Commit Graph

8739 Commits

Author SHA1 Message Date
Nick Mathewson
f089804332 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-01-03 15:31:19 -05:00
Nick Mathewson
e365aee971 Avoid assertion on read_file_to_str() with size==SIZE_T_CEILING-1
Spotted by doors, fixes bug 2326.
2011-01-03 15:30:11 -05:00
Nick Mathewson
a96b46570f Merge remote branch 'origin/maint-0.2.2' 2011-01-03 15:16:36 -05:00
Nick Mathewson
cee433d751 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-01-03 15:15:54 -05:00
Nick Mathewson
e09ab69703 Check size against SIZE_T_CEILING in realloc too.
Fixes bug 2324.
2011-01-03 15:15:27 -05:00
Nick Mathewson
0489f7e004 Merge remote branch 'origin/maint-0.2.2' 2011-01-03 13:19:10 -05:00
Nick Mathewson
27cefef3a2 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-01-03 13:18:33 -05:00
Nick Mathewson
8932753169 Merge remote branch 'rransom/bug2327-v2' 2011-01-03 13:07:43 -05:00
Nick Mathewson
394a6bf4cd Merge remote branch 'origin/maint-0.2.2' 2011-01-03 12:47:58 -05:00
Nick Mathewson
bb5f99d4df Merge remote branch 'sebastian/bug2314' into maint-0.2.2 2011-01-03 12:47:14 -05:00
Nick Mathewson
5c09431cc7 Never include pthread.h when building for Windows.
On Windows, we never use pthreads, since it doesn't usually exist,
and when it does it tends to be a little weirdly-behaved.  But some
mingw installations have a pthreads installed, so autoconf detects
pthread.h and tells us about it.  This would make us include
pthread.h, which could make for trouble when the iffy pthread.h
tried to include config.h.

This patch changes compat.h so that we never include pthread.h on
Windows.  Fixes bug 2313; bugfix on 0.1.0.1-rc.
2011-01-03 12:45:13 -05:00
Nick Mathewson
1e295666d9 Tweak GETINFO process/* code: no need to print an int as anything other than %d 2011-01-03 12:11:09 -05:00
Damian Johnson
8708ffa655 Implementing getinfo options for the pid, uid, user, and descriptor limit as per proposal 173. 2011-01-03 12:04:56 -05:00
Nick Mathewson
93a6d53ef3 Add a note about _compare_int not doing overflow right 2011-01-03 12:03:21 -05:00
Nick Mathewson
57a86fd433 Fix a wide line in rephist.c 2011-01-03 12:03:04 -05:00
Nick Mathewson
c5382255bd Merge remote branch 'origin/maint-0.2.2' 2011-01-03 12:00:59 -05:00
Nick Mathewson
40ef9087cf Fix a function formatting warning in rephist.c 2011-01-03 11:59:47 -05:00
Nick Mathewson
66039d9843 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2
Conflicts:
	src/or/routerparse.c
2011-01-03 11:58:59 -05:00
Nick Mathewson
989db9aed1 fix whitespace issues 2011-01-03 11:57:42 -05:00
Nick Mathewson
a1ceee193b Bump copyright statements to 2011 (master) 2011-01-03 11:55:01 -05:00
Nick Mathewson
8730884ebe Merge remote branch 'origin/maint-0.2.2' 2011-01-03 11:53:28 -05:00
Nick Mathewson
30b3475e6d Bump copyright statements to 2011 (0.2.2) 2011-01-03 11:52:09 -05:00
Nick Mathewson
f1de329e78 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2
Conflicts:
	src/common/test.h
	src/or/test.c
2011-01-03 11:51:17 -05:00
Nick Mathewson
1a07348a50 Bump copyright statements to 2011 2011-01-03 11:50:39 -05:00
Robert Ransom
305ba230fe Don't throw away incomplete SOCKS proxy responses.
Introduced in 9796b9bfa6.
2010-12-29 05:55:45 -08:00
Robert Ransom
524fdeeb1e Use evbuffer_pullup properly in fetch_from_evbuffer_socks_client.
evbuffer_pullup does nothing and returns NULL if the caller asks it to
linearize more data than the buffer contains.

Introduced in 9796b9bfa6.

Reported by piebeer; fixed with help from doors.
2010-12-29 05:52:09 -08:00
Sebastian Hahn
9ecf133686 Fix compile wanrings revealed by gcc 4.5 on mingw 2010-12-27 09:47:41 +01:00
Sebastian Hahn
da91900135 Disable stats requiring geoip info if we have none
In other parts of the code we will otherwise attempt to collect these
statistics, and that will lead to crashes.
2010-12-22 08:34:41 +01:00
Nick Mathewson
00775ab4ed Merge remote branch 'karsten/dirreq-stats-default'
Conflicts:
	src/or/config.c
2010-12-21 16:01:00 -05:00
Nick Mathewson
95e21779a3 Merge remote branch 'origin/maint-0.2.2' 2010-12-21 15:53:32 -05:00
Nick Mathewson
e895919b17 Merge remote branch 'public/bug2060' into maint-0.2.2 2010-12-21 15:53:03 -05:00
Nick Mathewson
0a3b7f1471 Merge remote branch 'origin/maint-0.2.2' 2010-12-21 15:50:09 -05:00
Nick Mathewson
cdbd6d0fe8 Merge remote branch 'rransom/bug2190_the_hard_way' into maint-0.2.2 2010-12-21 15:48:14 -05:00
Nick Mathewson
69771bb5fc Merge remote branch 'public/bug2190_021' into maint-0.2.1 2010-12-21 15:44:50 -05:00
Roger Dingledine
c79427a992 Merge branch 'maint-0.2.2' 2010-12-19 22:08:42 -05:00
Roger Dingledine
c63c937465 Merge commit 'nickm/fix_security_bug_022' into maint-0.2.2 2010-12-16 17:24:11 -05:00
Roger Dingledine
975ffe4398 Merge commit 'nickm/fix_security_bug_021' into maint-0.2.1 2010-12-16 16:59:12 -05:00
Nick Mathewson
dd2ae32bc1 Turn on epoll changelists with libevent 2.0.9-rc and later
Libevent 2.0 has a "changelist" feature that avoids making redundant
syscalls if we wind up doing a lot of event_add/event_del operations
on the same fd in a row.  Unfortunately, due to a weird design
choice in Linux, it doesn't work right with epoll when multiple fds
refer to the same socket (e.g., one is a dup() of the other).  We
don't dup() anything we give to Libevent, though, so it is safe for
us to explicitly turn this feature on.
2010-12-16 13:37:43 -05:00
Nick Mathewson
1d0f8fe53c Merge remote branch 'origin/maint-0.2.2' 2010-12-16 10:06:36 -05:00
Nick Mathewson
591f65dde6 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2010-12-16 10:05:07 -05:00
Karsten Loesing
3c3b1d14fd Change gabelmoo's IP address and ports. 2010-12-16 13:28:30 +01:00
Nick Mathewson
b5e293afe6 Merge remote branch fix_security_bug_021 into fix_security_bug_022
Conflicts:
	src/common/memarea.c
	src/or/or.h
	src/or/rendclient.c
2010-12-15 22:48:23 -05:00
Nick Mathewson
b8a7bad799 Make payloads into uint8_t.
This will avoid some signed/unsigned assignment-related bugs.
2010-12-15 22:31:11 -05:00
Nick Mathewson
a62b79dfc9 Merge remote branch 'origin/maint-0.2.2' 2010-12-14 14:13:56 -05:00
Nick Mathewson
ddfb398494 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2
Conflicts:
	src/config/geoip
2010-12-14 14:13:24 -05:00
Nick Mathewson
785086cfba Have all of our allocation functions and a few others check for underflow
It's all too easy in C to convert an unsigned value to a signed one,
which will (on all modern computers) give you a huge signed value.  If
you have a size_t value of size greater than SSIZE_T_MAX, that is way
likelier to be an underflow than it is to be an actual request for
more than 2gb of memory in one go.  (There's nothing in Tor that
should be trying to allocate >2gb chunks.)
2010-12-13 18:40:21 -05:00
Nick Mathewson
649ee99846 Base SIZE_T_CEILING on SSIZE_T_MAX. 2010-12-13 18:40:15 -05:00
Robert Ransom
cc051f9aca Only add each log message to pending_cb_messages once. 2010-12-11 05:26:36 -08:00
Robert Ransom
4a9d60734c Don't call flush_pending_log_callbacks while logging LD_NOCB messages.
Found by boboper.
2010-12-11 04:41:35 -08:00
Karsten Loesing
35148ba532 Update to the December 1 2010 Maxmind GeoLite Country database. 2010-12-08 17:59:40 +01:00
Nick Mathewson
4e9f9a4ee8 Merge remote branch 'origin/maint-0.2.2' 2010-12-07 11:37:14 -05:00
Nick Mathewson
f924fbf19f Merge branch 'bug2081_followup_022' into maint-0.2.2 2010-12-07 11:35:49 -05:00
Nick Mathewson
5efe6f04c6 Reject relay versions older than 0.2.0.26-rc
This was the first version to cache the correct directory information.

