nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-11 13:43:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
13,642 Commits 53 Branches 630 Tags 125 MiB
9919b01275
Commit Graph

1768 Commits

Author SHA1 Message Date
Karsten Loesing
fa2374a163 List unresolved requests in geoip stats as country '??'. 2009-07-09 15:34:53 +02:00
Nick Mathewson
041a7b9896 Merge commit 'karsten/entrystats-master' 
Conflicts:
	ChangeLog
	configure.in
	src/or/config.c
	src/or/or.h
 2009-07-07 14:26:50 -04:00
Nick Mathewson
1c1b223910 Merge commit 'karsten/bufferstats-master' 2009-07-07 13:21:33 -04:00
Nick Mathewson
aa0cf31c51 Merge commit 'origin/maint-0.2.1' 
Conflicts:
	ChangeLog
	configure.in
	contrib/tor-mingw.nsi.in
	src/win32/orconfig.h
 2009-07-07 12:42:24 -04:00
Nick Mathewson
258b980331 Make "Invalid onion hostname" msg respect SafeLogging. 
Patch by Roger; fixes bug 1027.
 2009-07-07 12:19:04 -04:00
Karsten Loesing
c0b6cb132b If configured, write entry-node statistics to disk periodically. 2009-07-05 20:48:16 +02:00
Karsten Loesing
b493a2ccb9 If configured, write cell statistics to disk periodically. 2009-07-05 19:53:25 +02:00
Karsten Loesing
c1f6c2ba30 Estimate v2 and v3 shares as mean values over measurement interval. 2009-07-04 22:17:08 +02:00
Karsten Loesing
4d6af73db8 If configured, write per-port exit statistics to disk periodically. 
[Original patch series from Karsten, revised and squashed by Nick]
 2009-07-02 12:37:05 -04:00
Nick Mathewson
078c34e28e Merge commit 'origin/maint-0.2.1' 
[Didn't take Karsten's full bug 1024 workaround, since 0.2.2 doesn't
use v0 rend descs.]
 2009-07-02 10:20:20 -04:00
Roger Dingledine
4e8d22846b Revise 0.2.1.17-rc changelog. 2009-07-02 10:13:01 -04:00
Karsten Loesing
3e6bb050dd Make an attempt to fix bug 1024. 
The internal error "could not find intro key" occurs when we want to send
an INTRODUCE1 cell over a recently finished introduction circuit and think
we built the introduction circuit with a v2 hidden service descriptor, but
cannot find the introduction key in our descriptor.

My first guess how we can end up in this situation is that we are wrong in
thinking that we built the introduction circuit based on a v2 hidden
service descriptor. This patch checks if we have a v0 descriptor, too, and
uses that instead.
 2009-07-02 10:00:28 -04:00
Nick Mathewson
9f28cfe86a Merge commit 'origin/maint-0.2.1' 2009-06-30 10:13:51 -04:00
Roger Dingledine
1ace3799fa and give the bug 969 fixes a changelog 2009-06-30 10:11:17 -04:00
Roger Dingledine
9fc3d87827 stop capping bandwidths we see in the consensus 
but continue capping bandwidths we see in local server
descriptors, if we have no consensus weights for them.
 2009-06-25 11:38:05 -04:00
Nick Mathewson
d2cac1afc3 Merge commit 'origin/maint-0.2.1' 2009-06-24 19:02:00 -04:00
Marcus Griep
cea85b4066 Added ChangeLog entry for control port fix 2009-06-24 00:14:08 -04:00
Nick Mathewson
39551b494e Merge commit 'origin/maint-0.2.1' 2009-06-22 14:08:19 -04:00
Roger Dingledine
b91428cfd3 add a changelog entry: clients use bw in consensus 2009-06-22 14:03:02 -04:00
Nick Mathewson
3f4f6f9075 Merge commit 'origin/maint-0.2.1' 
Conflicts:
	ChangeLog
 2009-06-22 12:36:06 -04:00
Nick Mathewson
262455527a Serve DirPortFrontPage even if the write bucket is low. 
arma's rationale: "I think this is a bug, since people intentionally
set DirPortFrontPage, so they really do want their relay to serve that
page when it's asked for. Having it appear only sometimes (or roughly
never in Sebastian's case) makes it way less useful."

Fixes bug 1013; bugfix on 0.2.1.8-alpha.
 2009-06-22 12:34:32 -04:00
Nick Mathewson
28f30515ef Merge commit 'origin/maint-0.2.1' 2009-06-20 21:51:38 -04:00
Nick Mathewson
ac3dedacce Bump version to 0.2.1.16-rc 2009-06-20 01:14:07 -04:00
Roger Dingledine
428178dda3 prepare changelog for 0.2.1.16-rc 2009-06-19 11:09:45 -04:00
Karsten Loesing
f266ecbeec Better fix for 997. 2009-06-19 16:26:02 +02:00
Karsten Loesing
20883f5e83 Revert "Backport fix for bug 997." 
This reverts commit 3847f54945.
 2009-06-19 15:46:13 +02:00
Nick Mathewson
aa88c8d91a Merge commit 'origin/maint-0.2.1' 2009-06-18 11:10:27 -04:00
Nick Mathewson
298dc95dfd tor-resolve: Don't automatically refuse .onion addresses. 
If the Tor is running with AutomapHostsOnResolve set, it _is_
reasonable to do a DNS lookup on a .onion address.  So instead we make
tor-resolve willing to try to resolve anything.  Only if Tor refuses
to resolve it do we suggest to the user that resolving a .onion
address may not work.

Fix for bug 1005.
 2009-06-18 11:08:10 -04:00
Nick Mathewson
df03d6eca8 Merge commit 'karsten/bug997-hidservfetch' 2009-06-16 16:26:02 -04:00
Karsten Loesing
3847f54945 Backport fix for bug 997. 
Backporting 6a32beb and ca8708a.
 2009-06-16 16:25:35 -04:00
Karsten Loesing
ca8708a9ce Fix more of bug 997. 
Fix refetching of hidden service descriptors when all introduction points
have turned out to not work.
 2009-06-13 12:21:58 +02:00
Nick Mathewson
cfce7d5dea Merge commit 'origin/maint-0.2.1' 2009-06-12 11:27:48 -04:00
Roger Dingledine
845326317d Check answer_len in the remap_addr case of process_relay_cell_not_open. 
Fix an edge case where a malicious exit relay could convince a
controller that the client's DNS question resolves to an internal IP
address. Bug found and fixed by "optimist"; bugfix on 0.1.2.8-beta.
 2009-06-12 11:22:54 -04:00
Roger Dingledine
cb1617f18e Check answer_len in the remap_addr case of process_relay_cell_not_open. 
Fix an edge case where a malicious exit relay could convince a
controller that the client's DNS question resolves to an internal IP
address. Bug found and fixed by "optimist"; bugfix on 0.1.2.8-beta.
 2009-06-12 11:18:02 -04:00
Karsten Loesing
6a32beb877 Apply fix for bug 997. 
Hidden service clients didn't use a cached service descriptor that
was older than 15 minutes, but wouldn't fetch a new one either. Now,
use a cached descriptor no matter how old it is and only fetch a new
one when all introduction points fail. Fix for bug 997. Patch from
Marcus Griep.
 2009-06-12 11:39:35 +02:00
Nick Mathewson
358efe1eea Merge commit 'origin/maint-0.2.1' 2009-06-08 00:01:31 -04:00
Nick Mathewson
925d80ba0d Missing changelog entry about geoip 2009-06-08 00:00:54 -04:00
Nick Mathewson
8a02f61ad6 Move and fix a changelog entry. Noticed by optimist. 2009-06-07 00:03:27 -04:00
Nick Mathewson
20193fc7ab Avoid a memory corruption problem related to "private" in DirPolicy. 
This is a posible fix for bug 996.
 2009-06-05 19:41:40 -04:00
Nick Mathewson
4945fee65a Merge commit 'origin/maint-0.2.1' 2009-06-04 03:31:12 -04:00
Nick Mathewson
b262e76563 Fix gprof bottlenecks on exit nodes found by Jacob. 
Apparently all the stuff that does a linear scan over all the DNS
cache entries can get really expensive when your DNS cache is very
large.  It's hard to say how much this will help performance, since
gprof doesn't count time spent in OpenSSL or zlib, but I'd guess 10%.

Also, this patch removes calls to assert_connection_ok() from inside
the read and write callbacks, which are similarly unneeded, and a
little costlier than I'm happy with.

This is probably worth backporting to 0.2.0.
 2009-06-03 13:52:03 -04:00
Nick Mathewson
77ffd6b2a7 Merge commit 'origin/maint-0.2.1' 2009-05-31 19:17:22 -04:00
Nick Mathewson
c4c7dcd453 Do not report a node as a "chosen exit" when it is not in fact an exit. 
Provide a useful warning when launch_circuit tries to make us use a
node we don't want to use.  Just give an info message when this is a
normal and okay situation.  Fix for logging issues in bug 984.
 2009-05-31 19:15:36 -04:00
Nick Mathewson
e84ddead34 Merge branch 'hardware_accel_improvements' 2009-05-31 13:36:50 -04:00
Nick Mathewson
3ca10bb62f Fix-ups for dynamic OpenSSL engine patch. 
Include a changelog, and don't try to compare strings with !=.
 2009-05-31 13:36:18 -04:00
Nick Mathewson
fd992deeea Don't attempt to log messages to a controller from a worker thread. 
This patch adds a function to determine whether we're in the main
thread, and changes control_event_logmsg() to return immediately if
we're in a subthread.  This is necessary because otherwise we will
call connection_write_to_buf, which modifies non-locked data
structures.

