Commit Graph

3006 Commits

Author SHA1 Message Date
Nick Mathewson
59d0f750c9 Apply rate-limiting to the lowest bufferevent in the stack.
When we're doing filtering ssl bufferevents, we want the rate-limits
to apply to the lowest level of the bufferevent stack, so that we're
actually limiting bytes sent on the network. Otherwise, we'll read
from the network aggressively, and only limit stuff as we process it.
2011-08-24 17:31:32 -04:00
Nick Mathewson
ede9cd4f99 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-08-24 13:53:17 -04:00
Gisle Vanem
5939c09d35 lround() missing in MSVC
lround() is missing in MS Visual-C's <math.h>. Not available anywhere.
Here is an easy patch.
2011-08-24 13:52:44 -04:00
Nick Mathewson
d3653063d3 Automatically use filtering bufferevents with IOCP. 2011-08-18 15:16:05 -04:00
Nick Mathewson
52e36feda1 Call evthread_use_windows_threads when running with IOCP on windows 2011-08-17 14:44:16 -04:00
Nick Mathewson
d2cd67c83f Use evbuffer_copyout() in inspect_evbuffer(). 2011-08-17 13:09:05 -04:00
Nick Mathewson
8932919366 Bufferevents now requires Libevent 2.0.13-stable.
(Earlier Libevent versions have bufferevent bugs that affect us, and
are missing some APIs that it would be handy to use.)
2011-08-17 12:53:50 -04:00
Nick Mathewson
06be6105e4 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/config.c
2011-08-17 12:00:44 -04:00
Nick Mathewson
d79d648edc Don't write ControlPorts to disk till after we setuid and make datadir
Fix for bug 3747; bugfix on 0.2.2.26-beta.
2011-08-17 11:22:16 -04:00
Nick Mathewson
aeb27526f8 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-08-15 10:54:55 -04:00
Robert Ransom
03f6ee8c5f Remove extra quotation marks around the result of esc_for_log 2011-08-15 10:54:19 -04:00
Sebastian Hahn
f137ae896e Don't warn on http connection to my orport
Also remove a few other related warnings that could occur during the ssl
handshake. We do this because the relay operator can't do anything about
them, and they aren't their fault.
2011-08-11 20:37:51 +02:00
Sebastian Hahn
cd44145c5b Merge branch 'bug3643' 2011-08-11 07:56:38 +02:00
Sebastian Hahn
92bea30e28 Ignore deprecation warnings on OS X
Starting with Lion, Apple decided to deprecate the system openssl. We
can start requiring users to install their own openssl once OS X doesn't
ship with it anymore.
2011-08-10 23:12:09 +02:00
Nick Mathewson
b76f46c6d8 Merge branch 'bug1692-squashed' 2011-08-10 15:04:36 -04:00
Kamran Riaz Khan
3b85fe8a5d Add changes file. 2011-08-09 03:02:40 +05:00
Nick Mathewson
10d9bcb2a2 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-08-08 17:21:39 -04:00
Nick Mathewson
f570470830 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-08-08 17:21:21 -04:00
Karsten Loesing
c75ee94ab4 Update to the August 2011 GeoIP database. 2011-08-08 16:57:01 +02:00
Nick Mathewson
a72b1815e8 Merge remote-tracking branch 'public/bug3550' 2011-08-08 10:05:41 -04:00
Karsten Loesing
a6a127c833 Replace files in stats/ rather than appending to them.
Right now, we append statistics to files in the stats/ directory for
half of the statistics, whereas we overwrite these files for the other
half. In particular, we append buffer, dirreq, and entry stats and
overwrite exit, connection, and bridge stats.

Appending to files was useful when we didn't include stats in extra-info
descriptors, because otherwise we'd have to copy them away to prevent
Tor from overwriting them.

But now that we include statistics in extra-info descriptors, it makes
no sense to keep the old statistics forever. We should change the
behavior to overwriting instead of appending for all statistics.

Implements #2930.
2011-08-04 20:57:29 +02:00
Nick Mathewson
e5e7b6d718 Make --quiet and --hush apply to default logs, not only initial logs
Fixes bug 3550; bugfix on 0.2.0.10-alpha (where --quiet was introduced).
2011-08-04 14:23:51 -04:00
Nick Mathewson
e802199cb3 Initial patch to build Tor with msvc and nmake
We'll still need to tweak it so that it looks for includes and
libraries somewhere more sensible than "where we happened to find
them on Erinn's system"; so that tests and tools get built too;
so that it's a bit documented; and so that we actually try running
the output.

Work done with Erinn Clark.
2011-08-01 12:36:59 -04:00
Nick Mathewson
6e923ed8cd Add an OptimisticData option to control client-side optimistic data 2011-07-20 14:14:21 -04:00
Nick Mathewson
1d7beea2ab Merge remote-tracking branch 'origin/maint-0.2.2' 2011-07-20 13:17:59 -04:00
Nick Mathewson
718252b253 Check return value in fmt_addr
Previously, if tor_addr_to_str() returned NULL, we would reuse the
last value returned by fmt_addr().  (This could happen if we were
erroneously asked to format an AF_UNSPEC address.)  Now instead we
return "???".
2011-07-20 13:17:48 -04:00
Nick Mathewson
0118d98b13 Add changes file for optimistic client behavior 2011-07-20 10:44:28 -04:00
Nick Mathewson
195bcb6150 Merge remote-tracking branch 'public/prop171_v2' 2011-07-19 20:43:28 -04:00
Nick Mathewson
553ae5dfb5 Fix spurious warning in bufferevent socks parsing
The problem was that we weren't initializing want_length to 0 before
calling parse_socks() the first time, so it looked like we were
risking an infinite loop when in fact we were safe.

Fixes 3615; bugfix on 0.2.3.2-alpha.
2011-07-19 20:40:15 -04:00
Nick Mathewson
c2d3da6303 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-07-19 12:59:10 -04:00
Nick Mathewson
3e3aac5fd5 Untangle first sentence of changes/bug3607 2011-07-19 11:14:01 -04:00
Robert Ransom
f021df5824 Specify text or binary mode in every start_writing_to_stdio_file call 2011-07-19 11:11:34 -04:00
Nick Mathewson
773bfaf91e Implement stream isolation
This is the meat of proposal 171: we change circuit_is_acceptable()
to require that the connection is compatible with every connection
that has been linked to the circuit; we update circuit_is_better to
prefer attaching streams to circuits in the way that decreases the
circuits' usefulness the least; and we update link_apconn_to_circ()
to do the appropriate bookkeeping.
2011-07-19 01:58:45 -04:00
Nick Mathewson
ddc65e2b33 Parse prop171 options; refactor listener/port option code
Proposal 171 gives us a new syntax for parsing client port options.
You can now have as many FooPort options as you want (for Foo in
Socks, Trans, DNS, NATD), and they can have address:port arguments,
and you can specify the level of isolation on those ports.

Additionally, this patch refactors the client port parsing logic to
use a new type, port_cfg_t.  Previously, ports to be bound were
half-parsed in config.c, and later re-parsed in connection.c when
we're about to bind them.  Now, parsing a port means converting it
into a port_cfg_t, and binding it uses only a port_cfg_t, without
needing to parse the user-provided strings at all.

We should do a related refactoring on other port types.  For
control ports, that'll be easy enough.  For ORPort and DirPort,
we'll want to do this when we solve proposal 118 (letting servers
bind to and advertise multiple ports).

This implements tickets 3514 and 3515.
2011-07-19 01:58:43 -04:00
Nick Mathewson
2163e420b2 Merge remote-tracking branch 'public/bug3560' 2011-07-18 17:57:06 -04:00
Roger Dingledine
25ad13ed9c start folding in the 0.2.3.2-alpha changelog entries 2011-07-18 13:18:46 -04:00
Nick Mathewson
be5aa47b55 Remove changes files already merged in 0.2.2.30-rc 2011-07-18 12:43:16 -04:00
Nick Mathewson
b8943461c0 Fix bug in upload/download of hsdesc with microdescs
Previously we were using router_get_by_id(foo) to test "do we have a
descriptor that will let us make an anonymous circuit to foo".  But
that isn't right for microdescs: we should have been using node_t.

Fixes bug 3601; bugfix on 0.2.3.1-alpha.
2011-07-15 18:55:12 -04:00
Nick Mathewson
f40df02f3e Treat null address as "unknown", not "rejected" in md policy
Previously, we had an issue where we'd treat an unknown address as
0, which turned into "0.0.0.0", which looked like a rejected
address.  This meant in practice that as soon as we started doing
comparisons of unknown uint32 addresses to short policies, we'd get
'rejected' right away.  Because of the circumstances under which
this would be called, it would only happen when we had local DNS
cached entries and we were looking to launch new circuits.
2011-07-15 13:04:06 -04:00
Nick Mathewson
44cfa53873 Make WIN32_WINNT defines conditional
Requested by Gisle Vanem on tor-dev.  I'm not quite sure this is the
right solution, but it's probably harmless.
2011-07-15 10:03:59 -04:00
Nick Mathewson
852b131281 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/control.c
2011-07-14 17:22:23 -04:00
Nick Mathewson
866a2828bd Merge branch 'bug3577' into maint-0.2.2 2011-07-14 17:20:01 -04:00
Nick Mathewson
642cff5bca Only download microdesc consensus from caches that support it
Bugfix on 0.2.3.1-alpha; found by arma; never got a bug number.
2011-07-14 14:19:18 -04:00
Nick Mathewson
5000e59b5f Change GETINFO fingerprint to look at server_mode, not my_descriptor
It's possible for us to be a server and have a fingerprint without
having yet generated a descriptor.

Fixes bug 3577; bugfix on 0.2.0.1-alpha
2011-07-13 12:45:18 -04:00
Nick Mathewson
1aab5b6b39 Merge remote-tracking branch 'public/bug1666'
Conflicts:
	doc/spec/socks-extensions.txt
	src/or/buffers.c
	src/or/config.c
	src/or/connection_edge.c
2011-07-13 12:12:16 -04:00
Nick Mathewson
597da4989e Merge branch 'bug2798' 2011-07-11 17:04:21 -04:00
Nick Mathewson
d82384658d Tweaks to bug2798 based on comments by arma 2011-07-11 17:02:03 -04:00
Nick Mathewson
b49e561f01 Turn on microdescriptors for clients 2011-07-11 16:54:43 -04:00
Nick Mathewson
b55e31aeb4 Merge remote-tracking branch 'rransom-tor/bug3427' 2011-07-11 16:32:58 -04:00
Nick Mathewson
b0de8560f6 Report the states of failed TLS connections from bootstrap_problem 2011-07-11 16:13:17 -04:00
Nick Mathewson
a2ad31a92b Split connection_about_to_close_connection into separate functions
This patch does NOTHING but:
  - move code
  - add declarations and includes as needed to make the new code
    work
  - declare the new functions.
2011-07-11 16:13:16 -04:00
Nick Mathewson
a21c4c657a typo in feature2841; spotted by asn 2011-07-11 16:12:35 -04:00
Nick Mathewson
f4ed42eadf Changes file for feature2841. 2011-07-11 16:01:45 -04:00
Nick Mathewson
2797fd8f68 Revise code for adding EntryNodes to guards.
Previously, we'd just take all the nodes in EntryNodes, see which
ones were already in the guard list, and add the ones that weren't.
There were some problems there, though:

   * We'd add _every_ entry in EntryNodes, and add them in the order
     they appeared in the routerlist.  This wasn't a problem
     until we added the ability to give country-code or IP-range
     entries in the EntryNodes set, but now that we did, it is.

