Roger Dingledine
6f08d121d9
Refactor and consolidate addr/exit policies into a new policies.c.
...
Fix some minor bugs and memory leaks along the way.
svn:r6246
2006-03-27 02:25:34 +00:00
Roger Dingledine
e1c8e3ca6e
also send syntax and parse errors back to the controller.
...
svn:r6242
2006-03-26 08:09:19 +00:00
Roger Dingledine
b899b9592a
When the controller's *setconf commands fail, collect an error message
...
in a string and hand it back. This starts to resolve bug 275.
svn:r6241
2006-03-26 06:51:26 +00:00
Peter Palfrader
e90bebf27b
Say private address instead of internal address.
...
Both are wrong or at least not entirely correct but nobody would
understand "special-use address as listed in RFC3330" I guess.
svn:r6236
2006-03-25 21:24:28 +00:00
Roger Dingledine
216e349cb2
parameterize two more timeout constants in circuit-land.
...
svn:r6220
2006-03-22 00:52:37 +00:00
Roger Dingledine
ad236d4b8b
freeing is not the same as setting to null
...
svn:r6219
2006-03-22 00:03:51 +00:00
Roger Dingledine
28fafb9022
new config option SocksTimeout: How long do we let a socks connection
...
wait unattached before we fail it?
Use this value for controller socks timeout, for normal socks
timeout, and for hidden-service socks timeout.
svn:r6217
2006-03-21 23:27:43 +00:00
Roger Dingledine
f11509e494
when upgrading to newer versions, throw away entry guards
...
picked by the old wrong algorithms.
svn:r6215
2006-03-21 23:06:47 +00:00
Roger Dingledine
0e68ec0846
put lefkada on port 80, officially.
...
svn:r6209
2006-03-21 16:57:03 +00:00
Roger Dingledine
415c9e878a
add lefkada as a fourth auth dir server.
...
svn:r6205
2006-03-21 04:41:20 +00:00
Roger Dingledine
d8195e4128
Implement Jason Holt's SafeSocks config option.
...
Also put a URL in the warning message for unsafe socks4 use --
previously we'd only had the URL for unsafe socks5 use. Oops.
svn:r6190
2006-03-19 01:44:53 +00:00
Roger Dingledine
c06e6ddadd
Finish the transition from the word 'verified' to the words
...
'named' and 'valid'.
svn:r6188
2006-03-19 01:21:59 +00:00
Roger Dingledine
868d456c3b
make it so there is one place to edit for new dirservers, not two.
...
svn:r6186
2006-03-18 22:37:27 +00:00
Roger Dingledine
4f14826cb3
Actually, only v1 auth dir servers need to define recommendedversions.
...
But versioning dirservers do need to cause recommendclientversions
and recommendedserverversions to somehow be non-empty.
svn:r6181
2006-03-17 23:25:40 +00:00
Roger Dingledine
c7839a17f5
when we're an auth dir server but don't claim to be a versioning
...
auth dir server, don't demand that we define RecommendedVersions.
svn:r6180
2006-03-17 23:21:42 +00:00
Roger Dingledine
51fc6799ad
right now we don't support entryguards on auth dirservers,
...
but that doesn't mean we need to remind them every time
they start up.
svn:r6179
2006-03-17 23:19:51 +00:00
Nick Mathewson
053411e827
Comments: cleanups and additions.
...
svn:r6174
2006-03-17 05:50:41 +00:00
Peter Palfrader
866f6293ff
I wonder what an internal internet protocol is
...
svn:r6159
2006-03-14 22:52:20 +00:00
Peter Palfrader
86a964d868
When we try to be a server and Address is not explicitly set
...
and our hostname resolves to a private IP address, try
to use an interface address if it has a public address.
svn:r6158
2006-03-14 22:51:15 +00:00
Peter Palfrader
ebfb3fea6d
Fix minor semantic error with no real effect:
...
we were doing "is_internal_IP(htonl(in.s_addr))" but in.s_addr is
in network order and is_internal_IP wants host order. Change to
"is_internal_IP(ntohl(in.s_addr))".
svn:r6155
2006-03-13 19:09:52 +00:00
Nick Mathewson
bd8ffccae7
More cleanups noticed by weasel; also, remove macros that nobody uses.
