Commit Graph

2228 Commits

Author SHA1 Message Date
Roger Dingledine
42b8fb5a15 Exit policies now reject connections that are addressed to a
relay's public (external) IP address too, unless
ExitPolicyRejectPrivate is turned off. We do this because too
many relays are running nearby to services that trust them based
on network address.


svn:r12459
2007-11-10 21:17:51 +00:00
Nick Mathewson
e0b9c893bc r16573@catbus: nickm | 2007-11-08 11:57:16 -0500
Mess with the formula for the Guard flag again.  Now it requires that you be in the most familiar 7/8 of nodes, and have above median wfu for that 7/8th.  See spec for details.  Also, log thresholds better.


svn:r12440
2007-11-08 16:58:59 +00:00
Roger Dingledine
46273c9080 remove some done items; mark some other items as done
svn:r12438
2007-11-08 16:36:49 +00:00
Nick Mathewson
c3a745951b r16570@catbus: nickm | 2007-11-08 11:04:20 -0500
Keep track, for each OR connection, of the last time we added a non-padding cell to its outbuf.  Use this timestamp, not "lastwritten" to tell if it is time to close a circuitless connection.  (We can'tuse lastwritten, since lastwritten is updated when ever the connection flushes anything, and by that point we can no longer tell what is a padding cell and what is not.)


svn:r12437
2007-11-08 16:19:07 +00:00
Roger Dingledine
fa215a8f77 decide that messing with fallback-concensus for 0.2.0.10-alpha
isn't worth it. also mention bug 546 again.


svn:r12432
2007-11-08 04:43:43 +00:00
Roger Dingledine
997c1e5e0d the other half of the made-up 'guard' heuristic
svn:r12429
2007-11-08 04:14:02 +00:00
Roger Dingledine
21ae1b6109 one possible heuristic for being a guard
svn:r12427
2007-11-07 23:07:39 +00:00
Nick Mathewson
d2bdb4ad25 r16552@catbus: nickm | 2007-11-07 17:12:11 -0500
some notes on 0.2.0.10-alpha blockers.


svn:r12426
2007-11-07 22:13:30 +00:00
Nick Mathewson
d279fb82e2 r16550@catbus: nickm | 2007-11-07 16:50:02 -0500
"And $499 for knowing where to hit it."  Fix bug 546.


svn:r12425
2007-11-07 21:51:21 +00:00
Roger Dingledine
dbdb50fa87 four items blocking 0.2.0.10-alpha
svn:r12422
2007-11-07 19:58:52 +00:00
Nick Mathewson
0fa00d8ec6 r16479@catbus: nickm | 2007-11-06 18:10:02 -0500
Add "Blocking resistant TLS certificate usage" as proposal 124.


svn:r12405
2007-11-06 23:11:12 +00:00
Nick Mathewson
bc4cefcd7e r16471@catbus: nickm | 2007-11-06 15:50:42 -0500
Detect whether any of the descriptors we want are in old_routers. Possibly useful in tracking down bug 543.


svn:r12404
2007-11-06 20:51:45 +00:00
Nick Mathewson
e047f7f865 r16455@catbus: nickm | 2007-11-06 12:48:00 -0500
Parse CERT cells and act correctly when we get them.


svn:r12396
2007-11-06 18:00:07 +00:00
Nick Mathewson
95c7b8cc64 r14729@31-33-67: nickm | 2007-11-05 18:54:50 -0500
Send and Parse CERT cells correctly.  Still need to understand the certs inside.


svn:r12392
2007-11-05 23:55:43 +00:00
Nick Mathewson
6fcda5299f r14727@31-33-67: nickm | 2007-11-05 18:34:35 -0500
Make VERSIONS variable-length.


svn:r12391
2007-11-05 23:34:39 +00:00
Nick Mathewson
9a20a64b62 r16438@catbus: nickm | 2007-11-05 16:45:45 -0500
Initial code for variable-length cells. CERT and VERSIONS  need to use them.


