nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-09-22 14:04:58 +02:00
Code Issues Packages Projects Releases Wiki Activity
1,425 Commits 53 Branches 629 Tags 108 MiB
7451de5d97
Commit Graph

965 Commits

Author SHA1 Message Date
Roger Dingledine
cec2eee533 enable assert_connection_ok() 
we weren't actually asserting much. oops.


svn:r1160
 2004-02-28 07:51:30 +00:00
Roger Dingledine
70c43e152a note bug in assert_connection_ok 
svn:r1159
 2004-02-28 07:48:28 +00:00
Roger Dingledine
dd632e697e clean up some log messages and severities 
still plenty more left to clean


svn:r1158
 2004-02-28 07:01:22 +00:00
Roger Dingledine
a24b6e6d4f make flush_buf have a sane return convention 
svn:r1157
 2004-02-28 05:22:07 +00:00
Roger Dingledine
b354ecfecd rename ExcludedNodes config option to ExcludeNodes 
svn:r1155
 2004-02-28 05:09:37 +00:00
Roger Dingledine
3a1a6bb09e if a relay cell is unrecognized at the end of the circuit, 
send back a destroy


svn:r1153
 2004-02-28 04:48:46 +00:00
Roger Dingledine
e59f19ca03 some more small fixes 
svn:r1152
 2004-02-28 04:44:48 +00:00
Nick Mathewson
b4a7883c90 make code more readable; arrbitrarily change a -1 to a 0. 
svn:r1151
 2004-02-28 04:34:27 +00:00
Nick Mathewson
ee68371f41 Stop answering "end" with "end" 
svn:r1150
 2004-02-28 04:25:54 +00:00
Nick Mathewson
4e89c6661a Push responsibility for connection marking down as far as possible; have only a close path; add some missing end cells; change return conventions a little. 
svn:r1149
 2004-02-28 04:11:53 +00:00
Nick Mathewson
88e222ff76 Make has_sent_end irrelevant: only try to send end if reason is nonzero 
svn:r1148
 2004-02-28 03:06:31 +00:00
Roger Dingledine
d0ad9b147a and another one 
svn:r1147
 2004-02-27 23:30:27 +00:00
Roger Dingledine
611f117ce1 patches/answers to nick's commit 
svn:r1146
 2004-02-27 23:23:33 +00:00
Nick Mathewson
c5bbb571d2 Refactor mark_for_close, connection_edge_end and friends. Now, everybody 
who wants to shut down a connection calls connection_mark_for_close instead
of setting marked_for_close to 1.  This automatically removes the connection
from the DNS cache if needed, sends a RELAY END cell if appropriate, and can
be changed to do whatever else is needed.

Still to do:
  - The same for circuits, maybe.
  - Add some kind of hold_connection_open_until_flushed flag, maybe.
  - Change stuff that closes connections with return -1 to use mark_for_close,
    maybe.


svn:r1145
 2004-02-27 22:00:26 +00:00
Roger Dingledine
737b2a0bf1 make 'connected' cells include the resolved IP 
svn:r1143
 2004-02-27 04:52:02 +00:00
Roger Dingledine
195dfd35a8 Fix a bug where you might flush some data on a tls connection, and then 
add some more data to be flushed but never turn POLLOUT on. not sure
how commonly this bug was hit, but it would be a doozy.

Also add some asserts to see if it happens elsewhere.


svn:r1142
 2004-02-27 04:42:14 +00:00
Roger Dingledine
1b3c197fad clean up an ia64 warning 
svn:r1140
 2004-02-27 01:59:36 +00:00
Peter Palfrader
1bc2384c5a Give the nice message about not being an HTTP proxy an <h1> headline 
svn:r1139
 2004-02-27 01:33:02 +00:00
Roger Dingledine
d3e9afda27 When it can't resolve any dirservers, it was useless from then on. 
Now it reloads the RouterFile (or default dirservers) if it has no
dirservers.


svn:r1130
 2004-02-26 22:56:36 +00:00
Roger Dingledine
4c48359ece break out the operations done on sighup into their own function 
svn:r1129
 2004-02-26 22:30:44 +00:00
Roger Dingledine
43156904ce dump a new router.desc on hup 
svn:r1128
 2004-02-26 22:20:00 +00:00
Roger Dingledine
2c74f19d7e writing html in C strings sucks 
svn:r1127
 2004-02-26 22:10:55 +00:00
Roger Dingledine
8f2b429a3b when they use tor as an http proxy, give them an http 501 failure 
svn:r1126
 2004-02-26 22:02:22 +00:00
Roger Dingledine
0b27ae0c2d if the default torrc isn't there, just use some default defaults 
plus provide an internal dirservers file if they don't have one

having no config files will make it easier to run on windows


svn:r1124
 2004-02-26 21:25:51 +00:00
Nick Mathewson
496e414e52 Basic RAM poisoning and magic-checking to notice connection and circuit 
corruption faster; also, check for corruption in dns.c so we can fail fast
for the bug that's nailing Lucky and moria3.


svn:r1123
 2004-02-25 07:31:46 +00:00
Roger Dingledine
1b25794a56 bugfix: if the exit stream is pending on the resolve, and a destroy 
arrives, then the stream wasn't getting removed from the pending list.

this may have been the lucky-bug.
this commit may also not actually fix the bug. it's darn hard to
reproduce.


