Commit Graph

8009 Commits

Author SHA1 Message Date
Nick Mathewson
dfa6cde4d4 Merge remote-tracking branch 'public/bug2649_squashed' into maint-0.2.2 2011-09-07 14:43:06 -04:00
Nick Mathewson
d27874a4f2 Remove a now-needless test. 2011-09-07 14:18:32 -04:00
Nick Mathewson
0cb01f5c97 Merge remote-tracking branch 'public/split_entry_conn'
Conflicts:
	src/or/connection.c
	src/or/connection_edge.c
	src/or/connection_edge.h
	src/or/dnsserv.c

Some of these were a little tricky, since they touched code that
changed because of the prop171 fixes.
2011-09-07 14:13:57 -04:00
Robert Ransom
8aad677bb7 Die if tor_vasprintf fails in connection_printf_to_buf
tor_asprintf already asserts if it fails.
2011-09-07 12:14:58 -04:00
Nick Mathewson
947012e153 Merge remote-tracking branch 'public/bug3851' 2011-09-07 11:22:24 -04:00
Nick Mathewson
9ef2cd7776 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/connection_edge.c

Conflicted on a router->node transition; fix was easy.
2011-09-06 20:55:31 -04:00
Nick Mathewson
2bf0e7479b Fix assertion in addressmap_clear_excluded_trackexithosts
Fixes bug 3923; bugfix on 0.2.2.25-alpha; bugfix from 'laruldan' on trac.
2011-09-06 20:26:20 -04:00
Sebastian Hahn
d10ae9c028 Don't update AccountingSoftLimitHitAt on startup
Add a "default" state which we use until we've decided whether we're
live or hibernating. This allows us to properly track whether we're
resuming a hibernation period or not. Fixes bug 2003.
2011-09-01 17:21:50 +02:00
Sebastian Hahn
ebb5f8df36 Explicitly set bucket_cfg to NULL after we freed it
This should fix bug 3888.
2011-09-01 12:34:16 +02:00
Nick Mathewson
393e4fb5b5 Use %f with printf-style formatting, not %lf
For printf, %f and %lf are synonymous, since floats are promoted to
doubles when passed as varargs.  It's only for scanf that we need to
say "%lf" for doubles and "%f" for floats.

Apparenly, some older compilers think it's naughty to say %lf and like
to spew warnings about it.

Found by grarpamp.
2011-08-30 20:44:42 -04:00
Nick Mathewson
561ab14a5e Switch a SMARTLIST_FOREACH in circuitbuild.c to BEGIN/END
It had some cpp stuff inside, and older GCCs don't like preprocessor
directives inside macro arguments.

Found by grarpamp.
2011-08-30 20:44:30 -04:00
Sebastian Hahn
b51e21c5d0 Add a bufferevent note to startup log
This should help us easily spot if a tor was built with
--enable-bufferevent or not
2011-08-29 23:10:03 +02:00
Nick Mathewson
cdbfc2a0c2 Fix compilation on non-bufferevent systems after 3803 fix: oops. 2011-08-29 13:41:59 -04:00
Nick Mathewson
0de8afd8f5 Split out rephist parts of buckets_decrement
For bufferevents, we had all of connection_buckets_decrement() stubbed
out.  But that's not actually right!  The rephist_* parts were
essential for, inter alia, recording our own bandwidth.  This patch
splits out the rephist parts of connection_buckets_decrement() into their
own function, and makes the bufferevent code call that new function.

Fixes bug 3803, and probably 3824 and 3826 too.  Bugfix on 0.2.3.1-alpha.
2011-08-29 13:33:31 -04:00
Nick Mathewson
3b02a959b3 Make FetchUselessDescriptors fetch all desc types
Previously, if you were set up to use microdescriptors, and you
weren't a cache, you'd never fetch router descriptors (except for
bridges).  Now FetchUselessDescriptors causes descriptors and
mirodescs to get cached.  Also, FetchUselessDescriptors changes the
behavior of "UseMicrodescriptors auto" to be off, since there's no
point in saying "UseMicrodescriptors 1" when you have full descriptors
too.

Fix for bug 3851; bugfix on 0.2.3.1-alpha.
2011-08-29 11:18:06 -04:00
George Kadianakis
c554a27a44 Clarify the heartbeat message a bit. 2011-08-27 18:45:54 +02:00
Nick Mathewson
81fe1934af Fix a bufferevent-related bug that killed tunneled dirserv conns
Because tunneled connections are implemented with buffervent_pair,
writing to them can cause an immediate flush.  This means that
added to them and then checking to see whether their outbuf is
empty is _not_ an adequate way to see whether you added anything.
This caused a problem in directory server connections, since they
would try spooling a little more data out, and then close the
connection if there was no queued data to send.

