Commit Graph

4970 Commits

Author SHA1 Message Date
Roger Dingledine
5c949fce51 Start obeying our firewall options more rigorously:
- If we can't get to a dirserver directly, try going via Tor.
  - Don't ever try to connect (as a client) to a place our firewall
    options forbid.
  - If we specify a proxy and also firewall options, obey the firewall
    options even when we're using the proxy: some proxies can only proxy
    to certain destinations.


svn:r5431
2005-11-19 10:12:10 +00:00
Roger Dingledine
b819a53654 mark off some todo items
svn:r5430
2005-11-19 07:16:12 +00:00
Roger Dingledine
7aae63994f Recover better from TCP connections to Tor servers that are broken but
don't tell you (it happens!); and rotate TLS connections once a week.

1) If an OR conn becomes more than a week old, make it obsolete.
2) If it's obsolete and empty, kill it.
3) When an OR makes a second connection to you, allow it.
4) If we want to send a new create cell, but the best conn we've
   got is obsolete, and the router is 0.1.1.9-alpha-cvs or later, ask
   for a new conn instead.
5) When we time out on circuit building on the first hop, make that
   connection obsolete.


svn:r5429
2005-11-19 06:57:44 +00:00
Roger Dingledine
700c370a3b misc cleanups
svn:r5428
2005-11-19 01:56:58 +00:00
Roger Dingledine
f824fb5f83 Bugfix: it looks like some middleman circuits were spending the
first few moments of their existence in CIRCUIT_STATE_OPEN, then
when Alice sent an extend request for a Tor that they're not connected
to, they switched to CIRCUIT_STATE_OR_WAIT and spent the rest of
their sorry little lives in that state, even when the connection
was established and they were shuttling relay cells back and forth.

And I'm not going to backport this (yet), because somehow it worked!


svn:r5427
2005-11-19 01:55:58 +00:00
Roger Dingledine
0de8f4ee55 another case (i think) of redundant code.
svn:r5426
2005-11-19 01:03:34 +00:00
Roger Dingledine
409294153f remove some redundant (and misleading) code
svn:r5425
2005-11-19 00:44:24 +00:00
Peter Palfrader
6734371234 15*60 is 15 minutes, not 5
svn:r5424
2005-11-18 21:57:49 +00:00
Peter Palfrader
901712ee59 Remove ip address change flapping detection. It is not really needed and I do not think it works quite right.
svn:r5423
2005-11-18 19:28:34 +00:00
Roger Dingledine
4ddf2385a0 if it's not less than three does that mean it's more than two?
svn:r5422
2005-11-18 11:35:23 +00:00
Roger Dingledine
9d6d6da883 and code the part where redirectstream can take a port.
svn:r5421
2005-11-18 11:32:59 +00:00
Roger Dingledine
a32a63d50b document how the error values for closestream and closecircuit work.
also, let redirectstream take a port, in case we want to change that too.


svn:r5420
2005-11-18 11:17:24 +00:00
Roger Dingledine
dfdd735902 commit a changelog tweak that i slipped in for the release
svn:r5419
2005-11-18 03:03:18 +00:00
Roger Dingledine
afb1c79879 Leave options->DirServers alone -- if the user didn't specify any,
just add the default ones directly to the trusted dirserver list.
This fixes a bug where people running controllers would setconf or
the equivalent, and Tor would start yelling at them about setting
their own DirServer lines.


svn:r5418
2005-11-18 02:47:09 +00:00
Roger Dingledine
26d8c3498c and another overly common log entry
svn:r5417
2005-11-18 00:35:29 +00:00
Roger Dingledine
aa53190ed5 and another one
svn:r5416
2005-11-17 22:23:18 +00:00
Roger Dingledine
9111a3fb48 comment out some really popular log lines
svn:r5415
2005-11-17 22:19:35 +00:00
Roger Dingledine
d2b93df26c and now we actually do it, too.
svn:r5414
2005-11-17 22:01:46 +00:00
Roger Dingledine
396577d17e what to do on a failed setconf was a bit unspecified
svn:r5413
2005-11-17 22:01:24 +00:00
Roger Dingledine
7dbf2511c3 when you type 'getinfo' with no arguments, it doesn't give you
any answer at all. this is clearly a bug.

the more interesting bug is whether things like setconf, getconf,
and so on should return 250 OK if you give them no arguments. should
we have a new "you didn't ask me anything" response code, or just
leave it as is?


