys/fp-sk/ URL format. That mostly finishes the server side of 157.
svn:r17611
2008-12-12 19:05:36 +00:00
Nick Mathewson
69ce955484 Add cross-certification to authority key certificates. Partial implementation of proposal 157.
svn:r17610
2008-12-12 18:31:39 +00:00
Nick Mathewson
f3b52e331e Avoid multiple descriptor-fetch connections to authorities. Fixes bug 366.
svn:r17594
2008-12-11 19:12:55 +00:00
Roger Dingledine
65c71a5a9e put recent release blurbs into the changelog; fix a typo in tor-spec.
svn:r17586
2008-12-11 17:18:03 +00:00
Nick Mathewson
240ee1866b Add experimental support for learning svn revision number in git-svn based repositories. Fancy.
svn:r17581
2008-12-11 06:52:24 +00:00
Karsten Loesing
eb09eebeda Give credit to John Brooks for finding bug 874.
svn:r17571
2008-12-10 23:58:17 +00:00
Karsten Loesing
d03d1d04d5 Modify ChangeLog for bug 874.
svn:r17570
2008-12-10 23:51:59 +00:00
Nick Mathewson
d8027aa689 Fix a logic error that would automatically reject all but the first configured DNS server. Bugfix on 0.2.1.5-alpha. Possible fix for part of 813/868. Spotted by coderman
svn:r17569
2008-12-10 22:57:41 +00:00
Nick Mathewson
53d3f812bd Add new internal-use-only option for controllers to use to prevent SIGHUP from reloading the configuration. Fixes bug 856.
svn:r17567
2008-12-10 22:17:02 +00:00
Nick Mathewson
9aa706e20c Bug 691 fix: do not shutdown Tor servers right away if the network is down.
svn:r17566
2008-12-10 20:45:31 +00:00
Nick Mathewson
355369a27a Oops; that should have been bug 874, not 879. Also in the changelog.
svn:r17565
2008-12-10 18:26:00 +00:00
Nick Mathewson
426b53d85a Apply patch from Karsten to fix bug 879. Backport candidate.
svn:r17562
2008-12-10 18:16:58 +00:00
Nick Mathewson
f117ec8b68 small todo/changelog fixes
svn:r17551
2008-12-10 05:39:27 +00:00
Nick Mathewson
7aa7d1a3e7 Give a better error when something has changed our descriptor cache out from under us. Based on patch from Karsten. Addresses bug 885.
svn:r17550
2008-12-10 03:01:26 +00:00
Roger Dingledine
d7bf7e0b32 When a directory authority gives us a new guess for our IP address,
log which authority we used. Hopefully this will help us debug
the recent complaints about bad IP address guesses.


svn:r17549
2008-12-10 01:46:51 +00:00
Roger Dingledine
145e589b6c Resume using the correct "REASON=" stream when telling the
controller why we closed a stream. Bugfix in 0.2.1.1-alpha.


svn:r17547
2008-12-10 01:34:24 +00:00
Nick Mathewson
d60d8976b9 Better error message when told to setuid to ourself.
svn:r17543
2008-12-09 23:26:12 +00:00
Nick Mathewson
8990dbcf7a Redivide 0.2.1 items into do,nice-to-have,and defer.
svn:r17539
2008-12-09 20:48:22 +00:00
Nick Mathewson
a7b4a7b9f8 Finally remove deprecated-since-0.1.2.4-alpha EXTENDED_FORMAT synonym for EXTENDED_EVENTS
svn:r17538
2008-12-09 19:55:19 +00:00
Nick Mathewson
0280a72500 Add a new status event for consensus arrival
svn:r17535
2008-12-09 18:16:41 +00:00
Roger Dingledine
262dd2bae1 drop confusing and probably not so big changelog entry
svn:r17517
2008-12-08 00:14:13 +00:00
Roger Dingledine
e5be0504ab When the client is choosing entry guards, now it selects at most
one guard from a given relay family. Otherwise we could end up with
all of our entry points into the network run by the same operator. 
Suggested by Camilo Viecco. Fix on 0.1.1.11-alpha.

Not a backport candidate, since I think this might break for users
who only have a given /16 in their reachableaddresses, or something
like that.


svn:r17514
2008-12-08 00:04:29 +00:00
Roger Dingledine
f31c16d993 Directory mirrors no longer fetch the v1 directory or
running-routers files. They are obsolete, and nobody asks for them
anymore. This is the first step to making v1 authorities obsolete.


svn:r17513
2008-12-07 23:53:39 +00:00
Roger Dingledine
21892d8a9c cleanups on r17500
svn:r17501
2008-12-07 01:34:45 +00:00
Jacob Appelbaum
6b178b46ef New DirPortFrontPage option that takes an html file and publishes it as "/" on the DirPort. Now relay operators can provide a disclaimer without needin to set up a separate webserver. There's a sample disclaimer in contrib/tor-exit-notice.html.
svn:r17500
2008-12-07 01:21:19 +00:00
Roger Dingledine
ba985f8576 format cleanups on changelog. prepare to release today.
svn:r17497
2008-12-07 00:30:14 +00:00
Nick Mathewson
2be5215181 Fix a hard-to-trigger memory leak in log_credential status. Found by Coverity scan. CID 349.
svn:r17484
2008-12-05 01:29:59 +00:00
Nick Mathewson
a26188cee9 fix bug 880: find the end of an authority cert by looking for the first ----END SIGNATURE----- after the first dir-key-certification, not for the first ----END SIGNATURE. Harmless bug, but it made us non-spec-compliant.
svn:r17470
2008-12-03 03:42:19 +00:00
Nick Mathewson
37bd9181f0 Do not use O_APPEND on fd-based operations that do not really want it; have them just lseek instead.
svn:r17460
2008-12-02 23:49:40 +00:00
Nick Mathewson
bd6b3072f9 Change logging code to use fds instead of stdio. Fixes bug 861, and probably makes logging slightly faster. Not a backport candidate: bug 861 is too obscure and harmless.
svn:r17456
2008-12-02 23:36:58 +00:00
Nick Mathewson
9c65195449 Apply rovv's patch for bug 864: avoid null error on detached signature handling failure.
svn:r17446
2008-12-02 19:13:23 +00:00
Nick Mathewson
60738daf85 Define socklen_t before using it in compat.h
svn:r17444
2008-12-02 18:54:47 +00:00
Nick Mathewson
651a0a2fb5 Stop marking bsearch_idx as pure; it is not.
svn:r17393
2008-11-26 16:57:46 +00:00
Nick Mathewson
bc597758dc Use fcntl for file locking when flock() is not available.
svn:r17391
2008-11-26 16:10:56 +00:00
Nick Mathewson
c7910c3bc9 Consider GetNetworkParams() nameserver parsing to have suceeded if even one nameserver can be added. Log more useful info about what exactly is failing when we fail to add a nameserver.
svn:r17368
2008-11-22 21:46:34 +00:00
Roger Dingledine
f722978288 and forward-port those
svn:r17359
2008-11-22 05:14:12 +00:00
Karsten Loesing
02fe9edf7c Correct ChangeLog entry.
svn:r17321
2008-11-17 21:50:42 +00:00
Nick Mathewson
bdc0aec00a Update _log_global_min_severity after switch_logs_debug(), so that USR2 will work again. Bugfix on 0.1.2.8-beta. Spotted by Geoff Down.
svn:r17317
2008-11-17 19:58:51 +00:00
Nick Mathewson
0fa698d84f apply sebastian's bug 867 fix: make routerset_equal() work as documented with NULL arguments
svn:r17287
2008-11-16 18:25:20 +00:00
Karsten Loesing
6d7951c022 Fix a possible segfault when establishing an exit connection. Bugfix on 0.2.1.5-alpha.
svn:r17275
2008-11-16 01:52:44 +00:00
Nick Mathewson
c36ddcbabf Apparently sparc64 is way more strict about uint16_t access alignment than I had thought: it gave bus errors when messing with var-cell headers. Maybe this patch will fix bug 862.
svn:r17262
2008-11-12 14:41:44 +00:00
Nick Mathewson
997aea74dc Fix from rovv: when adding a detached signature, do not automatically assume it is good just because we are adding it. We might also be adding it because it was the first signature we saw for a given voter.
svn:r17248
2008-11-11 16:35:46 +00:00
Nick Mathewson
8157b8b766 be less aggressive about deleting expired certs. based on patch from rovv. partial fix for bug 854.
svn:r17246
2008-11-11 16:01:57 +00:00
Nick Mathewson
e08cbe2029 Add PURPOSE= field to getinfo circuit-status. With luck, controllers are ignoring extra fields (like they are supposed to) and this will not break any controllers.
svn:r17245
2008-11-11 15:59:24 +00:00
Nick Mathewson
a95e0e7355 apply sebastian's fix for bug 859. Apparently on win32 one must lock at least one byte when locking, but locking a nonexistant byte is okay. )
svn:r17244
2008-11-11 15:29:40 +00:00
Roger Dingledine
5d19fe5124 bump to 0.2.1.7-alpha
svn:r17217
2008-11-08 06:43:32 +00:00
Nick Mathewson
5e2cdc1666 When we get a duplicated certificate, treat it as a failure and increment the download count. Do not claim to be downloading certificates that we merely want.
svn:r17209
2008-11-07 14:01:44 +00:00
Nick Mathewson
a15bdd3edd patch from karsten to not use or accept expired certs. fixes bug 851.
svn:r17208
2008-11-07 13:38:49 +00:00
Roger Dingledine
311b8b274c minor changelog cleanups. declare that friday is when we release it.
svn:r17207
2008-11-07 05:11:41 +00:00
Steven Murdoch
9d68ed08e9 Patch from Jacob Appelbaum and me to make User option more robust, properly set supplementary groups, deprecated the Group option, and log more information on credential switching
svn:r17200
2008-11-07 02:06:12 +00:00
Nick Mathewson
3ebd1ebeca The chunk_size field in memarea_t was never actually set. Remove the whole thing.
svn:r17195
2008-11-05 20:34:22 +00:00
Nick Mathewson
73c6cb8353 Fix unit test failure related to intro point parsing.
svn:r17188
2008-11-03 16:36:15 +00:00
Nick Mathewson
69cda76168 missing changelog for 0x20 hack
svn:r17185
2008-11-03 15:45:27 +00:00
Nick Mathewson
8c78a68cc0 Move changelog entry to correct section
svn:r17180
2008-11-01 20:28:10 +00:00
Nick Mathewson
c534b96e58 Fix an assertion failure on double-marked circuits, and a double-mark.
svn:r17179
2008-11-01 20:27:41 +00:00
Nick Mathewson
c8a5e2d588 Work better with tools that resist DNS poisoning by using the 0x20 hack: make DNSPort replies perserve case.
svn:r17170
2008-10-29 15:31:26 +00:00
Nick Mathewson
361086005c Fix a possible negative shift in address comparison. May fix bug 845 and bug 811
svn:r17169
2008-10-29 13:29:54 +00:00
Nick Mathewson
ee31e0829e Verify cpath_layer match on rendezvous cells too. Fixes another case of bug 446. Based on patch from rovv.
svn:r17162
2008-10-27 16:46:45 +00:00
Nick Mathewson
b166a43cb6 Fix another case of refusing to use a chosen exit node because we think it will reject _mostly_ everything. Based on patch from rovv. See bug 752.
svn:r17139
2008-10-21 17:09:04 +00:00
Nick Mathewson
5e762e6a5c Fix the rest of bug 619: reject *:* servers should not do DNS lookups, even if broken clients send them RELAY_BEGIN cells. Patch from rovv.
svn:r17138
2008-10-21 16:51:59 +00:00
Nick Mathewson
b593fd5c20 Patch from rovv: send back END cell in response to connect attempts to nonexistent hidden service port.
svn:r17137
2008-10-21 16:41:20 +00:00
Roger Dingledine
bca46cc628 backport candidate:
The "ClientDNSRejectInternalAddresses" config option wasn't being
consistently obeyed: if an exit relay refuses a stream because its
exit policy doesn't allow it, we would remember what IP address
the relay said the destination address resolves to, even if it's
an internal IP address. Bugfix on 0.2.0.7-alpha; patch by rovv.


svn:r17135
2008-10-17 22:08:49 +00:00
Roger Dingledine
d374dc94e5 fix changelog entry for proposal 155, patch 1
svn:r17113
2008-10-15 22:01:17 +00:00
Roger Dingledine
a5769eefa4 patch4 from proposal 155:
Hidden services start out building five intro circuits rather
than three, and when the first three finish they publish a service
descriptor using those. Now we publish our service descriptor much
faster after restart.


svn:r17110
2008-10-15 20:59:48 +00:00
Roger Dingledine
d06182f0bd add patch2 from proposal 155:
Launch a second client-side introduction circuit in parallel
after a delay of 15 seconds (based on work by Christian Wilms).


svn:r17108
2008-10-15 18:52:06 +00:00
Roger Dingledine
4520500cde put in karsten's patch #1 for proposal 155, modified
svn:r17106
2008-10-15 00:36:09 +00:00
Nick Mathewson
846e40d193 Patch from rovv: when we have no pending streams, choose exits with choose_good_exit_server_general() rather than with circuit_get_unhandled_ports() and friends. Bugfix on 0.1.1.x, at least.
svn:r17091
2008-10-14 17:05:52 +00:00
Roger Dingledine
d7cfa1f56c Minor fix in the warning messages when you're having problems
bootstrapping; also, be more forgiving of bootstrap problems when
we're still making incremental progress on a given bootstrap phase.


