Commit Graph

597 Commits

Author SHA1 Message Date
Roger Dingledine
6f08d121d9 Refactor and consolidate addr/exit policies into a new policies.c.
Fix some minor bugs and memory leaks along the way.


svn:r6246
2006-03-27 02:25:34 +00:00
Roger Dingledine
e1c8e3ca6e also send syntax and parse errors back to the controller.
svn:r6242
2006-03-26 08:09:19 +00:00
Roger Dingledine
b899b9592a When the controller's *setconf commands fail, collect an error message
in a string and hand it back. This starts to resolve bug 275.


svn:r6241
2006-03-26 06:51:26 +00:00
Peter Palfrader
e90bebf27b Say private address instead of internal address.
Both are wrong or at least not entirely correct but nobody would
understand "special-use address as listed in RFC3330" I guess.


svn:r6236
2006-03-25 21:24:28 +00:00
Roger Dingledine
216e349cb2 parameterize two more timeout constants in circuit-land.
svn:r6220
2006-03-22 00:52:37 +00:00
Roger Dingledine
ad236d4b8b freeing is not the same as setting to null
svn:r6219
2006-03-22 00:03:51 +00:00
Roger Dingledine
28fafb9022 new config option SocksTimeout: How long do we let a socks connection
wait unattached before we fail it?

Use this value for controller socks timeout, for normal socks
timeout, and for hidden-service socks timeout.


svn:r6217
2006-03-21 23:27:43 +00:00
Roger Dingledine
f11509e494 when upgrading to newer versions, throw away entry guards
picked by the old wrong algorithms.


svn:r6215
2006-03-21 23:06:47 +00:00
Roger Dingledine
0e68ec0846 put lefkada on port 80, officially.
svn:r6209
2006-03-21 16:57:03 +00:00
Roger Dingledine
415c9e878a add lefkada as a fourth auth dir server.
svn:r6205
2006-03-21 04:41:20 +00:00
Roger Dingledine
d8195e4128 Implement Jason Holt's SafeSocks config option.
Also put a URL in the warning message for unsafe socks4 use --
previously we'd only had the URL for unsafe socks5 use. Oops.


svn:r6190
2006-03-19 01:44:53 +00:00
Roger Dingledine
c06e6ddadd Finish the transition from the word 'verified' to the words
'named' and 'valid'.


svn:r6188
2006-03-19 01:21:59 +00:00
Roger Dingledine
868d456c3b make it so there is one place to edit for new dirservers, not two.
svn:r6186
2006-03-18 22:37:27 +00:00
Roger Dingledine
4f14826cb3 Actually, only v1 auth dir servers need to define recommendedversions.
But versioning dirservers do need to cause recommendclientversions
and recommendedserverversions to somehow be non-empty.


svn:r6181
2006-03-17 23:25:40 +00:00
Roger Dingledine
c7839a17f5 when we're an auth dir server but don't claim to be a versioning
auth dir server, don't demand that we define RecommendedVersions.


svn:r6180
2006-03-17 23:21:42 +00:00
Roger Dingledine
51fc6799ad right now we don't support entryguards on auth dirservers,
but that doesn't mean we need to remind them every time
they start up.


svn:r6179
2006-03-17 23:19:51 +00:00
Nick Mathewson
053411e827 Comments: cleanups and additions.
svn:r6174
2006-03-17 05:50:41 +00:00
Peter Palfrader
866f6293ff I wonder what an internal internet protocol is
svn:r6159
2006-03-14 22:52:20 +00:00
Peter Palfrader
86a964d868 When we try to be a server and Address is not explicitly set
and our hostname resolves to a private IP address, try
to use an interface address if it has a public address.


svn:r6158
2006-03-14 22:51:15 +00:00
Peter Palfrader
ebfb3fea6d Fix minor semantic error with no real effect:
we were doing "is_internal_IP(htonl(in.s_addr))" but in.s_addr is
in network order and is_internal_IP wants host order.  Change to
"is_internal_IP(ntohl(in.s_addr))".


