Add a LastRotatedOnionKey variable to the state file, so we can rotate onion keys a week after they change even if we never stay up for a whole week at a time. Should fix bug 368.
svn:r9120
New socks command CONNECT_DIR. New config option TunnelDirConns that
builds a circ ending at the directory server and delivers a BEGIN_DIR
cell if it's running 0.1.2.2-alpha or later. We still need to make
one-hop circs when appropriate, while making other conns avoid them.
svn:r9098
intended. this way we don't call resolve-my-address, which
yells and screams if we're using an internal address (mere
clients should not have to care).
svn:r8998
Fix router_new_address_suggestion() so it only changes last_guessed_ip() when it actually calls resolve_my_address(). (bug found by dev-girl)
svn:r8996
Win32 patch from Matt Edman: fix compilation bugs by casting to int; defining SSIZE_T; defining USE_TWOS_COMPLEMENT in windows orconfig.h; and using the proper names for win32 functions on GetProcAddress. Also fixes bug 295.
svn:r8669
The otherwise regrettable MIPSpro C compiler warns about values set but never used, and about mixing enums and ints; these are good warnings, and so should be fixed. This removes some dead code and some potential bugs. Thanks to pnx.
svn:r8664
Partial implementation of revised nickname syntax for controllers. Implement ability to look up routers by "verbose" nicknames; add a per-v1-control-connection flag to turn the feature on in events. Needs testing, spec, ability to actually turn on the flag, double-checking that we wont overflow any nickname buffers, and changelog.
svn:r8582
hidden service authorities too.
- Just because your DirPort is open doesn't mean people should be
able to remotely teach you about hidden service descriptors. Now
only accept rendezvous posts if you've got HSAuthoritativeDir set.
svn:r8573
Make "is a v1 authority", "is a v2 authority", and "is a hidden service authority" into separate flags so we can eventually migrate more trust away from moria.
svn:r8523
(we avoid simply by not doing any new tests when we change IPs --
it looks like we retain our previous bandwidth estimates, so there's
no need to do new exercise. though in some cases new exercises may
still be useful. one day we'll do something smarter.)
svn:r8402
Refactor dirserv_parse_fingerprint_file(fname) into dirserv_load_fingerprint_file():
There is not need to put together the path to the approved-routers file in more than one place.
svn:r8386
Refactor connection_t into edge, or, dir, control, and base subtypes. This might save some RAM on busy exit servers, but really matters most in terms of correctness.
svn:r6906
to be reachable. This will help reduce the number of descriptors
we have for ourselves floating around, since it's quite likely
other things (e.g. DirPort) will change during that minute too.
svn:r6786
by asking the directory authorities. This code only kicks in when you
would normally have exited with a "no address" error.
This design is flawed, though, since the X-Your-Address-Is header is not
authenticated, and doing it this way introduces too many new attacks. The
right answer is to give IP address hints inside the HELLO cell; much of
this code can be reused when we switch.
svn:r6774
try to rebuild long-term connections to directory authorities, and
directory authorities no longer try to rebuild long-term connections to
all servers.
We still don't hang up connections in these two cases though -- we need
to look at it more carefully to avoid flapping, and we likely need to
wait til 0.1.1.x is obsolete.
svn:r6712