Remember the valid-until time of the most recent consensus that listed
a router, and (if we are a cache) never delete the routerdesc until
that conensus is expired. This is way easier than retaining multiple
consensuses. (Of course, the info isn't retained across restarts,
but that only affects a few caches at a time.)
svn:r12041
Make unverified-consensus get removed when it is accepted or rejected. Make a new get_datadir_fname*() set of functions to eliminate the common code of "get the options, get the datadir, append some stuff".
svn:r12000
Implement v3 networkstatus client code. Remove v2 networkstatus client code, except as needed for caches to fetch and serve v2 networkstatues and the routers they list.
svn:r11957
Fix bug 451. This was a nasty bug, so let's fix it twice: first, by banning recursive calls to connection_handle_write from connection_flushed_some; and second, by not calling connection_finished_flushing() on a closed connection. Backport candidate.
svn:r11882
Document minimal values for voting times. Use a macro instead of a magic number. Remove an "enforce this" xxxx020 that was already enforced.
svn:r11868
Retry consensus and certificate downloads properly. Do not fail when there are no certificates to download. Do not download certificates we already have when retrying.
svn:r11841
Change dirvote_get_vote to take named flags rather than 3 boolean inputs. Fix a bug that was caused by the order of the boolean inputs in or.h not matching the order of boolean inputs in dirvote.c.
svn:r11812
Use download_status_t for v2 networkstatuses and certs as well as for routers. Make functions to manipulate it. Next steps: use it for consensus networkstatuses, and get consensus download rescheduling working.
svn:r11800
Refactor out about a third of routerlist.c into a new networkstatus.c. I\m not sure that I got everything that needed to move, but so far so good.
svn:r11791
Make router_digest_is_trusted_dir able to check for type. When looking for a V3 directory, only assume that the V3 authorities and caches have it: previous code assumed that all authorities had it.
svn:r11789
Add a bunch of function documentation; clean up a little code; fix some XXXXs; tag the nonsensical EXTRAINFO_PURPOSE_GENERAL as nonsesnse; note another bit of "do not cache special routers" code to nuke.
svn:r11761
Use descriptor annotations to record the source, download t time, and purpose of every descriptor we add to the store. The remaining to-do item is to stop setting do_not_cache on bridges.
svn:r11680
Remove annotated_desc_store store (which we never used). Instead, shift name of router store to cached-descriptors, but initialize it from cached-routers as needed
svn:r11678
More annotated-store work: handle annotations in lists correctly. Add ability to prepend annotations to a routerdesc (and to every rtouredesc in a list), while verifying that the routerdesc is not already annotated.
svn:r11665
Backend for descriptor annotations: parse annotations as keywords; only allow them to appear in the cache; do not serve them as part of the descriptor if we are a dirserver. Still need mechanism to set annotations. Still need to rename cache file.
svn:r11654
users configure that and specify a bridge with an identity
fingerprint, now they will lookup the bridge descriptor at the
default bridge authority via a one-hop tunnel, but once circuits
are established they will switch to a three-hop tunnel for later
connections to the bridge authority.
svn:r11550
Remove some needless complexity from the code to add signatures to a consensus: previously, we had a path to add new signatures, and a second path to replace signatures. But the second path sufficed as a common case, and the code isn't invoked nearly enough to justify the optimization of having the first path.
svn:r11433
Refactor store_stats_t to hold a pointer to the proper mmap, and turn it into a full-fledged type. This sets stuff up nicely for adding a separate "annotated" store. Add some XXXX NM items that need to be fixed when annotated stores exist
svn:r11338
Make controllers accept LF as well as CRLF. Update spec to reflect this. Remove now-dead code. Make controller warning about v0 protocol more accurate.
svn:r11299
Add a new ClientDNSRejectInternalAddresses option (default: on) to refuse to believe that any address can map to or from an internal address. This blocks some kinds of potential browser-based attacks, especially on hosts using DNSPort. Also clarify behavior in some comments. Backport candiate?
svn:r11287
want, which is to expire old guards *every* time somebody moves
from an old version to the new one.
also, refine which version numbers count as 'new enough'.
svn:r11272
