Commit Graph

11981 Commits

Author SHA1 Message Date
Nick Mathewson
0fd3ad75da Report wrong key sizes correctly
When we introduced NEED_KEY_1024 in routerparse.c back in
0.2.0.1-alpha, I forgot to add a *8 when logging the length of a
bad-length key.

Bugfix for 3318 on 0.2.0.1-alpha.
2011-06-01 11:07:17 -04:00
Roger Dingledine
7039c34519 fix a bridge edge case similar to 2511
If you had configured a bridge but then switched to a different bridge
via the controller, you would still be willing to use the old one.
2011-05-31 20:43:55 -04:00
Roger Dingledine
56771f392e stop asserting at boot
The patch for 3228 made us try to run init_keys() before we had loaded
our state file, resulting in an assert inside init_keys. We had moved
it too early in the function.

Now it's later in the function, but still above the accounting calls.
2011-05-30 23:50:37 -04:00
Nick Mathewson
d0e7c545ba Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-30 16:14:45 -04:00
Nick Mathewson
e035cea031 Merge branch 'bug3216_v2' into maint-0.2.2 2011-05-30 16:12:53 -04:00
Nick Mathewson
d274f539e5 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-30 15:51:46 -04:00
Nick Mathewson
d35a555348 Merge branch 'bug3289' into maint-0.2.2 2011-05-30 15:50:35 -04:00
Sebastian Hahn
ca538290af Warn when two hs use the same directory
This simple implementation has a few issues, but it should do for
0.2.2.x. We will want to revisit this later and make it smarter.
2011-05-30 15:47:06 -04:00
Nick Mathewson
fa1d47293b Merge remote-tracking branch 'origin/maint-0.2.2'
The conflicts were mainly caused by the routerinfo->node transition.

Conflicts:
	src/or/circuitbuild.c
	src/or/command.c
	src/or/connection_edge.c
	src/or/directory.c
	src/or/dirserv.c
	src/or/relay.c
	src/or/rendservice.c
	src/or/routerlist.c
2011-05-30 15:41:46 -04:00
Roger Dingledine
f118dc80e0 minor cleanups while reviewing 3216 2011-05-30 15:31:06 -04:00
Nick Mathewson
7e67a24038 Merge branch 'bug3045' into maint-0.2.2
Conflicts:
	src/or/circuitbuild.c
2011-05-30 15:18:59 -04:00
Nick Mathewson
3c0d944b07 Improve comments and defensive programming for 3045
The comment fixes are trivial.  The defensive programming trick is to
tolerate receiving NULL inputs on the describe functions. That should
never actually happen, but it seems like the likeliest mistake for us
to make in the future.
2011-05-30 15:15:10 -04:00
Nick Mathewson
21de9d46e2 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/common/compat.c
	src/or/main.c
2011-05-30 14:58:26 -04:00
Nick Mathewson
da7c60dcf3 Merge remote-tracking branch 'public/bug3270' into maint-0.2.2 2011-05-30 14:49:49 -04:00
Nick Mathewson
5dc3c462dc Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-30 12:43:25 -04:00
Nick Mathewson
f08f0e9dde Reinit keys at the start of options_act().
Previously we did this nearer to the end (in the old_options &&
transition_affects_workers() block).  But other stuff cares about
keys being consistent with options... particularly anything which
tries to access a key, which can die in assert_identity_keys_ok().

Fixes bug 3228; bugfix on 0.2.2.18-alpha.
2011-05-30 12:41:46 -04:00
Nick Mathewson
4b57ec6e5e Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/circuituse.c
2011-05-30 12:33:54 -04:00
Nick Mathewson
16cfca501f Merge branch 'bug1297a' into maint-0.2.2 2011-05-30 12:25:07 -04:00
Robert Ransom
8fc02a8e0c Use the normal four-hop CBT for client intro circuits
Fixes another part of bug 1297.
2011-05-30 12:24:51 -04:00
Robert Ransom
112d204fad Set timestamp_dirty on HS circuits as circuit_expire_building requires
Fixes part of #1297; bugfix on 48e0228f1e,
when circuit_expire_building was changed to assume that timestamp_dirty
was set when a circuit changed purpose to _C_REND_READY.  (It wasn't.)
2011-05-30 12:24:51 -04:00
Roger Dingledine
6917728637 Merge branch 'maint-0.2.2' 2011-05-29 19:11:07 -04:00
Roger Dingledine
5f182ea10e answer an XXX nickm asked in aa950e6c4 2011-05-29 18:52:37 -04:00
Nick Mathewson
285cf998bc Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/eventdns.c
2011-05-28 02:09:48 -04:00
Nick Mathewson
c319949550 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-05-28 02:08:39 -04:00
Nick Mathewson
ee72557d52 Merge branch 'bug2574' into maint-0.2.1 2011-05-28 02:07:48 -04:00
Nick Mathewson
42b15a0aaa Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-28 01:55:34 -04:00
Robert Ransom
39480c7978 Correct some outdated comments 2011-05-24 22:20:12 -07:00
Nick Mathewson
0e1fad648d Don't try to build descriptors when router_get_advertised_or_port()==0
The previous attempt was incomplete: it told us not to publish a
descriptor, but didn't stop us from generating one.  Now we treat an
absent OR port the same as not knowing our address.  (This means
that when we _do_ get an OR port, we need to mark the descriptor
dirty.)

More attempt to fix bug3216.
2011-05-24 18:05:37 -04:00
Nick Mathewson
95ac3ea594 Don't build descriptors if ORPort auto is set and we have no OR listener
This situation can happen easily if you set 'ORPort auto' and
'AccountingMax'.  Doing so means that when you have no ORPort, you
won't be able to set an ORPort in a descriptor, so instead you would
just generate lots of invalid descriptors, freaking out all the time.

Possible fix for 3216; fix on 0.2.2.26-beta.
2011-05-24 21:12:23 +02:00
Nick Mathewson
be76850995 Work correctly if your nameserver is ::1
We had all the code in place to handle this right... except that we
were unconditionally opening a PF_INET socket instead of looking at
sa_family.  Ow.

Fixes bug 2574; not a bugfix on any particular version, since this
never worked before.
2011-05-23 17:42:38 -04:00
Nick Mathewson
a5232e0c4c Fix GCC 4.6's new -Wunused-but-set-variable warnings.
Most instances were dead code; for those, I removed the assignments.
Some were pieces of info we don't currently plan to use, but which
we might in the future.  For those, I added an explicit cast-to-void
to indicate that we know that the thing's unused.  Finally, one was
a case where we were testing the wrong variable in a unit test.
That one I fixed.

This resolves bug 3208.
2011-05-23 17:04:38 -04:00
Nick Mathewson
2527acb2dc Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/common/Makefile.am
	src/or/control.c
2011-05-23 01:23:53 -04:00
Nick Mathewson
b80a8bba19 Merge branch 'feature3049-v2' into maint-0.2.2
Conflicts:
	src/common/Makefile.am
2011-05-23 01:19:04 -04:00
Nick Mathewson
cfeafe5e77 Use a 64-bit type to hold sockets on win64.
On win64, sockets are of type UINT_PTR; on win32 they're u_int;
elsewhere they're int.  The correct windows way to check a socket for
being set is to compare it with INVALID_SOCKET; elsewhere you see if
it is negative.

On Libevent 2, all callbacks take sockets as evutil_socket_t; we've
been passing them int.

This patch should fix compilation and correctness when built for
64-bit windows.  Fixes bug 3270.
2011-05-23 00:17:48 -04:00
Roger Dingledine
af0e8d834e don't mark our descriptor dirty if our onion key hasn't changed 2011-05-21 19:23:27 -04:00
Roger Dingledine
1ba1bdee4b naked constants are ugly 2011-05-21 18:55:23 -04:00
Roger Dingledine
6b54edef4f finish a comment nickm started in 8ebceeb3 2011-05-21 18:34:55 -04:00
Roger Dingledine
cb7fff193e Merge branch 'maint-0.2.2' 2011-05-21 18:14:16 -04:00
Roger Dingledine
0e8949a8fa remove some (confusing) dead code 2011-05-21 16:12:37 -04:00
Roger Dingledine
0235fe34d2 Merge branch 'bug1810' into maint-0.2.2 2011-05-21 16:09:55 -04:00
Sebastian Hahn
3ff7925a70 Don't recreate descriptor on sighup
We used to regenerate our descriptor whenever we'd get a sighup. This
was caused by a bug in options_transition_affects_workers() that would
return true even if the options were exactly the same. Down the call
path we'd call init_keys(), which made us make a new descriptor which
the authorities would reject, and the node would subsequently fall out
of the consensus.

This patch fixes only the first part of this bug:
options_transition_affects_workers() behaves correctly now. The second
part still wants a fix.
2011-05-21 16:08:21 -04:00
Roger Dingledine
a2851d3034 what's up with this trailing whitespace 2011-05-20 23:30:37 -04:00
Robert Ransom
7b34e3a965 Split out owning-controller-loss shutdown code into a function 2011-05-20 08:25:43 -07:00
Robert Ransom
bb860cedb2 Implement TAKEOWNERSHIP command 2011-05-20 08:25:43 -07:00
Robert Ransom
338a026610 Split control connection cleanup out of connection_free 2011-05-20 08:25:42 -07:00
Robert Ransom
86aeb152ca Fix comment typo 2011-05-20 08:25:42 -07:00
Robert Ransom
36afdebe1a Add an XXX 2011-05-20 08:25:42 -07:00
Robert Ransom
90f810801e Fix trailing asterisk in the output of "GETINFO info/names" 2011-05-20 08:25:42 -07:00
Robert Ransom
b3133d1cad Exit immediately if we can't monitor our owning controller process
tor_process_monitor_new can't currently return NULL, but if it ever can,
we want that to be an explicitly fatal error, without relying on the fact
that monitor_owning_controller_process's chain of caller will exit if it
fails.
2011-05-20 08:25:42 -07:00
Robert Ransom
4b266c6e72 Implement __OwningControllerProcess option
Implements part of feature 3049.
2011-05-20 08:25:42 -07:00
Roger Dingledine
0a4649e657 Merge branch 'maint-0.2.2' 2011-05-20 03:03:46 -04:00
Roger Dingledine
b8ffb00cf1 log the reason for publishing a new relay descriptor
now we have a better chance of hunting down the root cause of bug 1810.
2011-05-19 23:59:52 -04:00
Sebastian Hahn
c13fb7feb1 Fix a compile warning on OSX 10.6 2011-05-20 05:53:55 +02:00
Roger Dingledine
18f1b354ec Merge branch 'maint-0.2.2' 2011-05-17 21:15:24 -04:00
Roger Dingledine
073fed06c4 discard circuits when we change our bridge configuration
otherwise we might reuse circuits from the previous configuration,
which could be bad depending on the user's situation
2011-05-17 21:13:59 -04:00
Roger Dingledine
92081f3cdc Merge branch 'maint-0.2.2' 2011-05-17 20:50:18 -04:00
Roger Dingledine
07c5026efa refetch bridge descriptors in a timely fashion
When we configure a new bridge via the controller, don't wait up to ten
seconds before trying to fetch its descriptor. This wasn't so bad when
you listed your bridges in torrc, but it's dreadful if you configure
your bridges via vidalia.
2011-05-17 20:48:46 -04:00
Nick Mathewson
c240efab86 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-17 19:53:06 -04:00
Nick Mathewson
bc89ef0ca8 Merge branch 'bug2752' into maint-0.2.2 2011-05-17 19:51:53 -04:00
Nick Mathewson
e0e8424f1e Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-17 19:47:48 -04:00
Nick Mathewson
21ed575826 Handle NULL argument to get_configured_bridge_by_addr_port_digest
Fixes bug 2313; bugfix on 0.2.2.26-beta.
2011-05-17 19:46:47 -04:00
Nick Mathewson
2e07925a52 Oops; that function got renamed. 2011-05-17 19:45:05 -04:00
Robert Ransom
480a75cbbd Check onion keys in microdescriptors, too 2011-05-17 19:39:00 -04:00
Michael Yakubovich
a3707a1052 Fix bug2752 : 48-char HTTPProxyAuthenticator limitation
Bumped the char maximum to 512 for HTTPProxyAuthenticator &
HTTPSProxyAuthenticator. Now stripping all '\n' after base64
encoding in alloc_http_authenticator.
2011-05-16 16:09:35 -04:00
Nick Mathewson
03ccce6d77 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-16 14:50:53 -04:00
Nick Mathewson
e908e3a332 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
Fixed trivial conflict due to headers moving into their own .h files
from or.h.

Conflicts:
	src/or/or.h
2011-05-16 14:49:55 -04:00
Nick Mathewson
4a22046c86 squash! Add crypto_pk_check_key_public_exponent function
Rename crypto_pk_check_key_public_exponent to crypto_pk_public_exponent_ok:
it's nice to name predicates s.t. you can tell how to interpret true
and false.
2011-05-16 14:45:06 -04:00
Robert Ransom
987190c2bc Require that certain public keys have public exponent 65537 2011-05-16 14:28:46 -04:00
Robert Ransom
7571e9f1cb Check fetched rendezvous descriptors' service IDs 2011-05-16 14:07:24 -04:00
Nick Mathewson
e423447f53 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/connection.c
2011-05-16 11:12:22 -04:00
Nick Mathewson
919bf6ff3c Merge remote-tracking branch 'public/bug2850' into maint-0.2.2
Fixed a trivial conflict where this and the ControlSocketGroupWritable
code both added different functions to the same part of connection.c.

Conflicts:
	src/or/connection.c
2011-05-16 11:10:17 -04:00
Nick Mathewson
b95dd03e5f Log descriptions of nodes, not just nicknames.
This patch introduces a few new functions in router.c to produce a
more helpful description of a node than its nickame, and then tweaks
nearly all log messages taking a nickname as an argument to call these
functions instead.

There are a few cases where I left the old log messages alone: in
these cases, the nickname was that of an authority (whose nicknames
are useful and unique), or the message already included an identity
and/or an address.  I might have missed a couple more too.

This is a fix for bug 3045.
2011-05-15 21:58:46 -04:00
Nick Mathewson
4ac8ff9c9f Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-15 20:22:44 -04:00
Nick Mathewson
4b800408fa Check permissions on the directory holding a control socket 2011-05-15 20:20:29 -04:00
Nick Mathewson
3b6cbf2534 Add a function to pull off the final component of a path 2011-05-15 20:20:29 -04:00
Sebastian Hahn
4198261291 Clean up the 2972 implementation a little 2011-05-15 20:20:28 -04:00
Jérémy Bobbio
d41ac64ad6 Add UnixSocketsGroupWritable config flag
When running a system-wide instance of Tor on Unix-like systems, having
a ControlSocket is a quite handy mechanism to access Tor control
channel.  But it would be easier if access to the Unix domain socket can
be granted by making control users members of the group running the Tor
process.

This change introduces a UnixSocketsGroupWritable option, which will
create Unix domain sockets (and thus ControlSocket) 'g+rw'. This allows
ControlSocket to offer same access control measures than
ControlPort+CookieAuthFileGroupReadable.

See <http://bugs.debian.org/552556> for more details.
2011-05-15 20:20:28 -04:00
Nick Mathewson
f2c1702182 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/circuitbuild.h
2011-05-15 20:17:17 -04:00
Nick Mathewson
2b9c5ee301 Preserve bridge download status across SETCONF, HUP
This code changes it so that we don't remove bridges immediately when
we start re-parsing our configuration.  Instead, we mark them all, and
remove all the marked ones after re-parsing our bridge lines.  As we
add a bridge, we see if it's already in the list.  If so, we just
unmark it.

This new behavior will lose the property we used to have that bridges
were in bridge_list in the same order in which they appeared in the
torrc.  I took a quick look through the code, and I'm pretty sure we
didn't actually depend on that anywhere.

This is for bug 3019; it's a fix on 0.2.0.3-alpha.
2011-05-15 20:13:44 -04:00
Nick Mathewson
68acfefbdb Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-15 20:12:20 -04:00
Nick Mathewson
bc44393eb5 Fixup whitespace issues from 3122 commit 2011-05-15 20:12:01 -04:00
Nick Mathewson
4c3853aca8 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
Conflicts:
	src/or/networkstatus.c
2011-05-15 20:09:10 -04:00
Nick Mathewson
00ff80e0ae Fixup whitespace issues from 3122 commit 2011-05-15 20:06:36 -04:00
Nick Mathewson
1f7b9e61ce Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-15 12:18:39 -04:00
Nick Mathewson
69ff26b05c Merge branch 'bug3026' into maint-0.2.2 2011-05-15 12:18:23 -04:00
Nick Mathewson
37e3fb8af2 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/connection_edge.c
2011-05-15 11:44:51 -04:00
Nick Mathewson
f287100934 Replace a nasty add-malloc-snprintf with a nice clean asprintf 2011-05-15 11:41:49 -04:00
Nick Mathewson
a5d40c2d0f Merge branch 'bug1345' into maint-0.2.2 2011-05-15 11:40:14 -04:00
Nick Mathewson
2bb6bdc3f9 Better doc for consider_recording_trackexithost 2011-05-15 11:37:33 -04:00
Nick Mathewson
2fd9cfdc23 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/routerlist.c
2011-05-15 11:23:02 -04:00
Nick Mathewson
228b77f64e Merge branch 'bug2732-simpler' into maint-0.2.2 2011-05-15 11:17:54 -04:00
Nick Mathewson
1b512fb914 Rip out more of hid_serv_acting_as_directory
rransom notes correctly that now that we aren't checking our HSDir
flag, we have no actual reason to check whether we are listed in the
consensus at all when determining if we should act like a hidden
service directory.
2011-05-15 11:17:44 -04:00
Nick Mathewson
f11c269ed6 Merge remote-tracking branch 'asn-mytor/heartbeat' 2011-05-15 11:07:06 -04:00
George Kadianakis
ce3b553926 Fix bug3183 2011-05-15 03:13:52 +02:00
Nick Mathewson
da8297dbcb Handle transitions in Automap*, VirtualAddrNetwork correctly
Previously, if they changed in torrc during a SIGHUP, all was well,
since we would just clear all transient entries from the addrmap
thanks to bug 1345.  But if you changed them from the controller, Tor
would leave old mappings in place.

The VirtualAddrNetwork bug has been here since 0.1.1.19-rc; the
AutomapHosts* bug has been here since 0.2.0.1-alpha.
2011-05-13 16:59:31 -04:00
Nick Mathewson
a3ae591115 When TrackExitHosts changes, remove all no-longer-valid mappings
This bug couldn't happen when TrackExitHosts changed in torrc, since
the SIGHUP to reload the torrc would clear out all the transient
addressmap entries before.  But if you used SETCONF to change
TrackExitHosts, old entries would be left alone: that's a bug, and so
this is a bugfix on Tor 0.1.0.1-rc.
2011-05-13 16:28:50 -04:00
Nick Mathewson
ec81d17d0c Raise the TrackHostExits membership code into its own function 2011-05-13 16:22:10 -04:00
Nick Mathewson
09da83e1e8 Don't clear out transient addressmap entries on HUP
If you really want to purge the client DNS cache, the TrackHostExits
mappings, and the virtual address mappings, you should be using NEWNYM
instead.

Fixes bug 1345; bugfix on Tor 0.1.0.1-rc.

Note that this needs more work: now that we aren't nuking the
transient addressmap entries on HUP, we need to make sure that
configuration changes to VirtualAddressMap and TrackHostExits actually
have a reasonable effect.
2011-05-13 16:20:01 -04:00
Nick Mathewson
600744b4be Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/config.c
	src/or/dirserv.c
	src/or/or.h
2011-05-13 10:48:07 -04:00
Nick Mathewson
7f654a6a6f Add a ControlPortFileGroupWritable option 2011-05-13 10:41:29 -04:00
Nick Mathewson
dad12188a6 Write automatically-chosen control ports to a file. 2011-05-13 10:41:28 -04:00
Nick Mathewson
c55c8f0d49 new GETINFO command to return list of listeners of a given type 2011-05-13 10:41:19 -04:00
Nick Mathewson
3da661b242 Advertise correct DirPort/ORPort when configured with "auto"
We'll eventually want to do more work here to make sure that the ports
are stable over multiple invocations.  Otherwise, turning your node on
and off will get you a new DirPort/ORPort needlessly.
2011-05-13 10:41:18 -04:00
Nick Mathewson
6f5998fd73 Correct the signature for is_listening_on_low_port for "auto" ports 2011-05-13 10:41:18 -04:00
Nick Mathewson
61c06cbc66 Teach retry_listener about "auto" ports.
Otherwise, it will just immediately close any port declared with "auto"
on the grounds that it wasn't configured.  Now, it will allow "auto" to
match any port.

This means FWIW if you configure a socks port with SocksPort 9999
and then transition to SocksPort auto, the original socksport will
not get closed and reopened.  I'm considering this a feature.
2011-05-13 10:41:18 -04:00
Nick Mathewson
5fec8fe559 "(Socks|Control|etc)Port auto" now tells Tor to open an arbitrary port
This is the major part of the implementation for trac issue 3076.
2011-05-13 10:41:18 -04:00
Nick Mathewson
87c79cf017 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-12 19:41:59 -04:00
Nick Mathewson
e0d5a6e184 Downgrade the "we launched 10 circuits for this stream" message. (See bug 3080) 2011-05-12 19:41:08 -04:00
Nick Mathewson
af85017177 Merge remote-tracking branch 'public/bug3122_memcmp_023' 2011-05-12 19:27:18 -04:00
Nick Mathewson
59a6df8882 Merge remote-tracking branch 'public/bug3122_memcmp_022' into maint-0.2.2 2011-05-12 19:25:14 -04:00
Nick Mathewson
1f678277a1 Merge remote-tracking branch 'public/bug3122_memcmp_squashed' into maint-0.2.1 2011-05-12 19:20:40 -04:00
Nick Mathewson
696cd1cfe2 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-12 18:51:33 -04:00
mikey99
42fcf059d2 Fixes ticket #2503
HTTPS error code 403 is now reported as:
"The https proxy refused to allow connection".
Used a switch statement for additional error codes to be explained
in the future.
2011-05-12 17:33:09 -04:00
Nick Mathewson
621e95a4f3 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-12 11:21:59 -04:00
Nick Mathewson
bdff7e3299 Unmap microdesc cache before replacing it.
If we do a replace-then-munmap, windows will never actually rewrite
the microdesc cache.

Found by wanoskarnet; bugfix on 0.2.2.6-alpha.
2011-05-12 11:19:52 -04:00
Nick Mathewson
4ba9f3e317 Track where microdescs are referenced to prevent free errs
On IRC, wanoskarnet notes that if we ever do microdesc_free() on a
microdesc that's in the nodelist, we're in trouble.  Also, we're in
trouble if we free one that's still in the microdesc_cache map.

This code adds a flag to microdesc_t to note where the microdesc is
referenced from, and checks those flags from microdesc_free().  I
don't believe we have any errors here now, but if we introduce some
later, let's log and recover from them rather than introducing
heisenbugs later on.

Addresses bug 3153.
2011-05-12 11:10:35 -04:00
Nick Mathewson
7779c63e93 Accept hs descriptors even if we don't see an HSDir for us
The old behavior contributed to unreliability when hidden services and
hsdirs had different consensus versions, and so had different opinions
about who should be cacheing hsdir info.

Bugfix on 0.2.0.10-alpha; based on discussions surrounding bug 2732.
2011-05-12 00:53:07 -04:00
Nick Mathewson
6b83b3ba2a bug 3026: do not upload our vote to ourself 2011-05-12 00:47:00 -04:00
Nick Mathewson
3968e8d14b Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-12 00:14:44 -04:00
Nick Mathewson
b47f574c1e Merge branch 'bug1352' into maint-0.2.2 2011-05-12 00:14:10 -04:00
Nick Mathewson
7649adbce6 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-11 22:55:29 -04:00
Nick Mathewson
8057b7363e Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-05-11 22:52:26 -04:00
Nick Mathewson
13847b8db6 Fix crash when read_file_to_string() fails in SAVECONF
The new behavior is to try to rename the old file if there is one there
that we can't read.  In all likelihood, that will fail too, but at least
we tried, and at least it won't crash.
2011-05-11 22:05:41 -04:00
Nick Mathewson
9e16a418f9 Hand-tune the new tor_memcmp instances in 0.2.3 2011-05-11 16:46:38 -04:00
Nick Mathewson
7267647bd7 Reapply the automated memcmp conversion to 0.2.3 to catch newly added memcmps 2011-05-11 16:41:14 -04:00
Nick Mathewson
9fba014e3f Merge remote-tracking branch 'public/bug3122_memcmp_022' into bug3122_memcmp_023
Conflicts in various places, mainly node-related.  Resolved them in
favor of HEAD, with copying of tor_mem* operations from bug3122_memcmp_022.

	src/common/Makefile.am
	src/or/circuitlist.c
	src/or/connection_edge.c
	src/or/directory.c
	src/or/microdesc.c
	src/or/networkstatus.c
	src/or/router.c
	src/or/routerlist.c
	src/test/test_util.c
2011-05-11 16:39:45 -04:00
Nick Mathewson
8fb38331c3 Hand-tune the new tor_memcmp instances in 0.2.2 2011-05-11 16:32:30 -04:00
Nick Mathewson
0cbcbc3412 Re-apply the automated conversion to 0.2.2 to make handle any memcmps that snuck in 2011-05-11 16:27:27 -04:00
Nick Mathewson
44ad734573 Merge remote-tracking branch 'public/3122_memcmp_squashed' into bug3122_memcmp_022
Conflicts throughout.  All resolved in favor of taking HEAD and
adding tor_mem* or fast_mem* ops as appropriate.

	src/common/Makefile.am
	src/or/circuitbuild.c
	src/or/directory.c
	src/or/dirserv.c
	src/or/dirvote.c
	src/or/networkstatus.c
	src/or/rendclient.c
	src/or/rendservice.c
	src/or/router.c
	src/or/routerlist.c
	src/or/routerparse.c
	src/or/test.c
2011-05-11 16:24:29 -04:00
Nick Mathewson
59f9097d5c Hand-conversion and audit phase of memcmp transition
Here I looked at the results of the automated conversion and cleaned
them up as follows:

   If there was a tor_memcmp or tor_memeq that was in fact "safe"[*] I
   changed it to a fast_memcmp or fast_memeq.

   Otherwise if there was a tor_memcmp that could turn into a
   tor_memneq or tor_memeq, I converted it.

This wants close attention.

[*] I'm erring on the side of caution here, and leaving some things
as tor_memcmp that could in my opinion use the data-dependent
fast_memcmp variant.
2011-05-11 16:12:51 -04:00
Nick Mathewson
db7b2a33ee Automated conversion of memcmp to tor_memcmp/tor_mem[n]eq
This commit is _exactly_ the result of

perl -i -pe 's/\bmemcmp\(/tor_memcmp\(/g' src/*/*.[ch]
perl -i -pe 's/\!\s*tor_memcmp\(/tor_memeq\(/g' src/*/*.[ch]
perl -i -pe 's/0\s*==\s*tor_memcmp\(/tor_memeq\(/g' src/*/*.[ch]
perl -i -pe 's/0\s*!=\s*tor_memcmp\(/tor_memneq\(/g' src/*/*.[ch]
git checkout src/common/di_ops.[ch]
git checkout src/or/test.c
git checkout src/common/test.h
2011-05-11 16:12:51 -04:00
Nick Mathewson
4b19730c82 Add a data-independent variant of memcmp and a d-i memeq function.
The tor_memcmp code is by Robert Ransom, and the tor_memeq code is
by me.  Both incorporate some ideas from DJB's stuff.
2011-05-11 16:12:33 -04:00
Nick Mathewson
e6980faec4 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/directory.c
2011-05-09 13:39:51 -04:00
Nick Mathewson
09d7af7789 Merge remote-tracking branch 'public/bug3022_v2' into maint-0.2.2 2011-05-09 13:37:56 -04:00
Nick Mathewson
acd6a4856b Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/connection.c
2011-05-09 13:36:40 -04:00
Sebastian Hahn
9da4e25183 Remove some dead code, found by clang 2011-05-09 13:19:46 -04:00
Sebastian Hahn
d7d25558fa Remove a duplicated line, found by clang 2011-05-09 13:19:46 -04:00
Sebastian Hahn
1c668540fe Fix potential null pointer deref during dirvote
Found by using clang's analyzer.
2011-05-09 13:19:46 -04:00
Sebastian Hahn
1827e60976 Fix a potential null deref when rebuilding md cache
Issue discovered using clang's static analyzer
2011-05-09 13:19:45 -04:00
Sebastian Hahn
8ebb3ce6e2 CONN_LOG_PROTECT()'s first argument may not be 0
Make that explicit by adding an assert and removing a null-check. All of
its callers currently depend on the argument being non-null anyway.
Silences a few clang complaints.
2011-05-09 13:19:45 -04:00
Sebastian Hahn
80e57af50f Appease clang - and my tortured mind
This possible div by 0 warning from clang's analyzer was quite fun to
track down. Turns out the current behaviour is safe.
2011-05-09 13:19:45 -04:00
Sebastian Hahn
58a16a4d6f Add an assert to un-confuse clang's analyzer
The analyzer assumed that bootstrap_percent could be less than 0 when we
call control_event_bootstrap_problem(), which would mean we're calling
log_fn() with undefined values. The assert makes it clear this can't
happen.
2011-05-09 13:19:44 -04:00
Sebastian Hahn
532c13693e Fix a docstring 2011-05-09 13:19:44 -04:00
Sebastian Hahn
e36f9d1d9b Link to libevent_openssl statically when requested
When configure tor with --enable-bufferevents and
--enable-static-libevent, libevent_openssl would still be linked
dynamically. Fix this and refactor src/or/Makefile.am along the way.
2011-05-06 15:38:32 +02:00
Nick Mathewson
a740994c77 Fix check-spaces issues in master 2011-05-05 21:56:52 -04:00
Nick Mathewson
1065a5ef29 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-05 21:54:04 -04:00
Nick Mathewson
330116f034 Fix up some check-spaces issues 2011-05-05 21:53:46 -04:00
Nick Mathewson
85ddc76bf1 Make microdesc use off-by-default for now, since there are not enough caches 2011-05-05 20:54:14 -04:00
Nick Mathewson
9d4c32dd2f Now that 0.2.3.1-alpha is out, require it for microdesc fetches 2011-05-05 20:54:14 -04:00
Nick Mathewson
711100c597 Move dummy authority.z fetch out of update_router_descriptor_downloads
To make sure that a server learns if its IP has changed, the server
sometimes launches authority.z descriptor fetches from
update_router_descriptor_downloads.  That's nice, but we're moving
towards a situation where update_router_descriptor_downloads doesn't
always get called.  So this patch breaks the authority.z
check-and-fetch into a new function.

This function also renames last_routerdesc_download to a more
appropriate last_descriptor_download, and adds a new
update_all_descriptor_downloads() function.

(For now, this is unnecessary, since servers don't actually use
microdescriptors.  But that could change, or bridges could start
using microdescriptors, and then we'll be glad this is refactored
nicely.)
2011-05-05 20:54:13 -04:00
Nick Mathewson
4cc348e896 Code to make clients fetch and use microdescriptors for circuit building
To turn this on, set UseMicrodescriptors to "1" (or "auto" if you
want it on-if-you're-a-client).  It should go auto-by-default once
0.2.3.1-alpha is released.

Because of our node logic, directory caches will never use
microdescriptors when they have the right routerinfo available.
2011-05-05 20:54:12 -04:00
Nick Mathewson
3df22887a3 Replace _AUTHORITY enum values with _DIRINFO values (automted) 2011-05-05 20:54:12 -04:00
Nick Mathewson
6e58575767 Automated rename from authority_type_t to dirinfo_type_t
We were already overloading this type to mean "a directory that can
serve us X" in addition to "a directory that is an authority for X."
2011-05-05 20:54:11 -04:00
Nick Mathewson
ba1143e468 Add a new configuration type, "AUTOBOOL", to handle 1/0/auto types
We only have one of these now, but I'm about to add a few more.

Yes, I have already thought of the "Filenotfoundian logic" joke.
2011-05-05 20:54:11 -04:00
Nick Mathewson
08efa70c41 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-04 23:29:56 -04:00
Nick Mathewson
9583a534ac Merge remote-tracking branch 'rransom/bug3106' into maint-0.2.2 2011-05-04 23:18:47 -04:00
Robert Ransom
66339f74b4 Handle crypto_pk_get_digest failures semi-sensibly
Fixes bug 3106.
2011-05-04 20:06:24 -07:00
Nick Mathewson
7de3a19497 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-04 20:33:38 -04:00
Nick Mathewson
ab1460f3ae Merge remote-tracking branch 'sebastian/win_warning' into maint-0.2.2 2011-05-04 20:33:16 -04:00
Sebastian Hahn
9a490bb53b Fix compile warning on windows 2011-05-05 02:22:46 +02:00
Nick Mathewson
aba7bb705a Set SO_REUSEADDR on all sockets, not just listeners
See bug 2850 for rationale: it appears that on some busy exits, the OS
decides that every single port is now unusable because they have been
all used too recently.
2011-05-03 22:22:20 -04:00
Nick Mathewson
fac99f01da Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-03 21:54:18 -04:00
Nick Mathewson
4126de6888 Fix circuit_list_path_impl(): internal circuits do not have an "exit". Trivial fix for 3079. 2011-05-03 21:53:59 -04:00
Nick Mathewson
599d1b62b4 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/main.c
	src/or/microdesc.c
2011-05-03 17:30:58 -04:00
Nick Mathewson
68ae5afa5a Change who calls microdesc_cache_rebuild().
Previously we ensured that it would get called periodically by doing
it from inside the code that added microdescriptors.  That won't work
though: it would interfere with our code that tried to read microdescs
from disk initially.  Instead, we should consider rebuilding the cache
periodically, and on startup.
2011-05-03 17:28:28 -04:00
Nick Mathewson
865d53be54 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/microdesc.c
2011-05-03 17:19:35 -04:00
Nick Mathewson
cb6c909664 Rebuild the microdesc cache when a sufficient number of bytes are dropped
Previously on 0.2.2, we'd never clean the cache.  Now that we can
clean it, we want to add a condition to rebuild it: that should happen
whenever we have dropped enough microdescriptors that we could save a
lot of space.

No changes file, since 0.2.3 doesn't need one and 0.2.2 already has some
changes files for the backport of the microdesc_clean_cahce() function.
2011-05-03 17:03:49 -04:00
Nick Mathewson
56fbd728c2 Backport microdesc_cache_clean to 0.2.2
Otherwise we have no way to keep authorities' microdesc caches in 0.2.2
from growing without bound.
2011-05-03 16:45:15 -04:00
Nick Mathewson
1f97e8322f Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/microdesc.c
2011-05-03 16:33:41 -04:00
Nick Mathewson
970715dd8f Fix a check for when to rebuild the microdesc cache. (Backport from 0.2.3. 2011-05-03 16:29:39 -04:00
Nick Mathewson
698fa0fc67 Add missing code to set cache->journal_len when reading microdesc journal
This could be one reason that authorities' journals would grow without
bound; related to bug 2230. Bugfix on 0.2.2.6-alpha.  Fix by
"cypherpunks".
2011-05-03 16:22:31 -04:00
Sebastian Hahn
47a2e5a9ce Don't choose exit nodes without desc available
n_supported[i] has a random value prior to initialization, so a node
that doesn't have routerinfo available can have a random priority.

Patch contributed by wanoskarnet from #tor. Thanks!
2011-04-30 22:03:51 +02:00
Nick Mathewson
c48d6da24c Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-29 11:15:11 -04:00
Nick Mathewson
dbd73b9689 Clean up a warning a bit 2011-04-29 11:14:53 -04:00
Nick Mathewson
4f7587a5ed Tweak the startup message to be more helpful
Instead of just saying "boogity boogity!" let's actually warn people
that they need to configure stuff right to be safe, and point them
at instructions for how to do that.

Resolves bug 2474.
2011-04-28 22:00:22 -04:00
Nick Mathewson
bcdffc0f80 Rate-limit v2 networkstatus download fail warnings
This fixes part of 1352.  We don't care deeply about these warnings,
since v2 networkstatuses aren't a big deal.
2011-04-28 21:25:24 -04:00
Nick Mathewson
50c6b55757 Rename connection_dir_download_networkstatus_failed: be clear that it means v2 2011-04-28 21:23:32 -04:00
Nick Mathewson
20d6ac3530 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-28 21:17:51 -04:00
Nick Mathewson
f0d9e2d650 Merge remote-tracking branch 'arma/bug3012' into maint-0.2.2 2011-04-28 21:15:14 -04:00
Roger Dingledine
66de6f7eb8 relays checkpoint their state file twice a day 2011-04-28 21:06:25 -04:00
Nick Mathewson
cd42ae7185 Only authorities should automatically download v2 networkstatus documents
Clients and relays haven't used them since early 0.2.0.x.  The only
remaining use by authorities learning about new relays ahead of scedule;
see proposal 147 for what we intend to do about that.

We're leaving in an option (FetchV2Networkstatus) to manually fetch v2
networkstatuses, because apparently dnsel and maybe bwauth want them.

This fixes bug 3022.
2011-04-28 21:06:07 -04:00
Nick Mathewson
b0a7e0d6ca Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-28 20:55:03 -04:00
Nick Mathewson
4010427b51 Merge remote-tracking branch 'arma/bug3039' into maint-0.2.2 2011-04-28 20:53:44 -04:00
Roger Dingledine
df3cf881d1 stop putting wacky values into state->lastwritten 2011-04-28 20:40:15 -04:00
Nick Mathewson
9d67d16c6a Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-28 20:38:50 -04:00
Nick Mathewson
5693fedb60 Clarify comment to say which version fixed 2722 2011-04-28 20:38:15 -04:00
Nick Mathewson
6b9aadd557 Merge remote-tracking branches 'rransom/bug2722' and 'rransom/bug2722b' into maint-0.2.2 2011-04-28 20:36:38 -04:00
Nick Mathewson
bb8689b864 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-28 20:05:48 -04:00
Nick Mathewson
c122897925 Merge remote-tracking branch 'sebastian/bug3020' into maint-0.2.2 2011-04-28 20:03:57 -04:00
Roger Dingledine
710227a77f fix a function comment 2011-04-28 19:19:04 -04:00
Sebastian Hahn
525d2700dd Correctly check elapsed time in last hibernation period
Fix bug 3020.
2011-04-29 01:18:32 +02:00
Nick Mathewson
f38ecd5ac0 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-28 18:14:50 -04:00
Nick Mathewson
6dfc0d5301 Avoid false positives from proxy_mode()
Previously it would erroneously return true if ListenAddr was set for
a client port, even if that port itself was 0.  This would give false
positives, which were not previously harmful... but which were about
to become.
2011-04-28 18:11:58 -04:00
Robert Ransom
b8708b5bd3 Fix bug 1930 2011-04-28 18:11:58 -04:00
Robert Ransom
ddd1b7be2d Ignore SIGNAL NEWNYM on relay-only Tor instances 2011-04-28 18:10:17 -04:00
Robert Ransom
df5c7fedbd Don't allow v0 HS auths to act as clients
A v0 HS authority stores v0 HS descriptors in the same descriptor
cache that its HS client functionality uses.  Thus, if the HS
authority operator clears its client HS descriptor cache, ALL v0
HS descriptors will be lost.  That would be bad.
2011-04-28 18:10:16 -04:00
Nick Mathewson
88638d40ca Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-28 16:05:59 -04:00
Nick Mathewson
3055acbdbe Merge remote-tracking branch 'sebastian/bug2497' into maint-0.2.2 2011-04-28 16:05:34 -04:00
Nick Mathewson
32918e954f Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/rendcommon.h
2011-04-28 15:57:27 -04:00
Robert Ransom
2c0258b69a Clean up merge of bug3k_021 2011-04-28 15:52:42 -04:00
Sebastian Hahn
4b13ebd5ab Merge branch 'bug3k_021' into bug3k_022
Conflicts:
	src/or/or.h
	src/or/rendclient.c
2011-04-28 19:00:34 +02:00
Sebastian Hahn
8a36f21251 Fix a failure case of connection_ap_handshake_attach_circuit()
tor_fragile_assert() might be a no-op, so we have to return something
here to indicate failure to the caller.
2011-04-28 18:14:50 +02:00
Robert Ransom
f1cf9bd74d Fix a bug introduced by purging rend_cache on NEWNYM
If the user sent a SIGNAL NEWNYM command after we fetched a rendezvous
descriptor, while we were building the introduction-point circuit, we
would give up entirely on trying to connect to the hidden service.

Original patch by rransom slightly edited to go into 0.2.1
2011-04-28 18:14:50 +02:00
Robert Ransom
2ad18ae736 Allow rend_client_send_introduction to fail transiently
i.e. without closing the AP connection.
2011-04-28 18:14:50 +02:00
Robert Ransom
440e48ddf2 Forget all rendezvous client state on SIGNAL NEWNYM 2011-04-28 18:14:50 +02:00
Nick Mathewson
26c022ecbc Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-27 17:26:40 -04:00
Nick Mathewson
34510f9278 Fix clear_trackhostexits_mapping() to actually work as advertised
Previously, it would remove every trackhostexits-derived mapping
*from* xyz.<exitname>.exit; it was supposed to remove every
trackhostexits-derived mapping *to* xyz.<exitname>.exit.

Bugfix on 0.2.0.20-rc: fixes an XXX020 added while staring at bug-1090
issues.
2011-04-27 17:23:05 -04:00
Roger Dingledine
d4a61c76a1 Merge branch 'maint-0.2.2'
Conflicts:
	src/or/dirserv.h
2011-04-27 15:21:27 -04:00
Nick Mathewson
78c610eea9 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	doc/tor.1.txt
2011-04-27 15:20:01 -04:00
Roger Dingledine
cba1d29b7f make make check-spaces happier.
(still not happy.)
2011-04-27 15:18:34 -04:00
cypherpunks
247cbab6c8 Fix double-free bug in microdesc parser 2011-04-27 15:15:32 -04:00
Nick Mathewson
8b686d98c4 Merge maint-0.2.2 for the bug1090-part1-squashed branch
Resolved conflicts in:
	doc/tor.1.txt
	src/or/circuitbuild.c
	src/or/circuituse.c
	src/or/connection_edge.c
	src/or/connection_edge.h
	src/or/directory.c
	src/or/rendclient.c
	src/or/routerlist.c
	src/or/routerlist.h

These were mostly releated to the routerinfo_t->node_t conversion.
2011-04-27 14:36:30 -04:00
Roger Dingledine
0c40dda3ad explain an argument in a function comment 2011-04-27 13:43:11 -04:00
Nick Mathewson
748350ace1 Instead of checking whether we have unremoved intro points, check for usable ones 2011-04-27 00:01:41 -04:00
Roger Dingledine
b8b557dcb2 better user-facing warnings for unexpected last hops
these still aren't perfect, but we won't know how to correct them until
we start experiencing surprised users.
2011-04-27 00:01:41 -04:00
Roger Dingledine
f7a5bc16d6 warn if we launch too many circuits for a given stream 2011-04-27 00:01:41 -04:00
Roger Dingledine
f962dda8c1 revert most of ef81649d2f
Now we believe it to be the case that we never build a circuit for our
stream that has an unsuitable exit, so we'll never need to use such
a circuit. The risk is that we have some code that builds the circuit,
but now we refuse to use it, meaning we just build a bazillion circuits
and ignore them all.
2011-04-27 00:01:41 -04:00
Nick Mathewson
8ee92f28e0 Add a circuit_purpose_to_string() function, and use it
We had a circuit_purpose_to_controller_string() function, but it was
pretty coarse-grained and didn't try to be human-readable.
2011-04-27 00:01:35 -04:00
Sebastian Hahn
e03e90bf59 Fix a check-spaces complaint 2011-04-26 23:55:23 -04:00
Sebastian Hahn
92ec36a061 Explain the "using anyway" log message better
Also add a request to report any cases where we are not honoring
StrictNodes to the developers: These should now all be bugs.
2011-04-26 23:55:23 -04:00
Sebastian Hahn
8e2904e269 Fix a log msg 2011-04-26 23:55:22 -04:00
Nick Mathewson
79a3b3cd37 Check transition of circuit purpose from INTRO->GENERAL if nodes are constrained
This looked at first like another fun way around our node selection
logic: if we had introduction circuits, and we wound up building too
many, we would turn extras into general-purpose circuits.  But when we
did so, we wouldn't necessarily check whether the general-purpose
circuits conformed to our node constraints.  For example, the last
node could totally be in ExcludedExitNodes and we wouldn't have cared...

...except that the circuit should already be internal, so it won't get user
streams attached to it, so the transition should generally be allowed.
Add an assert to make sure we're right about this, and have it not
check whether ExitNodes is set, since that's irrelevant to internal
circuits.
2011-04-26 23:54:18 -04:00
Nick Mathewson
6afad6b691 When cannibalizing a circuit, make sure it has no ExcludeNodes on it
This could happen if StrictNodes was 0 and we were forced to pick an
excluded node as the last hop of the circuit.
2011-04-26 23:54:17 -04:00
Nick Mathewson
80adb3de50 When there is a transition in permitted nodes, apply it to trackexithosts map
IOW, if we were using TrackExitHosts, and we added an excluded node or
removed a node from exitnodes, we wouldn't actually remove the mapping
that points us at the new node.

Also, note with an XXX022 comment a place that I think we are looking
at the wrong string.
2011-04-26 23:54:17 -04:00
Nick Mathewson
128582cc1f Simplify calls to routerset_equal
The routerset_equal function explicitly handles NULL inputs, so
there's no need to check inputs for NULL before calling it.

Also fix a bug in routerset_equal where a non-NULL routerset with no
entries didn't get counted as equal to a NULL routerset.  This was
untriggerable, I think, but potentially annoying down the road.
2011-04-26 23:54:17 -04:00
Nick Mathewson
84f0e87c6a If we have chosen an exit that shares a family with all bridges, fail the circuit
We could probably do something smarter here, but the situation is
unusual enough that it's okay to just fail the circuit.
2011-04-26 23:54:17 -04:00
Nick Mathewson
b59a289365 Do not try to download descriptors for bridges in ExcludeNodes. 2011-04-26 23:54:16 -04:00
Nick Mathewson
ad78bafb71 Correct the behavior of .exit with ExcludeNodes, StrictNodes, etc.
ExcludeExitNodes foo now means that foo.exit doesn't work.  If
StrictNodes is set, then ExcludeNodes foo also overrides foo.exit.

foo.exit , however, still works even if foo is not listed in ExitNodes.
2011-04-26 23:54:16 -04:00
Nick Mathewson
ed7c267743 Note another place that we need to fix a 1090 issue. 2011-04-26 23:54:16 -04:00
Nick Mathewson
4851de554d Do not automatically ignore Fast/Stable for exits when ExitNodes is set
This once maybe made sense when ExitNodes meant "Here are 3 exits;
use them all", but now it more typically means "Here are 3
countries; exit from there."  Using non-Fast/Stable exits created a
potential partitioning opportunity and an annoying stability
problem.

(Don't worry about the case where all of our ExitNodes are non-Fast
or non-Stable: we handle that later in the function by retrying with
need_capacity and need_uptime set to 0.)
2011-04-26 23:54:16 -04:00
Nick Mathewson
e4689d8402 Note a slightly less likely way to violate ExcludeNodes 2011-04-26 23:54:16 -04:00
Nick Mathewson
db2fd28308 Note that circuit purpose changing can violate ExcludeNodes 2011-04-26 23:54:16 -04:00
Nick Mathewson
ca74badbe9 If we're excluded, and StrictNodes is set, do not do self-tests. 2011-04-26 23:54:15 -04:00
Nick Mathewson
affdec8d04 Add an XXX022-1090 to note consider_exit_fmily b0rkenness 2011-04-26 23:54:15 -04:00
Roger Dingledine
5710ea6475 three more cases where maybe we want to exclude 2011-04-26 23:54:15 -04:00
Roger Dingledine
9f47cfc21a make formal a constraint that's been true a while now 2011-04-26 23:54:15 -04:00
Roger Dingledine
2b5c39211c refuse moria1.exit if moria1 is excluded
add a note reminding us to do this for foo.moria1.exit if we decide to.
2011-04-26 23:54:15 -04:00
Roger Dingledine
bcea155ce0 note another case where strictnodes is considered for exits 2011-04-26 23:54:14 -04:00
Roger Dingledine
0ad3836f73 If ExitNodes and Exclude{Exit}Nodes overlap, obey Exclude{Exit}Nodes.
Also, ExitNodes are always strict.
2011-04-26 23:54:14 -04:00
Roger Dingledine
5d12495d98 the new entrynodes behavior is always strict 2011-04-26 23:54:13 -04:00
Roger Dingledine
719b5b87de don't exit enclave to excluded relays 2011-04-26 23:54:13 -04:00
Roger Dingledine
7e2e8074d5 slight tweak on circuit_conforms_to_options
this function really needs to get a total rewrite (or die)

For now, use #if 0 to disable it.
2011-04-26 23:54:04 -04:00
Roger Dingledine
4906188b62 handle excludenodes for dir fetch/post
If we're picking a random directory node, never pick an excluded one.
But if we've chosen a specific one (or all), allow it unless strictnodes
is set (in which case warn so the user knows it's their fault).

When warning that we won't connect to a strictly excluded node,
log what it was we were trying to do at that node.

When ExcludeNodes is set but StrictNodes is not set, we only use
non-excluded nodes if we can, but fall back to using excluded nodes
if none of those nodes is usable.
2011-04-26 23:53:50 -04:00
Roger Dingledine
ad3da53536 If EntryNodes and ExcludeNodes overlap, obey ExcludeNodes. 2011-04-26 23:53:49 -04:00
Roger Dingledine
82178a81f6 refuse excluded hidserv nodes if strictnodes
Make hidden services more flaky for people who set both ExcludeNodes
and StrictNodes. Not recommended, especially for hidden service operators.
2011-04-26 23:53:20 -04:00
Nick Mathewson
3256627a45 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/main.h
2011-04-26 15:30:51 -04:00
Nick Mathewson
f810a1afe9 Expose a new process_signal(uintptr_t), not signal_callback()
This is a tweak to the bug2917 fix.  Basically, if we want to simulate
a signal arriving in the controller, we shouldn't have to pretend that
we're Libevent, or depend on how Tor sets up its Libevent callbacks.
2011-04-26 15:20:08 -04:00
Nick Mathewson
a7a906603e Merge remote-tracking branch 'sebastian/bug2917' into maint-0.2.2 2011-04-26 15:17:03 -04:00
Nick Mathewson
33f058a5ba Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-26 13:12:43 -04:00
Nick Mathewson
b75d1daf40 Merge remote-tracking branch 'public/bug2332' into maint-0.2.2 2011-04-26 13:10:54 -04:00
Nick Mathewson
47f472510f Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/rephist.c
2011-04-26 12:49:58 -04:00
Nick Mathewson
bb6d45af1f Downgrade notice to info when downloading a cert. 2011-04-26 12:47:09 -04:00
Roger Dingledine
9d673dcd20 fix some comments before they create conflicts 2011-04-26 11:29:22 -04:00
Nick Mathewson
6a726d34e1 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-26 11:15:03 -04:00
Nick Mathewson
1cff525973 Fix compilation in last patch 2011-04-26 11:14:46 -04:00
Nick Mathewson
f083347adf Merge remote-tracking branch 'sebastian/bug2704' into maint-0.2.2 2011-04-26 11:07:48 -04:00
Nick Mathewson
075d904d39 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/dirserv.h
2011-04-26 11:05:54 -04:00
Sebastian Hahn
6fde2b46d2 Fix more of bug 2704
The last entry of the *Maxima values in the state file was inflated by a
factor of NUM_SECS_ROLLING_MEASURE (currently 10). This could lead to
a wrong maximum value propagating through the state file history.
2011-04-26 15:36:17 +02:00
Sebastian Hahn
4c789ec08c Don't leak the local hostname in relay nicknames
Fixes bug 2979, reported by tagnaq.
2011-04-26 05:08:32 +02:00
Nick Mathewson
5230cc4fe7 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-25 19:04:13 -04:00
Nick Mathewson
f3b58dfa53 Merge commit '91aa6f08bcf0acbdfa038aaffe73e327ddd87c67' into maint-0.2.2 2011-04-25 19:03:15 -04:00
Sebastian Hahn
91aa6f08bc Make the Log configuration option expand ~ 2011-04-22 16:06:52 +02:00
Nick Mathewson
fdbdaf8fab Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-21 13:41:38 -04:00
Nick Mathewson
a0514ba531 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-04-21 13:40:00 -04:00
Nick Mathewson
e98583594d Fix a bug in removing DNSPort requests from their circular list
Under heavy load, this could result in an assertion failure.  Fix for
bug 2933; bugfix on 0.2.0.10-alpha.
2011-04-21 13:39:00 -04:00
Nick Mathewson
7c83d4043d Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-19 15:39:04 -04:00
Sebastian Hahn
3f7f96d9e7 Prevent hugely inflated observed bandwidth values
When reading the bw history from the state file, we'd add the 900-second
value as traffic that occured during one second. Fix that by adding the
average value to each second.

This bug was present since 0.2.0.5-alpha, but was hidden until
0.2.23-alpha when we started using the saved values.
2011-04-19 15:38:26 -04:00
Sebastian Hahn
13c3884ff6 Don't sometimes undercount bw average
This fixes the first part of bug 2704. It should occur only rarely when
no bw maxima are known. Bugfix on 0.2.2.23-alpha. Fixes bug 2704.
2011-04-19 15:38:10 -04:00
Nick Mathewson
4a7f979b54 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-19 12:41:01 -04:00
Nick Mathewson
5cc322e547 Standardize our printf code on %d, not %i. 2011-04-19 12:40:29 -04:00
Nick Mathewson
9eeb902d12 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-19 12:37:18 -04:00
Nick Mathewson
f52cfbfc00 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-19 12:31:55 -04:00
Nick Mathewson
0e554f93d6 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-04-19 12:31:42 -04:00
Nick Mathewson
dfc9c6a0f9 Merge remote-tracking branch 'rransom/bug2750-v3' into maint-0.2.1 2011-04-19 12:30:50 -04:00
Nick Mathewson
cfd7b118a7 Ouch: correctly tabify the micro-revision.i target in Makefile.am (0.2.1 only) 2011-04-19 12:29:20 -04:00
Nick Mathewson
750b5119c0 Merge remote-tracking branch 'asn/heartbeat' 2011-04-19 12:08:28 -04:00
Sebastian Hahn
c1927d7d5f Don't report empty bw-history lines in extrainfo
Some tor relays would report lines like these in their extrainfo
documents:
dirreq-write-history 2011-03-14 16:46:44 (900 s)

This was confusing to some people who look at the stats. It would happen
whenever a relay first starts up, or when a relay has dirport disabled.
Change this so that lines without actual bw entries are omitted.
Implements ticket 2497.
2011-04-19 14:51:40 +02:00
Nick Mathewson
48bdc2f729 Correct HS descriptor length check
Fixes bug 2948.
2011-04-18 13:53:13 -07:00
Robert Ransom
130db1bdeb Merge branch 'bug2750-v3' into bug2948 2011-04-18 13:36:19 -07:00
Robert Ransom
adc31001c2 Add an XXX 2011-04-18 13:25:48 -07:00
Robert Ransom
bfebc942ea Correct the warning emitted when rejecting an oversized HS desc 2011-04-18 13:17:40 -07:00
Robert Ransom
134da2fbcf Add an XXX to the DA code regarding bug 2722 2011-04-18 12:00:48 -07:00
George Kadianakis
c2d9d80a07 Reuse get_bytes_{read,written}() in status.c 2011-04-16 14:48:46 +02:00
Sebastian Hahn
5114e3e442 Make SIGNAL DUMP work on FreeBSD
While doing so, get rid of the now unnecessary function
control_signal_act().

Fixes bug 2917, reported by Robert Ransom. Bugfix on commit
9b4aa8d2ab. This patch is loosely based on
a patch by Robert (Changelog entry).
2011-04-15 05:35:30 +02:00
Nick Mathewson
99c2bfe76b Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/rephist.c
2011-04-08 13:37:57 -04:00
Nick Mathewson
403b6cfded Free circuits_for_buffer_stats on shutdown 2011-04-07 14:59:28 -04:00
Nick Mathewson
71fb2af62c Fix up some cell-queue stats issues in rephist.c
- Document the structure and variables.
- Make circuits_for_buffer_stats into a static variable.
- Don't die horribly if interval_length is 0.
- Remove the unused local_circ_id field.
- Reorder the fields of circ_buffer_stats_t for cleaner alignment layout.
2011-04-07 14:56:50 -04:00
Nick Mathewson
67d88a7d60 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/common/address.c
	src/common/compat_libevent.c
	src/common/memarea.c
	src/common/util.h
	src/or/buffers.c
	src/or/circuitbuild.c
	src/or/circuituse.c
	src/or/connection.c
	src/or/directory.c
	src/or/networkstatus.c
	src/or/or.h
	src/or/routerlist.c
2011-04-07 12:17:20 -04:00
Nick Mathewson
ba0cd8094f Merge remote-tracking branch 'public/xxx_fixups' into maint-0.2.2
Conflicts:
	src/or/or.h
2011-04-07 12:03:04 -04:00
Nick Mathewson
07ab483e62 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-07 11:55:17 -04:00
Nick Mathewson
118d8ffdcb Allow controllers a more up-to-date view of bridge usage.
Instead of answering GETINFO requests about our geoip usage only after
running for 24 hours, this patch makes us answer GETINFO requests
immediately.  We still round and quantize as before.

Implements bug2711.

Also, refactor the heck out of the bridge usage formatting code.  No
longer should we need to do a generate-parse-and-regenerate cycle to
get the controller string, and that lets us simplify the code a lot.
2011-04-07 11:53:37 -04:00
Nick Mathewson
09759a66ea Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-07 11:43:36 -04:00
Sebastian Hahn
286d44402e Fix a compile warning on OS X 10.6 2011-04-07 05:47:55 +02:00
Nick Mathewson
13f60e16eb Merge remote-tracking branch 'public/bug2381' 2011-04-06 16:19:41 -04:00
Nick Mathewson
32341ac467 Merge remote-tracking branch 'public/bug2402_again' into maint-0.2.1 2011-04-06 16:13:22 -04:00
Nick Mathewson
f6cc8f0ee3 Add a missing ! to the check for CountPrivatebandwidth. 2011-04-06 15:24:44 -04:00
Nick Mathewson
1a49fdecf8 Tweaks to Cagara's CountPrivateBandwidth patch:
- Document it in the manpage
  - Add a changes entry
  - No need to log when it is set: we don't log for other options.
  - Use doxygen to document the new flag.
  - Test truth of C variables with "if (x)", not "if (x == 1)".
  - Simplify a complex boolean expression by breaking it up.
2011-04-05 16:24:42 -04:00
Daniel Cagara
e61f3293e4 Patch from cagara: Add a CountPrivateBandwidth flag 2011-04-05 16:24:01 -04:00
Nick Mathewson
ee871e7a0e Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/common/compat.h
	src/or/circuitlist.c
	src/or/circuituse.c
	src/or/or.h
	src/or/rephist.c
2011-03-30 14:55:50 -04:00
Nick Mathewson
65eb0e41ac Use cbt to tell when to launch parallel intro circuit
Implement feature from trac #2799
2011-03-30 14:41:53 -04:00
Nick Mathewson
aa950e6c48 Use timevals, not time_t, when expiring circuits.
We've got millisecond timers now, we might as well use them.

This change won't actually make circuits get expiered with microsecond
precision, since we only call the expiry functions once per second.
Still, it should avoid the situation where we have a circuit get
expired too early because of rounding.

A couple of the expiry functions now call tor_gettimeofday: this
should be cheap since we're only doing it once per second.  If it gets
to be called more often, though, we should onsider having the current
time be an argument again.
2011-03-30 14:41:41 -04:00
Nick Mathewson
fc64783278 Send END_STREAM_REASON_NOROUTE: clients that didn't grok it are now obsolete 2011-03-28 13:42:59 -04:00
Sebastian Hahn
8d81831d71 Add a missing cast to silence the compiler 2011-03-28 19:25:38 +02:00
Nick Mathewson
432734279d Fix handling of StreamID exhaustion.
Since svn r1475/git 5b6099e8 in tor-0.0.6, we have responded to an
exhaustion of all 65535 stream IDs on a circuit by marking that
circuit for close.  That's not the right response.  Instead, we
should mark the circuit as "too dirty for new circuits".

Of course in reality this isn't really right either.  If somebody
has managed to cram 65535 streams onto a circuit, the circuit is
probably not going to work well for any of those streams, so maybe
we should be limiting the number of streams on an origin circuit
concurrently.

Also, closing the stream in this case is probably the wrong thing to
do as well, but fixing that can also wait.
2011-03-25 18:32:28 -04:00
Nick Mathewson
f3b89c1141 Add XXX023s for our timestamp_dirty abuse. 2011-03-25 18:32:28 -04:00
Nick Mathewson
d38030381b Clarify some documentation and comments wrt resetting OR token buckets 2011-03-25 18:32:28 -04:00
Nick Mathewson
550749555c Remove workaround code for bug539
We fixed bug 539 (where directories would say "503" but send data
anyway) back in 0.2.0.16-alpha/0.1.2.19.  Because most directory
versions were affected, we added workaround to make sure that we
examined the contents of 503-replies to make sure there wasn't any
data for them to find.  But now that such routers are nonexistent,
we can remove this code.  (Even if somebody fired up an 0.1.2.19
directory cache today, it would still be fine to ignore data in its
erroneous 503 replies.)
2011-03-25 18:32:28 -04:00
Nick Mathewson
dddd333a80 Fix some 'impossible' overflow bugs in byte counting
The first was genuinely impossible, I think: it could only happen
when the amount we read differed from the amount we wanted to read
by more than INT_MAX.

The second is just very unlikely: it would give incorrect results to
the controller if you somehow wrote or read more than 4GB on one
edge conn in one second.  That one is a bugfix on 0.1.2.8-beta.
2011-03-25 18:32:28 -04:00
Nick Mathewson
6a5b94de6c Look at the right errno when sending reason for connect() failure
In afe414 (tor-0.1.0.1-rc~173), when we moved to
connection_edge_end_errno(), we used it in handling errors from
connection_connect().  That's not so good, since by the time
connection_connect() returns, the socket is no longer set, and we're
supposed to be looking at the socket_errno return value from
connection_connect() instead.  So do what we should've done, and
look at the socket_errno value that we get from connection_connect().
2011-03-25 18:32:28 -04:00
Nick Mathewson
05887f10ff Triage the XXX022 and XXX021 comments remaining in the code
Remove some, postpone others, leave some alone.  Now the only
remaining XXX022s are ones that seem important to fix or investigate.
2011-03-25 18:32:27 -04:00
Nick Mathewson
41380fa3b3 Fixup tor_addr_to_sockaddr return convention 2011-03-25 16:28:38 -04:00
Nick Mathewson
444e46d96d Remove the "fuzzy time" code
It was the start of a neat idea, but it only got used in 3 places,
none of which really needed it.
2011-03-25 16:28:37 -04:00
Nick Mathewson
8b393afa94 Merge remote branch 'origin/maint-0.2.2'
Trivial Conflicts:
	configure.in
2011-03-18 12:44:37 -04:00
Nick Mathewson
fe86be61b6 Fix signed/unsigned compare warning 2011-03-18 12:42:00 -04:00
Nick Mathewson
f3d6663665 Merge remote branch 'sebastian/bug2696' into maint-0.2.2 2011-03-18 12:39:40 -04:00
Nick Mathewson
547635c004 Futz with the clang patch a bit and tidy some geoip.c stuff 2011-03-17 14:06:04 -04:00
Nick Mathewson
1db6eb6cb7 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-03-16 18:10:24 -04:00
Nick Mathewson
9dfa244484 Document a few more members. 2011-03-16 18:10:15 -04:00
Nick Mathewson
8f9cfa0abe Remove a useless doxygen comment 2011-03-16 18:07:42 -04:00
Nick Mathewson
27d1675d93 Move the decl for tor_gettimofday_cache_clear to the right header 2011-03-16 17:54:48 -04:00
Nick Mathewson
57b954293e Merge remote-tracking branch 'origin/maint-0.2.2'
Trivial Conflicts in
	src/common/crypto.c
	src/or/main.h
	src/or/or.h
2011-03-16 17:09:32 -04:00
Nick Mathewson
6617822b84 Doxygen documentation for about 100 things that didn't have any
About 860 doxygen-less things remain in 0.2.2
2011-03-16 17:05:37 -04:00
Nick Mathewson
7f6af7a602 Fix up all doxygen warnings other than "foo is not documented" 2011-03-16 14:47:27 -04:00
Nick Mathewson
415caba967 Merge remote branch 'arma/optimistic_server' 2011-03-15 17:20:41 -04:00
Nick Mathewson
737228ed8e Merge remote branch 'origin/maint-0.2.2' 2011-03-15 17:18:29 -04:00
Nick Mathewson
c5ffd44ccd Merge branch 'bug2756_relay' into maint-0.2.2 2011-03-15 17:13:07 -04:00
Roger Dingledine
c2775196f7 whitespace fixes to pass 'make check-spaces' 2011-03-15 16:59:58 -04:00
Nick Mathewson
a86e27cf00 Fix comment for connection_edge_consider_sending_sendme 2011-03-15 15:35:11 -04:00
Nick Mathewson
4dde69a6d0 Merge remote branch 'origin/maint-0.2.2' 2011-03-15 15:19:38 -04:00
Nick Mathewson
ab418447eb Merge branch 'bug2757' into maint-0.2.2 2011-03-15 15:18:15 -04:00
Nick Mathewson
c42bd529de Merge remote branch 'origin/maint-0.2.2' 2011-03-15 15:14:28 -04:00
Nick Mathewson
5938804d17 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-03-15 15:14:12 -04:00
Sebastian Hahn
30b3f0cdb1 Fix a compile warning when using clang
Issue noticed by Steven Murdoch; fixes bug 2689. The cast didn't do
anything, and we don't need to look at the return value of the function
here.
2011-03-15 15:13:35 -04:00
Nick Mathewson
84f27eb051 Merge remote branch 'origin/maint-0.2.2' 2011-03-15 14:50:42 -04:00
Robert Ransom
98abe1420d Fix a log message typo 2011-03-15 09:48:26 -07:00
Robert Ransom
3af59dcaee Log the source of a rejected POSTed v3 vote
Related to ticket 2683.
2011-03-15 09:16:58 -07:00
Nick Mathewson
06f026de66 Check newconn, not conn, before marking newconn for close
This fixes bug 2757.  It's a bugfix on 85da676108.
2011-03-14 18:52:15 -04:00
Nick Mathewson
fe9de9231a Revise prop174 patch: make the circuit sendme calls unconditional.
The circuit_consider_sending_sendme call should be unconditional,
since the circuit windows can move independent of the state of streams.
2011-03-14 18:24:47 -04:00
Ian Goldberg
bd7721f66e Implement server side of Proposal 174 (optimistic data)
Ian's original message:
    The current code actually correctly handles queued data at the
    Exit; if there is queued data in a EXIT_CONN_STATE_CONNECTING
    stream, that data will be immediately sent when the connection
    succeeds. If the connection fails, the data will be correctly
    ignored and freed. The problem with the current server code is
    that the server currently drops DATA cells on streams in the
    EXIT_CONN_STATE_CONNECTING state. Also, if you try to queue data
    in the EXIT_CONN_STATE_RESOLVING state, bad things happen because
    streams in that state don't yet have conn->write_event set, and so
    some existing sanity checks (any stream with queued data is at
    least potentially writable) are no longer sound.

    The solution is to simply not drop received DATA cells while in
    the EXIT_CONN_STATE_CONNECTING state. Also do not send SENDME
    cells in this state, so that the OP cannot send more than one
    window's worth of data to be queued at the Exit. Finally, patch
    the sanity checks so that streams in the EXIT_CONN_STATE_RESOLVING
    state that have buffered data can pass.

    [...] Here is a simple patch. It seems to work with both regular
    streams and hidden services, but there may be other corner cases
    I'm not aware of. (Do streams used for directory fetches, hidden
    services, etc. take a different code path?)
2011-03-14 18:05:33 -04:00
Nick Mathewson
1d36a8e9ae Consider sending stream-level SENDME cells on partial flushes.
Right now, we only consider sending stream-level SENDME cells when we
have completely flushed a connection_edge's outbuf, or when it sends
us a DATA cell.  Neither of these is ideal for throughput.

This patch changes the behavior so we now call
connection_edge_consider_sending_sendme when we flush _some_ data from
an edge outbuf.

Fix for bug 2756; bugfix on svn r152.
2011-03-14 17:48:45 -04:00
Nick Mathewson
f038b45b09 clarify log messages based on suggestion from arma 2011-03-14 17:23:28 -04:00
Nick Mathewson
ebf6786ab3 Merge remote branch 'origin/maint-0.2.2'
Fixed conflict: router_get_my_routerinfo now returns const

Conflicts:
	src/or/router.c
2011-03-14 17:22:38 -04:00
Nick Mathewson
b97d9abd09 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-03-14 17:04:53 -04:00
Nick Mathewson
50c9d31029 finish a comment 2011-03-14 16:46:43 -04:00
Nick Mathewson
e91a8c5589 Merge remote branch 'origin/maint-0.2.2'
Resolved nontrivial conflict around rewrite_x_address_for_bridge and
learned_bridge_descriptor.  Now, since leanred_bridge_descriptor works
on nodes, we must make sure that rewrite_node_address_for_bridge also
works on nodes.

Conflicts:
	src/or/circuitbuild.c
2011-03-14 16:34:33 -04:00
Nick Mathewson
0588330c1d Merge remote branch 'arma/bug2510' into maint-0.2.2 2011-03-14 16:14:54 -04:00
Roger Dingledine
cb101c4815 Merge branch 'bug2511' into bug2510 2011-03-14 15:52:53 -04:00
Nick Mathewson
f1c365b032 Merge remote branch 'origin/maint-0.2.2'
Fix trivial add/add conflict in main.c

Conflicts:
	src/or/main.c
2011-03-14 15:31:24 -04:00
Nick Mathewson
b639add1a0 Merge remote branch 'arma/bug2716' into maint-0.2.2 2011-03-14 15:29:02 -04:00
Robert Ransom
96b929e743 Log malformed HS descriptor requests at the proper level
This log message should be a 'protocol warning', not a 'warning'.
2011-03-14 01:15:36 -07:00
Robert Ransom
c90097e74a Remove dead code from rend_cache_lookup_v2_desc_as_dir
hid_serv_responsible_for_desc_id's return value is never negative, and
there is no need to search through the consensus to find out whether we
are responsible for a descriptor ID before we look in our cache for a
descriptor.
2011-03-14 01:14:05 -07:00
Roger Dingledine
72b89c96bf fix two issues pointed out by nickm 2011-03-13 16:56:41 -04:00
Roger Dingledine
1a9d19e972 we're not reachable if we don't have a routerinfo yet 2011-03-13 15:47:59 -04:00
Roger Dingledine
61f648ae37 fix one more typo 2011-03-13 15:22:45 -04:00
Robert Ransom
a6cc15e2ae Revert "If we are not using BEGIN_DIR cells, don't attempt to contact hidden service directories with non-open dir port."
This reverts commit 9a7098487b.

Conflicts:

	ChangeLog (left unchanged by this commit)
2011-03-12 07:30:24 -08:00
Nick Mathewson
176fde505f Tweak bug2716 patch a little
Name the magic value "10" rather than re-deriving it.

Comment more.

Use the pattern that works for periodic timers, not the pattern that
doesn't work. ;)
2011-03-12 00:19:52 -05:00
Nick Mathewson
d52a99dc77 Merge remote branch 'origin/maint-0.2.2' 2011-03-11 23:34:46 -05:00
Nick Mathewson
d34a5cdc59 Merge branch 'hsdir_assignment' into maint-0.2.2 2011-03-11 23:30:25 -05:00
Nick Mathewson
3a0c602155 Clarify threat description and avoid negative uptimes. 2011-03-11 23:27:53 -05:00
Roger Dingledine
977e396e86 improve accuracy for when a relay went unreachable 2011-03-11 22:12:15 -05:00
Roger Dingledine
600ad7bf8d Merge commit 'sebastian/bug2663' into maint-0.2.2 2011-03-11 20:37:21 -05:00
Sebastian Hahn
f7a3cdc8f2 Use observed instead of declared uptime for HSDir
It is important to verify the uptime claim of a relay instead of just
trusting it, otherwise it becomes too easy to blackhole a specific
hidden service. rephist already has data available that we can use here.

Bugfix on 0.2.0.10-alpha.
2011-03-11 18:44:35 +01:00
Nick Mathewson
02d93caa09 Backport: Generate version tags using Git, not (broken) svn revisions.
Partial backport of daa0326aaa .
Resolves bug 2402.  Bugfix on 0.2.1.15 (for the part where we switched to
git) and on 0.2.1.30 (for the part where we dumped micro-revisions.)
2011-03-11 11:01:17 -05:00
Nick Mathewson
671318c3a8 Revert "Simplest fix to bug2402: do not include SVN versions"
This reverts commit a1073ee956.

Apparently, we totally misunderstood how the debian packages were using
microrevisions.  Better fix that!
2011-03-11 10:47:25 -05:00
Sebastian Hahn
473ff26563 Fix two compile warnings when using clang
Issue found by Steven Murdoch
2011-03-10 01:48:19 +01:00
Nick Mathewson
63651b9191 Merge remote branch 'origin/maint-0.2.2'
Trivial conflicts fixed in or.h

Conflicts:
	src/or/or.h
2011-03-08 16:20:53 -05:00
Nick Mathewson
00446973f2 Merge remote branch 'sebastian/bug2250' into maint-0.2.2 2011-03-08 16:13:28 -05:00
Nick Mathewson
f9bb3ced51 Merge remote branch 'origin/maint-0.2.2'
Resolved trivial one-line conflicts.

Conflicts:
	src/or/dirserv.c
	src/or/rephist.c
2011-03-08 16:10:40 -05:00
Nick Mathewson
0d78a16c36 Merge remote branch 'sebastian/bug1035' into maint-0.2.2 2011-03-08 15:52:43 -05:00
Nick Mathewson
d5907e7d9d Merge remote branch 'origin/maint-0.2.2' 2011-03-08 15:23:30 -05:00
Nick Mathewson
9ad083d573 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-03-08 15:20:48 -05:00
Nick Mathewson
9a6df21539 Avoid crash in any_pending_bridge_descriptor_fetches
This is based on shitlei's fix for bug2629, with extra parens removed.
Fixes bug 2629, bugfix on 0.2.1.2-alpha.
2011-03-08 15:17:41 -05:00
Sebastian Hahn
2f8e96b553 Fix log message when we have too few dirauths
The calculation of when to send the logmessage was correct, but we
didn't give the correct number of relays required: We want more than
half of all authorities we know about. Fixes bug 2663.
2011-03-07 00:06:36 +01:00
Nick Mathewson
176e8a0a2a Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	src/or/routerparse.c
2011-03-06 13:46:11 -05:00
Nick Mathewson
35fcec3880 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-03-06 13:42:28 -05:00
Nick Mathewson
4fa70e11ed Merge branch 'real_ipv6_fix' into maint-0.2.1 2011-03-06 13:42:05 -05:00
Nick Mathewson
2ce132e335 Oops, here's the *REAL* fix for the ipv6 issue
We need to _REJECT_ descriptors with accept6/reject6 lines.  If we
let them onto the network , other un-upgraded tors will crash.
2011-03-06 13:41:55 -05:00
Nick Mathewson
0f637492e3 Merge branch 'careful_with_all_descs' into maint-0.2.1 2011-03-06 13:35:42 -05:00
Nick Mathewson
3da0837b0b Revert "Disallow reject6 and accept6 lines in descriptors"
This reverts commit b3918b3bbb.
2011-03-06 13:26:38 -05:00
Nick Mathewson
07b8b439c4 Merge remote branch 'origin/maint-0.2.2' 2011-03-06 13:23:02 -05:00
Nick Mathewson
ed14888e7e Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2
Conflicts:
	src/or/policies.c
2011-03-06 13:20:21 -05:00
Nick Mathewson
8b01fd7bad exit_policy_is_general_exit is IPv4 only; it should admit it. 2011-03-06 13:16:53 -05:00
Sebastian Hahn
9f614507b6 Merge branch 'maint-0.2.1' into maint-0.2.2 2011-03-06 18:25:44 +01:00
Sebastian Hahn
b3918b3bbb Disallow reject6 and accept6 lines in descriptors
This fixes a remotely triggerable assert on directory authorities, who
don't handle descriptors with ipv6 contents well yet. We will want to
revert this once we're ready to handle ipv6.

Issue raised by lorth on #tor, who wasn't able to use Tor anymore.
Analyzed with help from Christian Fromme. Fix suggested by arma. Bugfix
on 0.2.1.3-alpha.
2011-03-06 18:20:28 +01:00
Nick Mathewson
bcbc8c51cb Do not serve encrypt-only descriptors with the "all" request. Reported by piebeer 2011-03-04 00:04:25 -05:00
Nick Mathewson
d60a7c2f8d Merge remote branch 'origin/maint-0.2.2' 2011-03-01 17:15:37 -05:00
Nick Mathewson
6b7408178b Avoid spurious bwhist parsing failures
This should fix a bug that special ran into, where if your state file
didn't record period maxima, it would never decide that it had
successfully parsed itself unless you got lucky with your
uninitialized-variable values.

This patch also tries to improve error messags in the case where a
maximum value legitimately doesn't parse.
2011-03-01 17:08:02 -05:00
Sebastian Hahn
5c7c5e593f Tweak the bug2250 fix slightly
Rename the _UsingTestingTorNetwork hidden option to
_UsingTestNetworkDefaults (thanks Nick for the suggestion) and added a
changes file.
2011-03-01 10:05:18 +01:00
Nick Mathewson
42c1a47123 Revert bug1074_launch_authconn* branch: needs more design, less crashing 2011-02-28 12:58:29 -05:00
Sebastian Hahn
5a4f7fa1e4 clarify an assert
also log about running changes, even on a bridge authority.
2011-02-26 09:42:44 +01:00
Sebastian Hahn
34e47d1052 Fix GETINFO config-text for private networks
In private networks, the defaults for some options are changed. This
means that in options_validate(), where we're testing that the defaults
are what we think they are, we fail. Use a workaround by setting a
hidden configuration option _UsingTestingTorNetwork when we have altered
the configuration this way, so that options_validate() can do the right
thing.

Fixes bug 2250, bugfix on 0.2.1.2-alpha (the version introducing private
network options).
2011-02-26 09:11:41 +01:00
Nick Mathewson
b3d74045ae Add a missing const 2011-02-25 12:32:29 -05:00
Nick Mathewson
a47fdaf9a0 Merge branch 'bug1074_launch_conn_on_skew'
Fixed conflict on rename of router_get_by_digest->router_get_by_id_digest

Conflicts:
	src/or/command.c
2011-02-25 12:12:44 -05:00
Nick Mathewson
c94f3711ee whitespace fixup 2011-02-25 12:05:33 -05:00
AltF4
612c7f3242 Fix for #1074 previous rev
Changed tor_addr_from_ipv4n to tor_addr_from_ipv4h
and changed descriptor_digest to identity_digest
2011-02-25 11:57:16 -05:00
AltF4
24096d0cec Fix for #1074 "Part 3"
Changed received_netinfo_from_trusted_dir into a
tristate in order to keep track of whether we have
already tried contacting a trusted dir. So we don't
send multiple requests if we get a bunch of skews.
2011-02-25 11:57:15 -05:00
AltF4
82023f6a1e Sebastian's Changes to #1074
Fixes some small mistakes with AltF4's #1074 fix
2011-02-25 11:57:15 -05:00
AltF4
b8bef61a8f Fix time skew values from untrusted sources
Now when we receive a large time skew from a source which isn't a trusted dir, we go contact a trusted dir to trigger a NETINFO cell.
2011-02-25 11:57:11 -05:00
Nick Mathewson
a2a8adeee5 Merge remote branch 'origin/maint-0.2.2' 2011-02-25 11:24:35 -05:00
Nick Mathewson
aa178aae03 Merge branch 'bug1863_bwhist' into maint-0.2.2 2011-02-25 11:22:12 -05:00
Karsten Loesing
0642b92792 Fix two potential bugs in the bug1863 code. 2011-02-24 16:44:54 +01:00
Nick Mathewson
0a6beb9368 Fix memory leak in md-download logic
Also fix some microdesc comments

Fix for bug 2623
2011-02-24 09:47:33 -05:00
Nick Mathewson
feaa0120d0 Merge remote branch 'sebastian/osx_compile' 2011-02-24 09:27:04 -05:00
Sebastian Hahn
303c04109b Fix a couple of compile warnings on OS X 10.6 2011-02-24 07:19:09 +01:00
Nick Mathewson
22ec4d5426 Fix infinite recursion when connect() fails in microdesc consensus fetch
The underlying fix is to stop indicating requests "ns" consensuses by
putting NULL in their requested_resource field: we already had a
specialized meaning for requested_resource==NULL, which was (more or
less) "Treat a failure here as a network failure, since it's too early
to possibly be a resource or directory failure."  Overloading the two
meant that very early microdesc consensus download failures would get
treated as ns consensus download failures, so the failure count there
would get incremented, but the microdesc download would get retried
immediately in an infinite loop.

Fix for bug2381.  Diagnosed by mobmix.
2011-02-23 12:32:15 -05:00
Nick Mathewson
9265164180 Merge remote branch 'origin/maint-0.2.2'
There was a conflict from the node_t transition, but it was an easy fix.

Conflicts:
	src/or/circuitbuild.c
2011-02-22 18:41:06 -05:00
Roger Dingledine
a2727f6249 prevent same entry and exit for insane edge case 2011-02-22 17:54:25 -05:00
Nick Mathewson
491abbc65e Merge remote branch 'public/bug1859_021' into maint-0.2.1 2011-02-22 17:19:41 -05:00
Nick Mathewson
7605985b3f Merge remote branch 'public/bug2402_nothing' into maint-0.2.1 2011-02-22 15:54:13 -05:00
Nick Mathewson
2eadbd41f0 Merge remote branch 'sebastian/bug2496' 2011-02-22 14:17:11 -05:00
Nick Mathewson
b7f201f746 Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	src/or/policies.c
	src/or/policies.h
2011-02-22 14:10:42 -05:00
Nick Mathewson
cdc59c198a Don't let bad DNS make exit policy and declared exit policy get out of sync
Patch from "postman" on trac. Fixes bg 2366. Bug on 0.1.2.5-alpha.
2011-02-22 14:06:28 -05:00
Nick Mathewson
46b07462ae Merge remote branch 'origin/maint-0.2.2' 2011-02-22 13:02:42 -05:00
Nick Mathewson
9d5873cdae Merge branch 'log_domains' into maint-0.2.2 2011-02-22 13:01:02 -05:00
Nick Mathewson
eb403b4696 Tweak some names and comments in asn's heartbeat patch 2011-02-22 12:41:22 -05:00
George Kadianakis
ee95430d39 Implement more heartbeat message stuff.
(This squashes multiple commits:

* Adds uptime monitoring support.
* Adds circuit counting code.
* Trivially tweaks the documentation.
* Trivial run_scheduled_events() code tweaking.
* Adds a status.h to export functions.
* Added bandwidth monitoring code.
* Added consensus presense detection code.
* Restricts the precision of the bandwidth output.
* Various fixes.
* Fixed style and spacing problems.
* Tidied up src/or/Makefile.am
* Couple of minor fixes on status.c functions.
* 'Implemented' client heartbeat support
)
2011-02-22 12:40:38 -05:00
Sebastian Hahn
098b6ba72d Initial heartbeat subsystem commit.
Sets:
* Documentation
* Logging domain
* Configuration option
* Scheduled event
* Makefile
It also creates status.c and the log_heartbeat() function.

All code was written by Sebastian Hahn. Commit message was
written by me (George Kadianakis).
2011-02-22 12:40:36 -05:00
Nick Mathewson
0ba69714b4 Merge remote branch 'sebastian/bug2444' 2011-02-22 11:10:57 -05:00
Nick Mathewson
d120ee1c63 Merge remote branch 'origin/maint-0.2.2' 2011-02-22 01:03:06 -05:00
Robert Ransom
444a955e4a Don't crash a bridge authority on SIGHUP if it's not in the consensus
Fixes bug 2572.
2011-02-16 04:12:37 -08:00
Roger Dingledine
1c5b19a31a Merge branch 'maint-0.2.2' 2011-02-11 01:21:04 -05:00
Roger Dingledine
9b745cdbf9 Merge branch 'maint-0.2.1' into maint-0.2.2 2011-02-11 01:20:47 -05:00
Roger Dingledine
28de4d83fd fix the other half of bug 1074 2011-02-10 17:11:06 -05:00
Nick Mathewson
50c259d763 Make the DH parameter we use for TLS match the one from Apache's mod_ssl
Our regular DH parameters that we use for circuit and rendezvous
crypto are unchanged.  This is yet another small step on the path of
protocol fingerprinting resistance.

(Backport from 0.2.2's 5ed73e3807)
2011-02-10 15:55:06 -05:00
Nick Mathewson
f1a004797e Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	doc/tor.1.txt
2011-02-10 15:52:04 -05:00
Robert Ransom
449d895f06 Merge branch 'bug2408-v2-021-common' into bug2408-v2-022 2011-02-09 03:05:21 -08:00
Robert Ransom
7bf06d4a4f Ignore and warn about "PublishServerDescriptor hidserv"
Fixes #2408.
2011-02-09 02:33:24 -08:00
Nick Mathewson
cc9809c1f7 Merge remote branch 'origin/maint-0.2.2' 2011-02-08 14:37:31 -05:00
Nick Mathewson
d43470ad8a Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-02-08 14:37:02 -05:00
Roger Dingledine
7d2a91f5e5 support multihomed bridges (bug 2510) 2011-02-08 09:10:14 -05:00
Roger Dingledine
9a1a96ba09 don't use old non-configured bridges (bug 2511) 2011-02-08 08:08:47 -05:00
Roger Dingledine
bcbcda309a move the clause above the "if bw is too low" check 2011-02-07 23:22:45 -05:00
Roger Dingledine
20b75989ac dtrt when only relaybandwidthburst is set
fixes bug 2470
2011-02-07 23:21:33 -05:00
Sebastian Hahn
9b64227ffd Routers count as down when they change ORPort, too
rransom noticed that a change of ORPort is just as bad as a change of IP
address from a client's perspective, because both mean that the relay is
not available to them while the new information hasn't propagated.
Change the bug1035 fix accordingly.

Also make sure we don't log a bridge's IP address (which might happen
when we are the bridge authority).
2011-02-08 00:38:48 +01:00
Nick Mathewson
ff5810aea9 Merge remote branch 'origin/maint-0.2.2' 2011-02-07 12:47:04 -05:00
Nick Mathewson
98cef0ac1e Merge branch 'bug2279' into maint-0.2.2 2011-02-07 12:43:54 -05:00
Nick Mathewson
e854e01d57 Some cleanups to bug2279 messages/docs from rransom 2011-02-07 12:40:43 -05:00
Roger Dingledine
c2c1f5b2a1 another api tweak to help task 1944 2011-02-07 10:43:41 -05:00
Sebastian Hahn
a68e2043ab Fix spelling and an unused #define
both noticed by rransom
2011-02-07 16:16:10 +01:00
Roger Dingledine
d3836b02cc change APIs slightly to make #1944 easier 2011-02-07 06:39:21 -05:00
Sebastian Hahn
7736f44698 Don't tell Tor client users about missing geoip
They don't need the geoip file for stats, so a missing geoipfile is not
a big issue. Also make the log message a bit friendlier. Fixes bug 2496.
2011-02-06 00:27:47 +01:00
Nick Mathewson
69f7c0385b Merge remote branch 'origin/maint-0.2.2' for bug2203_rebased
There was a merge conflict in routerlist.c due to the new node_t logic.

Conflicts:
	src/or/routerlist.c
2011-02-04 12:26:59 -05:00
Nick Mathewson
e9803aa710 Merge branch 'bug2203_rebased' into maint-0.2.2 2011-02-04 12:22:18 -05:00
Nick Mathewson
a6c811313a Merge remote branch 'origin/maint-0.2.2' 2011-02-03 14:21:14 -05:00
John Brooks
895409011f Enable ASLR and permanent DEP for Windows executables
Fix for #2358
2011-02-03 14:18:00 -05:00
Nick Mathewson
912b76a1bf Merge remote branch 'origin/maint-0.2.2' 2011-02-03 13:56:37 -05:00
Nick Mathewson
2fa9ddb958 Merge remote branch 'public/bug2378' into maint-0.2.2 2011-02-03 13:54:28 -05:00
Sebastian Hahn
490d397dbf Log which config file we read
It is often not entirely clear what options Tor was built with, so it
might not be immediately obvious which config file Tor is using when it
found one. Log the config file at startup.
2011-01-27 15:31:34 +01:00
Nick Mathewson
0337fc7b06 Merge remote branch 'origin/maint-0.2.2' 2011-01-26 11:49:41 -05:00
Nick Mathewson
e6da9a98e9 Merge branch 'bug2181' into maint-0.2.2 2011-01-26 11:46:13 -05:00
Nick Mathewson
d92a415bed Add an option to disable the block-private-addresses feature
Suggested by rransom.  Probably necessary for testing network mode.
2011-01-26 11:35:24 -05:00
Nick Mathewson
a880429a76 Merge remote branch 'origin/maint-0.2.2' 2011-01-26 11:08:02 -05:00
Nick Mathewson
ba3b03def0 Merge branch 'bug2409' into maint-0.2.2 2011-01-26 11:06:59 -05:00
Nick Mathewson
1478aa99b7 Merge branch 'bug2321' into maint-0.2.2 2011-01-26 11:06:55 -05:00
Nick Mathewson
9a4b2ec764 Avoid sketchy integer cast in cbt code
When calling circuit_build_times_shuffle_and_store_array, we were
passing a uint32_t as an int.  arma is pretty sure that this can't
actually cause a bug, because of checks elsewhere in the code, but
it's best not to pass a uint32_t as an int anyway.

Found by doorss; fix on 0.2.2.4-alpha.
2011-01-26 11:05:21 -05:00
Nick Mathewson
411ec3c0f8 Add client code to detect attempts to connect to 127.0.0.1 etc
We detect and reject said attempts if there is no chosen exit node or
circuit: connecting to a private addr via a randomly chosen exit node
will usually fail (if all exits reject private addresses), is always
ill-defined (you're not asking for any particular host or service),
and usually an error (you've configured all requests to go over Tor
when you really wanted to configure all _remote_ requests to go over
Tor).

This can also help detect forwarding loop requests.

Found as part of bug2279.
2011-01-25 20:39:44 -05:00
Nick Mathewson
85da676108 Fix double-mark bug when failing to init transparent connection
Fixes part of bug 2279.  Bugfix on 0.1.2.1-alpha.
2011-01-25 19:07:03 -05:00
Nick Mathewson
5ce8182bdb Log more about soft-hibernation 2011-01-25 18:45:13 -05:00
Nick Mathewson
76582442a8 Handle failing cases of DH allocation 2011-01-25 18:09:38 -05:00
Nick Mathewson
2dcc98e4f7 Merge remote branch 'origin/maint-0.2.2' 2011-01-25 17:53:20 -05:00
Mike Perry
9e7691b05c Comment remaining CBT functions.
Left circuit_build_times_get_bw_scale() uncommented because it is in the wrong
place due to an improper bug2317 fix. It needs to be moved and renamed, as it
is not a cbt parameter.
2011-01-25 17:52:01 -05:00
Mike Perry
7b24b8e375 Fix authority side of 2203.
Do not add Exit bandwidth to E if BadExit is set.
2011-01-25 17:49:02 -05:00
Mike Perry
ec2ab3800f Fix client side of 2203: Do not count BadExits as Exits. 2011-01-25 17:49:02 -05:00
Nick Mathewson
a38274b1ce Merge remote branch 'origin/maint-0.2.2' 2011-01-25 17:40:41 -05:00
Mike Perry
8b4a91c2b7 Fix bug #2004 by demoting a log message.
To quote arma: "So instead of stopping your CBT from screaming, you're just
going to throw it in the closet and hope you can't hear it?"

Yep. The log message can happen because at 95% point on the curve, we can be
way beyond the max timeout we've seen, if the curve has few points and is
shallow.

Also applied Nick's rule of thumb for rewriting some other notice log messages
to read like how you would explain them to a raving lunatic on #tor who was
shouting at you demanding what they meant. Hopefully the changes live up to
that standard.
2011-01-25 17:35:39 -05:00
Nick Mathewson
71862ed763 Fix bug in verifying directory signatures with short digests
If we got a signed digest that was shorter than the required digest
length, but longer than 20 bytes, we would accept it as long
enough.... and then immediately fail when we want to check it.

Fixes bug 2409; bug in 0.2.2.20-alpha; found by piebeer.
2011-01-25 17:15:22 -05:00
Nick Mathewson
991b50c5a3 Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	src/or/geoip.c
2011-01-25 15:58:01 -05:00
Sebastian Hahn
7a446e6754 Tell which geoip file we're parsing 2011-01-25 15:54:51 -05:00
Nick Mathewson
89ee779f92 Add a torrc option to report log domains 2011-01-25 15:53:15 -05:00
Nick Mathewson
36880b3f17 Merge remote branch 'origin/maint-0.2.2' 2011-01-25 14:30:01 -05:00
Sebastian Hahn
68f8ca357f Fix assert for relay/bridge state change
When we added support for separate client tls certs on bridges in
a2bb0bfdd5 we forgot to correctly initialize this when changing
from relay to bridge or vice versa while Tor is running. Fix that
by always initializing keys when the state changes.

Fixes bug 2433.
2011-01-25 14:13:06 -05:00
Nick Mathewson
a1073ee956 Simplest fix to bug2402: do not include SVN versions
When we stopped using svn, 0.2.1.x lost the ability to notice its svn
revision and report it in the version number.  However, it kept
looking at the micro-revision.i file... so if you switched to master,
built tor, then switched to 0.2.1.x, you'd get a micro-revision.i file
from master reported as an SVN tag.  This patch takes out the "include
the svn tag" logic entirely.

Bugfix on 0.2.1.15-rc; fixes bug 2402.
2011-01-25 14:08:13 -05:00
Nick Mathewson
aaa5737a2e Merge remote branch 'origin/maint-0.2.2' 2011-01-24 17:51:52 -05:00
Nick Mathewson
5ed73e3807 Make the DH parameter we use for TLS match the one from Apache's mod_ssl
Our regular DH parameters that we use for circuit and rendezvous
crypto are unchanged.  This is yet another small step on the path of
protocol fingerprinting resistance.
2011-01-24 16:50:11 -05:00
Nick Mathewson
c496229b0a Merge remote branch 'origin/maint-0.2.2' 2011-01-20 15:00:42 -05:00
Nick Mathewson
13e9a2b19d Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-01-20 15:00:24 -05:00
Nick Mathewson
1471e57743 Merge remote branch 'rransom/policy_summarize-assert' into maint-0.2.1 2011-01-20 14:59:23 -05:00
Robert Ransom
43414eb988 Fix bounds-checking in policy_summarize
Found by piebeer.
2011-01-20 11:17:57 -08:00
Nick Mathewson
f6a25a995e Merge remote branch 'origin/maint-0.2.2' 2011-01-19 13:26:23 -05:00
Nick Mathewson
a793f1f6f2 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-01-19 13:25:38 -05:00
Nick Mathewson
c8f94eed12 Oops; actually add the code to the last patch. :/ 2011-01-19 13:25:17 -05:00
Roger Dingledine
4ff97e3775 Merge branch 'maint-0.2.2' 2011-01-15 22:39:15 -05:00
Roger Dingledine
7699014e1e Merge commit 'sebastian/bug2317' into maint-0.2.2 2011-01-15 21:54:49 -05:00
Nick Mathewson
07888ed8e4 Merge remote branch 'origin/maint-0.2.2' 2011-01-15 14:17:59 -05:00
Nick Mathewson
a7790d48af Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-01-15 14:15:19 -05:00
Nick Mathewson
ef6fa07e48 Fix a couple of non-cleared key issues in hidden services
we need to do more hunting, but this fixes the ones mentioned in 2385.
2011-01-15 14:10:54 -05:00
Sebastian Hahn
0df51a7f39 Tighten accepted circwindow parameters
Based on discussion in bug 2317, these values seem to be sane.
2011-01-15 19:42:17 +01:00
Sebastian Hahn
b06617c948 Provide constant limits for all consensus params
This addresses Nick's concern about doing non-constant bounds checking
inside networkstatus_get_param().
2011-01-15 19:42:17 +01:00
Sebastian Hahn
026e7987ad Sanity-check consensus param values
We need to make sure that the worst thing that a weird consensus param
can do to us is to break our Tor (and only if the other Tors are
reliably broken in the same way) so that the majority of directory
authorities can't pull any attacks that are worse than the DoS that
they can trigger by simply shutting down.

One of these worse things was the cbtnummodes parameter, which could
lead to heap corruption on some systems if the value was sufficiently
large.

This commit fixes this particular issue and also introduces sanity
checking for all consensus parameters.
2011-01-15 19:42:17 +01:00
Sebastian Hahn
ca6c813612 Make get_net_param_from_list() static
This prepares for making the accessor method for consensus parameters
safer in the next commit.
2011-01-15 19:42:17 +01:00
Nick Mathewson
1758ef51de Merge remote branch 'origin/maint-0.2.2' 2011-01-15 13:26:02 -05:00
Nick Mathewson
1393985768 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2
Conflicts:
	src/or/routerparse.c
	src/or/test.c
2011-01-15 13:25:13 -05:00
Nick Mathewson
b97b0efec8 Merge branch 'bug2352_obsize' into maint-0.2.1 2011-01-15 13:15:06 -05:00
Nick Mathewson
60fa447afa Merge remote branch 'origin/maint-0.2.2' 2011-01-15 13:11:10 -05:00
Nick Mathewson
9d133464c8 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-01-15 13:10:14 -05:00
Nick Mathewson
31b562e10a Add missing check for hostname answer_len in dnsserv size
This is checked elsewhere too, but let's be RFC-conformant.
2011-01-15 13:09:12 -05:00
Nick Mathewson
1b8f2ef550 Merge remote branch 'origin/maint-0.2.2' 2011-01-15 12:03:44 -05:00
Nick Mathewson
ed87738ede Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2
Conflicts:
	src/or/config.c
	src/or/networkstatus.c
	src/or/rendcommon.c
	src/or/routerparse.c
	src/or/test.c
2011-01-15 12:02:55 -05:00
Nick Mathewson
115782bdbe Fix a heap overflow found by debuger, and make it harder to make that mistake again
Our public key functions assumed that they were always writing into a
large enough buffer.  In one case, they weren't.

(Incorporates fixes from sebastian)
2011-01-15 11:49:25 -05:00
Nick Mathewson
a16902b9d4 Always nul-terminate the result passed to evdns_server_add_ptr_reply
In dnsserv_resolved(), we carefully made a nul-terminated copy of the
answer in a PTR RESOLVED cell... then never used that nul-terminated
copy.  Ouch.

Surprisingly this one isn't as huge a security problem as it could be.
The only place where the input to dnsserv_resolved wasn't necessarily
nul-terminated was when it was called indirectly from relay.c with the
contents of a relay cell's payload.  If the end of the payload was
filled with junk, eventdns.c would take the strdup() of the name [This
part is bad; we might crash there if the cell is in a bad part of the
stack or the heap] and get a name of at least length
495[*]. eventdns.c then rejects any name of length over 255, so the
bogus data would be neither transmitted nor altered.

  [*] If the name was less than 495 bytes long, the client wouldn't
     actually be reading off the end of the cell.

Nonetheless this is a reasonably annoying bug.  Better fix it.

Found while looking at bug 2332, reported by doorss.  Bugfix on
0.2.0.1-alpha.
2011-01-15 11:49:25 -05:00
Nick Mathewson
1f3b442023 catch another overlong malloc possibility. found by cypherpunks 2011-01-15 10:42:11 -05:00
Nick Mathewson
b27f5cc50d Fix another instance of "128" in buffers.c. More bug2330. 2011-01-15 10:25:58 -05:00
Roger Dingledine
10d385bd71 typos 2011-01-12 18:38:52 -05:00
Nick Mathewson
468da1c28a Merge remote branch 'origin/maint-0.2.2' 2011-01-12 14:00:56 -05:00
Nick Mathewson
43e12a7988 Merge remote branch 'public/bug2363' into maint-0.2.2 2011-01-12 14:00:20 -05:00
Nick Mathewson
71d786b2d3 Merge branch 'bug2320' 2011-01-12 12:52:31 -05:00
Nick Mathewson
cbcae4aef1 Merge remote branch 'origin/maint-0.2.2' 2011-01-12 12:38:54 -05:00
Nick Mathewson
597433bcec Merge branch 'bug2346' into maint-0.2.2 2011-01-12 12:37:51 -05:00
Nick Mathewson
5044cb9752 Explain bug2346 fix better based on suggestions from arma 2011-01-12 12:37:42 -05:00
Nick Mathewson
c9f8a5eebc Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	src/or/buffers.c
2011-01-10 17:31:11 -05:00
Nick Mathewson
aa45e82593 Pull up more data when parsing socks messages
Previously, we only looked at up to 128 bytes.  This is a bad idea
since socks messages can be at least 256+x bytes long.  Now we look at
up to 512 bytes; this should be enough for 0.2.2.x to handle all valid
SOCKS messages.  For 0.2.3.x, we can think about handling trickier
cases.

Fixes 2330.  Bugfix on 0.2.0.16-alpha.
2011-01-10 17:24:16 -05:00
Nick Mathewson
95968a625e Wait 60 minutes before retrying failed state save; bug2346 2011-01-10 16:51:11 -05:00
Nick Mathewson
6a829a3404 Make eventdns server functions const void* to match libevent
partial fix for bug 2332
2011-01-10 16:00:48 -05:00
Nick Mathewson
80253ba4d7 fix some spelling in rephist comments 2011-01-10 15:13:07 -05:00
Nick Mathewson
105b94b75b Add Maxima lists to bandwidth state.
Right now, Tor routers don't save the maxima values from the
bw_history_t between sessions.  That's no good, since we use those
values to determine bandwidth.  This code adds a new BWHist.*Maximum
set of values to the state file.  If they're not present, we estimate
them by taking the observed total bandwidth and dividing it by the
period length, which provides a lower bound.

This should fix bug 1863.  I'm calling it a feature.
2011-01-10 14:47:39 -05:00
Nick Mathewson
28844c8403 On bwhist state load failure, clear dir_read/write hist too 2011-01-10 13:15:51 -05:00
Nick Mathewson
7e1502c0d1 Fix bug when parsing bwhist with unexpected Interval
Previously, our state parsing code would fail to parse a bwhist
correctly if the Interval was anything other than the default
hardcoded 15 minutes.  This change makes the parsing less incorrect,
though the resulting history array might get strange values in it if
the intervals don't match the one we're using.  (That is, if stuff was
generated in 15 minute intervals, and we read it into an array that
expects 30 minute intervals, we're fine, since values can be combined
pairwise.  But if we generate data at 30 minute intervals and read it
into 15 minute intervals, alternating buckets will be empty.)

Bugfix on 0.1.1.11-alpha.
2011-01-10 13:06:50 -05:00
Nick Mathewson
8dd4ecd14e Turn the loop bodies of rep_hist_save/load_state into functions
The trick of looping from i=0..4 , switching on i to set up some
variables, then running some common code is much better expressed by
just calling a function 4 times with 4 sets of arguments.  This should
make the code a little easier to follow and maintain here.
2011-01-10 12:59:07 -05:00
Nick Mathewson
373a1bc40e Impose maximum sizes on parsed objects
An object, you'll recall, is something between -----BEGIN----- and
-----END----- tags in a directory document.  Some of our code, as
doorss has noted in bug 2352, could assert if one of these ever
overflowed SIZE_T_CEILING but not INT_MAX.  As a solution, I'm setting
a maximum size on a single object such that neither of these limits
will ever be hit.  I'm also fixing the INT_MAX checks, just to be sure.
2011-01-10 12:12:11 -05:00
Nick Mathewson
729f404efe Add logic in routerparse to not read overlong private keys
I am not at all sure that it is possible to trigger a bug here,
but better safe than sorry.
2011-01-10 12:07:34 -05:00
Nick Mathewson
efc9a84108 Add missing parens to evdns_base_resolve_* macros while I am at it 2011-01-09 19:05:06 -05:00
Nick Mathewson
68d5b6bc52 Fix check for failed evdns request creation
When using libevent 2, we use evdns_base_resolve_*().  When not, we
fake evdns_base_resolve_*() using evdns_resolve_*().

Our old check was looking for negative values (like libevent 2
returns), but our eventdns.c code returns 1.  This code makes the
check just test for nonzero.

Note that this broken check was not for _resolve_ failures or even for
failures to _launch_ a resolve: it was for failures to _create_ or
_encode_ a resolve request.

Bug introduced in 81eee0ecfff3dac1e9438719d2f7dc0ba7e84a71; found by
lodger; uploaded to trac by rransom.  Bug 2363.  Fix on 0.2.2.6-alpha.
2011-01-09 19:02:57 -05:00
Nick Mathewson
d16923a35d Merge remote branch 'origin/maint-0.2.2' 2011-01-07 22:05:11 -05:00
Nick Mathewson
54135b72f8 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-01-07 22:04:40 -05:00
Nick Mathewson
045e6ebd31 Remove a loud info log message 2011-01-07 22:03:22 -05:00
Nick Mathewson
0a35ac6a22 Correctly detect and exclude addresses outside of our virtual address range
Found by cypherpunks; fixes more of 2328.  Bug was introduced in 3623a122;
first appeared in 0.2.0.5-alpha.
2011-01-07 12:24:36 -05:00
Nick Mathewson
2be65619f9 Fix wide lines in control.c 2011-01-07 12:16:12 -05:00
Damian Johnson
6661e16e7c GETINFO options for querying traffic usage
This was originally a patch provided by pipe
(http://www.mail-archive.com/or-talk@freehaven.net/msg13085.html) to
provide a method for controllers to query the total amount of traffic
tor has handled (this is a frequently requested piece of information
by relay operators).
2011-01-07 12:15:14 -05:00
Nick Mathewson
d4165ef8b4 Use autoconf's FLEXIBLE_ARRAY_MEMBER for unspecified-length arrays
C99 allows a syntax for structures whose last element is of
unspecified length:
   struct s {
     int elt1;
     ...
     char last_element[];
   };

Recent (last-5-years) autoconf versions provide an
AC_C_FLEXIBLE_ARRAY_MEMBER test that defines FLEXIBLE_ARRAY_MEMBER
to either no tokens (if you have c99 flexible array support) or to 1
(if you don't).  At that point you just use offsetof
[STRUCT_OFFSET() for us] to see where last_element begins, and
allocate your structures like:

   struct s {
     int elt1;
     ...
     char last_element[FLEXIBLE_ARRAY_MEMBER];
   };

   tor_malloc(STRUCT_OFFSET(struct s, last_element) +
                                   n_elements*sizeof(char));

The advantages are:

   1) It's easier to see which structures and elements are of
      unspecified length.
   2) The compiler and related checking tools can also see which
      structures and elements are of unspecified length, in case they
      wants to try weird bounds-checking tricks or something.
   3) The compiler can warn us if we do something dumb, like try
      to stack-allocate a flexible-length structure.
2011-01-06 15:59:05 -05:00
Nick Mathewson
3bc235d979 Fix a strdup() of uninitialized buffer in addressmap_get_virtual_address
Partial revert of 22f723e4a3.

Bugfix on 0.2.3.0-alpha
2011-01-06 13:40:27 -05:00
Nick Mathewson
d4b265d692 Merge remote branch 'origin/maint-0.2.2' 2011-01-06 13:38:08 -05:00
Nick Mathewson
d6329eda96 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-01-06 13:37:39 -05:00
Nick Mathewson
d6b49c55c5 Merge branch 'bug2328_021' into maint-0.2.1 2011-01-06 13:36:29 -05:00
Nick Mathewson
2008728df7 Notice a little faster if we're running out of virtual addresses
We were not decrementing "available" every time we did
++next_virtual_addr in addressmap_get_virtual_address: we left out the
--available when we skipped .00 and .255 addresses.

This didn't actually cause a bug in most cases, since the failure mode
was to keep looping around the virtual addresses until we found one,
or until available hit zero.  It could have given you an infinite loop
rather than a useful message, however, if you said "VirtualAddrNetwork
127.0.0.255/32" or something broken like that.

Spotted by cypherpunks
2011-01-06 13:29:36 -05:00
Nick Mathewson
eabddd8ca0 Handle a NULL return from addressmap_get_virtual_address
Fix for bug 2328; bugfix on 0.1.2.1-alpha; bug found by doorss.
2011-01-05 16:36:48 -05:00
Nick Mathewson
31d6659d97 Fix a double-counting bug in addrmap_get_virtual_address
We were decrementing "available" twice for each in-use address we ran
across.  This would make us declare that we ran out of virtual
addresses when the address space was only half full.
2011-01-05 16:02:43 -05:00
Nick Mathewson
8932753169 Merge remote branch 'rransom/bug2327-v2' 2011-01-03 13:07:43 -05:00
Nick Mathewson
394a6bf4cd Merge remote branch 'origin/maint-0.2.2' 2011-01-03 12:47:58 -05:00
Nick Mathewson
bb5f99d4df Merge remote branch 'sebastian/bug2314' into maint-0.2.2 2011-01-03 12:47:14 -05:00
Nick Mathewson
1e295666d9 Tweak GETINFO process/* code: no need to print an int as anything other than %d 2011-01-03 12:11:09 -05:00
Damian Johnson
8708ffa655 Implementing getinfo options for the pid, uid, user, and descriptor limit as per proposal 173. 2011-01-03 12:04:56 -05:00
Nick Mathewson
93a6d53ef3 Add a note about _compare_int not doing overflow right 2011-01-03 12:03:21 -05:00
Nick Mathewson
57a86fd433 Fix a wide line in rephist.c 2011-01-03 12:03:04 -05:00
Nick Mathewson
c5382255bd Merge remote branch 'origin/maint-0.2.2' 2011-01-03 12:00:59 -05:00
Nick Mathewson
40ef9087cf Fix a function formatting warning in rephist.c 2011-01-03 11:59:47 -05:00
Nick Mathewson
66039d9843 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2
Conflicts:
	src/or/routerparse.c
2011-01-03 11:58:59 -05:00
Nick Mathewson
989db9aed1 fix whitespace issues 2011-01-03 11:57:42 -05:00
Nick Mathewson
a1ceee193b Bump copyright statements to 2011 (master) 2011-01-03 11:55:01 -05:00
Nick Mathewson
8730884ebe Merge remote branch 'origin/maint-0.2.2' 2011-01-03 11:53:28 -05:00
Nick Mathewson
30b3475e6d Bump copyright statements to 2011 (0.2.2) 2011-01-03 11:52:09 -05:00
Nick Mathewson
f1de329e78 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2
Conflicts:
	src/common/test.h
	src/or/test.c
2011-01-03 11:51:17 -05:00
Nick Mathewson
1a07348a50 Bump copyright statements to 2011 2011-01-03 11:50:39 -05:00
Robert Ransom
305ba230fe Don't throw away incomplete SOCKS proxy responses.
Introduced in 9796b9bfa6.
2010-12-29 05:55:45 -08:00
Robert Ransom
524fdeeb1e Use evbuffer_pullup properly in fetch_from_evbuffer_socks_client.
evbuffer_pullup does nothing and returns NULL if the caller asks it to
linearize more data than the buffer contains.

Introduced in 9796b9bfa6.

Reported by piebeer; fixed with help from doors.
2010-12-29 05:52:09 -08:00
Sebastian Hahn
59a3d536d8 Fix compile without warnings on OS X 10.6 2010-12-27 11:37:16 +01:00
Sebastian Hahn
9ecf133686 Fix compile wanrings revealed by gcc 4.5 on mingw 2010-12-27 09:47:41 +01:00
Sebastian Hahn
da91900135 Disable stats requiring geoip info if we have none
In other parts of the code we will otherwise attempt to collect these
statistics, and that will lead to crashes.
2010-12-22 08:34:41 +01:00
Nick Mathewson
00775ab4ed Merge remote branch 'karsten/dirreq-stats-default'
Conflicts:
	src/or/config.c
2010-12-21 16:01:00 -05:00
Nick Mathewson
95e21779a3 Merge remote branch 'origin/maint-0.2.2' 2010-12-21 15:53:32 -05:00
Nick Mathewson
e895919b17 Merge remote branch 'public/bug2060' into maint-0.2.2 2010-12-21 15:53:03 -05:00
Nick Mathewson
0a3b7f1471 Merge remote branch 'origin/maint-0.2.2' 2010-12-21 15:50:09 -05:00
Nick Mathewson
cdbd6d0fe8 Merge remote branch 'rransom/bug2190_the_hard_way' into maint-0.2.2 2010-12-21 15:48:14 -05:00
Roger Dingledine
c79427a992 Merge branch 'maint-0.2.2' 2010-12-19 22:08:42 -05:00
Roger Dingledine
c63c937465 Merge commit 'nickm/fix_security_bug_022' into maint-0.2.2 2010-12-16 17:24:11 -05:00
Roger Dingledine
975ffe4398 Merge commit 'nickm/fix_security_bug_021' into maint-0.2.1 2010-12-16 16:59:12 -05:00
Nick Mathewson
1d0f8fe53c Merge remote branch 'origin/maint-0.2.2' 2010-12-16 10:06:36 -05:00
Nick Mathewson
591f65dde6 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2010-12-16 10:05:07 -05:00
Karsten Loesing
3c3b1d14fd Change gabelmoo's IP address and ports. 2010-12-16 13:28:30 +01:00
Nick Mathewson
b5e293afe6 Merge remote branch fix_security_bug_021 into fix_security_bug_022
Conflicts:
	src/common/memarea.c
	src/or/or.h
	src/or/rendclient.c
2010-12-15 22:48:23 -05:00
Nick Mathewson
b8a7bad799 Make payloads into uint8_t.
This will avoid some signed/unsigned assignment-related bugs.
2010-12-15 22:31:11 -05:00
Robert Hogan
02c2d9a4aa bug1666 - Pass-through support for SOCKS5 authentication(4)
Implement nickm's suggestion that we tolerate SOCKS5 clients
that send authentication credentials and SOCKS commands all in
one go.
2010-12-14 19:59:42 +00:00
Robert Hogan
f85f52808c bug1666 - Pass-through support for SOCKS5 authentication (2)
Address Nick's comments:
- Refactor against changes in buffers.c
- Ensure we have negotiated a method before accepting
  authentication credentials
2010-12-14 19:47:22 +00:00
Robert Hogan
bf136b94de bug1666 - Pass-through support for SOCKS5 authentication
If a SOCKS5 client insists on authentication, allow it to
negotiate a connection with Tor's SOCKS server successfully.
Any credentials the client provides are ignored.

This allows Tor to work with SOCKS5 clients that can only
support 'authenticated' connections.

Also add a bunch of basic unit tests for SOCKS4/4a/5 support
in buffers.c.
2010-12-14 19:47:22 +00:00
Nick Mathewson
4e9f9a4ee8 Merge remote branch 'origin/maint-0.2.2' 2010-12-07 11:37:14 -05:00
Nick Mathewson
f924fbf19f Merge branch 'bug2081_followup_022' into maint-0.2.2 2010-12-07 11:35:49 -05:00
Nick Mathewson
5efe6f04c6 Reject relay versions older than 0.2.0.26-rc
This was the first version to cache the correct directory information.

Fixes bug 2156.
2010-12-07 11:35:32 -05:00
Nick Mathewson
3fc43debfb Merge remote branch 'origin/maint-0.2.2' 2010-12-06 12:07:37 -05:00
Nick Mathewson
dc2f10bd81 Fix a bug in calculating wakeup time on 64-bit machines.
If you had TIME_MAX > INT_MAX, and your "time_to_exhaust_bw =
accountingmax/expected_bandwidth_usage * 60" calculation managed to
overflow INT_MAX, then your time_to_consider value could underflow and
wind up being rediculously low or high.  "Low" was no problem;
negative values got caught by the (time_to_consider <= 0) check.
"High", however, would get you a wakeup time somewhere in the distant
future.

The fix is to check for time_to_exhaust_bw overflowing INT_MAX, not
TIME_MAX: We don't allow any accounting interval longer than a month,
so if time_to_exhaust_bw is significantly larger than 31*24*60*60, we
can just clip it.

This is a bugfix on 0.0.9pre6, when accounting was first introduced.
It fixes bug 2146, unless there are other causes there too.  The fix
is from boboper.  (I tweaked it slightly by removing an assignment
that boboper marked as dead, and lowering a variable that no longer
needed to be function-scoped.)
2010-12-06 12:01:32 -05:00
Nick Mathewson
bbadf07d16 Merge remote branch 'origin/maint-0.2.2' 2010-12-06 11:37:37 -05:00
Nick Mathewson
feffbce814 Add a missing ! to directory_fetches_from_authorities
The old logic would have us fetch from authorities if we were refusing
unknown exits and our exit policy was reject*.  Instead, we want to
fetch from authorities if we're refusing unknown exits and our exit
policy is _NOT_ reject*.

Fixed by boboper.  Fixes more of 2097.  Bugfix on 0.2.2.16-alpha.
2010-12-06 11:36:01 -05:00
Nick Mathewson
36d68d2301 Fetch missing certs to authenticate microdesc consensuses as needed
Fixes bug 2253; fix by rransom
2010-12-06 11:26:45 -05:00
Nick Mathewson
0893793f01 Merge remote branch 'origin/maint-0.2.2' 2010-12-03 13:45:10 -05:00
Nick Mathewson
c0f1517d87 Don't crash when accountingmax is set in non-server Tors
We use a hash of the identity key to seed a prng to tell when an
accounting period should end.  But thanks to the bug998 changes,
clients no longer have server-identity keys to use as a long-term seed
in accounting calculations.  In any case, their identity keys (as used
in TLS) were never never fixed.  So we can just set the wakeup time
from a random seed instead there.  Still open is whether everybody
should be random.

This patch fixes bug 2235, which was introduced in 0.2.2.18-alpha.

Diagnosed with help from boboper on irc.
2010-12-03 13:37:13 -05:00
Karsten Loesing
0bd884cd5b Make connection direction statistics compile again. 2010-12-03 17:37:13 +01:00
Karsten Loesing
8db10c6d2f Write bidirectional connection stats in single line.
There's no need to have a separate line conn-stats-end for the end date
and interval length with only a single line conn-bi-direct following.
2010-12-03 16:47:53 +01:00
Karsten Loesing
91fec693e0 Refactor conn stats and add unit tests. 2010-12-03 16:47:53 +01:00
Karsten Loesing
c3c6a6ed34 Document BIDI_* constants. 2010-12-03 16:47:52 +01:00
Karsten Loesing
f56529b4b2 Call the new config option ConnDirectionStatistics. 2010-12-03 16:47:52 +01:00
Karsten Loesing
5dfdf075ac Add metric on uni/bidirectional connection usage. 2010-12-03 16:47:51 +01:00
Nick Mathewson
520182579a Merge remote branch 'origin/maint-0.2.2' 2010-12-02 13:21:09 -05:00
Nick Mathewson
ee8f451bf1 Fix a harmless off-by-one error in counting controller argument lengths
Bugfix on 0.1.1.1-alpha; found by boboper.
2010-12-02 13:19:21 -05:00
Nick Mathewson
9908404f01 Merge remote branch 'sjmurdoch/cloexec' 2010-12-01 11:42:34 -05:00
Steven Murdoch
367794ce02 Open connection to DNS resolvers with CLOEXEC flag set
NB: this will now register the socket with the socket accounting code
2010-12-01 15:40:11 +00:00
Nick Mathewson
3ed7505dc5 Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	src/or/relay.c
2010-11-30 19:23:40 -05:00
Nick Mathewson
8fa4450fde Do not invoke tls_renegotiated_cb for non-bufferevent connections too early.
This is not the most beautiful fix for this problem, but it is the simplest.