Bugfix on 0.2.0.x; fix for at least one of the things currently
called "bug 977".
 2009-05-30 18:16:24 -04:00
Sebastian Hahn
e70fe116d3 Consider *ListenAddress when warning about low ports and hibernation 
Tas (thanks!) noticed that when *ListenAddress is set, Tor would
still warn on startup when *Port is low and hibernation is active.
The patch parses all the *ListenAddress lines, and checks the
ports. Bugfix on 0.2.1.15-rc
 2009-05-30 03:09:39 +02:00
Nick Mathewson
0e2618dd54 Merge commit 'origin/maint-0.2.1' 2009-05-27 14:20:18 -04:00
Nick Mathewson
1843f3936c Changelog entry for Karsten's bug-932 patch. 2009-05-27 14:11:38 -04:00
Karsten Loesing
54c97c9133 Change the way how directories that are configured with --enable-geoip-stats write geoip stats to disk. 
- Write geoip stats to disk every 24 hours, not every hour.
- Remove configuration options and define reasonable defaults.
- Clear history of client requests every 24 hours (which wasn't done at
  all before).
 2009-05-27 19:13:31 +02:00
Nick Mathewson
b805e5debf Merge commit 'origin/maint-0.2.1' into master. 
Conflicts:
	ChangeLog
	configure.in
	contrib/tor-mingw.nsi.in
	src/win32/orconfig.h
 2009-05-25 16:43:52 -04:00
Nick Mathewson
99c315a473 Use tor_socket_strerror in eventdns.c. Fixes bug 987. 2009-05-25 16:38:50 -04:00
Roger Dingledine
a2c841d555 add the 0.2.1.14-rc blurb 2009-05-25 13:16:45 -04:00
Roger Dingledine
7d9567af2e clean up the 0.2.1.15-rc changelog 2009-05-25 13:14:58 -04:00
Nick Mathewson
b998fed9b9 Remove support for events without the extended format or long names. 
Supporting the old formats made our code complex; running without them
has been discouraged since 0.2.1.x.
 2009-05-25 12:52:25 -04:00
Nick Mathewson
4201a3735f Merge commit 'origin/maint-0.2.1' 2009-05-22 11:56:51 -04:00
Nick Mathewson
1d002a25a2 Finish up the 0.2.1 version of the bug 957 fix. 
Basically, all this means is downgrading our warning messages to debug
messages, since the bug workaround code here is adequate to stop the
bug.
 2009-05-22 11:47:09 -04:00
Nick Mathewson
79762aac17 Merge commit 'origin/maint-0.2.1' 2009-05-18 16:17:12 -04:00
Nick Mathewson
34030a3d23 Possible fix for crash bug related to event timeouts. [Bug 957] 
If we ever add an event, then set it, then add it again, there will be
now two pointers to the event in the event base.  If we delete one and
free it, the first pointer will still be there, and possibly cause a
crash later.

This patch adds detection for this case to the code paths in
eventdns.c, and works around it.  If the warning message ever
displays, then a cleverer fix is in order.

{I am not too confident that this *is* the fix, since bug 957 is very
tricky.  If it is, it is a bugfix on 0.2.0.}
 2009-05-18 16:12:39 -04:00
Nick Mathewson
14a549552a Merge branch 'maint-0.2.1' into merge_tmp 2009-05-17 02:11:34 -04:00
Roger Dingledine
2fa5410218 Fix a memory leak when v3 directory authorities load their keys 
and cert from disk. Bugfix on 0.2.0.1-alpha.
 2009-05-17 02:04:59 -04:00
Nick Mathewson
c0515b307c Fix valgrind error when marking a descriptor as never-downloadable. 
When we got a descriptor that we (as an authority) rejected as totally
bad, we were freeing it, then using the digest in its RAM to look up its
download status.  Caught by arma with valgrind.  Bugfix on 0.2.1.9-alpha.
 2009-05-17 02:01:09 -04:00
Nick Mathewson
11b9c839f0 Stop using malloc_usable_size(): valgrind hates it. 2009-05-17 01:55:02 -04:00
Nick Mathewson
87f7059dbc Merge branch 'maint-0.2.1' 2009-05-17 01:23:08 -04:00
Roger Dingledine
c28d25e7a4 minor tweak on changelog entries 2009-05-17 01:22:28 -04:00
Roger Dingledine
095c26f63e minor tweak on changelog entries 2009-05-17 01:21:49 -04:00
Nick Mathewson
e563874045 Merge commit 'origin/maint-0.2.1' 2009-05-17 00:05:38 -04:00
Nick Mathewson
9f25a5529a Fix an assertion-failure in memarea_alloc() on 64-bit platforms. 
The trick is that we should assert that our next_mem pointer has not
run off the end of the array _before_ we realign the pointer, since
doing that could take us over the end... but only if we're on a system
where malloc() gives us ram in increments smaller than sizeof(void*).
 2009-05-17 00:02:59 -04:00
Mike Perry
29bf271ba2 Fix misreporting of stream bandwidths. 2009-05-14 17:52:26 -04:00
Nick Mathewson
479d21254a Merge commit 'origin/maint-0.2.1' 2009-05-13 16:55:42 -04:00
Nick Mathewson
45171cd9e9 Changelog entries for bug932 fixes 2009-05-13 16:46:21 -04:00
Nick Mathewson
c36efb0c45 Use a mutex to protect the count of open sockets. 
This matters because a cpuworker can close its socket when it
finishes.  Cpuworker typically runs in another thread, so without a
lock here, we can have a race condition and get confused about how
many sockets are open.  Possible fix for bug 939.
 2009-05-13 09:38:48 -04:00
Nick Mathewson
d9650cfa50 Add sentinel values to the end of memarea chunks. 
This might detect some possible causes of bug 930, and will at least
make sure we aren't doing some dumb memory-corruption stuff with the heap
and router-parsing.
 2009-05-12 15:10:23 -04:00
Nick Mathewson
5fc08d1920 Merge 0.2.1 onto the development branch. 
Manually resolved conflicts on version number; all else applied cleanly.
 2009-05-12 13:57:58 -04:00
Nick Mathewson
88d81ead83 Better debugging output for bug 977 case. 
(Don't crash immediately if we have leftover chunks to free after
freeing chunks in a buffer freelist; instead log a debugging message
that might help.)
 2009-05-12 13:54:21 -04:00
Karsten Loesing
592f957169 Update rend-spec.txt. 2009-05-04 13:46:30 -04:00
Nick Mathewson
596e852c31 Remove the long-deprecated GETINFO addr-mappings/ 2009-05-01 06:25:18 -04:00
Nick Mathewson
4e4be180ec Changelog entry for Jake's torify patch. 2009-04-29 19:05:56 -04:00
Nick Mathewson
6ac3a8b0cd Command-line option to dump SHA1 digests of all source files. 
Now, when you call tor --digests, it dumps the SHA1 digest of each
source file that Tor was built with.  We support both 'sha1sum' and
'openssl sha1'.  If the user is building from a tarball and they
haven't edited anything, they don't need any program that calculates
SHA1.  If they _have_ modified a file but they don't have a program to
calculate SHA1, we try to build so we do not output digests.
 2009-04-29 14:46:04 -04:00
Sebastian Hahn
5675be39a0 Return -1 in the error case from read_bandwidth_usage. 
svn:r19367
 2009-04-23 22:04:10 +00:00
Roger Dingledine
72e4d48c7a Update to the "April 3 2009" ip-to-country file. 
svn:r19307
 2009-04-12 08:09:38 +00:00
Roger Dingledine
39ceda7e05 Raise the minimum bandwidth to be a relay from 20000 bytes to 20480 
bytes (aka 20KB/s), to match our documentation. Also update
directory authorities so they always assign the Fast flag to relays
with 20KB/s of capacity. Now people running relays won't suddenly
find themselves not seeing any use, if the network gets faster
on average.


svn:r19305
 2009-04-12 07:56:58 +00:00
Roger Dingledine
c024928b63 For belt-and-suspenders, relays that don't set Address in their config 
now avoid using begin_dir for all direct connections.


svn:r19296
 2009-04-11 19:40:42 +00:00
Roger Dingledine
8d82583d97 Finally fix the bug where dynamic-IP relays disappear when their 
IP address changes: directory mirrors were mistakenly telling them
their old address if they asked via begin_dir, so they never got
an accurate answer about their new address, so they just vanished
after a day. Should fix bugs 827, 883, and 900 -- but alas, only
after every directory mirror has upgraded.


svn:r19291
 2009-04-11 18:09:15 +00:00
Roger Dingledine
48118b228e Clients replace entry guards that were chosen more than a few months 
ago. This change should significantly improve client performance,
especially once more people upgrade, since relays that have been
a guard for a long time are currently overloaded.


svn:r19287
 2009-04-11 12:00:18 +00:00
Roger Dingledine
ebadf2b068 general changelog cleanups 
svn:r19273
 2009-04-11 04:31:46 +00:00
Roger Dingledine
927d35a001 a changelog entry for r19259 
svn:r19261
 2009-04-11 00:24:06 +00:00
Roger Dingledine
93c0a81491 If the bridge config line doesn't specify a port, assume 443. 
This makes bridge lines a bit smaller and easier for users to
understand.