     (Fix: We now shuffle the entry nodes before adding them; only
     add up to 10*NumEntryGuards)

   * We didn't screen EntryNodes for the Guard flag.  That's okay
     if the user has specified two or three entry nodes manually,
     but if they have listed a whole subcontinent, we should
     restrict ourselves to the entries that are currently guards.

     (Fix: separate out the new guard from the new non-guard nodes,
     and add the Guards first.)

   * We'd prepend new EntryNodes _before_ the already configured
     EntryNodes.  This could lead to churn.

     (Fix: don't prepend these.)

This patch also pre-screens EntryNodes entries for
reachableaddresses/excludenodes, even though we check for that
later.  This is important now, since we cap the number of entries
we'll add.
2011-07-11 10:58:07 -04:00
Nick Mathewson
60832766ac Look at the right consensus in router_add_to_routerlist()
Just looking at the "latest" consensus could give us a microdesc
consensus, if microdescs were enabled. That would make us decide
that every routerdesc was unlisted in the latest consensus and drop
them all: Ouch.

Fixes bug 3113; bugfix on 0.2.3.1-alpha.
2011-07-11 10:02:24 -04:00
Roger Dingledine
aeb117f62c Merge branch 'maint-0.2.2' 2011-07-07 13:31:08 -04:00
Roger Dingledine
8e3830352f Merge branch 'maint-0.2.1' into maint-0.2.2 2011-07-07 13:29:02 -04:00
Roger Dingledine
51d6e95023 update to the july 2011 geoip db 2011-07-07 13:28:36 -04:00
Nick Mathewson
174cbff8cf Merge remote-tracking branch 'public/bug3153'
Conflicts:
	src/or/nodelist.c
2011-07-07 11:14:04 -04:00
Nick Mathewson
6b670d6032 Merge branch 'bug3263' 2011-07-07 11:08:03 -04:00
Nick Mathewson
586d0abe59 oops; wrong bug number. 2011-07-07 11:02:00 -04:00
Nick Mathewson
57822cbbbe Avoid double-free in bufferevent read/write cbs
Fixes bug 3404; bugfix on 0.2.3.1-alpha.
2011-07-07 11:00:21 -04:00
Nick Mathewson
f883ec09b5 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-07-07 09:56:01 -04:00
Sebastian Hahn
3ab09763ce Correctly send a SUCCEEDED event for rdns requests
The issue was that we overlooked the possibility of reverse DNS success
at the end of connection_ap_handshake_socks_resolved(). Issue discovered
by katmagic, thanks!
2011-07-07 05:38:38 +02:00
Nick Mathewson
0be2934186 Merge remote-tracking branch 'rransom-tor/bug3465-023-v2' 2011-07-05 16:01:07 -04:00
Nick Mathewson
335ff915c7 Merge remote-tracking branch 'rransom-tor/bug3465-022' into maint-0.2.2 2011-07-05 15:52:11 -04:00
Nick Mathewson
e273890b10 Merge branch 'cov217_master' 2011-07-01 12:57:21 -04:00
Nick Mathewson
734e860d98 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-07-01 12:56:40 -04:00
Nick Mathewson
5cf725e3c6 Merge branch 'cid30_changelog' into maint-0.2.2 2011-07-01 12:55:27 -04:00
Nick Mathewson
2ba19f9b4a Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-07-01 12:55:23 -04:00
Nick Mathewson
021cf3f052 Merge branches 'cov217_021' and 'cid_450' into maint-0.2.1 2011-07-01 12:54:51 -04:00
Nick Mathewson
959da6b7f2 Use strlcpy in create_unix_sockaddr()
Using strncpy meant that if listenaddress were ever >=
sizeof(sockaddr_un.sun_path), we would fail to nul-terminate
sun_path.  This isn't a big deal: we never read sun_path, and the
kernel is smart enough to reject the sockaddr_un if it isn't
nul-terminated.  Nonetheless, it's a dumb failure mode.  Instead, we
should reject addresses that don't fit in sockaddr_un.sun_path.

Coverity found this; it's CID 428.  Bugfix on 0.2.0.3-alpha.
2011-07-01 12:54:24 -04:00
Nick Mathewson
359a30d52e Add a changelog entry for cid30 fix. 2011-07-01 12:46:26 -04:00
Nick Mathewson
d25feadebb Fix insanely large stack_allocation in log_credential_status
I'm not one to insist on C's miserly stack limits, but allocating a
256K array on the stack is too much even for me.

Bugfix on 0.2.1.7-alpha.  Found by coverity.  Fixes CID # 450.
2011-07-01 12:38:05 -04:00
Nick Mathewson
a0ae80788c Replace 4 more sscanf()s with tor_sscanf()
For some inexplicable reason, Coverity departs from its usual
standards of avoiding false positives here, and warns about all
sscanf usage, even when the formatting strings are totally safe.

Addresses CID # 447, 446.
2011-07-01 11:26:30 -04:00
Robert Ransom
ca6efcf507 Make handle_control_setevents table-driven 2011-06-25 17:45:33 -07:00
Robert Ransom
c780bc4d0b Merge branch 'bug3465-022' into bug3465-023
* bug3465-022:
  Add BUILDTIMEOUT_SET to the result of GETINFO events/names
  Correct a comment
  Fix minor comment issues
2011-06-25 15:04:07 -07:00
Robert Ransom
93d52f6739 Add BUILDTIMEOUT_SET to the result of GETINFO events/names 2011-06-25 15:02:11 -07:00
Nick Mathewson
64a5a4177f Merge branch 'bug3367' 2011-06-21 11:32:52 -04:00
Nick Mathewson
4186b1362b Merge remote-tracking branch 'public/bug3264' 2011-06-21 10:28:25 -04:00
Nick Mathewson
e617a34d58 Add, use a bufferevent-safe connection_flush()
A couple of places in control.c were using connection_handle_write()
to flush important stuff (the response to a SIGNAL command, an
ERR-level status event) before Tor went down.  But
connection_handle_write() isn't meaningful for bufferevents, so we'd
crash.

This patch adds a new connection_flush() that works for all connection
backends, and makes control.c use that instead.

Fix for bug 3367; bugfix on 0.2.3.1-alpha.
2011-06-21 10:22:54 -04:00
Jacob Appelbaum
8b0d9452ca Fix tor-fw-helper-natpmp.c API usage
libnatpmp-20110618 changed the API that tor-fw-helper used and for a time
tor-fw-helper could not build against the newest libnatpmp. This patch brings
support for libnatpmp to tor-fw-helper.
2011-06-20 20:01:46 -04:00
Nick Mathewson
410e440a8d Log SSL state changes at LOG_DEBUG, LD_HANDSHAKE.
This can be slightly useful for debugging blocking events.

Addresses ticket 3116; based on loud_ssl_states branch.
2011-06-20 17:45:12 -04:00
intrigeri
8b265543eb Add port 6523 (Gobby) to LongLivedPorts. 2011-06-20 12:08:46 -04:00
Nick Mathewson
a046966baf Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/config.c
	src/or/or.h
2011-06-19 21:00:15 -04:00
Nick Mathewson
8e5dfe42a0 Tweak bug2355_revert at suggestion from Roger 2011-06-19 20:58:46 -04:00
Robert Ransom
eeedc5c13c Put hashes of all tor source files into or_sha1.i 2011-06-18 00:54:04 -07:00
Nick Mathewson
1811bef666 Add changes file for bug2355 revert 2011-06-17 16:54:31 -04:00
Nick Mathewson
42d6f34590 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-06-17 15:25:18 -04:00
Nick Mathewson
85d4c290d7 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-06-17 15:24:23 -04:00
Robert Ransom
010b8dd4f6 Abandon rendezvous circuits on SIGNAL NEWNYM 2011-06-17 15:22:23 -04:00
Nick Mathewson
31b9b1a5bb Merge remote-tracking branch 'origin/maint-0.2.2' 2011-06-17 15:04:29 -04:00
Nick Mathewson
209229f100 Merge branch 'bug3407' into maint-0.2.2 2011-06-17 14:59:39 -04:00
Robert Ransom
227896e447 Make send_control_event_impl's behaviour sane 2011-06-17 13:57:25 -04:00
Robert Ransom
68cd0a9abe Make connection_printf_to_buf's behaviour sane 2011-06-17 13:57:25 -04:00
Nick Mathewson
a857f61e27 Merge remote-tracking branch 'rransom-tor/bug3332-v2' 2011-06-15 11:33:40 -04:00
Robert Ransom
44eafa9697 Assert that HS operations are not performed using single-hop circuits
(with fixes by Nick Mathewson to unbreak the build)
2011-06-14 21:32:49 -07:00
Nick Mathewson
875a551409 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-06-14 13:46:46 -04:00
Nick Mathewson
a25c0a5bf8 Merge remote-tracking branch 'public/bug3369' into maint-0.2.2 2011-06-14 13:46:10 -04:00
Nick Mathewson
e70e8367c9 Add changes file for bug3393 2011-06-14 13:45:12 -04:00
Nick Mathewson
19febed9e5 Merge remote-tracking branch 'rransom-tor/bug3349' 2011-06-14 13:39:26 -04:00
Nick Mathewson
8839b86085 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-06-14 12:25:33 -04:00
Nick Mathewson
e470f6a886 changelog entry for bug3369 2011-06-13 13:42:00 -04:00
Sebastian Hahn
910dadd6ea Ensure the release tarball contains all manpages
Thanks to Nick for the idea for the fix.
2011-06-12 13:58:53 +02:00
Nick Mathewson
ecc9a364c2 fix typo in changes/coverity_master spotted by rransom 2011-06-10 16:40:47 -04:00
Nick Mathewson
b2e7c356db Prefer tt_assert in unit tests, not tor_assert 2011-06-08 20:33:53 -04:00
Nick Mathewson
2fd5603057 tweak coverity_master changes file 2011-06-08 20:29:10 -04:00
Sebastian Hahn
8283767365 Fix a memleak in nodelist_assert_ok() 2011-06-08 21:38:42 +02:00
Sebastian Hahn
f303274490 Fix a rare memleak during stats writing
If rep_hist_buffer_stats_write() was called unitinitalized, we'd leak
memory.
2011-06-08 21:35:26 +02:00
Sebastian Hahn
680646e0de Don't use signed 1-bit bitfields
This was harmless, we never compared it to anything but itself or 0.
But Coverity complained, and it had a point.
2011-06-08 21:30:41 +02:00
Sebastian Hahn
e6fff7235e Remove a few dead assignments during router parsing 2011-06-08 21:30:40 +02:00
Sebastian Hahn
3033f8459b Remove a dead variable in the heartbeat code 2011-06-08 21:11:42 +02:00
Sebastian Hahn
ff75e8b02d Check some more return values in unit tests 2011-06-08 21:08:56 +02:00
Sebastian Hahn
db7dd3ee7a remove some dead code, found by coverity 2011-06-08 21:07:54 +02:00
Sebastian Hahn
3bf808c341 Fix a minor coverity-found bug in tests 2011-06-08 20:00:47 +02:00
Nick Mathewson
d696bd1bfc Fix crash bug (3361) when setting off-flavor networkstatus
When we set a networkstatus in the non-preferred flavor, we'd check
the time in the current_consensus.  But that might have been NULL,
which could produce a crash as seen in bug 3361.
2011-06-07 14:46:28 -04:00
Nick Mathewson
8cd5a3c186 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-06-06 16:20:22 -04:00
Nick Mathewson
9e3fc5f616 Merge branch 'bug3306_nm_squashed' into maint-0.2.2 2011-06-06 16:18:24 -04:00
Nick Mathewson
42e4e156d9 Detect insanely large circuit build state; don't give its length to rand_int 2011-06-06 16:18:06 -04:00
Nick Mathewson
5afab5ca19 Check maximum properly in crypto_rand_int()
George Kadianakis notes that if you give crypto_rand_int() a value
above INT_MAX, it can return a negative number, which is not what
the documentation would imply.