svn:r1122
 2004-02-25 06:57:57 +00:00
Roger Dingledine
8da2e00a83 remove dead code 
svn:r1121
 2004-02-25 06:56:11 +00:00
Roger Dingledine
01e7b8638d move the tor program back to usr/bin/ 
svn:r1119
 2004-02-25 06:41:21 +00:00
Roger Dingledine
7985f525ec fix some bugs in assert_connection_ok 
svn:r1118
 2004-02-24 22:33:30 +00:00
Roger Dingledine
598f8b5661 start hunting the lucky-bug 
svn:r1116
 2004-02-22 20:50:20 +00:00
Nick Mathewson
67a273962a On OSX, decline to use the built-in select-baed poll wrapper, since it seems to sometimes not work. 
svn:r1114
 2004-02-20 23:41:45 +00:00
Roger Dingledine
f202d38191 patch from vicman to publish less platform information 
svn:r1111
 2004-02-18 21:23:50 +00:00
Roger Dingledine
67c0c64aa4 go back to a single exitpolicy parameter 
if your exitpolicy includes " *:*" then it is final,
else we append the default exit policy.
(thanks weasel)


svn:r1105
 2004-02-18 07:23:38 +00:00
Roger Dingledine
4e178907ab allow imaps and pop3s in default exit policy 
svn:r1104
 2004-02-18 04:02:05 +00:00
Roger Dingledine
7562a62ef0 Get rid of the notion of a separate default default exit policy. 
Create ExitPolicyPrepend config parameter, to customize the default
exit policy.


svn:r1103
 2004-02-18 03:56:12 +00:00
Roger Dingledine
c9d9b9b2a7 we define some big constant arrays but don't use them 
svn:r1102
 2004-02-18 03:17:35 +00:00
Roger Dingledine
3456adec31 adding the reattach-after-timeout feature wasn't so easy after all. 
maybe it works now.


svn:r1101
 2004-02-18 01:21:20 +00:00
Roger Dingledine
39efb0ed52 retry streams where the connected cell hasn't arrived in 15 seconds 
svn:r1100
 2004-02-17 21:07:15 +00:00
Nick Mathewson
72568d2620 Another case of the same. 
svn:r1099
 2004-02-17 08:52:57 +00:00
Nick Mathewson
bab6c0a332 Fix the Big Bug in router_compare_addr_to_exit_policy: we used port 0 
to mean "unknown port".  But no exit policy supports (nonexistant)
port 0, except accept *:*, and we had no special handling for 'unknown port'.

Now we do.


svn:r1098
 2004-02-17 08:52:03 +00:00
Roger Dingledine
46ffc5984d best_support_idx is obsolete 
(also doesn't fix the bug)


svn:r1097
 2004-02-17 08:42:25 +00:00
Nick Mathewson
bd14023afd Propagate yes/no/maybe a little farther forward. 
svn:r1096
 2004-02-17 08:29:22 +00:00
Roger Dingledine
d081d1d061 make braces cleaner, bug still persists 
svn:r1095
 2004-02-17 08:10:07 +00:00
Nick Mathewson
61756b5893 Fix router_compare_addr_to_exit_policy, and name its return codes. The bug was: "maybe reject,accept" should be "maybe", not "accept". 
svn:r1093
 2004-02-17 07:56:33 +00:00
Roger Dingledine
d508a194f7 Let paranoid exit nodes (which default to reject) be exit nodes 
Before we resolve the hostname, we don't know whether its IP will                        be accepted or rejected by the exit policy of each host. So we                           were only going with nodes that would certainly accept -- which
was just itys and poblano.

(This bug was hidden until now by the earlier port bug.)

(Actual bugfix pending on Nick's next commit, hopefully.)


svn:r1092
 2004-02-17 07:45:44 +00:00
Roger Dingledine
1801bd7592 prevent picking middleman nodes as the last node in the circuit 
svn:r1088
 2004-02-17 06:39:20 +00:00
Roger Dingledine
a8d8b82662 install the 'tor' binary to usr/sbin by default 
svn:r1082
 2004-02-17 04:48:01 +00:00
Nick Mathewson
17adfa9dfd log when exit situation is hopeless. 
svn:r1057
 2004-02-04 22:35:58 +00:00
Roger Dingledine
f00dc6fe1e last minute fix: don't early-flush non-tls streams 
e.g., this breaks directory service


svn:r1033
 2004-01-31 00:36:00 +00:00
Roger Dingledine
f6f9b1d94d for perf testing, paths are always 3 hops, not "3 or more" 
svn:r1030
 2004-01-30 23:43:17 +00:00
Roger Dingledine
e05d39d1af fix a per-circuit memory leak 
svn:r1029
 2004-01-30 21:32:40 +00:00
Nick Mathewson
a81435c64e Another related leak 
svn:r1028
 2004-01-30 21:16:51 +00:00
Nick Mathewson
e4ad1f1629 Freeing twice does *not* make the heap twice as clean. 
svn:r1027
 2004-01-30 21:05:47 +00:00
Nick Mathewson
88b579dd33 Fix a bug that might have caused the leak, but which might have been hiding other bugs. 
svn:r1026
 2004-01-30 20:59:15 +00:00
Nick Mathewson
6c3f55526a Fix possible (but unlikely) mem leak. 
svn:r1025
 2004-01-30 20:38:08 +00:00
Roger Dingledine
7651b09c8a finally locate the memory leak, 
plus commit a patch that doesn't fix it
(but doesn't hurt? i dunno)


svn:r1024
 2004-01-30 20:33:04 +00:00
Roger Dingledine
afdaff63ef turn some knobs, add more debugging 
svn:r1023
 2004-01-30 19:31:39 +00:00
Roger Dingledine
b42b16357f note an assert trigger, if you use an old broken netscape socks4 
svn:r1022
 2004-01-30 15:15:11 +00:00
Roger Dingledine
deda0d93dd Let AP edges receive 'end' relay cells while waiting for 'connected' 
svn:r1012
 2004-01-20 18:17:43 +00:00
Roger Dingledine
3516ae1a26 add an ap_conn connecting state; report connecting delay 
svn:r1011
 2004-01-20 09:21:46 +00:00
Roger Dingledine
61723a1f69 small default route when doing speed testing 
svn:r1010
 2004-01-20 03:12:46 +00:00
Roger Dingledine
f5ebf4c712 push out a tls record's worth of data once you've got it 
svn:r1009
 2004-01-20 02:14:51 +00:00
Roger Dingledine
585c2efe87 add TOR_PERF macro options 
svn:r1008
 2004-01-20 02:14:30 +00:00
Roger Dingledine
c12a6f58b5 fix typo 
svn:r1007
 2004-01-20 02:14:12 +00:00
Roger Dingledine
fb81a32c68 setuid to User _before_ complaining about running as root 
svn:r1006
 2004-01-19 06:12:32 +00:00
Roger Dingledine
522982f8e9 fix assert trigger in server 
Jan 18 04:11:43.312 [warn] connection_edge_send_command(): no circ. Closing.

