Commit Graph

167 Commits

Author SHA1 Message Date
Nick Mathewson
7709547c08 When we connect and finish TLS negotiation with address:port, it is obvious that any other key or nickname we might know about (as an authdirserver) does not actually exist at address:port.
svn:r4036
2005-04-06 21:09:47 +00:00
Roger Dingledine
8596947ee2 quiet another instance where we whine to an innocent OR operator's
logs when some other server switches keys unexpectedly.


svn:r4032
2005-04-06 18:55:14 +00:00
Roger Dingledine
94cecc712d note some features we intend to add.
svn:r4021
2005-04-06 05:35:06 +00:00
Roger Dingledine
f860b490be When we're connecting to an OR and he's got a different nickname/key
than we were expecting, only complain loudly if we're an OP or an
authdirserver. Complaining loudly to OR admins just confuses people.


svn:r4014
2005-04-06 00:50:40 +00:00
Nick Mathewson
0e81265359 update copyright notices.
svn:r3982
2005-04-01 20:15:56 +00:00
Nick Mathewson
e04a82ecaf Patch: when extending to an unknown router, compare identity to expected identity; not nickname-to-expected identity.
svn:r3937
2005-03-31 23:30:13 +00:00
Nick Mathewson
2d40991427 Report HTTP reasons to directory clients. (Also, fix format on new TODO items)
svn:r3811
2005-03-22 18:43:24 +00:00
Nick Mathewson
97dad670ea Renormalize whitespace
svn:r3757
2005-03-14 03:18:35 +00:00
Roger Dingledine
6faaac2706 add support for CONNECTing through https proxies.
not sure if it works. i don't have an https proxy.


svn:r3682
2005-02-24 10:56:55 +00:00
Nick Mathewson
6e6d95b3db Change from inet_ntoa to a threadproof tor_inet_ntoa.
svn:r3656
2005-02-22 08:18:36 +00:00
Roger Dingledine
efa9bb5535 fix the latest bug: don't explode when some router declares a
bandwidthburst of 500 gigabytes.

this bug seems to have taken down most of the network. oops.


svn:r3523
2005-02-03 22:58:22 +00:00
Roger Dingledine
2e97593d25 define TOR_FRAGILE if you want tor to give you a core when
something goes wrong. this should only be used by people actively
tracking bugs.


svn:r3487
2005-02-01 00:37:16 +00:00
Roger Dingledine
5d8659429e be less noisy about complaining when a jap client tries to connect
and we refuse him.


svn:r3472
2005-01-30 23:52:47 +00:00
Roger Dingledine
e432d2ceea we should handle the case where the client has no cert, for
backwards compatibility with jap clients.


svn:r3466
2005-01-30 08:02:33 +00:00
Roger Dingledine
0aff4ff4cb get rid of 0.0.8 backwards compatibility
svn:r3353
2005-01-13 20:22:38 +00:00
Nick Mathewson
324b192f68 Make Tor use Niels Provos's libevent instead of it's current
poll-but-sometimes-select mess.  This will let us use faster async cores
(like epoll, kpoll, and /dev/poll), and hopefully work better on Windows
too.

There are some fairly nasty changes to main.c here; this will almost
certainly break something.  But hey, that's what alphas are for.


svn:r3341
2005-01-12 06:42:32 +00:00
Nick Mathewson
fca7ba9777 Resolve task 42: find where 19-char nicknames were getting truncated when read from certs, and fix it. Also audit use of MAX_NICKNAME_LEN; no other badness found, but some docs/code cleaned up a touch.
svn:r3244
2005-01-03 17:53:20 +00:00
Roger Dingledine
70075933c6 stop checking for clock skew, even for servers.
this means we are vulnerable to an attack where somebody recovers
and uses a really old certificate. however, if they do that, they
probably can get our identity key just as easily.


svn:r3241
2005-01-03 17:10:32 +00:00
Roger Dingledine
011ad3cba5 clean up logging,
make it clearer which warns are bugs,
make the control log event match its specification,
point out a bug in how we deal with failure when renewing the tls context.


svn:r3138
2004-12-13 00:44:39 +00:00
Nick Mathewson
7fbd297532 Suggestion from weasel: Make tor --version --version dump the cvs Id of every file.
svn:r3019
2004-11-29 22:25:31 +00:00
Roger Dingledine
22727b4edc wrong is ok, and right is fine, but in between is apparently
totally unacceptable to me.


