Commit Graph

2526 Commits

Author SHA1 Message Date
Nick Mathewson
b8f1092077 r14420@tombo: nickm | 2008-02-24 16:58:22 -0500
More TODO items for 0.2.1.x


svn:r13698
2008-02-24 22:11:08 +00:00
Roger Dingledine
fd8a386040 put some deliverables earlier in the roadmap
svn:r13695
2008-02-24 22:02:34 +00:00
Roger Dingledine
c3ac638971 more details on 'everybody can be a relay'
svn:r13684
2008-02-23 00:50:45 +00:00
Nick Mathewson
a20eda5669 r14396@tombo: nickm | 2008-02-22 14:07:37 -0500
Add --passphrase-fd to tor-gencert.


svn:r13679
2008-02-22 19:07:52 +00:00
Roger Dingledine
67f5978001 expand the translation portal idea a bit
svn:r13667
2008-02-21 23:09:51 +00:00
Nick Mathewson
b21a122ef6 r14379@tombo: nickm | 2008-02-21 17:14:24 -0500
Enable v2 handshakes.


svn:r13666
2008-02-21 22:14:32 +00:00
Nick Mathewson
5c03f82a65 r18345@catbus: nickm | 2008-02-21 13:45:04 -0500
Do the last part of arma's fix for bug 437: Track the origin of every addrmap, and use this info so we can remove all the trackhostexits-originated mappings for a given exit.


svn:r13660
2008-02-21 18:45:11 +00:00
Nick Mathewson
6b50f5ae5d r14364@31-33-219: nickm | 2008-02-21 11:11:56 -0500
Note in the TODO some stuff I want to do in the next dev cycle so it stops bouncing around in my head


svn:r13659
2008-02-21 16:12:05 +00:00
Roger Dingledine
b3c0d066e5 other cleanups that have been sitting in my sandbox
svn:r13649
2008-02-21 09:01:32 +00:00
Roger Dingledine
828c707812 Change the behavior of "getinfo status/good-server-descriptor"
so it doesn't return failure when any authority disappears.


svn:r13645
2008-02-21 06:06:45 +00:00
Andrew Lewman
b9a7649576 update thoughts on documentation license.
svn:r13549
2008-02-17 21:44:22 +00:00
Nick Mathewson
faa56a500b r14236@tombo: nickm | 2008-02-17 13:44:55 -0500
Partial fix for bug 586: Add an ephemeral __HashedControlSessionPassword.


svn:r13543
2008-02-17 18:45:07 +00:00
Roger Dingledine
256fd43e42 move todo stuff around a bit
svn:r13541
2008-02-17 16:50:48 +00:00
Roger Dingledine
861c79dc5d put some external constraints into our todo list
svn:r13528
2008-02-15 20:20:24 +00:00
Roger Dingledine
3abafccd0e Start choosing which bridge to use proportional to its advertised
bandwidth, rather than uniformly at random. This should speed up Tor
for bridge users. Also do this for people who set StrictEntryNodes.


svn:r13486
2008-02-12 22:02:47 +00:00
Nick Mathewson
d3331b3c12 r18054@catbus: nickm | 2008-02-12 15:42:36 -0500
Clarify a non-obvious point in control-spec.txt; patch from mwenge.


svn:r13485
2008-02-12 20:42:40 +00:00
Nick Mathewson
f3eaeb99a3 r18051@catbus: nickm | 2008-02-12 15:20:43 -0500
Re-tune mempool parametes based on testing on peacetime: use smaller chuncks, free them a little more aggressively, and try very hard to concentrate allocations on fuller chunks.  Also, lots of new documentation.


svn:r13484
2008-02-12 20:20:52 +00:00
Nick Mathewson
c7537ae8be r18043@catbus: nickm | 2008-02-11 23:45:07 -0500
Update TODO with TLS progress.


svn:r13478
2008-02-12 04:45:11 +00:00
Nick Mathewson
ab0c85eea6 r14103@tombo: nickm | 2008-02-10 13:40:09 -0500
Fix some XXX020s in command.c, and make it not-allowed to negotiate v1 using the v2 connection protocol: it is too hard to test, and pointless to support.


svn:r13460
2008-02-10 18:40:29 +00:00
Roger Dingledine
50113a2842 other cleanups
svn:r13448
2008-02-09 17:56:52 +00:00
Roger Dingledine
2475e33124 defer two things from the 0.2.0 timeframe
svn:r13447
2008-02-09 17:50:57 +00:00
Nick Mathewson
e3f9c42668 r17993@catbus: nickm | 2008-02-08 18:41:50 -0500
note progress on tls work


svn:r13435
2008-02-08 23:41:52 +00:00
Nick Mathewson
de827f89df r14062@tombo: nickm | 2008-02-08 15:17:07 -0500
Change DNs in x509 certificates to be harder to fingerprint.  Raise common code.  Refactor random hostname generation into crypto.c


svn:r13429
2008-02-08 21:13:12 +00:00
Nick Mathewson
46b1a21dc4 r17955@catbus: nickm | 2008-02-06 16:53:07 -0500
The SSL portion of the revised handshake now seems to work: I just finally got a client and a server to negotiate versions.  Now to make sure certificate verification is really happening, connections are getting opened, etc.