This fix should improve matters; it only closes the connection if
there is no more data to spool, and all of the spooling callbacks
are supposed to put the dirconn into dir_spool_none on completion.

This is bug 3814; Sebastian found it; bugfix on 0.2.3.1-alpha.
2011-08-26 16:10:17 -04:00
Nick Mathewson
dfcd3d9ce0 Set write low-watermarks on all bufferevents.
If we don't do this, then we never invoke the bufferevent write
callbacks until all the bufferevent's data is flushed.
2011-08-24 17:31:37 -04:00
Nick Mathewson
59d0f750c9 Apply rate-limiting to the lowest bufferevent in the stack.
When we're doing filtering ssl bufferevents, we want the rate-limits
to apply to the lowest level of the bufferevent stack, so that we're
actually limiting bytes sent on the network. Otherwise, we'll read
from the network aggressively, and only limit stuff as we process it.
2011-08-24 17:31:32 -04:00
Nick Mathewson
dd6a9a923d Disable run-time changes to DisableIOCP: They do not work 2011-08-19 17:07:54 -04:00
Nick Mathewson
df96aed14f Remove warning about a loop parsing evbuffer socks
This behavior is normal when we want more data than the evbuffer
actually has for us.  We'll ask for (say) 7 bytes, get only 5
(because that's all there is), try to parse the 5 bytes, and get
told "no, I want 7".  One option would be to bail out early whenever
want_length is > buflen, but sometimes we use an over-large
want_length.  So instead, let's just remove the warning here: it's
not a bug after all.
2011-08-18 16:15:03 -04:00
Nick Mathewson
263d68aa82 Appease "make check-spaces" 2011-08-18 15:17:37 -04:00
Nick Mathewson
d2cd67c83f Use evbuffer_copyout() in inspect_evbuffer(). 2011-08-17 13:09:05 -04:00
Nick Mathewson
06be6105e4 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/config.c
2011-08-17 12:00:44 -04:00
Nick Mathewson
d79d648edc Don't write ControlPorts to disk till after we setuid and make datadir
Fix for bug 3747; bugfix on 0.2.2.26-beta.
2011-08-17 11:22:16 -04:00
Nick Mathewson
14552a12b3 Merge branch 'bug3743' 2011-08-17 10:46:28 -04:00
Nick Mathewson
6650dc932a Remove a needless config_find_option 2011-08-17 10:46:22 -04:00
Sebastian Hahn
6a06f45b04 Actually pick a random port when "auto" is specified
ddc65e2b33 had broken this
2011-08-17 10:41:36 -04:00
Kamran Riaz Khan
e6e804848c Don't compare LINELIST_S and OBSOLETE config options. 2011-08-16 06:28:38 +05:00
George Kadianakis
db4cde3810 Improve the code a tad.
* Use strcmpstart() instead of strcmp(x,y,strlen(y)).
* Warn the user if the managed proxy failed to launch.
* Improve function documentation.
* Use smartlist_len() instead of n_unconfigured_proxies.
* Split managed_proxy_destroy() to managed_proxy_destroy()
  and managed_proxy_destroy_with_transports().
* Constification.
2011-08-15 17:26:03 +02:00
Nick Mathewson
2dc40b9c49 Merge remote-tracking branch 'asn/bug3728' 2011-08-15 11:06:50 -04:00
Nick Mathewson
aeb27526f8 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-08-15 10:54:55 -04:00
Robert Ransom
03f6ee8c5f Remove extra quotation marks around the result of esc_for_log 2011-08-15 10:54:19 -04:00
Nick Mathewson
0ddc8de0b6 Oops; _actually_ enable microdesc-by-default for clients
It turns out that it wasn't enough to set the configuration to
"auto", since the correct behavior for "auto" had been disabled in
microdesc.c.   :p