Fixes bug 2156.
2010-12-07 11:35:32 -05:00
Nick Mathewson
3fc43debfb Merge remote branch 'origin/maint-0.2.2' 2010-12-06 12:07:37 -05:00
Nick Mathewson
dc2f10bd81 Fix a bug in calculating wakeup time on 64-bit machines.
If you had TIME_MAX > INT_MAX, and your "time_to_exhaust_bw =
accountingmax/expected_bandwidth_usage * 60" calculation managed to
overflow INT_MAX, then your time_to_consider value could underflow and
wind up being rediculously low or high.  "Low" was no problem;
negative values got caught by the (time_to_consider <= 0) check.
"High", however, would get you a wakeup time somewhere in the distant
future.

The fix is to check for time_to_exhaust_bw overflowing INT_MAX, not
TIME_MAX: We don't allow any accounting interval longer than a month,
so if time_to_exhaust_bw is significantly larger than 31*24*60*60, we
can just clip it.

This is a bugfix on 0.0.9pre6, when accounting was first introduced.
It fixes bug 2146, unless there are other causes there too.  The fix
is from boboper.  (I tweaked it slightly by removing an assignment
that boboper marked as dead, and lowering a variable that no longer
needed to be function-scoped.)
2010-12-06 12:01:32 -05:00
Nick Mathewson
bbadf07d16 Merge remote branch 'origin/maint-0.2.2' 2010-12-06 11:37:37 -05:00
Nick Mathewson
feffbce814 Add a missing ! to directory_fetches_from_authorities
The old logic would have us fetch from authorities if we were refusing
unknown exits and our exit policy was reject*.  Instead, we want to
fetch from authorities if we're refusing unknown exits and our exit
policy is _NOT_ reject*.

Fixed by boboper.  Fixes more of 2097.  Bugfix on 0.2.2.16-alpha.
2010-12-06 11:36:01 -05:00
Nick Mathewson
36d68d2301 Fetch missing certs to authenticate microdesc consensuses as needed
Fixes bug 2253; fix by rransom
2010-12-06 11:26:45 -05:00
Nick Mathewson
0893793f01 Merge remote branch 'origin/maint-0.2.2' 2010-12-03 13:45:10 -05:00
Nick Mathewson
c0f1517d87 Don't crash when accountingmax is set in non-server Tors
We use a hash of the identity key to seed a prng to tell when an
accounting period should end.  But thanks to the bug998 changes,
clients no longer have server-identity keys to use as a long-term seed
in accounting calculations.  In any case, their identity keys (as used
in TLS) were never never fixed.  So we can just set the wakeup time
from a random seed instead there.  Still open is whether everybody
should be random.

This patch fixes bug 2235, which was introduced in 0.2.2.18-alpha.

Diagnosed with help from boboper on irc.
2010-12-03 13:37:13 -05:00
Karsten Loesing
0bd884cd5b Make connection direction statistics compile again. 2010-12-03 17:37:13 +01:00
Karsten Loesing
8db10c6d2f Write bidirectional connection stats in single line.
There's no need to have a separate line conn-stats-end for the end date
and interval length with only a single line conn-bi-direct following.
2010-12-03 16:47:53 +01:00
Karsten Loesing
91fec693e0 Refactor conn stats and add unit tests. 2010-12-03 16:47:53 +01:00
Karsten Loesing
c3c6a6ed34 Document BIDI_* constants. 2010-12-03 16:47:52 +01:00
Karsten Loesing
f56529b4b2 Call the new config option ConnDirectionStatistics. 2010-12-03 16:47:52 +01:00
Karsten Loesing
5dfdf075ac Add metric on uni/bidirectional connection usage. 2010-12-03 16:47:51 +01:00
Nick Mathewson
520182579a Merge remote branch 'origin/maint-0.2.2' 2010-12-02 13:21:09 -05:00
Nick Mathewson
ee8f451bf1 Fix a harmless off-by-one error in counting controller argument lengths
Bugfix on 0.1.1.1-alpha; found by boboper.
2010-12-02 13:19:21 -05:00
Steven Murdoch
d5127ebdd8 Fix connecting the stdin of tor-fw-helper to /dev/null
This wasn't working due to the parameters of dup2 being in the wrong order.
As a result, tor-fw-helper was inheriting the stdin of Tor.
2010-12-01 12:22:21 -05:00
Nick Mathewson
9908404f01 Merge remote branch 'sjmurdoch/cloexec' 2010-12-01 11:42:34 -05:00
Steven Murdoch
a961521a86 Check that FD_CLOEXEC is set before using it
I don't know if any platforms we care about don't have FD_CLOEXEC,
but this is what we do elsewhere
2010-12-01 15:43:17 +00:00
Steven Murdoch
367794ce02 Open connection to DNS resolvers with CLOEXEC flag set
NB: this will now register the socket with the socket accounting code
2010-12-01 15:40:11 +00:00
Steven Murdoch
786abbd54c Open log files with CLOEXEC flag set 2010-12-01 15:38:18 +00:00
Nick Mathewson
3ed7505dc5 Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	src/or/relay.c
2010-11-30 19:23:40 -05:00
Nick Mathewson
8fa4450fde Do not invoke tls_renegotiated_cb for non-bufferevent connections too early.
This is not the most beautiful fix for this problem, but it is the simplest.

