Commit Graph

863 Commits

Author SHA1 Message Date
Nick Mathewson
f40df02f3e Treat null address as "unknown", not "rejected" in md policy
Previously, we had an issue where we'd treat an unknown address as
0, which turned into "0.0.0.0", which looked like a rejected
address.  This meant in practice that as soon as we started doing
comparisons of unknown uint32 addresses to short policies, we'd get
'rejected' right away.  Because of the circumstances under which
this would be called, it would only happen when we had local DNS
cached entries and we were looking to launch new circuits.
2011-07-15 13:04:06 -04:00
Nick Mathewson
44cfa53873 Make WIN32_WINNT defines conditional
Requested by Gisle Vanem on tor-dev.  I'm not quite sure this is the
right solution, but it's probably harmless.
2011-07-15 10:03:59 -04:00
Nick Mathewson
852b131281 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/control.c
2011-07-14 17:22:23 -04:00
Nick Mathewson
866a2828bd Merge branch 'bug3577' into maint-0.2.2 2011-07-14 17:20:01 -04:00
Nick Mathewson
642cff5bca Only download microdesc consensus from caches that support it
Bugfix on 0.2.3.1-alpha; found by arma; never got a bug number.
2011-07-14 14:19:18 -04:00
Nick Mathewson
5000e59b5f Change GETINFO fingerprint to look at server_mode, not my_descriptor
It's possible for us to be a server and have a fingerprint without
having yet generated a descriptor.

Fixes bug 3577; bugfix on 0.2.0.1-alpha
2011-07-13 12:45:18 -04:00
Nick Mathewson
1aab5b6b39 Merge remote-tracking branch 'public/bug1666'
Conflicts:
	doc/spec/socks-extensions.txt
	src/or/buffers.c
	src/or/config.c
	src/or/connection_edge.c
2011-07-13 12:12:16 -04:00
Nick Mathewson
597da4989e Merge branch 'bug2798' 2011-07-11 17:04:21 -04:00
Nick Mathewson
d82384658d Tweaks to bug2798 based on comments by arma 2011-07-11 17:02:03 -04:00
Nick Mathewson
b55e31aeb4 Merge remote-tracking branch 'rransom-tor/bug3427' 2011-07-11 16:32:58 -04:00
Nick Mathewson
b0de8560f6 Report the states of failed TLS connections from bootstrap_problem 2011-07-11 16:13:17 -04:00
Nick Mathewson
a2ad31a92b Split connection_about_to_close_connection into separate functions
This patch does NOTHING but:
  - move code
  - add declarations and includes as needed to make the new code
    work
  - declare the new functions.
2011-07-11 16:13:16 -04:00
Nick Mathewson
a21c4c657a typo in feature2841; spotted by asn 2011-07-11 16:12:35 -04:00
Nick Mathewson
f4ed42eadf Changes file for feature2841. 2011-07-11 16:01:45 -04:00
Nick Mathewson
2797fd8f68 Revise code for adding EntryNodes to guards.
Previously, we'd just take all the nodes in EntryNodes, see which
ones were already in the guard list, and add the ones that weren't.
There were some problems there, though:

   * We'd add _every_ entry in EntryNodes, and add them in the order
     they appeared in the routerlist.  This wasn't a problem
     until we added the ability to give country-code or IP-range
     entries in the EntryNodes set, but now that we did, it is.

     (Fix: We now shuffle the entry nodes before adding them; only
     add up to 10*NumEntryGuards)

   * We didn't screen EntryNodes for the Guard flag.  That's okay
     if the user has specified two or three entry nodes manually,
     but if they have listed a whole subcontinent, we should
     restrict ourselves to the entries that are currently guards.

     (Fix: separate out the new guard from the new non-guard nodes,
     and add the Guards first.)

   * We'd prepend new EntryNodes _before_ the already configured
     EntryNodes.  This could lead to churn.

     (Fix: don't prepend these.)

This patch also pre-screens EntryNodes entries for
reachableaddresses/excludenodes, even though we check for that
later.  This is important now, since we cap the number of entries
we'll add.
2011-07-11 10:58:07 -04:00
Nick Mathewson
60832766ac Look at the right consensus in router_add_to_routerlist()
Just looking at the "latest" consensus could give us a microdesc
consensus, if microdescs were enabled. That would make us decide
that every routerdesc was unlisted in the latest consensus and drop
them all: Ouch.