Bugfix for 2205.  Thanks to Sebastian and Mashael for finding the
bug, and boboper/cypherpunks for figuring out why it was happening
and how to fix it, and for writing a few fixes.
2010-11-30 17:55:27 -05:00
Roger Dingledine
9f51e26715 fix memory leak introduced in 26e89742
found via valgrind
2010-11-30 16:52:19 -05:00
Nick Mathewson
25b0fd8868 Revise comment on 2210 a little; clean up n_streams/num_streams confusion
Also add a changes file
2010-11-29 16:07:27 -05:00
Nick Mathewson
89e97bdf94 Add wrappers function for libc random()
On windows, it's called something different.
2010-11-29 16:00:47 -05:00
Nick Mathewson
0eafe23ff3 Fix whitespace in patch for 2210 and backport to 0.2.2 2010-11-29 16:00:43 -05:00
Mashael AlSabah
12fa6e23cb Improve fairness when activating streams in circuit_resume_edge_reading_helper
The reason the "streams problem" occurs is due to the complicated
interaction between Tor's congestion control and libevent. At some point
during the experiment, the circuit window is exhausted, which blocks all
edge streams. When a circuit level sendme is received at Exit, it
resumes edge reading by looping over linked list of edge streams, and
calling connection_start_reading() to inform libevent to resume reading.
When the streams are activated again, Tor gets the chance to service the
first three streams activated before the circuit window is exhausted
again, which causes all streams to be blocked again. As an experiment,
we reversed the order in which the streams are activated, and indeed the
first three streams, rather than the last three, got service, while the
others starved.

 Our solution is to change the order in which streams are activated. We
choose a random edge connection from the linked list, and then we
activate streams starting from that chosen stream. When we reach the end
of the list, then we continue from the head of the list until our chosen
stream (treating the linked list as a circular linked list). It would
probably be better to actually remember which streams have received
service recently, but this way is simple and effective.
2010-11-29 15:34:21 -05:00
Nick Mathewson
19019f26b0 Merge remote branch 'origin/maint-0.2.2' 2010-11-29 15:30:17 -05:00
Nick Mathewson
a5174b092e Merge branch 'exitstats' into maint-0.2.2 2010-11-29 15:28:22 -05:00
Nick Mathewson
a8a8e08220 comment karsten's bug2196 patch a little 2010-11-29 15:27:54 -05:00
Nick Mathewson
ae6b31aba9 Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	configure.in
	contrib/tor-mingw.nsi.in
	src/win32/orconfig.h
2010-11-24 17:06:26 -05:00
Robert Ransom
de75afc556 Avoid dereferencing NULL if a bridge fails to build an ei descriptor.
Reported by an anonymous commenter on Trac.
2010-11-24 13:18:11 -08:00
Karsten Loesing
4fed43ab2e Report only the top 10 ports in exit-port stats. 2010-11-24 08:45:05 +01:00
Nick Mathewson
ff014eb5ea Use S_CASE for ehostunreach, not E_CASE. Partial backport of 69deb22f. Fixes 0.2.1 compilation on windows 2010-11-23 12:47:21 -05:00
Nick Mathewson
12f3186719 Disable DirPort when BridgeRelay is set 2010-11-22 13:12:48 -05:00
Nick Mathewson
5a9903b9e0 Handle negative run lengths in wfu/mtbf calculations 2010-11-22 12:39:22 -05:00
Nick Mathewson
bea0a31c1c Treat routers whose IPs have changed as having been down for MTBF/routerinfo
calculation purposes.
2010-11-22 12:32:29 -05:00
Nick Mathewson
80357abb11 Remove an incorrect comment in connection_or_check_valid_tls_handshake 2010-11-22 11:36:22 -05:00
Nick Mathewson
2af14b671d Have authorities reject routers running verions susceptible to bug 1038. 2010-11-22 11:16:36 -05:00
Roger Dingledine
d77bc69b0c found this whitespace fix in a sandbox 2010-11-21 15:57:22 -05:00
Nick Mathewson
9cbe64db45 Add missing cast when formatting uintptr_t
Found by Christian Kujau
2010-11-20 05:18:34 -05:00
Nick Mathewson
e669d25e43 Do cloexec on socketpairs and stdio files 2010-11-20 01:16:29 -05:00
Nick Mathewson
5a66de7015 Initial work to set CLOEXEC on all possible fds
Still to go: some pipes, all stdio files.
2010-11-20 00:58:40 -05:00
Nick Mathewson
d166d18643 Better fix for 2190: defer libevent->controller messages instead of dropping 2010-11-19 22:52:32 -05:00
Nick Mathewson
e361de80bb Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	src/or/router.c
2010-11-19 16:58:22 -05:00
Nick Mathewson
54551f3148 Merge branch 'fix2183', remote branch 'rransom/fix2195-v2' into maint-0.2.2 2010-11-19 16:48:13 -05:00
Robert Ransom
69472ca421 Fix logic error in router_dump_router_to_string.
Spotted by Nick Mathewson.
2010-11-19 13:23:45 -08:00
Nick Mathewson
e88486bc9d Add comments to some of the bug2183 fix code 2010-11-19 16:13:11 -05:00
Nick Mathewson
c77a32932d Fix wide lines in SIGNAL patch 2010-11-19 15:54:53 -05:00
John Brooks
7441999738 Add a SIGNAL event for control connections
Implements ticket #1955
2010-11-19 15:49:54 -05:00
Robert Ransom
780b8f4287 Generate a router descriptor even if generating an extra-info descriptor fails.
Fixes bug #2195.
2010-11-17 08:33:48 -08:00
Robert Ransom
213bcb3c40 Do not emit an extra-info-digest descriptor line if the digest is zero. 2010-11-17 08:32:17 -08:00
Karsten Loesing
0f1afaf595 Tweak the bugfix for 2183 a bit more. 2010-11-17 10:43:14 +01:00
Roger Dingledine
6b82a6e88d Merge branch 'maint-0.2.2' 2010-11-16 00:16:25 -05:00
Roger Dingledine
a08a7e0fc6 warn more about AllowSingleHopExits 2010-11-16 00:13:25 -05:00
Roger Dingledine
a641646a98 Merge commit 'nickm/1776_redux_v1' into maint-0.2.2 2010-11-15 23:29:09 -05:00
Nick Mathewson
45b500d5a6 Clean up my 1776 fix a bit
Sebastian notes (and I think correctly) that one of our ||s should
have been an &&, which simplifies a boolean expression to decide
whether to replace bridges.  I'm also refactoring out the negation at
the start of the expression, to make it more readable.
2010-11-15 19:43:53 -05:00
Nick Mathewson
550be1df69 Merge remote branch 'origin/maint-0.2.2' 2010-11-15 15:41:37 -05:00
Nick Mathewson
cbad9f4520 Move controller event for socks warning into log_unsafe_socks_warning 2010-11-15 15:41:21 -05:00
Nick Mathewson
9399b885cd Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	src/or/buffers.c
2010-11-15 15:37:23 -05:00
Nick Mathewson
522c204ac9 Merge branch 'bug2000_nm_022' into maint-0.2.2 2010-11-15 15:31:40 -05:00
Nick Mathewson
8c2affe637 Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	src/or/config.c
	src/or/cpuworker.c
2010-11-15 14:14:13 -05:00
Nick Mathewson
433a98131a Merge remote branch 'sebastian/manpagefixups' into maint-0.2.2 2010-11-15 14:07:00 -05:00
Sebastian Hahn
da3a6e724f Rate-limit unsafe socks warning
Pick 5 seconds as the limit. 5 seconds is a compromise here between
making sure the user notices that the bad behaviour is (still) happening
and not spamming their log too much needlessly (the log message is
pretty long). We also keep warning every time if safesocks is
specified, because then the user presumably wants to hear about every
blocked instance.

(This is based on the original patch by Sebastian, then backported to
0.2.2 and with warnings split into their own function.)
2010-11-15 13:57:37 -05:00
Karsten Loesing
ff1cf35442 Don't use log_err for non-criticial warnings. 2010-11-15 13:39:53 +01:00
Karsten Loesing
cec21652a7 Try harder not to exceed the 50 KB extra-info descriptor limit.
Our checks that we don't exceed the 50 KB size limit of extra-info
descriptors apparently failed. This patch fixes these checks and reserves
another 250 bytes for appending the signature. Fixes bug 2183.
2010-11-15 12:51:51 +01:00
Nick Mathewson
2392290c18 Fix a remaining bug in Robert's bug1859 fix.
When intro->extend_info is created for an introduction point, it
only starts out with a nickname, not necessarily an identity digest.
Thus, doing router_get_by_digest isn't necessarily safe.
2010-11-12 19:52:27 -05:00
Robert Hogan
7488fe5a22 Issues with router_get_by_nickname()
https://trac.torproject.org/projects/tor/ticket/1859

Use router_get_by_digest() instead of router_get_by_hexdigest()
in circuit_discard_optional_exit_enclaves() and
rend_client_get_random_intro(), per Nick's comments.

Using router_get_by_digest() in rend_client_get_random_intro() will
break hidden services published by Tor versions pre 0.1.2.18 and
0.2.07-alpha as they only publish by nickname. This is acceptable
however as these versions only publish to authority tor26 and
don't work for versions in the 0.2.2.x series anyway.
2010-11-12 19:51:06 -05:00
Robert Hogan
e1d86d3817 Issues with router_get_by_nickname()
https://trac.torproject.org/projects/tor/ticket/1859

There are two problems in this bug:

1. When an OP makes a .exit request specifying itself as the exit, and the exit
   is not yet listed, Tor gets all the routerinfos needed for the circuit but
   discovers in circuit_is_acceptable() that its own routerinfo is not in the
   routerdigest list and cannot be used. Tor then gets locked in a cycle of
   repeating these two steps. When gathering the routerinfos for a circuit,
   specifically when the exit has been chosen by .exit notation, Tor needs to
   apply the same rules it uses later on when deciding if it can build a
   circuit with those routerinfos.

2. A different bug arises in the above situation when the Tor instance's
   routerinfo *is* listed in the routerlist, it shares its nickname with a
   number of other Tor nodes, and it does not have 'Named' rights to its
   nickname.
   So for example, if (i) there are five nodes named Bob in the network, (ii) I
   am running one of them but am flagged as 'Unnamed' because someone else
   claimed the 'Bob' nickname first, and (iii) I run my Tor as both client
   and exit the following can happen to me:
     - I go to www.evil.com
     - I click on a link www.evil.com.bob.exit
     - My request will exit through my own Tor node rather than the 'Named'
       node Bob or any of the others.
     - www.evil.com now knows I am actually browsing from the same computer
       that is running my 'Bob' node

So to solve both issues we need to ensure:

- When fulfilling a .exit request we only choose a routerinfo if it exists in
  the routerlist, even when that routerinfo is ours.
- When getting a router by nickname we only return our own router information
  if it is not going to be used for building a circuit.

We ensure this by removing the special treatment afforded our own router in
router_get_by_nickname(). This means the function will only return the
routerinfo of our own router if it is in the routerlist built from authority
info and has a unique nickname or is bound to a non-unique nickname.

There are some uses of router_get_by_nickname() where we are looking for the
router by name because of a configuration directive, specifically local
declaration of NodeFamilies and EntryNodes and other routers' declaration of
MyFamily. In these cases it is not at first clear if we need to continue
returning our own routerinfo even if our router is not listed and/or has a
non-unique nickname with the Unnamed flag.

The patch treats each of these cases as follows:

Other Routers' Declaration of MyFamily
 This happens in routerlist_add_family(). If another router declares our router
 in its family and our router has the Unnamed flag or is not in the routerlist
 yet, should we take advantage of the fact that we know our own routerinfo to
 add us in anyway? This patch says 'no, treat our own router just like any
 other'. This is a safe choice because it ensures our client has the same view
 of the network as other clients. We also have no good way of knowing if our
 router is Named or not independently of the authorities, so we have to rely on
 them in this.

Local declaration of NodeFamilies
 Again, we have no way of knowing if the declaration 'NodeFamilies
 Bob,Alice,Ringo' refers to our router Bob or the Named router Bob, so we have
to defer to the authorities and treat our own router like any other.

Local declaration of NodeFamilies
 Again, same as above. There's also no good reason we would want our client to
 choose it's own router as an entry guard if it does not meet the requirements
 expected of any other router on the network.

In order to reduce the possibility of error, the patch also replaces two
instances where we were using router_get_by_nickname() with calls to
router_get_by_hexdigest() where the identity digest of the router
is available.
2010-11-12 19:51:06 -05:00
Nick Mathewson
3d7772ece3 Merge remote branch 'karsten/enhancement1883' 2010-11-12 14:13:17 -05:00
Nick Mathewson
d61736aa6a Merge remote branch 'origin/maint-0.2.2' 2010-11-12 13:06:54 -05:00
Nick Mathewson
dbba84c917 Avoid perma-blocking the controller on bug in shrink_freelist
In all likelihood, this bug would make Tor assert, but if it doesn't,
let's not have two bugs.
2010-11-12 13:05:58 -05:00
Robert Ransom
a421e284d0 Disable logging to control port connections in buf_shrink_freelists.
If buf_shrink_freelists calls log_warn for some reason, we don't want the log
call itself to throw buf_shrink_freelists further off the rails.
2010-11-12 03:07:09 -08:00
Robert Ransom
81affe1949 Move the original log_info call out of the core of buf_shrink_freelists.
Sending a log message to a control port can cause Tor to allocate a buffer,
thereby changing the length of the freelist behind buf_shrink_freelists's back,
thereby causing an assertion to fail.

Fixes bug #1125.
2010-11-12 03:04:07 -08:00
Robert Ransom
6a0657d4bb Disable logging to control port connections in buf_shrink_freelists.
If buf_shrink_freelists calls log_warn for some reason, we don't want the log
call itself to throw buf_shrink_freelists further off the rails.
2010-11-12 02:34:58 -08:00
Robert Ransom
6d2e02d79b Move the original log_info call out of the core of buf_shrink_freelists.
Sending a log message to a control port can cause Tor to allocate a buffer,
thereby changing the length of the freelist behind buf_shrink_freelists's back,
thereby causing an assertion to fail.

Fixes bug #1125.
2010-11-12 02:34:51 -08:00
Karsten Loesing
8833381d9c Add two fixes to the new geoip-db-digest line. 2010-11-12 09:11:11 +01:00
Nick Mathewson
ae5cdb8fa7 Merge remote branch 'public/refactor_pports' 2010-11-11 23:09:42 -05:00
Nick Mathewson
223fc208f6 Split long lines in configure.in and Makefile.am files
Having very long single lines with lots and lots of things in them
tends to make files hard to diff and hard to merge.  Since our tools
are one-line-at-a-time, we should try to construct lists that way too,
within reason.

This incidentally turned up a few headers in configure.in that we were
for some reason searching for twice.
2010-11-11 14:22:48 -05:00
Roger Dingledine
a29596556c Merge branch 'maint-0.2.2'
Conflicts:

	src/or/config.c
2010-11-11 12:19:37 -05:00
Roger Dingledine
362bb5c625 Merge branch 'maint-0.2.1' into maint-0.2.2 2010-11-11 12:12:17 -05:00
Roger Dingledine
0a38358210 let unpublished bridges learn their ip address too 2010-11-11 11:26:42 -05:00
Nick Mathewson
d4e660ff68 Merge remote branch 'origin/maint-0.2.2' 2010-11-10 16:07:04 -05:00
Nick Mathewson
a4bf5b51e9 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2010-11-10 16:06:43 -05:00
Nick Mathewson
2a50dd9359 Enforce multiplicity rules when parsing annotations.
We would never actually enforce multiplicity rules when parsing
annotations, since the counts array never got entries added to it for
annotations in the token list that got added by earlier calls to
tokenize_string.

Found by piebeer.
2010-11-10 16:02:02 -05:00
Nick Mathewson
089137f011 Fix a bug where seting allow_annotations==0 only ignores annotations, but does not block them 2010-11-10 16:02:02 -05:00
Nick Mathewson
accc51b68c Bulletproof the routerlist manipulation functions to handle reinserting the same descriptor 2010-11-10 14:55:00 -05:00
Sebastian Hahn
5040c855d1 Break NoPublish support 2010-11-10 15:48:26 +01:00
Sebastian Hahn
556a1b9e45 Change Natd into NATD in our options.
Breaking this out of the last commit because this might be more
controversial.
2010-11-10 15:48:26 +01:00
Sebastian Hahn
b9cac605ab Synx manpage and source wrt option capitalization
We had a spelling discrepancy between the manpage and the source code
for some option. Resolve these in favor of the manpage, because it
makes more sense (for example, HTTP should be capitalized).
2010-11-10 15:48:26 +01:00
Sebastian Hahn
13a7e8bea3 Comment out the (unused) RunTesting option
The code that makes use of the RunTesting option is #if 0, so setting
this option has no effect. Mark the option as obsolete for now, so that
Tor doesn't list it as an available option erroneously.
2010-11-10 15:48:25 +01:00
Karsten Loesing
499661524b Turn on directory request statistics by default.
Change the default values for collecting directory request statistics and
inlcuding them in extra-info descriptors to 1.

Don't break if we are configured to collect directory request or entry
statistics and don't have a GeoIP database. Instead, print out a notice
and skip initializing the affected statistics code.
2010-11-10 12:11:08 +01:00
Nick Mathewson
d238d8386f Add a testing-only option to use bufferevent_openssl as a filter
We need filtering bufferevent_openssl so that we can wrap around
IOCP bufferevents on Windows.  This patch adds a temporary option to
turn on filtering mode, so that we can test it out on non-IOCP
systems to make sure it hasn't got any surprising bugs.

It also fixes some allocation/teardown errors in using
bufferevent_openssl as a filter.
2010-11-09 15:36:27 -05:00
Karsten Loesing
423c2a7a27 Add GeoIP file digest to extra-info descriptor. 2010-11-09 09:42:36 +01:00
Nick Mathewson
1fb342dfab Merge branch 'loggranularity' 2010-11-08 12:40:33 -05:00
Nick Mathewson
152c9cba65 Make LogTimeGranularity respect validate_only 2010-11-08 12:40:26 -05:00
Karsten Loesing
ed45bc198f Fix log granularity based on Nick's comments.
Instead of rejecting a value that doesn't divide into 1 second, round to
the nearest divisor of 1 second and warn.

Document that the option only controls the granularity written by Tor to a
file or console log. It does not (for example) "batch up" log messages to
affect times logged by a controller, times attached to syslog messages, or
the mtime fields on log files.
2010-11-08 17:38:59 +01:00
Roger Dingledine
d96c9cd00e Merge branch 'maint-0.2.2' 2010-11-06 17:42:37 -04:00
Nick Mathewson
114a371c0e Fix the assert in bug 1776
In the case where old_router == NULL but sdmap has an entry for the
router, we can currently safely infer that the old_router was not a
bridge.  Add an assert to ensure that this remains true, and fix the
logic not to die with the tor_assert(old_router) call.
2010-11-02 11:20:09 -04:00
Nick Mathewson
c109ffaef9 Fix bug in tor_parse_string when Address is given as a dotted quad.
Found by Ian Goldberg and Mashael AlSabah.

Bugfix on 0.2.3.0-alpha dev.
2010-11-01 15:52:43 -04:00
Nick Mathewson
da0912c00c Fix up comments in choose_good_entry_server. Spotted by Robert Ransom. 2010-10-29 15:55:39 -04:00
Nick Mathewson
ccec0a1bd3 Merge remote branch 'origin/maint-0.2.2' 2010-10-26 13:59:09 -04:00
Sebastian Hahn
f87c6f100d Remove delay to become HSDir in privnets 2010-10-26 18:37:57 +02:00
Sebastian Hahn
213139f887 Properly refcount client_identity_key
In a2bb0bf we started using a separate client identity key. When we are
in "public server mode" (that means not a bridge) we will use the same
key. Reusing the key without doing the proper refcounting leads to a
segfault on cleanup during shutdown. Fix that.

Also introduce an assert that triggers if our refcount falls below 0.
That should never happen.
2010-10-26 18:22:04 +02:00
Nick Mathewson
17fdde3d92 Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	src/common/tortls.c
2010-10-21 16:23:01 -04:00
Nick Mathewson
441241c136 Fix a whitespace error 2010-10-21 16:12:04 -04:00
Nick Mathewson
1587735c90 Merge branch 'bug988-nm' into maint-0.2.2 2010-10-21 16:11:02 -04:00
Nick Mathewson
03adb8caad Add some asserts to get_{tlsclient|server}_identity_key
We now require that:
  - Only actual servers should ever call get_server_identity_key
  - If you're being a client or bridge, the client and server keys should
    differ.
  - If you're being a public relay, the client and server keys
    should be the same.
2010-10-21 13:54:12 -04:00
Nick Mathewson
704076680a Rename get_client_identity_key to get_tlsclient_identity_key 2010-10-21 13:54:02 -04:00
Nick Mathewson
f3eb2a10ae Remove a ??? comment in node_get_by_nickname
Bug 1859 shows that the router_get_by_nickname behavior was wrong,
and the node_get_by_nickname is right.
2010-10-21 11:18:55 -04:00
Nick Mathewson
bd1a694221 Add a node_get_by_hex_id(). 2010-10-21 11:18:16 -04:00
Nick Mathewson
f32140238f Merge remote branch 'origin/maint-0.2.2' for bug 1859 patches
Some of this is already done in nodelist.
2010-10-21 11:17:34 -04:00
Nick Mathewson
5f3010667d Fix a remaining bug in Robert's bug1859 fix.
When intro->extend_info is created for an introduction point, it
only starts out with a nickname, not necessarily an identity digest.
Thus, doing router_get_by_digest isn't necessarily safe.
2010-10-21 11:09:35 -04:00
Nick Mathewson
0e8d1c2217 Merge remote branch 'hoganrobert/bug1859' into maint-0.2.2 2010-10-21 11:01:12 -04:00
Nick Mathewson
2c3dafc342 Merge remote branch 'origin/maint-0.2.2' 2010-10-21 10:52:12 -04:00
Nick Mathewson
ea7f4be6d2 Merge remote branch 'sebastian/relay_early_rend' into maint-0.2.2 2010-10-21 10:49:44 -04:00
Nick Mathewson
d17b9bf1a5 Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	src/or/networkstatus.c
2010-10-20 21:32:27 -04:00
Nick Mathewson
0ac9a3df6c Fix a logic error in 98aee84. Found by boboper 2010-10-20 14:40:09 -04:00
Nick Mathewson
444193ff5d Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	src/or/networkstatus.c
2010-10-20 13:53:11 -04:00
Nick Mathewson
2849a95691 Add a ! to directory_caches_dir_info() to fix a logic error
We want to fetch directory info more aggressively if we need it to
refuseunknownexits.  Thus, we'll want it if our exit policy is _NOT_
reject *.
2010-10-20 13:49:38 -04:00
Nick Mathewson
98aee8472f Fix a read of a freed pointer while in set_current_consensus
Found by rransom while working on issue #988.  Bugfix on
0.2.2.17-alpha.  Fixes bug 2097.
2010-10-20 13:10:20 -04:00
Sebastian Hahn
d3b67cba3c Send relay_early cells in rend circs
There are no relay left that run version 0.2.1.3 through 0.2.1.18, so
changing this behaviour should be safe now.
2010-10-18 07:46:51 +02:00
Robert Hogan
0acd5e6208 Issues with router_get_by_nickname()
https://trac.torproject.org/projects/tor/ticket/1859

Use router_get_by_digest() instead of router_get_by_hexdigest()
in circuit_discard_optional_exit_enclaves() and
rend_client_get_random_intro(), per Nick's comments.

Using router_get_by_digest() in rend_client_get_random_intro() will
break hidden services published by Tor versions pre 0.1.2.18 and
0.2.07-alpha as they only publish by nickname. This is acceptable
however as these versions only publish to authority tor26 and
don't work for versions in the 0.2.2.x series anyway.
2010-10-17 12:27:57 +01:00
Nick Mathewson
a7cf788740 Merge branch 'bug1992_part1' 2010-10-15 17:08:18 -04:00
Nick Mathewson
b97da61b5a Tweak the fmt_addr32 code
Clarify documentation, rename a local, and fix a memory leak.
2010-10-15 17:07:27 -04:00
Nick Mathewson
d6bd2e55a6 Remove more unused code from routerlist.c 2010-10-15 14:25:52 -04:00
Nick Mathewson
e70cfbeb40 Remove an unused field from circ_buffer_stats_t 2010-10-15 14:25:36 -04:00
Nick Mathewson
2c51cd2b10 Make the predicted ports logic a little simpler.
Mainly, this comes from turning two lists that needed to be kept in
synch into a single list of structs.  This should save a little RAM,
and make the code simpler.
2010-10-15 14:02:55 -04:00
Nick Mathewson
006acf8b3f Fix a documention issue in circuitlist.c 2010-10-15 13:44:25 -04:00
Roger Dingledine
aab6952887 fix another typo 2010-10-15 13:00:37 -04:00
Nick Mathewson
36c5476e70 Fold timestamp_created into highres_created
There's no reason to keep a time_t and a struct timeval to represent
the same value: highres_created.tv_sec was the same as timestamp_created.

This should save a few bytes per circuit.
2010-10-15 12:38:02 -04:00
Nick Mathewson
9516c1efdb Remove XXXs about improving buf_t API: bufferevents are the future 2010-10-15 11:38:33 -04:00
Nick Mathewson
59cba1767c Make the return value of tor_addr_sockaddr always be signed 2010-10-15 11:36:16 -04:00
Nick Mathewson
247ce5876a Remove "is this too slow?" XXXX comments for code not appearing in profiles 2010-10-15 11:21:33 -04:00
Nick Mathewson
a5289fa794 Remove the unused old fuzzy-time code 2010-10-15 11:16:42 -04:00
Nick Mathewson
be13b5775a Remove an XXX in ntmain.c: a simple function call per loop is not so expensive. 2010-10-15 10:57:42 -04:00
Sebastian Hahn
9bed40eb10 Make check-spaces happy 2010-10-14 17:54:45 +02:00
Sebastian Hahn
4556f2e7c8 Rename router_get_by_digest()
We now call the function router_get_by_id_digest() to make clear that
we're talking about the identity digest here, not descriptor digest.
2010-10-14 17:49:51 +02:00
Nick Mathewson
376939c9ac Fix a few trivial bugs from the nodelist merge 2010-10-13 21:54:09 -04:00
Nick Mathewson
3af12a5557 Fix some XXXXs in connection_add_impl related to bufferevent error checking
This might make bufferevents more asserty for a while, but they should
make other bugs less likely to go unnoticed.

Noted by Sebastian.
2010-10-13 20:37:04 -04:00
Nick Mathewson
3d10c89201 Fix a couple users of buf_datalen that slipped in. Found by Sebastian 2010-10-13 20:36:34 -04:00
Nick Mathewson
44674369c5 Implement node_set_exit_policy_to_reject_all with a flag
Also remove some debugging code.
2010-10-13 20:30:40 -04:00
Nick Mathewson
3aec655694 Merge remote branch 'arma/bug1982_2'
Resolved a minor conflict in:
	src/or/circuitbuild.c
2010-10-13 16:07:37 -04:00
Nick Mathewson
8c837db38f Merge branch 'nodes' 2010-10-13 16:04:25 -04:00
Nick Mathewson
cbda016bc5 Send END cells on bufferevent tunneled directory conns
Our old code correctly called bufferevent_flush() on linked
connections to make sure that the other side got an EOF event... but
it didn't call bufferevent_flush() when the connection wasn't
hold_open_until_flushed.  Directory connections don't use
hold_open_until_flushed, so the linked exit connection never got an
EOF, so they never sent a RELAY_END cell to the client, and the
client never concluded that data had arrived.

The solution is to make the bufferevent_flush() code apply to _all_
closing linked conns whose partner is not already marked for close.
2010-10-13 15:05:06 -04:00
Robert Hogan
2d8f7a8391 Issues with router_get_by_nickname()
https://trac.torproject.org/projects/tor/ticket/1859

There are two problems in this bug:

1. When an OP makes a .exit request specifying itself as the exit, and the exit
   is not yet listed, Tor gets all the routerinfos needed for the circuit but
   discovers in circuit_is_acceptable() that its own routerinfo is not in the
   routerdigest list and cannot be used. Tor then gets locked in a cycle of
   repeating these two steps. When gathering the routerinfos for a circuit,
   specifically when the exit has been chosen by .exit notation, Tor needs to
   apply the same rules it uses later on when deciding if it can build a
   circuit with those routerinfos.

2. A different bug arises in the above situation when the Tor instance's
   routerinfo *is* listed in the routerlist, it shares its nickname with a
   number of other Tor nodes, and it does not have 'Named' rights to its
   nickname.
   So for example, if (i) there are five nodes named Bob in the network, (ii) I
   am running one of them but am flagged as 'Unnamed' because someone else
   claimed the 'Bob' nickname first, and (iii) I run my Tor as both client
   and exit the following can happen to me:
     - I go to www.evil.com
     - I click on a link www.evil.com.bob.exit
     - My request will exit through my own Tor node rather than the 'Named'
       node Bob or any of the others.
     - www.evil.com now knows I am actually browsing from the same computer
       that is running my 'Bob' node

So to solve both issues we need to ensure:

- When fulfilling a .exit request we only choose a routerinfo if it exists in
  the routerlist, even when that routerinfo is ours.
- When getting a router by nickname we only return our own router information
  if it is not going to be used for building a circuit.

We ensure this by removing the special treatment afforded our own router in
router_get_by_nickname(). This means the function will only return the
routerinfo of our own router if it is in the routerlist built from authority
info and has a unique nickname or is bound to a non-unique nickname.

There are some uses of router_get_by_nickname() where we are looking for the
router by name because of a configuration directive, specifically local
declaration of NodeFamilies and EntryNodes and other routers' declaration of
MyFamily. In these cases it is not at first clear if we need to continue
returning our own routerinfo even if our router is not listed and/or has a
non-unique nickname with the Unnamed flag.

The patch treats each of these cases as follows:

Other Routers' Declaration of MyFamily
 This happens in routerlist_add_family(). If another router declares our router
 in its family and our router has the Unnamed flag or is not in the routerlist
 yet, should we take advantage of the fact that we know our own routerinfo to
 add us in anyway? This patch says 'no, treat our own router just like any
 other'. This is a safe choice because it ensures our client has the same view
 of the network as other clients. We also have no good way of knowing if our
 router is Named or not independently of the authorities, so we have to rely on
 them in this.

Local declaration of NodeFamilies
 Again, we have no way of knowing if the declaration 'NodeFamilies
 Bob,Alice,Ringo' refers to our router Bob or the Named router Bob, so we have
to defer to the authorities and treat our own router like any other.

Local declaration of NodeFamilies
 Again, same as above. There's also no good reason we would want our client to
 choose it's own router as an entry guard if it does not meet the requirements
 expected of any other router on the network.

In order to reduce the possibility of error, the patch also replaces two
instances where we were using router_get_by_nickname() with calls to
router_get_by_hexdigest() where the identity digest of the router
is available.
2010-10-13 18:29:01 +01:00
Nick Mathewson
1c6649418d Revert accidentally-committed changes to routerlist.c
This reverts part of commit a0c1c2ac01.
2010-10-13 13:16:12 -04:00
Nick Mathewson
a0c1c2ac01 Use connection_mark_and_flush consistently. 2010-10-13 13:08:46 -04:00
Nick Mathewson
5710d99f00 Remember to re-install inbuf/outbuf callbacks on ssl bufferevents
If we don't, we will (among other bad things) never update
lastread/lastwritten, and so flood the network with keepalives.
2010-10-12 15:48:17 -04:00
Nick Mathewson
a9172c87be Actually call connection_tls_finish_handshake() with bufferevents
First start of a fix for bug2001, but my test network still isn't
working: the client and the server send each other VERSIONS cells,
but never notice that they got them.
2010-10-12 14:52:33 -04:00
Nick Mathewson
4cfa6fbaca Log OpenSSL errors coming from bufferevent_openssl 2010-10-11 13:25:41 -04:00
Nick Mathewson
9fe3cd0be3 Fix a crash bug when serving microdescs on a bufferevent. 2010-10-07 21:02:12 -04:00
Nick Mathewson
d0f1f9ce9e Remove a spurious .z from microdesc fetch URLs so they no logner end with .z.z 2010-10-07 20:41:15 -04:00
Nick Mathewson
c9dece14ae Add some missing documentation for things added in nodes branch 2010-10-07 17:10:06 -04:00
Nick Mathewson
1dffefc907 Add more documentation to microdesc.c, plus another assert. 2010-10-07 16:25:27 -04:00
Nick Mathewson
ab5b11fbb8 Add a more verbose log message to try to catch bug #2022. 2010-10-07 16:04:24 -04:00
Nick Mathewson
3061a036c8 Unit tests for microdescriptor cache
May help with tracking down bug #2022
2010-10-07 15:28:54 -04:00
Robert Ransom
a2bb0bfdd5 Maintain separate server and client identity keys when appropriate.
Fixes a bug described in ticket #988.
2010-10-04 21:51:53 -07:00
Robert Ransom
17efbe031d Maintain separate server and client TLS contexts.
Fixes bug #988.
2010-10-04 21:51:47 -07:00
Nick Mathewson
99062c4003 Spotted another missing check 2010-10-05 00:39:01 -04:00
Nick Mathewson
4080d9b0fa Fix a couple more node_t-related nullpointer bugs 2010-10-04 23:51:30 -04:00
Nick Mathewson
9edd85aa4c Switch an && to an ||, stop a *NULL. 2010-10-04 23:33:50 -04:00
Robert Ransom
d3879dbd16 Refactor tor_tls_context_new:
* Make tor_tls_context_new internal to tortls.c, and return the new
  tor_tls_context_t from it.

* Add a public tor_tls_context_init wrapper function to replace it.
2010-10-04 17:57:29 -07:00
Robert Ransom
89dffade8d Add public_server_mode function. 2010-10-04 17:57:29 -07:00
Karsten Loesing
8c5ba9388b Make logging resolution configurable.
Implements enhancement 1668.
2010-10-04 08:15:18 +02:00
Roger Dingledine
22f723e4a3 refactor all these tor_inet_ntoa idioms
but don't refactor the ones that look messy
2010-10-01 21:31:09 -04:00
Nick Mathewson
b9f2ccbdcc More debugging code for node_t branch 2010-10-01 19:52:05 -04:00
Nick Mathewson
1bb9734e3a Implement policies for nodes (and for microdescriptors too) 2010-10-01 18:14:28 -04:00
Nick Mathewson
42acef68ad Fix a bug in smartlist_choose_node_by_bandwidth 2010-10-01 18:14:28 -04:00
Nick Mathewson
b5341314c1 Implement a few more node-based functions
Some of these functions only work for routerinfo-based nodes, and as
such are only usable for advisory purposes.  Fortunately, our uses
of them are compatible with this limitation.
2010-10-01 18:14:27 -04:00
Nick Mathewson
f9ea242aca Implement node-based router family code
Also, make the NodeFamily option into a list of routersets.  This
lets us git rid of router_in_nickname_list (or whatever it was
called) without porting it to work with nodes, and also lets people
specify country codes and IP ranges in NodeFamily
2010-10-01 18:14:27 -04:00
Nick Mathewson
45f1e4d5ee Rename routerstatus_t.is_running to is_flagged_running
This was the only flag in routerstatus_t that we would previously
change in a routerstatus_t in a consensus. We no longer have reason
to do so -- and probably never did -- as you can now confirm more
easily than you could have done by grepping for is_running before
this patch.

The name change is to emphasize that the routerstatus_t is_running
flag is only there to tell you whether the consensus says it's
running, not whether it *you* think it's running.
2010-10-01 18:14:27 -04:00
Nick Mathewson
26e897420e Initial conversion to use node_t throughout our codebase.
A node_t is an abstraction over routerstatus_t, routerinfo_t, and
microdesc_t.  It should try to present a consistent interface to all
of them.  There should be a node_t for a server whenever there is
  * A routerinfo_t for it in the routerlist
  * A routerstatus_t in the current_consensus.
(note that a microdesc_t alone isn't enough to make a node_t exist,
since microdescriptors aren't usable on their own.)

There are three ways to get a node_t right now: looking it up by ID,
looking it up by nickname, and iterating over the whole list of
microdescriptors.

All (or nearly all) functions that are supposed to return "a router"
-- especially those used in building connections and circuits --
should return a node_t, not a routerinfo_t or a routerstatus_t.

A node_t should hold all the *mutable* flags about a node.  This
patch moves the is_foo flags from routerinfo_t into node_t.  The
flags in routerstatus_t remain, but they get set from the consensus
and should not change.

Some other highlights of this patch are:

  * Looking up routerinfo and routerstatus by nickname is now
    unified and based on the "look up a node by nickname" function.
    This tries to look only at the values from current consensus,
    and not get confused by the routerinfo_t->is_named flag, which
    could get set for other weird reasons.  This changes the
    behavior of how authorities (when acting as clients) deal with
    nodes that have been listed by nickname.

  * I tried not to artificially increase the size of the diff here
    by moving functions around.  As a result, some functions that
    now operate on nodes are now in the wrong file -- they should
    get moved to nodelist.c once this refactoring settles down.
    This moving should happen as part of a patch that moves
    functions AND NOTHING ELSE.

  * Some old code is now left around inside #if 0/1 blocks, and
    should get removed once I've verified that I don't want it
    sitting around to see how we used to do things.

There are still some unimplemented functions: these are flagged
with "UNIMPLEMENTED_NODELIST()."  I'll work on filling in the
implementation here, piece by piece.

I wish this patch could have been smaller, but there did not seem to
be any piece of it that was independent from the rest.  Moving flags
forces many functions that once returned routerinfo_t * to return
node_t *, which forces their friends to change, and so on.
2010-10-01 18:14:27 -04:00
Nick Mathewson
6dd7f85bc7 Try to make most routerstatus_t interfaces const 2010-10-01 18:14:27 -04:00
Nick Mathewson
d84d20cbb2 Try to make most routerinfo_t interfaces const 2010-10-01 18:14:27 -04:00
Nick Mathewson
fe309e7ad6 Implement a basic node and nodelist type
The node_t type is meant to serve two key functions:

  1) Abstracting difference between routerinfo_t and microdesc_t
     so that clients can use microdesc_t instead of routerinfo_t.

  2) Being a central place to hold mutable state about nodes
     formerly held in routerstatus_t and routerinfo_t.

This patch implements a nodelist type that holds a node for every
router that we would consider using.
2010-10-01 18:14:26 -04:00
Roger Dingledine
165aaf560a Merge branch 'maint-0.2.2' 2010-10-01 14:12:11 -04:00
Roger Dingledine
734ba2f937 fix comment 2010-10-01 14:11:08 -04:00
Roger Dingledine
6cb5383e56 log when we guess our ip address, not just when we fail 2010-10-01 13:32:38 -04:00
Nick Mathewson
495e630a49 Merge branch 'tor-fw-squashed2'
Conflicts:
	src/common/util.c
2010-09-30 16:22:39 -04:00
Nick Mathewson
d39e46c26d Merge remote branch 'origin/maint-0.2.2' 2010-09-30 15:30:14 -04:00
Steven Murdoch
a6dc00fa75 Start tor-fw-helper in the background, and log whatever it outputs 2010-09-30 11:40:37 -04:00
Nick Mathewson
3ad43ef75f Whitespace fixes on recent merges to master. 2010-09-30 01:36:36 -04:00
Sebastian Hahn
0702429cf7 Note an XXX about potential overflow 2010-09-30 06:24:01 +02:00
Sebastian Hahn
73def430e3 Use an upper and lower bound for bridge weights
When picking bridges (or other nodes without a consensus entry (and
thus no bandwidth weights)) we shouldn't just trust the node's
descriptor. So far we believed anything between 0 and 10MB/s, where 0
would mean that a node doesn't get any use from use unless it is our
only one, and 10MB/s would be a quite siginficant weight. To make this
situation better, we now believe weights in the range from 20kB/s to
100kB/s. This should allow new bridges to get use more quickly, and
means that it will be harder for bridges to see almost all our traffic.
2010-09-30 06:17:54 +02:00
Roger Dingledine
ea6ac0f0d1 Merge branch 'maint-0.2.2' 2010-09-30 00:10:14 -04:00
Roger Dingledine
d17fcad3ae Merge commit 'mikeperry/bug1772' into maint-0.2.2 2010-09-30 00:00:06 -04:00
Mike Perry
7eedd0f6bc Nominaly lower the minimum timeout value to 1500.
This won't change any behavior, since it will still be rounded back
up to 2seconds, but should reduce the chances of some extra warns.
2010-09-29 20:58:09 -07:00
Roger Dingledine
3cbe463e96 Merge branch 'bug1772' into maint-0.2.2 2010-09-29 23:52:18 -04:00
Roger Dingledine
f2aa8f08cb fix two casts 2010-09-29 23:51:25 -04:00
Mike Perry
c8f731fabb Comment network liveness and change detection behavior. 2010-09-29 19:35:40 -07:00
Roger Dingledine
ceb3d4d578 no measurement circs if not enough build times
In the first 100 circuits, our timeout_ms and close_ms
are the same. So we shouldn't transition circuits to purpose
CIRCUIT_PURPOSE_C_MEASURE_TIMEOUT, since they will just timeout again
next time we check.
2010-09-29 18:05:10 -04:00
Roger Dingledine
7f10707c42 refactor and recomment; no actual changes 2010-09-29 18:01:22 -04:00
Roger Dingledine
355fc63790 Merge branch 'maint-0.2.2' 2010-09-29 17:21:43 -04:00
Roger Dingledine
48cd096276 Merge commit 'mikeperry/bug1739' into maint-0.2.2 2010-09-29 17:17:59 -04:00
Roger Dingledine
474e4d2722 Merge commit 'mikeperry/bug1740' into maint-0.2.2 2010-09-29 17:05:38 -04:00
Mike Perry
4324bb1b21 Cap the circuit build timeout to the max time we've seen.
Also, cap the measurement timeout to 2X the max we've seen.
2010-09-29 11:49:43 -07:00
Mike Perry
11910cf5b3 Do away with the complexity of the network liveness detection.
We really should ignore any timeouts that have *no* network activity for their
entire measured lifetime, now that we have the 95th percentile measurement
changes. Usually this is up to a minute, even on fast connections.
2010-09-29 11:49:43 -07:00
Mike Perry
0744a175af Fix state checks on liveness handling.
If we really want all this complexity for these stages here, we need to handle
it better for people with large timeouts. It should probably go away, though.
2010-09-29 11:49:43 -07:00
Mike Perry
9a77743b7b Fix non-live condition checks.
Rechecking the timeout condition was foolish, because it is checked on the
same codepath. It was also wrong, because we didn't round.

Also, the liveness check itself should be <, and not <=, because we only have
1 second resolution.
2010-09-29 11:49:31 -07:00
Mike Perry
c5b5643965 Send control port events for timeouts.
We now differentiate between timeouts and cutoffs by the REASON string and
the PURPOSE string.
2010-09-29 11:46:36 -07:00
Mike Perry
5aa4564ab9 Only count timeout data for 3 hop circuits.
Use 4/3 of this timeout value for 4 hop circuits, and use half of it for
canabalized circuits.
2010-09-29 11:41:27 -07:00
Roger Dingledine
0ed8d5a537 allow countries and IP addresses in EntryNodes 2010-09-29 03:00:06 -04:00
Nick Mathewson
703eb087f5 Merge remote branch 'origin/maint-0.2.2' 2010-09-29 00:38:44 -04:00
Roger Dingledine
a58610a87e even more comment 2010-09-28 23:50:56 -04:00
Nick Mathewson
f3e8bc391a Remove the has_old_dnsworkers flag. 2010-09-28 23:37:45 -04:00
Roger Dingledine
512433346f improve code comments, based on comments from nick 2010-09-28 23:27:00 -04:00
Roger Dingledine
9997676802 handle ugly edge case in retrying entrynodes
Specifically, a circ attempt that we'd launched while the network was
down could timeout after we've marked our entrynodes up, marking them
back down again. The fix is to annotate as bad the OR conns that were
around before we did the retry, so if a circuit that's attached to them
times out we don't do anything about it.
2010-09-28 22:32:38 -04:00
Roger Dingledine
7de1caa33f Actually notice when our last entrynode goes down
Otherwise we'd never set have_minimum_dir_info to false, so the
"optimistic retry" would never trigger.
2010-09-28 21:59:31 -04:00
Roger Dingledine
bb22360bad optimistically retry EntryNodes on socks request
We used to mark all our known bridges up when they're all down and we
get a new socks request. Now do that when we've set EntryNodes too.
2010-09-28 19:10:23 -04:00
Roger Dingledine
8bac188572 remove a redundant assert 2010-09-28 19:10:22 -04:00
Roger Dingledine
127f37ad29 refactor; no actual changes 2010-09-28 19:10:22 -04:00
Roger Dingledine
8d1fe50284 Merge branch 'maint-0.2.2' 2010-09-28 18:42:04 -04:00
Roger Dingledine
09a715bb72 Merge branch 'maint-0.2.1' into maint-0.2.2 2010-09-28 18:37:55 -04:00
Roger Dingledine
339993b409 actually retry bridges when your network goes away 2010-09-28 18:36:15 -04:00
Nick Mathewson
73d93c033d Autodetect the number of CPUs when possible if NumCPUs==0
This is needed for IOCP, since telling the IOCP backend about all
your CPUs is a good idea.  It'll also come in handy with asn's
multithreaded crypto stuff, and for people who run servers without
reading the manual.
2010-09-28 14:42:21 -04:00
Nick Mathewson
c612ddee17 Add a new option to enable/disable IOCP support 2010-09-28 14:01:45 -04:00
Nick Mathewson
d6e255edbd Merge branch 'microdesc_dl_v2' 2010-09-28 00:46:01 -04:00
Roger Dingledine
f006f02ca4 Merge branch 'maint-0.2.2' 2010-09-27 18:33:12 -04:00
Roger Dingledine
a467bf5fbb a dir-spec entry for refuseunknownexits
plus quiet a log line
2010-09-27 18:32:09 -04:00
Nick Mathewson
d45b912058 Clean long-unlisted microdescs from the cache 2010-09-27 18:05:01 -04:00
Nick Mathewson
3a492d31d5 Download microdescriptors if you're a cache
This commit adds some functions to see what microdescriptors we're missing,
and adds fetch-microdesc/store-microdesc logic to the directory code.
2010-09-27 18:04:44 -04:00
Nick Mathewson
e34d0d3365 When updating routerdesc downloads, look specifically at the ns consensus
This will be needed when "get_live_consensus" potentially returns a
microdesc consensus.
2010-09-27 18:04:44 -04:00
Nick Mathewson
9f5b752e4f Actually parse the m lines from a microdesc consensus 2010-09-27 18:04:44 -04:00
Nick Mathewson
4e0f7f4ffc Code to download, parse, and store microdesc consensuses 2010-09-27 18:04:43 -04:00
Nick Mathewson
4bfc64ba1c New function to grab a directory connection fetching a resource
We need this to tell if a given consensus flavor is being downloaded
or not.
2010-09-27 18:04:43 -04:00
Nick Mathewson
af7fab020a Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	src/or/config.c
2010-09-27 17:52:20 -04:00
Roger Dingledine
9d7f0badb5 changelog entry for bug1751 2010-09-27 17:44:00 -04:00
Nick Mathewson
614eeb378b Merge remote branch 'sebastian/bug1964' into maint-0.2.2 2010-09-27 17:26:32 -04:00
Sebastian Hahn
c951830002 Fix a bridge segfault
When we enabled support to change statistic options without restarting
Tor we forgot to initialize geoip_countries. Fix that.
2010-09-27 23:19:25 +02:00
Nick Mathewson
c97072ef34 Merge branch 'bug1751_enabling' into maint-0.2.2 2010-09-27 17:08:03 -04:00
Nick Mathewson
6c5b9ba625 Change bug1751 enabling code based on comments from arma 2010-09-27 17:07:22 -04:00
Nick Mathewson
5c83c06c98 Merge branch 'bufferevent5' 2010-09-27 16:48:25 -04:00
Nick Mathewson
6950749c0a Make the bufferevent code use the renegotiation-reenabling hack 2010-09-27 16:07:14 -04:00
Nick Mathewson
e385961542 Merge remote branch 'public/bug1954' into maint-0.2.2 2010-09-27 15:39:40 -04:00
Nick Mathewson
c93cceb919 note that libevent does not have an an easy way to reset buckets atm 2010-09-27 14:22:18 -04:00
Nick Mathewson
b49cf6a77a Fix whitespace in bufferevents branch 2010-09-27 14:22:18 -04:00
Nick Mathewson
a16ed90ec8 Document and/or fix stuff found by Sebastian in code review
Thanks to Sebastian for his code-review of the bufferevents patch series.x
2010-09-27 14:22:18 -04:00
Sebastian Hahn
865bea3b89 Some bufferevents related fixes and pointers for nickm 2010-09-27 14:22:18 -04:00
Nick Mathewson
beb52352f2 Fix build with automake 1.6
automake 1.6 doesn't like using a conditional += to add stuff to foo_LDADD.
Instead you need to conditionally define a variable, then non-conditionally
put that variable in foo_LDADD.
2010-09-27 14:22:18 -04:00
Nick Mathewson
ffd5070b04 Convert bufferevents to use rate-limiting.
This requires the latest Git version of Libevent as of 24 March 2010.
In the future, we'll just say it requires Libevent 2.0.5-alpha or
later.

Since Libevent doesn't yet support hierarchical rate limit groups,
there isn't yet support for tracking relayed-bytes separately when
using the bufferevent system.  If a future version does add support
for hierarchical buckets, we can add that back in.
2010-09-27 14:22:18 -04:00
Nick Mathewson
98ec959c9c Fix a couple of bufferevent incompatibilities that snuck in. 2010-09-27 14:22:18 -04:00
Nick Mathewson
0c9b64d449 Get zlib compression working with bufferevents. 2010-09-27 14:22:11 -04:00
Nick Mathewson
9796b9bfa6 Implement SOCKS-client support for bufferevents 2010-09-27 12:31:14 -04:00
Nick Mathewson
c74a4ab515 Documentation for a few bufferevent functions. 2010-09-27 12:31:14 -04:00
Nick Mathewson
bd3612cd2b Get SSL connections and linked connections working with bufferevents.
Clients are now verified to work and build circuits correctly.  There
are still a few warnings given here and there that I need to look into.
2010-09-27 12:31:14 -04:00
Nick Mathewson
fc4ddafab8 Make control connections use bufferevents 2010-09-27 12:31:14 -04:00
Nick Mathewson
84bb5d573c Fix crash/warning bug when we get an unexpected close.
This was possible if we have already decided to close a bufferevent
connection, but the other side decides to close it first.
2010-09-27 12:31:13 -04:00
Nick Mathewson
44375d4eb8 Add a 0-pullup version of fetch_from_evbuffer_socks 2010-09-27 12:31:13 -04:00
Nick Mathewson
f6899f3a74 Documentation for inspect_evbuffer 2010-09-27 12:31:13 -04:00
Nick Mathewson
698085d56e Add pullup-free version of fetch_from_evbuffer_http 2010-09-27 12:31:13 -04:00
Nick Mathewson
4af6887d20 Add support for linked connections with bufferevent_pair.
Also, set directory connections (linked and otherwise) to use bufferevents.

Also, stop using outbuf_flushlen anywhere except for OR connections.
2010-09-27 12:31:13 -04:00
Nick Mathewson
b63f6518cb Add bufferevent support for outgoing connections; exits are now supported. 2010-09-27 12:31:13 -04:00
Nick Mathewson
ddcb59bb70 Fix more remaining users of inbuf/outbuf to handle bufferevents instead. 2010-09-27 12:31:13 -04:00
Nick Mathewson
5279036148 Be a little more abstract about which connection type use bufferevents 2010-09-27 12:31:13 -04:00
Nick Mathewson
9f8027abfd Make a function to mark a connection and set hold_open_until_flushed. 2010-09-27 12:31:13 -04:00
Nick Mathewson
d830eb366a Allow hold-open-until-flushed logic to work for bufferevents. 2010-09-27 12:29:43 -04:00
Nick Mathewson
ec10c044fb Move the "stop writing when the buffer is empty" logic to cnnection_finished_flushing 2010-09-27 12:29:43 -04:00
Nick Mathewson
63079efb87 Add a fetch_from_evbuffer_http 2010-09-27 12:29:42 -04:00
Nick Mathewson
73feedb8b3 Have edge connections use fetch_from_evbuffer_socks when appropriate. 2010-09-27 12:29:42 -04:00
Nick Mathewson
c6e22ae2b7 Basic bufferevent callbacks
These are based strongly on connection_handle_read and
connection_handle_write, but hopefully without so much mixture of IO
logic and Tor logic.
2010-09-27 12:29:42 -04:00
Nick Mathewson
a0f4841e2b Refactor SOCKS parsing code to handle evbuffers.
Now all of the logic is in a parse_socks() function that gets data
from a buf_t or evbuffer-specific wrapper.
2010-09-27 12:29:42 -04:00
Nick Mathewson
4836014168 Clone fetch_var_cell_from_buf() for evbuffers. 2010-09-27 12:28:43 -04:00
Nick Mathewson
0514917800 Add a new connection_fetch_from_buf_line() that can handle bufferevents 2010-09-27 12:28:43 -04:00
Nick Mathewson
5448501479 New bufferevent-related check in assert_connection_ok().
{Make sure that if we have a bufferevent on a connection, we do not have the
other libevent/buffering-related fields set.}
2010-09-27 12:28:43 -04:00
Nick Mathewson
076025476a Add bufferevent versions of connection_write/fetch_to/from_buf. 2010-09-27 12:28:43 -04:00
Nick Mathewson
200921dc31 Refactor users of buf_datalen to bufferevent-friendly version. 2010-09-27 12:28:43 -04:00
Nick Mathewson
57e7b54b7b Teach read_event/write_event manipulators about bufferevents.
Add an --enable-bufferevents config switch.
2010-09-27 12:28:43 -04:00
Nick Mathewson
94aac84a71 Remove never-actually-finished code to use readv and writev for IO.
We'll get this feature for free with bufferevents, so there's no good reason
to clone it in Tor.
2010-09-27 12:28:43 -04:00
Nick Mathewson
24a45f54d2 Merge branch 'bug1805' into maint-0.2.2 2010-09-27 12:25:32 -04:00
Nick Mathewson
9c8fb75edf Clean up some bug1805 comments based on arma's feedback 2010-09-27 12:23:49 -04:00
Mike Perry
0ff86042ac Implement new Wxx constraints.
Cases 1 and 3b are provably correct. Case 2b has a fallback to first try to
maximize entropy.
2010-09-27 08:53:41 -07:00
Nick Mathewson
d073d7d4eb Consistency issues in load_windows_system_library patch. Thanks Sebastian 2010-09-24 14:16:55 -04:00
Nick Mathewson
9b49a89430 Merge branch 'bug1511' 2010-09-23 23:16:25 -04:00
Nick Mathewson
c9cb4f0a0e Rename has_completed_circuit to can_complete_circuit
Also redocument it.  Related to #1362.
2010-09-22 01:52:57 -04:00
Nick Mathewson
31f22505a6 Merge remote branch 'arma/bug1362' 2010-09-22 01:45:57 -04:00
Nick Mathewson
4ef9ccc883 Changes to bug1959_part1 on review from arma.
Significant one: we want to say "not enough entry nodes descriptors, so we
can't build circuits" only when we have 0 descriptors.
2010-09-22 01:30:23 -04:00
Nick Mathewson
49c177437b Make our min-info check also check for entry node presence
Part of a fix for bug1959
2010-09-21 15:17:40 -04:00
Nick Mathewson
52db5c2539 Even more accurate handling for shifting accounting intervals
Roger correctly pointed out that my code was broken for accounting
periods that shifted forwards, since
start_of_accounting_period_containing(interval_start_time) would not
be equal to interval_start_time, but potentially much earlier.
2010-09-21 14:59:43 -04:00
Nick Mathewson
aa7f55c45f Use load_windows_system_library in place of LoadLibrary 2010-09-21 14:40:10 -04:00
Nick Mathewson
e476ffc2ba Merge branch 'bug1789' 2010-09-21 14:29:59 -04:00
Nick Mathewson
9cba61eb8c Bug1789 cleanups suggested by arma
The significant one is that we look at RelayBandwidthRate if it is set.
2010-09-21 14:02:04 -04:00
Roger Dingledine
fe42f10954 log when we finish a circuit after being offline 2010-09-21 02:16:43 -04:00
Nick Mathewson
ef5925237d First cut of code to enable RefuseUnknownExits
The RefuseUnknownExits config option is now a tristate, with "1"
meaning "enable it no matter what the consensus says", "0" meaning
"disable it no matter what the consensus says", and "auto" meaning "do
what the consensus says".  If the consensus is silent, we enable
RefuseUnknownExits.

This patch also changes the dirserv logic so that refuseunknownexits
won't make us cache unless we're an exit.
2010-09-21 01:03:29 -04:00
Nick Mathewson
5a55662a6b Merge branch 'bug1956' 2010-09-21 00:07:45 -04:00
Roger Dingledine
47b23bd03e A start at a patch for bug 1943 (alignment issues) 2010-09-20 18:40:32 -04:00
Nick Mathewson
1411842933 Count unknown authorities as unknown only once, not once per signature.
Do not double-report signatures from unrecognized authorities both as
"from unknown authority" and "not present".  Fixes bug 1956, bugfix on
0.2.2.16-alpha.
2010-09-20 13:33:57 -04:00
Sebastian Hahn
ff5ffd1776 Attempt to fix compilation on Windows
Our attempt to make compilation work on old versions of Windows
again while keeping wince compatibility broke the build for Win2k+.
helix reports this patch fixes the issue for WinXP. Bugfix on
0.2.2.15-alpha; related to bug 1797.
2010-09-19 13:39:30 +02:00
Nick Mathewson
01c6b01137 I hear we are close to a release. Clean up the whitespace. 2010-09-16 15:44:14 -04:00
Nick Mathewson
c009c9da01 Merge remote branch 'sebastian/bug1921' 2010-09-16 10:52:43 -04:00
Roger Dingledine
0ac67bf3c3 perconnbwrate and perconnbwburst consensus params 2010-09-16 00:17:39 -04:00
Sebastian Hahn
4f1e36ca1d Demote a warn when enabling CellStatistics
When the CellStatistics option is off, we don't store cell insertion
times. Doing so would also not be very smart, because there seem to
still be some performance issues with this type of statistics. Nothing
harmful happens when we don't have insertion times, so we don't need to
alarm the user.
2010-09-16 01:13:51 +02:00
Nick Mathewson
144d92d538 finish a comment, lower a variable 2010-09-15 15:41:32 -04:00
Sebastian Hahn
bc081c254a How many seconds until != timestamp of that date 2010-09-15 21:13:17 +02:00
Nick Mathewson
c18bcc8a55 Merge branch 'bug1184' 2010-09-15 14:20:28 -04:00
Nick Mathewson
87f18c9578 Never queue a cell on a marked circuit 2010-09-15 13:06:54 -04:00
Nick Mathewson
6d8fc4eb38 Add a simple integer-ceiling-division macro before we get it wrong 2010-09-14 22:32:36 -04:00
Nick Mathewson
60e3def3ed Merge branch 'bug1899' 2010-09-14 22:19:25 -04:00
Nick Mathewson
e2b71d8841 Merge branch 'bug911' 2010-09-14 22:19:22 -04:00
Nick Mathewson
f5b7e039f3 Extract the "do these routers have the same addr:orport" logic into a fn 2010-09-14 22:19:00 -04:00
Nick Mathewson
d9e0550560 Tweak some issues found by arma in bug911 review. 2010-09-14 22:10:32 -04:00
Nick Mathewson
a445daf0cf Merge remote branch 'sebastian/bug1776_v3' 2010-09-14 13:50:28 -04:00
Nick Mathewson
424ca963ad Make circuit_resume_edge_reading_helper treat streams more fairly.
Previously[*], the function would start with the first stream on the
circuit, and let it package as many cells as it wanted before
proceeding to the next stream in turn.  If a circuit had many live
streams that all wanted to package data, the oldest would get
preference, and the newest would get ignored.

Now, we figure out how many cells we're willing to send per stream,
and try to allocate them fairly.

Roger diagnosed this in the comments for bug 1298.

[*] This bug has existed since before the first-ever public release
    of Tor.  It was added by r152 of Tor on 26 Jan 2003, which was
    the first commit to implement streams (then called "topics").

    This is not the oldest bug to be fixed in 0.2.2.x: that honor
    goes to the windowing bug in r54, which got fixed in e50b7768 by
    Roger with diagnosis by Karsten.  This is, however, the most
    long-lived bug to be fixed in 0.2.2.x: the r54 bug was fixed
    2580 days after it was introduced, whereas I am writing this
    commit message 2787 days after r152.
2010-09-13 18:59:50 -04:00
Nick Mathewson
b582eb32b8 Add a max_cells arg to connection_edge_process_raw_inbuf
I'm going to use this to implement more fairness in
circuit_resume_edge_reading_helper in an attempt to fix bug 1298.

(Updated with fixes from arma and Sebastian)
2010-09-13 18:59:42 -04:00
Nick Mathewson
61b7e36312 Fix function declaration linebreaks at start of relay.c 2010-09-13 17:38:11 -04:00
Nick Mathewson
13f684b573 Merge remote branch 'public/pretty-signature-log' 2010-09-13 15:56:46 -04:00
Nick Mathewson
286f407cd2 Merge remote branch 'sebastian/bug1525' 2010-09-13 01:36:31 -04:00
Nick Mathewson
126832a3f7 Merge branch 'bug1138' 2010-09-12 21:41:45 -04:00
Nick Mathewson
cc0efa8084 Make authorities download consensuses if appropriate
An authority should never download a consensus if it has a live one,
but when it doesn't, it should admit that it's not going to get one,
and see if anybody else can give it one.

Fixes 1300, fix on 0.2.0.9-alpha
2010-09-12 21:41:15 -04:00
Nick Mathewson
5634e03302 Clean up a couple more bug1138 issues mentioned by roger on code review 2010-09-12 21:12:17 -04:00
Robert Hogan
22ab997e83 Handle null conn->requested_resource rather than assert
Per arma's comments in bug1138
2010-09-12 14:10:16 +01:00
Roger Dingledine
b4942e3435 fix regression introduced by 1a65bdd2
noticed while reviewing hoganrobert/bug1138
2010-09-12 00:20:00 -04:00
Nick Mathewson
fca222f0ce be more consistent in using streamid_t 2010-09-08 10:53:19 -04:00
Nick Mathewson
aa42f941dc Merge branch 'bug1653' 2010-09-08 10:49:24 -04:00
Nick Mathewson
669fd05ed8 Merge remote branch 'origin/maint-0.2.1' 2010-09-08 10:28:41 -04:00
Nick Mathewson
2bc82324d5 Remove a needless keep_open_until_flushed 2010-09-08 10:23:29 -04:00
Sebastian Hahn
303beead53 Kill warn when picking bridges without bw weight
Bridges and other relays not included in the consensus don't
necessarily have a non-zero bandwidth capacity. If all our
configured bridges had a zero bw capacity we would warn the
user. Change that.
2010-09-06 18:44:11 +02:00
Nick Mathewson
edc9256e95 Merge remote branch 'public/win_unicode_fixes' 2010-09-06 10:06:07 -04:00
Nick Mathewson
2920d88667 Base our expected bw accounting usage on time before soft limit
Previously, we were also considering the time spent in
soft-hibernation.  If this was a long time, we would wind up
underestimating our bandwidth by a lot, and skewing our wakeup time
towards the start of the accounting interval.

This patch also makes us store a few more fields in the state file,
including the time at which we entered soft hibernation.

Fixes bug 1789.  Bugfix on 0.0.9pre5.
2010-09-03 14:29:17 -04:00
Nick Mathewson
d0acaac781 Use a more sophisticated soft-hibernation-limit calculation
This should help address bug 1789.
2010-09-03 14:09:55 -04:00
Nick Mathewson
17ebddbbdc Remove an obsolete comment from hibernate.c 2010-09-03 14:09:55 -04:00
Nick Mathewson
80b3de8753 Tolerate a little skew in accounting intervals.
This will make changes for DST still work, and avoid double-spending
bytes when there are slight changes to configurations.

Fixes bug 1511; the DST issue is a bugfix on 0.0.9pre5.
2010-09-03 12:19:17 -04:00
Nick Mathewson
4d2e9974f9 Close a non-open OR connection *only* after KeepalivePeriod.
When we introduced the code to close non-open OR connections after
KeepalivePeriod had passed, we replaced some code that said
    if (!connection_is_open(conn)) {
     /* let it keep handshaking forever */
    } else if (do other tests here) {
      ...
with new code that said
    if (!connection_is_open(conn) && past_keepalive) {
     /* let it keep handshaking forever */
    } else if (do other tests here) {
      ...

This was a mistake, since it made all the other tests start applying
to non-open connections, thus causing bug 1840, where non-open
connections get closed way early.

Fixes bug 1840.  Bugfix on 0.2.1.26 (commit 67b38d50).
2010-09-03 11:32:35 -04:00
Nick Mathewson
b2473357f2 Launch reachability tests for routers whose IP or ORPort change
Implements #1899, suggested by Sebastian.  Depends on #911 fix.
2010-09-03 10:53:29 -04:00
Nick Mathewson
296a7d8388 Fix a missing stream_id argument; found by "tracktor" 2010-09-03 10:26:50 -04:00
Robert Hogan
5799cdd9d3 Nick points out:
tor_assert(!conn->_base.purpose == DIR_PURPOSE_FETCH_EXTRAINFO)
!=
tor_assert(conn->_base.purpose != DIR_PURPOSE_FETCH_EXTRAINFO)
!!
2010-09-02 22:17:43 +01:00
Robert Hogan
2086588efe Amend per Sebastian's comments:
- Move checks for extra_info to callers
 - Change argument name from failed to descs
 - Use strlen("fp/") instead of a magic number
 - I passed on the suggestion to rename functions from *_failed() to
   *_handle_failure(). There are a lot of these so for now just follow
   the house style.
2010-09-02 22:17:27 +01:00
Nick Mathewson
bfa1962d80 Complicate the rules on WARN vs INFO in consensus verification
It's normal when bootstrapping to have a lot of different certs
missing, so we don't want missing certs to make us warn... unless
the certs we're missing are ones that we've tried to fetch a couple
of times and failed at.

May fix bug 1145.
2010-09-02 16:46:03 -04:00
Nick Mathewson
f89323afda Fix behavior of adding a cell to a blocked queue.
We frequently add cells to stream-blocked queues for valid reasons
that don't mean we need to block streams.  The most obvious reason
is if the cell arrives over a circuit rather than from an edge: we
don't block circuits, no matter how full queues get.  The next most
obvious reason is that we allow CONNECTED cells from a newly created
stream to get delivered just fine.

This patch changes the behavior so that we only iterate over the
streams on a circuit when the cell in question came from a stream,
and we only block the stream that generated the cell, so that other
streams can still get their CONNECTEDs in.
2010-09-02 15:26:17 -04:00
Nick Mathewson
2081740317 Merge branch 'ratelim' 2010-08-31 12:59:36 -04:00
Nick Mathewson
285addbd94 Fix some issues in rate-limiting noticed by Sebastian 2010-08-31 12:52:11 -04:00
Sebastian Hahn
2af6aadfe9 Fix a compile warning on OpenBSD 2010-08-22 13:58:23 +02:00
Sebastian Hahn
33ae3f4b5c Allow clients to use relays as bridges 2010-08-20 23:45:00 +02:00
Nick Mathewson
c0c7868250 Make the windows build succeed with or without -DUNICODE enabled.
This should keep WinCE working (unicode always-on) and get Win98
working again (unicode never-on).

There are two places where we explicitly use ASCII-only APIs, still:
in ntmain.c and in the unit tests.

This patch also fixes a bug in windoes tor_listdir that would cause
the first file to be listed an arbitrary number of times that was
also introduced with WinCE support.

Should fix bug 1797.
2010-08-20 13:40:01 -04:00
Sebastian Hahn
219f7415d1 Warn for bad combination of cookie options
Setting CookieAuthFileGroupReadable but without setting CookieAuthFile makes
no sense, because unix directory permissions for the data directory prevent
the group from accessing the file anyways.
2010-08-20 02:45:10 +02:00
Nick Mathewson
69deb22f34 Fix up compilation on windows. 2010-08-19 14:59:44 -04:00
Nick Mathewson
6f9f1f3324 Make the "2 unknown, 7 missing key..." messages easier to understand
This patch should fix the cases we care about for bugs 1290 and 1145.

     "30-56-99 are correct. Limited 4 and 8 are missing".
2010-08-19 11:13:35 -04:00
Roger Dingledine
c1260cb6ec delay geoip stats even more for relays-turned-bridges 2010-08-18 16:12:44 -04:00
Nick Mathewson
ba9c1275c4 Add a generic rate-limited log mechanism, and use it in a few places
Incidentally fixes bug 1042.
2010-08-18 15:55:49 -04:00
Nick Mathewson
8782dcf6a2 Detect if we try to put a cell onto a supposedly blocked cell queue.
When this happens, run through the streams on the circuit and make
sure they're all blocked.  If some aren't, that's a bug: block them
all and log it!  If they all are, where did the cell come from?  Log
it!

(I suspect that this actually happens pretty frequently, so I'm making
these log messages appear at INFO.)
2010-08-18 14:33:41 -04:00
Nick Mathewson
80391b88a5 Decide whether to ignore SENDMEs based on streams_blocked, not queue size 2010-08-18 14:33:41 -04:00
yetonetime
4dd3245abb Avoid over-filling cell queues when we receive a SENDME
Do not start reading on exit streams when we get a SENDME unless we
have space in the appropriate circuit's cell queue.

Draft fix for bug 1653.

(commit message by nickm)
2010-08-18 14:33:37 -04:00
Nick Mathewson
8c528bc320 Merge commit 'origin/maint-0.2.1'
Conflicts:
	src/or/reasons.c
2010-08-18 13:48:39 -04:00
Nick Mathewson
5926d9cfcc Move code for launching tests out of router_add_to_routerlist()
router_add_to_routerlist() is supposed to be a nice minimal function
that only touches the routerlist structures, but it included a call to
dirserv_single_reachability_test().

We have a function that gets called _after_ adding descriptors
successfully: routerlist_descriptors_added.  This patch moves the
responsibility for testing there.

Because the decision of whether to test or not depends on whether
there was an old routerinfo for this router or not, we have to first
detect whether we _will_ want to run the tests if the router is added.
We make this the job of
routers_update_status_from_consensus_networkstatus().

Finally, this patch makes the code notice if a router is going from
hibernating to non-hibernating, and if so causes a reachability test
to get launched.
2010-08-18 13:36:09 -04:00
Nick Mathewson
23fdf0b30f Allow some skew in checking when a router said it was hibernating
This solves the problem Roger noted as:
   What if the router has a clock that's 5 minutes off, so it
   publishes a descriptor for 5 minutes in the future, and we test it
   three minutes in. In this edge case, we will continue to advertise
   it as Running for the full 45 minute period.
2010-08-18 11:40:22 -04:00
Nick Mathewson
a4c5287e1b Clarify AssumeReachable semantics wrt hibernation 2010-08-18 11:31:19 -04:00
Nick Mathewson
5063a1c538 Add some braces to make arma happy 2010-08-18 11:28:51 -04:00
Sebastian Hahn
78e4aa63fb Backport END_STREAM_REASON_NOROUTE for client use.
(Partial backport of 150ed553df, 161b275028, and 4c948ffd6.)
2010-08-18 11:12:32 -04:00
Nick Mathewson
a509dbba50 Merge commit 'karsten/dirbytes2'
Conflicts:
	src/or/rephist.h
2010-08-18 10:06:14 -04:00
Karsten Loesing
58b6195455 Correctly report written bytes on linked connections. 2010-08-18 13:54:41 +02:00
Karsten Loesing
db94b7f46e Count bytes we spend on answering directory requests. 2010-08-18 13:54:41 +02:00
Sebastian Hahn
d5c83f2014 Remove unused function declarations
Also remove some #if 0'd code from the unit tests for buffers. The
code was killed in e6794e5808 (5 years
ago), and is now broken anyways.
2010-08-17 23:49:39 +02:00
Nick Mathewson
5ffe105598 Merge branch 'maint-0.2.1'
Resolved conflict in
	src/or/networkstatus.c
2010-08-17 12:07:19 -04:00
Nick Mathewson
6f58481335 Scale CONSENSUS_MIN_SECONDS_BEFORE_CACHING by voting interval
If the voting interval was short enough, the two-minutes delay
of CONSENSUS_MIN_SECONDS_BEFORE_CACHING would confuse bridges
to the point where they would assert before downloading a consensus.
It it was even shorter (<4 minutes, I think), caches would
assert too.  This patch fixes that by having replacing the
two-minutes value with MIN(2 minutes, interval/16).

Bugfix for 1141; the cache bug could occur since 0.2.0.8-alpha, so
I'm calling this a bugfix on that.  Robert Hogan diagnosed this.
Done as a patch against maint-0.2.1, since it makes it hard to
run some kinds of testing networks.
2010-08-17 11:55:39 -04:00
Robert Hogan
d6744d611f Fall back to direct descriptor request to bridges when
requests to authorities fail due to a network error.

Bug#1138
"When a Tor client starts up using a bridge, and UpdateBridgesFromAuthority
is set, Tor will go to the authority first and look up the bridge by
fingerprint. If the bridge authority is filtered, Tor will never notice that
the bridge authority lookup failed. So it will never fall back."

Add connection_dir_bridge_routerdesc_failed(), a function for unpacking
the bridge information from a failed request, and ensure
connection_dir_request_failed() calls it if the failed request
was for a bridge descriptor.

Test:

1. for ip in `grep -iR 'router ' cached-descriptors|cut -d ' ' -f 3`;
do sudo iptables -A OUTPUT -p tcp -d $ip -j DROP; done
2. remove all files from user tor directory
3. Put the following in torrc:

UseBridges 1
UpdateBridgesFromAuthority 1
Bridge 85.108.88.19:443 7E1B28DB47C175392A0E8E4A287C7CB8686575B7

4. Launch tor - it should fall back to downloading descriptors
   directly from the bridge.

Initial patch reviewed and corrected by mingw-san.
2010-08-16 21:15:49 +01:00
Nick Mathewson
bf8d66364f Merge commit 'public/warn1125' 2010-08-16 00:27:05 -04:00
Karsten Loesing
15379a7254 Fix compilation with --with-dmalloc
Fixes 1832; bugfix on 0.2.2.6-alpha
2010-08-16 00:14:06 -04:00
Roger Dingledine
4c948ffd6c 161b2750 didn't really retry the stream. this does. 2010-08-16 00:04:49 -04:00
Nick Mathewson
b51f1a64e4 Make Sebastian's bug1831 branch build with --enable-gcc-warnings 2010-08-15 23:46:09 -04:00
Nick Mathewson
a856f446c7 Merge commit 'sebastian/bug1831' 2010-08-15 23:43:36 -04:00
Nick Mathewson
6a77bde8d8 Make Sebastian's misc-reasons branch compile; frob the changes file 2010-08-15 21:32:06 -04:00
Nick Mathewson
9bcea4a8ef Merge commit 'sebastian/misc-reason' 2010-08-15 21:27:32 -04:00
Nick Mathewson
8351881b2e Merge commit 'karsten/stats-tests' 2010-08-15 20:49:37 -04:00
Sebastian Hahn
561ca9b987 Fix misplaced labels 2010-08-16 00:46:44 +02:00
Sebastian Hahn
b2dcff5766 Fix a memory leak in dirvote_compute_consensuses() 2010-08-16 00:46:44 +02:00
Sebastian Hahn
527581194c Fix a memory leak
It happened in dirvote_add_signatures_to_pending_consesus().
2010-08-16 00:46:42 +02:00
Sebastian Hahn
4c49d3c27e Refactor circuit_build_times_parse_state
Remove the msg parameter to pass an error message out. This
wasn't needed and made it harder to detect a memory leak.
2010-08-16 00:45:32 +02:00
Sebastian Hahn
70f0ba1495 Fix a memory leak in circuit_build_times_parse_state
Thanks weasel for noticing.
2010-08-16 00:33:29 +02:00
Karsten Loesing
69545efbaf Give rep_hist_exit_stats_history() a better name. 2010-08-15 14:15:58 +02:00
Karsten Loesing
3d77c67d93 Fix memory leak spotted by Nick. 2010-08-15 13:34:57 +02:00
Roger Dingledine
8d588e7b1a reinit per-conn token buckets on config or consensus change 2010-08-15 04:01:42 -04:00
Roger Dingledine
2bc1842aaa factor out rate/burst setting. no actual changes. 2010-08-15 02:27:07 -04:00
Roger Dingledine
a207d9db4c fix another piece of 1741 2010-08-14 04:22:08 -04:00
Roger Dingledine
e50857b67f changes entry for bug 1741 2010-08-13 20:50:51 -04:00
Mike Perry
5b0c0e1f89 Add check for CIRCUIT_PURPOSE_S_REND_JOINED.
These circuits stick around much longer than others on the server side for
performance reasons. Their lifetime is controlled by the client.
2010-08-13 20:46:33 -04:00
Roger Dingledine
b1a5888553 fix a memory leak introduced by df1ef2f0f0 2010-08-13 17:30:50 -04:00
Roger Dingledine
1ac1f048ef minor formatting / comment fixes 2010-08-13 17:18:45 -04:00
Karsten Loesing
acd25558b8 Refactor exit port statistics code and add unit tests. 2010-08-11 16:19:54 +02:00
Roger Dingledine
45c6b5de17 tiny change i found in my other sandbox 2010-08-11 01:48:29 -04:00
Nick Mathewson
8150e2ad24 Make buf_shrink_freelists warn, not crash, when n_to_skip is too high
This mitigates bug 1125, but doesn't fix its root cause (whatever
that is).
2010-08-10 15:58:41 -04:00
Roger Dingledine
0087a37bed tiny changes i found in my sandbox 2010-08-09 18:50:49 -04:00
Sebastian Hahn
162c8847de Update some documentation for the bug 1525 fix 2010-08-08 15:20:24 +02:00
Robert Hogan
462568674a Ensure controller RESOLVE commands respect __LeaveStreamsUnattached
https://trac.torproject.org/projects/tor/ticket/1525

"The codepath taken by the control port "RESOLVE" command to create a
synthetic SOCKS resolve request isn't the same as the path taken by
a real SOCKS request from 'tor-resolve'.
This prevents controllers who set LeaveStreamsUnattached=1 from
being able to attach RESOLVE streams to circuits of their choosing."

Create a new function connection_ap_rewrite_and_attach_if_allowed()
and call that when Tor needs to attach a stream to a circuit but
needs to know if the controller permits it.

No tests added.
2010-08-08 12:37:59 +01:00
Karsten Loesing
83626ec91c Move exit-stats code to the end of rephist.c. 2010-08-05 13:05:33 +02:00
Sebastian Hahn
d365bc965d Only delay counting bridge users if we were a relay before 2010-08-05 13:05:32 +02:00
Karsten Loesing
166c2f4d92 Allow enabling or disabling *Statistics while Tor is running.
With this patch we stop scheduling when we should write statistics using a
single timestamp in run_scheduled_events(). Instead, we remember when a
statistics interval starts separately for each statistic type in geoip.c
and rephist.c. Every time run_scheduled_events() tries to write stats to
disk, it learns when it should schedule the next such attempt.

This patch also enables all statistics to be stopped and restarted at a
later time.

This patch comes with a few refactorings, some of which were not easily
doable without the patch.
2010-08-05 13:05:25 +02:00
Sebastian Hahn
161b275028 Retry streams that ended with NOROUTE error
Also add the NOROUTE reason to control-spec.
2010-08-04 00:51:39 +02:00
Sebastian Hahn
150ed553df Introduce END_STREAM_REASON_NOROUTE 2010-08-03 16:46:28 +02:00
Sebastian Hahn
b8aa14a39b Handle EHOSTUNREACH in errno_to_stream_end_reason()
We used to not recognize it and returned END_STREAM_REASON_MISC.
Instead, return END_STREAM_REASON_INTERNAL.
2010-08-03 14:03:36 +02:00
Sebastian Hahn
ddf5020ea8 Fix 'make distcheck'
We were leaving doc/config.log and src/or/micro-revision.i in
place during a make clean. Fix that.
2010-08-03 00:48:59 +02:00
Nick Mathewson
9265190b16 Merge branch 'bug1384' 2010-08-02 12:53:52 -04:00
Sebastian Hahn
a9d055c5c5 Fix a compile warning on OS X 10.6
Also update the changes file to contain a note on which bug was
fixed by this.
2010-08-02 18:45:17 +02:00
Chris Ball
73a4c0690e Bug #919: Don't rebind ports if we receive SIGHUP while hibernating. 2010-08-02 12:14:01 -04:00
Chris Ball
9ffa977981 Bug #928: Disallow BridgeRelay 1 and ORPort 0 configuration 2010-08-02 12:04:04 -04:00
Chris Ball
600ba86f4a Bug #1107: Complain if PublishServerDescriptor receives 0 or 1 in a list
0 or 1 should only be passed as the sole argument. Warn for now, reject
in 0.2.3.x.
2010-08-02 12:02:06 -04:00
Nick Mathewson
fbfaa7bbc4 Merge commit 'sebastian/bug1776_v2' 2010-08-02 11:32:49 -04:00
Nick Mathewson
4504640b10 Merge branch 'bug1094_v2' 2010-08-02 11:11:02 -04:00
Chris Ball
1470eb2e91 Bug #1222: Clarify new circuit after sleep notice
("Application request when we're believed to be offline." ->
 "Application request when we haven't used client functionality lately.")
2010-07-31 16:58:49 -04:00
Nick Mathewson
fac272da31 If a router is hibernating, never vote that it is Running.
Also, clean up and comment some of the logic in
dirserv_set_router_is_running.
2010-07-31 16:33:45 -04:00
Nick Mathewson
b175c584d5 Set up the geoip country table right even if not called normally 2010-07-31 15:21:08 -04:00
Nick Mathewson
4dd4d240b7 Move the "nowhereland" logic into geoip.c 2010-07-31 15:21:00 -04:00
Nick Mathewson
8fca6fb2aa Make "Nowhere" explicitly listable in torrc.
We already had the country code ?? indicating an unknown country, so all we
needed to do to make unknown countries excludable was to make the ?? code
discoverable.
2010-07-31 15:00:06 -04:00
Nick Mathewson
39378bf182 Warn when encounter the same (non-list) option twice in the same place
It's okay to get (say) a SocksPort line in the torrc, and then a
SocksPort on the command line to override it, and then a SocksPort via
a controller to override *that*.  But if there are two occurrences of
SocksPort in the torrc, or on the command line, or in a single SETCONF
command, then the user is likely confused.  Our old code would not
help unconfuse the user, but would instead silently ignore all but
the last occurrence.

This patch changes the behavior so that if the some option is passed
more than once to any torrc, command line, or SETCONF (each of which
coincidentally corresponds to a call to config_assign()), and the
option is not a type that allows multiple occurrences (LINELIST or
LINELIST_X), then we can warn the user.

This closes trac entry 1384.
2010-07-31 13:16:48 -04:00
Sebastian Hahn
9ca311f622 Allow using regular relays as bridges 2010-07-31 10:24:24 +02:00
Nick Mathewson
6f45101327 Clear cell queues when marking or truncating a circuit.
At best, this patch helps us avoid sending queued relayed cells that
would get ignored during the time between when a destroy cell is
sent and when the circuit is finally freed.  At worst, it lets us
release some memory a little earlier than it would otherwise.

Fix for bug #1184.  Bugfix on 0.2.0.1-alpha.
2010-07-30 18:55:24 -04:00
Linus Nordberg
da49a7267f Fix typos, make all \brief's conformant, end sentences with a period. 2010-07-28 17:42:33 +02:00
Sebastian Hahn
986dd554f4 Move the header for bandwidth_weight_rule_to_string into reasons.h 2010-07-27 10:00:47 +02:00
Sebastian Hahn
7b2b1b587d Don't include crypto, compat and util.h in or.h 2010-07-27 10:00:46 +02:00
Sebastian Hahn
02a57bbda5 Add the new header files to noinst_HEADERS
Also add a changes/ file.
2010-07-27 10:00:46 +02:00
Sebastian Hahn
05072723cb Create routerparse.h 2010-07-27 10:00:46 +02:00
Sebastian Hahn
df9d42cef5 Create rephist.h 2010-07-27 10:00:46 +02:00
Sebastian Hahn
52e6e915fb Create rendmid.h 2010-07-27 10:00:45 +02:00
Sebastian Hahn
b0cd4551ab Create relay.h 2010-07-27 10:00:45 +02:00
Sebastian Hahn
cc060ea220 Create reasons.h 2010-07-27 10:00:45 +02:00
Sebastian Hahn
7bd8dee463 Create policies.h 2010-07-27 10:00:45 +02:00
Sebastian Hahn
f6852fe031 Create onion.h 2010-07-27 10:00:45 +02:00
Sebastian Hahn
af0c954bc5 Create ntmain.h 2010-07-27 10:00:39 +02:00
Sebastian Hahn
69fcbbaa89 Create networkstatus.h 2010-07-27 07:58:16 +02:00
Sebastian Hahn
86d6bfe448 Create microdesc.h 2010-07-27 07:58:16 +02:00
Sebastian Hahn
0f1548ab18 Create main.h 2010-07-27 07:58:16 +02:00
Sebastian Hahn
a86f464f6b Create hibernate.h 2010-07-27 07:58:16 +02:00
Sebastian Hahn
dc2f1666ff Create dns.h 2010-07-27 07:58:16 +02:00
Sebastian Hahn
85f7d54418 Create dirvote.h 2010-07-27 07:58:16 +02:00
Sebastian Hahn
7d4c027fb0 Create dirserv.h 2010-07-27 07:58:16 +02:00
Sebastian Hahn
bec1c838ca Create directory.h 2010-07-27 07:58:15 +02:00
Sebastian Hahn
98d1314c7e Create cpuworker.h 2010-07-27 07:58:15 +02:00
Sebastian Hahn
0bfa34e1f6 Create control.h 2010-07-27 07:58:15 +02:00
Sebastian Hahn
0d33120c26 Create connection_or.h 2010-07-27 07:58:15 +02:00
Sebastian Hahn
78b6a4650b Create connection_edge.h 2010-07-27 07:58:14 +02:00
Sebastian Hahn
2a74101f7a Create connection.h 2010-07-27 07:58:14 +02:00
Sebastian Hahn
c4f8f1316e Create config.h 2010-07-27 07:58:14 +02:00
Sebastian Hahn
3074d5a221 Create command.h 2010-07-27 07:58:14 +02:00
Sebastian Hahn
01c7b60a80 Create circuituse.h 2010-07-27 07:58:14 +02:00
Sebastian Hahn
174a88dd79 Create circuitlist.h 2010-07-27 07:58:13 +02:00
Sebastian Hahn
21155204c6 Create circuitbuild.h 2010-07-27 07:58:13 +02:00
Sebastian Hahn
34dfce0d82 Create buffers.h 2010-07-27 07:56:26 +02:00
Sebastian Hahn
85a1d635d5 Create rendservice.h 2010-07-27 07:56:26 +02:00
Sebastian Hahn
7caa8351b8 Create rendclient.h 2010-07-27 07:56:26 +02:00
Sebastian Hahn
31e81439e1 Create rendcommon.h 2010-07-27 07:56:25 +02:00
Sebastian Hahn
cbee969f40 Create routerlist.h 2010-07-27 07:56:25 +02:00
Sebastian Hahn
c53b6cc831 Create router.h 2010-07-27 07:56:25 +02:00
Sebastian Hahn
ff4030f621 Create geoip.h 2010-07-27 07:56:25 +02:00
Sebastian Hahn
e69dc22f4e Split headers for dnsserv.c functions out of or.h
The next series of commits begins addressing the issue that we're
currently including the complete or.h file in all of our source files.
To change that, we're splitting function definitions into new header
files (one header file per source file).
2010-07-27 07:56:25 +02:00
Roger Dingledine
1d6656fcb3 mike needs DEFAULT_ROUTE_LEN in other files 2010-07-21 09:30:26 -04:00
Roger Dingledine
b178c81de3 whitespace fix 2010-07-21 09:24:14 -04:00
Roger Dingledine
66d5ce266e naked constants are bad 2010-07-20 08:07:44 -04:00
Nick Mathewson
d461799f0b Fix getinfo_helper_networkstatus to return 0 on question-not-known
It erroneously returned -1 instead, which made it say "Internal error"
rather than "Unrecognized key."
2010-07-18 17:13:25 +02:00
Nick Mathewson
0b4b51314f Make the controller act more usefully when GETINFO fails
Right now it says "552 internal error" because there's no way for
getinfo_helper_*() countries to specify an error message.  This
patch changes the getinfo_helper_*() interface, and makes most of the
getinfo helpers give useful error messages in response to failures.

This should prevent recurrences of bug 1699, where a missing GeoIPFile
line in the torrc made GETINFO ip-to-county/* fail in a "not obvious
how to fix" way.
2010-07-18 17:05:58 +02:00
Mike Perry
9d5d0f040f Alter how guard flags are chosen.
V3 authorities no longer decide not to vote on Guard+Exit. The bandwidth
weights should take care of this now.

Also, lower the max threshold for WFU to 0.98, to allow more nodes to become
guards.
2010-07-14 20:49:19 -07:00
Roger Dingledine
54cdac97f1 print right controller purpose string for measure-timeout circs 2010-07-14 21:06:49 -04:00
Roger Dingledine
c6f5792404 No dirport should mean no hsdir flag (bug 1693) 2010-07-14 13:20:57 -04:00
Nick Mathewson
14bc4dcc22 Rename log.h to torlog.h
This should make us conflict less with system files named "log.h".
Yes, we shouldn't have been conflicting with those anyway, but some
people's compilers act very oddly.

The actual change was done with one "git mv", by editing
Makefile.am, and running
   find . -name '*.[ch]' | xargs perl -i -pe 'if (/^#include.*\Wlog.h/) {s/log.h/torlog.h/; }'
2010-07-09 22:05:38 -04:00
Mike Perry
a9edb0b4f6 More gracefully handle corrupt state files.
Save a backup if we get odd circuitbuildtimes and other state info.

In the case of circuit build times, we no longer assert, and reset our state.
2010-07-06 12:11:22 -07:00
Mike Perry
7bbdf71a82 Fix unittest failure in bug 1660.
We now record large times as abandoned, to prevent a filter step from
happening and skewing our results.

Also, issue a warn for a rare case that can happen for funky values of Xm or
too many abandoned circuits. Can happen (very rarely) during unit tests, but
should not be possble during live operation, due to network liveness filters
and discard logic.
2010-07-06 12:11:13 -07:00
Karsten Loesing
6bb8747ffb Make directory mirrors report non-zero dirreq-v[23]-shares again. 2010-07-05 10:45:24 +02:00
Nick Mathewson
741ab2a47a Fix bugs with assuming time_t can be implicitly cast to long
Many friendly operating systems have 64-bit times, and it's not nice
to pass them to an %ld format.

It's also extremely not-nice to write a time to the log as an
integer.  Most people think it's 2010 June 29 23:57 UTC+epsilon, not
1277855805+epsilon.
2010-06-29 19:55:10 -04:00
Nick Mathewson
485cab869d Merge remote branch 'public/rand_double2' 2010-06-29 18:57:59 -04:00
Nick Mathewson
bea55766af Merge remote branch 'mikeperry/cbt-bugfixes3' 2010-06-29 18:57:50 -04:00
Roger Dingledine
1def582217 Group in torrc is obsolete, so stop checking it 2010-06-27 02:31:00 -04:00
Nick Mathewson
b111a7cd9c Make cbt_generate_sample use crypto_rand_double()
Possible workaround for bug 1139, if anybody cares.
2010-06-25 21:33:22 -04:00
Nick Mathewson
ad2d8ac073 Use Libevent 2.0's periodic timers where available.
These timers behave better with non-monotonic clocks than our old
ones, and also try harder to make once-per-second events get called
one second apart, rather than one-plus-epsilon seconds apart.

This fixes bug 943 for everybody using Libevent 2.0 or later.
2010-06-25 15:31:46 -04:00
Kat Magic
e2b117eb80 Remove the extra space that is sent in certain STREAM messages from the controller. (closes #1583) 2010-06-22 20:49:29 -04:00
Mike Perry
5dbf99d9ff Mention the purpose field for leaked circuits. 2010-06-16 18:13:27 -07:00
Mike Perry
2abe1ceccf Add CLOSE_MS and CLOSE_RATE keywords to buildtimeout event. 2010-06-15 20:04:49 -07:00
Mike Perry
82922ea45a Be more proactive about closing unused circuits.
We need to ensure that we close timeout measurement circuits. While
we're at it, we should close really old circuits of certain types that
aren't in use, and log really old circuits of other types.
2010-06-15 20:04:46 -07:00
Mike Perry
c6c8fbf852 Split the circuit timeout and close codepaths.
We need to record different statistics at point of timeout, vs the point
of forcible closing.

Also, give some better names to constants and state file variables
to indicate they are not dealing with timeouts, but abandoned circuits.
2010-06-15 20:04:42 -07:00
Mike Perry
f528a6e62b Fix initialization and reset issues with close_ms.
Also clean up some log messages.
2010-06-15 16:41:24 -07:00
Nick Mathewson
7be7f15198 Answer question from Roger. 2010-06-14 18:32:44 -04:00
Roger Dingledine
9f31a0098d a line that's been sitting in my sandbox for months 2010-06-14 18:25:37 -04:00
Nick Mathewson
945633476a Merge commit 'sebastian/hostnamewarn' 2010-06-11 13:21:31 -04:00
Nick Mathewson
be1c4672c4 Merge commit 'origin/maint-0.2.1' 2010-06-11 13:20:20 -04:00
Karsten Loesing
6c49b6bb77 Add maatuska as eighth v3 directory authority. 2010-06-11 19:10:55 +02:00
Sebastian Hahn
f7b40f45b7 Don't crash when reading cached*consensus files on startup
Fixes bug 1352
2010-06-10 16:18:26 +02:00
Mike Perry
c96206090e Keep circuits open until the greater of 95th CDF percentile or 60s.
This is done to provide better data to our right-censored Pareto model.

We do this by simply marking them with a new purpose.
2010-06-09 00:22:39 -07:00
Mike Perry
f897154b26 Make the Xm mode selection a consensus parameter. 2010-06-09 00:22:39 -07:00
Mike Perry
38770dd6a5 Add timeout count state variable. 2010-06-09 00:22:34 -07:00
Mike Perry
848d9f8b43 Remove synthetic timeout code in favor of better Pareto model. 2010-06-09 00:22:17 -07:00
Mike Perry
dc880924b7 Arma hates (\d+). Remove mine and some others. 2010-06-09 00:22:17 -07:00
Mike Perry
d76ebb79aa Improve log message about large timeouts and fix some typos. 2010-06-09 00:22:13 -07:00
Sebastian Hahn
10fdb9ee0a Add option to not warn when getting an IP instead of hostname 2010-06-07 12:44:25 +02:00
Sebastian Hahn
faf51fa52a Don't cannibalize one-hop circuits
In rare cases, we could cannibalize a one-hop circuit, ending up
with a two-hop circuit. This circuit would not be actually used,
but we should prevent its creation in the first place.

Thanks to outofwords and swissknife for helping to analyse this.
2010-06-04 21:04:08 +02:00
Roger Dingledine
7e300cbba3 Let bridge users use the non-primary address of a multi-homed bridge 2010-06-03 20:29:29 -04:00
valerino
076063ca90 moved wince related includes and defs to compat.h where possible, removed unused/redundant wince includes 2010-05-24 11:46:54 -04:00
valerino
8d31141ccb Port Tor to work on Windows CE
Most of the changes here are switches to use APIs available on Windows
CE.  The most pervasive change is that Windows CE only provides the
wide-character ("FooW") variants of most of the windows function, and
doesn't support the older ASCII verions at all.

This patch will require use of the wcecompat library to get working
versions of the posix-style fd-based file IO functions.

[commit message by nickm]
2010-05-24 11:46:45 -04:00
valerino
ddf250119d Log the correct address when purging a mismatchd DNS cache address 2010-05-20 22:51:47 -04:00
valerino
afe58cfa89 Don't use "try" as an identifier
C allows try, but some windows CE headers like to redefine 'try' to be
a reserved word.
2010-05-20 22:50:37 -04:00
Nick Mathewson
d8a1e2dabb Make rotate_request_period use BEGIN/END versions of FOREACH
This appeases some versions of MSVC, which don't like it when you
have preprocessor commands inside a set of macro arguments.
2010-05-17 12:20:52 -04:00
Mike Perry
d9be6f3845 Fix CBT unit tests. 2010-05-12 15:31:22 -07:00
Nick Mathewson
03dc1c786a Clarify 'marking connection as too old' messages
Back when we changed the idea of a connection being "too old" for new
circuits into the connection being "bad" for new circuits, we didn't
actually change the info messages.  This led to telling the user that
we were labelling connections as "too old" for being worse than
connections that were actually older than them.

Found by Scott on or-talk.
2010-05-12 14:15:39 -04:00
Mike Perry
a5ac96b58d Fix comments from Sebastian + Nick's code review.
Check for overflow in one place, and be consistent about type usage.
2010-05-10 19:56:27 -07:00
Mike Perry
29e0d70814 Bug 1296: Add option+logic to disable CBT learning.
There are now four ways that CBT can be disabled:

1. Network-wide, with the cbtdisabled consensus param.
2. Via config, with "LearnCircuitBuildTimeout 0"
3. Via config, with "AuthoritativeDirectory 1"
4. Via a state file write failure.
2010-05-10 13:11:48 -07:00
Mike Perry
0a6191cf70 Bug 1357: Store the suspended timeout value to resume.
This prevents a spurious warning where we have a timeout just after
deciding our network came back online.
2010-05-10 13:11:47 -07:00
Mike Perry
728e946efd Bug 1245: Ignore negative and large timeouts.
This should prevent some asserts and storage of incorrect build times
for the cases where Tor is suspended during a circuit construction, or
just after completing a circuit. The idea is that if the circuit
build time is much greater than we would have cut it off at, we probably
had a suspend event along this codepath, and we should discard the
value.
2010-05-10 13:11:46 -07:00
Mike Perry
e40e35507e Bump timeout calculation message to notice when timeout changes. 2010-05-10 13:01:25 -07:00
Mike Perry
eecdd94dec Add consensus parameter for max synthetic quantile.
In case we decide that the timeout rate is now too high due to our
change of the max synthetic quantile value, this consensus parameter
will allow us to restore it to the previous value.
2010-05-10 13:00:34 -07:00
Mike Perry
835ab53102 Add a TIMEOUT_RATE keyword to buildtimeout event. 2010-05-10 12:59:05 -07:00
Mike Perry
3bbc3e2137 Bug 1335: Implement filtering step to remove+prevent high timeouts.
This is for the other issue we saw in Bug 1335. A large number of high
timeouts were causing the timeout calculation to slowly drift upwards,
especially in conditions of load. This fix repeatedly regenerates all of
our synthetic timeouts whenever the timeout changes, to try to prevent
drift.

It also lowers the timeout cap to help for some cases of Bug 1245, where
some timeout values were so large that we ended up allocating a ton of
scratch memory to count the histogram bins.

The downside is that lowering this cap is affecting our timeout rate.
Unfortunately, the buildtimeout quantile is now higher than the actual
completion rate by what appears to be about 7-10%, which probably
represents the skew in the distribution due to lowering this synthetic
cap.
2010-05-10 12:58:10 -07:00
Mike Perry
cc2a48f1be Bug 1335: Alter Xm calculation to be weighted avg of top N=3 modes.
In my state files, I was seeing several peaks, probably due to different
guards having different latency. This change is meant to better capture
this behavior and generate more reasonable timeouts when it happens. It
is improving the timeout values for my collection of state files.
2010-05-10 12:46:49 -07:00
Roger Dingledine
e7bd97493c Merge branch 'maint-0.2.1' 2010-04-23 20:26:23 -04:00
Roger Dingledine
67b38d5068 close idle tls conns early 2010-04-23 20:23:00 -04:00
Roger Dingledine
b3019c6d2b Merge branch 'maint-0.2.1' 2010-04-23 19:46:29 -04:00
Roger Dingledine
b264192083 finally get rid of "clique mode" 2010-04-23 19:39:42 -04:00
Roger Dingledine
cb31978adb close idle dir-fetch circs early 2010-04-23 18:35:11 -04:00
Roger Dingledine
573e1d40b3 finally get rid of "clique mode" 2010-04-21 21:35:18 -04:00
Roger Dingledine
6952b445cc stop authority reachability check on startup 2010-04-21 04:27:56 -04:00
Roger Dingledine
4f307e0382 immediate reachability check for new relays 2010-04-21 03:12:14 -04:00
Roger Dingledine
92a6ae2b8d more logging when tracking missing descriptors 2010-04-20 18:02:23 -04:00
Roger Dingledine
eaf5487d95 fetch descriptors from the authority that told us about them 2010-04-20 03:20:31 -04:00
Roger Dingledine
2e692bd8c9 fetch unknown descriptors if we see them in a vote 2010-04-20 03:03:33 -04:00
Roger Dingledine
77babb832a minor cleanups 2010-04-20 02:48:35 -04:00
Nick Mathewson
f2c30e97cc Switch geoip_get_request_history to asprintf; fix bug 1365 2010-04-20 01:09:40 -04:00
Roger Dingledine
de4a49adc2 fix "Got a certificate for ?? that we already have"
what's happening here is that we're fetching certs for obsolete
authorities -- probably legacy signers in this case. but try to
remain general in the log message.
2010-04-19 18:35:57 -04:00
Nick Mathewson
e3cd535c7c Move the declaration of bandwidth_rate_rule_to_string
It's natural for the definition of bandwidth_rule_t to be with the functions
that actually care about its values.  Unfortunately, this means declaring
bandwidth_rate_rule_to_string() out of sequence.  Someday we'll just rename
reasons.c to strings.c, and put it at the end of or.h, and this will all be
better.
2010-04-19 16:39:29 -04:00
Roger Dingledine
c9573cf50b parameterize update_consensus_router_descriptor_downloads 2010-04-19 04:40:45 -04:00
Roger Dingledine
c29977ce00 simplify a path in networkstatus 2010-04-15 10:13:35 -04:00
Sebastian Hahn
71fb687ddd Add --enable-static-zlib option
Works like the --enable-static-openssl/libevent options. Requires
--with-zlib-dir to be set. Note that other dependencies might still
pull in a dynamicly linked zlib, if you don't link them in statically
too.
2010-04-14 19:28:21 +02:00
Nick Mathewson
fe57aab283 Merge branch 'correct_halflife' 2010-04-13 13:37:33 -04:00
Nick Mathewson
96a0edf373 Rename CircPriorityHalflifeMsec to CircuitPriorityHalflifeMsec
Everything that accepted the 'Circ' name handled it wrong, so even now
that we fixed the handling of the parameter, we wouldn't be able to
set it without making all the 0.2.2.7..0.2.2.10 relays act wonky.
This patch makes Tors accept the 'Circuit' name instead, so we can
turn on circuit priorities without confusing the versions that treated
the 'Circ' name as occasion to act weird.
2010-04-13 13:29:30 -04:00
Peter Palfrader
5e679acc72 testsuite: Prevent the main thread from starving the worker threads 2010-04-12 18:15:20 -04:00
Peter Palfrader
a02923122e testsuite: Only free the main mutex when and if all the worker threads are done 2010-04-12 18:15:17 -04:00
Nick Mathewson
311aca5a34 Log bandwidth_weight_rule_t as a string, not an integer.
I'm adding this because I can never remember what stuff like 'rule 3'
means.  That's the one where if somebody goes limp or taps out, the
fight is over, right?
2010-04-12 18:12:49 -04:00
Nick Mathewson
d888a8210f Fix a bug in reading CircPriorityHalflife from consensus
When you mean (a=b(c,d)) >= 0, you had better not say (a=b(c,d)>=0).
We did the latter, and so whenever CircPriorityHalflife was in the
consensus, it was treated as having a value of 1 msec (that is,
boolean true).
2010-04-12 15:38:54 -04:00
Roger Dingledine
8aec982f91 Merge branch 'maint-0.2.1'
Conflicts:

	ChangeLog
	configure.in
	contrib/tor-mingw.nsi.in
	src/win32/orconfig.h
2010-04-03 22:05:02 -04:00
Roger Dingledine
0324d3b0ec fetch relay descriptors from v3 authorities 2010-04-03 21:53:29 -04:00
Sebastian Hahn
80d9737e70 Fix a segfault when a client is hup'd.
We need to make sure we have an event_base in dns.c before we call
anything that wants one. Make sure we always have one in dns_reset()
when we're a client. Fixes bug 1341.
2010-04-03 12:31:59 +02:00
Nick Mathewson
927425150b Merge branch 'asprintf' 2010-04-02 12:30:46 -04:00
Sebastian Hahn
cae769d646 Segfault less during consensus generation without params
If no authority votes on any params, Tor authorities segfault when
trying to make a new consensus from the votes. Let's change that.
2010-03-29 22:25:37 +02:00
Roger Dingledine
fe3380609e In the glorious future, all relays cache dir info.
Now if you're a published relay and you set RefuseUnknownExits, even
if your dirport is off, you'll fetch dir info from the authorities,
fetch it early, and cache it.

In the future, RefuseUnknownExits (or something like it) will be on
by default.
2010-03-16 04:02:18 -04:00
Roger Dingledine
1108358e96 let people test the RefuseUnknownExits idea 2010-03-10 22:43:23 -05:00
Roger Dingledine
625963d92a commit my annotations while i was hunting down the host order bug 2010-03-05 16:04:01 -05:00
Nick Mathewson
eb2e56ad3c Merge commit 'origin/maint-0.2.1'
Conflicts:
	src/or/config.c
	src/or/test.c
2010-03-04 18:44:31 -05:00
Nick Mathewson
3ff092391b Apply Roger's bug 1269 fix.
From http://archives.seul.org/tor/relays/Mar-2010/msg00006.html :

   As I understand it, the bug should show up on relays that don't set
   Address to an IP address (so they need to resolve their Address
   line or their hostname to guess their IP address), and their
   hostname or Address line fails to resolve -- at that point they'll
   pick a random 4 bytes out of memory and call that their address. At
   the same time, relays that *do* successfully resolve their address
   will ignore the result, and only come up with a useful address if
   their interface address happens to be a public IP address.
2010-03-04 18:37:40 -05:00
Nick Mathewson
b3ec39af8f Merge remote branch 'mikeperry/bwweight-smartlistfix' 2010-03-04 00:13:23 -05:00
Mike Perry
2b5e1d3636 Woops, forgot the second warn.
Also, differentiate the two log messages.
2010-03-03 21:02:01 -08:00
Mike Perry
97eec84f4b Demote warn to info, since it can happen.
I still feel like we should investigate this case. It seems odd.
2010-03-03 17:35:06 -08:00
Nick Mathewson
404af59ed5 Backport fix for time-goes-forward test. Fix bug 1267 2010-03-02 10:40:21 -05:00
Nick Mathewson
47e919424d Tweak users of snprintf to use asprintf where appropriate 2010-02-28 21:46:50 -05:00
Nick Mathewson
9caecc1e48 Merge branch 'fix_routerparse_bug' 2010-02-28 13:48:05 -05:00
Nick Mathewson
da220157a9 Update copyright dates for files not in maint-0.2.1 2010-02-27 17:19:00 -05:00
Nick Mathewson
b006e3279f Merge remote branch 'origin/maint-0.2.1'
Conflicts:
	src/common/test.h
	src/or/test.c
2010-02-27 17:16:31 -05:00
Nick Mathewson
c3e63483b2 Update Tor Project copyright years 2010-02-27 17:14:21 -05:00
Nick Mathewson
27a8a56e6c Fix a consensus-extension bug found by outofwords
When the bandwidth-weights branch added the "directory-footer"
token, and began parsing the directory footer at the first
occurrence of "directory-footer", it made it possible to fool the
parsing algorithm into accepting unsigned data at the end of a
consensus or vote.  This patch fixes that bug by treating the footer
as starting with the first "directory-footer" or the first
"directory-signature", whichever comes first.
2010-02-27 17:07:05 -05:00
Nick Mathewson
1c25077b1c fix some wide lines in routerparse.c 2010-02-27 16:33:22 -05:00
Nick Mathewson
937b5cdd41 Merge remote branch 'origin/maint-0.2.1'
Conflicts:
	ChangeLog
	src/or/routerparse.c
2010-02-27 15:34:02 -05:00
Sebastian Hahn
b67657bd95 Properly handle non-terminated strings
Treat strings returned from signed_descriptor_get_body_impl() as not
NUL-terminated. Since the length of the strings is available, this is
not a big problem.

Discovered by rieo.
2010-02-27 02:13:22 +01:00
Mike Perry
03d6995d0e Check for empty smartlists and no bandwidth during node selection. 2010-02-26 16:17:09 -08:00
Sebastian Hahn
1c39dbd53a Don't segfault when checking the consensus 2010-02-26 08:01:40 +01:00
Nick Mathewson
1e1d471002 Don't believe unauthenticated info in a consensus.
Don't allow anything but directory-signature tokens in a consensus after
the first directory-signature token.  Fixes bug in bandwidth-weights branch.
Found by "outofwords."
2010-02-26 01:02:20 -05:00
Sebastian Hahn
86828e2004 Proper NULL checking in circuit_list_path_impl()
Another dereference-then-NULL-check sequence. No reports of this bug
triggered in the wild. Fixes bugreport 1256.

Thanks to ekir for discovering and reporting this bug.
2010-02-26 05:53:26 +01:00
Sebastian Hahn
f36c36f4a8 Proper NULL checking for hsdesc publication
Fix a dereference-then-NULL-check sequence. This bug wasn't triggered
in the wild, but we should fix it anyways in case it ever happens.
Also make sure users get a note about this being a bug when they
see it in their log.

Thanks to ekir for discovering and reporting this bug.
2010-02-26 05:49:34 +01:00
Nick Mathewson
512cebadad For integers, if !(E<G), then we can infer that E>=G.
This means that "if (E<G) {abc} else if (E>=G) {def}" can be replaced with
"if (E<G) {abc} else {def}"

Doing the second test explicitly made my mingw gcc nervous that we might
never be initializing casename.
2010-02-25 17:00:14 -05:00
Nick Mathewson
eb10d441b6 Fix 64-bit printf issues in consensus-bw-weights5-merge.
For my 64-bit Linux system running with GCC 4.4.3-fc12-whatever, you
can't do 'printf("%lld", (int64_t)x);' Instead you need to tell the
compiler 'printf("%lld", (long long int)x);' or else it doesn't
believe the types match.  This is why we added U64_PRINTF_ARG; it
looks like we needed an I64_PRINTF_ARG too.
2010-02-25 16:22:40 -05:00
Nick Mathewson
2ab3389ed6 Merge remote branch 'mikeperry/consensus-bw-weights5-merge'
Conflicts:
	ChangeLog
2010-02-25 16:22:29 -05:00
Nick Mathewson
6fa8dacb97 Add a tor_asprintf() function, and use it in a couple of places.
asprintf() is a GNU extension that some BSDs have picked up: it does a printf
into a newly allocated chunk of RAM.

Our tor_asprintf() differs from standard asprintf() in that:
  - Like our other malloc functions, it asserts on OOM.
  - It works on windows.
  - It always sets its return-field.
2010-02-25 16:09:10 -05:00
Mike Perry
215930a7de Check snprintf return values in format_networkstatus_vote.
Maybe this is what parakeep was complaining about? Really wish he
would stick around more. Playing these guessing games is not fun :(
2010-02-25 11:59:35 -08:00
Mike Perry
50d6960332 Cast our weights down to ints from int64.
They are capped to be between 0 and weight_scale (10000) by the code
just before the snprintf.
2010-02-25 11:42:45 -08:00
Sebastian Hahn
2917c0596c Restrict PerConnBWRate|Burst to INT32_MAX, update manpage
All other bandwidthrate settings are restricted to INT32_MAX, but
this check was forgotten for PerConnBWRate and PerConnBWBurst. Also
update the manpage to reflect the fact that specifying a bandwidth
in terabytes does not make sense, because that value will be too
large.
2010-02-25 12:33:15 +01:00
Mike Perry
0da26162a3 Make unit tests work.
Still not sure why they generate an empty consensus document..
Too much frobbing going on there.
2010-02-24 11:17:31 -08:00
Sebastian Hahn
c8f154e173 Proper NULL checking for hsdesc publication
Fix a dereference-then-NULL-check sequence. This bug wasn't triggered
in the wild, but we should fix it anyways in case it ever happens.
Also make sure users get a note about this being a bug when they
see it in their log.

Thanks to ekir for discovering and reporting this bug.
2010-02-23 17:09:02 +01:00
Sebastian Hahn
7681e355ed Fix another coverity-spotted memleak 2010-02-23 15:05:39 +01:00
Mike Perry
b3fde4d309 Add consensus method #defines. 2010-02-22 18:43:13 -08:00
Mike Perry
f4d6315afa Remove misc unnecessary newlines found by new check. 2010-02-22 16:52:11 -08:00
Mike Perry
245be159af Always weight routers by bandwidth.
Also always predict that we need a high capacity circuit or internal
circuit.
2010-02-22 16:52:11 -08:00
Mike Perry
87a0430a74 Clearly mark directory footer so we parse the new weight line. 2010-02-22 16:52:11 -08:00
Mike Perry
931e073a4f Implement bw weighting selection algorithm. 2010-02-22 16:52:11 -08:00
Mike Perry
df1ef2f0f0 Add parsing+verification for bw weight values. 2010-02-22 16:52:11 -08:00
Mike Perry
f9d40649fe Perform calculation of consensus bandwidth weights.
Also add bwweightscale consensus param. Use it as our
fixed-point calculation width.
2010-02-22 16:52:11 -08:00
Nick Mathewson
295e6557a9 Merge remote branch 'sebastian/coverity' 2010-02-22 12:46:43 -05:00
Nick Mathewson
d35b8dc582 Make expand_filename into a tor_strdup() alias on windows.
On Windows, we don't have a notion of ~ meaning "our homedir", so we
were deliberately using an #ifdef to avoid calling expand_filename()
in multiple places.  This is silly: The right place to turn a function
into a no-op on a single platform is in the function itself, not in
every single call-site.
2010-02-22 12:42:31 -05:00
Sebastian Hahn
1dfbec482c Remove some redundant code in options_save_current()
get_torrc_fname() does the same thing we did in this code, so let's
replace it.
2010-02-22 12:21:58 +01:00
Sebastian Hahn
b65ad83ebe Break early on unknown extendcircuit purpose
Don't continue handling EXTENDCIRCUIT messages when we get an
unknown purpose.
2010-02-22 10:57:11 +01:00
Sebastian Hahn
dcf85eb158 Fix a memory leak, found by coverity 2010-02-22 10:56:54 +01:00
Sebastian Hahn
e391a497ec Remove some redundand code in control.c
Found by coverity
2010-02-22 10:41:46 +01:00
Sebastian Hahn
5aa9610dd6 network-status-version must come first in a vote/consensus
Spec conformance issue: The code didn't force the network-status-version
token to be the first token in a v3 vote or consensus.

Problem discovered by Parakeep.
2010-02-22 09:16:26 +01:00
Nick Mathewson
0eb03bc6dd Merge remote branch 'public/cbt-status'
Conflicts:
	ChangeLog
2010-02-20 18:35:19 -05:00
Nick Mathewson
391f75d792 Merge remote branch 'sebastian/bug1143' 2010-02-19 16:58:24 -05:00
Sebastian Hahn
408a828b1f Make the DNSPort option work with libevent 2.x
We need to use evdns_add_server_port_with_base() when configuring
our DNS listener, because libevent segfaults otherwise. Add a macro
in compat_libevent.h to pick the correct implementation depending
on the libevent version.

Fixes bug 1143, found by SwissTorExit
2010-02-19 22:36:53 +01:00
Nick Mathewson
061ffbd7d5 Future-proof the control protocol by ignoring unrecognized keyword args 2010-02-18 12:49:48 -05:00
Nick Mathewson
2d95e02914 Make more arguments in control.c properly case-insensitive. 2010-02-18 12:49:26 -05:00
Mike Perry
2b95d1c0ee Describe the recent timeouts reallocation behavior. 2010-02-18 09:08:32 -08:00
Mike Perry
2258125e1a Move CBT params into consensus. 2010-02-18 09:08:31 -08:00
Mike Perry
f459388c29 Add an event for a case where we drop guards.
Also add a comment about an odd CBT timeout edgecase.
2010-02-18 09:08:31 -08:00
Mike Perry
ac68704f07 Allow "EXTENDCIRCUIT 0" to omit a path. 2010-02-18 09:08:31 -08:00
Mike Perry
8512e33773 Add BUILDTIMEOUT_SET event for CBT stress testing. 2010-02-18 09:08:31 -08:00
Nick Mathewson
715f104eeb Merge remote branch 'origin/maint-0.2.1'
Conflicts:
	ChangeLog
	configure.in
	contrib/tor-mingw.nsi.in
	src/win32/orconfig.h
2010-02-18 12:01:56 -05:00
Nick Mathewson
4e082ec84b Build correctly with Libevent 2.0.4-alpha and later 2010-02-15 16:47:47 -05:00
Roger Dingledine
3e6a37e61e new dannenberg address; make moria2's demise official. 2010-02-12 14:31:08 -05:00
Sebastian Hahn
fe18275563 Add Windows version detection for Vista and 7
Vista is Windows 6.0, and 7 is Windows 6.1. Fixes bug 1097.

Also fix a coding style violation.
2010-02-10 08:40:44 +01:00
Nick Mathewson
a6a1b8b815 Merge remote branch 'origin/maint-0.2.1' 2010-02-09 12:58:25 -05:00
Nick Mathewson
a4065cd832 Merge remote branch 'sebastian/bug925' 2010-02-09 12:50:54 -05:00
Nick Mathewson
6dd71d314d Merge remote branch 'sebastian/bug1238' 2010-02-09 12:50:45 -05:00
Nick Mathewson
c0d682686a Make tor_addr_copy() conform to memcpy requirements
The src and dest of a memcpy() call aren't supposed to overlap,
but we were sometimes calling tor_addr_copy() as a no-op.

Also, tor_addr_assign was a redundant copy of tor_addr_copy(); this patch
removes it.
2010-02-09 12:32:10 -05:00
Sebastian Hahn
253fd21ae1 Fix a whitespace violation 2010-02-09 09:10:07 +01:00
Sebastian Hahn
1e49c908f7 Speed up the execution of exit_policy_is_general_exit_helper()
It isn't necessary to walk through all possible subnets when the policy
we're looking at doesn't touch that subnet.
2010-02-09 09:10:07 +01:00
Sebastian Hahn
20422cde2b 0/8 doesn't count as a /8 subnet towards an Exit flag 2010-02-08 16:46:22 +01:00
Sebastian Hahn
b2b99a70c0 Don't spam controllers with TOO_MANY_CONNECTIONS events
We implemented ratelimiting for warnings going into the logfile, but didn't
rate-limit controller events. Now both log warnings and controller events
are rate-limited.
2010-02-08 16:45:36 +01:00
Sebastian Hahn
a168cd2a54 Don't use gethostbyname() in resolve_my_address()
Tor has tor_lookup_hostname(), which prefers ipv4 addresses automatically.
Bug 1244 occured because gethostbyname() returned an ipv6 address, which
Tor cannot handle currently. Fixes bug 1244; bugfix on 0.0.2pre25.
Reported by Mike Mestnik.
2010-02-08 15:49:54 +01:00
Nick Mathewson
080e8f50f8 Merge commit 'origin/maint-0.2.1' 2010-02-07 22:34:08 -05:00
Sebastian Hahn
dfee173289 lookup_last_hid_serv_request() could overflow and leak memory
The problem was that we didn't allocate enough memory on 32-bit
platforms with 64-bit time_t. The memory leak occured every time
we fetched a hidden service descriptor we've fetched before.
2010-02-07 06:37:35 +01:00
Sebastian Hahn
25ec240cc3 Call exit_policy_is_general_exit less
When calculating the is_exit flag for a routerinfo_t, we don't need
to call exit_policy_is_general_exit() if router_exit_policy_rejects_all()
tells us it definitely is an exit. This check is much cheaper than
running exit_policy_is_general_exit().
2010-02-04 00:06:56 +01:00
Nick Mathewson
7d5d4f9f03 When we've disabled .exit hostnames, actually reject them.
Previously we were treating them as decent hostnames and sending them
to the exit, which is completely wrong.
2010-02-03 15:59:15 -05:00
Nick Mathewson
ba0c9e5d03 Trivial doc fix for exit_policy_is_general_exit_helper
The original comment said what it did if there was at least one /8 that
allowed access to the port, but not what it did otherwise.
2010-02-03 00:12:31 -05:00
Sebastian Hahn
03bd98b3b1 Don't assign Exit flag incorrectly
exit_policy_is_general_exit() assumed that there are no redundancies
in the passed policy, in the sense that we actively combine entries
in the policy to really get rid of any redundancy. Since we cannot
do that without massively rewriting the policy lines the relay
operators set, fix exit_policy_is_general_exit().