(Hasn't been in a release yet, so doesn't need a changes entry.)
2011-08-15 10:52:23 -04:00
George Kadianakis
ec8d0a6d83 Free global_rate_limit in connection_free_all(). 2011-08-13 20:37:13 +02:00
George Kadianakis
a5fd07d178 Move connection_free_all() to the bottom of connection.c to enjoy maximum visibility. 2011-08-13 20:29:22 +02:00
George Kadianakis
ea3e9416c6 Spawn multiple protocols using a single managed proxy.
If multiple torrc transport lines have the same argv, tor instructs a
single managed proxy to launch multiple protocols.
2011-08-12 21:33:05 +02:00
Nick Mathewson
5da9f722f2 Whitespace tweaks 2011-08-10 15:06:45 -04:00
Nick Mathewson
5252c9434f Fix a const warning in bug1692 code 2011-08-10 15:06:11 -04:00
Nick Mathewson
b76f46c6d8 Merge branch 'bug1692-squashed' 2011-08-10 15:04:36 -04:00
Kamran Riaz Khan
02a735dfa8 Fix condition reported by nickm. 2011-08-10 15:03:25 -04:00
Kamran Riaz Khan
73f07c558b Return if CONF_CHANGED isn't interesting. 2011-08-10 15:03:25 -04:00
Kamran Riaz Khan
643913de75 Escape configuration values before sending them via CONF_CHANGED. 2011-08-10 15:03:24 -04:00
Kamran Riaz Khan
86f68ed695 Use smartlist_asprintf_add() to improve readability. 2011-08-10 15:03:24 -04:00
Nick Mathewson
333df6006d Make FooPort 0 correctly disable the FooPort.
Since the prop171 stuff, it had instead made Tor bind port 0, and
re-bind it differently all the time.

Resolves bug3704; not in any released version.
2011-08-09 14:52:22 -04:00
Sebastian Hahn
7c340a97b1 Sticking a size_t into long generates a warn on win 2011-08-09 11:34:21 +02:00
Kamran Riaz Khan
5f624805e7 Minor code readability fix. 2011-08-09 03:17:21 +05:00
Kamran Riaz Khan
23ef12462a Minor comment fix. 2011-08-08 19:58:43 +05:00
Kamran Riaz Khan
02c62b2966 Refactor to do CONF_CHANGED event formatting inside control.c 2011-08-08 19:19:06 +05:00
Nick Mathewson
a72b1815e8 Merge remote-tracking branch 'public/bug3550' 2011-08-08 10:05:41 -04:00
Robert Ransom
cb24a06a3e Remove connection_edge_streams_are_compatible
It's dead code (not used anywhere by the current proposal 171 algorithm).
2011-08-08 09:43:16 -04:00
Robert Ransom
cab3641638 Fix handling of ISO_STREAM
Now we track *which* stream with ISO_STREAM set is associated to a
particular circuit, so that we won't think that stream is incompatible
with its circuit and launch another one a second later, and we use that
same field to mark circuits which have had an ISO_STREAM stream attached
to them, so that we won't ever put a second stream on that circuit.

Fixes bug 3695.
2011-08-08 09:42:48 -04:00
Kamran Riaz Khan
5a801a8c8b Emits CONF_CHANGED events whenever Tor's configuration values change. 2011-08-08 04:38:53 +05:00
George Kadianakis
941709ee50 Server transport proxies should bind on the same port each time, if possible. 2011-08-07 18:05:40 +02:00
Robert Ransom
52421e9101 Fix log message typo 2011-08-06 00:25:07 -07:00
Nick Mathewson
ce87887461 Merge remote-tracking branch 'public/bug3683' 2011-08-05 20:21:27 -04:00
Nick Mathewson
413574ad38 Clear socks auth fields before free 2011-08-05 19:07:33 -04:00
Nick Mathewson
e511a3a4dd Handle storing much longer socks4 authentication data. 2011-08-05 18:56:30 -04:00
Karsten Loesing
d690a99dfe Clean up bridge-stats code.
Only write a bridge-stats string if bridge stats have been
initialized.  This behavior is similar to dirreq-stats, entry-stats,
etc.