The simple solution is to assert that the input is in [1,INT_MAX+1].
If in the future we need a random-value function that can return
values up to UINT_MAX, we can add one.

Fixes bug 3306; bugfix on 0.2.2pre14.
2011-06-06 16:18:06 -04:00
Roger Dingledine
96da10aace Merge branch 'maint-0.2.2' 2011-06-05 11:14:28 -04:00
Roger Dingledine
83e3975c8b Merge branch 'maint-0.2.1' into maint-0.2.2 2011-06-05 11:13:50 -04:00
Roger Dingledine
bf4b819aae move to the june 1 2011 maxmind geoip db 2011-06-05 11:12:28 -04:00
Robert Ransom
8a69cc0468 Report SIGNAL event to controllers when acting on delayed NEWNYM
Fixes bug 3349.
2011-06-05 05:43:27 -07:00
Robert Ransom
f45261cb29 Increase default required uptime for HSDirs to 25 hours 2011-06-03 12:17:53 -04:00
Robert Ransom
1546054d81 Add a VoteOnHidServDirectoriesV2 configuration option 2011-06-03 12:16:55 -04:00
Nick Mathewson
12f9c91c06 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-06-03 11:36:21 -04:00
Nick Mathewson
7aa20b20bf Merge branch 'bug3318c' into maint-0.2.2 2011-06-03 11:34:32 -04:00
Nick Mathewson
bbf2fee8ff Reject 128-byte keys that are not 1024-bit
When we added the check for key size, we required that the keys be
128 bytes.  But RSA_size (which defers to BN_num_bytes) will return
128 for keys of length 1017..1024.  This patch adds a new
crypto_pk_num_bits() that returns the actual number of significant
bits in the modulus, and uses that to enforce key sizes.

Also, credit the original bug3318 in the changes file.
2011-06-03 11:31:19 -04:00
Nick Mathewson
50e4c98a5a Merge remote-tracking branch 'origin/maint-0.2.2' 2011-06-03 11:18:03 -04:00
Nick Mathewson
de069f5ea7 Merge remote-tracking branch 'rransom/bug2748-v2' into maint-0.2.2 2011-06-03 11:16:48 -04:00
Nick Mathewson
13ec1bf5c2 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-06-03 10:47:35 -04:00
Nick Mathewson
b79d50dfcc Changes file for bug2355. 2011-06-02 15:11:21 -04:00
Nick Mathewson
587cc31140 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/rendclient.c
2011-06-02 15:07:08 -04:00
Nick Mathewson
80038b5453 Merge remote-tracking branch 'rransom-tor/bug3309' into maint-0.2.2 2011-06-02 15:06:04 -04:00
Nick Mathewson
6a320b9905 Merge remote-tracking branch 'origin/maint-0.2.2'
This merge was a bit nontrivial, since I had to write a new
node_is_a_configured_bridge to parallel router_is_a_configured_bridge.

Conflicts:
	src/or/circuitbuild.c
2011-06-02 13:05:00 -04:00
Nick Mathewson
385c59798a Merge remote-tracking branch 'arma/bug3321' into maint-0.2.2 2011-06-02 12:55:56 -04:00
Robert Ransom
fc4158dad7 Add info-level log messages during HS-client-state purge
I hope these will never be useful, but having them and not needing them is
better than needing them and not having them.
2011-06-02 03:07:09 -07:00
Robert Ransom
b0e7925c02 Clear last_hid_serv_requests on SIGNAL NEWNYM
Fixes bug #3309.
2011-06-02 02:52:40 -07:00
Jacob Appelbaum
f79a75f597 New configuration option: DisableDebuggerAttachment
If set to 1, Tor will attempt to prevent basic debugging
attachment attempts by other processes. (Default: 1)

Supports Mac OS X and Gnu/Linux.

Sebastian provided useful feedback and refactoring suggestions.

Signed-off-by: Jacob Appelbaum <jacob@appelbaum.net>
2011-06-01 17:35:43 -07:00
Nick Mathewson
a610ebc3a6 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-06-01 11:08:28 -04:00
Nick Mathewson
0fd3ad75da Report wrong key sizes correctly
When we introduced NEED_KEY_1024 in routerparse.c back in
0.2.0.1-alpha, I forgot to add a *8 when logging the length of a
bad-length key.

Bugfix for 3318 on 0.2.0.1-alpha.
2011-06-01 11:07:17 -04:00
Roger Dingledine
7039c34519 fix a bridge edge case similar to 2511
If you had configured a bridge but then switched to a different bridge
via the controller, you would still be willing to use the old one.
2011-05-31 20:43:55 -04:00
Nick Mathewson
d0e7c545ba Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-30 16:14:45 -04:00
Nick Mathewson
e035cea031 Merge branch 'bug3216_v2' into maint-0.2.2 2011-05-30 16:12:53 -04:00
Nick Mathewson
d274f539e5 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-30 15:51:46 -04:00
Sebastian Hahn
ca538290af Warn when two hs use the same directory
This simple implementation has a few issues, but it should do for
0.2.2.x. We will want to revisit this later and make it smarter.
2011-05-30 15:47:06 -04:00
Nick Mathewson
fa1d47293b Merge remote-tracking branch 'origin/maint-0.2.2'
The conflicts were mainly caused by the routerinfo->node transition.

Conflicts:
	src/or/circuitbuild.c
	src/or/command.c
	src/or/connection_edge.c
	src/or/directory.c
	src/or/dirserv.c
	src/or/relay.c
	src/or/rendservice.c
	src/or/routerlist.c
2011-05-30 15:41:46 -04:00
Nick Mathewson
7e67a24038 Merge branch 'bug3045' into maint-0.2.2
Conflicts:
	src/or/circuitbuild.c
2011-05-30 15:18:59 -04:00
Nick Mathewson
21de9d46e2 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/common/compat.c
	src/or/main.c
2011-05-30 14:58:26 -04:00
Nick Mathewson
da7c60dcf3 Merge remote-tracking branch 'public/bug3270' into maint-0.2.2 2011-05-30 14:49:49 -04:00
Nick Mathewson
5dc3c462dc Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-30 12:43:25 -04:00
Nick Mathewson
f08f0e9dde Reinit keys at the start of options_act().
Previously we did this nearer to the end (in the old_options &&
transition_affects_workers() block).  But other stuff cares about
keys being consistent with options... particularly anything which
tries to access a key, which can die in assert_identity_keys_ok().

Fixes bug 3228; bugfix on 0.2.2.18-alpha.
2011-05-30 12:41:46 -04:00
Nick Mathewson
4b57ec6e5e Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/circuituse.c
2011-05-30 12:33:54 -04:00
Robert Ransom
8fc02a8e0c Use the normal four-hop CBT for client intro circuits
Fixes another part of bug 1297.
2011-05-30 12:24:51 -04:00
Robert Ransom
112d204fad Set timestamp_dirty on HS circuits as circuit_expire_building requires
Fixes part of #1297; bugfix on 48e0228f1e,
when circuit_expire_building was changed to assume that timestamp_dirty
was set when a circuit changed purpose to _C_REND_READY.  (It wasn't.)
2011-05-30 12:24:51 -04:00
Nick Mathewson
e676db656d Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-28 02:13:25 -04:00
Nick Mathewson
1f18b5a5d5 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-05-28 02:13:14 -04:00
Nick Mathewson
f43aceb0f1 Fix typo in changes/bug2574. Thanks, rransom 2011-05-28 02:13:04 -04:00
Nick Mathewson
285cf998bc Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/eventdns.c
2011-05-28 02:09:48 -04:00
Nick Mathewson
c319949550 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-05-28 02:08:39 -04:00
Nick Mathewson
ee72557d52 Merge branch 'bug2574' into maint-0.2.1 2011-05-28 02:07:48 -04:00
Nick Mathewson
42b15a0aaa Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-28 01:55:34 -04:00
Nick Mathewson
95ac3ea594 Don't build descriptors if ORPort auto is set and we have no OR listener
This situation can happen easily if you set 'ORPort auto' and
'AccountingMax'.  Doing so means that when you have no ORPort, you
won't be able to set an ORPort in a descriptor, so instead you would
just generate lots of invalid descriptors, freaking out all the time.

Possible fix for 3216; fix on 0.2.2.26-beta.
2011-05-24 21:12:23 +02:00
Nick Mathewson
be76850995 Work correctly if your nameserver is ::1
We had all the code in place to handle this right... except that we
were unconditionally opening a PF_INET socket instead of looking at
sa_family.  Ow.