Bugfix for 2205.  Thanks to Sebastian and Mashael for finding the
bug, and boboper/cypherpunks for figuring out why it was happening
and how to fix it, and for writing a few fixes.
2010-11-30 17:55:27 -05:00
Roger Dingledine
9f51e26715 fix memory leak introduced in 26e89742
found via valgrind
2010-11-30 16:52:19 -05:00
Nick Mathewson
25b0fd8868 Revise comment on 2210 a little; clean up n_streams/num_streams confusion
Also add a changes file
2010-11-29 16:07:27 -05:00
Nick Mathewson
89e97bdf94 Add wrappers function for libc random()
On windows, it's called something different.
2010-11-29 16:00:47 -05:00
Nick Mathewson
0eafe23ff3 Fix whitespace in patch for 2210 and backport to 0.2.2 2010-11-29 16:00:43 -05:00
Mashael AlSabah
12fa6e23cb Improve fairness when activating streams in circuit_resume_edge_reading_helper
The reason the "streams problem" occurs is due to the complicated
interaction between Tor's congestion control and libevent. At some point
during the experiment, the circuit window is exhausted, which blocks all
edge streams. When a circuit level sendme is received at Exit, it
resumes edge reading by looping over linked list of edge streams, and
calling connection_start_reading() to inform libevent to resume reading.
When the streams are activated again, Tor gets the chance to service the
first three streams activated before the circuit window is exhausted
again, which causes all streams to be blocked again. As an experiment,
we reversed the order in which the streams are activated, and indeed the
first three streams, rather than the last three, got service, while the
others starved.

 Our solution is to change the order in which streams are activated. We
choose a random edge connection from the linked list, and then we
activate streams starting from that chosen stream. When we reach the end
of the list, then we continue from the head of the list until our chosen
stream (treating the linked list as a circular linked list). It would
probably be better to actually remember which streams have received
service recently, but this way is simple and effective.
2010-11-29 15:34:21 -05:00
Nick Mathewson
19019f26b0 Merge remote branch 'origin/maint-0.2.2' 2010-11-29 15:30:17 -05:00
Nick Mathewson
a5174b092e Merge branch 'exitstats' into maint-0.2.2 2010-11-29 15:28:22 -05:00
Nick Mathewson
a8a8e08220 comment karsten's bug2196 patch a little 2010-11-29 15:27:54 -05:00
Nick Mathewson
ae6b31aba9 Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	configure.in
	contrib/tor-mingw.nsi.in
	src/win32/orconfig.h
2010-11-24 17:06:26 -05:00
Robert Ransom
de75afc556 Avoid dereferencing NULL if a bridge fails to build an ei descriptor.
Reported by an anonymous commenter on Trac.
2010-11-24 13:18:11 -08:00
Karsten Loesing
4fed43ab2e Report only the top 10 ports in exit-port stats. 2010-11-24 08:45:05 +01:00
mingw-san
78df6404eb Fix compilation with mingw and OpenSSL 0.9.8m+ 2010-11-23 12:47:38 -05:00
Nick Mathewson
ff014eb5ea Use S_CASE for ehostunreach, not E_CASE. Partial backport of 69deb22f. Fixes 0.2.1 compilation on windows 2010-11-23 12:47:21 -05:00
Nick Mathewson
12f3186719 Disable DirPort when BridgeRelay is set 2010-11-22 13:12:48 -05:00
Nick Mathewson
2af14b671d Have authorities reject routers running verions susceptible to bug 1038. 2010-11-22 11:16:36 -05:00
Roger Dingledine
713db8dbfa bump to 0.2.2.19-alpha 2010-11-21 18:00:12 -05:00
Roger Dingledine
d77bc69b0c found this whitespace fix in a sandbox 2010-11-21 15:57:22 -05:00
Nick Mathewson
cbd3745924 Merge remote branch 'origin/maint-0.2.2' 2010-11-21 14:34:22 -05:00
Nick Mathewson
2bd64f9e8f Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2010-11-21 14:33:11 -05:00
Nick Mathewson
a9d2148f53 Merge branch 'fix2204' into maint-0.2.1 2010-11-21 14:28:38 -05:00
Steven Murdoch
15f2b7859b Don't both open the socket with SOCK_CLOEXEC and set FD_CLOEXEC 2010-11-21 15:40:17 +00:00
Nick Mathewson
92a99736fd Do not set the hostname TLS extension server-side; only client-side
This may fix bug 2204, and resolve the incompatibility with openssl
0.9.8p/1.0.0b.
2010-11-20 22:21:50 -05:00
Steven Murdoch
9d63dfcf49 Fix compile error on MacOS X (and other platforms without O_CLOEXEC) 2010-11-20 13:50:55 +00:00
Nick Mathewson
9cbe64db45 Add missing cast when formatting uintptr_t
Found by Christian Kujau
2010-11-20 05:18:34 -05:00
Nick Mathewson
b4f56dd4c6 Obviate need for doing a CLOEXEC on pipes: just close them before exec 2010-11-20 01:24:30 -05:00
Nick Mathewson
e669d25e43 Do cloexec on socketpairs and stdio files 2010-11-20 01:16:29 -05:00
Nick Mathewson
5a66de7015 Initial work to set CLOEXEC on all possible fds
Still to go: some pipes, all stdio files.
2010-11-20 00:58:40 -05:00
Nick Mathewson
d166d18643 Better fix for 2190: defer libevent->controller messages instead of dropping 2010-11-19 22:52:32 -05:00
Nick Mathewson
668f7a2639 Do not send Libevent log messages to a controller (0.2.1 backport)
Doing so could make Libevent call Libevent from inside a Libevent
logging call, which is a recipe for reentrant confusion and
hard-to-debug crashes.  This would especially hurt if Libevent
debug-level logging is enabled AND the user has a controller
watching for low-severity log messages.

Fix bug 2190; fix on 0.1.0.2-rc.
2010-11-19 22:27:40 -05:00
Nick Mathewson
6199ac5fbe Do not send Libevent log messages to a controller.
Doing so could make Libevent call Libevent from inside a Libevent
logging call, which is a recipe for reentrant confusion and
hard-to-debug crashes.  This would especially hurt if Libevent
debug-level logging is enabled AND the user has a controller
watching for low-severity log messages.