i think it was while sending a connected relay cell back.
reason for having the circ gone is still not known. presumably the end cell
arrived at just the right time.


svn:r1005
 2004-01-19 04:58:39 +00:00
Roger Dingledine
561c6236af fix some errors in logs and comments 
svn:r999
 2004-01-16 08:27:17 +00:00
Nick Mathewson
793c65e60f Note discrepency between N bytes transmitted over TLS and actual bandwidth use; add 2 functions to help resolve. 
svn:r986
 2004-01-13 01:19:02 +00:00
Roger Dingledine
b669b1d57c oh, and make it compile 
still need to make a decision about per-connection rate limiting
(take it out? update it?)


svn:r984
 2004-01-11 07:41:01 +00:00
Roger Dingledine
5086300815 split the token bucket into 'rate' and 'burst' params 
we're not entirely migrated to burst yet, for backward compatibility

note some win32 probable-bugs

clean up routerlist.c


svn:r982
 2004-01-10 23:40:38 +00:00
Roger Dingledine
db0c27b362 resolve cygwin warnings for pre19 
svn:r981
 2004-01-08 22:48:18 +00:00
Roger Dingledine
c485725c5a Fix the dns bug: children weren't dying 
We were telling a child to die by closing the parent's file descriptor
to him. But newer children were inheriting the open file descriptor from
the parent, and since they weren't closing them, the socket never closed,
so the child never read eof, so he never knew to exit.

As a side effect to this bug, we were probably failing to properly close
connections to remote hosts, ORs, and OPs, after a dns child was born.

I'm surprised Tor worked at all.


svn:r974
 2004-01-06 07:53:40 +00:00
Roger Dingledine
d6ce65afd6 the onionskin challenge length was 30 bytes longer than necessary 
(i think ;)


svn:r971
 2004-01-05 05:23:03 +00:00
Roger Dingledine
607078cf70 print an entry at the top of the logfile so you know it's working 
clean up a minor bug in a debugfile log entry


svn:r970
 2004-01-05 05:22:04 +00:00
Nick Mathewson
cacacfe2b1 Integrate new daemon code, adapted from submission by christian grothoff 
svn:r969
 2004-01-03 22:40:49 +00:00
Roger Dingledine
53061b3778 fix endian issue: rh.integrity was getting sent wrong 
now it's a char[4] rather than an int


svn:r966
 2004-01-02 09:03:38 +00:00
Roger Dingledine
c2e37901be stop a bug that straycat may have found 
svn:r964
 2004-01-01 07:01:09 +00:00
Roger Dingledine
8085235e5f make loglevel info less noisy 
svn:r961
 2003-12-30 22:49:35 +00:00
Roger Dingledine
f3fdbadfdf randomize the initial circ_id and stream_id, so an adversary who 
breaks in part-way through can't learn how many circs/streams have
been made


svn:r960
 2003-12-28 04:46:09 +00:00
Roger Dingledine
71739b486a back out the insert-padding-if-conflict code 
use recognized + digest instead, just assume it's enough bits


svn:r959
 2003-12-26 06:29:57 +00:00
Roger Dingledine
43fcb70bad checkpoint: revamp relay cell packaging and handling 
include the infrastructure for inserting padding cells when there's
a relay-recognized conflict, but it does not work currently.


svn:r958
 2003-12-23 07:45:31 +00:00
Roger Dingledine
bc8c6732cb add crypto_cipher_rewind to reverse crypto_cipher_advance 
svn:r957
 2003-12-23 07:43:05 +00:00
Roger Dingledine
55a94cd497 correct a warn message in mark_if_closed 
svn:r956
 2003-12-23 07:42:01 +00:00
Roger Dingledine
ad93c0a2bd make sure there's no conflict when generating stream_ids 
svn:r955
 2003-12-19 21:25:44 +00:00
Roger Dingledine
a5e6ec244f rename circ_id_t to uint16_t for code clarity 
change message when using non-recommended tor version


svn:r954
 2003-12-19 19:55:02 +00:00
Roger Dingledine
45a66c6955 make a relay_header_t struct and pack/unpack funcs 
split 7-byte stream_id string into 2-byte recognized and 2-byte stream_id
fix two seg faults in fetch_from_buf_http
fix several lurking seg faults in handling unexpected relay cells

still need to
 * clean up relay_crypt
 * use relay dummies if there's going to be a conflict with rh.recognized
 * check for a conflict when generating stream_ids


svn:r953
 2003-12-19 05:09:51 +00:00
Roger Dingledine
eb730c41c8 clean tabs, trailing whitespace 
svn:r952
 2003-12-17 21:14:13 +00:00
Roger Dingledine
6a19e64066 remove trailing whitespace 
svn:r951
 2003-12-17 21:09:31 +00:00
Roger Dingledine
5ecd6b6bad make fetch_from_buf_http malloc its strings rather 
than use fixed-size strings

reorganize directory_handle_command so it'll be easier to do more with
our directory servers


svn:r950
 2003-12-17 09:42:28 +00:00
Roger Dingledine
4a1e05de51 betcha didn't know strncpy could leave an unterminated string 
svn:r949
 2003-12-17 09:20:29 +00:00
Roger Dingledine
aba237e3e2 end-to-end integrity checking now works 
initialize digests from shared secrets at handshake
make circuit_send_next_onion_skin use connection_edge_send_command


svn:r948
 2003-12-17 05:58:30 +00:00
Roger Dingledine
389eb48690 document an openssl gotcha 
svn:r947
 2003-12-17 05:31:52 +00:00
Roger Dingledine
21cc01299b infrastructure for integrity-checks in relay cells 
make circuit_consider_sending_sendme use connection_edge_send_command
fix endian bug in relay length handling (maybe)


