Commit Graph

1211 Commits

Author SHA1 Message Date
Nick Mathewson
73c6cb8353 Fix unit test failure related to intro point parsing.
svn:r17188
2008-11-03 16:36:15 +00:00
Nick Mathewson
69cda76168 missing changelog for 0x20 hack
svn:r17185
2008-11-03 15:45:27 +00:00
Nick Mathewson
8c78a68cc0 Move changelog entry to correct section
svn:r17180
2008-11-01 20:28:10 +00:00
Nick Mathewson
c534b96e58 Fix an assertion failure on double-marked circuits, and a double-mark.
svn:r17179
2008-11-01 20:27:41 +00:00
Nick Mathewson
c8a5e2d588 Work better with tools that resist DNS poisoning by using the 0x20 hack: make DNSPort replies perserve case.
svn:r17170
2008-10-29 15:31:26 +00:00
Nick Mathewson
361086005c Fix a possible negative shift in address comparison. May fix bug 845 and bug 811
svn:r17169
2008-10-29 13:29:54 +00:00
Nick Mathewson
ee31e0829e Verify cpath_layer match on rendezvous cells too. Fixes another case of bug 446. Based on patch from rovv.
svn:r17162
2008-10-27 16:46:45 +00:00
Nick Mathewson
b166a43cb6 Fix another case of refusing to use a chosen exit node because we think it will reject _mostly_ everything. Based on patch from rovv. See bug 752.
svn:r17139
2008-10-21 17:09:04 +00:00
Nick Mathewson
5e762e6a5c Fix the rest of bug 619: reject *:* servers should not do DNS lookups, even if broken clients send them RELAY_BEGIN cells. Patch from rovv.
svn:r17138
2008-10-21 16:51:59 +00:00
Nick Mathewson
b593fd5c20 Patch from rovv: send back END cell in response to connect attempts to nonexistent hidden service port.
svn:r17137
2008-10-21 16:41:20 +00:00
Roger Dingledine
bca46cc628 backport candidate:
The "ClientDNSRejectInternalAddresses" config option wasn't being
consistently obeyed: if an exit relay refuses a stream because its
exit policy doesn't allow it, we would remember what IP address
the relay said the destination address resolves to, even if it's
an internal IP address. Bugfix on 0.2.0.7-alpha; patch by rovv.


svn:r17135
2008-10-17 22:08:49 +00:00
Roger Dingledine
d374dc94e5 fix changelog entry for proposal 155, patch 1
svn:r17113
2008-10-15 22:01:17 +00:00
Roger Dingledine
a5769eefa4 patch4 from proposal 155:
Hidden services start out building five intro circuits rather
than three, and when the first three finish they publish a service
descriptor using those. Now we publish our service descriptor much
faster after restart.


svn:r17110
2008-10-15 20:59:48 +00:00
Roger Dingledine
d06182f0bd add patch2 from proposal 155:
Launch a second client-side introduction circuit in parallel
after a delay of 15 seconds (based on work by Christian Wilms).


svn:r17108
2008-10-15 18:52:06 +00:00
Roger Dingledine
4520500cde put in karsten's patch #1 for proposal 155, modified
svn:r17106
2008-10-15 00:36:09 +00:00
Nick Mathewson
846e40d193 Patch from rovv: when we have no pending streams, choose exits with choose_good_exit_server_general() rather than with circuit_get_unhandled_ports() and friends. Bugfix on 0.1.1.x, at least.
svn:r17091
2008-10-14 17:05:52 +00:00
Roger Dingledine
d7cfa1f56c Minor fix in the warning messages when you're having problems
bootstrapping; also, be more forgiving of bootstrap problems when
we're still making incremental progress on a given bootstrap phase.


svn:r17066
2008-10-13 03:34:29 +00:00
Roger Dingledine
37883ca4bc put the 0.2.1.6-alpha blurb into the changelog
svn:r17059
2008-10-12 00:51:02 +00:00
Roger Dingledine
c7af43a624 Now NodeFamily and MyFamily config options allow spaces in
identity fingerprints, so it's easier to paste them in.
Suggested by Lucky Green.


svn:r17021
2008-10-01 03:41:33 +00:00
Roger Dingledine
a04baf14b6 bump to 0.2.1.6-alpha, and note that the exclude*nodes config
discussion hasn't finished.


svn:r17011
2008-09-30 09:37:18 +00:00
Nick Mathewson
25f8335528 Include circuit purposes in circuit events. Now all circuit events are extended; this makes the code simpler.
svn:r17007
2008-09-29 22:34:22 +00:00
Roger Dingledine
26aa741169 Remove the old v2 directory authority 'lefkada' from the default
list. It has been gone for many months.


svn:r17005
2008-09-29 19:27:20 +00:00
Nick Mathewson
ae3ce7b387 Patch from mwenge: update TrackHostExits mapping expiry times when the mappings are used, so that they expire a while after their last use, not a while after their creation.
svn:r17004
2008-09-29 14:53:53 +00:00
Nick Mathewson
ee0078ead4 Make tor-resolve take a -p port option in addition to the current host:port syntax.
svn:r17002
2008-09-29 14:18:47 +00:00
Roger Dingledine
9678f166a8 If we have correct permissions on $datadir, we complain to stdout
and fail to start. But dangerous permissions on
$datadir/cached-status/ would cause us to open a log and complain
there. Now complain to stdout and fail to start in both cases. Fixes
bug 820, reported by seeess.