Also, remove a duplicate changelog entry from the past.


svn:r19260
 2009-04-11 00:16:05 +00:00
Nick Mathewson
d50501e5ed Fix a few crash bugs related to malormed descriptors. Lark found one; fuzzing found the rest. 
svn:r19250
 2009-04-09 19:58:16 +00:00
Roger Dingledine
7170c5b4f8 Limit uploaded directory documents to be 16M rather than 500K. 
The directory authorities were refusing v3 consensus votes from
other authorities, since the votes are now 504K. Fixes bug 959;
bugfix on 0.0.2pre17 (where we raised it from 50K to 500K ;).


svn:r19194
 2009-03-31 04:03:37 +00:00
Roger Dingledine
793f1ce007 Directory authorities should never send a 503 "busy" response to 
requests for votes or keys. Bugfix on 0.2.0.8-alpha; exposed by
bug 959.


svn:r19189
 2009-03-31 01:29:07 +00:00
Nick Mathewson
0fa01654b9 fix from lark: make memarea_strndup() work even at the end of a mmap chunk. Bug was harmless for now, I think. 
svn:r19094
 2009-03-21 11:52:53 +00:00
Nick Mathewson
a335b43a67 If we have a routerstatus but no routerinfo to name a router, use the routerstatus instead when generating circuit events. Also refactor a little. 
svn:r19078
 2009-03-18 19:30:30 +00:00
Nick Mathewson
30ec1d1d50 Don't double-free successful_uploads. 
When we used smartlist_free to free the list of succesful uploads
because we had succeeded in uploading everywhere, we did not actually
set the successful_uploads field to NULL, so later it would get freed
again in rend_service_descriptor_free.  Fix for bug 948; bug
introduced in 0.2.1.6-alpha.

svn:r19073
 2009-03-18 14:35:24 +00:00
Nick Mathewson
ad7ebec24c Free very-old descriptors that we do not want to add. Fix for bug 672. Backport candidate 
svn:r19057
 2009-03-16 18:47:45 +00:00
Roger Dingledine
362c4e0d02 add in the blurb 
svn:r18945
 2009-03-13 04:47:12 +00:00
Karsten Loesing
309080b6aa Make directory usage recording work again. Fixing bug introduced in r17009. 
svn:r18924
 2009-03-11 22:08:37 +00:00
Steven Murdoch
43145fc9f5 In tor-resolve, when the Tor client to use is specified by <hostname>:<port>, actually use the specified port rather than defaulting to 9050 
svn:r18833
 2009-03-10 00:52:45 +00:00
Roger Dingledine
4774e593b8 Bugfix on r17756: 
Avoid trying to print raw memory to the logs when we decide to
give up on downloading a given relay descriptor. Bugfix on
0.2.1.9-alpha.


svn:r18831
 2009-03-09 22:05:17 +00:00
Roger Dingledine
89da31f772 3! 3 not 2. 
svn:r18813
 2009-03-09 00:55:59 +00:00
Roger Dingledine
5d50bc3e1d We were already rejecting relay begin cells with destination port 
of 0. Now also reject extend cells with destination port or address
of 0. Suggested by lark.


svn:r18812
 2009-03-09 00:53:42 +00:00
Roger Dingledine
5cb2e4efca declare that i'm going to tag 0.2.1.13-alpha tonight 
svn:r18811
 2009-03-09 00:43:03 +00:00
Nick Mathewson
18648907c4 Build correctly from outside main source tree. Patch from Michael Gold. 
svn:r18809
 2009-03-08 23:18:44 +00:00
Roger Dingledine
0f46c1dc6e Update to the "February 26 2009" ip-to-country file 
svn:r18774
 2009-03-05 10:47:25 +00:00
Nick Mathewson
cbbc0c9c86 Actually use tor_sscanf() to parse untrusted input. 
svn:r18761
 2009-03-03 18:02:36 +00:00
Nick Mathewson
9f8d095e0f Add and use set/get_uint64 on onion tags. [bug 604; backportable] 
It seems that 64-bit Sparc Solaris demands 64-bit-aligned access to
uint64_t, but does not 64-bit-align the stack-allocated char array we
use for cpuworker tags.  So this patch adds a set/get_uint64 pair, and
uses them to access the conn_id field in the tag.

svn:r18743
 2009-03-02 19:15:05 +00:00
Nick Mathewson
27c3b43817 Fix one case of bug 929. 
svn:r18683
 2009-02-23 20:04:51 +00:00
Nick Mathewson
261670b57e Patch from lark: if we get two extend cells for the same circuit id, drop the second. Previously, we had leaked an extend_info if the target connection was not open when the second arrived. 
svn:r18668
 2009-02-21 19:07:05 +00:00
Nick Mathewson
192b701fac Patch from lark: drop BEGIN cells from a rendevous circuit if they do not originate from the end of the circuit. 
svn:r18667
 2009-02-21 19:07:01 +00:00
Nick Mathewson
b13496b62a Possible fix for broken country settings in ExcludeExitNodes. 
It turns out that we weren't updating the _ExcludeExitNodesUnion set's
country numbers when we reloaded (or first loaded!) the IP-to-country
file.  Spotted by Lark.  Bugfix on 0.2.1.6-alpha.

svn:r18575
 2009-02-16 15:15:06 +00:00
Roger Dingledine
d3289c6b87 docdoc and changelog for r18556 
svn:r18566
 2009-02-16 10:39:10 +00:00
Roger Dingledine
c8474f9d93 If the controller claimed responsibility for a stream, but that 
stream never finished making its connection, it would live
forever in circuit_wait state. Now we close it after SocksTimeout
seconds. Bugfix on 0.1.2.7-alpha; reported by Mike Perry.


svn:r18516
 2009-02-13 04:11:14 +00:00
Roger Dingledine
b03f78e8af Update to the "January 23 2009" ip-to-country file 
svn:r18503
 2009-02-12 12:32:14 +00:00
Roger Dingledine
97ff5346df and forward-port the 0.2.0.33 and 0.2.0.34 changelogs 
svn:r18497
 2009-02-11 22:21:50 +00:00
Nick Mathewson
65dc835773 Revert an erroneous part of the non-fix to bug 326, and add comments to explain why it was erroneous. 
svn:r18494
 2009-02-11 17:23:11 +00:00
Nick Mathewson
356b40f58b Clients and non-caches do not need to cache unrecognized authority certificates. 
svn:r18480
 2009-02-10 20:28:30 +00:00
Karsten Loesing
34b285b09f As an exit node, scrub the IP address to which we are exiting in the logs. Bugfix on 0.2.1.8-alpha. 
svn:r18477
 2009-02-10 18:52:47 +00:00
Nick Mathewson
91fece7be2 Don't extend introduction circuits indefinitely. 
Doing so could run you out of relay_early cells and give you a
senselessly long circuit.  Patch from Karsten; may fix bug 878.

svn:r18459
 2009-02-10 00:45:30 +00:00
Nick Mathewson
6f90f6f2a2 Retry circuits if the exit node is optional and nonexistant. 
Previously, when we had the chosen_exit set but marked optional, and
we failed because we couldn't find an onion key for it, we'd just give
up on the circuit.  But what we really want to do is try again, without
the forced exit node.

Spotted by rovv.  Another case of bug 752.  I think this might be
unreachable in our current code, but proposal 158 could change that.

svn:r18451
 2009-02-09 16:55:48 +00:00
Nick Mathewson
c7315e65ae Disable KQUEUE from inside Tor if the OSX version is prior to 10.4.0 
svn:r18450
 2009-02-09 16:07:02 +00:00
Nick Mathewson
f99098cca4 Use prctl to reenable core dumps when we have setuid to a non-root user. 
svn:r18449
 2009-02-09 15:20:17 +00:00
Nick Mathewson
f95ab83792 Bump version to 0.2.1.12-alpha-dev 
svn:r18448
 2009-02-09 15:09:51 +00:00
Roger Dingledine
876a588ced a bit more changelog mucking 
svn:r18426
 2009-02-09 03:24:53 +00:00
Roger Dingledine
d9f01304ba shuffle the changelog a bit 
svn:r18425
 2009-02-09 03:21:43 +00:00
Nick Mathewson
2ebdf91a52 Fix a remote-crash bug. This will need a patch release. 
svn:r18421
 2009-02-09 03:13:02 +00:00
Roger Dingledine
2756824087 Fix a temporary DoS vulnerability that could be performed by 
a directory mirror. Bugfix on 0.2.0.9-alpha; reported by lark.


svn:r18420
 2009-02-09 03:12:07 +00:00
Roger Dingledine
a5d4c5e7c6 declare tomorrow as the day for 0.2.1.12-alpha too 
svn:r18413
 2009-02-08 05:00:39 +00:00
Karsten Loesing
88d6e6035d Forward-port ChangeLog for 0.2.0.30. 
svn:r18404
 2009-02-05 17:52:58 +00:00
Roger Dingledine
decdf4537a If we're using bridges and our network goes away, be more willing 
to forgive our bridges and try again when we get an application
request. Bugfix on 0.2.0.x.


svn:r18396
 2009-02-04 23:27:35 +00:00
Roger Dingledine
1625467be7 cosmetic changes 
svn:r18394
 2009-02-04 23:13:51 +00:00
Roger Dingledine
5776dfcdf0 and forward-port the 0.2.0.33 changelog 
svn:r18392
 2009-02-04 15:20:50 +00:00
Nick Mathewson
261f49fe26 Fix a possible cause of bug 915 when parsing multiple votes one of which was bad. Bugfix on 0.2.0.8-alpha. 
svn:r18354
 2009-01-31 18:27:38 +00:00
Nick Mathewson
676cfbbf84 When building with GCC, use -fno-strict-aliasing 
GCC's interpretation of the C99 aliasing rules, to be charitable,
creates a dialect of C intended for a better programmers than I am
certain of my ability to be in all times.  I just spent 2 hours
tracking down a platform-hyperspecific libevent bug that turned out to
be because of this, and darned if I ever want to do *that* again.

One of Linus's recent rants will give you a picture of why GCC's
behavior here can lead to fun surprises in your binaries:
http://lwn.net/Articles/316126/

svn:r18351
 2009-01-31 07:51:02 +00:00
Nick Mathewson
e1f03572ca Support setting serverdnsrandomizecase during sighup. Backportable, unless too trivial. 
svn:r18307
 2009-01-28 19:53:03 +00:00
Nick Mathewson
f78793879d Fix a race condition on nameserver reconfiguration. 
This resolves bug 526, wherein we would crash if the following
events occurred in this order:
  A: We're an OR, and one of our nameservers goes down.
  B: We launch a probe to it to see if it's up again. (We do this hourly
     in steady-state.)
  C: Before the probe finishes, we reconfigure our nameservers,
     usually because we got a SIGHUP and the resolve.conf file changed.
  D: The probe reply comes back, or times out. (There is a five-second
     window for this, after B has happens).

