nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-09-22 14:04:58 +02:00
Code Issues Packages Projects Releases Wiki Activity
14,960 Commits 53 Branches 629 Tags 108 MiB
aae570b493
Commit Graph

10349 Commits

Author SHA1 Message Date
Roger Dingledine
ff0059b924 bump to 0.2.3.12-alpha 2012-02-13 00:55:03 -05:00
Nick Mathewson
c08dde7e28 Reinstate TOR_PR_EXTENDED_SERVER_PORT, just a little 2012-02-13 00:13:58 -05:00
Sebastian Hahn
93414707ae set_managed_proxy_environment() can't fail anymore 
It already couldn't fail on Windows, now it can't fail on non-Windows,
either.
 2012-02-12 23:39:58 -05:00
Sebastian Hahn
9857ef0fb5 Properly set up environment for managed-mode obfsproxy 2012-02-12 23:39:58 -05:00
Nick Mathewson
60b42d68f3 Try to have (and maintain!) an invariant about unconfigured_proxies_n 
The invariant is: unconfigured_proxies_n is exactly the number of
managed_proxy_t not in state PT_PROTO_COMPLETED.

To maintain this, we need to stop overloading unconfigured_proxies_n
to also count managed_proxy_t items that are in PT_PROTO_COMPLETED but
which might need relaunching.  To make it so we can detect those, we
introduce another variable.

This commit also adds a function to assert that we haven't broken the
invariant.

Fix for bug 5084; bugfix on 0.2.3.6-alpha, I think.
 2012-02-12 23:30:19 -05:00
Nick Mathewson
fff511a5e7 Don't smartlist_remove a managed proxy from a list we're iterating over. 
In some cases, we solve this by doing a SMARTLIST_DEL_CURRENT before
calling managed_proxy_destroy.  But for a trickier one, we just make a
copy of the list before iterating over it, so that changes to the
manage proxy list don't hurt our iteration.

This could be related to bug 5084.
 2012-02-12 23:30:18 -05:00
Sebastian Hahn
d7d6da28d4 Fix a check-spaces complaint 2012-02-12 23:29:22 -05:00
Nick Mathewson
4aa0aa0300 Merge remote-tracking branch 'origin/maint-0.2.2' 
Conflicts:
	src/common/Makefile.am
	src/or/Makefile.am
 2012-02-12 23:27:31 -05:00
Nick Mathewson
61452299d1 Unpack a smartlist_foreach and add an assert: try to hunt #5102 2012-02-12 19:42:35 -05:00
Robert Ransom
93dbc17a1a Fix #5097 on Windows, too 2012-02-12 19:13:17 -05:00
Robert Ransom
0e9663d439 Fix bug #5097: remove bogus envvar from managed proxies' environment 2012-02-12 19:12:51 -05:00
Sebastian Hahn
8ce6722d76 Properly protect paths to sed, sha1sum, openssl 
in Makefile.am, we used it without quoting it, causing build failure if
your openssl/sed/sha1sum happened to live in a directory with a space in
it (very common on windows)
 2012-02-10 20:12:03 +01:00
Nick Mathewson
64523609c9 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-02-10 12:03:46 -05:00
Nick Mathewson
c8b855082b Downgrade "missing a certificate" from notice to info 
It was apparently getting mistaken for a problem, even though it was
at notice.

Fixes 5067; fix on 0.2.0.10-alpha.
 2012-02-10 12:01:56 -05:00
Nick Mathewson
8855b2a90c Merge remote-tracking branch 'origin/maint-0.2.2' 
Conflicts:
	src/common/tortls.c

Conflict on comment near use of the new OPENSSL_V macro
 2012-02-10 10:56:37 -05:00
Nick Mathewson
2da0efb547 Use correct CVE number for CVE-2011-4576. Found by fermenthor. bug 5066 2012-02-10 10:55:39 -05:00
Roger Dingledine
ef0bc7f8f2 Merge branch 'maint-0.2.2' 2012-02-09 04:21:20 -05:00
Roger Dingledine
a70ff4b2cb Merge branch 'maint-0.2.1' into maint-0.2.2 2012-02-09 04:21:08 -05:00
Roger Dingledine
6c3cffe450 revert the revert in master, since I didn't want to revert it there 2012-02-09 04:03:36 -05:00
Roger Dingledine
929ebde2b9 Merge branch 'maint-0.2.2' 2012-02-09 04:02:18 -05:00
Roger Dingledine
85c539009a Revert "add a "docs" to the manual URI as listed in torrc.sample.in" 
This reverts commit 55e8cae815.