svn:r16998
2008-09-29 10:09:05 +00:00
Roger Dingledine
c846979ab7 Fix a bug where an unreachable relay would establish enough
reachability testing circuits to do a bandwidth test -- if
we already have a connection to the middle hop of the testing
circuit, then it could establish the last hop by using the existing
connection. Bugfix on 0.1.2.2-alpha, exposed when we made testing
circuits no longer use entry guards in 0.2.1.3-alpha.


svn:r16997
2008-09-29 09:36:42 +00:00
Roger Dingledine
81b216086b rearrange the changelog a bit more
svn:r16996
2008-09-29 09:30:06 +00:00
Roger Dingledine
57942415ef changelog cleanups. give 0.2.1.6-alpha a deadline.
svn:r16995
2008-09-29 06:54:32 +00:00
Nick Mathewson
99755f374d Fix 0/0 calculation in get_weighted_fractional_uptime().
svn:r16994
2008-09-28 15:48:36 +00:00
Nick Mathewson
bb1685318c Commit fix for bug 807 from mwenge: send CLOSED controller event for reverse dns resolve, not FAILED.
svn:r16985
2008-09-26 20:25:35 +00:00
Nick Mathewson
e147e867be Proposal 152 implementation from Josh Albrecht, with tweaks.
svn:r16983
2008-09-26 18:58:45 +00:00
Nick Mathewson
e7e12236ac Code to serve a current stability calculations from /tor/dbg-stability.txt. Untested: somebody please run this on an authority and let me know if it is broken.
svn:r16981
2008-09-26 18:02:48 +00:00
Nick Mathewson
ae33d3ead7 Apply rovv's fix for bug 824.
svn:r16975
2008-09-26 15:30:26 +00:00
Nick Mathewson
8bbbbaf87b Add country-code support to configured node lists to implement the ever-popular "no exits in Monaco" feature (ExcludeExitNodes {MC}). Also allow country codes and IP ranges in ExitNodes. (EntryNodes needs more work.) Based on code by Robert Hogan. Needs more testing.
svn:r16966
2008-09-25 20:21:35 +00:00
Karsten Loesing
6bb4492a6f Having two "Major features:" sections seems too much of a good thing.
svn:r16962
2008-09-25 09:53:19 +00:00
Karsten Loesing
f2ff3e74ae All relays now store and serve v2 hidden service descriptors by default (not only directory mirrors).
svn:r16961
2008-09-24 22:33:47 +00:00
Karsten Loesing
9a7098487b If we are not using BEGIN_DIR cells, don't attempt to contact hidden service directories with non-open dir port.
svn:r16960
2008-09-24 22:29:22 +00:00
Roger Dingledine
8dfe8194c9 changelog cleanup / rearranging
svn:r16957
2008-09-24 17:01:43 +00:00
Nick Mathewson
8bc1536a9e Add patch 4 from Karsten for proposal 121, slightly modified. Karsten should definitely re-review the bits I changed.
svn:r16955
2008-09-24 14:44:29 +00:00
Roger Dingledine
f59c13b7a3 fix a bad typo, add a missing word
svn:r16946
2008-09-23 21:01:54 +00:00
Nick Mathewson
75977fd79b Patch from roger for 752, but with more comments: When we get an A.B.exit:P address, and B would reject most connections to P, but we do not know whether it would allow A, then allow the connection to procede. Bugfix, amusingly, on 0.0.9rc5.
svn:r16944
2008-09-23 20:25:01 +00:00
Nick Mathewson
545b317e1f Fix for bug 797 (by arma, with tweaks): always use create_fast for circuits where we do not know an onion key.
svn:r16942
2008-09-23 20:13:23 +00:00
Nick Mathewson
f28fc83ea5 More logging for mtbf/wfu calculations.
svn:r16941
2008-09-23 18:24:20 +00:00
Roger Dingledine
29abfab8bf Update to the "September 1 2008" ip-to-country file.
svn:r16940
2008-09-23 09:51:05 +00:00
Nick Mathewson
b0c48d8e45 Oops; we need to make sure that DNS request names are matched in the _questions_ section of the replies. Rejecting answers whether the _answers_ section did not match made us reject A records waiting at the end of a CNAME record. Bug 823.
svn:r16933
2008-09-22 20:06:25 +00:00
Roger Dingledine
4fd9880540 give rend_client_desc_here a slightly more accurate name
svn:r16916
2008-09-16 10:26:15 +00:00
Roger Dingledine
38f2272d5d patch from karsten for bug 814. whew.
svn:r16915
2008-09-16 10:17:04 +00:00
Roger Dingledine
dbb481c169 Serve the latest v3 networkstatus consensus via the control
port. Use "getinfo dir/status-vote/current/consensus" to fetch it.


svn:r16907
2008-09-14 04:07:29 +00:00
Roger Dingledine
2d95accc75 Allow ports 465 and 587 in the default exit policy again. We had
rejected them in 0.1.0.15, because back in 2005 they were commonly
misconfigured and ended up as spam targets. We hear they are better
locked down these days.


svn:r16898
2008-09-13 10:04:42 +00:00
Karsten Loesing
f0a5ef804f Directory mirrors store and serve v2 hidden service descriptors by default.
svn:r16858
2008-09-11 20:06:04 +00:00