svn:r12390
2007-11-05 21:46:35 +00:00
Nick Mathewson
85654f4ab9 r16432@catbus: nickm | 2007-11-05 14:18:57 -0500
Send and parse link_auth cells properly.


svn:r12386
2007-11-05 19:19:46 +00:00
Nick Mathewson
44eab517fc r16414@catbus: nickm | 2007-11-05 13:14:46 -0500
Function to process link auth cells; stub function for cert cell processing


svn:r12385
2007-11-05 18:15:56 +00:00
Nick Mathewson
323490303e r16412@catbus: nickm | 2007-11-05 11:45:17 -0500
Make TLS contexts reference-counted, and add a reference from TLS objects to their corresponding context.  This lets us reliably get the certificates for a given TLS connection, even if we have rotated TLS contexts.


svn:r12383
2007-11-05 18:15:52 +00:00
Nick Mathewson
ea1bea5830 r16411@catbus: nickm | 2007-11-05 11:27:37 -0500
Remember X509 certificates in the context.  Store peer/self certificate digests in handshake state.


svn:r12382
2007-11-05 18:15:50 +00:00
Nick Mathewson
e94fad36ac r16409@catbus: nickm | 2007-11-05 10:38:25 -0500
Split handshake state into its own structure.  Revise versions and netinfo code to use this structure.


svn:r12380
2007-11-05 18:15:44 +00:00
Nick Mathewson
a7993ea2b6 r16408@catbus: nickm | 2007-11-05 10:02:39 -0500
Edit TODO: remove some completed items, add breakdown for 105+TLS task.


svn:r12379
2007-11-05 18:15:42 +00:00
Roger Dingledine
8cc70addd7 minor fix
svn:r12367
2007-11-04 00:15:17 +00:00
Roger Dingledine
a2289c6fc6 more of r12364
svn:r12366
2007-11-04 00:14:58 +00:00
Roger Dingledine
4780f488c0 <mikeperry> the lesson probably should be automatic client upgrades :)
svn:r12348
2007-11-02 20:21:26 +00:00
Roger Dingledine
42e4acc41a get my in-progress bridge proposal draft into svn so i don't
lose it


svn:r12347
2007-11-02 19:21:42 +00:00
Nick Mathewson
dddff3acf9 r14625@tombo: nickm | 2007-11-01 23:21:25 -0400
Merge revised behavior on proposal 105


svn:r12323
2007-11-02 03:21:54 +00:00
Andrew Lewman
2136c82ae0 As nick commented, tor's configure doesn't know what --enable-static and
--disable-shared actually are, so remove it from docs and spec file.


svn:r12321
2007-11-02 02:40:03 +00:00
Andrew Lewman
14be21f31e Add a comment to the relaybandwidth bug.
svn:r12320
2007-11-02 02:32:47 +00:00
Nick Mathewson
832ef9562f r14623@tombo: nickm | 2007-11-01 22:25:18 -0400
More tweaks from karsten, with some cleanup and commentary.


svn:r12319
2007-11-02 02:25:28 +00:00
Roger Dingledine
f8e05cb359 start on the 0.2.1.x todo list.
svn:r12316
2007-11-01 14:24:25 +00:00
Nick Mathewson
37c44b81df r16326@catbus: nickm | 2007-11-01 00:56:45 -0400
As an authority, send back an X-Descriptor-Not-New header when we accept but do not store a descriptor.  Partial implementation of fix for bug 535.


svn:r12310
2007-11-01 05:01:24 +00:00
Nick Mathewson
90ce047aae r16323@catbus: nickm | 2007-11-01 00:32:12 -0400
Mark some finished items finished, some deferred items deferred, and move some "nice to haves" into "deferred-land."


svn:r12307
2007-11-01 04:38:45 +00:00
Nick Mathewson
2645219b4c r16322@catbus: nickm | 2007-11-01 00:26:15 -0400
Implement --quiet.


svn:r12306
2007-11-01 04:38:43 +00:00
Nick Mathewson
401b5c26de r16320@catbus: nickm | 2007-11-01 00:11:20 -0400
Learn new addresses for authorities from their certificates.


