Nick Mathewson
820159cac5
r15530@tombo: nickm | 2007-12-17 16:54:03 -0500
...
First wodge of geoip code so bridges can figure out which countries are blocking them.
svn:r12845
2007-12-17 22:44:11 +00:00
Roger Dingledine
71c84abdff
cleanups on r12825
...
svn:r12826
2007-12-15 20:50:56 +00:00
Roger Dingledine
31324f3e7f
apply karsten's "patch 12"
...
svn:r12825
2007-12-15 20:28:09 +00:00
Karsten Loesing
5864b43e02
proposal 121: rewrote complete proposal for better readability, modified authentication protocol, merged in personal notes
...
svn:r12824
2007-12-15 20:09:43 +00:00
Andrew Lewman
f50cd72848
some documentation from pnx for building universal binary privoxy
...
svn:r12807
2007-12-14 05:30:18 +00:00
Roger Dingledine
408a4fa9b4
a todo entry extracted from a poor bug report
...
svn:r12802
2007-12-14 04:13:19 +00:00
Roger Dingledine
2cdaa93d96
change the specs to match the code
...
svn:r12799
2007-12-13 05:47:08 +00:00
Roger Dingledine
5ba5bf43d8
new v3 authorities will want the one that includes lefkada
...
svn:r12792
2007-12-13 00:01:49 +00:00
Roger Dingledine
6e799a6e9c
minor cleanups and a todo item
...
svn:r12785
2007-12-12 21:08:30 +00:00
Roger Dingledine
1572de49bc
write down my some reliable / some not idea, before we lose it
...
svn:r12781
2007-12-12 17:02:47 +00:00
Roger Dingledine
3b2dd8d763
Three new config options (AlternateDirAuthority,
...
AlternateBridgeAuthority, and AlternateHSAuthority) that let the
user selectively replace the default directory authorities, rather
than the all-or-nothing replacement that DirServer offers.
svn:r12777
2007-12-12 04:38:54 +00:00
Nick Mathewson
b865587265
r15268@tombo: nickm | 2007-12-11 18:22:52 -0500
...
tweaks to bridge-disbursement document
svn:r12774
2007-12-11 23:23:25 +00:00
Roger Dingledine
78f532678c
Relays were publishing their server descriptor to v1 and v2
...
directory authorities, but they didn't try publishing to v3-only
authorities. Fix this; and also stop publishing to v1 authorities.
svn:r12759
2007-12-11 20:18:12 +00:00
Roger Dingledine
ee6ae92670
New config options AuthDirBadDir and AuthDirListBadDirs for
...
authorities to mark certain relays as "bad directories" in the
networkstatus documents. Also supports the "!baddir" directive in
the approved-routers file.
svn:r12754
2007-12-10 16:49:54 +00:00
Roger Dingledine
5928203e9f
some more docs that are missing
...
svn:r12753
2007-12-10 16:49:35 +00:00
Roger Dingledine
6dfd47467e
Allow multiple HashedControlPassword config lines, to support
...
multiple controller passwords.
svn:r12732
2007-12-09 04:59:27 +00:00
Karsten Loesing
6bf8e8aec3
proposal 121: incorporated comments by Nick posted to or-dev on 10-Oct-2007
...
svn:r12725
2007-12-09 00:18:51 +00:00
Roger Dingledine
88fa4417e3
attacks and cleanups on the bridge disbursement plans
...
svn:r12720
2007-12-08 04:13:07 +00:00
Roger Dingledine
9250653471
cleanups on r12715
...
svn:r12718
2007-12-08 00:55:18 +00:00
Nick Mathewson
2dd9d87d07
r15220@tombo: nickm | 2007-12-07 19:53:27 -0500
...
add draft sketch of bridge disbursement designs.
svn:r12717
2007-12-08 00:53:43 +00:00
Roger Dingledine
2b8ca7b4a4
patch from karsten to clean up documentation and to integrate
...
more fixes into rend-spec.txt.
svn:r12715
2007-12-07 21:27:58 +00:00
Roger Dingledine
4152a4e835
back out half of r12709
...
sptor is published, it's gone, out the door, can't change it.
svn:r12710
2007-12-07 02:47:58 +00:00
Nick Mathewson
21aa295bec
r16999@catbus: nickm | 2007-12-06 19:24:26 -0500
...