Fixes bug 1238, discovered by Martin Kowalczyk.
2010-02-03 05:44:00 +01:00
Sebastian Hahn
02889bae21 Fix comments for getinfo_helper_t
rieo pointed out something isn't right here
2010-01-27 22:12:43 +01:00
Karsten Loesing
7e65871ccc Fix a memory corruption bug while collecting bridge stats
We accidentally freed the internal buffer for bridge stats when we
were writing the bridge stats file or honoring a control port
request for said data. Change the interfaces for
geoip_get_bridge_stats* to prevent these problems, and remove the
offending free/add a tor_strdup.

Fixes bug 1208.
2010-01-26 11:55:43 +01:00
Nick Mathewson
2d3f21e9ee Merge commit 'sebastian/quiet' 2010-01-25 14:39:20 -05:00
Nick Mathewson
2590d733f4 Try to untangle the logic in server_port_flush
It's a bit confusing to have a loop where another function,
confusingly named "*_free", is responsible for advancing the loop
variable (or rather, for altering a structure so that the next time
the loop variable's initializer is evaluated it evaluates to something
different.)

Not only has this confused people: it's also confused coverity scan.
Let's fix that.
2010-01-25 14:09:58 -05:00
Sebastian Hahn
7e89cc31ab Be quieter about failing to decode authority digests
This was freaking out some relay operators without good reason, as
it is nothing the relay operator can do anything about anyways.

Quieting this warning suggested by rieo.
2010-01-25 18:05:20 +01:00
Nick Mathewson
a93cabd9ab Since dump_microdescriptor() can return -1; make its type ssize_t 2010-01-24 16:24:47 -05:00
Peter Palfrader
256861023e Handle errors reported by fwrite() in dump_microdescriptor()
Does not deal with error handling in dump_microdescriptor's callers.
2010-01-24 15:05:20 -05:00
Nick Mathewson
0552deb613 Merge commit 'origin/maint-0.2.1'
Resolved conflicts in:
	configure.in
	src/or/Makefile.am
	src/tools/Makefile.am
2010-01-24 15:03:45 -05:00
Nick Mathewson
b6038f4ac6 Add --enable-static-(openssl|libevent) options
These options only work when using --with-(openssl|libevent)-dir to
explicitly pick a libevent or openssl location.
2010-01-24 14:34:47 -05:00
Nick Mathewson
3b4b6009a0 Merge remote branch 'origin/maint-0.2.1' 2010-01-23 20:46:57 -05:00
Nick Mathewson
aec4aea190 Fix two rare leaks spotted by rieo. 2010-01-23 20:46:38 -05:00
Nick Mathewson
d4354b506b Don't use OutboundBindAddress to connect to localhost
The OutboundBindAddress option is useful for making sure that all of
your outbond connections use a given interface.  But when connecting
to 127.0.0.1 (or ::1 even) it's important to actually have the
connection come _from_ localhost, since lots of programs running on
localhost use the source address to authenticate that the connection
is really coming from the same host.

Our old code always bound to OutboundBindAddress, whether connecting
to localhost or not.  This would potentially break DNS servers on
localhost, and socks proxies on localhost.  This patch changes the
behavior so that we only look at OutboundBindAddress when connecting
to a non-loopback address.
2010-01-20 13:09:10 -05:00
Roger Dingledine
8d84b4bfa1 Merge branch 'maint-0.2.1'
Conflicts:

	ChangeLog
2010-01-19 17:54:41 -05:00
Roger Dingledine
1fc94bfd0e spread guard rotation out throughout the month 2010-01-19 17:52:52 -05:00
Roger Dingledine
0642ab2428 weight guard choice by bandwidth; discard old guards 2010-01-19 17:30:52 -05:00
Roger Dingledine
37ca182c7e Merge branch 'maint-0.2.1' into master
Conflicts:

	ChangeLog
	configure.in
	contrib/tor-mingw.nsi.in
	src/win32/orconfig.h
2010-01-19 14:51:39 -05:00
Roger Dingledine
708f47ecc9 downgrade a warning
this case can now legitimately happen, if you have a cached v2 status
from moria1, and you run with the new list of dirservers that's missing
the old moria1. it's nothing to worry about; the file will die off in
a month or two.
2010-01-19 14:25:15 -05:00
Roger Dingledine
adae600715 rotate keys for moria1 and gabelmoo 2010-01-19 14:12:39 -05:00
Sebastian Hahn
c32e8c292e Log a notice when we get a new control connection 2010-01-18 19:14:36 -05:00
Roger Dingledine
79eaeef1cd stop bridge authorities from leaking their bridge list 2010-01-17 19:41:22 -05:00
Roger Dingledine
b9f1bd3c4e whitespace fixes 2010-01-15 15:58:35 -05:00
Roger Dingledine
f1d74f611d fix an impossible-to-actually-trigger overflow in descriptor generation 2010-01-15 15:56:54 -05:00
Roger Dingledine
0450813227 resolve path weighting edge case; fixes bug 1203 2010-01-15 15:56:54 -05:00
Roger Dingledine
50e8210943 trivial cleanups 2010-01-15 15:56:54 -05:00
Roger Dingledine
f22c063067 remove redundant validate_addr_policies() checks 2010-01-15 15:56:53 -05:00
Roger Dingledine
fd5eb23c29 don't warn if stats/bridge-stats is missing
if we try to read it to publish stats and it's not there,
that means there are no stats to publish.

reported by swisstorexit.
2010-01-15 15:56:53 -05:00
Roger Dingledine
8cba62cc2a don't div by 0 during path selection 2010-01-02 13:13:30 -05:00
Roger Dingledine
485fa5c425 when loading bridge stats, mkdir $datadir/stats first 2010-01-02 09:28:19 -05:00
Roger Dingledine
4d71d43772 add config options to override.
somebody should add man page entries.
2009-12-29 23:13:03 -05:00
Roger Dingledine
f255272f45 add separate per-conn write limiting 2009-12-29 22:25:02 -05:00
Sebastian Hahn
9a07f30b90 Authorities now support conditional consensuses
Mark them this way in add_trusted_dir_server
2009-12-25 16:35:47 +01:00
Sebastian Hahn
51c00dbdec Remove some old, commented out code 2009-12-25 16:35:47 +01:00
Sebastian Hahn
9f1618b518 Remove online config descriptions.
They weren't in sync with reality nor manpage, and only useful to a human
who could simply have checked the manpage.
2009-12-25 16:35:47 +01:00
Sebastian Hahn
03da1af9ca Fix a typo 2009-12-25 16:33:56 +01:00
Roger Dingledine
2ef988c065 New consensus params "bwconnrate" and "bwconnburst"
...to let us
rate-limit client connections as they enter the network. It's
controlled in the consensus so we can turn it on and off for
experiments. It's starting out off. Based on proposal 163.
2009-12-23 04:56:24 -05:00
Roger Dingledine
7d832cc988 make the os x tiger compiler shut up
it's wrong, but that's our problem not its problem
2009-12-21 04:58:03 -05:00
Roger Dingledine
937607056b a changelog and doc fixes for the strictnodes work 2009-12-21 04:38:49 -05:00
Roger Dingledine
22e07b4ead fix compile 2009-12-21 03:52:34 -05:00
Roger Dingledine
2138b05f17 Use nodes in ExitNodes even if they're not fast/stable 2009-12-21 03:52:33 -05:00
Roger Dingledine
cc73bc3853 Use nodes in EntryNodes even if they're not fast/stable 2009-12-21 03:52:33 -05:00
Roger Dingledine
7346804ec6 instrument entry_is_live to tell why our guard isn't live 2009-12-21 03:52:33 -05:00
Roger Dingledine
ef81649d2f Be more willing to use an unsuitable circuit for exit.
Specifically, there are two cases: a) are we willing to start a new
circuit at a node not in your ExitNodes config option, and b) are we
willing to make use of a circuit that's already established but has an
unsuitable exit.

Now we discard all your circuits when you set ExitNodes, so the only
way you could end up with an exit circuit that ends at an unsuitable
place is if we explicitly ran out of exit nodes, StrictNodes was 0,
and we built this circuit to solve a stream that needs solving.

Fixes bug in dc322931, which would ignore the just-built circuit because
it has an unsuitable exit.
2009-12-21 03:52:32 -05:00
Roger Dingledine
c75a2eea60 Abandon circs if the user changes Exclude*Nodes
If ExcludeNodes or ExcludeExitNodes changes on a config reload,
mark and discard all our origin circuits.
2009-12-21 03:52:32 -05:00
Roger Dingledine
f2c51cb998 comments and cleanups, no actual changes 2009-12-21 03:52:32 -05:00
Roger Dingledine
1a65bdd232 Make EntryNodes config option much more aggressive.
Before it would prepend your requested entrynodes to your list of guard
nodes, but feel free to use others after that. Now it chooses only
from your EntryNodes if any of those are available, and only falls back
to others if a) they're all down and b) StrictNodes is not set.

Also, now we refresh your entry guards from EntryNode at each consensus
fetch (rather than just at startup and then they slowly rot as the
network changes).

The goal here is to make users less likely to set StrictNodes, since
it's doing closer to what they expect it should be doing.
2009-12-21 03:52:31 -05:00
Roger Dingledine
580066f2f6 Switch to a StrictNodes config option.
This is step one of handling ExcludedNodes better. This first
step is just to make EntryNodes and ExitNodes do what they did
before.
2009-12-21 03:52:31 -05:00
Roger Dingledine
5fee54a50f fix some typos 2009-12-19 05:12:00 -05:00
Nick Mathewson
05a2473b7f Merge branch 'ewma' 2009-12-18 22:33:02 -05:00
Nick Mathewson
7edae58984 Merge commit 'karsten/fix-bridge-stats-master-4' 2009-12-18 14:16:41 -05:00
Karsten Loesing
3a5a728d4a Permit an empty "bridge-ips" line when parsing bridge stats. 2009-12-18 13:29:51 +01:00
Karsten Loesing
f80672d747 Remove duplicate words and a duplicate newline. 2009-12-18 12:55:05 +01:00
Nick Mathewson
235f1e1a96 Refactor out the 'find string at start of any line' logic.
We do this in too many places throughout the code; it's time to start
clamping down.

Also, refactor Karsten's patch to use strchr-then-strndup, rather than
malloc-then-strlcpy-then-strchr-then-clear.
2009-12-17 18:29:37 -05:00
Karsten Loesing
498c293afe Make changes to latest bridge-stats fixes as suggested by Nick. 2009-12-17 11:20:31 +01:00
Karsten Loesing
e1e5c1b3ab Fix bridge statistics.
Fix statistics on client numbers by country as seen by bridges that were
broken in 0.2.2.1-alpha. Also switch to reporting full 24-hour intervals
instead of variable 12-to-48-hour intervals.
2009-12-17 09:22:55 +01:00
Karsten Loesing
d38268a8c7 Remove v0 hidden service statistics code.
The HSAuthorityRecordStats option was used to track statistics of overall
hidden service usage on the version 0 hidden service authorities. With the
version 2 hidden service directories being deployed and version 0
descriptors being phased out, these statistics are not as useful anymore.

Goodbye, you fine piece of software; my first major code contribution to
Tor.
2009-12-17 09:15:06 +01:00
Nick Mathewson
62c2a5a883 Merge commit 'karsten/fix-cell-stats'
Conflicts:
	ChangeLog
2009-12-16 21:59:25 -05:00
Nick Mathewson
350181529e Merge branch 'safelogging2'
Conflicts:
	ChangeLog
2009-12-15 17:26:09 -05:00
Nick Mathewson
fcbd65b45c Refactor the safe_str_*() API to make more sense.
The new rule is: safe_str_X() means "this string is a piece of X
information; make it safe to log."  safe_str() on its own means
"this string is a piece of who-knows-what; make it safe to log".
2009-12-15 17:25:34 -05:00
Nick Mathewson
3b896195cb Stop using lround in or.h, and check for bad values of RECENT_CIRCUITS 2009-12-15 17:11:27 -05:00
Nick Mathewson
d42c689b8e Merge commit 'sebastian/coverity' 2009-12-15 14:50:49 -05:00
Nick Mathewson
5db4b96089 Merge branch 'mathlog' 2009-12-15 14:42:09 -05:00
Nick Mathewson
e56747f9cf Refactor a bit so that it is safe to include math.h, and mostly not needed. 2009-12-15 14:40:49 -05:00
Nick Mathewson
60b01c6d5e Change interface for configuring cell ewma algorithm.
The rule is now: take the value from the CircuitPriorityHalflife
config option if it is set.  If it zero, disable the cell_ewma
algorithm.  If it is set, use it to calculate the scaling factor.
If it is not set, look for a CircPriorityHalflifeMsec parameter in the
consensus networkstatus.  If *that* is zero, then disable the cell_ewma
algorithm; if it is set, use it to calculate the scaling factor.
If it is not set at all, disable the algorithm.
2009-12-15 13:58:24 -05:00
Nick Mathewson
296381eda0 Merge commit 'sebastian/ewma2' into ewma
Conflicts:
	src/or/relay.c
2009-12-15 13:23:27 -05:00
Nick Mathewson
1292a9ddfe Fix various comment typos in ewma patch; found by arma. 2009-12-15 13:20:22 -05:00
Sebastian Hahn
d384f5e1ed Fix compile warning on Panther.
Apparently Panther doesn't like comparing ints and enums
2009-12-14 10:07:20 +01:00
Sebastian Hahn
182c583497 Remove some dead code found by coverity, cid 404
In connection_dir_client_reached_eof, we make sure that we either
return when we get an http status code of 503 or handle the problem
and set it to 200. Later we check if the status code is 503. Remove
that check.
2009-12-14 09:53:31 +01:00
Sebastian Hahn
27b7746c51 Fix Snow Leopard compile and a codestyle violation
When calculating the current tick, cap (tv_sec / EWMA_TICK_LEN) to an unsigned int.
2009-12-14 05:17:45 +01:00
Nick Mathewson
06e8370c33 Optimize cell-ewma circuit priority algorithm.
There are two big changes here:
  - We store active circuits in a priority queue for each or_conn,
    rather than doing a linear search over all the active circuits
    before we send each cell.
  - Rather than multiplying every circuit's cell-ewma by a decay
    factor every time we send a cell (thus normalizing the value of a
    current cell to 1.0 and a past cell to alpha^t), we instead
    only scale down the cell-ewma every tick (ten seconds atm),
    normalizing so that a cell sent at the start of the tick has
    value 1.0).
2009-12-13 21:05:53 -05:00
Roger Dingledine
f7d99b62a3 New controller command "getinfo config-text"
It returns the contents that Tor would write if you send it a SAVECONF
command, so the controller can write the file to disk itself.
2009-12-13 19:21:06 -05:00
Nick Mathewson
c43fee131d Adjust EWMA patch to conform to whitespace style. 2009-12-12 19:06:38 -05:00
Can Tang
d3be00e0f4 Favor quiet circuits when choosing which order to relay cells in.
Each circuit is ranked in terms of how many cells from it have been
relayed recently, using a time-weighted average.

This patch has been tested this on a private Tor network on PlanetLab,
and gotten improvements of 12-35% in time it takes to fetch a small
web page while there's a simultaneous large data transfer going on
simultaneously.

[Commit msg by nickm based on mail from Ian Goldberg.]
2009-12-12 19:06:38 -05:00
Nick Mathewson
c210db0d41 Enhance pqueue so we can remove items from the middle.
This changes the pqueue API by requiring an additional int in every
structure that we store in a pqueue to hold the index of that structure
within the heap.
2009-12-12 19:06:38 -05:00
Nick Mathewson
9e6225ae16 Merge commit 'sebastian/coverity' 2009-12-12 02:10:19 -05:00
Nick Mathewson
0c1b3070cf Now that FOO_free(NULL) always works, remove checks before calling it. 2009-12-12 02:07:59 -05:00
Nick Mathewson
79f72d0ef6 Make rend_cache_entry_free() typecheck when possible. 2009-12-12 01:31:35 -05:00
Nick Mathewson
a8190b09a3 Cache the parsed value of SafeLogging as an enum. 2009-12-12 01:12:47 -05:00
Sebastian Hahn
3807db001d *_free functions now accept NULL
Some *_free functions threw asserts when passed NULL. Now all of them
accept NULL as input and perform no action when called that way.

This gains us consistence for our free functions, and allows some
code simplifications where an explicit null check is no longer necessary.
2009-12-12 03:29:44 +01:00
Sebastian Hahn
f258647433 Allow SafeLogging to exclude client related information 2009-12-12 02:26:11 +01:00
Karsten Loesing
16fbb2f745 Minor fix to buffer stats.
Do not segfault when writing buffer stats when we haven't observed a
single circuit to report about.  This is a minor bug that would only show
up in testing environments with no traffic and with reduced stats
intervals.
2009-12-03 10:51:51 +01:00
Roger Dingledine
cee9a28d1e Merge commit 'origin/maint-0.2.1' 2009-11-23 10:16:38 -05:00
Roger Dingledine
a89f51c936 fix race condition that can cause crashes at client or exit relay
Avoid crashing if the client is trying to upload many bytes and the
circuit gets torn down at the same time, or if the flip side
happens on the exit relay. Bugfix on 0.2.0.1-alpha; fixes bug 1150.
2009-11-23 10:13:50 -05:00
Roger Dingledine
403f99eaa4 add a minimum for CircuitStreamTimeout, plus a man page
plus some other unrelated touchups that have been sitting in my
sandbox
2009-11-22 07:15:30 -05:00
Roger Dingledine
7f3f88bed3 New config option "CircuitStreamTimeout"
New config option "CircuitStreamTimeout" to override our internal
timeout schedule for how many seconds until we detach a stream from
a circuit and try a new circuit. If your network is particularly
slow, you might want to set this to a number like 60.
2009-11-21 23:36:36 -05:00
Roger Dingledine
fdd58f3bd5 If somebody tries to overflow my dirport, don't log his IP by default.
aka Fix an instance where a Tor directory mirror might accidentally
log the IP address of a misbehaving Tor client. Bugfix on
0.1.0.1-rc.
2009-11-21 23:09:24 -05:00
Roger Dingledine
4f8b36a1e2 clobber connections with different number than we clobber circuits 2009-11-21 23:02:10 -05:00
Roger Dingledine
7b6b931ccc stop assuming that our downcasts have a struct offset of 0
shouldn't actually change anything, but who knows.
2009-11-21 22:59:18 -05:00
Nick Mathewson
9be682942c Not everybody likes debugging printfs as much as I 2009-11-18 11:26:44 -05:00
Nick Mathewson
e722ffa605 Do not report a partially-successful detached signature add as failed.
Also, regenerate the detached-signature document whenever any signatures are
successfully added.
2009-11-17 14:24:59 -05:00
Roger Dingledine
2ebd22152e only complain when rejecting a descriptor if it has contact info 2009-11-17 07:39:15 -05:00
Roger Dingledine
22f674fcb8 Fix a memory leak on directory authorities during voting
Fix a memory leak on directory authorities during voting that was
introduced in 0.2.2.1-alpha. Found via valgrind.
2009-11-12 01:31:26 -05:00
Nick Mathewson
0a58567ce3 Merge commit 'origin/maint-0.2.1'
Conflicts:
	src/common/tortls.c
2009-11-06 15:24:52 -05:00
Nick Mathewson
ce0a89e262 Make Tor work with OpenSSL 0.9.8l
To fix a major security problem related to incorrect use of
SSL/TLS renegotiation, OpenSSL has turned off renegotiation by
default.  We are not affected by this security problem, however,
since we do renegotiation right.  (Specifically, we never treat a
renegotiated credential as authenticating previous communication.)
Nevertheless, OpenSSL's new behavior requires us to explicitly
turn renegotiation back on in order to get our protocol working
again.

Amusingly, this is not so simple as "set the flag when you create
the SSL object" , since calling connect or accept seems to clear
the flags.

For belt-and-suspenders purposes, we clear the flag once the Tor
handshake is done.  There's no way to exploit a second handshake
either, but we might as well not allow it.
2009-11-05 18:13:08 -05:00
Nick Mathewson
eb1faf8a0a Fix a URL in a log message. 2009-11-04 11:39:10 -05:00
Sebastian Hahn
f1b7295b27 Disallow command line keywords with more than two dashes as prefix.
This might help fix cid 422, where coverity fails to notice that
argv strings are null-escaped.
2009-10-27 17:50:24 +01:00
Sebastian Hahn
b0e8c33617 Make it more obvious for coverity that cid 404 is not dead code 2009-10-27 14:19:32 +01:00
Jacob Appelbaum
2aac39a779 Implement DisableAllSwap to avoid putting secret info in page files.
This commit implements a new config option: 'DisableAllSwap'
This option probably only works properly when Tor is started as root.
We added two new functions: tor_mlockall() and tor_set_max_memlock().
tor_mlockall() attempts to mlock() all current and all future memory pages.
For tor_mlockall() to work properly we set the process rlimits for memory to
RLIM_INFINITY (and beyond) inside of tor_set_max_memlock().
We behave differently from mlockall() by only allowing tor_mlockall() to be
called one single time. All other calls will result in a return code of 1.
It is not possible to change DisableAllSwap while running.
A sample configuration item was added to the torrc.complete.in config file.
A new item in the man page for DisableAllSwap was added.
Thanks to Moxie Marlinspike and Chris Palmer for their feedback on this patch.

Please note that we make no guarantees about the quality of your OS and its
mlock/mlockall implementation. It is possible that this will do nothing at all.
It is also possible that you can ulimit the mlock properties of a given user
such that root is not required. This has not been extensively tested and is
unsupported. I have included some comments for possible ways we can handle
this on win32.
2009-10-27 04:28:40 -04:00
Karsten Loesing
56c2385157 Fix bug 1113.
Bridges do not use the default exit policy, but reject *:* by default.
2009-10-27 01:03:41 -07:00
Roger Dingledine
8c34e79263 Merge commit 'karsten/log-1092' 2009-10-27 02:26:58 -04:00
Karsten Loesing
c8b27a8e9e Improve log statement when publishing v2 hs desc. 2009-10-26 23:09:10 -07:00
Karsten Loesing
19ddee5582 Fix bug 1042.
If your relay can't keep up with the number of incoming create cells, it
would log one warning per failure into your logs. Limit warnings to 1 per
minute.
2009-10-26 22:49:43 -07:00
Nick Mathewson
54973a45a6 Fix an apparently bogus check; fortunately, it seems to be untriggered. 2009-10-26 23:14:53 -04:00
Nick Mathewson
311315e077 Fix an accidentally removed free in 385853a282, and repair a check. 2009-10-26 23:13:29 -04:00
Roger Dingledine
ad525685f6 Merge commit 'karsten/fix-1066-3' 2009-10-26 22:45:12 -04:00
Nick Mathewson
385853a282 Fix/annotate deadcode for CID 402,403 2009-10-26 22:40:41 -04:00
Nick Mathewson
caa141617f Fix dead code found by Coverity (CID 419).
This was left over from an early draft of the microdescriptor code; it
began to populate the signatures array of a networkstatus vote, even
though there's no actual need to do that for a vote.
2009-10-26 22:40:41 -04:00
Nick Mathewson
5e4d53d535 Remove checks for array existence. (CID 410..415)
In C, the code "char x[10]; if (x) {...}" always takes the true branch of
the if statement.  Coverity notices this now.

In some cases, we were testing arrays to make sure that an operation
we wanted to do would suceed.  Those cases are now always-true.

In some cases, we were testing arrays to see if something was _set_.
Those caes are now tests for strlen(s), or tests for
!tor_mem_is_zero(d,len).
2009-10-26 22:40:41 -04:00
Nick Mathewson
a457cd91fa Clarification to suppress Coverity CID 405.
Every or conn has an outbuf, but coverity has no way of knowing that.
Add an assert to ease its conscience.
2009-10-26 22:40:40 -04:00
Nick Mathewson
8519d36633 Merge commit 'origin/maint-0.2.1' 2009-10-26 22:40:24 -04:00
Karsten Loesing
4256a96461 Fix bug 1066.
If all authorities restart at once right before a consensus vote, nobody
will vote about "Running", and clients will get a consensus with no usable
relays. Instead, authorities refuse to build a consensus if this happens.
2009-10-26 19:27:54 -07:00
Nick Mathewson
5c73da7faa Fix two memory leaks found by Coverity (CIDs 417-418)
The first happens on an error case when a controller wants an
impossible directory object.  The second happens when we can't write
our fingerprint file.
2009-10-26 22:12:40 -04:00
Nick Mathewson
8bada1ef67 Add missing break statements for Coverity CIDs #406,407.
The code for these was super-wrong, but will only break things when we
reset an option on a platform where sizeof(time_t) is different from
sizeof(int).
2009-10-26 21:35:26 -04:00
Nick Mathewson
071521e02f Merge commit 'origin/maint-0.2.1'
Conflicts:
	ChangeLog
2009-10-26 20:15:03 -04:00
Nick Mathewson
56048637a5 Only send the if_modified_since header for a v3 consensus.
Spotted by xmux; bugfix on 0.2.0.10-alpha.
(Bug introduced by 20b10859)
2009-10-26 20:14:11 -04:00
Karsten Loesing
d2b4b49ff0 Reduce log level for someone else sending us weak DH keys.
See task 1114. The most plausible explanation for someone sending us weak
DH keys is that they experiment with their Tor code or implement a new Tor
client. Usually, we don't care about such events, especially not on warn
level. If we really care about someone not following the Tor protocol, we
can set ProtocolWarnings to 1.
2009-10-25 23:47:05 -07:00
Roger Dingledine
fa23430496 clean up the XXX comments around bug 1038 2009-10-26 01:32:27 -04:00
Nick Mathewson
afc76a4e71 Fix two bugs found by Coverity scan.
One was a simple buffer overrun; the other was a high-speed pointer
collision.  Both were introduced by my microdescs branch.
2009-10-19 23:19:42 -04:00
Nick Mathewson
f629687053 Merge branch 'microdesc' 2009-10-19 00:45:47 -04:00
Nick Mathewson
465d4e1cd1 Document some formerly undocumented functions. 2009-10-19 00:30:52 -04:00
Sebastian Hahn
740806c453 Fix compile with warnings problems on Snow Leopard 2009-10-19 01:30:46 +02:00
Nick Mathewson
bb22d8fc45 Add functions to serve microdescs and flavored consensuses. 2009-10-18 18:46:12 -04:00
Nick Mathewson
200c39b66c Document the microdescriptor code better. 2009-10-18 18:46:12 -04:00
Nick Mathewson
d61b5df9c1 Fix various bugs in microdescriptor caching. 2009-10-18 18:46:07 -04:00
Nick Mathewson
851a980065 Actually remember all the consensus types when we are done generating them. 2009-10-15 15:17:13 -04:00
Nick Mathewson
a19981725d Parse detached signatures and microdesc networkstatuses correctly. 2009-10-15 15:17:13 -04:00
Nick Mathewson
3471057486 Implement signatures for microdesc consensuses right.
This means we need to handle the existence of multiple flavors of signature
in a detached signatures document, generate them correctly, and so on.
2009-10-15 15:17:13 -04:00
Nick Mathewson
d9c71816b1 Generate all the flavors of consensuses when building consensuses. 2009-10-15 15:17:13 -04:00
Nick Mathewson
5576a3a094 Parse detached signature documents with multiple flavors and algorithms. 2009-10-15 15:17:13 -04:00
Nick Mathewson
3b2fc659a8 Refactor consensus signature storage for multiple digests and flavors.
This patch introduces a new type called document_signature_t to represent the
signature of a consensus document.  Now, each consensus document can have up
to one document signature per voter per digest algorithm.  Also, each
detached-signatures document can have up to one signature per <voter,
algorithm, flavor>.
2009-10-15 15:17:13 -04:00
Nick Mathewson
e1ddee8bbe Code to generate, store, and parse microdescriptors and consensuses.
The consensus documents are not signed properly, not served, and not
exchanged yet.
2009-10-15 15:17:13 -04:00
Nick Mathewson
a7ba02f3f1 Add ability to parse one or more m line from a vote. 2009-10-15 15:17:13 -04:00
Nick Mathewson
bdf4839395 Functions to encode microdescriptors and their lines. 2009-10-15 15:17:12 -04:00
Nick Mathewson
c5f7f04aff Allow signed data to include other hashes later.
Previously, we insisted that a valid signature must be a signature of
the expected digest.  Now we accept anything that starts with the
expected digest.  This lets us include another digest later.
2009-10-15 15:17:12 -04:00
Nick Mathewson
15f4e9600c Signature-checking code can handle longer digests. 2009-10-15 15:17:12 -04:00
Nick Mathewson
8b2f6b27fd Make signature-generation code handle different key and digest lengths. 2009-10-15 15:17:12 -04:00
Nick Mathewson
5ef97ddd42 Merge commit 'origin/maint-0.2.1'
Conflicts:
	ChangeLog
	configure.in
	contrib/tor-mingw.nsi.in
	src/or/config.c
	src/win32/orconfig.h
2009-10-15 12:33:22 -04:00
Roger Dingledine
2bee297d57 Move moria1 and Tonga to alternate IP addresses. 2009-10-15 12:14:18 -04:00
Roger Dingledine
2394336426 read the "circwindow" parameter from the consensus
backport of c43859c5c1
backport of 0d13e0ed14
2009-10-14 17:07:32 -04:00
Nick Mathewson
83c3f118db Code to parse and access network parameters.
Partial backport of 381766ce4b.
Partial backport of 56c6d78520.
2009-10-14 16:15:41 -04:00
Nick Mathewson
71cdd99dd7 Another event2 evdns fix. 2009-10-13 18:57:25 -04:00
Nick Mathewson
81eee0ecff Fix a crash when using evdns from Libevent 2.
When we tried to use the deprecated non-threadsafe evdns
interfaces in Libevent 2 without using the also-deprecated
event_init() interface, Libevent 2 would sensibly crash, since it
has no guess where to find the Libevent library.

Here we use the evdns_base_*() functions instead if they're
present, and fake them if they aren't.
2009-10-13 17:54:04 -04:00
Nick Mathewson
da990d09c3 Merge commit 'public/android' 2009-10-11 23:30:19 -04:00
Roger Dingledine
9d6c79cbbb fix compile on windows 2009-10-11 17:23:47 -04:00
Roger Dingledine
6265b9f09d Move dizum to an alternate IP address. 2009-10-11 14:59:14 -04:00
Nick Mathewson
5a6575c2d4 Don't set unreachable from dirvote unless we've been running a while.
This is a possible fix for bug 1023, where if we vote (or make a v2
consensus networkstatus) right after we come online, we can call
rep_hist_note_router_unreachable() on every router we haven't connected
to yet, and thereby make all their uptime values reset.
2009-10-10 15:23:00 -04:00
Roger Dingledine
1c62b9d5fa fix a bug where we were decrementing the wrong bucket
i think this doesn't actually affect anything, since linked
conns usually don't impact buckets
2009-10-10 14:52:41 -04:00
Roger Dingledine
746a19e84d remove some dead code. some of it was tickling coverity. 2009-10-10 13:39:41 -04:00
Sebastian Hahn
e35f9414d6 Fix a memleak when throwing away some build times
This was introduced in f7e6e852e8.
Found by Coverity
2009-10-10 13:41:44 +02:00
Mike Perry
18689317e4 Tweak an assert that shouldn't fire either way.
There were however other places where we used to call this
function that might have caused this to fire. Better
safe than sorry now.
2009-10-07 13:05:28 -07:00
Mike Perry
ec05e64a68 Tweak values for when to discard all of our history.
This seems to be happening to me a lot on a garbage DSL line.
We may need to come up with 2 threshholds: a high short onehop
count and a lower longer count.
2009-10-07 12:49:13 -07:00
Mike Perry
b918cd8f04 Remove another overzealous assert.
Pretimeouts may have build time data, just no timeout data.
2009-10-07 12:24:40 -07:00
Roger Dingledine
b4e0d09202 try to stem the 'sea of fail' 2009-10-01 05:35:24 -04:00
Roger Dingledine
9325b9269c Ignore one-hop circuits for circuit timeout calc
Don't count one-hop circuits when we're estimating how long it
takes circuits to build on average. Otherwise we'll set our circuit
build timeout lower than we should. Bugfix on 0.2.2.2-alpha.
2009-10-01 04:15:45 -04:00
Roger Dingledine
b9e8f0a013 Move Tonga to an alternate IP address 2009-09-30 22:35:05 -04:00
Roger Dingledine
69ecc127e9 Move moria1 to a nearby IP address 2009-09-30 18:46:55 -04:00
Roger Dingledine
53a7636a05 Dir auths reject relays running < Tor 0.1.2.14
Directory authorities now reject Tor relays with versions less than
0.1.2.14. This step cuts out four relays from the current network,
none of which are very big.
2009-09-30 18:34:21 -04:00
Mike Perry
f7e6e852e8 Fix 1108: Handle corrupt or large build times state.
1108 was actually just a fencepost error in an assert,
but making the state file handling code resilient is a
good idea.
2009-09-29 14:07:04 -04:00
Nathan Freitas
8c585cce39 Include util.h and log.h as relative paths.
This shouldn't be necessary, but apparently the Android cross-compiler
doesn't respect -I as well as it should.  (-I is supposed to add to the
*front* of the search path.  Android's gcc wrapper apparently likes to add to
the end.  This is broken, but we need to work around it.)
2009-09-29 00:52:52 -04:00
Nick Mathewson
2e70642c3a Whitespace fix 2009-09-28 23:50:57 -04:00
Roger Dingledine
768bc04feb fix two comment bugs for load_stats_file() 2009-09-28 23:25:23 -04:00
Roger Dingledine
b4709066c9 Merge commit 'karsten/fix-another-stats-bug' 2009-09-28 23:23:39 -04:00
Nick Mathewson
3e82981795 Fix some win32 compilation warnings 2009-09-28 19:56:36 -04:00
Karsten Loesing
94b57f9f36 Fix an issue with including stats in extra-info descriptors. 2009-09-28 15:20:21 +02:00
Sebastian Hahn
6a68b50597 Make sure we can't overflow in connection_ap_handshake_send_resolve
Found by Coverity
2009-09-27 12:02:02 -04:00
Sebastian Hahn
7f1f6984da Fix memory leak
Some memory could be lost in the error case of
circuit_build_times_parse_state.

Found by Coverity
2009-09-27 12:00:02 -04:00
Roger Dingledine
180a4b6a74 Merge commit 'karsten/stats-fixes-master' 2009-09-24 18:54:01 -04:00
Karsten Loesing
457bebe01a Fix a couple of smaller issues with gathering statistics.
- Avoid memmoving 0 bytes which might lead to compiler warnings.

- Don't require relays to be entry node AND bridge at the same to time to
  record clients.

- Fix a memory leak when writing dirreq-stats.

- Don't say in the stats files that measurement intervals are twice as long
  as they really are.

- Reduce minimum observation time for requests to 12 hours, or we might
  never record usage.

- Clear exit stats correctly after writing them, or we accumulate old stats
  over time.

- Reset interval start for buffer stats, too.
2009-09-24 21:58:56 +02:00
Nick Mathewson
b8b2935367 Debugging logs for TLS handshake
The big change is to add a function to display the current SSL handshake
state, and to log it everywhere reasonable.  (A failure in
SSL23_ST_CR_SRVR_HELLO_A is different from one in
SSL3_ST_CR_SESSION_TICKET_A.)

This patch also adds a new log domain for OR handshaking, so you can pull out
all the handshake log messages without having to run at debug for everything.
For example, you'd just say "log notice-err [handshake]debug-err file
tor.log".
2009-09-24 12:31:22 -04:00
Roger Dingledine
eed5cae9d1 downgrade a log notice at startup
This was the only log notice that happened during other
tor invocations, like --verify-config and --list-fingerprint.
Plus, now we think it works, so no need to hear about it.
2009-09-23 04:59:05 -04:00
Nick Mathewson
da1aa66f70 Move testing code into new src/test directory. 2009-09-23 00:24:43 -04:00
Nick Mathewson
d4b54549b8 Refactor unit tests to use the tinytest framework.
"Tinytest" is a minimalist C unit testing framework I wrote for
Libevent.  It supports some generally useful features, like being able
to run separate unit tests in their own processes.

I tried to do the refactoring to change test.c as little as possible.
Thus, we mostly don't call the tinytest macros directly.  Instead, the
test.h header is now a wrapper on tinytest.h to make our existing
test_foo() macros work.

The next step(s) here will be:
  - To break test.c into separate files, each with its own test group.
  - To look into which things we can test
  - To refactor the more fiddly tests to use the tinytest macros
    directly and/or run forked.
  - To see about writing unit tests for things we couldn't previously
    test without forking.
2009-09-23 00:24:43 -04:00
Roger Dingledine
0d13e0ed14 Be more robust to bad circwindow values
If the networkstatus consensus tells us that we should use a
negative circuit package window, ignore it. Otherwise we'll
believe it and then trigger an assert.

Also, change the interface for networkstatus_get_param() so we
don't have to lookup the consensus beforehand.
2009-09-22 22:09:33 -04:00
Nick Mathewson
6acfa31d59 Merge commit 'mikeperry/circuittimeout-1103' 2009-09-21 23:35:49 -04:00
Mike Perry
fd7454f9e3 Fix Bug 1103.
Don't pass in a quantile that is too high during pretimeout
calcualtion.
2009-09-21 20:01:20 -07:00
Roger Dingledine
54ba86d9d0 downgrade a log severity, since this event has been known
to happen and there's nothing the user can do about it
2009-09-21 03:32:28 -04:00
Roger Dingledine
fa63d47f83 Merge branch 'maint-0.2.1' 2009-09-20 23:53:03 -04:00
Roger Dingledine
95008db08d Revert "Teach connection_ap_can_use_exit about Exclude*Nodes"
This reverts commit dc3229313b.

We're going to do this more thoroughly in 0.2.2.x, and not in
maint-0.2.1.
2009-09-20 23:50:48 -04:00
Nick Mathewson
93b33e15ab Fix build warnings on OSX 10.5.8 2009-09-20 23:01:43 -04:00
Mike Perry
134266b984 Change the condition on the nonlive timeout counting.
Try to clarify things in the comment too.
2009-09-20 18:20:10 -07:00
Roger Dingledine
cf2afcd707 Fix typos and comments, plus two bugs
A) We were considering a circuit had timed out in the special cases
where we close rendezvous circuits because the final rendezvous
circuit couldn't be built in time.
B) We were looking at the wrong timestamp_created when considering
a timeout.
2009-09-20 19:50:44 -04:00
Mike Perry
f39bedf250 Implement and document new network liveness algorithm.
Based on irc discussion with arma.
2009-09-20 14:51:30 -07:00
Mike Perry
6700e528be Fix some precision-related asserts in unit tests.
Mostly by storing the timeout as milliseconds and not seconds
internally.
2009-09-20 14:43:45 -07:00
Roger Dingledine
cc53e7cb0e disable the end of circuitbuildtimeout units tests
until mike figures out some other way to make them pass reliably
2009-09-18 02:00:20 -04:00
Sebastian Hahn
335b67a354 Fix compile on freebsd 2009-09-18 02:43:45 +02:00
Roger Dingledine
67f280feb3 Let our config abbreviations rewrite more than once 2009-09-17 20:32:42 -04:00
Roger Dingledine
b02b11c4b4 a mish-mash of stuff in my sandbox 2009-09-17 01:58:39 -04:00
Roger Dingledine
ee89061ef2 give proposal 151 a changelog and other touchups 2009-09-17 01:42:33 -04:00
Roger Dingledine
feccaa5c83 Choose early circuit idle timeout better.
Don't discard all circuits every MaxCircuitDirtiness, because the
user might legitimately have set that to a very lower number.

Also don't use up all of our idle circuits with testing circuits,
since that defeats the point of preemptive circuits.
2009-09-17 01:41:47 -04:00
Nick Mathewson
b3991ea7d1 Merge commit 'karsten/fix-1073' into maint-0.2.1 2009-09-16 23:36:01 -04:00
Roger Dingledine
4850a3a75f Merge commit 'mikeperry/circuitbuildtimeout-final' 2009-09-16 21:43:31 -04:00
Mike Perry
43c18746bd Clarify use of magic number 0.98 with #define. 2009-09-16 18:41:22 -07:00
Roger Dingledine
926ca5befd Merge branch 'maint-0.2.1' 2009-09-16 21:28:49 -04:00
Roger Dingledine
7d838971dd Merge commit 'karsten/no-time-maint-0.2.1' 2009-09-16 20:45:01 -04:00
Roger Dingledine
9eb5edc093 Merge commit 'sebastian/specconformance' 2009-09-16 20:37:43 -04:00
Sebastian Hahn
1aac7de1ea Fix unit tests and compile issues on Snow Leopard 2009-09-16 17:22:21 -07:00
Mike Perry
e2c2fa7a1f Change liveness value to be a function of the timeout.
And also the number of recent circuits used to decide
when the network changes.
2009-09-16 17:20:34 -07:00
Mike Perry
e4e0ce94f0 Add log message so we have accurate build time values. 2009-09-16 17:20:34 -07:00
Mike Perry
5bd60d8a41 Address nickm's issues from his review #1. 2009-09-16 17:20:29 -07:00
Mike Perry
0352d43917 Move circuitbuildtimeout config check.
We want it to be under our control so it doesn't mess
up initialization. This is likely the cause for
the bug the previous assert-adding commit (09a75ad) was
trying to address.
2009-09-16 15:58:42 -07:00
Mike Perry
09a75ad316 Time for some debugging by asserts.
Got a negative timeout value on startup. Need to narrow it down.
2009-09-16 15:55:51 -07:00
Mike Perry
742e08046f Fix bugs relating to not counting timeouts as circuit builds.
Also use bin midpoints for time values.
2009-09-16 15:55:51 -07:00
Mike Perry
67cee75ca2 Document functions and constants. 2009-09-16 15:55:50 -07:00
Mike Perry
c9363df09f Remove an assert.
It seems to fire because of precision issues. Added
more debug info to the warn to try to figure out for sure.
2009-09-16 15:55:50 -07:00
Mike Perry
63be2df84f Fix issues found by arma in review. 2009-09-16 15:55:36 -07:00
Roger Dingledine
672e2f6908 space/indent cleanups, plus point out three bugs 2009-09-16 15:55:32 -07:00
Mike Perry
4b3bc714a3 Woops. Fix a couple memory leaks.
Also change the max timeout quantile to 0.98, so we can
avoid huge synthetic timeout values.
2009-09-16 15:54:37 -07:00
Karsten Loesing
b508e4748f Remove trailing spaces. As if bytes were free...
Also correct some typos.
2009-09-16 15:52:05 -07:00
Mike Perry
535423a3bb Resolve mode ties in favor of the higher (slower) mode. 2009-09-16 15:52:04 -07:00
Mike Perry
8210336182 More detail for some log msgs. 2009-09-16 15:52:04 -07:00
Mike Perry
6eba08e22f Use our variable directly for timeout.
Using CircuitBuildTimeout is prone to issues with SIGHUP, etc.
Also, shuffle the circuit build times array after loading it
in so that newer measurements don't replace chunks of
similarly timed measurements.
2009-09-16 15:52:04 -07:00
Mike Perry
fca8446949 Fix a couple of assert bugs. 2009-09-16 15:52:03 -07:00
Mike Perry
c4e6b3eadb Fix timeout edge case when we get enough samples.
Also switch Xm calculation to mode, not min.
2009-09-16 15:52:03 -07:00
Mike Perry
95735e5478 Fix the math.h log() conflict.
It was compiling, but causing segfaults.

Also, adjust when the timer starts for new test circs
and save state every 25 circuits.
2009-09-16 15:51:17 -07:00
Mike Perry
7ac9a66c8f Recover from changing network connections.
Also add code to keep creating circuits every minute until we
hit our minimum threshhold.
2009-09-16 15:51:16 -07:00
Mike Perry
411b60325b Factor out the pretimeout handling code.
We need to also call it if we're going to calculate alpha
after a normal circuit build.
2009-09-16 15:51:15 -07:00
Mike Perry
b52bce91fc Write unit tests and fix issues they uncovered. 2009-09-16 15:51:10 -07:00
Mike Perry
04414830fe Implement the pareto fitting and timeout calculating bits. 2009-09-16 15:48:52 -07:00
Mike Perry
7750bee21d Clean up Fallon's partially complete GSoC project.
The code actually isn't that bad. It's a shame she didn't finish.
Using it as the base for this feature.
2009-09-16 15:48:51 -07:00
Roger Dingledine
2dbf5b7741 Merge branch 'tmp' 2009-09-16 17:18:35 -04:00
Sebastian Hahn
dc3229313b Teach connection_ap_can_use_exit about Exclude*Nodes
To further attempt to fix bug 1090, make sure connection_ap_can_use_exit
always returns 0 when the chosen exit router is excluded. This should fix
bug1090.
2009-09-16 02:29:57 +02:00
Nick Mathewson
ed7283d283 Merge commit 'origin/maint-0.2.1'
Resolved conflicts in:
	src/or/circuitbuild.c
2009-09-15 19:37:26 -04:00
Nick Mathewson
24c740e5fd Merge commit 'sebastian/memleak' into maint-0.2.1 2009-09-15 19:35:16 -04:00
Sebastian Hahn
113ba0e727 make some bug 1090 warnings go away
When we excluded some Exits, we were sometimes warning the user that we
were going to use the node regardless. Many of those warnings were in
fact bogus, because the relay in question was not used to connect to
the outside world.

Based on patch by Rotor, thanks!
2009-09-16 01:17:51 +02:00
Nick Mathewson
f9226ae030 Merge commit 'origin/maint-0.2.1' 2009-09-15 12:53:44 -04:00
Sebastian Hahn
b73ecdc232 Fix compile on Snow Leopard 2009-09-15 07:13:36 -04:00
Sebastian Hahn
5e01a86b42 some cleanups:
documentation fix for get_uint64
remove extra "." from a log line
fix a long line
2009-09-15 07:12:12 -04:00
Roger Dingledine
c43859c5c1 Read "circwindow=x" from the consensus and use it
Tor now reads the "circwindow" parameter out of the consensus,
and uses that value for its circuit package window rather than the
default of 1000 cells. Begins the implementation of proposal 168.
2009-09-15 06:33:33 -04:00
Roger Dingledine
40bcab1faf ConsensusParams config option lists key=value params
finishes the authority-operator interface side of proposal 167.
2009-09-15 04:40:08 -04:00
Nick Mathewson
56c6d78520 Parameter access function, with unit tests. 2009-09-14 23:39:08 -04:00
Nick Mathewson
381766ce4b Implement proposal 167: Authorities vote on network parameters.
This code adds a new field to vote on: "params".  It consists of a list of
sorted key=int pairs.  The output is computed as the median of all the
integers for any key on which anybody voted.

Improved with input from Roger.
2009-09-14 23:21:53 -04:00
Sebastian Hahn
b792afa919 Fix a memory leak when parsing a ns
Adding the same vote to a networkstatus consensus leads to a memory leak
on the client side. Fix that by only using the first vote from any given
voter, and ignoring the others.

Problem found by Rotor, who also helped writing the patch. Thanks!
2009-09-14 22:25:08 +02:00
Sebastian Hahn
c1a6fb42ac Fix a spec conformance issue when parsing a ns vote
A vote may only contain exactly one signature. Make sure we reject
votes that violate this.

Problem found by Rotor, who also helped writing the patch. Thanks!
2009-09-14 22:06:21 +02:00
Roger Dingledine
86af2ecbda minor fixes in some comments 2009-09-06 20:09:08 -04:00
Karsten Loesing
995606a7e1 Avoid calling time(NULL) too often.
Found by "rotator".
2009-09-03 10:17:08 +02:00
Roger Dingledine
fcacf22491 Fix obscure 64-bit big-endian hidserv bug
Fix an obscure bug where hidden services on 64-bit big-endian
systems might mis-read the timestamp in v3 introduce cells, and
refuse to connect back to the client. Discovered by "rotor".
Bugfix on 0.2.1.6-alpha.
2009-09-02 20:36:11 -04:00
Roger Dingledine
3de5ac9baa i couldn't break nick's tor_parse_double()
i guess that means i should call them unit tests and check them in.
2009-09-02 01:10:10 -04:00
Sebastian Hahn
0a71d1c6a7 Fix compile warnings on Snow Leopard
Big thanks to nickm and arma for helping me with this!
2009-09-01 22:16:46 +02:00
Nick Mathewson
1cda6f3e75 Merge commit 'origin/maint-0.2.1' 2009-09-01 15:59:40 -04:00
Sebastian Hahn
d76fd59a7e Remove a debug printf 2009-09-01 21:58:11 +02:00
Sebastian Hahn
aea9cf1011 Fix compile warnings on Snow Leopard
Big thanks to nickm and arma for helping me with this!
2009-09-01 18:36:27 +02:00
Nick Mathewson
cdc8ea2976 Merge commit 'public/bug1076' 2009-09-01 02:01:49 -04:00
Roger Dingledine
075c004095 Add getinfo accepted-server-descriptor. Clean spec.
Add a "getinfo status/accepted-server-descriptor" controller
command, which is the recommended way for controllers to learn
whether our server descriptor has been successfully received by at
least on directory authority. Un-recommend good-server-descriptor
getinfo and status events until we have a better design for them.
2009-08-31 18:37:25 -04:00
Karsten Loesing
da219ee924 Reduce log level for bug case that we now know really exists. 2009-09-01 00:16:33 +02:00
Roger Dingledine
a225469ded Merge branch 'maint-0.2.1' 2009-08-31 16:26:01 -04:00
Roger Dingledine
4c297f74f7 Only send reachability status events on overall success/failure
We were telling the controller about CHECKING_REACHABILITY and
REACHABILITY_FAILED status events whenever we launch a testing
circuit or notice that one has failed. Instead, only tell the
controller when we want to inform the user of overall success or
overall failure. Bugfix on 0.1.2.6-alpha. Fixes bug 1075. Reported
by SwissTorExit.
2009-08-31 16:14:41 -04:00
Nick Mathewson
00b37f071d Revise parsing of time and memory units to handle spaces.
When we added support for fractional units (like 1.5 MB) I broke
support for giving units with no space (like 2MB).  This patch should
fix that.  It also adds a propoer tor_parse_double().

Fix for bug 1076.  Bugfix on 0.2.2.1-alpha.
2009-08-31 00:18:55 -04:00
Karsten Loesing
dd8f16beb5 Avoid segfault when accessing hidden service. 2009-08-29 19:41:08 +02:00
Roger Dingledine
0bb59f1c38 Merge branch 'maint-0.2.1' 2009-08-28 03:47:18 -04:00
Roger Dingledine
64f393d56f Only send netinfo clock_skew to controller if an authority told us so
We were triggering a CLOCK_SKEW controller status event whenever
we connect via the v2 connection protocol to any relay that has
a wrong clock. Instead, we should only inform the controller when
it's a trusted authority that claims our clock is wrong. Bugfix
on 0.2.0.20-rc; starts to fix bug 1074. Reported by SwissTorExit.
2009-08-28 03:42:09 -04:00
Karsten Loesing
889c07f1fc When Tor fails to parse a descriptor of any kind, dump it to disk. 2009-08-26 20:15:47 -04:00
Nick Mathewson
1d9b8a1e16 Merge commit 'karsten/proposal-166-impl-master' 2009-08-26 11:36:40 -04:00
Nick Mathewson
c9203749a2 A changelog entry and a bit more documentation for socks-client 2009-08-26 11:34:45 -04:00
Nick Mathewson
707a6bd659 Merge commit 'public/socks-client'
Resolved conflict in:
	src/or/or.h
2009-08-26 11:27:19 -04:00
Nick Mathewson
903f9ef50e Clean up a couple of style issues in the socks-client branch. 2009-08-25 10:30:54 -04:00
Karsten Loesing
8c29b7920a Add some fixes after discussion with Nick.
- Refactor geoip.c by moving duplicate code into rotate_request_period().
- Don't leak memory when cleaning up cell queues.
- Make sure that exit_(streams|bytes_(read|written)) are initialized in all
  places accessing these arrays.
- Read only the last block from *stats files and ensure that its timestamp
  is not more than 25 hours in the past and not more than 1 hour in the
  future.
- Stop truncating the last character when reading *stats files.

The only thing that's left now is to avoid reading whole *stats files into
memory.
2009-08-21 23:02:36 +02:00
Nick Mathewson
b51c592547 Refactor geoip_get_dirreq_history() some more.
This patch avoids a bunch of allocations, and avoids using unallocated
memory.
2009-08-21 13:50:32 -04:00
Nick Mathewson
d4a75a222f Fix a memory leak in summarizing directory request timing.
Spotted by Coverity Scan.
2009-08-21 13:33:20 -04:00
Nick Mathewson
daa0326aaa Add the first 8 bytes of the git commit digest to our versions.
Note that unlike subversion revision numbers, it isn't meaningful to
compare these for anything but equality.  We define a sort-order anyway,
in case one of these accidentally slips into a recommended-versions
list.
2009-08-21 12:31:13 -04:00
Roger Dingledine
eb829cc330 Survive unparseable cached cert file 2009-08-20 16:56:21 -04:00
Roger Dingledine
7f518873eb Notice v3 cert parsing failures
If any the v3 certs we download are unparseable, we should actually
notice the failure so we don't retry indefinitely. Bugfix on 0.2.0.x;
reported by "rotator".
2009-08-20 16:50:51 -04:00
Nick Mathewson
8771fdfda4 Make consensus_method_is_supported() be the canonical source for its info.
Add a new function to derive the declared method list from
consensus_method_is_supported().
2009-08-20 10:04:33 -04:00
Nick Mathewson
f57883a39e Add basic support for SHA256.
This adds an openssl 0.9.8 dependency.  Let's see if anybody cares.
2009-08-19 19:43:54 -04:00
Karsten Loesing
75c59d1a92 Some final (?) cleanups of proposal 166 implementation. 2009-08-19 23:36:27 +02:00
Karsten Loesing
93fd0d3755 Fix a couple of bugs that showed up at runtime. 2009-08-19 19:16:00 +02:00
Karsten Loesing
6592cbe3e1 Don't write extra-info document to debug logs. 2009-08-19 17:15:51 +02:00
Karsten Loesing
42229d1d84 Move all *-stats file to subdirectory stats/. 2009-08-19 17:10:40 +02:00
Karsten Loesing
a5508583ee Include only the last 24 hours of stats in extra-info documents. 2009-08-19 16:30:00 +02:00
Karsten Loesing
4e29f33427 Write all statistics to disk exactly every 24 hours. 2009-08-19 15:41:12 +02:00
Karsten Loesing
dccadb30cd Clean up proposal 166 and its implementation. 2009-08-18 15:53:08 +02:00
Karsten Loesing
799af41157 Use memory pool for insertion times. 2009-08-17 13:30:11 +02:00
Karsten Loesing
f37af0180d Implement queue with O(1) operations, and correct some math. 2009-08-17 13:30:11 +02:00
Karsten Loesing
858a8f809d Reduce cell statistics accuracy from 1 ms to 10 ms. 2009-08-17 13:30:11 +02:00
Karsten Loesing
20c95a3d21 Fix trivial bug when uploading extra-info documents. 2009-08-17 13:30:10 +02:00
Karsten Loesing
9179bcb923 Include contents of *-stats files in descriptor. 2009-08-17 13:30:10 +02:00
Karsten Loesing
d97e95cb62 Remove ./configure option for cell statistics. 2009-08-17 13:30:09 +02:00
Karsten Loesing
ab7729f472 Remove ./configure option for entry and dir request statistics. 2009-08-17 13:29:50 +02:00
Nick Mathewson
b9e45cc508 Merge commit 'mikeperry/bandwidth-voting-final' 2009-08-14 17:12:05 -04:00
Karsten Loesing
9d16a59fcc Remove ./configure option for exit port statistics. 2009-08-14 14:56:38 +02:00
Nick Mathewson
e0dc2e907e Merge commit 'origin/maint-0.2.1' 2009-08-12 22:02:07 -04:00
Karsten Loesing
a98643c1b5 Fix possible segmentation fault on directory authorities.
The more verbose logs that were added in ee58153 also include a string
that might not have been initialized. This can lead to segfaults, e.g.,
when setting up private Tor networks. Initialize this string with NULL.
2009-08-11 17:33:58 +02:00
Roger Dingledine
afc9da7287 Merge branch 'maint-0.2.1' 2009-08-10 04:17:32 -04:00
Roger Dingledine
e50b7768b9 Send sendmes when we're down 100 cells, not 101.
Send circuit or stream sendme cells when our window has decreased
by 100 cells, not when it has decreased by 101 cells. Bug uncovered
by Karsten when testing the "reduce circuit window" performance
patch. Bugfix on the 54th commit on Tor -- from July 2002,
before the release of Tor 0.0.0. This is the new winner of the
oldest-bug prize.
2009-08-10 04:13:18 -04:00
Roger Dingledine
5f0fb9a109 Merge branch 'maint-0.2.1' into tmp_merge 2009-08-10 01:37:29 -04:00
Roger Dingledine
8abe3bac7e Set up urras as the seventh v3 directory authority. 2009-08-10 01:32:51 -04:00
Mike Perry
9e1fe29beb Switch over to tor_strtok_r instead of strtok_r. 2009-08-09 18:42:29 -07:00
Mike Perry
cb477f9cc0 Merge commit 'nickm/strtok' into mp-voting-final 2009-08-09 18:23:53 -07:00
Mike Perry
1060b4d824 Fix issues found by Nick in code review. 2009-08-09 18:21:15 -07:00
Nick Mathewson
3886467f38 Add a new tor_strtok_r for platforms that don't have one, plus tests.
I don't think we actually use (or plan to use) strtok_r in a reentrant
way anywhere in our code, but would be nice not to have to think about
whether we're doing it.
2009-08-09 17:30:15 -07:00
Jacob Appelbaum
33762b5296 LetsKillNoConnect removes support for .noconnect
This is a patch to remove support for .noconnect.
We are removing .noconnect because of a talk at Defcon 17 by Gregory Fleischer.
2009-08-08 19:15:22 -07:00
Roger Dingledine
3e4379c2e7 Disable .exit notation unless AllowDotExit is 1. 2009-08-07 19:26:41 -04:00
Mike Perry
ca676c3924 Display consensus bandwidth to the control port.
Also div vote and other bandwidth by 1000, not 1024.
2009-08-06 14:47:08 -07:00
Mike Perry
b074e61ad3 Throw the switch on consensus method 6. 2009-08-06 14:47:04 -07:00
Roger Dingledine
da88e05edc try loading the bandwidth measurement file on startup too,
in case it's broken.
2009-08-06 11:48:03 -07:00
Mike Perry
6fbdf635fa Implement measured bw parsing + unit tests. 2009-08-06 11:48:03 -07:00
Nick Mathewson
df354a002c Merge commit 'origin/maint-0.2.1'
Resolved onflicts in:
	ChangeLog
	src/or/config.c
	src/or/or.h
2009-07-30 10:16:04 -04:00
Nick Mathewson
4577bda766 Cleaner fix for get_effective_bw(rate|burst), with comment on why it is ok. 2009-07-30 10:14:12 -04:00
Nick Mathewson
efe966944d Fix signed/unsigned comparison warnings in get_effective_bw(rate|burst) 2009-07-30 09:15:07 -04:00
Roger Dingledine
6249b0fd77 Fix a signed/unsigned compile warning in 0.2.1.19 2009-07-28 18:34:35 -04:00
Roger Dingledine
e8e88922a7 Merge branch 'maint-0.2.1' into master 2009-07-28 18:19:57 -04:00
Sebastian Hahn
3e45445104 Changing MaxAdvertisedBW may not need a republish
Relays no longer publish a new server descriptor if they change
their MaxAdvertisedBandwidth config option but it doesn't end up
changing their advertised bandwidth numbers. Bugfix on 0.2.0.28-rc;
fixes bug 1026. Patch from Sebastian.
2009-07-27 23:53:06 -04:00
Roger Dingledine
a73acdd46f Write fingerprint to file and log without spaces
Now it will look like the fingerprints in our bridges documentation,
and confuse fewer users.
2009-07-27 22:51:20 -04:00
Roger Dingledine
0a4e2397c0 Don't leak memory if we get too many create cells
Specifically, every time we get a create cell but we have so many already
queued that we refuse it.

Bugfix on 0.2.0.19-alpha; fixes bug 1034. Reported by BarkerJr.
2009-07-27 22:38:09 -04:00
Roger Dingledine
2b63fa40e8 three hacks to workaround bug 1038
The problem is that clients and hidden services are receiving
relay_early cells, and they tear down the circuit.

Hack #1 is for rendezvous points to rewrite relay_early cells to
relay cells. That way there are never any incoming relay_early cells.

Hack #2 is for clients and hidden services to never send a relay_early
cell on an established rendezvous circuit. That works around rendezvous
points that haven't upgraded yet.

Hack #3 is for clients and hidden services to not tear down the circuit
when they receive an inbound relay_early cell. We already refuse extend
cells at clients.
2009-07-27 21:58:32 -04:00
Karsten Loesing
7b716878cb Fix dirreq and cell stats on 32-bit architectures.
When determining how long directory requests take or how long cells spend
in queues, we were comparing timestamps on microsecond detail only to
convert results to second or millisecond detail later on. But on 32-bit
architectures this means that 2^31 microseconds only cover time
differences of up to 36 minutes. Instead, compare timestamps on
millisecond detail.
2009-07-27 16:23:53 +02:00
Nick Mathewson
2b0e8fb39f Merge commit 'ioerror/DirFetchInfoExtraEarly'
Conflicts:
	ChangeLog
2009-07-25 00:52:54 -04:00
Karsten Loesing
f80537e3e0 Fix unit tests.
Now that we require EntryStatistics to be 1 for counting connecting
clients, unit tests need to set that config option, too.

Reported by Sebastian Hahn.
2009-07-24 01:13:33 +02:00
Sebastian Hahn
5c0b418a6f don't warn about DirReqStatistics when the option is disabled
Reported by Zax on #tor
2009-07-23 13:50:18 +02:00
Karsten Loesing
b71bbdc69a Make exit stats compile on 64-bit machines, too. 2009-07-18 10:35:20 -04:00
Nick Mathewson
022d251cb7 Merge branch 'dirreq-timing' 2009-07-16 15:26:07 -04:00
Nick Mathewson
cbe4327391 Switch dirreq_map to use HT_ functions rather than strmap. 2009-07-16 15:26:01 -04:00
Sebastian Hahn
989e74e5c0 fix long line 2009-07-15 17:26:11 +02:00
Karsten Loesing
8c496d1660 Some tweaks to statistics.
Changes to directory request statistics:

- Rename GEOIP statistics to DIRREQ statistics, because they now include
  more than only GeoIP-based statistics, whereas other statistics are
  GeoIP-dependent, too.
- Rename output file from geoip-stats to dirreq-stats.
- Add new config option DirReqStatistics that is required to measure
  directory request statistics.
- Clean up ChangeLog.

Also ensure that entry guards statistics have access to a local GeoIP
database.
2009-07-15 16:32:40 +02:00
Karsten Loesing
416940d93b Some tweaks to directory request download times.
- Use common prefixes DIRREQ_* and dirreq_*.
- Replace enums in structs with bitfields.
2009-07-15 16:14:14 +02:00
Karsten Loesing
85e7f67e1c Round up results to the next multiple of 4. 2009-07-15 16:12:45 +02:00
Karsten Loesing
4002980d1c Right, the u in uint stands for unsigned. 2009-07-15 16:12:45 +02:00
Karsten Loesing
3c05132575 Directories now also measure download times of network statuses. 2009-07-15 16:12:45 +02:00
Nick Mathewson
d4b31cf98f Allow interval and memunit cfg variables to be set to fractions. 2009-07-15 10:02:49 -04:00
Roger Dingledine
05975e2a89 make it compile without warnings 2009-07-14 14:13:04 -04:00
Nick Mathewson
31b72732c6 Merge commit 'karsten/geoipstats-download-resp-master'
Conflicts:
	src/or/geoip.c
2009-07-14 12:18:27 -04:00
Nick Mathewson
e90843eb68 Merge commit 'karsten/geoipstats-shares-master' 2009-07-14 12:15:24 -04:00
Nick Mathewson
49136bb18f Merge commit 'karsten/geoipstats-newoverthereistan-master' 2009-07-14 12:14:19 -04:00
Karsten Loesing
409386cede Handle unsigned ints correctly. 2009-07-14 01:50:55 +02:00
Karsten Loesing
59dd9de858 Write number of rejected requests to geoip-stats file. 2009-07-14 01:46:17 +02:00
Jacob Appelbaum
e7576f92de Add support for a new option: FetchDirInfoExtraEarly
This new option will allow clients to download the newest fresh consensus
much sooner than they normally would do so, even if they previously set
FetchDirInfoEarly. This includes a proper ChangeLog entry and an updated man
page.
2009-07-13 16:30:42 -07:00
Roger Dingledine
b48e3371d7 remove experimental 'getinfo unregistered-servers-'
it never really worked, and hasn't been used for years.
2009-07-13 17:34:47 -04:00
Roger Dingledine
9ece0955f7 fix comments and other typos 2009-07-13 17:34:46 -04:00
Karsten Loesing
8f1a973669 Two tweaks to exit-port statistics.
Add two functions for round_to_next_multiple_of() for uint32_t and
uint64_t.

Avoid division in every step of the loop over all ports.
2009-07-13 22:43:06 +02:00
Karsten Loesing
707a44a7b0 Replace two %d with %u's. 2009-07-13 22:11:21 +02:00
Karsten Loesing
d1437245c7 Simplify the math to round up to the next multiple of some value. 2009-07-11 00:44:27 +02:00
Karsten Loesing
7fb206e554 Tweak exit port statistics a bit.
Introduce a threshold of 0.01% of bytes that must be read and written per
port in order to be included in the statistics. Otherwise we cannot include
these statistics in extra-info documents, because they are too big.

Change the labels "-written" and "-read" so that the meanings are as
intended.
2009-07-09 23:55:13 +02:00
Karsten Loesing
fa2374a163 List unresolved requests in geoip stats as country '??'. 2009-07-09 15:34:53 +02:00
Nick Mathewson
041a7b9896 Merge commit 'karsten/entrystats-master'
Conflicts:
	ChangeLog
	configure.in
	src/or/config.c
	src/or/or.h
2009-07-07 14:26:50 -04:00
Nick Mathewson
1c1b223910 Merge commit 'karsten/bufferstats-master' 2009-07-07 13:21:33 -04:00
Nick Mathewson
aa0cf31c51 Merge commit 'origin/maint-0.2.1'
Conflicts:
	ChangeLog
	configure.in
	contrib/tor-mingw.nsi.in
	src/win32/orconfig.h
2009-07-07 12:42:24 -04:00
Nick Mathewson
258b980331 Make "Invalid onion hostname" msg respect SafeLogging.
Patch by Roger; fixes bug 1027.
2009-07-07 12:19:04 -04:00
Karsten Loesing
c0b6cb132b If configured, write entry-node statistics to disk periodically. 2009-07-05 20:48:16 +02:00
Karsten Loesing
b493a2ccb9 If configured, write cell statistics to disk periodically. 2009-07-05 19:53:25 +02:00
Karsten Loesing
c1f6c2ba30 Estimate v2 and v3 shares as mean values over measurement interval. 2009-07-04 22:17:08 +02:00
Karsten Loesing
4d6af73db8 If configured, write per-port exit statistics to disk periodically.
[Original patch series from Karsten, revised and squashed by Nick]
2009-07-02 12:37:05 -04:00
Nick Mathewson
078c34e28e Merge commit 'origin/maint-0.2.1'
[Didn't take Karsten's full bug 1024 workaround, since 0.2.2 doesn't
use v0 rend descs.]
2009-07-02 10:20:20 -04:00
Karsten Loesing
3e6bb050dd Make an attempt to fix bug 1024.
The internal error "could not find intro key" occurs when we want to send
an INTRODUCE1 cell over a recently finished introduction circuit and think
we built the introduction circuit with a v2 hidden service descriptor, but
cannot find the introduction key in our descriptor.

My first guess how we can end up in this situation is that we are wrong in
thinking that we built the introduction circuit based on a v2 hidden
service descriptor. This patch checks if we have a v0 descriptor, too, and
uses that instead.
2009-07-02 10:00:28 -04:00
Roger Dingledine
690db1331d another minor patch to add to 0.2.1.x
o Minor features:
    - If we're a relay and we change our IP address, be more verbose
      about the reason that made us change. Should help track down
      further bugs for relays on dynamic IP addresses.
2009-06-30 10:21:30 -04:00
Nick Mathewson
9f28cfe86a Merge commit 'origin/maint-0.2.1' 2009-06-30 10:13:51 -04:00
Roger Dingledine
e7bc189f7c the third piece of bug 969 fixing
when we write out our stability info, detect relays that have slipped
through the cracks. log about them and correct the problem.

if we continue to see a lot of these over time, it means there's another
spot where relays fall out of the routerlist without being marked as
unreachable.
2009-06-30 10:10:13 -04:00
Roger Dingledine
bdca5476da the second piece of bug 969 fixing
whenever we remove a relay from the main routerlist, tell the
rephist module that it's no longer running.
2009-06-30 10:10:13 -04:00
Roger Dingledine
0cd16c4ad3 the first piece of bug 969 fixing
tell the rephist module that a given relay is down whenever
we determine that it's down, not just when we thought it used
to be up.
2009-06-30 10:10:13 -04:00
Nick Mathewson
7ce767181f Have eventdns set the "truncated" bit correctly.
Fixed bug 1022; This isn't actually a live bug in Tor, since in Tor
we never generate large DNS replies.
2009-06-30 10:05:42 -04:00
Nick Mathewson
f466f3d12c Merge commit 'sebastian/geoipnotice' 2009-06-25 12:09:57 -04:00
Sebastian Hahn
38476e2555 Log a notice about collecting geoip stats 2009-06-25 18:06:52 +02:00
Roger Dingledine
9fc3d87827 stop capping bandwidths we see in the consensus
but continue capping bandwidths we see in local server
descriptors, if we have no consensus weights for them.
2009-06-25 11:38:05 -04:00
Nick Mathewson
d2cac1afc3 Merge commit 'origin/maint-0.2.1' 2009-06-24 19:02:00 -04:00
Marcus Griep
d308738919 Ignore control port commands after a QUIT
When a QUIT has been issued on a control port connection, then
ignore further commands on that port. This fixes bug 1016.
2009-06-24 00:10:22 -04:00
Marcus Griep
fa89c9f086 Flush long replies over control port on QUIT
Marks the control port connection for flushing before closing when
the QUIT command is issued. This allows a QUIT to be issued during
a long reply over the control port, flushing the reply and then
closing the connection. Fixes bug 1015.
2009-06-24 00:10:20 -04:00
Nick Mathewson
39551b494e Merge commit 'origin/maint-0.2.1' 2009-06-22 14:08:19 -04:00
Roger Dingledine
1aaab8288d Clients now use bandwidth values in the consensus
rather than the bandwidth values in each relay descriptor. This approach
opens the door to more accurate bandwidth estimates once the directory
authorities start doing active measurements. Implements more of proposal
141.
2009-06-22 14:01:34 -04:00
Nick Mathewson
3f4f6f9075 Merge commit 'origin/maint-0.2.1'
Conflicts:
	ChangeLog
2009-06-22 12:36:06 -04:00
Nick Mathewson
262455527a Serve DirPortFrontPage even if the write bucket is low.
arma's rationale: "I think this is a bug, since people intentionally
set DirPortFrontPage, so they really do want their relay to serve that
page when it's asked for. Having it appear only sometimes (or roughly
never in Sebastian's case) makes it way less useful."

Fixes bug 1013; bugfix on 0.2.1.8-alpha.
2009-06-22 12:34:32 -04:00
Karsten Loesing
e6a1e7001b Add warning that the results of --enable-geoip-stats are different from those in master. 2009-06-22 11:51:19 -04:00
Nick Mathewson
659fc13da5 Change proxy-address type to tor_addr_t to allow ipv6 proxies. 2009-06-19 12:48:00 -04:00
Nick Mathewson
015189b5df Move SOCKS reason-decoding switches into reasons.c 2009-06-19 12:40:23 -04:00
Christopher Davis
75472c19c3 Enable Tor to connect through SOCKS 4/5 proxies
Added a sanity check in config.c and a check in directory.c
directory_initiate_command_rend() to catch any direct connection attempts
when a socks proxy is configured.
2009-06-19 12:16:15 -04:00
Karsten Loesing
f266ecbeec Better fix for 997. 2009-06-19 16:26:02 +02:00
Karsten Loesing
20883f5e83 Revert "Backport fix for bug 997."
This reverts commit 3847f54945.
2009-06-19 15:46:13 +02:00
Nick Mathewson
df03d6eca8 Merge commit 'karsten/bug997-hidservfetch' 2009-06-16 16:26:02 -04:00
Karsten Loesing
3847f54945 Backport fix for bug 997.
Backporting 6a32beb and ca8708a.
2009-06-16 16:25:35 -04:00
Nick Mathewson
0d2976d64b Merge commit 'origin/maint-0.2.1' 2009-06-16 16:18:16 -04:00
Nick Mathewson
7f8a6c5e92 Revise earlier check for correct IPv4 addr length to check for ==4.
We need this to match the check in connection_ap_handshake_socks_resolved().

Found by optimist.
2009-06-16 16:12:06 -04:00
Karsten Loesing
ca8708a9ce Fix more of bug 997.
Fix refetching of hidden service descriptors when all introduction points
have turned out to not work.
2009-06-13 12:21:58 +02:00
Nick Mathewson
74bf885b2d Whitespace and osx fixes on libevent2 patch. 2009-06-12 15:09:09 -04:00
Nick Mathewson
1e709c79d1 Isolate Libevent API dependency to just main.c and dns.c in src/or.
The rest of the code was only including event.h so that it could see
EV_READ and EV_WRITE, which we were using as part of the
connection_watch_events interface for no very good reason.
2009-06-12 14:27:53 -04:00
Nick Mathewson
33b1d714e7 Make Tor compile with Libevent 1.0 again. 2009-06-12 14:27:53 -04:00
Nick Mathewson
c0af3cdfb6 Move the Libvent setup logic into compat_libevent from config.
This has been some pretty ugly and voodoo-laden code.  I've tried to
clean it up a bit, but more work probably remains.
2009-06-12 14:27:52 -04:00
Nick Mathewson
e5b88dc83f Update Tor to use Libevent 2.0 APIs when available.
This patch adds a new compat_libevent.[ch] set of files, and moves our
Libevent compatibility and utilitity functions there.  We build them
into a separate .a so that nothing else in src/commmon depends on
Libevent (partially fixing bug 507).

Also, do not use our own built-in evdns copy when we have Libevent
2.0, whose evdns is finally good enough (thus fixing Bug 920).
2009-06-12 14:27:52 -04:00
Roger Dingledine
845326317d Check answer_len in the remap_addr case of process_relay_cell_not_open.
Fix an edge case where a malicious exit relay could convince a
controller that the client's DNS question resolves to an internal IP
address. Bug found and fixed by "optimist"; bugfix on 0.1.2.8-beta.
2009-06-12 11:22:54 -04:00
Roger Dingledine
cb1617f18e Check answer_len in the remap_addr case of process_relay_cell_not_open.
Fix an edge case where a malicious exit relay could convince a
controller that the client's DNS question resolves to an internal IP
address. Bug found and fixed by "optimist"; bugfix on 0.1.2.8-beta.
2009-06-12 11:18:02 -04:00
Karsten Loesing
6a32beb877 Apply fix for bug 997.
Hidden service clients didn't use a cached service descriptor that
was older than 15 minutes, but wouldn't fetch a new one either. Now,
use a cached descriptor no matter how old it is and only fetch a new
one when all introduction points fail. Fix for bug 997. Patch from
Marcus Griep.
2009-06-12 11:39:35 +02:00
Karsten Loesing
77f5ad6b07 Restore changes from f79688d that got lost somehow during a merge. 2009-06-12 02:05:21 +02:00
Nick Mathewson
358efe1eea Merge commit 'origin/maint-0.2.1' 2009-06-08 00:01:31 -04:00
Nick Mathewson
20193fc7ab Avoid a memory corruption problem related to "private" in DirPolicy.
This is a posible fix for bug 996.
2009-06-05 19:41:40 -04:00
Nick Mathewson
4945fee65a Merge commit 'origin/maint-0.2.1' 2009-06-04 03:31:12 -04:00
Nick Mathewson
b262e76563 Fix gprof bottlenecks on exit nodes found by Jacob.
Apparently all the stuff that does a linear scan over all the DNS
cache entries can get really expensive when your DNS cache is very
large.  It's hard to say how much this will help performance, since
gprof doesn't count time spent in OpenSSL or zlib, but I'd guess 10%.

Also, this patch removes calls to assert_connection_ok() from inside
the read and write callbacks, which are similarly unneeded, and a
little costlier than I'm happy with.

This is probably worth backporting to 0.2.0.
2009-06-03 13:52:03 -04:00
Nick Mathewson
77ffd6b2a7 Merge commit 'origin/maint-0.2.1' 2009-05-31 19:17:22 -04:00
Nick Mathewson
c4c7dcd453 Do not report a node as a "chosen exit" when it is not in fact an exit.
Provide a useful warning when launch_circuit tries to make us use a
node we don't want to use.  Just give an info message when this is a
normal and okay situation.  Fix for logging issues in bug 984.
2009-05-31 19:15:36 -04:00
Nick Mathewson
e8ac2a8477 Make the second argument to routerset_contains_extendinfo const 2009-05-31 19:15:36 -04:00
Nick Mathewson
e84ddead34 Merge branch 'hardware_accel_improvements' 2009-05-31 13:36:50 -04:00
Nick Mathewson
3ca10bb62f Fix-ups for dynamic OpenSSL engine patch.
Include a changelog, and don't try to compare strings with !=.
2009-05-31 13:36:18 -04:00
Nick Mathewson
fd992deeea Don't attempt to log messages to a controller from a worker thread.
This patch adds a function to determine whether we're in the main
thread, and changes control_event_logmsg() to return immediately if
we're in a subthread.  This is necessary because otherwise we will
call connection_write_to_buf, which modifies non-locked data
structures.

Bugfix on 0.2.0.x; fix for at least one of the things currently
called "bug 977".
2009-05-30 18:16:24 -04:00
Karsten Loesing
dfebc88d56 Warn and exit when we are configured to measure GeoIP statistics, but have no GeoIP database. 2009-05-30 23:35:21 +02:00
Nick Mathewson
d66c379765 Clean up a bit of C logic, and fix an erroneous warning.
(Simplify "if (cond) return 1; return 0;" to "return cond;", and don't
give a warning when we start with accounting on but dirport off.)
2009-05-29 23:28:01 -04:00
Sebastian Hahn
e70fe116d3 Consider *ListenAddress when warning about low ports and hibernation
Tas (thanks!) noticed that when *ListenAddress is set, Tor would
still warn on startup when *Port is low and hibernation is active.
The patch parses all the *ListenAddress lines, and checks the
ports. Bugfix on 0.2.1.15-rc
2009-05-30 03:09:39 +02:00
Nick Mathewson
3599e9051e Restore changes from Karsten's "Remove unused rendversion parameters".
These were made undone by a merge.
2009-05-28 16:19:05 -04:00
Nick Mathewson
4913a8c4ba Merge commit 'origin/maint-0.2.1' 2009-05-28 16:07:49 -04:00
Nick Mathewson
873faffb5a Two more spelling fix fixes. 2009-05-28 12:26:17 -04:00
Nick Mathewson
260de44313 Fixes to spelling fixes. Thanks, Roger! 2009-05-28 12:22:48 -04:00
Nick Mathewson
cb18fc2190 Merge commit 'origin/maint-0.2.1' 2009-05-27 18:12:18 -04:00
Karsten Loesing
d49711e52c Fix unit tests that were broken after last fix of #932.
With the last fix of task 932 (5f03d6c), client requests are only added to
the history when they happen after the start of the current history. This
conflicts with the unit tests that insert current requests first (defining
the start of the client request history) followed by requests in the past.
The fix is to insert requests in chronological order in the unit tests.
2009-05-27 18:04:55 -04:00
Nick Mathewson
ec7e054668 Spell-check Tor. 2009-05-27 17:55:51 -04:00
Nick Mathewson
0e2618dd54 Merge commit 'origin/maint-0.2.1' 2009-05-27 14:20:18 -04:00
Nick Mathewson
181674e9bb Fix a signed/unsigned comparison warning 2009-05-27 14:19:24 -04:00
Karsten Loesing
54c97c9133 Change the way how directories that are configured with --enable-geoip-stats write geoip stats to disk.
- Write geoip stats to disk every 24 hours, not every hour.
- Remove configuration options and define reasonable defaults.
- Clear history of client requests every 24 hours (which wasn't done at
  all before).
2009-05-27 19:13:31 +02:00
Karsten Loesing
02a417d4e0 Improve documentation for the last fix of bug 932. 2009-05-27 19:10:55 +02:00
Karsten Loesing
5f03d6c547 Fix bug 932 even more.
Ignore connections two hours after switching from bridge to relay or back.
2009-05-27 19:10:54 +02:00
Karsten Loesing
bf7e5d6553 Some cleanups on geoip.c.
Use two bitfields for last_seen and action in clientmap_entry_t rather
than having both share a 32-bit. Also, documentation fixes.
2009-05-26 21:32:56 +02:00
Nick Mathewson
b805e5debf Merge commit 'origin/maint-0.2.1' into master.
Conflicts:
	ChangeLog
	configure.in
	contrib/tor-mingw.nsi.in
	src/win32/orconfig.h
2009-05-25 16:43:52 -04:00
Nick Mathewson
99c315a473 Use tor_socket_strerror in eventdns.c. Fixes bug 987. 2009-05-25 16:38:50 -04:00
Nick Mathewson
3b47be20ec Update newer control_event_stream_bandwidth code to revised control impl 2009-05-25 12:55:59 -04:00
Nick Mathewson
b998fed9b9 Remove support for events without the extended format or long names.
Supporting the old formats made our code complex; running without them
has been discouraged since 0.2.1.x.
2009-05-25 12:52:25 -04:00
Roger Dingledine
05e55d82b6 simplify options_act() 2009-05-24 20:31:50 -04:00
Roger Dingledine
9a4b0446b0 fix a comment 2009-05-24 20:31:50 -04:00
Sebastian Hahn
f26abf5f54 fix codestyle issues 2009-05-24 02:42:37 +02:00
Martin Peck
7703b887f5 Add support for dynamic OpenSSL hardware crypto acceleration engines. 2009-05-23 16:42:44 -07:00
Jacob Appelbaum
75f963e951 Log the number and size of DNS cache entries on SIGUSR1.
Specifically if you send SIGUSR1, it will add two lines to the log file:
May 22 07:41:59.576 [notice] Our DNS cache has 3364 entries.
May 22 07:41:59.576 [notice] Our DNS cache size is approximately 1022656
bytes.

[tweaked a bit by nickm]
2009-05-22 23:33:44 -04:00
Nick Mathewson
a3fadddd4a Improved bug-957 fix for 0.2.2.
Really, our idiocy was that we were calling event_set() on the same
event more than once, which sometimes led to us calling event_set() on
an event that was already inserted, thus making it look uninserted.
With this patch, we just initialize the timeout events when we create
the requests and nameservers, and we don't need to worry about
double-add and double-del cases at all.
2009-05-22 14:06:39 -04:00
Nick Mathewson
4201a3735f Merge commit 'origin/maint-0.2.1' 2009-05-22 11:56:51 -04:00
Nick Mathewson
1d002a25a2 Finish up the 0.2.1 version of the bug 957 fix.
Basically, all this means is downgrading our warning messages to debug
messages, since the bug workaround code here is adequate to stop the
bug.
2009-05-22 11:47:09 -04:00
phobos
678092750b fix a spelling mistake in config.c for "contries" 2009-05-22 01:26:17 -04:00
Nick Mathewson
79762aac17 Merge commit 'origin/maint-0.2.1' 2009-05-18 16:17:12 -04:00
Nick Mathewson
34030a3d23 Possible fix for crash bug related to event timeouts. [Bug 957]
If we ever add an event, then set it, then add it again, there will be
now two pointers to the event in the event base.  If we delete one and
free it, the first pointer will still be there, and possibly cause a
crash later.

This patch adds detection for this case to the code paths in
eventdns.c, and works around it.  If the warning message ever
displays, then a cleverer fix is in order.

{I am not too confident that this *is* the fix, since bug 957 is very
tricky.  If it is, it is a bugfix on 0.2.0.}
2009-05-18 16:12:39 -04:00
Nick Mathewson
14a549552a Merge branch 'maint-0.2.1' into merge_tmp 2009-05-17 02:11:34 -04:00
Roger Dingledine
2fa5410218 Fix a memory leak when v3 directory authorities load their keys
and cert from disk. Bugfix on 0.2.0.1-alpha.
2009-05-17 02:04:59 -04:00
Nick Mathewson
c0515b307c Fix valgrind error when marking a descriptor as never-downloadable.
When we got a descriptor that we (as an authority) rejected as totally
bad, we were freeing it, then using the digest in its RAM to look up its
download status.  Caught by arma with valgrind.  Bugfix on 0.2.1.9-alpha.
2009-05-17 02:01:09 -04:00
Mike Perry
29bf271ba2 Fix misreporting of stream bandwidths. 2009-05-14 17:52:26 -04:00
potentiate
1b61c8bf37 Fix misreporting of stream bandwidths. 2009-05-14 17:50:06 -04:00
Nick Mathewson
479d21254a Merge commit 'origin/maint-0.2.1' 2009-05-13 16:55:42 -04:00
Nick Mathewson
a38ed1a235 Use | with flags, not +. 2009-05-13 16:45:59 -04:00
Karsten Loesing
9e97067b2f Prevent bridges from publishing router descriptors.
Bridges are not supposed to publish router descriptors to the directory
authorities. It defeats the point of bridges when they are included in the
public relay directory.

This patch puts out a warning and exits when the node is configured as
a bridge and to publish v1, v2, or v3 descriptors at the same time.

Also fixes part of bug 932.
2009-05-13 16:45:59 -04:00
Nick Mathewson
fc091e8a96 When our bridge status changes, forget old geoip data.
This fixes bug 932, where all of our usage totals for users when we
were a regular server would get included in the extrainfo document.
2009-05-13 16:45:59 -04:00
Nick Mathewson
a271c5370a Merge commit 'origin/maint-0.2.1' into m3 2009-05-12 14:04:51 -04:00
Sebastian Hahn
a28215a150 Warn when hibernation and low-port on non-windows is configured
This addresses the first part of bug 918. Users are now warned when
they try to use hibernation in combination with a port below 1024
when they're not on Windows. We don't want to die here, because
people might run Tor as root, use a capabilities system or some
other platform that will allow them to re-attach low ports.

Wording suggested by Marian
2009-05-12 20:00:00 +02:00
Nick Mathewson
5fc08d1920 Merge 0.2.1 onto the development branch.
Manually resolved conflicts on version number; all else applied cleanly.
2009-05-12 13:57:58 -04:00
Nick Mathewson
88d81ead83 Better debugging output for bug 977 case.
(Don't crash immediately if we have leftover chunks to free after
freeing chunks in a buffer freelist; instead log a debugging message
that might help.)
2009-05-12 13:54:21 -04:00
Nick Mathewson
fdbdb4dc15 Include the *_sha1.i files in their own *_codedigest.c files.
This way we do not need to rebuild util.c and/or config.c whenever
any unrelated source file in src/common or src/or has changed.
2009-05-08 12:35:36 -04:00
Karsten Loesing
948835c680 Remove unused rendversion parameters. YAGNI. 2009-05-04 13:46:30 -04:00
Karsten Loesing
f79688ddef Clients do not request version 0 hidserv descs anymore. 2009-05-04 13:46:30 -04:00
Karsten Loesing
0d68da2381 Drop version 0 hidserv support on service side. 2009-05-04 13:46:29 -04:00
Karsten Loesing
9b32e8c141 Update copyright to 2009. 2009-05-04 11:28:27 -04:00
Karsten Loesing
4ebcc4da34 Update copyright to 2009. 2009-05-02 22:00:54 +02:00
Karsten Loesing
e25fdce900 Documentation fix. 2009-05-02 21:47:03 +02:00
Nick Mathewson
596e852c31 Remove the long-deprecated GETINFO addr-mappings/ 2009-05-01 06:25:18 -04:00
Nick Mathewson
6ac3a8b0cd Command-line option to dump SHA1 digests of all source files.
Now, when you call tor --digests, it dumps the SHA1 digest of each
source file that Tor was built with.  We support both 'sha1sum' and
'openssl sha1'.  If the user is building from a tarball and they
haven't edited anything, they don't need any program that calculates
SHA1.  If they _have_ modified a file but they don't have a program to
calculate SHA1, we try to build so we do not output digests.
2009-04-29 14:46:04 -04:00
Sebastian Hahn
5675be39a0 Return -1 in the error case from read_bandwidth_usage.
svn:r19367
2009-04-23 22:04:10 +00:00
Karsten Loesing
4e6120cffb Documentation fix.
svn:r19337
2009-04-16 08:25:36 +00:00
Roger Dingledine
39ceda7e05 Raise the minimum bandwidth to be a relay from 20000 bytes to 20480
bytes (aka 20KB/s), to match our documentation. Also update
directory authorities so they always assign the Fast flag to relays
with 20KB/s of capacity. Now people running relays won't suddenly
find themselves not seeing any use, if the network gets faster
on average.


svn:r19305
2009-04-12 07:56:58 +00:00
Roger Dingledine
c024928b63 For belt-and-suspenders, relays that don't set Address in their config
now avoid using begin_dir for all direct connections.


svn:r19296
2009-04-11 19:40:42 +00:00
Roger Dingledine
419d158c74 make it compile too
svn:r19295
2009-04-11 19:22:38 +00:00
Roger Dingledine
9c6b135e1a play make-believe that addr isn't a uint32_t
svn:r19293
2009-04-11 18:21:18 +00:00
Roger Dingledine
fa003351ae fix the same bug in two more locations (thanks to lark for prodding
me further)


svn:r19292
2009-04-11 18:19:57 +00:00
Roger Dingledine
8d82583d97 Finally fix the bug where dynamic-IP relays disappear when their
IP address changes: directory mirrors were mistakenly telling them
their old address if they asked via begin_dir, so they never got
an accurate answer about their new address, so they just vanished
after a day. Should fix bugs 827, 883, and 900 -- but alas, only
after every directory mirror has upgraded.


svn:r19291
2009-04-11 18:09:15 +00:00
Roger Dingledine
235a1196b3 only log that at loglevel notice if there's a problem with the
version. otherwise there's no reason to tell the user we're
doing behind-the-scenes cleaning.


svn:r19288
2009-04-11 12:06:27 +00:00
Roger Dingledine
48118b228e Clients replace entry guards that were chosen more than a few months
ago. This change should significantly improve client performance,
especially once more people upgrade, since relays that have been
a guard for a long time are currently overloaded.


svn:r19287
2009-04-11 12:00:18 +00:00
Roger Dingledine
7e32f0d5c8 fix a comment
svn:r19262
2009-04-11 00:40:11 +00:00
Roger Dingledine
93c0a81491 If the bridge config line doesn't specify a port, assume 443.
This makes bridge lines a bit smaller and easier for users to
understand.

Also, remove a duplicate changelog entry from the past.


svn:r19260
2009-04-11 00:16:05 +00:00
Sebastian Hahn
8390787a5f Directory authorities should accept a descriptor as changed when the relay operator changed the bandwithrate or bandwithburst settings.
svn:r19259
2009-04-11 00:12:52 +00:00
Roger Dingledine
c4145e5390 commit sebastian's patch to not require contactinfo when testingtornetwork
is set


svn:r19257
2009-04-10 07:02:19 +00:00
Nick Mathewson
d50501e5ed Fix a few crash bugs related to malormed descriptors. Lark found one; fuzzing found the rest.
svn:r19250
2009-04-09 19:58:16 +00:00
Roger Dingledine
ee58153b50 log more verbosely when we accept or decline a router descriptor,
to help track whether we received them when a relay operator claims
they got sent.


svn:r19213
2009-04-01 13:02:04 +00:00
Roger Dingledine
b4ceb830e0 if a directory authority declines our server descriptors because it's
not new enough, write that in the logs. might be helpful one day.


svn:r19195
2009-03-31 05:24:36 +00:00
Roger Dingledine
7170c5b4f8 Limit uploaded directory documents to be 16M rather than 500K.
The directory authorities were refusing v3 consensus votes from
other authorities, since the votes are now 504K. Fixes bug 959;
bugfix on 0.0.2pre17 (where we raised it from 50K to 500K ;).


svn:r19194
2009-03-31 04:03:37 +00:00
Roger Dingledine
793f1ce007 Directory authorities should never send a 503 "busy" response to
requests for votes or keys. Bugfix on 0.2.0.8-alpha; exposed by
bug 959.


svn:r19189
2009-03-31 01:29:07 +00:00
Nick Mathewson
b5135f1190 Whitespace cleanup.
svn:r19080
2009-03-18 19:30:37 +00:00
Nick Mathewson
c2f8d97212 Do not generate the non-verbose circuit path when generating a circuit event unless we will use it.
svn:r19079
2009-03-18 19:30:34 +00:00
Nick Mathewson
a335b43a67 If we have a routerstatus but no routerinfo to name a router, use the routerstatus instead when generating circuit events. Also refactor a little.
svn:r19078
2009-03-18 19:30:30 +00:00
Nick Mathewson
e591aafca4 Add a function to get a LongName from a routerstatus. Needed for partial bug 941 fix.
svn:r19077
2009-03-18 19:30:26 +00:00
Nick Mathewson
30ec1d1d50 Don't double-free successful_uploads.
When we used smartlist_free to free the list of succesful uploads
because we had succeeded in uploading everywhere, we did not actually
set the successful_uploads field to NULL, so later it would get freed
again in rend_service_descriptor_free.  Fix for bug 948; bug
introduced in 0.2.1.6-alpha.

svn:r19073
2009-03-18 14:35:24 +00:00
Nick Mathewson
ad7ebec24c Free very-old descriptors that we do not want to add. Fix for bug 672. Backport candidate
svn:r19057
2009-03-16 18:47:45 +00:00
Karsten Loesing
309080b6aa Make directory usage recording work again. Fixing bug introduced in r17009.
svn:r18924
2009-03-11 22:08:37 +00:00
Roger Dingledine
4e094ddc4d when we get an unrecognized relay streamid, log it
svn:r18919
2009-03-11 20:51:47 +00:00
Roger Dingledine
4774e593b8 Bugfix on r17756:
Avoid trying to print raw memory to the logs when we decide to
give up on downloading a given relay descriptor. Bugfix on
0.2.1.9-alpha.


svn:r18831
2009-03-09 22:05:17 +00:00
Nick Mathewson
d40cbda2cd Log cached-at-exit exit policies to try to fix bug 672.
svn:r18827
2009-03-09 15:53:37 +00:00
Roger Dingledine
5d50bc3e1d We were already rejecting relay begin cells with destination port
of 0. Now also reject extend cells with destination port or address
of 0. Suggested by lark.


svn:r18812
2009-03-09 00:53:42 +00:00
Nick Mathewson
cbbc0c9c86 Actually use tor_sscanf() to parse untrusted input.
svn:r18761
2009-03-03 18:02:36 +00:00
Nick Mathewson
26d83fc04c Add a simple locale-independent no-surprises sscanf replacement.
tor_sscanf() only handles %u and %s for now, which will make it
adequate to replace sscanf() for date/time/IP parsing.  We want this
to prevent attackers from constructing weirdly formed descriptors,
cells, addresses, HTTP responses, etc, that validate under some
locales but not others.

svn:r18760
2009-03-03 18:02:31 +00:00
Nick Mathewson
9f8d095e0f Add and use set/get_uint64 on onion tags. [bug 604; backportable]
It seems that 64-bit Sparc Solaris demands 64-bit-aligned access to
uint64_t, but does not 64-bit-align the stack-allocated char array we
use for cpuworker tags.  So this patch adds a set/get_uint64 pair, and
uses them to access the conn_id field in the tag.

svn:r18743
2009-03-02 19:15:05 +00:00
Nick Mathewson
27c3b43817 Fix one case of bug 929.
svn:r18683
2009-02-23 20:04:51 +00:00
Nick Mathewson
c7f3416a9e Add some debugging code to try to catch the likely cause of bug 929
svn:r18682
2009-02-23 18:57:21 +00:00
Nick Mathewson
261670b57e Patch from lark: if we get two extend cells for the same circuit id, drop the second. Previously, we had leaked an extend_info if the target connection was not open when the second arrived.
svn:r18668
2009-02-21 19:07:05 +00:00
Nick Mathewson
192b701fac Patch from lark: drop BEGIN cells from a rendevous circuit if they do not originate from the end of the circuit.
svn:r18667
2009-02-21 19:07:01 +00:00
Roger Dingledine
1b6688786c send the newconsensus event if the controller has asked for newconsensus
events, not if he's asked for ns events


svn:r18656
2009-02-20 10:25:08 +00:00
Nick Mathewson
b13496b62a Possible fix for broken country settings in ExcludeExitNodes.
It turns out that we weren't updating the _ExcludeExitNodesUnion set's
country numbers when we reloaded (or first loaded!) the IP-to-country
file.  Spotted by Lark.  Bugfix on 0.2.1.6-alpha.

svn:r18575
2009-02-16 15:15:06 +00:00
Roger Dingledine
d3289c6b87 docdoc and changelog for r18556
svn:r18566
2009-02-16 10:39:10 +00:00
Roger Dingledine
d13cc5f989 and list the new event here too
svn:r18557
2009-02-16 06:18:44 +00:00
Roger Dingledine
9ded433abb new controller event NEWCONSENSUS that lists the networkstatus
lines for every recommended relay.

still needs docdoc and changelog entry.


svn:r18556
2009-02-16 06:18:03 +00:00
Roger Dingledine
c8474f9d93 If the controller claimed responsibility for a stream, but that
stream never finished making its connection, it would live
forever in circuit_wait state. Now we close it after SocksTimeout
seconds. Bugfix on 0.1.2.7-alpha; reported by Mike Perry.


svn:r18516
2009-02-13 04:11:14 +00:00
Nick Mathewson
65dc835773 Revert an erroneous part of the non-fix to bug 326, and add comments to explain why it was erroneous.
svn:r18494
2009-02-11 17:23:11 +00:00
Nick Mathewson
6e4afe6f13 I worry that the CLEAR() macro in eventdns.c is hiding bugs. That is sad, because it was meant to make them more detectable. Change it to change stuff to garbage rather than to 0. If no bugs turn up, we can remove it in 0.2.2.x
svn:r18493
2009-02-11 17:22:34 +00:00
Nick Mathewson
8d9aadf57c Port some mostly cosmetic eventdns changes from libevent
svn:r18492
2009-02-11 17:22:29 +00:00
Nick Mathewson
356b40f58b Clients and non-caches do not need to cache unrecognized authority certificates.
svn:r18480
2009-02-10 20:28:30 +00:00
Karsten Loesing
34b285b09f As an exit node, scrub the IP address to which we are exiting in the logs. Bugfix on 0.2.1.8-alpha.
svn:r18477
2009-02-10 18:52:47 +00:00
Nick Mathewson
91fece7be2 Don't extend introduction circuits indefinitely.
Doing so could run you out of relay_early cells and give you a
senselessly long circuit.  Patch from Karsten; may fix bug 878.

svn:r18459
2009-02-10 00:45:30 +00:00
Nick Mathewson
6f90f6f2a2 Retry circuits if the exit node is optional and nonexistant.
Previously, when we had the chosen_exit set but marked optional, and
we failed because we couldn't find an onion key for it, we'd just give
up on the circuit.  But what we really want to do is try again, without
the forced exit node.

Spotted by rovv.  Another case of bug 752.  I think this might be
unreachable in our current code, but proposal 158 could change that.

svn:r18451
2009-02-09 16:55:48 +00:00
Nick Mathewson
c7315e65ae Disable KQUEUE from inside Tor if the OSX version is prior to 10.4.0
svn:r18450
2009-02-09 16:07:02 +00:00
Roger Dingledine
28d97f8262 uh, and commit the patch too.
svn:r18423
2009-02-09 03:13:14 +00:00
Nick Mathewson
fe987d3a17 Remove some deadcode and use tor_inet_aton uniformly.
svn:r18422
2009-02-09 03:13:05 +00:00
Nick Mathewson
2ebdf91a52 Fix a remote-crash bug. This will need a patch release.
svn:r18421
2009-02-09 03:13:02 +00:00
Roger Dingledine
3845087b04 decide that mikeperry's bug should be fixed in 0.2.1.x
(but not in 0.2.1.12-alpha, sorry)


svn:r18417
2009-02-09 02:50:19 +00:00
Roger Dingledine
decdf4537a If we're using bridges and our network goes away, be more willing
to forgive our bridges and try again when we get an application
request. Bugfix on 0.2.0.x.


svn:r18396
2009-02-04 23:27:35 +00:00
Roger Dingledine
45aeabf8f7 make a note about a clause in connection_edge.c that is probably
redundant, and is definitely confusing. we should take it out
in 0.2.2.x and see who squeaks.


svn:r18383
2009-02-04 08:27:36 +00:00
Nick Mathewson
261f49fe26 Fix a possible cause of bug 915 when parsing multiple votes one of which was bad. Bugfix on 0.2.0.8-alpha.
svn:r18354
2009-01-31 18:27:38 +00:00
Nick Mathewson
0f2e171653 fix a wide line.
svn:r18341
2009-01-30 15:23:44 +00:00
Nick Mathewson
e1f03572ca Support setting serverdnsrandomizecase during sighup. Backportable, unless too trivial.
svn:r18307
2009-01-28 19:53:03 +00:00
Nick Mathewson
f78793879d Fix a race condition on nameserver reconfiguration.
This resolves bug 526, wherein we would crash if the following
events occurred in this order:
  A: We're an OR, and one of our nameservers goes down.
  B: We launch a probe to it to see if it's up again. (We do this hourly
     in steady-state.)
  C: Before the probe finishes, we reconfigure our nameservers,
     usually because we got a SIGHUP and the resolve.conf file changed.
  D: The probe reply comes back, or times out. (There is a five-second
     window for this, after B has happens).

IOW, if one of our nameservers is down and our nameserver
configuration has changed, there were 5 seconds per hour where HUPing
the server was unsafe.

Bugfix on 0.1.2.1-alpha.  Too obscure to backport.

svn:r18306
2009-01-28 18:26:20 +00:00
Nick Mathewson
e06de61d84 Don't obsolete a very-new connection for having no circuits yet.
This fixes the last known case of bug 891, which could happen if two
hosts, A and B, disagree about how long a circuit has been open,
because of clock drift of some kind.  Host A would then mark the
connection as is_bad_for_new_circs when it got too old and open a new
connection.  In between when B receives a NETINFO cell on the new
conn, and when B receives a conn cell on the new circuit, the new
circuit will seem worse to B than the old one, and so B will mark it
as is_bad_for_new_circs in the second or third loop of
connection_or_group_set_badness().

Bugfix on 0.1.1.13-alpha.  Bug found by rovv.

Not a backport candidate: the bug is too obscure and the fix too tricky.

svn:r18303
2009-01-28 17:36:41 +00:00
Nick Mathewson
0d5f4d4e73 Remove some dead code.
svn:r18301
2009-01-28 17:36:34 +00:00
Nick Mathewson
8027c8c6dd Forward-port: Fix bug 893: check AP connections for markedness before expiring them.
svn:r18299
2009-01-28 16:30:06 +00:00
Nick Mathewson
ef001cf85d Actually send the extra_headers content in write_http_response_header_impl. This make X-Descriptor-Now-New get sent. Bugfix on 0.2.0.10-alpha. Spotted by "multiplication".
svn:r18297
2009-01-28 16:06:46 +00:00
Roger Dingledine
9fdae765e3 clean up r18287
svn:r18288
2009-01-28 07:16:22 +00:00
Roger Dingledine
edff606317 patch from matt to implement 'getinfo status/clients-seen'
svn:r18287
2009-01-28 06:50:36 +00:00
Roger Dingledine
59f57a0117 gah. yet another place that needs to be edited when we add
a new event. what a mess.


svn:r18277
2009-01-27 04:43:43 +00:00
Nick Mathewson
25c6ff6f55 Support 64-bit time_t. Patch from Matthias Drochner. Partial backport candidate.
svn:r18234
2009-01-22 16:28:12 +00:00
Nick Mathewson
8ebceeb352 Make sure that even in the weird fiddly paths that lead to init_keys,
crypto_global_init gets called.  Also have it be crypto_global_init
that calls crypto_seed_rng, so we are not dependent on OpenSSL's
RAND_poll in these fiddly cases.

Should fix bug 907.  Bugfix on 0.0.9pre6.  Backport candidate.

svn:r18210
2009-01-21 15:38:39 +00:00
Roger Dingledine
a5a6b9a08a Let controllers actually ask for the "clients_seen" event. Bugfix
on 0.2.1.10-alpha; reported by Matt Edman.


svn:r18201
2009-01-21 03:24:27 +00:00
Nick Mathewson
87124f54d0 This patch changes the default location where config and data files
are stored when the --enable-local-appdata option is configured.  This
changes the Windows path from %APPDATA% to a host local
%USERPROFILE%\Local Settings\Application Data\ path (aka,
LOCAL_APPDATA).

Patch from coderman.



svn:r18122
2009-01-15 23:07:11 +00:00
Nick Mathewson
a899f5eaf2 make an assert tighter and replace another with an if.
svn:r18102
2009-01-14 06:36:33 +00:00
Nick Mathewson
6bf5d49b8a Now that we can hit the end of router_rebuild_store before chunk_list is set, we need to test it before freeing it.
svn:r18101
2009-01-14 06:36:30 +00:00
Nick Mathewson
d7be03427d Refactor MIN_IPS_TO_NOTE_* macros in geoip.c: simplify code.
It was dumb to have an "announce the value if it's over 0" version of
the code coexisting with an "announce the value if it's at least N"
version.  Retain the latter only, with N set to 1.