svn:r946
 2003-12-16 22:56:50 +00:00
Roger Dingledine
4e50f79b11 resolve an edge case in get_unique_circ_id_by_conn 
svn:r944
 2003-12-16 20:45:10 +00:00
Roger Dingledine
8712a30e91 move cell size to 512 bytes 
move length to 2 bytes, put it in the relay header
remove 4 reserved bytes in cell
add 4 bytes to relay header for the integrity check


svn:r942
 2003-12-16 09:48:17 +00:00
Roger Dingledine
961ecf7abf add H(K|1) to the onionskin reply 
verify it at the client end
abstract the onionskin handshake lengths

breaks backward compatibility (again)


svn:r941
 2003-12-16 08:21:58 +00:00
Roger Dingledine
f3b165fdc0 change crypto_digest_new_env to crypto_new_digest_env 
(and same with _free_)
to match our conventions
i think our conventions may be getting too ad hoc


svn:r940
 2003-12-16 08:13:26 +00:00
Roger Dingledine
e358a362ee rename digest_copy to digest_dup, make it return, make gcc happier 
svn:r939
 2003-12-16 05:47:21 +00:00
Nick Mathewson
7c439c30d0 Resolve format warnings on MacOS X 10.3 
svn:r938
 2003-12-16 05:33:11 +00:00
Nick Mathewson
eeae6157ed Add more fine-grained SHA1 functionality. 
svn:r937
 2003-12-16 05:29:04 +00:00
Nick Mathewson
4885e90490 Make compile warning-free on cygwin 
svn:r936
 2003-12-15 21:35:52 +00:00
Roger Dingledine
a5aa80cc41 make --debuglogfile (or any second log file) work 
svn:r935
 2003-12-14 09:58:43 +00:00
Roger Dingledine
08534a6271 start tracking the 'It appears I've already sent the end' warning 
svn:r932
 2003-12-14 08:32:14 +00:00
Roger Dingledine
0ea88d508d oops, i broke buffers. fixed. 
svn:r931
 2003-12-14 08:15:41 +00:00
Roger Dingledine
f9bdb8a0da document aborted attempt to merge client dns cache with server dns cache 
svn:r930
 2003-12-14 07:50:45 +00:00
Roger Dingledine
7d58bfbd50 change dns notation from question/answer to address/addr 
svn:r929
 2003-12-14 07:40:47 +00:00
Roger Dingledine
8f573c06c3 start to track the 'unexpected relay cell' warning 
svn:r928
 2003-12-14 06:50:44 +00:00
Roger Dingledine
36ea39ec9c on hup, close and rebind listener ports too (in case their config has changed) 
svn:r926
 2003-12-14 06:03:46 +00:00
Roger Dingledine
50e17d633b clean up some file-scope-global directory variables 
svn:r925
 2003-12-14 05:25:23 +00:00
Roger Dingledine
1096eae543 add options.ExcludedNodes -- nodes that are never picked in path building 
svn:r924
 2003-12-14 05:08:28 +00:00
Roger Dingledine
3465c4dee4 make it compile 
svn:r923
 2003-12-14 05:00:09 +00:00
Roger Dingledine
f4cb5d8c93 extend smartlist with _remove() and _subtract() 
svn:r922
 2003-12-14 04:57:47 +00:00
Roger Dingledine
2997ef8dd9 warn if you're running tor as root 
svn:r921
 2003-12-14 04:39:23 +00:00
Roger Dingledine
25e7e97d73 on HUP, retry OR connections, and stop clobbering the dirserver's routerlist 
svn:r920
 2003-12-14 04:33:18 +00:00
Roger Dingledine
05c05d6444 more friendly warning when there are too many dns workers 
svn:r919
 2003-12-14 04:19:12 +00:00
Roger Dingledine
9e3608ce7b more friendly warning when a connection buffer overflows 
svn:r918
 2003-12-14 04:18:43 +00:00
Roger Dingledine
a1745b6895 slightly different default default exit policy. 
svn:r917
 2003-12-14 00:18:57 +00:00
Roger Dingledine
55d3ec028d reject 0.0.0.0/8,reject 169.254.0.0/16 
svn:r916
 2003-12-14 00:17:44 +00:00
Roger Dingledine
29adf04683 more general cleanup 
svn:r915
 2003-12-14 00:12:02 +00:00
Roger Dingledine
444798dfb9 remove obsolete code 
svn:r914
 2003-12-14 00:11:48 +00:00
Nick Mathewson
fb95d99f79 Accept 1.2.3.4/x as a synonym for 1.2.3.4/x:* . 
svn:r912
 2003-12-14 00:04:29 +00:00
Roger Dingledine
78a7de300c make options.ExitNodes work 
if your best choices happen to include any of your preferred exit nodes,
you choose among just those preferred exit nodes.


svn:r911
 2003-12-13 23:32:57 +00:00
Roger Dingledine
4d3d99fa0c extend smartlist with a few smarter operations 
svn:r910
 2003-12-13 23:32:03 +00:00
Roger Dingledine
8222fe8e4f clean up some copyrights 
svn:r907
 2003-12-13 22:53:17 +00:00
Roger Dingledine
03616803e6 bughunt: start tracking the bug mutiny found 
svn:r906
 2003-12-13 08:06:03 +00:00
Roger Dingledine
7a3a3ae1df bugfix: a circuit that immediately failed still counts as a failed circuit 
svn:r905
 2003-12-13 07:42:18 +00:00
Roger Dingledine
9e6f4a3029 revamp circuit node selection to use smartlists: 
* now we know for sure if an acceptable node is available; we
    don't have to keep guessing and checking
  * we try options.EntryNodes first for picking the first node


svn:r904
 2003-12-13 07:01:46 +00:00
Roger Dingledine
5458ca39e8 minor tweaks to the smartlist operations 
svn:r903
 2003-12-13 06:56:21 +00:00
Nick Mathewson
911f155f94 Make default exit policy reject 127.*:* 
svn:r902
 2003-12-13 03:37:25 +00:00
Roger Dingledine
41bb717241 reasonably permissive exit policy if you don't set one 
svn:r901
 2003-12-13 02:53:35 +00:00
Roger Dingledine
865173d7a1 put the default exit policy in place 
svn:r900
 2003-12-13 02:52:54 +00:00
Nick Mathewson
f37f7daa2f Add port ranges to exit policies 
svn:r899
 2003-12-13 02:44:02 +00:00
Roger Dingledine
c425f2e0ec use the smartlist to pick random routers, rather than our own idiom 
svn:r898
 2003-12-13 01:43:21 +00:00
Roger Dingledine
1ae84fcbc1 add a 'smartlist' building block that picks random elements from a list 
svn:r897
 2003-12-13 01:42:44 +00:00
Roger Dingledine
9c66e2bf9a if >=2 circs are being built that handle a given stream, 
no need to have new circs handle it too.