...
svn:r6143
2006-03-12 23:31:16 +00:00
Nick Mathewson
474c60b743
Cleanup on time-relaqted constants. New conventions:
...
1) Surround all constants by (parens), whether we'll be using them
in a denominator or not.
2) Express all time periods as products (24*60*60), not as multiplied-out
constants (86400).
3) Comments like "(60*60) /* one hour */" are as pointless as comments
like "c = a + b; /* set c to the sum of a and b */". Remove them.
4) All time periods should be #defined constants, not given inline.
5) All time periods should have doxygen comments.
6) All time periods, unless specified, are in seconds. It's not necessary
to say so.
To summarize, the old (lack of) style would allow:
#define FOO_RETRY_INTERVAL 60*60 /* one hour (seconds) */
next_try = now + 3600;
The new style is:
/** How often do we reattempt foo? */
#define FOO_RETRY_INTERVAL (60*60)
next_try = now + RETRY_INTERVAL;
svn:r6142
2006-03-12 22:48:18 +00:00
Roger Dingledine
98476c71d2
make tor --verify-config closer to working
...
svn:r6137
2006-03-12 20:46:00 +00:00
Roger Dingledine
0bd46086c3
fix bug reported by gozu: if we get a linelist or linelist_s
...
config option from the torrc and it has no value, warn and
skip rather than silently resetting it to its default.
svn:r6125
2006-03-11 18:40:33 +00:00
Nick Mathewson
5777ee0e1a
Add some functions to escape values from the network before sending them to the log. Use them everywhere except for routerinfo->plaftorm, routerinfo->contact_info, and rend*.c. (need sleep now)
...
svn:r6087
2006-03-05 09:50:26 +00:00
Nick Mathewson
6a4e304d9e
Allow private:* in routerdescs; not generated yet (because older Tors do not understand it); needs testing.
...
svn:r6086
2006-03-05 05:27:59 +00:00
Roger Dingledine
498c13b4df
make the NoPublish option obsolete.
...
svn:r6052
2006-02-20 01:21:48 +00:00
Roger Dingledine
276a7bd038
the other half of fixing bug 257. catch an error in more places.
...
svn:r6050
2006-02-20 01:06:27 +00:00
Roger Dingledine
57bcdcecf1
try to address bug 257: if rename() fails during saveconf, tell
...
the controller.
svn:r6049
2006-02-19 23:12:26 +00:00
Roger Dingledine
6a52867846
New config options to address bug 251:
...
FetchServerDescriptors and FetchHidServDescriptors for whether
to fetch server info and hidserv info or let the controller do it,
and also PublishServerDescriptor and PublishHidServDescriptors.
Add AllDirActionsPrivate undocumented option -- if you set it, you'll
need the controller to bootstrap you enough to build your first circuits.
svn:r6047
2006-02-19 22:02:02 +00:00
Roger Dingledine
266254f42b
clean up the Reachable*Addresses changes
...
svn:r6041
2006-02-19 08:31:47 +00:00
Roger Dingledine
a9fcf4ced2
this is why you're not supposed to cut-and-paste code
...
svn:r6037
2006-02-18 06:46:01 +00:00
Peter Palfrader
aa5443551d
Make it compile with VC7. It does not yet link.
...
svn:r6033
2006-02-18 02:02:21 +00:00
Peter Palfrader
0cc2390f8c
Warn if ReachableAddresses is set when also ReachableDirAddresses and ReachableORAddresses are set.
...
svn:r6010
2006-02-13 22:29:37 +00:00
Peter Palfrader
5eea6c76df
Split ReachableAddresses into ReachableDirAddresses and ReachableORAddresses
...
svn:r6009
2006-02-13 21:17:20 +00:00
Roger Dingledine
d113b75da6
more log conversions.
...
whee.
svn:r6003
2006-02-13 09:02:35 +00:00
Roger Dingledine
7d80921afa
resolve too-long-lines
...
svn:r6001
2006-02-13 08:22:57 +00:00
Nick Mathewson
2a4555fedd
Style on config_addr_policy_intersectes, which looks ok to me.