Fix bug 2190; fix on 0.1.0.2-rc.
2010-11-19 22:22:43 -05:00
Nick Mathewson
e361de80bb Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	src/or/router.c
2010-11-19 16:58:22 -05:00
Nick Mathewson
21be4b5b4c Merge commit 'c643e0527c186b8ef2d259b2ef11a10c1d4ee3e5'
Conflicts:
	configure.in
	contrib/tor-mingw.nsi.in
	src/win32/orconfig.h
2010-11-19 16:55:07 -05:00
Nick Mathewson
a33b338c5b Fix a unit test broken by fix for 2195 2010-11-19 16:50:14 -05:00
Nick Mathewson
54551f3148 Merge branch 'fix2183', remote branch 'rransom/fix2195-v2' into maint-0.2.2 2010-11-19 16:48:13 -05:00
Robert Ransom
69472ca421 Fix logic error in router_dump_router_to_string.
Spotted by Nick Mathewson.
2010-11-19 13:23:45 -08:00
Nick Mathewson
e88486bc9d Add comments to some of the bug2183 fix code 2010-11-19 16:13:11 -05:00
Nick Mathewson
c77a32932d Fix wide lines in SIGNAL patch 2010-11-19 15:54:53 -05:00
John Brooks
7441999738 Add a SIGNAL event for control connections
Implements ticket #1955
2010-11-19 15:49:54 -05:00
Robert Ransom
780b8f4287 Generate a router descriptor even if generating an extra-info descriptor fails.
Fixes bug #2195.
2010-11-17 08:33:48 -08:00
Robert Ransom
213bcb3c40 Do not emit an extra-info-digest descriptor line if the digest is zero. 2010-11-17 08:32:17 -08:00
Karsten Loesing
0f1afaf595 Tweak the bugfix for 2183 a bit more. 2010-11-17 10:43:14 +01:00
Roger Dingledine
c643e0527c new development version 2010-11-16 14:45:40 -05:00
Roger Dingledine
e1e7988537 bump to 0.2.2.18-alpha 2010-11-16 00:20:49 -05:00
Roger Dingledine
6b82a6e88d Merge branch 'maint-0.2.2' 2010-11-16 00:16:25 -05:00
Roger Dingledine
a08a7e0fc6 warn more about AllowSingleHopExits 2010-11-16 00:13:25 -05:00
Roger Dingledine
a641646a98 Merge commit 'nickm/1776_redux_v1' into maint-0.2.2 2010-11-15 23:29:09 -05:00
Nick Mathewson
45b500d5a6 Clean up my 1776 fix a bit
Sebastian notes (and I think correctly) that one of our ||s should
have been an &&, which simplifies a boolean expression to decide
whether to replace bridges.  I'm also refactoring out the negation at
the start of the expression, to make it more readable.
2010-11-15 19:43:53 -05:00
Nick Mathewson
550be1df69 Merge remote branch 'origin/maint-0.2.2' 2010-11-15 15:41:37 -05:00
Nick Mathewson
cbad9f4520 Move controller event for socks warning into log_unsafe_socks_warning 2010-11-15 15:41:21 -05:00
Nick Mathewson
9399b885cd Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	src/or/buffers.c
2010-11-15 15:37:23 -05:00
Nick Mathewson
522c204ac9 Merge branch 'bug2000_nm_022' into maint-0.2.2 2010-11-15 15:31:40 -05:00
Nick Mathewson
8c2affe637 Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	src/or/config.c
	src/or/cpuworker.c
2010-11-15 14:14:13 -05:00
Nick Mathewson
433a98131a Merge remote branch 'sebastian/manpagefixups' into maint-0.2.2 2010-11-15 14:07:00 -05:00
Sebastian Hahn
da3a6e724f Rate-limit unsafe socks warning
Pick 5 seconds as the limit. 5 seconds is a compromise here between
making sure the user notices that the bad behaviour is (still) happening
and not spamming their log too much needlessly (the log message is
pretty long). We also keep warning every time if safesocks is
specified, because then the user presumably wants to hear about every
blocked instance.

(This is based on the original patch by Sebastian, then backported to
0.2.2 and with warnings split into their own function.)
2010-11-15 13:57:37 -05:00
Karsten Loesing
ff1cf35442 Don't use log_err for non-criticial warnings. 2010-11-15 13:39:53 +01:00
Karsten Loesing
cec21652a7 Try harder not to exceed the 50 KB extra-info descriptor limit.
Our checks that we don't exceed the 50 KB size limit of extra-info
descriptors apparently failed. This patch fixes these checks and reserves
another 250 bytes for appending the signature. Fixes bug 2183.
2010-11-15 12:51:51 +01:00
Nick Mathewson
2392290c18 Fix a remaining bug in Robert's bug1859 fix.
When intro->extend_info is created for an introduction point, it
only starts out with a nickname, not necessarily an identity digest.
Thus, doing router_get_by_digest isn't necessarily safe.
2010-11-12 19:52:27 -05:00
Robert Hogan
7488fe5a22 Issues with router_get_by_nickname()
https://trac.torproject.org/projects/tor/ticket/1859

Use router_get_by_digest() instead of router_get_by_hexdigest()
in circuit_discard_optional_exit_enclaves() and
rend_client_get_random_intro(), per Nick's comments.

Using router_get_by_digest() in rend_client_get_random_intro() will
break hidden services published by Tor versions pre 0.1.2.18 and
0.2.07-alpha as they only publish by nickname. This is acceptable
however as these versions only publish to authority tor26 and
don't work for versions in the 0.2.2.x series anyway.
2010-11-12 19:51:06 -05:00
Robert Hogan
e1d86d3817 Issues with router_get_by_nickname()
https://trac.torproject.org/projects/tor/ticket/1859

There are two problems in this bug:

1. When an OP makes a .exit request specifying itself as the exit, and the exit
   is not yet listed, Tor gets all the routerinfos needed for the circuit but
   discovers in circuit_is_acceptable() that its own routerinfo is not in the
   routerdigest list and cannot be used. Tor then gets locked in a cycle of
   repeating these two steps. When gathering the routerinfos for a circuit,
   specifically when the exit has been chosen by .exit notation, Tor needs to
   apply the same rules it uses later on when deciding if it can build a
   circuit with those routerinfos.

2. A different bug arises in the above situation when the Tor instance's
   routerinfo *is* listed in the routerlist, it shares its nickname with a
   number of other Tor nodes, and it does not have 'Named' rights to its
   nickname.
   So for example, if (i) there are five nodes named Bob in the network, (ii) I
   am running one of them but am flagged as 'Unnamed' because someone else
   claimed the 'Bob' nickname first, and (iii) I run my Tor as both client
   and exit the following can happen to me:
     - I go to www.evil.com
     - I click on a link www.evil.com.bob.exit
     - My request will exit through my own Tor node rather than the 'Named'
       node Bob or any of the others.
     - www.evil.com now knows I am actually browsing from the same computer
       that is running my 'Bob' node

So to solve both issues we need to ensure:

- When fulfilling a .exit request we only choose a routerinfo if it exists in
  the routerlist, even when that routerinfo is ours.
- When getting a router by nickname we only return our own router information
  if it is not going to be used for building a circuit.