svn:r896
 2003-12-12 23:03:25 +00:00
Roger Dingledine
d23c66b041 make the license explicit on fakepoll.[ch] 
svn:r895
 2003-12-09 21:37:26 +00:00
Nick Mathewson
17269eff3c Document parsing functions in routerlist.c, and separate parsing from non-parsing functions. 
svn:r894
 2003-12-09 04:29:52 +00:00
Roger Dingledine
38ce03d0e7 close the circuit when we get a truncated cell 
svn:r893
 2003-12-09 02:06:58 +00:00
Roger Dingledine
ea6c4f6348 our circuit symmetric key (for aes) is 127 bits, not 128 bits. 
we accept that.


svn:r892
 2003-12-09 01:04:40 +00:00
Roger Dingledine
48e42e9346 back out the broken change from yesterday 
svn:r891
 2003-12-09 01:04:11 +00:00
Nick Mathewson
ac552573dd Make router/directory parsing nondestructive and more const-friendly 
svn:r890
 2003-12-08 23:45:37 +00:00
Roger Dingledine
8bd7c94bf6 general cleanups 
svn:r889
 2003-12-07 22:03:47 +00:00
Roger Dingledine
6a968495b1 declare the prototypes better 
svn:r888
 2003-12-06 06:01:42 +00:00
Roger Dingledine
c25fbd2676 break routers.c into router.c for stuff the router does, 
and routerlist.c for handling routerlist.


svn:r887
 2003-12-06 05:54:04 +00:00
Roger Dingledine
e0952d0773 terminology shift: 
directory is the string that dirserv.c and directory.c deal with
routerlist is routerinfo's that are bundled together in routers.c

rename some of the get_routerlist functions to set_routerlist

preparing to break into router.c for stuff the router does,
and routerlist.c for handling routerlist.


svn:r886
 2003-12-05 09:51:49 +00:00
Roger Dingledine
727a260a81 prevent assert failure on -HUP when options->PidFile==NULL 
svn:r885
 2003-12-03 22:00:20 +00:00
Roger Dingledine
c183789c96 OnionRouter config option is obsolete 
svn:r883
 2003-12-03 20:21:03 +00:00
Roger Dingledine
4f2d556508 choose randomly from running dirservers, not always the first one 
svn:r881
 2003-12-03 10:39:27 +00:00
Roger Dingledine
63f81bddae pick nodes for a circuit only from those the directory says are up 
svn:r880
 2003-12-03 10:28:51 +00:00
Roger Dingledine
99db996aef stop segfault when choose_good_exit_server returns NULL 
svn:r879
 2003-12-03 10:04:44 +00:00
Roger Dingledine
d172fdd300 fix vicious bug in connection_ap_attach_pending that caused it to 
never work.
fix vicious bug in choose_good_exit_server that caused it to *skip over*
  pending circuits, and look only at *non-pending circuits*, when choosing
  a good exit node for the new circuit.
bugfix: remove incorrect asserts in circuit_get_newest()


svn:r876
 2003-12-03 09:50:02 +00:00
Roger Dingledine
05b9c35173 assert that nobody asks for a random number between 0 and -1 
svn:r875
 2003-12-03 08:08:07 +00:00
Roger Dingledine
f65e871bfd bugfix in exit node choice: we used to find the perfect exit node but then use the wrong one. 
bugfix in connection_ap_can_use_exit: it was using the wrong port
bugfix: the OP now handles a port of '*' correctly when the IP is not
  yet known and it's trying to guess whether a router's exit policy
  might accept it.
we now don't ever pick exit routers which will reject *:*
attach_circuit now fails a new stream outright if it will never work.
when you get an 'end' cell that resolves an IP, now it will fail the                             circuit outright if no safe exit nodes exist for that IP.
don't try building a new circuit after an 'end' if a suitable one is
  already on the way.


svn:r874
 2003-12-03 08:06:55 +00:00
Roger Dingledine
fc98ca1a2d stop expecting sample-server-torrc to be there 
svn:r873
 2003-12-02 22:43:23 +00:00
Roger Dingledine
af4192b172 start tracking a rare bug: package_raw_inbuf gets called with package_window 0 
Nov 25 22:39:18.294 [warn] connection_edge_package_raw_inbuf(): called with package_window 0. T
ell Roger.


svn:r870
 2003-11-30 10:10:29 +00:00
Roger Dingledine
3d37291e02 stop complaining as loudly when a dns resolve fails 
svn:r869
 2003-11-30 09:57:00 +00:00
Roger Dingledine
02ec2cdb34 bugfix: we were writing to stderr even when it's closed 
svn:r868
 2003-11-30 09:51:35 +00:00
Roger Dingledine
2de4fc2b7f bump up header length when the dirserv reads http commands 
Nov 23 12:10:26.556 [warn] fetch_from_buf_http(): headerlen 1487 larger than 1023. Failing.
Nov 23 12:10:26.556 [warn] directory_handle_command(): input too large. Failing.


svn:r867
 2003-11-30 09:47:57 +00:00
Roger Dingledine
3818776f62 remove a conn_close_if_marked warning 
Nov 27 15:45:19.003 [warn] connection_write_to_buf(): write_to_buf failed. Closing connection (fd 42).
Nov 27 15:45:19.010 [warn] conn_close_if_marked(): Conn (socket 42) still wants to flush. Losing 0 bytes!