svn:r6155
2006-03-13 19:09:52 +00:00
Nick Mathewson
bd8ffccae7 More cleanups noticed by weasel; also, remove macros that nobody uses.
svn:r6143
2006-03-12 23:31:16 +00:00
Nick Mathewson
474c60b743 Cleanup on time-relaqted constants. New conventions:
1) Surround all constants by (parens), whether we'll be using them
     in a denominator or not.
  2) Express all time periods as products (24*60*60), not as multiplied-out
     constants (86400).
  3) Comments like "(60*60) /* one hour */" are as pointless as comments
     like "c = a + b; /* set c to the sum of a and b */".  Remove them.
  4) All time periods should be #defined constants, not given inline.
  5) All time periods should have doxygen comments.
  6) All time periods, unless specified, are in seconds.  It's not necessary
     to say so.

To summarize, the old (lack of) style would allow:

  #define FOO_RETRY_INTERVAL 60*60 /* one hour (seconds) */
  next_try = now + 3600;

The new style is:

  /** How often do we reattempt foo? */
  #define FOO_RETRY_INTERVAL (60*60)

  next_try = now + RETRY_INTERVAL;


svn:r6142
2006-03-12 22:48:18 +00:00
Roger Dingledine
98476c71d2 make tor --verify-config closer to working
svn:r6137
2006-03-12 20:46:00 +00:00
Roger Dingledine
0bd46086c3 fix bug reported by gozu: if we get a linelist or linelist_s
config option from the torrc and it has no value, warn and
skip rather than silently resetting it to its default.


svn:r6125
2006-03-11 18:40:33 +00:00
Nick Mathewson
5777ee0e1a Add some functions to escape values from the network before sending them to the log. Use them everywhere except for routerinfo->plaftorm, routerinfo->contact_info, and rend*.c. (need sleep now)
svn:r6087
2006-03-05 09:50:26 +00:00
Nick Mathewson
6a4e304d9e Allow private:* in routerdescs; not generated yet (because older Tors do not understand it); needs testing.
svn:r6086
2006-03-05 05:27:59 +00:00
Roger Dingledine
498c13b4df make the NoPublish option obsolete.
svn:r6052
2006-02-20 01:21:48 +00:00
Roger Dingledine
276a7bd038 the other half of fixing bug 257. catch an error in more places.
svn:r6050
2006-02-20 01:06:27 +00:00
Roger Dingledine
57bcdcecf1 try to address bug 257: if rename() fails during saveconf, tell
the controller.


svn:r6049
2006-02-19 23:12:26 +00:00
Roger Dingledine
6a52867846 New config options to address bug 251:
FetchServerDescriptors and FetchHidServDescriptors for whether
to fetch server info and hidserv info or let the controller do it,
and also PublishServerDescriptor and PublishHidServDescriptors.

Add AllDirActionsPrivate undocumented option -- if you set it, you'll
need the controller to bootstrap you enough to build your first circuits.


svn:r6047
2006-02-19 22:02:02 +00:00
Roger Dingledine
266254f42b clean up the Reachable*Addresses changes
svn:r6041
2006-02-19 08:31:47 +00:00
Roger Dingledine
a9fcf4ced2 this is why you're not supposed to cut-and-paste code
svn:r6037
2006-02-18 06:46:01 +00:00
Peter Palfrader
aa5443551d Make it compile with VC7. It does not yet link.
svn:r6033
2006-02-18 02:02:21 +00:00
Peter Palfrader
0cc2390f8c Warn if ReachableAddresses is set when also ReachableDirAddresses and ReachableORAddresses are set.
svn:r6010
2006-02-13 22:29:37 +00:00
Peter Palfrader
5eea6c76df Split ReachableAddresses into ReachableDirAddresses and ReachableORAddresses
svn:r6009
2006-02-13 21:17:20 +00:00
Roger Dingledine
d113b75da6 more log conversions.
whee.