Incidentally, this should fix a Coverity REVERSE_INULL warning.

svn:r18100
2009-01-14 06:20:57 +00:00
Nick Mathewson
2aaf71826d Fix a compile warning on win32.
svn:r18099
2009-01-14 04:03:24 +00:00
Karsten Loesing
42c824b405 True, 17 is greater than 0. But this applies to 4111 as well.
svn:r18097
2009-01-13 15:02:32 +00:00
Nick Mathewson
a33452c401 Fix up (I hope) most ot the things that coverity suddenly claimed were REVERSE_INULL. This is what we get for bragging about being down to 0 issues.
svn:r18096
2009-01-13 14:43:51 +00:00
Nick Mathewson
c32a4ce6b3 Do the tor_assert hack everywhere in test_crypto_aes_iv.
svn:r18095
2009-01-13 14:43:46 +00:00
Nick Mathewson
dbc8a44bae Fix ServerDNSRandomizeCase so that setting it to 0 works.
Bugfix on 0.2.1.7-alpha.  Backport candidate. Fixes bug 905.

svn:r18063
2009-01-10 14:38:14 +00:00
Nick Mathewson
a0a5440826 Make the last bunch of libevent version detection silliness work on macosx.
svn:r18015
2009-01-07 21:13:02 +00:00
Nick Mathewson
a6504cdea7 Check that Libevent header version matches Libevent library version.
Unfortunately, old Libevents don't _put_ a version in their headers, so
this can get a little tricky.  Fortunately, the only binary-compatibility
issue we care about is the size of struct event.  Even more fortunately,
Libevent 2.0 will let us keep binary compatiblity forever by letting us
decouple ourselves from the structs, if we like.

svn:r18014
2009-01-07 21:05:02 +00:00
Roger Dingledine
c123163043 Discard router descriptors as we load them if they are more than
five days old. Otherwise if Tor is off for a long time and then
starts with cached descriptors, it will try to use the onion
keys in those obsolete descriptors when building circuits. Bugfix
on 0.2.0.x. Fixes bug 887.


svn:r17993
2009-01-07 02:13:42 +00:00
Roger Dingledine
18ffea77ae actually find the right identity_digest to blame when we get
a destroy cell from our first hop.


svn:r17991
2009-01-07 00:30:12 +00:00
Roger Dingledine
bf33182459 well, that was a disaster. this time for sure.
svn:r17989
2009-01-06 22:20:31 +00:00
Roger Dingledine
c052494a4f no actual changes besides a seg fault on startup, i meant
svn:r17986
2009-01-06 21:42:05 +00:00
Roger Dingledine
cdda852cec simplify. no actual changes i think. ;)
svn:r17985
2009-01-06 21:31:46 +00:00
Roger Dingledine
b36a98ff5a When our circuit fails at the first hop (e.g. we get a destroy
cell back), avoid using that OR connection anymore, and also
tell all the one-hop directory requests waiting for it that they
should fail. Bugfix on 0.2.1.3-alpha.


svn:r17984
2009-01-06 21:28:48 +00:00
Nick Mathewson
462f64b6b9 Make outgoing DNS requests respect OutboundBindAddress.
Fixes the bug part of bug 789.

svn:r17983
2009-01-06 20:50:55 +00:00
Roger Dingledine
4f27e73aaa clarify which relay gave us the good netinfo cell
svn:r17973
2009-01-06 19:21:47 +00:00
Roger Dingledine
68806c7fb7 When a relay gets a create cell it can't decrypt (e.g. because it's
using the wrong onion key), we were dropping it and letting the
client time out. Now actually answer with a destroy cell. Bugfix
on 0.0.2pre8.


svn:r17970
2009-01-06 19:03:15 +00:00
Roger Dingledine
0955a1b9e1 Jan 06 13:03:57.309 [info] networkstatus_set_current_consensus(): Loaded an obsolete consensus. Discarding.
Jan 06 13:03:57.309 [warn] Couldn't load consensus networkstatus from "bridge/cached-consensus"

doesn't need a real warn.


svn:r17969
2009-01-06 18:06:49 +00:00
Nick Mathewson
5e44581412 Clean up (and mark for 0.2.2.) comments relating to non-beauty of current bug-743 fix.
svn:r17966
2009-01-06 17:37:22 +00:00
Nick Mathewson
6f1ceaefaa Slightly better messages on ControlListenAddress 0.0.0.0
svn:r17963
2009-01-06 16:57:42 +00:00
Roger Dingledine
e127072318 Prevent bridge relays from serving their 'extrainfo' document
to anybody who asks, now that extrainfo docs include potentially
sensitive aggregated client geoip summaries.


svn:r17958
2009-01-06 16:03:38 +00:00
Nick Mathewson
9abfb564a0 Make dirserv_get_routerdesc_fingerprints() treat extrainfos with send_unencrypted==0 correctly. Irrelevant, since we will soon never send them at all.
svn:r17953
2009-01-06 15:37:51 +00:00
Roger Dingledine
d95b63f1e4 Bugfix on r13098. Backport candidate.
When we made bridge authorities stop serving bridge descriptors over
unencrypted links, we also broke DirPort reachability testing for
bridges. So bridges with a non-zero DirPort were printing spurious
warns to their logs. Bugfix on 0.2.0.16-alpha. Fixes bug 709.


svn:r17945
2009-01-06 07:13:24 +00:00
Nick Mathewson
f772fc0c36 apply a variant of rovv's bug 872 patch, and document that we want a better solution for 0.2.2.x.
svn:r17924
2009-01-05 20:52:14 +00:00
Roger Dingledine
e3388230c4 Bridge relays that had DirPort set to 0 would stop fetching
descriptors shortly after startup, and then briefly resume
after a new bandwidth test and/or after publishing a new bridge
descriptor. Bridge users that try to bootstrap from them would
get a recent networkstatus but would get descriptors from up to
18 hours earlier, meaning most of the descriptors were obsolete
already. Reported by Tas; bugfix on 0.2.0.13-alpha.


svn:r17920
2009-01-05 18:54:11 +00:00
Roger Dingledine
9e75c06197 If the cached networkstatus consensus is more than five days old,
discard it rather than trying to use it. In theory it could
be useful because it lists alternate directory mirrors, but in
practice it just means we spend many minutes trying directory
mirrors that are long gone from the network. Helps bug 887 a bit;
bugfix on 0.2.0.x.


svn:r17917
2009-01-05 16:56:11 +00:00
Mike Perry
da430cfcf7 Preserve reporting of stream end reasons to the local control
port.  They were lost in the changes for Proposal 148.



svn:r17911
2009-01-05 14:14:57 +00:00
Karsten Loesing
fe9790740f Use doxygen-style comments instead of C-style comments.
svn:r17893
2009-01-04 23:44:43 +00:00
Nick Mathewson
743c6c8277 OpenBSD malloc.h believes that you should be able to detect headers with autoconf, or build without warnings, but not both. So never include malloc.h on OpenBSD. Backport candidate.
svn:r17891
2009-01-04 22:47:42 +00:00
Karsten Loesing
26482e855b Document some variables used for generating statistics on usage of V0 hidden service directory authorities.
svn:r17890
2009-01-04 19:59:35 +00:00
Nick Mathewson
92ce533f71 Another round of downgrading removing or postponing XXXX021 issues. Some remain, though.
svn:r17888
2009-01-04 19:47:21 +00:00
Nick Mathewson
9c94b428d9 Fix the oldest bug in a while: stop accepting 1.2.3 as a valid IPv4 address on any platform.
svn:r17887
2009-01-04 19:47:17 +00:00
Nick Mathewson
360a059948 Fix an xxx021: do not remove routerinfos as too old and unlisted unless we have a consensus. Backport candidate.
svn:r17886
2009-01-04 19:47:12 +00:00
Nick Mathewson
c4b8fef362 Remove svn $Id$s from our source, and remove tor --version --version.
The subversion $Id$ fields made every commit force a rebuild of
whatever file got committed.  They were not actually useful for
telling the version of Tor files in the wild.

svn:r17867
2009-01-04 00:35:51 +00:00
Nick Mathewson
9201586ed5 Another attempt at fixing coverity scan CID 361.
svn:r17863
2009-01-03 23:06:12 +00:00
Nick Mathewson
9c20441bcb Only set sin_len/sin6_len when they exist.
svn:r17851
2009-01-02 20:57:10 +00:00
Roger Dingledine
89d268848f take out my IMPOSSIBLE_TO_DOWNLOAD+1 hack
svn:r17850
2009-01-02 20:46:32 +00:00
Nick Mathewson
48f2ce298b Try harder to make sure we zero-out the extraneous sockaddr fields and that we set sockaddr_len. Conceivably a backport candidate, though nothing has yet been sen to break.
svn:r17849
2009-01-02 20:39:38 +00:00
Nick Mathewson
b07baba879 Increment n_download_failures up to IMPOSSIBLE_TO_DOWNLOAD-1, not up to IMPOSSIBLE_TO_DOWNLOAD.
svn:r17835
2008-12-31 17:22:18 +00:00
Roger Dingledine
dfc6555ddd switch over the bridge descriptor download mechanism to
use the same download mechanism as other places.

i had to make an ugly hack around "IMPOSSIBLE_TO_DOWNLOAD+1".
we should unhack that sometime.


svn:r17834
2008-12-31 14:19:57 +00:00
Roger Dingledine
9ea7e7f0cd fix a bug in download failure logging; don't do this "stop
downloading forever" thing with bridge descriptor downloads.


svn:r17833
2008-12-31 14:11:46 +00:00
Karsten Loesing
9a04358d87 Debug code for task 878.
svn:r17828
2008-12-30 11:43:50 +00:00
Nick Mathewson
52932d6f1a Remove some code that is #ifdefed out, and that we no longer seem to use, if we ever did.
svn:r17827
2008-12-30 04:16:49 +00:00
Nick Mathewson
ffe22fab9b Indeed, arma was right. There was one ntohl too many in debug_ntop in eventdns.c
svn:r17826
2008-12-30 04:08:45 +00:00
Roger Dingledine
c190842a34 point out the bug location to nick. unless i'm wrong.
svn:r17825
2008-12-30 02:36:11 +00:00
Nick Mathewson
3a8a2cb2de Downgrade some xxx021s, comment more on others, etc
svn:r17823
2008-12-29 20:17:24 +00:00
Nick Mathewson
8625297cee Actually log reasons on unusable guards again.
svn:r17822
2008-12-29 20:17:20 +00:00
Nick Mathewson
d640e2ab00 Spec compliance: if weighted MTBF of a router is at least 5 days, always vote it as Stable.
svn:r17821
2008-12-29 20:17:18 +00:00
Nick Mathewson
f7fb1bf931 Refactor sockaddr family match check into a new function
svn:r17820
2008-12-29 19:57:17 +00:00
Nick Mathewson
83491796ee Explain why the XXXX021 in connection_or.c was there, and explain why it doesn' actually need to get fixed in 0.2.1, I think.
svn:r17819
2008-12-29 19:57:13 +00:00
Nick Mathewson
45bd6c650d Replace kludgy assert with something a little less awful, and avoid needless strlcpy in rend descriptor encoding.
svn:r17818
2008-12-29 19:57:08 +00:00
Nick Mathewson
76a2e11f91 Downgrade the last xxx021 in routerparse. The duplicate code stands for now.
svn:r17817
2008-12-29 19:57:04 +00:00
Nick Mathewson
c1c7f982d9 Do not not cannibalize a circuit that has run out of RELAY_EARLY cells. Partial bug 878 fix.
svn:r17815
2008-12-29 19:55:17 +00:00
Nick Mathewson
145ead96ed Do not cannibalize a circuit that has run out of RELAY_EARLY cells. Partial bug 878 fix.
svn:r17814
2008-12-29 19:55:13 +00:00
Nick Mathewson
a332805a55 Extact parse-the-token-arguments to its own function, and change it to a single-pass algorithm. This simplifies the parsing code and speeds it up a little.
svn:r17812
2008-12-29 16:54:56 +00:00
Nick Mathewson
fa6e72dc4b Remove a call to find_whitespace_eos that didn't actually do anything.
svn:r17811
2008-12-29 16:54:51 +00:00
Nick Mathewson
a42e82b0de While I'm at it, refactor control.c a little so that the dead code no longer exists.
svn:r17810
2008-12-29 14:21:25 +00:00
Nick Mathewson
272b007268 coverity thinks it's dumb to check networkstatus_v2_list in one place and not another. Coverity has a point, even though the check may be redundant. CID 361.
svn:r17809
2008-12-29 14:06:47 +00:00
Nick Mathewson
2c4097e99d More compilation tweaks on Android: fix two clear errors in our code that apparently the compiler cares about there.
svn:r17808
2008-12-29 04:01:58 +00:00
Nick Mathewson
e8a3fa91a6 Use a consistent naming standard for header file guard macros, taking care not to collide with any system headers. This tripped us up on Android.
svn:r17805
2008-12-29 02:21:02 +00:00
Nick Mathewson
46f8ef8116 Switch address comparisons in policies to be exact rather than semantic. Until we do ipv6 exit policies and until we know whether we even allow ::ffff:0:0/96 addresses, there is no point in doing "semantic" comparisons. This was also showing up on oprofile.
svn:r17803
2008-12-29 01:47:33 +00:00
Nick Mathewson
870fd18b8f Refactor some exit-policy-related functions that showed up in oprofile.
Specifically, split compare_tor_addr_to_addr_policy() from a loop with a bunch
of complicated ifs inside into some ifs, each with a simple loop.  Rearrange
router_find_exact_exit_enclave() to run a little faster.  Bizarrely,
router_policy_rejects_all() shows up on oprofile, so precalculate it per
routerinfo.

svn:r17802
2008-12-29 01:47:28 +00:00
Nick Mathewson
ae71b52945 remove the responsibility for setting listensocklen to the function that made the sockaddr
svn:r17799
2008-12-27 15:46:13 +00:00
Roger Dingledine
365c72246c partial move to letting bridge descriptor fetches use our new (well,
new from their perspective) directory download schedule abstraction.

not done yet, but i'd better get this out of my sandbox before nick
does another sweeping change. :)


svn:r17798
2008-12-27 07:30:47 +00:00
Roger Dingledine
5519e633ec New controller event "clients_seen" to report a geoip-based summary
of which countries we've seen clients from recently. Now controllers
like Vidalia can show bridge operators that they're actually making
a difference.


svn:r17796
2008-12-27 06:50:07 +00:00
Nick Mathewson
0c5e03fa21 Remove a deprecated controller alias; make another one generate a warning.
svn:r17793
2008-12-27 00:20:08 +00:00
Nick Mathewson
a87335472c Make connection_create_listener take a sockaddr_len, not just a sockaddr whose length we try to divine.
svn:r17792
2008-12-27 00:20:06 +00:00
Nick Mathewson
b3b14bf25d Add some early checks to keep ipv6 addresses from failing by accident. Now, they fail on purpose, at least till 0.2.2.something.
svn:r17791
2008-12-26 22:51:25 +00:00
Nick Mathewson
61722638ea Refactor tor_addr_compare_masked() so that CMP_SEMANTIC makes more sense, and has decent semantics for maskbits; and so that CMP_EXACT works right for bits==0.
svn:r17788
2008-12-26 20:37:18 +00:00
Nick Mathewson
f7adc017c4 Document and make more conservative the logic for picking the size of the bloom filter to use for retaining descriptors.
svn:r17786
2008-12-26 17:35:36 +00:00
Nick Mathewson
0f9f45ff33 Document the pk operation count fields in rephist.c, and move them into a struct for clarity, and change their type to what we actually want to cast them to.
svn:r17784
2008-12-26 17:35:12 +00:00
Nick Mathewson
df5e8f65bc Add more missing documentation, and correct an error in container.c documentation: Don't introduce two parameters called n when you're calling an algorithm O(n).
svn:r17783
2008-12-26 17:35:08 +00:00
Roger Dingledine
2a42986c96 ok, fair enough, some of these variables were time_t's after all
svn:r17777
2008-12-25 20:16:22 +00:00
Roger Dingledine
4ff04fda77 so which is it? TIME_MAX or INT_MAX? pick INT_MAX for now.
svn:r17772
2008-12-25 15:42:03 +00:00
Roger Dingledine
a12c3f2c86 some fixes i found in my sandbox
svn:r17771
2008-12-25 15:37:47 +00:00
Nick Mathewson
272e64e674 Use the literal parse of an address in dns_resolve_impl if parsing the address as an ipv4 or ipv6 address _succeeded_. Not if it failed. Bug introduced in r17707 (post 0.2.1.8-alpha), and found by xiando.
svn:r17758
2008-12-24 02:38:07 +00:00
Nick Mathewson
df608fef45 Checkpoint my big bug-891 patch.
svn:r17757
2008-12-24 02:38:04 +00:00
Nick Mathewson
ac2f6b608a Patch from Sebiastian for bug 888: mark a descriptor as "Impossible" if we reject it after downloading it so that we do not download it again
svn:r17756
2008-12-23 21:17:52 +00:00
Nick Mathewson
e6bf9fdf94 Remove bogus extern declaration for unused (and nonexistant) field from test.c
svn:r17755
2008-12-23 17:56:39 +00:00
Nick Mathewson
558e9899e4 Document most undocumented variables.
svn:r17754
2008-12-23 17:56:31 +00:00
Nick Mathewson
b4d387c28b Make freelist_len in memarea.c static; document a few variables.
svn:r17741
2008-12-22 19:14:08 +00:00
Nick Mathewson
7d79bec54d Expose bench_* functions via test cli
svn:r17740
2008-12-22 19:00:09 +00:00
Nick Mathewson
b68379b13b Add DOCDOC entries for undocumented static and global variables.
svn:r17739
2008-12-22 19:00:05 +00:00
Nick Mathewson
43b111535a Make doxygen not complain about the way we spell CRLFNUL in control.c
svn:r17735
2008-12-22 17:53:30 +00:00
Nick Mathewson
1e5f457461 Fix most DOCDOCs remaining and/or added by redox.
svn:r17734
2008-12-22 17:53:04 +00:00
Nick Mathewson
167d266dbf Documentation and conformance for WRA_* returns.
shahn: "Add some documentation for the WRA_* family of functions, also make
sure that (hopefully) all functions that return was_router_added_t
don't return ints directly and that they don't refer to integers in
their documentation anymore."

svn:r17731
2008-12-22 16:37:20 +00:00
Nick Mathewson
1e666bfcc1 Partially apply bug 891 parch from forest: check EXTEND cell address against real_addr, not addr. I have questions about the rest of the patch: see the flyspray entry.
svn:r17730
2008-12-22 16:22:04 +00:00
Nick Mathewson
1725c0c8a5 Add DOCDOC comments for all undocumented functions. Add missing *s to other comments so that they will get recognized as doxygen.
svn:r17729
2008-12-22 14:56:28 +00:00
Nick Mathewson
55348884b5 Fix all of the doxygen warnings not pertaining to missing documentation.
svn:r17727
2008-12-22 14:56:16 +00:00
Roger Dingledine
df89748388 fix typo noticed by wood
svn:r17726
2008-12-22 09:52:56 +00:00
Roger Dingledine
0f6514e041 some windows users are outraged that tor refuses to work even
when their clock and date are correct, if their timezone is
totally wrong. now we at least tell them.


svn:r17725
2008-12-22 09:10:06 +00:00
Roger Dingledine
0c6ff7d990 the default should not be the notify the poster, unless something
more extreme happens. the default should be to be quiet unless
something more extreme happens.

at least, this doesn't generate complaints anymore. perhaps that
means it is working better? :)


svn:r17724
2008-12-22 06:25:49 +00:00
Roger Dingledine
7262bf5eab fix a fun bug on r17656 that was making us send HTTP/1.0 404 as
the message body, no matter the message headers, when answering
a descriptor or extrainfo post request.


svn:r17723
2008-12-22 06:21:28 +00:00
Nick Mathewson
e36c7a74bd Yet still more propagating of things that need to be was_router_added_t now.
svn:r17722
2008-12-22 05:21:49 +00:00
Nick Mathewson
98a376fab1 More propagating of things that need to be was_router_added_t now.
svn:r17721
2008-12-22 04:53:11 +00:00
Nick Mathewson
df22dcb602 WRA_MORE_SEVERE is not WRA_GET_MORE_SEVERE.
svn:r17720
2008-12-22 04:36:52 +00:00
Karsten Loesing
61055ae719 gabelmoo has a new IP address (once more).
svn:r17717
2008-12-22 00:48:10 +00:00
Nick Mathewson
029be5ad02 Move in-addr.arpa parsing and generation into address.c, and simplify the code that does it elsewhere. Incidentally, this lets exit servers answer requests for ip6.arpa addresses.
svn:r17707
2008-12-19 18:52:00 +00:00
Nick Mathewson
a259af179b When we need to open a new origin circuit, log why.
svn:r17705
2008-12-19 18:51:49 +00:00
Nick Mathewson
16f1d4cb72 Doc RRS_DONT_REMOVE_OLD; improve router_rebuild_store documentation.
svn:r17704
2008-12-19 18:51:44 +00:00
Nick Mathewson
8c90a4b7ee More approx_time() calls. Noted by forest.
svn:r17702
2008-12-19 18:51:35 +00:00
Nick Mathewson
c67bd80487 Make cell pools always-on.
svn:r17692
2008-12-18 17:28:50 +00:00
Nick Mathewson
c3e4b12e7f Why were we using gettimeofday() in second_elapsed_callback? We were only ever looking at the tv_sec field.
svn:r17691
2008-12-18 17:19:23 +00:00
Nick Mathewson
bf80e2df3f Replace calls to time(NULL) that occur on the order of once per read, one per write, or once per cell with calls to a function that looks at a cached value of time. This is tricksy to benchmark, since it will only help on systems where time() is a syscall and syscalls are relatively slow.
svn:r17690
2008-12-18 17:19:04 +00:00
Nick Mathewson
b91335117f Document the purpose argument of circuit_find_to_cannibalize
svn:r17689
2008-12-18 17:18:14 +00:00
Nick Mathewson
122170c1d3 Downlgrade tweak, and answer lots of XXX021s. No actual code fixes in this patch.
svn:r17686
2008-12-18 16:11:24 +00:00
Nick Mathewson
c449e6e5be whitespace fixes.
svn:r17683
2008-12-18 16:11:08 +00:00
Nick Mathewson
ecaee1d927 Remove fixed xxx020s; downgrade unfixed ones.
(The unfixed ones are being downgraded to regular XXXs mainly on the rationale that they don't seem to be exploding Tor, and they were apparently not showstoppers for 0.2.0.x-final.)

svn:r17682
2008-12-18 16:11:03 +00:00
Nick Mathewson
f9133f2528 Fix a memory leak of one address string per DNSPort request.
svn:r17681
2008-12-18 15:00:27 +00:00
Nick Mathewson
148e4e8837 Do not leak the DNS server port structure.
svn:r17680
2008-12-18 15:00:18 +00:00
Nick Mathewson
4911ec627b Call release_lockfile() before exiting.
svn:r17679
2008-12-18 15:00:13 +00:00
Nick Mathewson
290b6f54a3 Make unit tests slower but more reliable by disabling an old optimization.
To turn it back on, re-define CACHE_GENERATED_KEYS option in test.c.

svn:r17677
2008-12-18 06:12:19 +00:00
Nick Mathewson
8ba2a15a49 Fix more leaks in unit tests.
svn:r17676
2008-12-18 06:02:23 +00:00
Nick Mathewson
1b735e46dd Make it possible to call set_onion_key twice without leaking RAM.
svn:r17673
2008-12-18 05:40:57 +00:00
Nick Mathewson
cebdf93949 Fix bug 889: share deep-copied keys between threads to avoid races in reference counts. Bugfix on 0.1.0.1-rc.
svn:r17672
2008-12-18 05:28:27 +00:00
Roger Dingledine
7b5be147ee fix a minor memory leak if we start up as a relay but don't
have any files in the cached-status/ directory


svn:r17671
2008-12-18 05:15:11 +00:00
Nick Mathewson
d597b23c42 Massage a little code to hopfully please coverity.
svn:r17669
2008-12-18 04:45:51 +00:00
Nick Mathewson
f3f6daf819 Avoid nop call to control_event_or_authdir_new_descriptor that makes coverity think we are dereferencing a null pointer. It is safe, I think, but entirely too clever for our own good.
svn:r17668
2008-12-18 04:45:47 +00:00
Nick Mathewson
676175103d Fix a valgrind-located memory stomp. Bugfix on 0.2.1.6-alpha.
svn:r17667
2008-12-18 04:27:23 +00:00
Nick Mathewson
5c235cb5ec Fix memory leak in rend_cache_store_v2_desc_as_client(), and refactor the function to use the "goto err" idiom.
svn:r17665
2008-12-18 00:11:49 +00:00
Nick Mathewson
1510d50fab Oops: SeverDNS->ServerDNS.
svn:r17664
2008-12-17 23:20:07 +00:00
Nick Mathewson
7d92053286 Remove RedirectExit feature; it has been deprecated since 0.2.0.3-alpha
svn:r17663
2008-12-17 23:02:04 +00:00
Nick Mathewson
6693f32530 Resolve many DOCDOCs.
svn:r17662
2008-12-17 22:58:20 +00:00
Nick Mathewson
2ad36f68c8 Rename ServerDNSAllowBrokenResolvConf to ServerDNSAllowBrokenConfig.
(Many users have no idea what a resolv.conf is, and shouldn't be forced to learn.  The old option will keep working for now.)
Also, document it.

svn:r17661
2008-12-17 22:58:14 +00:00
Roger Dingledine
03f413f5c7 declare that we're putting out 0.2.1.9-alpha next week
svn:r17659
2008-12-17 22:46:00 +00:00
Roger Dingledine
048f2a179b Clip the MaxCircuitDirtiness config option to a minimum of 10
seconds. Warn the user if lower values are given in the
configuration. Bugfix on 0.1.0.1-rc. Patch by Sebastian.
Clip the CircuitBuildTimeout to a minimum of 30 seconds. Warn the
user if lower values are given in the configuration. Bugfix on
0.1.1.17-rc. Patch by Sebastian.


svn:r17657
2008-12-17 22:32:17 +00:00
Nick Mathewson
33e2053ebc Make return code from router_add_to_routerlist a nice sensible enum. Based on patch from Sebastian.
svn:r17656
2008-12-17 21:50:01 +00:00
Nick Mathewson
2de9bd7bae Rename a couple of v2-networkstatus-only fields so that it is clear they are v2-networkstatus-only.
svn:r17652
2008-12-17 17:20:48 +00:00
Nick Mathewson
f43bcdc063 Use ctags and a python script to find identifiers that are never used anywhere, and remove the ones that we really want gone.
svn:r17651
2008-12-17 17:20:42 +00:00
Nick Mathewson
fc5e686b19 Whitespace fix.
svn:r17650
2008-12-17 17:20:36 +00:00
Nick Mathewson
1beb1c113b Add some missing documentation in or.h
svn:r17649
2008-12-17 17:20:31 +00:00
Nick Mathewson
0dc724d19c Make ALLOW_INVALID_* into an enum.
svn:r17648
2008-12-17 17:20:26 +00:00
Nick Mathewson
d0e1cc6fe2 Remove the no-longer-used incoming_cmd_type field from control_connection_t.
svn:r17647
2008-12-17 17:20:22 +00:00
Nick Mathewson
68a6935afb Change CELL_DIRECTION_* to an enum.
svn:r17646
2008-12-17 17:20:19 +00:00
Nick Mathewson
44e19a4949 Oops; remove extraneous comma.
svn:r17644
2008-12-17 15:04:43 +00:00
Nick Mathewson
7678ac5193 Move edge-only flags from connection_t to edge_connection_t.
svn:r17643
2008-12-17 14:59:28 +00:00
Nick Mathewson
26632d59dd Rename or_is_obsolete and move it to or_connection_t where it belongs.
svn:r17642
2008-12-17 14:59:19 +00:00
Nick Mathewson
e53ffaa4e4 Don't extend circuits over noncanonical connections with mismatched addresses.
Also, refactor the logic to check whether we will use a connection or
launch a new one into a new function.

svn:r17628
2008-12-15 21:17:53 +00:00
Nick Mathewson
51c29e1e24 Apply rovv's bug 805 fix: take more care never to prefer a non-canonical connection.
svn:r17627
2008-12-15 21:17:43 +00:00
Roger Dingledine
5822e14dc9 When a stream at an exit relay is in state "resolving" or
"connecting" and it receives an "end" relay cell, the exit relay
would silently ignore the end cell and not close the stream. If
the client never closes the circuit, then the exit relay never
closes the TCP connection. Bug introduced in Tor 0.1.2.1-alpha;
reported by "wood".


svn:r17625
2008-12-14 19:40:56 +00:00
Roger Dingledine
2ad06eef11 comment tweak
svn:r17624
2008-12-14 19:39:54 +00:00
Nick Mathewson
a4a481d81c Implement proposal 148: Make client stream end reasons uniform.
This patch makes every RELAY_COMMAND_END cell that we send pass through one of two functions: connection_edge_end and relay_send_end_cell_from_edge.  Both of these functions check the circuit purpose, and change the reason to MISC if the circuit purpose means that it's for client use.

svn:r17612
2008-12-12 20:30:42 +00:00
Nick Mathewson
5fb2ab1e65 Implement the /tor/keys/fp-sk/ URL format. That mostly finishes the server side of 157.
svn:r17611
2008-12-12 19:05:36 +00:00
Nick Mathewson
69ce955484 Add cross-certification to authority key certificates. Partial implementation of proposal 157.
svn:r17610
2008-12-12 18:31:39 +00:00
Nick Mathewson
519de7970e Do not discard sign on return values of iv crypto functions in tests. May fix CID 9. Might not.
svn:r17603
2008-12-11 21:11:31 +00:00
Nick Mathewson
7e351a6341 Note that a couple of line in control.c are supposed to be dead-code.
I'm hoping not to have to litter the rest of our codebase with Coverity ignores, but I think these are the only one we need right now.

svn:r17602
2008-12-11 21:11:28 +00:00
Nick Mathewson
02e26ebc49 If we are building under Coverity, enable geoip_stats and instrument_downloads.
This makes sure that a) optional code gets analyzed too, and b) it doesn't
look like dead code to Coverity.

svn:r17601
2008-12-11 21:11:26 +00:00
Nick Mathewson
b20694758e Fix two more unit-test bugs (deadcode this time) spotted by Coverity run 7.
CIDs == 357, 356.

svn:r17599
2008-12-11 21:11:19 +00:00
Nick Mathewson
04ec7d1f98 Now that tor_assert is no longer using a broken force-to-boolean formulation, we can tor_assert a bitfield without a gcc compile error.
svn:r17598
2008-12-11 20:28:50 +00:00
Nick Mathewson
d9aa57253d Fix error in last unit test mem-leak-fixing.
svn:r17596
2008-12-11 19:41:03 +00:00
Nick Mathewson
bb02f919f1 Refactor find_first_by_keyword into one variant that can return NULL and one that can't.
This makes it easier for us to avoid errors where we we forgot to list a keyword as mandatory, and easier for Coverity to detect cases like this too.

svn:r17595
2008-12-11 19:40:58 +00:00
Nick Mathewson
f3b52e331e Avoid multiple descriptor-fetch connections to authorities. Fixes bug 366.
svn:r17594
2008-12-11 19:12:55 +00:00
Nick Mathewson
043b4fc59e Add a PDS_ flag to exclude authorities from which we are fetching descs.
Yes, this is maybe a little overspecific.  Part of a bug 366 fix.

svn:r17593
2008-12-11 19:12:48 +00:00
Nick Mathewson
29f5a65a16 Change directory_get_from_dirserver to take a set of flags to be passed to pick_(trusted_)dirserver. This lets us make its interface smarter, and makes code that calls it a little more readable.
svn:r17592
2008-12-11 19:12:45 +00:00
Nick Mathewson
4e69284e89 Fix wide line in main.c
svn:r17587
2008-12-11 17:23:00 +00:00
Nick Mathewson
240ee1866b Add experimental support for learning svn revision number in git-svn based repositories. Fancy.
svn:r17581
2008-12-11 06:52:24 +00:00
Nick Mathewson
d7563ee231 Fix memory leaks in test_util_smartlist_* functions.
svn:r17580
2008-12-11 06:18:09 +00:00
Nick Mathewson
595e77c8d7 Fix memory leaks in test_v3_networkstatus.
svn:r17579
2008-12-11 06:18:01 +00:00
Nick Mathewson
6ffb4d4ab6 Fix memory leaks in test_dir_format
svn:r17578
2008-12-11 06:17:59 +00:00
Nick Mathewson
d8027aa689 Fix a logic error that would automatically reject all but the first configured DNS server. Bugfix on 0.2.1.5-alpha. Possible fix for part of 813/868. Spotted by coderman
svn:r17569
2008-12-10 22:57:41 +00:00
Nick Mathewson
53d3f812bd Add new internal-use-only option for controllers to use to prevent SIGHUP from reloading the configuration. Fixes bug 856.
svn:r17567
2008-12-10 22:17:02 +00:00
Nick Mathewson
9aa706e20c Bug 691 fix: do not shutdown Tor servers right away if the network is down.
svn:r17566
2008-12-10 20:45:31 +00:00
Nick Mathewson
426b53d85a Apply patch from Karsten to fix bug 879. Backport candidate.
svn:r17562
2008-12-10 18:16:58 +00:00
Nick Mathewson
7aa7d1a3e7 Give a better error when something has changed our descriptor cache out from under us. Based on patch from Karsten. Addresses bug 885.
svn:r17550
2008-12-10 03:01:26 +00:00
Roger Dingledine
d7bf7e0b32 When a directory authority gives us a new guess for our IP address,
log which authority we used. Hopefully this will help us debug
the recent complaints about bad IP address guesses.


svn:r17549
2008-12-10 01:46:51 +00:00
Roger Dingledine
4053b47459 note a potential bug in status events. need to look at spec to
see if it's really a bug.


svn:r17548
2008-12-10 01:35:21 +00:00
Roger Dingledine
145e589b6c Resume using the correct "REASON=" stream when telling the
controller why we closed a stream. Bugfix in 0.2.1.1-alpha.


svn:r17547
2008-12-10 01:34:24 +00:00
Nick Mathewson
ab75c0d9e3 remove a bogus comment. Now that there is no undocumented synonym for EXTENDED_EVENTS, we do not need to point out that EXTENDED_EVENTS is documented
svn:r17542
2008-12-09 23:10:38 +00:00
Nick Mathewson
a7b4a7b9f8 Finally remove deprecated-since-0.1.2.4-alpha EXTENDED_FORMAT synonym for EXTENDED_EVENTS
svn:r17538
2008-12-09 19:55:19 +00:00
Nick Mathewson
0280a72500 Add a new status event for consensus arrival
svn:r17535
2008-12-09 18:16:41 +00:00
Nick Mathewson
b32bac88e8 Mark DirPortFrontPage as a FILENAME rather than a STRING. Right now this has no effect.
svn:r17520
2008-12-08 18:00:34 +00:00
Roger Dingledine
b1c8fb7058 this function is no longer used.
svn:r17515
2008-12-08 00:09:28 +00:00
Roger Dingledine
e5be0504ab When the client is choosing entry guards, now it selects at most
one guard from a given relay family. Otherwise we could end up with
all of our entry points into the network run by the same operator. 
Suggested by Camilo Viecco. Fix on 0.1.1.11-alpha.

Not a backport candidate, since I think this might break for users
who only have a given /16 in their reachableaddresses, or something
like that.


svn:r17514
2008-12-08 00:04:29 +00:00
Roger Dingledine
f31c16d993 Directory mirrors no longer fetch the v1 directory or
running-routers files. They are obsolete, and nobody asks for them
anymore. This is the first step to making v1 authorities obsolete.


svn:r17513
2008-12-07 23:53:39 +00:00
Jacob Appelbaum
48aca3c999 Small whitespace fix to properly format if () {} statement.
svn:r17503
2008-12-07 01:51:56 +00:00
Jacob Appelbaum
f70146ca91 This helps return a better error message when the file supplied to DirPortFrontPage is missing.
svn:r17502
2008-12-07 01:48:30 +00:00
Roger Dingledine
21892d8a9c cleanups on r17500
svn:r17501
2008-12-07 01:34:45 +00:00
Jacob Appelbaum
6b178b46ef New DirPortFrontPage option that takes an html file and publishes it as "/" on the DirPort. Now relay operators can provide a disclaimer without needin to set up a separate webserver. There's a sample disclaimer in contrib/tor-exit-notice.html.
svn:r17500
2008-12-07 01:21:19 +00:00
Jacob Appelbaum
cf75162a0c Add comment clarifying OpenSSL usage.
svn:r17498
2008-12-07 01:14:49 +00:00
Nick Mathewson
af03faa1a6 Fix more leaks in test_util_memarea().
svn:r17491
2008-12-05 02:25:39 +00:00
Nick Mathewson
475fbbbccc Fix a resource leak in test_dir_formats()
svn:r17488
2008-12-05 02:05:39 +00:00
Nick Mathewson
1affbd3464 Split test_util_smartlist into manageable chunks; make them free memory properly.
svn:r17487
2008-12-05 01:58:35 +00:00
Nick Mathewson
30377823c3 Add a few more tests to our tests so that our tests make sense to coverity. CIDs 139, 138, 137.
svn:r17486
2008-12-05 01:49:15 +00:00
Nick Mathewson
e06442b648 Add a couple of sanity-checks for return values that coverity thinks we ought to have. CIDs 337, 335.
svn:r17485
2008-12-05 01:35:49 +00:00
Nick Mathewson
a26188cee9 fix bug 880: find the end of an authority cert by looking for the first ----END SIGNATURE----- after the first dir-key-certification, not for the first ----END SIGNATURE. Harmless bug, but it made us non-spec-compliant.
svn:r17470
2008-12-03 03:42:19 +00:00
Nick Mathewson
bd6b3072f9 Change logging code to use fds instead of stdio. Fixes bug 861, and probably makes logging slightly faster. Not a backport candidate: bug 861 is too obscure and harmless.
svn:r17456
2008-12-02 23:36:58 +00:00
Nick Mathewson
9c65195449 Apply rovv's patch for bug 864: avoid null error on detached signature handling failure.
svn:r17446
2008-12-02 19:13:23 +00:00
Roger Dingledine
2d8f7a4ff6 clarify that 'resolve' relay cells nul-terminate the hostname, just
like 'begin' relay cells.


svn:r17442
2008-12-02 17:35:05 +00:00
Roger Dingledine
984dc51f26 clean up some log messages
svn:r17406
2008-11-29 11:55:30 +00:00
Roger Dingledine
a53ebd20f0 whitespace fix
svn:r17379
2008-11-24 02:02:48 +00:00
Nick Mathewson
c7910c3bc9 Consider GetNetworkParams() nameserver parsing to have suceeded if even one nameserver can be added. Log more useful info about what exactly is failing when we fail to add a nameserver.
svn:r17368
2008-11-22 21:46:34 +00:00
Roger Dingledine
0b7a2a505e prepare_for_poll() -- plus its mysterious cousin, prepare_for_pool() --
are long gone.


svn:r17351
2008-11-21 14:07:57 +00:00
Nick Mathewson
0fa698d84f apply sebastian's bug 867 fix: make routerset_equal() work as documented with NULL arguments
svn:r17287
2008-11-16 18:25:20 +00:00
Karsten Loesing
6d7951c022 Fix a possible segfault when establishing an exit connection. Bugfix on 0.2.1.5-alpha.
svn:r17275
2008-11-16 01:52:44 +00:00
Nick Mathewson
c36ddcbabf Apparently sparc64 is way more strict about uint16_t access alignment than I had thought: it gave bus errors when messing with var-cell headers. Maybe this patch will fix bug 862.
svn:r17262
2008-11-12 14:41:44 +00:00
Nick Mathewson
8f1952bf11 Be even _more_ careful when signatures are bogus.
svn:r17252
2008-11-11 17:14:12 +00:00
Nick Mathewson
3970c34f10 Only replace the detached signatures object when we actually added or replaced at least one signature.
svn:r17250
2008-11-11 16:52:07 +00:00
Nick Mathewson
997aea74dc Fix from rovv: when adding a detached signature, do not automatically assume it is good just because we are adding it. We might also be adding it because it was the first signature we saw for a given voter.
svn:r17248
2008-11-11 16:35:46 +00:00
Nick Mathewson
00a90177fa oops, remove debugging log message.
svn:r17247
2008-11-11 16:02:23 +00:00
Nick Mathewson
8157b8b766 be less aggressive about deleting expired certs. based on patch from rovv. partial fix for bug 854.
svn:r17246
2008-11-11 16:01:57 +00:00
Nick Mathewson
e08cbe2029 Add PURPOSE= field to getinfo circuit-status. With luck, controllers are ignoring extra fields (like they are supposed to) and this will not break any controllers.
svn:r17245
2008-11-11 15:59:24 +00:00
Nick Mathewson
6c50ab6e61 Document a couple of functions.
svn:r17239
2008-11-10 20:40:01 +00:00
Roger Dingledine
c62d5f6a5c beg nick for some documentation on the locking functions
svn:r17233
2008-11-10 00:48:13 +00:00
Roger Dingledine
4d8799b987 we missed a case when printing circuit purposes in circ events.
svn:r17230
2008-11-09 23:56:29 +00:00
Nick Mathewson
9f1e06bd0e but to not attempt to download a specific certificate we already have.
svn:r17214
2008-11-07 15:01:49 +00:00
Nick Mathewson
bda4ca065c Aaaaand, do not reset the download count just because we have a certificate that is listed in a consensus.
svn:r17212
2008-11-07 14:57:14 +00:00
Nick Mathewson
aa405f29e6 fix up signs in r17208
svn:r17211
2008-11-07 14:17:46 +00:00
Nick Mathewson
5e2cdc1666 When we get a duplicated certificate, treat it as a failure and increment the download count. Do not claim to be downloading certificates that we merely want.
svn:r17209
2008-11-07 14:01:44 +00:00
Nick Mathewson
a15bdd3edd patch from karsten to not use or accept expired certs. fixes bug 851.
svn:r17208
2008-11-07 13:38:49 +00:00
Roger Dingledine
bc128c0b03 vidalia asks us for the value of the Group config option. but now
it's obsolete. which causes us to inform the user every time, even
though the user can't do anything about it other than get confused.

now it's an info-level log by default.


svn:r17206
2008-11-07 04:38:58 +00:00
Roger Dingledine
14773f42a7 now that we drop privs more thoroughly, switch_id() is no longer
idempotent. so now we remember if we've succeeded, and if so we
don't even try.


svn:r17204
2008-11-07 04:34:47 +00:00
Roger Dingledine
d27337bf17 i needed a piece of the 'patching patches' action too
svn:r17202
2008-11-07 03:39:19 +00:00
Steven Murdoch
9d68ed08e9 Patch from Jacob Appelbaum and me to make User option more robust, properly set supplementary groups, deprecated the Group option, and log more information on credential switching
svn:r17200
2008-11-07 02:06:12 +00:00
Nick Mathewson
6e3de8530e Remove bug 811/845 debugging code
svn:r17199
2008-11-07 01:50:37 +00:00
Nick Mathewson
a38026bb06 fix wide lines
svn:r17198
2008-11-07 01:48:55 +00:00
Nick Mathewson
3ebd1ebeca The chunk_size field in memarea_t was never actually set. Remove the whole thing.
svn:r17195
2008-11-05 20:34:22 +00:00
Nick Mathewson
3f858b5b26 Fix a compile error found under pcc. It wants single-quites to be escaped in strings, it seems.
svn:r17191
2008-11-05 18:03:14 +00:00
Karsten Loesing
b31e2c2491 (a - b) / 2 != a - (b / 2); this is the reason why tunneled directory requests and client-side introduction circuits don't time out after the intended 30 seconds (task #847). Bugfix on r17106. Found by miner.
svn:r17189
2008-11-05 10:40:29 +00:00
Nick Mathewson
73c6cb8353 Fix unit test failure related to intro point parsing.
svn:r17188
2008-11-03 16:36:15 +00:00
Nick Mathewson
7b45d530b0 Add some debugging logs for bug 811/845.
svn:r17186
2008-11-03 15:46:05 +00:00
Roger Dingledine
ebe4ef12b9 when building preemptive circuits, ignore streams that have a
chosen exit node in mind already. otherwise we get tricked into
trying to build a new circuit that will handle them.


svn:r17184
2008-11-03 07:00:56 +00:00
Roger Dingledine
3e5a584d37 fix the other half of r17091. now that best_support can be -1,
we were complaining about no support for our one-hop streams,
when in fact choose_good_exit_server_general() has no business
caring about one-hop streams. patch from miner.


svn:r17181
2008-11-01 23:49:14 +00:00
Nick Mathewson
c534b96e58 Fix an assertion failure on double-marked circuits, and a double-mark.
svn:r17179
2008-11-01 20:27:41 +00:00
Nick Mathewson
0c9dfffe5a Implement the 0x20-hack to make DNS poisoning harder against us, especially when resolving large names. Add a cfg option to disable it, since apparently 3/10 of a percent of servers get it wrong.
svn:r17171
2008-10-29 19:20:02 +00:00
Nick Mathewson
c8a5e2d588 Work better with tools that resist DNS poisoning by using the 0x20 hack: make DNSPort replies perserve case.
svn:r17170
2008-10-29 15:31:26 +00:00
Nick Mathewson
accb4a680f make layer_hint check a little stricter.
svn:r17164
2008-10-27 16:57:18 +00:00
Nick Mathewson
ee31e0829e Verify cpath_layer match on rendezvous cells too. Fixes another case of bug 446. Based on patch from rovv.
svn:r17162
2008-10-27 16:46:45 +00:00
Karsten Loesing
c53f1f83e7 gabelmoo has a new IP address.
svn:r17160
2008-10-27 15:04:45 +00:00
Nick Mathewson
b166a43cb6 Fix another case of refusing to use a chosen exit node because we think it will reject _mostly_ everything. Based on patch from rovv. See bug 752.
svn:r17139
2008-10-21 17:09:04 +00:00
Nick Mathewson
5e762e6a5c Fix the rest of bug 619: reject *:* servers should not do DNS lookups, even if broken clients send them RELAY_BEGIN cells. Patch from rovv.
svn:r17138
2008-10-21 16:51:59 +00:00
Nick Mathewson
b593fd5c20 Patch from rovv: send back END cell in response to connect attempts to nonexistent hidden service port.
svn:r17137
2008-10-21 16:41:20 +00:00
Roger Dingledine
bca46cc628 backport candidate:
The "ClientDNSRejectInternalAddresses" config option wasn't being
consistently obeyed: if an exit relay refuses a stream because its
exit policy doesn't allow it, we would remember what IP address
the relay said the destination address resolves to, even if it's
an internal IP address. Bugfix on 0.2.0.7-alpha; patch by rovv.


svn:r17135
2008-10-17 22:08:49 +00:00
Roger Dingledine
e3127e874e fix grammar in a log message
svn:r17131
2008-10-16 17:13:28 +00:00
Roger Dingledine
bbf0f5a266 explain patch4 better. whee.
svn:r17111
2008-10-15 21:12:51 +00:00
Roger Dingledine
a5769eefa4 patch4 from proposal 155:
Hidden services start out building five intro circuits rather
than three, and when the first three finish they publish a service
descriptor using those. Now we publish our service descriptor much
faster after restart.


svn:r17110
2008-10-15 20:59:48 +00:00
Roger Dingledine
d06182f0bd add patch2 from proposal 155:
Launch a second client-side introduction circuit in parallel
after a delay of 15 seconds (based on work by Christian Wilms).


svn:r17108
2008-10-15 18:52:06 +00:00
Roger Dingledine
4520500cde put in karsten's patch #1 for proposal 155, modified
svn:r17106
2008-10-15 00:36:09 +00:00
Nick Mathewson
846e40d193 Patch from rovv: when we have no pending streams, choose exits with choose_good_exit_server_general() rather than with circuit_get_unhandled_ports() and friends. Bugfix on 0.1.1.x, at least.
svn:r17091
2008-10-14 17:05:52 +00:00
Roger Dingledine
d7cfa1f56c Minor fix in the warning messages when you're having problems
bootstrapping; also, be more forgiving of bootstrap problems when
we're still making incremental progress on a given bootstrap phase.


svn:r17066
2008-10-13 03:34:29 +00:00
Roger Dingledine
c9bddb24b2 another coverity-found memory leak
svn:r17062
2008-10-12 03:21:05 +00:00
Roger Dingledine
95aace5aae minor memory leak found by coverity
svn:r17061
2008-10-12 03:19:17 +00:00
Roger Dingledine
bb1f488dbe fix typo in log entry
svn:r17050
2008-10-08 10:47:23 +00:00
Roger Dingledine
e7f5a07ff4 Make rend_cache_store() use the same return error codes as its v2
equivalent: I got a lonely "Failed to fetch rendezvous descriptor."
in my log file, even when the connection worked.


svn:r17028
2008-10-02 07:32:13 +00:00
Roger Dingledine
c7af43a624 Now NodeFamily and MyFamily config options allow spaces in
identity fingerprints, so it's easier to paste them in.
Suggested by Lucky Green.


svn:r17021
2008-10-01 03:41:33 +00:00
Nick Mathewson
ccede03cc0 Switch a should-benee-dless check for an assert.
svn:r17018
2008-09-30 13:59:12 +00:00
Roger Dingledine
f2708dd40f a few more tweaks
svn:r17010
2008-09-30 09:32:26 +00:00
Roger Dingledine
49a250b208 i *think* this is equivalent. somebody should check me on it though.
svn:r17009
2008-09-30 08:45:40 +00:00
Roger Dingledine
7247838a25 v3 authorities write down all the votes they used for the consensus
to the datadir, for debugging.


svn:r17008
2008-09-29 23:13:43 +00:00
Nick Mathewson
25f8335528 Include circuit purposes in circuit events. Now all circuit events are extended; this makes the code simpler.
svn:r17007
2008-09-29 22:34:22 +00:00
Nick Mathewson
9d950f7d25 Nobody calls circuit_launch_by_nickname; remove it.
svn:r17006
2008-09-29 20:44:29 +00:00
Roger Dingledine
26aa741169 Remove the old v2 directory authority 'lefkada' from the default
list. It has been gone for many months.


svn:r17005
2008-09-29 19:27:20 +00:00
Nick Mathewson
ae3ce7b387 Patch from mwenge: update TrackHostExits mapping expiry times when the mappings are used, so that they expire a while after their last use, not a while after their creation.
svn:r17004
2008-09-29 14:53:53 +00:00
Nick Mathewson
57db1c1a7d Tweak the dbg-stability.txt code to log everything else that influences router stability calculations.
svn:r17003
2008-09-29 14:40:34 +00:00
Roger Dingledine
9678f166a8 If we have correct permissions on $datadir, we complain to stdout
and fail to start. But dangerous permissions on
$datadir/cached-status/ would cause us to open a log and complain
there. Now complain to stdout and fail to start in both cases. Fixes
bug 820, reported by seeess.


svn:r16998
2008-09-29 10:09:05 +00:00
Roger Dingledine
c846979ab7 Fix a bug where an unreachable relay would establish enough
reachability testing circuits to do a bandwidth test -- if
we already have a connection to the middle hop of the testing
circuit, then it could establish the last hop by using the existing
connection. Bugfix on 0.1.2.2-alpha, exposed when we made testing
circuits no longer use entry guards in 0.2.1.3-alpha.


svn:r16997
2008-09-29 09:36:42 +00:00
Nick Mathewson
99755f374d Fix 0/0 calculation in get_weighted_fractional_uptime().
svn:r16994
2008-09-28 15:48:36 +00:00
Nick Mathewson
bb1685318c Commit fix for bug 807 from mwenge: send CLOSED controller event for reverse dns resolve, not FAILED.
svn:r16985
2008-09-26 20:25:35 +00:00
Nick Mathewson
745e5b0e22 Make sure ExcludeSingleHopRelays works for an exit.
svn:r16984
2008-09-26 19:09:12 +00:00
Nick Mathewson
e147e867be Proposal 152 implementation from Josh Albrecht, with tweaks.
svn:r16983
2008-09-26 18:58:45 +00:00
Nick Mathewson
87eb230c01 Put the start-of-downtime value in the start-of-downtime buffer so that we do not put junk in the dbg-stability.txt file
svn:r16982
2008-09-26 18:31:22 +00:00
Nick Mathewson
e7e12236ac Code to serve a current stability calculations from /tor/dbg-stability.txt. Untested: somebody please run this on an authority and let me know if it is broken.
svn:r16981
2008-09-26 18:02:48 +00:00
Nick Mathewson
283b95e463 Make tests pass again by adding an opt hidden-service-dir to the example routerinfo output.
svn:r16980
2008-09-26 17:58:35 +00:00
Nick Mathewson
ae33d3ead7 Apply rovv's fix for bug 824.
svn:r16975
2008-09-26 15:30:26 +00:00
Nick Mathewson
02c71a7eb4 Widen the conditions under which we whine about not having a geoip file to include "a country code was configured in a node list."
svn:r16968
2008-09-25 21:06:32 +00:00
Nick Mathewson
e06f140f97 Whitespace fixes.
svn:r16967
2008-09-25 20:22:17 +00:00
Nick Mathewson
8bbbbaf87b Add country-code support to configured node lists to implement the ever-popular "no exits in Monaco" feature (ExcludeExitNodes {MC}). Also allow country codes and IP ranges in ExitNodes. (EntryNodes needs more work.) Based on code by Robert Hogan. Needs more testing.
svn:r16966
2008-09-25 20:21:35 +00:00
Nick Mathewson
b2c7090da6 Make it easier for dmalloc to see if keys are leaking; remove a test-only key leak.
svn:r16965
2008-09-25 17:37:00 +00:00
Nick Mathewson
06f96363fd Remove now-needless _tor_dmalloc_free helper.
svn:r16964
2008-09-25 17:36:09 +00:00
Nick Mathewson
a7e383af19 More test memory-management fixes
svn:r16963
2008-09-25 15:20:38 +00:00
Karsten Loesing
f2ff3e74ae All relays now store and serve v2 hidden service descriptors by default (not only directory mirrors).
svn:r16961
2008-09-24 22:33:47 +00:00
Karsten Loesing
9a7098487b If we are not using BEGIN_DIR cells, don't attempt to contact hidden service directories with non-open dir port.
svn:r16960
2008-09-24 22:29:22 +00:00
Nick Mathewson
7f805aca2b Split test_crypto() into manageable pieces.
svn:r16959
2008-09-24 20:55:38 +00:00
Karsten Loesing
5f457e4fa6 Minor correction of commentation.
svn:r16958
2008-09-24 17:33:07 +00:00
Nick Mathewson
8bc1536a9e Add patch 4 from Karsten for proposal 121, slightly modified. Karsten should definitely re-review the bits I changed.
svn:r16955
2008-09-24 14:44:29 +00:00
Nick Mathewson
75977fd79b Patch from roger for 752, but with more comments: When we get an A.B.exit:P address, and B would reject most connections to P, but we do not know whether it would allow A, then allow the connection to procede. Bugfix, amusingly, on 0.0.9rc5.
svn:r16944
2008-09-23 20:25:01 +00:00
Nick Mathewson
545b317e1f Fix for bug 797 (by arma, with tweaks): always use create_fast for circuits where we do not know an onion key.
svn:r16942
2008-09-23 20:13:23 +00:00
Nick Mathewson
f28fc83ea5 More logging for mtbf/wfu calculations.
svn:r16941
2008-09-23 18:24:20 +00:00
Karsten Loesing
e4942e809e Exclude v0 rendezvous descriptors when considering republication.
svn:r16939
2008-09-23 09:30:57 +00:00
Roger Dingledine
6a7abbd25d ok, but inaccurate error strings worse
svn:r16938
2008-09-23 08:57:30 +00:00
Roger Dingledine
0fc0d5266c identical error strings in different contexts bad
svn:r16937
2008-09-23 08:54:03 +00:00
Nick Mathewson
b0c48d8e45 Oops; we need to make sure that DNS request names are matched in the _questions_ section of the replies. Rejecting answers whether the _answers_ section did not match made us reject A records waiting at the end of a CNAME record. Bug 823.
svn:r16933
2008-09-22 20:06:25 +00:00
Roger Dingledine
4fd9880540 give rend_client_desc_here a slightly more accurate name
svn:r16916
2008-09-16 10:26:15 +00:00
Roger Dingledine
38f2272d5d patch from karsten for bug 814. whew.
svn:r16915
2008-09-16 10:17:04 +00:00
Nick Mathewson
3db8c15287 Add a circuit_conforms_to_options() function for use in debugging paths [and inother stuff too]. Untested, and so far unused.
svn:r16914
2008-09-15 22:29:47 +00:00
Roger Dingledine
2bde30efa6 read_to_buf should take an int *error_socket and return it.
svn:r16909
2008-09-14 08:35:41 +00:00
Roger Dingledine
7f2fd34645 stop telling us every time we fetch a consensus. that's not really news.
svn:r16908
2008-09-14 07:17:44 +00:00
Roger Dingledine
dbb481c169 Serve the latest v3 networkstatus consensus via the control
port. Use "getinfo dir/status-vote/current/consensus" to fetch it.


svn:r16907
2008-09-14 04:07:29 +00:00
Roger Dingledine
4045ef72f5 make it explicit that the uncompressed cached dir items are nul-terminated
(they are, but now we should keep them that way)


svn:r16906
2008-09-14 03:36:54 +00:00
Roger Dingledine
2d95accc75 Allow ports 465 and 587 in the default exit policy again. We had
rejected them in 0.1.0.15, because back in 2005 they were commonly
misconfigured and ended up as spam targets. We hear they are better
locked down these days.


svn:r16898
2008-09-13 10:04:42 +00:00
Karsten Loesing
f0a5ef804f Directory mirrors store and serve v2 hidden service descriptors by default.
svn:r16858
2008-09-11 20:06:04 +00:00
Nick Mathewson
b322348e8a Fix more actual test leaks
svn:r16831
2008-09-10 05:34:03 +00:00
Nick Mathewson
45205126fe Fix some apparent leaks in voting. If authorities suddenly start segfaulting, this could be a patch to look harder at.
svn:r16830
2008-09-10 05:33:49 +00:00
Nick Mathewson
aa69d586ea Make buffer unit tests handle resource leaks properly.
svn:r16823
2008-09-10 00:16:32 +00:00
Nick Mathewson
38f56608d9 Make more unit tests handle resource leaks properly.
svn:r16822
2008-09-10 00:11:53 +00:00
Karsten Loesing
52fbfc5d45 Correct indentation.
svn:r16819
2008-09-09 22:19:41 +00:00
Roger Dingledine
659f1651e0 tweak karsten's patch
svn:r16818
2008-09-09 21:09:15 +00:00
Roger Dingledine
2c14705a4d patch from karsten to fix more of bug 767
svn:r16817
2008-09-09 21:08:02 +00:00
Nick Mathewson
f95d7c189b Refactor unit test macros and tor_free_all() logic a bit so as to make it easier to free memory on failing tests, in order to suppress scanner warnings and to make dmalloc() usable with tests.
svn:r16816
2008-09-09 20:43:31 +00:00
Roger Dingledine
fa64d8041f minor cleanups on karsten's patch
svn:r16810
2008-09-09 09:21:21 +00:00
Roger Dingledine
ef7af1d61e karsten's patch for bug 767.
svn:r16808
2008-09-09 08:41:58 +00:00
Roger Dingledine
d37fae2f4e Catch and report a few more bootstrapping failure cases when Tor
fails to establish a TCP connection. Cleanup on 0.2.1.x.


svn:r16803
2008-09-09 06:25:39 +00:00
Nick Mathewson
aacda9cd8e We should not alter an addr_policy_t that has been canonicalized.
svn:r16802
2008-09-09 03:48:01 +00:00
Nick Mathewson
baeb260ad1 Refactor use of connection_new so that we get more verifiable typesafety.
svn:r16785
2008-09-05 22:09:44 +00:00
Nick Mathewson
339f094056 Refactor some code and add some asserts based on scanner results.
svn:r16783
2008-09-05 21:19:53 +00:00
Nick Mathewson
d5b2dab31d Fix a malloc that should have been a tor_malloc
svn:r16780
2008-09-05 20:53:39 +00:00
Nick Mathewson
0b8117a5c0 Fix numerous memory leaks: some were almost impossible to trigger, and some almost inevitable.
svn:r16779
2008-09-05 20:52:15 +00:00
Nick Mathewson
a56a072f29 It is probably some kind of misdeed to say for (i=0;i<2;++i) { A=i?x:y; foo(bar(A)); } rather than foo(bar(x)); foo(bar(y)); . Also, it can confuse tools.
svn:r16777
2008-09-05 20:04:27 +00:00
Nick Mathewson
c33dde4ac1 Fix mingw build with --enable-gcc-warnings set.
svn:r16759
2008-09-04 21:58:09 +00:00
Nick Mathewson
3f2b7078d2 Use warn_too_many_conns() when accept() fails with a resource limit.
svn:r16751
2008-09-04 15:22:55 +00:00
Nick Mathewson
f80ac31d74 Add a lockfile to the Tor data directory to avoid situations where two Tors start with the same datadir, or where a --list-fingerprints races with a server to create keys, or such.
svn:r16722
2008-09-01 20:06:26 +00:00
Roger Dingledine
cfff21e78a backport candidate:
If not enough of our entry guards are available so we add a new
one, we might use the new one even if it overlapped with the
current circuit's exit relay (or its family). Anonymity bugfix
pointed out by rovv.


svn:r16698
2008-08-31 06:33:39 +00:00
Nick Mathewson
32549ad95e Double oops: revert accidentally committed local geoipc.c debugging hack.
svn:r16687
2008-08-29 17:02:26 +00:00
Nick Mathewson
730f1b6d3f Oops. Make warn_too_many_conns() actually work.
svn:r16686
2008-08-29 17:01:15 +00:00
Nick Mathewson
6bf1dec945 Oops; set address families on nameservers.
svn:r16674
2008-08-27 14:12:10 +00:00
Nick Mathewson
2625eb204f Fix a memory leak when freeing routerstatuses with exit policy summaries. Patch from mwenge.
svn:r16659
2008-08-25 23:19:58 +00:00
Roger Dingledine
c5fef3c57f commit jake's patch to include strings with socks5 error numbers
svn:r16657
2008-08-25 21:02:22 +00:00
Roger Dingledine
8a9b6204ca get rid of some magic constants i found while walking
jake through socks4 and socks5 failure codes


svn:r16651
2008-08-25 07:06:55 +00:00
Nick Mathewson
239cbe99ba Oops. Linux has no sa_len field.
svn:r16627
2008-08-22 18:00:26 +00:00
Nick Mathewson
0800b332a0 r17847@tombo: nickm | 2008-08-22 12:08:56 -0400
ipv6: make server-side dns cache remember for each address an ipv6 addr and an ipv4 addr.  This fix is just the struct side.


svn:r16622
2008-08-22 16:24:47 +00:00
Nick Mathewson
fc52d85b7c r17846@tombo: nickm | 2008-08-22 11:54:00 -0400
Make dns resolver code more robust: handle nameservers with IPv6 addresses, make sure names in replies match requested names, make sure origin address of reply matches the address we asked.


svn:r16621
2008-08-22 16:24:43 +00:00
Roger Dingledine
8f5642edbc Relays now reject risky extend cells: if the extend cell includes
a digest of all zeroes, or asks to extend back to the relay that
sent the extend cell, tear down the circuit. Ideas suggested
by rovv.


svn:r16605
2008-08-20 05:21:43 +00:00
Roger Dingledine
cc8b2247bf make r16598 compile on 64-bit too
svn:r16604
2008-08-20 05:15:08 +00:00
Karsten Loesing
a8035b5fc3 Update doxygen documentation.
svn:r16599
2008-08-19 19:01:41 +00:00
Nick Mathewson
24f1d29be1 Apply proposal 121 patch 3, with minor tweaks and a few comments.
svn:r16598
2008-08-19 15:41:28 +00:00
Peter Palfrader
87a5962abb All the controller things want their stuff in v2 format. Well then, maybe that's already sufficient
svn:r16578
2008-08-17 08:26:02 +00:00
Peter Palfrader
d3be2cb7fb And tell us more in another error case
svn:r16577
2008-08-17 08:14:57 +00:00
Peter Palfrader
ab9078fca0 Change a warning/bug message
svn:r16576
2008-08-17 08:11:21 +00:00
Peter Palfrader
3c0b0ccca9 Two consensus fixes: always reset has_* to 0, and use a buffer of proper length for exitsummaries.
svn:r16575
2008-08-17 08:01:23 +00:00
Peter Palfrader
4eecd27b42 Make trunk build again under -DEXPORTMALLINFO
svn:r16559
2008-08-15 14:03:37 +00:00
Nick Mathewson
fcf817f897 Switch global_identifier on connections to a 64-bit field and move it to connection_t. When procession onionskins, look up the connection by this field rather than by addr:port. This will keep us from dropping onionskins. How many dropped circuits are dropped because of this bug?
svn:r16558
2008-08-15 13:55:01 +00:00
Peter Palfrader
521f8c791f spaceman
svn:r16555
2008-08-14 23:09:48 +00:00
Peter Palfrader
8cc3d6e22d Add exitpolicy summaries to the consensus
svn:r16554
2008-08-14 23:01:31 +00:00
Peter Palfrader
e27b448c57 Do not split stored exit policy summary into type(accept/reject) and portlist. At least not just yet
svn:r16553
2008-08-14 23:01:21 +00:00
Peter Palfrader
41730a893c Rename a field so weasel likes it better
svn:r16552
2008-08-14 23:01:09 +00:00
Peter Palfrader
ceae7ed960 Add bw to consensus
svn:r16551
2008-08-14 23:00:57 +00:00
Peter Palfrader
82f8050ac4 Parse policies and weight (bw) into routerstatuses
svn:r16550
2008-08-14 23:00:44 +00:00
Peter Palfrader
e8de3ff54d If we are lucky the whitespace nazis will not have noticed these things yet
svn:r16549
2008-08-14 18:01:20 +00:00
Peter Palfrader
fdba26f213 minor comment/doxygen fix
svn:r16548
2008-08-14 18:01:09 +00:00
Peter Palfrader
7c4106135a Give bw in kb/sec in votes/consensus
svn:r16544
2008-08-14 12:37:59 +00:00
Peter Palfrader
ff32708d0e Having a reject-all policy summarized with a lack of summary is stupid. Explicitly mention them as reject 1-65535.
svn:r16543
2008-08-14 12:37:50 +00:00
Peter Palfrader
2f91a3528a testsuite: Now that we add (pretty useless, but still) routerinfos to the routerlist for every one of our routerstatuses in the votes we pass again. yay
svn:r16542
2008-08-14 12:37:42 +00:00
Peter Palfrader
6317cc2956 Only fetch the routerinfo_t in routerstatus_format_entry() if we are going to need it
svn:r16541
2008-08-14 12:37:34 +00:00
Peter Palfrader
a6ade97f67 Properly move forward char pointer after appending stuff to the string
svn:r16540
2008-08-14 12:37:28 +00:00
Peter Palfrader
056157984b Disable test suite for today
svn:r16539
2008-08-14 12:37:21 +00:00
Peter Palfrader
b246c4de9b asserting(s) is better than segfaulting if it turns out to be NULL later
svn:r16538
2008-08-14 12:37:14 +00:00
Peter Palfrader
1a2c6b41e3 Do not show policy and bw in v2 statuses
svn:r16537
2008-08-14 12:37:07 +00:00
Peter Palfrader
24da63ea7b Add exit policy and bw to dirvotes - unfortunately also to v2 statuses
svn:r16536
2008-08-14 12:37:00 +00:00
Peter Palfrader
91f654f2ff This bunch of functions really should be static
svn:r16535
2008-08-14 11:24:03 +00:00
Peter Palfrader
171a7d4b0f Fix an overflow when counting rejects for *, truncate exit summaries after 1000 chars
svn:r16530
2008-08-13 19:25:18 +00:00
Peter Palfrader
adcea0f332 Think of the poor children in Antarctica who still have to work on 4" screens
svn:r16528
2008-08-13 12:46:13 +00:00
Peter Palfrader
0d807068a3 A few testcases for policy summaries
svn:r16527
2008-08-13 12:46:06 +00:00
Peter Palfrader
c4e8fe11db Also special case "accept 1-65535" case, do not leak in non-exit case
svn:r16526
2008-08-13 12:46:00 +00:00
Peter Palfrader
8ef2fe4b37 Return NULL for policies that do not allow any exits
svn:r16525
2008-08-13 12:45:53 +00:00
Peter Palfrader
4a74b9a7df Fix condition statement for accept items, fix two asserts
svn:r16524
2008-08-13 12:45:44 +00:00
Peter Palfrader
34e083dde1 Make sure we don't run off the end of the list
svn:r16523
2008-08-13 12:45:34 +00:00
Peter Palfrader
b2344a9e4d Move policy_summarize() prototype to or.h
svn:r16522
2008-08-13 12:45:28 +00:00
Peter Palfrader
49a616e0fa Create string representation of exit summaries
svn:r16521
2008-08-13 12:45:23 +00:00
Peter Palfrader
7eaf5bd848 Nickm says I'm going to hell, but if I write that in a comment he might just save my soul
svn:r16520
2008-08-13 12:45:15 +00:00
Peter Palfrader
1adc12546e implement policy_summary_accept and policy_summary_reject together with a set of helpers
svn:r16519
2008-08-13 12:45:09 +00:00
Peter Palfrader
f5adde1a17 Start with exit policy summaries
svn:r16518
2008-08-13 12:45:01 +00:00
Nick Mathewson
97245376d9 Next patch from Karsten: client-side configuration stuff for proposal 121.
svn:r16510
2008-08-12 16:12:26 +00:00
Nick Mathewson
30422b5df1 Rate-limit "too-many-sockets" messages; they can get needlessly verbose.
svn:r16480
2008-08-09 15:35:37 +00:00
Nick Mathewson
60a0ae198d Patch cleanups from karsten
svn:r16479
2008-08-09 15:13:28 +00:00
Nick Mathewson
7994f49d43 Fix bug in my changes to karsten's patch
svn:r16477
2008-08-08 16:45:22 +00:00
Nick Mathewson
a8ddac96d8 handle ipv6 in socks5 requests.
svn:r16476
2008-08-08 16:41:59 +00:00
Nick Mathewson
22259a0877 The first of Karsten's proposal 121 patches: configure and maintain client authorization data. Tweaked a bit: see comments on or-dev.
svn:r16475
2008-08-08 14:36:11 +00:00
Nick Mathewson
f6879caa04 Try once again to make BSD compilation happy.
svn:r16474
2008-08-08 12:58:17 +00:00
Nick Mathewson
39f88641c1 r17692@tombo: nickm | 2008-08-07 22:41:26 -0400
Fix more compile errors on BSD pf stuff. How about now?


svn:r16472
2008-08-08 02:41:34 +00:00
Nick Mathewson
5ab6fe0051 r17680@tombo: nickm | 2008-08-07 16:06:30 -0400
Add a missing safe_str for a debug_log_message.  Fix the bad part of bug 674.


svn:r16462
2008-08-07 20:06:40 +00:00
Nick Mathewson
b81d70addb Oops. On recent linux kernels we were not detecting the linux/netfilter_ipv4.h header properly, since we needed to have in_addr and in6_addr and __u32 defined before trying to include it. Fix that.
svn:r16460
2008-08-07 19:39:52 +00:00
Nick Mathewson
48848537bc r17667@tombo: nickm | 2008-08-07 15:13:30 -0400
Make the TransPort input code handle IPv6 addresses, I hope.  This code may not compile.  Possibly fix bug 796.


svn:r16459
2008-08-07 19:13:39 +00:00
Nick Mathewson
d9601c65e0 r17666@tombo: nickm | 2008-08-07 15:12:30 -0400
Make tor_addr_from_sockaddr also give away the port in a useful format


svn:r16458
2008-08-07 19:13:35 +00:00
Nick Mathewson
635f3c8aee r17664@tombo: nickm | 2008-08-06 12:32:09 -0400
Patch from Christopher Davis: open /dev/pf before dropping privileges.  Fixes bug 782.  Backport candidate.


svn:r16450
2008-08-06 16:32:17 +00:00
Nick Mathewson
9855c1d06f r17645@31-33-44: nickm | 2008-08-05 16:28:01 -0400
Make unspecified addresses also cause connection_is_rate_limited to say 0.


svn:r16437
2008-08-05 20:28:03 +00:00
Nick Mathewson
960a0f0a99 r17641@31-33-44: nickm | 2008-08-05 16:07:53 -0400
Initial conversion of uint32_t addr to tor_addr_t addr in connection_t and related types.  Most of the Tor wire formats using these new types are in, but the code to generate and use it is not.  This is a big patch.  Let me know what it breaks for you.


svn:r16435
2008-08-05 20:08:19 +00:00
Peter Palfrader
0cfb68454e Document that we break ties in favor of smaller SD digest if there are still ties after comparing the published timestamp
svn:r16432
2008-08-05 18:54:23 +00:00
Roger Dingledine
d01813a8dd Take out the TestVia config option, since it was a workaround for
a bug that was fixed in Tor 0.1.1.21.


svn:r16409
2008-08-05 00:12:05 +00:00
Roger Dingledine
d5bb361977 minor fixes
svn:r16407
2008-08-04 23:59:38 +00:00
Karsten Loesing
d166b9dc45 Make check-spaces happy.
svn:r16406
2008-08-04 23:39:07 +00:00
Roger Dingledine
2a417700b4 don't log-warn on a bootstrapping status event if the recommendation
is to ignore.


svn:r16405
2008-08-04 23:38:32 +00:00
Karsten Loesing
1fe07f66f4 In some edge cases it occurs that the router descriptor of a previously picked introduction point becomes obsolete. In that case, don't stick to using that introduction point, but simply give up on it. Reverts some part of r15825.
svn:r16404
2008-08-04 23:35:12 +00:00
Karsten Loesing
ff9c3c006f Remove dead code that was left from marking HiddenService(Exclude)Nodes obsolete in task 754.
svn:r16401
2008-08-04 22:42:27 +00:00
Karsten Loesing
3c9cd463d2 Fix a false assertion when extending a circuit to a relay to which a connection is already established. In that case the circuit should not need to memorize extend info for that relay. circuitbuild.c:389 contains a similar assertion.
svn:r16375
2008-08-03 17:45:24 +00:00
Karsten Loesing
ee44eadf4c Fix a bug when generating router descriptors: The address part of exit policies was uninitialized.
svn:r16372
2008-08-03 12:43:18 +00:00
Roger Dingledine
fd4a30d198 bump to 0.2.1.3-alpha
svn:r16369
2008-08-03 05:35:42 +00:00
Roger Dingledine
bf066be654 note a feature (bugfix) we should do one day
svn:r16368
2008-08-03 05:35:18 +00:00
Nick Mathewson
1a76cd179a When a struct ends with char a[1], the size of all earlier members of the struct is _not_ sizeof(st)-1; compilers add alignment. Problem spotted by rovv. Backport candidate.
svn:r16302
2008-07-31 12:18:14 +00:00
Nick Mathewson
186097906d r17436@tombo: nickm | 2008-07-30 09:03:19 -0400
Move n_addr, n_port, and n_conn_id_digest fields of circuit_t into a separately allocated extend_info_t.  Saves 22 bytes per connected circuit_t on 32-bit platforms, and makes me more comfortable with using tor_addr_t in place of uint32_t n_addr.


svn:r16257
2008-07-30 13:04:32 +00:00
Nick Mathewson
507b01357a r17426@tombo: nickm | 2008-07-28 20:34:03 -0400
More test coverage for tor_addr_t; fix a couple of bugs.


svn:r16234
2008-07-29 00:34:50 +00:00
Nick Mathewson
056d97da0c r17391@pc-10-8-1-079: nickm | 2008-07-25 17:11:17 +0200
Tor_addr_compare did a semantic comparison, such that ::1.2.3.4 and 1.2.3.4 were "equal".  we sometimes need an exact comparison.  Add a feature to do that.


svn:r16210
2008-07-25 15:11:21 +00:00
Nick Mathewson
016adc9a08 r17359@pc-10-8-1-079: nickm | 2008-07-25 16:42:48 +0200
whitespace fixes


svn:r16209
2008-07-25 14:47:19 +00:00
Nick Mathewson
9da0482007 r17358@pc-10-8-1-079: nickm | 2008-07-25 16:41:03 +0200
Split out the address manipulation functions from compat and util: they were about 21% of the total of those, and spread out too much.


svn:r16208
2008-07-25 14:43:24 +00:00
Nick Mathewson
3ce6e2fba2 r17346@aud-055: nickm | 2008-07-24 15:37:19 +0200
Make generic address manipulation functions work better.  Switch address policy code to use tor_addr_t, so it can handle IPv6.  That is a good place to start.


svn:r16178
2008-07-24 13:44:04 +00:00
Nick Mathewson
ed781e6971 r17338@aud-055: nickm | 2008-07-24 11:21:06 +0200
Refactor the router_choose_random_node interface: any function with 10 parameters, most of which are boolean and one of which is unused, should get refactored like this.


svn:r16167
2008-07-24 09:22:34 +00:00
Nick Mathewson
dff1ef7d06 r17337@aud-055: nickm | 2008-07-24 10:17:43 +0200
Refactor the is_vote field of networkstatus_t to add a third possibility ("opinion") in addition to vote and opinion.  First part of implementing proposal 147.


svn:r16166
2008-07-24 09:22:27 +00:00
Nick Mathewson
ea95ce25b6 r17323@aud-055: nickm | 2008-07-23 17:58:25 +0200
Implement most of proposal 110.


svn:r16156
2008-07-23 15:58:38 +00:00
Nick Mathewson
2748afe609 r17322@aud-055: nickm | 2008-07-23 16:50:50 +0200
Make circid_t and streamid_t get used instead of uint16_t; it is possible we will soon want to make circid_t change to uint32_t.


svn:r16155
2008-07-23 15:58:30 +00:00
Nick Mathewson
15b2b8bd69 r17309@aud-055: nickm | 2008-07-23 16:05:43 +0200
Patch from Christian Wilms: remove (HiddenService|Rend)(Exclude)?Nodes options.  They never worked properly, and nobody seems to be using them.  Resolves bug 754.


svn:r16144
2008-07-23 14:07:32 +00:00
Nick Mathewson
cc46b23248 r17308@aud-055: nickm | 2008-07-23 15:57:41 +0200
In connection_edge_destroy, send a stream status control event when we have an AP connection.  Previously, we would send an event when the connection was AP and non-AP at the same time.  This didn't work so well.  Patch from Anonymous Remailer (Austria).  Backport candidate.


svn:r16143
2008-07-23 14:07:26 +00:00
Nick Mathewson
087094961b r17302@aud-055: nickm | 2008-07-23 14:55:28 +0200
Never allow a circuit to be created with the same circid as a circuit that has been marked for close.  May be a fix for bug 779.  Needs testing.  Backport candidate.


svn:r16136
2008-07-23 12:55:55 +00:00
Nick Mathewson
26746d7578 r17220@tombo: nickm | 2008-07-18 15:11:27 -0400
Fix bug in last patch: ADDR_POLICY_REJECT is not the same as ADDR_POLICY_REJECTED.


svn:r16065
2008-07-18 19:11:30 +00:00
Nick Mathewson
c8160bce1f r17188@tombo: nickm | 2008-07-18 14:35:18 -0400
Add new ExcludeExitNodes option.  Also add a new routerset type to handle Exclude[Exit]Nodes.  It is optimized for O(1) membership tests, so as to make choosing a random router run in O(N_routers) time instead of in O(N_routers*N_Excluded_Routers).


svn:r16061
2008-07-18 18:36:32 +00:00
Nick Mathewson
bdcbd23e23 Stop trying to detect versions of Tor on the server-side older than 0.1.1.15-rc; they simply do not work any more. Also add comment about how or_is_obsolete is a terrible field name.
svn:r15982
2008-07-16 13:15:11 +00:00
Roger Dingledine
267e61d0f3 When relays do their initial bandwidth measurement, don't limit
to just our our entry guards for the test circuits. Otherwise we
tend to have multiple test circuits going through a single entry
guard, which makes our bandwidth test less accurate. Fixes part
of bug 654; patch contributed by Josh Albrecht.

(Actually, modify Josh's patch to avoid doing that when you're
a bridge relay, since it would leak more than we want to leak.)


svn:r15850
2008-07-11 21:42:09 +00:00
Nick Mathewson
787c66b70f r16917@tombo: nickm | 2008-07-11 12:55:26 -0400
Remove token enum constant in routerparse.c that we do not actually use.


svn:r15841
2008-07-11 17:08:05 +00:00
Karsten Loesing
9231858ff5 Fix bug 763. When a hidden service is giving up on an introduction point candidate that was not included in the last published rendezvous descriptor, don't reschedule publication of the next descriptor.
svn:r15825
2008-07-10 21:02:01 +00:00
Nick Mathewson
c717e19a29 r16881@tombo: nickm | 2008-07-10 14:19:21 -0400
fix a rare segfault in bw-share-measuring code


svn:r15820
2008-07-10 18:31:28 +00:00
Nick Mathewson
0f8761f9fa fix typos in last patch spotted by sebastian and karsten
svn:r15700
2008-07-06 18:47:27 +00:00
Nick Mathewson
615c64efb8 Apply fix from chrisw: call connection_ap_attach_pending when we get a rendezvous2 or rendezvous_established call. This is a bit brute-foce, but it is better than we had before, and might not even show up on profiles. Backport candidate, once tested.
svn:r15699
2008-07-06 18:34:45 +00:00
Karsten Loesing
28296ad6e8 Correct punctuation.
svn:r15690
2008-07-06 13:59:36 +00:00
Roger Dingledine
c411f83211 forward-port r15576
svn:r15577
2008-06-30 23:27:11 +00:00
Roger Dingledine
45742ce0b0 Make directory servers include the X-Your-Address-Is: http header in
their responses even for begin_dir conns. Now clients who only ever use
begin_dir connections still have a way to learn their IP address. Should
fix bug 737. Reported by goldy.


svn:r15571
2008-06-30 21:52:39 +00:00
Roger Dingledine
aec928e0b6 Send a bootstrap problem "warn" event on the first problem if the
reason is NO_ROUTE (that is, our network is down).


svn:r15443
2008-06-24 08:00:30 +00:00
Roger Dingledine
b7d00bd52e whoops, i shouldn't've left that in
svn:r15434
2008-06-23 18:51:12 +00:00
Karsten Loesing
33ced73597 Added prefixes to testing-network-only configuration options.
svn:r15375
2008-06-20 17:03:13 +00:00
Roger Dingledine
8fa912a8c5 If we close our OR connection because there's been a circuit
pending on it for too long, we were telling our bootstrap status
events "REASON=NONE". Now tell them "REASON=TIMEOUT".


svn:r15369
2008-06-20 04:42:17 +00:00
Roger Dingledine
94dabd2c23 If you're using bridges, generate "bootstrap problem" warnings
as soon as you run out of working bridges, rather than waiting
for ten failures -- which will never happen if you have less than
ten bridges.


svn:r15368
2008-06-20 04:34:39 +00:00
Roger Dingledine
dd50ffb1de Big bridge bugfixes. Backport candidates.
If you have more than one bridge but don't know their keys,
you would only learn a request for the descriptor of the first one
on your list. (Tor considered launching requests for the others, but
found that it already had a connection on the way for $0000...0000
so it didn't open another.)
If you have more than one bridge but don't know their keys, and the
connection to one of the bridges failed, you would cancel all
pending bridge connections. (After all, they all have the same
digest.)


svn:r15366
2008-06-20 03:13:16 +00:00
Roger Dingledine
d76d0493d6 start sending "COUNT=%d RECOMMENDATION=%s" key/values on bootstrap
problem status events, so the controller can hear about problems even
before tor decides they're worth reporting for sure.


svn:r15357
2008-06-19 04:50:06 +00:00
Roger Dingledine
ad6b2e7523 check-spaces, fix a typo
svn:r15355
2008-06-18 20:14:25 +00:00
Roger Dingledine
c6a94718cd Directory authorities shouldn't complain about bootstrapping
problems just because they do a lot of reachability testing and
some of the connection attempts fail. 


svn:r15348
2008-06-18 07:34:04 +00:00
Roger Dingledine
50d3adb819 I was on the second paragraph of my or-dev mail explaining why I chose to
set starting=1 to avoid potential bugs with having it conflict with 0,
which I used to mean uninitialized, when I realized I would be writing
many more lame-sounding paragraphs in the future. Just start it at 0
and handle the bugs.


svn:r15346
2008-06-18 05:35:19 +00:00
Nick Mathewson
ed174245c6 implement more fine-tuning options for stats code
svn:r15345
2008-06-18 04:34:52 +00:00
Karsten Loesing
024de76e5d I was told there is an extend_info_free(). I won't leak memory again. I won't leak memory again. I won't ...
svn:r15335
2008-06-17 19:13:05 +00:00
Karsten Loesing
693d7e3e35 When establishing a hidden service, introduction points that originate from cannibalized circuits are completely ignored and not included in rendezvous service descriptors. Bugfix on 0.2.0.14-alpha. Backport candidate.
svn:r15332
2008-06-17 17:10:03 +00:00
Roger Dingledine
1ad83d74b1 Send an initial "Starting" bootstrap status event, so we have a
state to start out in.


svn:r15326
2008-06-17 08:15:42 +00:00
Roger Dingledine
c19392469d add a getinfo so vidalia can query our current bootstrap state, in case
it attaches partway through and wants to catch up.

matt, is this a good format for you, or is there an even better format?


svn:r15325
2008-06-17 08:01:43 +00:00
Peter Palfrader
efeea9f6de Fix .z suffix for intrumented download stats once more
svn:r15316
2008-06-16 22:40:26 +00:00
Peter Palfrader
6880df52eb Fix .z suffix for intrumented download stats
svn:r15315
2008-06-16 22:39:23 +00:00
Nick Mathewson
dd6324b0c6 More bug 707 fixes: no #if/#endif pairs inside macro arguments.
svn:r15307
2008-06-16 18:35:21 +00:00
Nick Mathewson
6299f4429a Clean up a macro/cpp interaction related to bug 707. Also, add a new "filename" config value type which is currently just a synonym for string, but which might be subject to expansion later.
svn:r15305
2008-06-16 18:09:53 +00:00
Nick Mathewson
44452c2756 r16341@tombo: nickm | 2008-06-15 22:04:25 -0400
Allow spaces to be omitted in approved-router file fingerprints. Requested by arma.


svn:r15296
2008-06-16 02:08:30 +00:00
Nick Mathewson
96bf9cd4c5 Comments and doc tweaks on Karsten's testing-dir-networks patch
svn:r15254
2008-06-14 16:11:37 +00:00
Nick Mathewson
0831cc3dbc Patch from Karsten to implement proposal 135 ("Testing Tor Networks").
svn:r15253
2008-06-14 16:01:29 +00:00
Nick Mathewson
97c06691b9 Malloc does not return size_t. (bug noticed by lodger.)
svn:r15252
2008-06-14 15:42:29 +00:00
Peter Palfrader
54b3b48802 Make unit tests pass again
svn:r15237
2008-06-13 23:24:11 +00:00
Roger Dingledine
6dee2bad83 note a bug that karsten found
svn:r15236
2008-06-13 23:05:48 +00:00
Roger Dingledine
5ded5b58a4 > why would it need an anonymized connection?
> ah.
> yes, i think you're right. i was thinking 3-hop, but i think it is 1-hop.


svn:r15235
2008-06-13 22:52:17 +00:00
Peter Palfrader
4ef606b8fc implement proposal 138: removing down routers from consensus
svn:r15230
2008-06-13 21:22:49 +00:00
Nick Mathewson
4630f0453d Explain how my emacs setup works in the HACKING file. Someone else may care too.
svn:r15228
2008-06-13 19:57:52 +00:00
Peter Palfrader
1f3dc9b22b Asking for a conditional consensus at .../consensus/<fingerprints> would crash
a dirserver if it did not already have a consensus.


svn:r15227
2008-06-13 18:58:58 +00:00
Roger Dingledine
52d3be06f1 steal some of the bootstrap phase strings from vidalia
svn:r15193
2008-06-13 06:23:46 +00:00
Nick Mathewson
bcde95509d Actually reinstate errors that did not work on windows, and add a comment about reading the documentation of the S_CASE and E_CASE macros before adding new cases to the switch statements there.
svn:r15179
2008-06-13 03:52:58 +00:00
Roger Dingledine
b50206a9d2 ignore some errnos in hopes of building on windows again
svn:r15178
2008-06-13 02:07:17 +00:00
Roger Dingledine
6bd006bdb8 you can't strcasecmp on 20-byte digests
what if they contain nuls?
(worse, what if they *don't* contain nuls? ;)


svn:r15149
2008-06-11 22:46:31 +00:00
Nick Mathewson
a886e86cbd r16171@tombo: nickm | 2008-06-11 13:47:41 -0400
Lower number of syscalls used to write data to ordinary sockets through use of writev.  Disabled till I have time to test it.


svn:r15133
2008-06-11 17:56:52 +00:00
Roger Dingledine
62b507fee0 forward-port r15129, but also note the real way we should fix it.
svn:r15130
2008-06-11 11:12:29 +00:00
Roger Dingledine
8c85eef9b0 start sending "bootstrap problem" status events when we're having troubles
reaching relays.


svn:r15116
2008-06-11 01:14:23 +00:00
Roger Dingledine
42f21007a3 consolidate all our edge/circ/orconn reason-to-foo-or-back functions
svn:r15115
2008-06-11 00:17:02 +00:00
Karsten Loesing
33f846b313 In very rare situations new hidden service descriptors were published earlier than 30 seconds after the last change to the service, with the 30 seconds being the current voodoo saying that a descriptor is stable.
svn:r15113
2008-06-10 23:31:55 +00:00
Roger Dingledine
15680ce8d2 some cleanups in preparation for moving stuff around
svn:r15112
2008-06-10 23:13:14 +00:00
Roger Dingledine
45cc25c019 minor fixes and notes
svn:r15111
2008-06-10 23:00:11 +00:00
Nick Mathewson
67a1658da5 Fix last geoip bugs.
svn:r15106
2008-06-10 20:11:59 +00:00
Nick Mathewson
16b62a01e4 a couple more geoip bugfixes
svn:r15105
2008-06-10 19:51:48 +00:00
Nick Mathewson
e3d1ad67f6 r16139@tombo: nickm | 2008-06-10 15:25:23 -0400
Small formatting fixes for geoip-stats file.


svn:r15104
2008-06-10 19:25:25 +00:00
Nick Mathewson
8d484b64e4 r16137@tombo: nickm | 2008-06-10 15:10:55 -0400
sign error


svn:r15103
2008-06-10 19:11:02 +00:00
Nick Mathewson
1ec5705445 r16133@tombo: nickm | 2008-06-10 15:06:43 -0400
Pointers do not make good ints.


svn:r15102
2008-06-10 19:06:48 +00:00
Nick Mathewson
8fa2e80257 r16132@tombo: nickm | 2008-06-10 14:39:19 -0400
Whitespace fix


svn:r15101
2008-06-10 19:06:46 +00:00
Nick Mathewson
b87a7760e0 r16129@tombo: nickm | 2008-06-10 14:28:06 -0400
More geoip tweaks.  Include in the file a rough estimator of our total share.


svn:r15099
2008-06-10 18:28:10 +00:00
Nick Mathewson
d0a4ad3a1c r16127@tombo: nickm | 2008-06-10 14:03:01 -0400
Improved code for counting clients by country: support recording by number of directory status requests in addition to number of IPs seen.


svn:r15097
2008-06-10 18:08:56 +00:00
Roger Dingledine
f4e12fa66d make the 'bootstrap problem' stuff quieter while i'm messing with it
svn:r15094
2008-06-09 22:15:08 +00:00
Nick Mathewson
55975452b4 r16121@tombo: nickm | 2008-06-09 16:14:39 -0400
fix compile with warnings on osx 10.5: double+int apparently gives a 64-bit value on some gccs


svn:r15093
2008-06-09 20:52:59 +00:00
Roger Dingledine
baa3cea213 Start noticing and reporting bootstrapping failures too. It looks like
we never bothered learning why OR conns fail, so next step is to add some
infrastructure for that.


svn:r15091
2008-06-09 18:32:43 +00:00
Peter Palfrader
dba6d8c55a also count number of downloads, not just the bytes
svn:r15090
2008-06-09 17:07:53 +00:00
Roger Dingledine
ac795353c4 fix a bug where we were never reporting the
"Finishing handshake with entry guard" bootstrap phase


svn:r15087
2008-06-09 07:01:52 +00:00
Roger Dingledine
6aeb79af06 report partial bootstrapping progress as we fetch descriptors
svn:r15083
2008-06-09 06:33:29 +00:00
Roger Dingledine
eafb07ec96 extra points if you make it compile. boy, i'm on a roll.
svn:r15077
2008-06-09 05:17:52 +00:00
Roger Dingledine
3b730c7556 whoops -- the other half of r15074
svn:r15076
2008-06-09 05:16:47 +00:00
Roger Dingledine
1ca2ead8c4 when we haven't had any application requests lately, don't bother
logging when we have expired a bunch of descriptors.


svn:r15074
2008-06-09 05:13:33 +00:00
Roger Dingledine
3bb5d3ba6d include tags in the bootstrap status events. also document the
bootstrapping process and how the phases break down.


svn:r15020
2008-06-08 02:53:32 +00:00
Roger Dingledine
00fcd66218 actually start sending the bootstrap status event, so matt
can start playing with it on his side.


svn:r15009
2008-06-07 09:26:41 +00:00
Roger Dingledine
5aeb89447e infrastructure for the 'bootstrap status event' feature, so we can
tell the controller how we're doing at bootstrapping, and it can
tell the user.


svn:r15008
2008-06-07 05:27:34 +00:00
Roger Dingledine
56658956a1 minor comment cleanup and xxx
svn:r15006
2008-06-07 05:01:22 +00:00
Roger Dingledine
b4d697688e revert r14970, since it didn't fix anything.
leave r14971 in place though.


svn:r15005
2008-06-07 05:00:06 +00:00
Roger Dingledine
ebab48769d Stop reloading the router list from disk for no reason when we
run out of reachable directory mirrors. Once upon a time reloading
it would set the 'is_running' flag back to 1 for them. It hasn't
done that for a long time.


svn:r15004
2008-06-07 04:56:08 +00:00
Roger Dingledine
ce64ca48b8 make some log entries more accurate
svn:r14998
2008-06-06 22:31:36 +00:00
Roger Dingledine
b65b89d50f make sure, when we're checking if we have enough dir info, that
we actually have the descriptor listed in the consensus, not just
any descriptor, for each relay.

don't backport this patch (yet); who knows what it might do.


svn:r14971
2008-06-05 11:37:40 +00:00
Roger Dingledine
ca416a78e3 When we switched to using v3 directories, we threw away the part of
the "do we have enough directory info?" calculation that checked
how many relays we believed to still be running based on our own
experience. So if we went offline, we never gave up trying to make
new circuits; worse, when we came back online we didn't recognize
that we should give all the relays another chance. Bugfix on
0.2.0.9-alpha; fixes bugs 648 and 675.


svn:r14970
2008-06-05 10:57:09 +00:00
Roger Dingledine
6782682ac6 changing v2 network status doesn't require us to recompute
anything about whether enough v3 dir info is here.


svn:r14969
2008-06-05 09:01:18 +00:00
Roger Dingledine
2c84c10196 remove some networkstatus consensus warnings for unnamed / invalid
relays. they weren't very specific, and were confusing people before
we reduced their log severity. now nobody even knows they exist.


svn:r14968
2008-06-05 08:20:23 +00:00
Nick Mathewson
fa0989fd67 Make unit tests pass again: new geoip behavior had freaked out.
svn:r14949
2008-06-04 18:38:37 +00:00
Roger Dingledine
b8bde32c3a forward-port r14934
svn:r14936
2008-06-04 09:02:25 +00:00
Roger Dingledine
c6b3cf4b96 documentation bug
svn:r14935
2008-06-04 08:59:14 +00:00
Roger Dingledine
00405468aa forward-port r14930
svn:r14931
2008-06-04 07:41:22 +00:00
Roger Dingledine
f3d679d4cc blind-forward-port that, while i'm at it
svn:r14929
2008-06-04 07:08:05 +00:00
Peter Palfrader
01c1a355c2 Also add create/create fast/extends to the dir-usage stats.
svn:r14900
2008-06-02 15:09:35 +00:00
Peter Palfrader
cfb1f554e2 Make note_request() accessible from outside of directory.c
svn:r14899
2008-06-02 15:09:29 +00:00
Peter Palfrader
716558a6a1 Instrument all downloads that pass through connection_dir_client_reached_eof()
svn:r14897
2008-06-02 15:09:19 +00:00
Nick Mathewson
3a469018e5 Fix warning when compiling with dmalloc.
svn:r14829
2008-05-29 14:37:56 +00:00
Nick Mathewson
ac330d9ba7 New code to implement proposal for local geoip stats. Only enabled with --enable-geoip-stats passed to configure.
svn:r14802
2008-05-29 02:29:35 +00:00
Nick Mathewson
a335b94c8f On win32, default to looking for the geoip file in the same directory as torrc. This is a dumb hack; it should turn into a general mechanism.
svn:r14796
2008-05-29 01:22:30 +00:00
Nick Mathewson
6bfa96bfc7 Fix bug noted by roger: rebuild extrainfo store from time to time, even if we have never actually downloaded an extrainfo. Bridge authorities need this, or they never clean the extrainfo store.
svn:r14792
2008-05-29 00:44:57 +00:00
Roger Dingledine
277dce9ecf document the handle-comments-in-geoip file
svn:r14785
2008-05-28 21:10:46 +00:00
Nick Mathewson
6641152514 Fix some warnings.
svn:r14781
2008-05-28 18:34:10 +00:00
Nick Mathewson
bd3b86df3b Several geoip changes/fixes as requested.
svn:r14780
2008-05-28 18:31:57 +00:00
Roger Dingledine
7f61dafe8d include the geoip file in the tarball, and load it by default
when tor starts.
this breaks rpms and maybe other packages.


svn:r14764
2008-05-28 04:37:34 +00:00
Nick Mathewson
4ea2a4595e Fix the first part of bug 681, as suggested by Robert Hogan on or-talk.
svn:r14754
2008-05-27 21:02:36 +00:00
Nick Mathewson
9975c4f6f8 Fix part of bug 681: always reattach tunneled directory connections, regardless of the setting for LeaveStreamsUnattached
svn:r14750
2008-05-27 20:26:40 +00:00
Nick Mathewson
09cd8fa371 r19795@catbus: nickm | 2008-05-16 14:54:24 -0400
Rename tor_addr_t manipulation functions for a consistent style.


svn:r14639
2008-05-16 19:19:49 +00:00
Nick Mathewson
0b6b356f71 r19725@catbus: nickm | 2008-05-13 08:47:18 -0400
Forward-port: update authority keys affected by Debian OpenSSL bug (See CVE-2008-0166 or http://lists.debian.org/debian-security-announce/2008/msg00152.html )


svn:r14603
2008-05-13 12:47:27 +00:00
Nick Mathewson
e1ef199cf6 r19714@catbus: nickm | 2008-05-12 17:11:47 -0400
Fwdport Bugfix: an authority signature is "unrecognized" if we lack a dirserver entry for it, even if we have an older cached certificate that says it is recognized.  This affects clients who remove entries from their dirserver list without clearing their certificate cache.


svn:r14597
2008-05-12 21:12:21 +00:00
Nick Mathewson
42dc560b1a r19705@catbus: nickm | 2008-05-12 11:40:15 -0400
Actually load the legacy key, not just the authority key twice.


svn:r14594
2008-05-12 15:40:36 +00:00
Nick Mathewson
08ba3355bc r19694@catbus: nickm | 2008-05-12 00:21:37 -0400
Add unit tests for last patch; make it more testable; fix a bug or two.


svn:r14586
2008-05-12 04:22:01 +00:00
Nick Mathewson
f3f6ecef48 r19690@catbus: nickm | 2008-05-11 22:13:31 -0400
Implement a proposal to let a directory authority migrate its identity key without ceasing to sign consensuses.


svn:r14584
2008-05-12 02:14:01 +00:00
Roger Dingledine
755cbe5d44 cosmetic patch by Bernhard M. Wiedemann, so our comments follow
the socks5 protocol better


svn:r14552
2008-05-04 09:36:48 +00:00
Nick Mathewson
6d5a9c81b0 r19496@catbus: nickm | 2008-05-02 19:10:29 -0400
Even compile errors need closing quotes.


svn:r14533
2008-05-02 23:11:43 +00:00
Roger Dingledine
5ad9dc2244 apply patch from lodger to simplify code a bit
svn:r14474
2008-04-25 18:42:42 +00:00
Peter Palfrader
4fa1c69c44 Only using v3 authorities and using the proper digest works better
svn:r14455
2008-04-24 21:29:47 +00:00
Peter Palfrader
c3c7e7114e Actually, do not use conditional consensus downloads until the authorities have upgraded
svn:r14453
2008-04-24 15:51:53 +00:00
Peter Palfrader
ca43044600 I bet I screwed up while merging in the changes from the feature branch into my git-svn repository. Undo r14451
svn:r14452
2008-04-24 15:43:25 +00:00
Peter Palfrader
016e67f941 Merge conditional consensus downloading
svn:r14451
2008-04-24 15:39:14 +00:00
Peter Palfrader
eaad3ab395 Spec compliance: sort id fingerprints in consensus get requests
svn:r14450
2008-04-24 15:39:10 +00:00
Peter Palfrader
901ee58c53 Enable conditional consensus downloading starting with 0.2.1.1-alpha servers
svn:r14449
2008-04-24 15:39:08 +00:00
Peter Palfrader
9d181ec106 Fix doxygen comments to not use <> for metavars since they have to be valid HTML
svn:r14447
2008-04-24 15:39:01 +00:00
Peter Palfrader
788404dacf and the client part of the consensus-by-authority-fpr proposal (ifdef'ed out)
svn:r14446
2008-04-24 15:38:57 +00:00
Peter Palfrader
006b5762d3 Implement the server part of the consensus-by-authority-fpr proposal
svn:r14445
2008-04-24 15:38:54 +00:00
Roger Dingledine
d5be900986 forward-port the severity fixes
svn:r14442
2008-04-24 05:32:55 +00:00
Nick Mathewson
d02d6660a8 r15308@tombo: nickm | 2008-04-23 16:46:48 -0400
Free baddir and badexit policy lists on exit.  fixes bug 672. only affects authorities.


svn:r14431
2008-04-23 20:47:53 +00:00
Nick Mathewson
05b184de01 r15304@tombo: nickm | 2008-04-23 16:31:40 -0400
Forward-port: I had apparently broken OSX and Freebsd by not initializing threading before we initialize the logging system.  This patch should do so, and fix bug 671.


svn:r14430
2008-04-23 20:32:31 +00:00
Roger Dingledine
5dc8062afa what, we went from v4 to v6?
svn:r14428
2008-04-23 18:37:24 +00:00
Roger Dingledine
a1366be7ee forward-port r14421
svn:r14424
2008-04-23 00:31:20 +00:00
Nick Mathewson
41929c2684 r15287@tombo: nickm | 2008-04-22 17:09:25 -0400
Periodically launch requests for server/authority.z when it might help us learn our IP.  Fix for bug 652.


svn:r14418
2008-04-22 21:10:41 +00:00
Roger Dingledine
d72b256f4f When we choose to abandon a new entry guard because we think our
older ones might be better, close any circuits pending on that
new entry guard connection. Bugfix on 0.1.2.8-beta; found by lodger.


svn:r14417
2008-04-22 18:38:25 +00:00
Nick Mathewson
bc95a4dbcb r15283@tombo: nickm | 2008-04-22 13:43:45 -0400
Correctly notify one-hop connections when a circuit build has failed. possible fix for bug 669. found by lodger.


svn:r14415
2008-04-22 17:44:28 +00:00
Nick Mathewson
21592ad429 r15278@tombo: nickm | 2008-04-22 13:17:37 -0400
Apply patch from mwenge to fix bug 646: makes stream events for dns requests get generated more consistently.


svn:r14413
2008-04-22 17:21:12 +00:00
Nick Mathewson
e623d9baff r15277@tombo: nickm | 2008-04-22 13:14:18 -0400
Note a place to refactor.


svn:r14412
2008-04-22 17:21:09 +00:00
Nick Mathewson
ef9c34688c r15273@tombo: nickm | 2008-04-22 12:32:28 -0400
apply patch from lodger: reject requests for reverse-dns lookup of names in private address space.  make non-exits reject all dns requests.  Fixes bug 619.


svn:r14410
2008-04-22 16:32:55 +00:00
Nick Mathewson
6e979489dc r15269@tombo: nickm | 2008-04-22 12:23:30 -0400
Fix bug 663: warn less verbosely about clock skew from netinfo cells


svn:r14408
2008-04-22 16:23:47 +00:00
Peter Palfrader
0cbecbe050 Fix a pair of comments
svn:r14405
2008-04-22 15:20:46 +00:00
Nick Mathewson
1b9c06ab96 r15230@tombo: nickm | 2008-04-17 16:18:08 -0400
Do not allocate excess space for named_flag and unnamed_flag in dirvote.c.  Fixes bug 662.  Not a dangerous bug: sizeof(int*) is at least as big as sizeof(int) everywhere.


svn:r14391
2008-04-17 20:23:13 +00:00
Roger Dingledine
5e299b5e01 minor fixes that have been accumulating
svn:r14378
2008-04-16 00:12:44 +00:00
Roger Dingledine
2b4ff1718f forward-port r14375 and try to make it less likely to happen again
svn:r14377
2008-04-16 00:10:39 +00:00
Roger Dingledine
20f927c2dd forward-port r14373
svn:r14374
2008-04-15 23:06:31 +00:00
Nick Mathewson
b927ede48c r15161@31-33-107: nickm | 2008-04-10 11:11:58 -0400
Make dumpstats() log the size and fullness of openssl-internal buffers, so I can test my hypothesis that many of them are empty, and my alternative hypothesis that many of them are mostly empty, against the null hypothesis that we really need to be burning 32K per open OR connection on this.


svn:r14350
2008-04-10 15:12:24 +00:00
Nick Mathewson
4901ee0a8c r19273@catbus: nickm | 2008-04-09 14:44:23 -0400
Do a slightly better fix for r14329: don't call time() quite so much.  Also note the time(NULL) hack we wanted to do in the TODO.


svn:r14334
2008-04-09 18:44:50 +00:00
Nick Mathewson
186df044cd r19262@catbus: nickm | 2008-04-09 14:05:20 -0400
When writing relay cells to a buffer, update timestamp_last_added_nonpadding.  Bugfix on 0.2.0.1-alpha. Backport candidate.


svn:r14329
2008-04-09 18:05:47 +00:00
Nick Mathewson
31153d6374 r19243@catbus: nickm | 2008-04-08 13:28:59 -0400
Use a freelist to hold a few recent memarea chunks.  We do a kazillion memarea allocs and frees; that cant be good for us.


svn:r14319
2008-04-08 17:29:05 +00:00
Nick Mathewson
a627407fcb r19233@catbus: nickm | 2008-04-08 13:06:34 -0400
When we remove old routers, use Bloom filters rather than a digestmap-based set in order to tell which ones we absolutely need to keep.  This will save us roughly a kazillion little short-lived allocations for hash table entries.


svn:r14318
2008-04-08 17:06:41 +00:00
Nick Mathewson
0c9efd6a1e r19231@catbus: nickm | 2008-04-07 12:45:58 -0400
Update last_listed_as_valid_until for new routers based on v2 networkstatus as well as consensus networkstatus.


svn:r14317
2008-04-08 17:06:38 +00:00
Nick Mathewson
2d68487e7f r19229@catbus: nickm | 2008-04-07 12:28:22 -0400
Add a new SMARTLIST_FOREACH_JOIN macro to iterate through two sorted lists in lockstep.  This happens at least 3 times in the code so far, and is likely to happen more in the future.  Previous attempts to do so proved touchy, tricky, and error-prone: now, we only need to get it right in one place.


svn:r14309
2008-04-07 16:28:34 +00:00
Nick Mathewson
85db675911 r19202@catbus: nickm | 2008-04-04 17:18:47 -0400
Make last_served_at optional; make last_listed_as_valid_until take account (partially) of v2 statuses.


svn:r14299
2008-04-04 21:18:56 +00:00
Nick Mathewson
68407e6a9c r19199@catbus: nickm | 2008-04-03 15:01:05 -0400
Fix bug 641 and 650, I think.


svn:r14297
2008-04-03 19:01:16 +00:00
Roger Dingledine
1ac11591d2 a potential fix for bug 641.
svn:r14281
2008-04-02 20:48:36 +00:00
Roger Dingledine
39c402c29f when add_file_log() fails, tell us why.
svn:r14277
2008-04-01 21:05:31 +00:00
Nick Mathewson
d43a9d9440 r19152@catbus: nickm | 2008-03-30 23:20:11 -0400
Make unit tests pass again after Link protocol list change.


svn:r14254
2008-03-31 03:20:55 +00:00
Nick Mathewson
006530f037 r19140@catbus: nickm | 2008-03-30 14:13:36 -0400
Note in our router descriptors that we actually support link protocol version 2, now that it seems to work.


svn:r14246
2008-03-30 18:14:55 +00:00
Nick Mathewson
72ca7e5d88 r19138@catbus: nickm | 2008-03-30 11:59:26 -0400
oops; fix bug in descriptor metric logic.


svn:r14245
2008-03-30 15:59:32 +00:00
Nick Mathewson
e19d96637d r19118@catbus: nickm | 2008-03-29 00:27:08 -0400
Code (disabled) to get way too much info about the contents of old_routers on USR1.


svn:r14230
2008-03-29 04:27:34 +00:00
Nick Mathewson
e89bf1c573 r19109@catbus: nickm | 2008-03-27 16:05:18 -0400
Replace a syntax error and a log message that was never emitted with a simple assert.  Asserts are fun and easy.


svn:r14224
2008-03-27 20:05:44 +00:00
Peter Palfrader
9d132fbde6 Add --hush switch.
New --hush command-line option similar to --quiet.  While --quiet disables all
logging to the console on startup, --hush limits the output to messages of
warning and error severity.


svn:r14222
2008-03-27 17:25:49 +00:00
Nick Mathewson
968ad93b0a r19093@catbus: nickm | 2008-03-27 12:43:58 -0400
Only log a notice that dmalloc has been set up if it fails.  Actually, since we have not added a temp log yet, I am not sure this ever does anything.


svn:r14216
2008-03-27 16:46:39 +00:00
Nick Mathewson
4e6b6e3ad7 r19092@catbus: nickm | 2008-03-27 12:43:29 -0400
Stop supporting anything besides CMD_RUN_TOR in ntmain.c. Based on patch from Sebastian Hahn.


svn:r14215
2008-03-27 16:46:36 +00:00
Nick Mathewson
12b217bce8 r19091@catbus: nickm | 2008-03-27 12:42:57 -0400
Stop reading torrc when all we want to do is --hash-password.  Fix based on patch from Sebastian Hahn. Backport candidate.


svn:r14214
2008-03-27 16:46:34 +00:00
Nick Mathewson
02acee891c r19089@catbus: nickm | 2008-03-27 11:05:23 -0400
Free some static hashtables and the log mutex on exit. Backport candidate.


svn:r14212
2008-03-27 15:05:28 +00:00
Nick Mathewson
fa15ed4b7b r19079@catbus: nickm | 2008-03-26 17:16:46 -0400
Free authority certs on exit.  Backport candidate.


svn:r14205
2008-03-26 21:16:56 +00:00
Nick Mathewson
944bd3dbed r19074@catbus: nickm | 2008-03-26 17:08:32 -0400
Start new address policies with refcount of 1, not 2.  Backport candidate once tested more.


svn:r14204
2008-03-26 21:08:39 +00:00
Nick Mathewson
e8cc756c13 r19072@catbus: nickm | 2008-03-26 13:50:24 -0400
Add code to debug memory area size.  Use results of this code to set a couple of area sizes more sanely.


svn:r14201
2008-03-26 17:50:27 +00:00
Nick Mathewson
745f3c859a r19066@catbus: nickm | 2008-03-26 13:24:15 -0400
Initialize logging before we log anything.  Bugfix on 0.2.0.x-alpha.


svn:r14199
2008-03-26 17:25:16 +00:00
Nick Mathewson
762d82cf74 r19062@catbus: nickm | 2008-03-26 12:56:25 -0400
Fix whitespace


svn:r14197
2008-03-26 16:56:37 +00:00
Nick Mathewson
3af9e099f7 r19061@catbus: nickm | 2008-03-26 12:53:18 -0400
Now that every thing in routerparse.c is switched over to use memareas, there is no need to keep the heap-allocated token code.


svn:r14196
2008-03-26 16:56:34 +00:00
Nick Mathewson
6edab8569a r19060@catbus: nickm | 2008-03-26 12:44:19 -0400
Make v2 hidden service descriptors use the new area allocation logic.  This works for me, but Karsten should definitely have a look at it.


svn:r14195
2008-03-26 16:56:31 +00:00
Nick Mathewson
e4ebe3409e r19049@catbus: nickm | 2008-03-26 12:33:25 -0400
Add new stacklike, free-all-at-once memory allocation strategy.  Use it when parsing directory information.  This helps parsing speed, and may well help fragmentation some too.  hidden-service-related stuff still uses the old tokenizing strategies.


svn:r14194
2008-03-26 16:33:33 +00:00
Nick Mathewson
df6b256bc0 r19041@catbus: nickm | 2008-03-25 16:20:42 -0400
More unit tests to improve coverage.


svn:r14185
2008-03-25 20:20:45 +00:00
Nick Mathewson
41deb5cd7b r19039@catbus: nickm | 2008-03-25 12:15:58 -0400
Add some unit tests, particularly for AES counter mode.


svn:r14180
2008-03-25 16:16:05 +00:00
Roger Dingledine
9047361007 Mar 24 08:43:30.014 [debug] circuit_find_to_cannibalize(): Hunting for
a circ to cannibalize: purpose 5, uptime 0, capacity 4, internal 0


svn:r14166
2008-03-24 18:43:01 +00:00
Roger Dingledine
13174b8f97 fix r14162 so it was what i meant. sometimes precedence is surprising!
svn:r14164
2008-03-24 07:24:09 +00:00
Roger Dingledine
a9acdb8f53 when our onehop circuits were failing, nobody was telling the
streams. so they waited 120 seconds before timing out. this
was particularly bad during bootstrapping, if an authority is
down or not answering right.


svn:r14163
2008-03-24 05:48:51 +00:00
Roger Dingledine
c26c77d24d If our create-fast cell is mysteriously never answered for a begindir
attempt, notice more quickly. Some of our bootstrapping attempts have a 60
second delay while we sit there wondering why we're getting no response.


svn:r14162
2008-03-24 03:50:21 +00:00
Roger Dingledine
52b267b987 make it build, too
svn:r14151
2008-03-21 21:59:57 +00:00
Nick Mathewson
b5b77f8bf3 r19004@catbus: nickm | 2008-03-21 15:18:43 -0400
Use RAND_poll() again: the bug that made us stop using it has been fixed.


svn:r14150
2008-03-21 19:18:57 +00:00
Roger Dingledine
7ed6406ce9 forward-port 14113-r14115
svn:r14116
2008-03-18 23:12:41 +00:00
Nick Mathewson
e96d22e914 r18941@catbus: nickm | 2008-03-18 14:59:43 -0400
Likely fix for bug 632: do not call start_reading on a placeholder connection.


svn:r14109
2008-03-18 19:00:12 +00:00
Nick Mathewson
a62a24036d r18937@catbus: nickm | 2008-03-18 14:50:39 -0400
Fix the other lingering part of bug 617: make ClientDNSRejectInternalAddresses actually work.


svn:r14107
2008-03-18 18:51:34 +00:00
Nick Mathewson
ba915e4211 r18913@catbus: nickm | 2008-03-18 10:30:39 -0400
16, not 64.


svn:r14094
2008-03-18 14:30:46 +00:00
Roger Dingledine
31d185a23b point out another bug for nick. and if it's *not* a bug, that's
stunning and i want to know why. :)


svn:r14088
2008-03-18 03:08:48 +00:00
Roger Dingledine
2117abbe3f forward-port the 0.2.0.22-rc changelog entry, plus remove
some duplicate items.


svn:r14086
2008-03-18 02:39:34 +00:00
Nick Mathewson
fe1b2a4ed4 r18900@catbus: nickm | 2008-03-17 18:32:25 -0400
Fix tests and routerdesc behavior on trunk.


svn:r14084
2008-03-17 22:32:28 +00:00
Nick Mathewson
e17e6371d1 r18896@catbus: nickm | 2008-03-17 16:10:54 -0400
Fix bug in earlier bugfix.  Note stupidness of allowing NULL policies at all.  Disallow empty exit policies in router descriptors.


svn:r14082
2008-03-17 20:10:57 +00:00
Nick Mathewson
80ec9e51dd r18891@catbus: nickm | 2008-03-17 13:20:20 -0400
Patch from Sebastian Hahn: give an error message on "error replacing old router store."


svn:r14080
2008-03-17 17:21:12 +00:00
Nick Mathewson
9a24158c69 r18880@catbus: nickm | 2008-03-17 12:51:24 -0400
Fix policy-related crash bug found by lodger.


svn:r14077
2008-03-17 16:51:48 +00:00
Nick Mathewson
296289de82 r18873@catbus: nickm | 2008-03-17 00:06:31 -0400
oops.  guard status logging change had a bug.  it is non-obvious how to make the code perfect atm; just make it work.


svn:r14070
2008-03-17 04:07:56 +00:00
Nick Mathewson
e6b617bf05 r18872@catbus: nickm | 2008-03-16 23:56:48 -0400
Only dump all guard node status to the log when the guard node status actually changes.  Downgrade the 4 most common remaining INFO log messages to DEBUG.


svn:r14069
2008-03-17 04:07:51 +00:00
Nick Mathewson
c59f66709d r18862@catbus: nickm | 2008-03-16 23:33:11 -0400
Part of fix for bug 617: allow connection_ap_handshake_attach_circuit() to mark connections, to avoid double-mark warnings.  Note that this is an incomplete refactoring.


svn:r14066
2008-03-17 03:37:54 +00:00
Nick Mathewson
bd547e3cfc r18861@catbus: nickm | 2008-03-16 23:22:56 -0400
Fix a couple of bugs in setting control log callback severity.


svn:r14065
2008-03-17 03:37:52 +00:00
Nick Mathewson
46155aca17 r18804@catbus: nickm | 2008-03-13 18:18:31 -0400
Refactor log domain mask code so that nobody outside of log.c has to use SEVERITY_MASK_IDX.  It is error-prone.


svn:r14016
2008-03-13 22:18:38 +00:00
Peter Palfrader
925ba96508 downgrade get_interface_address6 logging severity to LOG_DEBUG.
get_interface_address6() fails regardless of the allocator used,
wever logging to the original severity of 0 causes an assert
error only with the bsd allocator.  weird.


svn:r14005
2008-03-13 16:15:16 +00:00
Nick Mathewson
365f16b199 r18787@catbus: nickm | 2008-03-13 11:11:52 -0400
Make set-option functions return sensible error codes from an enum, not mysterious negative integers


svn:r14004
2008-03-13 15:11:56 +00:00
Peter Palfrader
24884bb3ed Use proper log levels with get_interface_address6() calls so we do not die in an assert error because of invalid log levels. Should a failure here fail our test suite?
svn:r14003
2008-03-13 15:10:35 +00:00
Nick Mathewson
11e464c331 r18753@catbus: nickm | 2008-03-11 14:56:39 -0400
Make some assert()s into tor_assert()s.  Make some tor_assert()s called from logging into assert()s, and document why.


svn:r13977
2008-03-11 18:56:41 +00:00
Nick Mathewson
4b65ea0ec0 r18730@catbus: nickm | 2008-03-11 00:47:04 -0400
Forward-port: Fix the SVK version detection logic to work right on a branch: tolerate multiple "copied from" tags and only look at the first.


svn:r13959
2008-03-11 04:47:07 +00:00
Nick Mathewson
8b24e01599 r18723@catbus: nickm | 2008-03-11 00:25:30 -0400
Fix bug spotted by mwenge: a server_event should not be a sever_event.  Also, fix compile errors in config.c and control.c with --enable-gcc-warnings.


svn:r13957
2008-03-11 04:30:14 +00:00
Peter Palfrader
2704a2e129 And appease the whitespace nazis among us
svn:r13950
2008-03-10 12:43:47 +00:00
Peter Palfrader
79f1ee8a2d Implement LOADCONF control command
The LOADCONF control command allows posting a config file to Tor
over the control interface.  This config file is then loaded as if
it had been read from disk.  Sending a HUP signal to Tor will make
it try to load its old config from disk again, thereby forgetting
the config loaded with this command.


svn:r13948
2008-03-10 12:41:52 +00:00
Peter Palfrader
bc4095c70c different exit codes for options_init_from_string()
Change options_init_from_string() so that it returns different exit codes in the
error case, depending on what went wrong.  Also push the responsibility to log
the error to the caller.


svn:r13947
2008-03-10 12:41:49 +00:00
Peter Palfrader
8c71d7ea16 options_init_from_torrc(): split off options_init_from_string()
svn:r13946
2008-03-10 12:41:44 +00:00
Peter Palfrader
947fd064a3 Store options we got from commandline seperately from bare argv/argc
svn:r13945
2008-03-10 12:41:40 +00:00
Peter Palfrader
00d64fd213 options_init_from_torrc(): move code that loads torrc into its own function
move code that loads torrc from disk and sets torrc_fname into its own function


svn:r13944
2008-03-10 12:41:36 +00:00
Peter Palfrader
ded55fa296 options_init_from_torrc(): tread non-existing torrc like empty torrc.
Tread the case of a non-existing conffile, when allowed, exactly like the one
with an empty torrc.


svn:r13943
2008-03-10 12:41:33 +00:00
Peter Palfrader
e8f4d79ec1 options_init_from_torrc(): move code that looks for torrc into its own function
Part of options_init_from_torrc()'s job was looking for -f flags (to specify
an alternate config file) on the command line, complaining if more than one
is given or the given does not exist.  If none is given then use the compiled-in
default location, accepting if it does not exist.  This logic has been moved
into its own function in an attemped to make options_init_from_torrc() easier
to deal with.


svn:r13942
2008-03-10 12:41:29 +00:00
Peter Palfrader
4118e319c7 options_init_from_torrc(): Split argv processing into two parts
Split the argv processing loop into two poarts, one that deals with
figuring out which conffile to use, and the other that figures out
which "command" (hash fingerprint, verify config, list fpr, run tor)
the user asked for.