Fixes bug 2574; not a bugfix on any particular version, since this
never worked before.
2011-05-23 17:42:38 -04:00
Nick Mathewson
a5232e0c4c Fix GCC 4.6's new -Wunused-but-set-variable warnings.
Most instances were dead code; for those, I removed the assignments.
Some were pieces of info we don't currently plan to use, but which
we might in the future.  For those, I added an explicit cast-to-void
to indicate that we know that the thing's unused.  Finally, one was
a case where we were testing the wrong variable in a unit test.
That one I fixed.

This resolves bug 3208.
2011-05-23 17:04:38 -04:00
Nick Mathewson
57810c333a Remove the -F option from tor-resolve.
It used to mean "Force": it would tell tor-resolve to ask tor to
resolve an address even if it ended with .onion.  But when
AutomapHostsOnResolve was added, automatically refusing to resolve
.onion hosts stopped making sense.  So in 0.2.1.16-rc (commit
298dc95dfd), we made tor-resolve happy to resolve anything.

The -F option stayed in, though, even though it didn't do anything.
Oddly, it never got documented.

Found while fixing GCC 4.6 "set, unused variable" warnings.
2011-05-23 16:59:41 -04:00
Nick Mathewson
2527acb2dc Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/common/Makefile.am
	src/or/control.c
2011-05-23 01:23:53 -04:00
Nick Mathewson
b80a8bba19 Merge branch 'feature3049-v2' into maint-0.2.2
Conflicts:
	src/common/Makefile.am
2011-05-23 01:19:04 -04:00
Nick Mathewson
cfeafe5e77 Use a 64-bit type to hold sockets on win64.
On win64, sockets are of type UINT_PTR; on win32 they're u_int;
elsewhere they're int.  The correct windows way to check a socket for
being set is to compare it with INVALID_SOCKET; elsewhere you see if
it is negative.

On Libevent 2, all callbacks take sockets as evutil_socket_t; we've
been passing them int.

This patch should fix compilation and correctness when built for
64-bit windows.  Fixes bug 3270.
2011-05-23 00:17:48 -04:00
Roger Dingledine
af0e8d834e don't mark our descriptor dirty if our onion key hasn't changed 2011-05-21 19:23:27 -04:00
Roger Dingledine
cb7fff193e Merge branch 'maint-0.2.2' 2011-05-21 18:14:16 -04:00
Sebastian Hahn
3ff7925a70 Don't recreate descriptor on sighup
We used to regenerate our descriptor whenever we'd get a sighup. This
was caused by a bug in options_transition_affects_workers() that would
return true even if the options were exactly the same. Down the call
path we'd call init_keys(), which made us make a new descriptor which
the authorities would reject, and the node would subsequently fall out
of the consensus.

This patch fixes only the first part of this bug:
options_transition_affects_workers() behaves correctly now. The second
part still wants a fix.
2011-05-21 16:08:21 -04:00
Robert Ransom
76093af02d Add changes file for #3049 2011-05-20 08:25:43 -07:00
Robert Ransom
90f810801e Fix trailing asterisk in the output of "GETINFO info/names" 2011-05-20 08:25:42 -07:00
Roger Dingledine
0a4649e657 Merge branch 'maint-0.2.2' 2011-05-20 03:03:46 -04:00
Roger Dingledine
b8ffb00cf1 log the reason for publishing a new relay descriptor
now we have a better chance of hunting down the root cause of bug 1810.
2011-05-19 23:59:52 -04:00
Roger Dingledine
18f1b354ec Merge branch 'maint-0.2.2' 2011-05-17 21:15:24 -04:00
Roger Dingledine
073fed06c4 discard circuits when we change our bridge configuration
otherwise we might reuse circuits from the previous configuration,
which could be bad depending on the user's situation
2011-05-17 21:13:59 -04:00
Roger Dingledine
92081f3cdc Merge branch 'maint-0.2.2' 2011-05-17 20:50:18 -04:00
Roger Dingledine
07c5026efa refetch bridge descriptors in a timely fashion
When we configure a new bridge via the controller, don't wait up to ten
seconds before trying to fetch its descriptor. This wasn't so bad when
you listed your bridges in torrc, but it's dreadful if you configure
your bridges via vidalia.
2011-05-17 20:48:46 -04:00
Nick Mathewson
c240efab86 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-17 19:53:06 -04:00
Nick Mathewson
bc89ef0ca8 Merge branch 'bug2752' into maint-0.2.2 2011-05-17 19:51:53 -04:00
Nick Mathewson
9674fe7e2f Add credit to bug2752; correct the issue number in the changes file 2011-05-17 19:50:52 -04:00
Nick Mathewson
e0e8424f1e Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-17 19:47:48 -04:00
Nick Mathewson
21ed575826 Handle NULL argument to get_configured_bridge_by_addr_port_digest
Fixes bug 2313; bugfix on 0.2.2.26-beta.
2011-05-17 19:46:47 -04:00
Robert Ransom
480a75cbbd Check onion keys in microdescriptors, too 2011-05-17 19:39:00 -04:00
Nick Mathewson
2e85c3a5c9 Remove from maint-0.2.2 changes files merged in release-0.2.2 and master 2011-05-16 16:43:04 -04:00
Nick Mathewson
952ae0ea69 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
Conflicts:
	changes/bug2190
	changes/forget-rend-descs-on-newnym
2011-05-16 16:40:57 -04:00
Nick Mathewson
0d94f78705 rm files for changes merged in all of release021, release022, master 2011-05-16 16:17:35 -04:00
Michael Yakubovich
a3707a1052 Fix bug2752 : 48-char HTTPProxyAuthenticator limitation
Bumped the char maximum to 512 for HTTPProxyAuthenticator &
HTTPSProxyAuthenticator. Now stripping all '\n' after base64
encoding in alloc_http_authenticator.
2011-05-16 16:09:35 -04:00
Nick Mathewson
03ccce6d77 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-16 14:50:53 -04:00
Nick Mathewson
e908e3a332 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
Fixed trivial conflict due to headers moving into their own .h files
from or.h.

Conflicts:
	src/or/or.h
2011-05-16 14:49:55 -04:00
Robert Ransom
987190c2bc Require that certain public keys have public exponent 65537 2011-05-16 14:28:46 -04:00
Robert Ransom
7571e9f1cb Check fetched rendezvous descriptors' service IDs 2011-05-16 14:07:24 -04:00
Nick Mathewson
e423447f53 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/connection.c
2011-05-16 11:12:22 -04:00
Nick Mathewson
919bf6ff3c Merge remote-tracking branch 'public/bug2850' into maint-0.2.2
Fixed a trivial conflict where this and the ControlSocketGroupWritable
code both added different functions to the same part of connection.c.

Conflicts:
	src/or/connection.c
2011-05-16 11:10:17 -04:00
Nick Mathewson
de8e0ef0bd Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-15 22:15:06 -04:00
Nick Mathewson
83fe07d3f2 Increase the length of the buffer in smartlist_string_num_isin().
This was harmless, since we only used this for checking for lists of
port values, but it's the principle of the thing.

Fixes 3175; bugfix on 0.1.0.1-rc
2011-05-15 22:13:53 -04:00
Nick Mathewson
b6eee716a8 changes file for bug3045 2011-05-15 22:02:24 -04:00
Nick Mathewson
4ac8ff9c9f Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-15 20:22:44 -04:00
Nick Mathewson
4b800408fa Check permissions on the directory holding a control socket 2011-05-15 20:20:29 -04:00
Sebastian Hahn
4198261291 Clean up the 2972 implementation a little 2011-05-15 20:20:28 -04:00
Nick Mathewson
f2c1702182 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/circuitbuild.h
2011-05-15 20:17:17 -04:00
Nick Mathewson
2b9c5ee301 Preserve bridge download status across SETCONF, HUP
This code changes it so that we don't remove bridges immediately when
we start re-parsing our configuration.  Instead, we mark them all, and
remove all the marked ones after re-parsing our bridge lines.  As we
add a bridge, we see if it's already in the list.  If so, we just
unmark it.

This new behavior will lose the property we used to have that bridges
were in bridge_list in the same order in which they appeared in the
torrc.  I took a quick look through the code, and I'm pretty sure we
didn't actually depend on that anywhere.

This is for bug 3019; it's a fix on 0.2.0.3-alpha.
2011-05-15 20:13:44 -04:00
Nick Mathewson
1f7b9e61ce Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-15 12:18:39 -04:00
Nick Mathewson
69ff26b05c Merge branch 'bug3026' into maint-0.2.2 2011-05-15 12:18:23 -04:00
Nick Mathewson
37e3fb8af2 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/connection_edge.c
2011-05-15 11:44:51 -04:00
Nick Mathewson
a5d40c2d0f Merge branch 'bug1345' into maint-0.2.2 2011-05-15 11:40:14 -04:00
Nick Mathewson
2fd9cfdc23 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/routerlist.c
2011-05-15 11:23:02 -04:00
Nick Mathewson
228b77f64e Merge branch 'bug2732-simpler' into maint-0.2.2 2011-05-15 11:17:54 -04:00
Nick Mathewson
7236bb77e2 Add a changes file for bug3183. 2011-05-15 11:08:46 -04:00
Nick Mathewson
da8297dbcb Handle transitions in Automap*, VirtualAddrNetwork correctly
Previously, if they changed in torrc during a SIGHUP, all was well,
since we would just clear all transient entries from the addrmap
thanks to bug 1345.  But if you changed them from the controller, Tor
would leave old mappings in place.

The VirtualAddrNetwork bug has been here since 0.1.1.19-rc; the
AutomapHosts* bug has been here since 0.2.0.1-alpha.
2011-05-13 16:59:31 -04:00
Nick Mathewson
a3ae591115 When TrackExitHosts changes, remove all no-longer-valid mappings
This bug couldn't happen when TrackExitHosts changed in torrc, since
the SIGHUP to reload the torrc would clear out all the transient
addressmap entries before.  But if you used SETCONF to change
TrackExitHosts, old entries would be left alone: that's a bug, and so
this is a bugfix on Tor 0.1.0.1-rc.
2011-05-13 16:28:50 -04:00
Nick Mathewson
09da83e1e8 Don't clear out transient addressmap entries on HUP
If you really want to purge the client DNS cache, the TrackHostExits
mappings, and the virtual address mappings, you should be using NEWNYM
instead.

Fixes bug 1345; bugfix on Tor 0.1.0.1-rc.

