* commit 'tor-0.2.1.16-rc': (31 commits)
Bump version to 0.2.1.16-rc
prepare changelog for 0.2.1.16-rc
Better fix for 997.
Revert "Backport fix for bug 997."
tor-resolve: Don't automatically refuse .onion addresses.
Backport fix for bug 997.
Revise earlier check for correct IPv4 addr length to check for ==4.
Check answer_len in the remap_addr case of process_relay_cell_not_open.
update requirements to openssl 0.9.7
Missing changelog entry about geoip
Move and fix a changelog entry. Noticed by optimist.
Avoid a memory corruption problem related to "private" in DirPolicy.
Update the rest of the geoip file.
Update the geoip file
Fix gprof bottlenecks on exit nodes found by Jacob.
Do not report a node as a "chosen exit" when it is not in fact an exit.
Make the second argument to routerset_contains_extendinfo const
Don't attempt to log messages to a controller from a worker thread.
Clean up a bit of C logic, and fix an erroneous warning.
Consider *ListenAddress when warning about low ports and hibernation
...
If the Tor is running with AutomapHostsOnResolve set, it _is_
reasonable to do a DNS lookup on a .onion address. So instead we make
tor-resolve willing to try to resolve anything. Only if Tor refuses
to resolve it do we suggest to the user that resolving a .onion
address may not work.
Fix for bug 1005.
The rest of the code was only including event.h so that it could see
EV_READ and EV_WRITE, which we were using as part of the
connection_watch_events interface for no very good reason.
This patch adds a new compat_libevent.[ch] set of files, and moves our
Libevent compatibility and utilitity functions there. We build them
into a separate .a so that nothing else in src/commmon depends on
Libevent (partially fixing bug 507).
Also, do not use our own built-in evdns copy when we have Libevent
2.0, whose evdns is finally good enough (thus fixing Bug 920).
Fix an edge case where a malicious exit relay could convince a
controller that the client's DNS question resolves to an internal IP
address. Bug found and fixed by "optimist"; bugfix on 0.1.2.8-beta.
Fix an edge case where a malicious exit relay could convince a
controller that the client's DNS question resolves to an internal IP
address. Bug found and fixed by "optimist"; bugfix on 0.1.2.8-beta.
Hidden service clients didn't use a cached service descriptor that
was older than 15 minutes, but wouldn't fetch a new one either. Now,
use a cached descriptor no matter how old it is and only fetch a new
one when all introduction points fail. Fix for bug 997. Patch from
Marcus Griep.
Apparently all the stuff that does a linear scan over all the DNS
cache entries can get really expensive when your DNS cache is very
large. It's hard to say how much this will help performance, since
gprof doesn't count time spent in OpenSSL or zlib, but I'd guess 10%.
Also, this patch removes calls to assert_connection_ok() from inside
the read and write callbacks, which are similarly unneeded, and a
little costlier than I'm happy with.
This is probably worth backporting to 0.2.0.
Provide a useful warning when launch_circuit tries to make us use a
node we don't want to use. Just give an info message when this is a
normal and okay situation. Fix for logging issues in bug 984.
Update Standards-Version from 3.8.0 to 3.8.1. No real changes required, we
already support nocheck in DEB_BUILD_OPTIONS since August 2004, and we already
create our var/run directory in the init script (tho we now no longer ship it
either - see above).
