Add a new ClientDNSRejectInternalAddresses option (default: on) to refuse to believe that any address can map to or from an internal address. This blocks some kinds of potential browser-based attacks, especially on hosts using DNSPort. Also clarify behavior in some comments. Backport candiate?
svn:r11287
Finish implementing and documenting proposal 108: Authorities now use MTBF data to set their stability flags, once they have at least 4 days of data to use.
svn:r11240
Tweaks on constrained socket buffers patch from coderman: Add a changelog; rename some variables; fix some long lines and whitespace; make ConstrainedSockSize a memunit; pass setsockopt a void.
svn:r10843
Add some code to mitigate bug 393: Choose at random from multiple hidden service ports with the same virtport. This allows limited ad-hoc round-robining.
svn:r10398
authorities should set. This will let future authorities choose
not to serve V2 directory information.
Also, go through and revamp all the authdir_mode stuff so it tries
to do the right thing if you're an auth but not a V1 or V2 auth.
svn:r10092
handshake to finish. Previously we would let them sit around for
days, if the connecting application didn't close them either.
Also take this opportunity to refactor a duplicate bit of circuituse.c.
And change the semantics of SocksTimeout slightly, but I think it'll
be ok.
svn:r9350
Check addresses for rfc953-saneness at exit too, and give a PROTOCOL_WARN when they fail. Also provide a mechanism to override this, so blossom can have its @@##$$^.whatever.exit hostnames if it wants.
svn:r9336
Fix bug 364: check for whether popular hostnames (curently google, yahoo, mit, and slashdot) are getting wildcarded. If they are, we are probably behind a DNS server that is useless: change our exit policy to reject *:*.
svn:r9199
Add an orport option to dirserver lines so that clients can tell where to connect to open an encrypted tunnel to a dirserver even before they have its descriptor.
svn:r9171
Let directory authorities set the BadExit flag if they like. Also, refactor directory authority code so we can believe multiple things about a single router, and do fewer linear searches.
svn:r8794
hidden service authorities too.
- Just because your DirPort is open doesn't mean people should be
able to remotely teach you about hidden service descriptors. Now
only accept rendezvous posts if you've got HSAuthoritativeDir set.
svn:r8573
Make "is a v1 authority", "is a v2 authority", and "is a hidden service authority" into separate flags so we can eventually migrate more trust away from moria.
svn:r8523