svn:r13409
2008-02-06 21:53:13 +00:00
Nick Mathewson
a869574c56 r17947@catbus: nickm | 2008-02-06 11:57:53 -0500
Fix a bunch of DOCDOC items; document the --quiet flag; refactor a couple of XXXX020 items.


svn:r13405
2008-02-06 16:58:05 +00:00
Nick Mathewson
ff9bd0fd3a r17929@catbus: nickm | 2008-02-05 17:10:26 -0500
Fix or downgrade a few XXX020 items.


svn:r13393
2008-02-05 23:20:44 +00:00
Nick Mathewson
fac2cd3b03 r17916@catbus: nickm | 2008-02-05 16:29:35 -0500
Fix some XXX020 items in control.c: add a maximum line length and note that the number of versioning authorities is no longer apparent to clients.


svn:r13390
2008-02-05 21:39:49 +00:00
Nick Mathewson
bd5bcbdc09 r17912@catbus: nickm | 2008-02-05 15:57:51 -0500
Document truncation of version lines


svn:r13386
2008-02-05 21:39:38 +00:00
Roger Dingledine
12fbf01abe down to 24 pages
svn:r13290
2008-01-26 02:48:43 +00:00
Roger Dingledine
0ddd28b75e spec tweaks
svn:r13264
2008-01-24 22:47:39 +00:00
Roger Dingledine
d2a04d7e06 a new style file. and blow away a section that turned out to be dumb.
svn:r13223
2008-01-22 05:50:58 +00:00
Nick Mathewson
8505ee8310 r17723@catbus: nickm | 2008-01-22 00:14:57 -0500
Make idea proposal into proposal 130; answer question by sjmurdoch; mark 124 superseded; reindex


svn:r13222
2008-01-22 05:15:05 +00:00
Roger Dingledine
b79850d574 Make "ClientOnly 1" config option disable directory ports too.
svn:r13213
2008-01-21 21:00:50 +00:00
Roger Dingledine
e42a6794dc condense the rest of the discussion into proposal 129
svn:r13211
2008-01-21 17:36:47 +00:00
Roger Dingledine
10ed49643e proposal from Kevin Bauer & Damon McCoy to reject vulnerable-plaintext
ports (reformatted by me)


svn:r13210
2008-01-21 16:57:12 +00:00
Roger Dingledine
ff62154ba3 New config options WarnPlaintextPorts and RejectPlaintextPorts so
Tor can warn and/or refuse connections to ports commonly used with
vulnerable-plaintext protocols.

We still need to figure out some good defaults for them.


svn:r13198
2008-01-20 05:54:15 +00:00
Roger Dingledine
43dce232ad If we've gone 12 hours since our last bandwidth check, and we
estimate we have less than 50KB bandwidth capacity but we could
handle more, do another bandwidth test.


svn:r13176
2008-01-18 04:58:40 +00:00
Roger Dingledine
b4b3472b9f Make the tor-gencert man page get included correctly in the tarball.
svn:r13163
2008-01-17 20:32:37 +00:00
Roger Dingledine
8e601e0ae5 explain a bit about router descriptor purposes
svn:r13154
2008-01-17 05:47:44 +00:00
Roger Dingledine
a03d0e16e4 minor tweaks of the v2-conn-protocol text
svn:r13117
2008-01-12 19:50:52 +00:00
Nick Mathewson
01df4856f7 r17581@catbus: nickm | 2008-01-12 00:52:35 -0500
Actually write up what I'm implementing for the v2 connection protocol


svn:r13113
2008-01-12 05:53:03 +00:00
Roger Dingledine
23a891bf4d add in a pdf so it'll be in our svn
svn:r13103
2008-01-11 03:18:56 +00:00
Roger Dingledine
4cf1b35a23 start to flesh out the issues; and add some more
svn:r13101
2008-01-11 02:23:33 +00:00
Roger Dingledine
8435de3c78 add an outline for a new roadmap
svn:r13099
2008-01-10 19:08:07 +00:00
Nick Mathewson
10d86f7615 r17558@catbus: nickm | 2008-01-10 13:07:41 -0500
If we do not serve v2 directory info, and our cached v2 networkstatus files are very old, remove them.  If the directory is old, remove that too.  (We already did this for obsolete routers files.)


svn:r13096
2008-01-10 18:08:42 +00:00
Nick Mathewson
04263648c4 r17554@catbus: nickm | 2008-01-10 12:48:29 -0500
Do not send bridge descriptors over unencrypted connections.


svn:r13094
2008-01-10 17:48:40 +00:00
Nick Mathewson
29b0f51a73 r17553@catbus: nickm | 2008-01-10 12:18:27 -0500
Add connection_dir_is_encrypted() so that we can refrain from sending bridge descriptors over an unencrypted link.


svn:r13093
2008-01-10 17:48:36 +00:00
Nick Mathewson
59fdab43cd r17552@catbus: nickm | 2008-01-10 12:13:43 -0500
Make bridge geoip data get rounded up, not down.