Also add a few unit tests for the bridge-stats code.
2011-08-04 21:18:19 +02:00
Karsten Loesing
88083463cb Separate generation of an entry-stats string from writing it to disk.
This commit is similar to the previous two commits for dirreq-stats,
but for entry-stats.
2011-08-04 21:18:19 +02:00
Karsten Loesing
2174fc0ba0 Separate generation of a dirreq-stats string from writing it to disk.
This patch separates the generation of a dirreq-stats string from
actually writing it to disk.  The new geoip_format_dirreq_stats()
generates a dirreq-stats string that geoip_dirreq_stats_write() writes
to disk.  All the state changing (e.g., resetting the dirreq-stats
history and initializing the next measurement interval) takes place in
geoip_dirreq_stats_write().  That allows us to finally test the
dirreq-stats code better.
2011-08-04 21:18:19 +02:00
Karsten Loesing
abeaabba00 Clean up geoip_dirreq_stats_write().
We later want to split this function into one function that generates
the dirreq-stats string and one that writes it to disk.
2011-08-04 21:18:19 +02:00
Karsten Loesing
3d3ed853e7 Add unit tests for buffer-stats.
Now that formatting the buffer-stats string is separate from writing
it to disk, we can also decouple the logic to extract stats from
circuits and finally write some unit tests for the history code.
2011-08-04 21:18:18 +02:00
Karsten Loesing
07dc46e7fc Separate generation of a buffer-stats string from writing it to disk.
The new rep_hist_format_buffer_stats() generates a buffer-stats string
that rep_hist_buffer_stats_write() writes to disk.  All the state
changing (e.g., resetting the buffer-stats history and initializing
the next measurement interval) takes place in
rep_hist_buffer_stats_write().  That allows us to finally test the
buffer-stats code better.
2011-08-04 21:18:18 +02:00
Karsten Loesing
95ebd01e62 Clean up rep_hist_buffer_stats_write().
We later want to split this function into one function that generates
the buffer-stats string and one that writes it to disk.
2011-08-04 21:18:13 +02:00
Karsten Loesing
8f4e5fa2b5 Create cell-stats history even if we didn't see a single circuit.
So far, if we didn't see a single circuit, we refrained from
generating a cell-stats string and logged a warning.  Nobody will
notice the warning, and people will wonder why there's no cell-stats
string in the extra-info descriptor.  The better behavior is to
generate a cell-stats string with all zeros.
2011-08-04 21:04:44 +02:00
Karsten Loesing
a6a127c833 Replace files in stats/ rather than appending to them.
Right now, we append statistics to files in the stats/ directory for
half of the statistics, whereas we overwrite these files for the other
half. In particular, we append buffer, dirreq, and entry stats and
overwrite exit, connection, and bridge stats.

Appending to files was useful when we didn't include stats in extra-info
descriptors, because otherwise we'd have to copy them away to prevent
Tor from overwriting them.

But now that we include statistics in extra-info descriptors, it makes
no sense to keep the old statistics forever. We should change the
behavior to overwriting instead of appending for all statistics.

Implements #2930.
2011-08-04 20:57:29 +02:00
Nick Mathewson
e5e7b6d718 Make --quiet and --hush apply to default logs, not only initial logs
Fixes bug 3550; bugfix on 0.2.0.10-alpha (where --quiet was introduced).
2011-08-04 14:23:51 -04:00
Nick Mathewson
8054e81e14 Treat socks_request->{username,password} as non-NUL-terminated
They *are* non-NUL-terminated, after all (and they have to be, since
the SOCKS5 spec allows them to contain embedded NULs.  But the code
to implement proposal 171 was copying them with tor_strdup and
comparing them with strcmp_opt.

Fix for bug on 3683; bug not present in any yet-released version.
2011-08-04 12:03:31 -04:00
Nick Mathewson
6596aa022f Implement protocol-type isolation correctly.
Previously we'd just looked at the connection type, but that's
always CONN_TYPE_AP.  Instead, we should be looking at the type of
the listener that created the connection.

Spotted by rransom; fixes bug 3636.
2011-08-02 10:48:39 -04:00
Nick Mathewson
e802199cb3 Initial patch to build Tor with msvc and nmake
We'll still need to tweak it so that it looks for includes and
libraries somewhere more sensible than "where we happened to find
them on Erinn's system"; so that tests and tools get built too;
so that it's a bit documented; and so that we actually try running
the output.