svn:r17066
2008-10-13 03:34:29 +00:00
Roger Dingledine
37883ca4bc put the 0.2.1.6-alpha blurb into the changelog
svn:r17059
2008-10-12 00:51:02 +00:00
Roger Dingledine
c7af43a624 Now NodeFamily and MyFamily config options allow spaces in
identity fingerprints, so it's easier to paste them in.
Suggested by Lucky Green.


svn:r17021
2008-10-01 03:41:33 +00:00
Roger Dingledine
a04baf14b6 bump to 0.2.1.6-alpha, and note that the exclude*nodes config
discussion hasn't finished.


svn:r17011
2008-09-30 09:37:18 +00:00
Nick Mathewson
25f8335528 Include circuit purposes in circuit events. Now all circuit events are extended; this makes the code simpler.
svn:r17007
2008-09-29 22:34:22 +00:00
Roger Dingledine
26aa741169 Remove the old v2 directory authority 'lefkada' from the default
list. It has been gone for many months.


svn:r17005
2008-09-29 19:27:20 +00:00
Nick Mathewson
ae3ce7b387 Patch from mwenge: update TrackHostExits mapping expiry times when the mappings are used, so that they expire a while after their last use, not a while after their creation.
svn:r17004
2008-09-29 14:53:53 +00:00
Nick Mathewson
ee0078ead4 Make tor-resolve take a -p port option in addition to the current host:port syntax.
svn:r17002
2008-09-29 14:18:47 +00:00
Roger Dingledine
9678f166a8 If we have correct permissions on $datadir, we complain to stdout
and fail to start. But dangerous permissions on
$datadir/cached-status/ would cause us to open a log and complain
there. Now complain to stdout and fail to start in both cases. Fixes
bug 820, reported by seeess.


svn:r16998
2008-09-29 10:09:05 +00:00
Roger Dingledine
c846979ab7 Fix a bug where an unreachable relay would establish enough
reachability testing circuits to do a bandwidth test -- if
we already have a connection to the middle hop of the testing
circuit, then it could establish the last hop by using the existing
connection. Bugfix on 0.1.2.2-alpha, exposed when we made testing
circuits no longer use entry guards in 0.2.1.3-alpha.


svn:r16997
2008-09-29 09:36:42 +00:00
Roger Dingledine
81b216086b rearrange the changelog a bit more
svn:r16996
2008-09-29 09:30:06 +00:00
Roger Dingledine
57942415ef changelog cleanups. give 0.2.1.6-alpha a deadline.
svn:r16995
2008-09-29 06:54:32 +00:00
Nick Mathewson
99755f374d Fix 0/0 calculation in get_weighted_fractional_uptime().
svn:r16994
2008-09-28 15:48:36 +00:00
Nick Mathewson
bb1685318c Commit fix for bug 807 from mwenge: send CLOSED controller event for reverse dns resolve, not FAILED.
svn:r16985
2008-09-26 20:25:35 +00:00
Nick Mathewson
e147e867be Proposal 152 implementation from Josh Albrecht, with tweaks.
svn:r16983
2008-09-26 18:58:45 +00:00
Nick Mathewson
e7e12236ac Code to serve a current stability calculations from /tor/dbg-stability.txt. Untested: somebody please run this on an authority and let me know if it is broken.
svn:r16981
2008-09-26 18:02:48 +00:00
Nick Mathewson
ae33d3ead7 Apply rovv's fix for bug 824.
svn:r16975
2008-09-26 15:30:26 +00:00
Nick Mathewson
8bbbbaf87b Add country-code support to configured node lists to implement the ever-popular "no exits in Monaco" feature (ExcludeExitNodes {MC}). Also allow country codes and IP ranges in ExitNodes. (EntryNodes needs more work.) Based on code by Robert Hogan. Needs more testing.
svn:r16966
2008-09-25 20:21:35 +00:00
Karsten Loesing
6bb4492a6f Having two "Major features:" sections seems too much of a good thing.
svn:r16962
2008-09-25 09:53:19 +00:00
Karsten Loesing
f2ff3e74ae All relays now store and serve v2 hidden service descriptors by default (not only directory mirrors).
svn:r16961
2008-09-24 22:33:47 +00:00
Karsten Loesing
9a7098487b If we are not using BEGIN_DIR cells, don't attempt to contact hidden service directories with non-open dir port.
svn:r16960
2008-09-24 22:29:22 +00:00
Roger Dingledine
8dfe8194c9 changelog cleanup / rearranging
svn:r16957
2008-09-24 17:01:43 +00:00
Nick Mathewson
8bc1536a9e Add patch 4 from Karsten for proposal 121, slightly modified. Karsten should definitely re-review the bits I changed.
svn:r16955
2008-09-24 14:44:29 +00:00
Roger Dingledine
f59c13b7a3 fix a bad typo, add a missing word
svn:r16946
2008-09-23 21:01:54 +00:00
Nick Mathewson
75977fd79b Patch from roger for 752, but with more comments: When we get an A.B.exit:P address, and B would reject most connections to P, but we do not know whether it would allow A, then allow the connection to procede. Bugfix, amusingly, on 0.0.9rc5.
svn:r16944
2008-09-23 20:25:01 +00:00
Nick Mathewson
545b317e1f Fix for bug 797 (by arma, with tweaks): always use create_fast for circuits where we do not know an onion key.
svn:r16942
2008-09-23 20:13:23 +00:00
Nick Mathewson
f28fc83ea5 More logging for mtbf/wfu calculations.
svn:r16941
2008-09-23 18:24:20 +00:00
Roger Dingledine
29abfab8bf Update to the "September 1 2008" ip-to-country file.
svn:r16940
2008-09-23 09:51:05 +00:00
Nick Mathewson
b0c48d8e45 Oops; we need to make sure that DNS request names are matched in the _questions_ section of the replies. Rejecting answers whether the _answers_ section did not match made us reject A records waiting at the end of a CNAME record. Bug 823.
svn:r16933
2008-09-22 20:06:25 +00:00
Roger Dingledine
4fd9880540 give rend_client_desc_here a slightly more accurate name
svn:r16916
2008-09-16 10:26:15 +00:00
Roger Dingledine
38f2272d5d patch from karsten for bug 814. whew.
svn:r16915
2008-09-16 10:17:04 +00:00
Roger Dingledine
dbb481c169 Serve the latest v3 networkstatus consensus via the control
port. Use "getinfo dir/status-vote/current/consensus" to fetch it.


svn:r16907
2008-09-14 04:07:29 +00:00
Roger Dingledine
2d95accc75 Allow ports 465 and 587 in the default exit policy again. We had
rejected them in 0.1.0.15, because back in 2005 they were commonly
misconfigured and ended up as spam targets. We hear they are better
locked down these days.


svn:r16898
2008-09-13 10:04:42 +00:00
Karsten Loesing
f0a5ef804f Directory mirrors store and serve v2 hidden service descriptors by default.
svn:r16858
2008-09-11 20:06:04 +00:00
Roger Dingledine
2f18370821 and here too
svn:r16835
2008-09-10 19:08:46 +00:00
Nick Mathewson
1203850350 Coverity says it is okay to acknowledge them. Do so. Their tool is awesome.
svn:r16820
2008-09-10 00:06:07 +00:00
Nick Mathewson
f95d7c189b Refactor unit test macros and tor_free_all() logic a bit so as to make it easier to free memory on failing tests, in order to suppress scanner warnings and to make dmalloc() usable with tests.
svn:r16816
2008-09-09 20:43:31 +00:00
Roger Dingledine
fa64d8041f minor cleanups on karsten's patch
svn:r16810
2008-09-09 09:21:21 +00:00
Roger Dingledine
ef7af1d61e karsten's patch for bug 767.
svn:r16808
2008-09-09 08:41:58 +00:00
Roger Dingledine
d37fae2f4e Catch and report a few more bootstrapping failure cases when Tor
fails to establish a TCP connection. Cleanup on 0.2.1.x.


svn:r16803
2008-09-09 06:25:39 +00:00
Nick Mathewson
aacda9cd8e We should not alter an addr_policy_t that has been canonicalized.
svn:r16802
2008-09-09 03:48:01 +00:00
Roger Dingledine
346ca2d48e forward-port the 0.2.0.31 changelog
svn:r16800
2008-09-08 19:50:29 +00:00
Nick Mathewson
67327a863a Fix a variable handling mistake when testing for libevent functions in configure.in. Found by Riastradh.
svn:r16793
2008-09-08 01:57:02 +00:00
Nick Mathewson
baeb260ad1 Refactor use of connection_new so that we get more verifiable typesafety.
svn:r16785
2008-09-05 22:09:44 +00:00
Nick Mathewson
cd5d0f3890 Add changelog for scanner-based stuff.
svn:r16784
2008-09-05 21:21:18 +00:00
Nick Mathewson
fa2f72ded7 An asterisk makes a difference sometimes. Fixes bug 809.
svn:r16758
2008-09-04 20:42:02 +00:00
Nick Mathewson
f80ac31d74 Add a lockfile to the Tor data directory to avoid situations where two Tors start with the same datadir, or where a --list-fingerprints races with a server to create keys, or such.
svn:r16722
2008-09-01 20:06:26 +00:00
Roger Dingledine
6942bd66ea Fix compile on OpenBSD 4.4-current. Bugfix on 0.2.1.5-alpha.
Reported by Tas.


svn:r16713
2008-09-01 08:01:22 +00:00
Roger Dingledine
71968e7af9 further changelog cleanups
svn:r16707
2008-08-31 22:30:08 +00:00
Karsten Loesing
4347579085 Changelog entry for implementation of proposal 121.
svn:r16706
2008-08-31 22:23:32 +00:00
Peter Palfrader
94c3515092 A short changelog entry for the consensus changes
svn:r16705
2008-08-31 22:18:37 +00:00
Roger Dingledine
845a7017bc clean up 0.2.1.5-alpha changelog
svn:r16704
2008-08-31 22:08:34 +00:00
Roger Dingledine
cfff21e78a backport candidate:
If not enough of our entry guards are available so we add a new
one, we might use the new one even if it overlapped with the
current circuit's exit relay (or its family). Anonymity bugfix
pointed out by rovv.


svn:r16698
2008-08-31 06:33:39 +00:00
Nick Mathewson
80168d80d4 r17853@tombo: nickm | 2008-08-22 12:55:00 -0400
Oops.  We had been telling people to use --with-ssl-dir, which had not worked since 0.2.0.1-alpha: --with-openssl-dir was the one that worked.  Make them both work, document --with-openssl-dir, and mark --with-ssl-dir as obsolete.  Found by "Dave".


svn:r16625
2008-08-22 16:55:28 +00:00
Nick Mathewson
fc52d85b7c r17846@tombo: nickm | 2008-08-22 11:54:00 -0400
Make dns resolver code more robust: handle nameservers with IPv6 addresses, make sure names in replies match requested names, make sure origin address of reply matches the address we asked.


svn:r16621
2008-08-22 16:24:43 +00:00
Roger Dingledine
8f5642edbc Relays now reject risky extend cells: if the extend cell includes
a digest of all zeroes, or asks to extend back to the relay that
sent the extend cell, tear down the circuit. Ideas suggested
by rovv.


svn:r16605
2008-08-20 05:21:43 +00:00
Nick Mathewson
fcf817f897 Switch global_identifier on connections to a 64-bit field and move it to connection_t. When procession onionskins, look up the connection by this field rather than by addr:port. This will keep us from dropping onionskins. How many dropped circuits are dropped because of this bug?
svn:r16558
2008-08-15 13:55:01 +00:00
Nick Mathewson
30422b5df1 Rate-limit "too-many-sockets" messages; they can get needlessly verbose.
svn:r16480
2008-08-09 15:35:37 +00:00
Nick Mathewson
22259a0877 The first of Karsten's proposal 121 patches: configure and maintain client authorization data. Tweaked a bit: see comments on or-dev.
svn:r16475
2008-08-08 14:36:11 +00:00
Nick Mathewson
5ab6fe0051 r17680@tombo: nickm | 2008-08-07 16:06:30 -0400
Add a missing safe_str for a debug_log_message.  Fix the bad part of bug 674.


svn:r16462
2008-08-07 20:06:40 +00:00
Nick Mathewson
b81d70addb Oops. On recent linux kernels we were not detecting the linux/netfilter_ipv4.h header properly, since we needed to have in_addr and in6_addr and __u32 defined before trying to include it. Fix that.
svn:r16460
2008-08-07 19:39:52 +00:00
Nick Mathewson
635f3c8aee r17664@tombo: nickm | 2008-08-06 12:32:09 -0400
Patch from Christopher Davis: open /dev/pf before dropping privileges.  Fixes bug 782.  Backport candidate.


svn:r16450
2008-08-06 16:32:17 +00:00
Nick Mathewson
2905291af2 r17659@tombo: nickm | 2008-08-06 12:22:11 -0400
Fix bug 794: recover 3 bytes wasted per memory chunk.  Fix from rovv.


svn:r16447
2008-08-06 16:22:25 +00:00
Roger Dingledine
b79fe6a0db bump to 0.2.1.4-alpha-dev, add a future todo item
svn:r16440
2008-08-05 23:33:43 +00:00
Nick Mathewson
960a0f0a99 r17641@31-33-44: nickm | 2008-08-05 16:07:53 -0400
Initial conversion of uint32_t addr to tor_addr_t addr in connection_t and related types.  Most of the Tor wire formats using these new types are in, but the code to generate and use it is not.  This is a big patch.  Let me know what it breaks for you.