svn:r6003
2006-02-13 09:02:35 +00:00
Roger Dingledine
7d80921afa resolve too-long-lines
svn:r6001
2006-02-13 08:22:57 +00:00
Nick Mathewson
2a4555fedd Style on config_addr_policy_intersectes, which looks ok to me.
svn:r5998
2006-02-13 07:16:32 +00:00
Roger Dingledine
350313d77a Let the users set ControlListenAddress in the torrc.
This can be dangerous, but there are some cases (like a secured
LAN) where it makes sense.


svn:r5997
2006-02-13 06:25:16 +00:00
Peter Palfrader
6c4d873591 Compress exit policies even more. please review
svn:r5995
2006-02-13 01:54:31 +00:00
Nick Mathewson
dba155ecff Generate 18.0.0.0/8 address policy format in descs when we can; warn when the mask is not reducible to a bit-prefix.
svn:r5991
2006-02-12 23:58:22 +00:00
Nick Mathewson
98ec124c6a Drop redundant exit policy entries, not just identical ones.
svn:r5987
2006-02-12 22:59:38 +00:00
Nick Mathewson
e7b2d5cd47 Retain unrecognized options in state file, so that we can be forward-compatible.
svn:r5985
2006-02-12 22:28:30 +00:00
Roger Dingledine
b5ac6fc707 more helpful log message when running servers on obsolete windows.
svn:r5975
2006-02-12 00:14:58 +00:00
Roger Dingledine
094ccd34a9 bump up the period for forcing a hidden service descriptor upload
from 20 minutes to 1 hour.


svn:r5972
2006-02-12 00:12:36 +00:00
Roger Dingledine
981815146a compress exit policies even more -- look for duplicate lines
and remove them.


svn:r5971
2006-02-12 00:03:06 +00:00
Roger Dingledine
6c093a17a9 bugfix in config_cmp_addr_policies() -- we were treating a pair
of exit policies if they were equal even if one said accept and
the other said reject.


svn:r5970
2006-02-11 23:47:24 +00:00
Nick Mathewson
f1b91924b2 Keep running if we ask for an impossible stdout log; just warn.
svn:r5964
2006-02-11 21:56:03 +00:00
Nick Mathewson
91847124bf Warn if running obsolete windows as a server.
svn:r5961
2006-02-11 21:26:40 +00:00
Roger Dingledine
5f051574d5 Happy new year!
svn:r5949
2006-02-09 05:46:49 +00:00
Nick Mathewson
97bff8edaa Fix a const-non-const warning
svn:r5923
2006-02-06 04:55:27 +00:00
Roger Dingledine
92ef9e37e7 Add a new config option ExitPolicyRejectPrivate which defaults to 1.
This means all exit policies will begin with rejecting private addresses,
unless the server operator explicitly turns it off.

Also, make our code to remove redundancies in the exit policy smarter,
so it can detect "reject foo, reject bar, reject *" patterns.

Lastly, we can get rid of the "exit policy implicitly accepts" code,
since we make everything more explicit now.


svn:r5888
2006-02-01 03:53:52 +00:00
Roger Dingledine
f8b9a8d457 bump the default bandwidthrate to 3 MB, and burst to 6 MB
svn:r5874
2006-01-28 08:28:15 +00:00
Roger Dingledine
21be9dc3c0 when you tried to set orport through the controller, it would
trigger an assert because you hadn't made your onion keys yet
you wanted to launch cpu workers.

now init keys first, reset uptime, and tell the user that we're
starting the reachability testing.


svn:r5835
2006-01-17 04:01:32 +00:00
Roger Dingledine
f0d4b3d18f turn crypto hardware acceleration off by default, until we find
somebody smart who can test it for us.


svn:r5829
2006-01-16 20:08:33 +00:00
Nick Mathewson
c562ca494a add missing warning
svn:r5806
2006-01-11 20:09:37 +00:00
Nick Mathewson
fefa34d525 Fix double-free of torrc_fname
svn:r5805
2006-01-11 20:01:47 +00:00
Nick Mathewson
adbe0f0ada Fix bug 240: dont dump descriptions when not dumping actual config lines.
svn:r5804
2006-01-11 19:43:14 +00:00
Nick Mathewson
099b9ce2f9 Fix bug 230: add a rollback function to reverse all changes since the last mark_logs_temp(), and move log initialization into the two-phase part of option setting.
svn:r5803
2006-01-11 19:40:14 +00:00
Nick Mathewson
d60faa7c93 Fix another memleak. I love you, valgrind!
svn:r5794
2006-01-11 04:09:40 +00:00
Roger Dingledine
d1baa0c4a6 we were leaking 3KB every time the entry guards changed, every time
the controller called saveconf, and every 20 minutes.