Make a couple of http instances into https. Again, from steve.
svn:r12709
2007-12-07 00:24:28 +00:00
Nick Mathewson
2e378295d6
r16997@catbus: nickm | 2007-12-06 18:56:33 -0500
...
Make http://torproject urls into https://torproject urls. Patch from steve.
svn:r12708
2007-12-06 23:56:36 +00:00
Nick Mathewson
92372b156a
r16995@catbus: nickm | 2007-12-06 18:42:53 -0500
...
patch from steve: replace more tor.eff.org instances with torproject.org
svn:r12707
2007-12-06 23:42:59 +00:00
Roger Dingledine
75c38a2c88
Bridges now behave like clients with respect to time intervals for
...
downloading new consensus documents. Bridge users now wait until
the end of the interval, so their bridge will be sure to have a
new consensus document.
svn:r12696
2007-12-06 17:01:16 +00:00
Roger Dingledine
8b2585854a
more work on the dirport-mirrors-downloads proposal. still not
...
really solved well yet.
svn:r12690
2007-12-06 10:54:57 +00:00
Roger Dingledine
94f7f4be6c
three more man page entries for bridges
...
svn:r12689
2007-12-06 08:41:52 +00:00
Roger Dingledine
8de470cf69
Add "GETINFO/desc-annotations/id/<OR digest>" so controllers can
...
ask about source, timestamp of arrival, purpose, etc. We need
something like this to help Vidalia not do GeoIP lookups on bridge
addresses.
svn:r12687
2007-12-06 07:15:06 +00:00
Roger Dingledine
3ff63b6f4e
When the DANGEROUS_VERSION controller status event told us we're
...
running an obsolete version, it used the string "OLD" to describe
it. Yet the "getinfo" interface used the string "OBSOLETE". Now use
"OBSOLETE" in both cases.
svn:r12686
2007-12-05 19:32:58 +00:00
Roger Dingledine
a8d36c8243
some more man page entries. still missing some.
...
svn:r12685
2007-12-05 19:24:12 +00:00
Roger Dingledine
bf30043c88
a hint about how to be more secure
...
svn:r12683
2007-12-05 19:22:37 +00:00
Roger Dingledine
2d52336b60
make a new 'ideas' subdir for half-baked proposals.
...
make a new 'draft' status for nearly-baked proposals.
svn:r12677
2007-12-05 06:00:03 +00:00
Roger Dingledine
a1af56bce2
expand on a few items, and remove some done items
...
svn:r12676
2007-12-05 05:57:52 +00:00
Roger Dingledine
9cb8a4940c
move the december feature list up into the 0.2.0 section of
...
the todo list. the feature freeze is off. better luck in 2008!
svn:r12675
2007-12-05 05:46:52 +00:00
Nick Mathewson
569ade5143
r15151@tombo: nickm | 2007-12-04 17:29:17 -0500
...
Remove some finished items from the TODO
svn:r12674
2007-12-04 22:29:26 +00:00
Nick Mathewson
b6a194f896
svn:r12671
2007-12-04 19:38:42 +00:00
Roger Dingledine
4a03959b10
a few more thoughts on mirroring dist/ on bridges
...
svn:r12667
2007-12-04 18:34:30 +00:00
Roger Dingledine
9f25d3b0a6
notes on an auto updater. not enough of a proposal to give
...
it a number yet though.
svn:r12662
2007-12-04 13:18:32 +00:00
Roger Dingledine
52e0bc69c0
some very early notes on bridge families
...
svn:r12645
2007-12-03 11:40:27 +00:00
Roger Dingledine
9db8ee8427
propsets
...
svn:r12644
2007-12-03 11:18:44 +00:00
Roger Dingledine
628697acfa
come up with a plan for publishing ip-to-country usage summaries
...
svn:r12642
2007-12-03 06:03:56 +00:00
Roger Dingledine
c8b4d43262
some notes on tor dist/ and website/ mirrors via dir caches
...
svn:r12640
2007-12-02 14:41:39 +00:00
Roger Dingledine
25a43314d1
another attack on bridges. darn it.