The conversation from irc:
> weasel: i had intended to leave torrc.sample.in alone in maint-0.2.2,
since i don't want to make all your stable users have to deal with
a torrc change. but nickm changed it. is it in fact the case that a
change in that file means a change in the deb?
<weasel> it means you'll prompt every single user who ever touched
their torrc
<weasel> and they will be asked if they like your new version better
than what they have right now
<weasel> so it's not great

Instead I changed the website to redirect requests for the tor-manual
URL listed in maint-0.2.2's torrc.sample.in so the link will still work.
 2012-02-09 03:57:04 -05:00
Karsten Loesing
4180624a7d Update to the February 2012 GeoIP database. 2012-02-09 09:16:24 +01:00
Nick Mathewson
55e8cae815 add a "docs" to the manual URI as listed in torrc.sample.in 2012-02-08 10:52:05 -05:00
Sebastian Hahn
332e96d109 Fix fencepost error with HearbeatPeriod option 
We'd only log every HeartbeatPeriod + 1 seconds. Discovered by Scott
Bennett, reported as bug 4942.
 2012-02-08 04:44:15 -05:00
Roger Dingledine
9bcf315e9b Update sample torrc file for 0.2.3.x 
Fix broken URLs.

Tell readers about the OutboundBindAddress, ExitPolicyRejectPrivate,
and PublishServerDescriptor options.
 2012-02-08 04:40:26 -05:00
Nick Mathewson
dd68d596cd Set IPV6_V6ONLY on listener sockets bound to IPv6 addresses. 
If we don't do this, [::] can be interpreted to mean all v4 and all
v6 addresses.  Found by dcf.  Fixes bug 4760.  See RFC 3493 section
5.3 for more info.
 2012-01-31 16:09:49 -05:00
Nick Mathewson
79a80c88ee Fix straggling MS_WINDOWS issues; add a changes file 
There was one MS_WINDOWS that remained because it wasn't on a macro
line; a few remaining uses (and the definition!) in configure.in;
and a now-nonsensical stanza of eventdns_tor.h that previously
defined 'WIN32' if it didn't exist.
 2012-01-31 15:48:47 -05:00
Nick Mathewson
5cf9167f91 Use the standard _WIN32, not the Torism MS_WINDOWS or deprecated WIN32 
This commit is completely mechanical; I used this perl script to make it:

 #!/usr/bin/perl -w -i.bak -p

 if (/^\s*\#/) {
     s/MS_WINDOWS/_WIN32/g;
     s/\bWIN32\b/_WIN32/g;
 }
 2012-01-31 15:48:47 -05:00
Nick Mathewson
2305454327 Merge remote-tracking branch 'arma/bug4013' 2012-01-31 11:25:29 -05:00
Nick Mathewson
48424772aa Actually enable the windows absolute-path code 
Checking for "WINDOWS" is wrong; our magic macro is MS_WINDOWS

Fixes bug 4973; bugfix on 0.2.3.11-alpha.
 2012-01-31 10:42:41 -05:00
Roger Dingledine
b1ee1927b1 if we ever have an old bridge, never again use microdescs 
should reduce the risk of oscillation if our 0.2.2 bridge comes and goes
 2012-01-27 17:22:31 -05:00
Roger Dingledine
a0f0897795 Allow 0.2.3.x clients to use 0.2.2.x bridges. 
Previously the client would ask the bridge for microdescriptors, which are
only supported in 0.2.3.x and later, and then fail to bootstrap when it
didn't get the answers it wanted. Fixes bug 4013; bugfix on 0.2.3.2-alpha.