We ensure this by removing the special treatment afforded our own router in
router_get_by_nickname(). This means the function will only return the
routerinfo of our own router if it is in the routerlist built from authority
info and has a unique nickname or is bound to a non-unique nickname.

There are some uses of router_get_by_nickname() where we are looking for the
router by name because of a configuration directive, specifically local
declaration of NodeFamilies and EntryNodes and other routers' declaration of
MyFamily. In these cases it is not at first clear if we need to continue
returning our own routerinfo even if our router is not listed and/or has a
non-unique nickname with the Unnamed flag.

The patch treats each of these cases as follows:

Other Routers' Declaration of MyFamily
 This happens in routerlist_add_family(). If another router declares our router
 in its family and our router has the Unnamed flag or is not in the routerlist
 yet, should we take advantage of the fact that we know our own routerinfo to
 add us in anyway? This patch says 'no, treat our own router just like any
 other'. This is a safe choice because it ensures our client has the same view
 of the network as other clients. We also have no good way of knowing if our
 router is Named or not independently of the authorities, so we have to rely on
 them in this.

Local declaration of NodeFamilies
 Again, we have no way of knowing if the declaration 'NodeFamilies
 Bob,Alice,Ringo' refers to our router Bob or the Named router Bob, so we have
to defer to the authorities and treat our own router like any other.

Local declaration of NodeFamilies
 Again, same as above. There's also no good reason we would want our client to
 choose it's own router as an entry guard if it does not meet the requirements
 expected of any other router on the network.

In order to reduce the possibility of error, the patch also replaces two
instances where we were using router_get_by_nickname() with calls to
router_get_by_hexdigest() where the identity digest of the router
is available.
2010-11-12 19:51:06 -05:00
Nick Mathewson
3d7772ece3 Merge remote branch 'karsten/enhancement1883' 2010-11-12 14:13:17 -05:00
Nick Mathewson
d61736aa6a Merge remote branch 'origin/maint-0.2.2' 2010-11-12 13:06:54 -05:00
Nick Mathewson
dbba84c917 Avoid perma-blocking the controller on bug in shrink_freelist
In all likelihood, this bug would make Tor assert, but if it doesn't,
let's not have two bugs.
2010-11-12 13:05:58 -05:00
Robert Ransom
a421e284d0 Disable logging to control port connections in buf_shrink_freelists.
If buf_shrink_freelists calls log_warn for some reason, we don't want the log
call itself to throw buf_shrink_freelists further off the rails.
2010-11-12 03:07:09 -08:00
Robert Ransom
81affe1949 Move the original log_info call out of the core of buf_shrink_freelists.
Sending a log message to a control port can cause Tor to allocate a buffer,
thereby changing the length of the freelist behind buf_shrink_freelists's back,
thereby causing an assertion to fail.

Fixes bug #1125.
2010-11-12 03:04:07 -08:00
Robert Ransom
6a0657d4bb Disable logging to control port connections in buf_shrink_freelists.
If buf_shrink_freelists calls log_warn for some reason, we don't want the log
call itself to throw buf_shrink_freelists further off the rails.
2010-11-12 02:34:58 -08:00
Robert Ransom
6d2e02d79b Move the original log_info call out of the core of buf_shrink_freelists.
Sending a log message to a control port can cause Tor to allocate a buffer,
thereby changing the length of the freelist behind buf_shrink_freelists's back,
thereby causing an assertion to fail.

Fixes bug #1125.
2010-11-12 02:34:51 -08:00
Karsten Loesing
8833381d9c Add two fixes to the new geoip-db-digest line. 2010-11-12 09:11:11 +01:00
Nick Mathewson
edec2797d7 Stop linking src/tools/* against libevent 2010-11-11 23:50:33 -05:00
Nick Mathewson
ae5cdb8fa7 Merge remote branch 'public/refactor_pports' 2010-11-11 23:09:42 -05:00
Nick Mathewson
67e7dbca80 Fix up tor-fw-helper "INCLUDES" directive 2010-11-11 14:33:40 -05:00
Nick Mathewson
223fc208f6 Split long lines in configure.in and Makefile.am files
Having very long single lines with lots and lots of things in them
tends to make files hard to diff and hard to merge.  Since our tools
are one-line-at-a-time, we should try to construct lists that way too,
within reason.

This incidentally turned up a few headers in configure.in that we were
for some reason searching for twice.
2010-11-11 14:22:48 -05:00
Roger Dingledine
a29596556c Merge branch 'maint-0.2.2'
Conflicts:

	src/or/config.c
2010-11-11 12:19:37 -05:00
Roger Dingledine
362bb5c625 Merge branch 'maint-0.2.1' into maint-0.2.2 2010-11-11 12:12:17 -05:00
Roger Dingledine
0a38358210 let unpublished bridges learn their ip address too 2010-11-11 11:26:42 -05:00
Nick Mathewson
d4e660ff68 Merge remote branch 'origin/maint-0.2.2' 2010-11-10 16:07:04 -05:00
Nick Mathewson
a4bf5b51e9 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2010-11-10 16:06:43 -05:00
Nick Mathewson
2a50dd9359 Enforce multiplicity rules when parsing annotations.
We would never actually enforce multiplicity rules when parsing
annotations, since the counts array never got entries added to it for
annotations in the token list that got added by earlier calls to
tokenize_string.

Found by piebeer.
2010-11-10 16:02:02 -05:00
Nick Mathewson
089137f011 Fix a bug where seting allow_annotations==0 only ignores annotations, but does not block them 2010-11-10 16:02:02 -05:00
Nick Mathewson
accc51b68c Bulletproof the routerlist manipulation functions to handle reinserting the same descriptor 2010-11-10 14:55:00 -05:00
Sebastian Hahn
5040c855d1 Break NoPublish support 2010-11-10 15:48:26 +01:00
Sebastian Hahn
556a1b9e45 Change Natd into NATD in our options.
Breaking this out of the last commit because this might be more
controversial.
2010-11-10 15:48:26 +01:00
Sebastian Hahn
b9cac605ab Synx manpage and source wrt option capitalization
We had a spelling discrepancy between the manpage and the source code
for some option. Resolve these in favor of the manpage, because it
makes more sense (for example, HTTP should be capitalized).
2010-11-10 15:48:26 +01:00
Sebastian Hahn
13a7e8bea3 Comment out the (unused) RunTesting option
The code that makes use of the RunTesting option is #if 0, so setting
this option has no effect. Mark the option as obsolete for now, so that
Tor doesn't list it as an available option erroneously.
2010-11-10 15:48:25 +01:00
Sebastian Hahn
40fd0c1ca1 Remove the torrc.complete file.
We haven't been keeping it up to date, and the manpage exists as a
replacement for users who want an overview of all available options.
2010-11-10 15:48:25 +01:00
Karsten Loesing
499661524b Turn on directory request statistics by default.
Change the default values for collecting directory request statistics and
inlcuding them in extra-info descriptors to 1.

