Better handling of internal addresses wrt X-Your-Address-Is (never believe them; never provide them.) Also, report something useful for X-Your-Address-Is with one-hop tunneled connections.
svn:r9191
Patch from Edmanm, slightly modified. Original change list:
- Support running the Tor service with a torrc not in the
same directory as tor.exe (Bug #356) and default to using the torrc
located in the %appdata%\Tor\ of the user who installed the service
- Removed the supposedly misleading error message mentioned in Bug #294
- Fixed some CloseHandle()s that should've been CloseServiceHandle()s
- Fixed some nt_service_foo() return values to be consistent
- Resolved some nt_service_foo() DOCDOCs
- Fixed one trivial typo that I happened to randomly notice
Changes:
- Make more comments into "imperative" house style.
- Remove special handling for "-f"; only use --options.
- Quote all options.
- Clean up whitespace
svn:r9185
Track when we get 503s from directory servers. Do not use directory servers that have given us a 503 until either an hour has passed, or we are are out of non-busy servers.
svn:r9172
Add an orport option to dirserver lines so that clients can tell where to connect to open an encrypted tunnel to a dirserver even before they have its descriptor.
svn:r9171
Fix bug found by Keith Skinner: Treat malformed max-ports in address ranges as an error, and dont ignore errors with min-ports even if a max-port is present.
svn:r9168
Add a maintainer script and a new make target "make check-docs" to get a quick dump of which options are undocumented where, and which documentation refers to nonexistent options.
svn:r9160
schedule. Now the first connect attempt will wait a full 10
seconds before switching to a new circuit. Perhaps this will help
a lot. Based on observations from Mike Perry.
svn:r9159
Resolve bug 363: do not fall back to 127.0.0.1 when no nameservers are configured. Instead, have the admin fix resolv.conf or configure a nameserver.
svn:r9157
Add internal documentation for a bunch of configuration options. We should do something to keep this list, the canonical list, the tor.1 list, and the torrc.complete list in sync.
svn:r9133
Add a LastRotatedOnionKey variable to the state file, so we can rotate onion keys a week after they change even if we never stay up for a whole week at a time. Should fix bug 368.
svn:r9120
Try to reconcile (except for whitespace) eventdns with version in libevent, so it is easier for me to send merges. These changes should be cosmetic. (Ha!)
svn:r9117
Resolve bug 369: Check for integer underflow when printing "bytes left" accounting numbers. Also fix a copyright date that I noticed while reading the bug. Also make a buffer big enough that strings will not get truncated. All are backport candidates.
svn:r9115
buffer, make sure our tls_get_forced_write_size doesn't
make it write whatever's after the buffer.
this hasn't triggered yet, but it would be rare, so let's
leave it in.
svn:r9107
New socks command CONNECT_DIR. New config option TunnelDirConns that
builds a circ ending at the directory server and delivers a BEGIN_DIR
cell if it's running 0.1.2.2-alpha or later. We still need to make
one-hop circs when appropriate, while making other conns avoid them.
svn:r9098
Document all structures and (non-exported) functions. External documentation will probably wind up being a manpage, hopefully written by somebody else.
svn:r9087
More evdns: tab fixes. Dont make users worry about flags. Set truncated flag correctly when generating responses, rather than just bailing out.
svn:r9084
Oops; apparently DNS replies are supposed to include the questions. Revise "add_ptr_reply" to accept an inaddr_arpa name instead of just the sockaddr_in. Also, add a "-servertest" function to the test code to see whether the DNS server logic is working.
svn:r9082
Fix a longstanding bug in eventdns related to timeouts: The timeout count was never actually reset to 0. Argh. Now we reset it to zero after we get a successful request, or after we notice that a nameserver is back up, or after we decide the nameserver is down because of timeouts. This may fix bug 326.
svn:r9054
Round stored/transmitted values for bandwidth usage. This might make some attacks work less well. This might well be voodoo, but it gives me a warm fuzzy feeling.
svn:r9048
Revise logic used to flush state to disk. Now, we try to batch non-urgent changes so that we do not do too many writes, and we save very-non-urgent changes every once in a rare while, and we never save more than once per second.
svn:r9047
Make bandwidth accounting information get stored to the state file as well as bw_accounting. Read from the state file if it is more recent than bw_accounting, or if bw_accounting is not there.