svn:r5788
2006-01-11 03:20:53 +00:00
Roger Dingledine
8f271f2f5a we changed the name of AccountingBytesReadInInterval
change its state file description too


svn:r5785
2006-01-10 23:26:59 +00:00
Roger Dingledine
7d1f675c85 entry nodes are now entry guards.
this is our last easy chance for a wholesale change. heave ho.


svn:r5782
2006-01-10 22:42:44 +00:00
Roger Dingledine
b2d79f278b or_state_validate() needs an extra arg too or it will crash
svn:r5772
2006-01-10 20:38:33 +00:00
Roger Dingledine
f4299f0f44 hack to address bug 238.
needs a better fix, but not for 0.1.1.11.


svn:r5771
2006-01-10 20:27:47 +00:00
Roger Dingledine
f71273c216 fix bug 235
svn:r5768
2006-01-10 20:06:24 +00:00
Nick Mathewson
7fc62029d4 Refuse to use RunAsDaemon when torrc is a relative path. Fixes bug 229.
svn:r5767
2006-01-10 20:00:20 +00:00
Roger Dingledine
f88fa3efc1 helper nodes are dead
svn:r5743
2006-01-07 00:41:50 +00:00
Nick Mathewson
65f76bad4f Add descriptions for state variables; rename AccountingBytesRead{In}Interval; remove extraneous and unused struct member.
svn:r5739
2006-01-06 15:43:03 +00:00
Roger Dingledine
c5a5161fb5 prevent auth dir servers from enabling entry nodes.
svn:r5702
2006-01-02 08:40:58 +00:00
Roger Dingledine
358052416d bugfix: only try to use the EntryNodes config option if it is set.
svn:r5701
2006-01-02 05:14:21 +00:00
Roger Dingledine
ea6ea8ec22 Make UseEntryNodes true by default. Let the fun begin.
svn:r5698
2006-01-02 05:00:03 +00:00
Roger Dingledine
aa604ef2c2 bugfix: only try to parse the TorVersion if there is one.
svn:r5697
2006-01-02 04:58:12 +00:00
Roger Dingledine
839111b85a tolerate a mal-formed or unrecognized tor version in the state file.
svn:r5696
2006-01-02 04:45:18 +00:00
Roger Dingledine
0bd25f5d43 save and validate TorVersion in the state file.
svn:r5694
2006-01-02 04:14:52 +00:00
Roger Dingledine
6c693dbda6 add a TorVersion state string.
not yet set to anything.


svn:r5687
2005-12-31 08:16:07 +00:00
Roger Dingledine
5947388968 Finish implementing config's EntryNodes and StrictEntryNodes option.
The logging is way verbose for now.


svn:r5683
2005-12-31 06:32:57 +00:00
Roger Dingledine
dbd7b97eff helper nodes are dead. long live entry nodes.
(config options EntryNodes and StrictEntryNodes still not
implemented.)


svn:r5673
2005-12-28 09:07:31 +00:00
Roger Dingledine
94bff33357 and compiling would be good too
svn:r5657
2005-12-27 02:48:35 +00:00
Roger Dingledine
370dcbc7ba and some comments
svn:r5656
2005-12-27 02:48:02 +00:00
Roger Dingledine
5807bd0635 make it clearer in the auto-generated config file that you
probably shouldn't be editing this one yourself.