The fix here is to revert to using normal descriptors if any of our
bridges are known to not support microdescs. This is not ideal, a) because
we'll start downloading a microdesc consensus as soon as we get a bridge
descriptor, and that will waste time if we later get a bridge descriptor
that tells us we don't like microdescriptors; and b) by changing our mind
we're leaking to our other bridges that we have an old-version bridge.

The alternate fix would have been to change
we_use_microdescriptors_for_circuits() to ask if *any* of our bridges
can support microdescriptors, and then change the directory logic that
picks a bridge to only select from those that do. For people living in
the future, where 0.2.2.x is obsolete, there won't be a difference.

Note that in either of these potential fixes, we have risk of oscillation
if our one funny-looking bridges goes away / comes back.
 2012-01-25 18:54:59 -05:00
Roger Dingledine
247a21379a set SO_REUSEADDR before we bind, not after 
resolves bug 4950 (fixes a bug on commit aba7bb705a from #2850)
 2012-01-23 15:54:02 -05:00
Roger Dingledine
0cf873a083 bump to 0.2.3.11-alpha-dev 2012-01-23 02:34:01 -05:00
Sebastian Hahn
9ce9836f85 Use !SOCKET_OK to test if a socket is uninitialized 
This fixes a compile warning on Windows. Fixes bug 4946, not in any
released version.
 2012-01-23 02:07:03 +01:00
Roger Dingledine
2de0eeaa72 update comment to reflect our TOR_INVALID_SOCKET convention 2012-01-22 19:39:29 -05:00
Roger Dingledine
1543d1bd31 bump to 0.2.3.11-alpha 2012-01-22 02:52:38 -05:00
Nick Mathewson
26e789fbfd Rename nonconformant identifiers. 
Fixes bug 4893.

These changes are pure mechanical, and were generated with this
perl script:

  /usr/bin/perl -w -i.bak -p

  s/crypto_pk_env_t/crypto_pk_t/g;
  s/crypto_dh_env_t/crypto_dh_t/g;
  s/crypto_cipher_env_t/crypto_cipher_t/g;
  s/crypto_digest_env_t/crypto_digest_t/g;

  s/aes_free_cipher/aes_cipher_free/g;
  s/crypto_free_cipher_env/crypto_cipher_free/g;
  s/crypto_free_digest_env/crypto_digest_free/g;
  s/crypto_free_pk_env/crypto_pk_free/g;

  s/_crypto_dh_env_get_dh/_crypto_dh_get_dh/g;
  s/_crypto_new_pk_env_rsa/_crypto_new_pk_from_rsa/g;
  s/_crypto_pk_env_get_evp_pkey/_crypto_pk_get_evp_pkey/g;
  s/_crypto_pk_env_get_rsa/_crypto_pk_get_rsa/g;

  s/crypto_new_cipher_env/crypto_cipher_new/g;
  s/crypto_new_digest_env/crypto_digest_new/g;
  s/crypto_new_digest256_env/crypto_digest256_new/g;
  s/crypto_new_pk_env/crypto_pk_new/g;

  s/crypto_create_crypto_env/crypto_cipher_new/g;

  s/connection_create_listener/connection_listener_new/g;
  s/smartlist_create/smartlist_new/g;
  s/transport_create/transport_new/g;
 2012-01-18 15:53:30 -05:00
Nick Mathewson
d1b40cf2e7 Merge remote-tracking branch 'public/bug4533_part1' 
Conflicts:
	src/common/compat.h
 2012-01-18 15:33:04 -05:00
Nick Mathewson
1772782e42 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-01-18 15:29:41 -05:00
Nick Mathewson
ee717f35c4 Use tor_socket_t, not unsigned, in tor-fw-helper-natmp.c 2012-01-18 13:14:44 -05:00
Nick Mathewson
dd4b1a2ac6 Fix SOCKET_OK test on win64. 
Bugfix on 0.2.2.29-beta; partial fix for 4533; found by wanoskarnet
 2012-01-18 10:48:29 -05:00
Nick Mathewson
dea0720dad Warn if sizeof(tor_socket_t) != sizeof(SOCKET) 2012-01-17 16:38:47 -05:00
Nick Mathewson
6e8c2a3e46 Use SOCKET_OK macros in even more places 
Add a TOR_INVALID_SOCKET macro to wrap -1/INVALID_SOCKET.