svn:r9044
Change logging format of state file to only include non-default values. Adjust clients to never store bandwidth history in the state file. (Possible backport candidate.)
svn:r9043
Fix bug 338: log verbose nicknames, not just keys, for intro points. Also, suppress intro point name logging when SafeLogging is 1. (The security part is a possible backport candidate.)
svn:r9041
Fix a couple of obvious bugs in tor_mmap_file on Windows: first, fix a boolean error when checking the return value of CreateFileMapping. Second, CreateFileMapping is documented to return NULL on failure.
svn:r9035
intended. this way we don't call resolve-my-address, which
yells and screams if we're using an internal address (mere
clients should not have to care).
svn:r8998
Fix router_new_address_suggestion() so it only changes last_guessed_ip() when it actually calls resolve_my_address(). (bug found by dev-girl)
svn:r8996
11:23 < armadev> typo
11:23 < nickm> ?
11:23 < armadev> did you get the coffee yet? :)
11:23 < nickm> no
11:23 < armadev> i'm at an advantage..i haven't slept yet
svn:r8972
Tweaks to test-connection patch: use ".noconnect" instead of ".test" (since there are lots of ways to test things). Use a regular sequence of STREAM events (NEW followed by CLOSED) instead of a new event type. Make the function that checks the address be static and use const and strcasecmpend properly.
svn:r8959
Check in an implementation of "test" connections from Scott Squires:
these connections immediately close upon reaching Tor. They're useful
for apps that want to check whether they're talking to the same Tor as
a given controller. (I'll be tweaking this a bit before I push.)
svn:r8958
Try to compile with fewer warnings on irix64's MIPSpro compiler /
environment, which apparently believes that:
- off_t can be bigger than size_t.
- only mean kids assign things they do not subsequently inspect.
I don't try to fix the "error" that makes it say:
cc-3970 cc: WARNING File = main.c, Line = 1277
conversion from pointer to same-sized integral type (potential portability
problem)
uintptr_t sig = (uintptr_t)arg;
Because really, what can you do about a compiler that claims to be c99
but doesn't understand that void* x = NULL; uintptr_t y = (uintptr_t) x;
is safe?
svn:r8948
Add support for (Free?)BSD's natd, which was an old way to let you
have your firewall automatically redirect traffic. (Original patch
from Zajcev Evgeny, updated for 0.1.2.x by tup.)
svn:r8946
Add some temporary code to count how many *distinct* router digests we verify. (I have a sneaking suspicion that the numbers look way way high.)
svn:r8890
Add string.h include to compat.h so that strlcpy() and strlcat() will always be defined after including compat.h. This should resolve warnings on centos.
svn:r8824
fix unittests; add more tests for smartlist stuff; make tests cache generated RSA keys (to speed up unittest run time by 30% and encourage people to run them more).
svn:r8796
Let directory authorities set the BadExit flag if they like. Also, refactor directory authority code so we can believe multiple things about a single router, and do fewer linear searches.
svn:r8794
fix a rare memory leak if something goes wrong while rebuilding it,
and clean up some code. nick, please confirm.
reported by "fookoowa" in flyspray 346 (yay!)
svn:r8789
Have connection_about_to_close use an end_reason field in edge_connection_t to tell what reason to tell the controller for closing the stream. Set end_reason in connection_edge_end, connection_mark_unattached_ap, and everwhere we set edge_has_sent_end. Add a changelog entry.
svn:r8779
Start implementing reason extension for stream events to match the one one used by circuit events. (Not a complete implementation yet; actual reasons are not passed to control.c)
svn:r8777
Change HT_INIT from a special-case to a macro-calling-a-function like the rest of ht.h. This might prevent errors if somebody did, I dunno, "HT_INIT(tp, hashtable++)". Based on a patch from Watson Ladd.
svn:r8776
Weasel correctly notes that we should not discard the return value from connection_exit_begin_con. Right now, the return value is always discardable, so this does not actually cause a bug, but it might later. So fix it.
svn:r8774
Fix longstanding bug in connection_exit_begin_conn(): Since connection_edge_end() exits when the connection is unattached, we were never sending RELAY_END cells back for failed RELAY_BEGIN attempts. Fix this. This might make clients that were otherwise timing out either fail faster or retry faster, which is good news for us.