Don't break if we are configured to collect directory request or entry
statistics and don't have a GeoIP database. Instead, print out a notice
and skip initializing the affected statistics code.
2010-11-10 12:11:08 +01:00
Nick Mathewson
d238d8386f Add a testing-only option to use bufferevent_openssl as a filter
We need filtering bufferevent_openssl so that we can wrap around
IOCP bufferevents on Windows.  This patch adds a temporary option to
turn on filtering mode, so that we can test it out on non-IOCP
systems to make sure it hasn't got any surprising bugs.

It also fixes some allocation/teardown errors in using
bufferevent_openssl as a filter.
2010-11-09 15:36:27 -05:00
Karsten Loesing
423c2a7a27 Add GeoIP file digest to extra-info descriptor. 2010-11-09 09:42:36 +01:00
Nick Mathewson
1fb342dfab Merge branch 'loggranularity' 2010-11-08 12:40:33 -05:00
Nick Mathewson
152c9cba65 Make LogTimeGranularity respect validate_only 2010-11-08 12:40:26 -05:00
Karsten Loesing
ed45bc198f Fix log granularity based on Nick's comments.
Instead of rejecting a value that doesn't divide into 1 second, round to
the nearest divisor of 1 second and warn.

Document that the option only controls the granularity written by Tor to a
file or console log. It does not (for example) "batch up" log messages to
affect times logged by a controller, times attached to syslog messages, or
the mtime fields on log files.
2010-11-08 17:38:59 +01:00
Roger Dingledine
d96c9cd00e Merge branch 'maint-0.2.2' 2010-11-06 17:42:37 -04:00
Roger Dingledine
70411a50b1 move to the november 1 maxmind geoip db 2010-11-06 17:41:36 -04:00
Nick Mathewson
114a371c0e Fix the assert in bug 1776
In the case where old_router == NULL but sdmap has an entry for the
router, we can currently safely infer that the old_router was not a
bridge.  Add an assert to ensure that this remains true, and fix the
logic not to die with the tor_assert(old_router) call.
2010-11-02 11:20:09 -04:00
Nick Mathewson
c109ffaef9 Fix bug in tor_parse_string when Address is given as a dotted quad.
Found by Ian Goldberg and Mashael AlSabah.

Bugfix on 0.2.3.0-alpha dev.
2010-11-01 15:52:43 -04:00
Nick Mathewson
da0912c00c Fix up comments in choose_good_entry_server. Spotted by Robert Ransom. 2010-10-29 15:55:39 -04:00
Nick Mathewson
ccec0a1bd3 Merge remote branch 'origin/maint-0.2.2' 2010-10-26 13:59:09 -04:00
Sebastian Hahn
f87c6f100d Remove delay to become HSDir in privnets 2010-10-26 18:37:57 +02:00
Sebastian Hahn
213139f887 Properly refcount client_identity_key
In a2bb0bf we started using a separate client identity key. When we are
in "public server mode" (that means not a bridge) we will use the same
key. Reusing the key without doing the proper refcounting leads to a
segfault on cleanup during shutdown. Fix that.

Also introduce an assert that triggers if our refcount falls below 0.
That should never happen.
2010-10-26 18:22:04 +02:00
Nick Mathewson
17fdde3d92 Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	src/common/tortls.c
2010-10-21 16:23:01 -04:00
Nick Mathewson
441241c136 Fix a whitespace error 2010-10-21 16:12:04 -04:00
Nick Mathewson
1587735c90 Merge branch 'bug988-nm' into maint-0.2.2 2010-10-21 16:11:02 -04:00
Nick Mathewson
03adb8caad Add some asserts to get_{tlsclient|server}_identity_key
We now require that:
  - Only actual servers should ever call get_server_identity_key
  - If you're being a client or bridge, the client and server keys should
    differ.
  - If you're being a public relay, the client and server keys
    should be the same.
2010-10-21 13:54:12 -04:00
Nick Mathewson
704076680a Rename get_client_identity_key to get_tlsclient_identity_key 2010-10-21 13:54:02 -04:00
Nick Mathewson
f3eb2a10ae Remove a ??? comment in node_get_by_nickname
Bug 1859 shows that the router_get_by_nickname behavior was wrong,
and the node_get_by_nickname is right.
2010-10-21 11:18:55 -04:00
Nick Mathewson
bd1a694221 Add a node_get_by_hex_id(). 2010-10-21 11:18:16 -04:00
Nick Mathewson
f32140238f Merge remote branch 'origin/maint-0.2.2' for bug 1859 patches
Some of this is already done in nodelist.
2010-10-21 11:17:34 -04:00
Nick Mathewson
5f3010667d Fix a remaining bug in Robert's bug1859 fix.
When intro->extend_info is created for an introduction point, it
only starts out with a nickname, not necessarily an identity digest.
Thus, doing router_get_by_digest isn't necessarily safe.
2010-10-21 11:09:35 -04:00
Nick Mathewson
0e8d1c2217 Merge remote branch 'hoganrobert/bug1859' into maint-0.2.2 2010-10-21 11:01:12 -04:00
Nick Mathewson
2c3dafc342 Merge remote branch 'origin/maint-0.2.2' 2010-10-21 10:52:12 -04:00
Nick Mathewson
ea7f4be6d2 Merge remote branch 'sebastian/relay_early_rend' into maint-0.2.2 2010-10-21 10:49:44 -04:00
Nick Mathewson
d17b9bf1a5 Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	src/or/networkstatus.c
2010-10-20 21:32:27 -04:00
Nick Mathewson
0ac9a3df6c Fix a logic error in 98aee84. Found by boboper 2010-10-20 14:40:09 -04:00
Nick Mathewson
444193ff5d Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	src/or/networkstatus.c
2010-10-20 13:53:11 -04:00
Nick Mathewson
2849a95691 Add a ! to directory_caches_dir_info() to fix a logic error
We want to fetch directory info more aggressively if we need it to
refuseunknownexits.  Thus, we'll want it if our exit policy is _NOT_
reject *.
2010-10-20 13:49:38 -04:00
Nick Mathewson
98aee8472f Fix a read of a freed pointer while in set_current_consensus
Found by rransom while working on issue #988.  Bugfix on
0.2.2.17-alpha.  Fixes bug 2097.
2010-10-20 13:10:20 -04:00
Sebastian Hahn
d3b67cba3c Send relay_early cells in rend circs
There are no relay left that run version 0.2.1.3 through 0.2.1.18, so
changing this behaviour should be safe now.
2010-10-18 07:46:51 +02:00
Robert Hogan
0acd5e6208 Issues with router_get_by_nickname()
https://trac.torproject.org/projects/tor/ticket/1859

Use router_get_by_digest() instead of router_get_by_hexdigest()
in circuit_discard_optional_exit_enclaves() and
rend_client_get_random_intro(), per Nick's comments.