Partial work for bug4533.
 2012-01-17 16:35:07 -05:00
Roger Dingledine
1e923dd2fb fix crash bug in original feature4207 branch 
PLURAL() assumes that the plural is the canonical name for the option,
so now it is.
 2012-01-16 21:20:46 -05:00
Nick Mathewson
47aa491f9f Merge remote-tracking branch 'asn-mytor/bug4751' 2012-01-16 15:16:41 -05:00
Nick Mathewson
875a54dad3 Merge remote-tracking branch 'public/bug3325' 2012-01-16 15:10:38 -05:00
Nick Mathewson
5579bc0eaf whitespace fixes 2012-01-16 15:07:47 -05:00
Nick Mathewson
9c29369a04 Convert instances of tor_malloc+tor_snprintf into tor_asprintf 
These were found by looking for tor_snprintf() instances that were
preceeded closely by tor_malloc(), though I probably converted some
more snprintfs as well.

(In every case, make sure that the length variable (if any) is
removed, renamed, or lowered, so that anything else that might have
assumed a longer buffer doesn't exist.)
 2012-01-16 15:03:44 -05:00
Nick Mathewson
cc02823d7f Convert instances of tor_snprintf+strdup into tor_asprintf 
These were found by looking for tor_snprintf() instances that were
followed closely by tor_strdup(), though I probably converted some
other snprintfs as well.
 2012-01-16 15:03:13 -05:00
Nick Mathewson
edcc9981d8 Try to use smartlist_add_asprintf consistently 
(To ensure correctness, in every case, make sure that the temporary
variable is deleted, renamed, or lowered in scope, so we can't have
any bugs related to accidentally relying on the no-longer-filled
variable.)
 2012-01-16 15:02:51 -05:00
Nick Mathewson
9c6d913b9e Rename smartlist_{v,}asprintf_add to smartlist_add_{v,}asprintf 2012-01-16 15:01:54 -05:00
Sebastian Hahn
88698993a9 check-spaces fix 2012-01-16 14:50:13 -05:00
Nick Mathewson
125fba2e99 Provide consensus params to constrain the threshold for Fast 
resolves ticket 3946
 2012-01-16 14:50:13 -05:00
Nick Mathewson
1810db9bb3 Comment fixups on 4207 suggested by arma 2012-01-16 14:45:12 -05:00
Nick Mathewson
938531773a Allow authorities to baddir/badexit/invalid/reject nodes by cc 
Implements ticket #4207
 2012-01-13 12:28:47 -05:00
George Kadianakis
39850f03f6 Improve names of some pluggable transport-related functions. 2012-01-13 16:44:30 +02:00
Robert Ransom
fbd243a165 Don't crash when HS circs which have not yet found an OR conn time out 
Fixes bug #4897, not yet in any release.

