when building testing circs for orport testing, require high-bandwidth
nodes, so fewer circs fail. complain about unreachable orport separately
from unreachable dirport.
svn:r3935
Add 'testing' circuit purpose, for reachability testing.
Notice when our IP changes, and reset stats.
Try to pull down a directory via Tor to see if our DirPort is working.
Try to extend a circuit back to us to see if our ORPort is working.
Only publish a descriptor if they're both reachable.
These mostly work, and I'd better get them in before I cause conflicts.
svn:r3703
to the exit policy of the last hop. Intro and rendezvous circs must
be internal circs, to avoid leaking information. Resolve and connect
streams can use internal circs if they want.
New circuit pooling algorithm: make sure to have enough circs around
to satisfy any predicted ports, and also make sure to have 2 internal
circs around if we've required internal circs lately (with high uptime
if we've seen that lately).
Split NewCircuitPeriod config option into NewCircuitPeriod (30 secs),
which describes how often we retry making new circuits if current ones
are dirty, and MaxCircuitDirtiness (10 mins), which describes how long
we're willing to make use of an already-dirty circuit.
Once rendezvous circuits are established, keep using the same circuit as
long as you attach a new stream to it at least every 10 minutes. (So web
browsing doesn't require you to build new rend circs every 30 seconds.)
Cannibalize GENERAL circs to be C_REND, C_INTRO, S_INTRO, and S_REND
circ as necessary, if there are any completed ones lying around when
we try to launch one.
Re-instate the ifdef's to use version-0 style introduce cells, since
there was yet another bug in handling version-1 style. We'll try switching
over again after 0.0.9 is obsolete.
Bugfix: when choosing an exit node for a new non-internal circ, don't take
into account whether it'll be useful for any pending x.onion addresses --
it won't.
Bugfix: we weren't actually publishing the hidden service descriptor when
it became dirty. So we only published it every 20 minutes or so, which
means when you first start your Tor, the hidden service will seem broken.
svn:r3360
high capacity nodes. When building circuits, choose appropriate nodes.
New config option LongLivedPorts to indicate application streams
that will want high uptime circuits.
When attaching a stream to a circuit, pay attention to its requirements.
This means that every single node in an intro rend circuit, not just
the last one, will have a minimum uptime.
Boost the min uptime from an hour to 24 hours.
svn:r3339
make it clearer which warns are bugs,
make the control log event match its specification,
point out a bug in how we deal with failure when renewing the tls context.
svn:r3138
Stop treating the uint16_t's as null-terminated strings,
and stop looking at the byte after them to see if it's null,
because sometimes you're not allowed to look there.
svn:r3108
that will handle each such port. (We can extend this to include addresses
if exit policies shift to require that.) Seed us with port 80 so web
browsers won't complain that Tor is "slow to start up".
This was necessary because our old circuit building strategy just involved
counting circuits, and as time went by we would build up a big pile of
circuits that had peculiar exit policies (e.g. only exit to 9001-9100)
which would take up space in the circuit pile but never get used.
Fix router_compare_addr_to_addr_policy: it was not treating a port of *
as always matching, so we were picking reject *:* nodes as exit nodes too.
If you haven't used a clean circuit in an hour, throw it away, just to
be on the safe side.
This means after 6 hours a totally unused Tor client will have no
circuits open.
svn:r3078
waiting for its connected cell, we were calculating time from when the
ap_conn was created. So if it waited say 20 seconds before being attached,
then we would immediately decide that the circuit had timed out.
Also, make circuit_dump_by_conn() display actual circuit progress,
including circuits that haven't been attached to the conn yet but
hope to when it finishes connecting.
svn:r3072