svn:r866
 2003-11-30 09:35:26 +00:00
Roger Dingledine
00de055f43 bugfix: an offline OP would leak all its sockets and stop working 
svn:r865
 2003-11-29 02:50:12 +00:00
Nick Mathewson
c52ee5e2af Fix a few bugs in sending and receiving DNS results 
svn:r864
 2003-11-23 18:16:06 +00:00
Nick Mathewson
1155ae9b03 Bring assert_connection_ok up to date 
svn:r863
 2003-11-23 18:14:19 +00:00
Nick Mathewson
5e9ba094bc Fix incorrect error message 
svn:r862
 2003-11-21 05:55:03 +00:00
Roger Dingledine
f53fe3cd7f merge torrc.in and sample-server-torrc.in 
svn:r858
 2003-11-20 18:22:09 +00:00
Roger Dingledine
975bb68010 simplify: options.OnionRouter==1 iff options.ORPort>0 
svn:r857
 2003-11-20 17:49:45 +00:00
Roger Dingledine
91cf5e44cc default log level is now warn 
(info is too noisy)


svn:r855
 2003-11-19 22:48:48 +00:00
Roger Dingledine
d6601f8cff make pidfile default to null rather than writing to your cwd 
svn:r853
 2003-11-19 22:45:06 +00:00
Roger Dingledine
4565150db2 if you tell people that IgnoreVersion exists, 
some of them will use it rather than upgrade.


svn:r852
 2003-11-19 21:24:04 +00:00
Roger Dingledine
f5994416c4 bugfix and cleanups 
svn:r848
 2003-11-19 13:12:43 +00:00
Nick Mathewson
fd07872a72 Separate failure-count tracking from circuit-launching. 
Increment failure counts only when circuits close without having been built.
Reset failure counts only on the second, and when circuits are done building.


svn:r847
 2003-11-19 02:22:52 +00:00
Peter Palfrader
9a676b04dd Check that we can write to the logfile and log a warning to stderr if we can't 
Move writing of pidfile after daemonizing, and also after setting the [ug]id:
This means that the tor user needs write priviliges to the pidfile location.
It needs it for unlinking the pidfile anyway.


svn:r846
 2003-11-19 02:09:43 +00:00
Nick Mathewson
3d145769de Patch last patch to last patch 
svn:r845
 2003-11-19 01:35:44 +00:00
Nick Mathewson
312208eff1 removed unused variable; silence warning 
svn:r844
 2003-11-19 01:32:34 +00:00
Nick Mathewson
dde0eb6570 Patch last patch. 
svn:r843
 2003-11-19 01:28:57 +00:00
Nick Mathewson
0e5abcb635 Skip non-running routers for exit node selection 
svn:r842
 2003-11-19 01:24:19 +00:00
Roger Dingledine
25ac8857f3 bugfix: sometimes we closed a circ while cpuworker was cranking, 
and it didn't notice


svn:r841
 2003-11-18 21:12:17 +00:00
Roger Dingledine
a6595f4579 revert part of that last change 
time for bed


svn:r840
 2003-11-18 10:38:13 +00:00
Roger Dingledine
c00953d2a1 make more sure we can't end up with two connections to the same OR 
fix leaked pk in connection_tls_finish_handshake


svn:r839
 2003-11-18 10:17:52 +00:00
Roger Dingledine
f0cccc567e bugfix: don't ask for ->next of an expired circuit 
bugfix: keep going when a circ fails in circuit_n_conn_open
        (make circuit_enumerate_by_naddr_nport obsolete)
bugfix: make circuit_n_conn_open only look at circ's that start at us
bugfix: only try circuit_n_conn_open if we're an OP. Otherwise we
        expect connections to always already be up.
bugfix: when choosing path length, pay attention to whether the directory
        says a router is down.
bugfix: when picking good exit, skip routers which are known to be down
        (more work needs to be done on this one)


svn:r838
 2003-11-18 09:53:03 +00:00
Roger Dingledine
ac56486bf6 use the tor_malloc_zero wrapper 
svn:r837
 2003-11-18 08:20:19 +00:00
Roger Dingledine
ec02f83f94 add a tor_malloc_zero wrapper: tor_malloc and memset 0 
svn:r836
 2003-11-18 08:20:09 +00:00
Roger Dingledine
a3e39b0ceb don't build too many circs at once 
expire circs that have been building for too long


svn:r835
 2003-11-18 07:48:00 +00:00
Nick Mathewson
bb0e409fbd Simplify post-TLS-handshake checks, and add check for correct nickname 
svn:r834
 2003-11-18 07:25:04 +00:00
Nick Mathewson
dd16a9abcb Stop leaking X509 certs; those things are _nasty_ on the carpet 
svn:r833
 2003-11-18 06:52:25 +00:00
Nick Mathewson
366ba4a7c7 Always include newline with port section of exit policy 
svn:r832
 2003-11-18 06:51:29 +00:00
Roger Dingledine
51de02bcb5 stop client_dns_clean from calling malloc(0) 
svn:r831
 2003-11-18 00:02:24 +00:00
Nick Mathewson
4eabb8450e Fix possible bug in circID selection when building circuits on combination OP/OR servers 
svn:r830
 2003-11-17 18:40:56 +00:00
Roger Dingledine
7a702d64d4 more verbose info for circuits when kill -USR1 
svn:r829
 2003-11-17 09:30:29 +00:00
Nick Mathewson
f42c77f618 "I don't think it's quite fair to condemn a whole program because of a 
single slip-up."
            -- General "Buck" Turgidson, _Doctor Strangelove_


