Roger Dingledine
23dd7c9012
bump to 0.2.4.9-alpha
2013-01-15 11:57:34 -05:00
Roger Dingledine
ceb797c4b7
fold in new change stanza
2013-01-15 11:54:52 -05:00
Nick Mathewson
beca92c31b
Fix handling of ntor handshakes received via CREATE cells
...
Fixes bug 7959; bugfix on 0.2.4.8-alpha.
2013-01-15 00:41:09 -05:00
Nick Mathewson
ebf30613ea
Better log message to diagnose #7959
2013-01-15 00:25:07 -05:00
Nick Mathewson
85eb83052f
Bump version to 0.2.4.8-alpha-dev
2013-01-15 00:24:19 -05:00
Roger Dingledine
26cffd3b86
bump to 0.2.4.8-alpha
2013-01-14 18:52:42 -05:00
Roger Dingledine
d84a97fb41
finish poking at the changelog
2013-01-14 18:46:32 -05:00
Nick Mathewson
47122d1d25
Revert junk accidentally included with "start folding in the changes entries"
...
Looks like Roger's debugging code wanted to take a tour of the world
outside his sandbox.
This reverts part of commit 19d3720236
.
2013-01-14 14:41:59 -05:00
Nick Mathewson
cb24852ec5
Merge remote-tracking branch 'origin/maint-0.2.3'
2013-01-14 14:24:53 -05:00
Nick Mathewson
1625cddf3a
Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3
2013-01-14 14:24:19 -05:00
Nick Mathewson
4ccf09b1c2
Reject create/begin/etc cells with {circ,stream}ID 0.
...
Otherwise, it's possible to create streams or circuits with these
bogus IDs, leading to orphaned circuits or streams, or to ones that
can cause bandwidth DOS problems.
Fixes bug 7889; bugfix on all released Tors.
2013-01-14 14:02:13 -05:00
Roger Dingledine
19d3720236
start folding in the changes entries
2013-01-14 13:34:59 -05:00
Nick Mathewson
c9242f4fd4
Merge branch 'bug7869'
2013-01-14 12:32:00 -05:00
Nick Mathewson
d357b97b6d
Merge remote-tracking branch 'mikeperry/bug7691-rebased'
2013-01-13 21:48:33 -05:00
Nick Mathewson
dab25eb37d
Merge branch 'bug7935'
2013-01-13 21:43:53 -05:00
Nick Mathewson
a5ee3834bf
Handle EWOULDBLOCK as EAGAIN if they happen to be different.
...
Fixes bug 7935. Reported by 'oftc_must_be_destroyed'.
2013-01-11 16:36:54 -08:00
George Kadianakis
50028e4d68
Mention name of the transport used when we learn the fpr of a bridge.
2013-01-09 15:52:35 +02:00
Mike Perry
d05ff310a5
Bug 7691 review fixes.
...
Also add in the random nonce generation.
2013-01-08 19:29:56 -08:00
Mike Perry
f60c25cd25
Bug 7341 code review fixes.
2013-01-08 18:12:38 -08:00
Mike Perry
15fdfc2993
Bug 7691: Send a probe cell down certain types of circs.
...
In general, if we tried to use a circ for a stream, but then decided to place
that stream on a different circuit, we need to probe the original circuit
before deciding it was a "success".
We also need to do the same for cannibalized circuits that go unused.
2013-01-08 17:28:08 -08:00
Mike Perry
3458d904f6
Fix bug 7341.
...
Fix cannibalize, rend circ and intro circ timeout handling.
2013-01-08 17:21:05 -08:00
Nick Mathewson
31d888c834
Make the = at the end of ntor-onion-key optional.
...
Makes bug 7869 more easily fixable if we ever choose to do so.
2013-01-05 22:53:32 -05:00
Karsten Loesing
32114d70ae
Update to the January 2013 GeoIP database.
2013-01-05 08:18:26 +01:00
Nick Mathewson
677d18278e
Better handling (I think) for onionskin timing w jumpy clocks
...
The fix: Instead of clipping huge/negative times, ignore them as
probably invalid.
2013-01-03 13:26:59 -05:00
Nick Mathewson
30e139389b
Record and report the overhead of how we handle onionskins.
2013-01-03 13:20:20 -05:00
Nick Mathewson
b9fb01721a
Use a TAILQ, not a singly-linked queue, for the onion queue.
...
This makes removing items from the middle of the queue into an O(1)
operation, which could prove important as we let onionqueues grow
longer.
Doing this actually makes the code slightly smaller, too.
2013-01-03 13:03:41 -05:00
Nick Mathewson
b0b3c14c11
Eliminate MaxOnionsPending; replace it with MaxOnionQueueDelay
...