IOW, if one of our nameservers is down and our nameserver
configuration has changed, there were 5 seconds per hour where HUPing
the server was unsafe.

Bugfix on 0.1.2.1-alpha.  Too obscure to backport.

svn:r18306
 2009-01-28 18:26:20 +00:00
Nick Mathewson
e06de61d84 Don't obsolete a very-new connection for having no circuits yet. 
This fixes the last known case of bug 891, which could happen if two
hosts, A and B, disagree about how long a circuit has been open,
because of clock drift of some kind.  Host A would then mark the
connection as is_bad_for_new_circs when it got too old and open a new
connection.  In between when B receives a NETINFO cell on the new
conn, and when B receives a conn cell on the new circuit, the new
circuit will seem worse to B than the old one, and so B will mark it
as is_bad_for_new_circs in the second or third loop of
connection_or_group_set_badness().

Bugfix on 0.1.1.13-alpha.  Bug found by rovv.

Not a backport candidate: the bug is too obscure and the fix too tricky.

svn:r18303
 2009-01-28 17:36:41 +00:00
Nick Mathewson
62a460d55f Fix an old changelog entry to mention which bug it fixed. 
svn:r18302
 2009-01-28 17:36:37 +00:00
Nick Mathewson
8027c8c6dd Forward-port: Fix bug 893: check AP connections for markedness before expiring them. 
svn:r18299
 2009-01-28 16:30:06 +00:00
Nick Mathewson
ef001cf85d Actually send the extra_headers content in write_http_response_header_impl. This make X-Descriptor-Now-New get sent. Bugfix on 0.2.0.10-alpha. Spotted by "multiplication". 
svn:r18297
 2009-01-28 16:06:46 +00:00
Roger Dingledine
9fdae765e3 clean up r18287 
svn:r18288
 2009-01-28 07:16:22 +00:00
Nick Mathewson
afc5b61777 Do not use == in our shell code; = is standard. 
svn:r18239
 2009-01-22 19:06:28 +00:00
Nick Mathewson
25c6ff6f55 Support 64-bit time_t. Patch from Matthias Drochner. Partial backport candidate. 
svn:r18234
 2009-01-22 16:28:12 +00:00
Nick Mathewson
8ebceeb352 Make sure that even in the weird fiddly paths that lead to init_keys, 
crypto_global_init gets called.  Also have it be crypto_global_init
that calls crypto_seed_rng, so we are not dependent on OpenSSL's
RAND_poll in these fiddly cases.

Should fix bug 907.  Bugfix on 0.0.9pre6.  Backport candidate.

svn:r18210
 2009-01-21 15:38:39 +00:00
Nick Mathewson
bf2b71beb8 Fix an error in tor_addr_parse that kept us from having a hidden service or a bridge live at an IPv6 address. 
svn:r18206
 2009-01-21 07:24:50 +00:00
Nick Mathewson
3f8ab367c1 Fix warning on panther compile, and bug 913. Backport candidate. 
svn:r18203
 2009-01-21 03:51:14 +00:00
Roger Dingledine
a5a6b9a08a Let controllers actually ask for the "clients_seen" event. Bugfix 
on 0.2.1.10-alpha; reported by Matt Edman.


svn:r18201
 2009-01-21 03:24:27 +00:00
Roger Dingledine
90a5042aeb get ready for more development 
svn:r18200
 2009-01-21 02:51:30 +00:00
Roger Dingledine
3c668245b7 bump to 0.2.1.11-alpha, clean up changelog 
svn:r18192
 2009-01-20 23:33:04 +00:00
Peter Palfrader
0636369b83 mention that tsocks only socksifies TCP 
In the torify(1) manpage explain that tsocks will only socksify
TCP connections, and that therefore it will most likely leak DNS
requests.

svn:r18160
 2009-01-18 01:05:17 +00:00
Nick Mathewson
87124f54d0 This patch changes the default location where config and data files 
are stored when the --enable-local-appdata option is configured.  This
changes the Windows path from %APPDATA% to a host local
%USERPROFILE%\Local Settings\Application Data\ path (aka,
LOCAL_APPDATA).

Patch from coderman.



svn:r18122
 2009-01-15 23:07:11 +00:00
Nick Mathewson
dbc8a44bae Fix ServerDNSRandomizeCase so that setting it to 0 works. 
Bugfix on 0.2.1.7-alpha.  Backport candidate. Fixes bug 905.

svn:r18063
 2009-01-10 14:38:14 +00:00
Nick Mathewson
a6504cdea7 Check that Libevent header version matches Libevent library version. 
Unfortunately, old Libevents don't _put_ a version in their headers, so
this can get a little tricky.  Fortunately, the only binary-compatibility
issue we care about is the size of struct event.  Even more fortunately,
Libevent 2.0 will let us keep binary compatiblity forever by letting us
decouple ourselves from the structs, if we like.

svn:r18014
 2009-01-07 21:05:02 +00:00
Roger Dingledine
c123163043 Discard router descriptors as we load them if they are more than 
five days old. Otherwise if Tor is off for a long time and then
starts with cached descriptors, it will try to use the onion
keys in those obsolete descriptors when building circuits. Bugfix
on 0.2.0.x. Fixes bug 887.


svn:r17993
 2009-01-07 02:13:42 +00:00
Roger Dingledine
b36a98ff5a When our circuit fails at the first hop (e.g. we get a destroy 
cell back), avoid using that OR connection anymore, and also
tell all the one-hop directory requests waiting for it that they
should fail. Bugfix on 0.2.1.3-alpha.


svn:r17984
 2009-01-06 21:28:48 +00:00
Nick Mathewson
462f64b6b9 Make outgoing DNS requests respect OutboundBindAddress. 
Fixes the bug part of bug 789.

svn:r17983
 2009-01-06 20:50:55 +00:00
Roger Dingledine
e61c40e9f4 ok, all set to destabilize it again 
svn:r17980
 2009-01-06 20:38:05 +00:00
Roger Dingledine
2d9e8a75b8 bump to 0.2.1.10-alpha, reorganize the changelog 
svn:r17974
 2009-01-06 20:11:47 +00:00
Roger Dingledine
4acf16cb63 and mention the bug # in the changelog 
svn:r17971
 2009-01-06 19:07:21 +00:00
Roger Dingledine
68806c7fb7 When a relay gets a create cell it can't decrypt (e.g. because it's 
using the wrong onion key), we were dropping it and letting the
client time out. Now actually answer with a destroy cell. Bugfix
on 0.0.2pre8.


svn:r17970
 2009-01-06 19:03:15 +00:00
Roger Dingledine
d1351750ed Update to the "December 19 2008" ip-to-country file 
svn:r17968
 2009-01-06 18:03:01 +00:00
Roger Dingledine
fe040342e7 specify it was a bugfix on something from 2007 
svn:r17960
 2009-01-06 16:11:10 +00:00
Roger Dingledine
e127072318 Prevent bridge relays from serving their 'extrainfo' document 
to anybody who asks, now that extrainfo docs include potentially
sensitive aggregated client geoip summaries.


svn:r17958
 2009-01-06 16:03:38 +00:00
Roger Dingledine
d95b63f1e4 Bugfix on r13098. Backport candidate. 
When we made bridge authorities stop serving bridge descriptors over
unencrypted links, we also broke DirPort reachability testing for
bridges. So bridges with a non-zero DirPort were printing spurious
warns to their logs. Bugfix on 0.2.0.16-alpha. Fixes bug 709.


svn:r17945
 2009-01-06 07:13:24 +00:00
Roger Dingledine
55665f25e5 the new alpha release is coming out this week sometime. too many 
bugs fixed to keep waiting. i still need to track down bug 709
first though, since i am increasingly thinking it's a real bug.


svn:r17944
 2009-01-06 03:57:06 +00:00
Nick Mathewson
f772fc0c36 apply a variant of rovv's bug 872 patch, and document that we want a better solution for 0.2.2.x. 
svn:r17924
 2009-01-05 20:52:14 +00:00
Roger Dingledine
e3388230c4 Bridge relays that had DirPort set to 0 would stop fetching 
descriptors shortly after startup, and then briefly resume
after a new bandwidth test and/or after publishing a new bridge
descriptor. Bridge users that try to bootstrap from them would
get a recent networkstatus but would get descriptors from up to
18 hours earlier, meaning most of the descriptors were obsolete
already. Reported by Tas; bugfix on 0.2.0.13-alpha.


svn:r17920
 2009-01-05 18:54:11 +00:00
Roger Dingledine
9e75c06197 If the cached networkstatus consensus is more than five days old, 
discard it rather than trying to use it. In theory it could
be useful because it lists alternate directory mirrors, but in
practice it just means we spend many minutes trying directory
mirrors that are long gone from the network. Helps bug 887 a bit;
bugfix on 0.2.0.x.


svn:r17917
 2009-01-05 16:56:11 +00:00
Roger Dingledine
cec0a57dc8 mark what version of tor mike's bug was in 
svn:r17912
 2009-01-05 14:32:58 +00:00
Mike Perry
da430cfcf7 Preserve reporting of stream end reasons to the local control 
port.  They were lost in the changes for Proposal 148.



svn:r17911
 2009-01-05 14:14:57 +00:00
Nick Mathewson
9c94b428d9 Fix the oldest bug in a while: stop accepting 1.2.3 as a valid IPv4 address on any platform. 
svn:r17887
 2009-01-04 19:47:17 +00:00
Nick Mathewson
360a059948 Fix an xxx021: do not remove routerinfos as too old and unlisted unless we have a consensus. Backport candidate. 
svn:r17886
 2009-01-04 19:47:12 +00:00
Nick Mathewson
c4b8fef362 Remove svn $Id$s from our source, and remove tor --version --version. 
The subversion $Id$ fields made every commit force a rebuild of
whatever file got committed.  They were not actually useful for
telling the version of Tor files in the wild.