Fixes bug 3113; bugfix on 0.2.3.1-alpha.
2011-07-11 10:02:24 -04:00
Roger Dingledine
aeb117f62c Merge branch 'maint-0.2.2' 2011-07-07 13:31:08 -04:00
Roger Dingledine
8e3830352f Merge branch 'maint-0.2.1' into maint-0.2.2 2011-07-07 13:29:02 -04:00
Roger Dingledine
51d6e95023 update to the july 2011 geoip db 2011-07-07 13:28:36 -04:00
Nick Mathewson
174cbff8cf Merge remote-tracking branch 'public/bug3153'
Conflicts:
	src/or/nodelist.c
2011-07-07 11:14:04 -04:00
Nick Mathewson
6b670d6032 Merge branch 'bug3263' 2011-07-07 11:08:03 -04:00
Nick Mathewson
586d0abe59 oops; wrong bug number. 2011-07-07 11:02:00 -04:00
Nick Mathewson
57822cbbbe Avoid double-free in bufferevent read/write cbs
Fixes bug 3404; bugfix on 0.2.3.1-alpha.
2011-07-07 11:00:21 -04:00
Nick Mathewson
f883ec09b5 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-07-07 09:56:01 -04:00
Sebastian Hahn
3ab09763ce Correctly send a SUCCEEDED event for rdns requests
The issue was that we overlooked the possibility of reverse DNS success
at the end of connection_ap_handshake_socks_resolved(). Issue discovered
by katmagic, thanks!
2011-07-07 05:38:38 +02:00
Nick Mathewson
0be2934186 Merge remote-tracking branch 'rransom-tor/bug3465-023-v2' 2011-07-05 16:01:07 -04:00
Nick Mathewson
335ff915c7 Merge remote-tracking branch 'rransom-tor/bug3465-022' into maint-0.2.2 2011-07-05 15:52:11 -04:00
Nick Mathewson
e273890b10 Merge branch 'cov217_master' 2011-07-01 12:57:21 -04:00
Nick Mathewson
734e860d98 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-07-01 12:56:40 -04:00
Nick Mathewson
5cf725e3c6 Merge branch 'cid30_changelog' into maint-0.2.2 2011-07-01 12:55:27 -04:00
Nick Mathewson
2ba19f9b4a Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-07-01 12:55:23 -04:00
Nick Mathewson
021cf3f052 Merge branches 'cov217_021' and 'cid_450' into maint-0.2.1 2011-07-01 12:54:51 -04:00
Nick Mathewson
959da6b7f2 Use strlcpy in create_unix_sockaddr()
Using strncpy meant that if listenaddress were ever >=
sizeof(sockaddr_un.sun_path), we would fail to nul-terminate
sun_path.  This isn't a big deal: we never read sun_path, and the
kernel is smart enough to reject the sockaddr_un if it isn't
nul-terminated.  Nonetheless, it's a dumb failure mode.  Instead, we
should reject addresses that don't fit in sockaddr_un.sun_path.

Coverity found this; it's CID 428.  Bugfix on 0.2.0.3-alpha.
2011-07-01 12:54:24 -04:00
Nick Mathewson
359a30d52e Add a changelog entry for cid30 fix. 2011-07-01 12:46:26 -04:00
Nick Mathewson
d25feadebb Fix insanely large stack_allocation in log_credential_status
I'm not one to insist on C's miserly stack limits, but allocating a
256K array on the stack is too much even for me.

Bugfix on 0.2.1.7-alpha.  Found by coverity.  Fixes CID # 450.
2011-07-01 12:38:05 -04:00
Nick Mathewson
a0ae80788c Replace 4 more sscanf()s with tor_sscanf()
For some inexplicable reason, Coverity departs from its usual
standards of avoiding false positives here, and warns about all
sscanf usage, even when the formatting strings are totally safe.

Addresses CID # 447, 446.
2011-07-01 11:26:30 -04:00
Robert Ransom
ca6efcf507 Make handle_control_setevents table-driven 2011-06-25 17:45:33 -07:00
Robert Ransom
c780bc4d0b Merge branch 'bug3465-022' into bug3465-023
* bug3465-022:
  Add BUILDTIMEOUT_SET to the result of GETINFO events/names
  Correct a comment
  Fix minor comment issues
2011-06-25 15:04:07 -07:00
Robert Ransom
93d52f6739 Add BUILDTIMEOUT_SET to the result of GETINFO events/names 2011-06-25 15:02:11 -07:00
Nick Mathewson
64a5a4177f Merge branch 'bug3367' 2011-06-21 11:32:52 -04:00
Nick Mathewson
4186b1362b Merge remote-tracking branch 'public/bug3264' 2011-06-21 10:28:25 -04:00
Nick Mathewson
e617a34d58 Add, use a bufferevent-safe connection_flush()
A couple of places in control.c were using connection_handle_write()
to flush important stuff (the response to a SIGNAL command, an
ERR-level status event) before Tor went down.  But
connection_handle_write() isn't meaningful for bufferevents, so we'd
crash.

This patch adds a new connection_flush() that works for all connection
backends, and makes control.c use that instead.

Fix for bug 3367; bugfix on 0.2.3.1-alpha.
2011-06-21 10:22:54 -04:00
Jacob Appelbaum
8b0d9452ca Fix tor-fw-helper-natpmp.c API usage
libnatpmp-20110618 changed the API that tor-fw-helper used and for a time
tor-fw-helper could not build against the newest libnatpmp. This patch brings
support for libnatpmp to tor-fw-helper.
2011-06-20 20:01:46 -04:00
Nick Mathewson
410e440a8d Log SSL state changes at LOG_DEBUG, LD_HANDSHAKE.
This can be slightly useful for debugging blocking events.

Addresses ticket 3116; based on loud_ssl_states branch.
2011-06-20 17:45:12 -04:00
intrigeri
8b265543eb Add port 6523 (Gobby) to LongLivedPorts. 2011-06-20 12:08:46 -04:00
Nick Mathewson
a046966baf Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/config.c
	src/or/or.h
2011-06-19 21:00:15 -04:00
Nick Mathewson
8e5dfe42a0 Tweak bug2355_revert at suggestion from Roger 2011-06-19 20:58:46 -04:00
Robert Ransom
eeedc5c13c Put hashes of all tor source files into or_sha1.i 2011-06-18 00:54:04 -07:00
Nick Mathewson
1811bef666 Add changes file for bug2355 revert 2011-06-17 16:54:31 -04:00
Nick Mathewson
42d6f34590 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-06-17 15:25:18 -04:00