Using router_get_by_digest() in rend_client_get_random_intro() will
break hidden services published by Tor versions pre 0.1.2.18 and
0.2.07-alpha as they only publish by nickname. This is acceptable
however as these versions only publish to authority tor26 and
don't work for versions in the 0.2.2.x series anyway.
2010-10-17 12:27:57 +01:00
Nick Mathewson
4dbd8ba008 clarify fmt_addr32 documentation to note that the address is in host-order 2010-10-15 18:04:07 -04:00
Nick Mathewson
441d90a8f9 Fix one-time memory leak when initializing libevent. Spotted by Sebastian 2010-10-15 17:14:04 -04:00
Nick Mathewson
a7cf788740 Merge branch 'bug1992_part1' 2010-10-15 17:08:18 -04:00
Nick Mathewson
b97da61b5a Tweak the fmt_addr32 code
Clarify documentation, rename a local, and fix a memory leak.
2010-10-15 17:07:27 -04:00
Nick Mathewson
d6bd2e55a6 Remove more unused code from routerlist.c 2010-10-15 14:25:52 -04:00
Nick Mathewson
e70cfbeb40 Remove an unused field from circ_buffer_stats_t 2010-10-15 14:25:36 -04:00
Nick Mathewson
2c51cd2b10 Make the predicted ports logic a little simpler.
Mainly, this comes from turning two lists that needed to be kept in
synch into a single list of structs.  This should save a little RAM,
and make the code simpler.
2010-10-15 14:02:55 -04:00
Nick Mathewson
96ab83d3b6 Improve accuracy of comment about aes_crypt performance
The old comment was from before I tried a huge pile of crazy stuff to
make the inner loop faster.  Short answer: GCC already knows how to
unroll loops pretty well.  Other short answer: we should have made the
relay payload size an even multiple of 4, 8, or ideally 16.
2010-10-15 13:44:25 -04:00
Nick Mathewson
006acf8b3f Fix a documention issue in circuitlist.c 2010-10-15 13:44:25 -04:00
Nick Mathewson
05274ba9b5 Kill comments saying to remove asserts once bug930 is solved.
It's okay to leave the asserts in: the code doesn't appear in profiles.
2010-10-15 13:44:25 -04:00
Roger Dingledine
aab6952887 fix another typo 2010-10-15 13:00:37 -04:00
Nick Mathewson
04231a2ebe Fix an apostrophe in a comment 2010-10-15 12:39:23 -04:00
Nick Mathewson
36c5476e70 Fold timestamp_created into highres_created
There's no reason to keep a time_t and a struct timeval to represent
the same value: highres_created.tv_sec was the same as timestamp_created.

This should save a few bytes per circuit.
2010-10-15 12:38:02 -04:00
Nick Mathewson
94a99ad205 Add a portable tor_timercmp
We can't use the platform timercmp, because
  1) some platforms don't have them
  2) some that do have them only support certain relational operators
2010-10-15 12:35:05 -04:00
Nick Mathewson
9516c1efdb Remove XXXs about improving buf_t API: bufferevents are the future 2010-10-15 11:38:33 -04:00
Nick Mathewson
59cba1767c Make the return value of tor_addr_sockaddr always be signed 2010-10-15 11:36:16 -04:00
Nick Mathewson
247ce5876a Remove "is this too slow?" XXXX comments for code not appearing in profiles 2010-10-15 11:21:33 -04:00
Nick Mathewson
a5289fa794 Remove the unused old fuzzy-time code 2010-10-15 11:16:42 -04:00
Nick Mathewson
adc4f678f1 Fix an xxx wrt picking libevent methods known-to-work
The short version is, "where we want to do it, we have nothing real to
chose from and we can't do it easily. Where it's easy to do, we have
no reason to do it yet."
2010-10-15 10:58:16 -04:00
Nick Mathewson
be13b5775a Remove an XXX in ntmain.c: a simple function call per loop is not so expensive. 2010-10-15 10:57:42 -04:00
Sebastian Hahn
9bed40eb10 Make check-spaces happy 2010-10-14 17:54:45 +02:00
Sebastian Hahn
4556f2e7c8 Rename router_get_by_digest()
We now call the function router_get_by_id_digest() to make clear that
we're talking about the identity digest here, not descriptor digest.
2010-10-14 17:49:51 +02:00
Nick Mathewson
376939c9ac Fix a few trivial bugs from the nodelist merge 2010-10-13 21:54:09 -04:00
Nick Mathewson
3af12a5557 Fix some XXXXs in connection_add_impl related to bufferevent error checking
This might make bufferevents more asserty for a while, but they should
make other bugs less likely to go unnoticed.

Noted by Sebastian.
2010-10-13 20:37:04 -04:00
Nick Mathewson
3d10c89201 Fix a couple users of buf_datalen that slipped in. Found by Sebastian 2010-10-13 20:36:34 -04:00
Nick Mathewson
44674369c5 Implement node_set_exit_policy_to_reject_all with a flag
Also remove some debugging code.
2010-10-13 20:30:40 -04:00
Nick Mathewson
3aec655694 Merge remote branch 'arma/bug1982_2'
Resolved a minor conflict in:
	src/or/circuitbuild.c
2010-10-13 16:07:37 -04:00
Nick Mathewson
8c837db38f Merge branch 'nodes' 2010-10-13 16:04:25 -04:00
Nick Mathewson
cbda016bc5 Send END cells on bufferevent tunneled directory conns
Our old code correctly called bufferevent_flush() on linked
connections to make sure that the other side got an EOF event... but
it didn't call bufferevent_flush() when the connection wasn't
hold_open_until_flushed.  Directory connections don't use
hold_open_until_flushed, so the linked exit connection never got an
EOF, so they never sent a RELAY_END cell to the client, and the
client never concluded that data had arrived.

The solution is to make the bufferevent_flush() code apply to _all_
closing linked conns whose partner is not already marked for close.
2010-10-13 15:05:06 -04:00
Robert Hogan
2d8f7a8391 Issues with router_get_by_nickname()
https://trac.torproject.org/projects/tor/ticket/1859

There are two problems in this bug:

1. When an OP makes a .exit request specifying itself as the exit, and the exit
   is not yet listed, Tor gets all the routerinfos needed for the circuit but
   discovers in circuit_is_acceptable() that its own routerinfo is not in the
   routerdigest list and cannot be used. Tor then gets locked in a cycle of
   repeating these two steps. When gathering the routerinfos for a circuit,
   specifically when the exit has been chosen by .exit notation, Tor needs to
   apply the same rules it uses later on when deciding if it can build a
   circuit with those routerinfos.

2. A different bug arises in the above situation when the Tor instance's
   routerinfo *is* listed in the routerlist, it shares its nickname with a
   number of other Tor nodes, and it does not have 'Named' rights to its
   nickname.
   So for example, if (i) there are five nodes named Bob in the network, (ii) I
   am running one of them but am flagged as 'Unnamed' because someone else
   claimed the 'Bob' nickname first, and (iii) I run my Tor as both client
   and exit the following can happen to me:
     - I go to www.evil.com
     - I click on a link www.evil.com.bob.exit
     - My request will exit through my own Tor node rather than the 'Named'
       node Bob or any of the others.
     - www.evil.com now knows I am actually browsing from the same computer
       that is running my 'Bob' node

So to solve both issues we need to ensure:

- When fulfilling a .exit request we only choose a routerinfo if it exists in
  the routerlist, even when that routerinfo is ours.
- When getting a router by nickname we only return our own router information
  if it is not going to be used for building a circuit.