svn:r13092
2008-01-10 17:48:32 +00:00
Nick Mathewson
c508fa5aec r17550@catbus: nickm | 2008-01-10 12:08:01 -0500
Add a manual page for tor-gencert.  Also implement the missing -s option in tor-gencert, and fix the info message for when no cert file is specified.


svn:r13091
2008-01-10 17:08:05 +00:00
Nick Mathewson
ca5f670fab r17548@catbus: nickm | 2008-01-10 11:08:12 -0500
Make proposal-109 behavior optional.


svn:r13090
2008-01-10 16:08:47 +00:00
Roger Dingledine
e3d4997960 work down todo list for more 0.2.0.x issues
svn:r13087
2008-01-09 22:38:04 +00:00
Roger Dingledine
f033bd062f remove some of the done items, in preparation for overhaul
svn:r13085
2008-01-09 15:11:49 +00:00
Roger Dingledine
c7df6b4908 remove some done things. move a lot more into the 0.2.1.x section.
there remain a bunch of things in the 0.2.0.x section that we should
either do or move into 0.2.1.x.


svn:r13084
2008-01-09 14:45:43 +00:00
Roger Dingledine
958c524a2b start a roadmap for 2008 and beyond. based on 2007 roadmap as
a starting point.


svn:r13083
2008-01-09 14:21:00 +00:00
Roger Dingledine
3618b7eac3 a few items done, another item we should do
svn:r13082
2008-01-09 13:59:20 +00:00
Roger Dingledine
c7d3c7acd2 another blog todo
svn:r13075
2008-01-08 17:33:09 +00:00
Roger Dingledine
80196fb9ab three blog-related todo items
svn:r13074
2008-01-08 13:21:49 +00:00
Nick Mathewson
dd35fe59c4 r17499@catbus: nickm | 2008-01-07 13:39:46 -0500
Bugfix on fix for 557: Make values containing special characters work right with getconf, setconf, and saveconf.  Document this in control-spec.txt


svn:r13056
2008-01-07 18:54:55 +00:00
Roger Dingledine
a516973275 first thoughts on rate limiting stream creations at exits
svn:r13048
2008-01-07 10:41:49 +00:00
Nick Mathewson
58de695f90 r15787@tombo: nickm | 2008-01-02 01:59:07 -0500
Allow config values in quotes to contain special characters, with full C escape syntax.  With tests.  Addresses bug 557.


svn:r13021
2008-01-02 06:59:15 +00:00
Andrew Lewman
99be6dae1e update the license for 2008, complete a todo.
svn:r13014
2008-01-01 04:27:13 +00:00
Andrew Lewman
0421e53c66 Fix a typo. Thanks sjmurdoch.
svn:r12978
2007-12-25 19:02:12 +00:00
Karsten Loesing
506a02d485 proposal 121: replaced misleading term "authentication" by "authorization", added some clarifications (comments by Sven Kaffille)
svn:r12967
2007-12-25 11:34:29 +00:00
Roger Dingledine
c6788cc0de The bridge GeoIP stats were counting other relays, for example
self-reachability and authority-reachability tests.


svn:r12960
2007-12-25 00:07:13 +00:00
Roger Dingledine
24d46eccb9 minor patches from Christian Brueffer
svn:r12958
2007-12-24 22:05:05 +00:00
Roger Dingledine
44ca13ceaa some geoip related todo items
svn:r12951
2007-12-24 11:18:05 +00:00
Nick Mathewson
da06bfb80f r15653@tombo: nickm | 2007-12-23 14:15:12 -0500
Refactor circuit_launch* functions to take a bitfield of flags rather than 4 separate nonconsecutive flags arguments.  Also, note a possible but in circuit_find_to_cannibalize, which seems to be ignoring its purpose argument.


svn:r12948
2007-12-23 19:15:22 +00:00
Roger Dingledine
9dcde682f5 minor other things in my sandbox
svn:r12934
2007-12-23 01:28:25 +00:00
Roger Dingledine
33f9c2c157 todo:
if we notice a cached-status directory and we're not serving v2 dir
info and it's old enough, delete it. same with cached-routers*.


svn:r12924
2007-12-22 09:09:43 +00:00
Roger Dingledine
a03aa2ef6e a todo item that nick might like sometime
svn:r12920
2007-12-22 06:11:29 +00:00
Roger Dingledine
8f779aee5a trivial whitespace fix
svn:r12912
2007-12-21 23:23:53 +00:00
Roger Dingledine
b70deb50e5 todo: write a tor-gencert man page
svn:r12908
2007-12-21 10:52:47 +00:00
Roger Dingledine
e710710e87 clean up changelog and todo file
svn:r12899
2007-12-21 07:29:55 +00:00
Roger Dingledine
9ebf86bb66 new config option FetchDirInfoEarly for tup/ioerror and the tordnsel
svn:r12896
2007-12-21 06:08:00 +00:00
Roger Dingledine
f405f9b614 Make getinfo ns/purpose/bridge actually work
Also, dump our bridge router status entries to disk every 30 minutes.


svn:r12871
2007-12-19 04:58:58 +00:00
Nick Mathewson
95fecd6fbc r15560@tombo: nickm | 2007-12-18 23:18:21 -0500
Add a bit of missing documentation.