svn:r3005
2004-11-28 11:39:53 +00:00
Nick Mathewson
6f5dbefa7e Normalize space: add one between every control keyword and control clause.
svn:r3003
2004-11-28 09:05:49 +00:00
Roger Dingledine
7c9a707900 remove emacs droppings, since nick says he doesn't need them anymore
svn:r2989
2004-11-26 04:00:55 +00:00
Nick Mathewson
f91152ce6a Clarify a bunch of log messages
svn:r2983
2004-11-25 04:20:10 +00:00
Nick Mathewson
d4754b334c Compile cleanly on windows; prevent some insane bandwidth cases (e.g., "BandwidthBurst 1000 TB" from occuring.
svn:r2941
2004-11-22 22:24:10 +00:00
Roger Dingledine
310a8da0d2 break reached_eof() out of process_inbuf()
svn:r2930
2004-11-21 10:14:57 +00:00
Nick Mathewson
8acaf8e187 Add "MEMUNIT" and "INTERVAL" types to configuration. Also tweak Accounting setup. More docs needed
svn:r2911
2004-11-20 00:37:00 +00:00
Nick Mathewson
930464c889 Change "warn if unverified routers are very skewed" to "never warn about unverified router skew"
svn:r2885
2004-11-15 04:28:24 +00:00
Nick Mathewson
402c75fb06 Allow more clock skew from unrecognized hosts than from recognized ones.
svn:r2874
2004-11-14 22:08:25 +00:00
Nick Mathewson
aab929abe0 Use the data, *then* free it. It works so much better.
svn:r2837
2004-11-13 23:27:50 +00:00
Nick Mathewson
60880cda84 Resolve a bunch of FIXME items; mark a lot more for attention; ask for clarification on some. Turn all XXXX008 ("showstopper for 0.0.8 release") items into XXXX009 or XXXX, since plainly they were not showstoppers for 0.0.8. Add/clean some docs.
svn:r2808
2004-11-12 16:39:03 +00:00
Nick Mathewson
954570486f Resolve a FIXME: use identity comparison, not nickname comparison, to
choose circuit ID types.  This is important because our view of "the
nickname of the router on the other side of this connection" is
skewed, and depends on whether we think the other rotuer is
verified--and there's no way to know whether another router thinks you
are verified.

For backward compatibility, we notice when the other router chooses
the same circuit ID type as us (because it's running an old version),
and switch our type to be polite.


svn:r2797
2004-11-10 20:14:37 +00:00
Roger Dingledine
394554cfbf Clean up copyrights.
Break connection_consider_empty_buckets() out of
connection_read_bucket_decrement().


svn:r2698
2004-11-07 01:33:06 +00:00
Roger Dingledine
6c61ed4fb5 Make options no longer a global variable.
Now we can try setting an option but back out if it fails to parse, or
  if it's disallowed (e.g. changing RunAsDaemon from 1 to 0).
Use parse_line_from_str rather than parse_line_from_file.


svn:r2692
2004-11-06 05:18:11 +00:00
Roger Dingledine
d0c158c8d6 clarify the bandwidthburst and bandwidthrate are in bytes
(niels had thought they were in bits, or kb, or something)


svn:r2669
2004-11-04 03:25:43 +00:00
Nick Mathewson
451f8b5045 - Implement all of control interface except authentication, setconfig,
and actually making the sockets.
- Make sure that identity-based nicknames start with $.
- Use new string_join interface.


svn:r2661
2004-11-03 18:33:07 +00:00
Roger Dingledine
97a0a43511 start the process of making 0.0.7* obsolete
svn:r2565
2004-10-17 21:51:20 +00:00
Roger Dingledine
de65052312 don't assert multiple things in the same tor_assert()
svn:r2544
2004-10-16 22:14:52 +00:00
Nick Mathewson
e0cce8fba8 Unify tests for "did I originate this nonopen OR connection?"
svn:r2468
2004-10-13 20:05:57 +00:00
Nick Mathewson
9c49947163 Check fingerprint list before generating running-routers lists; also add as-yet-uncalled function to update an OR connection nickname on the fly
svn:r2458
2004-10-13 01:13:37 +00:00
Nick Mathewson
d20d10f360 If we are an authoritative dirserver, check out the fingerprint list when setting connection nicknames
svn:r2389
2004-09-28 22:24:56 +00:00
Roger Dingledine
a2517b4f07 checking only 0.0.7 and 0.0.8 didn't work, because some dirservers
files have really old descriptors for the authdirservers, so we're
asking them in the new format because they're too old.

now we actually compare the version to a cutoff version, and act
appropriately.

also take this chance to use only >=0.0.8 servers for dns resolves,
because of the recent bugs. we'll bump to >=0.0.9pre1 once there are
some servers running that.


svn:r2380
2004-09-27 06:00:43 +00:00
Roger Dingledine
fa0a1ec49f cleanup: use strcmpstart() in more places
svn:r2372
2004-09-23 22:18:50 +00:00
Roger Dingledine
699a9d8b46 commit some minor fixes from this sandbox so i can commit the next one
svn:r2229
2004-08-15 05:28:09 +00:00
Roger Dingledine
b2c7b5adfb fix a race condition in 008pre2: don't try to extend onto a connection
that's still handshaking.

for servers in clique mode, require the conn to be open before you'll
choose it for your path.


svn:r2198
2004-08-08 10:32:36 +00:00
Roger Dingledine
b48cdc9d40 populate router_get_my_routerinfo()->is_verified
svn:r2097
2004-07-22 06:03:53 +00:00
Roger Dingledine
1e62d24ddc bugfix: only require the correct key if the nickname is for
a verified router


svn:r2084
2004-07-21 18:20:09 +00:00
Roger Dingledine
84b8f8e04a fix some bool logic
svn:r2075
2004-07-21 02:42:49 +00:00
Roger Dingledine
e547ab293b make connection_tls_finish_handshake() more plausible.
now we accept connections from unknown routers.


svn:r2074
2004-07-21 02:25:14 +00:00
Nick Mathewson
334de84cbe Misc small code cleanups; remove exit_server_mode(); change tor_tls_verify behavior
svn:r2073
2004-07-21 00:44:04 +00:00