Work done with Erinn Clark.
2011-08-01 12:36:59 -04:00
Nick Mathewson
569fe936b8 Move entry-only fields from edge_connection_t to entry_connection_t
Also, refactor the code accordingly.
2011-07-21 11:15:25 -04:00
Nick Mathewson
33e6a3d750 Add a new type entry_connection_t for entry connections
No fields have moved there yet; for now, it's just a placeholder type.
2011-07-21 10:39:59 -04:00
Ian Goldberg
a2bd0397ff Improve log messages for optimistic data retry 2011-07-21 09:49:00 -04:00
Roger Dingledine
d017cd67ff remember our future plan for bug 3617
(that is, to change the default for "UseOptimisticData auto" to
1 once we are more convinced that it works correctly.)
2011-07-21 00:34:58 -04:00
Nick Mathewson
2c98104c74 Add another precondition for isolation-clearing; fix 3620 2011-07-20 20:27:36 -04:00
Nick Mathewson
5df99cec98 Do not cannibalize a circuit with isolation values set. 2011-07-20 14:40:47 -04:00
Nick Mathewson
cd3709a2b0 For accuracy, s/exit_allows_optimistic_data/may_use_optimistic_data/ 2011-07-20 14:14:21 -04:00
Nick Mathewson
6e923ed8cd Add an OptimisticData option to control client-side optimistic data 2011-07-20 14:14:21 -04:00
Sebastian Hahn
9b0d3719ae Don't assert for listener connections 2011-07-20 19:42:11 +02:00
Nick Mathewson
e05ddf3e18 Check for port config before addr config in client port options
Otherwise, we'll fail, since "9050" looks like a perfectly fine address.
2011-07-20 13:40:09 -04:00
Nick Mathewson
6fa99ab32f Oops: we need to call parse_client_ports with validate_only==0 at least once 2011-07-20 13:35:02 -04:00
Nick Mathewson
2a6d12c7ad Fix a warning message. (Found by rransom) 2011-07-20 13:15:04 -04:00
Nick Mathewson
6b228726bc Initialize listener connection addr fields properly 2011-07-20 13:11:29 -04:00
Nick Mathewson
da83da9199 Add a missing break in a switch statement 2011-07-20 12:58:26 -04:00
Nick Mathewson
eaa1c05397 Merge branch 'optimistic-client'
The conflicts are with the proposal 171 circuit isolation code, and
they're all trivial: they're just a matter of both branches adding
some unrelated code in the same places.

Conflicts:
	src/or/circuituse.c
	src/or/connection.c
2011-07-20 09:50:53 -04:00
Nick Mathewson
195bcb6150 Merge remote-tracking branch 'public/prop171_v2' 2011-07-19 20:43:28 -04:00
Nick Mathewson
553ae5dfb5 Fix spurious warning in bufferevent socks parsing
The problem was that we weren't initializing want_length to 0 before
calling parse_socks() the first time, so it looked like we were
risking an infinite loop when in fact we were safe.

Fixes 3615; bugfix on 0.2.3.2-alpha.
2011-07-19 20:40:15 -04:00
Nick Mathewson
1017322b59 Fix a compile warning in config.c reported by sebastian 2011-07-19 14:04:55 -04:00
Nick Mathewson
e8b9815711 Take a smarter approach to clearing isolation info
Back when I added this logic in 20c0581a79, the rule was that whenever
a circuit finished building, we cleared its isolation info. I did that
so that we would still use the circuit even if all the streams that
had previously led us to tentatively set its isolation info had closed.

But there were problems with that approach: We could pretty easily get
into a case where S1 had led us to launch C1 and S2 had led us to
launch C2, but when C1 finished, we cleared its isolation and attached
S2 first.  Since C2 was still marked in a way that made S1
unattachable to it, we'd then launch another circuit needlessly.

So instead, we try the following approach now: when a circuit is done
building, we try to attach streams to it.  If it remains unused after
we try attaching streams, then we clear its isolation info, and try
again to attach streams.

Thanks to Sebastian for helping me figure this out.
2011-07-19 13:51:43 -04:00
Nick Mathewson
c2d3da6303 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-07-19 12:59:10 -04:00
Robert Ransom
f021df5824 Specify text or binary mode in every start_writing_to_stdio_file call 2011-07-19 11:11:34 -04:00
Nick Mathewson
12dfb4f5d8 Use socks username/password information in stream isolation 2011-07-19 02:44:12 -04:00
Nick Mathewson
94f85f216a Turn streq_opt into a generic strcmp_opt. 2011-07-19 02:36:11 -04:00
Nick Mathewson
172f8acbe7 Stick controller-originated resolves in their own session group 2011-07-19 02:02:17 -04:00
Nick Mathewson
8314fa5e5c Implement sensible isolation for tunneled directory conns
One-hop dirconn streams all share a session group, and get the
ISO_SESSIONGRP flag: they may share circuits with each other and
nothing else.

Anonymized dirconn streams get a new internal-use-only ISO_STREAM
flag: they may not share circuits with anything, including each other.
2011-07-19 02:02:17 -04:00
Nick Mathewson
424063e3b2 Implement destaddr-based isolation
The new candidate rule, which arma suggested and I like, is that
the original address as received from the client connection or as
rewritten by the controller is the address that counts.
2011-07-19 02:02:11 -04:00
Nick Mathewson
aef30547dc Add an option to limit the number of non-open client circuits.
This is mainly meant as a way to keep clients from accidentally
DOSing themselves by (e.g.) enabling IsolateDestAddr or
IsolateDestPort on a port that they use for HTTP.
2011-07-19 01:58:45 -04:00
Nick Mathewson
20c0581a79 Launch sufficient circuits to satisfy pending isolated streams
Our old "do we need to launch a circuit for stream S" logic was,
more or less, that if we had a pending circuit that could handle S,
we didn't need to launch a new one.