There is a third part further down that imports command line args
into the config but that is not touched.


svn:r13941
2008-03-10 12:41:26 +00:00
Peter Palfrader
8987bd2fd9 If we decrement incoming_cmd's length when receiving the ending CRLF "." CRLF for a multi-line control command, also truncate the string by nul-terminating it in the correct place.
svn:r13939
2008-03-10 12:13:43 +00:00
Roger Dingledine
0df1564298 forward-port recent changes
svn:r13935
2008-03-10 07:50:09 +00:00
Nick Mathewson
7587e16796 r18639@catbus: nickm | 2008-03-07 20:11:48 -0500
Change semantics of add-a-log functions to copy severity setup: that is way less error-prone.  Fix up config.c to act accordingly.


svn:r13888
2008-03-08 01:11:54 +00:00
Nick Mathewson
f56ba5f3d6 r18630@catbus: nickm | 2008-03-05 17:31:33 -0500
Implement domain-selection for logging.  Source is documented; needs documentation in manpage (maybe).  For now, see doxygen comment on parse_log_severity_config in log.c


svn:r13875
2008-03-05 22:31:39 +00:00
Peter Palfrader
9e7b4400dc minor cleanup
in options_act() we set running_tor to options->command == CMD_RUN_TOR
once and used that in all but one place.  Now we use running_tor in that
place also.


svn:r13819
2008-03-03 12:48:13 +00:00
Roger Dingledine
5bf0a01011 forward-port r13799 and the 0.2.0.21-rc changelog
svn:r13808
2008-03-02 22:29:04 +00:00
Roger Dingledine
cf3e1b1309 we should consider dumping the v1 directory stuff from 0.2.1.x.
perhaps we would even replace the v1 directory with a static
page saying 'this is a tor server, let me tell you what that is'.


svn:r13797
2008-03-01 17:47:41 +00:00
Roger Dingledine
c5a7ff8e43 forward-port r13777
svn:r13778
2008-02-29 01:45:06 +00:00
Nick Mathewson
eefe2a3562 r18462@catbus: nickm | 2008-02-27 14:15:57 -0500
Add better warnings for the error that produced bug 614, and downgrade from a tor_assert() to a tor_fragile_assert().


svn:r13752
2008-02-27 19:19:34 +00:00
Nick Mathewson
d14f8f2547 r14516@tombo: nickm | 2008-02-27 03:10:26 -0500
Write some unit tests for a few functions and cases that needed them.


svn:r13751
2008-02-27 08:10:28 +00:00
Roger Dingledine
e7f3d6f76c fix most of pnx's warnings on irix64
svn:r13706
2008-02-24 23:39:53 +00:00
Nick Mathewson
3452486ac6 r14422@tombo: nickm | 2008-02-24 17:09:56 -0500
Whitespace fixes


svn:r13700
2008-02-24 22:11:18 +00:00
Nick Mathewson
ee8dce3084 r14421@tombo: nickm | 2008-02-24 17:05:18 -0500
Patch from mwenge: always willingly serve our own extrainfo from the controlport


svn:r13699
2008-02-24 22:11:12 +00:00
Nick Mathewson
dde81de3dd r14419@tombo: nickm | 2008-02-24 16:55:11 -0500
Patch from tup: use sizeof sockaddr_un as the size of a unix sockaddr.  Fixes unix controlsocket binding on openbsd.


svn:r13697
2008-02-24 22:11:00 +00:00
Nick Mathewson
e0de72dd87 r14410@tombo: nickm | 2008-02-23 16:51:46 -0500
Fix the last of the -Wshorten-64-to-32 warnings.


svn:r13696
2008-02-24 22:10:08 +00:00
Roger Dingledine
31f72a3d80 Servers that don't know their own IP address should go to the
authorities for their first directory fetch, even if their DirPort
is off or if they don't know they're reachable yet. This will help
them bootstrap better. Bugfix on 0.2.0.18-alpha; fixes bug 609.


svn:r13688
2008-02-23 23:39:16 +00:00
Roger Dingledine
cd4b95e402 Make "HashedControlPassword" an alias for "__HashedControlSessionPassword"
if it appears on the commandline. should help with bug 586.


svn:r13683
2008-02-22 23:20:28 +00:00
Nick Mathewson
7589765ae9 r14401@tombo: nickm | 2008-02-22 15:33:42 -0500
Fix a really stupid parthensis error noticed by mwenge.


svn:r13681
2008-02-22 20:33:47 +00:00
Nick Mathewson
e7db789e82 r14399@tombo: nickm | 2008-02-22 14:09:38 -0500
More 64-to-32 fixes. Partial backport candidate. still not done.


svn:r13680
2008-02-22 19:09:45 +00:00
Roger Dingledine
5ec5a747d7 Quiet the "Exitrouter '%s' seems to be more restrictive than its exit
policy. Not using this router as exit for now." message, since it
legitimately appears every so often and there's no need to alarm users.


svn:r13677
2008-02-22 14:31:40 +00:00
Nick Mathewson
e68760ac0f r14388@tombo: nickm | 2008-02-21 22:44:28 -0500
More 64-to-32 fixes.


svn:r13672
2008-02-22 03:44:36 +00:00
Nick Mathewson
69300eb606 r14374@tombo: nickm | 2008-02-21 16:57:39 -0500
Fix all remaining shorten-64-to-32 errors in src/common.  Some were genuine problems.  Many were compatibility errors with libraries (openssl, zlib) that like predate size_t.  Partial backport candidate.


svn:r13665
2008-02-21 21:57:47 +00:00
Roger Dingledine
1cd90948ab maybe appease the overflow detectors more
svn:r13663
2008-02-21 21:56:04 +00:00
Nick Mathewson
daefbfe691 r14371@tombo: nickm | 2008-02-21 16:13:18 -0500
Fix all -Wshorten-64-to-32 warnings that appear on my macbook.


svn:r13662
2008-02-21 21:15:31 +00:00
Nick Mathewson
5c03f82a65 r18345@catbus: nickm | 2008-02-21 13:45:04 -0500
Do the last part of arma's fix for bug 437: Track the origin of every addrmap, and use this info so we can remove all the trackhostexits-originated mappings for a given exit.


svn:r13660
2008-02-21 18:45:11 +00:00
Nick Mathewson
0ba2bfeef6 r14363@31-33-219: nickm | 2008-02-21 11:11:33 -0500
Answer the next-to-last XXX020rc item.


svn:r13658
2008-02-21 16:12:01 +00:00
Nick Mathewson
e2f25558b9 r14362@31-33-219: nickm | 2008-02-21 11:01:10 -0500
Change some of our log messages related to closed TLS connections in order to better reflect reality.


svn:r13657
2008-02-21 16:11:58 +00:00
Nick Mathewson
e18ee2a2ab r14357@31-33-219: nickm | 2008-02-21 10:39:11 -0500
Fix bug-handling code for unhandled write errors, so that it does not try to flush any data on the failed connection. Bugfix on 0.1.2.x.


svn:r13655
2008-02-21 15:39:26 +00:00
Nick Mathewson
41eca067a1 r14356@31-33-219: nickm | 2008-02-21 10:38:26 -0500
Defer a couple of XXX020rc items, based on recommendation from arma.


svn:r13654
2008-02-21 15:39:24 +00:00
Nick Mathewson
8b1789c71f r18336@catbus: nickm | 2008-02-21 09:33:15 -0500
Patch from Sebastian Hahn: remove obsolete timeval manipulation functions.


svn:r13653
2008-02-21 14:33:20 +00:00
Roger Dingledine
b3c0d066e5 other cleanups that have been sitting in my sandbox
svn:r13649
2008-02-21 09:01:32 +00:00
Roger Dingledine
a60f7caa54 start allowing clients to give up on trackhostexits targets if
five circuit attempts fail for a given stream. part of the fix
for bug 437. still an XXX020rc remaining.


svn:r13648
2008-02-21 09:00:54 +00:00
Roger Dingledine
18a209ffe6 Even though the man page said that "TrackHostExits ." should
work, nobody had ever implemented it. Bugfix on 0.1.0.x.


svn:r13647
2008-02-21 08:08:13 +00:00
Roger Dingledine
828c707812 Change the behavior of "getinfo status/good-server-descriptor"
so it doesn't return failure when any authority disappears.


svn:r13645
2008-02-21 06:06:45 +00:00
Roger Dingledine
b28a342e35 resolve one more, and leave two for nick.
svn:r13644
2008-02-21 05:53:50 +00:00
Roger Dingledine
1812a22a60 If we're trying to flush the last bytes on a connection (for
example, when answering a directory request), reset the  
time-to-give-up timeout every time we manage to write something
on the socket. Bugfix on 0.1.2.x.


svn:r13643
2008-02-21 05:51:09 +00:00
Roger Dingledine
8889229407 and another useful answer
svn:r13642
2008-02-21 05:42:12 +00:00
Roger Dingledine
0ddc9d5707 answer one of nick's XXX020rc's usefully
svn:r13641
2008-02-21 05:38:19 +00:00
Nick Mathewson
063ced8903 r18296@catbus: nickm | 2008-02-20 23:30:11 -0500
Answer one xxx020 item; move 7 other ones to a new "XXX020rc" category: they should get fixed before we cut a release candidate. arma: please review these to see whether you have fixes/answers for any. Please check out the other 14 XXX020s to see if any look critical for the release candidate.


svn:r13640
2008-02-21 04:30:14 +00:00
Nick Mathewson
47e6247673 r18294@catbus: nickm | 2008-02-20 22:42:44 -0500
Fix a spelling error and clean up a recent veracode-induced integer overflow check.  Both spotted by Chris Palmer.


svn:r13639
2008-02-21 03:42:56 +00:00
Nick Mathewson
1df0647c66 r18291@catbus: nickm | 2008-02-20 22:35:32 -0500
Resolve all DOCDOC issues, and document some other undocumented code, and fix a changelog entry.


svn:r13638
2008-02-21 03:38:46 +00:00
Nick Mathewson
ae507a61cc r18288@catbus: nickm | 2008-02-20 21:18:38 -0500
Recover from bad tracked-since value in mtbf history file.  This may finally close bug 537.


svn:r13636
2008-02-21 02:18:41 +00:00
Nick Mathewson
0e9dcfab97 r18286@catbus: nickm | 2008-02-20 21:10:33 -0500
Fix a bug that kept buf_find_string_offset from finding a string at the very end of the buffer.  Add a unit test for this. Also, do not save a pointer to a chunk that might get reallocated by buf_pullup().


svn:r13635
2008-02-21 02:10:38 +00:00
Nick Mathewson
3b58f9929f r18283@catbus: nickm | 2008-02-20 18:58:31 -0500
Fix assertion when searching for a string in an empty chunk.


svn:r13634
2008-02-20 23:58:48 +00:00
Nick Mathewson
304bdfdc6b r18279@catbus: nickm | 2008-02-20 18:38:48 -0500
Log message to try to detect error in buffers.c


svn:r13633
2008-02-20 23:38:57 +00:00
Nick Mathewson
8b8d38162b r18278@catbus: nickm | 2008-02-20 18:29:07 -0500
Unit tests for buf_find_string_offset()


svn:r13632
2008-02-20 23:38:55 +00:00
Nick Mathewson
f0e523c6ef r18272@catbus: nickm | 2008-02-20 18:20:33 -0500
add a flag to suppress overwriting the certificates file with new certificates, so we do not overwrite all certs when starting as an authority.


svn:r13630
2008-02-20 23:20:36 +00:00
Nick Mathewson
93aa335516 r18269@catbus: nickm | 2008-02-20 17:28:24 -0500
Apply patch from Sebastian Hahn: stop imposing an arbitrary maximum on the number of file descriptors used for busy servers.  Bug reported by Olaf Selke.


svn:r13626
2008-02-20 22:28:26 +00:00
Nick Mathewson
384a8ab777 r18267@catbus: nickm | 2008-02-20 16:57:45 -0500
Suppress signed/unsigned comparison warnings in buffers.c


svn:r13624
2008-02-20 21:57:48 +00:00
Nick Mathewson
7521ef9a00 r18264@catbus: nickm | 2008-02-20 12:48:21 -0500
fix bufs in buf_pos_t implementation.


svn:r13623
2008-02-20 17:48:39 +00:00
Nick Mathewson
5dd9d16b94 r18263@catbus: nickm | 2008-02-20 12:45:15 -0500
Oops. not supposed to use tor_assert() in eventdns.c


svn:r13622
2008-02-20 17:48:37 +00:00
Nick Mathewson
dc949b846a r18259@catbus: nickm | 2008-02-20 12:03:15 -0500
Make the last of the veracode warning issues get fixed.


svn:r13620
2008-02-20 17:03:16 +00:00
Nick Mathewson
cefe0a1959 r18255@catbus: nickm | 2008-02-20 11:44:55 -0500
Add asserts and refactor some comparisons in order to fix some veracode-identified issues. Note a bug in buffers.c


svn:r13618
2008-02-20 16:57:39 +00:00
Roger Dingledine
1c8bd320be pass bucket sizes num_read and num_written around as size_ts
rather than ints


svn:r13610
2008-02-20 02:17:41 +00:00
Roger Dingledine
f2ed011813 We were comparing the raw BridgePassword entry with a base64'ed
version of it, when handling a "/tor/networkstatus-bridges"
directory request. Now compare correctly. Noticed by Veracode.


svn:r13609
2008-02-20 02:05:28 +00:00
Roger Dingledine
f34d46e7dd similarly, don't throw around an int for the uint8_t circ->state
svn:r13608
2008-02-20 01:01:09 +00:00
Roger Dingledine
7427cf5d56 don't throw around an int for relay_command if we're going to
squeeze it into a uint8_t later. also reported by veracode.


svn:r13607
2008-02-20 00:57:37 +00:00
Roger Dingledine
0977c29196 notice an integer overflow if we ever get source files with more
than 65k lines in them. also pointed out by veracode.


svn:r13606
2008-02-20 00:46:09 +00:00
Roger Dingledine
e9474ed28e if you thought r13604 was a kludge, how about this.
svn:r13605
2008-02-20 00:30:41 +00:00
Roger Dingledine
56a7c9238e be more clear about a possible integer underflow problem. this
should probably be fixed better somehow.


svn:r13604
2008-02-20 00:11:52 +00:00
Roger Dingledine
e0beb6cc5e check return value for crypto_pk_asn1_encode here too. thanks veracode.
svn:r13603
2008-02-19 23:59:16 +00:00
Nick Mathewson
260c37c14c r18236@catbus: nickm | 2008-02-19 18:55:21 -0500
Explain why I am right and veracode is wrong in routerparse.c line 1141.  Using math!


svn:r13602
2008-02-19 23:57:06 +00:00
Roger Dingledine
913f66278c rearrange our assert so we don't possibly overflow rh.length before
triggering the assert. reported by veracode.


svn:r13601
2008-02-19 23:54:17 +00:00
Nick Mathewson
0399538b90 r18233@catbus: nickm | 2008-02-19 18:46:07 -0500
Count sockets returned from socketpair() too.  This is probably not the socket counting bug.


svn:r13600
2008-02-19 23:46:08 +00:00
Roger Dingledine
707da4f73f start checking the return value of crypto_pk_asn1_encode() while
we're trying to establish an introduction point. bug reported
by veracode.


svn:r13599
2008-02-19 23:33:02 +00:00
Nick Mathewson
42c4670e27 r18230@catbus: nickm | 2008-02-19 18:29:43 -0500
Add a few asserts to catch possible errors found by veracode.


svn:r13598
2008-02-19 23:29:45 +00:00
Roger Dingledine
319c0d8933 is_reverse in our struct is uint8_t. don't make it be an int
elsewhere. bug reported by veracode.


svn:r13597
2008-02-19 23:14:34 +00:00
Nick Mathewson
dbcf29d301 r18228@catbus: nickm | 2008-02-19 18:05:53 -0500
Chris Palmer notes that almost nobody is using smartlist_set_capacity().  Chris Palmer is right.  Remove this basically pointless function.


svn:r13596
2008-02-19 23:05:56 +00:00
Nick Mathewson
9479dd3768 r18226@catbus: nickm | 2008-02-19 18:01:01 -0500
Brown-paper-bag time.  We were failing to count all the sockets from accept().


svn:r13595
2008-02-19 23:01:07 +00:00
Roger Dingledine
d1a195d3cb call a "number of characters" a size_t, not an int
svn:r13594
2008-02-19 22:52:50 +00:00
Roger Dingledine
c126b79f07 be more explicit about a harmless thing that freaked veracode out
svn:r13592
2008-02-19 22:32:32 +00:00
Nick Mathewson
4ccffd7aea r18218@catbus: nickm | 2008-02-19 17:27:40 -0500
When SafeLogging is off, have TLS errors and messages logged with their associated addresses.


svn:r13591
2008-02-19 22:27:44 +00:00
Roger Dingledine
810bfe970c make explicit that we don't care if a rename() call fails.
potential bug reported by veracode.


svn:r13590
2008-02-19 22:25:20 +00:00
Roger Dingledine
23e4c849c9 resolve another edge case in staying dormant
svn:r13586
2008-02-19 22:01:45 +00:00
Roger Dingledine
da7f0315e6 maybe it should compile too.
svn:r13585
2008-02-19 21:41:43 +00:00
Roger Dingledine
d964beac16 If we only ever used Tor for hidden service lookups or posts, we
would stop building circuits and start refusing connections after
24 hours, since we false believed that Tor was dormant. Reported
by nwf; bugfix on 0.1.2.x.


svn:r13583
2008-02-19 21:30:24 +00:00
Roger Dingledine
33c754315b clear up another connlimit lie
svn:r13582
2008-02-19 21:08:27 +00:00
Nick Mathewson
b98c437fcc r18195@catbus: nickm | 2008-02-19 14:11:15 -0500
TOR_PERF has not not been a sane thing for ages. Remove it.


svn:r13579
2008-02-19 19:30:37 +00:00
Roger Dingledine
be8a85dc1c document that if you enable TOR_PERF, you won't be compatible with the
main Tor network.


svn:r13577
2008-02-19 18:54:44 +00:00
Nick Mathewson
8c6b5d6640 r14246@tombo: nickm | 2008-02-17 19:33:02 -0500
Fix a wide line in control.c; make the check-spaces target ignore the openbsd malloc file.


svn:r13566
2008-02-19 05:08:27 +00:00
Nick Mathewson
3277e2a8ca r18142@catbus: nickm | 2008-02-18 14:24:31 -0500
Our preferred spelling for a bitfield is "unsigned int", not "unsigned" or "uint8_t".


svn:r13560
2008-02-18 19:24:33 +00:00
Nick Mathewson
08f7842384 r18139@catbus: nickm | 2008-02-18 13:14:05 -0500
Clarify logic in trusted_dirs_load_certs_from_string(); avoid a maybe-impossible maybe-not double-free spotted by lodger.


svn:r13558
2008-02-18 18:14:34 +00:00
Nick Mathewson
9e9b447b87 r14243@tombo: nickm | 2008-02-17 14:51:26 -0500
Better debugging to track down bug 606.  Also remove a break; that may have been the possible culprit


svn:r13547
2008-02-17 19:51:33 +00:00
Nick Mathewson
faa56a500b r14236@tombo: nickm | 2008-02-17 13:44:55 -0500
Partial fix for bug 586: Add an ephemeral __HashedControlSessionPassword.


svn:r13543
2008-02-17 18:45:07 +00:00
Roger Dingledine
4c1e516a09 cleanups and changelog entry for r13540
svn:r13542
2008-02-17 16:52:24 +00:00
Roger Dingledine
bd959adcb7 patch from karsten:
Resolved problems with (re-)fetching hidden service descriptors.
Before, v0 descriptors were not fetched at all (fix on 0.2.0.18-alpha),
re-fetching of v2 descriptors did not stop when a v0 descriptor was
received (fix on 0.2.0.18-alpha), and re-fetching of v2 descriptors did
not work in all cases (fix on 0.2.0.19-alpha).


svn:r13540
2008-02-17 16:47:47 +00:00
Nick Mathewson
6366dcd8ee r14186@tombo: nickm | 2008-02-15 18:38:52 -0500
Add an XXXX021 item so we eventually stop calling setuid() and setgid() unnecessarily.


svn:r13533
2008-02-15 23:39:17 +00:00
Nick Mathewson
24e8e1fb36 r14185@tombo: nickm | 2008-02-15 18:05:54 -0500
Replace the hefty tor_strpartition with a simple function to replace its only (trivial) use.


svn:r13532
2008-02-15 23:39:14 +00:00
Nick Mathewson
f5ed1f8469 r14183@tombo: nickm | 2008-02-15 17:37:53 -0500
Add initial unit tests for test_addr_compare_masked


svn:r13531
2008-02-15 23:39:10 +00:00
Nick Mathewson
ca4eb987c8 r14182@tombo: nickm | 2008-02-15 17:20:51 -0500
Defer, downgrade, or address more XXX020s.  The remaining ones are all ones we should deal with before release.


svn:r13530
2008-02-15 23:39:08 +00:00
Nick Mathewson
418c2e1b6b r14181@tombo: nickm | 2008-02-15 16:48:17 -0500
Fix all but 2 DOCDOC items; defer many XXX020s (particularly those where fixing them would fix no bugs at the risk of introducing some bugs).


svn:r13529
2008-02-15 23:39:04 +00:00
Nick Mathewson
ff64e78b20 r14170@tombo: nickm | 2008-02-15 11:50:38 -0500
Fix or downgrade a bunch of xxx020 items.


svn:r13527
2008-02-15 19:20:53 +00:00
Nick Mathewson
275bb57a77 r18068@catbus: nickm | 2008-02-13 11:33:19 -0500
Patch from karsten: make hidden service code respect SafeLogging.


svn:r13493
2008-02-13 16:34:00 +00:00
Nick Mathewson
d48f6425e5 r18066@catbus: nickm | 2008-02-13 11:22:19 -0500
Bugfix from Karsten: "Reversed r13439; v2 rendezvous descriptors were only re-fetched when a directory connection did not finish, not when a directory correctly replied with an error code like 404; bug found by nwf.


svn:r13492
2008-02-13 16:23:28 +00:00
Nick Mathewson
7ae3f6a491 r18056@catbus: nickm | 2008-02-12 17:21:10 -0500
Add roger's responses from IRC to some XXX020 items.


svn:r13487
2008-02-12 22:21:20 +00:00
Roger Dingledine
3abafccd0e Start choosing which bridge to use proportional to its advertised
bandwidth, rather than uniformly at random. This should speed up Tor
for bridge users. Also do this for people who set StrictEntryNodes.


svn:r13486
2008-02-12 22:02:47 +00:00
Nick Mathewson
f3eaeb99a3 r18051@catbus: nickm | 2008-02-12 15:20:43 -0500
Re-tune mempool parametes based on testing on peacetime: use smaller chuncks, free them a little more aggressively, and try very hard to concentrate allocations on fuller chunks.  Also, lots of new documentation.


svn:r13484
2008-02-12 20:20:52 +00:00
Nick Mathewson
aace52320c r18041@catbus: nickm | 2008-02-11 23:43:18 -0500
Make version negotiation and handshaking messages more useful and accurate.


svn:r13477
2008-02-12 04:43:25 +00:00
Nick Mathewson
8682293388 r18029@catbus: nickm | 2008-02-11 12:36:39 -0500
Fix command.c compilation with gcc 4.2 warnings enabled.


svn:r13475
2008-02-12 04:37:00 +00:00
Roger Dingledine
a89e523f19 note a simplification for the future
svn:r13466
2008-02-11 06:34:10 +00:00
Roger Dingledine
28483467d0 Directory mirrors no longer include a guess at the client's IP
address if the connection appears to be coming from the same /24
network; it was producing too many wrong guesses.


svn:r13464
2008-02-11 05:31:56 +00:00
Nick Mathewson
65ee9dc585 r14108@tombo: nickm | 2008-02-10 20:09:10 -0500
add some documentation


svn:r13462
2008-02-11 01:09:24 +00:00
Nick Mathewson
ab0c85eea6 r14103@tombo: nickm | 2008-02-10 13:40:09 -0500
Fix some XXX020s in command.c, and make it not-allowed to negotiate v1 using the v2 connection protocol: it is too hard to test, and pointless to support.


svn:r13460
2008-02-10 18:40:29 +00:00
Nick Mathewson
b5c03f05d8 r14102@tombo: nickm | 2008-02-10 13:30:04 -0500
Remove some deadcode.


svn:r13459
2008-02-10 18:40:27 +00:00
Nick Mathewson
a4db22f675 r14101@tombo: nickm | 2008-02-10 13:24:27 -0500
Merge connection_or_act_on_netinfo into command.c; remove some fields from or_handshake_state().


svn:r13458
2008-02-10 18:40:23 +00:00
Roger Dingledine
5a0f214908 patch from tup to fix bug 605
svn:r13453
2008-02-09 22:52:29 +00:00
Roger Dingledine
d2528e6b48 "fix" the unit tests on openbsd/netbsd
svn:r13450
2008-02-09 21:41:49 +00:00
Roger Dingledine
965afb4970 cleanups on r13442.
oh, and this should be backported too.


svn:r13444
2008-02-09 10:46:22 +00:00
Roger Dingledine
b42c9d69f0 Patch from "Andrew S. Lists" to catch when we contact a directory mirror
at IP address X and he says we look like we're coming from IP address X.


svn:r13442
2008-02-09 10:36:49 +00:00
Roger Dingledine
509d2912dc doxygen and other cleanups
svn:r13440
2008-02-09 03:11:10 +00:00
Nick Mathewson
be1e577d5e Re-fetch v2 rendezvous descriptor only when first try failed. Patch from karsten.
svn:r13439
2008-02-09 02:51:20 +00:00
Roger Dingledine
1f034cc5c7 note a question for nick
svn:r13437
2008-02-09 02:34:00 +00:00
Nick Mathewson
8f7fcdd64e r17991@catbus: nickm | 2008-02-08 18:41:26 -0500
More protocol negotiation work. Make the negotiation actually complete and set the state to open.  Fix a crash bug that occured when we forcibly stopped the connection from writing.


svn:r13434
2008-02-08 23:41:29 +00:00
Nick Mathewson
272d37deb3 r17989@catbus: nickm | 2008-02-08 18:09:23 -0500
Fix a new segfault when poisoning a non-present socks request.


svn:r13433
2008-02-08 23:09:26 +00:00
Nick Mathewson
a378bb5f5a r17985@catbus: nickm | 2008-02-08 16:30:02 -0500
Bugfix from Karsten Loesing: Retry v2 rend descriptors on intro point failure.


svn:r13431
2008-02-08 21:30:07 +00:00
Nick Mathewson
141a5877f3 r14063@tombo: nickm | 2008-02-08 15:48:32 -0500
Add a bunch more code documentation; change the interface of fetch_var_cell_from_buf() so it takes the current link protocol into account and can't get confused by weird command bytes on v1 connections.


svn:r13430
2008-02-08 21:13:15 +00:00
Nick Mathewson
de827f89df r14062@tombo: nickm | 2008-02-08 15:17:07 -0500
Change DNs in x509 certificates to be harder to fingerprint.  Raise common code.  Refactor random hostname generation into crypto.c


svn:r13429
2008-02-08 21:13:12 +00:00
Nick Mathewson
809227a121 r14061@tombo: nickm | 2008-02-08 14:30:42 -0500
Add a couple of (currently disabled) strategies for trying to avoid using too much ram in memory pools: prefer putting new cells in almost-full chunks, and be willing to free the last empty chunk if we have not needed it for a while.  Also add better output to mp_pool_log_status to track how many mallocs a given memory pool strategy is saving us, so we can tune the mempool parameters.


svn:r13428
2008-02-08 21:13:08 +00:00
Nick Mathewson
5d250d3e1b r14060@tombo: nickm | 2008-02-08 13:36:52 -0500
Fix warning in onion.c


svn:r13427
2008-02-08 21:13:05 +00:00
Nick Mathewson
8ab4b0d302 r14059@tombo: nickm | 2008-02-08 13:36:34 -0500
downgrade xxxs in test.c


svn:r13426
2008-02-08 21:13:02 +00:00
Nick Mathewson
23a9c9695b r17968@catbus: nickm | 2008-02-07 14:11:02 -0500
Clean up IPv6-testing code in test.c; resolve a bunch of XXX020s.


svn:r13425
2008-02-08 21:09:35 +00:00
Nick Mathewson
729555e1ca r17967@catbus: nickm | 2008-02-07 11:44:51 -0500
Fix some warnings identified by building with -D_FORTIFY_SOURCE=2.  Remove a redundant (and nuts) definition of _FORTIFY_SOURCE from eventdns.c.


svn:r13424
2008-02-08 21:09:29 +00:00
Nick Mathewson
eecc44dab8 r17963@catbus: nickm | 2008-02-07 10:14:25 -0500
Be more thorough about memory poisoning and clearing.  Add an in-place version of aes_crypt in order to remove a memcpy from relay_crypt_one_payload.


svn:r13414
2008-02-07 16:10:33 +00:00
Nick Mathewson
842a33ff20 Update some copyright notices: it is now 2008.
svn:r13412
2008-02-07 05:31:47 +00:00
Nick Mathewson
46b1a21dc4 r17955@catbus: nickm | 2008-02-06 16:53:07 -0500
The SSL portion of the revised handshake now seems to work: I just finally got a client and a server to negotiate versions.  Now to make sure certificate verification is really happening, connections are getting opened, etc.


svn:r13409
2008-02-06 21:53:13 +00:00
Nick Mathewson
4d70094b6e r17951@catbus: nickm | 2008-02-06 14:34:13 -0500
Add more documentation; change the behavior of read_to_buf_tls to be more consistent.  Note a longstanding problem with current read/write interfaces.


svn:r13407
2008-02-06 19:34:32 +00:00
Nick Mathewson
6e2946fb5d r17949@catbus: nickm | 2008-02-06 13:21:12 -0500
Fix bandwidth bucked calculations again, I think. Bugfix on 0.1.2.x. Backport candidate.


svn:r13406
2008-02-06 18:21:16 +00:00
Nick Mathewson
a869574c56 r17947@catbus: nickm | 2008-02-06 11:57:53 -0500
Fix a bunch of DOCDOC items; document the --quiet flag; refactor a couple of XXXX020 items.


svn:r13405
2008-02-06 16:58:05 +00:00
Roger Dingledine
f76cdc1a61 misc small fixes
svn:r13403
2008-02-06 12:46:46 +00:00
Roger Dingledine
c054f90f02 New config option ServerDNSAllowBrokenResolvConf to start a relay
even when the local resolv.conf file is missing, broken, or contains
only unusable nameservers.

Now I can run a local network on my laptop when I'm on an airplane.


svn:r13402
2008-02-06 12:46:17 +00:00
Roger Dingledine
bbcf406d9f If the networkstatus consensus lists no recommended versions, don't
complain to the user and demand that they upgrade to one of "".


svn:r13401
2008-02-06 12:45:04 +00:00
Roger Dingledine
e49d712b8a if i'm a v3 authority, tell myself about my cert when i startup.
otherwise i'll keep asking other authorities for it, which probably
isn't the best way to get it. this made bootstrapping a new network
very hard.


svn:r13400
2008-02-06 12:39:25 +00:00
Roger Dingledine
55971c71b6 if we have a networkstatus concensus but only 0 or 1 descriptors,
don't declare that we're ready to build circuits yet. we're not.


svn:r13399
2008-02-06 12:37:25 +00:00
Roger Dingledine
d1aafdc519 don't fetch or cache running-routers files if there are no v1
authorities


svn:r13398
2008-02-06 12:36:04 +00:00
Nick Mathewson
ec6c131da6 r17936@catbus: nickm | 2008-02-06 00:31:11 -0500
Fix/downgrade some more XXX020s.


svn:r13397
2008-02-06 05:31:21 +00:00
Nick Mathewson
368f62c79d r17933@catbus: nickm | 2008-02-05 19:54:28 -0500
Stamp out a bunch of atoi users; make more tor_parse_long() users check their outputs.


svn:r13395
2008-02-06 00:54:47 +00:00
Nick Mathewson
12071df6c8 r17930@catbus: nickm | 2008-02-05 18:20:40 -0500
Initial attempts to track down bug 600, and refactor possibly offending code.  1) complain early if circuit state is set to OPEN when an onionskin is pending.  2) refactor onionskin field into one only used when n_conn is pending, and a separate onionskin field waiting for attention by a cpuworker.  This might even fix the bug.  More likely, it will make it fail with a more useful core.


svn:r13394
2008-02-05 23:20:49 +00:00
Nick Mathewson
ff9bd0fd3a r17929@catbus: nickm | 2008-02-05 17:10:26 -0500
Fix or downgrade a few XXX020 items.


svn:r13393
2008-02-05 23:20:44 +00:00
Nick Mathewson
9c7eaa7a9d r17918@catbus: nickm | 2008-02-05 16:39:17 -0500
Remove a few #if-0d items.


svn:r13392
2008-02-05 21:39:56 +00:00
Nick Mathewson
7dc70c2405 r17917@catbus: nickm | 2008-02-05 16:38:15 -0500
Oops; fix compilation of control.c


svn:r13391
2008-02-05 21:39:51 +00:00
Nick Mathewson
fac2cd3b03 r17916@catbus: nickm | 2008-02-05 16:29:35 -0500
Fix some XXX020 items in control.c: add a maximum line length and note that the number of versioning authorities is no longer apparent to clients.


svn:r13390
2008-02-05 21:39:49 +00:00
Nick Mathewson
cf6fe27616 r17915@catbus: nickm | 2008-02-05 16:28:57 -0500
Remove a dead function.


svn:r13389
2008-02-05 21:39:46 +00:00
Nick Mathewson
92aaf68d19 r17914@catbus: nickm | 2008-02-05 16:12:16 -0500
Remove or downgrade some XXX020 items.


svn:r13388
2008-02-05 21:39:44 +00:00
Nick Mathewson
c11c48fc78 r17913@catbus: nickm | 2008-02-05 16:11:33 -0500
Correctly register failures in connection_add() in dnsserv_launch_request()


svn:r13387
2008-02-05 21:39:40 +00:00
Nick Mathewson
83e740fa91 r17911@catbus: nickm | 2008-02-05 15:53:22 -0500
Fix a potential bug that would make authorities fail to vote under bizarre circumstances that probably never happened.


svn:r13385
2008-02-05 21:39:36 +00:00
Nick Mathewson
e09c207c3c r17910@catbus: nickm | 2008-02-05 15:36:29 -0500
Check for correctness of AuthDir* options in options_validate; check for possible bugs where options_validate() is happy but parse_policies_from_options() is sad.


svn:r13384
2008-02-05 21:39:32 +00:00
Nick Mathewson
c8a689c9e8 r17909@catbus: nickm | 2008-02-05 14:48:22 -0500
As planned, rename networkstatus_vote_t to networkstatus_t, now that v3 networkstatuses are working and standard and v2 networkstatuses are obsolete.


svn:r13383
2008-02-05 21:39:29 +00:00
Nick Mathewson
a51deb9a9c r17903@catbus: nickm | 2008-02-05 14:40:03 -0500
Remove some dead code; fix some XXX020s; turn some XXX020s into XXXX_IP6s (i.e., "needs to be fixed when we add ipv6 support").


svn:r13382
2008-02-05 19:40:26 +00:00
Nick Mathewson
2866c53eec r17900@catbus: nickm | 2008-02-05 14:14:54 -0500
I wonder what the emacs command is for "exchange words?"  I know that there _is_ one, because I apparently hit it by accident.


svn:r13381
2008-02-05 19:40:21 +00:00
Nick Mathewson
3958d7b16f r17898@catbus: nickm | 2008-02-05 14:01:35 -0500
Add (and use) a MAP_DEL_CURRENT macro to augment a non-const variant of MAP_FOREACH.


svn:r13379
2008-02-05 19:40:17 +00:00
Nick Mathewson
2502359a5b r17897@catbus: nickm | 2008-02-05 13:51:40 -0500
Whitespace cleanups


svn:r13378
2008-02-05 19:40:15 +00:00
Roger Dingledine
fdbefc8934 If we're a relay, avoid picking ourselves as an introduction point,
a rendezvous point, or as the final hop for internal circuits. Bug
reported by taranis and lodger. Bugfix on 0.1.2.x.


svn:r13372
2008-02-04 17:25:24 +00:00
Roger Dingledine
426a9bbde1 Don't trigger an assert if we start a directory authority with a
private IP address (like 127.0.0.1).


svn:r13371
2008-02-04 16:58:50 +00:00
Roger Dingledine
dad9f434e0 correct copyright statement
svn:r13370
2008-02-04 16:54:14 +00:00
Nick Mathewson
91bac90310 r17863@catbus: nickm | 2008-02-01 00:27:07 -0500
Bugfix from weasel: possible fix for 593: make connection_write_to_buf("") work when using zlib compression.


svn:r13347
2008-02-01 05:27:12 +00:00
Nick Mathewson
f013fb5e31 r17854@catbus: nickm | 2008-01-30 17:52:43 -0500
Periodically check whether we have an expired consensus networkstatus.  If we do, and we think we have enough directory info, then call router_dir_info_changed().  Fixes bug 401.  This bug was deferred from 0.1.2.x, but fixing it there is nontrivial.


svn:r13342
2008-01-30 22:52:46 +00:00
Nick Mathewson
1793aeafae r17852@catbus: nickm | 2008-01-30 17:23:36 -0500
Correctly insert connections into the identity->connection map when we connect to a bridge without having specified its key.  Fixes bug 574.


svn:r13341
2008-01-30 22:23:44 +00:00
Roger Dingledine
78633b3a03 suggest a better fix for bug 597
svn:r13340
2008-01-30 20:53:14 +00:00
Nick Mathewson
0b06546620 r17844@catbus: nickm | 2008-01-30 13:31:37 -0500
Fix bug 597: stop telling people to email Tor-ops.  Also give a better suggestion when some other identity has been assigned the nickname we are using.


svn:r13337
2008-01-30 18:32:30 +00:00
Roger Dingledine
6dfd2f531c Revert r13301 and part of r13304. I guess nick's svk messed up.
svn:r13305
2008-01-27 01:03:30 +00:00
Nick Mathewson
68cf666d04 Fix bug 571: associate certificates with keys, not dirservers, so that we can have certificates for dirservers we do not recognize.
svn:r13304
2008-01-26 23:18:30 +00:00
Nick Mathewson
ad07366da5 Fix compile with warnings enabled
svn:r13301
2008-01-26 22:03:13 +00:00
Roger Dingledine
42f90bdc14 "de" means to do something, and "in" means to undo it. right?
help prevent future versions of bug 593.


svn:r13288
2008-01-26 01:05:16 +00:00
Roger Dingledine
af4b735e9a move hidden-service stuff out of directory.c
svn:r13287
2008-01-26 00:42:13 +00:00
Roger Dingledine
aa25bf1405 a slightly better interface for hid_serv_get_responsible_directories()
svn:r13271
2008-01-25 07:22:42 +00:00
Roger Dingledine
5fcc79185f avoid calling smartlist_get(..., -1) if we have a consensus but no
hsdir nodes.


svn:r13270
2008-01-25 07:11:32 +00:00
Roger Dingledine
d72ccd95a8 clean out some proposal 114 stuff
svn:r13269
2008-01-25 06:47:46 +00:00
Roger Dingledine
1445e17a21 We were computing the wrong Content-Length: header for directory
responses that need to be compressed on the fly, causing clients
asking for those items to always fail. Bugfix on 0.2.0.x; fixes
bug 593.


svn:r13268
2008-01-25 01:45:06 +00:00
Roger Dingledine
649a63f435 don't pre-initialize some vars that we assign to right after
svn:r13267
2008-01-25 01:34:20 +00:00
Roger Dingledine
d262fff20d patch "15" from karsten: don't retry a v2 renddesc fetch
if we have a perfectly good v0 renddesc.


svn:r13265
2008-01-24 22:49:14 +00:00
Roger Dingledine
cbe9863422 patch "14a" from karsten: don't fail if we can't find
REND_NUMBER_OF_CONSECUTIVE_REPLICAS v2 hsdirs.


svn:r13263
2008-01-24 22:46:29 +00:00
Peter Palfrader
ab79f53206 Some log messages during dirvoting - maybe downgrade to debug if you want
svn:r13261
2008-01-24 20:00:37 +00:00
Roger Dingledine
aca8d8fc03 patch from karsten to make vote logs more useful
svn:r13260
2008-01-24 19:48:16 +00:00
Roger Dingledine
ba7a37cf94 shrink it even more. coding is fun!
svn:r13258
2008-01-24 07:33:28 +00:00
Roger Dingledine
317f9e6551 more shrinking; get rid of selectible_dirs smartlist that was
leaking on error cases


svn:r13257
2008-01-24 07:22:59 +00:00
Roger Dingledine
529263f8ab continue r13250 cleanup: remove some duplicate code
svn:r13256
2008-01-24 06:58:10 +00:00
Roger Dingledine
4637a61b3c more cleanup on r13250: no need to log in both places
svn:r13253
2008-01-24 05:15:50 +00:00
Roger Dingledine
c973eb5e23 start to clean up r13250: retry v2 renddesc fetches when we
fail to reach the dirserver too.


svn:r13251
2008-01-24 04:45:30 +00:00
Roger Dingledine
6b1374556e put in karsten's "patch 14". needs a lot of cleanup and a changelog.
svn:r13250
2008-01-24 03:28:50 +00:00
Roger Dingledine
980fcb1ca7 When we get a consensus that's been signed by more people than
we expect, don't log about it; it's not a big deal.


svn:r13249
2008-01-24 02:31:37 +00:00
Roger Dingledine
e67f23f897 weasel was worried there was a leak here. i don't think there
is. but i could be wrong.


svn:r13248
2008-01-24 01:14:50 +00:00
Peter Palfrader
12bd40931b Fix a warning
svn:r13243
2008-01-23 09:05:40 +00:00
Peter Palfrader
1d91c156fe Some people still think letters fall off the side of the code if they go farther than 80 chars
svn:r13242
2008-01-23 08:45:14 +00:00
Peter Palfrader
fc91704f78 Log where uploaded consensus signatures come from
svn:r13241
2008-01-23 08:38:05 +00:00
Roger Dingledine
9d1832dd5a Set up dannenberg (run by CCC) as the sixth v3 directory
authority.


svn:r13231
2008-01-22 22:38:38 +00:00
Roger Dingledine
a49f14d0d4 When we setconf ClientOnly to 1, close any current OR and Dir
listeners. Reported by mwenge.


svn:r13214
2008-01-21 21:21:19 +00:00
Roger Dingledine
b79850d574 Make "ClientOnly 1" config option disable directory ports too.
svn:r13213
2008-01-21 21:00:50 +00:00
Roger Dingledine
ff62154ba3 New config options WarnPlaintextPorts and RejectPlaintextPorts so
Tor can warn and/or refuse connections to ports commonly used with
vulnerable-plaintext protocols.

We still need to figure out some good defaults for them.


svn:r13198
2008-01-20 05:54:15 +00:00
Roger Dingledine
a1f2817307 minor cleanups
svn:r13190
2008-01-19 20:00:53 +00:00
Roger Dingledine
7dde7b02a2 try to grow a convention about where we put the time_to_foo and
FOO_INTERVAL declarations.


svn:r13177
2008-01-18 05:00:35 +00:00
Roger Dingledine
43dce232ad If we've gone 12 hours since our last bandwidth check, and we
estimate we have less than 50KB bandwidth capacity but we could
handle more, do another bandwidth test.


svn:r13176
2008-01-18 04:58:40 +00:00
Roger Dingledine
3d3663a123 Don't answer "/tor/networkstatus-bridges" directory requests if
the request isn't encrypted.


svn:r13175
2008-01-18 04:51:12 +00:00
Roger Dingledine
6228213647 minor typo
svn:r13174
2008-01-18 04:50:15 +00:00
Roger Dingledine
4682e5f924 when we're counting how many descriptors to not download, be a
little bit more accurate


svn:r13173
2008-01-18 04:47:03 +00:00
Roger Dingledine
06047bcec9 Avoid going directly to the directory authorities even if you're a
relay, if you haven't found yourself reachable yet or if you've
decided not to advertise your dirport yet. Addresses bug 556.


svn:r13172
2008-01-18 04:42:22 +00:00
Roger Dingledine
55e052b0a5 Assert error introduced in r11957:
Fix an assert if we post a general-purpose descriptor via the
control port but that descriptor isn't mentioned in our current
network consensus. Bug reported by Jon McLachlan; bugfix on
0.2.0.9-alpha.


svn:r13153
2008-01-17 05:25:21 +00:00
Nick Mathewson
4a3b7496f0 r17639@catbus: nickm | 2008-01-15 19:09:21 -0500
Fix some hard to trigger but nonetheless real memory leaks spotted by an anonymous contributor.  Needs review.  Partial backport candidate.


svn:r13147
2008-01-16 05:27:19 +00:00
Nick Mathewson
24aae484c9 r17624@catbus: nickm | 2008-01-15 00:42:01 -0500
Fixes to more anonymously-reported typos and logic errors.


svn:r13136
2008-01-15 05:57:19 +00:00
Nick Mathewson
a984011814 r17623@catbus: nickm | 2008-01-15 00:22:04 -0500
bulletproof option_get_canonical_name()


svn:r13135
2008-01-15 05:57:14 +00:00
Nick Mathewson
89dfec02d8 r17614@catbus: nickm | 2008-01-14 13:55:25 -0500
Add a missing "goto err" when parsing v2 ns docs


svn:r13133
2008-01-14 19:00:33 +00:00
Nick Mathewson
581ba51c5c r17612@catbus: nickm | 2008-01-14 13:46:04 -0500
Oops; fix compile


svn:r13131
2008-01-14 19:00:26 +00:00
Nick Mathewson
3b8f76aa51 r17611@catbus: nickm | 2008-01-14 13:44:16 -0500
add some missing checks for failing return values.


svn:r13130
2008-01-14 19:00:23 +00:00
Nick Mathewson
e49229caf8 r17610@catbus: nickm | 2008-01-14 13:20:49 -0500
Fix a bogus free() call on a base64 failure in router_append_dirobj_signature().


svn:r13129
2008-01-14 19:00:19 +00:00
Nick Mathewson
edf5e70784 r15891@tombo: nickm | 2008-01-12 19:20:24 -0500
Basic hacks to get TLS handshakes working: remove dead code; fix post-handshake logic; keep servers from writing while the client is supposed to be renegotiating.  This may work.  Needs testing.


svn:r13122
2008-01-13 00:20:47 +00:00
Nick Mathewson
ae6df065ed r15890@tombo: nickm | 2008-01-12 17:19:51 -0500
Add a --disable-buffer-freelists configure argument to build without buffer RAM chunk freelists, so we can benchmark the impact of this.


svn:r13121
2008-01-13 00:20:44 +00:00
Nick Mathewson
705b4670d3 r17580@catbus: nickm | 2008-01-11 20:40:30 -0500
Fix policies.c build on gcc 4.2 with warnings.


svn:r13112
2008-01-12 05:52:59 +00:00
Roger Dingledine
4e9a701d4b fix unit tests after r13092
svn:r13100
2008-01-10 23:11:13 +00:00
Nick Mathewson
b84955285a r17564@catbus: nickm | 2008-01-10 13:19:59 -0500
Fix bug in r13094: be sure to set the purpose and send_unencrypted fields correctly in our own routerinfo and extrainfo.


svn:r13098
2008-01-10 18:20:04 +00:00
Nick Mathewson
10d86f7615 r17558@catbus: nickm | 2008-01-10 13:07:41 -0500
If we do not serve v2 directory info, and our cached v2 networkstatus files are very old, remove them.  If the directory is old, remove that too.  (We already did this for obsolete routers files.)


svn:r13096
2008-01-10 18:08:42 +00:00
Roger Dingledine
2ac1e36248 minor cleanups
svn:r13095
2008-01-10 17:54:24 +00:00
Nick Mathewson
04263648c4 r17554@catbus: nickm | 2008-01-10 12:48:29 -0500
Do not send bridge descriptors over unencrypted connections.


svn:r13094
2008-01-10 17:48:40 +00:00
Nick Mathewson
29b0f51a73 r17553@catbus: nickm | 2008-01-10 12:18:27 -0500
Add connection_dir_is_encrypted() so that we can refrain from sending bridge descriptors over an unencrypted link.


svn:r13093
2008-01-10 17:48:36 +00:00
Nick Mathewson
59fdab43cd r17552@catbus: nickm | 2008-01-10 12:13:43 -0500
Make bridge geoip data get rounded up, not down.


svn:r13092
2008-01-10 17:48:32 +00:00
Nick Mathewson
ca5f670fab r17548@catbus: nickm | 2008-01-10 11:08:12 -0500
Make proposal-109 behavior optional.


svn:r13090
2008-01-10 16:08:47 +00:00
Roger Dingledine
a7eef34a03 Jan 08 19:55:01.865 [notice] Added -2 pending signatures while building consensus.
svn:r13080
2008-01-09 01:06:19 +00:00
Roger Dingledine
7d3bf1608b Set up gabelmoo (run by Karsten Loesing) as the fifth v3 directory
authority.


svn:r13079
2008-01-08 23:51:48 +00:00
Roger Dingledine
8609c825e9 our defensive programming plan hid a bug. switch to offensive programming.
svn:r13078
2008-01-08 23:35:03 +00:00
Roger Dingledine
50f4cd10ad don't rebuild the router store for all those times when we
fetch one descriptor and then we don't like it


svn:r13077
2008-01-08 23:31:25 +00:00
Roger Dingledine
58d88dfc7f make new v3 authorities that aren't in the DirServers list believe
in themselves again. bug experienced by karsten.


svn:r13076
2008-01-08 23:08:39 +00:00
Nick Mathewson
177d5102d5 r17503@catbus: nickm | 2008-01-07 14:15:30 -0500
Change set_current_consensus interface to take a flags variable.  Do not try to fetch certificates until after we have tried loading the fallback consensus.  Should fix bug 583.


svn:r13058
2008-01-07 19:15:34 +00:00
Nick Mathewson
a62ab48d30 r17500@catbus: nickm | 2008-01-07 13:54:51 -0500
More messing about with bug 557 issues: do not let bizarre settings for myfamily or contactinfo muck with generated router descriptors.


svn:r13057
2008-01-07 18:54:58 +00:00
Nick Mathewson
dd35fe59c4 r17499@catbus: nickm | 2008-01-07 13:39:46 -0500
Bugfix on fix for 557: Make values containing special characters work right with getconf, setconf, and saveconf.  Document this in control-spec.txt


svn:r13056
2008-01-07 18:54:55 +00:00
Nick Mathewson
a63eb68fe1 r17495@catbus: nickm | 2008-01-07 12:48:56 -0500
Consequence of fix for 539: when a client gets a 503 response with a nontrivial body, pretend it got a 200 response.  This lets clients use information erroneously sent to them by old buggy servers.


svn:r13054
2008-01-07 17:49:13 +00:00
Roger Dingledine
ea2280ada7 hack at networkstatus.c until we actually try to load our
fallback consensus. nick, can you take a closer look at this,
and add a changelog entry if it's a valid fix?


svn:r13050
2008-01-07 15:41:47 +00:00
Roger Dingledine
5a912aa1c8 cleanups on r13037
svn:r13045
2008-01-06 23:37:48 +00:00
Nick Mathewson
d73b791969 r17473@catbus: nickm | 2008-01-05 22:15:05 -0500
Add a reverse mapping from SSL to tor_tls_t*: we need this in order to do a couple of things the sensible way from inside callbacks.  Also, add a couple of missing cases in connection_or.c


svn:r13040
2008-01-06 03:16:11 +00:00
Roger Dingledine
5aa7ce2915 patch from karsten to complain less when a node loses
its hsdir status


svn:r13037
2008-01-06 01:54:09 +00:00
Nick Mathewson
17036de8b7 r17469@catbus: nickm | 2008-01-05 20:14:07 -0500
Fix bug 579: Count DNSPort and hidden services when checking whether Tor is going to do anything.  Change "no configured ports" from fatal to warning.


svn:r13036
2008-01-06 01:14:11 +00:00
Nick Mathewson
614dc52623 r17467@catbus: nickm | 2008-01-05 19:54:20 -0500
fix whitespace


svn:r13035
2008-01-06 00:54:22 +00:00
Nick Mathewson
58de695f90 r15787@tombo: nickm | 2008-01-02 01:59:07 -0500
Allow config values in quotes to contain special characters, with full C escape syntax.  With tests.  Addresses bug 557.


svn:r13021
2008-01-02 06:59:15 +00:00
Nick Mathewson
86f5180853 r15786@tombo: nickm | 2008-01-02 01:11:51 -0500
Push the strdups used for parsing configuration lines into parse_line_from_string().  This will make it easier to parse more complex value formats, which in turn will help fix bug 557


svn:r13020
2008-01-02 06:59:12 +00:00
Nick Mathewson
c0ec281565 r15784@tombo: nickm | 2008-01-02 00:38:06 -0500
Fix bug 575: protect the list of logs with a mutex.  I couldn't find any appreciable change in logging performance on osx, but ymmv. You can undef USE_LOG_MUTEX to see if stuff gets faster for you.


svn:r13019
2008-01-02 05:38:53 +00:00
Nick Mathewson
feb1c60e9d r15782@tombo: nickm | 2008-01-01 23:57:43 -0500
Bugfix for bug 569: do not try to download nonexistant certificates with signing key 000000000000000.


svn:r13018
2008-01-02 04:57:48 +00:00
Nick Mathewson
11fff225fa r15779@tombo: nickm | 2008-01-01 23:43:24 -0500
Use reference-counting to avoid allocating a zillion little addr_policy_t objects. (This is an old patch that had been sitting on my hard drive for a while.)


svn:r13017
2008-01-02 04:43:44 +00:00
Nick Mathewson
48d7adca8a r15768@tombo: nickm | 2007-12-31 16:12:09 -0500
Patch from Tup: make NS events work again.


svn:r13009
2007-12-31 21:12:16 +00:00
Nick Mathewson
46a27c2f93 r15750@tombo: nickm | 2007-12-29 19:12:51 -0500
Make HTTP-processing code in buffers.c faster: do not pull up 50K of text into the first chunk if the headers end earlier than that.


svn:r13006
2007-12-30 00:13:07 +00:00
Nick Mathewson
cd85eac0d3 r17433@catbus: nickm | 2007-12-29 12:35:57 -0500
Incomplete code to avoid doing needless pull-ups on HTTP.  Also, use memstr instead of strstr to find the content-length header.


svn:r13005
2007-12-29 17:36:03 +00:00
Nick Mathewson
f4f5dc4aca r15745@tombo: nickm | 2007-12-29 00:15:17 -0500
Try even harder not to allocate chunks bigger than MAX_CHUNK_ALLOC.


svn:r13003
2007-12-29 05:16:30 +00:00
Nick Mathewson
bd32982c77 r17426@catbus: nickm | 2007-12-28 21:12:29 -0500
Remove need for buf_pullup in fetch_line_from_buf().


svn:r13002
2007-12-29 02:33:42 +00:00
Nick Mathewson
d7f5a73173 r17410@catbus: nickm | 2007-12-27 09:20:27 -0500
Exciting new entries in buf_dump_freelist_sizes() to make sure our freelist sizes are reasonable.


svn:r12996
2007-12-27 14:20:30 +00:00
Nick Mathewson
1a2b6c2ae3 r17407@catbus: nickm | 2007-12-27 00:18:31 -0500
Fix windows compile error


svn:r12995
2007-12-27 05:18:36 +00:00
Nick Mathewson
119b4e1edf r17405@catbus: nickm | 2007-12-26 22:27:37 -0500
And clean up an assertion failure.


svn:r12993
2007-12-27 03:27:48 +00:00
Nick Mathewson
148e2e1c48 r17403@catbus: nickm | 2007-12-26 22:23:50 -0500
Apparently loops work better when you actually increment/decrement the loop variable.  Who knew?


svn:r12992
2007-12-27 03:23:57 +00:00
Nick Mathewson
1503021ee5 r15723@tombo: nickm | 2007-12-26 19:25:51 -0500
Actually trim freelists.


svn:r12991
2007-12-27 00:25:54 +00:00
Nick Mathewson
3a5bee150f r15721@tombo: nickm | 2007-12-26 17:07:10 -0500
Fix a nasty infinite loop in flush_buf[_tls].


svn:r12990
2007-12-26 22:07:14 +00:00
Nick Mathewson
27220fb395 r15719@tombo: nickm | 2007-12-26 14:02:12 -0500
More tweaks on 0-byte TLS writes.


svn:r12989
2007-12-26 19:02:15 +00:00
Nick Mathewson
80151b42df r15717@tombo: nickm | 2007-12-26 13:55:53 -0500
Oops.  flush_buf_tls can request more than the requested number of bytes.  When that happens, do not let the size_t sz wrap around.


svn:r12988
2007-12-26 18:55:56 +00:00
Nick Mathewson
84b6e26c50 r15715@tombo: nickm | 2007-12-26 13:09:27 -0500
Peacetime managed to run overnight in paranoia mode.  Disabling paranoia, so that buffers.c can be a little speedy again.


svn:r12987
2007-12-26 18:09:36 +00:00
Nick Mathewson
fb8cbc8642 r15710@tombo: nickm | 2007-12-25 19:36:03 -0500
Fix in flush_buf_tls: it is okay to flush an empty buffer, since we may have a partial TLS record pending.


svn:r12984
2007-12-26 00:36:05 +00:00
Nick Mathewson
a7ef07b4bd r15693@tombo: nickm | 2007-12-25 19:11:29 -0500
Here, have some terribly clever new buffer code.  It uses a mbuf-like strategy rather than a ring buffer strategy, so it should require far far less extra memory to hold any given amount of data.  Also, it avoids access patterns like x=malloc(1024);x=realloc(x,1048576);x=realloc(x,1024);append_to_freelist(x) that might have been contributing to memory fragmentation.  I've  tested it out a little on peacetime, and it seems to work so far.  If you want to benchmark it for speed, make sure to remove the #define PARANOIA; #define NOINLINE macros at the head of the module.


svn:r12983
2007-12-26 00:12:08 +00:00
Roger Dingledine
c6788cc0de The bridge GeoIP stats were counting other relays, for example
self-reachability and authority-reachability tests.


svn:r12960
2007-12-25 00:07:13 +00:00
Roger Dingledine
5925bc972c tweaks
svn:r12959
2007-12-24 23:51:22 +00:00
Roger Dingledine
15c048bdc5 Fix several remotely triggerable asserts based on DirPort requests
for a v2 or v3 networkstatus object before we were prepared. This
was particularly bad for 0.2.0.13 and later bridge relays, who
would never have a v2 networkstatus and would thus always crash
when used. Bugfixes on 0.2.0.x.

Estimate the v3 networkstatus size more accurately, rather than
estimating it at zero bytes and giving it artificially high priority 
compared to other directory requests. Bugfix on 0.2.0.x.


svn:r12952
2007-12-24 11:25:45 +00:00
Roger Dingledine
4fb573fddd bugfix on r10612:
When we load a bridge descriptor from the cache,
and it was previously unreachable, mark it as retriable so we won't
just ignore it. Also, try fetching a new copy immediately.


svn:r12950
2007-12-24 10:31:39 +00:00
Nick Mathewson
da06bfb80f r15653@tombo: nickm | 2007-12-23 14:15:12 -0500
Refactor circuit_launch* functions to take a bitfield of flags rather than 4 separate nonconsecutive flags arguments.  Also, note a possible but in circuit_find_to_cannibalize, which seems to be ignoring its purpose argument.


svn:r12948
2007-12-23 19:15:22 +00:00
Nick Mathewson
473725e1a4 r15648@tombo: nickm | 2007-12-23 13:27:30 -0500
Support building for iPhone; patch from cjacker huang.


svn:r12946
2007-12-23 18:27:47 +00:00
Roger Dingledine
c10faf5085 fix some irix compile complaints; make "kbytes" work as a memory unit
svn:r12936
2007-12-23 04:22:55 +00:00
Roger Dingledine
9dcde682f5 minor other things in my sandbox
svn:r12934
2007-12-23 01:28:25 +00:00
Roger Dingledine
61bd5583d9 If we receive a general-purpose descriptor and then receive an
identical bridge-purpose descriptor soon after, don't discard
the next one as a duplicate.


svn:r12933
2007-12-23 01:18:14 +00:00
Roger Dingledine
fe006ad880 and clean up after myself
svn:r12930
2007-12-22 11:54:33 +00:00
Roger Dingledine
88503e25c7 If bridge authorities set BridgePassword, they will serve a
snapshot of known bridge routerstatuses from their DirPort to
anybody who knows that password. Unset by default.


svn:r12929
2007-12-22 11:48:17 +00:00
Roger Dingledine
87a616e128 Fix a crash on startup if you install Tor 0.2.0.13-alpha fresh
without a datadirectory from a previous Tor install. Reported
by Zax.


svn:r12928
2007-12-22 11:42:12 +00:00
Roger Dingledine
abf9fadcca start working on serving bridge status from the dirport, for
bridge communities.


svn:r12927
2007-12-22 10:54:21 +00:00
Roger Dingledine
ce636beff9 If the user sets RelayBandwidthRate but doesn't set
RelayBandwidthBurst, then make them equal rather than erroring out.


svn:r12925
2007-12-22 09:13:24 +00:00
Roger Dingledine
be906a836a If BridgeRelay is set to 1, then the default for
PublishServerDescriptor is now "bridge" rather than "v2,v3".


svn:r12923
2007-12-22 09:04:46 +00:00
Roger Dingledine
39d910e97b Make PublishServerDescriptor default to 1, so the default doesn't
have to change as we invent new directory protocol versions.


svn:r12922
2007-12-22 08:27:42 +00:00
Roger Dingledine
6097e46420 Fix a crash when we load a bridge descriptor from disk but we don't
currently have a Bridge line for it in our torrc. Bugfix on
0.2.0.12-alpha.


svn:r12921
2007-12-22 06:11:49 +00:00
Roger Dingledine
366c273d27 Make "GETINFO/desc-annotations/id/<OR digest>" actually work.
svn:r12919
2007-12-22 05:27:30 +00:00
Roger Dingledine
869858bf57 add a little note about matt's 0.2.0.12-alpha crash
svn:r12918
2007-12-22 05:26:36 +00:00
Roger Dingledine
a223f5db03 Fix a crash when accessing hidden services: it would work the first
time you use a given introduction point for your service, but
on subsequent requests we'd be using garbage memory. Fixed by
Karsten Loesing. Bugfix on 0.2.0.12-alpha.


svn:r12913
2007-12-21 23:28:23 +00:00
Roger Dingledine
73ff2e5d5e Fix a crash when we fetch a descriptor that turns out to be
unexpected (it used to be in our networkstatus when we started
fetching it, but it isn't in our current networkstatus), and we
aren't using bridges. Bugfix on 0.2.0.x.


svn:r12911
2007-12-21 22:58:22 +00:00
Roger Dingledine
c1af7de6e4 the better fix for the unit tests
svn:r12907
2007-12-21 10:44:10 +00:00
Roger Dingledine
46bb4a40ee Make the unit tests build again.
svn:r12905
2007-12-21 10:40:40 +00:00
Roger Dingledine
3f4080d15d tiny tweaks on r12900
svn:r12901
2007-12-21 09:33:11 +00:00
Roger Dingledine
90fcfade4e revert r12841 and r12842, and commit karsten's "patch 13"
svn:r12900
2007-12-21 09:28:22 +00:00
Roger Dingledine
7b60d6c526 Directory authorities should only automatically download Extra Info
documents if they're v1, v2, or v3 authorities.


svn:r12898
2007-12-21 06:33:02 +00:00
Roger Dingledine
e2dc45a2e1 some more refactoring
svn:r12897
2007-12-21 06:28:59 +00:00
Roger Dingledine
9ebf86bb66 new config option FetchDirInfoEarly for tup/ioerror and the tordnsel
svn:r12896
2007-12-21 06:08:00 +00:00
Roger Dingledine
f0e7c4f0da Only Tors that want to mirror the v2 directory info should
create the "cached-status" directory in their datadir. All Tors
used to create it. Bugfix on 0.1.2.x.

Bridge relays with DirPort set to 0 no longer cache v1 or v2
directory information; there's no point. Bugfix on trunk.


svn:r12887
2007-12-20 06:47:59 +00:00
Roger Dingledine
acd8bc1fd9 make r12871 do what i meant
svn:r12886
2007-12-20 06:36:44 +00:00
Nick Mathewson
2f922937d3 r17274@catbus: nickm | 2007-12-20 01:14:09 -0500
Don't try to create the datadir when we are only verifying the configuration or hashing a password. Resolves bug 540.


svn:r12884
2007-12-20 06:15:09 +00:00
Nick Mathewson
6de2b484cf r17270@catbus: nickm | 2007-12-20 00:04:21 -0500
When we decide to send a 503 in response to a request for server descriptors, disable spooling so that we do not then send the descriptors anyway.  Fixes bug 539.


svn:r12882
2007-12-20 05:06:02 +00:00
Nick Mathewson
5c33c0632e r17268@catbus: nickm | 2007-12-19 23:53:53 -0500
Initialize [un]named_server_map to empty strmaps when router_reload_consensus_networkstatus fails completely.  Resolves bug 538.


svn:r12881
2007-12-20 04:54:06 +00:00
Roger Dingledine
4aa5e678cd and the obligatory 'make it compile' follow-up
svn:r12872
2007-12-19 05:04:05 +00:00
Roger Dingledine
f405f9b614 Make getinfo ns/purpose/bridge actually work
Also, dump our bridge router status entries to disk every 30 minutes.


svn:r12871
2007-12-19 04:58:58 +00:00
Nick Mathewson
a697573ce9 r15562@tombo: nickm | 2007-12-18 23:23:59 -0500
Remove the LearnAuthorityAddrFromCerts option; make it always-on.  One option down, ~160 options to go.


svn:r12870
2007-12-19 04:24:05 +00:00
Nick Mathewson
95fecd6fbc r15560@tombo: nickm | 2007-12-18 23:18:21 -0500
Add a bit of missing documentation.


svn:r12869
2007-12-19 04:18:28 +00:00
Nick Mathewson
95d500f33f r15558@tombo: nickm | 2007-12-18 22:55:23 -0500
Re-parse annotations in another place.  Good catch, arma.


svn:r12868
2007-12-19 03:55:40 +00:00
Roger Dingledine
07c7f9e9e7 When we were reading router descriptors from cache, we were ignoring
the annotations -- including reading in bridge-purpose descriptors
as general-purpose descriptors.


svn:r12867
2007-12-19 03:11:02 +00:00
Nick Mathewson
d07122ba47 r17246@catbus: nickm | 2007-12-18 18:45:17 -0500
Fix some xxx020 items.


svn:r12864
2007-12-18 23:45:24 +00:00
Nick Mathewson
076097281d r17239@catbus: nickm | 2007-12-18 16:57:02 -0500
Sort GeoIP results in descending order of IP counts.


svn:r12863
2007-12-18 23:45:19 +00:00
Roger Dingledine
74d05f4b2c answer getinfo ns/purpose/bridge queries
svn:r12860
2007-12-18 22:39:15 +00:00
Roger Dingledine
b63a247c68 Make bridge authorities test reachability of bridges.
Added two XXX020's that we need to think harder about.


svn:r12859
2007-12-18 21:37:58 +00:00
Nick Mathewson
d2fe8542df r17232@catbus: nickm | 2007-12-18 16:22:10 -0500
Whitespace fix.


svn:r12857
2007-12-18 21:27:10 +00:00
Nick Mathewson
5488bc3e16 r17231@catbus: nickm | 2007-12-18 16:21:55 -0500
Document and clean-up geoip code; give it some unit tests.


svn:r12856
2007-12-18 21:27:08 +00:00
Nick Mathewson
b8ac050e85 r15532@tombo: nickm | 2007-12-17 17:41:05 -0500
clean up whitesapce and debug a little on geoip stuff.


svn:r12847
2007-12-17 22:44:18 +00:00
Nick Mathewson
25f78498f9 r15531@tombo: nickm | 2007-12-17 17:19:24 -0500
Support raw IP-to-country as well as postprocessed format.  Include GEOIP summary in extrainfo of bridges.


svn:r12846
2007-12-17 22:44:16 +00:00
Nick Mathewson
820159cac5 r15530@tombo: nickm | 2007-12-17 16:54:03 -0500
First wodge of geoip code so bridges can figure out which countries are blocking them.


svn:r12845
2007-12-17 22:44:11 +00:00
Roger Dingledine
b3e6c66a05 and another in the unit tests
svn:r12842
2007-12-16 20:47:20 +00:00
Roger Dingledine
e70d9a7f4d fix another mem leak, and point out another for karsten
svn:r12841
2007-12-16 20:46:23 +00:00
Roger Dingledine
98a56a386d our unit tests leak memory like a sieve.
fix two actual memory leaks found while cleaning up a bit.


svn:r12829
2007-12-16 08:20:10 +00:00
Roger Dingledine
71c84abdff cleanups on r12825
svn:r12826
2007-12-15 20:50:56 +00:00
Roger Dingledine
31324f3e7f apply karsten's "patch 12"
svn:r12825
2007-12-15 20:28:09 +00:00
Roger Dingledine
1d8a8063b9 clean up copyrights, and assign 2007 copyrights to The Tor Project, Inc
svn:r12786
2007-12-12 21:09:01 +00:00
Roger Dingledine
40efd7d47b but don't disable all the default v1 authorities quite yet
svn:r12778
2007-12-12 04:46:16 +00:00
Roger Dingledine
3b2dd8d763 Three new config options (AlternateDirAuthority,
AlternateBridgeAuthority, and AlternateHSAuthority) that let the
user selectively replace the default directory authorities, rather
than the all-or-nothing replacement that DirServer offers.


svn:r12777
2007-12-12 04:38:54 +00:00
Nick Mathewson
3208b102d6 r17089@catbus: nickm | 2007-12-11 17:33:34 -0500
Patch from mwenge: fix consensus status lookup by nickname when nickname is a hexdigest.


svn:r12766
2007-12-11 23:06:45 +00:00
Roger Dingledine
78f532678c Relays were publishing their server descriptor to v1 and v2
directory authorities, but they didn't try publishing to v3-only
authorities. Fix this; and also stop publishing to v1 authorities.


svn:r12759
2007-12-11 20:18:12 +00:00
Roger Dingledine
52363d23d7 If we can't expand our list of entry guards (e.g. because we're
using bridges or we have StrictEntryNodes set), don't mark relays
down when they fail a directory request. Otherwise we're too quick
to mark all our entry points down.


svn:r12755
2007-12-10 17:16:41 +00:00
Roger Dingledine
ee6ae92670 New config options AuthDirBadDir and AuthDirListBadDirs for
authorities to mark certain relays as "bad directories" in the
networkstatus documents. Also supports the "!baddir" directive in
the approved-routers file.


svn:r12754
2007-12-10 16:49:54 +00:00
Roger Dingledine
d95e7c7d67 also clear the hsdir status flag in routerinfo_t when the relay is no
longer listed in the relevant networkstatus document.


svn:r12752
2007-12-10 16:40:14 +00:00
Roger Dingledine
25a444b698 emo teh
svn:r12747
2007-12-09 19:11:22 +00:00
Roger Dingledine
be337eb0ad fix a memory leak in authority_certs_fetch_missing() every time
we try to call it but don't have enough dir info.


svn:r12743
2007-12-09 17:43:43 +00:00
Roger Dingledine
6dfd47467e Allow multiple HashedControlPassword config lines, to support
multiple controller passwords.


svn:r12732
2007-12-09 04:59:27 +00:00
Roger Dingledine
9b162ef430 only clear the bridge list if options->Bridges is set.
this doesn't matter yet so we aren't adding them in other
ways yet.


svn:r12730
2007-12-09 03:38:57 +00:00
Roger Dingledine
ae1aa5a1bb Set up lefkada (run by Geoff Goodell) as the fourth v3 directory
authority.


svn:r12724
2007-12-08 20:16:34 +00:00
Roger Dingledine
2b8ca7b4a4 patch from karsten to clean up documentation and to integrate
more fixes into rend-spec.txt.


svn:r12715
2007-12-07 21:27:58 +00:00
Nick Mathewson
2e378295d6 r16997@catbus: nickm | 2007-12-06 18:56:33 -0500
Make http://torproject urls into https://torproject urls.  Patch from steve.


svn:r12708
2007-12-06 23:56:36 +00:00
Nick Mathewson
92372b156a r16995@catbus: nickm | 2007-12-06 18:42:53 -0500
patch from steve: replace more tor.eff.org instances with torproject.org


svn:r12707
2007-12-06 23:42:59 +00:00
Roger Dingledine
75c38a2c88 Bridges now behave like clients with respect to time intervals for
downloading new consensus documents. Bridge users now wait until
the end of the interval, so their bridge will be sure to have a
new consensus document.


svn:r12696
2007-12-06 17:01:16 +00:00
Roger Dingledine
b277954501 put a note so the distant future developers can simplify tor
svn:r12691
2007-12-06 11:19:00 +00:00
Roger Dingledine
a107a1624b extra points if it compiles
svn:r12688
2007-12-06 07:17:05 +00:00
Roger Dingledine
8de470cf69 Add "GETINFO/desc-annotations/id/<OR digest>" so controllers can
ask about source, timestamp of arrival, purpose, etc. We need
something like this to help Vidalia not do GeoIP lookups on bridge 
addresses.


svn:r12687
2007-12-06 07:15:06 +00:00
Roger Dingledine
3ff63b6f4e When the DANGEROUS_VERSION controller status event told us we're
running an obsolete version, it used the string "OLD" to describe
it. Yet the "getinfo" interface used the string "OBSOLETE". Now use
"OBSOLETE" in both cases.


svn:r12686
2007-12-05 19:32:58 +00:00
Roger Dingledine
343242d9ae update an XXX020 for nick later
svn:r12684
2007-12-05 19:23:03 +00:00
Nick Mathewson
29045d21b3 r15155@tombo: nickm | 2007-12-05 11:11:14 -0500
Add a missing "not" to check of whether to use revised handshake.


svn:r12678
2007-12-05 16:11:33 +00:00
Roger Dingledine
d46b8a3eac Stop being so aggressive about fetching dir info if your DirPort is
on but your ORPort is off.

Add a new config option BridgeRelay that specifies you want to
be a bridge relay. Right now the only difference is that it makes
you answer begin_dir requests, and it makes you cache dir info,
even if your DirPort isn't on.

Refactor directory_caches_dir_info() into some more functions.


svn:r12668
2007-12-04 18:35:03 +00:00
Roger Dingledine
0000c7e6e9 weasel wanted us to log the source of v3 votes we don't like
svn:r12665
2007-12-04 15:54:14 +00:00
Nick Mathewson
593ab7e808 r15106@tombo: nickm | 2007-12-04 00:08:35 -0500
Change tor_addr_t to be a tagged union of in_addr and in6_addr, not of sockaddr_in and sockaddr_in6.  It's hardly used in the main code as it is, but let's get it right before it gets popular.


svn:r12660
2007-12-04 05:19:56 +00:00
Roger Dingledine
ce2cf88ebf Stop thinking that 0.1.2.x directory servers can handle "begin_dir"
requests. Should ease bugs 406 and 419 where 0.1.2.x relays are
crashing or mis-answering these requests.


svn:r12658
2007-12-03 22:31:59 +00:00
Roger Dingledine
3229117d3a minor touchups
svn:r12657
2007-12-03 22:04:19 +00:00
Roger Dingledine
07dbaaac16 We were ignoring our RelayBandwidthRate for the first 30 seconds
after opening a circuit -- even relayed circuits. Bugfix on
0.2.0.3-alpha.


svn:r12638
2007-12-02 11:24:06 +00:00
Roger Dingledine
b54240d38f Reject uploaded descriptors and extrainfo documents if they're
huge. Otherwise we'll cache them all over the network and it'll
clog everything up.


svn:r12633
2007-12-02 06:11:53 +00:00
Roger Dingledine
1a254477fc minor cleanups
svn:r12631
2007-12-02 04:39:56 +00:00
Roger Dingledine
f901cd064c clean up the dirserv_add_multiple_descriptors() api
svn:r12630
2007-12-02 02:47:42 +00:00
Roger Dingledine
9b1b8199df backport candidate:
Start purging old entries from the "rephist" database, and the
hidden service descriptor databases, even when DirPort is zero.


svn:r12628
2007-12-01 22:38:58 +00:00
Roger Dingledine
77e607cc0d Authorities and caches fetch the v2 networkstatus documents
less often, now that v3 is encouraged.


svn:r12627
2007-12-01 20:04:36 +00:00
Roger Dingledine
c26c54836f download the (admittedly tiny) v1 dir blobs even less often.
we can't make them totally obsolete yet but we can get closer.


svn:r12626
2007-12-01 20:02:05 +00:00
Nick Mathewson
4a6d969139 r15094@tombo: nickm | 2007-12-01 03:46:07 -0500
server-side code (for when v2 negotiation occurred) to check for renegotiation and adjust client ID info accordingly.  server-side of new TLS code is now implemented, but needs testing and debugging.


svn:r12624
2007-12-01 08:47:13 +00:00
Nick Mathewson
d8ad247dfd r15088@tombo: nickm | 2007-11-30 23:47:29 -0500
Add support to get a callback invoked when the client renegotiate a connection.  Also, make clients renegotiate.  (not enabled yet, until they detect that the server acted like a v2 server)


svn:r12623
2007-12-01 08:09:48 +00:00
Nick Mathewson
1789f94668 r15087@tombo: nickm | 2007-11-30 22:32:26 -0500
Start getting freaky with openssl callbacks in tortls.c: detect client ciphers, and if the list doesn't look like the list current Tors use, present only a single cert do not ask for a client cert. Also, support for client-side renegotiation.  None of this is enabled unless you define V2_HANDSHAKE_SERVER.


svn:r12622
2007-12-01 08:09:46 +00:00
Roger Dingledine
f8df8d791e start to refactor dirserver_mode()
svn:r12621
2007-12-01 04:58:53 +00:00
Roger Dingledine
6d49465b69 fix two trivial potential onionkey leaks. neither of these
should happen in practice. but now they really won't.


svn:r12620
2007-12-01 04:40:12 +00:00
Roger Dingledine
c1b4bfdeac karsten's bugfix on r12607
svn:r12619
2007-11-30 23:45:16 +00:00
Roger Dingledine
30e1a862e7 r12617 broke the compile
svn:r12618
2007-11-30 23:32:25 +00:00
Nick Mathewson
f061994487 r16881@catbus: nickm | 2007-11-30 15:07:42 -0500
Do not keep a string representation of every single addr_policy_t lying around.  This might save a few hundred K.


svn:r12617
2007-11-30 20:09:09 +00:00
Roger Dingledine
ad0fcef576 other trivial tweaks
svn:r12614
2007-11-30 18:53:14 +00:00
Roger Dingledine
fea55c7c2d two pieces of r12607 for karsten to look at closer
svn:r12609
2007-11-29 15:37:17 +00:00
Roger Dingledine
8ac5f24c33 easy tweaks on r12607
svn:r12608
2007-11-29 15:30:32 +00:00
Roger Dingledine
aaf35cccf7 karsten's second refactoring patch
svn:r12607
2007-11-29 15:25:04 +00:00
Roger Dingledine
0f22c584cd doxygen tweaks
svn:r12606
2007-11-29 15:23:41 +00:00
Roger Dingledine
7f12ebc3fa cleanups on r12579
svn:r12580
2007-11-27 21:17:43 +00:00
Roger Dingledine
466abecef4 Our new v2 hidden service descriptor format allows descriptors
that have no introduction points. But Tor crashed when we tried
to build a descriptor with no intro points (and it would have
crashed if we had tried to parse one). Bugfix on 0.2.0.x; patch
by Karsten Loesing.


svn:r12579
2007-11-27 21:06:34 +00:00
Roger Dingledine
b02e154470 minor cleanups
svn:r12571
2007-11-26 06:26:17 +00:00
Roger Dingledine
91bb09cb28 Only update guard status (usable / not usable) once we have
enough directory information. This was causing us to always pick
two new guards on startup (bugfix on 0.2.0.9-alpha), and it was
causing us to discard all our guards on startup if we hadn't been
running for a few weeks (bugfix on 0.1.2.x). Fixes bug 448.


svn:r12570
2007-11-26 02:18:57 +00:00
Roger Dingledine
2e40510f02 if we think our ip address just changed, log what we thought it
changed *to*.


svn:r12551
2007-11-22 01:38:54 +00:00
Roger Dingledine
aaefad64a1 stop lying in the config file comment we write out regarding
PublishServerDescriptor.


svn:r12550
2007-11-22 00:44:08 +00:00
Roger Dingledine
a54ce34e35 Don't crash if we get an unexpected value for the
PublishServerDescriptor config option. Reported by Matt Edman;
bugfix on 0.2.0.9-alpha.


svn:r12549
2007-11-22 00:43:22 +00:00
Roger Dingledine
094096d320 get rid of the __ConsiderAllRoutersAsHidServDirectories config option
svn:r12528
2007-11-17 12:28:18 +00:00
Roger Dingledine
d62ef13d0a get rid of the separate reachability window for the hsdir flag.
svn:r12527
2007-11-17 12:15:32 +00:00
Roger Dingledine
b701583ffa note a log message that might want to get quieter
svn:r12526
2007-11-17 12:11:00 +00:00
Roger Dingledine
c336dedd21 The fix in 0.2.0.12-alpha cleared the "hsdir" flag in v3 network
consensus documents when there are too many relays at a single
IP address. Now clear it in v2 network status documents too.


svn:r12522
2007-11-17 07:00:14 +00:00
Roger Dingledine
6514843026 cleanups, bump to 0.2.0.12-alpha
svn:r12516
2007-11-17 02:22:56 +00:00
Roger Dingledine
d6f8ba25c9 back out r12509 and fix a better bug instead:
When authorities detected more than two relays running on the same
IP address, they were clearing all the status flags but forgetting
to clear the "hsdir" flag. So clients were being told that a
given relay was the right choice for a v2 hsdir lookup, yet they
never had its descriptor because it was marked as 'not running'
in the consensus.


svn:r12515
2007-11-17 01:53:33 +00:00
Roger Dingledine
d09439872d If we're using bridges or have strictentrynodes set, and our
chosen exit is in the same family as all our bridges/entry guards,
then be flexible about families.


svn:r12514
2007-11-16 07:37:49 +00:00
Roger Dingledine
b669fb7344 i'm a little teapot, ...
svn:r12513
2007-11-16 07:33:57 +00:00
Roger Dingledine
0871e02da8 If we're trying to fetch a bridge descriptor and there's no way
the bridge authority could help us (for example, we don't know
a digest, or there is no bridge authority), don't be so eager to
fall back to asking the bridge authority.


svn:r12512
2007-11-16 07:31:51 +00:00
Roger Dingledine
116a0f0f22 minor touchups on or.h
svn:r12511
2007-11-16 07:29:01 +00:00
Roger Dingledine
0e442e098c Nov 16 02:20:50.089 [info] update_consensus_router_descriptor_downloads(): 0 router descriptors downloadable. 0 delayed; 1676 present (0 of those were in old_routers); 0 would_reject; 582 wouldnt_use, 0 in progress.
Nov 16 02:20:50.089 [info] launch_router_descriptor_downloads(): There are not many downloadable routerdescs, but we haven't tried downloading descriptors recently. Downloading.

Get rid of the second line.


svn:r12510
2007-11-16 07:23:25 +00:00
Roger Dingledine
60ee26c873 Karsten: you should look at this and decide if we should skip over
non-running hsdirs, or not give them the flag if they're not running,
or what.

When picking v2 hidden service directories, don't pick ones that
aren't listed as Running.


svn:r12509
2007-11-16 05:29:27 +00:00
Peter Palfrader
3e9369ebd9 Changing the ExitPolicyRejectPrivate setting should cause us to rebuild the
descriptor.


svn:r12507
2007-11-15 15:51:17 +00:00
Roger Dingledine
06a1e4124f Fix a small memory leak whenever we decide against using a
newly picked entry guard. Reported by Mike Perry.


svn:r12506
2007-11-15 11:14:08 +00:00
Nick Mathewson
e843e05563 r16670@catbus: nickm | 2007-11-14 14:56:30 -0500
Initial phase of proposal 110: accept RELAY_EARLY cells, and turn them into RELAY cells when sending them on over a v1 OR connection.


svn:r12496
2007-11-14 20:01:15 +00:00
Nick Mathewson
d483d3144a r16669@catbus: nickm | 2007-11-14 14:50:03 -0500
When we complete an OR handshake, set up all the internal fields and mark the connection as open.


svn:r12495
2007-11-14 20:01:12 +00:00
Nick Mathewson
bbb34846b4 r16665@catbus: nickm | 2007-11-14 13:36:11 -0500
Fix bug spotted by karsten: when we have no consensus, do not try to continue finding directories for a hidden service.


svn:r12493
2007-11-14 18:39:15 +00:00
Nick Mathewson
75922ff41f r16663@catbus: nickm | 2007-11-13 21:51:28 -0500
Back out parts of r12376: replace file locations in scripts.


svn:r12490
2007-11-14 02:55:12 +00:00
Roger Dingledine
c23a22785d make r12485 more likely to work on tonga too
svn:r12486
2007-11-12 19:01:28 +00:00
Nick Mathewson
f7c2d1522e r16656@catbus: nickm | 2007-11-12 11:27:00 -0500
Possibly fix bug 548 by making the fix for bug 543 not get invoked on authorities.  See changelog and bug 548 entry for rationale.


svn:r12485
2007-11-12 16:29:31 +00:00
Nick Mathewson
6deca312a7 r16654@catbus: nickm | 2007-11-12 10:43:45 -0500
Add explanatory comment.  Does not fix bug 548.


svn:r12484
2007-11-12 15:46:38 +00:00
Roger Dingledine
609ceadd74 compiling is good too
svn:r12480
2007-11-11 18:46:16 +00:00
Roger Dingledine
7870964e0c Don't reevaluate all the information from our consensus document
just because we've downloaded a v2 networkstatus that we intend
to cache. Fixes bug 545.


svn:r12479
2007-11-11 17:37:59 +00:00
Roger Dingledine
49e9c6d96b tweak
svn:r12478
2007-11-11 17:20:30 +00:00
Roger Dingledine
1b00492c40 a potential solution for bug 549
svn:r12471
2007-11-11 04:36:31 +00:00
Roger Dingledine
0d21995956 another likelier candidate for mike's leak
svn:r12470
2007-11-11 04:19:11 +00:00
Roger Dingledine
2b2d111017 a log entry to help us find mike's memory leak
svn:r12469
2007-11-11 03:56:34 +00:00
Roger Dingledine
8ca51869fd Allow people to say PreferTunnelledDirConns rather than
PreferTunneledDirConns, for those alternate-spellers out there.


svn:r12466
2007-11-11 01:06:16 +00:00
Roger Dingledine
42b8fb5a15 Exit policies now reject connections that are addressed to a
relay's public (external) IP address too, unless
ExitPolicyRejectPrivate is turned off. We do this because too
many relays are running nearby to services that trust them based
on network address.


svn:r12459
2007-11-10 21:17:51 +00:00
Roger Dingledine
7050df7245 bump to 0.2.0.10-alpha
svn:r12455
2007-11-10 07:26:56 +00:00
Nick Mathewson
1bdbd3b98e r16582@catbus: nickm | 2007-11-08 13:14:16 -0500
Try to bulletproof the parse logic for router-stability.


svn:r12441
2007-11-08 18:15:49 +00:00
Nick Mathewson
e0b9c893bc r16573@catbus: nickm | 2007-11-08 11:57:16 -0500
Mess with the formula for the Guard flag again.  Now it requires that you be in the most familiar 7/8 of nodes, and have above median wfu for that 7/8th.  See spec for details.  Also, log thresholds better.


svn:r12440
2007-11-08 16:58:59 +00:00
Nick Mathewson
c3a745951b r16570@catbus: nickm | 2007-11-08 11:04:20 -0500
Keep track, for each OR connection, of the last time we added a non-padding cell to its outbuf.  Use this timestamp, not "lastwritten" to tell if it is time to close a circuitless connection.  (We can'tuse lastwritten, since lastwritten is updated when ever the connection flushes anything, and by that point we can no longer tell what is a padding cell and what is not.)


svn:r12437
2007-11-08 16:19:07 +00:00
Nick Mathewson
17a34e4a43 r16569@catbus: nickm | 2007-11-08 10:51:11 -0500
More log messages about certificate downloads; try to track down bug 546.2


svn:r12436
2007-11-08 16:19:04 +00:00
Roger Dingledine
1d61b54227 make the complaints about missing v2hidserv directories quieter,
at least until we're *supposed* to have any of them.


svn:r12431
2007-11-08 04:21:35 +00:00
Roger Dingledine
e12cf29960 Don't stop fetching descriptors when FetchUselessDescriptors is
set, even if we stop asking for circuits. Bugfix on 0.1.2.x;
reported by tup and ioerror.


svn:r12430
2007-11-08 04:19:51 +00:00
Nick Mathewson
d279fb82e2 r16550@catbus: nickm | 2007-11-07 16:50:02 -0500
"And $499 for knowing where to hit it."  Fix bug 546.


svn:r12425
2007-11-07 21:51:21 +00:00
Roger Dingledine
473a054b4c Set up ides (run by Mike Perry) as the third v3 directory authority.
svn:r12423
2007-11-07 21:20:45 +00:00
Roger Dingledine
1621b1e09b start hunting a bug where bridge users don't always put
their un-keyed connections onto the orconn_identity_map.


svn:r12418
2007-11-07 18:26:46 +00:00
Nick Mathewson
f18e94116b r16533@catbus: nickm | 2007-11-07 12:42:58 -0500
Fix another "TLS error. breaking connection".~


svn:r12416
2007-11-07 17:44:15 +00:00
Nick Mathewson
45b0ee42a3 r16531@catbus: nickm | 2007-11-07 12:39:56 -0500
Initialize re-parsed routerinfos with routerlist_index -1, since they are not yet inserted into the routerlist.  Fixes another crash.


svn:r12415
2007-11-07 17:41:14 +00:00
Nick Mathewson
dc2ab2f4e2 r16529@catbus: nickm | 2007-11-07 12:28:52 -0500
And make it compile too.


svn:r12414
2007-11-07 17:30:08 +00:00
Nick Mathewson
9b2d86d83d r16527@catbus: nickm | 2007-11-07 12:27:59 -0500
Re-set all of the indices immediately after sorting old_routers.  Fixes a crash.


svn:r12413
2007-11-07 17:29:16 +00:00
Nick Mathewson
bed01a9003 r16525@catbus: nickm | 2007-11-07 12:10:01 -0500
Clean up log messages from bug 543 fix, and make old_routers also keep track of their indices.  This will probably crash some until all the bugs are fixed.


svn:r12412
2007-11-07 17:11:23 +00:00
Nick Mathewson
0e993e6008 r16523@catbus: nickm | 2007-11-07 11:35:49 -0500
Improve "tls error. breaking" message a little.


svn:r12411
2007-11-07 16:37:08 +00:00
Nick Mathewson
381619a973 Fix typo.
svn:r12409
2007-11-07 15:22:46 +00:00
Nick Mathewson
acaa9a7f69 r16518@catbus: nickm | 2007-11-07 10:18:31 -0500
First attempt at fixing bug 543.  Needs testing. Too slow.


svn:r12408
2007-11-07 15:19:53 +00:00
Nick Mathewson
bc4cefcd7e r16471@catbus: nickm | 2007-11-06 15:50:42 -0500
Detect whether any of the descriptors we want are in old_routers. Possibly useful in tracking down bug 543.


svn:r12404
2007-11-06 20:51:45 +00:00
Nick Mathewson
47fd6f7267 r16464@catbus: nickm | 2007-11-06 14:53:28 -0500
Also avoid overflow on or_conn->read_bucket


svn:r12401
2007-11-06 19:54:32 +00:00
Nick Mathewson
be1a5191f8 r16462@catbus: nickm | 2007-11-06 14:40:58 -0500
Fix bug 544: do not allow buckets to overflow.  Backportable.


svn:r12400
2007-11-06 19:42:37 +00:00
Nick Mathewson
28dd56f982 r16459@catbus: nickm | 2007-11-06 13:26:11 -0500
Fix "0 request for 0 router" message.


svn:r12399
2007-11-06 18:27:14 +00:00
Nick Mathewson
6bc071f765 r16456@catbus: nickm | 2007-11-06 12:59:04 -0500
Fix a dumb bug in networkstatus_free_all()


svn:r12397
2007-11-06 18:00:09 +00:00
Nick Mathewson
e047f7f865 r16455@catbus: nickm | 2007-11-06 12:48:00 -0500
Parse CERT cells and act correctly when we get them.


svn:r12396
2007-11-06 18:00:07 +00:00
Nick Mathewson
af60d79f5d r16452@catbus: nickm | 2007-11-06 09:20:08 -0500
Fix warning about overflow optimization.


svn:r12395
2007-11-06 14:21:08 +00:00
Nick Mathewson
95c7b8cc64 r14729@31-33-67: nickm | 2007-11-05 18:54:50 -0500
Send and Parse CERT cells correctly.  Still need to understand the certs inside.


svn:r12392
2007-11-05 23:55:43 +00:00
Nick Mathewson
6fcda5299f r14727@31-33-67: nickm | 2007-11-05 18:34:35 -0500
Make VERSIONS variable-length.


svn:r12391
2007-11-05 23:34:39 +00:00
Nick Mathewson
9a20a64b62 r16438@catbus: nickm | 2007-11-05 16:45:45 -0500
Initial code for variable-length cells. CERT and VERSIONS  need to use them.


svn:r12390
2007-11-05 21:46:35 +00:00
Nick Mathewson
42f7ae3eae r16435@catbus: nickm | 2007-11-05 14:23:07 -0500
Patch from karsten: tidy up v2 hidden service directory logic, and fix a few bugs.


svn:r12388
2007-11-05 19:23:57 +00:00
Nick Mathewson
dec5fcd611 r16434@catbus: nickm | 2007-11-05 14:22:40 -0500
Oops; fix compile


svn:r12387
2007-11-05 19:23:55 +00:00
Nick Mathewson
85654f4ab9 r16432@catbus: nickm | 2007-11-05 14:18:57 -0500
Send and parse link_auth cells properly.


svn:r12386
2007-11-05 19:19:46 +00:00
Nick Mathewson
44eab517fc r16414@catbus: nickm | 2007-11-05 13:14:46 -0500
Function to process link auth cells; stub function for cert cell processing


svn:r12385
2007-11-05 18:15:56 +00:00
Nick Mathewson
ea1bea5830 r16411@catbus: nickm | 2007-11-05 11:27:37 -0500
Remember X509 certificates in the context.  Store peer/self certificate digests in handshake state.


svn:r12382
2007-11-05 18:15:50 +00:00
Nick Mathewson
22c31d91ab r16410@catbus: nickm | 2007-11-05 10:54:29 -0500
Code to remember client_random and server_random values, and to compute hmac using TLS master secret.


svn:r12381
2007-11-05 18:15:47 +00:00
Nick Mathewson
e94fad36ac r16409@catbus: nickm | 2007-11-05 10:38:25 -0500
Split handshake state into its own structure.  Revise versions and netinfo code to use this structure.


svn:r12380
2007-11-05 18:15:44 +00:00
Nick Mathewson
b4a50343d7 r16407@catbus: nickm | 2007-11-05 10:02:22 -0500
Add a log message when we start retrieving networkstatus


svn:r12378
2007-11-05 18:15:39 +00:00
Nick Mathewson
446c351393 r14702@tombo: nickm | 2007-11-04 15:48:56 -0500
Define SHARE_DATADIR, LOCALSTATEDIR, and BINDIR in Makefile.am as autoconf recommends.  Do not move CONFDIR yet, since we seem to support overriding it in a weird way.  Resolves bug 542.


svn:r12376
2007-11-04 20:49:02 +00:00
Roger Dingledine
735498cb27 add the other v3 dir bugfixes. my bridge is now working
again even when my datadir starts empty. phew.


svn:r12372
2007-11-04 02:36:09 +00:00
Nick Mathewson
928c584ec2 r14700@tombo: nickm | 2007-11-03 22:29:21 -0400
Fix sign error in networkstatus_note_certs_arrived().


svn:r12371
2007-11-04 02:29:27 +00:00
Roger Dingledine
5bf61633e3 avoid sending a request for "keys/fp" (for which we'll get a 400 bad
request) if we need more v3 certs but we've already got pending requests
for all of them.


svn:r12370
2007-11-04 02:06:09 +00:00
Roger Dingledine
9ef72079ae fix an assert error on startup if we didn't already have the
consensus and certs cached in our datadirectory: we were
caching the consensus in consensus_waiting_for_certs but then
free'ing it right after.

more bugs remain here, i think.


svn:r12369
2007-11-04 01:26:00 +00:00
Roger Dingledine
e9af56cf2f If bridge users set UpdateBridgesFromAuthority, but the digest
they ask for is a 404 from the bridge authority, they now fall
back to trying the bridge directly.


svn:r12368
2007-11-04 00:15:42 +00:00
Roger Dingledine
fb7b680a04 always use begin_dir for publishing and fetching bridge
descriptors, no matter our config


svn:r12365
2007-11-03 22:34:31 +00:00
Roger Dingledine
fcc115e763 Raise the default BandwidthRate/BandwidthBurst to 5MB/10MB, to
accommodate the growing number of servers that use the default
and are reaching it.


svn:r12364
2007-11-03 22:08:52 +00:00
Nick Mathewson
bf2717ff3d r14678@tombo: nickm | 2007-11-03 16:12:31 -0400
Try to make hidden service directory lookup functions a bit more efficient: go for fewer O(n) operations, and look at the consensus rather than the routerinfo list.


svn:r12361
2007-11-03 20:12:41 +00:00
Nick Mathewson
c217be996d r14677@tombo: nickm | 2007-11-03 15:16:27 -0400
Add a smartlist_bsearch_idx function that gives more useful output than regular bsearch for the value-not-found case.


svn:r12360
2007-11-03 20:12:38 +00:00
Roger Dingledine
d4e339ed87 Nov 03 11:15:13.103 [info] connection_dir_client_reached_eof(): Received consensus directory (size 330543) from server '86.59.21.38:80'
Nov 03 11:15:13.129 [info] networkstatus_set_current_consensus(): Got a consensus we already have
Nov 03 11:15:13.129 [warn] Unable to load consensus directory dowloaded from server '86.59.21.38:80'


svn:r12359
2007-11-03 15:55:15 +00:00
Roger Dingledine
23fdfd4dcf Stop leaking conn->nickname every time we make a connection to a
Tor relay without knowing its expected identity digest (e.g. when
using bridges). Bugfix on 0.2.0.3-alpha.


svn:r12355
2007-11-03 14:44:53 +00:00
Nick Mathewson
3a6287615b r16367@catbus: nickm | 2007-11-02 13:13:15 -0400
Space fixes.


svn:r12345
2007-11-02 17:16:34 +00:00
Nick Mathewson
6aeca5237d r14631@tombo: nickm | 2007-11-02 00:18:17 -0400
Better log messages for "not enough to build a circuit" message.


svn:r12324
2007-11-02 04:18:28 +00:00
Nick Mathewson
832ef9562f r14623@tombo: nickm | 2007-11-01 22:25:18 -0400
More tweaks from karsten, with some cleanup and commentary.


svn:r12319
2007-11-02 02:25:28 +00:00
Nick Mathewson
e3cb1e4559 r16337@catbus: nickm | 2007-11-01 14:18:58 -0400
Remove superseded assert in directory.c


svn:r12317
2007-11-01 18:22:04 +00:00
Roger Dingledine
e5ec8248e8 make r12272 compile on 64-bit
svn:r12315
2007-11-01 13:48:12 +00:00
Roger Dingledine
4ead38a4e9 fix compile errors on r12310 (thanks karsten)
svn:r12314
2007-11-01 13:40:29 +00:00
Nick Mathewson
37c44b81df r16326@catbus: nickm | 2007-11-01 00:56:45 -0400
As an authority, send back an X-Descriptor-Not-New header when we accept but do not store a descriptor.  Partial implementation of fix for bug 535.


svn:r12310
2007-11-01 05:01:24 +00:00
Nick Mathewson
2645219b4c r16322@catbus: nickm | 2007-11-01 00:26:15 -0400
Implement --quiet.


svn:r12306
2007-11-01 04:38:43 +00:00
Nick Mathewson
401b5c26de r16320@catbus: nickm | 2007-11-01 00:11:20 -0400
Learn new addresses for authorities from their certificates.


svn:r12305
2007-11-01 04:14:23 +00:00
Nick Mathewson
d1df046e3b r16314@catbus: nickm | 2007-10-31 23:40:08 -0400
Clients download and cache new hidden descriptor format.


svn:r12302
2007-11-01 03:43:02 +00:00
Nick Mathewson
5da5d2bd79 r16302@catbus: nickm | 2007-10-31 16:45:16 -0400
Clean spaces.


svn:r12301
2007-10-31 20:48:10 +00:00
Nick Mathewson
fcd42ebef4 r16301@catbus: nickm | 2007-10-31 16:43:49 -0400
A couple of small tweaks to karsten's latest patch, and note an issue with using a bitmap to represent a single int.


svn:r12300
2007-10-31 20:48:08 +00:00
Nick Mathewson
779b615bc2 r16300@catbus: nickm | 2007-10-31 15:36:41 -0400
Next patch from Karsten:  rename some macros, tunnel dir connections, generate (and upload) multiple descriptors as appropriate.


svn:r12299
2007-10-31 20:48:06 +00:00
Nick Mathewson
17266cc44a r16287@catbus: nickm | 2007-10-31 00:53:53 -0400
HMAC-SHA-1 implementation, with unit tests based on vectors from RVFC2202.  Steven's stuff will need this.


svn:r12289
2007-10-31 04:56:59 +00:00
Nick Mathewson
7e80640b97 r16285@catbus: nickm | 2007-10-30 17:43:25 -0400
Implement (but do not enable) link connection version negotiation


svn:r12286
2007-10-30 21:46:02 +00:00
Nick Mathewson
57f7c852f8 r16282@catbus: nickm | 2007-10-30 14:28:58 -0400
Implement lots of proposal 105.  None of it is enabled yet.


svn:r12285
2007-10-30 18:31:30 +00:00
Nick Mathewson
c0c2001a5b r16279@catbus: nickm | 2007-10-30 11:14:29 -0400
Improved skew reporting:  "You are 365 days in the duture" is more useful than "You are 525600 minutes in the future".  Also, when we get something that proves we are at least an hour in the past, tell the controller "CLOCK_SKEW MIN_SKEW=-3600" rather than just "CLOCK_SKEW"


svn:r12283
2007-10-30 15:17:07 +00:00
Nick Mathewson
7709fb7143 r16278@catbus: nickm | 2007-10-30 09:46:28 -0400
Accept future networkstatus documents, but warn about skew when we get them.


svn:r12282
2007-10-30 15:17:01 +00:00
Nick Mathewson
024798ee4c r16263@catbus: nickm | 2007-10-29 15:08:17 -0400
Tidy last patch a bit.


svn:r12273
2007-10-29 19:10:47 +00:00
Nick Mathewson
e136f00ca8 r16262@catbus: nickm | 2007-10-29 13:21:35 -0400
Patch from Karsten: Code to act as (and use) v2 hidden service directories.


svn:r12272
2007-10-29 19:10:42 +00:00
Nick Mathewson
1c451b9db9 r16252@catbus: nickm | 2007-10-29 11:13:03 -0400
Change symbol from DATADIR to SHARE_DATADIR, since DATADIR conflicts with objidl.h in mingw.


svn:r12268
2007-10-29 15:15:49 +00:00
Nick Mathewson
30e73f3a5e r16248@catbus: nickm | 2007-10-28 19:42:14 -0400
Do not count a server as having any WFU until we have known about it for 18 hours (weighted).


svn:r12261
2007-10-28 23:44:57 +00:00
Nick Mathewson
f09d53bbf1 r16246@catbus: nickm | 2007-10-28 19:34:58 -0400
Implement a FallbackNetworkstatusFile (default to $prefix/share/tor/fallback-consensus) to that we know about lots of directory servers and routers when we start up the first time.


svn:r12259
2007-10-28 23:44:53 +00:00
Nick Mathewson
20b1085989 r16242@catbus: nickm | 2007-10-28 16:28:13 -0400
Implement if-modified-since for consensus networkstatuses so that we do not download duplicates needlessly.


svn:r12258
2007-10-28 20:30:21 +00:00
Peter Palfrader
471163ffd5 Downgrade the mismatched fpr warning to info
svn:r12257
2007-10-28 20:01:22 +00:00
Nick Mathewson
66a39ac358 r16238@catbus: nickm | 2007-10-28 15:46:10 -0400
Whitespace fix.


svn:r12256
2007-10-28 19:48:19 +00:00
Nick Mathewson
d94a978b32 r16237@catbus: nickm | 2007-10-28 15:45:25 -0400
Tidy v2 hidden service descriptor format code: fix memory leaks, fix reference problems, note magic numbers, note questions, remove redundant checks, remove a possible stack smashing bug when encoding a descriptor with no protocols supported.


svn:r12255
2007-10-28 19:48:16 +00:00
Nick Mathewson
c58675ca72 r16236@catbus: nickm | 2007-10-28 14:36:30 -0400
Patch from Karsten Loesing: encode and parse v2 rendezvous descriptors.


svn:r12254
2007-10-28 19:48:14 +00:00
Nick Mathewson
665aa7659c r16234@catbus: nickm | 2007-10-28 14:27:22 -0400
Clean up a couple of comments from r12244.


svn:r12253
2007-10-28 18:29:29 +00:00
Roger Dingledine
e5885deab5 Separate "SOCKS_COMMAND_CONNECT_DIR" into two flags in
edge_connection_t: want_onehop if it must attach to a circuit with
only one hop (e.g. for the current tunnelled connections that use
begin_dir), and use_begindir if we mean to use a BEGIN_DIR relay
command to establish the stream rather than the normal BEGIN. Now
we can make anonymized begin_dir connections for (e.g.) more secure
hidden service posting and fetching.


svn:r12244
2007-10-28 08:16:19 +00:00
Roger Dingledine
6ca7c118ec we need to send nick to the chalkboard to type 'un' 1000 times:
Stop servers from crashing if they set a Family option (or
maybe in other situations too). Bugfix on 0.2.0.9-alpha; reported
by Fabian Keil.


svn:r12235
2007-10-27 21:40:32 +00:00
Roger Dingledine
a92b2083d2 don't warn so loudly when we couldn't load the unverified-consensus
file. we can live without it.


svn:r12221
2007-10-27 10:40:08 +00:00
Nick Mathewson
8fa7071121 r16195@catbus: nickm | 2007-10-26 18:48:52 -0400
base "Guard" flag on WFU rather than MTBF.  Note an issue in the TODO. Roger: thoughts?


svn:r12219
2007-10-26 22:50:42 +00:00
Nick Mathewson
2c1d7cf674 r16194@catbus: nickm | 2007-10-26 18:37:02 -0400
Keep circuitless TLS connections open for 1.5 x MaxCircuitDirtiness: this ensures that we don't thrash closing and repoening connections to our guards.


svn:r12218
2007-10-26 22:50:40 +00:00
Nick Mathewson
2ac37c8b01 r16174@catbus: nickm | 2007-10-26 10:55:26 -0400
Better log on vote from unknown authority.  Make get_by_v3_authority_id retrun only v3 authorities.


svn:r12203
2007-10-26 14:57:26 +00:00
Roger Dingledine
4cbaa51aa2 the other half of the question for nick
svn:r12196
2007-10-26 01:37:16 +00:00
Roger Dingledine
e4230d100a ask nick about a possible bug
svn:r12193
2007-10-25 20:59:24 +00:00
Nick Mathewson
d5a0eeb57e r16157@catbus: nickm | 2007-10-25 10:36:34 -0400
Free v2_network_status_map on exit.


svn:r12189
2007-10-25 14:37:49 +00:00
Nick Mathewson
73c1cfe80b r16154@catbus: nickm | 2007-10-25 10:29:47 -0400
Fix more memory leaks, with help from dmalloc.


svn:r12188
2007-10-25 14:31:15 +00:00
Nick Mathewson
53e6233985 r16153@catbus: nickm | 2007-10-25 10:21:42 -0400
do not set authority cert bodies twice: fixes memory leak bug 536.


svn:r12187
2007-10-25 14:31:13 +00:00
Roger Dingledine
f37185bf0b Stop leaking memory every time we parse a v3 certificate. Bugfix
on 0.2.0.1-alpha.


svn:r12185
2007-10-25 13:18:37 +00:00
Roger Dingledine
4ef1c459ba Refuse to start if both ORPort and UseBridges are set. Bugfix
on 0.2.0.x.


svn:r12182
2007-10-25 04:40:27 +00:00
Nick Mathewson
0421e14c21 r16130@catbus: nickm | 2007-10-24 23:28:00 -0400
Fix null-pointer dereference in set_current_consensus.


svn:r12174
2007-10-25 03:29:11 +00:00
Roger Dingledine
0491f2a99c more cleanups
svn:r12172
2007-10-25 03:03:52 +00:00
Nick Mathewson
beb73c90ab r16124@catbus: nickm | 2007-10-24 22:11:09 -0400
We want to extend the valid_until for "reasonably live", not the valid_after time


svn:r12169
2007-10-25 02:12:16 +00:00
Nick Mathewson
93331ebf69 r16115@catbus: nickm | 2007-10-24 21:52:33 -0400
Tolerate a slightly dead consensus when deciding whether to download descriptors and build circuits.


svn:r12167
2007-10-25 01:53:49 +00:00
Nick Mathewson
e0204f2119 r16112@catbus: nickm | 2007-10-24 15:52:03 -0400
Fix logic for downloading consensuses: make getting an duplicate or not-currently-valid consensus count as a failure.  Make running out of time to get certificates count as a failure.  Delay while fetching certificates.


svn:r12159
2007-10-24 19:53:11 +00:00
Nick Mathewson
9767415dca r16111@catbus: nickm | 2007-10-24 15:03:57 -0400
Allow multiple download schedules to exist.  At the moment, we use one for consensus, and the other one for everything else.


svn:r12158
2007-10-24 19:53:08 +00:00
Nick Mathewson
02e7a83f91 r16108@catbus: nickm | 2007-10-24 14:41:12 -0400
Refactor the arguments for router_pick_{directory_|trusteddir}server[_impl] so that they all take the same flags, and so that their flags have names.  Fix their documentation too.


svn:r12157
2007-10-24 18:42:16 +00:00
Nick Mathewson
5b65103bb9 r16101@catbus: nickm | 2007-10-24 11:44:40 -0400
Detect mmap failures from empty descriptor files, and only warn if the file was not supposed to be empty.  Fixes bug 533


svn:r12154
2007-10-24 15:45:45 +00:00
Roger Dingledine
7a35dad007 Authorities no longer send back "400 you're unreachable please fix
it" errors to Tor servers that aren't online all the time. We're
supposed to tolerate these servers now.


svn:r12136
2007-10-24 03:34:03 +00:00
Roger Dingledine
f43b9638e4 Don't complain that "your server has not managed to confirm that its
ports are reachable" if we haven't been able to build any circuits
yet. Bug found by spending four hours without a v3 consensus.


svn:r12133
2007-10-23 15:44:13 +00:00
Roger Dingledine
cb2b49c9c4 When there's no concensus, we were forming a vote every 30
minutes, but writing the "valid-after" line in our vote based
on our configured V3AuthVotingInterval: so unless the intervals
matched up, we immediately rejected our own vote because it didn't
start at the voting interval that caused us to construct a vote.

This caused log entries like:

Oct 23 01:16:16.303 [notice] Choosing expected valid-after time
as 2007-10-23 05:30:00: consensus_set=0, interval=1800
...
Oct 23 01:20:01.203 [notice] Choosing valid-after time in vote as
2007-10-23 06:00:00: consensus_set=0, interval=3600
Oct 23 01:20:01.290 [warn] Rejecting vote with valid-after time of
2007-10-23 06:00:00; we were expecting 2007-10-23 05:30:00
Oct 23 01:20:01.291 [warn] Couldn't store my own vote! (I told
myself, 'Bad valid-after time'.)

Nick, you should look at this, as it's your design. :)


svn:r12129
2007-10-23 06:38:16 +00:00
Nick Mathewson
03eb85b122 r16057@catbus: nickm | 2007-10-23 00:08:31 -0400
What the heck is wrong with me that I can not type un?


svn:r12128
2007-10-23 04:09:18 +00:00
Nick Mathewson
6f7518c501 r16054@catbus: nickm | 2007-10-22 20:22:13 -0400
Make authorities start accepting (and advertising their acceptance of) consensus method 2.  If all goes well, we'll have a working Unnamed flag.  Otherwise, we'll have a fun backtrace.


svn:r12113
2007-10-23 00:23:33 +00:00
Nick Mathewson
64b4b5a04e r16051@catbus: nickm | 2007-10-22 18:53:53 -0400
fix a dumb bug in r12102.


svn:r12111
2007-10-22 22:54:28 +00:00
Nick Mathewson
9ec9266374 r16049@catbus: nickm | 2007-10-22 15:31:16 -0400
fix trunk compile


svn:r12110
2007-10-22 19:31:50 +00:00
Nick Mathewson
246cb2071f r16047@catbus: nickm | 2007-10-22 14:00:46 -0400
Resolve some XXX020s in networkstatus.c


svn:r12109
2007-10-22 18:21:22 +00:00
Nick Mathewson
4165d53daf r16045@catbus: nickm | 2007-10-22 13:35:02 -0400
Oops; fix a typo that would have messed with the Unnamed implementation.


svn:r12108
2007-10-22 17:43:07 +00:00
Nick Mathewson
09bce19884 r16042@catbus: nickm | 2007-10-22 13:30:49 -0400
Move functions into and out of dirvote.c so that it contains all the v3 authority functionality, and no non-authority functionality.


svn:r12107
2007-10-22 17:31:26 +00:00
Nick Mathewson
4bab46d5d7 r16041@catbus: nickm | 2007-10-22 13:02:14 -0400
Reattempt certificate downloads immediately on failure, as appropriate.


svn:r12106
2007-10-22 17:31:22 +00:00
Nick Mathewson
25a68907a1 r16035@catbus: nickm | 2007-10-22 12:31:22 -0400
fix compile


svn:r12105
2007-10-22 16:32:10 +00:00
Nick Mathewson
f06ac50d45 r16034@catbus: nickm | 2007-10-22 12:30:38 -0400
Move an XXX020 to the logical place.


svn:r12104
2007-10-22 16:32:08 +00:00
Nick Mathewson
7b80011990 r16033@catbus: nickm | 2007-10-22 12:26:13 -0400
Download some XXXX020s in dirvote.c and mark some functions that may not belong there.


svn:r12103
2007-10-22 16:32:06 +00:00
Nick Mathewson
c47eb2c8d9 r16032@catbus: nickm | 2007-10-22 11:56:53 -0400
When our directory status or our v3 authority status changes, reschedule operations as appropriate. (Fixes some xxxx020 items)


svn:r12102
2007-10-22 16:32:04 +00:00
Nick Mathewson
db05869466 r16031@catbus: nickm | 2007-10-22 11:45:00 -0400
Remove an unused and unneeded layer of abstraction: we only have one store for routers.  (I had thought we might need  a second one for annotated routers, but that's silly.


svn:r12101
2007-10-22 16:32:01 +00:00
Nick Mathewson
b481036266 r16014@catbus: nickm | 2007-10-21 20:29:14 -0400
Fix a unit test in test_crypto_base32_decode that would fail one time in 32.


svn:r12087
2007-10-22 00:29:39 +00:00
Nick Mathewson
4a8cf7b517 r15995@catbus: nickm | 2007-10-21 00:40:46 -0400
More fixes for bad behavior when downloading extrainfos: do not download an ei if we lack the key to verify it, and do not download it if we already got it and found (weirdly) that it didn't match the corresponding server descriptor.


svn:r12071
2007-10-21 04:41:00 +00:00
Roger Dingledine
b4a28f8b83 Bugfix on r7072, which turned out to basically be a no-op:
Respond to INT and TERM SIGNAL commands before we execute the
signal, in case the signal shuts us down. We had a patch in
0.1.2.1-alpha that tried to do this by queueing the response on
the connection's buffer before shutting down, but that really
isn't the same thing. Bug located by Matt Edman.