...
svn:r5998
2006-02-13 07:16:32 +00:00
Roger Dingledine
350313d77a
Let the users set ControlListenAddress in the torrc.
...
This can be dangerous, but there are some cases (like a secured
LAN) where it makes sense.
svn:r5997
2006-02-13 06:25:16 +00:00
Peter Palfrader
6c4d873591
Compress exit policies even more. please review
...
svn:r5995
2006-02-13 01:54:31 +00:00
Nick Mathewson
dba155ecff
Generate 18.0.0.0/8 address policy format in descs when we can; warn when the mask is not reducible to a bit-prefix.
...
svn:r5991
2006-02-12 23:58:22 +00:00
Nick Mathewson
98ec124c6a
Drop redundant exit policy entries, not just identical ones.
...
svn:r5987
2006-02-12 22:59:38 +00:00
Nick Mathewson
e7b2d5cd47
Retain unrecognized options in state file, so that we can be forward-compatible.
...
svn:r5985
2006-02-12 22:28:30 +00:00
Roger Dingledine
b5ac6fc707
more helpful log message when running servers on obsolete windows.
...
svn:r5975
2006-02-12 00:14:58 +00:00
Roger Dingledine
094ccd34a9
bump up the period for forcing a hidden service descriptor upload
...
from 20 minutes to 1 hour.
svn:r5972
2006-02-12 00:12:36 +00:00
Roger Dingledine
981815146a
compress exit policies even more -- look for duplicate lines
...
and remove them.
svn:r5971
2006-02-12 00:03:06 +00:00
Roger Dingledine
6c093a17a9
bugfix in config_cmp_addr_policies() -- we were treating a pair
...
of exit policies if they were equal even if one said accept and
the other said reject.
svn:r5970
2006-02-11 23:47:24 +00:00
Nick Mathewson
f1b91924b2
Keep running if we ask for an impossible stdout log; just warn.
...
svn:r5964
2006-02-11 21:56:03 +00:00
Nick Mathewson
91847124bf
Warn if running obsolete windows as a server.
...
svn:r5961
2006-02-11 21:26:40 +00:00
Roger Dingledine
5f051574d5
Happy new year!
...
svn:r5949
2006-02-09 05:46:49 +00:00
Nick Mathewson
97bff8edaa
Fix a const-non-const warning
...
svn:r5923
2006-02-06 04:55:27 +00:00
Roger Dingledine
92ef9e37e7
Add a new config option ExitPolicyRejectPrivate which defaults to 1.
...
This means all exit policies will begin with rejecting private addresses,
unless the server operator explicitly turns it off.
Also, make our code to remove redundancies in the exit policy smarter,
so it can detect "reject foo, reject bar, reject *" patterns.
Lastly, we can get rid of the "exit policy implicitly accepts" code,
since we make everything more explicit now.
svn:r5888
2006-02-01 03:53:52 +00:00
Roger Dingledine
f8b9a8d457
bump the default bandwidthrate to 3 MB, and burst to 6 MB
...
svn:r5874
2006-01-28 08:28:15 +00:00
Roger Dingledine
21be9dc3c0
when you tried to set orport through the controller, it would
...
trigger an assert because you hadn't made your onion keys yet
you wanted to launch cpu workers.
now init keys first, reset uptime, and tell the user that we're
starting the reachability testing.
svn:r5835
2006-01-17 04:01:32 +00:00
Roger Dingledine
f0d4b3d18f
turn crypto hardware acceleration off by default, until we find
...
somebody smart who can test it for us.
svn:r5829
2006-01-16 20:08:33 +00:00
Nick Mathewson
c562ca494a
add missing warning
...
svn:r5806
2006-01-11 20:09:37 +00:00
Nick Mathewson
fefa34d525
Fix double-free of torrc_fname
...
svn:r5805
2006-01-11 20:01:47 +00:00
Nick Mathewson
adbe0f0ada
Fix bug 240: dont dump descriptions when not dumping actual config lines.
...
svn:r5804
2006-01-11 19:43:14 +00:00
Nick Mathewson
099b9ce2f9
Fix bug 230: add a rollback function to reverse all changes since the last mark_logs_temp(), and move log initialization into the two-phase part of option setting.