Note that this needs more work: now that we aren't nuking the
transient addressmap entries on HUP, we need to make sure that
configuration changes to VirtualAddressMap and TrackHostExits actually
have a reasonable effect.
2011-05-13 16:20:01 -04:00
Nick Mathewson
600744b4be Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/config.c
	src/or/dirserv.c
	src/or/or.h
2011-05-13 10:48:07 -04:00
Nick Mathewson
7f654a6a6f Add a ControlPortFileGroupWritable option 2011-05-13 10:41:29 -04:00
Nick Mathewson
dad12188a6 Write automatically-chosen control ports to a file. 2011-05-13 10:41:28 -04:00
Nick Mathewson
c55c8f0d49 new GETINFO command to return list of listeners of a given type 2011-05-13 10:41:19 -04:00
Nick Mathewson
5fec8fe559 "(Socks|Control|etc)Port auto" now tells Tor to open an arbitrary port
This is the major part of the implementation for trac issue 3076.
2011-05-13 10:41:18 -04:00
Nick Mathewson
af85017177 Merge remote-tracking branch 'public/bug3122_memcmp_023' 2011-05-12 19:27:18 -04:00
Nick Mathewson
59a6df8882 Merge remote-tracking branch 'public/bug3122_memcmp_022' into maint-0.2.2 2011-05-12 19:25:14 -04:00
Nick Mathewson
1f678277a1 Merge remote-tracking branch 'public/bug3122_memcmp_squashed' into maint-0.2.1 2011-05-12 19:20:40 -04:00
Nick Mathewson
696cd1cfe2 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-12 18:51:33 -04:00
Nick Mathewson
379de3d10a Add changes file for bug2503 2011-05-12 18:49:28 -04:00
Nick Mathewson
621e95a4f3 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-12 11:21:59 -04:00
Nick Mathewson
bdff7e3299 Unmap microdesc cache before replacing it.
If we do a replace-then-munmap, windows will never actually rewrite
the microdesc cache.

Found by wanoskarnet; bugfix on 0.2.2.6-alpha.
2011-05-12 11:19:52 -04:00
Nick Mathewson
4ba9f3e317 Track where microdescs are referenced to prevent free errs
On IRC, wanoskarnet notes that if we ever do microdesc_free() on a
microdesc that's in the nodelist, we're in trouble.  Also, we're in
trouble if we free one that's still in the microdesc_cache map.

This code adds a flag to microdesc_t to note where the microdesc is
referenced from, and checks those flags from microdesc_free().  I
don't believe we have any errors here now, but if we introduce some
later, let's log and recover from them rather than introducing
heisenbugs later on.

Addresses bug 3153.
2011-05-12 11:10:35 -04:00
Nick Mathewson
7779c63e93 Accept hs descriptors even if we don't see an HSDir for us
The old behavior contributed to unreliability when hidden services and
hsdirs had different consensus versions, and so had different opinions
about who should be cacheing hsdir info.

Bugfix on 0.2.0.10-alpha; based on discussions surrounding bug 2732.
2011-05-12 00:53:07 -04:00
Nick Mathewson
6b83b3ba2a bug 3026: do not upload our vote to ourself 2011-05-12 00:47:00 -04:00
Nick Mathewson
3968e8d14b Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-12 00:14:44 -04:00
Nick Mathewson
b47f574c1e Merge branch 'bug1352' into maint-0.2.2 2011-05-12 00:14:10 -04:00
Nick Mathewson
7649adbce6 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-11 22:55:29 -04:00
Nick Mathewson
8057b7363e Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-05-11 22:52:26 -04:00
Nick Mathewson
13847b8db6 Fix crash when read_file_to_string() fails in SAVECONF
The new behavior is to try to rename the old file if there is one there
that we can't read.  In all likelihood, that will fail too, but at least
we tried, and at least it won't crash.
2011-05-11 22:05:41 -04:00
Nick Mathewson
9fba014e3f Merge remote-tracking branch 'public/bug3122_memcmp_022' into bug3122_memcmp_023
Conflicts in various places, mainly node-related.  Resolved them in
favor of HEAD, with copying of tor_mem* operations from bug3122_memcmp_022.

	src/common/Makefile.am
	src/or/circuitlist.c
	src/or/connection_edge.c
	src/or/directory.c
	src/or/microdesc.c
	src/or/networkstatus.c
	src/or/router.c
	src/or/routerlist.c
	src/test/test_util.c
2011-05-11 16:39:45 -04:00
Nick Mathewson
44ad734573 Merge remote-tracking branch 'public/3122_memcmp_squashed' into bug3122_memcmp_022
Conflicts throughout.  All resolved in favor of taking HEAD and
adding tor_mem* or fast_mem* ops as appropriate.

	src/common/Makefile.am
	src/or/circuitbuild.c
	src/or/directory.c
	src/or/dirserv.c
	src/or/dirvote.c
	src/or/networkstatus.c
	src/or/rendclient.c
	src/or/rendservice.c
	src/or/router.c
	src/or/routerlist.c
	src/or/routerparse.c
	src/or/test.c
2011-05-11 16:24:29 -04:00
Nick Mathewson
4b19730c82 Add a data-independent variant of memcmp and a d-i memeq function.
The tor_memcmp code is by Robert Ransom, and the tor_memeq code is
by me.  Both incorporate some ideas from DJB's stuff.
2011-05-11 16:12:33 -04:00
Roger Dingledine
6d5478a8a7 Merge branch 'maint-0.2.2' 2011-05-10 23:06:12 -04:00
Roger Dingledine
7206d784dc Merge branch 'maint-0.2.1' into maint-0.2.2 2011-05-10 23:05:51 -04:00
Roger Dingledine
e7b10e5ecf Update to the May 1 2011 Maxmind GeoLite Country database 2011-05-10 23:04:11 -04:00
Nick Mathewson
e6980faec4 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/directory.c
2011-05-09 13:39:51 -04:00
Nick Mathewson
09d7af7789 Merge remote-tracking branch 'public/bug3022_v2' into maint-0.2.2 2011-05-09 13:37:56 -04:00
Nick Mathewson
acd6a4856b Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/connection.c
2011-05-09 13:36:40 -04:00
Sebastian Hahn
1c668540fe Fix potential null pointer deref during dirvote
Found by using clang's analyzer.
2011-05-09 13:19:46 -04:00
Sebastian Hahn
1827e60976 Fix a potential null deref when rebuilding md cache
Issue discovered using clang's static analyzer
2011-05-09 13:19:45 -04:00
Sebastian Hahn
e36f9d1d9b Link to libevent_openssl statically when requested
When configure tor with --enable-bufferevents and
--enable-static-libevent, libevent_openssl would still be linked
dynamically. Fix this and refactor src/or/Makefile.am along the way.
2011-05-06 15:38:32 +02:00
Nick Mathewson
4cc348e896 Code to make clients fetch and use microdescriptors for circuit building
To turn this on, set UseMicrodescriptors to "1" (or "auto" if you
want it on-if-you're-a-client).  It should go auto-by-default once
0.2.3.1-alpha is released.

Because of our node logic, directory caches will never use
microdescriptors when they have the right routerinfo available.
2011-05-05 20:54:12 -04:00
Nick Mathewson
3b0140b811 Tweak 0.2.3.1-alpha changelog, add more entries. 2011-05-05 13:43:15 -04:00
Nick Mathewson
08efa70c41 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-04 23:29:56 -04:00
Nick Mathewson
9583a534ac Merge remote-tracking branch 'rransom/bug3106' into maint-0.2.2 2011-05-04 23:18:47 -04:00
Robert Ransom
66339f74b4 Handle crypto_pk_get_digest failures semi-sensibly
Fixes bug 3106.
2011-05-04 20:06:24 -07:00
Nick Mathewson
4c9bd06d0d Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-04 17:38:33 -04:00
Nick Mathewson
aba7bb705a Set SO_REUSEADDR on all sockets, not just listeners
See bug 2850 for rationale: it appears that on some busy exits, the OS
decides that every single port is now unusable because they have been
all used too recently.
2011-05-03 22:22:20 -04:00
Nick Mathewson
b04dca448d Add some missing torrc entries to tor.1.txt
Fixes bug 2379
2011-05-03 22:14:40 -04:00
Nick Mathewson
5ee5103f63 Initial draft changelog for 0.2.3.1-alpha 2011-05-03 21:33:10 -04:00
Nick Mathewson
993536e78e Remove changes files already merged into release-0.2.2 2011-05-03 20:54:37 -04:00
Nick Mathewson
599d1b62b4 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/main.c
	src/or/microdesc.c
2011-05-03 17:30:58 -04:00
Nick Mathewson
68ae5afa5a Change who calls microdesc_cache_rebuild().
Previously we ensured that it would get called periodically by doing
it from inside the code that added microdescriptors.  That won't work
though: it would interfere with our code that tried to read microdescs
from disk initially.  Instead, we should consider rebuilding the cache
periodically, and on startup.
2011-05-03 17:28:28 -04:00
Nick Mathewson
56fbd728c2 Backport microdesc_cache_clean to 0.2.2
Otherwise we have no way to keep authorities' microdesc caches in 0.2.2
from growing without bound.
2011-05-03 16:45:15 -04:00
Nick Mathewson
1f97e8322f Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/microdesc.c
2011-05-03 16:33:41 -04:00
Nick Mathewson
970715dd8f Fix a check for when to rebuild the microdesc cache. (Backport from 0.2.3. 2011-05-03 16:29:39 -04:00
Nick Mathewson
698fa0fc67 Add missing code to set cache->journal_len when reading microdesc journal
This could be one reason that authorities' journals would grow without
bound; related to bug 2230. Bugfix on 0.2.2.6-alpha.  Fix by
"cypherpunks".
2011-05-03 16:22:31 -04:00
Nick Mathewson
a23ec308e4 Remove changes files that were merged to changelogs of 0.2.2.25-alpha or earlier 2011-04-29 15:25:33 -04:00
Nick Mathewson
4f7587a5ed Tweak the startup message to be more helpful
Instead of just saying "boogity boogity!" let's actually warn people
that they need to configure stuff right to be safe, and point them
at instructions for how to do that.

Resolves bug 2474.
2011-04-28 22:00:22 -04:00
Nick Mathewson
bcdffc0f80 Rate-limit v2 networkstatus download fail warnings
This fixes part of 1352.  We don't care deeply about these warnings,
since v2 networkstatuses aren't a big deal.
2011-04-28 21:25:24 -04:00
Nick Mathewson
20d6ac3530 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-28 21:17:51 -04:00
Nick Mathewson
f0d9e2d650 Merge remote-tracking branch 'arma/bug3012' into maint-0.2.2 2011-04-28 21:15:14 -04:00
Roger Dingledine
66de6f7eb8 relays checkpoint their state file twice a day 2011-04-28 21:06:25 -04:00
Nick Mathewson
cd42ae7185 Only authorities should automatically download v2 networkstatus documents
Clients and relays haven't used them since early 0.2.0.x.  The only
remaining use by authorities learning about new relays ahead of scedule;
see proposal 147 for what we intend to do about that.