svn:r16435
2008-08-05 20:08:19 +00:00
Roger Dingledine
d01813a8dd Take out the TestVia config option, since it was a workaround for
a bug that was fixed in Tor 0.1.1.21.


svn:r16409
2008-08-05 00:12:05 +00:00
Roger Dingledine
18d3153fbb get closer to a release
svn:r16408
2008-08-05 00:00:35 +00:00
Roger Dingledine
d5bb361977 minor fixes
svn:r16407
2008-08-04 23:59:38 +00:00
Karsten Loesing
1fe07f66f4 In some edge cases it occurs that the router descriptor of a previously picked introduction point becomes obsolete. In that case, don't stick to using that introduction point, but simply give up on it. Reverts some part of r15825.
svn:r16404
2008-08-04 23:35:12 +00:00
Karsten Loesing
f51bf847ab Add changelog entries for r16372 and r16375.
svn:r16376
2008-08-03 19:27:19 +00:00
Karsten Loesing
3c9cd463d2 Fix a false assertion when extending a circuit to a relay to which a connection is already established. In that case the circuit should not need to memorize extend info for that relay. circuitbuild.c:389 contains a similar assertion.
svn:r16375
2008-08-03 17:45:24 +00:00
Roger Dingledine
fd4a30d198 bump to 0.2.1.3-alpha
svn:r16369
2008-08-03 05:35:42 +00:00
Nick Mathewson
1a76cd179a When a struct ends with char a[1], the size of all earlier members of the struct is _not_ sizeof(st)-1; compilers add alignment. Problem spotted by rovv. Backport candidate.
svn:r16302
2008-07-31 12:18:14 +00:00
Nick Mathewson
186097906d r17436@tombo: nickm | 2008-07-30 09:03:19 -0400
Move n_addr, n_port, and n_conn_id_digest fields of circuit_t into a separately allocated extend_info_t.  Saves 22 bytes per connected circuit_t on 32-bit platforms, and makes me more comfortable with using tor_addr_t in place of uint32_t n_addr.


svn:r16257
2008-07-30 13:04:32 +00:00
Nick Mathewson
ea95ce25b6 r17323@aud-055: nickm | 2008-07-23 17:58:25 +0200
Implement most of proposal 110.


svn:r16156
2008-07-23 15:58:38 +00:00
Nick Mathewson
15b2b8bd69 r17309@aud-055: nickm | 2008-07-23 16:05:43 +0200
Patch from Christian Wilms: remove (HiddenService|Rend)(Exclude)?Nodes options.  They never worked properly, and nobody seems to be using them.  Resolves bug 754.


svn:r16144
2008-07-23 14:07:32 +00:00
Nick Mathewson
cc46b23248 r17308@aud-055: nickm | 2008-07-23 15:57:41 +0200
In connection_edge_destroy, send a stream status control event when we have an AP connection.  Previously, we would send an event when the connection was AP and non-AP at the same time.  This didn't work so well.  Patch from Anonymous Remailer (Austria).  Backport candidate.


svn:r16143
2008-07-23 14:07:26 +00:00
Nick Mathewson
087094961b r17302@aud-055: nickm | 2008-07-23 14:55:28 +0200
Never allow a circuit to be created with the same circid as a circuit that has been marked for close.  May be a fix for bug 779.  Needs testing.  Backport candidate.


svn:r16136
2008-07-23 12:55:55 +00:00
Nick Mathewson
c8160bce1f r17188@tombo: nickm | 2008-07-18 14:35:18 -0400
Add new ExcludeExitNodes option.  Also add a new routerset type to handle Exclude[Exit]Nodes.  It is optimized for O(1) membership tests, so as to make choosing a random router run in O(N_routers) time instead of in O(N_routers*N_Excluded_Routers).


svn:r16061
2008-07-18 18:36:32 +00:00
Nick Mathewson
bdcbd23e23 Stop trying to detect versions of Tor on the server-side older than 0.1.1.15-rc; they simply do not work any more. Also add comment about how or_is_obsolete is a terrible field name.
svn:r15982
2008-07-16 13:15:11 +00:00
Roger Dingledine
9d57007119 integrate the 0.2.0.29-rc items into the release notes
svn:r15954
2008-07-16 00:04:00 +00:00
Roger Dingledine
267e61d0f3 When relays do their initial bandwidth measurement, don't limit
to just our our entry guards for the test circuits. Otherwise we
tend to have multiple test circuits going through a single entry
guard, which makes our bandwidth test less accurate. Fixes part
of bug 654; patch contributed by Josh Albrecht.

(Actually, modify Josh's patch to avoid doing that when you're
a bridge relay, since it would leak more than we want to leak.)


svn:r15850
2008-07-11 21:42:09 +00:00
Karsten Loesing
9231858ff5 Fix bug 763. When a hidden service is giving up on an introduction point candidate that was not included in the last published rendezvous descriptor, don't reschedule publication of the next descriptor.
svn:r15825
2008-07-10 21:02:01 +00:00
Nick Mathewson
cb7cc9e12d r16882@tombo: nickm | 2008-07-10 14:31:25 -0400
Fix for session-related bug found by Geoff Goodell. backport candidate, once tested.


svn:r15821
2008-07-10 18:31:33 +00:00
Nick Mathewson
c5ec7a3677 Stop using __attribute__((nonnull)): It gets us occcasional warnings when we do something so foolish it can be detected without dataflow analysis, but it also eliminates some of our error checking code. Suggested by Peter Gutmann.
svn:r15803
2008-07-09 15:23:23 +00:00
Roger Dingledine
33a1210ec3 fix up a confusion on the release notes (thanks karsten)
svn:r15793
2008-07-09 12:36:26 +00:00
Roger Dingledine
2534bb8fef remove duplicate changelog entries
svn:r15784
2008-07-09 10:28:11 +00:00
Roger Dingledine
dbbcb92cf0 forward-port the 0.2.0.29-rc changelog
svn:r15782
2008-07-09 10:10:37 +00:00
Nick Mathewson
133f011c49 Patch from coderman: detect transparent proxy header correctly on some linux versions.
svn:r15726
2008-07-07 15:09:26 +00:00
Nick Mathewson
0f8761f9fa fix typos in last patch spotted by sebastian and karsten
svn:r15700
2008-07-06 18:47:27 +00:00
Nick Mathewson
615c64efb8 Apply fix from chrisw: call connection_ap_attach_pending when we get a rendezvous2 or rendezvous_established call. This is a bit brute-foce, but it is better than we had before, and might not even show up on profiles. Backport candidate, once tested.
svn:r15699
2008-07-06 18:34:45 +00:00
Nick Mathewson
9d7a2d4eae r16689@tombo: nickm | 2008-07-03 11:03:14 -0400
Fix for bug 742: do not use O_CREAT on 2-option version of open().  Especially do not use it on /dev/null.  Fix from Michael Scherer. Bugfix on 0.0.2pre19 (wow).


svn:r15626
2008-07-03 15:04:16 +00:00
Roger Dingledine
8ac852b965 put in some of the release summaries
svn:r15535
2008-06-28 04:23:26 +00:00
Nick Mathewson
3ec25c2410 r16587@tombo: nickm | 2008-06-28 00:13:40 -0400
fix for bug 704; found by sjmurdoch.  Windows and recent openssl both want to define OCSP_RESPONSE; do not let them.


svn:r15533
2008-06-28 04:16:17 +00:00
Roger Dingledine
aec928e0b6 Send a bootstrap problem "warn" event on the first problem if the
reason is NO_ROUTE (that is, our network is down).


svn:r15443
2008-06-24 08:00:30 +00:00
Roger Dingledine
470f89119a annotate some changelog entries
svn:r15442
2008-06-24 07:40:46 +00:00
Roger Dingledine
52c5014081 Change the contrib/tor.logrotate script so it makes the new
logs as "_tor:_tor" rather than the default, which is generally
"root:wheel". Fixes bug 676, reported by Serge Koksharov.

Andrew, you should check if this breaks the rpm building (or if
it makes it work better)


svn:r15404
2008-06-22 07:15:18 +00:00
Roger Dingledine
21cc898a46 mark changelog bugfixes with what version they're from
svn:r15384
2008-06-21 04:25:10 +00:00
Roger Dingledine
a2a3d1e329 prepare for the 0.2.1.2-alpha release. we will tag
sometime today. get your fixes in soon. :)


svn:r15371
2008-06-20 06:26:58 +00:00
Roger Dingledine
8fa912a8c5 If we close our OR connection because there's been a circuit
pending on it for too long, we were telling our bootstrap status
events "REASON=NONE". Now tell them "REASON=TIMEOUT".


svn:r15369
2008-06-20 04:42:17 +00:00
Roger Dingledine
94dabd2c23 If you're using bridges, generate "bootstrap problem" warnings
as soon as you run out of working bridges, rather than waiting
for ten failures -- which will never happen if you have less than
ten bridges.


svn:r15368
2008-06-20 04:34:39 +00:00
Roger Dingledine
dd50ffb1de Big bridge bugfixes. Backport candidates.
If you have more than one bridge but don't know their keys,
you would only learn a request for the descriptor of the first one
on your list. (Tor considered launching requests for the others, but
found that it already had a connection on the way for $0000...0000
so it didn't open another.)
If you have more than one bridge but don't know their keys, and the
connection to one of the bridges failed, you would cancel all
pending bridge connections. (After all, they all have the same
digest.)


svn:r15366
2008-06-20 03:13:16 +00:00
Roger Dingledine
c6a94718cd Directory authorities shouldn't complain about bootstrapping
problems just because they do a lot of reachability testing and
some of the connection attempts fail. 


svn:r15348
2008-06-18 07:34:04 +00:00
Karsten Loesing
693d7e3e35 When establishing a hidden service, introduction points that originate from cannibalized circuits are completely ignored and not included in rendezvous service descriptors. Bugfix on 0.2.0.14-alpha. Backport candidate.
svn:r15332
2008-06-17 17:10:03 +00:00
Roger Dingledine
1ad83d74b1 Send an initial "Starting" bootstrap status event, so we have a
state to start out in.


svn:r15326
2008-06-17 08:15:42 +00:00
Nick Mathewson
dd6324b0c6 More bug 707 fixes: no #if/#endif pairs inside macro arguments.
svn:r15307
2008-06-16 18:35:21 +00:00
Nick Mathewson
6299f4429a Clean up a macro/cpp interaction related to bug 707. Also, add a new "filename" config value type which is currently just a synonym for string, but which might be subject to expansion later.
svn:r15305
2008-06-16 18:09:53 +00:00
Nick Mathewson
44452c2756 r16341@tombo: nickm | 2008-06-15 22:04:25 -0400
Allow spaces to be omitted in approved-router file fingerprints. Requested by arma.


svn:r15296
2008-06-16 02:08:30 +00:00
Nick Mathewson
0831cc3dbc Patch from Karsten to implement proposal 135 ("Testing Tor Networks").
svn:r15253
2008-06-14 16:01:29 +00:00
Peter Palfrader
4ef606b8fc implement proposal 138: removing down routers from consensus
svn:r15230
2008-06-13 21:22:49 +00:00
Peter Palfrader
1f3dc9b22b Asking for a conditional consensus at .../consensus/<fingerprints> would crash
a dirserver if it did not already have a consensus.


svn:r15227
2008-06-13 18:58:58 +00:00
Nick Mathewson
d4ed91c672 Set dynamic-locking callbacks in openssl. These can be more efficient when openssl uses them.
svn:r15222
2008-06-13 16:35:12 +00:00
Roger Dingledine
b2cd61258e forward-port the 0.2.0.28-rc changelog
svn:r15194
2008-06-13 06:40:36 +00:00
Roger Dingledine
52d3be06f1 steal some of the bootstrap phase strings from vidalia
svn:r15193
2008-06-13 06:23:46 +00:00
Roger Dingledine
ca902b070e make some of the 0.2.1.1-alpha changelog items more prominent
svn:r15186
2008-06-13 05:13:22 +00:00
Roger Dingledine
d395135e2f fix a few typos, and give the bootstrap phase stuff a changelog entry.
svn:r15183
2008-06-13 04:26:05 +00:00
Roger Dingledine
001e2ac918 rearrange 0.2.1.1-alpha changelog
svn:r15177
2008-06-13 02:06:04 +00:00
Nick Mathewson
617843988c r16215@tombo: nickm | 2008-06-12 18:39:03 -0400
Implement code to manually force the OpenSSL client cipher list to match the one recommended in proposal 124, *even if* we do not know all those ciphers.  This is a bit of a kludge, but it is at least decently well commented.


svn:r15173
2008-06-12 22:39:13 +00:00
Roger Dingledine
555450ba73 note that weasel's proposal 134 code is off by default. i believe.
correct me if i'm wrong. :)


svn:r15156
2008-06-12 00:13:35 +00:00
Roger Dingledine
72cf0206d0 remove some duplicate changelog entries from the upcoming 0.2.1.1-alpha
release


svn:r15155
2008-06-12 00:08:25 +00:00
Karsten Loesing
906cf73062 ChangeLog entry for r15149.
svn:r15151
2008-06-11 23:40:17 +00:00
Karsten Loesing
f6997c64c0 Added ChangeLog entry for r15113.
svn:r15114
2008-06-10 23:42:40 +00:00
Nick Mathewson
b87a7760e0 r16129@tombo: nickm | 2008-06-10 14:28:06 -0400
More geoip tweaks.  Include in the file a rough estimator of our total share.