svn:r17867
 2009-01-04 00:35:51 +00:00
Nick Mathewson
d3e57378ec Mention that our documentation is better in 0.2.1.10-x. 
svn:r17862
 2009-01-03 23:06:08 +00:00
Nick Mathewson
b07baba879 Increment n_download_failures up to IMPOSSIBLE_TO_DOWNLOAD-1, not up to IMPOSSIBLE_TO_DOWNLOAD. 
svn:r17835
 2008-12-31 17:22:18 +00:00
Nick Mathewson
ffe22fab9b Indeed, arma was right. There was one ntohl too many in debug_ntop in eventdns.c 
svn:r17826
 2008-12-30 04:08:45 +00:00
Roger Dingledine
f6b7e108e4 for some reason nickm removed this major feature from 
the 0.2.1.3-alpha changelog. put it back.


svn:r17824
 2008-12-30 02:03:23 +00:00
Nick Mathewson
d640e2ab00 Spec compliance: if weighted MTBF of a router is at least 5 days, always vote it as Stable. 
svn:r17821
 2008-12-29 20:17:18 +00:00
Nick Mathewson
c1c7f982d9 Do not not cannibalize a circuit that has run out of RELAY_EARLY cells. Partial bug 878 fix. 
svn:r17815
 2008-12-29 19:55:17 +00:00
Nick Mathewson
145ead96ed Do not cannibalize a circuit that has run out of RELAY_EARLY cells. Partial bug 878 fix. 
svn:r17814
 2008-12-29 19:55:13 +00:00
Nick Mathewson
e8a3fa91a6 Use a consistent naming standard for header file guard macros, taking care not to collide with any system headers. This tripped us up on Android. 
svn:r17805
 2008-12-29 02:21:02 +00:00
Nick Mathewson
b0a8ecd193 Use RSA_generate_key_ex where available. 
svn:r17804
 2008-12-29 02:20:57 +00:00
Nick Mathewson
870fd18b8f Refactor some exit-policy-related functions that showed up in oprofile. 
Specifically, split compare_tor_addr_to_addr_policy() from a loop with a bunch
of complicated ifs inside into some ifs, each with a simple loop.  Rearrange
router_find_exact_exit_enclave() to run a little faster.  Bizarrely,
router_policy_rejects_all() shows up on oprofile, so precalculate it per
routerinfo.

svn:r17802
 2008-12-29 01:47:28 +00:00
Roger Dingledine
5519e633ec New controller event "clients_seen" to report a geoip-based summary 
of which countries we've seen clients from recently. Now controllers
like Vidalia can show bridge operators that they're actually making
a difference.


svn:r17796
 2008-12-27 06:50:07 +00:00
Nick Mathewson
616f6643ef get_interface_addr6(), and by extension get_interface_addr(), were pretty borked. Copying a tor_addr_t from a sockaddr_storage using memcpy is a poor notion. 
svn:r17789
 2008-12-26 21:26:03 +00:00
Roger Dingledine
41aef35963 last cleanups 
svn:r17779
 2008-12-25 21:02:50 +00:00
Roger Dingledine
20f964c6da prepare for 0.2.1.9-alpha 
svn:r17778
 2008-12-25 20:32:49 +00:00
Roger Dingledine
a12c3f2c86 some fixes i found in my sandbox 
svn:r17771
 2008-12-25 15:37:47 +00:00
Nick Mathewson
5dd7e018cb Changelog entries for bug 891 fix as checkpointed. 
svn:r17759
 2008-12-24 02:41:36 +00:00
Nick Mathewson
ac2f6b608a Patch from Sebiastian for bug 888: mark a descriptor as "Impossible" if we reject it after downloading it so that we do not download it again 
svn:r17756
 2008-12-23 21:17:52 +00:00
Nick Mathewson
029be5ad02 Move in-addr.arpa parsing and generation into address.c, and simplify the code that does it elsewhere. Incidentally, this lets exit servers answer requests for ip6.arpa addresses. 
svn:r17707
 2008-12-19 18:52:00 +00:00
Nick Mathewson
c67bd80487 Make cell pools always-on. 
svn:r17692
 2008-12-18 17:28:50 +00:00
Nick Mathewson
bf80e2df3f Replace calls to time(NULL) that occur on the order of once per read, one per write, or once per cell with calls to a function that looks at a cached value of time. This is tricksy to benchmark, since it will only help on systems where time() is a syscall and syscalls are relatively slow. 
svn:r17690
 2008-12-18 17:19:04 +00:00
Nick Mathewson
b6f89a647a One log.c XXX021 was a misunderstanding. Also, clip log messages passed to syslog to their maximum length when there is a maximum. 
svn:r17688
 2008-12-18 17:18:06 +00:00
Nick Mathewson
cebdf93949 Fix bug 889: share deep-copied keys between threads to avoid races in reference counts. Bugfix on 0.1.0.1-rc. 
svn:r17672
 2008-12-18 05:28:27 +00:00
Nick Mathewson
676175103d Fix a valgrind-located memory stomp. Bugfix on 0.2.1.6-alpha. 
svn:r17667
 2008-12-18 04:27:23 +00:00
Nick Mathewson
5c235cb5ec Fix memory leak in rend_cache_store_v2_desc_as_client(), and refactor the function to use the "goto err" idiom. 
svn:r17665
 2008-12-18 00:11:49 +00:00
Nick Mathewson
7d92053286 Remove RedirectExit feature; it has been deprecated since 0.2.0.3-alpha 
svn:r17663
 2008-12-17 23:02:04 +00:00
Nick Mathewson
2ad36f68c8 Rename ServerDNSAllowBrokenResolvConf to ServerDNSAllowBrokenConfig. 
(Many users have no idea what a resolv.conf is, and shouldn't be forced to learn.  The old option will keep working for now.)
Also, document it.

svn:r17661
 2008-12-17 22:58:14 +00:00
Roger Dingledine
03f413f5c7 declare that we're putting out 0.2.1.9-alpha next week 
svn:r17659
 2008-12-17 22:46:00 +00:00
Roger Dingledine
048f2a179b Clip the MaxCircuitDirtiness config option to a minimum of 10 
seconds. Warn the user if lower values are given in the
configuration. Bugfix on 0.1.0.1-rc. Patch by Sebastian.
Clip the CircuitBuildTimeout to a minimum of 30 seconds. Warn the
user if lower values are given in the configuration. Bugfix on
0.1.1.17-rc. Patch by Sebastian.


svn:r17657
 2008-12-17 22:32:17 +00:00
Nick Mathewson
7678ac5193 Move edge-only flags from connection_t to edge_connection_t. 
svn:r17643
 2008-12-17 14:59:28 +00:00
Nick Mathewson
26632d59dd Rename or_is_obsolete and move it to or_connection_t where it belongs. 
svn:r17642
 2008-12-17 14:59:19 +00:00
Nick Mathewson
e53ffaa4e4 Don't extend circuits over noncanonical connections with mismatched addresses. 
Also, refactor the logic to check whether we will use a connection or
launch a new one into a new function.

svn:r17628
 2008-12-15 21:17:53 +00:00
Nick Mathewson
51c29e1e24 Apply rovv's bug 805 fix: take more care never to prefer a non-canonical connection. 
svn:r17627
 2008-12-15 21:17:43 +00:00
Roger Dingledine
5822e14dc9 When a stream at an exit relay is in state "resolving" or 
"connecting" and it receives an "end" relay cell, the exit relay
would silently ignore the end cell and not close the stream. If
the client never closes the circuit, then the exit relay never
closes the TCP connection. Bug introduced in Tor 0.1.2.1-alpha;
reported by "wood".


svn:r17625
 2008-12-14 19:40:56 +00:00
Nick Mathewson
a4a481d81c Implement proposal 148: Make client stream end reasons uniform. 
This patch makes every RELAY_COMMAND_END cell that we send pass through one of two functions: connection_edge_end and relay_send_end_cell_from_edge.  Both of these functions check the circuit purpose, and change the reason to MISC if the circuit purpose means that it's for client use.

svn:r17612
 2008-12-12 20:30:42 +00:00
Nick Mathewson
5fb2ab1e65 Implement the /tor/keys/fp-sk/ URL format. That mostly finishes the server side of 157. 
svn:r17611
 2008-12-12 19:05:36 +00:00
Nick Mathewson
69ce955484 Add cross-certification to authority key certificates. Partial implementation of proposal 157. 
svn:r17610
 2008-12-12 18:31:39 +00:00
Nick Mathewson
f3b52e331e Avoid multiple descriptor-fetch connections to authorities. Fixes bug 366. 
svn:r17594
 2008-12-11 19:12:55 +00:00
Roger Dingledine
65c71a5a9e put recent release blurbs into the changelog; fix a typo in tor-spec. 
svn:r17586
 2008-12-11 17:18:03 +00:00
Nick Mathewson
240ee1866b Add experimental support for learning svn revision number in git-svn based repositories. Fancy. 
svn:r17581
 2008-12-11 06:52:24 +00:00
Karsten Loesing
eb09eebeda Give credit to John Brooks for finding bug 874. 
svn:r17571
 2008-12-10 23:58:17 +00:00
Karsten Loesing
d03d1d04d5 Modify ChangeLog for bug 874. 
svn:r17570
 2008-12-10 23:51:59 +00:00
Nick Mathewson
d8027aa689 Fix a logic error that would automatically reject all but the first configured DNS server. Bugfix on 0.2.1.5-alpha. Possible fix for part of 813/868. Spotted by coderman 
svn:r17569
 2008-12-10 22:57:41 +00:00
Nick Mathewson
53d3f812bd Add new internal-use-only option for controllers to use to prevent SIGHUP from reloading the configuration. Fixes bug 856. 
svn:r17567
 2008-12-10 22:17:02 +00:00
Nick Mathewson
9aa706e20c Bug 691 fix: do not shutdown Tor servers right away if the network is down. 
svn:r17566
 2008-12-10 20:45:31 +00:00
Nick Mathewson
355369a27a Oops; that should have been bug 874, not 879. Also in the changelog. 
svn:r17565
 2008-12-10 18:26:00 +00:00
Nick Mathewson
426b53d85a Apply patch from Karsten to fix bug 879. Backport candidate. 
svn:r17562
 2008-12-10 18:16:58 +00:00
Nick Mathewson
f117ec8b68 small todo/changelog fixes 
svn:r17551
 2008-12-10 05:39:27 +00:00
Nick Mathewson
7aa7d1a3e7 Give a better error when something has changed our descriptor cache out from under us. Based on patch from Karsten. Addresses bug 885. 
svn:r17550
 2008-12-10 03:01:26 +00:00
Roger Dingledine
d7bf7e0b32 When a directory authority gives us a new guess for our IP address, 
log which authority we used. Hopefully this will help us debug
the recent complaints about bad IP address guesses.