We're leaving in an option (FetchV2Networkstatus) to manually fetch v2
networkstatuses, because apparently dnsel and maybe bwauth want them.

This fixes bug 3022.
2011-04-28 21:06:07 -04:00
Nick Mathewson
b0a7e0d6ca Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-28 20:55:03 -04:00
Nick Mathewson
4010427b51 Merge remote-tracking branch 'arma/bug3039' into maint-0.2.2 2011-04-28 20:53:44 -04:00
Roger Dingledine
df3cf881d1 stop putting wacky values into state->lastwritten 2011-04-28 20:40:15 -04:00
Nick Mathewson
9d67d16c6a Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-28 20:38:50 -04:00
Nick Mathewson
6b9aadd557 Merge remote-tracking branches 'rransom/bug2722' and 'rransom/bug2722b' into maint-0.2.2 2011-04-28 20:36:38 -04:00
Nick Mathewson
bb8689b864 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-28 20:05:48 -04:00
Sebastian Hahn
525d2700dd Correctly check elapsed time in last hibernation period
Fix bug 3020.
2011-04-29 01:18:32 +02:00
Nick Mathewson
f38ecd5ac0 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-28 18:14:50 -04:00
Robert Ransom
b8708b5bd3 Fix bug 1930 2011-04-28 18:11:58 -04:00
Robert Ransom
ddd1b7be2d Ignore SIGNAL NEWNYM on relay-only Tor instances 2011-04-28 18:10:17 -04:00
Robert Ransom
df5c7fedbd Don't allow v0 HS auths to act as clients
A v0 HS authority stores v0 HS descriptors in the same descriptor
cache that its HS client functionality uses.  Thus, if the HS
authority operator clears its client HS descriptor cache, ALL v0
HS descriptors will be lost.  That would be bad.
2011-04-28 18:10:16 -04:00
Nick Mathewson
8b33928676 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-28 17:15:31 -04:00
Nick Mathewson
51e551d383 Detect and handle NULL returns from (gm/local)time_r
These functions can return NULL for otherwise-valid values of
time_t.  Notably, the glibc gmtime manpage says it can return NULL
if the year if greater than INT_MAX, and the windows MSDN gmtime
page says it can return NULL for negative time_t values.

Also, our formatting code is not guaranteed to correctly handle
years after 9999 CE.

This patch tries to correct this by detecting NULL values from
gmtime/localtime_r, and trying to clip them to a reasonable end of
the scale.  If they are in the middle of the scale, we call it a
downright error.

Arguably, it's a bug to get out-of-bounds dates like this to begin
with.  But we've had bugs of this kind in the past, and warning when
we see a bug is much kinder than doing a NULL-pointer dereference.

Boboper found this one too.
2011-04-28 17:12:54 -04:00
Nick Mathewson
88638d40ca Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-28 16:05:59 -04:00
Nick Mathewson
3055acbdbe Merge remote-tracking branch 'sebastian/bug2497' into maint-0.2.2 2011-04-28 16:05:34 -04:00
Nick Mathewson
32918e954f Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/rendcommon.h
2011-04-28 15:57:27 -04:00
Sebastian Hahn
4b13ebd5ab Merge branch 'bug3k_021' into bug3k_022
Conflicts:
	src/or/or.h
	src/or/rendclient.c
2011-04-28 19:00:34 +02:00
Robert Ransom
2ad18ae736 Allow rend_client_send_introduction to fail transiently
i.e. without closing the AP connection.
2011-04-28 18:14:50 +02:00
Robert Ransom
440e48ddf2 Forget all rendezvous client state on SIGNAL NEWNYM 2011-04-28 18:14:50 +02:00
Nick Mathewson
26456d3354 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-27 22:14:54 -04:00
Nick Mathewson
0130e7c9d2 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
Conflicts:
	src/common/torint.h
2011-04-27 22:14:28 -04:00
Nick Mathewson
26c022ecbc Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-27 17:26:40 -04:00
Nick Mathewson
7f85509a59 I guess that had a bug number: add it to the changes file. 2011-04-27 17:26:28 -04:00
Nick Mathewson
34510f9278 Fix clear_trackhostexits_mapping() to actually work as advertised
Previously, it would remove every trackhostexits-derived mapping
*from* xyz.<exitname>.exit; it was supposed to remove every
trackhostexits-derived mapping *to* xyz.<exitname>.exit.

Bugfix on 0.2.0.20-rc: fixes an XXX020 added while staring at bug-1090
issues.
2011-04-27 17:23:05 -04:00
Nick Mathewson
78c610eea9 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	doc/tor.1.txt
2011-04-27 15:20:01 -04:00
cypherpunks
247cbab6c8 Fix double-free bug in microdesc parser 2011-04-27 15:15:32 -04:00
Nick Mathewson
8b686d98c4 Merge maint-0.2.2 for the bug1090-part1-squashed branch
Resolved conflicts in:
	doc/tor.1.txt
	src/or/circuitbuild.c
	src/or/circuituse.c
	src/or/connection_edge.c
	src/or/connection_edge.h
	src/or/directory.c
	src/or/rendclient.c
	src/or/routerlist.c
	src/or/routerlist.h

These were mostly releated to the routerinfo_t->node_t conversion.
2011-04-27 14:36:30 -04:00
Nick Mathewson
c49f660c1a Add a big changelog entry for bug 1090 fixes 2011-04-27 13:33:38 -04:00
Roger Dingledine
f7a5bc16d6 warn if we launch too many circuits for a given stream 2011-04-27 00:01:41 -04:00
Nick Mathewson
4851de554d Do not automatically ignore Fast/Stable for exits when ExitNodes is set
This once maybe made sense when ExitNodes meant "Here are 3 exits;
use them all", but now it more typically means "Here are 3
countries; exit from there."  Using non-Fast/Stable exits created a
potential partitioning opportunity and an annoying stability
problem.

(Don't worry about the case where all of our ExitNodes are non-Fast
or non-Stable: we handle that later in the function by retrying with
need_capacity and need_uptime set to 0.)
2011-04-26 23:54:16 -04:00
Nick Mathewson
3256627a45 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/main.h
2011-04-26 15:30:51 -04:00
Nick Mathewson
a7a906603e Merge remote-tracking branch 'sebastian/bug2917' into maint-0.2.2 2011-04-26 15:17:03 -04:00
Nick Mathewson
43ffd023e9 Make SIZE_T_CEILING unsigned; add a signed SSIZE_T_CEILING
None of the comparisons were _broken_ previously, but avoiding
signed/unsigned comparisons makes everybody happier.

Fixes bug2475.
2011-04-26 13:03:58 -04:00
Nick Mathewson
47f472510f Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/rephist.c
2011-04-26 12:49:58 -04:00
Nick Mathewson
bb6d45af1f Downgrade notice to info when downloading a cert. 2011-04-26 12:47:09 -04:00
Nick Mathewson
6a726d34e1 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-26 11:15:03 -04:00
Nick Mathewson
f083347adf Merge remote-tracking branch 'sebastian/bug2704' into maint-0.2.2 2011-04-26 11:07:48 -04:00
Nick Mathewson
075d904d39 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/dirserv.h
2011-04-26 11:05:54 -04:00
Sebastian Hahn
6fde2b46d2 Fix more of bug 2704
The last entry of the *Maxima values in the state file was inflated by a
factor of NUM_SECS_ROLLING_MEASURE (currently 10). This could lead to
a wrong maximum value propagating through the state file history.
2011-04-26 15:36:17 +02:00
Sebastian Hahn
4c789ec08c Don't leak the local hostname in relay nicknames
Fixes bug 2979, reported by tagnaq.
2011-04-26 05:08:32 +02:00
Nick Mathewson
5230cc4fe7 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-25 19:04:13 -04:00
Nick Mathewson
f3b58dfa53 Merge commit '91aa6f08bcf0acbdfa038aaffe73e327ddd87c67' into maint-0.2.2 2011-04-25 19:03:15 -04:00
Sebastian Hahn
91aa6f08bc Make the Log configuration option expand ~ 2011-04-22 16:06:52 +02:00
Nick Mathewson
fdbdaf8fab Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-21 13:41:38 -04:00
Nick Mathewson
a0514ba531 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-04-21 13:40:00 -04:00
Nick Mathewson
e98583594d Fix a bug in removing DNSPort requests from their circular list
Under heavy load, this could result in an assertion failure.  Fix for
bug 2933; bugfix on 0.2.0.10-alpha.
2011-04-21 13:39:00 -04:00
Nick Mathewson
7c83d4043d Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-19 15:39:04 -04:00
Sebastian Hahn
3f7f96d9e7 Prevent hugely inflated observed bandwidth values
When reading the bw history from the state file, we'd add the 900-second
value as traffic that occured during one second. Fix that by adding the
average value to each second.

This bug was present since 0.2.0.5-alpha, but was hidden until
0.2.23-alpha when we started using the saved values.
2011-04-19 15:38:26 -04:00
Sebastian Hahn
13c3884ff6 Don't sometimes undercount bw average
This fixes the first part of bug 2704. It should occur only rarely when
no bw maxima are known. Bugfix on 0.2.2.23-alpha. Fixes bug 2704.
2011-04-19 15:38:10 -04:00
Nick Mathewson
9eeb902d12 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-19 12:37:18 -04:00
Nick Mathewson
f52cfbfc00 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-19 12:31:55 -04:00
Nick Mathewson
0e554f93d6 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-04-19 12:31:42 -04:00
Nick Mathewson
bba47a836c Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-19 12:30:36 -04:00
Sebastian Hahn
c1927d7d5f Don't report empty bw-history lines in extrainfo
Some tor relays would report lines like these in their extrainfo
documents:
dirreq-write-history 2011-03-14 16:46:44 (900 s)

This was confusing to some people who look at the stats. It would happen
whenever a relay first starts up, or when a relay has dirport disabled.
Change this so that lines without actual bw entries are omitted.
Implements ticket 2497.
2011-04-19 14:51:40 +02:00
Nick Mathewson
48bdc2f729 Correct HS descriptor length check
Fixes bug 2948.
2011-04-18 13:53:13 -07:00
Robert Ransom
130db1bdeb Merge branch 'bug2750-v3' into bug2948 2011-04-18 13:36:19 -07:00
Robert Ransom
bfebc942ea Correct the warning emitted when rejecting an oversized HS desc 2011-04-18 13:17:40 -07:00
Sebastian Hahn
5114e3e442 Make SIGNAL DUMP work on FreeBSD
While doing so, get rid of the now unnecessary function
control_signal_act().