svn:r12869
2007-12-19 04:18:28 +00:00
Nick Mathewson
95d500f33f r15558@tombo: nickm | 2007-12-18 22:55:23 -0500
Re-parse annotations in another place.  Good catch, arma.


svn:r12868
2007-12-19 03:55:40 +00:00
Roger Dingledine
74d05f4b2c answer getinfo ns/purpose/bridge queries
svn:r12860
2007-12-18 22:39:15 +00:00
Nick Mathewson
bbbf25db4d r17233@catbus: nickm | 2007-12-18 16:26:55 -0500
Changelog entry for geoip.


svn:r12858
2007-12-18 21:27:12 +00:00
Nick Mathewson
b8ac050e85 r15532@tombo: nickm | 2007-12-17 17:41:05 -0500
clean up whitesapce and debug a little on geoip stuff.


svn:r12847
2007-12-17 22:44:18 +00:00
Nick Mathewson
25f78498f9 r15531@tombo: nickm | 2007-12-17 17:19:24 -0500
Support raw IP-to-country as well as postprocessed format.  Include GEOIP summary in extrainfo of bridges.


svn:r12846
2007-12-17 22:44:16 +00:00
Nick Mathewson
820159cac5 r15530@tombo: nickm | 2007-12-17 16:54:03 -0500
First wodge of geoip code so bridges can figure out which countries are blocking them.


svn:r12845
2007-12-17 22:44:11 +00:00
Roger Dingledine
71c84abdff cleanups on r12825
svn:r12826
2007-12-15 20:50:56 +00:00
Roger Dingledine
31324f3e7f apply karsten's "patch 12"
svn:r12825
2007-12-15 20:28:09 +00:00
Karsten Loesing
5864b43e02 proposal 121: rewrote complete proposal for better readability, modified authentication protocol, merged in personal notes
svn:r12824
2007-12-15 20:09:43 +00:00
Andrew Lewman
f50cd72848 some documentation from pnx for building universal binary privoxy
svn:r12807
2007-12-14 05:30:18 +00:00
Roger Dingledine
408a4fa9b4 a todo entry extracted from a poor bug report
svn:r12802
2007-12-14 04:13:19 +00:00
Roger Dingledine
2cdaa93d96 change the specs to match the code
svn:r12799
2007-12-13 05:47:08 +00:00
Roger Dingledine
5ba5bf43d8 new v3 authorities will want the one that includes lefkada
svn:r12792
2007-12-13 00:01:49 +00:00
Roger Dingledine
6e799a6e9c minor cleanups and a todo item
svn:r12785
2007-12-12 21:08:30 +00:00
Roger Dingledine
1572de49bc write down my some reliable / some not idea, before we lose it
svn:r12781
2007-12-12 17:02:47 +00:00
Roger Dingledine
3b2dd8d763 Three new config options (AlternateDirAuthority,
AlternateBridgeAuthority, and AlternateHSAuthority) that let the
user selectively replace the default directory authorities, rather
than the all-or-nothing replacement that DirServer offers.


svn:r12777
2007-12-12 04:38:54 +00:00
Nick Mathewson
b865587265 r15268@tombo: nickm | 2007-12-11 18:22:52 -0500
tweaks to bridge-disbursement document


svn:r12774
2007-12-11 23:23:25 +00:00
Roger Dingledine
78f532678c Relays were publishing their server descriptor to v1 and v2
directory authorities, but they didn't try publishing to v3-only
authorities. Fix this; and also stop publishing to v1 authorities.


svn:r12759
2007-12-11 20:18:12 +00:00
Roger Dingledine
ee6ae92670 New config options AuthDirBadDir and AuthDirListBadDirs for
authorities to mark certain relays as "bad directories" in the
networkstatus documents. Also supports the "!baddir" directive in
the approved-routers file.


svn:r12754
2007-12-10 16:49:54 +00:00
Roger Dingledine
5928203e9f some more docs that are missing
svn:r12753
2007-12-10 16:49:35 +00:00
Roger Dingledine
6dfd47467e Allow multiple HashedControlPassword config lines, to support
multiple controller passwords.


svn:r12732
2007-12-09 04:59:27 +00:00
Karsten Loesing
6bf8e8aec3 proposal 121: incorporated comments by Nick posted to or-dev on 10-Oct-2007
svn:r12725
2007-12-09 00:18:51 +00:00
Roger Dingledine
88fa4417e3 attacks and cleanups on the bridge disbursement plans
svn:r12720
2007-12-08 04:13:07 +00:00
Roger Dingledine
9250653471 cleanups on r12715
svn:r12718
2007-12-08 00:55:18 +00:00
Nick Mathewson
2dd9d87d07 r15220@tombo: nickm | 2007-12-07 19:53:27 -0500
add draft sketch of bridge disbursement designs.


svn:r12717
2007-12-08 00:53:43 +00:00
Roger Dingledine
2b8ca7b4a4 patch from karsten to clean up documentation and to integrate
more fixes into rend-spec.txt.


svn:r12715
2007-12-07 21:27:58 +00:00
Roger Dingledine
4152a4e835 back out half of r12709
sptor is published, it's gone, out the door, can't change it.


