Apparently, the OpenBSD linker thinks it knows C better than I do, and gets to call me names for having strcat and strcpy and sprintf in my code--whether I use them safely or not. All right, OpenBSD. You win... this round.
svn:r9360
Tidy up ORCONN reason patch from Mike Perry. Changes: make some of the handling of TLS error codes less error prone. Enforce house style wrt spaces. Make it compile with --enable-gcc-warnings. Only set or_conn->tls_error in the case of an actual error. Add a changelog entry.
svn:r9355
handshake to finish. Previously we would let them sit around for
days, if the connecting application didn't close them either.
Also take this opportunity to refactor a duplicate bit of circuituse.c.
And change the semantics of SocksTimeout slightly, but I think it'll
be ok.
svn:r9350
Check addresses for rfc953-saneness at exit too, and give a PROTOCOL_WARN when they fail. Also provide a mechanism to override this, so blossom can have its @@##$$^.whatever.exit hostnames if it wants.
svn:r9336
Clear untrusted networkstatuses after 10 days too. (This is not a terribly awful bug, since we would only ever retain 16 of them, but it still might be nice to backport.) Resolves part A of bug 372.
svn:r9324
Implement a control status event for bad libevent version/method combos. Warn that libevent <1.1 with select() is needlessly slow. Reply to comment.
svn:r9284
Fix computation of total_exit_bandwidth; this will cause exits not to get recommended as guards if the total exit bandwidth if they constitute less than a third of total available bandwidth. There may be problems here with flapping; lets see if they occur in practice.
svn:r9281
Re-enable warning when we resolve an already resolved address. We only warn here now if the address is not a testing address. Also, refactor out a function to check whether an address is used for testing.
svn:r9280
Add (and specify) a BadDirectory flag to networkstatuses, so authorities can tell clients that some caches are broken. Also, implement an as-yet-unused function to estimate how many bytes will be sent on a directory connection.
svn:r9255
Close any directory connection on which we have received 10MB or more of data. This prevents a malicious directory cache from running us out of memory by spooling an infinite amount of data. (Not a terribly good attack, but hey, every one helps.)
svn:r9210
Count TLS bytes accurately: previously, we counted only the number of bytes read or transmitted via tls, not the number of extra bytes used to do so. This has been a lonstanding wart. The fix "Works for me".
svn:r9207
If we only have a single nameserver, raise the threshold to decide that the nameserver is dead. (Another fumbling attempt to do something about bug 326.)
svn:r9203
Fix bug 364: check for whether popular hostnames (curently google, yahoo, mit, and slashdot) are getting wildcarded. If they are, we are probably behind a DNS server that is useless: change our exit policy to reject *:*.
svn:r9199
Better handling of internal addresses wrt X-Your-Address-Is (never believe them; never provide them.) Also, report something useful for X-Your-Address-Is with one-hop tunneled connections.
svn:r9191
Patch from Edmanm, slightly modified. Original change list:
- Support running the Tor service with a torrc not in the
same directory as tor.exe (Bug #356) and default to using the torrc
located in the %appdata%\Tor\ of the user who installed the service
- Removed the supposedly misleading error message mentioned in Bug #294
- Fixed some CloseHandle()s that should've been CloseServiceHandle()s
- Fixed some nt_service_foo() return values to be consistent
- Resolved some nt_service_foo() DOCDOCs
- Fixed one trivial typo that I happened to randomly notice
Changes:
- Make more comments into "imperative" house style.
- Remove special handling for "-f"; only use --options.
- Quote all options.
- Clean up whitespace
svn:r9185
Track when we get 503s from directory servers. Do not use directory servers that have given us a 503 until either an hour has passed, or we are are out of non-busy servers.
svn:r9172
Add an orport option to dirserver lines so that clients can tell where to connect to open an encrypted tunnel to a dirserver even before they have its descriptor.
svn:r9171
Fix bug found by Keith Skinner: Treat malformed max-ports in address ranges as an error, and dont ignore errors with min-ports even if a max-port is present.
svn:r9168
Add a maintainer script and a new make target "make check-docs" to get a quick dump of which options are undocumented where, and which documentation refers to nonexistent options.
svn:r9160
schedule. Now the first connect attempt will wait a full 10
seconds before switching to a new circuit. Perhaps this will help
a lot. Based on observations from Mike Perry.
svn:r9159
Resolve bug 363: do not fall back to 127.0.0.1 when no nameservers are configured. Instead, have the admin fix resolv.conf or configure a nameserver.
svn:r9157
Add internal documentation for a bunch of configuration options. We should do something to keep this list, the canonical list, the tor.1 list, and the torrc.complete list in sync.
svn:r9133
Add a LastRotatedOnionKey variable to the state file, so we can rotate onion keys a week after they change even if we never stay up for a whole week at a time. Should fix bug 368.
svn:r9120
Resolve bug 369: Check for integer underflow when printing "bytes left" accounting numbers. Also fix a copyright date that I noticed while reading the bug. Also make a buffer big enough that strings will not get truncated. All are backport candidates.
svn:r9115
Fix a longstanding bug in eventdns related to timeouts: The timeout count was never actually reset to 0. Argh. Now we reset it to zero after we get a successful request, or after we notice that a nameserver is back up, or after we decide the nameserver is down because of timeouts. This may fix bug 326.
svn:r9054
Round stored/transmitted values for bandwidth usage. This might make some attacks work less well. This might well be voodoo, but it gives me a warm fuzzy feeling.
svn:r9048
Revise logic used to flush state to disk. Now, we try to batch non-urgent changes so that we do not do too many writes, and we save very-non-urgent changes every once in a rare while, and we never save more than once per second.
svn:r9047
Make bandwidth accounting information get stored to the state file as well as bw_accounting. Read from the state file if it is more recent than bw_accounting, or if bw_accounting is not there.
svn:r9044
Change logging format of state file to only include non-default values. Adjust clients to never store bandwidth history in the state file. (Possible backport candidate.)
svn:r9043
Fix bug 338: log verbose nicknames, not just keys, for intro points. Also, suppress intro point name logging when SafeLogging is 1. (The security part is a possible backport candidate.)
svn:r9041
Oops, forgot ChangeLog on last commit. The commit was: Fix a couple of obvious bugs in tor_mmap_file on Windows: first, fix a boolean error when checking the return value of CreateFileMapping. Second, CreateFileMapping is documented to return NULL on failure.
svn:r9036
Fix router_new_address_suggestion() so it only changes last_guessed_ip() when it actually calls resolve_my_address(). (bug found by dev-girl)
svn:r8996
Tweaks to test-connection patch: use ".noconnect" instead of ".test" (since there are lots of ways to test things). Use a regular sequence of STREAM events (NEW followed by CLOSED) instead of a new event type. Make the function that checks the address be static and use const and strcasecmpend properly.
svn:r8959
Add support for (Free?)BSD's natd, which was an old way to let you
have your firewall automatically redirect traffic. (Original patch
from Zajcev Evgeny, updated for 0.1.2.x by tup.)
svn:r8946