Fixes bug 2917, reported by Robert Ransom. Bugfix on commit
9b4aa8d2ab. This patch is loosely based on
a patch by Robert (Changelog entry).
2011-04-15 05:35:30 +02:00
Sebastian Hahn
4cbbb92e7f Add a changes file for the osx 10.6 compile fix
We forgot to put it into 0.2.2.24-alpha.
2011-04-08 22:56:28 +02:00
Nick Mathewson
85ac832a14 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-07 20:27:39 -04:00
Gisle Vanem
70e0291468 Use GetTempDir instead of hardcoded path to c:\windows\tmp for unittests 2011-04-07 18:34:11 -04:00
Nick Mathewson
67d88a7d60 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/common/address.c
	src/common/compat_libevent.c
	src/common/memarea.c
	src/common/util.h
	src/or/buffers.c
	src/or/circuitbuild.c
	src/or/circuituse.c
	src/or/connection.c
	src/or/directory.c
	src/or/networkstatus.c
	src/or/or.h
	src/or/routerlist.c
2011-04-07 12:17:20 -04:00
Nick Mathewson
ba0cd8094f Merge remote-tracking branch 'public/xxx_fixups' into maint-0.2.2
Conflicts:
	src/or/or.h
2011-04-07 12:03:04 -04:00
Nick Mathewson
07ab483e62 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-07 11:55:17 -04:00
Nick Mathewson
118d8ffdcb Allow controllers a more up-to-date view of bridge usage.
Instead of answering GETINFO requests about our geoip usage only after
running for 24 hours, this patch makes us answer GETINFO requests
immediately.  We still round and quantize as before.

Implements bug2711.

Also, refactor the heck out of the bridge usage formatting code.  No
longer should we need to do a generate-parse-and-regenerate cycle to
get the controller string, and that lets us simplify the code a lot.
2011-04-07 11:53:37 -04:00
Nick Mathewson
32341ac467 Merge remote-tracking branch 'public/bug2402_again' into maint-0.2.1 2011-04-06 16:13:22 -04:00
Nick Mathewson
1a49fdecf8 Tweaks to Cagara's CountPrivateBandwidth patch:
- Document it in the manpage
  - Add a changes entry
  - No need to log when it is set: we don't log for other options.
  - Use doxygen to document the new flag.
  - Test truth of C variables with "if (x)", not "if (x == 1)".
  - Simplify a complex boolean expression by breaking it up.
2011-04-05 16:24:42 -04:00
Nick Mathewson
3a9d0b4b9c remove duplicate changes file for 2702 2011-04-04 16:09:44 -04:00
Nick Mathewson
3cf23be712 Merge branch 'static-work' 2011-04-04 15:35:23 -04:00
Nick Mathewson
ad1ae44154 Changes file for static-work branch 2011-04-04 15:35:16 -04:00
Roger Dingledine
1587e0d470 Merge branch 'maint-0.2.2' 2011-04-04 03:54:03 -04:00
Roger Dingledine
9d2b3849b2 Merge branch 'maint-0.2.1' into maint-0.2.2 2011-04-04 03:53:38 -04:00
Roger Dingledine
0cdd262941 switch to the apr 2011 geoip db 2011-04-04 03:52:58 -04:00
Sebastian Hahn
e97f78d789 Small fixes for the 2702 implementation
Improve the INSTALL documentation for static builds, remove a few
unnecessary lines from configure.in and tweak the changelog message
slightly.
2011-04-02 12:15:08 +02:00
Jacob Appelbaum
fe051a43c1 add --enable-static-tor to our configure script
This implements the feature request in bug #2702
2011-04-02 11:09:38 +02:00
Nick Mathewson
ee871e7a0e Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/common/compat.h
	src/or/circuitlist.c
	src/or/circuituse.c
	src/or/or.h
	src/or/rephist.c
2011-03-30 14:55:50 -04:00
Nick Mathewson
65eb0e41ac Use cbt to tell when to launch parallel intro circuit
Implement feature from trac #2799
2011-03-30 14:41:53 -04:00
Nick Mathewson
aa950e6c48 Use timevals, not time_t, when expiring circuits.
We've got millisecond timers now, we might as well use them.

This change won't actually make circuits get expiered with microsecond
precision, since we only call the expiry functions once per second.
Still, it should avoid the situation where we have a circuit get
expired too early because of rounding.

A couple of the expiry functions now call tor_gettimeofday: this
should be cheap since we're only doing it once per second.  If it gets
to be called more often, though, we should onsider having the current
time be an argument again.
2011-03-30 14:41:41 -04:00
Nick Mathewson
22f7042b91 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-03-28 17:49:34 -04:00
Erinn Clark
3a7cee9d29 Fix configure.in zlib package names. 2011-03-28 17:48:22 -04:00
Nick Mathewson
fc64783278 Send END_STREAM_REASON_NOROUTE: clients that didn't grok it are now obsolete 2011-03-28 13:42:59 -04:00
Nick Mathewson
18126f92a7 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-03-28 12:17:35 -04:00
Sebastian Hahn
4762118832 Small tweaks for bug2698 bugfix 2011-03-27 05:38:53 +02:00
Jacob Appelbaum
b62abf9f21 Fix libevent autoconf bug #2698 2011-03-27 05:38:51 +02:00
Nick Mathewson
432734279d Fix handling of StreamID exhaustion.
Since svn r1475/git 5b6099e8 in tor-0.0.6, we have responded to an
exhaustion of all 65535 stream IDs on a circuit by marking that
circuit for close.  That's not the right response.  Instead, we
should mark the circuit as "too dirty for new circuits".

Of course in reality this isn't really right either.  If somebody
has managed to cram 65535 streams onto a circuit, the circuit is
probably not going to work well for any of those streams, so maybe
we should be limiting the number of streams on an origin circuit
concurrently.

Also, closing the stream in this case is probably the wrong thing to
do as well, but fixing that can also wait.
2011-03-25 18:32:28 -04:00
Nick Mathewson
550749555c Remove workaround code for bug539
We fixed bug 539 (where directories would say "503" but send data
anyway) back in 0.2.0.16-alpha/0.1.2.19.  Because most directory
versions were affected, we added workaround to make sure that we
examined the contents of 503-replies to make sure there wasn't any
data for them to find.  But now that such routers are nonexistent,
we can remove this code.  (Even if somebody fired up an 0.1.2.19
directory cache today, it would still be fine to ignore data in its
erroneous 503 replies.)
2011-03-25 18:32:28 -04:00
Nick Mathewson
dddd333a80 Fix some 'impossible' overflow bugs in byte counting
The first was genuinely impossible, I think: it could only happen
when the amount we read differed from the amount we wanted to read
by more than INT_MAX.

The second is just very unlikely: it would give incorrect results to
the controller if you somehow wrote or read more than 4GB on one
edge conn in one second.  That one is a bugfix on 0.1.2.8-beta.
2011-03-25 18:32:28 -04:00
Nick Mathewson
6a5b94de6c Look at the right errno when sending reason for connect() failure
In afe414 (tor-0.1.0.1-rc~173), when we moved to
connection_edge_end_errno(), we used it in handling errors from
connection_connect().  That's not so good, since by the time
connection_connect() returns, the socket is no longer set, and we're
supposed to be looking at the socket_errno return value from
connection_connect() instead.  So do what we should've done, and
look at the socket_errno value that we get from connection_connect().
2011-03-25 18:32:28 -04:00
Nick Mathewson
444e46d96d Remove the "fuzzy time" code
It was the start of a neat idea, but it only got used in 3 places,
none of which really needed it.
2011-03-25 16:28:37 -04:00
Nick Mathewson
8b393afa94 Merge remote branch 'origin/maint-0.2.2'
Trivial Conflicts:
	configure.in
2011-03-18 12:44:37 -04:00
Nick Mathewson
f3d6663665 Merge remote branch 'sebastian/bug2696' into maint-0.2.2 2011-03-18 12:39:40 -04:00
Sebastian Hahn
4aac35cafa Add 2696 changes file 2011-03-18 17:13:43 +01:00
Nick Mathewson
b1b6552251 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/common/crypto.c
2011-03-16 17:16:54 -04:00
Nick Mathewson
cf399f1034 add changes file for the doxygen issues 2011-03-16 17:13:27 -04:00
Nick Mathewson
415caba967 Merge remote branch 'arma/optimistic_server' 2011-03-15 17:20:41 -04:00
Nick Mathewson
737228ed8e Merge remote branch 'origin/maint-0.2.2' 2011-03-15 17:18:29 -04:00
Nick Mathewson
c5ffd44ccd Merge branch 'bug2756_relay' into maint-0.2.2 2011-03-15 17:13:07 -04:00
Nick Mathewson
4dde69a6d0 Merge remote branch 'origin/maint-0.2.2' 2011-03-15 15:19:38 -04:00
Nick Mathewson
ab418447eb Merge branch 'bug2757' into maint-0.2.2 2011-03-15 15:18:15 -04:00
Nick Mathewson
84f27eb051 Merge remote branch 'origin/maint-0.2.2' 2011-03-15 14:50:42 -04:00
Robert Ransom
98abe1420d Fix a log message typo 2011-03-15 09:48:26 -07:00
Robert Ransom
3af59dcaee Log the source of a rejected POSTed v3 vote
Related to ticket 2683.
2011-03-15 09:16:58 -07:00
Nick Mathewson
06f026de66 Check newconn, not conn, before marking newconn for close
This fixes bug 2757.  It's a bugfix on 85da676108.
2011-03-14 18:52:15 -04:00
Nick Mathewson
6a97450cbd Add changes file for server-side optimistic data patch 2011-03-14 18:25:20 -04:00
Nick Mathewson
1d36a8e9ae Consider sending stream-level SENDME cells on partial flushes.
Right now, we only consider sending stream-level SENDME cells when we
have completely flushed a connection_edge's outbuf, or when it sends
us a DATA cell.  Neither of these is ideal for throughput.

This patch changes the behavior so we now call
connection_edge_consider_sending_sendme when we flush _some_ data from
an edge outbuf.

Fix for bug 2756; bugfix on svn r152.
2011-03-14 17:48:45 -04:00
Nick Mathewson
ebf6786ab3 Merge remote branch 'origin/maint-0.2.2'
Fixed conflict: router_get_my_routerinfo now returns const

Conflicts:
	src/or/router.c
2011-03-14 17:22:38 -04:00
Nick Mathewson
b97d9abd09 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-03-14 17:04:53 -04:00
Nick Mathewson
e91a8c5589 Merge remote branch 'origin/maint-0.2.2'
Resolved nontrivial conflict around rewrite_x_address_for_bridge and
learned_bridge_descriptor.  Now, since leanred_bridge_descriptor works
on nodes, we must make sure that rewrite_node_address_for_bridge also
works on nodes.