svn:r15099
2008-06-10 18:28:10 +00:00
Nick Mathewson
d0a4ad3a1c r16127@tombo: nickm | 2008-06-10 14:03:01 -0400
Improved code for counting clients by country: support recording by number of directory status requests in addition to number of IPs seen.


svn:r15097
2008-06-10 18:08:56 +00:00
Roger Dingledine
9b626988a6 flush some changes in my sandbox -- ancient changelog typos, etc
svn:r15007
2008-06-07 05:24:47 +00:00
Roger Dingledine
ebab48769d Stop reloading the router list from disk for no reason when we
run out of reachable directory mirrors. Once upon a time reloading
it would set the 'is_running' flag back to 1 for them. It hasn't
done that for a long time.


svn:r15004
2008-06-07 04:56:08 +00:00
Roger Dingledine
ca416a78e3 When we switched to using v3 directories, we threw away the part of
the "do we have enough directory info?" calculation that checked
how many relays we believed to still be running based on our own
experience. So if we went offline, we never gave up trying to make
new circuits; worse, when we came back online we didn't recognize
that we should give all the relays another chance. Bugfix on
0.2.0.9-alpha; fixes bugs 648 and 675.


svn:r14970
2008-06-05 10:57:09 +00:00
Roger Dingledine
953ca6d840 forward-port the 0.2.0.27-rc changelog
svn:r14967
2008-06-05 06:27:58 +00:00
Nick Mathewson
61ac80a914 Ouch. We were sometimes getting openssl compression by default. This is pointless for us, since the overwhelming majority of our cells are encrypted, full of compressed data, or both. This is also harmful, since doing piles of compression is not cheap. Backport candidate once more tested.
svn:r14830
2008-05-29 14:39:56 +00:00
Nick Mathewson
ac330d9ba7 New code to implement proposal for local geoip stats. Only enabled with --enable-geoip-stats passed to configure.
svn:r14802
2008-05-29 02:29:35 +00:00
Nick Mathewson
6bfa96bfc7 Fix bug noted by roger: rebuild extrainfo store from time to time, even if we have never actually downloaded an extrainfo. Bridge authorities need this, or they never clean the extrainfo store.
svn:r14792
2008-05-29 00:44:57 +00:00
Nick Mathewson
bd3b86df3b Several geoip changes/fixes as requested.
svn:r14780
2008-05-28 18:31:57 +00:00
Nick Mathewson
4ea2a4595e Fix the first part of bug 681, as suggested by Robert Hogan on or-talk.
svn:r14754
2008-05-27 21:02:36 +00:00
Nick Mathewson
9975c4f6f8 Fix part of bug 681: always reattach tunneled directory connections, regardless of the setting for LeaveStreamsUnattached
svn:r14750
2008-05-27 20:26:40 +00:00
Roger Dingledine
a318214f9b and forward-port the 0.2.0.26-rc notes
svn:r14692
2008-05-23 11:54:46 +00:00
Nick Mathewson
da67500336 If the user has an openssl that supports my "release buffer ram" patch, use it.
svn:r14671
2008-05-19 18:13:00 +00:00
Nick Mathewson
0b6b356f71 r19725@catbus: nickm | 2008-05-13 08:47:18 -0400
Forward-port: update authority keys affected by Debian OpenSSL bug (See CVE-2008-0166 or http://lists.debian.org/debian-security-announce/2008/msg00152.html )


svn:r14603
2008-05-13 12:47:27 +00:00
Nick Mathewson
e1ef199cf6 r19714@catbus: nickm | 2008-05-12 17:11:47 -0400
Fwdport Bugfix: an authority signature is "unrecognized" if we lack a dirserver entry for it, even if we have an older cached certificate that says it is recognized.  This affects clients who remove entries from their dirserver list without clearing their certificate cache.


svn:r14597
2008-05-12 21:12:21 +00:00
Nick Mathewson
f3f6ecef48 r19690@catbus: nickm | 2008-05-11 22:13:31 -0400
Implement a proposal to let a directory authority migrate its identity key without ceasing to sign consensuses.


svn:r14584
2008-05-12 02:14:01 +00:00
Roger Dingledine
db874621f4 forward-port recent releases
svn:r14558
2008-05-05 04:08:49 +00:00
Peter Palfrader
3185099126 And a changelog entry
svn:r14454
2008-04-24 15:51:55 +00:00
Nick Mathewson
d02d6660a8 r15308@tombo: nickm | 2008-04-23 16:46:48 -0400
Free baddir and badexit policy lists on exit.  fixes bug 672. only affects authorities.


svn:r14431
2008-04-23 20:47:53 +00:00
Nick Mathewson
41929c2684 r15287@tombo: nickm | 2008-04-22 17:09:25 -0400
Periodically launch requests for server/authority.z when it might help us learn our IP.  Fix for bug 652.


svn:r14418
2008-04-22 21:10:41 +00:00
Roger Dingledine
d72b256f4f When we choose to abandon a new entry guard because we think our
older ones might be better, close any circuits pending on that
new entry guard connection. Bugfix on 0.1.2.8-beta; found by lodger.


svn:r14417
2008-04-22 18:38:25 +00:00
Nick Mathewson
bc95a4dbcb r15283@tombo: nickm | 2008-04-22 13:43:45 -0400
Correctly notify one-hop connections when a circuit build has failed. possible fix for bug 669. found by lodger.


svn:r14415
2008-04-22 17:44:28 +00:00
Nick Mathewson
21592ad429 r15278@tombo: nickm | 2008-04-22 13:17:37 -0400
Apply patch from mwenge to fix bug 646: makes stream events for dns requests get generated more consistently.


svn:r14413
2008-04-22 17:21:12 +00:00
Nick Mathewson
ef9c34688c r15273@tombo: nickm | 2008-04-22 12:32:28 -0400
apply patch from lodger: reject requests for reverse-dns lookup of names in private address space.  make non-exits reject all dns requests.  Fixes bug 619.


svn:r14410
2008-04-22 16:32:55 +00:00
Nick Mathewson
6e979489dc r15269@tombo: nickm | 2008-04-22 12:23:30 -0400
Fix bug 663: warn less verbosely about clock skew from netinfo cells


svn:r14408
2008-04-22 16:23:47 +00:00
Nick Mathewson
299014b2c7 r15251@tombo: nickm | 2008-04-22 11:59:46 -0400
On platforms using pthreads, allow a thread to acquire a lock it already holds.  This is crucial for logging: otherwise any log message thrown from inside the logging process (especially from control.c) will deadlock.  Win32 CriticalSections are already recursive.  Bug spotted by nwf.  Bugfix on 0.2.0.16-alpha.  Backport candidate. I hope this is portable.


svn:r14406
2008-04-22 15:59:59 +00:00
Nick Mathewson
1b9c06ab96 r15230@tombo: nickm | 2008-04-17 16:18:08 -0400
Do not allocate excess space for named_flag and unnamed_flag in dirvote.c.  Fixes bug 662.  Not a dangerous bug: sizeof(int*) is at least as big as sizeof(int) everywhere.


svn:r14391
2008-04-17 20:23:13 +00:00
Roger Dingledine
335e264fbb X *still* hasn't fixed its (*%#(*ing copy and paste bug? in how
many years?


svn:r14354
2008-04-11 03:44:50 +00:00
Roger Dingledine
fb8dadc5b6 and forward-port that
svn:r14352
2008-04-11 03:43:16 +00:00
Nick Mathewson
b927ede48c r15161@31-33-107: nickm | 2008-04-10 11:11:58 -0400
Make dumpstats() log the size and fullness of openssl-internal buffers, so I can test my hypothesis that many of them are empty, and my alternative hypothesis that many of them are mostly empty, against the null hypothesis that we really need to be burning 32K per open OR connection on this.


svn:r14350
2008-04-10 15:12:24 +00:00
Nick Mathewson
20cf4d1f09 r19283@catbus: nickm | 2008-04-09 21:44:18 -0400
The optimist calls the glass half full.  The pessimist calls it half empty.  The engineer says it is twice as large as it needs to be.  In this case, the engineer says that the default smartlist size is twice as large as it needs to be and wouldn't it be nice to save half a megabyte with a one-line patch?


svn:r14341
2008-04-10 01:44:23 +00:00
Nick Mathewson
186df044cd r19262@catbus: nickm | 2008-04-09 14:05:20 -0400
When writing relay cells to a buffer, update timestamp_last_added_nonpadding.  Bugfix on 0.2.0.1-alpha. Backport candidate.


svn:r14329
2008-04-09 18:05:47 +00:00
Nick Mathewson
a627407fcb r19233@catbus: nickm | 2008-04-08 13:06:34 -0400
When we remove old routers, use Bloom filters rather than a digestmap-based set in order to tell which ones we absolutely need to keep.  This will save us roughly a kazillion little short-lived allocations for hash table entries.


svn:r14318
2008-04-08 17:06:41 +00:00
Nick Mathewson
2d68487e7f r19229@catbus: nickm | 2008-04-07 12:28:22 -0400
Add a new SMARTLIST_FOREACH_JOIN macro to iterate through two sorted lists in lockstep.  This happens at least 3 times in the code so far, and is likely to happen more in the future.  Previous attempts to do so proved touchy, tricky, and error-prone: now, we only need to get it right in one place.


svn:r14309
2008-04-07 16:28:34 +00:00
Peter Palfrader
53e656eaa6 A changelog entry for r14277
svn:r14278
2008-04-01 21:07:45 +00:00
Peter Palfrader
9d132fbde6 Add --hush switch.
New --hush command-line option similar to --quiet.  While --quiet disables all
logging to the console on startup, --hush limits the output to messages of
warning and error severity.


svn:r14222
2008-03-27 17:25:49 +00:00
Nick Mathewson
9ee7f6e826 r19105@catbus: nickm | 2008-03-27 13:01:47 -0400
oops. Note bug number in changelog.


svn:r14220
2008-03-27 17:01:52 +00:00
Nick Mathewson
12b217bce8 r19091@catbus: nickm | 2008-03-27 12:42:57 -0400
Stop reading torrc when all we want to do is --hash-password.  Fix based on patch from Sebastian Hahn. Backport candidate.


svn:r14214
2008-03-27 16:46:34 +00:00
Nick Mathewson
02acee891c r19089@catbus: nickm | 2008-03-27 11:05:23 -0400
Free some static hashtables and the log mutex on exit. Backport candidate.


svn:r14212
2008-03-27 15:05:28 +00:00
Nick Mathewson
fa15ed4b7b r19079@catbus: nickm | 2008-03-26 17:16:46 -0400
Free authority certs on exit.  Backport candidate.


svn:r14205
2008-03-26 21:16:56 +00:00
Nick Mathewson
944bd3dbed r19074@catbus: nickm | 2008-03-26 17:08:32 -0400
Start new address policies with refcount of 1, not 2.  Backport candidate once tested more.


svn:r14204
2008-03-26 21:08:39 +00:00
Nick Mathewson
745f3c859a r19066@catbus: nickm | 2008-03-26 13:24:15 -0400
Initialize logging before we log anything.  Bugfix on 0.2.0.x-alpha.


svn:r14199
2008-03-26 17:25:16 +00:00
Nick Mathewson
e4ebe3409e r19049@catbus: nickm | 2008-03-26 12:33:25 -0400
Add new stacklike, free-all-at-once memory allocation strategy.  Use it when parsing directory information.  This helps parsing speed, and may well help fragmentation some too.  hidden-service-related stuff still uses the old tokenizing strategies.


svn:r14194
2008-03-26 16:33:33 +00:00
Roger Dingledine
55ca7e15fb forward-port the 0.2.0.23-rc changelog
svn:r14181
2008-03-25 18:36:16 +00:00
Nick Mathewson
41deb5cd7b r19039@catbus: nickm | 2008-03-25 12:15:58 -0400
Add some unit tests, particularly for AES counter mode.


svn:r14180
2008-03-25 16:16:05 +00:00
Nick Mathewson
b5b77f8bf3 r19004@catbus: nickm | 2008-03-21 15:18:43 -0400
Use RAND_poll() again: the bug that made us stop using it has been fixed.


svn:r14150
2008-03-21 19:18:57 +00:00
Nick Mathewson
64f38f217a r19003@catbus: nickm | 2008-03-21 15:13:57 -0400
Make --enable-gcc-warnings work under the recently released GCC 4.3.


svn:r14149
2008-03-21 19:18:54 +00:00
Roger Dingledine
3fb922f4d5 correct the 0.2.0.22-rc changelog in trunk
svn:r14118
2008-03-19 00:23:07 +00:00
Nick Mathewson
e96d22e914 r18941@catbus: nickm | 2008-03-18 14:59:43 -0400
Likely fix for bug 632: do not call start_reading on a placeholder connection.


svn:r14109
2008-03-18 19:00:12 +00:00
Nick Mathewson
a62a24036d r18937@catbus: nickm | 2008-03-18 14:50:39 -0400
Fix the other lingering part of bug 617: make ClientDNSRejectInternalAddresses actually work.