Using n_circ_id alone here (and below, when n_conn is NULL) really sucks,
but that's a separate bug which will need a changes/ file.
 2012-01-12 19:21:39 -08:00
Nick Mathewson
2cddd1d69f Move logging of bad hostnames into parse_extended_hostname 
This fixes bug 3325, where a bad .exit would get logged as a bad .onion
 2012-01-11 15:56:14 -05:00
Nick Mathewson
411cf8f714 Make openssl 0.9.8l log message accurate 
fixes 4837
 2012-01-11 15:41:46 -05:00
Nick Mathewson
b8675e5fe3 Do not pretend to allow PADDING as the first cell of a v3 handshake 2012-01-11 12:34:28 -05:00
Nick Mathewson
f54a10caa6 Merge branch 'prop187_squashed' 2012-01-11 12:27:14 -05:00
Nick Mathewson
fa83397ecd Fix a missing iso_time_nospace_usec 
Apparently I missed a case when converting sec,usec to
yyyy-mm-ddThh:mm:ss.uuuuuu .
 2012-01-11 12:23:43 -05:00
Nick Mathewson
f729e1e984 Merge branch 'feature3457-v4-nm-squashed' 
Conflicts:
	src/or/rendclient.c
 2012-01-11 12:10:14 -05:00
Nick Mathewson
b5af456685 Use spaceless ISO8601 time format, not sec,usec. 2012-01-11 12:08:01 -05:00
Nick Mathewson
3826e058ac Implement proposal 187: reserve a cell type for client authorization 
This needs a changes file and more testing.
 2012-01-11 11:10:18 -05:00
Nick Mathewson
ce703bd53e defensive programming to catch duplicate calls to connection_init_or_handshake_state 2012-01-11 11:10:17 -05:00
Nick Mathewson
f371816209 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-01-11 11:07:37 -05:00
Nick Mathewson
0126150c2d Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2012-01-11 11:07:13 -05:00
Nick Mathewson
8d5c0e58ea Fix a compilation warning for our bug4822 fix on 64-bit linux 2012-01-11 11:06:31 -05:00
Nick Mathewson
c5b58df775 Add clarity/typesafety wrappers for control_event_circuit_status_minor 2012-01-11 10:28:20 -05:00
Nick Mathewson
0e911abf27 Rename CIRC2 to CIRC_MINOR 
Also give the arguments to control_event_circuit_status_minor real
names.
 2012-01-11 10:19:24 -05:00
Nick Mathewson
fe4811471d Chop out the intro point calculation until it is simple enough for nickm to grok 2012-01-10 19:20:00 -05:00
Robert Ransom
31d6350737 Use my original formula for number of replacements for an intro point 
A fixup commit which was intended to make this formula easier to read
broke it instead.
 2012-01-10 19:20:00 -05:00
Nick Mathewson
5e9d349979 Merge remote-tracking branch 'public/bug4650_nm_squashed' 2012-01-10 17:59:49 -05:00
Nick Mathewson
73d4dbe103 whitespace and warning fixes for bug4746 2012-01-10 16:53:37 -05:00
Nick Mathewson
7fbf1e225e Merge remote-tracking branch 'asn-mytor/bug4746' 2012-01-10 16:44:03 -05:00
Nick Mathewson
8d74fba651 Merge branch 'absolute_cookie_file' 2012-01-10 15:00:02 -05:00
Nick Mathewson
dca3c9fff8 Add missing documentation for counter-mode checks 2012-01-10 11:15:46 -05:00
Nick Mathewson
cc5c14b732 Clean up indentation in aes.c 2012-01-10 11:15:42 -05:00
Nick Mathewson
d29a390733 Test for broken counter-mode at runtime 
To solve bug 4779, we want to avoid OpenSSL 1.0.0's counter mode.
But Fedora (and maybe others) lie about the actual OpenSSL version,
so we can't trust the header to tell us if it's safe.

Instead, let's do a run-time test to see whether it's safe, and if
not, use our built-in version.