But now that we have streams isolated from one another, we need
something stronger here: It's possible that some pending C can
handle either S1 or S2, but not both.

This patch reuses the existing isolation logic for a simple
solution: when we decide during circuit launching that some pending
C would satisfy stream S1, we "hypothetically" mark C as though S1
had been connected to it.  Now if S2 is incompatible with S1, it
won't be something that can attach to C, and so we'll launch a new
stream.

When the circuit becomes OPEN for the first time (with no streams
attached to it), we reset the circuit's isolation status.  I'm not
too sure about this part: I wanted some way to be sure that, if all
streams that would have used a circuit die before the circuit is
done, the circuit can still get used.  But I worry that this
approach could also lead to us launching too many circuits.  Careful
thought needed here.
2011-07-19 01:58:45 -04:00
Nick Mathewson
773bfaf91e Implement stream isolation
This is the meat of proposal 171: we change circuit_is_acceptable()
to require that the connection is compatible with every connection
that has been linked to the circuit; we update circuit_is_better to
prefer attaching streams to circuits in the way that decreases the
circuits' usefulness the least; and we update link_apconn_to_circ()
to do the appropriate bookkeeping.
2011-07-19 01:58:45 -04:00
Nick Mathewson
1d3c8c1f74 Add a new isolation type and field: "nym epoch"
The "nym epoch" of a stream is defined as the number of times that
NEWNYM had been called before the stream was opened.  All streams
are isolated by nym epoch.

This feature should be redundant with existing signewnym stuff, but
it provides a good belt-and-suspenders way for us to avoid ever
letting any circuit type bypass signewnym.
2011-07-19 01:58:45 -04:00
Nick Mathewson
461623e7f9 Const-ify a few functions 2011-07-19 01:58:44 -04:00
Nick Mathewson
ea0a9b16b9 (Unused) backend logic for stream isolation
This patch adds fields to track how streams should be isolated, and
ensures that those fields are set correctly.  It also adds fields to
track what streams can go on a circuit, and adds functions to see
whether a streams can go on a circuit and update the circuit
accordingly.  Those functions aren't yet called.
2011-07-19 01:58:44 -04:00
Nick Mathewson
d2205ca458 Refactor listener_connection_t into its own type.
This will allow us to add more fields to listener_connection_t
without bloating the other connection types.
2011-07-19 01:58:44 -04:00
Nick Mathewson
ddc65e2b33 Parse prop171 options; refactor listener/port option code
Proposal 171 gives us a new syntax for parsing client port options.
You can now have as many FooPort options as you want (for Foo in
Socks, Trans, DNS, NATD), and they can have address:port arguments,
and you can specify the level of isolation on those ports.

Additionally, this patch refactors the client port parsing logic to
use a new type, port_cfg_t.  Previously, ports to be bound were
half-parsed in config.c, and later re-parsed in connection.c when
we're about to bind them.  Now, parsing a port means converting it
into a port_cfg_t, and binding it uses only a port_cfg_t, without
needing to parse the user-provided strings at all.

We should do a related refactoring on other port types.  For
control ports, that'll be easy enough.  For ORPort and DirPort,
we'll want to do this when we solve proposal 118 (letting servers
bind to and advertise multiple ports).