svn:r14107
2008-03-18 18:51:34 +00:00
Nick Mathewson
7dd78f1576 r18929@catbus: nickm | 2008-03-18 12:08:16 -0400
Detect errors from directory listing correctly on win32.  Bug found by lodger.


svn:r14102
2008-03-18 16:08:49 +00:00
Nick Mathewson
05f5d778a2 r18919@catbus: nickm | 2008-03-18 10:53:38 -0400
Forward-port bug 622 fix as diagnosed by lodger.


svn:r14096
2008-03-18 14:53:41 +00:00
Roger Dingledine
2117abbe3f forward-port the 0.2.0.22-rc changelog entry, plus remove
some duplicate items.


svn:r14086
2008-03-18 02:39:34 +00:00
Nick Mathewson
9a24158c69 r18880@catbus: nickm | 2008-03-17 12:51:24 -0400
Fix policy-related crash bug found by lodger.


svn:r14077
2008-03-17 16:51:48 +00:00
Peter Palfrader
0cccf7375b And use 16k pages on ia64. Maybe this should be a configure thing
svn:r14073
2008-03-17 09:46:18 +00:00
Nick Mathewson
e6b617bf05 r18872@catbus: nickm | 2008-03-16 23:56:48 -0400
Only dump all guard node status to the log when the guard node status actually changes.  Downgrade the 4 most common remaining INFO log messages to DEBUG.


svn:r14069
2008-03-17 04:07:51 +00:00
Nick Mathewson
c59f66709d r18862@catbus: nickm | 2008-03-16 23:33:11 -0400
Part of fix for bug 617: allow connection_ap_handshake_attach_circuit() to mark connections, to avoid double-mark warnings.  Note that this is an incomplete refactoring.


svn:r14066
2008-03-17 03:37:54 +00:00
Nick Mathewson
0b941640df r18852@catbus: nickm | 2008-03-16 22:47:19 -0400
Downgrade "sslv3 alert handshake failure" message to info.


svn:r14057
2008-03-17 02:47:49 +00:00
Nick Mathewson
b29f763ee1 r18850@catbus: nickm | 2008-03-16 22:35:38 -0400
Use 8k pages in openbsd malloc code on alpha. Bug and solution found by weasel.  Also, when initializing openbsd malloc code, check that compiled page size matches output of getpagesize().


svn:r14056
2008-03-17 02:47:40 +00:00
Nick Mathewson
0c6fc51909 r18793@catbus: nickm | 2008-03-13 14:09:19 -0400
Add a malloc_good_size() implementation to OpenBSD_malloc_Linux.c.  Also, make configure.in not use support functions for the platform malloc when we are not using the platform mallocs.


svn:r14010
2008-03-13 18:11:33 +00:00
Peter Palfrader
56580ae84e Add a changelog entry for rr14003/r14005
svn:r14007
2008-03-13 16:56:20 +00:00
Peter Palfrader
e6b2d119e8 Assert that severity in logv() is sane. Interesting effects otherwise (It is being used as an array index)
svn:r14006
2008-03-13 16:56:14 +00:00
Nick Mathewson
cad3d651d0 r18783@catbus: nickm | 2008-03-13 11:06:45 -0400
Oops, do a better fix for that.


svn:r14001
2008-03-13 15:06:49 +00:00
Nick Mathewson
ac6cc43047 r18781@catbus: nickm | 2008-03-13 11:00:51 -0400
Have OpenBSD_malloc_Linux.c use SIZE_T_MAX from torint.h, instead of checking cpu macros.  There is always one more cpu you havent checked for.


svn:r14000
2008-03-13 15:06:26 +00:00
Nick Mathewson
4d32c2e81f r18751@catbus: nickm | 2008-03-11 14:22:43 -0400
Fix for bug 614: always look at the network BIO for the SSL object, not at the buffering BIO (if one exists because we are renegotiating or something).  Bugfix on 0.1.2.x, oddly enough, though it should be impossible to trigger the problem there.  Backport candidate.  See comments in tortls.c for detailed implementation note.


svn:r13975
2008-03-11 18:22:49 +00:00
Nick Mathewson
24f91d2876 r18747@catbus: nickm | 2008-03-11 13:21:25 -0400
Request client certs when renegotiating on server-side. Spotted by lodger.  Bugfix on 0.2.0.x.


svn:r13973
2008-03-11 17:21:44 +00:00
Nick Mathewson
4b65ea0ec0 r18730@catbus: nickm | 2008-03-11 00:47:04 -0400
Forward-port: Fix the SVK version detection logic to work right on a branch: tolerate multiple "copied from" tags and only look at the first.


svn:r13959
2008-03-11 04:47:07 +00:00
Nick Mathewson
8b24e01599 r18723@catbus: nickm | 2008-03-11 00:25:30 -0400
Fix bug spotted by mwenge: a server_event should not be a sever_event.  Also, fix compile errors in config.c and control.c with --enable-gcc-warnings.


svn:r13957
2008-03-11 04:30:14 +00:00
Nick Mathewson
f56ba5f3d6 r18630@catbus: nickm | 2008-03-05 17:31:33 -0500
Implement domain-selection for logging.  Source is documented; needs documentation in manpage (maybe).  For now, see doxygen comment on parse_log_severity_config in log.c


svn:r13875
2008-03-05 22:31:39 +00:00
Roger Dingledine
5bf0a01011 forward-port r13799 and the 0.2.0.21-rc changelog
svn:r13808
2008-03-02 22:29:04 +00:00
Nick Mathewson
77d1654c50 r18535@catbus: nickm | 2008-03-01 09:58:33 -0500
Whoo.  People diagnosed and fixed bug 616. See changelog for details.  Bugfix on 0.2.0.20-rc.


svn:r13793
2008-03-01 14:59:03 +00:00
Roger Dingledine
c5a7ff8e43 forward-port r13777
svn:r13778
2008-02-29 01:45:06 +00:00
Nick Mathewson
eefe2a3562 r18462@catbus: nickm | 2008-02-27 14:15:57 -0500
Add better warnings for the error that produced bug 614, and downgrade from a tor_assert() to a tor_fragile_assert().


svn:r13752
2008-02-27 19:19:34 +00:00
Roger Dingledine
f24b7a3f8f a blurb for 0.2.0.20-rc
svn:r13732
2008-02-26 03:11:37 +00:00
Roger Dingledine
3dd9a3a23a bump to 0.2.0.20-rc
svn:r13715
2008-02-25 00:39:58 +00:00
Nick Mathewson
ee8dce3084 r14421@tombo: nickm | 2008-02-24 17:05:18 -0500
Patch from mwenge: always willingly serve our own extrainfo from the controlport


svn:r13699
2008-02-24 22:11:12 +00:00
Nick Mathewson
dde81de3dd r14419@tombo: nickm | 2008-02-24 16:55:11 -0500
Patch from tup: use sizeof sockaddr_un as the size of a unix sockaddr.  Fixes unix controlsocket binding on openbsd.


svn:r13697
2008-02-24 22:11:00 +00:00
Roger Dingledine
31f72a3d80 Servers that don't know their own IP address should go to the
authorities for their first directory fetch, even if their DirPort
is off or if they don't know they're reachable yet. This will help
them bootstrap better. Bugfix on 0.2.0.18-alpha; fixes bug 609.


svn:r13688
2008-02-23 23:39:16 +00:00
Roger Dingledine
cd4b95e402 Make "HashedControlPassword" an alias for "__HashedControlSessionPassword"
if it appears on the commandline. should help with bug 586.


svn:r13683
2008-02-22 23:20:28 +00:00
Nick Mathewson
7589765ae9 r14401@tombo: nickm | 2008-02-22 15:33:42 -0500
Fix a really stupid parthensis error noticed by mwenge.


svn:r13681
2008-02-22 20:33:47 +00:00
Nick Mathewson
a20eda5669 r14396@tombo: nickm | 2008-02-22 14:07:37 -0500
Add --passphrase-fd to tor-gencert.


svn:r13679
2008-02-22 19:07:52 +00:00
Nick Mathewson
b21a122ef6 r14379@tombo: nickm | 2008-02-21 17:14:24 -0500
Enable v2 handshakes.


svn:r13666
2008-02-21 22:14:32 +00:00
Nick Mathewson
e790dbe779 r18347@catbus: nickm | 2008-02-21 15:54:40 -0500
Make autoconf autodetect -Wshorten-64-to-32 when --enable-gcc-warnings is given to the configure script.


svn:r13661
2008-02-21 20:54:45 +00:00
Nick Mathewson
5c03f82a65 r18345@catbus: nickm | 2008-02-21 13:45:04 -0500
Do the last part of arma's fix for bug 437: Track the origin of every addrmap, and use this info so we can remove all the trackhostexits-originated mappings for a given exit.


svn:r13660
2008-02-21 18:45:11 +00:00
Nick Mathewson
e2f25558b9 r14362@31-33-219: nickm | 2008-02-21 11:01:10 -0500
Change some of our log messages related to closed TLS connections in order to better reflect reality.


svn:r13657
2008-02-21 16:11:58 +00:00
Nick Mathewson
e18ee2a2ab r14357@31-33-219: nickm | 2008-02-21 10:39:11 -0500
Fix bug-handling code for unhandled write errors, so that it does not try to flush any data on the failed connection. Bugfix on 0.1.2.x.


svn:r13655
2008-02-21 15:39:26 +00:00
Roger Dingledine
18a209ffe6 Even though the man page said that "TrackHostExits ." should
work, nobody had ever implemented it. Bugfix on 0.1.0.x.


svn:r13647
2008-02-21 08:08:13 +00:00
Roger Dingledine
828c707812 Change the behavior of "getinfo status/good-server-descriptor"
so it doesn't return failure when any authority disappears.


svn:r13645
2008-02-21 06:06:45 +00:00
Roger Dingledine
1812a22a60 If we're trying to flush the last bytes on a connection (for
example, when answering a directory request), reset the  
time-to-give-up timeout every time we manage to write something
on the socket. Bugfix on 0.1.2.x.


svn:r13643
2008-02-21 05:51:09 +00:00
Nick Mathewson
1df0647c66 r18291@catbus: nickm | 2008-02-20 22:35:32 -0500
Resolve all DOCDOC issues, and document some other undocumented code, and fix a changelog entry.


svn:r13638
2008-02-21 03:38:46 +00:00
Nick Mathewson
ae507a61cc r18288@catbus: nickm | 2008-02-20 21:18:38 -0500
Recover from bad tracked-since value in mtbf history file.  This may finally close bug 537.


svn:r13636
2008-02-21 02:18:41 +00:00
Nick Mathewson
0e9dcfab97 r18286@catbus: nickm | 2008-02-20 21:10:33 -0500
Fix a bug that kept buf_find_string_offset from finding a string at the very end of the buffer.  Add a unit test for this. Also, do not save a pointer to a chunk that might get reallocated by buf_pullup().


svn:r13635
2008-02-21 02:10:38 +00:00
Nick Mathewson
1c5d641d89 r18277@catbus: nickm | 2008-02-20 18:28:45 -0500
Fix spelling


svn:r13631
2008-02-20 23:38:53 +00:00
Nick Mathewson
f0e523c6ef r18272@catbus: nickm | 2008-02-20 18:20:33 -0500
add a flag to suppress overwriting the certificates file with new certificates, so we do not overwrite all certs when starting as an authority.


svn:r13630
2008-02-20 23:20:36 +00:00
Nick Mathewson
93aa335516 r18269@catbus: nickm | 2008-02-20 17:28:24 -0500
Apply patch from Sebastian Hahn: stop imposing an arbitrary maximum on the number of file descriptors used for busy servers.  Bug reported by Olaf Selke.


svn:r13626
2008-02-20 22:28:26 +00:00
Nick Mathewson
7521ef9a00 r18264@catbus: nickm | 2008-02-20 12:48:21 -0500
fix bufs in buf_pos_t implementation.


svn:r13623
2008-02-20 17:48:39 +00:00
Roger Dingledine
f2ed011813 We were comparing the raw BridgePassword entry with a base64'ed
version of it, when handling a "/tor/networkstatus-bridges"
directory request. Now compare correctly. Noticed by Veracode.


svn:r13609
2008-02-20 02:05:28 +00:00
Nick Mathewson
9479dd3768 r18226@catbus: nickm | 2008-02-19 18:01:01 -0500
Brown-paper-bag time.  We were failing to count all the sockets from accept().


svn:r13595
2008-02-19 23:01:07 +00:00
Nick Mathewson
4ccffd7aea r18218@catbus: nickm | 2008-02-19 17:27:40 -0500
When SafeLogging is off, have TLS errors and messages logged with their associated addresses.


svn:r13591
2008-02-19 22:27:44 +00:00
Nick Mathewson
749735215b r18208@catbus: nickm | 2008-02-19 17:02:30 -0500
Add some checks in torgzip.c to make sure we never overflow size_t there.  Also make sure we do not realloc(list,0) in container.c.  Backport candidate.


svn:r13587
2008-02-19 22:05:49 +00:00
Roger Dingledine
da7f0315e6 maybe it should compile too.
svn:r13585
2008-02-19 21:41:43 +00:00
Roger Dingledine
d964beac16 If we only ever used Tor for hidden service lookups or posts, we
would stop building circuits and start refusing connections after
24 hours, since we false believed that Tor was dormant. Reported
by nwf; bugfix on 0.1.2.x.


svn:r13583
2008-02-19 21:30:24 +00:00
Nick Mathewson
952a3cb8fb r14240@tombo: nickm | 2008-02-17 14:26:52 -0500
Add a --with-tcmalloc argument to configure.