svn:r17549
 2008-12-10 01:46:51 +00:00
Roger Dingledine
145e589b6c Resume using the correct "REASON=" stream when telling the 
controller why we closed a stream. Bugfix in 0.2.1.1-alpha.


svn:r17547
 2008-12-10 01:34:24 +00:00
Nick Mathewson
d60d8976b9 Better error message when told to setuid to ourself. 
svn:r17543
 2008-12-09 23:26:12 +00:00
Nick Mathewson
8990dbcf7a Redivide 0.2.1 items into do,nice-to-have,and defer. 
svn:r17539
 2008-12-09 20:48:22 +00:00
Nick Mathewson
a7b4a7b9f8 Finally remove deprecated-since-0.1.2.4-alpha EXTENDED_FORMAT synonym for EXTENDED_EVENTS 
svn:r17538
 2008-12-09 19:55:19 +00:00
Nick Mathewson
0280a72500 Add a new status event for consensus arrival 
svn:r17535
 2008-12-09 18:16:41 +00:00
Roger Dingledine
262dd2bae1 drop confusing and probably not so big changelog entry 
svn:r17517
 2008-12-08 00:14:13 +00:00
Roger Dingledine
e5be0504ab When the client is choosing entry guards, now it selects at most 
one guard from a given relay family. Otherwise we could end up with
all of our entry points into the network run by the same operator. 
Suggested by Camilo Viecco. Fix on 0.1.1.11-alpha.

Not a backport candidate, since I think this might break for users
who only have a given /16 in their reachableaddresses, or something
like that.


svn:r17514
 2008-12-08 00:04:29 +00:00
Roger Dingledine
f31c16d993 Directory mirrors no longer fetch the v1 directory or 
running-routers files. They are obsolete, and nobody asks for them
anymore. This is the first step to making v1 authorities obsolete.


svn:r17513
 2008-12-07 23:53:39 +00:00
Roger Dingledine
21892d8a9c cleanups on r17500 
svn:r17501
 2008-12-07 01:34:45 +00:00
Jacob Appelbaum
6b178b46ef New DirPortFrontPage option that takes an html file and publishes it as "/" on the DirPort. Now relay operators can provide a disclaimer without needin to set up a separate webserver. There's a sample disclaimer in contrib/tor-exit-notice.html. 
svn:r17500
 2008-12-07 01:21:19 +00:00
Roger Dingledine
ba985f8576 format cleanups on changelog. prepare to release today. 
svn:r17497
 2008-12-07 00:30:14 +00:00
Nick Mathewson
2be5215181 Fix a hard-to-trigger memory leak in log_credential status. Found by Coverity scan. CID 349. 
svn:r17484
 2008-12-05 01:29:59 +00:00
Nick Mathewson
a26188cee9 fix bug 880: find the end of an authority cert by looking for the first ----END SIGNATURE----- after the first dir-key-certification, not for the first ----END SIGNATURE. Harmless bug, but it made us non-spec-compliant. 
svn:r17470
 2008-12-03 03:42:19 +00:00
Nick Mathewson
37bd9181f0 Do not use O_APPEND on fd-based operations that do not really want it; have them just lseek instead. 
svn:r17460
 2008-12-02 23:49:40 +00:00
Nick Mathewson
bd6b3072f9 Change logging code to use fds instead of stdio. Fixes bug 861, and probably makes logging slightly faster. Not a backport candidate: bug 861 is too obscure and harmless. 
svn:r17456
 2008-12-02 23:36:58 +00:00
Nick Mathewson
9c65195449 Apply rovv's patch for bug 864: avoid null error on detached signature handling failure. 
svn:r17446
 2008-12-02 19:13:23 +00:00
Nick Mathewson
60738daf85 Define socklen_t before using it in compat.h 
svn:r17444
 2008-12-02 18:54:47 +00:00
Nick Mathewson
651a0a2fb5 Stop marking bsearch_idx as pure; it is not. 
svn:r17393
 2008-11-26 16:57:46 +00:00
Nick Mathewson
bc597758dc Use fcntl for file locking when flock() is not available. 
svn:r17391
 2008-11-26 16:10:56 +00:00
Nick Mathewson
c7910c3bc9 Consider GetNetworkParams() nameserver parsing to have suceeded if even one nameserver can be added. Log more useful info about what exactly is failing when we fail to add a nameserver. 
svn:r17368
 2008-11-22 21:46:34 +00:00
Roger Dingledine
f722978288 and forward-port those 
svn:r17359
 2008-11-22 05:14:12 +00:00
Karsten Loesing
02fe9edf7c Correct ChangeLog entry. 
svn:r17321
 2008-11-17 21:50:42 +00:00
Nick Mathewson
bdc0aec00a Update _log_global_min_severity after switch_logs_debug(), so that USR2 will work again. Bugfix on 0.1.2.8-beta. Spotted by Geoff Down. 
svn:r17317
 2008-11-17 19:58:51 +00:00
Nick Mathewson
0fa698d84f apply sebastian's bug 867 fix: make routerset_equal() work as documented with NULL arguments 
svn:r17287
 2008-11-16 18:25:20 +00:00
Karsten Loesing
6d7951c022 Fix a possible segfault when establishing an exit connection. Bugfix on 0.2.1.5-alpha. 
svn:r17275
 2008-11-16 01:52:44 +00:00
Nick Mathewson
c36ddcbabf Apparently sparc64 is way more strict about uint16_t access alignment than I had thought: it gave bus errors when messing with var-cell headers. Maybe this patch will fix bug 862. 
svn:r17262
 2008-11-12 14:41:44 +00:00
Nick Mathewson
997aea74dc Fix from rovv: when adding a detached signature, do not automatically assume it is good just because we are adding it. We might also be adding it because it was the first signature we saw for a given voter. 
svn:r17248
 2008-11-11 16:35:46 +00:00
Nick Mathewson
8157b8b766 be less aggressive about deleting expired certs. based on patch from rovv. partial fix for bug 854. 
svn:r17246
 2008-11-11 16:01:57 +00:00
Nick Mathewson
e08cbe2029 Add PURPOSE= field to getinfo circuit-status. With luck, controllers are ignoring extra fields (like they are supposed to) and this will not break any controllers. 
svn:r17245
 2008-11-11 15:59:24 +00:00
Nick Mathewson
a95e0e7355 apply sebastian's fix for bug 859. Apparently on win32 one must lock at least one byte when locking, but locking a nonexistant byte is okay. ) 
svn:r17244
 2008-11-11 15:29:40 +00:00
Roger Dingledine
5d19fe5124 bump to 0.2.1.7-alpha 
svn:r17217
 2008-11-08 06:43:32 +00:00
Nick Mathewson
5e2cdc1666 When we get a duplicated certificate, treat it as a failure and increment the download count. Do not claim to be downloading certificates that we merely want. 
svn:r17209
 2008-11-07 14:01:44 +00:00
Nick Mathewson
a15bdd3edd patch from karsten to not use or accept expired certs. fixes bug 851. 
svn:r17208
 2008-11-07 13:38:49 +00:00
Roger Dingledine
311b8b274c minor changelog cleanups. declare that friday is when we release it. 
svn:r17207
 2008-11-07 05:11:41 +00:00
Steven Murdoch
9d68ed08e9 Patch from Jacob Appelbaum and me to make User option more robust, properly set supplementary groups, deprecated the Group option, and log more information on credential switching 
svn:r17200
 2008-11-07 02:06:12 +00:00
Nick Mathewson
3ebd1ebeca The chunk_size field in memarea_t was never actually set. Remove the whole thing. 
svn:r17195
 2008-11-05 20:34:22 +00:00
Nick Mathewson
73c6cb8353 Fix unit test failure related to intro point parsing. 
svn:r17188
 2008-11-03 16:36:15 +00:00
Nick Mathewson
69cda76168 missing changelog for 0x20 hack 
svn:r17185
 2008-11-03 15:45:27 +00:00
Nick Mathewson
8c78a68cc0 Move changelog entry to correct section 
svn:r17180
 2008-11-01 20:28:10 +00:00
Nick Mathewson
c534b96e58 Fix an assertion failure on double-marked circuits, and a double-mark. 
svn:r17179
 2008-11-01 20:27:41 +00:00
Nick Mathewson
c8a5e2d588 Work better with tools that resist DNS poisoning by using the 0x20 hack: make DNSPort replies perserve case. 
svn:r17170
 2008-10-29 15:31:26 +00:00
Nick Mathewson
361086005c Fix a possible negative shift in address comparison. May fix bug 845 and bug 811 
svn:r17169
 2008-10-29 13:29:54 +00:00
Nick Mathewson
ee31e0829e Verify cpath_layer match on rendezvous cells too. Fixes another case of bug 446. Based on patch from rovv. 
svn:r17162
 2008-10-27 16:46:45 +00:00
Nick Mathewson
b166a43cb6 Fix another case of refusing to use a chosen exit node because we think it will reject _mostly_ everything. Based on patch from rovv. See bug 752. 
svn:r17139
 2008-10-21 17:09:04 +00:00
Nick Mathewson
5e762e6a5c Fix the rest of bug 619: reject *:* servers should not do DNS lookups, even if broken clients send them RELAY_BEGIN cells. Patch from rovv. 
svn:r17138
 2008-10-21 16:51:59 +00:00
Nick Mathewson
b593fd5c20 Patch from rovv: send back END cell in response to connect attempts to nonexistent hidden service port. 
svn:r17137
 2008-10-21 16:41:20 +00:00
Roger Dingledine
bca46cc628 backport candidate: 
The "ClientDNSRejectInternalAddresses" config option wasn't being
consistently obeyed: if an exit relay refuses a stream because its
exit policy doesn't allow it, we would remember what IP address
the relay said the destination address resolves to, even if it's
an internal IP address. Bugfix on 0.2.0.7-alpha; patch by rovv.


