Resolve some XXXX012 items:
- Remove PathlenCoinWeight: if we want it again, we can add it
back in.
- Ditto with RelayBandwidth*.
- Decide to leave in the "hey, you didn't set end_reason!" BUG log message,
but stop telling people to bug me personally.
- Postpone strengthening assert_connection_ok(): it's important, but
it's also a good way to introduce weird bugs.
- Move some expensive consistency checking from dns_free_all() into
assert_cache_ok().
svn:r9533
Fix several bugs in computing recommended versions. 1) refactor is-this-version-good handling and which-vesions-are-good handling to be in the same place. 2) a version is recommended if more than half of the versioning authorities like it, not >= half. 3) "NEW_IN_SERIES" should mean, "I don't know of an 0.1.1.x this recent, and there are some 0.1.2.x versions out", not "I don't know of an 0.1.1.x this recent, but I know some older ones." This should resolve bug 383.
svn:r9523
Set hibernate_end_time whenever we start hibernating. This fixes a problem where we would start hibernating upon startup (since it isn't time to wake up yet) but we would wind up setting the "stop hibernating" time not to the wakeup time, but to the end of the interval. Also, split hibernate_end_time from shutdown_time. Possible fix for bug 362.
svn:r9512
Report stream end events where a resolve succeeded or where we got a socks protocol error correctly, rather than calling both of them "INTERNAL". Turn ALREADY_SOCKS_REPLIED into a flag rather than a reason. This will help debug 367 part 2 a little.
svn:r9511
(Hopefully) final changes for 0.1.2.7-alpha: disable checking for whether the user account in question exists on --service install, since that seems to make windows go boom. We can figure out why later. Also, let the admin specify a password for the target user.
svn:r9506
Remove a now-bogus assert() from nt_service_command_line(), and change option handling. (Now that we no longer force a -f, it is possible to have no command-line options for Tor-as-service.)
svn:r9503
The --service install code can no longer default to adding an -f option for the appdata directory of the current user, since the target user probably will not be able to read it. Instead, warn the user if no explicit torrc filename is given.
svn:r9502
More win32 account flumdummery: when LocalService exists, you can't detect it via LookupAccountName. The only good test is to see whether we're on win2k or earlier.
Apparently, somebody wouldn't know where to draw the line between implementation and interface if you gave them tracing paper and a copy of Stevens.
svn:r9499
Fix bug 254, sort of: make the default NT service user NetworkService rather than NULL (system). Also, add a --user argument to --service install so that admins can override this default: this latter point should take care of most of my objections to NetworkService. I have no idea whether this even compiles.
svn:r9486
Add a REMAP state to stream events so that controllers can learn exactly when the target address for a stream has changed. May help Vidalia resolve confusions related to bug 375.
svn:r9484
Add documentation to src/common/*.h; improve documentation for SMARTLIST_FOREACH; remove never-used options and corresponding tests from tor_strpartition.
svn:r9483
Fix an XXXX012, and make circuits_pending_or_conns a static variable. In addition to cleaning up the code, this may also resolve Bug 386 if Roger has the right intuition there.
svn:r9482
Removing the last DOCDOC comment hurt so much that I had to use Doxygen to identify undocumented macros and comments, and add 150 more DOCDOCs to point out where they were. Oops. Hey, kids! Fixing some of these could be your first Tor patch!
svn:r9477
Note a few questionable bits pointed out by RATS. (And no, RATS, I'm not about to stop having fixed-sized local buffers for you. I know how to use them, thankyouverymuch.)
svn:r9474
Fix a bug in our assertions related to removing recently-completed DNS lookup attempts on exit. It is okay to find a cache entry with the same name as a DONE entry, so long it is not the same struct as the DONE entry.
svn:r9467
Write the entry guards section of path-spec; note a possible bug in cirbuitbuild.c; add a const; defer work on torrc.complete to be part of a bigger config documentation reorg.
svn:r9465
Add a couple of fixes I turned up while writing regression tests for libevent: Allow DNS servers on ports other than 53, and handle TTLs correctly on reverse hostname lookups.
svn:r9458
directory tunnel without knowing a descriptor first. Still not
ready yet. As part of the change, now assume we can use a
create_fast cell if we don't know anything about a router.
svn:r9440
This one is a little tricky. Our BEGIN_DIR implementation has a
problem: the dirserv conns will decide they can flush all their data
immediately, since the edge_conns will read greedily.
For our 0.1.2 workaround, we track which or_conn a bridged dirserv
conn is attached to, and stop writing when its outbuf is too full, and
start writing again when the or_conn's outbuf empties out a little.
This requires a bit of pointer management. Let's hope it works.
svn:r9432
When logging TLS certificate and identity-related errors, scrub IP addresses for incoming connections, and distinguish between incoming and outgoing connections in log messages. Backport candidate.
svn:r9391
Remove redundant check for whether _connection_write_to_buf_impl is called with a zlib and a non-directory connection: TO_DIR_CONN will already assert if it gets a non-dir connection.
svn:r9390
Fix an XXXX012 in routerlist.c: when we do not have enough networkstatuses to launch router requests, do not launch router requests. Backport candidate.
svn:r9388
Implement SOCKS_BAD_HOSTNAME status event. Defer remaining status events. Clean up control-spec.txt a little, and fill in recommendations for events.
svn:r9374
aggressively. my vidalia bandwidth graph, when rate limiting
to 32kB/s, has the "write" line constantly at 32kB. I can't
imagine what's going on with the relay latency but it can't
be good.
svn:r9366
Apparently, the OpenBSD linker thinks it knows C better than I do, and gets to call me names for having strcat and strcpy and sprintf in my code--whether I use them safely or not. All right, OpenBSD. You win... this round.
svn:r9360
Tidy up ORCONN reason patch from Mike Perry. Changes: make some of the handling of TLS error codes less error prone. Enforce house style wrt spaces. Make it compile with --enable-gcc-warnings. Only set or_conn->tls_error in the case of an actual error. Add a changelog entry.
svn:r9355
handshake to finish. Previously we would let them sit around for
days, if the connecting application didn't close them either.
Also take this opportunity to refactor a duplicate bit of circuituse.c.
And change the semantics of SocksTimeout slightly, but I think it'll
be ok.
svn:r9350
Check addresses for rfc953-saneness at exit too, and give a PROTOCOL_WARN when they fail. Also provide a mechanism to override this, so blossom can have its @@##$$^.whatever.exit hostnames if it wants.
svn:r9336
Clear untrusted networkstatuses after 10 days too. (This is not a terribly awful bug, since we would only ever retain 16 of them, but it still might be nice to backport.) Resolves part A of bug 372.
svn:r9324
Implement a control status event for bad libevent version/method combos. Warn that libevent <1.1 with select() is needlessly slow. Reply to comment.
svn:r9284
Fix computation of total_exit_bandwidth; this will cause exits not to get recommended as guards if the total exit bandwidth if they constitute less than a third of total available bandwidth. There may be problems here with flapping; lets see if they occur in practice.
svn:r9281
Re-enable warning when we resolve an already resolved address. We only warn here now if the address is not a testing address. Also, refactor out a function to check whether an address is used for testing.
svn:r9280
Add (and specify) a BadDirectory flag to networkstatuses, so authorities can tell clients that some caches are broken. Also, implement an as-yet-unused function to estimate how many bytes will be sent on a directory connection.
svn:r9255
Close any directory connection on which we have received 10MB or more of data. This prevents a malicious directory cache from running us out of memory by spooling an infinite amount of data. (Not a terribly good attack, but hey, every one helps.)
svn:r9210