...
svn:r12639
2007-12-02 13:51:16 +00:00
Roger Dingledine
07dbaaac16
We were ignoring our RelayBandwidthRate for the first 30 seconds
...
after opening a circuit -- even relayed circuits. Bugfix on
0.2.0.3-alpha.
svn:r12638
2007-12-02 11:24:06 +00:00
Roger Dingledine
79432e9967
another item we can defer if we need to
...
svn:r12637
2007-12-02 11:22:42 +00:00
Roger Dingledine
c5ea4ac2ae
fix word
...
svn:r12632
2007-12-02 06:11:26 +00:00
Nick Mathewson
4a6d969139
r15094@tombo: nickm | 2007-12-01 03:46:07 -0500
...
server-side code (for when v2 negotiation occurred) to check for renegotiation and adjust client ID info accordingly. server-side of new TLS code is now implemented, but needs testing and debugging.
svn:r12624
2007-12-01 08:47:13 +00:00
Nick Mathewson
d8ad247dfd
r15088@tombo: nickm | 2007-11-30 23:47:29 -0500
...
Add support to get a callback invoked when the client renegotiate a connection. Also, make clients renegotiate. (not enabled yet, until they detect that the server acted like a v2 server)
svn:r12623
2007-12-01 08:09:48 +00:00
Nick Mathewson
1789f94668
r15087@tombo: nickm | 2007-11-30 22:32:26 -0500
...
Start getting freaky with openssl callbacks in tortls.c: detect client ciphers, and if the list doesn't look like the list current Tors use, present only a single cert do not ask for a client cert. Also, support for client-side renegotiation. None of this is enabled unless you define V2_HANDSHAKE_SERVER.
svn:r12622
2007-12-01 08:09:46 +00:00
Roger Dingledine
e9b999ff22
and one last fix
...
svn:r12610
2007-11-29 16:16:50 +00:00
Roger Dingledine
996b8719e5
fix some typos (i think) in the dir spec. also, note that you'd
...
better *not* publish a cosmetically similar descriptor within 12
hours of the last one.
svn:r12605
2007-11-29 13:19:11 +00:00
Roger Dingledine
b258d3ec5a
is this a good idea, karsten/nick?
...
svn:r12604
2007-11-29 13:05:52 +00:00
Roger Dingledine
ff981c8805
doc fixes from karsten
...
svn:r12603
2007-11-29 12:51:50 +00:00
Roger Dingledine
4a08380ad7
controllers need a way to learn router annotations
...
svn:r12602
2007-11-29 11:35:08 +00:00
Roger Dingledine
30cbcaecc5
more progress on the geoip proposal
...
svn:r12599
2007-11-29 06:14:41 +00:00
Roger Dingledine
d2d65666c4
our december todo list
...
svn:r12598
2007-11-28 20:21:28 +00:00
Roger Dingledine
86551d411d
more items for the todo list
...
svn:r12572
2007-11-26 06:26:47 +00:00
Roger Dingledine
17393b8359
draft of a proposal: Fetching GeoIP databases for clients, relays, and bridges
...
svn:r12566
2007-11-24 15:28:08 +00:00
Roger Dingledine
5b3cc6cd7e
move the bridges proposal into a real proposal number.
...
svn:r12562
2007-11-23 23:40:21 +00:00
Andrew Lewman
402f46a0dd
Change up phobos' todos.
...
svn:r12555
2007-11-22 17:59:42 +00:00
Roger Dingledine
6514843026
cleanups, bump to 0.2.0.12-alpha
...
svn:r12516
2007-11-17 02:22:56 +00:00
Nick Mathewson
e843e05563
r16670@catbus: nickm | 2007-11-14 14:56:30 -0500
...
Initial phase of proposal 110: accept RELAY_EARLY cells, and turn them into RELAY cells when sending them on over a v1 OR connection.
svn:r12496
2007-11-14 20:01:15 +00:00
Nick Mathewson
d483d3144a
r16669@catbus: nickm | 2007-11-14 14:50:03 -0500
...