svn:r5655
2005-12-27 02:46:53 +00:00
Peter Palfrader
4bd65f0f98 Keep bandwidth history accross restarts/crashes
svn:r5637
2005-12-23 23:56:42 +00:00
Nick Mathewson
89eded7b17 Add "panic" option to reject all servers not in fingerprint list.
svn:r5601
2005-12-15 21:39:38 +00:00
Nick Mathewson
1af630d32c Bite the bullet and limit all our source lines to 80 characters, the way IBM intended.
svn:r5582
2005-12-14 20:40:40 +00:00
Roger Dingledine
77c0f6d456 a first go at fixing a bug matt edman reported: when he tries
to "setconf log" via the controller, it is friendly and gives
him a log to stdout, even though he didn't ask for one.


svn:r5562
2005-12-11 10:01:21 +00:00
Roger Dingledine
46d563fe00 whenever we hupped or did a controller setconf, we were prepending
another reachableaddresses *:80,*:443 if fascistfirewall was set,
and we were appending another reject *:* regardless.


svn:r5560
2005-12-11 09:18:25 +00:00
Roger Dingledine
a4e1014f4d i think fascistfirewall still has its uses. it's a synonym
for a certain reachableaddresses line, but it's easier to
remember and people already understand it. i think we should
think about undeprecating it.


svn:r5559
2005-12-11 08:59:02 +00:00
Roger Dingledine
58366ffd24 when we changed from log_fn to debug/info/notice/warn/err,
we screwed up the formatting in wild and unpredictable ways.

fix it before it becomes convention to format logs in wild and
unpredictable ways.

still need to do src/common/ someday.


svn:r5551
2005-12-10 09:36:26 +00:00
Roger Dingledine
9b0a40ec78 crank the max line limit down to 150 chars.
svn:r5550
2005-12-10 08:27:01 +00:00
Nick Mathewson
39265dd72e In my private little universe, terminals are still 80 columns. Impose a 160-character-per-line limit; this will creep down.
svn:r5548
2005-12-09 05:37:26 +00:00
Nick Mathewson
95e471c9a6 Normalize whitespace
svn:r5547
2005-12-09 05:22:15 +00:00
Nick Mathewson
33c4445846 For some bizarre reason, MSVC does not implement GCC extensions. Who would have thought?
svn:r5546
2005-12-09 05:20:02 +00:00
Roger Dingledine
a438f2abcd let the user configure a sockslistenaddress on other private IPs
besides 127.x.y.z without complaining.
and give a better message in the log.


svn:r5544
2005-12-09 02:46:46 +00:00
Nick Mathewson
d57029ffe8 Make code to handle "private" alias work when assume_action is set.
svn:r5542
2005-12-08 23:58:23 +00:00
Nick Mathewson
338f23114f Oops. 0.0.0.0/8 and 169.254.0.0/16 are also special.
svn:r5536
2005-12-08 19:58:14 +00:00
Nick Mathewson
1b770817c0 Add private:* as an alias in configuration for policies.
svn:r5534
2005-12-08 19:40:24 +00:00
Nick Mathewson
898968b3ac Warn when binding to a public address for socks. This warning needs to be improved. Also, make options_validate() only warn when an option is changed to a bad value.. (Previously, it warned when an option was bad and any option was changed.)
svn:r5532
2005-12-08 18:56:32 +00:00
Nick Mathewson
f031ee8246 Make clients use CREATE_FAST cells. add an option to disable this.
svn:r5524
2005-12-07 22:09:02 +00:00
Roger Dingledine
5c949fce51 Start obeying our firewall options more rigorously:
- If we can't get to a dirserver directly, try going via Tor.
  - Don't ever try to connect (as a client) to a place our firewall
    options forbid.
  - If we specify a proxy and also firewall options, obey the firewall
    options even when we're using the proxy: some proxies can only proxy
    to certain destinations.


svn:r5431
2005-11-19 10:12:10 +00:00
Roger Dingledine
afb1c79879 Leave options->DirServers alone -- if the user didn't specify any,
just add the default ones directly to the trusted dirserver list.
This fixes a bug where people running controllers would setconf or
the equivalent, and Tor would start yelling at them about setting
their own DirServer lines.


svn:r5418
2005-11-18 02:47:09 +00:00