...
svn:r5803
2006-01-11 19:40:14 +00:00
Nick Mathewson
d60faa7c93
Fix another memleak. I love you, valgrind!
...
svn:r5794
2006-01-11 04:09:40 +00:00
Roger Dingledine
d1baa0c4a6
we were leaking 3KB every time the entry guards changed, every time
...
the controller called saveconf, and every 20 minutes.
svn:r5788
2006-01-11 03:20:53 +00:00
Roger Dingledine
8f271f2f5a
we changed the name of AccountingBytesReadInInterval
...
change its state file description too
svn:r5785
2006-01-10 23:26:59 +00:00
Roger Dingledine
7d1f675c85
entry nodes are now entry guards.
...
this is our last easy chance for a wholesale change. heave ho.
svn:r5782
2006-01-10 22:42:44 +00:00
Roger Dingledine
b2d79f278b
or_state_validate() needs an extra arg too or it will crash
...
svn:r5772
2006-01-10 20:38:33 +00:00
Roger Dingledine
f4299f0f44
hack to address bug 238.
...
needs a better fix, but not for 0.1.1.11.
svn:r5771
2006-01-10 20:27:47 +00:00
Roger Dingledine
f71273c216
fix bug 235
...
svn:r5768
2006-01-10 20:06:24 +00:00
Nick Mathewson
7fc62029d4
Refuse to use RunAsDaemon when torrc is a relative path. Fixes bug 229.
...
svn:r5767
2006-01-10 20:00:20 +00:00
Roger Dingledine
f88fa3efc1
helper nodes are dead
...
svn:r5743
2006-01-07 00:41:50 +00:00
Nick Mathewson
65f76bad4f
Add descriptions for state variables; rename AccountingBytesRead{In}Interval; remove extraneous and unused struct member.
...
svn:r5739
2006-01-06 15:43:03 +00:00
Roger Dingledine
c5a5161fb5
prevent auth dir servers from enabling entry nodes.
...
svn:r5702
2006-01-02 08:40:58 +00:00
Roger Dingledine
358052416d
bugfix: only try to use the EntryNodes config option if it is set.
...
svn:r5701
2006-01-02 05:14:21 +00:00
Roger Dingledine
ea6ea8ec22
Make UseEntryNodes true by default. Let the fun begin.
...
svn:r5698
2006-01-02 05:00:03 +00:00
Roger Dingledine
aa604ef2c2
bugfix: only try to parse the TorVersion if there is one.
...
svn:r5697
2006-01-02 04:58:12 +00:00
Roger Dingledine
839111b85a
tolerate a mal-formed or unrecognized tor version in the state file.
...
svn:r5696
2006-01-02 04:45:18 +00:00
Roger Dingledine
0bd25f5d43
save and validate TorVersion in the state file.
...
svn:r5694
2006-01-02 04:14:52 +00:00
Roger Dingledine
6c693dbda6
add a TorVersion state string.
...
not yet set to anything.
svn:r5687
2005-12-31 08:16:07 +00:00
Roger Dingledine
5947388968
Finish implementing config's EntryNodes and StrictEntryNodes option.
...
The logging is way verbose for now.
svn:r5683
2005-12-31 06:32:57 +00:00
Roger Dingledine
dbd7b97eff
helper nodes are dead. long live entry nodes.
...
(config options EntryNodes and StrictEntryNodes still not
implemented.)
svn:r5673
2005-12-28 09:07:31 +00:00
Roger Dingledine
94bff33357
and compiling would be good too
...
svn:r5657
2005-12-27 02:48:35 +00:00
Roger Dingledine
370dcbc7ba
and some comments
...
svn:r5656
2005-12-27 02:48:02 +00:00
Roger Dingledine
5807bd0635
make it clearer in the auto-generated config file that you
...
probably shouldn't be editing this one yourself.
svn:r5655
2005-12-27 02:46:53 +00:00
Peter Palfrader
4bd65f0f98
Keep bandwidth history accross restarts/crashes
...
svn:r5637
2005-12-23 23:56:42 +00:00
Nick Mathewson
89eded7b17
Add "panic" option to reject all servers not in fingerprint list.