This is a bug in 0.1.2.x too, but there's no way we should backport
this fix. Speaking of which, can somebody double-check it? :)


svn:r12070
2007-10-21 04:15:28 +00:00
Nick Mathewson
5ada3cc09a r15991@catbus: nickm | 2007-10-20 20:08:29 -0400
Fix a nasty bug in DownloadExtraInfo implementation where we would discard, download, discard, download ad infinitum.


svn:r12069
2007-10-21 00:08:35 +00:00
Nick Mathewson
dc4e710e27 r15976@catbus: nickm | 2007-10-20 19:44:47 -0400
Prioritize fetching descriptors and networkstatus docs over fetching more extrainfo docs.


svn:r12067
2007-10-20 23:45:07 +00:00
Nick Mathewson
9b5af75835 r15974@catbus: nickm | 2007-10-19 16:47:27 -0400
When we decode to use consensus method 2 or later, compute Unnamed and Named more or less as described in 122.  Don't actually use consensus method 2 yet, so we can be sure we didn't screw up v1..


svn:r12055
2007-10-19 20:48:46 +00:00
Nick Mathewson
5f8f498207 r15968@catbus: nickm | 2007-10-19 14:39:51 -0400
Implement code to compute which method to use to compute a consensus. Also, fix leak in consensus calculation.


svn:r12054
2007-10-19 18:56:30 +00:00
Nick Mathewson
b0a18d1bfa r15967@catbus: nickm | 2007-10-19 14:14:47 -0400
Change meaning of "freefn" argument to smartlist_uniq so that we can remove duplicates from a list without freeing them.


svn:r12053
2007-10-19 18:56:28 +00:00
Nick Mathewson
6ca4eebb57 r15966@catbus: nickm | 2007-10-19 13:56:28 -0400
Voting side of proposal 122


svn:r12052
2007-10-19 18:56:26 +00:00
Nick Mathewson
7bb202fd19 r15965@catbus: nickm | 2007-10-19 13:32:11 -0400
Client-side implementation for proposal 122.


svn:r12051
2007-10-19 18:56:24 +00:00
Nick Mathewson
ee2b770dee r15964@catbus: nickm | 2007-10-19 12:43:49 -0400
Sort out that need_to_mirror is for routerstatuses in v2 networkstatuses only.


svn:r12050
2007-10-19 18:56:21 +00:00
Nick Mathewson
24317c75a9 r15961@catbus: nickm | 2007-10-19 12:40:15 -0400
Learn the difference between "mismatched vote digest" and "mismatched vote times": the latter is more informative.


svn:r12049
2007-10-19 16:41:32 +00:00
Nick Mathewson
53f9fe7dc5 r15960@catbus: nickm | 2007-10-19 12:30:17 -0400
Make authority_certs_fetch_missing() honor should_delay_dir_fetches()


svn:r12048
2007-10-19 16:41:30 +00:00
Nick Mathewson
140ef7d0f8 r15957@catbus: nickm | 2007-10-19 12:22:18 -0400
Report our IP address in our vote if it turns out that our hostname isn't a fqdn.


svn:r12047
2007-10-19 16:28:13 +00:00
Nick Mathewson
106e01db3d r15956@catbus: nickm | 2007-10-19 11:18:14 -0400
Encode address in certificates.  Also, make it possible to create certs reusing an old key.


svn:r12046
2007-10-19 16:28:10 +00:00
Nick Mathewson
29dfdac923 r15939@catbus: nickm | 2007-10-18 22:14:15 -0400
Remember the valid-until time of the most recent consensus that listed
 a router, and (if we are a cache) never delete the routerdesc until
 that conensus is expired.  This is way easier than retaining multiple
 consensuses.  (Of course, the info isn't retained across restarts,
 but that only affects a few caches at a time.) 
 


svn:r12041
2007-10-19 02:15:47 +00:00
Peter Palfrader
829801c476 Call routers_update_all_from_networkstatus() from router_reload_consensus_networkstatus() so that we warn about old versions when we startup Tor, not when we fetch the next consensus document
svn:r12038
2007-10-19 00:29:16 +00:00
Roger Dingledine
85e746d060 revert a tiny bit of r12035
svn:r12037
2007-10-18 23:18:28 +00:00
Roger Dingledine
0a865bc277 various fixes from reading or-cvs the past few days
svn:r12035
2007-10-18 23:14:58 +00:00
Nick Mathewson
5bfb422157 r15934@catbus: nickm | 2007-10-18 15:32:56 -0400
When we have plenty of directory information, don't try to launch descriptor downloads quite so eagerly.


svn:r12033
2007-10-18 19:51:14 +00:00
Nick Mathewson
db2c5132c9 r15919@catbus: nickm | 2007-10-18 10:57:47 -0400
Add a log message to router_remove_old_routers to try to figure out why peacetime has such a big cache.


svn:r12024
2007-10-18 14:58:45 +00:00
Nick Mathewson
5ff0e4ed56 r15917@catbus: nickm | 2007-10-18 10:50:01 -0400
Better log messages about extrainfo downloads.


svn:r12023
2007-10-18 14:50:59 +00:00
Nick Mathewson
192e3d71d4 r15915@catbus: nickm | 2007-10-18 10:26:44 -0400
Stop incessant notices about when we think the expected valid-after time should be, if we are not an authority.


svn:r12022
2007-10-18 14:27:42 +00:00
Nick Mathewson
959c4963b2 r15913@catbus: nickm | 2007-10-18 10:22:19 -0400
Fix segfault in init_keys()


svn:r12021
2007-10-18 14:23:19 +00:00
Nick Mathewson
8f21a0a0b7 r15907@catbus: nickm | 2007-10-18 10:18:53 -0400
Fix up logic for choosing the time at which to download a consensus: Never attempt it when the current consensus is still the most recent.


svn:r12020
2007-10-18 14:19:56 +00:00
Nick Mathewson
c96167a6bd r15906@catbus: nickm | 2007-10-18 10:00:08 -0400
Remove the obsolete warned_conflicts field: a v3 consensus cannot conflict with itself.


svn:r12019
2007-10-18 14:19:53 +00:00
Nick Mathewson
59b1b08753 r15905@catbus: nickm | 2007-10-18 09:58:54 -0400
Document some functions while I can still rememberf what they do.  Fix up some whitespace.


svn:r12018
2007-10-18 14:19:51 +00:00
Nick Mathewson
35abfa1f77 r15899@catbus: nickm | 2007-10-18 07:49:15 -0400
"if (!router_get_trusted_dirservers())" is a bad test: router_get_trusted_dirservers() always returns a list.  Instead, check for whether the list is empty.


svn:r12013
2007-10-18 11:50:20 +00:00
Nick Mathewson
54ac72f6b0 r15887@catbus: nickm | 2007-10-17 17:25:32 -0400
When a networkstatus consensus download fails, do not wait 60 seconds to decide whether to retry. (Also, log the time at which we'll try to replace the current networkstatus.)


svn:r12005
2007-10-17 21:26:22 +00:00
Nick Mathewson
088c1fac39 r15886@catbus: nickm | 2007-10-17 17:21:10 -0400
Treat it as an error when a v3 authority cant load its keys or certificates


svn:r12004
2007-10-17 21:26:19 +00:00
Nick Mathewson
e3113502ad r15882@catbus: nickm | 2007-10-17 15:23:05 -0400
oprofile was telling me that a fair bit of our time in openssl was spent in base64_decode, so replace base64_decode with an all-at-once fairly optimized implementation.  For decoding keys and digests, it seems 3-3.5x faster than calling out to openssl.  (Yes, I wrote it from scratch.)


svn:r12002
2007-10-17 19:23:56 +00:00
Nick Mathewson
e8bd32b347 r15880@catbus: nickm | 2007-10-17 14:56:51 -0400
Patch from robert hogan: do not reset trusted dir server list when we get a config option.


svn:r12001
2007-10-17 19:23:52 +00:00
Nick Mathewson
f988f93b1a r15877@catbus: nickm | 2007-10-17 12:54:56 -0400
Make unverified-consensus get removed when it is accepted or rejected.  Make a new get_datadir_fname*() set of functions to eliminate the common code of "get the options, get the datadir, append some stuff".


svn:r12000
2007-10-17 16:55:44 +00:00
Nick Mathewson
4088a90d55 r15876@catbus: nickm | 2007-10-17 12:39:05 -0400
Treat certificates as reason to note directory info as arrived


svn:r11999
2007-10-17 16:55:41 +00:00
Nick Mathewson
c23409080e r15871@catbus: nickm | 2007-10-16 14:47:00 -0400
Add a debugging info msg to routerlist


svn:r11995
2007-10-16 18:47:32 +00:00
Nick Mathewson
9d7eba6ecc r15868@catbus: nickm | 2007-10-16 14:18:29 -0400
Remove nearly all calls to routerlist_remove_old().  Backport candidate.


svn:r11994
2007-10-16 18:19:02 +00:00
Nick Mathewson
29173560b8 r15862@catbus: nickm | 2007-10-16 13:19:29 -0400
Correct mismatches between DirServer lines and authority configuration.


svn:r11992
2007-10-16 17:22:37 +00:00
Nick Mathewson
0dab1a14a5 r15860@catbus: nickm | 2007-10-16 13:09:57 -0400
Avoid an infinite loop in networkstatus_reset_download_failures().


svn:r11990
2007-10-16 17:21:03 +00:00
Nick Mathewson
58ecc39141 r15859@catbus: nickm | 2007-10-16 13:09:28 -0400
Reset the is_named flag only on non-naming directories.


svn:r11989
2007-10-16 17:21:01 +00:00
Nick Mathewson
0d26b623ee r15853@catbus: nickm | 2007-10-16 11:32:55 -0400
Fix "Error adding vote: OK" message.


svn:r11986
2007-10-16 15:34:14 +00:00
Nick Mathewson
c5fb1c19eb r15849@catbus: nickm | 2007-10-16 10:24:38 -0400
Correct and additional fix to bug 529.


svn:r11985
2007-10-16 14:25:16 +00:00
Nick Mathewson
03ce9d3ee7 r15848@catbus: nickm | 2007-10-16 10:17:02 -0400
Only drop routers for not appearing in the consensus if their purpose is GENERAL.


svn:r11984
2007-10-16 14:25:14 +00:00
Nick Mathewson
9ca2625833 r15847@catbus: nickm | 2007-10-16 10:15:07 -0400
Fix the simpler bit of bug 529: update routerinfo_t.is_named from the consensus.


svn:r11983
2007-10-16 14:25:13 +00:00
Nick Mathewson
f3c7eeb4a0 r15843@catbus: nickm | 2007-10-16 09:58:49 -0400
Clean up our code to fix a warning under gcc 4.2


svn:r11982
2007-10-16 13:59:37 +00:00
Roger Dingledine
5aa76cdaa8 Correctly check for bad options to the "PublishServerDescriptor"
config option. Bugfix on 0.2.0.1-alpha; reported by Matt Edman.


svn:r11968
2007-10-16 03:26:39 +00:00
Nick Mathewson
dbdaa610ee r15814@catbus: nickm | 2007-10-15 22:15:19 -0400
Fix last patch.


svn:r11961
2007-10-16 02:15:41 +00:00
Roger Dingledine
e477a3860a two ugly hacks to make my tor client start again. nick, these
are for you.


svn:r11960
2007-10-16 02:06:30 +00:00
Nick Mathewson
9b3957e755 r15809@catbus: nickm | 2007-10-15 19:44:13 -0400
Do not call the more interesting parts of routers_update_all_from_networkstatus if there is no live networkstatus.


svn:r11958
2007-10-15 23:44:32 +00:00
Nick Mathewson
3ad6dc0e2e r15806@catbus: nickm | 2007-10-15 19:14:57 -0400
Implement v3 networkstatus client code.  Remove v2 networkstatus client code, except as needed for caches to fetch and serve v2 networkstatues and the routers they list.


svn:r11957
2007-10-15 23:15:24 +00:00
Nick Mathewson
738d178f77 Make last commit compile
svn:r11953
2007-10-15 20:39:58 +00:00
Nick Mathewson
da955df111 Add some debugging logs related to dir vote timing.
svn:r11952
2007-10-15 20:37:59 +00:00
Nick Mathewson
516b913d5c r15793@catbus: nickm | 2007-10-15 15:50:52 -0400
Do not set "have published consensus" to 1 after we recalculate timing.


svn:r11951
2007-10-15 19:51:14 +00:00
Nick Mathewson
7f9e9c816c r15790@catbus: nickm | 2007-10-15 11:38:28 -0400
Fix bug 528: fix memory leak in base32_decode().  While there, also make base32_decode() accept upper-case inputs.


svn:r11946
2007-10-15 15:38:44 +00:00
Nick Mathewson
161b85d588 r15781@catbus: nickm | 2007-10-15 10:59:26 -0400
Make discard_old_votes part of the consensus publishing process, so we conform to spec, and so we avoid a weird bugs where publishing sets the consensus, setting the consensus makes us reschedule, and rescheduling makes us delay vote-discarding.


svn:r11944
2007-10-15 14:59:48 +00:00
Nick Mathewson
c8ad4f58ee r15780@catbus: nickm | 2007-10-15 10:35:16 -0400
Fix the implementation of "download votes by digest".


svn:r11943
2007-10-15 14:59:44 +00:00
Nick Mathewson
09dfe31ff4 r15750@catbus: nickm | 2007-10-13 20:06:47 -0400
Eventually delete the obsolete cached-routers and cached-routers.new files, so they don't sit around on disk forever.


svn:r11918
2007-10-14 00:13:06 +00:00
Nick Mathewson
1b45314775 r15749@catbus: nickm | 2007-10-13 20:06:06 -0400
Remove support for long-obsolete bw_accounting file.


svn:r11917
2007-10-14 00:13:04 +00:00
Roger Dingledine
39902e93f7 Stop publishing a new server descriptor just because we HUP or
when we find our DirPort to be reachable but won't actually publish
it. Extra descriptors without any real changes are dropped by the
authorities, and can screw up our "publish every 18 hours" schedule.


svn:r11915
2007-10-13 22:31:35 +00:00
Roger Dingledine
d9ba4d3e8b note a bug in directories_have_accepted_server_descriptor() pointed
out by weasel


svn:r11914
2007-10-13 22:01:24 +00:00
Roger Dingledine
e269feea77 stop handling 403 responses from directory authorities/mirrors. we
haven't issued those in years.


svn:r11913
2007-10-13 21:57:02 +00:00
Nick Mathewson
29fc92ef86 r15732@catbus: nickm | 2007-10-12 17:28:24 -0400
Start roughing out the functions that we'll use to replace the old ugly v2 networkstatus manipulation code".


svn:r11904
2007-10-12 21:33:39 +00:00
Nick Mathewson
783402f63a r15731@catbus: nickm | 2007-10-12 17:27:48 -0400
Move "sort a list of routerinfo_t" into its own function in routerlist.c


svn:r11903
2007-10-12 21:33:37 +00:00
Nick Mathewson
a009014eb3 r15730@catbus: nickm | 2007-10-12 16:47:47 -0400
Note a way to make routerlist_remove_old_routrs get called way less.


svn:r11902
2007-10-12 21:33:35 +00:00
Nick Mathewson
de08405bdb r15721@catbus: nickm | 2007-10-12 13:30:48 -0400
Base vote timing only on a currently live consensus.


svn:r11896
2007-10-12 17:43:09 +00:00
Nick Mathewson
8fdfdc5bbb r15719@catbus: nickm | 2007-10-12 13:07:45 -0400
Add the routers in the latest consensus to the list of routers to retain when removing old ones.


svn:r11895
2007-10-12 17:13:09 +00:00
Roger Dingledine
b60e138586 fix two instances of double-frees. may fix bug 527.
svn:r11893
2007-10-12 09:09:46 +00:00
Roger Dingledine
3977ccbc80 Controllers should now specify cache=no or cache=yes when using
the +POSTDESCRIPTOR command.


svn:r11892
2007-10-12 07:57:29 +00:00
Roger Dingledine
ad8757fbeb Disable the SETROUTERPURPOSE controller command: it is now obsolete.
svn:r11891
2007-10-11 22:19:47 +00:00
Roger Dingledine
5c4a00e796 minor cleanups
svn:r11890
2007-10-11 22:19:18 +00:00
Roger Dingledine
3d9bf8c912 note a design flaw that i should fix somehow
svn:r11889
2007-10-11 22:16:05 +00:00
Nick Mathewson
3100712c34 r15703@catbus: nickm | 2007-10-11 17:30:34 -0400
Fix for the reported case of bug 438: check families as well as identities in circuit_find_to_cannibalize().  Code audit still pending. ;)


svn:r11886
2007-10-11 21:40:35 +00:00
Nick Mathewson
b62d379f92 r15689@catbus: nickm | 2007-10-11 16:40:25 -0400
Fix bug 451.  This was a nasty bug, so let's fix it twice: first, by banning recursive calls to connection_handle_write from connection_flushed_some; and second, by not calling connection_finished_flushing() on a closed connection.  Backport candidate.


svn:r11882
2007-10-11 20:45:26 +00:00
Nick Mathewson
ff2820c1ba r14892@Kushana: nickm | 2007-10-11 14:00:33 -0400
Fix a bunch of XXX020s: treat some 403s as INFO severity; remove some dead code; share the retry path for consensus routerdescs that are also listed in the v2 networkstatus; check even more aspects of votes when parsing them.


svn:r11871
2007-10-11 18:01:12 +00:00
Nick Mathewson
007d76543d r14887@Kushana: nickm | 2007-10-11 11:19:39 -0400
Fix some XXX020s in dirserv.c


svn:r11870
2007-10-11 16:06:51 +00:00
Nick Mathewson
52ca3a7610 r14886@Kushana: nickm | 2007-10-11 11:02:53 -0400
Move prototypes around in or.h so that the functions from routerlist.c which moved to networkstatus.c are all grouped in the right section.


svn:r11869
2007-10-11 16:06:47 +00:00
Nick Mathewson
6670122619 r14885@Kushana: nickm | 2007-10-11 10:36:16 -0400
Document minimal values for voting times.  Use a macro instead of a magic number.  Remove an "enforce this" xxxx020 that was already enforced.


svn:r11868
2007-10-11 16:06:42 +00:00
Nick Mathewson
0a1dd92d3e r14884@Kushana: nickm | 2007-10-11 10:30:58 -0400
More fixes for cacheing bridge descs:Remove obsolete EXTRAINFO_PURPOSE_GENERAL; remove purpose argument from signed_desc_append_to_journal.


svn:r11867
2007-10-11 16:06:37 +00:00
Nick Mathewson
9a56b17c54 r15679@catbus: nickm | 2007-10-11 09:51:33 -0400
Remove code to generate v1 directories.


svn:r11866
2007-10-11 13:56:33 +00:00
Roger Dingledine
541aa72155 Bugfix on r11138:
Fix a minor memory leak whenever a controller sends the PROTOCOLINFO
command. Bugfix on 0.2.0.5-alpha.
Backport candidate.


svn:r11864
2007-10-11 03:27:47 +00:00
Roger Dingledine
900ddcb8fd bugfix on r11298:
Fix a minor memory leak whenever we parse guards from our state
file. Bugfix on 0.2.0.7-alpha.


svn:r11862
2007-10-11 02:03:53 +00:00
Nick Mathewson
487f985f5b r15670@catbus: nickm | 2007-10-10 20:08:14 -0400
Restore a removed assert.


svn:r11861
2007-10-11 00:13:06 +00:00
Nick Mathewson
a718fcb1c0 r15663@catbus: nickm | 2007-10-10 16:35:58 -0400
Resolve some more voting-related XXXXs.


svn:r11860
2007-10-11 00:13:03 +00:00
Nick Mathewson
0452a965da r15662@catbus: nickm | 2007-10-10 16:27:58 -0400
Removee a misleading log message.


svn:r11859
2007-10-11 00:13:00 +00:00
Roger Dingledine
8e8d2defe3 bugfix on r11480:
Stop calling tor_strlower() on uninitialized memory in some cases.


svn:r11858
2007-10-10 23:44:10 +00:00
Roger Dingledine
dd920354c2 let bridge authorities write bridge descriptors to their
cached-descriptors* files.

nick, did i get this right?


svn:r11855
2007-10-10 23:11:53 +00:00
Roger Dingledine
919f421c6c get rid of the spurious "Freeing linked %s connection" complaints.
they happen whenever we fail to establish a connection.


svn:r11854
2007-10-10 22:59:34 +00:00
Nick Mathewson
17f3d2807d r15660@catbus: nickm | 2007-10-10 16:25:09 -0400
Fix compilation on last patch.


svn:r11853
2007-10-10 20:29:52 +00:00
Nick Mathewson
dace37aee8 r15656@catbus: nickm | 2007-10-10 16:23:18 -0400
Fix the implementation of if-modified-since for certificates so that it applies to all types of certificate requests.  Note that the kind of consensus that matters already has a working if-modified-since.


svn:r11852
2007-10-10 20:28:01 +00:00
Roger Dingledine
d9a99b9ba6 get r11842 closer to what i want
svn:r11851
2007-10-10 20:13:52 +00:00
Nick Mathewson
976c8f8a71 r15646@catbus: nickm | 2007-10-10 16:01:54 -0400
Fix some memory leaks when serving v3 networkstatus documents and v3 certs. Generate 503 correctly when serving v3 networkstatus documents and v3 certs.


svn:r11850
2007-10-10 20:06:38 +00:00
Roger Dingledine
f6b25613b8 Tweak the implementation of proposal 109 slightly: allow at most
two Tor servers on the same IP address, except if it's the location
of a directory authority, in which case allow five.


svn:r11842
2007-10-10 19:53:08 +00:00
Nick Mathewson
55520a2d95 r15636@catbus: nickm | 2007-10-10 15:28:12 -0400
Retry consensus and certificate downloads properly.  Do not fail when there are no certificates to download.  Do not download certificates we already have when retrying.


svn:r11841
2007-10-10 19:33:19 +00:00
Nick Mathewson
f05685a8eb r15635@catbus: nickm | 2007-10-10 15:27:07 -0400
Remove extraneous whitespace


svn:r11840
2007-10-10 19:33:14 +00:00
Nick Mathewson
b5301d81db r15634@catbus: nickm | 2007-10-10 14:26:49 -0400
Resolve/ignore some XXXXs, and be even more careful about listing a server as a v3 authority.


svn:r11839
2007-10-10 19:33:11 +00:00
Nick Mathewson
b599d4264f r15633@catbus: nickm | 2007-10-10 14:16:54 -0400
Fix a spelling mistake.


svn:r11838
2007-10-10 19:33:06 +00:00
Nick Mathewson
45b987d891 r15632@catbus: nickm | 2007-10-10 13:48:44 -0400
Merge networkstatus_add_signatures_impl into the only function that calls it.


svn:r11837
2007-10-10 19:33:01 +00:00
Nick Mathewson
daf4c11f1a r15630@catbus: nickm | 2007-10-10 13:39:44 -0400
Save weighted-fractional-uptime to disk as well as MTBF.  Bump the version on rouer-stability: downgrading to versions earlier than this one will lose your WFU data.


svn:r11835
2007-10-10 17:48:58 +00:00
Peter Palfrader
1a94e84661 Say "using socksX _to_ port y" instead of "socksX _on_ port y". it confuses weasel less
svn:r11834
2007-10-10 15:44:34 +00:00
Nick Mathewson
9ed39643fa r15626@catbus: nickm | 2007-10-10 11:02:32 -0400
Resolve bug 516: Never report our bandwidth-history as over RelayBandwidthRate*NUM_SECS_BW_SUM_INTERVAL.


svn:r11833
2007-10-10 15:07:19 +00:00
Nick Mathewson
cb0dbbcfa5 r15621@catbus: nickm | 2007-10-10 00:37:25 -0400
Turns out, Bug 463 was just another "warn about something that is no big deal" thing. Downgrade, comment, and resolve.


svn:r11829
2007-10-10 04:37:38 +00:00
Nick Mathewson
1f4eafdb91 r15619@catbus: nickm | 2007-10-10 00:23:45 -0400
Fix bug 483: downgrade a harmless "Hey your accept() implementation sucks" warning to an info.


svn:r11828
2007-10-10 04:24:02 +00:00
Nick Mathewson
72f352880c r15608@catbus: nickm | 2007-10-09 19:01:50 -0400
Give better messages and return values from signature uploads and downlaods; also, log actual errors when we screw up.


svn:r11823
2007-10-09 23:02:02 +00:00
Roger Dingledine
4f23045e58 back out a little bit of r11817 to preserve current behavior.
some other behavior changes left in.


svn:r11821
2007-10-09 21:12:48 +00:00
Roger Dingledine
a5851939c0 i heard that users know the phrase 'system clock' better than 'clock'. hm.
svn:r11820
2007-10-09 21:11:16 +00:00
Nick Mathewson
97fa3fdf16 r15599@catbus: nickm | 2007-10-09 16:44:36 -0400
Fix the bug that was making moria1 set valid-after wrong in its votes: we were looking at the preferred timing when we should have been looking at the consensus timing.


svn:r11818
2007-10-09 20:44:51 +00:00
Nick Mathewson
8b71a76dd3 r15598@catbus: nickm | 2007-10-09 16:37:35 -0400
Turn all "Is DirPort nonzero? Because if it is, we must be a directory" logic into calls to dirserver_mode().


svn:r11817
2007-10-09 20:44:47 +00:00
Nick Mathewson
010fd50c36 r15597@catbus: nickm | 2007-10-09 16:17:42 -0400
Make authority_certs_fetch_missing only fetch certificates which we are not currently downloading; fix XXXX020s in networkstatus.c


svn:r11816
2007-10-09 20:44:45 +00:00
Nick Mathewson
0827d6f217 r15593@catbus: nickm | 2007-10-09 15:31:10 -0400
Fix an infinite loop when parsing multiple votes.


svn:r11813
2007-10-09 19:31:14 +00:00
Nick Mathewson
a2005cd2c1 r15590@catbus: nickm | 2007-10-09 15:14:42 -0400
Change dirvote_get_vote to take named flags rather than 3 boolean inputs.  Fix a bug that was caused by the order of the boolean inputs in or.h not matching the order of boolean inputs in dirvote.c.


svn:r11812
2007-10-09 19:14:48 +00:00
Nick Mathewson
40b6a66c89 r15589@catbus: nickm | 2007-10-09 15:08:00 -0400
Fix dumb typo in vote retrieval: we want to check the pending votes to see what we are missing; not the previous period.


svn:r11811
2007-10-09 19:14:46 +00:00
Nick Mathewson
a3d4c47515 r15587@catbus: nickm | 2007-10-09 15:05:27 -0400
When parsing two concatenated networkstatuses (as we do when voting), detect the end of the first one properly.


svn:r11810
2007-10-09 19:05:38 +00:00
Roger Dingledine
c9f2afd5fa make r11808 build on my 64-bit
svn:r11809
2007-10-09 18:43:05 +00:00
Nick Mathewson
23614f9523 r15581@catbus: nickm | 2007-10-09 14:36:47 -0400
Recompute voting schedule whenever a consensus is set.


svn:r11808
2007-10-09 18:36:56 +00:00
Nick Mathewson
f1d4e3477b Bugfixes in fetching certificates for a consensus: fetch tor/keys/fp/X, not tor/keys/X. Also, count signatures where no certificate is known as "missing a certificate" not as "unknown authority."
svn:r11805
2007-10-09 17:40:23 +00:00
Nick Mathewson
c7981e669f r15574@catbus: nickm | 2007-10-09 13:01:53 -0400
Fix the "400 OK" issue when replying to a vote.


svn:r11801
2007-10-09 17:07:13 +00:00
Nick Mathewson
5346a01796 r14813@Kushana: nickm | 2007-10-09 11:10:48 -0400
Use download_status_t for v2 networkstatuses and certs as well as for routers.  Make functions to manipulate it.  Next steps: use it for consensus networkstatuses, and get consensus download rescheduling working.


svn:r11800
2007-10-09 15:27:45 +00:00
Nick Mathewson
bb9cc4fb29 r14812@Kushana: nickm | 2007-10-09 10:22:00 -0400
Merge extra fields in local_routerstatus_t back into routerstatus_t.  See changelog for rationale.


svn:r11799
2007-10-09 15:27:15 +00:00
Roger Dingledine
11a782a6c3 for once, it was "no-tab man" that struck again.
svn:r11793
2007-10-08 21:28:23 +00:00
Nick Mathewson
18ec603861 r14802@Kushana: nickm | 2007-10-08 17:21:30 -0400
Refactor out about a third of routerlist.c into a new networkstatus.c.  I\m not sure that I got everything that needed to move, but so far so good.


svn:r11791
2007-10-08 21:21:50 +00:00
Nick Mathewson
13f7f98ad2 r14799@Kushana: nickm | 2007-10-08 15:55:18 -0400
Add code to download router descriptors listed in a v3 networkstatus consensus.


svn:r11790
2007-10-08 19:56:57 +00:00
Nick Mathewson
84d7677a8a r14770@Kushana: nickm | 2007-10-08 11:43:02 -0400
Make router_digest_is_trusted_dir able to check for type.  When looking for a V3 directory, only assume that the V3 authorities and caches have it: previous code assumed that all authorities had it.


svn:r11789
2007-10-08 17:44:19 +00:00
Nick Mathewson
3f6e3ce61b r14769@Kushana: nickm | 2007-10-07 14:00:17 -0400
Fetch networkstatus consensus documents as needed.  Disabled for clients until more caches support it.


svn:r11788
2007-10-08 17:44:09 +00:00
Nick Mathewson
6f7847b378 r15530@catbus: nickm | 2007-10-04 12:16:27 -0400
Add a bunch of function documentation; clean up a little code; fix some XXXXs; tag the nonsensical EXTRAINFO_PURPOSE_GENERAL as nonsesnse; note another bit of "do not cache special routers" code to nuke.


svn:r11761
2007-10-04 16:21:58 +00:00
Nick Mathewson
8439c4ec2f r15512@catbus: nickm | 2007-10-02 16:27:43 -0400
Make some functions static; remove some dead code.


svn:r11750
2007-10-02 20:35:23 +00:00
Nick Mathewson
f4f780b526 r15510@catbus: nickm | 2007-10-02 16:14:42 -0400
Add support for more vote URLs that weasel wanted.  Weasel: please test this before I inflict it on anybody else. :)


svn:r11749
2007-10-02 20:19:43 +00:00
Nick Mathewson
439fe55c6b r15436@catbus: nickm | 2007-10-01 21:17:27 -0400
Fix disgusting O(n^2) behavior in router_parse_list_from_string.  Noticed by Li-Hui Zhou; found with oprofile.


svn:r11738
2007-10-02 01:22:42 +00:00
Nick Mathewson
b5c8a8ae53 r15422@catbus: nickm | 2007-09-27 16:42:35 -0400
Use descriptor annotations to record the source, download t time, and purpose of every descriptor we add to the store.  The remaining to-do item is to stop setting do_not_cache on bridges.


svn:r11680
2007-09-27 20:46:30 +00:00
Nick Mathewson
2050b31bb9 r15421@catbus: nickm | 2007-09-27 15:44:17 -0400
When we are a bridge directory, add bridges with purpose BRIDGE, not with purpose CONTROLLER.  Roger, is this right?


svn:r11679
2007-09-27 20:46:28 +00:00
Nick Mathewson
60efd6b726 r15420@catbus: nickm | 2007-09-27 15:40:25 -0400
Remove annotated_desc_store store (which we never used).  Instead, shift name of router store to cached-descriptors, but initialize it from cached-routers as needed


svn:r11678
2007-09-27 20:46:24 +00:00
Nick Mathewson
a1c5a807d0 r15418@catbus: nickm | 2007-09-27 12:37:59 -0400
Fix a stupid logic error in authority_cert_get_by_sk_digest: the presence of an authority lacking a v3 cert does not mean that subsequent authorities lack them too.


svn:r11668
2007-09-27 16:41:42 +00:00
Nick Mathewson
28946069ee r15412@catbus: nickm | 2007-09-27 12:04:24 -0400
More annotated-store work: handle annotations in lists correctly.  Add ability to prepend annotations to a routerdesc (and to every rtouredesc in a list), while verifying that the routerdesc is not already annotated.


svn:r11665
2007-09-27 16:08:10 +00:00
Roger Dingledine
ea47287575 minor typo
svn:r11658
2007-09-27 05:20:26 +00:00
Nick Mathewson
034524f4b7 r15400@catbus: nickm | 2007-09-26 12:13:12 -0400
Backend for descriptor annotations: parse annotations as keywords; only allow them to appear in the cache; do not serve them as part of the descriptor if we are a dirserver.  Still need mechanism to set annotations.  Still need to rename cache file.


svn:r11654
2007-09-26 16:19:44 +00:00
Nick Mathewson
95d97c722a r15371@catbus: nickm | 2007-09-25 19:53:13 -0400
Always set status_out when adding a vote.


svn:r11646
2007-09-25 23:57:12 +00:00
Nick Mathewson
4d44bf1edc r15367@catbus: nickm | 2007-09-25 19:31:11 -0400
It is amazing how reliable missing svk st are at breaking code.


svn:r11644
2007-09-25 23:35:28 +00:00
Nick Mathewson
ad11e9d0f1 r15310@catbus: nickm | 2007-09-24 11:36:08 -0400
Patch from Robert Hogan: fix a couple of status-event related typos. Backport candidate.


svn:r11604
2007-09-24 15:41:20 +00:00
Nick Mathewson
921f9f774d r15279@catbus: nickm | 2007-09-22 02:00:06 -0400
V3 authority work: fetch missing votes and/or signatures as needed.


svn:r11575
2007-09-22 06:06:05 +00:00
Roger Dingledine
b40230f45b note another bug i'd like to fix
svn:r11571
2007-09-22 00:05:46 +00:00
Roger Dingledine
523ac934de make directories_have_accepted_server_descriptor() able to
handle non-default values of PublishServerDescriptor.


svn:r11569
2007-09-21 22:14:39 +00:00
Roger Dingledine
41f3d0eb27 only mess with 'state' in init_keys if we're planning to actually
run tor. this resolves a segfault in 'tor --list-fingerprints'
introduced by r11437.

backport candidate due to r11438.


svn:r11566
2007-09-21 21:52:31 +00:00
Nick Mathewson
65cf389998 r15253@catbus: nickm | 2007-09-21 15:03:51 -0400
Oops; we had vote_delay and dist_delay switched when computing when to generate our consensus.  Harmless so far, but let's get that fixed.


svn:r11558
2007-09-21 19:11:52 +00:00
Roger Dingledine
193a144c9f Make "UpdateBridgesFromAuthority" torrc option work: when bridge
users configure that and specify a bridge with an identity
fingerprint, now they will lookup the bridge descriptor at the
default bridge authority via a one-hop tunnel, but once circuits
are established they will switch to a three-hop tunnel for later
connections to the bridge authority.


svn:r11550
2007-09-21 06:14:36 +00:00
Nick Mathewson
fdf390525c r15233@catbus: nickm | 2007-09-20 18:58:23 -0400
19:00 < weasel> Sep 21 01:00:01.926 [warn] Consensus published.
 19:00 < weasel> hah
 19:00 < nickm> ha indeed
 19:00 < nickm> a winner is me
 19:00 < weasel> _warn_ :)
 19:01 < nickm> watch out! It could go off at any moment!
 19:01  * weasel backs away


svn:r11546
2007-09-20 23:02:13 +00:00
Roger Dingledine
90d1345d90 bugfix on r11110:
Fix a bug that made servers send a "404 Not found" in response to
attempts to fetch their server descriptor. This caused Tor servers
to take many minutes to establish reachability for their DirPort,
and it totally crippled bridges. Bugfix on 0.2.0.5-alpha.



svn:r11545
2007-09-20 22:08:40 +00:00
Peter Palfrader
3b776b865e Minor whitespace fix
svn:r11543
2007-09-20 21:46:10 +00:00
Peter Palfrader
b16224c311 add a v3 authority
svn:r11542
2007-09-20 21:36:56 +00:00
Nick Mathewson
fc5dd0cdbb r15231@catbus: nickm | 2007-09-20 16:04:30 -0400
Patch from karsten: remove cbc and make unit tests handle aes-ctr-with-iv.


svn:r11538
2007-09-20 20:08:47 +00:00
Roger Dingledine
088c4cd8ce it works better when it compiles
svn:r11531
2007-09-20 04:54:50 +00:00
Roger Dingledine
0914883339 Resume listing "AUTHORITY" flag for authorities in network status.
Bugfix on 0.2.0.3-alpha; reported by Alex de Joode.


svn:r11530
2007-09-20 04:37:17 +00:00
Nick Mathewson
5e81b0ecb8 r15170@catbus: nickm | 2007-09-19 11:41:50 -0400
Carry a new evdns function over from libevent: do not rely on compile-time code to set the transaction ID correctly.  This will be important when we finally drop our internal copy of eventdns.c


svn:r11517
2007-09-19 15:53:36 +00:00
Nick Mathewson
faeedbb8af r15167@catbus: nickm | 2007-09-19 11:19:08 -0400
Fix unit tests for rendezvous descriptor parsing.


svn:r11516
2007-09-19 15:53:33 +00:00
Roger Dingledine
53f57dd7c0 Set up moria1 as the first v3 directory authority.
svn:r11506
2007-09-19 03:22:01 +00:00
Roger Dingledine
a1e923c50d right before publishing our service descriptor, we were
rewriting the hexdigest back to an ambiguous nickname.
if this patches it, we should write a changelog and then
backport.


svn:r11500
2007-09-19 00:30:19 +00:00
Roger Dingledine
2a2cee9e51 Start using the v2 intro format for hidden service connections. Now
clients specify their chosen rendezvous point by identity digest
rather than by (potentially ambiguous) nickname. This change could
speed up hidden service connections dramatically.


svn:r11499
2007-09-18 23:48:39 +00:00
Roger Dingledine
82da6c02ba clean up r11496
svn:r11498
2007-09-18 23:34:27 +00:00
Roger Dingledine
eb9dc12ce9 Drop support for v1 rendezvous descriptors, since we never used
them anyway, and the code has probably rotted by now. Based on
patch from Karsten Loesing.


svn:r11496
2007-09-18 21:17:45 +00:00
Roger Dingledine
f15a4c8bd7 add some crypto/util functions from karsten, as the first
step of integrating his new hidden service stuff


svn:r11489
2007-09-18 17:07:56 +00:00
Nick Mathewson
f45dec1690 r15143@catbus: nickm | 2007-09-18 11:49:46 -0400
Add getinfo status/good-server-descriptor and status/reachability-succeeded. Patch from Robert Hogan.


svn:r11483
2007-09-18 15:53:55 +00:00
Nick Mathewson
a2b76befff r15142@catbus: nickm | 2007-09-18 11:43:32 -0400
Split "Have all the authorities accepted our server descriptor?" into its own function.  Patch from Robert Hogan.


svn:r11482
2007-09-18 15:53:53 +00:00
Nick Mathewson
eee8d750b6 r15140@catbus: nickm | 2007-09-18 11:34:54 -0400
Get rid of a needless malloc() when parsing address policies.  Original patch from "Some guy on #tor", via arma.  Altered to have a sufficiently large buffer, and not use the buffer so much, and to save a strlcpy.


svn:r11480
2007-09-18 15:38:00 +00:00
Roger Dingledine
8f75defd33 Servers used to decline to publish their DirPort if their
BandwidthRate, RelayBandwidthRate, or MaxAdvertisedBandwidth
were below a threshold. Now they only look at BandwidthRate and
RelayBandwidthRate.


svn:r11465
2007-09-17 22:22:05 +00:00
Roger Dingledine
ffce9d3368 trivial doxygen thing
svn:r11463
2007-09-17 21:59:07 +00:00
Nick Mathewson
8c13967803 r14448@Kushana: nickm | 2007-09-17 14:26:56 -0400
Unify all of the divergent median/nth-percentile code in container.[ch]


svn:r11457
2007-09-17 18:27:49 +00:00
Nick Mathewson
93d4ad9743 r14447@Kushana: nickm | 2007-09-17 13:31:50 -0400
Track weighted fractional uptime in addition to weighted mtbf: we want to use mtbf for stable, but fractional uptime for guard.


svn:r11456
2007-09-17 18:27:43 +00:00
Nick Mathewson
076b27aff8 r15077@catbus: nickm | 2007-09-15 14:04:19 -0400
Oops; make Makefile.am work on mingw again.


svn:r11445
2007-09-15 18:06:23 +00:00
Nick Mathewson
1dbe726f04 r15068@catbus: nickm | 2007-09-14 15:25:02 -0400
Fix a couple typos in control.c; spotted by Robert Hogan.


svn:r11440
2007-09-14 19:27:04 +00:00
Nick Mathewson
5fcc48d389 r14425@Kushana: nickm | 2007-09-13 13:00:57 -0400
Do not load state when options->command is not RUN_TOR. (Resolves bug 499; backport candidate)


svn:r11437
2007-09-13 17:01:08 +00:00
Nick Mathewson
9b1ad0074b r14392@Kushana: nickm | 2007-09-12 11:04:20 -0400
Complete implementation of proposal 104: remove bandwidth history lines from router descriptors.


svn:r11434
2007-09-12 17:33:23 +00:00
Nick Mathewson
71a56aa895 r14391@Kushana: nickm | 2007-09-12 10:56:17 -0400
Remove some needless complexity from the code to add signatures to a consensus: previously, we had a path to add new signatures, and a second path to replace signatures.  But the second path sufficed as a common case, and the code isn't invoked nearly enough to justify the optimization of having the first path.


svn:r11433
2007-09-12 17:33:18 +00:00
Nick Mathewson
1647a5764a r15056@catbus: nickm | 2007-09-12 13:15:19 -0400
Try to fix an automake problem by renaming a variable.


svn:r11432
2007-09-12 17:17:03 +00:00
Nick Mathewson
e73fb2f102 r15049@catbus: nickm | 2007-09-11 16:05:50 -0400
When we get a consensus for which we are missing the right certificates, keep it around pending more certificates; do not just drop it.


svn:r11430
2007-09-11 20:17:28 +00:00
Nick Mathewson
4de4f53abd r15048@catbus: nickm | 2007-09-11 14:20:39 -0400
Add code to warn about mauthorities on a consensus when they are not what we expect to find.


svn:r11429
2007-09-11 20:17:25 +00:00
Nick Mathewson
749da8e0e9 r15047@catbus: nickm | 2007-09-11 13:40:54 -0400
Fix a memory leak when reloading v3 authority certificate and keys.


svn:r11428
2007-09-11 20:17:24 +00:00
Nick Mathewson
973502d290 r15046@catbus: nickm | 2007-09-11 13:38:36 -0400
Check V3 authority certificates for expiry, and warn the authority op as they get old.


svn:r11427
2007-09-11 20:17:22 +00:00
Nick Mathewson
3c7652ccdb r15045@catbus: nickm | 2007-09-11 11:52:29 -0400
Reject incoming votes when the valid-after time does not match the period that we're trying to vote for.


svn:r11426
2007-09-11 20:17:20 +00:00
Nick Mathewson
c0130f9611 r15022@catbus: nickm | 2007-09-10 10:31:54 -0400
remove yet more pointless differences between our eventdns.c and the evdns.c in libevent.


svn:r11425
2007-09-11 20:17:18 +00:00
Nick Mathewson
5828e4d5c4 r15020@catbus: nickm | 2007-09-10 10:22:31 -0400
remove more pointless differences between our eventdns.c and the evdns.c in libevent.


svn:r11416
2007-09-10 14:23:26 +00:00
Nick Mathewson
13b65c4129 r15018@catbus: nickm | 2007-09-10 10:04:16 -0400
Change comments in eventdns.c to C-style, so we can more easily diff it against the version in libevent to reconcile them (again).


svn:r11415
2007-09-10 14:05:12 +00:00
Nick Mathewson
a04e584cbc r15005@catbus: nickm | 2007-09-10 09:49:03 -0400
Undo brokenness from merge conflict.


svn:r11414
2007-09-10 13:50:00 +00:00
Nick Mathewson
615d19fe4c r15001@catbus: nickm | 2007-09-10 09:44:49 -0400
Fix a couple of memory leaks in eventdns.c; found by niels.  Not backport candidates, since they only affect DNSPort users.


svn:r11413
2007-09-10 13:48:01 +00:00
Nick Mathewson
6744ebe7b5 svn:r11412 2007-09-10 13:47:56 +00:00
Nick Mathewson
565f5f32c5 r14363@Kushana: nickm | 2007-09-08 16:25:45 -0400
Another round of whitespeace fixes.


svn:r11407
2007-09-08 20:25:57 +00:00
Nick Mathewson
eb3f24f027 r14358@Kushana: nickm | 2007-09-08 13:45:16 -0400
Implement certificate fetch functions.


svn:r11405
2007-09-08 19:08:39 +00:00
Nick Mathewson
1c8bd05c70 Fix compilation of ntmain.c.
svn:r11395
2007-09-06 18:19:09 +00:00
Nick Mathewson
4c4280e249 Make sure that even dumb compilers can tell that bad_cookie and bad_password are set before use.
svn:r11390
2007-09-06 18:04:28 +00:00
Nick Mathewson
f17a38ab04 r14940@catbus: nickm | 2007-09-06 13:22:26 -0400
Move NT services code into its own C file.  Probably will not build happily on win32 yet; more hacking needed.


svn:r11388
2007-09-06 17:42:05 +00:00
Andrew Lewman
c5b4f779ec Fixed misspelling of "connection" caught by kate.
svn:r11382
2007-09-06 00:36:53 +00:00
Nick Mathewson
d57c1c5c56 r14328@Kushana: nickm | 2007-09-04 20:17:34 -0400
There is no good reason to make hashedcontrolpassword and cookieauthentication mutually exclusive.  So let's not.


svn:r11377
2007-09-05 00:31:07 +00:00
Nick Mathewson
7c47856c9e r14327@Kushana: nickm | 2007-09-04 20:06:04 -0400
Better comment in dnsserv.c


svn:r11376
2007-09-05 00:31:01 +00:00
Nick Mathewson
eca3634f62 r14294@Kushana: nickm | 2007-09-01 13:50:03 -0400
Oops. Initialize "changed" variable when removing obsolete guards.


svn:r11346
2007-09-01 17:50:29 +00:00
Nick Mathewson
c967fae598 r14880@catbus: nickm | 2007-08-31 11:06:10 -0400
Refactor store_stats_t to hold a pointer to the proper mmap, and turn it into a full-fledged type.  This sets stuff up nicely for adding a separate "annotated" store.  Add some XXXX NM items that need to be fixed when annotated stores exist


svn:r11338
2007-08-31 15:08:37 +00:00
Nick Mathewson
2ff871e530 r14871@catbus: nickm | 2007-08-31 10:12:53 -0400
Check correct circuit type when calling functions from rend_process_relay_cell. Backport candidate.


svn:r11336
2007-08-31 14:20:44 +00:00
Nick Mathewson
5da6321b76 r14859@catbus: nickm | 2007-08-30 17:10:15 -0400
0-pad minutes and seconds when displaying weighted mtbf in info logs.


svn:r11324
2007-08-30 21:12:34 +00:00
Nick Mathewson
c8e379a4cd r14259@Kushana: nickm | 2007-08-30 02:33:55 -0400
Teach tor about more libevent versions.  Be more clear that "Known bugs" means "it will crash or something."  Most significantly, stop issuing dire warnings every time we run with kqueue on os x: it seems to have worked for a while now.


svn:r11314
2007-08-30 06:34:17 +00:00
Nick Mathewson
f189ecbf20 r14832@catbus: nickm | 2007-08-29 15:00:27 -0400
Use (and debug) new file-writing functions in order to simplify code that formerly built big strings in RAM.


svn:r11301
2007-08-29 19:02:43 +00:00
Nick Mathewson
91f83cfc2d r14830@catbus: nickm | 2007-08-29 13:50:10 -0400
Make controllers accept LF as well as CRLF.  Update spec to reflect this.  Remove now-dead code.  Make controller warning about v0 protocol more accurate.


svn:r11299
2007-08-29 19:02:33 +00:00
Nick Mathewson
4266039c19 r14826@catbus: nickm | 2007-08-29 13:19:55 -0400
Add a line to the state file for each guard to let us know which version added the guard.  If the line is absent, assume the guard was added by whatever version of Tor last wrote the state file.  Remove guards if the version that added them was using a bad guard selection algorithm.  (Previously, we removed guards if the version that wrote the file was using a bad guard selection algorithm, even if the guards themselves were chosen by a good version.) 


svn:r11298
2007-08-29 17:22:00 +00:00
Nick Mathewson
a4cc3e4be1 r14821@catbus: nickm | 2007-08-27 19:57:56 -0400
Check for absent nickname when making extend info.  I still dont know when this happens, but it is easy enough to check for.  Fixes bug 467.


svn:r11293
2007-08-28 00:00:32 +00:00
Nick Mathewson
7cbe302b3f r14231@Kushana: nickm | 2007-08-27 14:56:14 -0400
Most configuration options have the same names in or.h and in torrc.  Make the macros reflect this, so that it is easier to fit them onto a line, and so that mismatched options stand out more


svn:r11290
2007-08-27 18:56:20 +00:00
Nick Mathewson
d3224bad42 r14227@Kushana: nickm | 2007-08-27 11:33:28 -0400
Add a new ClientDNSRejectInternalAddresses option (default: on) to refuse to believe that any address can map to or from an internal address.  This blocks some kinds of potential browser-based attacks, especially on hosts using DNSPort.  Also clarify behavior in some comments.  Backport candiate?


svn:r11287
2007-08-27 15:33:58 +00:00
Roger Dingledine
c4ee55ed26 Set up Tonga as the default bridge directory authority.
svn:r11276
2007-08-25 22:02:55 +00:00
Roger Dingledine
da1485088c formatting cleanups
svn:r11273
2007-08-25 21:31:34 +00:00
Roger Dingledine
df98447be5 revert the recommended-guard-version thing. it did not do what we
want, which is to expire old guards *every* time somebody moves
from an old version to the new one.

also, refine which version numbers count as 'new enough'.


svn:r11272
2007-08-25 20:34:13 +00:00
Nick Mathewson
7efc165095 r14204@Kushana: nickm | 2007-08-24 10:24:36 -0400
Fix a bug in last patch; add support for getting extrainfo documents by the control port (since it is silly to tell tools to do it without actually giving them an interface).


svn:r11270
2007-08-24 14:41:15 +00:00
Nick Mathewson
b9d43e2685 r14203@Kushana: nickm | 2007-08-24 10:15:58 -0400
Add a hacked-up GETINFO desc/all-recent-extrainfo-hack so that torstat can keep working with a minimum of fuss, until it learns about extrainfo documents.


svn:r11269
2007-08-24 14:41:10 +00:00
Nick Mathewson
cf2ac9b9e1 r14202@Kushana: nickm | 2007-08-24 09:55:30 -0400
Add purposes for new things we need to fetch for v3 directory system.


svn:r11268
2007-08-24 14:41:06 +00:00
Nick Mathewson
c3805e753a r14200@kushana: nickm | 2007-08-24 08:33:41 -0400
In new code, let's try to prefer named flags to mazes of twisted boolean arguments, all alike.


svn:r11267
2007-08-24 12:33:53 +00:00
Roger Dingledine
daece599a1 more cleanups on r11258. looks good now.
svn:r11266
2007-08-24 10:50:48 +00:00
Roger Dingledine
738ecba367 make the last patch do what i actually want. it was a bit tricky
since we want the default guardversion to be 0 (which is what it is
if there's no guardversion line), yet when we're validating a freshly
configed and defaulted state, we don't want to complain.


svn:r11264
2007-08-24 08:12:25 +00:00
Roger Dingledine
9bacf68851 cleanups on r11258
svn:r11263
2007-08-24 08:01:47 +00:00
Roger Dingledine
d39c7515d1 patch from mike perry to a) stop overloading guards as much, and
b) raise the max-believable-bandwidth to 10MB/s.


svn:r11258
2007-08-24 06:30:34 +00:00
Roger Dingledine
8d524edb83 a single quote != a single double quote. i can't hear the
circus music from here, perhaps we should move closer.


svn:r11256
2007-08-23 23:03:32 +00:00
Nick Mathewson
c65131b171 r14185@Kushana: nickm | 2007-08-22 11:07:01 -0400
Add some voting-related documentation.


svn:r11255
2007-08-22 15:07:44 +00:00
Nick Mathewson
08e605b4e2 r14184@Kushana: nickm | 2007-08-22 11:06:37 -0400
Unmap cached-extrainfo on exit. Fixes bug 484.


svn:r11254
2007-08-22 15:07:29 +00:00
Roger Dingledine
c02fb8997b backport candidate:
Make it possible to read the PROTOCOLINFO response in a way that
conforms to our control-spec. Reported by Matt Edman.


svn:r11251
2007-08-22 07:57:10 +00:00
Roger Dingledine
353abd9830 backport candidate:
Stop leaking part of the descriptor when we run into a particularly
unparseable piece of it. Bugfix on 0.1.2.x.


svn:r11249
2007-08-22 03:21:51 +00:00
Roger Dingledine
79066b4851 backport candidate:
Fix a minor memory leak when we fail to find enough suitable
servers to choose a circuit. Bugfix on 0.1.2.x.


svn:r11247
2007-08-22 03:03:24 +00:00
Nick Mathewson
7dbe7fd4d8 r14758@catbus: nickm | 2007-08-21 01:36:03 -0400
Finish implementing and documenting proposal 108: Authorities now use MTBF data to set their stability flags, once they have at least 4 days of data to use.


svn:r11240
2007-08-21 05:37:24 +00:00
Roger Dingledine
8a21232256 Stop putting the authentication cookie in a file called "0"
in your working directory if you don't specify anything for the
new CookieAuthFile option. Reported by Matt Edman.


svn:r11237
2007-08-21 03:11:56 +00:00
Peter Palfrader
c7140372cb It works better if we don't print a 404 header after our body
svn:r11236
2007-08-20 22:40:09 +00:00
Peter Palfrader
6802923fa7 call it EXPORTMALLINFO, not EXPORTMEMINFO
svn:r11235
2007-08-20 22:31:39 +00:00
Peter Palfrader
8aceafc0c8 Appease check-spaces
svn:r11234
2007-08-20 22:23:22 +00:00
Peter Palfrader
38cbd7263e We do not mix variable declarations and code
svn:r11233
2007-08-20 22:13:14 +00:00
Peter Palfrader
8c3d14cda5 Optionally export mallinfo() output on the DirPort
svn:r11232
2007-08-20 22:11:56 +00:00
Peter Palfrader
f99ac7fe52 Remove /tor/dir-all-weaselhack, it's useless without FULL_V1_DIRECTORIES defined
svn:r11231
2007-08-20 21:56:33 +00:00
Roger Dingledine
4ff3343e98 Let directory authorities startup even when they can't generate
a descriptor immediately, e.g. because they don't know their 
address.


svn:r11228
2007-08-20 18:29:17 +00:00
Nick Mathewson
df0a141a27 r14740@catbus: nickm | 2007-08-20 13:00:52 -0400
Only load MTBF data if we are running tor


svn:r11226
2007-08-20 17:02:04 +00:00
Nick Mathewson
3effc8b267 r14733@catbus: nickm | 2007-08-20 12:32:44 -0400
Clean up MTBF storage code. Do not count times that we have been down toward the current run.  Handle backward timewarps correctly.  Store MTBF data on exit in addition to periodically.


svn:r11225
2007-08-20 16:34:17 +00:00
Roger Dingledine
a200f442fb avoid double-punctuation when we're reporting errors from the
config functions to the controller.


svn:r11221
2007-08-20 16:13:21 +00:00
Nick Mathewson
76d40372fc r14731@catbus: nickm | 2007-08-20 12:02:09 -0400
Clean up authdir_X functions a little.


svn:r11220
2007-08-20 16:03:19 +00:00
Nick Mathewson
9958dc8d53 r14729@catbus: nickm | 2007-08-20 11:58:02 -0400
Trigger load and save of MTBF data.


svn:r11219
2007-08-20 15:59:31 +00:00
Nick Mathewson
d3b019a1df r14726@catbus: nickm | 2007-08-20 11:42:07 -0400
Make v3-only authorities check reachability


svn:r11218
2007-08-20 15:43:17 +00:00
Nick Mathewson
113367bc01 r14722@catbus: nickm | 2007-08-20 10:54:29 -0400
Add debugging warning to not abort in the case of bug 483.  This is probably not an actual error case, so we should figure out what is really causing it and do something more sensible.


svn:r11215
2007-08-20 14:59:05 +00:00
Nick Mathewson
c7ed49e7f8 r14663@catbus: nickm | 2007-08-18 17:50:51 -0400
Fix an XXX020 in or.h: BRIDGE != CONTROLLER.


svn:r11195
2007-08-19 15:20:11 +00:00
Roger Dingledine
473ff753f2 bump to 0.2.0.5-alpha since we're getting close
svn:r11189
2007-08-19 07:30:29 +00:00
Roger Dingledine
8641439a6e backport candidate (revert part of r9350):
Expire application streams in all cases if they've been around
longer than SocksTimeout. Right now there are some cases where the
stream will live forever, demanding a new circuit every 15 seconds.
Bugfix on 0.1.2.7-alpha; fixes bug 454; reported by lodger.


svn:r11186
2007-08-19 07:17:40 +00:00
Roger Dingledine
d6aa617e07 oh, and make it compile too
svn:r11185
2007-08-19 07:06:02 +00:00
Roger Dingledine
03560d575e generalize circuit_find_to_cannibalize() so it knows what
purpose circuit we're planning to become


svn:r11184
2007-08-19 07:04:24 +00:00
Roger Dingledine
c88803d924 Fix a bug in ADDRMAP controller replies that would sometimes
try to print a NULL. Patch from tup.


svn:r11181
2007-08-19 04:58:55 +00:00
Roger Dingledine
7c49a8d03e get rid of a debugging message that non v3-authorities were
seeing too, and that doesn't seem to be critical


svn:r11179
2007-08-19 04:28:56 +00:00
Andrew Lewman
b7026ea1b3 Move event.h include down a stanza to make mingw happy.
svn:r11174
2007-08-19 02:56:16 +00:00
Roger Dingledine
96cff65f85 backport candidate:
Refuse to start with certain directory authority keys, and 
encourage people using them to stop.


svn:r11171
2007-08-19 02:51:54 +00:00
Nick Mathewson
b45b91a358 r14661@catbus: nickm | 2007-08-18 15:38:08 -0400
Long overdue test.c refactoring: add --warn/--notice/--info/--debug command line options to set logging levels, and let the user specify which tests to run from the commmand line.


svn:r11167
2007-08-18 19:39:14 +00:00
Nick Mathewson
676d8622de r14659@catbus: nickm | 2007-08-18 14:19:34 -0400
When we are loading state info from disk, never believe any date in the future.  Doing so can keep us from retrying guards, rotating onion keys, storing bandwidth info, etc.  Fixes bug 434, and others. Backport candidate, once it has been tested.


svn:r11166
2007-08-18 18:20:42 +00:00
Peter Palfrader
50c0e6b37f Remove routerlist_check_bug_417() and all its calls. There is still some more debugging code left, marked with XXXs
svn:r11161
2007-08-17 22:55:04 +00:00
Nick Mathewson
1f244d3943 r14639@catbus: nickm | 2007-08-17 17:45:28 -0400
Compile without warnings on MinGW, even with --enable-gcc-warnings enabled.


svn:r11157
2007-08-17 21:46:34 +00:00
Nick Mathewson
f8b3927e07 r14634@catbus: nickm | 2007-08-17 16:43:49 -0400
Try to fix bug 482: do not rely on s6_addr16 or s6_addr32 on MSVC.  How ugly.


svn:r11155
2007-08-17 20:44:54 +00:00
Nick Mathewson
b34ed73706 r14630@catbus: nickm | 2007-08-17 16:30:42 -0400
Functions to save and load MTBF information.


svn:r11153
2007-08-17 20:31:59 +00:00
Nick Mathewson
31668172ed r14626@catbus: nickm | 2007-08-17 11:20:05 -0400
Link note_router_reachable and note_router_unreachable to  mtbf code. decouple mtbf from connect/disconnect.  log it in USR1.  do not blow it away on cleanup if we are an authority.


svn:r11151
2007-08-17 20:31:54 +00:00
Roger Dingledine
3f186e6510 help nick work on proposal 108
svn:r11148
2007-08-17 01:29:58 +00:00
Nick Mathewson
357b4645cf r14612@catbus: nickm | 2007-08-16 15:23:35 -0400
Initial work on proposal 108: have rephist.c track the information we want to be tracking for OR stability.


svn:r11147
2007-08-16 19:32:29 +00:00
Roger Dingledine
2df9bb937d clean up the cookieauth stuff
svn:r11146
2007-08-16 19:27:31 +00:00
Nick Mathewson
718953dbe9 r14606@catbus: nickm | 2007-08-16 13:45:01 -0400
Implement CookieAuthFile and CookieAuthFileGroupReadable.  Backport candidate.


svn:r11141
2007-08-16 17:46:01 +00:00
Nick Mathewson
f4398feadb r14600@catbus: nickm | 2007-08-16 13:30:22 -0400
Implement proposal 119. Backport candidate.


svn:r11138
2007-08-16 17:31:23 +00:00
Nick Mathewson
3623a12262 r14583@catbus: nickm | 2007-08-15 17:52:35 -0400
Fix a bug caught by Kate: when we switched from masks to bits in 0.2.0.3-alpha, we added a spurious ! that made us never believe that any address fell inside a virtual address range.  While we're at it, save a trip around the loop in the common case.


svn:r11129
2007-08-15 21:53:34 +00:00
Nick Mathewson
181ba71a90 r14051@Kushana: nickm | 2007-08-15 15:55:36 -0400
Fix an XXXX020 and a few DOCDOCs.


svn:r11127
2007-08-15 19:56:01 +00:00
Nick Mathewson
abad4dfc7a r14050@Kushana: nickm | 2007-08-15 15:21:02 -0400
Eliminate tons of repeated code in directory_handle_command_get.


svn:r11126
2007-08-15 19:55:57 +00:00
Nick Mathewson
4135c68853 r14049@Kushana: nickm | 2007-08-15 14:43:56 -0400
Implement code to serve pending votes, consensuses, and signatures.


svn:r11125
2007-08-15 19:55:52 +00:00
Nick Mathewson
717f3b8a12 r14047@Kushana: nickm | 2007-08-15 13:57:39 -0400
fix a really nasty bug in v3 authorities: only set v3_digest in trusted_dir_server_t for v3 authorities.


svn:r11124
2007-08-15 17:57:47 +00:00
Nick Mathewson
e10041447c r14045@Kushana: nickm | 2007-08-15 13:07:21 -0400
Add more logs to try to hunt down latest voting bug.


svn:r11123
2007-08-15 17:07:27 +00:00
Nick Mathewson
38b84d9659 r14043@Kushana: nickm | 2007-08-15 12:12:25 -0400
Fix consensus signatures: regenerate the entire signature list when we get a new signature, rather than just appending the new signature.  This lets us tentatively accept weird signatures, since we can replace them with better ones later.


svn:r11122
2007-08-15 16:12:40 +00:00
Nick Mathewson
d5bd7d9fa3 r14032@Kushana: nickm | 2007-08-15 11:35:16 -0400
Add unit tests for median functions; enforce sensible ranges for intervals and delays.


svn:r11121
2007-08-15 15:38:58 +00:00
Nick Mathewson
60c2e9d99e r14031@Kushana: nickm | 2007-08-15 11:34:26 -0400
Fix a segfault in cert retrieval


svn:r11120
2007-08-15 15:38:53 +00:00
Roger Dingledine
7e5cee8110 this does not actually change anything (i hope), but it makes me a lot
more comfortable.
nick, can you confirm this?


svn:r11119
2007-08-15 15:36:34 +00:00
Roger Dingledine
f606d74f56 backport candidate:
- If we require CookieAuthentication but we fail to write the
  cookie file, we would warn but not exit, and end up in a state
  where no controller could authenticate. Now we exit.
- If we require CookieAuthentication, stop generating a new cookie
  every time we change any piece of our config.


svn:r11117
2007-08-15 15:26:14 +00:00
Nick Mathewson
484a580698 r14028@Kushana: nickm | 2007-08-14 17:07:51 -0400
Implement cert-retrieval URLs. (Also, update TODO)


svn:r11112
2007-08-14 21:09:30 +00:00
Nick Mathewson
486166f9a8 r14020@Kushana: nickm | 2007-08-14 16:07:37 -0400
return 404 properly when somebody requests a bunch of nonexistent statuses/servers


svn:r11110
2007-08-14 20:19:58 +00:00
Nick Mathewson
3923eff1e6 r14019@Kushana: nickm | 2007-08-14 15:40:05 -0400
Save a 4 or 8 bytes per connection in or.h


svn:r11109
2007-08-14 20:19:51 +00:00
Nick Mathewson
2a31f09af6 r14018@Kushana: nickm | 2007-08-14 15:39:35 -0400
Resolve XXXX020s in config.c


svn:r11108
2007-08-14 20:19:46 +00:00
Nick Mathewson
42fa1de585 r14017@Kushana: nickm | 2007-08-14 15:13:14 -0400
Enable more code for v3 voting timing information.  Also, spec clarification.


svn:r11107
2007-08-14 20:19:40 +00:00
Nick Mathewson
25d2901857 r14015@Kushana: nickm | 2007-08-14 12:39:04 -0400
Try to avoid adding duplicate signatures to a consensus.


svn:r11105
2007-08-14 16:39:18 +00:00
Nick Mathewson
925394022a r14011@Kushana: nickm | 2007-08-14 10:29:49 -0400
Actually upload signatures when we vote. log more about the signatures we get.  discard pending vote stuff after we publish.


svn:r11104
2007-08-14 14:30:45 +00:00
Nick Mathewson
944bc41f99 r14010@Kushana: nickm | 2007-08-14 10:20:28 -0400
Fix a URL in voting


svn:r11103
2007-08-14 14:30:33 +00:00
Nick Mathewson
3399d63170 r14009@Kushana: nickm | 2007-08-14 10:20:20 -0400
Fix a logic error in certificate handling


svn:r11102
2007-08-14 14:30:25 +00:00
Nick Mathewson
817ed1ccbf r14006@kushana: nickm | 2007-08-14 09:34:28 -0400
re-enable version checking


svn:r11101
2007-08-14 13:34:41 +00:00
Nick Mathewson
3268ab58f2 r14005@kushana: nickm | 2007-08-14 09:34:19 -0400
add a warning to find a bug (maybe)


svn:r11100
2007-08-14 13:34:35 +00:00
Nick Mathewson
cd5eaf53f9 r14003@kushana: nickm | 2007-08-13 22:23:49 -0400
Resolve a pile of XXXXs in and around voting code


svn:r11099
2007-08-14 02:23:57 +00:00
Nick Mathewson
7113ab8f90 r14001@kushana: nickm | 2007-08-13 20:06:36 -0400
Check for *at least* as many signatures as required, not for *more* signatures than required.


svn:r11098
2007-08-14 00:07:29 +00:00
Nick Mathewson
b6c548094c r13998@kushana: nickm | 2007-08-13 19:20:28 -0400
Add some insanely verbose log messages on voting authorities.


svn:r11097
2007-08-13 23:23:06 +00:00
Nick Mathewson
a1ce60f9a6 r14546@catbus: nickm | 2007-08-13 17:19:01 -0400
Make if-modified-since work on consensuses


svn:r11095
2007-08-13 21:19:54 +00:00
Nick Mathewson
9356a0b1dd r14544@catbus: nickm | 2007-08-13 17:00:09 -0400
Give a 200 when a duplicate vote gets uploaded.


svn:r11094
2007-08-13 21:01:02 +00:00
Nick Mathewson
7d990b5aa1 r13992@Kushana: nickm | 2007-08-13 16:45:22 -0400
A vote we already have a nd a double-upload are different things.


svn:r11093
2007-08-13 20:45:36 +00:00
Nick Mathewson
b4adf151d2 r13991@Kushana: nickm | 2007-08-13 16:37:43 -0400
Do not warn on missing cached consensus.


svn:r11092
2007-08-13 20:45:27 +00:00
Nick Mathewson
4e4dcb2571 r13989@Kushana: nickm | 2007-08-13 16:31:03 -0400
Actually store the v3 authority id digest of a trusteddirserver


svn:r11091
2007-08-13 20:31:08 +00:00
Nick Mathewson
94c90c42e3 r13987@Kushana: nickm | 2007-08-13 16:17:09 -0400
Stop segfaulting on failed consensus.


svn:r11090
2007-08-13 20:17:14 +00:00
Nick Mathewson
936edd901d r13985@Kushana: nickm | 2007-08-13 16:05:07 -0400
Fix some simple logic errors in voting.


svn:r11089
2007-08-13 20:05:25 +00:00
Nick Mathewson
2d07cce67f r14536@catbus: nickm | 2007-08-13 15:54:17 -0400
Make voting actually function.


svn:r11088
2007-08-13 19:55:08 +00:00
Nick Mathewson
89c65f2a4e r14534@catbus: nickm | 2007-08-13 15:15:46 -0400
Read v3 keys from the right location


svn:r11087
2007-08-13 19:16:44 +00:00
Nick Mathewson
ce1f01c3e6 r14531@catbus: nickm | 2007-08-13 14:46:25 -0400
Cache v3 networkstatus consensuses on disk.


svn:r11086
2007-08-13 18:47:22 +00:00
Nick Mathewson
33cf3ada94 r14526@catbus: nickm | 2007-08-13 14:08:37 -0400
Make voting interval configurable.


svn:r11083
2007-08-13 18:09:38 +00:00
Roger Dingledine
762b5c479c less scary log entry
svn:r11077
2007-08-11 14:38:11 +00:00
Roger Dingledine
330abbb6c6 logging patch from karsten, slightly modified to compile
svn:r11074
2007-08-11 14:13:25 +00:00
Roger Dingledine
5920484083 dirserv.c:782: warning: `set_v1_dirty' might be used uninitialized in this function
svn:r11068
2007-08-10 03:07:00 +00:00
Nick Mathewson
5070a1e3ef r14103@catbus: nickm | 2007-08-09 18:30:40 -0400
Drop v1 directory support: instead, just generate stub v1 directories.  This should save lots and lots of directory bandwidth, and break any code relying on v1 directories, including Tor 0.1.0.x and earlier.


svn:r11067
2007-08-09 22:32:33 +00:00
Nick Mathewson
da09efe13d r13953@Kushana: nickm | 2007-08-08 07:40:46 -0700
Fix osx compilation.


svn:r11065
2007-08-08 14:43:30 +00:00
Nick Mathewson
3fc04529d4 r14093@catbus: nickm | 2007-08-08 01:49:54 -0400
Include fewer redundant headers; use the compiler search paths better.


svn:r11060
2007-08-08 05:50:31 +00:00
Nick Mathewson
68e6426c23 r13927@Kushana: nickm | 2007-08-03 00:56:54 -0700
ratchet down the time spent on threading tests


svn:r11043
2007-08-03 07:57:41 +00:00
Nick Mathewson
1c513979fc r13919@Kushana: nickm | 2007-08-02 10:58:31 -0700
Warn about unsafe ControlPort configurations.


svn:r11038
2007-08-02 21:03:40 +00:00
Roger Dingledine
659cdae145 a patch on r11016 that makes it work better
svn:r11018
2007-08-02 04:28:29 +00:00
Nick Mathewson
322b6f7e65 r13892@Kushana: nickm | 2007-08-01 18:27:13 -0700
Close immediately after anything but a successful authentication attempt on the control port.  Backport candidate.


svn:r11016
2007-08-02 01:28:40 +00:00
Nick Mathewson
a4e7dffc94 r13886@Kushana: nickm | 2007-08-01 09:43:06 -0700
Unit tests and debugging for detached signature manipulation.


svn:r11015
2007-08-01 16:43:44 +00:00
Nick Mathewson
484c8b776d r13872@Kushana: nickm | 2007-07-31 08:27:54 -0700
Rename IN4_ADDR and IN6_ADDR to try to avoid conflicting with Windows definitions.  This may fix the windows build.


svn:r11011
2007-08-01 15:57:34 +00:00
Nick Mathewson
480db0f00a r14034@catbus: nickm | 2007-07-31 05:22:56 -0400
possible fix for bug 473: always set buf->cur on buf_remove_from_front.


svn:r11004
2007-07-31 09:31:15 +00:00
Peter Palfrader
ce8edc964c Stop pretending all systems are fast
svn:r11003
2007-07-31 06:48:47 +00:00
Roger Dingledine
57c6264ede tweak comment
svn:r10998
2007-07-30 23:52:58 +00:00
Nick Mathewson
45c82b1d85 r14024@catbus: nickm | 2007-07-30 14:13:58 -0400
Glibc (and maybe others) define a mallinfo() that can be used to see how the platform malloc is acting inside.  When we have it, dump its output on dumpmemusage().


svn:r10996
2007-07-30 18:14:14 +00:00
Nick Mathewson
9fb77a6479 Disable SENTINELS in buffers: it may be responsible for making platform mallocs() be inefficient, and we havent needed it in a long long time.
svn:r10994
2007-07-30 17:51:14 +00:00
Nick Mathewson
9260a824ef Yet another buffer RAM patch: tNever ever ever keep a buffer memory chunk around for an empty buffer that could go on the freelist. This wants profiling to make sure that performance doesnt suffer.
svn:r10993
2007-07-30 17:47:43 +00:00
Nick Mathewson
34a3a5e2f4 r14016@catbus: nickm | 2007-07-30 13:45:55 -0400
More documentation


svn:r10992
2007-07-30 17:46:14 +00:00
Roger Dingledine
5d535a28c9 clean up some bridge log messages
svn:r10985
2007-07-30 08:43:02 +00:00
Roger Dingledine
1b01ad6d38 writing instructions before you release means you can make sure
your instructions don't seg fault


svn:r10984
2007-07-30 08:42:47 +00:00
Nick Mathewson
915c4c3ab8 r14001@catbus: nickm | 2007-07-29 21:31:53 -0400
Try to call time(NULL) a little less.


svn:r10980
2007-07-30 01:32:12 +00:00
Nick Mathewson
a3b8b2c4e3 r14000@catbus: nickm | 2007-07-29 21:16:45 -0400
Fix bug 472: do not use spaces in pseudo-address for local link cons.


svn:r10979
2007-07-30 01:32:07 +00:00
Roger Dingledine
468d922280 start hunting bugs, first in a non-crashy manner
svn:r10978
2007-07-30 01:07:06 +00:00
Nick Mathewson
3dbc825f36 r13996@catbus: nickm | 2007-07-29 19:17:53 -0400
Fix whitespace


svn:r10977
2007-07-29 23:18:06 +00:00
Nick Mathewson
77508edd36 r13989@catbus: nickm | 2007-07-29 19:11:07 -0400
More directory voting code.  Now, if everything works, and I haven't forgotten anything, it is possible to set up some v3 authorities and start voting. Of course, I have probably forgotten something, and there are probably bugs in there somewhere too.


svn:r10976
2007-07-29 23:11:44 +00:00
Roger Dingledine
ca7c53d3cc Be even more aggressive about separating local traffic from relayed
traffic when RelayBandwidthRate is set. (Refines proposal 111.)


svn:r10974
2007-07-29 22:13:44 +00:00
Nick Mathewson
616152486f r13986@catbus: nickm | 2007-07-29 09:15:03 -0400
Answer comment from Roger.


svn:r10971
2007-07-29 13:18:52 +00:00
Roger Dingledine
a68e6e23c9 patches on r10968: compare advertised capacity, not bandwidthrate;
and make the sorting order deterministic to avoid flapping.

also note that we could take the "is_auth" checks out of the
sorting entirely.


svn:r10970
2007-07-29 05:56:30 +00:00
Nick Mathewson
9031bbd4d8 r13982@catbus: nickm | 2007-07-29 01:31:53 -0400
Actually, we missed a rule about what routers to prefer: first prefer authority to non-authority, *then* running, *then* bandwidth.


svn:r10969
2007-07-29 05:32:03 +00:00
Nick Mathewson
1b665b3c7e r13979@catbus: nickm | 2007-07-29 01:20:20 -0400
Implement proposal 109:  As an authority, never call more than 3 servers per IP Running and Valid.  Prefer Running servers to non-running ones; then prefer high-bandwidth to low-bandwidth.  Needs testing.


svn:r10968
2007-07-29 05:20:31 +00:00
Roger Dingledine
eca2a30060 make progress towards retrying our bridges when they're all
down and we get a new socks request


svn:r10967
2007-07-29 04:38:21 +00:00
Nick Mathewson
964e4a305d r13972@catbus: nickm | 2007-07-29 00:01:38 -0400
Make our control events for multi-line async replies conform to our old grammar.  Change back to the old grammar (which got "corrected" in r10931).


svn:r10964
2007-07-29 04:03:25 +00:00
Nick Mathewson
d2adb68ed6 r13963@catbus: nickm | 2007-07-28 22:53:32 -0400
Add support for signature upload


svn:r10962
2007-07-29 02:55:21 +00:00
Roger Dingledine
9895d840f5 When running with dmalloc, dump more stats on hup and exit.
svn:r10961
2007-07-29 01:18:00 +00:00
Nick Mathewson
764bde22de r13960@catbus: nickm | 2007-07-28 18:14:29 -0400
Start correctly when cached-certs is missing. oops


svn:r10957
2007-07-28 22:14:42 +00:00
Nick Mathewson
76a408941c r13959@catbus: nickm | 2007-07-28 18:09:56 -0400
Use the correct formula to calculate exit weights.


svn:r10956
2007-07-28 22:14:39 +00:00
Nick Mathewson
afe9f33d35 r13956@catbus: nickm | 2007-07-27 20:09:48 -0400
Better certificate manipulations: extract certificates from incoming votes, forget ones that are very old, and remember to store them on disk.


svn:r10954
2007-07-28 00:11:34 +00:00
Nick Mathewson
0d274e1db1 r13952@catbus: nickm | 2007-07-27 19:18:46 -0400
Weasel noticed that many buffers spend their time with empty 4k, 8k, and 16k memory chunks.  Thus, be more aggressive about putting empty chunks on the freelist, regardless of their high water marks.  (Also, run buffer_shrink_freelist on the 8k-chunk freelist.)


svn:r10953
2007-07-27 23:19:02 +00:00
Nick Mathewson
43f64d09ea r13951@catbus: nickm | 2007-07-27 18:39:28 -0400
Make it so we can actually compile with FULL_V1_DIRECTORIES disabled.


svn:r10952
2007-07-27 23:18:58 +00:00
Nick Mathewson
f6229d6432 r13950@catbus: nickm | 2007-07-27 18:15:23 -0400
Wrap bandwidth usage info in another ifdef so we can easily drop it on august 1 when it is time to finalize proposal 104.


svn:r10951
2007-07-27 23:18:55 +00:00
Nick Mathewson
0e5d8925d9 r13946@catbus: nickm | 2007-07-27 16:09:31 -0400
Fix median_int for platforms where sizeof(int)!=sizeof(time_t)


svn:r10949
2007-07-27 20:09:37 +00:00
Nick Mathewson
a5477c7bb9 r13944@catbus: nickm | 2007-07-27 15:52:35 -0400
Fix warnings on platforms where rlim values can be signed.
 Add an 8k buffer freelist.
 


svn:r10948
2007-07-27 19:53:29 +00:00
Nick Mathewson
bc9a7be943 r13939@catbus: nickm | 2007-07-27 14:33:22 -0400
When dumping memory usage, list bytes used in buffer memory free-lists.


svn:r10947
2007-07-27 18:33:37 +00:00
Nick Mathewson
65cdda20b3 r13938@catbus: nickm | 2007-07-27 14:26:07 -0400
More code to handle incoming consensus signatures


svn:r10946
2007-07-27 18:33:34 +00:00
Nick Mathewson
10f166045b r13937@catbus: nickm | 2007-07-27 12:43:36 -0400
Maintain a detached-signatures document along with pending consensus document.  Add a dirvote_free_all() to clean up static vars in dirvote.c


svn:r10945
2007-07-27 18:33:30 +00:00
Nick Mathewson
a65cea38d2 r13936@catbus: nickm | 2007-07-27 12:23:26 -0400
Code to implement detached signature documents.


svn:r10944
2007-07-27 18:33:28 +00:00
Peter Palfrader
1f4275451b Resolve a compiler warning about uninitialized use
svn:r10940
2007-07-27 01:10:23 +00:00
Nick Mathewson
eed888a2b7 r13927@catbus: nickm | 2007-07-26 17:26:49 -0400
Fix router_choose_by_bandwidth to no longer be biases by floating-point roundoff issues.  This runs through the list of routers yet another time, and uses an additional bitfield, but this should be okay: the function did not appear in profiles before, and shouldnt start appearing now.


svn:r10939
2007-07-26 21:26:57 +00:00
Nick Mathewson
b1c873182d r13926@catbus: nickm | 2007-07-26 17:21:06 -0400
Add a bit-array type with reasonably fast inline functions.


svn:r10938
2007-07-26 21:26:53 +00:00
Nick Mathewson
6c4864f351 r13924@catbus: nickm | 2007-07-26 16:46:45 -0400
We can have multiple authority certificates for an authority at a time: make the code reflect that.


svn:r10937
2007-07-26 20:49:04 +00:00
Nick Mathewson
fb2f3c035b r13921@catbus: nickm | 2007-07-26 16:26:48 -0400
Code to add signatures to a pending consensus directory.


svn:r10936
2007-07-26 20:26:59 +00:00
Nick Mathewson
189bc7cf9f r13920@catbus: nickm | 2007-07-26 16:25:25 -0400
whitespace fixes


svn:r10935
2007-07-26 20:26:53 +00:00
Nick Mathewson
7f3e2378b6 r13908@catbus: nickm | 2007-07-25 18:55:47 -0400
Patch from Robert Hogan: set conn->dns_server_port correctly so that we can close dns server ports when they change, thus avoiding crashes and dangling references and other sources of unhappiness.


svn:r10933
2007-07-25 22:57:07 +00:00
Nick Mathewson
025a81fc18 r13907@catbus: nickm | 2007-07-25 18:51:25 -0400
Patch from tup: translate LFs to CRLFs in NS replies and
 ensures the data section is properly terminated with "\r\n.\r\n


svn:r10932
2007-07-25 22:57:02 +00:00
Nick Mathewson
a8821e2d82 r13905@catbus: nickm | 2007-07-25 18:48:44 -0400
ADDRMAP events should never have specified local time.  Extend them to have the proper gmt time, and make GETINFO address-mappings always do the right thing (since it is new in this version).


svn:r10930
2007-07-25 22:56:54 +00:00
Nick Mathewson
47f3a40900 r13904@catbus: nickm | 2007-07-25 18:04:46 -0400
Fix whitespaces and compilation in and around dirvote code.


svn:r10929
2007-07-25 22:56:50 +00:00
Nick Mathewson
2305c2c7be r13903@catbus: nickm | 2007-07-25 18:03:56 -0400
Make buffer large enough to hold ip6.arpa addresses.  This code was not actually used yet, so no user-visible bug existed. (Based on patch by croup.)


svn:r10928
2007-07-25 22:56:47 +00:00
Nick Mathewson
a66f259354 r13902@catbus: nickm | 2007-07-25 17:43:52 -0400
Some dirvote code to handle generating votes and slinging them around.  More code is still needed.


svn:r10927
2007-07-25 22:56:44 +00:00
Nick Mathewson
1b7a704c34 r13901@catbus: nickm | 2007-07-25 16:23:51 -0400
Make all code to generate v1 directories into conditional code.


svn:r10926
2007-07-25 22:56:40 +00:00
Nick Mathewson
83fa843663 r13900@catbus: nickm | 2007-07-25 16:16:30 -0400
Better fix for GCC 4.2 warning on routerlist.c


svn:r10925
2007-07-25 22:56:34 +00:00
Nick Mathewson
1b24067395 r13773@kushana: nickm | 2007-07-23 00:16:44 -0400
Use tor malloc replacements in eventdns.c for now: there might be goblins there...goblins that only dmalloc can find!


svn:r10912
2007-07-23 04:18:20 +00:00
Nick Mathewson
4d2f45978f r13875@catbus: nickm | 2007-07-22 18:56:30 -0400
Once more with feeling.


svn:r10907
2007-07-22 22:56:33 +00:00
Nick Mathewson
6640fdeeee r13872@catbus: nickm | 2007-07-22 18:51:02 -0400
esc_router_info static field should not be cleared postfork, to avoid races.


svn:r10906
2007-07-22 22:51:07 +00:00
Nick Mathewson
701fce8e5c r13858@catbus: nickm | 2007-07-22 18:44:02 -0400
Fix/note some relatively trivial mem usage issues


svn:r10905
2007-07-22 22:49:49 +00:00
Roger Dingledine
0104882e9b dump dmalloc stats on sighup
svn:r10903
2007-07-22 07:05:43 +00:00
Roger Dingledine
5190916670 free a small static string on exit.
svn:r10902
2007-07-22 06:32:28 +00:00
Roger Dingledine
e96d807db4 Revert part of r10874, since it was breaking our load balancing
(we always picked one router past the one we wanted!) and could
conceivably read past the end of the smartlist too.

Nick, I don't know what gcc 4.2 was worried about, but we need
to find a better fix than this. :)


svn:r10901
2007-07-22 04:36:33 +00:00
Roger Dingledine
6fc336d217 handle fetching bridge descriptors from the bridge authority too.
svn:r10898
2007-07-22 00:16:48 +00:00
Roger Dingledine
56d3119581 Directory authorities now call routers Fast if their bandwidth is
at least 100KB/s, and consider their bandwidth adequate to be a
Guard if it is at least 250KB/s. This fix complements proposal
107. [Bugfix on 0.1.2.x]


svn:r10897
2007-07-21 23:40:55 +00:00
Roger Dingledine
a916e07ea6 when requesting tor/server/authority, ask for tor/server/authority.z
instead. same functionality, saves a bit of bandwidth. and might even
work.


svn:r10896
2007-07-21 22:04:18 +00:00
Nick Mathewson
6223160ab7 r13848@catbus: nickm | 2007-07-19 16:47:16 -0400
Use our own version of inet_ntop and inet_pton everywhere, to avoid partitioning attacks.


svn:r10888
2007-07-19 20:47:18 +00:00
Nick Mathewson
3015129a4a r13846@catbus: nickm | 2007-07-19 16:31:41 -0400
Actually, OSX (and some BSDs) accept [f:f:f:f:f:f:f:f::] as a perfectly fine ipv6 address.


svn:r10887
2007-07-19 20:31:43 +00:00
Nick Mathewson
31a73c0767 r13844@catbus: nickm | 2007-07-19 16:04:04 -0400
Same as the last patch, only more so.


svn:r10886
2007-07-19 20:04:05 +00:00
Nick Mathewson
00420bd084 r13842@catbus: nickm | 2007-07-19 16:02:54 -0400
OSX writes ::3 as ::0.0.0.3; choose a less ambiguous example.


svn:r10885
2007-07-19 20:02:56 +00:00
Nick Mathewson
a1f4644a94 r13840@catbus: nickm | 2007-07-19 16:00:43 -0400
Apparently, this problem can occur on the whole BSD family. "Yay."


svn:r10884
2007-07-19 20:00:45 +00:00
Nick Mathewson
4a240552c4 r13834@catbus: nickm | 2007-07-19 15:40:42 -0400
Another patch from croup: drop support for address masks that do not correspond to bit prefixes.  Nobody has used this for a while, and we have given warnings for a long time.


svn:r10881
2007-07-19 19:40:45 +00:00
Nick Mathewson
bbbf504281 r13827@catbus: nickm | 2007-07-19 14:42:25 -0400
Merge in some generic address manipulation code from croup.  Needs some work.


svn:r10880
2007-07-19 18:46:09 +00:00
Nick Mathewson
70aef18db1 r13826@catbus: nickm | 2007-07-19 12:21:30 -0400
Fix a copy-and-paste error in dirvote.c


svn:r10879
2007-07-19 18:46:06 +00:00
Nick Mathewson
5e6f05bc31 r13822@catbus: nickm | 2007-07-18 16:43:39 -0400
Tweak a couple of loop-related variables to make the gcc 4.2 -Wstrict-overflow warning happy.


svn:r10874
2007-07-18 20:46:14 +00:00
Nick Mathewson
d920683718 r13821@catbus: nickm | 2007-07-18 16:29:17 -0400
Initial code to manipulate vote timing correctly.


svn:r10873
2007-07-18 20:46:12 +00:00
Nick Mathewson
4a9d4c2c5c r13820@catbus: nickm | 2007-07-18 16:07:30 -0400
Whitespace fix on r10849


svn:r10872
2007-07-18 20:46:10 +00:00
Peter Palfrader
3052bf6a84 Change routerlist_remove to not take an index argument we do not need anyway.
Now the only remaining caller of _routerlist_find_elt is an assert()

svn:r10869
2007-07-18 14:02:47 +00:00
Roger Dingledine
50487c249d timeout and retry schedules for fetching bridge descriptors
svn:r10867
2007-07-18 10:06:03 +00:00
Roger Dingledine
5c4d86f512 using fascistfirewall and having your bridge on an unreachable
port silently didn't mix. now they loudly don't mix.


svn:r10862
2007-07-18 07:13:15 +00:00
Nick Mathewson
670db47e1b r13801@catbus: nickm | 2007-07-17 13:49:12 -0400
More tweaks to dir-spec.txt; not complete, but closing in.


svn:r10856
2007-07-17 17:49:16 +00:00
Roger Dingledine
a1ab2c8087 free bridge list on exit; try harder to free buffer freelists on exit.
svn:r10854
2007-07-17 11:33:38 +00:00
Roger Dingledine
b7e4683ff9 bugfix on r10086:
We had accidentally labelled 0.1.2.x directory servers as not
suitable for begin_dir requests, and had labelled no directory
servers as suitable for uploading extra-info documents. [Bugfix
on 0.2.0.1-alpha]


svn:r10853
2007-07-17 09:37:00 +00:00
Roger Dingledine
fcbb817db5 free another string, and the buffer freelists, on exit.
svn:r10851
2007-07-17 09:26:45 +00:00
Roger Dingledine
ccfda2e3a3 a few fixes for bug 463. needs a changelog. might need more fixes.
svn:r10849
2007-07-17 02:53:17 +00:00
Nick Mathewson
ad45ddfb07 r13788@catbus: nickm | 2007-07-16 14:26:25 -0400
Patch from croup: rewrite the logic of get_next_token() to do the right thing with input that ends at weird places, or aligns with block boundaries after mmap.  should fix bug 455.  Needs fuzzing.


svn:r10847
2007-07-16 18:26:31 +00:00
Nick Mathewson
6e9f1f76f2 r13784@catbus: nickm | 2007-07-16 13:27:32 -0400
Apply patch from tup: remove extra space at the end of some circuit-status events, and stop translating CRLF to CRCRLF in control replies.


svn:r10845
2007-07-16 17:27:35 +00:00
Nick Mathewson
26a25edaec r13777@catbus: nickm | 2007-07-16 12:58:08 -0400
Patch from tup: new address-mappings/ GETINFO that includes expiry times.


svn:r10844
2007-07-16 16:58:11 +00:00
Nick Mathewson
483c1e9017 r13774@catbus: nickm | 2007-07-16 12:23:28 -0400
Tweaks on constrained socket buffers patch from coderman: Add a changelog; rename some variables; fix some long lines and whitespace; make ConstrainedSockSize a memunit; pass setsockopt a void.


svn:r10843
2007-07-16 16:23:36 +00:00
Nick Mathewson
f4a6673758 r13773@catbus: nickm | 2007-07-16 11:58:25 -0400
Initial "constrained socket buffers" patch from coderman. needs tweaking.


svn:r10842
2007-07-16 16:23:34 +00:00
Roger Dingledine
6d2cb32d10 free some more memory on exit
svn:r10837
2007-07-16 04:33:47 +00:00
Roger Dingledine
4b719cbae0 stop reading uninitialized/outofbounds memory. possible backport,
quite related to bug 455.


svn:r10835
2007-07-16 03:39:21 +00:00
Roger Dingledine
98ce45bebf Backport candidate:
Fix a potential crash bug when we load many server descriptors at
once and some of them make others of them obsolete. Fixes bug
458. [Bugfix on 0.1.2.x]


svn:r10832
2007-07-16 00:11:03 +00:00
Roger Dingledine
5ab3f49d93 backport candidate: fix a memory leak from r9039 which had us leaking
50ish bytes every time we rebuild the cached-router files.


svn:r10830
2007-07-15 08:34:32 +00:00
Roger Dingledine
2c2f7ee6a4 fix a memory leak from r10504 (i think)
svn:r10829
2007-07-15 08:11:56 +00:00
Peter Palfrader
2ce1cb22bd Comment one tor_assert
svn:r10820
2007-07-12 17:37:47 +00:00
Roger Dingledine
ef6bc1a451 Keep streamids from different exits on a circuit separate. This
bug may have allowed other routers on a given circuit to inject
cells into streams. Reported by lodger; fixes bug 446. [Bugfix
on 0.1.2.x]


svn:r10818
2007-07-12 17:09:19 +00:00
Nick Mathewson
656b7761a8 r13730@catbus: nickm | 2007-07-12 12:32:40 -0400
Patch from lodger: avoid roundoff-error-induced crash bugs when picking routers by bandwidth.
 Also, remove listed backports for 0.1.2.x; that list is now in TODO.012


svn:r10812
2007-07-12 16:34:45 +00:00
Peter Palfrader
9ed261cd6a In router_add_to_routerlist() only call router_have_minimum_dir_info() under some circumstances, not always
svn:r10799
2007-07-12 15:57:23 +00:00
Roger Dingledine
9bf23e0598 backport candidate:
When sending destroy cells from a circuit's origin, don't include
the reason for tearing down the circuit. The spec says we didn't,
and now we actually don't. Reported by lodger. [Bugfix on 0.1.2.x]


svn:r10790
2007-07-11 03:37:45 +00:00
Roger Dingledine
83e8d8d9b9 clean up a comment
svn:r10789
2007-07-11 03:28:12 +00:00
Nick Mathewson
39dc589d32 r13691@catbus: nickm | 2007-07-10 18:44:30 -0400
Fix an assert error in 455 patch.


svn:r10788
2007-07-10 22:44:32 +00:00
Nick Mathewson
fa1376014b r13689@catbus: nickm | 2007-07-10 17:46:30 -0400
tweaks to last patch.  from croup.


svn:r10787
2007-07-10 21:46:33 +00:00
Nick Mathewson
7e20fdbefb r13687@catbus: nickm | 2007-07-10 16:08:14 -0400
Possible partial fix for bug 455: use eos logic everywhere.


svn:r10786
2007-07-10 20:08:18 +00:00
Nick Mathewson
d6ba1c3d96 r13676@catbus: nickm | 2007-07-10 13:41:24 -0400
Man. I thought I removed that code.


svn:r10785
2007-07-10 17:41:26 +00:00
Nick Mathewson
a8465adaa2 r13667@catbus: nickm | 2007-07-10 13:12:52 -0400
Patch from tup: add GETINFO status/enough-dir-info


svn:r10782
2007-07-10 17:14:55 +00:00
Nick Mathewson
74711479eb r13666@catbus: nickm | 2007-07-10 13:10:00 -0400
Get the RESOLVE controller code working.


svn:r10781
2007-07-10 17:14:51 +00:00
Nick Mathewson
7705314777 r13637@catbus: nickm | 2007-07-06 14:24:27 -0400
fix copy-paste error in config message src/or/config.c .  Apply
 initial (but pared-down) version of launch-resolve-via-controller
 patch from Robert Hogan.
 


svn:r10780
2007-07-10 17:13:24 +00:00
Nick Mathewson
10e5ed1a84 r13602@Kushana: nickm | 2007-07-07 23:44:24 -0400
Backport candidate: fix a possible buffer overrun when using natd support on old BSDs.  Based on a patch from "Mr. Croup".


svn:r10760
2007-07-08 03:45:47 +00:00
Peter Palfrader
db3a4bf897 Call router_have_minimum_dir_info() at the beginning of router_add_to_routerlist() since it has side effects
svn:r10754
2007-07-06 21:21:09 +00:00
Peter Palfrader
39b1a11f8d Remove two arguments from routerlist_replace(). idx, which is
the old router's index in the routerlist, can be gotten from the
old routerinfo itself anyway, and make_old always was true.
(There only is one caller of routerlist_replace())


svn:r10753
2007-07-06 18:40:39 +00:00
Nick Mathewson
e6ba07f8f5 r13634@catbus: nickm | 2007-07-06 14:20:50 -0400
Fix a crash bug (*the* crash bug?) on authorities.  Backport candidate.


svn:r10752
2007-07-06 18:20:54 +00:00
Nick Mathewson
92b6e09082 r13633@catbus: nickm | 2007-07-06 11:08:19 -0400
Call tor_init_threads() from tor_init().


svn:r10751
2007-07-06 18:20:52 +00:00
Nick Mathewson
04c9ae8164 r13453@kushana: nickm | 2007-06-20 10:01:37 -0400
Fix a type error in the last checkin.


svn:r10738
2007-07-05 14:50:13 +00:00
Nick Mathewson
b5c8a6183a r13452@kushana: nickm | 2007-06-20 09:52:55 -0400
Patch from Robert Hogan: Generate STREAM NEW events for dnsport requests and tunneled directory connections.  Log when we are testing for hijacking.


svn:r10737
2007-07-05 14:50:05 +00:00
Roger Dingledine
99bfb1bebe If there's a never-before-connected-to guard node in our list,
never choose any guards past it. This way we don't expand our 
guard list unless we need to. [Bugfix in 0.1.2.x]

I'm not sure if this will solve all our problems, but it is at least
something.



svn:r10730
2007-07-02 22:15:26 +00:00
Roger Dingledine
5c1daed3ad the non-controversial changes i found in my sandbox
svn:r10729
2007-07-02 22:07:53 +00:00
Nick Mathewson
32b165ab61 r13604@catbus: nickm | 2007-07-02 16:58:40 -0400
Some temporary output to try to figure out where bsd thread unit tests are going wrong


svn:r10728
2007-07-02 21:08:03 +00:00
Peter Palfrader
64f4cff192 I so wonder how this blows up on the real network - make _routerlist_find_elt be strict about the idx it is passed - if it is not -1 then it has to be correct
svn:r10727
2007-07-02 20:17:12 +00:00
Peter Palfrader
d071df748a If we want to be more strict in _routerlist_find_elt I better call it properly
svn:r10726
2007-07-02 20:04:26 +00:00
Peter Palfrader
ccefd7404e Don't get private with smartlists when there's a perfectly fine accessor method for num_used
svn:r10724
2007-07-02 19:45:44 +00:00
Peter Palfrader
ea1348360e Three more assertions which hopefully are sane, Nick? They might help track down #417.
svn:r10720
2007-07-02 15:13:52 +00:00
Nick Mathewson
8bebff3deb r13568@catbus: nickm | 2007-06-30 15:18:18 -0400
allow test_threads() to time out 


svn:r10711
2007-06-30 19:18:28 +00:00
Nick Mathewson
25a11bf8aa r13555@catbus: nickm | 2007-06-30 14:05:36 -0400
Split "Util" tests into subgroups so I can see why freebsd trunk is failing.


svn:r10710
2007-06-30 18:06:00 +00:00
Nick Mathewson
a8a880e418 r13480@catbus: nickm | 2007-06-17 14:39:42 -0400
Oops; forgot to save a file in the last batch.


svn:r10646
2007-06-17 18:41:03 +00:00
Nick Mathewson
5adfa09fce r13477@catbus: nickm | 2007-06-17 14:22:03 -0400
Sun CC likes to give warnings for the do { } while(0) construction for making statement-like macros.  Define STMT_BEGIN/STMT_END macros that do the right thing, and use them everywhere.


svn:r10645
2007-06-17 18:22:39 +00:00
Nick Mathewson
93f32db438 r13476@catbus: nickm | 2007-06-17 14:04:41 -0400
Build with fewer compiler warnings on Sun.  (This and previous Sun patches are thanks to the tremendously handy services of unix-center.net.)


svn:r10644
2007-06-17 18:22:35 +00:00
Nick Mathewson
99792df645 r13473@catbus: nickm | 2007-06-17 13:42:36 -0400
Fix solaris eventdns.c behavior.  This time, I think I got it.  We were redefining _FILE_OFFSET_BITS, and thereby calling fstat64() on a struct stat, or something like that.


svn:r10643
2007-06-17 17:43:25 +00:00
Nick Mathewson
721899a447 r13471@catbus: nickm | 2007-06-17 11:59:25 -0400
Report address and por correctly on requests to dnsport. (Patch from Robert Hogan.)


svn:r10641
2007-06-17 15:59:27 +00:00
Nick Mathewson
d828915136 r13463@catbus: nickm | 2007-06-17 11:10:17 -0400
Add a SOURCE_ADDR field to STREAM NEW events so that controllers can match requests to applications. (Patch from Robert Hogan.)


svn:r10639
2007-06-17 15:10:51 +00:00
Nick Mathewson
3df7fc5e5a r13438@catbus: nickm | 2007-06-15 15:01:42 -0400
document some functions


svn:r10637
2007-06-17 15:10:43 +00:00
Nick Mathewson
9e944d07f8 r13418@catbus: nickm | 2007-06-14 13:29:21 -0400
Adjust networkstatus_compute_consensus to take an argument saying how many voters there _should_ be.


svn:r10634
2007-06-17 15:10:23 +00:00
Roger Dingledine
237cdfdf48 if we already have a bridge in our state file, it won't be
in the networkstatuses, so we'll mark it unusable when we
load it, and then when we get a new routerinfo for it, we'll
still think it's unusable. fix that.


svn:r10612
2007-06-15 18:32:27 +00:00
Roger Dingledine
07ff5c6785 bugfix on r10609: don't fail asserts when closing circuits
that were connected to an unkeyed connection.


svn:r10611
2007-06-15 16:21:40 +00:00
Roger Dingledine
2cd293dc8f now we can specify a bridge without specifying its key,
and we will still connect to it and use it. getting closer!


svn:r10609
2007-06-15 06:01:04 +00:00
Roger Dingledine
6a2f045163 extra points for making the function name reflect what it does
svn:r10608
2007-06-15 04:23:36 +00:00
Roger Dingledine
73f7310d9b Directories no longer return a "304 not modified" when they don't
have the networkstatus the client asked for. Also fix a memory
leak when returning 304 not modified. [Bugfixes on 0.2.0.2-alpha]


svn:r10607
2007-06-15 04:20:51 +00:00
Roger Dingledine
9f9ee13dc0 point out a bug in our If-Modified-Since handling in 0.2.0.2-alpha.
svn:r10605
2007-06-15 03:14:02 +00:00
Roger Dingledine
3d641bde0e Refine r10571: more work on bridge stuff.
- Only listen to responses for "authority" fetches if we're configured
    to use Bridges. Otherwise it's safe (and maybe smarter) to silently
    discard them like we used to.
  - React faster to download networkstatuses after the first bridge
    descriptor arrives.
  - Don't do dir fetches before we have any bridges, even when our 
    dirport is open.


svn:r10604
2007-06-15 02:12:15 +00:00
Nick Mathewson
9a74e881ef r13413@catbus: nickm | 2007-06-13 18:44:28 -0400
Non-static inline functions cant talk about static variables.


svn:r10599
2007-06-13 22:44:30 +00:00
Nick Mathewson
649a802322 r13409@catbus: nickm | 2007-06-13 18:01:56 -0400
Test the remainder of the contents of the consensus; fix a bug in geneating addresses on routerstatuses.


svn:r10597
2007-06-13 22:39:08 +00:00
Nick Mathewson
c2ea3e9aea r13406@catbus: nickm | 2007-06-13 17:05:30 -0400
Oops; linked connections get read/write events too.


svn:r10596
2007-06-13 21:05:32 +00:00
Nick Mathewson
6462683669 r13403@catbus: nickm | 2007-06-13 16:15:44 -0400
Test all of consensus contents, except for routerstatus_list contents. And signatures.


svn:r10593
2007-06-13 20:17:27 +00:00
Nick Mathewson
4b162fd1f4 r13401@catbus: nickm | 2007-06-13 15:50:16 -0400
Add dnsport connection to the global connection list. (Bug found by mwenge.)


svn:r10592
2007-06-13 19:50:18 +00:00
Nick Mathewson
eab7c6890d r13399@catbus: nickm | 2007-06-13 15:17:44 -0400
Hm. Tor should never need private authority identity keys; thus, I should not actually load the authority identity keys for testing.


svn:r10591
2007-06-13 19:17:46 +00:00
Nick Mathewson
3fa9a90243 r13396@catbus: nickm | 2007-06-13 15:06:18 -0400
Set vote_digest field prproperly in networkstatus_vote_t, so that it gets conveyed to the consensus correctly.


svn:r10590
2007-06-13 19:06:26 +00:00
Nick Mathewson
c3626cdba7 r13395@catbus: nickm | 2007-06-13 15:01:23 -0400
Unit tests and debugging for generating and parsing consensus networkstatus documents.  Still need to test actual contents.


svn:r10589
2007-06-13 19:06:23 +00:00
Nick Mathewson
05cf945a1c r13393@catbus: nickm | 2007-06-13 14:29:14 -0400
More vote unit tests: check that we are parsing routerstatuses correctly.


svn:r10588
2007-06-13 18:29:16 +00:00
Nick Mathewson
0cf38ddef6 r13387@catbus: nickm | 2007-06-13 14:15:49 -0400
Unit tests and debugging for vote generation and parsing code.


svn:r10587
2007-06-13 18:16:05 +00:00
Nick Mathewson
09a370e45f r13386@catbus: nickm | 2007-06-13 14:15:20 -0400
New helper file for test.c: contains 3 generated certs, signing keys, and id_keys


svn:r10586
2007-06-13 18:16:01 +00:00
Roger Dingledine
af658b7828 More work towards making bridge users able to connect via bridges:
- demand options->Bridges and options->TunnelDirConns if 
    options->UseBridges is set.
  - after directory fetches, accept descriptors that aren't referenced by
    our networkstatuses, *if* they're for a configured bridge.
  - delay directory fetching until we have at least one bridge descriptor.
  - learn how to build a one-hop circuit when we have neither routerinfo
    nor routerstatus for our destination.
  - teach directory connections how to pick a bridge as the destination
    directory when doing non-anonymous fetches.
  - tolerate directory commands for which the dir_port is 0.
  - remember descriptors when the requested_resource was "authority", 
    rather than just ignoring them.
  - put bridges on our entry_guards list once we have a descriptor for them.
    When UseBridges is set, only pick entry guards that are bridges. Else
    vice versa.


svn:r10571
2007-06-12 09:17:23 +00:00
Peter Palfrader
c0b28adc65 Resetting the correct stats
svn:r10569
2007-06-12 01:09:53 +00:00
Nick Mathewson
a21381affa r13364@catbus: nickm | 2007-06-11 20:15:53 -0400
Stop assuming that desc_by_eid_map works: in fact, it kinda doesn't.  Add a big comment explaining why.


svn:r10567
2007-06-12 00:15:55 +00:00
Peter Palfrader
f621513cad Remove an #undef, so you can -Ddefine stuff on the command line
svn:r10564
2007-06-11 22:32:30 +00:00
Nick Mathewson
367a77459a r13355@catbus: nickm | 2007-06-11 18:19:34 -0400
Make all the digestmaps inside routerlist_t use the new typechecking wrappers, so we can catch any more bugs like the one fixed by 10561.  This turned up a bug in routerlist_remove: we were extracting a routerinfo_t from desc_digest_map.  Fix that too, though it was probably harmless, since we were only doing a pointer comparison with it.


svn:r10563
2007-06-11 22:19:40 +00:00
Nick Mathewson
bde82e737b r13352@catbus: nickm | 2007-06-11 17:42:45 -0400
Since desc_by_eid_map hold server descriptors, do not add routerinfo_ts.  Bug found by weasel


svn:r10561
2007-06-11 21:42:48 +00:00
Peter Palfrader
e91cab20dd Reorder routerlist_assert_ok() and routerlist_check_bug_417(), so if the assert_ok triggers we know that our bug_417 is wrong
svn:r10560
2007-06-11 19:46:23 +00:00
Nick Mathewson
932f2c79eb r13338@catbus: nickm | 2007-06-10 15:13:32 -0400
Fix bug in 10533: put "opt v" line at the end of a routerstatus section; overwriting is bad.


svn:r10549
2007-06-10 19:13:40 +00:00
Roger Dingledine
04995f197d more building blocks towards being able to fetch bridge descriptors
svn:r10548
2007-06-10 07:34:21 +00:00
Roger Dingledine
1ae7708ff8 discard the "bridge list" stubs that i hope i never need.
svn:r10547
2007-06-10 00:30:14 +00:00
Roger Dingledine
a97c3b8c2d Be clearer on the various roles for auth dir types.
Bridge authorities no longer write bridge descriptors to their
cached-routers file -- this gets complex because of extrainfo documents.


svn:r10545
2007-06-09 07:05:19 +00:00
Roger Dingledine
8dfde75ef6 don't complain when approved-routers isn't there and we
don't need it.


svn:r10544
2007-06-09 05:28:11 +00:00
Roger Dingledine
eebeda2c71 scrub out some more references to the misnamed 'bridge' concept
svn:r10543
2007-06-09 05:17:33 +00:00
Nick Mathewson
19389a3674 r13328@catbus: nickm | 2007-06-08 17:14:55 -0400
Arg. Irix apparently #defines sa_family to something.  Thus, naming fields or variables "sa_family" will not work.


svn:r10541
2007-06-08 21:14:58 +00:00
Nick Mathewson
1d6db7ec3d r13325@catbus: nickm | 2007-06-08 15:02:37 -0400
Parse networkstatuses (v2, vote, and consensus) after generating them, and fail fast if there is a parse error.


svn:r10540
2007-06-08 19:02:39 +00:00
Nick Mathewson
2bb7005481 r13317@catbus: nickm | 2007-06-08 14:39:59 -0400
bugfix: we were undercounting the number of authorities that recommended any given version by 1.  Backport candidate.


svn:r10537
2007-06-08 18:41:19 +00:00
Nick Mathewson
678110570a r13315@catbus: nickm | 2007-06-08 14:33:24 -0400
Make versions get added to networkstatuses correctly again.


svn:r10535
2007-06-08 18:41:14 +00:00
Nick Mathewson
171969656c r13314@catbus: nickm | 2007-06-08 14:30:31 -0400
Enfore that known_flags in networkstatus votes must be unique.


svn:r10534
2007-06-08 18:41:12 +00:00
Nick Mathewson
7a6f3cd223 r13313@catbus: nickm | 2007-06-08 14:23:11 -0400
Refactor v3 vote generation code into "build a networkstatus_vote_t" and "format a networkstatus_vote_t".  This should make testing possible.


svn:r10533
2007-06-08 18:41:09 +00:00
Nick Mathewson
1b200de0ef r13304@catbus: nickm | 2007-06-07 13:25:37 -0400
Deprecate RedirectExits.


svn:r10526
2007-06-07 17:26:19 +00:00
Nick Mathewson
529cbe34b0 r13292@catbus: nickm | 2007-06-06 17:34:15 -0400
Check for non-standard SVK directories properly.  Inspired by debian bug #420899 and related discussion on SVK list.


svn:r10522
2007-06-07 16:14:55 +00:00
Roger Dingledine
8db1b61a26 avoid leaking memory in a path never followed. pointed out
by robert watson.


svn:r10521
2007-06-07 15:07:33 +00:00
Nick Mathewson
6673d445f5 r13283@catbus: nickm | 2007-06-06 01:43:44 -0400
Fix up a couple of loops flagged by -Wunsafe-loop-optimizations so that they are more readable (and more amenable to compilation)


svn:r10513
2007-06-06 13:02:22 +00:00
Nick Mathewson
1a29d68081 r13276@catbus: nickm | 2007-06-05 19:45:33 -0400
Remove another long-dead #if 0 I missed before


svn:r10511
2007-06-06 04:51:33 +00:00
Nick Mathewson
d3b140b0de r13275@catbus: nickm | 2007-06-05 19:11:05 -0400
Apply my sekrit "unused macro detector" script to hunt down some macros we didnt use.


svn:r10510
2007-06-06 04:51:30 +00:00
Nick Mathewson
1866ad3506 r13274@catbus: nickm | 2007-06-05 19:06:30 -0400
Remove some deadcode that seems unlikely to return


svn:r10509
2007-06-06 04:51:25 +00:00
Nick Mathewson
0a27f02b9c r13267@catbus: nickm | 2007-06-05 16:54:20 -0400
Man page and small tweaks for last patch.


svn:r10505
2007-06-05 20:54:53 +00:00
Nick Mathewson
210beff55a r13266@catbus: nickm | 2007-06-05 16:38:08 -0400
Patch from peter palfrader: control interface via unix domain socket


svn:r10504
2007-06-05 20:54:49 +00:00
Nick Mathewson
f0345d46f6 r13256@catbus: nickm | 2007-06-05 10:57:41 -0400
Mark fields that need to be ipv6-ified.


svn:r10503
2007-06-05 20:54:23 +00:00
Peter Palfrader
b6c6dd7e55 Change an assert into a tor_assert
svn:r10495
2007-06-05 01:09:09 +00:00
Nick Mathewson
23ae5976f3 r13254@catbus: nickm | 2007-06-04 20:13:47 -0400
When choosing a guard, weight by bandwidth.  Resolves bug 440.


svn:r10493
2007-06-05 00:15:00 +00:00
Nick Mathewson
2e0713222b r13252@catbus: nickm | 2007-06-04 18:57:21 -0400
Code to check signatures on consensus directories.


svn:r10492
2007-06-04 22:57:23 +00:00
Nick Mathewson
8b0e6a4466 r13250@catbus: nickm | 2007-06-04 18:28:55 -0400
Adapt code to parse v3 networkstatus votes so it can also parse a consensus.  Make networkstatus_vote_t the catch-all type for votes and conensuses.  Correct/clarify the second argument to directory-signature.


svn:r10491
2007-06-04 22:29:00 +00:00
Nick Mathewson
8d1224eb51 r13248@catbus: nickm | 2007-06-04 15:53:23 -0400
More code to generate a consensus from a list of votes.  Now, we handle Named, and we actually generate and sign the signed consensus.  Yippee.  Still needs testing.  Still not actually called.


svn:r10490
2007-06-04 19:54:02 +00:00
Nick Mathewson
bb6f53d60c r13243@catbus: nickm | 2007-06-04 15:17:15 -0400
Start of code to compute consensus network-status stuff from a bunch of votes.  Strangely, it does not yet feel like an enormous ugly hack. 


svn:r10489
2007-06-04 19:19:01 +00:00
Peter Palfrader
32d12dcfbc Fix retry_all_listeners() and retry_listeners() description to match code. We are smarter than comparing lengths of want- and have-listeners.
svn:r10487
2007-06-04 16:58:57 +00:00
Peter Palfrader
502879e0b4 Remove force flag from retry_all_listeners() and retry_listeners(). It always was 0.
svn:r10486
2007-06-04 16:54:42 +00:00
Roger Dingledine
80e675deb1 Stop tearing down the whole circuit when the user asks for a
connection to a port that the hidden service didn't configure.
Resolves bug 444.


svn:r10478
2007-06-04 03:13:13 +00:00
Nick Mathewson
6d447e04a2 r13189@catbus: nickm | 2007-06-03 19:08:01 -0400
Oops. Only bind ports and start libevent if we are actually running Tor.


svn:r10474
2007-06-03 23:08:07 +00:00
Nick Mathewson
d3ee41619c r13186@catbus: nickm | 2007-06-03 19:00:20 -0400
Bind ports before setuid/setgid.


svn:r10473
2007-06-03 23:00:26 +00:00
Nick Mathewson
147e439c94 r13174@catbus: nickm | 2007-06-03 17:39:20 -0400
Patch from robert hogan: avoid crash when DNS port is set more than once.


svn:r10471
2007-06-03 21:39:24 +00:00
Nick Mathewson
f4ce7f9c9b r13166@catbus: nickm | 2007-06-02 23:02:40 -0400
First cut at code to parse and validate v3 networkstatus votes.


svn:r10461
2007-06-03 03:05:10 +00:00
Nick Mathewson
e0d828299a r13165@catbus: nickm | 2007-06-02 22:55:22 -0400
Remove an obsoleted function


svn:r10460
2007-06-03 03:05:07 +00:00
Roger Dingledine
1407cf9de3 fix up a comment
svn:r10453
2007-06-02 20:22:31 +00:00
Nick Mathewson
c2dc8f4623 r13158@catbus: nickm | 2007-06-02 11:40:05 -0400
On systems with svk, do not clobber micro-revision.i when building from a tarball.


svn:r10452
2007-06-02 15:40:10 +00:00
Nick Mathewson
aee7f01624 r13154@catbus: nickm | 2007-06-02 11:26:44 -0400
Server-side support for If-Modified-Since in HTTP requsts for v1 stuff, and for network-status documents.


svn:r10451
2007-06-02 15:26:57 +00:00
Nick Mathewson
8400cecb1d r13148@catbus: nickm | 2007-06-02 10:24:20 -0400
Fix bug 441, 442, and possibly 417 (again).


svn:r10449
2007-06-02 14:24:23 +00:00
Nick Mathewson
2ef3e7853b r13144@catbus: nickm | 2007-06-02 08:44:42 -0400
Add some asserts to catch double-insert on routerlist.


svn:r10445
2007-06-02 12:44:57 +00:00
Nick Mathewson
5b6d7f10f3 r13143@catbus: nickm | 2007-06-01 16:43:40 -0400
Try to fix some mipspro compiler warnings. There will still be some left.


svn:r10444
2007-06-02 12:44:54 +00:00
Nick Mathewson
7c3f418e39 r13139@catbus: nickm | 2007-06-01 14:02:40 -0400
Add some ;trues, and tabify.


svn:r10441
2007-06-01 18:02:41 +00:00
Nick Mathewson
6df38f52db r13137@catbus: nickm | 2007-06-01 13:49:34 -0400
Ah. Of course.  You spell "is there an svn" as 'test -x "`which svn 2>&1`"'.  Perfectly reasonable.  Don't know why I didn't think of it in the first place.


svn:r10440
2007-06-01 17:49:37 +00:00
Nick Mathewson
0af91800f9 r13131@catbus: nickm | 2007-06-01 06:20:29 -0400
Test for ~/.svk/local, not ~/.svk.  Eschew use of test -a and test -o.  Bulletproof more against odd shells.


svn:r10439
2007-06-01 10:20:37 +00:00
Nick Mathewson
6bb65fa371 r13121@catbus: nickm | 2007-05-31 20:06:40 -0400
Oops. Different inet_ntop implementations seem to differ on whether, in an IPv6 address with a single "0" word, that word should be written as 0, or omitted. Fix the unit tests to account for that.


svn:r10432
2007-06-01 00:06:45 +00:00
Roger Dingledine
b1ee20f0e8 trivial changes from my sandbox
svn:r10429
2007-05-31 23:57:46 +00:00
Nick Mathewson
3b4fa59b60 r13117@catbus: nickm | 2007-05-31 19:40:32 -0400
Patch from Tup: treat RESOLVED_TYPE_ERROR_TRANSIENT as a SERVERFAILED, and RESOLVED_TYPE_ERROR as NOTEXIST.  Generate transient/nontransient errors more sensibly.  Set flags better on DNS replies.


svn:r10427
2007-05-31 23:40:35 +00:00
Nick Mathewson
534c55f531 r13111@catbus: nickm | 2007-05-31 15:03:41 -0400
Cleanup whitespace.


svn:r10425
2007-05-31 19:03:49 +00:00
Nick Mathewson
884cb0c7a1 r13109@catbus: nickm | 2007-05-31 14:59:30 -0400
More code for voting and vote parsing (checkpointing)


svn:r10423
2007-05-31 19:03:44 +00:00
Nick Mathewson
5d4b426a33 r13103@catbus: nickm | 2007-05-31 14:40:18 -0400
Fix patch r10411; fix from robert hogan.


svn:r10422
2007-05-31 18:48:31 +00:00
Nick Mathewson
77502ac82d r13102@catbus: nickm | 2007-05-31 13:56:25 -0400
Make "authdir_newdesc rejected" work again.


svn:r10421
2007-05-31 18:48:28 +00:00
Nick Mathewson
4061b2cbd1 r13101@catbus: nickm | 2007-05-31 12:57:42 -0400
Unit tests [and debugging] for tor_inet_ntop() and tor_inet_pton()


svn:r10420
2007-05-31 18:48:25 +00:00
Nick Mathewson
1cb1ebbfe0 r13090@catbus: nickm | 2007-05-30 03:17:57 -0400
If the user makes a torrc that exceeds the bandwidth cap by one byte, let them have it.


svn:r10411
2007-05-30 07:18:00 +00:00
Nick Mathewson
8b1e9398a8 r13079@catbus: nickm | 2007-05-29 17:05:38 -0400
Oops. Authorities should recommend nodes as exits.


svn:r10403
2007-05-29 21:05:49 +00:00
Nick Mathewson
4cd93bd9ec r13071@catbus: nickm | 2007-05-29 15:54:46 -0400
Aaargh.  Revert accidentally-committed debugging code in last patch.


svn:r10400
2007-05-29 19:54:54 +00:00
Nick Mathewson
1359871c14 r13070@catbus: nickm | 2007-05-29 15:53:21 -0400
Fix handling of resolves with very long or otherwise malformed addresses, and comment dns_resolve better, and stop making what should be a BUG warning into an assert(0).  This fixes bug 427, which was introduced around 9900/9931/9932.  Not a backport candidate: 0.1.2.x never had this bug.


svn:r10399
2007-05-29 19:54:51 +00:00
Nick Mathewson
3f9afa0625 r13068@catbus: nickm | 2007-05-29 14:58:13 -0400
Add some code to mitigate bug 393: Choose at random from multiple hidden service ports with the same virtport.  This allows limited ad-hoc round-robining.


svn:r10398
2007-05-29 18:58:16 +00:00
Nick Mathewson
c5b3a8db84 r13057@catbus: nickm | 2007-05-29 14:39:27 -0400
fix for bug 439: make _sure_ *msg is set when we leave dirserv_add_multiple_descriptors().


svn:r10396
2007-05-29 18:39:56 +00:00
Nick Mathewson
9d1af71b70 r13053@catbus: nickm | 2007-05-29 13:35:33 -0400
Move connection_should_read_from_linked_conn into main.c, which is the only file that uses it.


svn:r10394
2007-05-29 18:20:56 +00:00
Nick Mathewson
f89a3b1448 r13050@catbus: nickm | 2007-05-29 13:31:11 -0400
Resolve all but 3 DOCDOCs.


svn:r10393
2007-05-29 17:31:13 +00:00
Nick Mathewson
69c712f189 r13048@catbus: nickm | 2007-05-29 11:08:53 -0400
Oops; better version of previous patch that does not get caught in an infinite loop.


svn:r10391
2007-05-29 15:08:55 +00:00
Nick Mathewson
fd3aa5c85d r13046@catbus: nickm | 2007-05-29 11:07:12 -0400
Stop adding bogus entries to lists in router_parse_list_from_string(). I wonder which bugs _that_ caused.


svn:r10390
2007-05-29 15:07:16 +00:00
Nick Mathewson
63035cdb33 r13041@catbus: nickm | 2007-05-29 10:40:05 -0400
More messing around to try to address possible root causes of bug 436.


svn:r10388
2007-05-29 14:41:20 +00:00
Nick Mathewson
d509efb9b7 r13019@catbus: nickm | 2007-05-27 12:32:55 -0400
Merge an evdns fix from libevent r357: "evdns_shutdown fix from adam langley.


svn:r10387
2007-05-29 14:41:16 +00:00
Peter Palfrader
3425f2c11f Segfault less. Somebody needs to look over why exactly this helps. re #436
svn:r10376
2007-05-28 21:34:42 +00:00
Roger Dingledine
c1101fceeb we were leaking a few megabytes a minute checking signatures
svn:r10359
2007-05-27 04:38:50 +00:00
Roger Dingledine
e13bf01a9f fix a seg fault when my auth dirserver accepted a posted descriptor
(dirserv_add_multiple_descriptors doesn't set msg if there's no
failure.)


svn:r10358
2007-05-27 03:41:09 +00:00
Roger Dingledine
c8fd65a936 If Tor is invoked from something that isn't a shell (e.g. Vidalia),
now we expand "-f ~/.tor/torrc" correctly. Suggested by Matt Edman.


svn:r10351
2007-05-26 08:04:15 +00:00
Nick Mathewson
b0be93c8b0 r12988@catbus: nickm | 2007-05-25 20:15:56 -0400
socklen_t is a silly type anyway. Just use int as the argument for evdns_server_request_get_requesting_addr.


svn:r10347
2007-05-26 00:15:58 +00:00
Roger Dingledine
0f71ade42f fix compile on bsd
svn:r10339
2007-05-25 21:56:47 +00:00
Roger Dingledine
0c047b87f5 polish r9933-r9994
svn:r10335
2007-05-25 19:41:31 +00:00
Roger Dingledine
a19d131ed7 i suspect we would trigger asserts if we answer a cached
resolve request. this should help that.


svn:r10334
2007-05-25 19:30:07 +00:00
Roger Dingledine
32f5e19168 remove an obsolete notion that we judge runningness based on
whether we have a connection open to the server right now.


svn:r10333
2007-05-25 19:22:26 +00:00
Nick Mathewson
368eb6a97a r12964@catbus: nickm | 2007-05-25 14:49:23 -0400
hack to make reverse lookups work with dnsport.  note that it is a hack. note some trouble spots.


svn:r10332
2007-05-25 18:49:26 +00:00
Roger Dingledine
ce59d5a632 also change purpose_is_private to purpose_needs_anonymity
svn:r10331
2007-05-25 18:40:09 +00:00
Roger Dingledine
6e216ed7ef karsten got confused by private_connection, so try calling
it anonymized_connection instead.


svn:r10330
2007-05-25 18:25:33 +00:00
Nick Mathewson
ba4969a59e r12959@catbus: nickm | 2007-05-25 14:22:33 -0400
The second time that we resolve a.com and get 1.2.3.4, return an A record mapping (a->1.2.3.4), not mapping (1.2.3.4->1.2.3.4).


svn:r10329
2007-05-25 18:22:43 +00:00
Nick Mathewson
527fbc304e r12958@catbus: nickm | 2007-05-25 14:19:29 -0400
Fix more dnsport bugs: set state correctly, and actually cache the answers.


svn:r10328
2007-05-25 18:22:42 +00:00
Nick Mathewson
5f226f130c r12957@catbus: nickm | 2007-05-25 14:11:02 -0400
Fix a dnsserv bug: mark the connectino as "finished handshaking" once dnsserv_resolved is called.


svn:r10327
2007-05-25 18:22:39 +00:00
Nick Mathewson
39fe91b9a2 r12946@catbus: nickm | 2007-05-25 10:46:50 -0400
Add an AutomapHostsOnResolve option.  It seems to work.


svn:r10324
2007-05-25 14:48:16 +00:00
Roger Dingledine
7127c30f46 irix64's cc doesn't think hibernate_state_t is necessarily an int.
good point.


svn:r10320
2007-05-24 23:51:08 +00:00
Roger Dingledine
42d7b0877d forward-port r10318
svn:r10319
2007-05-24 23:39:04 +00:00
Nick Mathewson
703bf19620 r12942@catbus: nickm | 2007-05-24 16:31:22 -0400
Well, that was easier than I thought it would be.  Tor is now a DNS proxy as well as a socks proxy.  Probably some bugs remain, but since it A) has managed to resolve one address for me successfully, and B) will not affect anybody who leaves DNSPort unset, it feel like a good time to commit.


svn:r10317
2007-05-24 20:31:30 +00:00
Nick Mathewson
17830bc03b r12941@catbus: nickm | 2007-05-24 16:25:00 -0400
Fix some eventdns dns server bugs, and add a new eventdns function to get the address of whoever requested this lookup.


svn:r10316
2007-05-24 20:31:27 +00:00
Nick Mathewson
a312afd67e r12936@catbus: nickm | 2007-05-24 14:12:34 -0400
Review XXXX comments without a version; upgrade some to XXXX020.


svn:r10315
2007-05-24 18:12:52 +00:00
Nick Mathewson
56aefe8d23 r12935@catbus: nickm | 2007-05-24 14:12:04 -0400
dir-signing-key should never take arguments.


svn:r10314
2007-05-24 18:12:44 +00:00
Nick Mathewson
9aaf3d182f r12934@catbus: nickm | 2007-05-24 14:11:18 -0400
When freeing slack buffers, free the buffers at the end of the freelist first.


svn:r10313
2007-05-24 18:12:41 +00:00
Nick Mathewson
687461d36c r12920@catbus: nickm | 2007-05-24 13:12:52 -0400
and remove an XXX012.


svn:r10308
2007-05-24 17:13:08 +00:00
Nick Mathewson
212a3c3478 r12919@catbus: nickm | 2007-05-24 13:04:56 -0400
backport candidate: Warn when using a version of libevent before 1.3b to run a server on osx or bsd: these versions of libevent interact badly with userspace threads.


svn:r10307
2007-05-24 17:13:05 +00:00
Nick Mathewson
4c6398a8f0 r12918@catbus: nickm | 2007-05-24 12:52:40 -0400
Make reset_download_failures() reset extrainfo download status too.


svn:r10306
2007-05-24 17:13:02 +00:00
Nick Mathewson
3980ebd6a1 r12917@catbus: nickm | 2007-05-24 12:48:47 -0400
Put the hash-as-signed, not the raw hash, in the signed_descriptor_digest field of our own descriptor. Backport candidate; probably harmless though.


svn:r10305
2007-05-24 17:13:00 +00:00
Nick Mathewson
d3d86b17a7 r12916@catbus: nickm | 2007-05-24 12:43:45 -0400
Add math functions to round values to the nearest power of 2.  Make mempools more careful about making sure that the size of their chunks is a little less than a power of 2, not a little more.


svn:r10304
2007-05-24 17:12:57 +00:00
Nick Mathewson
d0a5c4f984 r12915@catbus: nickm | 2007-05-24 12:12:34 -0400
Do not send a warning when somebody uploads an extrainfo that we will reject, if it happens to be newer than our current routerdesc.


svn:r10303
2007-05-24 17:12:54 +00:00
Nick Mathewson
ca9e13f2a0 r12906@catbus: nickm | 2007-05-22 20:43:13 -0400
s/32/64/;  s/breaks/works/;


svn:r10297
2007-05-23 00:43:20 +00:00
Roger Dingledine
e583827d60 new ip addresses for moria1 and moria2; new ports for moria2
svn:r10296
2007-05-22 23:51:39 +00:00
Nick Mathewson
38300735cd r12902@catbus: nickm | 2007-05-22 14:52:29 -0400
First draft of code to generate votes. needs testing. does not yet upload or serve votes.  Shares most of its code with the old generate_v2_networkstatus.


svn:r10295
2007-05-22 18:52:32 +00:00
Nick Mathewson
9e0acc0c11 r12899@catbus: nickm | 2007-05-22 13:51:26 -0400
Extract common code from networkstatus_getinfo_helper_single() and generate_v2_networkstatus().


svn:r10294
2007-05-22 17:58:30 +00:00
Nick Mathewson
c9fa4e6583 r12898@catbus: nickm | 2007-05-22 13:11:04 -0400
More v3 directory code: have authorities load certificates; have everybody store certificates to disk and load them; provide a way to configure v3 authorities.


svn:r10293
2007-05-22 17:58:25 +00:00
Nick Mathewson
6975a093e9 r12853@catbus: nickm | 2007-05-22 11:36:54 -0400
Make connection_array into a smartlist.


svn:r10292
2007-05-22 15:49:14 +00:00
Nick Mathewson
e935d73b34 r12852@catbus: nickm | 2007-05-22 11:00:27 -0400
Use svn revisions consistently throughout all log messages.


svn:r10291
2007-05-22 15:48:46 +00:00
Nick Mathewson
4ec5e139c8 r12850@catbus: nickm | 2007-05-21 22:20:42 -0400
Partial backport candidate: do not rely on finding a \0 after an mmaped() router/extrainfo file.  Also, set journal length correctly when starting up.


svn:r10248
2007-05-22 02:20:52 +00:00
Nick Mathewson
d23cb33a1a r12846@catbus: nickm | 2007-05-21 21:55:15 -0400
Oops; it is possible to have an empty store.


svn:r10247
2007-05-22 01:55:50 +00:00
Nick Mathewson
0cb342e859 r12844@catbus: nickm | 2007-05-21 21:52:19 -0400
Oops. It compiles better when you spell the fields right.


svn:r10245
2007-05-22 01:52:22 +00:00
Nick Mathewson
32c8d94c12 r12842@catbus: nickm | 2007-05-21 21:51:45 -0400
Partial backport candidate. Fix issue noted in r10241: stores were rebuilt too often.  Also notes dropped bytes better.


svn:r10244
2007-05-22 01:51:53 +00:00
Roger Dingledine
590a98ff37 clean up r10240 so we avoid the exit node itself too
svn:r10242
2007-05-22 01:20:23 +00:00
Roger Dingledine
b89ad9eb1b mark a bug for nick to tackle -- we're rebuilding our router store more
often than we need to. reported by lodger.


svn:r10241
2007-05-22 01:17:08 +00:00
Roger Dingledine
6ede110c4d When choosing an entry guard for our circuit, avoid using guards
that are in the same family as the chosen exit -- not just guards
that are exactly the chosen exit. (Reported by lodger.)


svn:r10240
2007-05-22 01:01:24 +00:00
Roger Dingledine
82054e0dd2 Make the NodeFamilies config option work. (Reported by
lodger -- it has never actually worked, even though we added it
in Oct 2004.)


svn:r10238
2007-05-22 00:46:55 +00:00
Nick Mathewson
de5194eeaa r13025@Kushana: nickm | 2007-05-21 17:40:56 -0400
Bugfix and possible backport candidate: use the same logic as in read_all when reading resolv.conf.  Maybe this fixes bug 433.


svn:r10237
2007-05-21 21:48:02 +00:00
Peter Palfrader
d2f7a9d0cc Hopefully fix #429 for good by actually using, not just figuring out, the correct mmap
svn:r10233
2007-05-21 12:14:45 +00:00
Nick Mathewson
a4f5b99e61 r13023@Kushana: nickm | 2007-05-20 16:16:36 -0400
More bulletproofing on bug 429


svn:r10231
2007-05-20 20:16:45 +00:00
Nick Mathewson
21a72520ce r13021@Kushana: nickm | 2007-05-20 14:03:10 -0400
Provide actual reasons when dropping an uploaded extrainfo for incompatibility; also, clean whitespace.


svn:r10230
2007-05-20 18:03:26 +00:00
Nick Mathewson
5364833be0 r13017@Kushana: nickm | 2007-05-20 13:40:45 -0400
Address points in r10227.


svn:r10229
2007-05-20 17:43:55 +00:00
Nick Mathewson
bc26f28865 svn:r10228 2007-05-20 17:43:29 +00:00
Roger Dingledine
ddd0054a85 point out two remote crash bugs, a memory leak, and a few other
items we should probably look into.


svn:r10227
2007-05-20 14:15:23 +00:00
Nick Mathewson
0b661f6575 r12818@catbus: nickm | 2007-05-20 01:15:50 -0400
Look for extrainfo bodies in the extrainfo mmap, not in the descriptor mmap.  Duh.  Should fix bug 429.


svn:r10226
2007-05-20 05:15:53 +00:00
Peter Palfrader
6d46ece6ac Fix a loop in routerlist_assert_ok()
svn:r10224
2007-05-19 21:14:17 +00:00
Nick Mathewson
5f58bee0b0 r12812@catbus: nickm | 2007-05-19 16:17:36 -0400
Fix compilation with -O0; add unit tests for swap and shuffle.


svn:r10223
2007-05-19 20:17:37 +00:00
Nick Mathewson
6f8866a817 r12810@catbus: nickm | 2007-05-19 16:08:42 -0400
Fix bugs in extrainfo_insert, and change it to use desc_by_eid_map.


svn:r10222
2007-05-19 20:08:44 +00:00
Nick Mathewson
4d3ec5919e r12808@catbus: nickm | 2007-05-19 14:48:51 -0400
Fix another consistency error. 


svn:r10221
2007-05-19 18:48:53 +00:00
Nick Mathewson
48e30ce2c7 r12805@catbus: nickm | 2007-05-19 14:31:00 -0400
Fix a groovy memory corruption bug in routerlist_replace.


svn:r10220
2007-05-19 18:31:04 +00:00
Nick Mathewson
07199e3d09 r12804@catbus: nickm | 2007-05-19 14:21:18 -0400
Disable a blatantly incorrect control event with potential for memory corruption.


svn:r10219
2007-05-19 18:31:02 +00:00
Nick Mathewson
0a27b53252 r12802@catbus: nickm | 2007-05-19 14:12:27 -0400
clear some ram when freeing it; add some more checks to assert_routerlist_ok.


svn:r10218
2007-05-19 18:12:31 +00:00
Nick Mathewson
58d27cfc29 r12800@catbus: nickm | 2007-05-18 20:45:15 -0400
Possible fix for bug 417 and bug 404: do not insert our routerinfo directly; instead, re-parse it first.


svn:r10217
2007-05-19 00:45:17 +00:00
Nick Mathewson
61a116b3da r12798@catbus: nickm | 2007-05-18 20:31:54 -0400
Yet more debugging code to track down 417/404, inspired by a fun core from arma.


svn:r10216
2007-05-19 00:32:00 +00:00
Nick Mathewson
adf95e7f00 r12794@catbus: nickm | 2007-05-18 20:24:26 -0400
Make caches-extra-info lines parseable.


svn:r10215
2007-05-19 00:24:29 +00:00
Roger Dingledine
84c3a19170 found this in my sandbox
svn:r10214
2007-05-19 00:14:34 +00:00
Nick Mathewson
e476e61ce0 r12982@Kushana: nickm | 2007-05-18 15:15:14 -0400
Partial backport candidate: We had a bug where we were downloading descriptors by descriptor digest, but trying to look them up by identity fingerprint when updating their failure count and next retry time.  (Also use correct backoff logic for extrainfo code.)  Needs testing, doubtless.


svn:r10210
2007-05-18 21:19:53 +00:00
Nick Mathewson
ec55cf526d r12981@Kushana: nickm | 2007-05-18 14:12:19 -0400
First cut at code to download extra-info docs.  Also note a bad bug in directory.c (look for the string BUG BUG BUG).


svn:r10209
2007-05-18 21:19:19 +00:00
Nick Mathewson
b4bd9f772c r12771@catbus: nickm | 2007-05-16 18:12:32 -0400
Make -Wstrict-overflow=5 happy with GCC 4.2.  It is kind of a pain, but it does agood job of letting us know where we can make our code better by simplifying dependent conditionals.


svn:r10201
2007-05-16 22:16:13 +00:00
Nick Mathewson
2988d797eb r12770@catbus: nickm | 2007-05-16 17:49:26 -0400
Move around field order a little, in order to compact some structures. (Thanks to -Wpadded)


svn:r10200
2007-05-16 22:15:57 +00:00
Nick Mathewson
807adfc879 r12769@catbus: nickm | 2007-05-16 17:32:01 -0400
Fix warnings from -Wunsafe-loop-optimizations, which incidentally turned up a logic bug in connection_or_flush_from_first_active_circuit that would overcount the number of cells flushed.


svn:r10199
2007-05-16 22:15:48 +00:00
Nick Mathewson
b837191fd0 r12768@catbus: nickm | 2007-05-16 17:25:33 -0400
Fix GCC warnings related to local parameters/variables getting shadowed.


svn:r10198
2007-05-16 22:15:14 +00:00
Nick Mathewson
e043b86f47 r12764@catbus: nickm | 2007-05-15 17:17:39 -0400
Enable (and cope with) more GCC 4.2 warnings.


svn:r10196
2007-05-15 21:17:48 +00:00
Nick Mathewson
bfdc366037 r12763@catbus: nickm | 2007-05-15 05:29:33 -0400
Make --enable-gcc-warnings happy on the upcoming gcc 4.2


svn:r10195
2007-05-15 21:17:42 +00:00
Nick Mathewson
ca32b4d5b5 r12761@catbus: nickm | 2007-05-15 03:13:52 -0400
Be a lot smarter when parsing lists of routers and extrainfos.


svn:r10193
2007-05-15 07:13:56 +00:00
Nick Mathewson
a7514649c3 r12758@catbus: nickm | 2007-05-14 15:19:29 -0400
Cleanup, lock-down, and refactor bits of routerparse.c: use a single unified function to check all signatures. Fix all DOCDOCs. Remove some old dead debugging code. Enforce some parsing rules better.


svn:r10192
2007-05-14 22:51:05 +00:00
Roger Dingledine
37519d993d backport candidate: seems to me that r10153 won't work without
this patch too.


svn:r10187
2007-05-14 08:09:12 +00:00
Nick Mathewson
5f9d4d0587 r12750@catbus: nickm | 2007-05-13 10:08:13 -0400
Fix compilation in connection_edge.c


svn:r10186
2007-05-13 20:24:43 +00:00
Roger Dingledine
440b7f0c70 polish r9726-r9903
svn:r10182
2007-05-13 09:25:06 +00:00
Roger Dingledine
346826d97b If a directory authority is down, skip it when deciding where to get
networkstatus objects or descriptors. Otherwise we keep asking
every 10 seconds forever.
(adapted from r9880)


svn:r10175
2007-05-12 23:22:27 +00:00
Nick Mathewson
11f3e894d3 r12708@catbus: nickm | 2007-05-10 15:18:08 -0400
Patch from shibz: implement a getinfo status/version/... so a controller can tell whether the current version is recommended, whether any versions are good, and how many authorities agree.


svn:r10162
2007-05-10 19:30:02 +00:00
Nick Mathewson
e3b2a7b53b r12935@Kushana: nickm | 2007-05-10 11:25:09 -0400
Make buffer unit tests pass again


svn:r10158
2007-05-10 15:25:40 +00:00
Roger Dingledine
de11011b1b backport candidate: when we have k non-v2 authorities in our
dirservers lines, we ignored as many as k v2 authorities while
updating our network-statuses.