svn:r828
 2003-11-17 08:15:37 +00:00
Roger Dingledine
a18ced652b finally find and possibly fix the circuit_deliver_relay_cell warn bug 
svn:r827
 2003-11-17 07:43:03 +00:00
Nick Mathewson
44ced0952f Fix bytesex issues on in.s_addr 
svn:r826
 2003-11-17 07:37:45 +00:00
Roger Dingledine
42b5ed754f catch the last missing log line i hope 
svn:r825
 2003-11-17 07:29:43 +00:00
Nick Mathewson
90e143e6d4 Remove a possible source of error in circID picking. 
svn:r824
 2003-11-17 07:24:01 +00:00
Roger Dingledine
e5d6e7db1a continue the circuit_deliver_relay_cell forward-failure bughunt 
svn:r823
 2003-11-17 07:20:51 +00:00
Nick Mathewson
ac5fc456ee comment choose_good_exit_server 
svn:r822
 2003-11-17 06:02:41 +00:00
Roger Dingledine
851b0933f5 trivial bugfixes 
svn:r821
 2003-11-17 01:23:15 +00:00
Nick Mathewson
53ab335787 Fix a segfault caused by a weird logic error and masked by another. 
svn:r820
 2003-11-17 01:20:35 +00:00
Roger Dingledine
4aede010b9 recognize in-progress circs and don't start redundant ones 
quickly notice streams that don't have a circ on the way, and start one


svn:r819
 2003-11-17 00:57:56 +00:00
Roger Dingledine
5e81e4748e bugfixes 
svn:r818
 2003-11-16 23:43:08 +00:00
Roger Dingledine
6d0e611fde change when circuits are built and expired 
not quite happy with it yet


svn:r817
 2003-11-16 21:49:52 +00:00
Roger Dingledine
f5089681f7 bugfix: if you recognize a relay cell, don't also pass it on. 
svn:r816
 2003-11-16 17:31:19 +00:00
Roger Dingledine
b5e84e24ae dump exit policies correctly to descriptor 
svn:r815
 2003-11-16 17:15:40 +00:00
Roger Dingledine
fe856406be initial patches on patches 
svn:r814
 2003-11-16 17:00:02 +00:00
Nick Mathewson
8a17d9e5d3 Finish implementing the rest of the exitpolicy stuff, except for automatically starting circuit builds. 
svn:r813
 2003-11-16 05:33:45 +00:00
Nick Mathewson
a8eaa79e03 Improved exit policy syntax; basic client-side DNS caching. 
- Exit policies now support bitmasks (18.0.0.0/255.0.0.0) and bitcounts
  18.0.0.0/8.  Policies are parsed on startup, not when comparing to them.

- desired_path_len is now part of an opaque cpath_build_state_t structure.

- END_REASON_EXITPOLICY cells no longer include a port.

- RELAY_COMMAND_CONNECTED cells now include the IP address we've connected
  to.

- connection_edge now has a client_dns cache to remember resolved addresses.
  It gets populated by RELAY_COMMAND_CONNECTED cells and END_REASON_EXITPOLICY
  cells.  It gets used by connection_ap_handshake_send_begin.  We don't
  compare it to exit policies yet.


svn:r812
 2003-11-14 20:45:47 +00:00
Roger Dingledine
273da1d3c4 commencing the bughunt 
svn:r811
 2003-11-14 07:15:52 +00:00
Roger Dingledine
c8639b2bbc bump default pathlen to 3; clean up surrounding code 
svn:r810
 2003-11-13 23:01:56 +00:00
Roger Dingledine
56cd147eb9 let getconfig survive repeated calls. now we call it again when we hup. 
change RecommendedVersions into a config option, so dirservers can hup
  for a new one


svn:r809
 2003-11-13 06:49:25 +00:00
Roger Dingledine
cc8ce64cb2 fix trivial typo 
svn:r808
 2003-11-13 06:45:59 +00:00
Roger Dingledine
aac29076da warn on startup that we don't provide anonymity 
make exit dns cache entries last 15 minutes


svn:r807
 2003-11-13 04:51:34 +00:00
Roger Dingledine
f5829aa723 lay groundwork for EntryNodes and ExitNodes 
svn:r805
 2003-11-12 19:34:34 +00:00
Roger Dingledine
9358381d83 break out the string manipulation routines 
svn:r804
 2003-11-12 19:34:19 +00:00
Roger Dingledine
4ba8bc0a73 make dir parsing robust to invalid but well-formed descriptors 
svn:r800
 2003-11-12 05:12:51 +00:00
Nick Mathewson
5e4b9c6b61 Remove minor biasing problem from crypto_pseudo_rand_int 
svn:r799
 2003-11-12 04:28:30 +00:00
Roger Dingledine
7e4cb9a750 connection_ap_handshake_send_begin always succeeds 
svn:r798
 2003-11-12 04:24:04 +00:00
Nick Mathewson
785f5cdac8 Make crypto_pseudo_rand* never fail. 
svn:r797
 2003-11-12 04:12:35 +00:00
Nick Mathewson
99a6d48f62 Restore erroneously removed assert 
svn:r796
 2003-11-12 03:48:33 +00:00
Nick Mathewson
e0ad4d08be Fix thinko: Failure and success are different things. 
svn:r795
 2003-11-12 03:01:38 +00:00
Nick Mathewson
2e05b9ccf9 Remove dead code 
svn:r794
 2003-11-12 02:58:45 +00:00
Nick Mathewson
7d441ec6b4 Compute paths as we build them. 
svn:r793
 2003-11-12 02:55:38 +00:00
Nick Mathewson
e6296a4e2f Refactor onion_generate_cpath to build cpaths one hop at a time. This 
is a the first step in computing hops one step at a time.  Next, we move
the responsibility for calling onion_extend_cpath into circuit.c

(Later, we may want to special-case onion_extend_cpath to treat entry
and exit routers differently.)


svn:r792
 2003-11-12 02:32:20 +00:00
Roger Dingledine
9a0a638c02 point out bug 
svn:r791
 2003-11-11 19:47:51 +00:00
Roger Dingledine
9c8a54a39f more cleanups and bugfix 
svn:r790
 2003-11-11 17:21:35 +00:00
Roger Dingledine
5a6bb0333e leave conn->socks_request around after the begin 
that way we can reuse it if we need to try another begin later


svn:r788
 2003-11-11 06:42:10 +00:00
Roger Dingledine
84884a79c0 conn->socks_version is obsolete 
svn:r787
 2003-11-11 04:13:37 +00:00
Roger Dingledine
2a3479af5f respond to nick's questions 
svn:r786
 2003-11-11 04:09:34 +00:00
Roger Dingledine
3d19a9b514 fix a bug in handling clock skew 
svn:r785
 2003-11-11 04:08:30 +00:00
Nick Mathewson
7bde42676b Rename aci to circ_id throughout. 
svn:r784
 2003-11-11 03:01:48 +00:00
Nick Mathewson
dafb0e6a6e Make AP connections wait for a circuit if none exists. 
Also:
  - Refactor socks request into a separate struct
  - Add a separate 'waiting for circuit' state to AP connections
    between 'waiting for socks' and 'open'.