...
svn:r5601
2005-12-15 21:39:38 +00:00
Nick Mathewson
1af630d32c
Bite the bullet and limit all our source lines to 80 characters, the way IBM intended.
...
svn:r5582
2005-12-14 20:40:40 +00:00
Roger Dingledine
77c0f6d456
a first go at fixing a bug matt edman reported: when he tries
...
to "setconf log" via the controller, it is friendly and gives
him a log to stdout, even though he didn't ask for one.
svn:r5562
2005-12-11 10:01:21 +00:00
Roger Dingledine
46d563fe00
whenever we hupped or did a controller setconf, we were prepending
...
another reachableaddresses *:80,*:443 if fascistfirewall was set,
and we were appending another reject *:* regardless.
svn:r5560
2005-12-11 09:18:25 +00:00
Roger Dingledine
a4e1014f4d
i think fascistfirewall still has its uses. it's a synonym
...
for a certain reachableaddresses line, but it's easier to
remember and people already understand it. i think we should
think about undeprecating it.
svn:r5559
2005-12-11 08:59:02 +00:00
Roger Dingledine
58366ffd24
when we changed from log_fn to debug/info/notice/warn/err,
...
we screwed up the formatting in wild and unpredictable ways.
fix it before it becomes convention to format logs in wild and
unpredictable ways.
still need to do src/common/ someday.
svn:r5551
2005-12-10 09:36:26 +00:00
Roger Dingledine
9b0a40ec78
crank the max line limit down to 150 chars.
...
svn:r5550
2005-12-10 08:27:01 +00:00
Nick Mathewson
39265dd72e
In my private little universe, terminals are still 80 columns. Impose a 160-character-per-line limit; this will creep down.
...
svn:r5548
2005-12-09 05:37:26 +00:00
Nick Mathewson
95e471c9a6
Normalize whitespace
...
svn:r5547
2005-12-09 05:22:15 +00:00
Nick Mathewson
33c4445846
For some bizarre reason, MSVC does not implement GCC extensions. Who would have thought?
...
svn:r5546
2005-12-09 05:20:02 +00:00
Roger Dingledine
a438f2abcd
let the user configure a sockslistenaddress on other private IPs
...
besides 127.x.y.z without complaining.
and give a better message in the log.
svn:r5544
2005-12-09 02:46:46 +00:00
Nick Mathewson
d57029ffe8
Make code to handle "private" alias work when assume_action is set.
...
svn:r5542
2005-12-08 23:58:23 +00:00
Nick Mathewson
338f23114f
Oops. 0.0.0.0/8 and 169.254.0.0/16 are also special.
...
svn:r5536
2005-12-08 19:58:14 +00:00
Nick Mathewson
1b770817c0
Add private:* as an alias in configuration for policies.
...
svn:r5534
2005-12-08 19:40:24 +00:00
Nick Mathewson
898968b3ac
Warn when binding to a public address for socks. This warning needs to be improved. Also, make options_validate() only warn when an option is changed to a bad value.. (Previously, it warned when an option was bad and any option was changed.)
...
svn:r5532
2005-12-08 18:56:32 +00:00
Nick Mathewson
f031ee8246
Make clients use CREATE_FAST cells. add an option to disable this.
...
svn:r5524
2005-12-07 22:09:02 +00:00
Roger Dingledine
5c949fce51
Start obeying our firewall options more rigorously:
...
- If we can't get to a dirserver directly, try going via Tor.
- Don't ever try to connect (as a client) to a place our firewall
options forbid.
- If we specify a proxy and also firewall options, obey the firewall
options even when we're using the proxy: some proxies can only proxy
to certain destinations.
svn:r5431
2005-11-19 10:12:10 +00:00
Roger Dingledine
afb1c79879
Leave options->DirServers alone -- if the user didn't specify any,
...
just add the default ones directly to the trusted dirserver list.
This fixes a bug where people running controllers would setconf or
the equivalent, and Tor would start yelling at them about setting
their own DirServer lines.
svn:r5418
2005-11-18 02:47:09 +00:00