svn:r12710
2007-12-07 02:47:58 +00:00
Nick Mathewson
21aa295bec r16999@catbus: nickm | 2007-12-06 19:24:26 -0500
Make a couple of http instances into https.  Again, from steve.


svn:r12709
2007-12-07 00:24:28 +00:00
Nick Mathewson
2e378295d6 r16997@catbus: nickm | 2007-12-06 18:56:33 -0500
Make http://torproject urls into https://torproject urls.  Patch from steve.


svn:r12708
2007-12-06 23:56:36 +00:00
Nick Mathewson
92372b156a r16995@catbus: nickm | 2007-12-06 18:42:53 -0500
patch from steve: replace more tor.eff.org instances with torproject.org


svn:r12707
2007-12-06 23:42:59 +00:00
Roger Dingledine
75c38a2c88 Bridges now behave like clients with respect to time intervals for
downloading new consensus documents. Bridge users now wait until
the end of the interval, so their bridge will be sure to have a
new consensus document.


svn:r12696
2007-12-06 17:01:16 +00:00
Roger Dingledine
8b2585854a more work on the dirport-mirrors-downloads proposal. still not
really solved well yet.


svn:r12690
2007-12-06 10:54:57 +00:00
Roger Dingledine
94f7f4be6c three more man page entries for bridges
svn:r12689
2007-12-06 08:41:52 +00:00
Roger Dingledine
8de470cf69 Add "GETINFO/desc-annotations/id/<OR digest>" so controllers can
ask about source, timestamp of arrival, purpose, etc. We need
something like this to help Vidalia not do GeoIP lookups on bridge 
addresses.


svn:r12687
2007-12-06 07:15:06 +00:00
Roger Dingledine
3ff63b6f4e When the DANGEROUS_VERSION controller status event told us we're
running an obsolete version, it used the string "OLD" to describe
it. Yet the "getinfo" interface used the string "OBSOLETE". Now use
"OBSOLETE" in both cases.


svn:r12686
2007-12-05 19:32:58 +00:00
Roger Dingledine
a8d36c8243 some more man page entries. still missing some.
svn:r12685
2007-12-05 19:24:12 +00:00
Roger Dingledine
bf30043c88 a hint about how to be more secure
svn:r12683
2007-12-05 19:22:37 +00:00
Roger Dingledine
2d52336b60 make a new 'ideas' subdir for half-baked proposals.
make a new 'draft' status for nearly-baked proposals.


svn:r12677
2007-12-05 06:00:03 +00:00
Roger Dingledine
a1af56bce2 expand on a few items, and remove some done items
svn:r12676
2007-12-05 05:57:52 +00:00
Roger Dingledine
9cb8a4940c move the december feature list up into the 0.2.0 section of
the todo list. the feature freeze is off. better luck in 2008!


svn:r12675
2007-12-05 05:46:52 +00:00
Nick Mathewson
569ade5143 r15151@tombo: nickm | 2007-12-04 17:29:17 -0500
Remove some finished items from the TODO


svn:r12674
2007-12-04 22:29:26 +00:00
Nick Mathewson
b6a194f896 svn:r12671 2007-12-04 19:38:42 +00:00
Roger Dingledine
4a03959b10 a few more thoughts on mirroring dist/ on bridges
svn:r12667
2007-12-04 18:34:30 +00:00
Roger Dingledine
9f25d3b0a6 notes on an auto updater. not enough of a proposal to give
it a number yet though.


svn:r12662
2007-12-04 13:18:32 +00:00
Roger Dingledine
52e0bc69c0 some very early notes on bridge families
svn:r12645
2007-12-03 11:40:27 +00:00
Roger Dingledine
9db8ee8427 propsets
svn:r12644
2007-12-03 11:18:44 +00:00
Roger Dingledine
628697acfa come up with a plan for publishing ip-to-country usage summaries
svn:r12642
2007-12-03 06:03:56 +00:00
Roger Dingledine
c8b4d43262 some notes on tor dist/ and website/ mirrors via dir caches
svn:r12640
2007-12-02 14:41:39 +00:00
Roger Dingledine
25a43314d1 another attack on bridges. darn it.
svn:r12639
2007-12-02 13:51:16 +00:00
Roger Dingledine
07dbaaac16 We were ignoring our RelayBandwidthRate for the first 30 seconds
after opening a circuit -- even relayed circuits. Bugfix on
0.2.0.3-alpha.


svn:r12638
2007-12-02 11:24:06 +00:00
Roger Dingledine
79432e9967 another item we can defer if we need to
svn:r12637
2007-12-02 11:22:42 +00:00
Roger Dingledine
c5ea4ac2ae fix word
svn:r12632
2007-12-02 06:11:26 +00:00
Nick Mathewson
4a6d969139 r15094@tombo: nickm | 2007-12-01 03:46:07 -0500
server-side code (for when v2 negotiation occurred) to check for renegotiation and adjust client ID info accordingly.  server-side of new TLS code is now implemented, but needs testing and debugging.