svn:r17135
 2008-10-17 22:08:49 +00:00
Roger Dingledine
d374dc94e5 fix changelog entry for proposal 155, patch 1 
svn:r17113
 2008-10-15 22:01:17 +00:00
Roger Dingledine
a5769eefa4 patch4 from proposal 155: 
Hidden services start out building five intro circuits rather
than three, and when the first three finish they publish a service
descriptor using those. Now we publish our service descriptor much
faster after restart.


svn:r17110
 2008-10-15 20:59:48 +00:00
Roger Dingledine
d06182f0bd add patch2 from proposal 155: 
Launch a second client-side introduction circuit in parallel
after a delay of 15 seconds (based on work by Christian Wilms).


svn:r17108
 2008-10-15 18:52:06 +00:00
Roger Dingledine
4520500cde put in karsten's patch #1 for proposal 155, modified 
svn:r17106
 2008-10-15 00:36:09 +00:00
Nick Mathewson
846e40d193 Patch from rovv: when we have no pending streams, choose exits with choose_good_exit_server_general() rather than with circuit_get_unhandled_ports() and friends. Bugfix on 0.1.1.x, at least. 
svn:r17091
 2008-10-14 17:05:52 +00:00
Roger Dingledine
d7cfa1f56c Minor fix in the warning messages when you're having problems 
bootstrapping; also, be more forgiving of bootstrap problems when
we're still making incremental progress on a given bootstrap phase.


svn:r17066
 2008-10-13 03:34:29 +00:00
Roger Dingledine
37883ca4bc put the 0.2.1.6-alpha blurb into the changelog 
svn:r17059
 2008-10-12 00:51:02 +00:00
Roger Dingledine
c7af43a624 Now NodeFamily and MyFamily config options allow spaces in 
identity fingerprints, so it's easier to paste them in.
Suggested by Lucky Green.


svn:r17021
 2008-10-01 03:41:33 +00:00
Roger Dingledine
a04baf14b6 bump to 0.2.1.6-alpha, and note that the exclude*nodes config 
discussion hasn't finished.


svn:r17011
 2008-09-30 09:37:18 +00:00
Nick Mathewson
25f8335528 Include circuit purposes in circuit events. Now all circuit events are extended; this makes the code simpler. 
svn:r17007
 2008-09-29 22:34:22 +00:00
Roger Dingledine
26aa741169 Remove the old v2 directory authority 'lefkada' from the default 
list. It has been gone for many months.


svn:r17005
 2008-09-29 19:27:20 +00:00
Nick Mathewson
ae3ce7b387 Patch from mwenge: update TrackHostExits mapping expiry times when the mappings are used, so that they expire a while after their last use, not a while after their creation. 
svn:r17004
 2008-09-29 14:53:53 +00:00
Nick Mathewson
ee0078ead4 Make tor-resolve take a -p port option in addition to the current host:port syntax. 
svn:r17002
 2008-09-29 14:18:47 +00:00
Roger Dingledine
9678f166a8 If we have correct permissions on $datadir, we complain to stdout 
and fail to start. But dangerous permissions on
$datadir/cached-status/ would cause us to open a log and complain
there. Now complain to stdout and fail to start in both cases. Fixes
bug 820, reported by seeess.


svn:r16998
 2008-09-29 10:09:05 +00:00
Roger Dingledine
c846979ab7 Fix a bug where an unreachable relay would establish enough 
reachability testing circuits to do a bandwidth test -- if
we already have a connection to the middle hop of the testing
circuit, then it could establish the last hop by using the existing
connection. Bugfix on 0.1.2.2-alpha, exposed when we made testing
circuits no longer use entry guards in 0.2.1.3-alpha.


svn:r16997
 2008-09-29 09:36:42 +00:00
Roger Dingledine
81b216086b rearrange the changelog a bit more 
svn:r16996
 2008-09-29 09:30:06 +00:00
Roger Dingledine
57942415ef changelog cleanups. give 0.2.1.6-alpha a deadline. 
svn:r16995
 2008-09-29 06:54:32 +00:00
Nick Mathewson
99755f374d Fix 0/0 calculation in get_weighted_fractional_uptime(). 
svn:r16994
 2008-09-28 15:48:36 +00:00
Nick Mathewson
bb1685318c Commit fix for bug 807 from mwenge: send CLOSED controller event for reverse dns resolve, not FAILED. 
svn:r16985
 2008-09-26 20:25:35 +00:00
Nick Mathewson
e147e867be Proposal 152 implementation from Josh Albrecht, with tweaks. 
svn:r16983
 2008-09-26 18:58:45 +00:00
Nick Mathewson
e7e12236ac Code to serve a current stability calculations from /tor/dbg-stability.txt. Untested: somebody please run this on an authority and let me know if it is broken. 
svn:r16981
 2008-09-26 18:02:48 +00:00
Nick Mathewson
ae33d3ead7 Apply rovv's fix for bug 824. 
svn:r16975
 2008-09-26 15:30:26 +00:00
Nick Mathewson
8bbbbaf87b Add country-code support to configured node lists to implement the ever-popular "no exits in Monaco" feature (ExcludeExitNodes {MC}). Also allow country codes and IP ranges in ExitNodes. (EntryNodes needs more work.) Based on code by Robert Hogan. Needs more testing. 
svn:r16966
 2008-09-25 20:21:35 +00:00
Karsten Loesing
6bb4492a6f Having two "Major features:" sections seems too much of a good thing. 
svn:r16962
 2008-09-25 09:53:19 +00:00
Karsten Loesing
f2ff3e74ae All relays now store and serve v2 hidden service descriptors by default (not only directory mirrors). 
svn:r16961
 2008-09-24 22:33:47 +00:00
Karsten Loesing
9a7098487b If we are not using BEGIN_DIR cells, don't attempt to contact hidden service directories with non-open dir port. 
svn:r16960
 2008-09-24 22:29:22 +00:00
Roger Dingledine
8dfe8194c9 changelog cleanup / rearranging 
svn:r16957
 2008-09-24 17:01:43 +00:00
Nick Mathewson
8bc1536a9e Add patch 4 from Karsten for proposal 121, slightly modified. Karsten should definitely re-review the bits I changed. 
svn:r16955
 2008-09-24 14:44:29 +00:00
Roger Dingledine
f59c13b7a3 fix a bad typo, add a missing word 
svn:r16946
 2008-09-23 21:01:54 +00:00
Nick Mathewson
75977fd79b Patch from roger for 752, but with more comments: When we get an A.B.exit:P address, and B would reject most connections to P, but we do not know whether it would allow A, then allow the connection to procede. Bugfix, amusingly, on 0.0.9rc5. 
svn:r16944
 2008-09-23 20:25:01 +00:00
Nick Mathewson
545b317e1f Fix for bug 797 (by arma, with tweaks): always use create_fast for circuits where we do not know an onion key. 
svn:r16942
 2008-09-23 20:13:23 +00:00
Nick Mathewson
f28fc83ea5 More logging for mtbf/wfu calculations. 
svn:r16941
 2008-09-23 18:24:20 +00:00
Roger Dingledine
29abfab8bf Update to the "September 1 2008" ip-to-country file. 
svn:r16940
 2008-09-23 09:51:05 +00:00
Nick Mathewson
b0c48d8e45 Oops; we need to make sure that DNS request names are matched in the _questions_ section of the replies. Rejecting answers whether the _answers_ section did not match made us reject A records waiting at the end of a CNAME record. Bug 823. 
svn:r16933
 2008-09-22 20:06:25 +00:00
Roger Dingledine
4fd9880540 give rend_client_desc_here a slightly more accurate name 
svn:r16916
 2008-09-16 10:26:15 +00:00
Roger Dingledine
38f2272d5d patch from karsten for bug 814. whew. 
svn:r16915
 2008-09-16 10:17:04 +00:00
Roger Dingledine
dbb481c169 Serve the latest v3 networkstatus consensus via the control 
port. Use "getinfo dir/status-vote/current/consensus" to fetch it.


svn:r16907
 2008-09-14 04:07:29 +00:00
Roger Dingledine
2d95accc75 Allow ports 465 and 587 in the default exit policy again. We had 
rejected them in 0.1.0.15, because back in 2005 they were commonly
misconfigured and ended up as spam targets. We hear they are better
locked down these days.