fermenthor contributed a pretty essential fixup to this patch. Thanks!
 2012-01-10 11:15:35 -05:00
Nick Mathewson
5741aef3dc We no longer need to detect openssl without RAND_poll() 
We require openssl 0.9.7 or later, and RAND_poll() was first added in
openssl 0.9.6.
 2012-01-10 10:40:31 -05:00
Nick Mathewson
85c7d7659e Add macros to construct openssl version numbers 
It's a pain to convert 0x0090813f to and from 0.9.8s-release on the
fly, so these macros should help.
 2012-01-10 10:40:30 -05:00
Sebastian Hahn
6b9298ef72 Log which votes we still need to fetch 
This might help us see which authorities are problematic in getting
their vote published the first time.
 2012-01-10 16:13:30 +01:00
Sebastian Hahn
50a50392b7 Advertise dirport if accountingmax is large enough 
When we have an effective bandwidthrate configured so that we cannot
exceed our bandwidth limit in one accounting interval, don't disable
advertising the dirport. Implements ticket 2434.
 2012-01-10 09:59:36 -05:00
Nick Mathewson
2a9b279163 Merge remote-tracking branch 'rransom-tor/bug4883' 2012-01-10 09:33:55 -05:00
Robert Ransom
72ed4a41f5 Fix brown-paper-bag bug in #4759 fix 
Fixes #4883, not yet in any release.
 2012-01-09 22:03:04 -08:00
Sebastian Hahn
2367f7e559 Make sure MAX_DNS_LABEL_SIZE is defined 
MAX_DNS_LABEL_SIZE was only defined for old versions of openssl, which
broke the build. Spotted by xiando. Fixes bug 4413; not in any released
version.
 2012-01-10 06:14:35 +01:00
Nick Mathewson
b1ee1a719d Tweaks for bug4413 fix 
The thing that's limited to 63 bytes is a "label", not a hostname.

Docment input constraints and behavior on bogus inputs.

Generally it's better to check for overflow-like conditions before
than after.  In this case, it's not a true overflow, so we're okay,
but let's be consistent.

pedantic less->fewer in the documentation
 2012-01-09 19:14:51 -05:00
Stephen Palmateer
3fadc074ca Remove (untriggerable) overflow in crypto_random_hostname() 
Fixes bug 4413; bugfix on xxxx.

Hostname components cannot be larger than 63 characters.
This simple check makes certain randlen cannot overflow rand_bytes_len.
 2012-01-09 19:05:05 -05:00
Nick Mathewson
1e5d66997b Merge remote-tracking branch 'origin/maint-0.2.2' 2012-01-09 16:40:42 -05:00
Nick Mathewson
c78a314e95 Fix comment about TLSv1_method() per comments by wanoskarnet 2012-01-09 16:40:21 -05:00
Nick Mathewson
4e14ce4dba Report cookie file location as absolute in protocolinfo message 2012-01-09 13:20:48 -05:00
Nick Mathewson
838ec086be Merge remote-tracking branch 'origin/maint-0.2.2' 2012-01-09 12:22:29 -05:00
Nick Mathewson
6fd61cf767 Fix a trivial log message error in renservice.c 
Fixes bug 4856; bugfix on 0.0.6