svn:r8770
Add pragma:no-cache and expires headers so that directory lookups can work better in the presence of caching HTTP proxies. (I would have used Cache-Control, but that is an HTTP/1.1 thing.) All timeouts are currently wild-assed guesses.
svn:r8765
Split smartlist tests into their own function, and add a couple more. Re-enable strmap iteration tests. Remove tests for code that doesnt exist any more (parse_nickname_list, identity ciphers).
svn:r8763
Add unit tests for tor_mmap_file(); make tor_mmap_t.size always be the size of the file (not the size of the mapping); add an extra argument to read_file_to_str() so it can return the size of the result string.
svn:r8762
Never discard a descriptor for being too old until either it is recommended by no authorities, or until we download a better (more recent and recommended) one for the same router. This will eventually make it possible for servers to publish less often.
svn:r8761
Fix an XXX in handling destroy cells: when we get a destroy cell with reason FOO, do not tell the controller REASON=FOO. Instead, say REASON=DESTROYED REMOTE_REASON=FOO. Suggested by a conversation with Mike Perry.
svn:r8760
Change to BadExit logic: Let authorities set an "I list bad exits" flag. Consider an exit bad if it is listed as bad by more than half of *those* authorities. This gives us a better migration path.
svn:r8756
Apply patch from Mike Perry: add more reasons for circuit destroys. (Slightly tweaked to avoid allocating a number for an "internal" reason.)
svn:r8739
Add client support for a 'BadExit' flag, so authorities can say "Server X is a poor choise for your nytimes.com connections, as it seems to direct them to HoorayForMao.com or (more likely) WouldYouLikeToBuyTheseFineEncyclopedias.com"
svn:r8690
Touch up last patch (to add REASON to CIRC events): make some reasons
more sensible, send reasons only to controllers that have enabled
extended events, and clean up whitespace.
svn:r8672
Win32 patch from Matt Edman: fix compilation bugs by casting to int; defining SSIZE_T; defining USE_TWOS_COMPLEMENT in windows orconfig.h; and using the proper names for win32 functions on GetProcAddress. Also fixes bug 295.
svn:r8669
The otherwise regrettable MIPSpro C compiler warns about values set but never used, and about mixing enums and ints; these are good warnings, and so should be fixed. This removes some dead code and some potential bugs. Thanks to pnx.
svn:r8664
Try to make mingw capable of producing a working tor binary for win98: make all NT-service-related functions get lazy-loaded on demand. I have no idea if this even compiles.
svn:r8643
around some housecleaning calls so they still occur often.
are some of these redundant or in the wrong order? there are
so many of them, maybe they should be put into a separate
function that has better documentation.
svn:r8607
We're trying to catch the kind of jerk who'd hijack zy6pzwohtnlq.test,
not the kind of lunatic who'd hijack zy6pzwohtnlq%s.test, though
apparently those exist too.
svn:r8595
Add USEFEATURE to control changes to control protocol. Use like __future__ directive from Python. Will spec before pushing changes. No, really. :)
svn:r8584
Partial implementation of revised nickname syntax for controllers. Implement ability to look up routers by "verbose" nicknames; add a per-v1-control-connection flag to turn the feature on in events. Needs testing, spec, ability to actually turn on the flag, double-checking that we wont overflow any nickname buffers, and changelog.
svn:r8582
Remove/clarify some XXXs for no longer being accurate; for begin things we do not indend to fix; for already being parts of big todo issues (like "/* XXX ipv6 */"); etc. Also fix some spaces.
svn:r8580
Make TrackExitHosts case-insensitive, and fix the behavior of .suffix TrackExitHosts items to avoid matching in the middle of an address. (Resolves an XXXX)
svn:r8579
Move is_local_IP to config.c; have it check for same-/24; make it used only for reachability (not for banwidth, because that is probably not what we want). Fixes an XXX.
svn:r8578
hidden service authorities too.
- Just because your DirPort is open doesn't mean people should be
able to remotely teach you about hidden service descriptors. Now
only accept rendezvous posts if you've got HSAuthoritativeDir set.
svn:r8573
Disprefer exit nodes for entry, middle positions (fixes bug 200). Also, switch to using a uint64_t to hold "total bandwidth for all nodes" under consideration; crypt_rand_int would have died at 2GB/s network capacity.
svn:r8571