svn:r12624
2007-12-01 08:47:13 +00:00
Nick Mathewson
d8ad247dfd r15088@tombo: nickm | 2007-11-30 23:47:29 -0500
Add support to get a callback invoked when the client renegotiate a connection.  Also, make clients renegotiate.  (not enabled yet, until they detect that the server acted like a v2 server)


svn:r12623
2007-12-01 08:09:48 +00:00
Nick Mathewson
1789f94668 r15087@tombo: nickm | 2007-11-30 22:32:26 -0500
Start getting freaky with openssl callbacks in tortls.c: detect client ciphers, and if the list doesn't look like the list current Tors use, present only a single cert do not ask for a client cert. Also, support for client-side renegotiation.  None of this is enabled unless you define V2_HANDSHAKE_SERVER.


svn:r12622
2007-12-01 08:09:46 +00:00
Roger Dingledine
e9b999ff22 and one last fix
svn:r12610
2007-11-29 16:16:50 +00:00
Roger Dingledine
996b8719e5 fix some typos (i think) in the dir spec. also, note that you'd
better *not* publish a cosmetically similar descriptor within 12
hours of the last one.


svn:r12605
2007-11-29 13:19:11 +00:00
Roger Dingledine
b258d3ec5a is this a good idea, karsten/nick?
svn:r12604
2007-11-29 13:05:52 +00:00
Roger Dingledine
ff981c8805 doc fixes from karsten
svn:r12603
2007-11-29 12:51:50 +00:00
Roger Dingledine
4a08380ad7 controllers need a way to learn router annotations
svn:r12602
2007-11-29 11:35:08 +00:00
Roger Dingledine
30cbcaecc5 more progress on the geoip proposal
svn:r12599
2007-11-29 06:14:41 +00:00
Roger Dingledine
d2d65666c4 our december todo list
svn:r12598
2007-11-28 20:21:28 +00:00
Roger Dingledine
86551d411d more items for the todo list
svn:r12572
2007-11-26 06:26:47 +00:00
Roger Dingledine
17393b8359 draft of a proposal: Fetching GeoIP databases for clients, relays, and bridges
svn:r12566
2007-11-24 15:28:08 +00:00
Roger Dingledine
5b3cc6cd7e move the bridges proposal into a real proposal number.
svn:r12562
2007-11-23 23:40:21 +00:00
Andrew Lewman
402f46a0dd Change up phobos' todos.
svn:r12555
2007-11-22 17:59:42 +00:00
Roger Dingledine
6514843026 cleanups, bump to 0.2.0.12-alpha
svn:r12516
2007-11-17 02:22:56 +00:00
Nick Mathewson
e843e05563 r16670@catbus: nickm | 2007-11-14 14:56:30 -0500
Initial phase of proposal 110: accept RELAY_EARLY cells, and turn them into RELAY cells when sending them on over a v1 OR connection.


svn:r12496
2007-11-14 20:01:15 +00:00
Nick Mathewson
d483d3144a r16669@catbus: nickm | 2007-11-14 14:50:03 -0500
When we complete an OR handshake, set up all the internal fields and mark the connection as open.


svn:r12495
2007-11-14 20:01:12 +00:00
Roger Dingledine
3c0013b47a explain how to become a bridge authority too
svn:r12482
2007-11-11 20:33:17 +00:00
Roger Dingledine
b3618cccf5 finish writing my overview of bridge design and deployment
svn:r12481
2007-11-11 20:12:32 +00:00
Roger Dingledine
a3edc3b154 make it clearer for nick that bug 548 needs solving
svn:r12474
2007-11-11 06:43:04 +00:00
Roger Dingledine
42b8fb5a15 Exit policies now reject connections that are addressed to a
relay's public (external) IP address too, unless
ExitPolicyRejectPrivate is turned off. We do this because too
many relays are running nearby to services that trust them based
on network address.


svn:r12459
2007-11-10 21:17:51 +00:00
Nick Mathewson
e0b9c893bc r16573@catbus: nickm | 2007-11-08 11:57:16 -0500
Mess with the formula for the Guard flag again.  Now it requires that you be in the most familiar 7/8 of nodes, and have above median wfu for that 7/8th.  See spec for details.  Also, log thresholds better.


svn:r12440
2007-11-08 16:58:59 +00:00
Roger Dingledine
46273c9080 remove some done items; mark some other items as done
svn:r12438
2007-11-08 16:36:49 +00:00
Nick Mathewson
c3a745951b r16570@catbus: nickm | 2007-11-08 11:04:20 -0500
Keep track, for each OR connection, of the last time we added a non-padding cell to its outbuf.  Use this timestamp, not "lastwritten" to tell if it is time to close a circuitless connection.  (We can'tuse lastwritten, since lastwritten is updated when ever the connection flushes anything, and by that point we can no longer tell what is a padding cell and what is not.)


svn:r12437
2007-11-08 16:19:07 +00:00
Roger Dingledine
fa215a8f77 decide that messing with fallback-concensus for 0.2.0.10-alpha
isn't worth it. also mention bug 546 again.


svn:r12432
2007-11-08 04:43:43 +00:00
Roger Dingledine
997c1e5e0d the other half of the made-up 'guard' heuristic
svn:r12429
2007-11-08 04:14:02 +00:00
Roger Dingledine
21ae1b6109 one possible heuristic for being a guard
svn:r12427
2007-11-07 23:07:39 +00:00
Nick Mathewson
d2bdb4ad25 r16552@catbus: nickm | 2007-11-07 17:12:11 -0500
some notes on 0.2.0.10-alpha blockers.