svn:r16898
 2008-09-13 10:04:42 +00:00
Karsten Loesing
f0a5ef804f Directory mirrors store and serve v2 hidden service descriptors by default. 
svn:r16858
 2008-09-11 20:06:04 +00:00
Roger Dingledine
2f18370821 and here too 
svn:r16835
 2008-09-10 19:08:46 +00:00
Nick Mathewson
1203850350 Coverity says it is okay to acknowledge them. Do so. Their tool is awesome. 
svn:r16820
 2008-09-10 00:06:07 +00:00
Nick Mathewson
f95d7c189b Refactor unit test macros and tor_free_all() logic a bit so as to make it easier to free memory on failing tests, in order to suppress scanner warnings and to make dmalloc() usable with tests. 
svn:r16816
 2008-09-09 20:43:31 +00:00
Roger Dingledine
fa64d8041f minor cleanups on karsten's patch 
svn:r16810
 2008-09-09 09:21:21 +00:00
Roger Dingledine
ef7af1d61e karsten's patch for bug 767. 
svn:r16808
 2008-09-09 08:41:58 +00:00
Roger Dingledine
d37fae2f4e Catch and report a few more bootstrapping failure cases when Tor 
fails to establish a TCP connection. Cleanup on 0.2.1.x.


svn:r16803
 2008-09-09 06:25:39 +00:00
Nick Mathewson
aacda9cd8e We should not alter an addr_policy_t that has been canonicalized. 
svn:r16802
 2008-09-09 03:48:01 +00:00
Roger Dingledine
346ca2d48e forward-port the 0.2.0.31 changelog 
svn:r16800
 2008-09-08 19:50:29 +00:00
Nick Mathewson
67327a863a Fix a variable handling mistake when testing for libevent functions in configure.in. Found by Riastradh. 
svn:r16793
 2008-09-08 01:57:02 +00:00
Nick Mathewson
baeb260ad1 Refactor use of connection_new so that we get more verifiable typesafety. 
svn:r16785
 2008-09-05 22:09:44 +00:00
Nick Mathewson
cd5d0f3890 Add changelog for scanner-based stuff. 
svn:r16784
 2008-09-05 21:21:18 +00:00
Nick Mathewson
fa2f72ded7 An asterisk makes a difference sometimes. Fixes bug 809. 
svn:r16758
 2008-09-04 20:42:02 +00:00
Nick Mathewson
f80ac31d74 Add a lockfile to the Tor data directory to avoid situations where two Tors start with the same datadir, or where a --list-fingerprints races with a server to create keys, or such. 
svn:r16722
 2008-09-01 20:06:26 +00:00
Roger Dingledine
6942bd66ea Fix compile on OpenBSD 4.4-current. Bugfix on 0.2.1.5-alpha. 
Reported by Tas.


svn:r16713
 2008-09-01 08:01:22 +00:00
Roger Dingledine
71968e7af9 further changelog cleanups 
svn:r16707
 2008-08-31 22:30:08 +00:00
Karsten Loesing
4347579085 Changelog entry for implementation of proposal 121. 
svn:r16706
 2008-08-31 22:23:32 +00:00
Peter Palfrader
94c3515092 A short changelog entry for the consensus changes 
svn:r16705
 2008-08-31 22:18:37 +00:00
Roger Dingledine
845a7017bc clean up 0.2.1.5-alpha changelog 
svn:r16704
 2008-08-31 22:08:34 +00:00
Roger Dingledine
cfff21e78a backport candidate: 
If not enough of our entry guards are available so we add a new
one, we might use the new one even if it overlapped with the
current circuit's exit relay (or its family). Anonymity bugfix
pointed out by rovv.


svn:r16698
 2008-08-31 06:33:39 +00:00
Nick Mathewson
80168d80d4 r17853@tombo: nickm | 2008-08-22 12:55:00 -0400 
Oops.  We had been telling people to use --with-ssl-dir, which had not worked since 0.2.0.1-alpha: --with-openssl-dir was the one that worked.  Make them both work, document --with-openssl-dir, and mark --with-ssl-dir as obsolete.  Found by "Dave".


svn:r16625
 2008-08-22 16:55:28 +00:00
Nick Mathewson
fc52d85b7c r17846@tombo: nickm | 2008-08-22 11:54:00 -0400 
Make dns resolver code more robust: handle nameservers with IPv6 addresses, make sure names in replies match requested names, make sure origin address of reply matches the address we asked.


svn:r16621
 2008-08-22 16:24:43 +00:00
Roger Dingledine
8f5642edbc Relays now reject risky extend cells: if the extend cell includes 
a digest of all zeroes, or asks to extend back to the relay that
sent the extend cell, tear down the circuit. Ideas suggested
by rovv.


svn:r16605
 2008-08-20 05:21:43 +00:00
Nick Mathewson
fcf817f897 Switch global_identifier on connections to a 64-bit field and move it to connection_t. When procession onionskins, look up the connection by this field rather than by addr:port. This will keep us from dropping onionskins. How many dropped circuits are dropped because of this bug? 
svn:r16558
 2008-08-15 13:55:01 +00:00
Nick Mathewson
30422b5df1 Rate-limit "too-many-sockets" messages; they can get needlessly verbose. 
svn:r16480
 2008-08-09 15:35:37 +00:00
Nick Mathewson
22259a0877 The first of Karsten's proposal 121 patches: configure and maintain client authorization data. Tweaked a bit: see comments on or-dev. 
svn:r16475
 2008-08-08 14:36:11 +00:00
Nick Mathewson
5ab6fe0051 r17680@tombo: nickm | 2008-08-07 16:06:30 -0400 
Add a missing safe_str for a debug_log_message.  Fix the bad part of bug 674.


svn:r16462
 2008-08-07 20:06:40 +00:00
Nick Mathewson
b81d70addb Oops. On recent linux kernels we were not detecting the linux/netfilter_ipv4.h header properly, since we needed to have in_addr and in6_addr and __u32 defined before trying to include it. Fix that. 
svn:r16460
 2008-08-07 19:39:52 +00:00
Nick Mathewson
635f3c8aee r17664@tombo: nickm | 2008-08-06 12:32:09 -0400 
Patch from Christopher Davis: open /dev/pf before dropping privileges.  Fixes bug 782.  Backport candidate.


svn:r16450
 2008-08-06 16:32:17 +00:00
Nick Mathewson
2905291af2 r17659@tombo: nickm | 2008-08-06 12:22:11 -0400 
Fix bug 794: recover 3 bytes wasted per memory chunk.  Fix from rovv.


svn:r16447
 2008-08-06 16:22:25 +00:00
Roger Dingledine
b79fe6a0db bump to 0.2.1.4-alpha-dev, add a future todo item 
svn:r16440
 2008-08-05 23:33:43 +00:00
Nick Mathewson
960a0f0a99 r17641@31-33-44: nickm | 2008-08-05 16:07:53 -0400 
Initial conversion of uint32_t addr to tor_addr_t addr in connection_t and related types.  Most of the Tor wire formats using these new types are in, but the code to generate and use it is not.  This is a big patch.  Let me know what it breaks for you.


svn:r16435
 2008-08-05 20:08:19 +00:00
Roger Dingledine
d01813a8dd Take out the TestVia config option, since it was a workaround for 
a bug that was fixed in Tor 0.1.1.21.


svn:r16409
 2008-08-05 00:12:05 +00:00
Roger Dingledine
18d3153fbb get closer to a release 
svn:r16408
 2008-08-05 00:00:35 +00:00
Roger Dingledine
d5bb361977 minor fixes 
svn:r16407
 2008-08-04 23:59:38 +00:00
Karsten Loesing
1fe07f66f4 In some edge cases it occurs that the router descriptor of a previously picked introduction point becomes obsolete. In that case, don't stick to using that introduction point, but simply give up on it. Reverts some part of r15825. 
svn:r16404
 2008-08-04 23:35:12 +00:00
Karsten Loesing
f51bf847ab Add changelog entries for r16372 and r16375. 
svn:r16376
 2008-08-03 19:27:19 +00:00
Karsten Loesing
3c9cd463d2 Fix a false assertion when extending a circuit to a relay to which a connection is already established. In that case the circuit should not need to memorize extend info for that relay. circuitbuild.c:389 contains a similar assertion. 
svn:r16375
 2008-08-03 17:45:24 +00:00
Roger Dingledine
fd4a30d198 bump to 0.2.1.3-alpha 
svn:r16369
 2008-08-03 05:35:42 +00:00
Nick Mathewson
1a76cd179a When a struct ends with char a[1], the size of all earlier members of the struct is _not_ sizeof(st)-1; compilers add alignment. Problem spotted by rovv. Backport candidate. 
svn:r16302
 2008-07-31 12:18:14 +00:00
Nick Mathewson
186097906d r17436@tombo: nickm | 2008-07-30 09:03:19 -0400 
Move n_addr, n_port, and n_conn_id_digest fields of circuit_t into a separately allocated extend_info_t.  Saves 22 bytes per connected circuit_t on 32-bit platforms, and makes me more comfortable with using tor_addr_t in place of uint32_t n_addr.


svn:r16257
 2008-07-30 13:04:32 +00:00
Nick Mathewson
ea95ce25b6 r17323@aud-055: nickm | 2008-07-23 17:58:25 +0200 
Implement most of proposal 110.


svn:r16156
 2008-07-23 15:58:38 +00:00
Nick Mathewson
15b2b8bd69 r17309@aud-055: nickm | 2008-07-23 16:05:43 +0200 
Patch from Christian Wilms: remove (HiddenService|Rend)(Exclude)?Nodes options.  They never worked properly, and nobody seems to be using them.  Resolves bug 754.


svn:r16144
 2008-07-23 14:07:32 +00:00
Nick Mathewson
cc46b23248 r17308@aud-055: nickm | 2008-07-23 15:57:41 +0200 
In connection_edge_destroy, send a stream status control event when we have an AP connection.  Previously, we would send an event when the connection was AP and non-AP at the same time.  This didn't work so well.  Patch from Anonymous Remailer (Austria).  Backport candidate.


svn:r16143
 2008-07-23 14:07:26 +00:00