When we complete an OR handshake, set up all the internal fields and mark the connection as open.
svn:r12495
2007-11-14 20:01:12 +00:00
Roger Dingledine
3c0013b47a
explain how to become a bridge authority too
...
svn:r12482
2007-11-11 20:33:17 +00:00
Roger Dingledine
b3618cccf5
finish writing my overview of bridge design and deployment
...
svn:r12481
2007-11-11 20:12:32 +00:00
Roger Dingledine
a3edc3b154
make it clearer for nick that bug 548 needs solving
...
svn:r12474
2007-11-11 06:43:04 +00:00
Roger Dingledine
42b8fb5a15
Exit policies now reject connections that are addressed to a
...
relay's public (external) IP address too, unless
ExitPolicyRejectPrivate is turned off. We do this because too
many relays are running nearby to services that trust them based
on network address.
svn:r12459
2007-11-10 21:17:51 +00:00
Nick Mathewson
e0b9c893bc
r16573@catbus: nickm | 2007-11-08 11:57:16 -0500
...
Mess with the formula for the Guard flag again. Now it requires that you be in the most familiar 7/8 of nodes, and have above median wfu for that 7/8th. See spec for details. Also, log thresholds better.
svn:r12440
2007-11-08 16:58:59 +00:00
Roger Dingledine
46273c9080
remove some done items; mark some other items as done
...
svn:r12438
2007-11-08 16:36:49 +00:00
Nick Mathewson
c3a745951b
r16570@catbus: nickm | 2007-11-08 11:04:20 -0500
...
Keep track, for each OR connection, of the last time we added a non-padding cell to its outbuf. Use this timestamp, not "lastwritten" to tell if it is time to close a circuitless connection. (We can'tuse lastwritten, since lastwritten is updated when ever the connection flushes anything, and by that point we can no longer tell what is a padding cell and what is not.)
svn:r12437
2007-11-08 16:19:07 +00:00
Roger Dingledine
fa215a8f77
decide that messing with fallback-concensus for 0.2.0.10-alpha
...
isn't worth it. also mention bug 546 again.
svn:r12432
2007-11-08 04:43:43 +00:00
Roger Dingledine
997c1e5e0d
the other half of the made-up 'guard' heuristic
...
svn:r12429
2007-11-08 04:14:02 +00:00
Roger Dingledine
21ae1b6109
one possible heuristic for being a guard
...
svn:r12427
2007-11-07 23:07:39 +00:00
Nick Mathewson
d2bdb4ad25
r16552@catbus: nickm | 2007-11-07 17:12:11 -0500
...
some notes on 0.2.0.10-alpha blockers.
svn:r12426
2007-11-07 22:13:30 +00:00
Nick Mathewson
d279fb82e2
r16550@catbus: nickm | 2007-11-07 16:50:02 -0500
...
"And $499 for knowing where to hit it." Fix bug 546.
svn:r12425
2007-11-07 21:51:21 +00:00
Roger Dingledine
dbdb50fa87
four items blocking 0.2.0.10-alpha
...
svn:r12422
2007-11-07 19:58:52 +00:00
Nick Mathewson
0fa00d8ec6
r16479@catbus: nickm | 2007-11-06 18:10:02 -0500
...
Add "Blocking resistant TLS certificate usage" as proposal 124.
svn:r12405
2007-11-06 23:11:12 +00:00
Nick Mathewson
bc4cefcd7e
r16471@catbus: nickm | 2007-11-06 15:50:42 -0500
...
Detect whether any of the descriptors we want are in old_routers. Possibly useful in tracking down bug 543.
svn:r12404
2007-11-06 20:51:45 +00:00
Nick Mathewson
e047f7f865
r16455@catbus: nickm | 2007-11-06 12:48:00 -0500
...
Parse CERT cells and act correctly when we get them.
svn:r12396
2007-11-06 18:00:07 +00:00
Nick Mathewson
95c7b8cc64
r14729@31-33-67: nickm | 2007-11-05 18:54:50 -0500
...
Send and Parse CERT cells correctly. Still need to understand the certs inside.
svn:r12392
2007-11-05 23:55:43 +00:00
Nick Mathewson
6fcda5299f
r14727@31-33-67: nickm | 2007-11-05 18:34:35 -0500
...