svn:r13546
2008-02-17 19:26:55 +00:00
Nick Mathewson
a8b371c333 r14238@tombo: nickm | 2008-02-17 14:03:44 -0500
Add openbsd memory allocator discussed in bug 468, to make it easier for linux users to get non-awful allocation patterns.  Use --enable-openbsd-malloc to turn it on.  Needs more testing.


svn:r13544
2008-02-17 19:03:49 +00:00
Nick Mathewson
faa56a500b r14236@tombo: nickm | 2008-02-17 13:44:55 -0500
Partial fix for bug 586: Add an ephemeral __HashedControlSessionPassword.


svn:r13543
2008-02-17 18:45:07 +00:00
Roger Dingledine
4c1e516a09 cleanups and changelog entry for r13540
svn:r13542
2008-02-17 16:52:24 +00:00
Nick Mathewson
24e8e1fb36 r14185@tombo: nickm | 2008-02-15 18:05:54 -0500
Replace the hefty tor_strpartition with a simple function to replace its only (trivial) use.


svn:r13532
2008-02-15 23:39:14 +00:00
Nick Mathewson
275bb57a77 r18068@catbus: nickm | 2008-02-13 11:33:19 -0500
Patch from karsten: make hidden service code respect SafeLogging.


svn:r13493
2008-02-13 16:34:00 +00:00
Roger Dingledine
740097a65e We were leaking a file descriptor if Tor started with a zero-length
cached-descriptors file. Patch by freddy77; bugfix on 0.1.2.


svn:r13488
2008-02-13 07:23:37 +00:00
Roger Dingledine
3abafccd0e Start choosing which bridge to use proportional to its advertised
bandwidth, rather than uniformly at random. This should speed up Tor
for bridge users. Also do this for people who set StrictEntryNodes.


svn:r13486
2008-02-12 22:02:47 +00:00
Nick Mathewson
f3eaeb99a3 r18051@catbus: nickm | 2008-02-12 15:20:43 -0500
Re-tune mempool parametes based on testing on peacetime: use smaller chuncks, free them a little more aggressively, and try very hard to concentrate allocations on fuller chunks.  Also, lots of new documentation.


svn:r13484
2008-02-12 20:20:52 +00:00
Roger Dingledine
dc94b1a226 blurbs for 0.2.0.18-alpha and 0.2.0.19-alpha
svn:r13481
2008-02-12 05:18:24 +00:00
Roger Dingledine
28483467d0 Directory mirrors no longer include a guess at the client's IP
address if the connection appears to be coming from the same /24
network; it was producing too many wrong guesses.


svn:r13464
2008-02-11 05:31:56 +00:00
Nick Mathewson
bc4d6515fc r14111@tombo: nickm | 2008-02-10 20:52:19 -0500
"0 bytes in 1 empty chunks" is hardly likely.


svn:r13463
2008-02-11 01:52:24 +00:00
Roger Dingledine
c254ba70c0 rearrange the changelog
svn:r13446
2008-02-09 17:13:28 +00:00
Roger Dingledine
965afb4970 cleanups on r13442.
oh, and this should be backported too.


svn:r13444
2008-02-09 10:46:22 +00:00
Nick Mathewson
a378bb5f5a r17985@catbus: nickm | 2008-02-08 16:30:02 -0500
Bugfix from Karsten Loesing: Retry v2 rend descriptors on intro point failure.


svn:r13431
2008-02-08 21:30:07 +00:00
Nick Mathewson
141a5877f3 r14063@tombo: nickm | 2008-02-08 15:48:32 -0500
Add a bunch more code documentation; change the interface of fetch_var_cell_from_buf() so it takes the current link protocol into account and can't get confused by weird command bytes on v1 connections.


svn:r13430
2008-02-08 21:13:15 +00:00
Nick Mathewson
de827f89df r14062@tombo: nickm | 2008-02-08 15:17:07 -0500
Change DNs in x509 certificates to be harder to fingerprint.  Raise common code.  Refactor random hostname generation into crypto.c


svn:r13429
2008-02-08 21:13:12 +00:00
Nick Mathewson
809227a121 r14061@tombo: nickm | 2008-02-08 14:30:42 -0500
Add a couple of (currently disabled) strategies for trying to avoid using too much ram in memory pools: prefer putting new cells in almost-full chunks, and be willing to free the last empty chunk if we have not needed it for a while.  Also add better output to mp_pool_log_status to track how many mallocs a given memory pool strategy is saving us, so we can tune the mempool parameters.


svn:r13428
2008-02-08 21:13:08 +00:00
Nick Mathewson
eecc44dab8 r17963@catbus: nickm | 2008-02-07 10:14:25 -0500
Be more thorough about memory poisoning and clearing.  Add an in-place version of aes_crypt in order to remove a memcpy from relay_crypt_one_payload.


svn:r13414
2008-02-07 16:10:33 +00:00
Nick Mathewson
f77b8338d2 r17957@catbus: nickm | 2008-02-06 20:08:29 -0500
Oops; left a dquote out of acinclude.m4


svn:r13410
2008-02-07 01:08:33 +00:00
Nick Mathewson
6e2946fb5d r17949@catbus: nickm | 2008-02-06 13:21:12 -0500
Fix bandwidth bucked calculations again, I think. Bugfix on 0.1.2.x. Backport candidate.


svn:r13406
2008-02-06 18:21:16 +00:00
Nick Mathewson
368f62c79d r17933@catbus: nickm | 2008-02-05 19:54:28 -0500
Stamp out a bunch of atoi users; make more tor_parse_long() users check their outputs.


svn:r13395
2008-02-06 00:54:47 +00:00
Nick Mathewson
12071df6c8 r17930@catbus: nickm | 2008-02-05 18:20:40 -0500
Initial attempts to track down bug 600, and refactor possibly offending code.  1) complain early if circuit state is set to OPEN when an onionskin is pending.  2) refactor onionskin field into one only used when n_conn is pending, and a separate onionskin field waiting for attention by a cpuworker.  This might even fix the bug.  More likely, it will make it fail with a more useful core.


svn:r13394
2008-02-05 23:20:49 +00:00
Nick Mathewson
fac2cd3b03 r17916@catbus: nickm | 2008-02-05 16:29:35 -0500
Fix some XXX020 items in control.c: add a maximum line length and note that the number of versioning authorities is no longer apparent to clients.


svn:r13390
2008-02-05 21:39:49 +00:00
Nick Mathewson
c11c48fc78 r17913@catbus: nickm | 2008-02-05 16:11:33 -0500
Correctly register failures in connection_add() in dnsserv_launch_request()


svn:r13387
2008-02-05 21:39:40 +00:00
Roger Dingledine
fdbefc8934 If we're a relay, avoid picking ourselves as an introduction point,
a rendezvous point, or as the final hop for internal circuits. Bug
reported by taranis and lodger. Bugfix on 0.1.2.x.


svn:r13372
2008-02-04 17:25:24 +00:00
Roger Dingledine
426a9bbde1 Don't trigger an assert if we start a directory authority with a
private IP address (like 127.0.0.1).


svn:r13371
2008-02-04 16:58:50 +00:00
Nick Mathewson
91bac90310 r17863@catbus: nickm | 2008-02-01 00:27:07 -0500
Bugfix from weasel: possible fix for 593: make connection_write_to_buf("") work when using zlib compression.


svn:r13347
2008-02-01 05:27:12 +00:00
Nick Mathewson
f013fb5e31 r17854@catbus: nickm | 2008-01-30 17:52:43 -0500
Periodically check whether we have an expired consensus networkstatus.  If we do, and we think we have enough directory info, then call router_dir_info_changed().  Fixes bug 401.  This bug was deferred from 0.1.2.x, but fixing it there is nontrivial.


svn:r13342
2008-01-30 22:52:46 +00:00
Nick Mathewson
1793aeafae r17852@catbus: nickm | 2008-01-30 17:23:36 -0500
Correctly insert connections into the identity->connection map when we connect to a bridge without having specified its key.  Fixes bug 574.


svn:r13341
2008-01-30 22:23:44 +00:00
Nick Mathewson
b4ebe55d12 r13971@tombo: nickm | 2008-01-30 14:25:25 -0500
Write a new autoconf macro to test whether a function is declared. It is suboptimal and possibly buggy in some way, but it seems to work for me.  use it to test for a declaration of malloc_good_size, so we can workaround operating systems (like older OSX) that have the function in their libc but do not deign to declare it in their headers.  Should resolve bug 587.


svn:r13339
2008-01-30 19:25:31 +00:00
Nick Mathewson
0b06546620 r17844@catbus: nickm | 2008-01-30 13:31:37 -0500
Fix bug 597: stop telling people to email Tor-ops.  Also give a better suggestion when some other identity has been assigned the nickname we are using.


svn:r13337
2008-01-30 18:32:30 +00:00
Nick Mathewson
68cf666d04 Fix bug 571: associate certificates with keys, not dirservers, so that we can have certificates for dirservers we do not recognize.
svn:r13304
2008-01-26 23:18:30 +00:00
Roger Dingledine
596b822337 bump to 0.2.0.18-alpha-dev
svn:r13295
2008-01-26 05:38:44 +00:00
Roger Dingledine
65ecbdad76 a changelog entry for the various patches from karsten
svn:r13293
2008-01-26 04:35:16 +00:00
Roger Dingledine
ea0afb6c39 bump to 0.2.0.18-alpha
svn:r13291
2008-01-26 03:48:03 +00:00
Roger Dingledine
1445e17a21 We were computing the wrong Content-Length: header for directory
responses that need to be compressed on the fly, causing clients
asking for those items to always fail. Bugfix on 0.2.0.x; fixes
bug 593.


svn:r13268
2008-01-25 01:45:06 +00:00
Roger Dingledine
980fcb1ca7 When we get a consensus that's been signed by more people than
we expect, don't log about it; it's not a big deal.


svn:r13249
2008-01-24 02:31:37 +00:00
Roger Dingledine
9d1832dd5a Set up dannenberg (run by CCC) as the sixth v3 directory
authority.


svn:r13231
2008-01-22 22:38:38 +00:00
Roger Dingledine
a9aa8917fc a changelog entry for r13218
svn:r13220
2008-01-21 22:42:16 +00:00
Roger Dingledine
750ed3d015 We accidentally enabled the under-development v2 TLS handshake
code, which is causing log entries like "TLS error while
renegotiating handshake". Disable it again. Resolves bug 590.


svn:r13219
2008-01-21 22:33:01 +00:00
Roger Dingledine
a49f14d0d4 When we setconf ClientOnly to 1, close any current OR and Dir
listeners. Reported by mwenge.


svn:r13214
2008-01-21 21:21:19 +00:00
Roger Dingledine
b79850d574 Make "ClientOnly 1" config option disable directory ports too.
svn:r13213
2008-01-21 21:00:50 +00:00
Roger Dingledine
ff62154ba3 New config options WarnPlaintextPorts and RejectPlaintextPorts so
Tor can warn and/or refuse connections to ports commonly used with
vulnerable-plaintext protocols.

We still need to figure out some good defaults for them.


svn:r13198
2008-01-20 05:54:15 +00:00
Roger Dingledine
250590b9e7 and add blurbs for 0.2.0.1[67]-alpha
svn:r13189
2008-01-19 18:05:19 +00:00
Roger Dingledine
1ee96aa48c and forward-port those
svn:r13188
2008-01-19 17:58:09 +00:00
Roger Dingledine
43dce232ad If we've gone 12 hours since our last bandwidth check, and we
estimate we have less than 50KB bandwidth capacity but we could
handle more, do another bandwidth test.


svn:r13176
2008-01-18 04:58:40 +00:00
Roger Dingledine
3d3663a123 Don't answer "/tor/networkstatus-bridges" directory requests if
the request isn't encrypted.


svn:r13175
2008-01-18 04:51:12 +00:00
Roger Dingledine
06047bcec9 Avoid going directly to the directory authorities even if you're a
relay, if you haven't found yourself reachable yet or if you've
decided not to advertise your dirport yet. Addresses bug 556.


svn:r13172
2008-01-18 04:42:22 +00:00
Roger Dingledine
b4b3472b9f Make the tor-gencert man page get included correctly in the tarball.
svn:r13163
2008-01-17 20:32:37 +00:00
Roger Dingledine
fe2f9a29f8 muck with the 0.2.0.16-alpha some more
svn:r13159
2008-01-17 19:56:21 +00:00
Roger Dingledine
55e052b0a5 Assert error introduced in r11957:
Fix an assert if we post a general-purpose descriptor via the
control port but that descriptor isn't mentioned in our current
network consensus. Bug reported by Jon McLachlan; bugfix on
0.2.0.9-alpha.


svn:r13153
2008-01-17 05:25:21 +00:00
Nick Mathewson
4a3b7496f0 r17639@catbus: nickm | 2008-01-15 19:09:21 -0500
Fix some hard to trigger but nonetheless real memory leaks spotted by an anonymous contributor.  Needs review.  Partial backport candidate.


svn:r13147
2008-01-16 05:27:19 +00:00
Nick Mathewson
24aae484c9 r17624@catbus: nickm | 2008-01-15 00:42:01 -0500
Fixes to more anonymously-reported typos and logic errors.