The right way to set "MaxOnionsPending" was to adjust it until the
processing delay was appropriate. So instead, let's measure how long
it takes to process onionskins (sampling them once we have a big
number), and then limit the queue based on its expected time to
finish.
This change is extra-necessary for ntor, since there is no longer a
reasonable way to set MaxOnionsPending without knowing what mix of
onionskins you'll get.
This patch also reserves 1/3 of the onionskin spots for ntor
handshakes, on the theory that TAP handshakes shouldn't be allowed to
starve their speedier cousins. We can change this later if need be.
Resolves 7291.
2013-01-03 13:03:41 -05:00
Nick Mathewson
dffc8e359b
Whoops; make that unit test actually pass :/
2013-01-03 12:46:55 -05:00
Nick Mathewson
27ac306deb
Add a unit test for the curve25519 keypair persistence functions
2013-01-03 12:38:44 -05:00
Nick Mathewson
b1bdecd703
Merge branch 'ntor-resquashed'
...
Conflicts:
src/or/cpuworker.c
src/or/or.h
src/test/bench.c
2013-01-03 11:52:41 -05:00
Nick Mathewson
d3de0b91fb
Check all crypto_rand return values for ntor.
2013-01-03 11:29:49 -05:00
Nick Mathewson
94cb7bd24d
Complete all DOCDOC entries from the ntor branch
2013-01-03 11:29:48 -05:00
Nick Mathewson
5f219ddd02
Use safe_mem_is_zero for checking curve25519 output for 0-ness
...
This should make the intent more explicit. Probably needless, though.
2013-01-03 11:29:48 -05:00
Nick Mathewson
f07a5125cb
Implement a constant-time safe_mem_is_zero.
2013-01-03 11:29:48 -05:00
Nick Mathewson
92d6a83e98
changes file for the ntor branch
2013-01-03 11:29:48 -05:00
Nick Mathewson
ed3c8d9d44
Document UseNTorHandshake
2013-01-03 11:29:48 -05:00
Nick Mathewson
ce57e94728
Add new ntor bits to gitignore
2013-01-03 11:29:48 -05:00
Nick Mathewson
c46ff3ec79
Add reference implementation for ntor, plus compatibility test
...
Before I started coding ntor in C, I did another one in Python.
Turns out, they interoperate just fine.
2013-01-03 11:29:48 -05:00
Nick Mathewson
839016ac79
ntor: Don't fail fast server-side on an unrecognized KEYID(B)
2013-01-03 11:29:48 -05:00
Nick Mathewson
463e9378df
Update our copy of curve25519-donna-c64.
...
This now matches upstream at version 59a896970a1ad0a6cd7d0.
(Adam took my patches.)
2013-01-03 11:29:48 -05:00
Nick Mathewson
095c70b7af
Use always_inline only with inline; otherwise GCC gripes
2013-01-03 11:29:47 -05:00
Nick Mathewson
d907fca29b
Make libcurve25519_donna get built as a .a
...
This lets us give it compiler flags differing from the rest of
libor-crypto.a
2013-01-03 11:29:47 -05:00
Nick Mathewson
ef13bf4432
Fix an unused-variable warning
2013-01-03 11:29:47 -05:00
Nick Mathewson
b286373908
Enable the ntor handshake on the client side.
...
"works for me"
2013-01-03 11:29:47 -05:00
Nick Mathewson
ecf88b16b8
Enable handling of create2/extend2/created2/extended2
2013-01-03 11:29:47 -05:00
Nick Mathewson
5c68a1efaa
Don't check create cells too much when we're relaying them
...
We want to sanity-check our own create cells carefully, and other
people's loosely.
2013-01-03 11:29:47 -05:00
Nick Mathewson
1ed4786dba
Implement scheme to allow ntor requests/responses via older servers
2013-01-03 11:29:47 -05:00
Nick Mathewson
115e8fe9a5
Use created_cell_format where appropriate
2013-01-03 11:29:47 -05:00
Nick Mathewson
6c69b16c93
Use new wrappers for making,sending,processing create/extend cells
2013-01-03 11:29:47 -05:00
Nick Mathewson
2802ccaeb6
Teach cpuworker and others about create_cell_t and friends
...
The unit of work sent to a cpuworker is now a create_cell_t; its
response is now a created_cell_t. Several of the things that call or
get called by this chain of logic now take create_cell_t or
created_cell_t too.
Since all cpuworkers are forked or spawned by Tor, they don't need a
stable wire protocol, so we can just send structs. This saves us some
insanity, and helps p
2013-01-03 11:29:46 -05:00