Make VERSIONS variable-length.
svn:r12391
2007-11-05 23:34:39 +00:00
Nick Mathewson
9a20a64b62
r16438@catbus: nickm | 2007-11-05 16:45:45 -0500
...
Initial code for variable-length cells. CERT and VERSIONS need to use them.
svn:r12390
2007-11-05 21:46:35 +00:00
Nick Mathewson
85654f4ab9
r16432@catbus: nickm | 2007-11-05 14:18:57 -0500
...
Send and parse link_auth cells properly.
svn:r12386
2007-11-05 19:19:46 +00:00
Nick Mathewson
44eab517fc
r16414@catbus: nickm | 2007-11-05 13:14:46 -0500
...
Function to process link auth cells; stub function for cert cell processing
svn:r12385
2007-11-05 18:15:56 +00:00
Nick Mathewson
323490303e
r16412@catbus: nickm | 2007-11-05 11:45:17 -0500
...
Make TLS contexts reference-counted, and add a reference from TLS objects to their corresponding context. This lets us reliably get the certificates for a given TLS connection, even if we have rotated TLS contexts.
svn:r12383
2007-11-05 18:15:52 +00:00
Nick Mathewson
ea1bea5830
r16411@catbus: nickm | 2007-11-05 11:27:37 -0500
...
Remember X509 certificates in the context. Store peer/self certificate digests in handshake state.
svn:r12382
2007-11-05 18:15:50 +00:00
Nick Mathewson
e94fad36ac
r16409@catbus: nickm | 2007-11-05 10:38:25 -0500
...
Split handshake state into its own structure. Revise versions and netinfo code to use this structure.
svn:r12380
2007-11-05 18:15:44 +00:00
Nick Mathewson
a7993ea2b6
r16408@catbus: nickm | 2007-11-05 10:02:39 -0500
...
Edit TODO: remove some completed items, add breakdown for 105+TLS task.
svn:r12379
2007-11-05 18:15:42 +00:00
Roger Dingledine
8cc70addd7
minor fix
...
svn:r12367
2007-11-04 00:15:17 +00:00
Roger Dingledine
a2289c6fc6
more of r12364
...
svn:r12366
2007-11-04 00:14:58 +00:00
Roger Dingledine
4780f488c0
<mikeperry> the lesson probably should be automatic client upgrades :)
...
svn:r12348
2007-11-02 20:21:26 +00:00
Roger Dingledine
42e4acc41a
get my in-progress bridge proposal draft into svn so i don't
...
lose it
svn:r12347
2007-11-02 19:21:42 +00:00
Nick Mathewson
dddff3acf9
r14625@tombo: nickm | 2007-11-01 23:21:25 -0400
...
Merge revised behavior on proposal 105
svn:r12323
2007-11-02 03:21:54 +00:00
Andrew Lewman
2136c82ae0
As nick commented, tor's configure doesn't know what --enable-static and
...
--disable-shared actually are, so remove it from docs and spec file.
svn:r12321
2007-11-02 02:40:03 +00:00
Andrew Lewman
14be21f31e
Add a comment to the relaybandwidth bug.
...
svn:r12320
2007-11-02 02:32:47 +00:00
Nick Mathewson
832ef9562f
r14623@tombo: nickm | 2007-11-01 22:25:18 -0400
...
More tweaks from karsten, with some cleanup and commentary.
svn:r12319
2007-11-02 02:25:28 +00:00
Roger Dingledine
f8e05cb359
start on the 0.2.1.x todo list.
...
svn:r12316
2007-11-01 14:24:25 +00:00
Nick Mathewson
37c44b81df
r16326@catbus: nickm | 2007-11-01 00:56:45 -0400
...
As an authority, send back an X-Descriptor-Not-New header when we accept but do not store a descriptor. Partial implementation of fix for bug 535.
svn:r12310
2007-11-01 05:01:24 +00:00
Nick Mathewson
90ce047aae
r16323@catbus: nickm | 2007-11-01 00:32:12 -0400
...
Mark some finished items finished, some deferred items deferred, and move some "nice to haves" into "deferred-land."
svn:r12307
2007-11-01 04:38:45 +00:00