svn:r12426
2007-11-07 22:13:30 +00:00
Nick Mathewson
d279fb82e2 r16550@catbus: nickm | 2007-11-07 16:50:02 -0500
"And $499 for knowing where to hit it."  Fix bug 546.


svn:r12425
2007-11-07 21:51:21 +00:00
Roger Dingledine
dbdb50fa87 four items blocking 0.2.0.10-alpha
svn:r12422
2007-11-07 19:58:52 +00:00
Nick Mathewson
0fa00d8ec6 r16479@catbus: nickm | 2007-11-06 18:10:02 -0500
Add "Blocking resistant TLS certificate usage" as proposal 124.


svn:r12405
2007-11-06 23:11:12 +00:00
Nick Mathewson
bc4cefcd7e r16471@catbus: nickm | 2007-11-06 15:50:42 -0500
Detect whether any of the descriptors we want are in old_routers. Possibly useful in tracking down bug 543.


svn:r12404
2007-11-06 20:51:45 +00:00
Nick Mathewson
e047f7f865 r16455@catbus: nickm | 2007-11-06 12:48:00 -0500
Parse CERT cells and act correctly when we get them.


svn:r12396
2007-11-06 18:00:07 +00:00
Nick Mathewson
95c7b8cc64 r14729@31-33-67: nickm | 2007-11-05 18:54:50 -0500
Send and Parse CERT cells correctly.  Still need to understand the certs inside.


svn:r12392
2007-11-05 23:55:43 +00:00
Nick Mathewson
6fcda5299f r14727@31-33-67: nickm | 2007-11-05 18:34:35 -0500
Make VERSIONS variable-length.


svn:r12391
2007-11-05 23:34:39 +00:00
Nick Mathewson
9a20a64b62 r16438@catbus: nickm | 2007-11-05 16:45:45 -0500
Initial code for variable-length cells. CERT and VERSIONS  need to use them.


svn:r12390
2007-11-05 21:46:35 +00:00
Nick Mathewson
85654f4ab9 r16432@catbus: nickm | 2007-11-05 14:18:57 -0500
Send and parse link_auth cells properly.


svn:r12386
2007-11-05 19:19:46 +00:00
Nick Mathewson
44eab517fc r16414@catbus: nickm | 2007-11-05 13:14:46 -0500
Function to process link auth cells; stub function for cert cell processing


svn:r12385
2007-11-05 18:15:56 +00:00
Nick Mathewson
323490303e r16412@catbus: nickm | 2007-11-05 11:45:17 -0500
Make TLS contexts reference-counted, and add a reference from TLS objects to their corresponding context.  This lets us reliably get the certificates for a given TLS connection, even if we have rotated TLS contexts.


svn:r12383
2007-11-05 18:15:52 +00:00
Nick Mathewson
ea1bea5830 r16411@catbus: nickm | 2007-11-05 11:27:37 -0500
Remember X509 certificates in the context.  Store peer/self certificate digests in handshake state.


svn:r12382
2007-11-05 18:15:50 +00:00
Nick Mathewson
e94fad36ac r16409@catbus: nickm | 2007-11-05 10:38:25 -0500
Split handshake state into its own structure.  Revise versions and netinfo code to use this structure.


svn:r12380
2007-11-05 18:15:44 +00:00
Nick Mathewson
a7993ea2b6 r16408@catbus: nickm | 2007-11-05 10:02:39 -0500
Edit TODO: remove some completed items, add breakdown for 105+TLS task.


svn:r12379
2007-11-05 18:15:42 +00:00
Roger Dingledine
8cc70addd7 minor fix
svn:r12367
2007-11-04 00:15:17 +00:00
Roger Dingledine
a2289c6fc6 more of r12364
svn:r12366
2007-11-04 00:14:58 +00:00
Roger Dingledine
4780f488c0 <mikeperry> the lesson probably should be automatic client upgrades :)
svn:r12348
2007-11-02 20:21:26 +00:00
Roger Dingledine
42e4acc41a get my in-progress bridge proposal draft into svn so i don't
lose it


svn:r12347
2007-11-02 19:21:42 +00:00
Nick Mathewson
dddff3acf9 r14625@tombo: nickm | 2007-11-01 23:21:25 -0400
Merge revised behavior on proposal 105


svn:r12323
2007-11-02 03:21:54 +00:00
Andrew Lewman
2136c82ae0 As nick commented, tor's configure doesn't know what --enable-static and
--disable-shared actually are, so remove it from docs and spec file.


svn:r12321
2007-11-02 02:40:03 +00:00
Andrew Lewman
14be21f31e Add a comment to the relaybandwidth bug.
svn:r12320
2007-11-02 02:32:47 +00:00
Nick Mathewson
832ef9562f r14623@tombo: nickm | 2007-11-01 22:25:18 -0400
More tweaks from karsten, with some cleanup and commentary.