This implements tickets 3514 and 3515.
2011-07-19 01:58:43 -04:00
Nick Mathewson
2163e420b2 Merge remote-tracking branch 'public/bug3560' 2011-07-18 17:57:06 -04:00
Nick Mathewson
218e84b634 Remember optimistically sent data until we have gotten a CONNECTED
Since we can retry failed streams under some circumstances, we need
to be ready to send data queued on them.
2011-07-18 15:43:16 -04:00
Nick Mathewson
34a52534bb Add a generic_buffer_t to use the best buffer type we have on hand
Also add a quick function to copy all the data in a buffer.  (This
one could be done much better, but let's see if it matters.)
2011-07-18 15:36:20 -04:00
Nick Mathewson
1e441df2d0 Only use optimistic data with exits that support it
This adds a little code complexity: we need to remember for each
node whether it supports the right feature, and then check for each
connection whether it's exiting at such a node.  We store this in a
flag in the edge_connection_t, and set that flag at link time.
2011-07-18 13:56:22 -04:00
Nick Mathewson
ba5d758104 Initial optimistic_client fixes
- Conform to make check-spaces
  - Build without warnings from passing size_t to %d
  - Use connection_get_inbuf_len(), not buf_datalen (otherwise bufferevents
    won't work).
  - Don't log that we're using this feature at warn.
2011-07-18 13:00:48 -04:00
Ian Goldberg
326d5c156d Implement the client side of optimistic data (proposal 174) 2011-07-18 12:56:45 -04:00
George Kadianakis
cfb473ed34 Changed a printf() to a log_debug(). 2011-07-18 17:08:55 +02:00
George Kadianakis
69271b2a38 Reuse get_string_from_pipe() in log_from_pipe(). 2011-07-18 17:06:16 +02:00
George Kadianakis
51cdd30c01 Let's be smarter while parsing {Client,Server}TransportPlugin lines. 2011-07-18 16:42:31 +02:00
George Kadianakis
14c5a24fe7 Replaced ST_* enum prefix for stream status with IO_STREAM_*. 2011-07-18 02:35:29 +02:00
George Kadianakis
a8f21f91cf Updated #includes etc. to use transports.[ch]. 2011-07-18 02:33:31 +02:00
George Kadianakis
d8c04c7ea5 Renamed pluggable_transports.[ch] to transports.[ch]. 2011-07-18 02:19:38 +02:00
Nick Mathewson
975150a13e Better messages when we're stalled because of microdescriptors
It's a little confusing for me to say "only X/Y descriptors" when
I have microdescriptors enabled.  So, let's fix that.
2011-07-15 19:38:27 -04:00
Nick Mathewson
b8943461c0 Fix bug in upload/download of hsdesc with microdescs
Previously we were using router_get_by_id(foo) to test "do we have a
descriptor that will let us make an anonymous circuit to foo".  But
that isn't right for microdescs: we should have been using node_t.

Fixes bug 3601; bugfix on 0.2.3.1-alpha.
2011-07-15 18:55:12 -04:00
Nick Mathewson
8157dcbdf8 Merge remote-tracking branch 'sebastian/compile_warning' 2011-07-15 17:54:49 -04:00
Nick Mathewson
2b660f9781 Fix a wide line. "Tradition!" 2011-07-15 17:53:13 -04:00
Sebastian Hahn
2d0b56a505 Fix a compile warning on OS X 10.6 2011-07-15 23:12:43 +02:00
Nick Mathewson
6aef89bda4 Remove compare_addr_to_node_policy
Instead, use compare_tor_addr_to_node_policy everywhere.

One advantage of this is that compare_tor_addr_to_node_policy can
better distinguish 0.0.0.0 from "unknown", which caused a nasty bug
with microdesc users.
2011-07-15 13:04:12 -04:00
Nick Mathewson
f40df02f3e Treat null address as "unknown", not "rejected" in md policy
Previously, we had an issue where we'd treat an unknown address as
0, which turned into "0.0.0.0", which looked like a rejected
address.  This meant in practice that as soon as we started doing
comparisons of unknown uint32 addresses to short policies, we'd get
'rejected' right away.  Because of the circumstances under which
this would be called, it would only happen when we had local DNS
cached entries and we were looking to launch new circuits.
2011-07-15 13:04:06 -04:00
Nick Mathewson
3380dc9cc0 Remove compare_addr_to_addr_policy
Nothing used it but the unit tests; everything else knows to use
compare_tor_addr_to_addr_policy instead.
2011-07-15 12:31:09 -04:00
Nick Mathewson
44cfa53873 Make WIN32_WINNT defines conditional
Requested by Gisle Vanem on tor-dev.  I'm not quite sure this is the
right solution, but it's probably harmless.
2011-07-15 10:03:59 -04:00
Nick Mathewson
852b131281 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/control.c
2011-07-14 17:22:23 -04:00
Nick Mathewson
2e34416c6d Improve error msg on failed getinfo fingerprint 2011-07-14 17:19:52 -04:00
Nick Mathewson
642cff5bca Only download microdesc consensus from caches that support it
Bugfix on 0.2.3.1-alpha; found by arma; never got a bug number.
2011-07-14 14:19:18 -04:00
George Kadianakis
86b20e0d8a Reverting the accounting thing introduced in 5492de76 till I think how it should be done properly. 2011-07-14 04:24:10 +02:00
George Kadianakis
684aca7faf Changed a couple of 180 spec stuff according to #3578.
* Restored "proxy" in external ServerTransportPlugin lines.
* Changed the extended OR port and ORPort env. vars to addr:port.
2011-07-14 01:03:35 +02:00
George Kadianakis
5492de76dd Put some last missing pieces together.
* Add some utility transport functions in circuitbuild.[ch] so that we
  can use them from pt.c.
* Make the accounting system consider traffic coming from proxies.
* Make sure that we only fetch bridge descriptors when all the
  transports are configured.
2011-07-13 19:06:07 +02:00
George Kadianakis
9ba2d0e439 Create the pluggable_transports.[ch] source files responsible for talking the 180 talk. 2011-07-13 19:00:28 +02:00
George Kadianakis
73a1e98cb9 Add support for managed {Client,Server}TransportPlugin parsing. 2011-07-13 18:58:11 +02:00
Nick Mathewson
5000e59b5f Change GETINFO fingerprint to look at server_mode, not my_descriptor
It's possible for us to be a server and have a fingerprint without
having yet generated a descriptor.