svn:r5412
2005-11-17 21:45:38 +00:00
Nick Mathewson
24ea1b3673 Add some DH clarifications
svn:r5411
2005-11-17 18:14:29 +00:00
Roger Dingledine
a44fc1eebb more spec clarifications from talking to lexi
svn:r5410
2005-11-17 09:55:44 +00:00
Nick Mathewson
b2715a1afe Remove incorrect requirement.
svn:r5409
2005-11-17 04:46:16 +00:00
Roger Dingledine
280a4f9b37 ignored cells still count for computing digests.
svn:r5408
2005-11-17 03:49:22 +00:00
Roger Dingledine
ae937b4e40 and note that older tors break the spec in that way
svn:r5407
2005-11-17 03:43:10 +00:00
Roger Dingledine
bed777375b pick a side of the fence. here's hoping.
svn:r5406
2005-11-17 03:42:04 +00:00
Roger Dingledine
af86345b74 we used to kill the circuit when we receive a relay command we
don't recognize. now we just drop it. perhaps this will make us
more forward-compatible? or perhaps it will bite us? one day we
will find out.


svn:r5405
2005-11-17 03:40:20 +00:00
Roger Dingledine
6f06079741 fix a bug in the spec, and add a question about correct behavior. nick?
svn:r5404
2005-11-17 03:18:18 +00:00
Roger Dingledine
298da4497a help the term "OP" become obsolete
svn:r5403
2005-11-17 01:17:53 +00:00
Roger Dingledine
9eada6d3c1 clean up the tor spec somewhat, inspired by comments from lexi
svn:r5402
2005-11-17 01:10:41 +00:00
Roger Dingledine
386e3954ae put the socks-extensions file in the tarball too
svn:r5401
2005-11-17 00:00:49 +00:00
Roger Dingledine
279e29a1f2 bugfix: the controller doesn't mention it's a .onion if it is.
svn:r5400
2005-11-16 23:54:24 +00:00
Roger Dingledine
c4aa9e7941 Add a new config option TestSocks so people can see if their
applications are using socks4, socks4a, socks5-with-ip, or
socks5-with-hostname. This way they don't have to keep mucking
with tcpdump and wondering if something got cached somewhere.


svn:r5399
2005-11-16 23:37:35 +00:00
Nick Mathewson
83d6b0387b Try to build with OpenSSL 0.9.6. Lets pay attention to see if anybody complains.
svn:r5398
2005-11-16 05:22:44 +00:00
Roger Dingledine
fd58b0bc6e and start using the local copy of the stylesheet
svn:r5397
2005-11-15 22:45:24 +00:00
Roger Dingledine
ed6a0531d2 and get it into the tarball
svn:r5396
2005-11-15 22:42:25 +00:00
Roger Dingledine
fd3a6e9d7b ship a copy of the stylesheet with the tor-doc-*
svn:r5395
2005-11-15 22:42:10 +00:00
Roger Dingledine
3ec1aea329 stop shipping tor-doc.html and .css in the tarball
they're obsolete


svn:r5394
2005-11-15 22:39:55 +00:00
Roger Dingledine
2a96454816 start shipping tor-doc-unix.html tor-doc-server.html in the tarball
svn:r5393
2005-11-15 22:39:23 +00:00
Peter Palfrader
929dc8dea9 Actually do not ship doc/{socks-extensions.txt,tor-doc-server.html,tor-doc-unix.html}, they are not in the tarball
svn:r5391
2005-11-15 22:36:24 +00:00
Peter Palfrader
9dc4c82754 New upstream version.
svn:r5390
2005-11-15 22:30:15 +00:00
Nick Mathewson
22aea0757e Verify that router fingerprint lines match identity keys. (We dont use them, but others might.)
svn:r5389
2005-11-15 21:24:32 +00:00
Roger Dingledine
74d1ca66c0 another case where the poor server operator doesn't need to
hear about lexi's bugs.


svn:r5388
2005-11-15 20:40:32 +00:00
Roger Dingledine
6465b30f21 bump to 0.1.1.9-alpha-cvs
svn:r5387
2005-11-15 20:29:56 +00:00
Roger Dingledine
e5087382de correct the timestamp on the changelog
svn:r5385
2005-11-15 20:07:29 +00:00
Peter Palfrader
fa29f91944 Whitespace fix
svn:r5384
2005-11-15 10:36:42 +00:00
Peter Palfrader
f8ba32c32d add items to my TODO
svn:r5383
2005-11-15 10:34:14 +00:00
Peter Palfrader
ccba428dbc Say that tor.default is a bash shell fragment now
svn:r5382
2005-11-15 10:33:54 +00:00
Peter Palfrader
333e179f3e Remove the EVENT_NOEPOLL block from etc/default/tor.
Add an ARGS block to etc/default/tor as suggested in #338425.


svn:r5381
2005-11-15 10:30:36 +00:00
Peter Palfrader
b52c4bfe09 Use bin/bash for the init script instead of bin/sh. We are using ulimit -n
which is not POSIX  (closes: #338797).


svn:r5380
2005-11-15 10:28:00 +00:00