This bug was introduced in 79fc5217, back in 2004.
 2012-01-09 12:21:04 -05:00
Nick Mathewson
d4de312b3c Merge remote-tracking branch 'rransom-tor/bug4842' 2012-01-09 11:59:08 -05:00
Roger Dingledine
ecdea4eeaf Merge branch 'maint-0.2.2' 2012-01-08 12:17:16 -05:00
Roger Dingledine
cc1580dbe0 when the consensus fails, list which dir auths were in or out 2012-01-08 12:14:44 -05:00
Roger Dingledine
04bf17c50c nickname, not identity fingerprint, will help more 2012-01-08 12:09:01 -05:00
Roger Dingledine
78e95b7b71 tell me who votes are actually for, not just where they're from 2012-01-08 10:03:46 -05:00
Roger Dingledine
1416dd47a9 add a note from wanoskarnet 
he disagrees about what the code that we decided not to use would do
 2012-01-08 09:03:03 -05:00
Roger Dingledine
19c372daf0 clean up a comment that confused arturo 2012-01-07 07:41:46 -05:00
Robert Ransom
b46a7ebb2b Don't remove rend cpath element from relaunched service-side rend circs 
Fixes bug 4842, not in any release.
 2012-01-06 22:44:20 -08:00
Emile Snyder
d7eaa4b396 Change to use SSL_state_string_long() instead of homebrew ssl_state_to_string() function. 2012-01-06 05:31:34 -08:00
Nick Mathewson
ef69f2f2ab Merge remote-tracking branch 'origin/maint-0.2.2' 2012-01-05 14:17:44 -05:00
Nick Mathewson
ccd8289958 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2012-01-05 14:16:30 -05:00
Robert Ransom
4752b34879 Log at info level when disabling SSLv3 2012-01-05 12:28:56 -05:00
Nick Mathewson
db78fe4589 Disable SSLv3 when using a not-up-to-date openssl 
This is to address bug 4822, and CVE-2011-4576.
 2012-01-05 12:28:55 -05:00
Roger Dingledine
9bfb8af265 Merge branch 'maint-0.2.2' 2012-01-05 06:55:34 -05:00
Roger Dingledine
a1074c7aa2 Merge branch 'maint-0.2.1' into maint-0.2.2 2012-01-05 06:45:28 -05:00
Roger Dingledine
ff03347579 note some dead code. if i'm right, should this be removed? 2012-01-05 05:37:06 -05:00
Karsten Loesing
1db1b23a7b Update to the January 2012 GeoIP database. 2012-01-05 11:10:57 +01:00
Sebastian Hahn
98959f63ac Disallow disabling DisableDebuggerAttachment on runnning Tor 
Also, have tor_disable_debugger_attach() return a tristate of
success/failure/don't-know-how , and only log appropriately.
 2012-01-04 15:09:02 -05:00
Nick Mathewson
65420e4cb5 Merge remote-tracking branch 'rransom-tor/bug1297b-v2' 2012-01-04 13:50:24 -05:00
Robert Ransom
0bd53b8d87 Verbotify documentation comments for the #1297-fix flags 2012-01-04 09:37:49 -08:00
Nick Mathewson
47b7a27929 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-01-03 13:22:34 -05:00
Sebastian Hahn
5d9be49540 Fix a check-spaces violation in compat.c 
Also fix a comment typo
 2011-12-30 23:30:57 +01:00
Sebastian Hahn
d861b4cc9d Fix spelling in a controlsocket log msg 
Fixes bug 4803.
 2011-12-30 23:27:02 +01:00
Nick Mathewson
bfae41328e Merge remote-tracking branch 'origin/maint-0.2.2' 2011-12-28 16:52:31 -05:00
Nick Mathewson
84bf8e3808 Merge remote-tracking branch 'public/bug4788' into maint-0.2.2 2011-12-28 16:50:45 -05:00
Nick Mathewson
9f06ec0c13 Add interface enumeration based on SIOCGIFCONF for older unixes 2011-12-28 16:34:16 -05:00
Nick Mathewson
5d44a6b334 Multicast addresses, if any were configured, would not be good if addrs 2011-12-28 16:34:16 -05:00
Nick Mathewson
aa529f6c32 Use getifaddrs, not connect+getsockname, to find our address 
This resolves bug1827, and lets us avoid freaking people out.
Later, we can use it to get a complete list of our interfaces.
 2011-12-28 16:34:16 -05:00
Nick Mathewson
e3a6493898 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-12-28 15:57:48 -05:00
Nick Mathewson
c563551eef Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-12-28 15:56:37 -05:00
Nick Mathewson
120a745346 Bug 4786 fix: don't convert EARLY to RELAY on v1 connections 
We used to do this as a workaround for older Tors, but now it's never
the correct thing to do (especially since anything that didn't
understand RELAY_EARLY is now deprecated hard).
 2011-12-28 15:54:06 -05:00
Robert Ransom
2b189a222b Don't exit when marking a newly created _C_INTRODUCING circ for close 2011-12-28 09:02:14 -08:00
Nick Mathewson
9bcb187387 Authorities reject insecure Tors. 
This patch should make us reject every Tor that was vulnerable to
CVE-2011-0427.  Additionally, it makes us reject every Tor that couldn't
handle RELAY_EARLY cells, which helps with proposal 110 (#4339).
 2011-12-27 21:47:04 -05:00
Nick Mathewson
78f43c5d03 Require openssl 1.0.0a for using openssl's ctr-mode implementation 
Previously we required 1.0.0, but there was a bug in the 1.0.0 counter
mode. Found by Pascal. Fixes bug 4779.