Fixes bug 3577; bugfix on 0.2.0.1-alpha
2011-07-13 12:45:18 -04:00
Nick Mathewson
e8bfe89365 Resolve a warning from the bug1666 branch 2011-07-13 12:13:12 -04:00
Nick Mathewson
1aab5b6b39 Merge remote-tracking branch 'public/bug1666'
Conflicts:
	doc/spec/socks-extensions.txt
	src/or/buffers.c
	src/or/config.c
	src/or/connection_edge.c
2011-07-13 12:12:16 -04:00
Nick Mathewson
9a6642f6f5 Avoid warning in broken_state_count_compare 2011-07-12 11:23:55 -04:00
Nick Mathewson
16c5a62a66 Add more error checks to socks parsing code
Suggested by Linus to avoid uninitialized reads or infinite loops if
it turns out our code is buggier than we had thought.
2011-07-12 10:51:31 -04:00
Nick Mathewson
597da4989e Merge branch 'bug2798' 2011-07-11 17:04:21 -04:00
Nick Mathewson
d82384658d Tweaks to bug2798 based on comments by arma 2011-07-11 17:02:03 -04:00
Nick Mathewson
b49e561f01 Turn on microdescriptors for clients 2011-07-11 16:54:43 -04:00
Nick Mathewson
b55e31aeb4 Merge remote-tracking branch 'rransom-tor/bug3427' 2011-07-11 16:32:58 -04:00
Nick Mathewson
42ff326afa Merge branch 'bug2616' 2011-07-11 16:22:12 -04:00
Nick Mathewson
2a594fcde9 Disable recording new broken conns when we have bootstrapped
Rationale: right now there seems to be no way for our bootstrap
status to dip under 100% once it has reached 100%.  Thus, recording
broken connections after that point is useless, and wastes memory.

If at some point in the future we allow our bootstrap level to go
backwards, then we should change this rule so that we disable
recording broken connection states _as long as_ the bootstrap status
is 100%.
2011-07-11 16:13:17 -04:00
Nick Mathewson
e253e9577f Clear broken connection map on successful bootstrap 2011-07-11 16:13:17 -04:00
Nick Mathewson
3f97c665aa Document feature3116 fns and improve output
- We were reporting the _bottom_ N failing states, not the top N.
- With bufferevents enabled, we logged all TLS states as being "in
  bufferevent", which isn't actually informative.
- When we had nothing to report, we reported nothing too loudly.
- Also, we needed documentation.
2011-07-11 16:13:17 -04:00
Nick Mathewson
b0de8560f6 Report the states of failed TLS connections from bootstrap_problem 2011-07-11 16:13:17 -04:00
Nick Mathewson
b25ca8af06 Limit the number of different handshake reasons to report
If connections failed in more than 10 different states, let's just
report the top ten states.
2011-07-11 16:13:17 -04:00
Nick Mathewson
734d9486f6 Record the states of failing OR connections
This code lets us record the state of any outgoing OR connection
that fails before it becomes open, so we can notice if they're all
dying in the same SSL state or the same OR handshake state.

More work is still needed:
  - We need documentation
  - We need to actually call the code that reports the failure when
    we realize that we're having a hard time connecting out or
    making circuits.
  - We need to periodically clear out all this data -- perhaps,
    whenever we build a circuit successfully?
  - We'll eventually want to expose it to controllers, perhaps.

Partial implementation of feature 3116.
2011-07-11 16:13:17 -04:00