(not a problem right now since we have zero non-v2 authorities.
but if we ever change that...)


svn:r10157
2007-05-10 10:01:53 +00:00
Roger Dingledine
4e9a008e66 Backport candidate: if all of our dirservers have given us
bad or no networkstatuses lately, then stop hammering them
once per minute even if we think they're failed.


svn:r10156
2007-05-10 09:34:34 +00:00
Roger Dingledine
5ffabd4de4 backport candidate:
If a directory server runs out of space in the connection table
as it's processing a begin_dir request, it will free the exit stream
but leave it attached to the circuit, leading to unpredictable
behavior. (Reported by seeess, fixes bug 425.)


svn:r10154
2007-05-10 08:53:05 +00:00
Roger Dingledine
cd23b65a07 Backport candidate: count it as a failure if we fetch a valid
network-status but we don't want to keep it. Otherwise we'll keep fetching
it and keep not wanting to keep it. Fixes part of bug 422.


svn:r10153
2007-05-10 05:12:20 +00:00
Roger Dingledine
8e8144cd58 fix a printf size_t/int mismatch from r10150
svn:r10152
2007-05-10 04:04:44 +00:00
Roger Dingledine
de6b3512e9 move a few more situations over to the authority_type_t bitfield
svn:r10151
2007-05-10 04:01:28 +00:00
Nick Mathewson
34a09c24b5 r12706@catbus: nickm | 2007-05-09 18:39:46 -0400
Keep two freelists for buffer ram chunks: one of 4k chunks, and one of 16k chunks.  Also, document the whole business.


svn:r10150
2007-05-09 22:39:49 +00:00
Nick Mathewson
b248ed620f r12704@catbus: nickm | 2007-05-09 17:43:34 -0400
Periodically clean the freelist of buffer memory chunks.


svn:r10149
2007-05-09 21:43:41 +00:00
Nick Mathewson
ceac39aa8a r12697@catbus: nickm | 2007-05-09 00:15:40 -0400
Change authority_type_t to a set of flags; use it more consistently.


svn:r10144
2007-05-09 04:15:46 +00:00
Roger Dingledine
66f9240eb5 complain when we try to upload to, say, bridge authorities,
yet we didn't configure any first.


svn:r10143
2007-05-09 02:20:03 +00:00
Roger Dingledine
07bf274d98 Interim commit: new config options Bridge and UseBridges.
It is becoming increasingly clear to me that bridges should
be a special case of entry guards, not a whole separate pile
of nearly identical functions.


svn:r10141
2007-05-08 11:28:05 +00:00
Roger Dingledine
d136f2a7b2 When we are reporting the DirServer line we just parsed, we were
logging the second stanza of the key fingerprint, not the first.


svn:r10140
2007-05-08 10:33:46 +00:00
Roger Dingledine
54f5ab39b3 record the router purpose at each step of the circuit path.
i have the feeling this will come in handy.


svn:r10139
2007-05-08 10:11:53 +00:00
Roger Dingledine
1d3bb103a4 clean up some function argument names
svn:r10138
2007-05-08 10:01:33 +00:00
Roger Dingledine
a201861dc2 use the new _PublishServerDescriptor to publish descriptors either
to v2 authorities or to bridge authorities, depending on config.


svn:r10137
2007-05-08 09:13:30 +00:00
Roger Dingledine
e4f40dd794 Change the PublishServerDescriptor config option from a boolean
into a string: "v1", "v2", bridge", "". Continue to support
"0" and "1".


svn:r10136
2007-05-08 09:09:26 +00:00
Nick Mathewson
89753e2163 r12676@catbus: nickm | 2007-05-07 13:11:38 -0400
When we cannot find a micro-revision number, do not overwrite an already-present micro-revision.i.


svn:r10134
2007-05-07 17:11:53 +00:00
Roger Dingledine
95ead29574 prepare directory_post_to_dirservers() to hear what sort of
dir authority we'd like to upload to. at some point we should
pick a config option to say that in, for bridges.


svn:r10129
2007-05-07 09:28:48 +00:00
Roger Dingledine
f8a8b27dd2 add a 'bridge' flag for dirserver config entries
svn:r10128
2007-05-07 08:26:50 +00:00
Roger Dingledine
43411ceed3 Implement "getinfo status/circuit-established"
svn:r10120
2007-05-05 22:51:02 +00:00
Roger Dingledine
713626bd73 make it work on windows/etc again, i presume
svn:r10118
2007-05-04 10:43:01 +00:00
Roger Dingledine
10efbed2f5 ok, i'm not so good at counting
svn:r10117
2007-05-04 10:39:17 +00:00
Roger Dingledine
0ce53ca817 on the theory that my client_used hack is here to stay at least for the
next little while, make it only take effect _when there's an attached
origin circuit_, rather than from the first attached origin circuit
until death of the conn.


svn:r10116
2007-05-04 10:34:47 +00:00
Roger Dingledine
462dfe2012 make MaxAdvertisedBandwidth into a legal default
svn:r10115
2007-05-04 09:25:23 +00:00
Roger Dingledine
b1d93df038 if you're using relaybandwidthrate and relaybandwidthburst, make
sure that's reflected in your router descriptor.


svn:r10114
2007-05-04 09:20:13 +00:00
Roger Dingledine
dc795203aa early skeletal support for running a bridge directory authority
svn:r10112
2007-05-04 08:04:27 +00:00
Roger Dingledine
d112e7b1ad fix some code comments, a wrapper, and add a todo item
svn:r10111
2007-05-04 07:24:01 +00:00
Roger Dingledine
dfe93fb386 whoops, i missed main.c in my r10092
svn:r10098
2007-05-02 21:56:32 +00:00
Nick Mathewson
e2a49ed2f4 r12639@catbus: nickm | 2007-05-02 17:37:49 -0400
Start implementing key certificate parsing.  Note TODO items for combined 101/103.


svn:r10097
2007-05-02 21:37:55 +00:00
Nick Mathewson
da758f4a18 r12634@catbus: nickm | 2007-05-02 15:13:13 -0400
Shell tweaks suggested by weasel.


svn:r10094
2007-05-02 19:13:15 +00:00
Nick Mathewson
744d955bb3 r12632@catbus: nickm | 2007-05-02 14:59:55 -0400
Fix compilation-breaking r10092.


svn:r10093
2007-05-02 18:59:57 +00:00
Roger Dingledine
1b95bbdba6 New config option V2AuthoritativeDirectory that all directory
authorities should set. This will let future authorities choose 
not to serve V2 directory information.

Also, go through and revamp all the authdir_mode stuff so it tries
to do the right thing if you're an auth but not a V1 or V2 auth.


svn:r10092
2007-05-02 09:12:04 +00:00
Nick Mathewson
47d21abf15 r12627@catbus: nickm | 2007-05-01 16:42:21 -0400
Oops; downgrade a message to INFO.


svn:r10090
2007-05-01 20:42:23 +00:00
Nick Mathewson
26abac8c4c r12625@catbus: nickm | 2007-05-01 16:41:23 -0400
Remove the _UploadExtraInfo option, since I tried turning it on and moria[12] seem not to have exploded.


svn:r10089
2007-05-01 20:41:27 +00:00
Nick Mathewson
979b90001b r12622@catbus: nickm | 2007-05-01 16:29:19 -0400
Look at the version in the routerinfo as well as the versino in the networkstatus when deciding whether to upload extrainfo


svn:r10088
2007-05-01 20:29:32 +00:00
Nick Mathewson
c9c0d2846d r12621@catbus: nickm | 2007-05-01 16:22:56 -0400
Authority patch; backport candidate: include micro-versions in network status documents.


svn:r10087
2007-05-01 20:29:26 +00:00
Nick Mathewson
89ab267cfb r12619@catbus: nickm | 2007-05-01 16:13:42 -0400
Add code to upload extrainfos to authorities running 0.2.0.0-alpha-dev (r10070) or later.


svn:r10086
2007-05-01 20:13:49 +00:00
Nick Mathewson
0faaa16b0c r12615@catbus: nickm | 2007-05-01 09:48:45 -0400
Only replace micro-revision.i if it changes.


svn:r10085
2007-05-01 13:48:49 +00:00
Nick Mathewson
8f94f0540f r12611@catbus: nickm | 2007-04-30 22:49:00 -0400
For reasons which make sense to somebody, I'm sure, mingw gcc wants the libraries to appear at the end of the command line.  This is done by specifying them with LDADD in Makefile.am, not LDFLAGS.
 If anybody can explain to me why mingw thinks "gcc -o foo foo.o -lbar" is fine, whereas "gcc -lbar -o foo foo.o" is Doubleplusbad UnMingwThink, I'd quite appreciate it.  Until then, I'll just do what seems to work, and hope we don't blunder across any other great slumbering cthonian deities of arbitrary syntax.


svn:r10082
2007-05-01 02:53:32 +00:00
Nick Mathewson
fa39336e65 r12607@catbus: nickm | 2007-04-30 21:36:28 -0400
More attempt to fix win32 building.  This time, with extra linking.


svn:r10080
2007-05-01 01:36:32 +00:00
Roger Dingledine
e9c4dd1304 more cleanups on the hsusage patch
svn:r10077
2007-04-30 23:25:22 +00:00
Roger Dingledine
590c6ff33d identify the exit node correctly when we timeout and detach
from a circuit, even if the exit node is in the middle.

there are probably a few more places that need this fix too.


svn:r10076
2007-04-30 23:24:38 +00:00
Nick Mathewson
22f2f30a33 r12591@catbus: nickm | 2007-04-30 16:50:03 -0400
Minimize the libraries that we link things against: there is no reason to link tor-resolve against zlib, openssl, or libevent, for example.


svn:r10072
2007-04-30 20:50:09 +00:00
Nick Mathewson
e97a6dd01f r12587@catbus: nickm | 2007-04-30 15:47:39 -0400
Backport candidate: correctly set the purpose of routers that are inserted by the controller with purpose=controller.


svn:r10071
2007-04-30 19:48:45 +00:00
Nick Mathewson
0390a0499c r12586@catbus: nickm | 2007-04-30 15:43:05 -0400
More work for proposal 104: actually cache extrainfo documents to disk, and reload the cache properly.


svn:r10070
2007-04-30 19:48:39 +00:00
Nick Mathewson
ae40e7f633 r12585@catbus: nickm | 2007-04-30 14:38:37 -0400
(Needs review.) Allow directory authorities to accept multiple router descriptors and extra info documents in a single POST.  This will make implementing the client side of proposal 104 a lot simpler.


svn:r10069
2007-04-30 19:48:33 +00:00
Nick Mathewson
b27b09ae1e r12581@catbus: nickm | 2007-04-30 13:39:21 -0400
Minor cleanups on hidden service usage patch from Karsten: tidy documentation; make free_all idempotent (and safe to call even if we have not yet initialized rephist); and stop using "l" as a variable name (it is too easy to confuse with "1").


svn:r10068
2007-04-30 17:46:19 +00:00
Nick Mathewson
18ba9fe81f r12580@catbus: nickm | 2007-04-30 13:29:05 -0400
Initial version of patch from Karsten Loesing: Add an HSAuthorityRecordStats option to track statistics of overall hidden service usage without logging information that would be useful to an attacker.


svn:r10067
2007-04-30 17:46:13 +00:00
Nick Mathewson
6875559c49 r12579@catbus: nickm | 2007-04-30 13:26:53 -0400
Oops. Routerlist_check_bug_417 should work even if we are not on a server.


svn:r10066
2007-04-30 17:46:11 +00:00
Nick Mathewson
f2db099fc0 r12571@catbus: nickm | 2007-04-30 10:51:52 -0400
Check for more HAVE_* header defines when building eventdns.c


svn:r10063
2007-04-30 14:52:07 +00:00
Nick Mathewson
ee5a378665 r12570@catbus: nickm | 2007-04-30 10:49:50 -0400
Add an extra lock to try to get unit tessts passing reliably again.


svn:r10062
2007-04-30 14:52:05 +00:00
Nick Mathewson
566cdcd0c2 r12569@catbus: nickm | 2007-04-30 10:48:51 -0400
Do not use micro-revision.i on MSVC; it will only be useful to people who have make.


svn:r10061
2007-04-30 14:52:02 +00:00
Nick Mathewson
5b26a076c6 Oops; the "not in the routerlist" value for routerinfo_t.routerlist_index is -1, not 0.
svn:r10060
2007-04-30 14:32:22 +00:00
Nick Mathewson
65daa191fe r12567@catbus: nickm | 2007-04-30 10:26:35 -0400
Suggested by weasel: Add a fast function to check for the common failure mode for bug 417/404, and call it a lot.


svn:r10059
2007-04-30 14:26:38 +00:00
Nick Mathewson
43385b9bc9 r12565@catbus: nickm | 2007-04-30 10:09:07 -0400
Misc cleanup and bulletproofing on r10056.


svn:r10058
2007-04-30 14:09:11 +00:00
Nick Mathewson
420df2ce15 r12559@catbus: nickm | 2007-04-30 09:17:54 -0400
Fix bug 421: Only set the revision number from SVK if we have a runnable svk _and_ a ~/.svk directory.


svn:r10057
2007-04-30 13:17:57 +00:00
Roger Dingledine
5ba4eaba1c Let the controller specify HOP=%d as an argument to ATTACHSTREAM,
so we can exit from the middle of the circuit.


svn:r10056
2007-04-30 11:10:45 +00:00
Roger Dingledine
7fb4365cd3 Add a new config option __DisablePredictedCircuits designed for
use by the controller, when we don't want Tor to build any circuits
preemptively.


svn:r10054
2007-04-30 09:18:48 +00:00
Nick Mathewson
313ac313be r12557@catbus: nickm | 2007-04-30 01:36:39 -0400
Oops; the rest of the last patch. If that one gets backported, this should too.


svn:r10053
2007-04-30 05:36:41 +00:00
Nick Mathewson
f7acc3cfa0 r12553@catbus: nickm | 2007-04-30 01:32:54 -0400
Backport candidate:  Add asserts to dirserv_remove_invalid, and fix a bug in dirserv_remove_invalid that could mess with pointers in a freed routerinfo right after it was freed.


svn:r10052
2007-04-30 05:32:57 +00:00
Roger Dingledine
2d56d883c2 minor cleanups
svn:r10050
2007-04-30 04:00:06 +00:00
Nick Mathewson
e0b0c2a4d2 r12544@catbus: nickm | 2007-04-29 21:08:58 -0400
Fix an assertion when we call tor_free_all before calling do_main_loop(). Discovered by weasel.


svn:r10046
2007-04-30 01:09:03 +00:00
Roger Dingledine
397afcc3f6 Make PreferTunneledDirConns and TunnelDirConns work even when
we have no cached directory info. This means Tor clients can now
do all of their connections protected by TLS.


svn:r10035
2007-04-27 10:26:09 +00:00
Roger Dingledine
3d00738ec7 simplify connection_watch_events()
hope this doesn't break it


svn:r10025
2007-04-25 07:20:04 +00:00
Roger Dingledine
7c5f65c226 fix an assert error in r9995 (unlikely to happen, but still)
svn:r10024
2007-04-25 07:04:53 +00:00
Roger Dingledine
7b11f2c843 stop generating a 6-gig info-level log file after a day of running
svn:r10023
2007-04-25 06:10:16 +00:00
Roger Dingledine
5bdb138d11 cleanups, and note a bug
svn:r10022
2007-04-25 06:05:46 +00:00
Nick Mathewson
94eef608ae r12784@Kushana: nickm | 2007-04-23 19:24:09 -0400
Avoid another assert failure in the new buffer memory code.  (This time, it hit when freeing a 4k buffer with some data on it.)


svn:r10011
2007-04-23 23:24:53 +00:00
Nick Mathewson
3831d77dba r12782@Kushana: nickm | 2007-04-23 18:20:19 -0400
Avoid a segfault when freeing a buffer with size 0.


svn:r10010
2007-04-23 22:20:45 +00:00
Nick Mathewson
2f4784cbd8 r12499@catbus: nickm | 2007-04-23 10:42:23 -0400
Keep a freelist of unused 4k buffer chunks, rather than wasting 8k for every inactive connection_t.


svn:r10006
2007-04-23 14:42:27 +00:00
Nick Mathewson
473c266fc2 r12496@catbus: nickm | 2007-04-22 23:04:05 -0400
When logging memory usage, break down memory used in buffers by buffer type.


svn:r10004
2007-04-23 03:04:46 +00:00
Nick Mathewson
5cf600b57a r12492@catbus: nickm | 2007-04-22 20:24:02 -0400
Even more asserts to try to catch bug 404/417.


svn:r10003
2007-04-23 00:24:06 +00:00
Nick Mathewson
87b5928202 r12485@catbus: nickm | 2007-04-21 13:46:14 -0400
Document some fields in or.h


svn:r9998
2007-04-21 17:46:22 +00:00
Nick Mathewson
fb065724f7 r12484@catbus: nickm | 2007-04-21 13:45:58 -0400
Suppress display of version-detection junk in Makefile.am


svn:r9997
2007-04-21 17:46:17 +00:00
Nick Mathewson
bbd63a9ae0 r12482@catbus: nickm | 2007-04-21 13:30:24 -0400
Rename a couple of confusing fields


svn:r9996
2007-04-21 17:30:42 +00:00
Nick Mathewson
648065fcb4 r12763@Kushana: nickm | 2007-04-20 18:42:58 -0400
Initial version of code to stop using socket pairs for linked connections.  Superficially, it seems to work, but it probably needs a lot more testing and attention.


svn:r9995
2007-04-21 17:26:12 +00:00
Nick Mathewson
227b2e0226 r12759@Kushana: nickm | 2007-04-20 08:47:20 -0400
Track the number of connection_t separately from the number of open sockets.  It is already possible to have connections that do not count: resolving conns, for one.  Once we move from socketpairs to linked conns, and once we do dns proxying, there will be lots of such connections.


svn:r9994
2007-04-21 17:24:18 +00:00
Nick Mathewson
6ee5bef092 r12458@catbus: nickm | 2007-04-19 15:52:23 -0400
Fix a bug in displaying memory pool usage.  Also dump cell allocation, and track padded_cell_ts as they are allocated and freed, to make sure we are not leaking cells.


svn:r9992
2007-04-19 19:52:30 +00:00
Nick Mathewson
7392464b88 r12456@catbus: nickm | 2007-04-19 14:47:01 -0400
Make dumpmemusage() dump cell pool usage information.


svn:r9991
2007-04-19 18:47:04 +00:00
Nick Mathewson
bf4f0539cf r12434@catbus: nickm | 2007-04-19 11:23:35 -0400
When advancing a string pointer, make sure we do not later free the altered pointer.  Fixes bug 416, introduced in r9971.


svn:r9990
2007-04-19 15:23:38 +00:00
Nick Mathewson
addf2987c5 r12429@catbus: nickm | 2007-04-18 15:28:41 -0400
Make svn revision number visible in version even if building from a .tar.gz.  This was remarkably painless.


svn:r9988
2007-04-18 19:28:47 +00:00
Nick Mathewson
a973611834 r12425@catbus: nickm | 2007-04-17 17:16:38 -0400
Detect the svn version correctly when building from an svk checkout too.  Whee, fun with bash and make.


svn:r9985
2007-04-17 21:16:40 +00:00
Nick Mathewson
00941b0171 r12418@catbus: nickm | 2007-04-16 20:58:25 -0400
Twiddle tor_version_as_new_as() so we can check for particular svn revisions.  With unit tests, for added freshness.


svn:r9977
2007-04-17 00:58:30 +00:00
Nick Mathewson
bfac679cd4 A hack I've been wanting for a while: when building a -dev version
from an SVN repository, use the current svn revision in the platform
string and in the output of --version.



svn:r9976
2007-04-16 23:56:31 +00:00
Nick Mathewson
362fbc79d2 r12414@catbus: nickm | 2007-04-16 17:37:17 -0400
More proposal-104 stuff: actually remember extra-info stuff.


svn:r9975
2007-04-16 21:37:21 +00:00
Nick Mathewson
17e83a408f Fix some proposal-104 bugs.
svn:r9972
2007-04-16 18:54:56 +00:00
Nick Mathewson
6d32d9cb2d r12406@catbus: nickm | 2007-04-16 14:39:33 -0400
More proposal-104 stuff: add most of the code for authorities to accept and serve extra-info documents.  The back-end to store the things is missing.


svn:r9971
2007-04-16 18:39:39 +00:00
Nick Mathewson
2bb5e64289 r12403@catbus: nickm | 2007-04-16 13:55:03 -0400
Code to generate extrainfo whenever routerdesc is regenerated; code to check extrainfo against routerdesc.


svn:r9970
2007-04-16 17:55:08 +00:00
Nick Mathewson
7fb7658a45 r12401@catbus: nickm | 2007-04-16 12:28:01 -0400
Enforce checks for number of arguments to items in directory objects more uniformly.


svn:r9968
2007-04-16 16:28:06 +00:00
Nick Mathewson
a67f8a3787 r12388@catbus: nickm | 2007-04-16 00:17:29 -0400
Now that the directory parser checks for missing items, the rest of the code can just assert that they are there, rather than checking a second time.


svn:r9966
2007-04-16 04:18:29 +00:00
Nick Mathewson
cf02ab6d39 r12387@catbus: nickm | 2007-04-16 00:06:40 -0400
Refactor router/directory parsing backend: use a separate token table for everything that we parse, and enforce the correct count of each item.


svn:r9965
2007-04-16 04:18:21 +00:00
Nick Mathewson
5b220f65c8 r12385@catbus: nickm | 2007-04-15 22:55:58 -0400
Initial code to parse extra-info documents as described in proposal 104.  This is making me realize that the parsing code in routerparse.c is a little daft.


svn:r9963
2007-04-16 04:17:58 +00:00
Nick Mathewson
795aa1a196 r12351@catbus: nickm | 2007-04-11 12:09:46 -0400
More autoconf hacking: use same machinery to find zlib as for openssl and libevent.  Have unified library finder include setup for --with  variable.  Start trying to suggest to the user what packages they should install if finding the library fails.


svn:r9945
2007-04-11 16:28:44 +00:00
Nick Mathewson
38a5f09502 r12349@catbus: nickm | 2007-04-11 09:18:15 -0400
Add code to shrink the cell memory pool by discarding empty chunks that have been empty for the last 60 seconds.  Also, instead of having test.c duplicate declarations for exposed functions, put them inside #ifdef foo_PRIVATE blocks in the headers.  This prevents bugs where test.c gets out of sync.


svn:r9944
2007-04-11 13:18:25 +00:00
Nick Mathewson
1c8f9b319b r12344@catbus: nickm | 2007-04-10 21:27:25 -0400
Fix documentation and usage of 2nd argument to mp_pool_new.


svn:r9942
2007-04-11 01:27:33 +00:00
Nick Mathewson
51e4b8d706 r12338@catbus: nickm | 2007-04-10 20:29:05 -0400
Document memory pool implementation, and tweak it even mor.  See? Programming is fun.


svn:r9940
2007-04-11 00:30:34 +00:00
Nick Mathewson
28de06b8e6 r12337@catbus: nickm | 2007-04-10 17:55:26 -0400
Add support for using memory pools to allocate queued cell; pass --disable-cell-pool to configure to disable this.


svn:r9939
2007-04-11 00:30:29 +00:00
Nick Mathewson
6ba0b0e9f4 r12336@catbus: nickm | 2007-04-10 17:34:25 -0400
Unit tests and debugging for memory pool implementation.


svn:r9938
2007-04-11 00:30:25 +00:00
Nick Mathewson
f95d232483 r12332@catbus: nickm | 2007-04-10 12:24:45 -0400
Yet another attempted Bug 411 fix: Under some circumstances, a circuit can have cells without being active.  The likeliest is that it has been unlinked from all connections in preparation for closing.  Therefore, stop enforcing this non-invariant.


svn:r9936
2007-04-10 16:24:50 +00:00
Nick Mathewson
58a6761056 r12330@catbus: nickm | 2007-04-09 19:15:42 -0400
Split type of "packed cell" from "parsed cell"; pack cells before queueing them on circuits.  This will help us avoid dumb errors when we confuse the two types.


svn:r9935
2007-04-09 23:15:46 +00:00
Nick Mathewson
7529c8f548 r12328@catbus: nickm | 2007-04-09 18:16:31 -0400
Argh, missed another 9030 bogon.


svn:r9934
2007-04-09 22:16:33 +00:00
Nick Mathewson
2a07919198 r12326@catbus: nickm | 2007-04-09 17:36:41 -0400
Clean up crap from 9930.  I can hardly wait till I trust SVK 2.x enough to upgrade.


svn:r9933
2007-04-09 21:36:45 +00:00
Nick Mathewson
2dc6019edb r12688@Kushana: nickm | 2007-04-09 17:29:12 -0400
Simplify dns_resolve: use a helper function so that we handle the error/answer/pending cases uniformly in dns_resolve, and everything else in dns_resolve_impl.


svn:r9932
2007-04-09 21:34:13 +00:00
Nick Mathewson
9c3df07b56 r12687@Kushana: nickm | 2007-04-09 17:05:57 -0400
Try to fix bug 410: move responsibility for attaching/detaching initial streams from circuits into dns_resolve.  Needs refactoring a little.


svn:r9931
2007-04-09 21:34:03 +00:00
Nick Mathewson
32506ad282 svn:r9930 2007-04-09 21:33:49 +00:00
Nick Mathewson
98e5d10761 r12318@catbus: nickm | 2007-04-09 16:08:20 -0400
Fix the first half of bug 411: when we make a circuit active inactive on a connection, it _must_ actually be on that connection.


svn:r9929
2007-04-09 20:09:28 +00:00
Nick Mathewson
eb95ff9ba9 r12317@catbus: nickm | 2007-04-09 15:50:51 -0400
Fix second part of bug 411 (which was actually a separate bug): it isnt safe to clear a cell queue while the circuit is active.


svn:r9928
2007-04-09 20:09:26 +00:00
Roger Dingledine
f36c613dbc fix a memory leak when we ask for "all" networkstatuses and
we get one we don't recognize.
backport candidate.
backbackport candidate.


svn:r9918
2007-03-29 07:02:12 +00:00
Nick Mathewson
6589ea2a2f Fix a crash bug in cell queues: It is possible for a connection_write_to_buf to close the connection or otherwise unlink the circuit, which makes the circuit nonactive, which invalidates the pointer from the circuit to the next circuit on the active ring. Also add a bunch of asserts, most #ifdefed out.
svn:r9915
2007-03-29 02:41:36 +00:00
Nick Mathewson
d1ad950ca8 Turn bool_neq and bool_eq into macros.
svn:r9914
2007-03-29 02:37:06 +00:00
Nick Mathewson
98ae4bbd0f Comment out the "clear queue when sending a destroy" logic: it seems potentially dangerous. (see comment for details)
svn:r9913
2007-03-29 02:32:00 +00:00
Nick Mathewson
a25c5d6994 r12654@Kushana: nickm | 2007-03-25 19:03:44 -0400
Add documentation for cell queue functions; make destroy cells result in cell queues getting cleared before the destroy gets sent.


svn:r9907
2007-03-26 14:08:35 +00:00
Nick Mathewson
83b2208ea4 r12653@Kushana: nickm | 2007-03-25 18:21:38 -0400
Add documentation for make_old argument to routerlist functions.


svn:r9906
2007-03-26 14:08:29 +00:00
Nick Mathewson
d1381aef82 r12652@Kushana: nickm | 2007-03-25 15:01:48 -0400
A surprisingly simple patch to stop reading on edge connections when their circuits get too full, and start again when they empty out.  This lets us remove the logic to block begin_dir conns when the corresponding or conns get full: it was already broken by cell queues anyway.


svn:r9905
2007-03-26 14:08:18 +00:00
Nick Mathewson
38c0bb3a99 r12651@Kushana: nickm | 2007-03-24 18:26:42 -0400
Initial version of circuit-based cell queues.  Instead of hammering or_conns with piles of cells, queue cells on their corresponding circuits, and append them to the or_conn as needed.  This seems to work so far, but needs a bit more work.  This will break the memory-use-limitation patch for begin_dir conns: the solution will be a fun but fiddly.


svn:r9904
2007-03-26 14:07:59 +00:00
Nick Mathewson
6e51bdd5e4 r12274@catbus: nickm | 2007-03-26 09:29:18 -0400
Possibly resolve bug reported by xiando.


svn:r9903
2007-03-26 13:30:17 +00:00
Nick Mathewson
da6bd21b72 r12644@0-41-wifi: nickm | 2007-03-23 16:02:23 -0400
Eliminate more redundant circuit_t arguments when edge_connection_t is already supplied and the circuit is already attached.


svn:r9900
2007-03-24 15:58:11 +00:00
Nick Mathewson
306d5400c3 r12643@0-41-wifi: nickm | 2007-03-23 14:56:35 -0400
Refactor a bunch of functions that take edge_connection_t not to also take a crypt_path_t; the cpath is implicit.


svn:r9899
2007-03-24 15:57:51 +00:00
Roger Dingledine
2cf63f8a62 Don't save non-general-purpose router descriptors to the disk cache,
because we have no way of remembering what their purpose was when
we restart.


svn:r9894
2007-03-21 15:37:30 +00:00
Roger Dingledine
c36a6210a2 put the stopgap on whether we've sent a create cell, not
whether we've attached a stream.


svn:r9883
2007-03-20 03:26:51 +00:00
Roger Dingledine
93e7627694 a stopgap measure while we wait for proposal 111: apply the
stricter rate limiting to all OR conns except those that have
been touched by local circuits.


svn:r9882
2007-03-20 03:21:51 +00:00
Roger Dingledine
b4f743562f Add a separate set of token buckets for relayed traffic. Right
now that's just defined as answers to directory requests.


svn:r9881
2007-03-20 02:55:31 +00:00
Roger Dingledine
4ab0b979b2 temporary hack to solve bug 384, so i can get on with debugging
other stuff.


svn:r9880
2007-03-20 02:10:18 +00:00
Roger Dingledine
0724bc113f correct a function comment that's become wrong
svn:r9879
2007-03-19 23:32:30 +00:00
Nick Mathewson
141efb86ff r12230@catbus: nickm | 2007-03-17 17:34:32 -0400
Remove some duplicated code in control.c: unify the "parse space-separated arguments and warn if there are too few" logic into a single helper function.


svn:r9866
2007-03-17 21:34:41 +00:00
Nick Mathewson
d787ef906a r12229@catbus: nickm | 2007-03-17 17:20:28 -0400
Add a warning when using obsolete "GUARDS" event.  Also, remove obsolete "if (1) {}"s from control.c: big patch, mostly just dedenting block contents.


svn:r9865
2007-03-17 21:34:37 +00:00
Roger Dingledine
75754b4d8e other minor fixes lurking in my sandbox
svn:r9854
2007-03-17 04:34:31 +00:00
Roger Dingledine
9d7dc1b37b forward-port r9850 and the changelogs
(it's a band)


svn:r9853
2007-03-17 04:32:04 +00:00
Roger Dingledine
4813ff04e8 Fix an infinite loop introduced in 0.1.2.7-alpha when we serve
directory information requested inside Tor connections (i.e. via
begin_dir cells). It only triggered when the same connection was
serving other data at the same time. Reported by seeess.

Backport candidate.


svn:r9841
2007-03-16 06:55:09 +00:00
Roger Dingledine
d374616301 clean up some minor typos and log confusions
svn:r9832
2007-03-15 22:47:21 +00:00
Nick Mathewson
e50e6b4e3c r12182@catbus: nickm | 2007-03-15 10:58:12 -0400
Clarify section of dir-spec.txt that explains how "v" resolution happens.


svn:r9829
2007-03-15 16:27:57 +00:00
Roger Dingledine
ad304a5cbb change my mind -- correct the spec to match the code's
behavior for getinfo addr-mappings/*. this is because
the code and spec have been mismatched since at least
0.1.1.x, so i would be surprised if nobody at all is
relying on the current behavior.

backport candidate.
backbackport candidate.


svn:r9823
2007-03-15 06:25:00 +00:00
Roger Dingledine
8ca31c8195 Make the response to 'getinfo addr-mappings/*' follow the spec.
svn:r9822
2007-03-15 06:10:58 +00:00
Roger Dingledine
c995a36972 typo in error message led to breaking the protocol. also
pointed out by daejees.


svn:r9819
2007-03-15 03:15:34 +00:00
Roger Dingledine
5b8adc7c9b Make 'getinfo fingerprint' return a 551 error if we're not a
server, so we match what the control spec claims we do. Reported
by daejees.


svn:r9818
2007-03-15 03:11:53 +00:00
Roger Dingledine
5740071674 the spec called it a GUARDS event, but the code called
it a GUARD event. standardize on GUARD, but support people
asking for GUARDS too. reported by daejees.

backport candidate.


svn:r9817
2007-03-14 23:50:41 +00:00
Roger Dingledine
bf3b3a44f3 Stop allowing hibernating servers to be "stable" or "fast".
This is what I meant to do in r9690 but didn't actually do.


svn:r9808
2007-03-13 01:59:09 +00:00
Nick Mathewson
6363a7ccf5 r12538@Kushana: nickm | 2007-03-11 17:10:22 -0400
Fix a lame assert, I hope.


svn:r9801
2007-03-11 21:10:54 +00:00
Roger Dingledine
7fedd6ab4e best not to introduce new technical terms if we don't need to
svn:r9800
2007-03-11 20:52:07 +00:00
Nick Mathewson
98c3403ce7 r12535@Kushana: nickm | 2007-03-11 16:34:40 -0400
Fix a comment and add a couple of  assert to try to track down another assert in routerlist_assert_ok()


svn:r9799
2007-03-11 20:34:44 +00:00
Nick Mathewson
97b61b9889 r12519@Kushana: nickm | 2007-03-10 00:57:01 -0500
Remove a redundant check for event.h; add some comments, and reformat.


svn:r9790
2007-03-10 07:38:42 +00:00
Roger Dingledine
4ca75ecc49 holy cow, those windows unames are long. don't distract so
much from the important part of this log message.


svn:r9789
2007-03-10 06:33:44 +00:00
Roger Dingledine
a247792169 Directory authorities now call routers stable if they have an
uptime of at least 30 days, even if that's not the median uptime
in the network. Implements proposal 1xx, suggested by Kevin Bauer
and Damon McCoy.


svn:r9788
2007-03-10 05:43:35 +00:00
Nick Mathewson
02ce8e6b12 r12474@Kushana: nickm | 2007-03-06 16:10:05 -0500
We have a PATH_SEPARATOR macro.  How about we use it?


svn:r9782
2007-03-09 21:39:30 +00:00
Roger Dingledine
fe94914b98 Put a platform string (e.g. "Linux i686") in the startup log
message, so when people paste just their logs, we know if it's
openbsd or windows or what.


svn:r9775
2007-03-09 08:56:39 +00:00
Roger Dingledine
b97dca4510 forward-port the bugfix from juliusz
svn:r9772
2007-03-09 08:48:53 +00:00
Roger Dingledine
064ff7b33d get rid of an info-level log message that occurs many times a
minute when we haven't needed circuits lately.


svn:r9771
2007-03-09 08:48:21 +00:00
Nick Mathewson
2036470b62 r12098@catbus: nickm | 2007-03-06 18:48:50 -0500
Try to make unit tests happier on 64-bit platforms.


svn:r9752
2007-03-06 23:48:55 +00:00
Nick Mathewson
5d1bee87ff r12468@Kushana: nickm | 2007-03-06 15:24:00 -0500
More unit tests: gcov is fun.


svn:r9748
2007-03-06 20:25:44 +00:00
Nick Mathewson
c9e2766e75 r12461@Kushana: nickm | 2007-03-06 13:26:17 -0500
More autoconf fixes and updates. Maybe the bsd buildbots will be happy again.


svn:r9747
2007-03-06 20:25:32 +00:00
Roger Dingledine
78cbfcf651 and one more not-really-an-error case
svn:r9743
2007-03-06 19:37:18 +00:00
Roger Dingledine
5217d3680e clean up a log message, and stop calling it an error when
we exit cleanly


svn:r9742
2007-03-06 19:33:43 +00:00
Nick Mathewson
52713788b4 r12080@catbus: nickm | 2007-03-04 21:40:55 -0500
Remove dnsworkers and related code. there goes another 550 lines of code.


svn:r9736
2007-03-05 02:40:58 +00:00
Nick Mathewson
92f62b3684 r12077@catbus: nickm | 2007-03-04 16:08:23 -0500
Remove support for v0 control protocol from 0.2.0.x trunk; send back error when we receive a v0 control message.  (Leave "if(v1){...}"blocks indented for now so this patch is easier to read.)  ((Finally, the linecount goes _down_ a little.))


svn:r9735
2007-03-04 21:08:28 +00:00
Nick Mathewson
7fcceb2c25 r12074@catbus: nickm | 2007-03-04 15:11:43 -0500
Make all LD_BUG log messsages get prefixed with "Bug: ".  Remove manually-generated "Bug: "s from log-messages.  (Apparently, we remembered to add them about 40% of the time.)


svn:r9733
2007-03-04 20:11:46 +00:00
Nick Mathewson
70e5a83a77 r12057@catbus: nickm | 2007-03-04 13:58:32 -0500
Clarify some log messages; note others that could be improved later.


svn:r9724
2007-03-04 18:58:38 +00:00
Nick Mathewson
5f9f62daa2 r12053@catbus: nickm | 2007-03-03 16:45:38 -0500
Remove some XXX012s: leave a check in connection_or_set_identity_digest it costs basically nothing to do on average.  Forget about reinstating the user check on NT Service creation.  Note that a notice message in main.c ("Is something wrong with your network connection?") is really useless.


svn:r9721
2007-03-03 21:55:31 +00:00
Nick Mathewson
25508347ec r12051@catbus: nickm | 2007-03-03 16:15:52 -0500
nt_service_is_stopping should not load the NT service library calls: if they are not loaded, we cannot possibly be a service trying to shut own.  Bug found by "norvid" on or-talk.  Also, rename function to something slightly less error-prone.


svn:r9720
2007-03-03 21:16:07 +00:00
Roger Dingledine
6b191f854c resolve another xxx012
svn:r9701
2007-03-01 04:40:43 +00:00
Roger Dingledine
dba4e040fc Disable encrypted directory connections when we don't have a server
descriptor for the destination. We'll get this working again in
the 0.2.0 branch.


svn:r9700
2007-03-01 04:26:30 +00:00
Roger Dingledine
a46bd9942d bonus points if it builds on 64 bit
svn:r9698
2007-03-01 03:59:28 +00:00
Roger Dingledine
b0aaa88433 make the prefertunnel stuff less obviously broken
svn:r9697
2007-03-01 03:56:21 +00:00
Nick Mathewson
2780bb74c8 r12014@catbus: nickm | 2007-02-28 19:41:20 -0500
Niels has accepted the patch from Scott Lamb to implement better signal handling: I can take "get the pthread_sigprocmask situation under control" off my plate.


svn:r9696
2007-03-01 00:41:35 +00:00
Nick Mathewson
df5a8aa931 r12013@catbus: nickm | 2007-02-28 18:26:13 -0500
Note a piece of code that needs to get resolved, before we forget it.


svn:r9695
2007-03-01 00:41:33 +00:00
Nick Mathewson
11d89141ac r12012@catbus: nickm | 2007-02-28 18:25:18 -0500
Twiddle constants wrt uploading hidden service descriptors.


svn:r9694
2007-03-01 00:41:28 +00:00
Roger Dingledine
b78f67dbf5 - Stop calling servers that have been hibernating for a long time
"stable". Also, stop letting hibernating or obsolete servers affect 
  uptime and bandwidth cutoffs.
- Stop listing hibernating servers in the v1 directory.


svn:r9690
2007-02-28 21:06:05 +00:00
Roger Dingledine
9fd669c339 note another wishlist item for the arma
svn:r9689
2007-02-28 20:49:09 +00:00
Nick Mathewson
f38240435a r12001@catbus: nickm | 2007-02-28 15:24:12 -0500
Try to build without warnings on mingw with verbose warnings on.  First attempt.


svn:r9688
2007-02-28 20:24:27 +00:00
Nick Mathewson
3008c3b768 r12000@catbus: nickm | 2007-02-28 15:12:21 -0500
Try to fix eventdns bug 326 again, this time by noting that rcode 2 (serverfailed) does not really mean "The server is useless."


svn:r9687
2007-02-28 20:24:23 +00:00
Roger Dingledine
08c75f4349 avoid a few headaches
svn:r9686
2007-02-28 20:24:09 +00:00
Nick Mathewson
2ee2e63631 r11996@catbus: nickm | 2007-02-28 13:52:48 -0500
Add an MSC_VER check I missed.


svn:r9684
2007-02-28 18:52:57 +00:00
Nick Mathewson
deef370a1c r11987@catbus: nickm | 2007-02-28 12:34:04 -0500
add another u64-related unit test.


svn:r9681
2007-02-28 17:34:07 +00:00
Nick Mathewson
c8659db28d r11982@catbus: nickm | 2007-02-28 11:55:41 -0500
Add unit tests for tor_parse_uint64


svn:r9678
2007-02-28 16:56:28 +00:00
Nick Mathewson
dae5fc7982 r11981@catbus: nickm | 2007-02-28 11:55:27 -0500
Clamp declarable bandwidth at INT32_MAX, not INT_MAX.


svn:r9677
2007-02-28 16:56:07 +00:00
Nick Mathewson
d6368fd075 r11976@catbus: nickm | 2007-02-27 19:35:59 -0500
Add some missing (redundant but helpful in most cases) static declarations, and remove a function nobody was calling.


svn:r9672
2007-02-28 00:36:03 +00:00
Nick Mathewson
1a3e1c5510 r11970@catbus: nickm | 2007-02-27 19:17:27 -0500
Fix a bug found by Udo van den Heuvel: avoid an assertion failure when a controller sets and clears EntryNodes before the next call to choose_random_entry().  Also make a function static.


svn:r9669
2007-02-28 00:23:05 +00:00
Nick Mathewson
4d127acb53 r11958@catbus: nickm | 2007-02-26 22:28:03 -0500
Add a missing set to onion_key_set_at to avoid premature rotates.


svn:r9662
2007-02-27 03:53:40 +00:00
Nick Mathewson
82e2d6001a r11954@catbus: nickm | 2007-02-26 13:01:19 -0500
Note some optimizations that are probably not worth it for 0.1.2.x based on preliminary profiling.


svn:r9659
2007-02-26 18:01:23 +00:00
Roger Dingledine
522a97098b more cleanups; getting closer
svn:r9655
2007-02-26 05:36:02 +00:00
Roger Dingledine
9e44449946 fix a bug in our logic, but point out that maybe it's moot
svn:r9654
2007-02-26 05:33:17 +00:00
Nick Mathewson
333bf44471 r11944@catbus: nickm | 2007-02-25 14:43:18 -0500
Add a lower-bound on MaxAdvertisedBandwidth.


svn:r9652
2007-02-25 19:43:23 +00:00
Nick Mathewson
938de88e3b r11942@catbus: nickm | 2007-02-25 11:22:12 -0500
Fix connection_get_by_type_state_rendquery(): This has been bogus for most of 0.1.2.x.  Thanks to Karsten Loesing for finding the bug; fixes bug 399.


svn:r9651
2007-02-25 16:22:36 +00:00
Roger Dingledine
5fd4f7c131 the other half of r9572, suggested by seeess: when we receive
a v1 dir or rr that is too old, don't even cache it.


svn:r9649
2007-02-25 03:43:00 +00:00
Nick Mathewson
dde4bc1fd3 r11933@catbus: nickm | 2007-02-24 18:55:33 -0500
Fix a bug in 9572: after we decref a defunct v1 directory, drop the main reference to it.  Should fix bug 396.  Many thanks to seeess for tracking this one down.


svn:r9648
2007-02-24 23:55:36 +00:00
Roger Dingledine
d6c21ab8a7 tell the user if we're delaying his newnym request. also, pick
a different set of fenceposts.


svn:r9647
2007-02-24 21:21:38 +00:00
Nick Mathewson
af57074f08 r11931@catbus: nickm | 2007-02-24 15:28:34 -0500
crank up the length of the maximum allowed control message.


svn:r9644
2007-02-24 20:28:41 +00:00
Nick Mathewson
b4243d7dfa r11929@catbus: nickm | 2007-02-24 15:02:43 -0500
Split possibly long log line.


svn:r9643
2007-02-24 20:02:47 +00:00
Nick Mathewson
501659e67c r11927@catbus: nickm | 2007-02-24 14:49:31 -0500
Make sure every error case of router_dump_router_to_string warns about what actually went wrong.


svn:r9642
2007-02-24 19:49:35 +00:00
Roger Dingledine
fc81b71055 if we can't read bandwidthrate, at least tell us what it was.
svn:r9640
2007-02-24 19:29:42 +00:00
Nick Mathewson
cc64d1f111 r11917@catbus: nickm | 2007-02-24 03:18:52 -0500
Fix another XXX012 in eventdns.c: tell the DNS request about malformed DNS replies.


svn:r9637
2007-02-24 08:18:59 +00:00
Roger Dingledine
50f22e858a doc pedant
svn:r9634
2007-02-24 07:50:38 +00:00
Nick Mathewson
f599adf40a r11909@catbus: nickm | 2007-02-24 02:37:40 -0500
Move tricky "delete the member of the smartlist currently under iteration" logic into its own happyfun macro.


svn:r9633
2007-02-24 07:37:45 +00:00
Roger Dingledine
2015479b5a fix crash introduced in r9622
svn:r9632
2007-02-24 06:44:40 +00:00
Roger Dingledine
748c502e3a fix a log message that was broken long ago and never noticed
svn:r9630
2007-02-24 05:36:45 +00:00
Roger Dingledine
d63c58249e make it stop crashing when i exercise the new entrynodes behavior in
r9574. this hack is getting pretty darn hackish; perhaps it's time to
not use SMARTLIST_FOREACH in this situation.


svn:r9629
2007-02-24 04:17:29 +00:00
Roger Dingledine
33430d3a9e bugfix on r9568: we were throwing around an uninitialized
nickname array, and only treating a server as reachable if
the array magically has the right nickname in it. this was
causing the authorities to label only themselves as running,
and clients were "mysteriously" failing.


svn:r9628
2007-02-24 01:26:09 +00:00
Roger Dingledine
9946bb7fbd cosmetic, comment, and todo fixes
svn:r9627
2007-02-24 01:12:53 +00:00
Nick Mathewson
4e05ccb289 r11900@catbus: nickm | 2007-02-23 18:11:04 -0500
Fix null-pointer access on update_router_descriptor_cache_downloads.


svn:r9626
2007-02-23 23:11:08 +00:00
Nick Mathewson
ddc34f6037 r11898@catbus: nickm | 2007-02-23 16:55:43 -0500
Two XXX012 comments turned out to be bogus; remove them and document why.


svn:r9625
2007-02-23 21:56:10 +00:00
Nick Mathewson
55cbbdf9bf r11895@catbus: nickm | 2007-02-23 15:12:58 -0500
Make remap stream events have a souce; make them generated every time we get a successful connected or resolved cell.  Also change reported stream target address to IP consistently when we get the IP from an exit node.


svn:r9624
2007-02-23 20:13:02 +00:00
Nick Mathewson
f1d207b29a r11885@catbus: nickm | 2007-02-23 13:34:24 -0500
Fix an XXXX012: make entry guards _really_ get retried when the network comes back online.


svn:r9622
2007-02-23 18:34:35 +00:00
Nick Mathewson
a98efbf285 r11877@catbus: nickm | 2007-02-22 02:24:50 -0500
Fix doc about when circuit_build_needed_circs() is called. Resolves another xxxx012.


svn:r9617
2007-02-22 07:41:14 +00:00
Nick Mathewson
a2a52b4d5f r11876@catbus: nickm | 2007-02-22 02:23:13 -0500
Fix two XXXX012 issues in routerlist.c: a possible performance issue hasnt shown up on any profiles, so unflag it.  Stop warning when we get a router descriptor that we asked for but no longer want: just drop it (if we are not a cache) or cache if (if we are).


svn:r9616
2007-02-22 07:41:10 +00:00
Nick Mathewson
b3392559d4 r11873@catbus: nickm | 2007-02-22 01:21:14 -0500
twiddle signewnym rate-limiting patch so every signal gets handled eventually.  document it in control-spec. add a changelog.


svn:r9615
2007-02-22 06:21:19 +00:00
Nick Mathewson
fe9224dabc r11872@catbus: nickm | 2007-02-22 01:08:46 -0500
patch from mwenge: rate-limit newnym.


svn:r9614
2007-02-22 06:21:16 +00:00
Nick Mathewson
809a4daa52 r11859@catbus: nickm | 2007-02-21 00:53:27 -0500
Fix use of predict. this should get refactored, but now now.


svn:r9611
2007-02-21 05:57:08 +00:00
Nick Mathewson
2a4fc8533c r11858@catbus: nickm | 2007-02-21 00:27:44 -0500
As a trivial optimization, remove a redundant call to router_have_minimum_dir_info.  This might shave 2% on some systems by according to some profilers.


svn:r9610
2007-02-21 05:56:53 +00:00
Nick Mathewson
aade1b9204 r11844@catbus: nickm | 2007-02-17 16:53:42 -0500
Note a problematic warning.


svn:r9599
2007-02-17 23:49:50 +00:00
Nick Mathewson
d2893398f6 r11832@catbus: nickm | 2007-02-16 15:31:59 -0500
Fix 35 remaining DOCDOC comments. Yowza.


svn:r9596
2007-02-16 20:39:37 +00:00
Nick Mathewson
a3ec172e1a r11827@catbus: nickm | 2007-02-16 15:00:39 -0500
Try to fix VC++ int conversion warning.


svn:r9595
2007-02-16 20:01:21 +00:00
Nick Mathewson
11e5656ab7 r11826@catbus: nickm | 2007-02-16 14:58:38 -0500
Resolve 56 DOCDOC comments.


svn:r9594
2007-02-16 20:01:02 +00:00
Nick Mathewson
ae7576a19e r11825@catbus: nickm | 2007-02-16 14:04:36 -0500
Fix DOCDOC items in or.h; rename a couple of macros to be more sensible.


svn:r9593
2007-02-16 20:00:50 +00:00
Nick Mathewson
d4aaffc6e7 r11824@catbus: nickm | 2007-02-16 13:16:47 -0500
Move all struct-offset-manipulation macros into util.h, and use them consistently.  Because there are days when "SUBTYPE_P(handle, subtype, _base)" is just easier to read and write than "(basetp*)(((handle) - STRUCT_OFFSET(subtype, _base))".


svn:r9592
2007-02-16 20:00:43 +00:00
Nick Mathewson
e5d3269b10 r11822@catbus: nickm | 2007-02-16 12:49:20 -0500
Tech config.c about libevent 1.3, and resolve all docdoc elements in config.c


svn:r9591
2007-02-16 18:12:47 +00:00
Nick Mathewson
6e35b11851 r11813@catbus: nickm | 2007-02-14 11:42:58 -0500
Tweak stream_bw patch: Remove a couple of redundant checks, save 8 bytes per edge connection, fix spelling in the changelog; expand spec.


svn:r9586
2007-02-14 16:46:55 +00:00
Nick Mathewson
4a74812c70 r11812@catbus: nickm | 2007-02-14 11:22:08 -0500
Apply stream_bw patch from Robert Hogan.


svn:r9585
2007-02-14 16:46:49 +00:00
Nick Mathewson
a10ccac9cb r11797@catbus: nickm | 2007-02-13 16:17:40 -0500
Fix a longstanding dnsworker-related bug: when we decide to kill a DNS worker for having been in use too long, and we independently decide to close one of the exit connections waiting for that DNS worker (perhaps because we got an END relay cell), it was possible for us to try to double-free the connection.  We were smart enough to detect this and assert, but not smart enough to fix this bug before now.  This should resolve bug 390.  Backport candidate.


svn:r9581
2007-02-13 21:18:56 +00:00
Nick Mathewson
d9c095be3e r11787@catbus: nickm | 2007-02-12 21:01:34 -0500
Always remove expired routers and networkstatus docs before checking whether we have enough information to build circuits. (Fixes bug 373.)


svn:r9575
2007-02-13 02:01:38 +00:00
Nick Mathewson
3c691b9da6 r11785@catbus: nickm | 2007-02-12 20:27:48 -0500
Node-picking fixes: Never warn when a down node is listed in a config option (bug 348); always warn when a node in a config option is unnamed.  Also, when entrynodes is configured, then build the guard list as: (parts of EntryNodes that were guards before), (the rest of EntryNodes), (the rest of the old guards).  This last point ensures that EntryNode users will get the EntryNodes they want with the minimum change to their guard list.


svn:r9574
2007-02-13 01:27:55 +00:00
Nick Mathewson
95b828b685 r11781@catbus: nickm | 2007-02-12 18:31:33 -0500
Discard any v1 directory info that is so old as to be useless.  (Fixes bug 387)


svn:r9572
2007-02-12 23:39:24 +00:00
Nick Mathewson
b16c544509 r11779@catbus: nickm | 2007-02-12 16:52:29 -0500
Do not try to load advapi32.dll except when the user asks us to do something with NT services.  When we _do_ try, always treat failure to load service functions as an exit-worthy error.  Needs testing. (Fixes bug 389)


svn:r9571
2007-02-12 21:52:32 +00:00
Nick Mathewson
759c58151e r11775@catbus: nickm | 2007-02-12 16:39:09 -0500
Update copyright dates.


svn:r9570
2007-02-12 21:39:53 +00:00
Nick Mathewson
30e7c05075 r11774@catbus: nickm | 2007-02-12 16:31:47 -0500
Handle errors on opening cached-routers* more uniformly and sanely: log not-found errors at level INFO, and all other errors at level WARN.  Needs testing on win32.


svn:r9569
2007-02-12 21:39:44 +00:00
Nick Mathewson
0c40a080a4 r11773@catbus: nickm | 2007-02-12 15:18:48 -0500
Implement proposal 106: stop requiring clients to have certificates, and stop checking for nicknames in certificates.  [See proposal 106 for rationale.]  Also improve messages when checking TLS handshake, to re-resolve bug 382.


svn:r9568
2007-02-12 21:39:33 +00:00
Roger Dingledine
5915eecdb3 be even pickier about our socks command. this resolves a warning
we get when we hang up on an unhandshaked socks connection. i'm
still seeing these from polipo. darn it.


svn:r9565
2007-02-12 03:01:36 +00:00
Roger Dingledine
4e67d5196f remove the socks-wait verbose logging. juliusz found and fixed the
polipo bug.


svn:r9553
2007-02-11 02:36:51 +00:00
Roger Dingledine
731d37f717 more useful log messages when we give up on a stream
svn:r9552
2007-02-11 02:15:42 +00:00
Nick Mathewson
24e7b9b983 r12213@Kushana: nickm | 2007-02-10 16:25:39 -0500
Refactor setconf implementation to be a little slower, but far less error prone.


svn:r9549
2007-02-10 21:26:29 +00:00
Nick Mathewson
2c521d9804 r12212@Kushana: nickm | 2007-02-10 16:09:38 -0500
Remove XXXX012 for apparently resolved bug


svn:r9548
2007-02-10 21:26:17 +00:00
Roger Dingledine
01ddb05fba Stop crashing when the controller asks us to resetconf more than
one config option at once. (Vidalia 0.0.11 does this.)
Backport candidate.


svn:r9545
2007-02-10 07:04:46 +00:00
Roger Dingledine
b3ac3acefc If we start a server with ClientOnly 1, then set ClientOnly to 0
and hup, stop triggering an assert based on an empty onion_key.


svn:r9540
2007-02-09 00:22:43 +00:00
Nick Mathewson
ec54857870 r11732@catbus: nickm | 2007-02-08 18:12:54 -0500
Fix an "uninitialized variable" warning.


svn:r9536
2007-02-08 23:24:03 +00:00
Nick Mathewson
76f61da37b r11727@catbus: nickm | 2007-02-08 17:07:50 -0500
Explain that update_router_desciptor_downloads happens every 10 seconds in main.c, and we don't need to call it from directory.c


svn:r9534
2007-02-08 22:08:04 +00:00
Nick Mathewson
e00a1cbf16 r11726@catbus: nickm | 2007-02-08 16:04:53 -0500
Resolve some XXXX012 items:
   - Remove PathlenCoinWeight: if we want it again, we can add it
     back in.
   - Ditto with RelayBandwidth*.
   - Decide to leave in the "hey, you didn't set end_reason!" BUG log message,
     but stop telling people to bug me personally.
   - Postpone strengthening assert_connection_ok(): it's important, but 
     it's also a good way to introduce weird bugs.
   - Move some expensive consistency checking from dns_free_all() into
     assert_cache_ok().


svn:r9533
2007-02-08 22:07:56 +00:00
Roger Dingledine
90b53beec5 add a comment so i stop worrying
svn:r9532
2007-02-08 20:27:58 +00:00
Nick Mathewson
a1a9c66ce5 r11717@catbus: nickm | 2007-02-08 14:44:30 -0500
Clear up some XXX012s in routerlist.c: make smartlist_choose_by_bandwidth handle statuses with no corresponding routers much better.


svn:r9531
2007-02-08 19:44:55 +00:00
Nick Mathewson
69def349e0 r11716@catbus: nickm | 2007-02-08 14:19:24 -0500
Warn when we get a v0 control connection.


svn:r9530
2007-02-08 19:44:48 +00:00
Nick Mathewson
9c081ab976 r11715@catbus: nickm | 2007-02-08 14:07:03 -0500
Oops; the change in tor_version_is_obsolete broke a unit test.


svn:r9529
2007-02-08 19:44:36 +00:00
Nick Mathewson
85d3c2fbaf r11702@catbus: nickm | 2007-02-08 02:10:19 -0500
Wow. Remember when I wrote that script to tell me about macros that were never used?  Good times.


svn:r9525
2007-02-08 07:24:15 +00:00
Nick Mathewson
1e2d5f30ff r11700@catbus: nickm | 2007-02-08 02:03:50 -0500
Fix several bugs in computing recommended versions. 1) refactor is-this-version-good handling and which-vesions-are-good handling to be in the same place. 2) a version is recommended if more than half of the versioning authorities like it, not >= half.  3) "NEW_IN_SERIES" should mean, "I don't know of an 0.1.1.x this recent, and there are some 0.1.2.x versions out", not "I don't know of an 0.1.1.x this recent, but I know some older ones."  This should resolve bug 383.


svn:r9523
2007-02-08 07:24:06 +00:00
Nick Mathewson
a24b9e6a66 r11694@catbus: nickm | 2007-02-07 13:25:01 -0500
Fix patch for 9510: never call control_event_stream_status on an exit connection. Should fix assert() noticed by xiando.


svn:r9514
2007-02-07 18:25:04 +00:00
Nick Mathewson
2e6feb646b r11686@catbus: nickm | 2007-02-07 01:50:14 -0500
Set hibernate_end_time whenever we start hibernating.  This fixes a problem where we would start hibernating upon startup (since it isn't time to wake up yet) but we would wind up setting the "stop hibernating" time not to the wakeup time, but to the end of the interval.  Also, split hibernate_end_time from shutdown_time. Possible fix for bug 362.


svn:r9512
2007-02-07 06:54:33 +00:00
Nick Mathewson
071738c2d5 r11673@catbus: nickm | 2007-02-06 14:40:07 -0500
Report stream end events where a resolve succeeded or where we got a socks protocol error correctly, rather than calling both of them "INTERNAL".  Turn ALREADY_SOCKS_REPLIED into a flag rather than a reason.  This will help debug 367 part 2 a little.


svn:r9511
2007-02-07 06:54:27 +00:00
Nick Mathewson
026c11c42e r11672@catbus: nickm | 2007-02-06 14:16:56 -0500
Fix third case of bug 367: make circuit get sent along with END_STREAM_REASON_DESTROY stream CLOSED events.


svn:r9510
2007-02-07 06:54:22 +00:00
Nick Mathewson
295f6d4e0f r11676@catbus: nickm | 2007-02-07 00:10:00 -0500
(Hopefully) final changes for 0.1.2.7-alpha: disable checking for whether the user account in question exists on --service install, since that seems to make windows go boom.  We can figure out why later.  Also, let the admin specify a password for the target user.


svn:r9506
2007-02-07 05:10:58 +00:00
Roger Dingledine
7828927a58 Only rewrite a conn's address based on X-Forwarded-For: headers
if it's a parseable public IP address; and stop adding extra quotes
to the resulting address.


svn:r9505
2007-02-07 03:40:06 +00:00
Roger Dingledine
690c9cc887 make a log message make more sense
svn:r9504
2007-02-07 02:55:34 +00:00
Nick Mathewson
534baec4a1 r11674@catbus: nickm | 2007-02-06 17:00:22 -0500
Remove a now-bogus assert() from nt_service_command_line(), and change option handling.  (Now that we no longer force a -f, it is possible to have no command-line options for Tor-as-service.)


svn:r9503
2007-02-06 22:00:25 +00:00
Nick Mathewson
c4faebfa6d r11667@catbus: nickm | 2007-02-06 13:36:18 -0500
The --service install code can no longer default to adding an -f option for the appdata directory of the current user, since the target user probably will not be able to read it.  Instead, warn the user if no explicit torrc filename is given.


svn:r9502
2007-02-06 18:36:26 +00:00
Nick Mathewson
f4a1c17e5a r11666@catbus: nickm | 2007-02-06 13:17:24 -0500
Implement an --ignore-missing-torrc option


svn:r9501
2007-02-06 18:36:21 +00:00
Nick Mathewson
0c4ab00658 r11664@catbus: nickm | 2007-02-06 11:55:37 -0500
More win32 account flumdummery: when LocalService exists, you can't detect it via LookupAccountName.  The only good test is to see whether we're on win2k or earlier.
 Apparently, somebody wouldn't know where to draw the line between implementation and interface if you gave them tracing paper and a copy of Stevens.


svn:r9499
2007-02-06 16:55:42 +00:00
Roger Dingledine
da5cd33ab8 stop crashing on nt service install; but matt says still not right
svn:r9496
2007-02-06 04:58:56 +00:00
Roger Dingledine
4ba57f68e4 more changes. i'm all caught up now.
svn:r9495
2007-02-06 02:49:07 +00:00
Roger Dingledine
9aa8e490f8 cleanups based on looking through svn commits
svn:r9491
2007-02-06 00:27:03 +00:00
Nick Mathewson
e0acb45b86 r11650@catbus: nickm | 2007-02-05 17:02:54 -0500
Resolve (I hope) remaining nt service compilation issues.


svn:r9489
2007-02-05 22:02:58 +00:00
Nick Mathewson
d930440ae5 r11648@catbus: nickm | 2007-02-05 16:48:50 -0500
Fix bugs in last nt services patch: syntax, typename.


svn:r9488
2007-02-05 21:48:53 +00:00
Nick Mathewson
8b238404de r11646@catbus: nickm | 2007-02-05 16:15:48 -0500
Make default NT service user be LocalService.  Again, I have no idea if this compiles, let alone if it works.


svn:r9487
2007-02-05 21:15:52 +00:00
Nick Mathewson
337fdb7eb6 r11643@catbus: nickm | 2007-02-05 15:44:59 -0500
Fix bug 254, sort of: make the default NT service user NetworkService rather than NULL (system).  Also, add a --user argument to --service install so that admins can override this default: this latter point should take care of most of my objections to NetworkService.  I have no idea whether this even compiles.


svn:r9486
2007-02-05 20:45:02 +00:00
Nick Mathewson
47ff0c7fc1 r11641@catbus: nickm | 2007-02-05 13:59:26 -0500
Add a REMAP state to stream events so that controllers can learn exactly when the target address for a stream has changed.  May help Vidalia resolve confusions related to bug 375.


svn:r9484
2007-02-05 19:15:13 +00:00
Nick Mathewson
f02be02356 r11639@catbus: nickm | 2007-02-05 13:33:38 -0500
Add documentation to src/common/*.h; improve documentation for SMARTLIST_FOREACH; remove never-used options and corresponding tests from tor_strpartition.


svn:r9483
2007-02-05 18:33:52 +00:00
Nick Mathewson
03ef2156c9 r11637@catbus: nickm | 2007-02-05 12:41:51 -0500
Fix an XXXX012, and make circuits_pending_or_conns a static variable.  In addition to cleaning up the code, this may also resolve Bug 386 if Roger has the right intuition there.


svn:r9482
2007-02-05 17:42:40 +00:00
Nick Mathewson
6149ab01f8 r12129@Kushana: nickm | 2007-02-03 09:57:36 -0500
Update assert_connection_ok() to match the "block tunnelled dir conn if the or conn is full" logic.  This may fix bug 385.


svn:r9479
2007-02-03 14:57:47 +00:00
Nick Mathewson
275109d8b0 r11631@catbus: nickm | 2007-02-02 15:39:53 -0500
Add missing return statement.


svn:r9478
2007-02-02 20:39:55 +00:00
Nick Mathewson
fefba95363 r11629@catbus: nickm | 2007-02-02 15:06:17 -0500
Removing the last DOCDOC comment hurt so much that I had to use Doxygen to identify undocumented macros and comments, and add 150 more DOCDOCs to point out where they were.  Oops.  Hey, kids!  Fixing some of these could be your first Tor patch!


svn:r9477
2007-02-02 20:06:43 +00:00
Nick Mathewson
e521c96cb1 r12123@Kushana: nickm | 2007-02-02 13:57:42 -0500
Resolve remaining DOCDOC comments.


svn:r9476
2007-02-02 18:58:11 +00:00
Nick Mathewson
07e6eecdb2 r12122@Kushana: nickm | 2007-02-02 10:41:39 -0500
Fail when we are unable to parse the nameserver configuration.


svn:r9475
2007-02-02 18:58:04 +00:00
Nick Mathewson
8507699256 r11624@catbus: nickm | 2007-02-01 13:17:35 -0500
Note a few questionable bits pointed out by RATS.  (And no, RATS, I'm not about to stop having fixed-sized local buffers for you.  I know how to use them, thankyouverymuch.)


svn:r9474
2007-02-01 18:33:02 +00:00
Nick Mathewson
6f2a92c5b3 r11621@catbus: nickm | 2007-02-01 13:09:18 -0500
Fix another VC compiler warning.


svn:r9473
2007-02-01 18:09:34 +00:00
Nick Mathewson
5cb99857bc r11620@catbus: nickm | 2007-02-01 13:06:27 -0500
Call stat() slightly less often; use fstat() when possible.


svn:r9472
2007-02-01 18:09:27 +00:00
Nick Mathewson
e7ac17fdf5 r11613@catbus: nickm | 2007-01-30 19:58:03 -0500
Re-enable server side PTR-record cacheing.


svn:r9468
2007-01-31 00:58:06 +00:00
Nick Mathewson
49b5e5cf9c r11610@catbus: nickm | 2007-01-30 17:44:02 -0500
Fix a bug in our assertions related to removing recently-completed DNS lookup attempts on exit.  It is okay to find a cache entry with the same name as a DONE entry, so long it is not the same struct as the DONE entry.


svn:r9467
2007-01-30 22:44:24 +00:00
Nick Mathewson
76f896e714 r11607@catbus: nickm | 2007-01-30 17:19:27 -0500
Audit non-const char arguments; make a lot more of them const.


svn:r9466
2007-01-30 22:19:41 +00:00
Nick Mathewson
1894e7ea01 r11606@catbus: nickm | 2007-01-30 16:52:23 -0500
Write the entry guards section of path-spec; note a possible bug in cirbuitbuild.c; add a const; defer work on torrc.complete to be part of a bigger config documentation reorg.


svn:r9465
2007-01-30 22:19:31 +00:00
Nick Mathewson
a701cd7e97 r11591@catbus: nickm | 2007-01-29 17:31:02 -0500
Add an XXXX comment to dirserv.c so I can take it out of my todo email folder.


svn:r9459
2007-01-29 23:09:22 +00:00
Nick Mathewson
cd374f810c r11586@catbus: nickm | 2007-01-29 13:13:27 -0500
Add a couple of fixes I turned up while writing regression tests for libevent: Allow DNS servers on ports other than 53, and handle TTLs correctly on reverse hostname lookups.


svn:r9458
2007-01-29 18:13:42 +00:00
Nick Mathewson
ac0dbc3d9b r11585@catbus: nickm | 2007-01-29 11:26:03 -0500
Oops; fix compilation.


svn:r9457
2007-01-29 18:13:39 +00:00
Nick Mathewson
42d03890b4 r11584@catbus: nickm | 2007-01-29 11:25:40 -0500
Fix/update some XXX012 points.


svn:r9456
2007-01-29 18:13:37 +00:00
Nick Mathewson
21f5e06862 r11583@catbus: nickm | 2007-01-29 11:19:48 -0500
Make man page stop saying that BandwidthRate is for incoming bandwidth only; Add some XXX012s for config options that should maybe die.


svn:r9455
2007-01-29 18:13:34 +00:00
Roger Dingledine
f58678730c there's such a thing as too much indirection
svn:r9451
2007-01-28 08:06:00 +00:00
Roger Dingledine
1fea3a1e59 stop trying to hand 'platform' all around directory.c when we have a
bit in routerstatus_t that tells us what we need to know.


svn:r9448
2007-01-27 21:18:08 +00:00
Roger Dingledine
88796acf4b fix all the bugs i could find in nick's bridge dir commit.
let's hope i got them all.


svn:r9442
2007-01-27 20:44:09 +00:00
Roger Dingledine
d8d074f2e5 If the user asks to use invalid exit nodes, be willing to use the
unstable ones.


svn:r9441
2007-01-27 19:40:49 +00:00
Roger Dingledine
add7d7af19 Bring us one step closer to being able to establish an encrypted
directory tunnel without knowing a descriptor first. Still not
ready yet. As part of the change, now assume we can use a
create_fast cell if we don't know anything about a router.


svn:r9440
2007-01-27 19:29:16 +00:00
Roger Dingledine
b323126dda remove an XXX; add two more.
svn:r9438
2007-01-27 19:02:37 +00:00
Roger Dingledine
283c61e5d5 If the socks handshake hasn't started, don't send a
"DNS resolve socks failed" handshake reply; just close it.


svn:r9437
2007-01-27 18:56:13 +00:00
Roger Dingledine
baeeadb6eb avoid messy crashes (bugfix by nick)
svn:r9435
2007-01-27 18:33:33 +00:00
Roger Dingledine
c6fd3c7158 the other half of my patch. more coming later.
svn:r9434
2007-01-27 09:24:23 +00:00
Roger Dingledine
9057af692a Weight directory requests by advertised bandwidth. Now we can
let servers enable write limiting but still allow most clients to
succeed at their directory requests.


svn:r9433
2007-01-27 09:13:19 +00:00
Nick Mathewson
9984cad6e8 r11552@catbus: nickm | 2007-01-27 03:55:02 -0500
This one is a little tricky.  Our BEGIN_DIR implementation has a
 problem: the dirserv conns will decide they can flush all their data
 immediately, since the edge_conns will read greedily.
 
 For our 0.1.2 workaround, we track which or_conn a bridged dirserv
 conn is attached to, and stop writing when its outbuf is too full, and
 start writing again when the or_conn's outbuf empties out a little.
 
 This requires a bit of pointer management.  Let's hope it works.
 


svn:r9432
2007-01-27 08:55:06 +00:00
Nick Mathewson
152547be49 r11548@catbus: nickm | 2007-01-27 00:15:47 -0500
Fix two assert bugs encountered when trying ipv6 lookups with eventdns code.


svn:r9430
2007-01-27 05:15:53 +00:00
Roger Dingledine
e9f6456b2c Bugfix: If we're not marking exits as guards, ignore exit bandwidth
when we're deciding the required bandwidth to become a guard.


svn:r9423
2007-01-26 09:03:20 +00:00
Roger Dingledine
75a5fde460 Stop saying !is_internal_IP() when we really meant
connection_is_rate_limited(). One day this will be useful.


svn:r9422
2007-01-26 08:13:53 +00:00
Roger Dingledine
99c1771432 never refuse directory requests from local addresses
svn:r9421
2007-01-26 08:01:29 +00:00
Roger Dingledine
9d5449c52e Inform the server operator when we decide not to advertise a
DirPort due to AccountingMax enabled or a low BandwidthRate. It
was confusing Zax, so now we're hopefully more helpful.


svn:r9404
2007-01-25 19:41:15 +00:00
Nick Mathewson
75db2a61cb r11500@catbus: nickm | 2007-01-25 10:37:11 -0500
Fix argument types in printf: try to make buildbot happier.


svn:r9403
2007-01-25 15:37:14 +00:00
Roger Dingledine
bf9baa85a8 more hints as arma tracks down a polipo bug
svn:r9400
2007-01-24 23:58:41 +00:00
Nick Mathewson
71f47320f8 r11493@catbus: nickm | 2007-01-24 18:41:52 -0500
Use set_uint16/32 instead of raw assignments in order to make gcc happier.


svn:r9399
2007-01-24 23:42:00 +00:00
Nick Mathewson
5cd1f0680e r11287@catbus: nickm | 2007-01-23 20:30:04 -0500
Yet more documentation. (Again, trying to see whether I have buildbot working).


svn:r9396
2007-01-24 01:30:07 +00:00
Roger Dingledine
c716eefbca start tracking down a funny-looking log message
svn:r9395
2007-01-24 01:18:45 +00:00
Nick Mathewson
792f819212 r11285@catbus: nickm | 2007-01-23 19:43:50 -0500
More documentation. (Again, trying to see whether I have buildbot working).


svn:r9394
2007-01-24 00:43:52 +00:00
Nick Mathewson
2522c392bd r11283@catbus: nickm | 2007-01-23 19:20:47 -0500
Add documentation to dns.c (mainly to test new buildbot version)


svn:r9393
2007-01-24 00:20:49 +00:00
Nick Mathewson
79dd306527 r11278@catbus: nickm | 2007-01-23 14:22:27 -0500
More doxygen comments: this time mainly around spooling and storing directory information.


svn:r9392
2007-01-23 19:22:52 +00:00
Nick Mathewson
ba53e0029f r11277@catbus: nickm | 2007-01-23 14:08:08 -0500
When logging TLS certificate and identity-related errors, scrub IP addresses for incoming connections, and distinguish between incoming and outgoing connections in log messages.  Backport candidate.


svn:r9391
2007-01-23 19:22:49 +00:00
Nick Mathewson
c0c67d28f5 r9727@catbus: nickm | 2007-01-22 16:12:39 -0500
Remove redundant check for whether _connection_write_to_buf_impl is called with a zlib and a non-directory connection: TO_DIR_CONN will already assert if it gets a non-dir connection.


svn:r9390
2007-01-23 19:22:46 +00:00
Nick Mathewson
adc5bb4d04 r9723@catbus: nickm | 2007-01-22 15:47:17 -0500
Fix an XXXX012 in routerlist.c: when we do not have enough networkstatuses to launch router requests, do not launch router requests. Backport candidate.


svn:r9388
2007-01-22 20:57:26 +00:00
Roger Dingledine
9f733c31cc minor cleanups
svn:r9387
2007-01-22 19:20:33 +00:00
Nick Mathewson
36620ca056 r9718@catbus: nickm | 2007-01-22 14:13:00 -0500
Free CACHE_STATE_DONE cached_router_t items on dns_free_all().


svn:r9386
2007-01-22 19:13:02 +00:00
Nick Mathewson
84790d059f r9715@catbus: nickm | 2007-01-22 02:51:04 -0500
Document a few undocumented functions and arguments.


svn:r9385
2007-01-22 07:51:06 +00:00
Roger Dingledine
ab838bddb8 Flush local controller connection buffers periodically as we're
writing to them, so we avoid queueing 4+ megabytes of data before
trying to flush.

Also add a new XXX012.


svn:r9382
2007-01-22 06:07:51 +00:00
Roger Dingledine
7b5f9887fa resolve an XXX, add a new XXX, simplify some code
svn:r9381
2007-01-22 05:59:59 +00:00
Nick Mathewson
033e20ca0b r9709@catbus: nickm | 2007-01-21 21:34:03 -0500
Fix memory leak on networkstatus 503.


svn:r9380
2007-01-22 02:34:50 +00:00
Nick Mathewson
e0ae28d0cd r9701@catbus: nickm | 2007-01-21 13:21:25 -0500
Detect and reject another (harmless) class of DNS replies.  Also, fix a couple of IPv6 bugs in evendns.c


svn:r9379
2007-01-21 18:21:39 +00:00
Nick Mathewson
ff62a4d91b r9692@catbus: nickm | 2007-01-21 12:04:22 -0500
Detect pointer loops in DNS requests and replies; avoid infinite loop on such malformed replies.  Fixes bug 380.


svn:r9378
2007-01-21 17:05:10 +00:00
Roger Dingledine
bcbd289af5 If our system clock jumps back in time, don't publish a negative
uptime in the descriptor. Also, don't let the global rate limiting
buckets go absurdly negative.


svn:r9377
2007-01-21 06:24:05 +00:00
Nick Mathewson
c57ef84fc5 r11987@Kushana: nickm | 2007-01-19 14:57:28 -0500
Implement SOCKS_BAD_HOSTNAME status event. Defer remaining status events.  Clean up control-spec.txt a little, and fill in recommendations for events.


svn:r9374
2007-01-19 21:25:32 +00:00
Roger Dingledine
060be4c62b man, i could have sworn that compiled
svn:r9369
2007-01-18 03:42:45 +00:00
Roger Dingledine
a3eaabfeb2 Be willing to read or write on local connections (e.g. controller
connections) even when the global rate limiting buckets are empty.


svn:r9368
2007-01-18 03:38:24 +00:00
Roger Dingledine
cb472fc550 break out the big guns: reject dir requests much more
aggressively. my vidalia bandwidth graph, when rate limiting
to 32kB/s, has the "write" line constantly at 32kB. I can't
imagine what's going on with the relay latency but it can't
be good.


svn:r9366
2007-01-17 01:29:54 +00:00
Roger Dingledine
8662f18102 boots and suspenders, or whatever the idiom is
svn:r9365
2007-01-17 00:14:43 +00:00
Nick Mathewson
a36ec61fd7 r11983@Kushana: nickm | 2007-01-16 10:28:47 -0500
Be even more clever about severity of messages from eventdns: NOTICE when the first nameserver comes up; INFO on subsequent ones.


svn:r9364
2007-01-16 17:39:08 +00:00
Nick Mathewson
093d71762c r11978@Kushana: nickm | 2007-01-15 18:54:25 -0500
Apparently, the OpenBSD linker thinks it knows C better than I do, and gets to call me names for having strcat and strcpy and sprintf in my code--whether I use them safely or not.  All right, OpenBSD.  You win... this round.


svn:r9360
2007-01-15 23:56:38 +00:00
Nick Mathewson
11ed4500de r11975@Kushana: nickm | 2007-01-15 17:11:15 -0500
set or_conn->tls_error to 0 on non-error to avoid looking at stale errors.


svn:r9359
2007-01-15 22:11:21 +00:00
Nick Mathewson
db6f0f3617 r11973@Kushana: nickm | 2007-01-15 16:43:25 -0500
Answer questions from r9348.


svn:r9358
2007-01-15 21:44:59 +00:00
Nick Mathewson
23c18f1dc2 svn:r9357 2007-01-15 21:21:21 +00:00
Nick Mathewson
af857f2da5 r11967@Kushana: nickm | 2007-01-15 16:13:15 -0500
tidy up more whitespace issues


svn:r9356
2007-01-15 21:21:14 +00:00
Nick Mathewson
380f8983c7 r11966@Kushana: nickm | 2007-01-15 16:12:17 -0500
Tidy up ORCONN reason patch from Mike Perry.  Changes: make some of the handling of TLS error codes less error prone.  Enforce house style wrt spaces.  Make it compile with --enable-gcc-warnings.  Only set or_conn->tls_error in the case of an actual error.  Add a changelog entry.


svn:r9355
2007-01-15 21:21:05 +00:00
Nick Mathewson
ead35ef944 r11957@Kushana: nickm | 2007-01-15 15:25:57 -0500
Patch from Mike Perry: Track reasons for OR connection failure; display them in control events. Needs review and revision.


svn:r9354
2007-01-15 21:13:37 +00:00
Roger Dingledine
37b5132ad8 Expire socks connections if they spend too long waiting for the
handshake to finish. Previously we would let them sit around for
days, if the connecting application didn't close them either.

Also take this opportunity to refactor a duplicate bit of circuituse.c.

And change the semantics of SocksTimeout slightly, but I think it'll
be ok.


svn:r9350
2007-01-15 09:09:03 +00:00
Roger Dingledine
a9c250837e patch from edmanm to make "-nt-service" command-line work too
svn:r9349
2007-01-15 08:52:01 +00:00
Roger Dingledine
cf7069fca4 two more todo items, to make eventdns log messages less loud
svn:r9348
2007-01-15 08:40:50 +00:00
Andrew Lewman
930e12920d Update copyright in config.c while I'm there. Update man page to
reflect all available options to tor binary.


svn:r9341
2007-01-13 05:09:09 +00:00
Nick Mathewson
c1b5f53679 r11938@Kushana: nickm | 2007-01-11 11:02:28 -0500
Check addresses for rfc953-saneness at exit too, and give a PROTOCOL_WARN when they fail.  Also provide a mechanism to override this, so blossom can have its @@##$$^.whatever.exit hostnames if it wants.


svn:r9336
2007-01-11 16:02:39 +00:00
Nick Mathewson
3dfeaaaf6e r11931@Kushana: nickm | 2007-01-11 09:12:49 -0500
Fix a crash bug in the presence of DNS hijacking.


svn:r9333
2007-01-11 14:13:13 +00:00
Nick Mathewson
0c77ae2fcb r11930@Kushana: nickm | 2007-01-11 09:05:27 -0500
fix recently-introduced segfault when not running as a dirserver


svn:r9332
2007-01-11 14:13:04 +00:00
Roger Dingledine
7beb0fd5dd Make the unit tests work again.
The foo_init() funcs need to happen before we call
options_act() and friends.


svn:r9331
2007-01-11 01:41:07 +00:00
Roger Dingledine
35bd6caa1a Fix crash with "tor --list-fingerprint" (reported by seeess).
svn:r9328
2007-01-10 23:48:24 +00:00
Nick Mathewson
8835bb844e r11922@Kushana: nickm | 2007-01-10 15:43:18 -0500
Clear untrusted networkstatuses after 10 days too.  (This is not a terribly awful bug, since we would only ever retain 16 of them, but it still might be nice to backport.)  Resolves part A of bug 372.


svn:r9324
2007-01-10 20:43:40 +00:00
Nick Mathewson
9937695598 r11919@Kushana: nickm | 2007-01-10 13:32:48 -0500
Add some defensive programming to eventdns.c in an attempt to catch possible memory stomping bugs.


svn:r9322
2007-01-10 19:49:21 +00:00
Nick Mathewson
ceefc1e9a7 r11914@dhcp-18-188-69-59: nickm | 2007-01-10 11:20:59 -0500
Base skew calculation on conn->timestamp_lastwritten, not on now.


svn:r9319
2007-01-10 16:33:40 +00:00
Roger Dingledine
794fedb0ad some cleanups. more probably remain, but hey, it's an alpha.
time to put out the bugfix release.


svn:r9309
2007-01-09 05:14:34 +00:00
Roger Dingledine
c85ff4d6ab Fix an assert error introduced in 0.1.2.5-alpha: if you're an
advertised exit node, somebody might try to exit from you when
you're bootstrapping and before you've built your descriptor yet.


svn:r9305
2007-01-09 00:37:13 +00:00
Nick Mathewson
5239602dbc r11873@Kushana: nickm | 2007-01-06 02:32:18 -0500
Implement DNS-related status events.


svn:r9285
2007-01-06 07:34:07 +00:00
Nick Mathewson
bc14afe064 r11872@Kushana: nickm | 2007-01-06 02:14:12 -0500
Implement a control status event for bad libevent version/method combos.  Warn that libevent <1.1 with select() is needlessly slow.  Reply to comment.


svn:r9284
2007-01-06 07:34:02 +00:00
Nick Mathewson
03d6e98111 r11868@Kushana: nickm | 2007-01-06 01:32:55 -0500
Document how we set Guard a little better.


svn:r9283
2007-01-06 06:32:59 +00:00
Nick Mathewson
d6073cc7fa r11864@Kushana: nickm | 2007-01-06 01:25:59 -0500
Fix an XXXX012 in connection.c: prevent overflows on unfeasibly-high-bandwidth servers on 32-bit architectures.


svn:r9282
2007-01-06 06:27:15 +00:00
Nick Mathewson
aa7b72c97d r11863@Kushana: nickm | 2007-01-06 01:12:24 -0500
Fix computation of total_exit_bandwidth; this will cause exits not to get recommended as guards if the total exit bandwidth if they constitute less than a third of total available bandwidth.  There may be problems here with flapping; lets see if they occur in practice.


svn:r9281
2007-01-06 06:26:53 +00:00
Nick Mathewson
336624ce8f r11862@Kushana: nickm | 2007-01-06 01:05:15 -0500
Re-enable warning when we resolve an already resolved address.  We only warn here now if the address is not a testing address.  Also, refactor out a function to check whether an address is used for testing.


svn:r9280
2007-01-06 06:26:46 +00:00
Nick Mathewson
c8466c5919 r11824@Kushana: nickm | 2007-01-03 17:15:28 -0500
control-spec: upcase arguments in status events; note unimplemented events individually
 r11825@Kushana:  nickm | 2007-01-03 17:41:43 -0500
 Implement EXTERNAL IP server status event.
 r11826@Kushana:  nickm | 2007-01-03 17:47:10 -0500
 Implement BAD_SERVER_DESCRIPTOR server status event.
 r11827@Kushana:  nickm | 2007-01-03 18:01:56 -0500
 Implement SOCKS_UNKNOWN_PROTOCOL and DANGEROUS_SOCKS client events.
 r11828@Kushana:  nickm | 2007-01-03 18:23:22 -0500
 Implement BUG controller events. Also, flush ERR-level status events just like ERR-level log messages.
 r11829@Kushana:  nickm | 2007-01-03 23:37:27 -0500
 Yet more status events: CLOCK_SKEW, GOOD/ACCEPTED_SERVER_DESCRIPTOR, {CHECKING_}REACHABILITY_{SUCCEEDED|FAILED}
 r11833@Kushana:  nickm | 2007-01-05 16:56:37 -0500
 Note some unimplementedness in control-spec.txt


svn:r9279
2007-01-06 05:42:31 +00:00
Nick Mathewson
135aed5670 r11850@Kushana: nickm | 2007-01-05 17:12:08 -0500
Look in netinet/in6.h header when looking for struct in6_addr. (Issue found by saeftl.)


svn:r9272
2007-01-05 22:12:15 +00:00
Roger Dingledine
48a9fe4bbd be a bit less eager to reject v1 dir requests due to load
svn:r9271
2007-01-05 06:59:36 +00:00
Roger Dingledine
ee0d2d486d fix a bug, defer a bug, bump to 0.1.2.5-alpha
svn:r9270
2007-01-05 06:30:31 +00:00
Roger Dingledine
658c09c06f more progress and cleanups
svn:r9269
2007-01-05 06:03:10 +00:00
Roger Dingledine
466650aa14 when we added orport= to the dirserver line, we started
freeing the string in the middle. this was probably xiando's
crash bug.


svn:r9265
2007-01-05 01:23:34 +00:00
Roger Dingledine
7b88380690 Avoid a double-free when parsing malformed DirServer lines.
svn:r9264
2007-01-05 01:12:10 +00:00
Roger Dingledine
5e89bc9b4b fix a bug i introduced in r9249; and more cleanups.
svn:r9263
2007-01-04 09:12:23 +00:00
Roger Dingledine
a66d86149b avoid a crash-all-the-clients segfault if a rogue dir
authority leaves a "v" line blank.


svn:r9262
2007-01-04 06:36:43 +00:00
Roger Dingledine
da2ff14839 Set orport= for 4 of the 5 dir authorities; Fix getinfo ns/all; Fix seg
fault when starting a server without a fingerprint file present.


svn:r9261
2007-01-04 05:41:24 +00:00
Roger Dingledine
50f0e36094 man page entries for TunnelDirConns and PreferTunneledDirConns
and add a todo item for nick in case he gets bored :)


svn:r9260
2007-01-04 04:35:18 +00:00
Roger Dingledine
88c3c84bda be slightly less eager to yell at a server for being unreachable
svn:r9259
2007-01-03 23:58:03 +00:00
Nick Mathewson
2963d4acc2 r11820@Kushana: nickm | 2007-01-03 14:54:05 -0500
Add (and specify) a BadDirectory flag to networkstatuses, so authorities can tell clients that some caches are broken.  Also, implement an as-yet-unused function to estimate how many bytes will be sent on a directory connection.


svn:r9255
2007-01-03 19:58:00 +00:00
Nick Mathewson
931e555ef9 r11818@Kushana: nickm | 2007-01-03 08:29:17 -0500
Fix compile error with warnings enabled: connection_dir_supports_tunnels was redeclared as static.


svn:r9254
2007-01-03 13:29:30 +00:00
Roger Dingledine
50e36dc11b more cleanups, including a shiny new XXX012
svn:r9250
2007-01-03 10:30:26 +00:00
Roger Dingledine
d677332a83 checkpoint as we add PreferTunneledDirConns config option
svn:r9249
2007-01-03 06:33:03 +00:00
Nick Mathewson
eebbfbc854 r11806@Kushana: nickm | 2007-01-03 00:12:21 -0500
Fix unit test broken by r9239.


svn:r9248
2007-01-03 05:12:26 +00:00
Roger Dingledine
9545bbf57f - When the user uses bad syntax in the Log config line, stop
suggesting other bad syntax as a replacement.


svn:r9247
2007-01-03 03:56:17 +00:00
Roger Dingledine
7396b8eecf interim tweaks
svn:r9246
2007-01-03 03:45:53 +00:00
Nick Mathewson
f5b984a36f r11800@Kushana: nickm | 2007-01-02 16:46:45 -0500
Remove an XXXX012 for which the answer is "not really."


svn:r9244
2007-01-02 21:47:28 +00:00
Nick Mathewson
cbdd21cbf5 r11799@Kushana: nickm | 2007-01-02 16:38:34 -0500
Simplify and remove most of dirserv_orconn_tls_cone 


svn:r9243
2007-01-02 21:47:21 +00:00
Nick Mathewson
2caeaf4e2f r11787@Kushana: nickm | 2007-01-02 14:40:14 -0500
Stop polluting new descriptors with the defaults-to-1 "opt eventdns" entry.


svn:r9239
2007-01-02 20:08:03 +00:00
Nick Mathewson
75eca91459 r11786@Kushana: nickm | 2007-01-02 14:32:54 -0500
Add a comment about a possible refactoring in main.c


svn:r9238
2007-01-02 20:07:54 +00:00
Andrew Lewman
4f565b73ef Fix formatting in eventdns.c. Remove the rest of the osx binary
uninstaller.


svn:r9235
2007-01-02 06:26:42 +00:00
Nick Mathewson
722a3ab544 r11784@Kushana: nickm | 2007-01-02 01:13:04 -0500
Spec-conformance on r9181: make "opt v" strings start with "Tor".


svn:r9233
2007-01-02 06:13:10 +00:00
Nick Mathewson
6ae3ba9b2d r11777@Kushana: nickm | 2007-01-01 21:01:10 -0500
Fix an idiot bug in r9181: snprintf returns <0 on error, not !=0.


svn:r9232
2007-01-02 02:01:15 +00:00
Nick Mathewson
46092f8163 r11765@Kushana: nickm | 2006-12-29 16:04:22 -0500
Remove duplicated code in dirserv_get_networkstatus_v2; document dirserv_get_networkstatus_v2_fingerprints. Down to 13 XXXX012 items.


svn:r9220
2006-12-30 02:41:14 +00:00
Nick Mathewson
c54b7c4d56 r11761@Kushana: nickm | 2006-12-29 15:45:56 -0500
Another cleanup: expand_exit_policy_aliases was totally redundant with respect to router_parse_[private_]addr_policy_private.


svn:r9219
2006-12-29 20:50:24 +00:00
Nick Mathewson
7ee99ba342 r11759@Kushana: nickm | 2006-12-29 15:21:14 -0500
Actually, handle_getinfo_helper supports 552 results just fine: just leave *answer unset.


svn:r9217
2006-12-29 20:49:47 +00:00
Nick Mathewson
e3d5e4fcae Okay, now descriptors seem to be buildable.
svn:r9216
2006-12-29 17:10:29 +00:00
Nick Mathewson
2741dd5741 r11755@Kushana: nickm | 2006-12-29 11:49:20 -0500
Calculate the length of policy strings correctly again.


svn:r9215
2006-12-29 16:49:33 +00:00
Nick Mathewson
a77bbe2346 r11753@Kushana: nickm | 2006-12-29 11:30:28 -0500
Fix flipped sign in compare: make descriptors buildable again.


svn:r9214
2006-12-29 16:31:37 +00:00
Nick Mathewson
6fbf17e7b0 r11749@Kushana: nickm | 2006-12-29 00:51:42 -0500
Remove dead code; make targets of addressmap commands/configs use AllowNonRFC953Hostnames


svn:r9211
2006-12-29 05:51:50 +00:00
Nick Mathewson
0e172d9f6e r11745@Kushana: nickm | 2006-12-29 00:00:28 -0500
Close any directory connection on which we have received 10MB or more of data.  This prevents a malicious directory cache from running us out of memory by spooling an infinite amount of data.  (Not a terribly good attack, but hey, every one helps.)


svn:r9210
2006-12-29 05:07:25 +00:00
Nick Mathewson
8728e2826f r11744@Kushana: nickm | 2006-12-28 23:43:53 -0500
Refactor connection_write_to_buf_zlib back into connection_write_to_buf.  Hooray for dumping duplicate code.


svn:r9209
2006-12-29 05:07:04 +00:00
Nick Mathewson
26c0d6ec58 r11743@Kushana: nickm | 2006-12-28 23:13:21 -0500
Refactor _connection_controller_force_write back into conncetion_handle_write.  Again, the line count goes down: groovy!


svn:r9208
2006-12-29 05:06:47 +00:00
Nick Mathewson
361998d0f3 r11741@Kushana: nickm | 2006-12-28 22:41:29 -0500
Count TLS bytes accurately: previously, we counted only the number of bytes read or transmitted via tls, not the number of extra bytes used to do so.  This has been a lonstanding wart.  The fix "Works for me".


svn:r9207
2006-12-29 03:42:46 +00:00
Nick Mathewson
7cfdac1bf6 r11737@Kushana: nickm | 2006-12-28 18:32:13 -0500
Remove some dead code; refactor some duplicated code.


svn:r9206
2006-12-29 02:49:12 +00:00
Nick Mathewson
b59573949e r11736@Kushana: nickm | 2006-12-28 17:46:23 -0500
Mark a pile of XXXX comments as targetted for 0.1.2: some because they look important, some because they look easy.


svn:r9205
2006-12-29 02:47:51 +00:00
Nick Mathewson
0bbbf98be4 r11727@Kushana: nickm | 2006-12-28 16:27:17 -0500
If we only have a single nameserver, raise the threshold to decide that the nameserver is dead.  (Another fumbling attempt to do something about bug 326.)


svn:r9203
2006-12-28 21:29:37 +00:00
Nick Mathewson
3996fd1d9d r11726@Kushana: nickm | 2006-12-28 16:24:06 -0500
Expose a function from eventdns.c to set options without having to make a fake configuration file.  Also, add more settable options


svn:r9202
2006-12-28 21:29:31 +00:00
Nick Mathewson
460a476efa r11725@Kushana: nickm | 2006-12-28 14:44:56 -0500
Partial solution to 326: downgrade single-nameserver failures to INFO.


svn:r9201
2006-12-28 21:29:26 +00:00
Nick Mathewson
d9f1f3533d r11724@Kushana: nickm | 2006-12-28 14:22:35 -0500
Refactor and unify my-ip-addr-changed logic.  Make change in IP address or in nameservers reset and relaunch DNS hijacking tests.


svn:r9200
2006-12-28 21:29:20 +00:00
Nick Mathewson
e5f5b96ca6 r11723@Kushana: nickm | 2006-12-28 13:52:48 -0500
Fix bug 364: check for whether popular hostnames (curently google, yahoo, mit, and slashdot) are getting wildcarded.  If they are, we are probably behind a DNS server that is useless: change our exit policy to reject *:*.


svn:r9199
2006-12-28 21:29:11 +00:00
Nick Mathewson
1df04d70f7 r11718@Kushana: nickm | 2006-12-26 16:57:44 -0500
Add client-side caching for reverse DNS.


svn:r9194
2006-12-26 22:41:43 +00:00
Nick Mathewson
58ae3cd648 r11713@Kushana: nickm | 2006-12-24 22:42:08 -0500
Better handling of internal addresses wrt X-Your-Address-Is (never believe them; never provide them.) Also, report something useful for X-Your-Address-Is with one-hop tunneled connections.


svn:r9191
2006-12-25 03:42:38 +00:00
Nick Mathewson
3ab84c5f48 r11711@Kushana: nickm | 2006-12-24 21:42:57 -0500
Stop counting 503s against the total number of failures allowed for a download.


svn:r9190
2006-12-25 02:47:37 +00:00
Nick Mathewson
a71a5d4bf2 r11706@Kushana: nickm | 2006-12-24 01:50:52 -0500
Fix 2 bugs in last patch.  (VS has weird ideas about const, and I have weird ideas about block structure.)


svn:r9186
2006-12-24 06:50:57 +00:00
Nick Mathewson
bae366eff0 r11702@Kushana: nickm | 2006-12-24 01:31:59 -0500
Patch from Edmanm, slightly modified.  Original change list:
   - Support running the Tor service with a torrc not in the
     same directory as tor.exe (Bug #356) and default to using the torrc
     located in the %appdata%\Tor\ of the user who installed the service
   - Removed the supposedly misleading error message mentioned in Bug #294
   - Fixed some CloseHandle()s that should've been CloseServiceHandle()s
   - Fixed some nt_service_foo() return values to be consistent
   - Resolved some nt_service_foo() DOCDOCs
   - Fixed one trivial typo that I happened to randomly notice
 
 Changes:
   - Make more comments into "imperative" house style.
   - Remove special handling for "-f"; only use --options.
   - Quote all options.
   - Clean up whitespace
 


svn:r9185
2006-12-24 06:32:24 +00:00
Nick Mathewson
c12a1f1e3a r11701@Kushana: nickm | 2006-12-24 01:24:39 -0500
fix warning on win32.


svn:r9184
2006-12-24 06:32:20 +00:00
Nick Mathewson
2e538d9918 r11694@Kushana: nickm | 2006-12-23 23:09:20 -0500
Add a version entry to networkstatus documents; have this entry get parsed and used to calculate whether begin_dir is supported.


svn:r9181
2006-12-24 04:09:48 +00:00
Nick Mathewson
339384238c r11693@Kushana: nickm | 2006-12-23 22:42:11 -0500
Stop requiring the "opt" keyword before unrecognized directory items.


svn:r9180
2006-12-24 04:09:42 +00:00
Nick Mathewson
baac5389a1 r11690@Kushana: nickm | 2006-12-23 22:09:53 -0500
Hmm. Maybe I should have been compiling these before I checked them in.


svn:r9178
2006-12-24 03:09:58 +00:00
Nick Mathewson
d76b2a4ec0 r11688@Kushana: nickm | 2006-12-23 22:08:36 -0500
Fix "r may be used uninitialized" warning from last patch.


svn:r9177
2006-12-24 03:08:44 +00:00
Nick Mathewson
bf1014692f r11686@Kushana: nickm | 2006-12-23 22:05:57 -0500
More changes wrt unnecessary disk writes.


svn:r9176
2006-12-24 03:06:03 +00:00
Nick Mathewson
f3fd5d9032 r11680@Kushana: nickm | 2006-12-23 21:45:05 -0500
Remove code to look for keys in their old locations: we havent stored them there since 0.0.7.2.


svn:r9175
2006-12-24 02:45:53 +00:00
Nick Mathewson
bba5a3533f r11679@Kushana: nickm | 2006-12-23 21:38:41 -0500
Update the state file less often when AvoidDiskWrites is set.


svn:r9174
2006-12-24 02:45:46 +00:00
Nick Mathewson
9efdf6acc5 r11677@Kushana: nickm | 2006-12-23 21:17:54 -0500
Track when we get 503s from directory servers.  Do not use directory servers that have given us a 503 until either an hour has passed, or we are are out of non-busy servers.


svn:r9172
2006-12-24 02:45:35 +00:00
Nick Mathewson
4d948281c3 r11676@Kushana: nickm | 2006-12-23 20:42:17 -0500
Add an orport option to dirserver lines so that clients can tell where to connect to open an encrypted tunnel to a dirserver even before they have its descriptor.


svn:r9171
2006-12-24 02:45:27 +00:00
Roger Dingledine
488b4726a7 reinstate the most important dead chickens for limiting
impact of directory writes now that we're write limiting.

a few more dead chickens remain.


svn:r9170
2006-12-23 08:48:16 +00:00
Nick Mathewson
bf74dcd855 r11658@Kushana: nickm | 2006-12-20 15:58:44 -0500
Remove long-deprecated log and accounting options.


svn:r9164
2006-12-20 21:02:10 +00:00
Nick Mathewson
2e1e919d65 r11657@Kushana: nickm | 2006-12-20 15:11:19 -0500
Fixes to check-docs script; add some docs; mark some options as deprecated in the online docs.


svn:r9163
2006-12-20 21:02:02 +00:00
Nick Mathewson
e9ad1650c0 r11651@Kushana: nickm | 2006-12-20 12:05:04 -0500
Add a maintainer script and a new make target "make check-docs" to get a quick dump of which options are undocumented where, and which documentation refers to nonexistent options.


svn:r9160
2006-12-20 17:05:48 +00:00
Roger Dingledine
00257212c7 Take out the '5 second' timeout from the connection retry
schedule. Now the first connect attempt will wait a full 10
seconds before switching to a new circuit. Perhaps this will help
a lot. Based on observations from Mike Perry.


svn:r9159
2006-12-20 09:43:28 +00:00
Roger Dingledine
858d7295e7 minor cleanups
svn:r9158
2006-12-20 09:25:58 +00:00
Nick Mathewson
baadf35c63 r11646@Kushana: nickm | 2006-12-19 14:40:38 -0500
Resolve bug 363: do not fall back to 127.0.0.1 when no nameservers are configured.  Instead, have the admin fix resolv.conf or configure a nameserver.


svn:r9157
2006-12-19 19:49:03 +00:00
Nick Mathewson
bf6702cf8b r11645@Kushana: nickm | 2006-12-19 14:22:36 -0500
Reject hostnames with invalid characters, in an attempt to catch more errors earlier.  Add an option to disable this behavior.


svn:r9156
2006-12-19 19:48:58 +00:00
Nick Mathewson
280692d65f r11643@Kushana: nickm | 2006-12-19 13:15:14 -0500
Stop recommmending exits as guards when the exit bandwidth is less than a third of the total bandwidth.


svn:r9154
2006-12-19 19:48:48 +00:00
Roger Dingledine
e66b6f0d50 Reject *:563 (NTTPS) in the default exit policy. We already reject
NNTP by default, so this seems like a sensible addition.
(suggested by bug 331)


svn:r9149
2006-12-18 08:25:34 +00:00
Roger Dingledine
ad5ce3c7ed fix whitespace; add a todo item
svn:r9148
2006-12-18 08:24:22 +00:00
Nick Mathewson
973baa1673 r11630@Kushana: nickm | 2006-12-17 22:02:24 -0500
Add a typedef to (try to) make eventdns work on mingw.  Man, I need a buildbot for this.


svn:r9147
2006-12-18 03:02:30 +00:00
Nick Mathewson
952b34d610 r11627@Kushana: nickm | 2006-12-17 11:37:39 -0500
Remove an artificial upper bound on expected bandwidth.  More immediately, fix a VC warning.


svn:r9146
2006-12-17 16:37:46 +00:00
Roger Dingledine
b3b75a3bef write-limiting fix: avoid a rare bug where we don't remember
that there's stuff on the outbuf we want to flush.


svn:r9142
2006-12-16 11:36:36 +00:00
Roger Dingledine
0cc7eaf302 remove some dead comments, and resolve some XXXs
svn:r9141
2006-12-16 11:34:12 +00:00
Roger Dingledine
f175aca3a8 and then revert half of r9138
svn:r9140
2006-12-16 07:04:26 +00:00
Nick Mathewson
80b8abf7be r11618@Kushana: nickm | 2006-12-16 02:00:52 -0500
Make router_is_me work without calling router_rebuild_descriptor.


svn:r9139
2006-12-16 07:00:59 +00:00
Roger Dingledine
9cd8feb649 fix an infinite loop and a memory leak in r9131
svn:r9138
2006-12-16 06:56:58 +00:00
Nick Mathewson
31e09bb524 r11614@Kushana: nickm | 2006-12-15 17:39:42 -0500
Implement SETEVENTS GUARD.  Needs review and testing.


svn:r9137
2006-12-15 22:40:20 +00:00
Nick Mathewson
251f007b75 r11609@Kushana: nickm | 2006-12-15 16:42:21 -0500
Implement GETINFO fingerprint.


svn:r9136
2006-12-15 21:51:24 +00:00
Roger Dingledine
ce51a1d349 a changelog for write limiting. also, disable the "advertise dirport
until we reach our max bandwidth if it's tiny" trick now that we
do the bandwidth self-test on boot.


svn:r9134
2006-12-15 21:39:35 +00:00
Nick Mathewson
f53a269928 r11598@Kushana: nickm | 2006-12-15 15:59:00 -0500
Add internal documentation for a bunch of configuration options.  We should do something to keep this list, the canonical list, the tor.1 list, and the torrc.complete list in sync.


svn:r9133
2006-12-15 21:27:19 +00:00
Nick Mathewson
078aab810b r11597@Kushana: nickm | 2006-12-15 15:49:27 -0500
Add a rudimentary line-wrapping function for use in dumping comments in config files.


svn:r9132
2006-12-15 21:26:23 +00:00
Nick Mathewson
ab2fc7bd62 r11596@Kushana: nickm | 2006-12-15 10:57:12 -0500
Mark some TODO items as done.  Also, never include ourself in our family list.


svn:r9131
2006-12-15 21:26:15 +00:00
Roger Dingledine
bdf470c263 turn TunnelDirConns on by default.
that's what alpha releases are for, right?


svn:r9129
2006-12-15 21:06:21 +00:00
Roger Dingledine
c4ed331d8d oh, and catch the other instance we should fix
svn:r9122
2006-12-15 08:14:32 +00:00
Roger Dingledine
0bc0688668 if we rotate our onion key, publish a new descriptor, and
die soon after, we want to stick with that onion key when
we restart.


svn:r9121
2006-12-15 07:58:31 +00:00
Nick Mathewson
38bd6837db r11588@Kushana: nickm | 2006-12-15 02:04:32 -0500
Add a LastRotatedOnionKey variable to the state file, so we can rotate onion keys a week after they change even if we never stay up for a whole week at a time.  Should fix bug 368.


svn:r9120
2006-12-15 07:04:37 +00:00
Roger Dingledine
2ae9615a0b take the broken obsolete url out again.
seriously, this line should stay out.
how can we make this happen?


svn:r9119
2006-12-15 06:22:52 +00:00
Nick Mathewson
62f711fcf3 r11585@Kushana: nickm | 2006-12-15 01:11:49 -0500
Tabify eventdns so that it matches libevent house style.


svn:r9118
2006-12-15 06:12:14 +00:00
Nick Mathewson
b16aa6412e r11584@Kushana: nickm | 2006-12-15 01:10:45 -0500
Try to reconcile (except for whitespace) eventdns with version in libevent, so it is easier for me to send merges.  These changes should be cosmetic. (Ha!)


svn:r9117
2006-12-15 06:12:01 +00:00
Nick Mathewson
fdb10ff0b5 r11580@Kushana: nickm | 2006-12-15 00:09:46 -0500
Resolve bug 369: Check for integer underflow when printing "bytes left" accounting numbers.  Also fix a copyright date that I noticed while reading the bug.  Also make a buffer big enough that strings will not get truncated.  All are backport candidates.


svn:r9115
2006-12-15 05:12:42 +00:00
Roger Dingledine
c44dd3870e clarify our use of local time vs GMT
svn:r9109
2006-12-14 23:39:14 +00:00
Roger Dingledine
30e4f4f6ce when we're doing a write split over the end of a circular
buffer, make sure our tls_get_forced_write_size doesn't
make it write whatever's after the buffer.

this hasn't triggered yet, but it would be rare, so let's
leave it in.


svn:r9107
2006-12-14 03:26:42 +00:00
Nick Mathewson
c9c8072bd3 r11569@Kushana: nickm | 2006-12-13 17:59:58 -0500
fix last fix


svn:r9106
2006-12-13 23:00:05 +00:00
Nick Mathewson
43e06eba8b r11566@Kushana: nickm | 2006-12-13 17:46:24 -0500
Try to fix an assert failure in new write limiting code: make buffers.c aware of previous "forced" write sizes from tortls.


svn:r9105
2006-12-13 22:46:42 +00:00
Roger Dingledine
5cce710e2b Some more documentation and specs for CONNECT_DIR and BEGIN_DIR.
Demand that BEGIN_DIR cells have an empty payload.


svn:r9104
2006-12-13 22:42:52 +00:00
Roger Dingledine
04409f202d reenable write limiting. nick finally convinced me this was
a smart move.

more todo sub-items remain for it.


svn:r9101
2006-12-13 07:08:36 +00:00
Roger Dingledine
97c83a4c09 finish enabling begin-dir cells. require one-hop circs for
socks-command-connect-dir streams, so we don't open new anonymity
questions.


svn:r9099
2006-12-13 02:49:45 +00:00
Roger Dingledine
0dbf725927 Infrastructure to test BEGIN_DIR cells.
New socks command CONNECT_DIR. New config option TunnelDirConns that
builds a circ ending at the directory server and delivers a BEGIN_DIR
cell if it's running 0.1.2.2-alpha or later. We still need to make
one-hop circs when appropriate, while making other conns avoid them.


svn:r9098
2006-12-13 00:28:56 +00:00
Roger Dingledine
f5164ba61d remove an XXXX that asked to get removed
svn:r9097
2006-12-13 00:05:28 +00:00
Roger Dingledine
477438e6c7 a better fix. puts r8446 to bed.
svn:r9096
2006-12-12 21:09:30 +00:00
Roger Dingledine
1efd377428 Fix a bug in 0.1.2.2-alpha that prevented clients from asking
to resolve an address at a given exit node even when they ask for
it by name.


svn:r9095
2006-12-12 20:23:17 +00:00
Roger Dingledine
7217f3ca47 couldn't handle leaving this typo in
svn:r9094
2006-12-12 20:20:48 +00:00
Roger Dingledine
ee144598c8 minor cleanups and notes
svn:r9093
2006-12-12 20:19:54 +00:00
Nick Mathewson
9fa707f5d3 r11552@Kushana: nickm | 2006-12-12 13:34:13 -0500
fix a signed/unsigned comparison in eventdns.c


svn:r9092
2006-12-12 18:34:22 +00:00
Nick Mathewson
a3a00df69d r11548@Kushana: nickm | 2006-12-12 00:44:51 -0500
Merge whitespace and other changes from libevent


svn:r9090
2006-12-12 05:45:19 +00:00
Nick Mathewson
494e45482a r11536@Kushana: nickm | 2006-12-11 22:48:21 -0500
Add ipv6 functionality to evdns.


svn:r9089
2006-12-12 03:48:46 +00:00
Nick Mathewson
35d92f8245 r11498@Kushana: nickm | 2006-12-11 21:40:24 -0500
Document all structures and (non-exported) functions.  External documentation will probably wind up being a manpage, hopefully written by somebody else.


svn:r9087
2006-12-12 02:57:02 +00:00
Nick Mathewson
097aec8e9d r11497@Kushana: nickm | 2006-12-11 21:17:45 -0500
Rename nameserver functions: every one should now have "server" in the name.


svn:r9086
2006-12-12 02:56:54 +00:00
Nick Mathewson
707429e9a3 r11496@Kushana: nickm | 2006-12-11 19:39:37 -0500
Clean up XXXX comments in evdns code.  Make server_ports actually go away when their refcnt reaches zero.


svn:r9085
2006-12-12 02:56:47 +00:00
Nick Mathewson
d22deb61d6 r11495@Kushana: nickm | 2006-12-11 19:11:14 -0500
More evdns: tab fixes.  Dont make users worry about flags.  Set truncated flag correctly when generating responses, rather than just bailing out.


svn:r9084
2006-12-12 02:56:41 +00:00
Nick Mathewson
abc1304aef r11494@Kushana: nickm | 2006-12-11 14:50:20 -0500
Export DNS types and classes in eventdns.h so that server code can use them.


svn:r9083
2006-12-12 02:56:35 +00:00
Nick Mathewson
fc125b1ef4 r11493@Kushana: nickm | 2006-12-11 14:28:42 -0500
Oops; apparently DNS replies are supposed to include the questions.  Revise "add_ptr_reply" to accept an inaddr_arpa name instead of just the sockaddr_in. Also, add a "-servertest" function to the test code to see whether the DNS server logic is working.


svn:r9082
2006-12-12 02:56:28 +00:00
Nick Mathewson
e53bca15e7 r11492@Kushana: nickm | 2006-12-11 12:30:23 -0500
Implement dns server reply retry logic.


svn:r9081
2006-12-12 02:56:23 +00:00
Nick Mathewson
c58d9494df r11491@Kushana: nickm | 2006-12-11 12:12:57 -0500
More DNS server hacking: everything except testing, and retries, and documentation, and Tor integration.


svn:r9080
2006-12-12 02:56:20 +00:00
Nick Mathewson
991308fac9 svn:r9079 2006-12-12 02:56:17 +00:00
Nick Mathewson
ff029a635d svn:r9077 2006-12-12 02:54:48 +00:00
Nick Mathewson
e190acf780 r9254@Kushana: nickm | 2006-10-17 17:23:36 -0400
Implement dns label compression.  Clients do not need this much; dns servers definitely do.


svn:r9073
2006-12-12 02:50:17 +00:00
Nick Mathewson
e9d67b1162 r9099@Kushana: nickm | 2006-10-05 17:42:55 -0400
start fleshing out some logic to build server support into eventdns.  Still needs work and testing.


svn:r9068
2006-12-12 02:49:45 +00:00
Roger Dingledine
ea93289590 fix another bug in r9052, pointed out by robert hogan
svn:r9063
2006-12-10 17:30:33 +00:00
Roger Dingledine
e206d22297 some more cleanups and a bugfix on r9052
svn:r9062
2006-12-10 08:04:50 +00:00
Roger Dingledine
733882315d resolve a buffer overflow / crash from r9051
svn:r9061
2006-12-10 04:50:33 +00:00
Roger Dingledine
f7319a0b6d correction and cleanups on r9047
svn:r9060
2006-12-09 19:40:16 +00:00
Roger Dingledine
29099a98c2 fix xiando's bug -- we were reporting stuff about hibernation
even though it wasn't enabled.


svn:r9055
2006-12-09 02:55:40 +00:00
Nick Mathewson
81be0ad1e5 r11486@Kushana: nickm | 2006-12-08 00:58:47 -0500
Fix a longstanding bug in eventdns related to timeouts:  The timeout count was never actually reset to 0.  Argh.  Now we reset it to zero after we get a successful request, or after we notice that a nameserver is back up, or after we decide the nameserver is down because of timeouts.  This may fix bug 326.


svn:r9054
2006-12-08 05:59:21 +00:00
Nick Mathewson
cf04e1e6e7 r11479@Kushana: nickm | 2006-12-07 23:38:54 -0500
Refactor GETINFO into a table-driven dispatch, as suggested by arma.  My brain hurts.


svn:r9052
2006-12-08 04:39:13 +00:00
Nick Mathewson
1567e13dc8 r11475@Kushana: nickm | 2006-12-07 20:49:21 -0500
Make GETINFO dir/status/... work even when we are not a directory.  Needs a little cleanup.  Closes bug 263.


svn:r9051
2006-12-08 01:50:02 +00:00
Roger Dingledine
566543a4f8 more changes on r9041
svn:r9049
2006-12-07 20:14:29 +00:00
Nick Mathewson
b4a90ca8a3 r11469@Kushana: nickm | 2006-12-07 15:11:04 -0500
Round stored/transmitted values for bandwidth usage.  This might make some attacks work less well.  This might well be voodoo, but it gives me a warm fuzzy feeling.


svn:r9048
2006-12-07 20:11:36 +00:00
Nick Mathewson
7c79495137 r11468@Kushana: nickm | 2006-12-07 14:56:57 -0500
Revise logic used to flush state to disk. Now, we try to batch non-urgent changes so that we do not do too many writes, and we save very-non-urgent changes every once in a rare while, and we never save more than once per second.


svn:r9047
2006-12-07 20:11:30 +00:00
Nick Mathewson
c304a10fd3 r11467@Kushana: nickm | 2006-12-07 14:38:54 -0500
Whitespace cleanup


svn:r9046
2006-12-07 20:11:24 +00:00
Nick Mathewson
6c8075d8a0 r11462@Kushana: nickm | 2006-12-07 13:42:21 -0500
Make bandwidth accounting information get stored to the state file as well as bw_accounting.  Read from the state file if it is more recent than bw_accounting, or if bw_accounting is not there.


svn:r9044
2006-12-07 18:57:37 +00:00
Nick Mathewson
63e4cfbeb6 r11461@Kushana: nickm | 2006-12-07 13:16:45 -0500
Change logging format of state file to only include non-default values.  Adjust clients to never store bandwidth history in the state file. (Possible backport candidate.)


svn:r9043
2006-12-07 18:57:29 +00:00
Nick Mathewson
26392fc75d r11458@Kushana: nickm | 2006-12-07 12:04:22 -0500
Fix bug 338: log verbose nicknames, not just keys, for intro points.  Also, suppress intro point name logging when SafeLogging is 1. (The security part is a possible backport candidate.)


svn:r9041
2006-12-07 17:04:44 +00:00
Nick Mathewson
8249f5d676 r11456@Kushana: nickm | 2006-12-07 10:09:55 -0500
oops; removed one unmap too many in the tests.


svn:r9040
2006-12-07 15:10:36 +00:00
Nick Mathewson
e6c467fe07 r11454@Kushana: nickm | 2006-12-07 10:07:24 -0500
Apparently, we actually hit the nasty mmap-then-unlink behavior.  Fix it.


svn:r9039
2006-12-07 15:07:33 +00:00
Nick Mathewson
97e5e78afd r11451@Kushana: nickm | 2006-12-07 10:06:30 -0500
Apparently Windows takes a dim view of unlinking a file while it is mapped.  Silly windows, did nobody ever tell you about inodes?


svn:r9038
2006-12-07 15:06:38 +00:00
Roger Dingledine
44c55dad23 Fix an assert failure when the directory authority sets
AuthDirRejectUnlisted and then receives a descriptor from an
unlisted router (reported by seeess).


svn:r9023
2006-12-04 18:54:01 +00:00
Nick Mathewson
a91c12f2e7 r9855@Kushana: nickm | 2006-12-04 00:55:09 -0500
Merge circuit_about_to_close_connection and connection_about_to_close_connection.


svn:r9021
2006-12-04 05:55:40 +00:00
Nick Mathewson
f90cd5bfc0 r9853@Kushana: nickm | 2006-12-04 00:02:03 -0500
Patch from Fabian Keil: Fix return statement in get_pf_socket()


svn:r9020
2006-12-04 05:09:09 +00:00
Roger Dingledine
c5b90daf86 cleanups, bump to 0.1.2.4-alpha
svn:r9015
2006-12-02 22:47:46 +00:00
Nick Mathewson
d1fdabf1c7 r9843@Kushana: nickm | 2006-11-30 17:22:25 -0500
Turn an xxxx0124 into an #ifdef; avoid leaking memory.


svn:r9013
2006-11-30 22:23:01 +00:00
Roger Dingledine
ab68e312bd actually, i think this fix was closest to what i originally
intended. this way we don't call resolve-my-address, which
yells and screams if we're using an internal address (mere
clients should not have to care).


svn:r8998
2006-11-26 20:01:45 +00:00
Nick Mathewson
116ae04c2d r9399@totoro: nickm | 2006-11-26 14:22:17 -0500
Actually, clients *should* try to guess their addresses.


svn:r8997
2006-11-26 19:22:25 +00:00
Nick Mathewson
68142b18cd r9396@totoro: nickm | 2006-11-26 13:36:29 -0500
Fix router_new_address_suggestion() so it only changes last_guessed_ip() when it actually calls resolve_my_address(). (bug found by dev-girl)


svn:r8996
2006-11-26 18:36:51 +00:00
Roger Dingledine
69ae0a2986 we were leaking all the fingerprints for !reject, !invalid,
and !badexit lines in the approved-routers file.


svn:r8974
2006-11-20 16:36:44 +00:00
Nick Mathewson
b1dc014fc6 r9347@totoro: nickm | 2006-11-20 11:24:46 -0500
11:23 < armadev> typo
 11:23 < nickm> ?
 11:23 < armadev> did you get the coffee yet? :)
 11:23 < nickm> no
 11:23 < armadev> i'm at an advantage..i haven't slept yet


svn:r8972
2006-11-20 16:26:52 +00:00
Nick Mathewson
b4ea6136a4 r9345@totoro: nickm | 2006-11-20 11:22:10 -0500
Fix a small and unlikely memory leak in dirserv.c. I think this is not the one arma is looking for.


svn:r8971
2006-11-20 16:22:46 +00:00
Nick Mathewson
aef64c1277 r9577@Kushana: nickm | 2006-11-20 11:07:28 -0500
Oops; fix bug in last fix. Time to get some coffee.


svn:r8970
2006-11-20 16:07:33 +00:00
Nick Mathewson
a667f2e514 r9567@Kushana: nickm | 2006-11-20 11:05:59 -0500
Fix leak in choose_good_exit_server_general()


svn:r8969
2006-11-20 16:06:09 +00:00
Nick Mathewson
e2abc727e5 r9561@Kushana: nickm | 2006-11-16 22:32:54 -0500
Tweaks to test-connection patch:  use ".noconnect" instead of ".test" (since there are lots of ways to test things).  Use a regular sequence of STREAM events (NEW followed by CLOSED) instead of a new event type.  Make the function that checks the address be static and use const and strcasecmpend properly.
 


svn:r8959
2006-11-17 03:34:58 +00:00
Nick Mathewson
d125c61e02 r9560@Kushana: nickm | 2006-11-16 22:09:12 -0500
Check in an implementation of "test" connections from Scott Squires:
 these connections immediately close upon reaching Tor.  They're useful
 for apps that want to check whether they're talking to the same Tor as
 a given controller.  (I'll be tweaking this a bit before I push.)
 


svn:r8958
2006-11-17 03:34:44 +00:00
Nick Mathewson
b052b810e2 r9319@totoro: nickm | 2006-11-14 13:04:50 -0500
Patch from Zajcev Evgeny to make natd work properly (we needed to allow extra characters after the port number).


svn:r8952
2006-11-14 18:05:01 +00:00
Nick Mathewson
ad1f019110 r9317@totoro: nickm | 2006-11-13 22:45:33 -0500
Fix some more mipspro warnings.  Nothing should remain excecpt "conversion from pointer to same-sized integral type."


svn:r8950
2006-11-14 03:45:48 +00:00
Nick Mathewson
9243e54177 r9313@totoro: nickm | 2006-11-13 20:07:41 -0500
Try to compile with fewer warnings on irix64's MIPSpro compiler /
 environment, which apparently believes that:
   - off_t can be bigger than size_t.
   - only mean kids assign things they do not subsequently inspect.
 