svn:r12319
2007-11-02 02:25:28 +00:00
Roger Dingledine
f8e05cb359 start on the 0.2.1.x todo list.
svn:r12316
2007-11-01 14:24:25 +00:00
Nick Mathewson
37c44b81df r16326@catbus: nickm | 2007-11-01 00:56:45 -0400
As an authority, send back an X-Descriptor-Not-New header when we accept but do not store a descriptor.  Partial implementation of fix for bug 535.


svn:r12310
2007-11-01 05:01:24 +00:00
Nick Mathewson
90ce047aae r16323@catbus: nickm | 2007-11-01 00:32:12 -0400
Mark some finished items finished, some deferred items deferred, and move some "nice to haves" into "deferred-land."


svn:r12307
2007-11-01 04:38:45 +00:00
Nick Mathewson
2645219b4c r16322@catbus: nickm | 2007-11-01 00:26:15 -0400
Implement --quiet.


svn:r12306
2007-11-01 04:38:43 +00:00
Nick Mathewson
401b5c26de r16320@catbus: nickm | 2007-11-01 00:11:20 -0400
Learn new addresses for authorities from their certificates.


svn:r12305
2007-11-01 04:14:23 +00:00
Nick Mathewson
7e80640b97 r16285@catbus: nickm | 2007-10-30 17:43:25 -0400
Implement (but do not enable) link connection version negotiation


svn:r12286
2007-10-30 21:46:02 +00:00
Nick Mathewson
57f7c852f8 r16282@catbus: nickm | 2007-10-30 14:28:58 -0400
Implement lots of proposal 105.  None of it is enabled yet.


svn:r12285
2007-10-30 18:31:30 +00:00
Nick Mathewson
c0c2001a5b r16279@catbus: nickm | 2007-10-30 11:14:29 -0400
Improved skew reporting:  "You are 365 days in the duture" is more useful than "You are 525600 minutes in the future".  Also, when we get something that proves we are at least an hour in the past, tell the controller "CLOCK_SKEW MIN_SKEW=-3600" rather than just "CLOCK_SKEW"


svn:r12283
2007-10-30 15:17:07 +00:00
Nick Mathewson
7709fb7143 r16278@catbus: nickm | 2007-10-30 09:46:28 -0400
Accept future networkstatus documents, but warn about skew when we get them.


svn:r12282
2007-10-30 15:17:01 +00:00
Nick Mathewson
6ad71ec37f r16261@catbus: nickm | 2007-10-29 13:19:44 -0400
Note another task to do by wednesday. Argh.


svn:r12271
2007-10-29 19:10:38 +00:00
Nick Mathewson
1c451b9db9 r16252@catbus: nickm | 2007-10-29 11:13:03 -0400
Change symbol from DATADIR to SHARE_DATADIR, since DATADIR conflicts with objidl.h in mingw.


svn:r12268
2007-10-29 15:15:49 +00:00
Andrew Lewman
28652aec69 And more places with the wrong url, now updated.
svn:r12267
2007-10-29 01:08:22 +00:00
Nick Mathewson
f09d53bbf1 r16246@catbus: nickm | 2007-10-28 19:34:58 -0400
Implement a FallbackNetworkstatusFile (default to $prefix/share/tor/fallback-consensus) to that we know about lots of directory servers and routers when we start up the first time.


svn:r12259
2007-10-28 23:44:53 +00:00
Nick Mathewson
20b1085989 r16242@catbus: nickm | 2007-10-28 16:28:13 -0400
Implement if-modified-since for consensus networkstatuses so that we do not download duplicates needlessly.


svn:r12258
2007-10-28 20:30:21 +00:00
Nick Mathewson
c58675ca72 r16236@catbus: nickm | 2007-10-28 14:36:30 -0400
Patch from Karsten Loesing: encode and parse v2 rendezvous descriptors.


svn:r12254
2007-10-28 19:48:14 +00:00
Nick Mathewson
665aa7659c r16234@catbus: nickm | 2007-10-28 14:27:22 -0400
Clean up a couple of comments from r12244.


svn:r12253
2007-10-28 18:29:29 +00:00
Roger Dingledine
abe8afbdc9 a todo clump for tor mirror todos
svn:r12250
2007-10-28 11:57:51 +00:00
Roger Dingledine
e5885deab5 Separate "SOCKS_COMMAND_CONNECT_DIR" into two flags in
edge_connection_t: want_onehop if it must attach to a circuit with
only one hop (e.g. for the current tunnelled connections that use
begin_dir), and use_begindir if we mean to use a BEGIN_DIR relay
command to establish the stream rather than the normal BEGIN. Now
we can make anonymized begin_dir connections for (e.g.) more secure
hidden service posting and fetching.


svn:r12244
2007-10-28 08:16:19 +00:00
Andrew Lewman
93c1401300 Update a task.
svn:r12240
2007-10-28 02:24:00 +00:00
Andrew Lewman
7d55eea6bc add comments to two tasks
svn:r12239
2007-10-28 01:22:04 +00:00
Andrew Lewman
3bf9ca32b6 Updated some TODO items.
svn:r12238
2007-10-28 00:54:06 +00:00
Nick Mathewson
b6acad5f12 r16209@catbus: nickm | 2007-10-27 11:42:24 -0400
svn:r12230
2007-10-27 15:44:44 +00:00