svn:r13136
2008-01-15 05:57:19 +00:00
Nick Mathewson
89dfec02d8 r17614@catbus: nickm | 2008-01-14 13:55:25 -0500
Add a missing "goto err" when parsing v2 ns docs


svn:r13133
2008-01-14 19:00:33 +00:00
Nick Mathewson
d7fb8a34ac r17613@catbus: nickm | 2008-01-14 13:52:44 -0500
Do not segfault if symetric key generation somehow fails in crypto_hybrid_encrypt.


svn:r13132
2008-01-14 19:00:28 +00:00
Nick Mathewson
3b8f76aa51 r17611@catbus: nickm | 2008-01-14 13:44:16 -0500
add some missing checks for failing return values.


svn:r13130
2008-01-14 19:00:23 +00:00
Nick Mathewson
e49229caf8 r17610@catbus: nickm | 2008-01-14 13:20:49 -0500
Fix a bogus free() call on a base64 failure in router_append_dirobj_signature().


svn:r13129
2008-01-14 19:00:19 +00:00
Roger Dingledine
134924482f 0.2.0.15-alpha blurb
svn:r13102
2008-01-11 02:31:19 +00:00
Nick Mathewson
10d86f7615 r17558@catbus: nickm | 2008-01-10 13:07:41 -0500
If we do not serve v2 directory info, and our cached v2 networkstatus files are very old, remove them.  If the directory is old, remove that too.  (We already did this for obsolete routers files.)


svn:r13096
2008-01-10 18:08:42 +00:00
Nick Mathewson
04263648c4 r17554@catbus: nickm | 2008-01-10 12:48:29 -0500
Do not send bridge descriptors over unencrypted connections.


svn:r13094
2008-01-10 17:48:40 +00:00
Nick Mathewson
59fdab43cd r17552@catbus: nickm | 2008-01-10 12:13:43 -0500
Make bridge geoip data get rounded up, not down.


svn:r13092
2008-01-10 17:48:32 +00:00
Nick Mathewson
c508fa5aec r17550@catbus: nickm | 2008-01-10 12:08:01 -0500
Add a manual page for tor-gencert.  Also implement the missing -s option in tor-gencert, and fix the info message for when no cert file is specified.


svn:r13091
2008-01-10 17:08:05 +00:00
Nick Mathewson
ca5f670fab r17548@catbus: nickm | 2008-01-10 11:08:12 -0500
Make proposal-109 behavior optional.


svn:r13090
2008-01-10 16:08:47 +00:00
Roger Dingledine
7d3bf1608b Set up gabelmoo (run by Karsten Loesing) as the fifth v3 directory
authority.


svn:r13079
2008-01-08 23:51:48 +00:00
Nick Mathewson
177d5102d5 r17503@catbus: nickm | 2008-01-07 14:15:30 -0500
Change set_current_consensus interface to take a flags variable.  Do not try to fetch certificates until after we have tried loading the fallback consensus.  Should fix bug 583.


svn:r13058
2008-01-07 19:15:34 +00:00
Nick Mathewson
dd35fe59c4 r17499@catbus: nickm | 2008-01-07 13:39:46 -0500
Bugfix on fix for 557: Make values containing special characters work right with getconf, setconf, and saveconf.  Document this in control-spec.txt


svn:r13056
2008-01-07 18:54:55 +00:00
Nick Mathewson
a63eb68fe1 r17495@catbus: nickm | 2008-01-07 12:48:56 -0500
Consequence of fix for 539: when a client gets a 503 response with a nontrivial body, pretend it got a 200 response.  This lets clients use information erroneously sent to them by old buggy servers.


svn:r13054
2008-01-07 17:49:13 +00:00
Nick Mathewson
491298a067 r17490@catbus: nickm | 2008-01-07 11:48:02 -0500
Fix bug 582: decref the idcert when we add it to the store.


svn:r13052
2008-01-07 16:50:31 +00:00
Roger Dingledine
5a912aa1c8 cleanups on r13037
svn:r13045
2008-01-06 23:37:48 +00:00
Nick Mathewson
17036de8b7 r17469@catbus: nickm | 2008-01-05 20:14:07 -0500
Fix bug 579: Count DNSPort and hidden services when checking whether Tor is going to do anything.  Change "no configured ports" from fatal to warning.


svn:r13036
2008-01-06 01:14:11 +00:00
Nick Mathewson
58de695f90 r15787@tombo: nickm | 2008-01-02 01:59:07 -0500
Allow config values in quotes to contain special characters, with full C escape syntax.  With tests.  Addresses bug 557.


svn:r13021
2008-01-02 06:59:15 +00:00
Nick Mathewson
c0ec281565 r15784@tombo: nickm | 2008-01-02 00:38:06 -0500
Fix bug 575: protect the list of logs with a mutex.  I couldn't find any appreciable change in logging performance on osx, but ymmv. You can undef USE_LOG_MUTEX to see if stuff gets faster for you.


svn:r13019
2008-01-02 05:38:53 +00:00
Nick Mathewson
feb1c60e9d r15782@tombo: nickm | 2008-01-01 23:57:43 -0500
Bugfix for bug 569: do not try to download nonexistant certificates with signing key 000000000000000.


svn:r13018
2008-01-02 04:57:48 +00:00
Nick Mathewson
11fff225fa r15779@tombo: nickm | 2008-01-01 23:43:24 -0500
Use reference-counting to avoid allocating a zillion little addr_policy_t objects. (This is an old patch that had been sitting on my hard drive for a while.)


svn:r13017
2008-01-02 04:43:44 +00:00
Nick Mathewson
48d7adca8a r15768@tombo: nickm | 2007-12-31 16:12:09 -0500
Patch from Tup: make NS events work again.


svn:r13009
2007-12-31 21:12:16 +00:00
Nick Mathewson
a7ef07b4bd r15693@tombo: nickm | 2007-12-25 19:11:29 -0500
Here, have some terribly clever new buffer code.  It uses a mbuf-like strategy rather than a ring buffer strategy, so it should require far far less extra memory to hold any given amount of data.  Also, it avoids access patterns like x=malloc(1024);x=realloc(x,1048576);x=realloc(x,1024);append_to_freelist(x) that might have been contributing to memory fragmentation.  I've  tested it out a little on peacetime, and it seems to work so far.  If you want to benchmark it for speed, make sure to remove the #define PARANOIA; #define NOINLINE macros at the head of the module.


svn:r12983
2007-12-26 00:12:08 +00:00
Roger Dingledine
58e429f079 bump to 0.2.0.15-alpha
svn:r12962
2007-12-25 05:45:36 +00:00
Roger Dingledine
c6788cc0de The bridge GeoIP stats were counting other relays, for example
self-reachability and authority-reachability tests.


svn:r12960
2007-12-25 00:07:13 +00:00
Roger Dingledine
e61c9cddca 0.2.0.15-alpha is coming out tonight. get yer bug reports in now!
svn:r12957
2007-12-24 20:10:43 +00:00
Roger Dingledine
15c048bdc5 Fix several remotely triggerable asserts based on DirPort requests
for a v2 or v3 networkstatus object before we were prepared. This
was particularly bad for 0.2.0.13 and later bridge relays, who
would never have a v2 networkstatus and would thus always crash
when used. Bugfixes on 0.2.0.x.

Estimate the v3 networkstatus size more accurately, rather than
estimating it at zero bytes and giving it artificially high priority 
compared to other directory requests. Bugfix on 0.2.0.x.


svn:r12952
2007-12-24 11:25:45 +00:00
Roger Dingledine
4fb573fddd bugfix on r10612:
When we load a bridge descriptor from the cache,
and it was previously unreachable, mark it as retriable so we won't
just ignore it. Also, try fetching a new copy immediately.


svn:r12950
2007-12-24 10:31:39 +00:00
Nick Mathewson
473725e1a4 r15648@tombo: nickm | 2007-12-23 13:27:30 -0500
Support building for iPhone; patch from cjacker huang.


svn:r12946
2007-12-23 18:27:47 +00:00
Nick Mathewson
4606a8af03 r15646@tombo: nickm | 2007-12-23 13:17:33 -0500
Handle cross-compilation more sanely: avoid most uses of the (never-defined!) CROSS_COMPILE variable; in the one place where we cannot help it, use the correct cross_compiling.


svn:r12945
2007-12-23 18:20:22 +00:00
Roger Dingledine
2424449947 ok, going to release now
svn:r12938
2007-12-23 06:38:00 +00:00
Roger Dingledine
5b3e5e87bc bump to 0.2.0.14-alpha
svn:r12935
2007-12-23 01:31:39 +00:00
Roger Dingledine
61bd5583d9 If we receive a general-purpose descriptor and then receive an
identical bridge-purpose descriptor soon after, don't discard
the next one as a duplicate.


svn:r12933
2007-12-23 01:18:14 +00:00
Nick Mathewson
3a85c9fa65 r17340@catbus: nickm | 2007-12-22 12:30:07 -0500
Try to resolve bug 553 by adding a sys/time.h include to the autoconf test for rlim_t.


svn:r12931
2007-12-22 17:30:12 +00:00
Roger Dingledine
88503e25c7 If bridge authorities set BridgePassword, they will serve a
snapshot of known bridge routerstatuses from their DirPort to
anybody who knows that password. Unset by default.


svn:r12929
2007-12-22 11:48:17 +00:00
Roger Dingledine
87a616e128 Fix a crash on startup if you install Tor 0.2.0.13-alpha fresh
without a datadirectory from a previous Tor install. Reported
by Zax.


svn:r12928
2007-12-22 11:42:12 +00:00
Roger Dingledine
a02d18f6fb add the blurb for 0.2.0.13-alpha
svn:r12926
2007-12-22 09:20:11 +00:00
Roger Dingledine
ce636beff9 If the user sets RelayBandwidthRate but doesn't set
RelayBandwidthBurst, then make them equal rather than erroring out.


svn:r12925
2007-12-22 09:13:24 +00:00
Roger Dingledine
be906a836a If BridgeRelay is set to 1, then the default for
PublishServerDescriptor is now "bridge" rather than "v2,v3".


svn:r12923
2007-12-22 09:04:46 +00:00
Roger Dingledine
39d910e97b Make PublishServerDescriptor default to 1, so the default doesn't
have to change as we invent new directory protocol versions.


svn:r12922
2007-12-22 08:27:42 +00:00
Roger Dingledine
6097e46420 Fix a crash when we load a bridge descriptor from disk but we don't
currently have a Bridge line for it in our torrc. Bugfix on
0.2.0.12-alpha.


svn:r12921
2007-12-22 06:11:49 +00:00
Roger Dingledine
366c273d27 Make "GETINFO/desc-annotations/id/<OR digest>" actually work.
svn:r12919
2007-12-22 05:27:30 +00:00
Roger Dingledine
a223f5db03 Fix a crash when accessing hidden services: it would work the first
time you use a given introduction point for your service, but
on subsequent requests we'd be using garbage memory. Fixed by
Karsten Loesing. Bugfix on 0.2.0.12-alpha.


svn:r12913
2007-12-21 23:28:23 +00:00
Roger Dingledine
73ff2e5d5e Fix a crash when we fetch a descriptor that turns out to be
unexpected (it used to be in our networkstatus when we started
fetching it, but it isn't in our current networkstatus), and we
aren't using bridges. Bugfix on 0.2.0.x.


svn:r12911
2007-12-21 22:58:22 +00:00
Roger Dingledine
46bb4a40ee Make the unit tests build again.
svn:r12905
2007-12-21 10:40:40 +00:00
Roger Dingledine
e710710e87 clean up changelog and todo file
svn:r12899
2007-12-21 07:29:55 +00:00
Roger Dingledine
7b60d6c526 Directory authorities should only automatically download Extra Info
documents if they're v1, v2, or v3 authorities.


svn:r12898
2007-12-21 06:33:02 +00:00
Roger Dingledine
9ebf86bb66 new config option FetchDirInfoEarly for tup/ioerror and the tordnsel
svn:r12896
2007-12-21 06:08:00 +00:00
Roger Dingledine
f0e7c4f0da Only Tors that want to mirror the v2 directory info should
create the "cached-status" directory in their datadir. All Tors
used to create it. Bugfix on 0.1.2.x.