A more elegant solution would be good here if somebody has time to code
one.
 2011-12-27 20:31:23 -05:00
Robert Ransom
836161c560 Add an option to close HS service-side rend circs on timeout 2011-12-27 08:02:43 -08:00
Robert Ransom
f88c8ca8c9 Don't close HS service-side rend circs on timeout 2011-12-27 08:02:43 -08:00
Robert Ransom
078e3e9dd5 Add an option to close 'almost-connected' HS client circs on timeout 2011-12-27 08:02:43 -08:00
Robert Ransom
4b13c33c0c Don't close HS client circs which are 'almost connected' on timeout 2011-12-27 08:02:42 -08:00
Nick Mathewson
334a0513de Downgrade relay_early-related warning 2011-12-26 18:11:41 -05:00
Nick Mathewson
85d7811456 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-12-26 17:58:51 -05:00
Roger Dingledine
3aade2fab7 Merge remote-tracking branch 'nickm/prop110_v2' 2011-12-25 17:43:09 -05:00
Sebastian Hahn
da876aec63 Provide correct timeradd/timersup replacements 
Bug caught and patch provided by Vektor. Fixes bug 4778.t
 2011-12-25 23:19:08 +01:00
Robert Ransom
4c3a23b283 Look up the rend circ whose INTRODUCE1 is being ACKed correctly 
This change cannibalizes circuit_get_by_rend_query_and_purpose because it
had exactly one caller.
 2011-12-22 23:46:09 -08:00
Nick Mathewson
7cb804343b Merge remote-tracking branch 'rransom/feature2411-v4' 2011-12-22 10:51:39 -05:00
Nick Mathewson
782b7f49d8 Fix bug2571: warn on EntryNodes set and UseEntryGuards disabled 2011-12-22 10:31:52 -05:00
Kamran Riaz Khan
a1c1fc72d1 Prepend cwd for relative config file paths. 
Modifies filenames which do not start with '/' or '.' on non-Windows
platforms; uses _fullpath on Windows.
 2011-12-22 10:17:48 -05:00
Nick Mathewson
2710a96ba4 Allow prop110 violations if AllowNonearlyExtend is set in consensus 2011-12-22 10:12:49 -05:00
Nick Mathewson
847541ce5d Log what fraction of EXTEND cells have died for being non-early 2011-12-22 09:51:59 -05:00
Nick Mathewson
0187bd8728 Implement the last of proposal 110 
Reject all EXTEND requests not received in a relay_early cell
 2011-12-22 09:51:59 -05:00
Robert Ransom
66f77561c0 Mark each intro circ with the rend cookie sent in its INTRODUCE1 cell 
Needed by fix for #4759.
 2011-12-22 06:45:45 -08:00
Nick Mathewson
878a684386 Merge remote-tracking branch 'public/bug4697' 2011-12-22 09:45:26 -05:00
Nick Mathewson
8cdeaedf86 Convert a couple of char[256]s into sockaddr_storage 2011-12-21 11:23:13 -05:00
Nick Mathewson
f75660958c Merge remote-tracking branch 'origin/maint-0.2.2' 2011-12-21 11:20:56 -05:00
Nick Mathewson
b5e6bbc01d Do not even try to keep going on a socket with socklen==0 
Back in #1240, r1eo linked to information about how this could happen
with older Linux kernels in response to nmap.  Bugs #4545 and #4547
are about how our approach to trying to deal with this condition was
broken and stupid.  Thanks to wanoskarnet for reminding us about #1240.

This is a fix for the abovementioned bugs, and is a bugfix on
0.1.0.3-rc.
 2011-12-21 11:19:41 -05:00
Nick Mathewson
14127f226d Merge remote-tracking branch 'asn-mytor/bug4531' 2011-12-20 14:40:16 -05:00