We ensure this by removing the special treatment afforded our own router in
router_get_by_nickname(). This means the function will only return the
routerinfo of our own router if it is in the routerlist built from authority
info and has a unique nickname or is bound to a non-unique nickname.

There are some uses of router_get_by_nickname() where we are looking for the
router by name because of a configuration directive, specifically local
declaration of NodeFamilies and EntryNodes and other routers' declaration of
MyFamily. In these cases it is not at first clear if we need to continue
returning our own routerinfo even if our router is not listed and/or has a
non-unique nickname with the Unnamed flag.

The patch treats each of these cases as follows:

Other Routers' Declaration of MyFamily
 This happens in routerlist_add_family(). If another router declares our router
 in its family and our router has the Unnamed flag or is not in the routerlist
 yet, should we take advantage of the fact that we know our own routerinfo to
 add us in anyway? This patch says 'no, treat our own router just like any
 other'. This is a safe choice because it ensures our client has the same view
 of the network as other clients. We also have no good way of knowing if our
 router is Named or not independently of the authorities, so we have to rely on
 them in this.

Local declaration of NodeFamilies
 Again, we have no way of knowing if the declaration 'NodeFamilies
 Bob,Alice,Ringo' refers to our router Bob or the Named router Bob, so we have
to defer to the authorities and treat our own router like any other.

Local declaration of NodeFamilies
 Again, same as above. There's also no good reason we would want our client to
 choose it's own router as an entry guard if it does not meet the requirements
 expected of any other router on the network.

In order to reduce the possibility of error, the patch also replaces two
instances where we were using router_get_by_nickname() with calls to
router_get_by_hexdigest() where the identity digest of the router
is available.
2010-10-13 18:29:01 +01:00
Nick Mathewson
1c6649418d Revert accidentally-committed changes to routerlist.c
This reverts part of commit a0c1c2ac01.
2010-10-13 13:16:12 -04:00
Nick Mathewson
a0c1c2ac01 Use connection_mark_and_flush consistently. 2010-10-13 13:08:46 -04:00
Nick Mathewson
5710d99f00 Remember to re-install inbuf/outbuf callbacks on ssl bufferevents
If we don't, we will (among other bad things) never update
lastread/lastwritten, and so flood the network with keepalives.
2010-10-12 15:48:17 -04:00
Nick Mathewson
fbacbf9fd9 Set OpenSSL 0.9.8l renegotiation flag early enough for bufferevents
This seems to fix another case of bug2001.
2010-10-12 14:52:33 -04:00
Nick Mathewson
a9172c87be Actually call connection_tls_finish_handshake() with bufferevents
First start of a fix for bug2001, but my test network still isn't
working: the client and the server send each other VERSIONS cells,
but never notice that they got them.
2010-10-12 14:52:33 -04:00
Steven Murdoch
06eafb3fcc Fix running unit tests from outside of the build directory (fixes bug #2051)
Currently the unit tests test_util_spawn_background_* assume that they
are run from the Tor build directory. This is not the case when running
make distcheck, so the test will fail. This problem is fixed by autoconf
setting BUILDDIR to be the root of the Tor build directory, and this
preprocessor variable being used to specify the absolute path to
test-child. Also, in test-child, do not print out argv[0] because this will
no longer be predictable. Found by Sebastian Hahn.
2010-10-11 23:29:52 +01:00
Nick Mathewson
8ecb5abbe1 Add header for tor_tls_log_one_error 2010-10-11 13:26:57 -04:00
Nick Mathewson
4cfa6fbaca Log OpenSSL errors coming from bufferevent_openssl 2010-10-11 13:25:41 -04:00
Nick Mathewson
544a8afe5a Merge remote branch 'sjmurdoch/bug1903' 2010-10-11 11:01:15 -04:00
Steven Murdoch
f7338d3baa Skip running fgets_eagain test until we fix it 2010-10-11 15:56:14 +01:00
Nick Mathewson
8f76f31761 Make tor_sscanf handle %x 2010-10-11 10:50:47 -04:00
Steven Murdoch
8a12ce2cf9 Add a unit test for tor_spawn_background
- Test sucessfully starting a process
- Test failing to find the executable
2010-10-10 19:08:44 +01:00
Steven Murdoch
68e576e9f9 Update documentation for tor_spawn_background
- Include description of stdout_read, stderr_read, and argv
2010-10-10 19:08:44 +01:00
Steven Murdoch
8ee559bd63 Add a unit test for fgets (currently fails)
- For a non-blocking pipe, check that on EAGAIN fgets returns NULL
  rather than a partial line
2010-10-10 19:08:44 +01:00
Steven Murdoch
23e9f362a2 Fix issues in nickm's review of log_from_pipe for bug #1903
- Replace sscanf with tor_sscanf
- Replace use of strstr with equivalent call to strcmpstart
2010-10-10 19:08:44 +01:00
Steven Murdoch
4d694c7890 Fix nickm's comments on logging for bug #1903
- Use log_warn rather than log_err for bad but survivable events
2010-10-10 19:08:44 +01:00
Steven Murdoch
708ba8899f Note icky constructs mentioned in bug #1903
- To be dealt with as part of bug #2029
2010-10-10 19:07:40 +01:00
Nick Mathewson
9fe3cd0be3 Fix a crash bug when serving microdescs on a bufferevent. 2010-10-07 21:02:12 -04:00
Nick Mathewson
d0f1f9ce9e Remove a spurious .z from microdesc fetch URLs so they no logner end with .z.z 2010-10-07 20:41:15 -04:00
Nick Mathewson
c9dece14ae Add some missing documentation for things added in nodes branch 2010-10-07 17:10:06 -04:00
Nick Mathewson
5bab9fe79e Actually add test_microdesc.c file. 2010-10-07 16:27:01 -04:00
Nick Mathewson
1dffefc907 Add more documentation to microdesc.c, plus another assert. 2010-10-07 16:25:27 -04:00
Nick Mathewson
ab5b11fbb8 Add a more verbose log message to try to catch bug #2022. 2010-10-07 16:04:24 -04:00
Nick Mathewson
3061a036c8 Unit tests for microdescriptor cache
May help with tracking down bug #2022
2010-10-07 15:28:54 -04:00
Sebastian Hahn
34546e2573 Fix a compile warning on OSX 10.6 2010-10-07 06:31:08 +02:00
Robert Ransom
a2bb0bfdd5 Maintain separate server and client identity keys when appropriate.
Fixes a bug described in ticket #988.
2010-10-04 21:51:53 -07:00
Robert Ransom
17efbe031d Maintain separate server and client TLS contexts.
Fixes bug #988.
2010-10-04 21:51:47 -07:00
Nick Mathewson
99062c4003 Spotted another missing check 2010-10-05 00:39:01 -04:00