Bridge relays with DirPort set to 0 no longer cache v1 or v2
directory information; there's no point. Bugfix on trunk.


svn:r12887
2007-12-20 06:47:59 +00:00
Nick Mathewson
2f922937d3 r17274@catbus: nickm | 2007-12-20 01:14:09 -0500
Don't try to create the datadir when we are only verifying the configuration or hashing a password. Resolves bug 540.


svn:r12884
2007-12-20 06:15:09 +00:00
Nick Mathewson
6de2b484cf r17270@catbus: nickm | 2007-12-20 00:04:21 -0500
When we decide to send a 503 in response to a request for server descriptors, disable spooling so that we do not then send the descriptors anyway.  Fixes bug 539.


svn:r12882
2007-12-20 05:06:02 +00:00
Nick Mathewson
5c33c0632e r17268@catbus: nickm | 2007-12-19 23:53:53 -0500
Initialize [un]named_server_map to empty strmaps when router_reload_consensus_networkstatus fails completely.  Resolves bug 538.


svn:r12881
2007-12-20 04:54:06 +00:00
Roger Dingledine
f405f9b614 Make getinfo ns/purpose/bridge actually work
Also, dump our bridge router status entries to disk every 30 minutes.


svn:r12871
2007-12-19 04:58:58 +00:00
Roger Dingledine
07c7f9e9e7 When we were reading router descriptors from cache, we were ignoring
the annotations -- including reading in bridge-purpose descriptors
as general-purpose descriptors.


svn:r12867
2007-12-19 03:11:02 +00:00
Nick Mathewson
d07122ba47 r17246@catbus: nickm | 2007-12-18 18:45:17 -0500
Fix some xxx020 items.


svn:r12864
2007-12-18 23:45:24 +00:00
Nick Mathewson
bbbf25db4d r17233@catbus: nickm | 2007-12-18 16:26:55 -0500
Changelog entry for geoip.


svn:r12858
2007-12-18 21:27:12 +00:00
Roger Dingledine
3b2dd8d763 Three new config options (AlternateDirAuthority,
AlternateBridgeAuthority, and AlternateHSAuthority) that let the
user selectively replace the default directory authorities, rather
than the all-or-nothing replacement that DirServer offers.


svn:r12777
2007-12-12 04:38:54 +00:00
Nick Mathewson
8de822b544 r17096@catbus: nickm | 2007-12-11 18:11:59 -0500
Correct changelog: the bug mwenge noticed existed in 0.1.2.x, even though consensuses didn't.


svn:r12769
2007-12-11 23:16:25 +00:00
Nick Mathewson
bd49bba49e r17091@catbus: nickm | 2007-12-11 18:05:55 -0500
Fix compilation when --disable-threads is passed in.


svn:r12768
2007-12-11 23:06:51 +00:00
Nick Mathewson
93d122332d r17090@catbus: nickm | 2007-12-11 18:05:24 -0500
Fix some autoconf bugs, and prevent more from occurring.  Partial backport candidate.


svn:r12767
2007-12-11 23:06:48 +00:00
Nick Mathewson
3208b102d6 r17089@catbus: nickm | 2007-12-11 17:33:34 -0500
Patch from mwenge: fix consensus status lookup by nickname when nickname is a hexdigest.


svn:r12766
2007-12-11 23:06:45 +00:00
Roger Dingledine
78f532678c Relays were publishing their server descriptor to v1 and v2
directory authorities, but they didn't try publishing to v3-only
authorities. Fix this; and also stop publishing to v1 authorities.


svn:r12759
2007-12-11 20:18:12 +00:00
Roger Dingledine
52363d23d7 If we can't expand our list of entry guards (e.g. because we're
using bridges or we have StrictEntryNodes set), don't mark relays
down when they fail a directory request. Otherwise we're too quick
to mark all our entry points down.


svn:r12755
2007-12-10 17:16:41 +00:00
Roger Dingledine
ee6ae92670 New config options AuthDirBadDir and AuthDirListBadDirs for
authorities to mark certain relays as "bad directories" in the
networkstatus documents. Also supports the "!baddir" directive in
the approved-routers file.


svn:r12754
2007-12-10 16:49:54 +00:00
Roger Dingledine
d95e7c7d67 also clear the hsdir status flag in routerinfo_t when the relay is no
longer listed in the relevant networkstatus document.


svn:r12752
2007-12-10 16:40:14 +00:00
Roger Dingledine
6dfd47467e Allow multiple HashedControlPassword config lines, to support
multiple controller passwords.


svn:r12732
2007-12-09 04:59:27 +00:00
Roger Dingledine
ae1aa5a1bb Set up lefkada (run by Geoff Goodell) as the fourth v3 directory
authority.


svn:r12724
2007-12-08 20:16:34 +00:00
Roger Dingledine
75c38a2c88 Bridges now behave like clients with respect to time intervals for
downloading new consensus documents. Bridge users now wait until
the end of the interval, so their bridge will be sure to have a
new consensus document.


svn:r12696
2007-12-06 17:01:16 +00:00
Roger Dingledine
8de470cf69 Add "GETINFO/desc-annotations/id/<OR digest>" so controllers can
ask about source, timestamp of arrival, purpose, etc. We need
something like this to help Vidalia not do GeoIP lookups on bridge 
addresses.


svn:r12687
2007-12-06 07:15:06 +00:00
Roger Dingledine
3ff63b6f4e When the DANGEROUS_VERSION controller status event told us we're
running an obsolete version, it used the string "OLD" to describe
it. Yet the "getinfo" interface used the string "OBSOLETE". Now use
"OBSOLETE" in both cases.


svn:r12686
2007-12-05 19:32:58 +00:00
Nick Mathewson
f948caad7b r15161@tombo: nickm | 2007-12-05 11:30:37 -0500
Fix bug reported by Steve Murphy on or-talk: detect the s6_addr32 and s6_addr16 fields via autoconf.


svn:r12679
2007-12-05 16:30:52 +00:00
Nick Mathewson
2f927b50f0 svn:r12670 2007-12-04 19:38:36 +00:00
Roger Dingledine
d46b8a3eac Stop being so aggressive about fetching dir info if your DirPort is
on but your ORPort is off.

Add a new config option BridgeRelay that specifies you want to
be a bridge relay. Right now the only difference is that it makes
you answer begin_dir requests, and it makes you cache dir info,
even if your DirPort isn't on.

Refactor directory_caches_dir_info() into some more functions.


svn:r12668
2007-12-04 18:35:03 +00:00
Nick Mathewson
593ab7e808 r15106@tombo: nickm | 2007-12-04 00:08:35 -0500
Change tor_addr_t to be a tagged union of in_addr and in6_addr, not of sockaddr_in and sockaddr_in6.  It's hardly used in the main code as it is, but let's get it right before it gets popular.


svn:r12660
2007-12-04 05:19:56 +00:00
Roger Dingledine
ce2cf88ebf Stop thinking that 0.1.2.x directory servers can handle "begin_dir"
requests. Should ease bugs 406 and 419 where 0.1.2.x relays are
crashing or mis-answering these requests.


svn:r12658
2007-12-03 22:31:59 +00:00
Roger Dingledine
07dbaaac16 We were ignoring our RelayBandwidthRate for the first 30 seconds
after opening a circuit -- even relayed circuits. Bugfix on
0.2.0.3-alpha.


svn:r12638
2007-12-02 11:24:06 +00:00
Roger Dingledine
609ea9e75c the nice fellow who told us about r12633 is ok with being credited
svn:r12636
2007-12-02 11:15:55 +00:00
Roger Dingledine
b54240d38f Reject uploaded descriptors and extrainfo documents if they're
huge. Otherwise we'll cache them all over the network and it'll
clog everything up.


svn:r12633
2007-12-02 06:11:53 +00:00
Roger Dingledine
9b1b8199df backport candidate:
Start purging old entries from the "rephist" database, and the
hidden service descriptor databases, even when DirPort is zero.


svn:r12628
2007-12-01 22:38:58 +00:00
Roger Dingledine
77e607cc0d Authorities and caches fetch the v2 networkstatus documents
less often, now that v3 is encouraged.


svn:r12627
2007-12-01 20:04:36 +00:00
Nick Mathewson
ac82d81538 r16874@catbus: nickm | 2007-11-30 13:11:09 -0500
When using dmalloc, dump the top ten memory consumers to the _DMALLOC_ logfile when we get a SIGUSR1.  Hint: it is not what you would think.


svn:r12613
2007-11-30 18:11:26 +00:00
Roger Dingledine
466abecef4 Our new v2 hidden service descriptor format allows descriptors
that have no introduction points. But Tor crashed when we tried
to build a descriptor with no intro points (and it would have
crashed if we had tried to parse one). Bugfix on 0.2.0.x; patch
by Karsten Loesing.


svn:r12579
2007-11-27 21:06:34 +00:00
Roger Dingledine
91bb09cb28 Only update guard status (usable / not usable) once we have
enough directory information. This was causing us to always pick
two new guards on startup (bugfix on 0.2.0.9-alpha), and it was
causing us to discard all our guards on startup if we hadn't been
running for a few weeks (bugfix on 0.1.2.x). Fixes bug 448.


svn:r12570
2007-11-26 02:18:57 +00:00
Roger Dingledine
a54ce34e35 Don't crash if we get an unexpected value for the
PublishServerDescriptor config option. Reported by Matt Edman;
bugfix on 0.2.0.9-alpha.


svn:r12549
2007-11-22 00:43:22 +00:00
Roger Dingledine
1acdfeb288 snapshot summaries
svn:r12523
2007-11-17 07:15:56 +00:00
Roger Dingledine
c336dedd21 The fix in 0.2.0.12-alpha cleared the "hsdir" flag in v3 network
consensus documents when there are too many relays at a single
IP address. Now clear it in v2 network status documents too.


svn:r12522
2007-11-17 07:00:14 +00:00
Roger Dingledine
6514843026 cleanups, bump to 0.2.0.12-alpha
svn:r12516
2007-11-17 02:22:56 +00:00
Roger Dingledine
d6f8ba25c9 back out r12509 and fix a better bug instead:
When authorities detected more than two relays running on the same
IP address, they were clearing all the status flags but forgetting
to clear the "hsdir" flag. So clients were being told that a
given relay was the right choice for a v2 hsdir lookup, yet they
never had its descriptor because it was marked as 'not running'
in the consensus.


svn:r12515
2007-11-17 01:53:33 +00:00
Roger Dingledine
d09439872d If we're using bridges or have strictentrynodes set, and our
chosen exit is in the same family as all our bridges/entry guards,
then be flexible about families.


svn:r12514
2007-11-16 07:37:49 +00:00
Roger Dingledine
0871e02da8 If we're trying to fetch a bridge descriptor and there's no way
the bridge authority could help us (for example, we don't know
a digest, or there is no bridge authority), don't be so eager to
fall back to asking the bridge authority.


svn:r12512
2007-11-16 07:31:51 +00:00
Roger Dingledine
60ee26c873 Karsten: you should look at this and decide if we should skip over
non-running hsdirs, or not give them the flag if they're not running,
or what.

When picking v2 hidden service directories, don't pick ones that
aren't listed as Running.


svn:r12509
2007-11-16 05:29:27 +00:00
Peter Palfrader
3e9369ebd9 Changing the ExitPolicyRejectPrivate setting should cause us to rebuild the
descriptor.


svn:r12507
2007-11-15 15:51:17 +00:00
Roger Dingledine
06a1e4124f Fix a small memory leak whenever we decide against using a
newly picked entry guard. Reported by Mike Perry.


svn:r12506
2007-11-15 11:14:08 +00:00
Nick Mathewson
e843e05563 r16670@catbus: nickm | 2007-11-14 14:56:30 -0500
Initial phase of proposal 110: accept RELAY_EARLY cells, and turn them into RELAY cells when sending them on over a v1 OR connection.


svn:r12496
2007-11-14 20:01:15 +00:00
Nick Mathewson
bbb34846b4 r16665@catbus: nickm | 2007-11-14 13:36:11 -0500
Fix bug spotted by karsten: when we have no consensus, do not try to continue finding directories for a hidden service.


svn:r12493
2007-11-14 18:39:15 +00:00
Nick Mathewson
75922ff41f r16663@catbus: nickm | 2007-11-13 21:51:28 -0500
Back out parts of r12376: replace file locations in scripts.


svn:r12490
2007-11-14 02:55:12 +00:00
Roger Dingledine
6739ef4027 Make it build on OpenBSD again. Patch from tup.
svn:r12489
2007-11-12 20:42:57 +00:00
Roger Dingledine
b7024f0f30 clean up the changelog for a release today
svn:r12487
2007-11-12 19:42:34 +00:00
Nick Mathewson
f7c2d1522e r16656@catbus: nickm | 2007-11-12 11:27:00 -0500
Possibly fix bug 548 by making the fix for bug 543 not get invoked on authorities.  See changelog and bug 548 entry for rationale.


svn:r12485
2007-11-12 16:29:31 +00:00
Roger Dingledine
7870964e0c Don't reevaluate all the information from our consensus document
just because we've downloaded a v2 networkstatus that we intend
to cache. Fixes bug 545.


svn:r12479
2007-11-11 17:37:59 +00:00
Roger Dingledine
9c934558e1 a changelog entry for r12471.
svn:r12472
2007-11-11 05:33:49 +00:00
Roger Dingledine
8a1b394695 We were including instructions about what to do with the
src/config/fallback-consensus file, but we weren't actually 
including it in the tarball. Disable all of that for now.


svn:r12467
2007-11-11 01:27:02 +00:00
Roger Dingledine
8ca51869fd Allow people to say PreferTunnelledDirConns rather than
PreferTunneledDirConns, for those alternate-spellers out there.


svn:r12466
2007-11-11 01:06:16 +00:00
Roger Dingledine
928743002a forward-port the 0.1.2.18 entries
svn:r12465
2007-11-11 00:33:53 +00:00
Roger Dingledine
33a9f45a86 We weren't actually including the src/config/fallback-consensus
file in the tarball. Reported by phobos.


svn:r12462
2007-11-10 23:58:07 +00:00
Roger Dingledine
42b8fb5a15 Exit policies now reject connections that are addressed to a
relay's public (external) IP address too, unless
ExitPolicyRejectPrivate is turned off. We do this because too
many relays are running nearby to services that trust them based
on network address.


svn:r12459
2007-11-10 21:17:51 +00:00
Roger Dingledine
462643c756 prepare for 0.2.0.10-alpha-dev
svn:r12458
2007-11-10 20:30:54 +00:00
Roger Dingledine
7050df7245 bump to 0.2.0.10-alpha
svn:r12455
2007-11-10 07:26:56 +00:00