svn:r12305
2007-11-01 04:14:23 +00:00
Nick Mathewson
7e80640b97 r16285@catbus: nickm | 2007-10-30 17:43:25 -0400
Implement (but do not enable) link connection version negotiation


svn:r12286
2007-10-30 21:46:02 +00:00
Nick Mathewson
57f7c852f8 r16282@catbus: nickm | 2007-10-30 14:28:58 -0400
Implement lots of proposal 105.  None of it is enabled yet.


svn:r12285
2007-10-30 18:31:30 +00:00
Nick Mathewson
c0c2001a5b r16279@catbus: nickm | 2007-10-30 11:14:29 -0400
Improved skew reporting:  "You are 365 days in the duture" is more useful than "You are 525600 minutes in the future".  Also, when we get something that proves we are at least an hour in the past, tell the controller "CLOCK_SKEW MIN_SKEW=-3600" rather than just "CLOCK_SKEW"


svn:r12283
2007-10-30 15:17:07 +00:00
Nick Mathewson
7709fb7143 r16278@catbus: nickm | 2007-10-30 09:46:28 -0400
Accept future networkstatus documents, but warn about skew when we get them.


svn:r12282
2007-10-30 15:17:01 +00:00
Nick Mathewson
6ad71ec37f r16261@catbus: nickm | 2007-10-29 13:19:44 -0400
Note another task to do by wednesday. Argh.


svn:r12271
2007-10-29 19:10:38 +00:00
Nick Mathewson
1c451b9db9 r16252@catbus: nickm | 2007-10-29 11:13:03 -0400
Change symbol from DATADIR to SHARE_DATADIR, since DATADIR conflicts with objidl.h in mingw.


svn:r12268
2007-10-29 15:15:49 +00:00
Andrew Lewman
28652aec69 And more places with the wrong url, now updated.
svn:r12267
2007-10-29 01:08:22 +00:00
Nick Mathewson
f09d53bbf1 r16246@catbus: nickm | 2007-10-28 19:34:58 -0400
Implement a FallbackNetworkstatusFile (default to $prefix/share/tor/fallback-consensus) to that we know about lots of directory servers and routers when we start up the first time.


svn:r12259
2007-10-28 23:44:53 +00:00
Nick Mathewson
20b1085989 r16242@catbus: nickm | 2007-10-28 16:28:13 -0400
Implement if-modified-since for consensus networkstatuses so that we do not download duplicates needlessly.


svn:r12258
2007-10-28 20:30:21 +00:00
Nick Mathewson
c58675ca72 r16236@catbus: nickm | 2007-10-28 14:36:30 -0400
Patch from Karsten Loesing: encode and parse v2 rendezvous descriptors.


svn:r12254
2007-10-28 19:48:14 +00:00
Nick Mathewson
665aa7659c r16234@catbus: nickm | 2007-10-28 14:27:22 -0400
Clean up a couple of comments from r12244.


svn:r12253
2007-10-28 18:29:29 +00:00
Roger Dingledine
abe8afbdc9 a todo clump for tor mirror todos
svn:r12250
2007-10-28 11:57:51 +00:00
Roger Dingledine
e5885deab5 Separate "SOCKS_COMMAND_CONNECT_DIR" into two flags in
edge_connection_t: want_onehop if it must attach to a circuit with
only one hop (e.g. for the current tunnelled connections that use
begin_dir), and use_begindir if we mean to use a BEGIN_DIR relay
command to establish the stream rather than the normal BEGIN. Now
we can make anonymized begin_dir connections for (e.g.) more secure
hidden service posting and fetching.


svn:r12244
2007-10-28 08:16:19 +00:00
Andrew Lewman
93c1401300 Update a task.
svn:r12240
2007-10-28 02:24:00 +00:00
Andrew Lewman
7d55eea6bc add comments to two tasks
svn:r12239
2007-10-28 01:22:04 +00:00