Arma: can you check out the XXX's I've added to connection_edge? I may
be mishandling some async and close logic.


svn:r783
 2003-11-11 02:41:31 +00:00
Roger Dingledine
1969c8a92f client now survives going offline better 
fix badness in usage()
if neither socksport nor orrport is defined, quit
obsolete connection_flush_buf()


svn:r780
 2003-11-10 08:06:55 +00:00
Nick Mathewson
3c4b4c8cac Check in a working cross-platform timegm 
svn:r779
 2003-11-10 06:28:53 +00:00
Nick Mathewson
3dddcf4306 Add lots of logging to dns.c; change behavior of often-failing assertion 
svn:r778
 2003-11-08 04:02:05 +00:00
Roger Dingledine
a27b570788 bugfix for win32 with lots of users 
plus general cleanup on switch_id()


svn:r684
 2003-10-27 10:26:44 +00:00
Roger Dingledine
aee3769cf3 remove obsolete config file 
svn:r681
 2003-10-27 10:09:09 +00:00
Roger Dingledine
52589289fe add DirBindAddress, parse the BindAddress's when you bind 
exit if bind fails
add usage printfs
rearrange config options for readability


svn:r674
 2003-10-25 12:01:09 +00:00
Nick Mathewson
faa0f7ffe7 Use daemon(3) function where available. 
svn:r665
 2003-10-23 14:28:44 +00:00
Nick Mathewson
71e5ad714b resolve warning 
svn:r664
 2003-10-23 14:27:53 +00:00
Nick Mathewson
6b79d8a7e9 Two-pronged attack at my overzealous skew fixes. 
The problem was that the fixes had us generating TLS certs with a
2-day lifetime on the assumption that we'd rotate fairly often.  In
fact, we never rotate our TLS keys.

This patch fixes the situation in 2 ways:
   1. It bumps the default lifetime back up to one year until we get
      rotation in place.
   2. It changes tor_tls_context_new() so that it doesn't leak memory
      when you call it more than once.


svn:r663
 2003-10-23 14:20:51 +00:00
Steven Hazel
4fef6f4566 switch_id() no longer tries to log the user name when it's calld on 
Windows, since we don't know whether it's the user or the group that
was set.


svn:r659
 2003-10-22 17:25:58 +00:00
Nick Mathewson
7604cfe61b Clock skew fixes. 
Allow some slop (currently 3 minutes) when checking certificate validity.

Change certificate lifetime from 1 year to 2 days.  Since we
regenerate regularly (we regenerate regularly, right??), this
shouldn't be a problem.

Have directories reject descriptors published too far in the future
(currently 30 minutes).  If dirservs don't do this:
    0) Today is January 1, 2000.
    1) A very skewed server publishes descriptor X with a declared
       publication time of August 1, 2000.
    2) The directory includes X.
    3) Because of certificate lifetime issues, nobody can use the
       skewed server.
    4) The server fixes its skew, and goes to republish a new descriptor Y
       with publication time of January 1, 2000.
    5) But because the directory already has a "more recent" descriptor X,
       it rejects descriptor "Y" as superseded!

This patch should make step 2 go away.


svn:r658
 2003-10-22 16:41:35 +00:00
Steven Hazel
4139c1c86a - fixed a bug in the id switching code -- setgid has to happen before 
setuid, because after we setuid we don't have the priviledges we
  need to setgid anymore, duh.  merged switch_user() and
  switch_group() into switch_id(), since that code has to be wound
  together.

- return -1 from switch_id() if it's not defined to do anything else.

- moved daemoinize(), write_pidfile(), and switch_id() from main.c to
  util.c


svn:r656
 2003-10-22 11:21:29 +00:00
Roger Dingledine
c78d5d7d30 play with connection_edge_send_command 
maybe more robust now


svn:r655
 2003-10-22 09:08:10 +00:00
Roger Dingledine
c35fc271d2 move default exit policy into config files 
svn:r654
 2003-10-22 07:56:11 +00:00
Roger Dingledine
c6b442a346 make end relay cells have payloads 
move default exit policy into config files


svn:r653
 2003-10-22 07:55:44 +00:00
Steven Hazel
b1eca56b77 added User and Group options -- if you set them, tor will try to 
setuid and setgid respectively, and die if it can't.

(If the User option is set, tor will setgid to the user's gid as well.)

This happens after the pidfile is created, so that in cases where tor
needs to be root to work with the pidfile, it will at least be able to
create it, although it won't be able to delete it.  That sucks, but
it's somewhat better than not being able to create the pidfile in the
first place.


svn:r652
 2003-10-22 06:03:11 +00:00
Nick Mathewson
009f2f6dbb Update .cvsignores to exclude files generated due to recent build improvements 
svn:r647
 2003-10-21 17:49:52 +00:00
Roger Dingledine
0e137e413f APPort is now SocksPort 
svn:r644
 2003-10-21 09:49:39 +00:00
Roger Dingledine
069227db5b introduce new tor_free() macro 
svn:r643
 2003-10-21 09:48:58 +00:00
Roger Dingledine
e4127e4d36 move closer to being able to reload config on HUP 
rename APPort to SocksPort
introduce new tor_free() macro


svn:r642
 2003-10-21 09:48:17 +00:00
Roger Dingledine
80d428b225 remove obsolete config file 
svn:r641
 2003-10-21 09:22:38 +00:00