 I don't try to fix the "error" that makes it say:
 
 cc-3970 cc: WARNING File = main.c, Line = 1277
   conversion from pointer to same-sized integral type (potential portability
           problem)
 
     uintptr_t sig = (uintptr_t)arg;
 
 Because really, what can you do about a compiler that claims to be c99
 but doesn't understand that void* x = NULL; uintptr_t y = (uintptr_t) x;
 is safe?
 


svn:r8948
2006-11-14 01:07:52 +00:00
Nick Mathewson
0f6402f17b r9309@totoro: nickm | 2006-11-13 19:05:41 -0500
Whitespace fixes, and clean up code from last natd patch.


svn:r8947
2006-11-14 00:06:45 +00:00
Nick Mathewson
1913cb915e r9308@totoro: nickm | 2006-11-13 18:41:23 -0500
Add support for (Free?)BSD's natd, which was an old way to let you
 have your firewall automatically redirect traffic.  (Original patch
 from Zajcev Evgeny, updated for 0.1.2.x by tup.)
 


svn:r8946
2006-11-14 00:06:31 +00:00
Nick Mathewson
fa6fbbc150 r9307@totoro: nickm | 2006-11-13 18:25:56 -0500
Patch from tup based on patch from Zajcev Evgeny: Make TransPort work even when the server wants to talk before the client.


svn:r8945
2006-11-14 00:06:02 +00:00
Nick Mathewson
0ad2fd1129 r9467@Kushana: nickm | 2006-11-01 18:51:16 -0500
Allow larger amounts of drift in uptime to be "cosmetic".


svn:r8891
2006-11-01 23:53:15 +00:00
Nick Mathewson
5d7ca19b44 r9465@auth3-479: nickm | 2006-11-01 13:16:21 -0500
Add some temporary code to count  how many *distinct* router digests we verify.  (I have a sneaking suspicion that the numbers look way way high.)


svn:r8890
2006-11-01 18:16:44 +00:00
Peter Palfrader
c195b8f806 r10475@danube: weasel | 2006-11-01 14:33:35 +0100
Fix copy/paste error


svn:r8889
2006-11-01 13:33:49 +00:00
Nick Mathewson
31e274ddd3 r9461@Kushana: nickm | 2006-10-31 20:30:12 -0500
Oops. Fix compile error in last build.


svn:r8888
2006-11-01 01:30:25 +00:00
Nick Mathewson
9e13a6f31c r9457@Kushana: nickm | 2006-10-31 18:35:17 -0500
Do not warn when an OR gives us a new circuit end reason. (This will prevent bug 351 from recurring.)


svn:r8887
2006-10-31 23:35:50 +00:00
Nick Mathewson
1bf1f9d2fc r9449@Kushana: nickm | 2006-10-31 00:12:02 -0500
Dump breakdown of PK operations when we get a USR2 signal.  This should help us figure out of we are doing some of them for stupid reasons.


svn:r8881
2006-10-31 19:17:07 +00:00
Roger Dingledine
8a781f7f34 general cleanups from looking through or-cvs
svn:r8855
2006-10-29 07:41:25 +00:00
Roger Dingledine
8f7940348f Avoid an infinite loop on evil controlport input. Fixes bug 350,
unless it doesn't. (Nick, please confirm.)

Backport candidate.


svn:r8844
2006-10-28 08:17:02 +00:00
Roger Dingledine
e473ca2427 give a nicer warning message when windows people try to
configure syslog in their torrc


svn:r8841
2006-10-27 19:35:12 +00:00
Nick Mathewson
5b72dc77ad r9395@Kushana: nickm | 2006-10-26 22:06:51 -0400
Fix Bug 349: Have GETINFO network-status return even old routers, and use long nicknames where appropriate.  Document this.


svn:r8834
2006-10-27 02:07:04 +00:00
Nick Mathewson
3fbb292bff r9389@Kushana: nickm | 2006-10-25 17:46:16 -0400
Add a CLEARDNSCACHE signal to clear the client-side DNS cache.


svn:r8829
2006-10-25 21:46:21 +00:00
Nick Mathewson
5c670a186c r9386@Kushana: nickm | 2006-10-25 17:35:38 -0400
Resolve bug 347: translate v0 controller signal numbers into internal signal numbers; leave v1 signal numbers alone.


svn:r8828
2006-10-25 21:39:42 +00:00
Nick Mathewson
4df90e455c r9164@totoro: nickm | 2006-10-24 17:50:43 -0400
Oops: 17:50 < armadev> today is opposite day?


svn:r8822
2006-10-24 21:51:06 +00:00
Nick Mathewson
6b7d1c94da r9162@totoro: nickm | 2006-10-24 17:41:35 -0400
Make "boolean !=" logic more obvious.


svn:r8821
2006-10-24 21:41:48 +00:00
Nick Mathewson
a5bf6df14a r9160@totoro: nickm | 2006-10-24 17:38:07 -0400
More dirserver oops: actually set the digest for a given name in the case when the name is not yet recognized.


svn:r8820
2006-10-24 21:38:31 +00:00
Nick Mathewson
ba1b04c736 r9158@totoro: nickm | 2006-10-24 16:50:18 -0400
Oops on last authority patch: handle routers with unrecognized fingerprints correctly


svn:r8819
2006-10-24 20:51:28 +00:00
Roger Dingledine
6877a7e1ee and update the pile of getinfo strings that's impossible to remember
to update


svn:r8813
2006-10-24 04:55:02 +00:00
Nick Mathewson
6c7bf2f830 r9364@Kushana: nickm | 2006-10-23 22:57:48 -0400
Remove reference to NS_FULL event; add two GETINFO targets.


svn:r8812
2006-10-24 02:58:03 +00:00
Roger Dingledine
6ecf74af60 and blow away what appears to be some redundant logic
svn:r8806
2006-10-23 10:17:52 +00:00
Roger Dingledine
77c8c0ee51 spec and implement some more status events. start to build
some conventions.


svn:r8805
2006-10-23 10:16:43 +00:00
Roger Dingledine
2a1c294717 implement a few status events, so we can make sure they work,
and so vidalia can start handling them if it wants.


svn:r8802
2006-10-23 05:51:46 +00:00
Roger Dingledine
c804eea39d build on 64-bit again
svn:r8801
2006-10-23 05:36:56 +00:00
Roger Dingledine
d48828dbe1 good thing we didn't have to track this bug down the old-fashioned way
svn:r8800
2006-10-23 05:29:40 +00:00
Nick Mathewson
4401c47f63 r9347@Kushana: nickm | 2006-10-23 01:24:48 -0400
Implement status event backend logic.


svn:r8799
2006-10-23 05:24:57 +00:00
Nick Mathewson
27a3f0da2b r9320@Kushana: nickm | 2006-10-22 15:56:27 -0400
fix unittests; add more tests for smartlist stuff; make tests cache generated RSA keys (to speed up unittest run time by 30% and encourage people to run them more).


svn:r8796
2006-10-23 03:48:58 +00:00
Nick Mathewson
ed69c10b3f r9319@Kushana: nickm | 2006-10-22 15:25:18 -0400
oops; include or.h changes for last patch.


svn:r8795
2006-10-23 03:48:52 +00:00
Nick Mathewson
42bab1c6d3 r9318@Kushana: nickm | 2006-10-22 15:22:57 -0400
Let directory authorities set the BadExit flag if they like.  Also, refactor directory authority code so we can believe multiple things about a single router, and do fewer linear searches.


svn:r8794
2006-10-23 03:48:42 +00:00
Roger Dingledine
07cfeb0198 fix a minor memory leak every time we rebuild the router store,
fix a rare memory leak if something goes wrong while rebuilding it,
and clean up some code. nick, please confirm.

reported by "fookoowa" in flyspray 346 (yay!)


svn:r8789
2006-10-22 08:08:10 +00:00
Roger Dingledine
0f33a548c2 fix a string, pointed out by matt edman.
also fix a bug next to it that i noticed.


svn:r8784
2006-10-21 02:51:35 +00:00
Roger Dingledine
a0ec758f9e stop writing arbitrary memory out on the controller port.
it's an ugly patch, but at least this way we can see that
it's fixed. maybe clean up the whole "@" syntax later on.


svn:r8783
2006-10-20 23:23:19 +00:00
Nick Mathewson
c9a01dea53 r9313@Kushana: nickm | 2006-10-20 17:04:11 -0400
Oops. Conform to spec.


svn:r8782
2006-10-20 21:04:44 +00:00
Nick Mathewson
01bc03eff4 r9312@Kushana: nickm | 2006-10-20 14:45:22 -0400
Add an event type to tell the controller when our opinion of a router status has changed.  I might have missed some cases here.


svn:r8781
2006-10-20 21:04:39 +00:00
Roger Dingledine
0459db2c0d checkpoint some changes as i read diffs
svn:r8780
2006-10-20 19:11:12 +00:00
Nick Mathewson
b27cb38dee r9307@Kushana: nickm | 2006-10-20 13:53:54 -0400
Have connection_about_to_close use an end_reason field in edge_connection_t to tell what reason to tell the controller for closing the stream.  Set end_reason in connection_edge_end, connection_mark_unattached_ap, and everwhere we set edge_has_sent_end.  Add a changelog entry.


svn:r8779
2006-10-20 17:54:48 +00:00
Nick Mathewson
8e94097edb r9306@Kushana: nickm | 2006-10-20 13:27:43 -0400
Enable reasons for stream events in all cases but CLOSED in about_to_close_connection.  That one will take a little longer.


svn:r8778
2006-10-20 17:54:43 +00:00
Nick Mathewson
12af87539b r9303@Kushana: nickm | 2006-10-20 12:07:34 -0400
Start implementing reason extension for stream events to match the one one used by circuit events. (Not a complete implementation yet; actual reasons are not passed to control.c)


svn:r8777
2006-10-20 17:54:36 +00:00
Nick Mathewson
c8c36dd227 r9304@dhcp-18-188-67-85: nickm | 2006-10-20 12:22:46 -0400
Change HT_INIT from a special-case to a macro-calling-a-function like the rest of ht.h.  This might prevent errors if somebody did, I dunno, "HT_INIT(tp, hashtable++)". Based on a patch from Watson Ladd.


svn:r8776
2006-10-20 16:22:53 +00:00
Nick Mathewson
2d7cf75e42 r9298@dhcp-18-188-67-85: nickm | 2006-10-20 11:25:07 -0400
Weasel correctly notes that we should not discard the return value from connection_exit_begin_con.  Right now, the return value is always discardable, so this does not actually cause a bug, but it might later. So fix it.


svn:r8774
2006-10-20 15:26:02 +00:00
Nick Mathewson
e5f064c983 r9290@31-35-219: nickm | 2006-10-20 10:32:33 -0400
Add a GETINFO target so controllers can ask Tor for the current state of a router.  (Results given in networkstatus format.)


svn:r8772
2006-10-20 14:58:29 +00:00
Nick Mathewson
136ed33071 r9289@31-35-219: nickm | 2006-10-20 09:43:22 -0400
Fix longstanding bug in connection_exit_begin_conn():  Since connection_edge_end() exits when the connection is unattached, we were never sending RELAY_END cells back for failed RELAY_BEGIN attempts. Fix this.  This might make clients that were otherwise timing out either fail faster or retry faster, which is good news for us.


svn:r8770
2006-10-20 14:57:46 +00:00
Nick Mathewson
7f8d9e8af2 r9287@Kushana: nickm | 2006-10-19 19:28:31 -0400
Weasel points out that a routerdesc requested by digest can never change.  Weasel is right.


svn:r8766
2006-10-19 23:28:38 +00:00
Nick Mathewson
974bdee183 r9277@Kushana: nickm | 2006-10-19 19:03:05 -0400
Add pragma:no-cache and expires headers so that directory lookups can work better in the presence of caching HTTP proxies. (I would have used Cache-Control, but that is an HTTP/1.1 thing.)  All timeouts are currently wild-assed guesses.


svn:r8765
2006-10-19 23:05:34 +00:00
Nick Mathewson
f47c49228d r9276@Kushana: nickm | 2006-10-19 17:08:15 -0400
Add some more unit tests for policies.


svn:r8764
2006-10-19 23:05:25 +00:00
Nick Mathewson
96caedecc7 r9275@Kushana: nickm | 2006-10-19 16:45:19 -0400
Split smartlist tests into their own function, and add a couple more.  Re-enable strmap iteration tests.  Remove tests for code that doesnt exist any more (parse_nickname_list, identity ciphers).


svn:r8763
2006-10-19 23:05:19 +00:00
Nick Mathewson
7551c44a53 r9274@Kushana: nickm | 2006-10-19 16:16:58 -0400
Add unit tests for tor_mmap_file(); make tor_mmap_t.size always be the size of the file (not the size of the mapping); add an extra argument to read_file_to_str() so it can return the size of the result string.


svn:r8762
2006-10-19 23:05:02 +00:00
Nick Mathewson
126a3f699a r9273@Kushana: nickm | 2006-10-19 15:43:39 -0400
Never discard a descriptor for being too old until either it is recommended by no authorities, or until we download a better (more recent and recommended) one for the same router. This will eventually make it possible for servers to publish less often.


svn:r8761
2006-10-19 23:04:56 +00:00
Nick Mathewson
bfdb93d8bd r9272@Kushana: nickm | 2006-10-19 12:52:37 -0400
Fix an XXX in handling destroy cells: when we get a destroy cell with reason FOO, do not tell the controller REASON=FOO.  Instead, say REASON=DESTROYED REMOTE_REASON=FOO. Suggested by a conversation with Mike Perry.


svn:r8760
2006-10-19 23:04:49 +00:00
Nick Mathewson
4443934702 r9091@totoro: nickm | 2006-10-19 11:45:28 -0400
Change to BadExit logic: Let authorities set an "I list bad exits" flag.  Consider an exit bad if it is listed as bad by more than half of *those* authorities.  This gives us a better migration path.


svn:r8756
2006-10-19 15:45:48 +00:00
Nick Mathewson
df40c2e1ca r9080@totoro: nickm | 2006-10-19 11:00:16 -0400
Oops, forgot the patch: Use corect macro to detect cygwin builds (patch from Pei Hanru)


svn:r8754
2006-10-19 15:02:02 +00:00
Nick Mathewson
3c459a7397 r9077@totoro: nickm | 2006-10-18 11:41:16 -0400
Another patch from Mike Perry; sprintfing a NULL pointer. (with comment).


svn:r8747
2006-10-18 15:41:46 +00:00
Nick Mathewson
efbe87cb6c r9062@totoro: nickm | 2006-10-17 11:19:43 -0400
Fix -Wlots with command.c (a uchar is never -1).  Note also that one of our ifs is very stupid.


svn:r8741
2006-10-17 15:20:20 +00:00
Nick Mathewson
faf7445255 r9061@totoro: nickm | 2006-10-17 11:18:28 -0400
Oops. Libevent 1.2 exists.  Add it to our enum, even though we dont care yet.


svn:r8740
2006-10-17 15:20:15 +00:00
Nick Mathewson
b713b370bf r9060@totoro: nickm | 2006-10-17 11:12:48 -0400
Apply patch from Mike Perry: add more reasons for circuit destroys. (Slightly tweaked to avoid allocating a number for an "internal" reason.)


svn:r8739
2006-10-17 15:20:00 +00:00
Roger Dingledine
7d33c4b904 clean up and downgrade some log messages
svn:r8727
2006-10-15 07:42:51 +00:00
Roger Dingledine
584d598e8a move the 'time jump' warning back to a higher threshold.
this still occurs on moria sometimes if it's swapping to death.
so be it.


svn:r8725
2006-10-15 02:32:16 +00:00
Nick Mathewson
45b16c2d9e r9021@totoro: nickm | 2006-10-13 01:42:45 -0400
Fix for last patch. "", though empty, is true.  This ain't Python, Nick.


svn:r8701
2006-10-13 05:42:57 +00:00
Nick Mathewson
d453fd3709 r9019@totoro: nickm | 2006-10-13 01:32:34 -0400
Fix extraneous space in CIRC events when path is empty.


svn:r8700
2006-10-13 05:36:00 +00:00
Nick Mathewson
78043b8478 r9017@totoro: nickm | 2006-10-13 01:27:33 -0400
Second patch to work on circuit close reasons from Mike Perry.  Disabled partially; see comment.  Whitespace cleaned up.


svn:r8699
2006-10-13 05:27:59 +00:00
Nick Mathewson
eca28f24f5 r9004@totoro: nickm | 2006-10-11 18:05:24 -0400
Add client support for a 'BadExit' flag, so authorities can say "Server X is a poor choise for your nytimes.com connections, as it seems to direct them to HoorayForMao.com or (more likely) WouldYouLikeToBuyTheseFineEncyclopedias.com"
 


svn:r8690
2006-10-11 22:06:01 +00:00
Nick Mathewson
97e17d817b r8985@totoro: nickm | 2006-10-10 19:39:57 -0400
Fix a signed/unsigned compare in eventdns.c


svn:r8685
2006-10-10 23:46:33 +00:00
Roger Dingledine
552d828def - Stop triggering asserts if the controller tries to extend hidden
service circuits.
(also found by mwenge)


svn:r8682
2006-10-09 22:26:21 +00:00
Roger Dingledine
655859f76b When reporting verbose nicknames in entry_guards_getinfo(), avoid
printing a duplicate "$" in the keys we send. (Reported by mwenge)


svn:r8681
2006-10-09 21:26:34 +00:00
Roger Dingledine
86263acf95 Security bugfixes:
When the user sends a NEWNYM signal, clear the client-side DNS
  cache too. Otherwise we continue to act on previous information.


svn:r8679
2006-10-09 21:11:50 +00:00
Roger Dingledine
81dd9720f2 whitespace tweaks
svn:r8677
2006-10-09 20:54:51 +00:00
Nick Mathewson
69e0843f7c r8983@totoro: nickm | 2006-10-09 14:19:18 -0400
Add missing ! to code to generate short/verbose nicknames for orconn events.


svn:r8674
2006-10-09 18:19:32 +00:00
Nick Mathewson
26283e69ba r8973@totoro: nickm | 2006-10-09 11:45:47 -0400
Touch up last patch (to add REASON to CIRC events): make some reasons
 more sensible, send reasons only to controllers that have enabled
 extended events, and clean up whitespace.
 
 


svn:r8672
2006-10-09 15:47:50 +00:00
Nick Mathewson
b76fd968b4 r8972@totoro: nickm | 2006-10-09 10:36:22 -0400
Patch from Mike Perry: add a REASON field to closed and failed circ events.


svn:r8671
2006-10-09 15:47:27 +00:00
Nick Mathewson
17abfa6a6a r8971@totoro: nickm | 2006-10-09 10:16:23 -0400
Move definition of ssize_t to torint.h


svn:r8670
2006-10-09 15:47:08 +00:00
Nick Mathewson
829bf4dcd0 r8970@totoro: nickm | 2006-10-09 10:12:53 -0400
Win32 patch from Matt Edman: fix compilation bugs by casting to int; defining SSIZE_T; defining USE_TWOS_COMPLEMENT in windows orconfig.h; and using the proper names for win32 functions on GetProcAddress. Also fixes bug 295.


svn:r8669
2006-10-09 15:46:21 +00:00
Roger Dingledine
c639fd8258 was this one we missed?
svn:r8666
2006-10-09 06:22:31 +00:00
Nick Mathewson
e618c15aff r8967@totoro: nickm | 2006-10-08 23:38:50 -0400
Fix some test and warn failures in last commit


svn:r8665
2006-10-09 03:39:06 +00:00
Nick Mathewson
c6f2d725d0 r8957@totoro: nickm | 2006-10-08 22:35:17 -0400
The otherwise regrettable MIPSpro C compiler warns about values set but never used, and about mixing enums and ints; these are good warnings, and so should be fixed.  This removes some dead code and some potential bugs. Thanks to pnx.


svn:r8664
2006-10-09 02:35:51 +00:00
Nick Mathewson
c341255034 r8956@totoro: nickm | 2006-10-08 22:25:27 -0400
Fix bug with handling EVENT_NEW_DESC with verbose nicknames enabled.  Also, check for tor_vsnprintf failure in controller messages.


svn:r8663
2006-10-09 02:35:43 +00:00
Roger Dingledine
604b13c910 remove some old debugging code
svn:r8657
2006-10-08 23:20:43 +00:00
Nick Mathewson
d1c8fd9759 r8947@totoro: nickm | 2006-10-08 17:04:30 -0400
Fix signed/unsigned compare warning in eventdns.c


svn:r8654
2006-10-08 21:05:06 +00:00
Andrew Lewman
5227531744 Remove spurious void which causes builds to fail in mingw.
svn:r8650
2006-10-08 18:44:02 +00:00
Roger Dingledine
538c54e376 try dirport reachability testing five times less often.
it's already so darn thorough per test -- it chews through
like four circuits before giving up.


svn:r8646
2006-10-08 06:33:02 +00:00
Nick Mathewson
ea00437f74 r8933@totoro: nickm | 2006-10-07 20:33:16 -0400
whitespace fixes; add changelog for last commit.


svn:r8644
2006-10-08 00:33:43 +00:00
Nick Mathewson
1c01797c16 r8932@totoro: nickm | 2006-10-07 20:29:03 -0400
Try to make mingw capable of producing a working tor binary for win98: make all NT-service-related functions get lazy-loaded on demand.  I have no idea if this even compiles.


svn:r8643
2006-10-08 00:33:35 +00:00
Nick Mathewson
e230fe8ea6 r8926@totoro: nickm | 2006-10-07 15:56:14 -0400
refactor circuit_list_path and circuit_list_path_verbose into a common _impl function.


svn:r8642
2006-10-07 19:56:49 +00:00
Nick Mathewson
f07f7a7a12 r8923@totoro: nickm | 2006-10-07 11:44:33 -0400
More doxygen comments


svn:r8637
2006-10-07 16:25:28 +00:00
Roger Dingledine
9fb98b269c finish poking and prodding. i'm all happy now.
svn:r8633
2006-10-07 09:13:30 +00:00
Roger Dingledine
f2bd0e2f16 more minor cleanups
svn:r8630
2006-10-07 06:28:50 +00:00
Roger Dingledine
4f3827f1d1 resolve the entryguard uptime/capacity question. and mark a
new xxx that we'll want to address one day.


svn:r8628
2006-10-07 02:55:44 +00:00
Roger Dingledine
06e5b2283c minor cleanups
svn:r8622
2006-10-07 00:50:39 +00:00
Roger Dingledine
1cf37f90c4 bugfix and cleanups re: entry guards.
svn:r8620
2006-10-06 23:37:07 +00:00
Roger Dingledine
864069f5c7 fix a size_t-to-len compile warning
svn:r8618
2006-10-06 22:37:10 +00:00
Roger Dingledine
1d4bd3990f fetch all the v1 directory stuff way less often. plus, move
around some housecleaning calls so they still occur often.
are some of these redundant or in the wrong order? there are
so many of them, maybe they should be put into a separate
function that has better documentation.


svn:r8607
2006-10-06 09:04:11 +00:00
Roger Dingledine
d1b9de222e cleanups, closer to a changelog
svn:r8606
2006-10-06 07:50:57 +00:00
Roger Dingledine
b6e590a1a5 reapply a patch from adam langley that got clobbered when
nick merged something back in


svn:r8605
2006-10-06 06:46:08 +00:00
Roger Dingledine
baf208d7b3 bugfix: When testing reachability of our dirport, don't launch a new
test if there's already one in progress.


svn:r8604
2006-10-06 04:02:27 +00:00
Nick Mathewson
c15dc2d94c r9101@Kushana: nickm | 2006-10-05 23:05:11 -0400
Trivial fix for solaris build.  Libevent will want to use its own fix here, and probably already has.


svn:r8601
2006-10-06 03:05:19 +00:00
Nick Mathewson
4767d533f7 r9097@Kushana: nickm | 2006-10-05 14:51:57 -0400
Make eventdns.c formatting a little closer to evdns.c in libevent; add some bulletproofing to APPEND16 macro; clean some messages.


svn:r8600
2006-10-05 19:22:26 +00:00
Roger Dingledine
64b5fd3194 checkpoint some cleanups
svn:r8599
2006-10-05 08:23:21 +00:00
Nick Mathewson
5391ceb21a r9087@Kushana: nickm | 2006-10-04 01:19:15 -0400
We're trying to catch the kind of jerk who'd hijack zy6pzwohtnlq.test,
 not the kind of lunatic who'd hijack zy6pzwohtnlq%s.test, though
 apparently those exist too.
 


svn:r8595
2006-10-04 05:19:40 +00:00
Nick Mathewson
50320ac420 r8862@totoro: nickm | 2006-10-03 14:54:14 -0400
Make verbose names get used (when appropriate and selected) in responses to getinfo requests.


svn:r8593
2006-10-03 19:00:18 +00:00
Nick Mathewson
4c10464e13 r8861@totoro: nickm | 2006-10-03 14:49:54 -0400
Fix bug in r8579: TrackHostExits .foo.bar implies TrackHostExits foo.bar; also fix logic error.


svn:r8592
2006-10-03 19:00:12 +00:00
Nick Mathewson
1ae7282d9b r8857@totoro: nickm | 2006-10-03 13:54:21 -0400
Implement ORCONN with verbose names.


svn:r8588
2006-10-03 18:59:52 +00:00
Nick Mathewson
55bd42d50f r8841@totoro: nickm | 2006-10-02 15:59:21 -0400
Add EXTENDED_EVENTS to the USEFEATURE command; move flag from connection_t into control_conn, since we will probably grow more of these.


svn:r8585
2006-10-03 18:58:56 +00:00
Nick Mathewson
c796adc7df r8840@totoro: nickm | 2006-10-02 15:56:16 -0400
Add USEFEATURE to control changes to control protocol.  Use like __future__ directive from Python.  Will spec before pushing changes. No, really. :)


svn:r8584
2006-10-03 18:58:52 +00:00
Nick Mathewson
eb0f51f2a3 r8839@totoro: nickm | 2006-10-02 15:31:49 -0400
Make a field longer to accomodate verbose nicknames; note that verbose nicknames will never reach this point.


svn:r8583
2006-10-03 18:58:47 +00:00
Nick Mathewson
6e0b90a902 r8838@totoro: nickm | 2006-10-02 15:24:39 -0400
Partial implementation of revised nickname syntax for controllers.  Implement ability to look up routers by "verbose" nicknames; add a per-v1-control-connection flag to turn the feature on in events.  Needs testing, spec, ability to actually turn on the flag, double-checking that we wont overflow any nickname buffers, and changelog.


svn:r8582
2006-10-03 18:58:40 +00:00
Roger Dingledine
246fecb585 the other half of the is_local_IP patch
svn:r8581
2006-10-03 05:45:58 +00:00
Nick Mathewson
4c56ac93ca r8851@totoro: nickm | 2006-10-02 18:13:27 -0400
Remove/clarify some XXXs for no longer being accurate; for begin things we do not indend to fix; for already being parts of big todo issues (like "/* XXX ipv6 */"); etc. Also fix some spaces.


svn:r8580
2006-10-02 22:13:42 +00:00
Nick Mathewson
4de9f45d6f r8850@totoro: nickm | 2006-10-02 17:21:11 -0400
Make TrackExitHosts case-insensitive, and fix the behavior of .suffix TrackExitHosts items to avoid matching in the middle of an address. (Resolves an XXXX)


svn:r8579
2006-10-02 22:13:37 +00:00
Nick Mathewson
bff83b666c r8846@totoro: nickm | 2006-10-02 16:59:57 -0400
Move is_local_IP to config.c; have it check for same-/24; make it used only for reachability (not for banwidth, because that is probably not what we want). Fixes an XXX.


svn:r8578
2006-10-02 21:00:35 +00:00
Nick Mathewson
14f9b537d1 r8835@totoro: nickm | 2006-10-02 12:54:41 -0400
Improve error messages from AUTHENTICATE attempts to controller.


svn:r8574
2006-10-02 18:08:46 +00:00
Roger Dingledine
a3efc8e3d1 - V1 authorities should set "HSAuthoritativeDir 1" to continue being
hidden service authorities too.
- Just because your DirPort is open doesn't mean people should be
  able to remotely teach you about hidden service descriptors. Now
  only accept rendezvous posts if you've got HSAuthoritativeDir set.


svn:r8573
2006-10-01 22:16:55 +00:00
Nick Mathewson
57ffca883d r8826@totoro: nickm | 2006-10-01 17:58:45 -0400
Disprefer exit nodes for entry, middle positions (fixes bug 200).  Also, switch to using a uint64_t to hold "total bandwidth for all nodes" under consideration; crypt_rand_int would have died at 2GB/s network capacity.


svn:r8571
2006-10-01 21:59:09 +00:00
Roger Dingledine
3fcf736c83 misc touchups
svn:r8568
2006-10-01 21:42:44 +00:00
Nick Mathewson
ce72a9914e r8822@totoro: nickm | 2006-10-01 16:24:22 -0400
Fix bug 303: reject attempts to use Tor as a one-hop proxy.


svn:r8566
2006-10-01 20:50:11 +00:00
Roger Dingledine
7ed921708f Track down a seg fault that's been bothering me a while: if you
enable your dirport as a client, you'll crash.


svn:r8561
2006-10-01 07:53:17 +00:00
Roger Dingledine
4096e577c5 if we fail to build a circuit to an intended enclave, and it's
not mandatory that we use that enclave, stop wanting it.


svn:r8559
2006-10-01 06:41:13 +00:00
Roger Dingledine
96a4cb1dfa touchups
svn:r8558
2006-10-01 04:55:12 +00:00
Roger Dingledine
e6f4431722 stop trying to hammer router_rebuild_descriptor() when we don't
have a public address we like yet.


svn:r8554
2006-09-30 20:40:26 +00:00
Roger Dingledine
0fb7a7de95 Bugfix: when we tunnel our dir fetches via tor, don't believe
the X-Forwarded-For header.


svn:r8553
2006-09-30 20:14:15 +00:00
Nick Mathewson
fc9dd98d4c r8805@totoro: nickm | 2006-09-30 16:07:13 -0400
Oops; nameserver list is circular.


svn:r8552
2006-09-30 20:07:37 +00:00
Roger Dingledine
075cb54d9b make hidden service predicted circuits correct rather than
exactly incorrect. i wonder how much this will help.


svn:r8550
2006-09-30 19:22:24 +00:00
Nick Mathewson
723ff1c93d r8800@totoro: nickm | 2006-09-29 23:10:49 -0400
Resolve bug 336: When displaying circuit paths with non-named routers, use their digests, not their nicknames.


svn:r8548
2006-09-30 03:11:13 +00:00
Nick Mathewson
2cb956d1f5 r9036@Kushana: nickm | 2006-09-29 18:59:51 -0400
I am glad that arma reviews my patches.


svn:r8546
2006-09-29 22:59:59 +00:00
Nick Mathewson
c2d304366b r9032@Kushana: nickm | 2006-09-29 18:51:42 -0400
Now, all log messages should be distinct.


svn:r8545
2006-09-29 22:51:47 +00:00
Nick Mathewson
7d366f61cb r9025@Kushana: nickm | 2006-09-29 18:33:13 -0400
Differentiate more duplicated log entries


svn:r8542
2006-09-29 22:33:40 +00:00
Nick Mathewson
8308a37908 r9023@Kushana: nickm | 2006-09-29 17:27:24 -0400
Make distinct all non-bug messages at notice or higher that appear 3 or more times.


svn:r8541
2006-09-29 22:33:34 +00:00
Nick Mathewson
b21e656eaf r9007@Kushana: nickm | 2006-09-29 13:17:32 -0400
Make eventdns give strings for DNS errors, not just error numbers.


svn:r8535
2006-09-29 18:13:33 +00:00
Nick Mathewson
0335bd51d3 r9005@Kushana: nickm | 2006-09-29 10:37:55 -0400
Implement DESCCHANGED event to tell controller when our router descriptor changes.


svn:r8533
2006-09-29 18:13:25 +00:00
Nick Mathewson
8992bf6204 r8776@totoro: nickm | 2006-09-29 00:50:46 -0400
Reserve the nickname "Unnamed" for routers that can't pick a hostname; any
 router can call itself Unnamed; directory servers will never allocate Unnamed
 to any particular router; clients won't believe that any router is the
 canonical Unnamed.
 


svn:r8529
2006-09-29 04:51:28 +00:00
Nick Mathewson
9dbfb91f17 r8997@Kushana: nickm | 2006-09-28 23:40:22 -0400
[Needs review.] Add a BEGIN_DIR relay cell type for an easier
 in-protocol way to connect to directory servers through Tor.
 Previously, clients could only connect to director servers over Tor
 from exit nodes, but couldn't get directory information anonymously
 from a non-exit cache without getting a directory server involved.
 
 This needs testing, and needs client-side code to actually exercise it.
 


svn:r8527
2006-09-29 03:50:11 +00:00
Roger Dingledine
4791a4f1c9 combine the cutoff log entries
svn:r8524
2006-09-29 00:19:43 +00:00
Nick Mathewson
907fc6c73e r8977@Kushana: nickm | 2006-09-28 19:56:41 -0400
Make "is a v1 authority", "is a v2 authority", and "is a hidden service authority" into separate flags so we can eventually migrate more trust away from moria.


svn:r8523
2006-09-28 23:57:59 +00:00
Nick Mathewson
1a444e089a r8976@Kushana: nickm | 2006-09-28 17:18:57 -0400
Another tweak to guard logic: ignore check for the Guard flag if a server is listed on EntryNodes.  (Also remove redundant checks for always-set variables.)


svn:r8522
2006-09-28 23:57:56 +00:00
Nick Mathewson
d174cccd0b r8975@Kushana: nickm | 2006-09-28 17:13:53 -0400
Document entry-guard related functions


svn:r8521
2006-09-28 23:57:52 +00:00
Nick Mathewson
d3a06684bc r8974@Kushana: nickm | 2006-09-28 17:05:59 -0400
Improvement to last entry guards patch: track when we last attempted to connect to a node in our state file along with how long it has been unreachable.  Also clarify behavior of parse_iso_time() when it gets extra characters.


svn:r8520
2006-09-28 23:57:49 +00:00
Nick Mathewson
9988112c87 r8973@Kushana: nickm | 2006-09-28 16:53:19 -0400
Refactor entry guard status logic a lot; allow more factors [like not
 having a Guard flag or being listed in ExcludeNodes] to render a guard
 "unlisted" (now called "unusable"); track guard down status (now
 called "unreachable") separately from is_running.


svn:r8519
2006-09-28 23:57:44 +00:00
Peter Palfrader
bc25e87754 r9897@danube: weasel | 2006-09-29 01:08:44 +0200
Add a space in a wrapped log message


svn:r8517
2006-09-28 23:08:54 +00:00
Peter Palfrader
c339bd2713 r9895@danube: weasel | 2006-09-29 01:05:00 +0200
Restore to previous wording that svk merging made me mess up


svn:r8516
2006-09-28 23:05:17 +00:00
Peter Palfrader
540fbaae75 r9889@danube: weasel | 2006-09-29 00:57:42 +0200
bandwidth is not measured in bytes


svn:r8515
2006-09-28 22:59:36 +00:00
Peter Palfrader
9e6c0b8b3b r9888@danube: weasel | 2006-09-29 00:57:02 +0200
Also log guard bandwidth cutoff


svn:r8514
2006-09-28 22:59:25 +00:00
Peter Palfrader
14882b3ec0 r9770@danube: weasel | 2006-09-15 07:20:05 +0200
router_set_networkstatus() gets a list of status documents we asked for from
 connection_dir_client_reached_eof().  However, as a cache we (sometimes?) just
 ask for "all".  router_set_networkstatus() would freak out over that, meaning
 it would log a warning and drop the status document instead of caching it
 as it is supposed to.  Now we let router_set_networkstatus() know if the
 data comes from an all-request so it can do the right thing.


svn:r8513
2006-09-28 22:58:58 +00:00
Nick Mathewson
95132f836a r8750@totoro: nickm | 2006-09-27 20:52:01 -0400
Fix some warnings on mingw; hopefully this should let us build on mingw without warnings.


svn:r8509
2006-09-28 00:53:02 +00:00
Nick Mathewson
ba7868c7b3 r8969@Kushana: nickm | 2006-09-26 18:00:36 -0400
Remove a signed/unsigned comparison in eventdns.c


svn:r8508
2006-09-26 22:03:26 +00:00
Nick Mathewson
cd2425ffa0 r8968@Kushana: nickm | 2006-09-26 17:53:27 -0400
Fix for reverse dns: only assume we will get an answer when the result was success.


svn:r8507
2006-09-26 22:03:23 +00:00
Nick Mathewson
49ad1eefa1 Add an EnforceDistinctSubnets option so that clients who know what they are doing (mainly people with private testing networks) can disable our same-/16 detection.
svn:r8504
2006-09-25 22:12:54 +00:00
Nick Mathewson
01f9e97d43 Minor fix: add code to eventdns so it can free memory on shutdown. This should help valgrind and dmalloc freak out less.
svn:r8503
2006-09-25 20:38:58 +00:00
Nick Mathewson
52e179b942 Trivial fix to make dmalloc happier: release memory held in static member of escaped().
svn:r8502
2006-09-25 18:46:29 +00:00
Nick Mathewson
4fe76e7b6b Free named_server_map on shutdown.
svn:r8500
2006-09-25 16:06:39 +00:00
Roger Dingledine
ad430b9561 checkpoint changelog and general polishing
svn:r8497
2006-09-25 05:59:13 +00:00
Roger Dingledine
bc848c8740 add 6697 (ircs) as longlivedport.
svn:r8496
2006-09-25 05:24:43 +00:00
Roger Dingledine
bda137501e whitespace cleanups
svn:r8485
2006-09-24 20:54:59 +00:00
Nick Mathewson
11b4296b0b Marge changes from libevent evdns to our eventdns. Most are cosmetic, but one or two are stability-related. This should make it easier to push our changes back towards libevent.
svn:r8482
2006-09-24 17:52:23 +00:00
Nick Mathewson
d3af1f2189 Backport candidate: Fix a long-standing server-side DNS bug. When a
client asks us to resolve (not connect to) an address, and we have a
cached answer, give them the cached answer.  Previously, we would give
them no answer at all.



svn:r8478
2006-09-24 17:05:00 +00:00
Nick Mathewson
4218f09820 r8910@Kushana: nickm | 2006-09-22 12:14:05 -0400
Instead of just checking known-invalid addresses for DNS hijacking, we
 now check randomly generated addresses, and if too many of them map to
 the same IP, we assume that IP is the destination of a DNS hijack
 attempt.
 
 A little bird tells me that some DNS hijackers think that declining to
 give an A record for RFC2606 addresses (like .invalid and .example)
 makes them more standards compliant.  Standardswise, this is like an
 illicit brothel making sure that nobody has pulled the tags off the
 mattresss, but that doesn't get us out of working around it.
 


svn:r8465
2006-09-22 20:20:26 +00:00
Nick Mathewson
bde5939ad3 r8909@Kushana: nickm | 2006-09-22 00:38:13 -0400
Consider changes to has_old_dnsworkers as noncosmetic


svn:r8464
2006-09-22 20:20:21 +00:00
Roger Dingledine
aa77298819 remove 8888 as a long lived port. i can't remember why it's
on the list.


svn:r8461
2006-09-22 19:29:26 +00:00
Nick Mathewson
f0f3bbc63b r8901@Kushana: nickm | 2006-09-21 20:43:48 -0400
I tracked a bug in server-side reverse DNS to something concerning the caching code. Ive disabled server-side cacheing for reverse DNS answers for now, and I am noting the bug in the TODO.


svn:r8454
2006-09-22 00:45:08 +00:00
Nick Mathewson
6b3f6afb58 r8895@Kushana: nickm | 2006-09-21 20:05:11 -0400
Debug client-side reverse dns code.


svn:r8452
2006-09-22 00:44:07 +00:00
Nick Mathewson
213658f117 r8894@Kushana: nickm | 2006-09-21 18:30:42 -0400
Specify and implement SOCKS5 interface for reverse hostname lookup.


svn:r8451
2006-09-22 00:43:55 +00:00
Roger Dingledine
9bc8d69dfc remove some loud log messages
svn:r8450
2006-09-22 00:24:27 +00:00
Nick Mathewson
29a756af8e Fix a couple of server-side reverse dns bugs
svn:r8449
2006-09-22 00:10:26 +00:00
Nick Mathewson
63395c747c Fix stupid C mistake. Glad I caught that one fast.
svn:r8448
2006-09-21 22:57:07 +00:00
Nick Mathewson
58200f06a5 Fix bug in r8440: base32 uses 5 bytes per char, not 4.
svn:r8447
2006-09-21 22:24:45 +00:00
Nick Mathewson
4f13cb82fd r8881@Kushana: nickm | 2006-09-21 17:27:59 -0400
Allow resolve requests to non-exits when they are specifically requested (via resolve foo.bar.exit).


svn:r8446
2006-09-21 21:49:36 +00:00
Nick Mathewson
59f9487225 r8880@Kushana: nickm | 2006-09-21 17:26:02 -0400
Trivial patch to appease warn-happy gcc: mark unused parameter


svn:r8445
2006-09-21 21:49:15 +00:00
Nick Mathewson
adade79f68 r8879@Kushana: nickm | 2006-09-21 17:20:31 -0400
Oops from earlier patch; add "opt eventdns" to unittests, fix bug in routerdesc generation.


svn:r8444
2006-09-21 21:49:03 +00:00
Nick Mathewson
7c21dabef1 r8878@Kushana: nickm | 2006-09-21 17:15:47 -0400
Trivial whitespace cleanups.


svn:r8443
2006-09-21 21:48:55 +00:00
Nick Mathewson
6a1746f98f r8877@Kushana: nickm | 2006-09-21 17:12:33 -0400
Consider non-exit servers unsuitable for RESOLVE commands.


svn:r8442
2006-09-21 21:48:42 +00:00
Nick Mathewson
d273d52979 r8876@Kushana: nickm | 2006-09-21 16:58:46 -0400
Trivial cleanup: !!x is a weird way to spell x != NULL.


svn:r8441
2006-09-21 21:48:37 +00:00
Nick Mathewson
e4a9b4de4e r8875@Kushana: nickm | 2006-09-21 16:46:28 -0400
Resolve bug 330: detect ISPs that want to hijack failing DNS requests and basically domain-squat the entire internet.


svn:r8440
2006-09-21 21:48:22 +00:00
Nick Mathewson
04bec67574 r8874@Kushana: nickm | 2006-09-21 15:22:27 -0400
Rename and document SearchDomains and ResolvConf options; warn if ServerDNSResolvConfFile is given but eventdns isnt enabled.


svn:r8439
2006-09-21 21:48:16 +00:00
Nick Mathewson
083e9c2b59 r8873@Kushana: nickm | 2006-09-21 14:38:22 -0400
Fix a bug: Remember, each call to escaped() replaces the value returned from the last call to escaped().


svn:r8438
2006-09-21 21:48:11 +00:00
Nick Mathewson
a942441615 r8872@Kushana: nickm | 2006-09-21 14:00:20 -0400
Implement server-side reverse DNS using eventdns.  Add an option to routerdescs so we can tell which servers have eventdns enabled.


svn:r8437
2006-09-21 21:48:06 +00:00
Nick Mathewson
6b716fdfb9 NEEDS REVIEW. Act on previous comment, and handle named servers differently: now, we allow multiple servers with the same name in the routerlist even if that name is reserved, but we check whether names are reserved when we try to look up routers by nickname. This is a minor security fix. This makes router_add_to_routerlist O(1). This is a backport candidate.
svn:r8433
2006-09-19 23:48:14 +00:00
Nick Mathewson
5ebb949c9f Stop searching routerlist for routers with the same identity as other routers (on router insert): we already have a map for that. (We need to add an index field to routerinfo_t so we can figure out which point in the routerlist to replace.) Also, add a comment to routerlist.c; arma, please advise?
svn:r8432
2006-09-19 23:18:30 +00:00
Nick Mathewson
7b0ec744bc Switch routerlist.c to using memcmp on digests rather than crypto_pk_cmp_keys(); speed up find_whitespace a lot (8x for me) by using a switch statement. This should speed parsing a lot of routers at once by a lot.
svn:r8430
2006-09-19 22:20:09 +00:00
Roger Dingledine
e9abe750ea eventdns patch from Adam Langley
svn:r8429
2006-09-19 21:37:03 +00:00
Nick Mathewson
4bc42f4c18 Fix a bogus free() in eventdns.c. Bug reported by xiando.
svn:r8428
2006-09-19 20:45:20 +00:00
Nick Mathewson
93beeac01d Merge in some bsockets calls, all wrapped inside #if defined(USE_BSOCKETS)
svn:r8427
2006-09-19 20:41:31 +00:00
Roger Dingledine
0494e271e7 good god, that was a bad idea. i've built 500 circuits in the past 5
minutes, trying to establish reachability of my unreachable server.


svn:r8415
2006-09-18 04:59:15 +00:00
Roger Dingledine
4920b9d1cc Fix two bugs: first, "extendcircuit" would crash if you gave it a purpose.
Second, if you give an unknown purpose, it would say:
552 Unknown purpose "purpose=foo"
Now it just says
552 Unknown purpose "foo"


svn:r8412
2006-09-18 04:24:41 +00:00
Nick Mathewson
65974f82fa r8839@Kushana: nickm | 2006-09-17 16:11:59 -0400
Add some client performance XXXXs; try to move some common case tests higher on their decision trees.


svn:r8410
2006-09-17 20:12:10 +00:00
Roger Dingledine
b049b1b014 build testing circuits more rapidly. this has a failure mode
where if circuits fail quickly, we'll fail a lot of them very
quickly and not retry for a while. so be it.


svn:r8407
2006-09-17 06:18:06 +00:00
Roger Dingledine
bfa78b3dea actually, do the bandwidth test anyway, if you've been up at
least 6 hours at your previous address.


svn:r8403
2006-09-15 18:07:11 +00:00
Roger Dingledine
a51ec44466 avoid thrashing the bandwidth exercise when we change IPs a lot.
(we avoid simply by not doing any new tests when we change IPs --
it looks like we retain our previous bandwidth estimates, so there's
no need to do new exercise. though in some cases new exercises may
still be useful. one day we'll do something smarter.)


svn:r8402
2006-09-15 18:03:53 +00:00
Roger Dingledine
c22dc94fe6 make my bandwidth exercises actually happen
svn:r8400
2006-09-15 05:53:00 +00:00
Roger Dingledine
769f9201a6 Send out a burst of long-range drop cells after we've established that
we're reachable. Spread them over 4 circuits, so hopefully a few will
be fast. This exercises our bandwidth and bootstraps us quicker.


svn:r8399
2006-09-15 05:30:25 +00:00
Peter Palfrader
ba091ae5d7 r9770@danube: weasel | 2006-09-15 07:20:05 +0200
router_set_networkstatus() gets a list of status documents we asked for from
 connection_dir_client_reached_eof().  However, as a cache we (sometimes?) just
 ask for "all".  router_set_networkstatus() would freak out over that, meaning
 it would log a warning and drop the status document instead of caching it
 as it is supposed to.  Now we let router_set_networkstatus() know if the
 data comes from an all-request so it can do the right thing.


svn:r8398
2006-09-15 05:20:16 +00:00
Peter Palfrader
5beb114744 r9767@danube: weasel | 2006-09-15 06:27:48 +0200
Minor documentation fix


svn:r8397
2006-09-15 04:29:36 +00:00
Nick Mathewson
e58b9c1151 r8819@Kushana: nickm | 2006-09-15 00:27:45 -0400
Implement a smartlist_uniq() that will with luck not end the world.


svn:r8396
2006-09-15 04:27:58 +00:00
Nick Mathewson
ce83f43629 r8817@Kushana: nickm | 2006-09-14 18:31:29 -0400
Patch from steve hildrey: Generate network status correctly on non-versioning dirservers


svn:r8395
2006-09-14 22:34:57 +00:00
Peter Palfrader
2cf6cfe189 r9758@danube: weasel | 2006-09-14 07:10:12 +0200
Add a comment


svn:r8391
2006-09-14 05:17:02 +00:00
Peter Palfrader
7fcec09560 r9753@danube: weasel | 2006-09-14 07:07:02 +0200
Remove duplicates from MyFamily


svn:r8390
2006-09-14 05:07:34 +00:00
Peter Palfrader
9d9e31dcf4 r9752@danube: weasel | 2006-09-14 07:06:49 +0200
Fix some dead code that is on occasion useful


svn:r8389
2006-09-14 05:07:26 +00:00
Nick Mathewson
4f888c9dfc r8808@senior-two-eighty: nickm | 2006-09-14 00:59:54 -0400
House style for no-args functions is old-style C, not C++


svn:r8388
2006-09-14 05:00:02 +00:00
Peter Palfrader
984e8f6efb r9736@danube: weasel | 2006-09-14 05:53:06 +0200
Refactor dirserv_parse_fingerprint_file(fname) into dirserv_load_fingerprint_file():
 There is not need to put together the path to the approved-routers file in more than one place.


svn:r8386
2006-09-14 04:53:23 +00:00
Nick Mathewson
1852f503cf r8776@Kushana: nickm | 2006-09-11 22:49:53 -0400
Avoid crash when telling controller stream-status and a stream is detached.  Fixes bug 334. Backport candidate.


svn:r8370
2006-09-12 02:50:14 +00:00
Roger Dingledine
e56dbb810f start remembering X-Your-Address-Is hints even if you're
a client, so you can become a server more smoothly.


svn:r8359
2006-09-09 19:36:51 +00:00
Roger Dingledine
9af3175687 parameterize the loudness of get_interface_address()
svn:r8358
2006-09-09 19:20:27 +00:00
Roger Dingledine
5f6351ceb3 fix typo, add log message
svn:r8357
2006-09-09 19:16:07 +00:00
Roger Dingledine
0c3cc15898 fix encoding in "getinfo addr-mappings" response.
fix error code when "getinfo dir/status/" fails.


svn:r8355
2006-09-09 03:38:03 +00:00
Roger Dingledine
29b6d6560e add a "getinfo address" controller command.
svn:r8354
2006-09-09 03:18:39 +00:00
Roger Dingledine
25cb9453d7 possibly make tor build and run on cygwin again.
svn:r8353
2006-09-08 20:48:43 +00:00
Peter Palfrader
fdd56dee69 r9695@danube: weasel | 2006-09-08 18:11:53 +0200
Make tor build with -O0


svn:r8352
2006-09-08 16:12:15 +00:00
Mike Chiussi
f9f281251b another typo
svn:r8351
2006-09-08 09:05:07 +00:00
Mike Chiussi
1ee88bb01a fixed typo in eventdns.c
svn:r8350
2006-09-08 09:02:14 +00:00
Nick Mathewson
c063c7b8cb r8757@Kushana: nickm | 2006-09-07 13:07:46 -0400
Fix more compile warnings on Woody.


svn:r8349
2006-09-07 19:00:51 +00:00
Nick Mathewson
8a12d9ae2e r8755@Kushana: nickm | 2006-09-07 12:31:57 -0400
Tabify eventdns


svn:r8348
2006-09-07 16:32:06 +00:00
Nick Mathewson
4246490b81 r8753@Kushana: nickm | 2006-09-07 12:23:25 -0400
Make eventdns spacing consistant


svn:r8347
2006-09-07 16:24:19 +00:00
Mike Chiussi
5d773af545 undid whitespace changes to dns.c
svn:r8346
2006-09-07 06:36:22 +00:00
Mike Chiussi
b931994c6a fixed win32 eventdns snafu
svn:r8345
2006-09-07 06:34:20 +00:00
Mike Chiussi
c40acb86f4 - got rid of tabs
svn:r8344
2006-09-07 04:02:52 +00:00
Mike Chiussi
3c85780e69 - got rid of tabs (i think)
svn:r8343
2006-09-07 03:58:46 +00:00
Mike Chiussi
5af47d1641 - added some debugging lines to load_nameservers_from_registry()
svn:r8342
2006-09-07 03:53:14 +00:00
Roger Dingledine
ae67a044f0 clean up some comments
svn:r8338
2006-09-07 01:23:15 +00:00
Roger Dingledine
43edbf0461 prefer calling it a client rather than an OP
svn:r8334
2006-09-07 01:00:37 +00:00
Mike Chiussi
879fe91d88 rm'ed a tab (sorry)
svn:r8333
2006-09-07 00:54:28 +00:00
Mike Chiussi
91d7ad660f - fixed up typos in eventdns.c
- configure lets user build with eventdns on win32


svn:r8332
2006-09-07 00:51:20 +00:00
Roger Dingledine
5a8563baed new config option AvoidDiskWrites for people running tors on
usb keys and other media that degrades when you write.
not implemented yet, so just a reminder.


svn:r8331
2006-09-07 00:30:29 +00:00
Nick Mathewson
7ed528c5c5 r8733@Kushana: nickm | 2006-09-06 17:35:22 -0400
Add some missing defines to eventdns.c for windows.


svn:r8330
2006-09-06 21:35:30 +00:00
Nick Mathewson
1e26233957 r8731@Kushana: nickm | 2006-09-06 16:33:19 -0400
Try to fix eventdns.c build on windows.


svn:r8329
2006-09-06 20:33:28 +00:00
Nick Mathewson
e10e921386 r8729@Kushana: nickm | 2006-09-06 16:20:40 -0400
Fix dns_cancel_pending_resolve() to realize pending resolves have expiry times, and should not be freed except when they fall off the pqueue.


svn:r8328
2006-09-06 20:22:05 +00:00
Nick Mathewson
365ccf0742 r8725@Kushana: nickm | 2006-09-06 04:39:29 -0400
spawn_func fixes: have cpuworker_main and dnsworker_main confirm to the right interfaces [casting func to void* is icky].  Also, make pthread_create() build without warnings.


svn:r8327
2006-09-06 08:42:20 +00:00
Nick Mathewson
000b7b287c r8724@Kushana: nickm | 2006-09-06 04:32:28 -0400
Fix spaces; restore support for mapping files over 4GB on win32 (?)


svn:r8326
2006-09-06 08:42:16 +00:00
Mike Chiussi
6ec9c1092a - made configure check if we are building for win32
- made configure link to required system dll's if building for win32
- added diffs for libevent 1.1b
- forced user to turn off eventdns if win32 is set 
- cleaned up tor_mmap_file()_win32 (not sure if it's stable)
- cleaned up some warnings and typos




svn:r8322
2006-09-06 01:49:55 +00:00
Roger Dingledine
585ae26783 patch from tup
svn:r8321
2006-09-05 14:30:06 +00:00
Nick Mathewson
b40e639f15 r8708@Kushana: nickm | 2006-09-02 20:34:15 -0400
Fix warnings reported by weasel when compiling Tor on Debian woody.


svn:r8318
2006-09-03 02:13:52 +00:00
Nick Mathewson
21a7880358 r8695@Kushana: nickm | 2006-08-31 14:35:36 -0400
Fix two corner cases in router_dir_info_changed().  This should have no observable effect.


svn:r8311
2006-08-31 18:46:46 +00:00
Nick Mathewson
f170e5798f r8692@Kushana: nickm | 2006-08-31 13:38:07 -0400
Fix bug 327 (part 2): Cast char to unsigned char before passing to toupper/tolower.  (Follow the same idiom as with isupper and friends, in case we run into the same problem on SGI or whereever it was.)


svn:r8310
2006-08-31 17:39:51 +00:00
Nick Mathewson
921bfdb40a r8687@Kushana: nickm | 2006-08-30 19:33:28 -0400
Apply patch from Adam Langley: fix assert() in eventdns.c.  [Fuzzing, apparently, is cool.]


svn:r8308
2006-08-30 23:34:56 +00:00
Nick Mathewson
6c499804bb r8686@Kushana: nickm | 2006-08-30 18:01:35 -0400
Remove bogus whitespace


svn:r8307
2006-08-30 23:34:49 +00:00
Nick Mathewson
8138d1c0a4 r8654@Kushana: nickm | 2006-08-28 16:50:36 -0400
I bet real programmers even have programs that compile.


svn:r8278
2006-08-28 20:50:47 +00:00
Nick Mathewson
dc4951314f r8652@Kushana: nickm | 2006-08-28 16:41:44 -0400
Resolve bug 324: strdup the right variable.


svn:r8277
2006-08-28 20:42:14 +00:00
Roger Dingledine
2499d1db7c and make the comment better, while i'm at it
svn:r8273
2006-08-28 19:02:57 +00:00
Roger Dingledine
2a4d5782ef an even better check -- now servers hang up if they can't write
for a while, and clients hang up if they can't read for a while.


svn:r8272
2006-08-28 19:00:17 +00:00
Roger Dingledine
f75ef94f27 fix bug found by Adam J. Richter: directory clients shouldn't
hang up five minutes after they begin. but directory servers
should still hang up after 5 minutes of failing to deliver
any bytes.


svn:r8271
2006-08-28 18:51:36 +00:00
Roger Dingledine
a76e032b14 put some symbols on the eventdns logging. leave the haphazard
formatting alone.


svn:r8270
2006-08-28 08:24:36 +00:00
Nick Mathewson
dbe0c6f6ef r8609@Kushana: nickm | 2006-08-27 17:24:27 -0400
Add some doxygen, concentrated in dns.c


svn:r8256
2006-08-28 03:16:02 +00:00
Nick Mathewson
54ca0387a5 r8608@Kushana: nickm | 2006-08-27 16:57:47 -0400
Make it possible to change nameserver options while Tor is running.


svn:r8255
2006-08-28 03:15:55 +00:00
Nick Mathewson
be7054c626 r8607@Kushana: nickm | 2006-08-27 15:45:42 -0400
Change configuration strategy for eventdns. Instead of elaborate option set, just allow the user to specify another resolv.conf to use.


svn:r8254
2006-08-28 03:15:50 +00:00
Nick Mathewson
d62f9a03fb r8605@Kushana: nickm | 2006-08-27 14:01:11 -0400
divide eventdns log messages into warn and info messages.


svn:r8252
2006-08-28 03:15:38 +00:00
Roger Dingledine
e17276b2f1 comment out an unused variable; nick, feel free to excise it further.
svn:r8241
2006-08-27 06:58:30 +00:00
Roger Dingledine
94afe807ac stop a big memory leak: we were leaking the whole contents
of cached-routers.new every time we read it.


svn:r8236
2006-08-27 02:12:12 +00:00
Roger Dingledine
9f5856c03d stop three memory leaks. nick, fix these if i'm wrong.
svn:r8235
2006-08-27 02:07:54 +00:00
Roger Dingledine
24ad1e06cf i'm guessing nick meant to check the return value of dns_init.
and revise some log severities to match the convention.


svn:r8234
2006-08-27 01:41:08 +00:00
Roger Dingledine
8297608217 fix typo
svn:r8233
2006-08-27 01:33:35 +00:00
Roger Dingledine
c0cb1c7bd2 remove some more vestiges of cvs
svn:r8229
2006-08-26 06:51:02 +00:00
Roger Dingledine
171a00ec50 fix a log level -- err is for things that kill tor, warn is for
things that tor can recover from.

also, avoid situations where people who don't read their logs
accumulate ten thousand useless files in their datadir.


svn:r8227
2006-08-26 04:48:50 +00:00
Nick Mathewson
fd36eb0788 r8576@Kushana: nickm | 2006-08-25 17:16:01 -0400
Fix bug 314: Instead of checking address_in_virtualrange, check addressmap_have_mapping().  This should be more accurate.  [Rename to addressmap_have_mapping() from addressmap_already_mapped().]


svn:r8226
2006-08-25 21:16:22 +00:00
Nick Mathewson
7739c5c49a r8573@Kushana: nickm | 2006-08-25 16:55:19 -0400
Resolve bug 321 when using dnsworkers: append a period to every address we resolve at the exit node, so that we do not accidentally pick up local addresses, and so that failing searches are retried in the resolver search domains.  (This is already solved for eventdns.)


svn:r8225
2006-08-25 21:02:01 +00:00
Nick Mathewson
c82c4a9e8b r8572@Kushana: nickm | 2006-08-25 16:35:49 -0400
Fix for bug 308: When we have a state file we cannot parse, tell the user, and move it aside.


svn:r8224
2006-08-25 21:01:56 +00:00
Roger Dingledine
0649fa14c1 make our socks5 handling more robust to broken socks clients:
throw out everything waiting on the buffer in between socks
handshake phases, since they can't possibly (so the theory
goes) have predicted what we plan to respond to them.


svn:r8223
2006-08-24 04:51:55 +00:00
Roger Dingledine
9ebaf01096 clean up logging conventions in do_list_fingerprint()
svn:r8222
2006-08-24 00:54:18 +00:00
Roger Dingledine
41d8d77c8b tor --verify-config now exits with -1(255) or 0 depending on whether
the config options are bad or good.


svn:r8221
2006-08-23 23:45:03 +00:00
Nick Mathewson
0f5bfc1521 r7411@Kushana: nickm | 2006-08-17 19:00:25 -0400
patch suggested by Karsten Loesing: respond to SIGNAL command before we execute the signal, in case the signal shuts us down.


svn:r7072
2006-08-17 23:00:32 +00:00
Nick Mathewson
ae5ee4c924 r7405@Kushana: nickm | 2006-08-16 14:38:46 -0400
Implement reverse DNS lookup in eventdns: add new entry point; rename old entry point; revise TODO a little; add facility for parsing dns names.


svn:r7070
2006-08-16 18:47:24 +00:00
Roger Dingledine
6650470575 automatically avoid picking more than one node from the same
/16 network when constructing a circuit.


svn:r7068
2006-08-16 03:44:13 +00:00
Roger Dingledine
d8fc598a2a dns.c:173: warning: control reaches end of non-void function
svn:r7067
2006-08-16 02:18:55 +00:00
Nick Mathewson
163dd78282 r7398@Kushana: nickm | 2006-08-15 00:49:50 -0400
Add missing backslash


svn:r7065
2006-08-15 04:50:33 +00:00
Nick Mathewson
67b775bc6e r7397@Kushana: nickm | 2006-08-15 00:46:18 -0400
Fix eventdns version of dns.c. Man, we need to get rid of this eventdns/dnsworker split.


svn:r7064
2006-08-15 04:50:17 +00:00
Nick Mathewson
7bfb2cf4e8 r7393@Kushana: nickm | 2006-08-14 23:51:07 -0400
remove extraneous #endif


svn:r7063
2006-08-15 03:54:13 +00:00
Nick Mathewson
273ee3e814 r7392@Kushana: nickm | 2006-08-14 23:50:32 -0400
Only do the expensive version of router_have_minimum_dir_info() when the dir info has changed.  Backport candidate, since oprofile suggests that this function and ones it calls account for 25-35% of oprofile samples.


svn:r7062
2006-08-15 03:54:09 +00:00
Nick Mathewson
bc21df6a5c r7386@Kushana: nickm | 2006-08-14 17:43:44 -0400
Patch from Adam Langley.
 
  * I meant getaddrinfo_a, not getaddrinfo_r - fixed
  * Added more checks to the parsing code.
  * It seems you switched an alloca to a malloc, but didn't add any frees
 


svn:r7061
2006-08-14 21:44:45 +00:00
Nick Mathewson
200e24981a r7046@Kushana: nickm | 2006-08-05 13:57:04 -0400
Make it possible for dns_init() to fail; note failure of eventdns configuratoin.


svn:r7059
2006-08-14 21:44:34 +00:00
Nick Mathewson
a5c0aa43a0 r7383@Kushana: nickm | 2006-08-14 16:16:03 -0400
Stop walking entire dns cache for every request, now that we found our hash table bug.


svn:r7057
2006-08-14 20:16:21 +00:00
Roger Dingledine
5194b91053 avoid complaining about our SOCKS proxy proxy.
svn:r7053
2006-08-14 10:00:15 +00:00
Roger Dingledine
9b10f11d39 fix typos and stuff
svn:r7049
2006-08-14 08:55:41 +00:00
Roger Dingledine
bf10d8a06a simplify compare_cached_resolves_by_expiry() to make it match
the idioms of other compare functions. hopefully i didn't
break it?


svn:r7048
2006-08-14 07:08:29 +00:00
Nick Mathewson
6da96f0ed7 r7369@Kushana: nickm | 2006-08-14 02:03:10 -0400
Shortening fields is only one part of making structs shorter. You must also consider alignment padding. Whee.


svn:r7045
2006-08-14 06:03:26 +00:00
Roger Dingledine
2c27cfc38e save 3-7 bytes per edge connection
svn:r7044
2006-08-14 05:53:57 +00:00
Roger Dingledine
6fdc63aed2 simplify the connection_write_to_buf_zlib() wrapper.
svn:r7042
2006-08-13 23:38:30 +00:00
Roger Dingledine
f294575469 fix funny-looking assignment that crashes unit tests
svn:r7027
2006-08-11 07:41:21 +00:00
Roger Dingledine
5647e5c7e6 fix typo, add explanatory comment
svn:r7026
2006-08-11 07:31:16 +00:00
Nick Mathewson
9b5a643475 r7328@Kushana: nickm | 2006-08-11 00:04:26 -0700
remove an assert that can never be false (an array in a non-null struct cannot be null).


svn:r7024
2006-08-11 07:09:52 +00:00
Nick Mathewson
04bf4b0fc4 r7327@Kushana: nickm | 2006-08-11 00:00:36 -0700
Fix a pedantic warning


svn:r7023
2006-08-11 07:09:45 +00:00
Nick Mathewson
09a895e222 r7324@Kushana: nickm | 2006-08-10 23:23:15 -0700
Add more warnings to the list of those we tolerate. Start using GCC attributes more, for better error checking and better code generation.


svn:r7020
2006-08-11 07:09:17 +00:00
Nick Mathewson
02d42d9138 Fix crash in first-time option validation. Oops.
svn:r7018
2006-08-10 19:56:10 +00:00
Nick Mathewson
7ddd9e8cd9 r7304@Kushana: nickm | 2006-08-10 01:58:05 -0700
Fix verbose compilation errors; make sure transparent proxy fails when no method is configured.


svn:r7012
2006-08-10 09:02:26 +00:00
Nick Mathewson
3da737ac98 r7303@Kushana: nickm | 2006-08-10 01:52:19 -0700
whitespace fixes


svn:r7011
2006-08-10 09:02:12 +00:00
Nick Mathewson
74df271e00 r7302@Kushana: nickm | 2006-08-10 01:48:44 -0700
Warn about open TransListenAddress values.


svn:r7010
2006-08-10 09:02:02 +00:00
Nick Mathewson
cd560d8528 r7301@Kushana: nickm | 2006-08-10 01:41:27 -0700
Only open /dev/pf once.


svn:r7009
2006-08-10 09:01:54 +00:00
Nick Mathewson
d893d8c52e r7300@Kushana: nickm | 2006-08-10 01:36:40 -0700
Distinguish netfilter vs pf at configure time based on headers, not on OS.


svn:r7008
2006-08-10 09:01:46 +00:00
Nick Mathewson
5cff4164a0 r7299@Kushana: nickm | 2006-08-10 01:08:58 -0700
Patch from Tup to add support for transparent AP connections: this basically bundles the functionality of trans-proxy-tor into the tor mainline.  Now hosts with compliant pf/netfilter implementations can redirect TCP connections straight to Tor without diverting through SOCKS.


svn:r7007
2006-08-10 09:01:37 +00:00
Roger Dingledine
8075928b2a a way to make tor more stable in crummy situations
svn:r7005
2006-08-10 08:00:54 +00:00
Nick Mathewson
35f0881802 Experimentally re-enable kqueue on OSX when using libevent 1.1b or later. Log when we are doing this, so we can diagnose it when it fails.
svn:r7004
2006-08-10 08:00:13 +00:00
Nick Mathewson
f2a0df4d02 Recommend libevent 1.1b for kqueue and win32 methods; deprecate libevent 1.0b harder; make libevent recommendation system saner.
svn:r7003
2006-08-10 07:39:47 +00:00
Nick Mathewson
7c596c166b r7029@Kushana: nickm | 2006-08-04 14:08:41 -0700
Remove now-spurious size and data arguments from tor_mmap_file


svn:r6987
2006-08-05 17:53:21 +00:00
Nick Mathewson
714d1b66aa r7027@Kushana: nickm | 2006-08-04 13:06:48 -0700
Oops. Fix downcast macro.


svn:r6985
2006-08-05 17:52:51 +00:00
Roger Dingledine
bc2e040669 make svn trunk link again. nick can fix this if it's wrong.
svn:r6982
2006-08-04 20:30:45 +00:00
Nick Mathewson
bf72878cad r7012@Kushana: nickm | 2006-08-03 19:21:25 -0700
Add an "mmap handle" type to encapsulate bookkeeping elements of mmap issues; add prelim win32 impl


svn:r6980
2006-08-04 18:32:43 +00:00
Nick Mathewson
abe27b807e svn:r6979 2006-08-04 18:31:13 +00:00
Nick Mathewson
2c33f385f7 r7011@Kushana: nickm | 2006-08-03 13:26:34 -0700
eventdns: Document functions added to API; make suspended requests go to the front of the queue; check (or explicitly ignore) return values on libevent functions.


svn:r6978
2006-08-04 18:27:10 +00:00
Nick Mathewson
e8f28a71e8 r7010@Kushana: nickm | 2006-08-03 10:47:36 -0700
Enable log message format checking in eventdns.c when __GNUC__ is defined.


svn:r6977
2006-08-04 18:26:40 +00:00
Nick Mathewson
3fa1cdafce r7009@Kushana: nickm | 2006-08-03 10:44:58 -0700
Add functions to eventdns to allow detecting whether we have any nameservers configured, and to change the list of nameservers after initial configuration.


svn:r6976
2006-08-04 18:26:13 +00:00
Nick Mathewson
87939813c3 r7008@Kushana: nickm | 2006-08-03 10:03:39 -0700
Oops. We shouldnt initialize eventdns when we are not being a server and not resolving anything.


svn:r6975
2006-08-04 18:24:41 +00:00
Nick Mathewson
a122bfb439 r7007@Kushana: nickm | 2006-08-03 09:58:30 -0700
Export and use eventdns_config_windows_nameservers(); clean up some comments and log messages.


svn:r6974
2006-08-04 18:24:25 +00:00
Nick Mathewson
19cf66c0f1 Patch from Frediano Ziglio: Windows compilation fixes on eventdns.c.
svn:r6971
2006-08-03 07:46:25 +00:00
Roger Dingledine
3152d44c3a fix a seg fault on exit for clients; and fix a comment.
svn:r6969
2006-08-03 04:22:25 +00:00
Roger Dingledine
ed567c6feb more compile options mean more codepaths
svn:r6963
2006-07-31 20:25:57 +00:00
Nick Mathewson
b9082682fd r6982@Kushana: nickm | 2006-07-31 13:47:19 -0400
documentation and naming tweaks in dns.c


svn:r6961
2006-07-31 18:01:49 +00:00
Nick Mathewson
58c0ac77be r6981@Kushana: nickm | 2006-07-31 13:23:26 -0400
More asserts for cache correctness.


svn:r6960
2006-07-31 18:01:45 +00:00
Nick Mathewson
d934607069 r6979@Kushana: nickm | 2006-07-31 13:16:58 -0400
Add assert_ok functions for strmap and digestmap; use them in unit test code.


svn:r6958
2006-07-31 18:01:27 +00:00
Nick Mathewson
fd0bafb0de r6977@Kushana: nickm | 2006-07-31 13:01:28 -0400
Solve timing-out pending connections. Add pending resolves to expiry queue; when we find an answer, change the pending resolve to "done" and stick the actual answer in the expiry queue as a new entry.  This uses a little more memory, but makes the code simpler than other solutions.


svn:r6956
2006-07-31 18:01:18 +00:00
Nick Mathewson
ccf9c1345e svn:r6955 2006-07-31 18:00:47 +00:00
Nick Mathewson
46574319a2 r6959@Kushana: nickm | 2006-07-29 22:33:18 -0400
start restructuring dns to use priority queues for expiring entries.


svn:r6954
2006-07-31 18:00:18 +00:00
Nick Mathewson
2fe537c57a r6958@Kushana: nickm | 2006-07-29 18:54:15 -0400
Looks like we might need a priority queue.


svn:r6953
2006-07-31 17:59:37 +00:00
Nick Mathewson
8ba913c660 r6952@Kushana: nickm | 2006-07-28 11:09:37 -0400
Add completely untested find-my-nameservers code for win32.


svn:r6952
2006-07-31 17:59:11 +00:00
Roger Dingledine
798b580695 fix assert found by DreadWingKnight: now that rendezvous streams
are attached to p_streams, the p_streams list can consist of both AP
and EXIT conns.


svn:r6945
2006-07-30 04:54:13 +00:00
Roger Dingledine
2bcb081cb1 defense in depth
svn:r6939
2006-07-30 04:32:58 +00:00
Roger Dingledine
c3b79ebf13 a bit more debugging for phobos
svn:r6937
2006-07-30 03:34:44 +00:00
Nick Mathewson
84c2a6c16b r6950@Kushana: nickm | 2006-07-28 10:32:08 -0400
Document split fields better. Now, I think we can take a break from type splitting for a bit.


svn:r6935
2006-07-28 15:11:28 +00:00
Nick Mathewson
85f381153b r6949@Kushana: nickm | 2006-07-28 10:17:38 -0400
Shave another 8 bytes from connection_t: turn inbuf_reached_eof into a bit, and lower timestamp_lastempty to or_connection_t


svn:r6934
2006-07-28 15:11:20 +00:00
Nick Mathewson
6dc13cdbeb r6948@Kushana: nickm | 2006-07-28 10:10:35 -0400
Identify some likely target fields for lowering; lower global_identifier (since we only use it for AP streams and origin circs).


svn:r6933
2006-07-28 15:11:11 +00:00
Roger Dingledine
a5e5074807 resolve typo
svn:r6927
2006-07-27 19:35:11 +00:00
Nick Mathewson
c2f28615ed More asserts in dns.c
svn:r6926
2006-07-27 18:35:56 +00:00
Nick Mathewson
45c3a4365f Get better numbers out of HT_REP_OK
svn:r6924
2006-07-27 17:37:37 +00:00
Nick Mathewson
dc2b7e9af0 Add more asserts in dns_found_answer. This may confirm my theory that dns_purge_resolve is the culprit.
svn:r6922
2006-07-27 17:16:10 +00:00
Nick Mathewson
5227395aba r6922@Kushana: nickm | 2006-07-26 16:32:24 -0400
Rename some fields, compress a bitfield, and document some structs and fields


svn:r6919
2006-07-27 05:03:57 +00:00
Nick Mathewson
dd779d99ea Fix comments that implied that only dir connections had a purpose field, and the code that believed in those comments.
svn:r6918
2006-07-27 04:10:51 +00:00
Nick Mathewson
0bc741ba7f r6918@Kushana: nickm | 2006-07-26 15:22:28 -0400
Fix compilation for eventdns dns.c with split structs.


svn:r6908
2006-07-26 19:29:30 +00:00
Nick Mathewson
ec82db6995 r6909@Kushana: nickm | 2006-07-26 13:05:58 -0400
Clean up wide lines from last patch.


svn:r6907
2006-07-26 19:07:37 +00:00
Nick Mathewson
4ff4577beb r6908@Kushana: nickm | 2006-07-26 12:38:52 -0400
Refactor connection_t into edge, or, dir, control, and base subtypes.  This might save some RAM on busy exit servers, but really matters most in terms of correctness.


svn:r6906
2006-07-26 19:07:26 +00:00
Nick Mathewson
18771e851f r6907@Kushana: nickm | 2006-07-25 19:03:43 -0400
Realign circuit structs to avoid wasted space.


svn:r6905
2006-07-26 19:07:23 +00:00
Nick Mathewson
e61d28dfb8 r6903@Kushana: nickm | 2006-07-25 18:22:48 -0400
No circuit can be both an intro point and a rend point, so we can merge both the cookie and the pk digest into one "rend_token" field for or circuits. This saves another 20 bytes per or circuit.


svn:r6904
2006-07-26 19:05:41 +00:00
Nick Mathewson
a88ec48a39 r6902@Kushana: nickm | 2006-07-25 17:30:27 -0400
Move rend_query to origin_circuit_t where it belongs; save another 17 bytes per OR circuit.


svn:r6903
2006-07-26 19:05:34 +00:00
Nick Mathewson
96bcbb1e1c Remove code to special-case "-cvs" ending, since it has not actually mattered since 0.0.9. Perhaps we can special-case even more...
svn:r6898
2006-07-25 04:34:14 +00:00
Peter Palfrader
521c006fd5 Remove .cvsignore files from trunk
svn:r6891
2006-07-25 01:00:48 +00:00
Roger Dingledine
c9b8458f59 publish a new descriptor after we hup. this is important if our
config has changed such that we'll want to start advertising our
dirport now, etc.


svn:r6819
2006-07-23 11:50:03 +00:00
Nick Mathewson
d27cbf5d4b Fix another segfault in assert_circuit_ok.
svn:r6818
2006-07-23 08:13:45 +00:00
Nick Mathewson
7239262f71 Don't tell anybody, but we're going OO here. This patch splits
circuit_t into origin_circuit_t and or_circuit_t.  I fixed some
segaults; there may be more.  We still need to move more rendezvous
stuff into subtypes.

This is a trial run for splitting up connection_t; if the approach is
insane, please say so soon so we can do something smarter.

Also, this discards the old HALF_OPEN code, which nobody seems to
want.


svn:r6817
2006-07-23 07:37:35 +00:00
Roger Dingledine
40cc536307 rewrite conn->address for GET commands as well as POST commands.
svn:r6815
2006-07-23 06:41:02 +00:00
Roger Dingledine
0b5ad1bcfb use tor_mem_is_zero() in more places.
svn:r6814
2006-07-23 05:52:27 +00:00
Nick Mathewson
4280218a42 Delete trailing whitespace in eventdns.c
svn:r6813
2006-07-23 05:40:24 +00:00
Nick Mathewson
1c0f02f657 Add (void) lines for unused parameters in eventdns.c
svn:r6812
2006-07-23 05:39:37 +00:00
Nick Mathewson
f4e506f423 Remove STRUCT_OFFSET from config.c
svn:r6811
2006-07-23 05:33:10 +00:00
Roger Dingledine
ee789052b8 whitespace and docs
svn:r6808
2006-07-23 05:18:29 +00:00
Roger Dingledine
00aefaab6b think harder about my logic
svn:r6806
2006-07-22 07:19:11 +00:00
Roger Dingledine
2d6a4d283b i lied, that won't work at all. maybe this will.
svn:r6805
2006-07-22 07:15:34 +00:00
Roger Dingledine
444f096d2d more bulletproof reachability testing
svn:r6804
2006-07-22 05:29:31 +00:00
Nick Mathewson
64c14d8ce3 These asserts will either cause spurious crashes or help debug the pend->conn->s == -1 issue.
svn:r6803
2006-07-21 22:02:58 +00:00
Roger Dingledine
2249180b60 bugfix: if you find yourself reachable, then don't ever make any client
requests (so you stop predicting circuits), then hup, then later your
IP changes, you won't think circuits are working so you won't try to
test reachability, so you won't publish.


svn:r6800
2006-07-21 07:55:35 +00:00
Roger Dingledine
4d5fab4f9a tweak
svn:r6799
2006-07-21 07:53:21 +00:00
Roger Dingledine
9283ddb760 an entry guard that is "unlisted", as well as not known to be "down", is
not therefore "up".


svn:r6798
2006-07-21 07:06:18 +00:00
Roger Dingledine
237c7ecbfd tweak
svn:r6796
2006-07-20 23:45:26 +00:00
Roger Dingledine
97a14b2018 tweak
svn:r6795
2006-07-20 23:33:11 +00:00
Roger Dingledine
db657ea0af don't squeal if the first few retries fail.
svn:r6791
2006-07-18 04:48:59 +00:00
Roger Dingledine
892f671f59 Define a schedule for how long to wait between retrying
application connections. Rather than waiting a fixed amount of
time between each retry, we wait only 5 seconds for the first,
10 seconds for the second, and 15 seconds for each retry after
that. Hopefully this will improve the expected experience.

Addresses bug 297.


svn:r6790
2006-07-18 04:42:32 +00:00
Roger Dingledine
e1f30a5f21 when we find our dirport to be reachable, mark our descriptor
dirty so we'll tell the world. (fixes bug 306 reported by pnx)


svn:r6787
2006-07-18 03:06:55 +00:00
Roger Dingledine
ac258d2cc8 Start publishing one minute or so after we find our ORPort
to be reachable. This will help reduce the number of descriptors
we have for ourselves floating around, since it's quite likely
other things (e.g. DirPort) will change during that minute too.


svn:r6786
2006-07-18 03:06:12 +00:00
Nick Mathewson
7fcb267e24 Oh. And apparently, msvc6 doesnt think very much of doing u64-and-double arithmetic either.
svn:r6785
2006-07-18 02:24:01 +00:00
Roger Dingledine
388ac4126a If we are using an exit enclave and we can't connect, e.g. because
its webserver is misconfigured to not listen on localhost, then back
off and try connecting from somewhere else before we fail.


svn:r6783
2006-07-18 00:59:46 +00:00
Roger Dingledine
a8444c6f53 pick a log domain; resolve an xxxx
svn:r6782
2006-07-18 00:01:12 +00:00
Roger Dingledine
c85745cfe2 parameterize the loudness of log_addr_has_changed(), since it's the
only place where we inform the user of a new IP address, if we're
guessing it from external sources.


svn:r6780
2006-07-17 19:33:54 +00:00
Roger Dingledine
542adb88d7 Make a louder statement the first time we learn a guessed
IP address.


svn:r6779
2006-07-17 08:17:51 +00:00
Roger Dingledine
c055a34cdb huge bugfix: we weren't ever writing an http header when sending
out network statuses! so clients were downloading the whole thing,
and then discarding them because they're malformed.


svn:r6778
2006-07-17 08:11:27 +00:00
Roger Dingledine
a2a89da693 and don't try to build the descriptor every second, if it's dirty
but we don't have a known address.


svn:r6777
2006-07-17 06:59:56 +00:00
Roger Dingledine
42e2057d67 fix some more places where we shouldn't crash if we can't build
our own descriptor yet.


svn:r6775
2006-07-17 06:54:28 +00:00
Roger Dingledine
9db7b2c068 Allow servers with no hostname or IP address to learn their IP address
by asking the directory authorities. This code only kicks in when you
would normally have exited with a "no address" error.

This design is flawed, though, since the X-Your-Address-Is header is not
authenticated, and doing it this way introduces too many new attacks. The
right answer is to give IP address hints inside the HELLO cell; much of
this code can be reused when we switch.


svn:r6774
2006-07-17 06:35:06 +00:00
Nick Mathewson
e572d5990c MSVC6 is apparently terrified of unnatural cross-breeding between uint64_t and double, and needs more persuasion than usual to cast one to the other. Issue identified by Frediano Ziglio; patch revised for minimal impact on non-MSVC6 compilers.
svn:r6768
2006-07-17 00:39:05 +00:00
Roger Dingledine
886b10bbe2 whitespace/etc cleanups
svn:r6765
2006-07-16 05:57:11 +00:00
Roger Dingledine
ee5f512e13 parameterize the loudness of resolve_my_address(), and call things
IP addresses, not IPs.


svn:r6764
2006-07-15 20:26:05 +00:00
Roger Dingledine
3d79eb52ab stick to nick's nul/null convention
svn:r6763
2006-07-15 19:21:30 +00:00
Roger Dingledine
c4411841d2 Avoid an integer underflow when the dir authority decides whether a
router is stable: we might wrongly label it stable, and compute a slightly
wrong median stability, when a descriptor is published later than now.

Inspired by Matt's Vidalia checkin:
http://trac.vidalia-project.net/changeset/1074


svn:r6758
2006-07-14 03:14:02 +00:00
Nick Mathewson
a0cf95e1c9 Add some debugging asserts to dns.c; these are too expensive to leave in permanently.
svn:r6756
2006-07-11 20:51:58 +00:00
Nick Mathewson
c32e19b4ed OR_CONN_EVENT_NEW: we should probably handle that , should we not? Especially since 23:26 < phobos> nickm: grep -c "Unrecognized status code 4" tor.log
svn:r6752
2006-07-11 03:33:16 +00:00
Nick Mathewson
39344fc301 Add a const; fix a (probably harmless) bug when storing a resolve we forgot we asked for.
svn:r6751
2006-07-10 18:38:57 +00:00
Nick Mathewson
a7a1d4e3d3 First part of making mmap-based stuff work on win32: save descriptors as "binary" (no LF->CRLF tanslation) so that we can mmap them properly later. Patch from Frediano Ziglio.
svn:r6748
2006-07-09 22:28:12 +00:00
Roger Dingledine
51454157a0 Fix a crash if you enable FascistFirewall but not FirewallPorts.
Reported by Frediano Ziglio.


svn:r6746
2006-07-08 17:38:46 +00:00
Nick Mathewson
0bbc4aca9b Spellcheck and remove spurious include in eventdns.c
svn:r6745
2006-07-07 19:08:44 +00:00
Nick Mathewson
a40ad152b1 When using eventdns: suppress logging of addresses when SafeLogging is active, and make set of nameservers configurable from torrc.
svn:r6744
2006-07-07 17:33:30 +00:00
Nick Mathewson
f33c4f9781 eventdns: check for malloc() failures.
svn:r6743
2006-07-07 17:31:56 +00:00
Roger Dingledine
85fd582192 rename X-You-Are to something slightly better.
svn:r6735
2006-07-06 03:05:01 +00:00
Roger Dingledine
7f01dc9c1c whitespace/tab fixes
svn:r6734
2006-07-06 02:45:46 +00:00
Roger Dingledine
fad85f173a when an exit node gets a malformed begin cell, don't complain to
the node operator, since he can't do anything about it.


svn:r6733
2006-07-06 02:44:07 +00:00
Nick Mathewson
3c4205c872 Clean up eventdns messages.
svn:r6730
2006-07-05 21:42:18 +00:00
Nick Mathewson
54779025e2 Spelling fix.
svn:r6729
2006-07-05 21:33:46 +00:00
Nick Mathewson
42ef3bd90c Add plausile logging support to eventdns; stop putting stuff onto stdout.
svn:r6728
2006-07-05 21:28:37 +00:00
Roger Dingledine
0ec293b189 actually, that excludenodes fix was redundant. take it out.
svn:r6727
2006-07-05 18:19:42 +00:00
Roger Dingledine
98c6bf6192 oops, we were ignoring options->ExcludeNodes when picking entry guards.
it is still the case that we ignore it with respect to entry guards
that we've already picked.


svn:r6726
2006-07-04 20:25:17 +00:00
Roger Dingledine
4fc7426b93 Make the X-You-Are header more accurate when there's a proxy in the middle.
svn:r6722
2006-07-04 18:18:08 +00:00
Roger Dingledine
05d0b70573 Get rid of the router_retry_connections notion. Now routers no longer
try to rebuild long-term connections to directory authorities, and
directory authorities no longer try to rebuild long-term connections to
all servers.

We still don't hang up connections in these two cases though -- we need
to look at it more carefully to avoid flapping, and we likely need to
wait til 0.1.1.x is obsolete.


svn:r6712
2006-07-04 03:31:27 +00:00
Roger Dingledine
ff1b4764e9 No longer permit create cells to have the wrong circ_id_type. No
running Tors should still have this bug.


svn:r6711
2006-07-04 03:27:09 +00:00
Roger Dingledine
dc79dd6a46 minor fixes
svn:r6709
2006-07-04 03:19:59 +00:00
Nick Mathewson
9fce316d1c Oops. Headers work better when named right.
svn:r6707
2006-07-01 21:51:21 +00:00
Nick Mathewson
60de51993a Unify HTTP response code into one place so it is easier to add headers. Add an X-You-Are header, which we should probably rename. NOTE that we should not use this field for things where it matters if dirs lie.
svn:r6705
2006-06-30 10:50:43 +00:00
Roger Dingledine
d45757ebcb also remove word 'middleman' from a log notice
svn:r6704
2006-06-29 13:11:23 +00:00
Nick Mathewson
475eb5d6fe Apparent 311 fix: apparently passing Z_FINISH an empty string is problematic.
svn:r6702
2006-06-29 11:19:52 +00:00
Nick Mathewson
4b49d298eb complete_only == !allow_partial. This enables useful use of partial desc downloads. Backport candidate
svn:r6700
2006-06-29 11:04:42 +00:00
Roger Dingledine
c22c7b96f5 tab-man strikes again
svn:r6699
2006-06-28 15:39:02 +00:00
Nick Mathewson
8b08ab52fd Fix another idiot bug causing symptom 309. Why cant I program?
svn:r6698
2006-06-28 15:36:28 +00:00
Nick Mathewson
96bfefeeb6 Add a check to try to make cache rebuild fail fast if it is going to fail
svn:r6697
2006-06-28 11:03:34 +00:00
Nick Mathewson
4dac383f5a Aaand re-disable the bogus test in get_body()
svn:r6696
2006-06-28 08:57:41 +00:00
Nick Mathewson
d547ecc916 Make sure that our calculated offsets for routers is correct; again. This time bug 309 may be gone gone gone.
svn:r6695
2006-06-28 08:55:53 +00:00
Nick Mathewson
d3784ff1df Likely fix for bug 309: when we calculate offsets after rebuilding the descriptor cache, do not reset the offset pointer half-way through.
svn:r6693
2006-06-27 15:52:51 +00:00
Roger Dingledine
f88d555ce0 refuse to write an iso_time which we can't parse, when dumping
bandwidth state. this fixes the particular incident in bug 308,
but the general issue remains.


svn:r6684
2006-06-24 04:57:59 +00:00
Nick Mathewson
b4b8da5d23 Turn a while into a do/while; save a redundant test
svn:r6683
2006-06-24 02:10:21 +00:00
Nick Mathewson
b82dfdd4a3 Make some more verbose gcc warnings go away.
svn:r6680
2006-06-22 07:34:04 +00:00
Nick Mathewson
52b8dfa95a Fix a bunch of spaces.
svn:r6678
2006-06-22 07:25:15 +00:00
Nick Mathewson
89a1453776 Set offset properly when parsing cache.
svn:r6677
2006-06-22 07:19:28 +00:00
Nick Mathewson
58b05fc84d #if out test that was failing because of an extra newline.
svn:r6676
2006-06-22 07:10:37 +00:00
Nick Mathewson
b7910202a3 Next batch of memory miserdom: mmap cached-routers file. This is sure to break somewhere.
svn:r6675
2006-06-22 07:01:54 +00:00
Nick Mathewson
e2697a62ac When requesting or serving resources via fingerprint/digest, request and respond in-order, removing duplicates.
svn:r6673
2006-06-21 04:57:12 +00:00
Peter Palfrader
7b6c435066 <nickm> ooh, that log shouldn't be there. can you take it out?
svn:r6671
2006-06-20 23:11:15 +00:00
Nick Mathewson
0799154ae1 Fix bug in networkstatus spooling: spool more than the first networkstatus.
svn:r6670
2006-06-20 23:06:52 +00:00
Nick Mathewson
0e09b26112 Fishy, but harmless.
svn:r6669
2006-06-20 16:48:32 +00:00
Roger Dingledine
ef78e4245f add a note for nick to fix
svn:r6668
2006-06-20 13:14:07 +00:00
Nick Mathewson
a9e1a4c33c Ah. We need a new zlib_state for each networkstatus we spool out.
svn:r6667
2006-06-20 06:27:13 +00:00
Nick Mathewson
4283b81a48 Start spooling v2 networkstatus docs as well.
svn:r6664
2006-06-20 00:48:23 +00:00
Nick Mathewson
3f7f069a05 Fix a tricky crash: making the_directory heap-allocated (so we could refcount it and have multiple instances as neeeded) means that calls to dirserv_regenerate_directory could invalidate the auth_dir value passed to dirserv_pick_cached_dir_obj. Big fun.
svn:r6663
2006-06-18 21:30:03 +00:00
Nick Mathewson
2552d5e60f Fix an assert that still isnt the assert we are hunting.
svn:r6662
2006-06-18 21:15:01 +00:00
Roger Dingledine
37c441d96f correct a function comment in compute_preferred_testing_list()
svn:r6660
2006-06-18 21:07:45 +00:00
Nick Mathewson
f1993b8b30 Become capable of noticing that we are done sending a directory.
svn:r6659
2006-06-18 20:58:27 +00:00
Nick Mathewson
5c0d7fb016 Resolve control flow warning.
svn:r6658
2006-06-18 20:39:46 +00:00
Nick Mathewson
0932f463ff Ah. That seems to work.
svn:r6657
2006-06-18 16:39:26 +00:00
Nick Mathewson
5ba72d0ae5 another write_to_buf_zlib fix.
svn:r6656
2006-06-18 16:20:38 +00:00
Nick Mathewson
b5c599412f Backport candidate: implement the "is this uptime change cosmetic" test properly.
svn:r6654
2006-06-18 16:05:54 +00:00
Nick Mathewson
a9cffd2ff0 Re-enable buffer RAM guard values.
svn:r6653
2006-06-18 15:53:54 +00:00
Nick Mathewson
11c2e97d51 Another _zlib fix.
svn:r6652
2006-06-18 09:03:48 +00:00
Nick Mathewson
337ad6420b Make connection_write_to_buf_zlib set outbuf_flushlen right.
svn:r6651
2006-06-18 08:53:09 +00:00
Nick Mathewson
537104c908 write_to_buf != connection_write_to_buf. Also, add a connection_write_to_buf_zlib wrapper that sucks.
svn:r6650
2006-06-18 08:46:55 +00:00
Nick Mathewson
10b7b57616 Temporarily disable sentinels on buffers
svn:r6649
2006-06-18 08:44:34 +00:00
Nick Mathewson
9376d901ed make zlib buffer function set buf_highwater properly
svn:r6648
2006-06-18 08:21:27 +00:00
Nick Mathewson
4d02ccfed8 Stop trying to refresh when we are out of data.
svn:r6647
2006-06-18 08:19:35 +00:00
Nick Mathewson
b9013cbe98 And actually check the url when it exists. that might work better.
svn:r6646
2006-06-18 08:16:05 +00:00
Nick Mathewson
c374340c70 That dir_refresh_src fix will only work if I enable it.
svn:r6645
2006-06-18 08:13:45 +00:00
Nick Mathewson
347bcec84a Fix a couple of bugs in last patch.
svn:r6644
2006-06-18 08:07:16 +00:00
Nick Mathewson
c58cc8c16c add coverage for a default case
svn:r6643
2006-06-18 07:57:47 +00:00
Nick Mathewson
b1a8b7869a Oops. conn->requested_resource is client only.
svn:r6642
2006-06-18 07:55:04 +00:00
Nick Mathewson
1d9923da7c Instead of adding servers and v1 directories to buffers en masse, directory servers add them on the fly as their outbufs are depleted. This will save ram on busy dirservers.
svn:r6641
2006-06-18 07:38:55 +00:00
Nick Mathewson
8fa8616ec7 Add tests for several of the more recently committed functions.
svn:r6639
2006-06-18 07:35:10 +00:00
Nick Mathewson
cd38511a1e Part of incremental encryption logic for buffers: there is a subtle yucky point documented in a comment.
svn:r6637
2006-06-18 07:27:47 +00:00
Peter Palfrader
2ff24dbc26 And a minor bugfix to the weaselhack
svn:r6629
2006-06-15 23:14:01 +00:00
Roger Dingledine
af0e47c921 fix spacing
svn:r6628
2006-06-15 22:59:07 +00:00
Peter Palfrader
bc64becd12 Add a /tor/dir-all-weaselhack directory resource so I do not have to update my scripts
svn:r6627
2006-06-15 22:52:56 +00:00
Roger Dingledine
4e4cc9aa27 lower the number of seconds before we yell about clock jump.
and make the yelling only happen if you're a server.


svn:r6625
2006-06-15 09:03:15 +00:00
Roger Dingledine
de7a9c83d8 upgrade the severity of the 'clock jump' warn, and ask people
to report if it occurs.


svn:r6623
2006-06-14 22:28:16 +00:00
Roger Dingledine
09dfe1b265 bugfix: discourage picking directory authorities as our TestVia
hops, even if they're running the right versions, since we probably
already have a connection established to them.


svn:r6622
2006-06-14 11:06:43 +00:00
Nick Mathewson
66db3afb74 eventdns: Apply a couple of patches from AGL; start working on windows compat; note some TODOs.
svn:r6621
2006-06-13 21:49:56 +00:00
Roger Dingledine
977574e48d back off and add the $ at the beginning of the preferrednodes list
we generate.


svn:r6620
2006-06-13 12:57:19 +00:00
Roger Dingledine
2cd349903c be more lax about recognizing valid hexdigests.
svn:r6619
2006-06-13 12:05:59 +00:00
Roger Dingledine
b4e415ba3c now we can tell dirserv_dump_directory_to_string() whether we want
it to include down/invalid descriptors or not.


svn:r6618
2006-06-13 11:11:19 +00:00
Roger Dingledine
88dadc917c bugfix in exit_policy_is_general_exit() that weasel found.
this time for sure!


svn:r6617
2006-06-13 10:48:26 +00:00
Roger Dingledine
23e2c6a7dd first cut at a workaround for the reachability bug: explicitly find a
server running the right version, if we can, and ask for that one.


svn:r6616
2006-06-13 10:25:22 +00:00
Roger Dingledine
31b51849b5 export the default exit policy via the control port, so controllers
don't need to guess what it is / will be later.


svn:r6615
2006-06-13 09:16:09 +00:00
Roger Dingledine
279e86f3c8 Defense in depth: fix the reachability bug a second way too.
Now if we establish a connection with the right digest, regardless
of what the addr/port is, and we have pending create cells, use it.


svn:r6614
2006-06-13 05:51:28 +00:00
Roger Dingledine
a20a384b09 harmless typo
svn:r6613
2006-06-13 05:50:24 +00:00
Roger Dingledine
ab61c40661 Fix the bug that was causing servers to not find themselves
reachable if they changed IP addresses. This happened because
middle servers knew the old descriptor, and kept swapping the
addr/port we asked for with the one they thought was right.

So the create cell never got sent, because it was asking for a
different addr/port than we believed we had connected to.


svn:r6610
2006-06-13 05:36:35 +00:00
Roger Dingledine
19408cf8d7 reintroduce the logic to exit_policy_is_general_exit() to count
how many ports are allowd. require two ports open, not just one.


svn:r6609
2006-06-13 02:48:06 +00:00
Peter Palfrader
cce8ae1190 Make the Exit tag in status documents actually work in head too
svn:r6608
2006-06-12 22:03:25 +00:00
Roger Dingledine
87e3800dfc Finally solve the "closing wedged cpuworkers" bug. Woo.
This happened when we got two create cells in a row from the same TLS
connection. It would hand one to the cpuworker, and then immediately
handle the second one -- after it had registered that the first one was
busy, but before it had updated the timestamp that we use to decide how
*long* it's been busy.


svn:r6606
2006-06-12 11:59:19 +00:00
Roger Dingledine
cbc4cd93ac allow people to start their tor with runasdaemon set but
with no logs set at all.


svn:r6604
2006-06-12 06:03:15 +00:00
Roger Dingledine
14687fc443 take out the reachability bandaid in 0.1.2.x as well.
maybe we will actually be able to fix it, instead.


svn:r6585
2006-06-10 00:57:12 +00:00
Roger Dingledine
889b8d5bac Add a new config option TestVia, that lets you specify preferred middle
hops to use for testing circuits. Perhaps this will let me debug the
reachability problem better.


svn:r6581
2006-06-10 00:26:39 +00:00
Roger Dingledine
6531a31aad actually, don't fix it that far. we should still do some
error checking.


svn:r6576
2006-06-09 09:07:59 +00:00
Roger Dingledine
0071d67efd when only one router is labelled as a guard, and we've
already picked him, we would cycle endlessly picking him
again, being unhappy about it, and so forth.

now we specifically exclude guards when picking a new guard.


svn:r6575
2006-06-09 09:02:32 +00:00
Roger Dingledine
30f6c57fd7 and forward-port too.
svn:r6573
2006-06-09 06:52:49 +00:00
Roger Dingledine
a91be49402 fix a bootstrapping check we ignored that prevents us from running
with only one dir authority.


svn:r6570
2006-06-09 02:45:39 +00:00
Roger Dingledine
11dcb7f4ae try a better string at the top of torrc's autogenerated torrc.
svn:r6569
2006-06-09 02:20:42 +00:00
Roger Dingledine
bb18168fae ok, ok, maybe *this* time my rep_hist_circbuilding_dormant() will work.
svn:r6568
2006-06-08 22:36:13 +00:00
Roger Dingledine
18eb8192db remove a bit more obsolete code
svn:r6566
2006-06-08 09:35:20 +00:00
Roger Dingledine
a18766e50c ah, that explains why we weren't going dormant with
respect to descriptor fetches. maybe now it will work.


svn:r6565
2006-06-08 09:20:58 +00:00
Roger Dingledine
91bd12c20d re-enable per-connection rate limiting. get rid of the "OP bandwidth"
concept. lay groundwork for "bandwidth classes" -- separate global
buckets that apply depending on what sort of conn it is.


svn:r6563
2006-06-07 09:18:53 +00:00
Roger Dingledine
741b11df45 put a bandaid in place so servers will have an easier time
believing that they're reachable. this may help resolve the
servers-on-dynamic-ip-addresses problem.


svn:r6561
2006-06-07 08:42:24 +00:00
Roger Dingledine
1e9b35aee3 make connection_or_nonopen_was_started_here() based on something less
voodooey. it turns out we already do keep a flag like that around.


svn:r6560
2006-06-07 07:11:42 +00:00
Roger Dingledine
8cf45df230 and now the exciting part: there is now no such thing as doing
a client-only tls, that is, one with no certs.


svn:r6558
2006-06-07 06:21:11 +00:00
Roger Dingledine
0bfef523df simplify the tortls api: we only support being a "server", that
is, even tor clients do the same sort of handshake.

this has been true for years, so it's best to get rid of the
stale code.


svn:r6557
2006-06-07 06:10:54 +00:00
Roger Dingledine
96914760bc fix the bug where we sometimes would fail to send some create cells
once we'd connected to a(nother) tor server.


svn:r6552
2006-06-06 03:33:24 +00:00
Nick Mathewson
5e4b4451ec Also, add a temporary hack to make sure eventdns.c is distributd.
svn:r6551
2006-06-06 00:12:22 +00:00
Roger Dingledine
5c57348acd We got an obscure report of an assert error on a windows Tor server with
connection_add being called with socket = -1. The only places I can see
where that happen would be if our tor_socketpair succeeds but it hands
back negative values for some of its file descriptors. Perhaps this will
produce more useful assert errors next time.


svn:r6550
2006-06-06 00:06:52 +00:00
Roger Dingledine
411f37d534 fix typo
svn:r6549
2006-06-06 00:05:39 +00:00
Roger Dingledine
07c35b4f52 ship the event*.h files too. perhaps this will make my 'make dist'
produce a tarball that i can build.


svn:r6548
2006-06-06 00:04:52 +00:00
Nick Mathewson
2bd7c19b73 Try to log useful messages at info and debug about what we are resolving and what answers we are getting wrt eventdns.
svn:r6547
2006-06-05 23:01:22 +00:00
Roger Dingledine
542b8af592 don't tell people that the testing circuit failed if we already
consider ourselves reachable. this just confuses them.


svn:r6546
2006-06-05 10:01:52 +00:00
Roger Dingledine
a2fec314b6 scream louder if you've got a pending circuit for a given
addr/port but the intended n_conn digest is wrong.


svn:r6544
2006-06-05 09:47:19 +00:00
Roger Dingledine
45065f1466 simplify code now that libevent considers all sockets pollable.
what we really mean now is ">= 0", which is clearer to test for.


svn:r6543
2006-06-05 09:08:10 +00:00
Roger Dingledine
4e773352c2 bugfix: if we are making our first ever connection to any entry
guard, then don't mark it down at first. we had this implemented
but it was disabled due to a bug.


svn:r6541
2006-06-05 08:58:18 +00:00
Roger Dingledine
8f3bb66ebc simplify some code, since circuit_build_failed() is only called
on non-open circuits.


svn:r6540
2006-06-05 08:25:02 +00:00
Roger Dingledine
152d6d13b4 remove some unused code (i think)
svn:r6539
2006-06-05 08:02:04 +00:00
Roger Dingledine
bf09898f79 Note a bug that causes servers to sometimes never send the pending
create cell. Nick, is this a bug? If so, is my fix right?


svn:r6538
2006-06-05 07:27:48 +00:00
Nick Mathewson
b7ca697faf More eventdns.c patches: use HAVE_ALLOCA_H; print IP addrs as dotted quads.
svn:r6535
2006-06-05 01:59:12 +00:00
Nick Mathewson
3db785ef73 Hm. Where did we put that ntohl the last time we were juggling it? (hoop-lah).
svn:r6534
2006-06-05 00:32:31 +00:00
Nick Mathewson
008a0c7c46 Some eventdns.c fixes for windows correctness. More will doubtless be needed, especially around the #includes.
svn:r6533
2006-06-04 23:23:53 +00:00
Nick Mathewson
853e2d99b6 Add a new warning to our "warn a lot" list: unused parameters. This means we have to explicitly "use" unuseds, but it can catch bugs. (It caught two coding mistakes so far.)
svn:r6532
2006-06-04 22:42:13 +00:00
Roger Dingledine
c4647545a0 if we insist on printing pointer values, at least make it stop
complaining on (my particular) 64 bit platform.


svn:r6530
2006-06-04 06:17:32 +00:00
Roger Dingledine
603b09b59b punctuation and spelling
svn:r6529
2006-06-04 06:16:20 +00:00
Nick Mathewson
c18fab5366 Make eventdns.[ch] into good C90; remove signed/unsigned comparisons.
svn:r6528
2006-06-03 22:05:23 +00:00
Nick Mathewson
2700e5a1ab Oops. When we dont get a TTL, we should default to the default, not to the minimum.
svn:r6527
2006-06-03 21:47:26 +00:00
Nick Mathewson
c660a0f6a2 More DNS fixes. Send meaningful TTLs back to the client when
possible.  Cache at the server side independently from the TTL, to
prevent attackers from probing the server to see who has been asking
for what hostnames.  (Hi, Dan Kaminski!)

Also, clean some whitespace.


svn:r6526
2006-06-03 21:41:14 +00:00
Nick Mathewson
85a25c8a29 Make dns.c use eventdns.c -- but only when you pass the --enable-eventdns argument to configure.in. This will *so* not work on Windows yet.
svn:r6525
2006-06-03 20:52:24 +00:00
Nick Mathewson
7cb3232ade Add async dns code from Adam Langley, tweaked to build on OSX. Long-term, we may want to switch to libevnet/c-ares, if they ever handle 10k fd situations properly. This one still needs work too, but at least it is small. This code is disabled by default, and not integrated with dns.c.
svn:r6524
2006-06-03 19:49:42 +00:00
Roger Dingledine
8f902e4b58 don't stop fetching server descriptors if we're a server and
haven't found ourselves reachable yet.


svn:r6522
2006-06-03 02:56:44 +00:00
Roger Dingledine
1bf0f99b66 connection_t kept the identity_pkey but all it did was store it and
free it. perhaps we don't need it after all?


svn:r6518
2006-05-30 06:23:44 +00:00
Roger Dingledine
9000a5aff1 and get grammar right
svn:r6517
2006-05-30 06:19:48 +00:00
Roger Dingledine
ae2648fb1c stop fetching descriptors if we're not a dir mirror and we
haven't tried to establish any circuits lately.


svn:r6516
2006-05-30 06:19:06 +00:00
Roger Dingledine
1f0e20806b END_CIRC_REASON_OR_IDENTITY apparently means that we were told to
connect to a different OR than lives on the addr:port we connected
to. we don't actually remember whether that was the case, currently.
so call it END_CIRC_REASON_OR_CONN_CLOSED as a compromise.


svn:r6515
2006-05-30 06:17:28 +00:00
Roger Dingledine
60abe23158 tentative change: if you have your dirport set, you are a directory
mirror, whether or not your orport is set.


svn:r6513
2006-05-30 06:11:36 +00:00
Roger Dingledine
1e4923652b simplify a log message
svn:r6512
2006-05-30 05:29:03 +00:00
Roger Dingledine
f6ff3e6f0e directory authorities should be more tolerant of failed reachability
tests before crying foul to the server operator.


svn:r6509
2006-05-28 16:14:26 +00:00
Roger Dingledine
48be472e4f clean up a comment
svn:r6508
2006-05-28 16:07:44 +00:00
Roger Dingledine
7f611f4732 if we're a server and some peer has a broken tls certificate, don't
shout about it unless we want to hear about protocol violations.


svn:r6507
2006-05-26 16:32:16 +00:00
Roger Dingledine
82ae38f649 be more verbose about testing reachability of our ORPort.
svn:r6506
2006-05-26 16:29:33 +00:00
Roger Dingledine
f579478687 correct a false log message, since we actually reset all our
downloading stats every hour, and sometimes more often.


svn:r6505
2006-05-26 16:29:20 +00:00
Roger Dingledine
3cd01ca9a1 make cookie authentication for the controller work again, maybe.
it sure doesn't now.


svn:r6494
2006-05-24 23:03:28 +00:00
Roger Dingledine
6066d68ac3 make options->RedirectExit work again; resolve bug 293.
svn:r6492
2006-05-24 11:13:03 +00:00
Roger Dingledine
13c4590dd1 ignore RunAsDaemon more thoroughly when we're running on windows.
svn:r6471
2006-05-23 07:04:55 +00:00
Roger Dingledine
6b058bd563 add a few more debugging lines to help mikec track down his
11 minute jump into the future.


svn:r6465
2006-05-23 03:08:30 +00:00
Nick Mathewson
55c38f88b9 Remove string size limit on NEWDESC messages; solve bug 291.
svn:r6463
2006-05-22 23:24:06 +00:00
Roger Dingledine
295ad74fda Tor servers are also giving spurious "you're invalid" warnings.
This is because we get a lot of network statuses that don't list
us at all, and we conclude that they all think we're invalid.
The long-term fix is to get better logic, and the short-term fix
is to downgrade the log severity.


svn:r6448
2006-05-09 09:47:47 +00:00
Roger Dingledine
27624a3024 stop telling people that "tor -h" will help them in any way.
svn:r6447
2006-05-08 04:28:49 +00:00
Roger Dingledine
e24e5475fb forward-port the ORPort==0 patch
svn:r6430
2006-05-03 18:29:44 +00:00
Nick Mathewson
2b720b5746 Start remembering *where* we are storing routerdescs. This will make us easier to move from a RAM-mirrors-disk model to a RAM-caches-disk model, and save maybe around 10MB on a directory server.
svn:r6427
2006-04-29 18:42:26 +00:00