choose an intro point, connect to it,
choose a rend point, connect to it and establish a cookie,
get an ack from the rendezvous point,
and know when both circs are ready for her.
APConns don't use conn->purpose anymore
don't initiate a renddesc lookup if one is already in progress
also fix a buffer overflow in nickname parsing (only exploitable
by the operator though)
svn:r1471
* read all the time (before we would ignore eof sometimes, oops)
* we can handle different urls now
* send back 404 for an un-handled url
* commands initiated by the client can handle payloads now
* introduce conn->purpose to avoid exponential state-space explosion
svn:r1400
successful/failed connections, successful/failed extends, and
connection uptimes.
It's still not done: more tests are needed, and not everything calls
connection/circuit_mark_for_close properly. This skews the results.
Also, there needs to be a 'testing' mode for non-OP ORs, where they
periodically build circuits just to test whether extends work.
svn:r1313
we were never writing anything when hold_open_until_flushed was set,
since conn_write returns early if marked_for_conn is set.
seems a bit better now.
svn:r1214
Apparently, when a DNS failure was already cached, then when we tried
to mark the exit connection as closed, we'd try to remove it from the
pending queue anyway, and hit an assert. Now, we put failed-resolve
connections in a separate state so that mark_for_close does the right
thing.
svn:r1196
who wants to shut down a connection calls connection_mark_for_close instead
of setting marked_for_close to 1. This automatically removes the connection
from the DNS cache if needed, sends a RELAY END cell if appropriate, and can
be changed to do whatever else is needed.
Still to do:
- The same for circuits, maybe.
- Add some kind of hold_connection_open_until_flushed flag, maybe.
- Change stuff that closes connections with return -1 to use mark_for_close,
maybe.
svn:r1145
add some more data to be flushed but never turn POLLOUT on. not sure
how commonly this bug was hit, but it would be a doozy.
Also add some asserts to see if it happens elsewhere.
svn:r1142
arrives, then the stream wasn't getting removed from the pending list.
this may have been the lucky-bug.
this commit may also not actually fix the bug. it's darn hard to
reproduce.
svn:r1122
We were telling a child to die by closing the parent's file descriptor
to him. But newer children were inheriting the open file descriptor from
the parent, and since they weren't closing them, the socket never closed,
so the child never read eof, so he never knew to exit.
As a side effect to this bug, we were probably failing to properly close
connections to remote hosts, ORs, and OPs, after a dns child was born.
I'm surprised Tor worked at all.
svn:r974
split 7-byte stream_id string into 2-byte recognized and 2-byte stream_id
fix two seg faults in fetch_from_buf_http
fix several lurking seg faults in handling unexpected relay cells
still need to
* clean up relay_crypt
* use relay dummies if there's going to be a conflict with rh.recognized
* check for a conflict when generating stream_ids
svn:r953
never work.
fix vicious bug in choose_good_exit_server that caused it to *skip over*
pending circuits, and look only at *non-pending circuits*, when choosing
a good exit node for the new circuit.
bugfix: remove incorrect asserts in circuit_get_newest()
svn:r876
Also:
- Refactor socks request into a separate struct
- Add a separate 'waiting for circuit' state to AP connections
between 'waiting for socks' and 'open'.
Arma: can you check out the XXX's I've added to connection_edge? I may
be mishandling some async and close logic.
svn:r783
not when we're closing the stream.
this lets us put a payload in the end cell if we want to,
to describe why we're closing the stream.
there are still some places where we don't send the end cell
immediately. i need to track them down. but it's a low priority,
since i've made it send the end cell when we close the stream if
we haven't already sent it.
svn:r640
If DebugLogFile is specified, log to it at -l debug
If LogFile is specified, log to it at the -l from the commandline
(default info)
If no LogFile *and* not a Daemon, then log to stdout.
Make conn->s = -1 by default (this might break things)
When kill -USR1, prefer to log at INFO, but make sure they always see it.
svn:r596
our log() conflicts with log(3)
distribute only the correct files from doc/ and src/config/
sometimes laptops go back in time. i guess that's ok for now.
and bump the version number because we're live.
svn:r544
ERR is if something fatal just happened
WARNING is something bad happened, but we're still running. The bad thing
is either a bug in the code, an attack or buggy protocol/implementation
of the remote peer, etc. The operator should examine the bad thing and
try to correct it.
(No error or warning messages should be expected. I expect most people
to run on -l warning eventually.)
NOTICE is never ever used.
INFO means something happened (maybe bad, maybe ok), but there's nothing
you need to (or can) do about it.
DEBUG is for everything louder than INFO.
svn:r486
redo all the config files for the new format (we'll redo them again soon)
fix (another! yuck) segfault in log_fn when input is too large
tor_tls_context_new() returns -1 for error, not NULL
fix segfault in check_conn_marked() on conn's that die during tls handshake
make ORs also initialize conn from router when we're the receiving node
make non-dirserver ORs upload descriptor to every dirserver on startup
add our local address to the descriptor
add Content-Length field to POST command
revert the Content-Length search in fetch_from_buf_http() to previous code
fix segfault in memmove in fetch_from_buf_http()
raise maximum allowed headers/body size in directory.c
svn:r484
'buf_t' is now an opaque type defined in buffers.c .
Router descriptors now include all keys; routers generate keys as
needed on startup (in a newly defined "data directory"), and generate
their own descriptors. Descriptors are now self-signed.
Implementation is not complete: descriptors are never published; and
upon receiving a descriptor, the directory doesn't do anything with
it.
At least "routers.or" and orkeygen are now obsolete, BTW.
svn:r483
Fixed up the assert_*_ok funcs some (more work remains)
Changed config so it reads either /etc/torrc or the -f arg, never both
Finally tracked down a nasty bug with our use of tls:
It turns out that if you ask SSL_read() for no more than n bytes, it
will read the entire record from the network (and maybe part of the next
record, I'm not sure), give you n bytes of it, and keep the remaining
bytes internally. This is fine, except our poll-for-read looks at the
network, and there are no bytes pending on the network, so we never know
to ask SSL_read() for more bytes. Currently I've hacked it so if we ask
for n bytes and it returns n bytes, then it reads again right then. This
will interact poorly with our rate limiting; we need a cleaner solution.
svn:r481
deal with content-length headers better when reading http
don't assume struct socks4_info is a packed struct
fail the socks handshake if destip is zero
flesh out conn_state_to_string() for dir conn
fix typo (bug) in connection_handle_read()
directory get is now called fetch, post is now upload
reopen logs on sighup
svn:r475
this paves the way for supporting socks5 and other handshakes
it also removes those pesky AP-only variables from connection_t
also hacked a fix for a bug where some streams weren't ending properly --
maybe because marked connections weren't flushing properly?
svn:r472
- signal support
- forking for DNS farm
- changes for async IO
- daemonizing
In other words, some files still don't build, and the ones that do build,
do nonblocking IO incorrectly.
I'm also not checking in the project files till I have a good place
for them.
svn:r380
i've eliminated the master dns process, so now the workers just
act like regular connections and are handled by the normal pollarray.
everything seems to still work. ;)
svn:r327