Conflicts:
	src/or/circuitbuild.c
2011-03-14 16:34:33 -04:00
Nick Mathewson
0588330c1d Merge remote branch 'arma/bug2510' into maint-0.2.2 2011-03-14 16:14:54 -04:00
Nick Mathewson
f1c365b032 Merge remote branch 'origin/maint-0.2.2'
Fix trivial add/add conflict in main.c

Conflicts:
	src/or/main.c
2011-03-14 15:31:24 -04:00
Nick Mathewson
b639add1a0 Merge remote branch 'arma/bug2716' into maint-0.2.2 2011-03-14 15:29:02 -04:00
Robert Ransom
96b929e743 Log malformed HS descriptor requests at the proper level
This log message should be a 'protocol warning', not a 'warning'.
2011-03-14 01:15:36 -07:00
Robert Ransom
c90097e74a Remove dead code from rend_cache_lookup_v2_desc_as_dir
hid_serv_responsible_for_desc_id's return value is never negative, and
there is no need to search through the consensus to find out whether we
are responsible for a descriptor ID before we look in our cache for a
descriptor.
2011-03-14 01:14:05 -07:00
Roger Dingledine
1a9d19e972 we're not reachable if we don't have a routerinfo yet 2011-03-13 15:47:59 -04:00
Robert Ransom
eb50e3d6bf Add changes file for previous commit 2011-03-12 07:30:24 -08:00
Nick Mathewson
d52a99dc77 Merge remote branch 'origin/maint-0.2.2' 2011-03-11 23:34:46 -05:00
Nick Mathewson
3a0c602155 Clarify threat description and avoid negative uptimes. 2011-03-11 23:27:53 -05:00
Roger Dingledine
977e396e86 improve accuracy for when a relay went unreachable 2011-03-11 22:12:15 -05:00
Sebastian Hahn
f7a3cdc8f2 Use observed instead of declared uptime for HSDir
It is important to verify the uptime claim of a relay instead of just
trusting it, otherwise it becomes too easy to blackhole a specific
hidden service. rephist already has data available that we can use here.

Bugfix on 0.2.0.10-alpha.
2011-03-11 18:44:35 +01:00
Nick Mathewson
02d93caa09 Backport: Generate version tags using Git, not (broken) svn revisions.
Partial backport of daa0326aaa .
Resolves bug 2402.  Bugfix on 0.2.1.15 (for the part where we switched to
git) and on 0.2.1.30 (for the part where we dumped micro-revisions.)
2011-03-11 11:01:17 -05:00
Nick Mathewson
671318c3a8 Revert "Simplest fix to bug2402: do not include SVN versions"
This reverts commit a1073ee956.

Apparently, we totally misunderstood how the debian packages were using
microrevisions.  Better fix that!
2011-03-11 10:47:25 -05:00
Nick Mathewson
78d5955e5b oops. I got the bug number wrong. 2011-03-09 16:22:18 -05:00
Nick Mathewson
dc0bb6b709 oops. I got the bug number wrong. 2011-03-09 16:21:34 -05:00
Nick Mathewson
19baca4837 Merge remote branch 'origin/maint-0.2.2' 2011-03-09 16:20:14 -05:00
Andreas Stieger
f31ba6a356 openSUSE initscript create /var/run/tor fixes Ticket #2573
(changes file added by nickm)
2011-03-09 16:18:44 -05:00
Roger Dingledine
e569e6b201 Merge branch 'maint-0.2.2' 2011-03-08 18:16:27 -05:00
Roger Dingledine
6426cd14f3 Merge branch 'maint-0.2.1' into maint-0.2.2 2011-03-08 18:16:06 -05:00
Roger Dingledine
d080fe8db1 move to march 2011 geoip file 2011-03-08 18:15:17 -05:00
Nick Mathewson
63651b9191 Merge remote branch 'origin/maint-0.2.2'
Trivial conflicts fixed in or.h

Conflicts:
	src/or/or.h
2011-03-08 16:20:53 -05:00
Nick Mathewson
00446973f2 Merge remote branch 'sebastian/bug2250' into maint-0.2.2 2011-03-08 16:13:28 -05:00
Nick Mathewson
f9bb3ced51 Merge remote branch 'origin/maint-0.2.2'
Resolved trivial one-line conflicts.

Conflicts:
	src/or/dirserv.c
	src/or/rephist.c
2011-03-08 16:10:40 -05:00
Nick Mathewson
0d78a16c36 Merge remote branch 'sebastian/bug1035' into maint-0.2.2 2011-03-08 15:52:43 -05:00
Nick Mathewson
d5907e7d9d Merge remote branch 'origin/maint-0.2.2' 2011-03-08 15:23:30 -05:00
Nick Mathewson
9ad083d573 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-03-08 15:20:48 -05:00
Nick Mathewson
9a6df21539 Avoid crash in any_pending_bridge_descriptor_fetches
This is based on shitlei's fix for bug2629, with extra parens removed.
Fixes bug 2629, bugfix on 0.2.1.2-alpha.
2011-03-08 15:17:41 -05:00
Nick Mathewson
26009a3ed0 Merge remote branch 'origin/maint-0.2.2' 2011-03-07 17:12:08 -05:00
Nick Mathewson
3bd83b8fb6 Merge remote branch 'sebastian/bug2660' into maint-0.2.2 2011-03-07 17:09:23 -05:00
Nick Mathewson
176e8a0a2a Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	src/or/routerparse.c
2011-03-06 13:46:11 -05:00
Nick Mathewson
35fcec3880 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-03-06 13:42:28 -05:00
Nick Mathewson
4fa70e11ed Merge branch 'real_ipv6_fix' into maint-0.2.1 2011-03-06 13:42:05 -05:00
Nick Mathewson
2ce132e335 Oops, here's the *REAL* fix for the ipv6 issue
We need to _REJECT_ descriptors with accept6/reject6 lines.  If we
let them onto the network , other un-upgraded tors will crash.
2011-03-06 13:41:55 -05:00
Nick Mathewson
0f637492e3 Merge branch 'careful_with_all_descs' into maint-0.2.1 2011-03-06 13:35:42 -05:00
Nick Mathewson
b231026c42 changes file for careful_with_all_descs 2011-03-06 13:35:24 -05:00
Nick Mathewson
07b8b439c4 Merge remote branch 'origin/maint-0.2.2' 2011-03-06 13:23:02 -05:00
Nick Mathewson
ed14888e7e Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2
Conflicts:
	src/or/policies.c
2011-03-06 13:20:21 -05:00
Nick Mathewson
fb421c0005 Changes file for ipv6 parsing issue 2011-03-06 13:15:32 -05:00
Sebastian Hahn
f83debb51d Fix setting target port in get_interface_address6
We want to use the discard port correctly, so a htons() was missing.
Also we need to set it correctly depending on address family.

Review provided by danieldg
2011-03-05 16:58:20 +01:00
Sebastian Hahn
865ea5d263 Fix connect() failures in get_interface_address6()
The third argument for connect should be dependent on the address
family. Issue spotted by piebeer who also wrote the patch.
2011-03-05 16:57:05 +01:00
Robert Ransom
4d21fe2870 Emend changes/tls-hash 2011-03-03 17:54:53 -08:00
Gladys Shufflebottom
49de5431d5 remove tls related hash table code 2011-03-01 18:11:25 -05:00
Sebastian Hahn
5c7c5e593f Tweak the bug2250 fix slightly
Rename the _UsingTestingTorNetwork hidden option to
_UsingTestNetworkDefaults (thanks Nick for the suggestion) and added a
changes file.
2011-03-01 10:05:18 +01:00
Nick Mathewson
42c1a47123 Revert bug1074_launch_authconn* branch: needs more design, less crashing 2011-02-28 12:58:29 -05:00
Nick Mathewson
a47fdaf9a0 Merge branch 'bug1074_launch_conn_on_skew'
Fixed conflict on rename of router_get_by_digest->router_get_by_id_digest

Conflicts:
	src/or/command.c
2011-02-25 12:12:44 -05:00
Nick Mathewson
22810d740c Changes file for altf4's bug1074 stuff 2011-02-25 12:12:02 -05:00
Nick Mathewson
a2a8adeee5 Merge remote branch 'origin/maint-0.2.2' 2011-02-25 11:24:35 -05:00
Nick Mathewson
aa178aae03 Merge branch 'bug1863_bwhist' into maint-0.2.2 2011-02-25 11:22:12 -05:00
Nick Mathewson
9265164180 Merge remote branch 'origin/maint-0.2.2'
There was a conflict from the node_t transition, but it was an easy fix.

Conflicts:
	src/or/circuitbuild.c
2011-02-22 18:41:06 -05:00
Nick Mathewson
16b8b9b00f Merge remote branch 'arma/bug2403' into maint-0.2.2 2011-02-22 18:38:03 -05:00
Roger Dingledine
a2727f6249 prevent same entry and exit for insane edge case 2011-02-22 17:54:25 -05:00
Nick Mathewson
491abbc65e Merge remote branch 'public/bug1859_021' into maint-0.2.1 2011-02-22 17:19:41 -05:00
Nick Mathewson
3d4c2ffa30 Merge remote branch 'origin/maint-0.2.2' 2011-02-22 15:58:50 -05:00
Roger Dingledine
e606f19fa3 changes file for removing torspec from the tarball 2011-02-22 15:58:19 -05:00
Nick Mathewson
7605985b3f Merge remote branch 'public/bug2402_nothing' into maint-0.2.1 2011-02-22 15:54:13 -05:00
Roger Dingledine
372773d681 changes file for removing torspec from the tarball 2011-02-22 14:50:00 -05:00
Nick Mathewson
b7f201f746 Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	src/or/policies.c
	src/or/policies.h
2011-02-22 14:10:42 -05:00
Nick Mathewson
cdc59c198a Don't let bad DNS make exit policy and declared exit policy get out of sync
Patch from "postman" on trac. Fixes bg 2366. Bug on 0.1.2.5-alpha.
2011-02-22 14:06:28 -05:00
Nick Mathewson
46b07462ae Merge remote branch 'origin/maint-0.2.2' 2011-02-22 13:02:42 -05:00
Nick Mathewson
9d5873cdae Merge branch 'log_domains' into maint-0.2.2 2011-02-22 13:01:02 -05:00
Nick Mathewson
933ffd536d Merge remote branch 'origin/maint-0.2.2' 2011-02-22 12:47:47 -05:00
Nick Mathewson
613073e449 Merge remote branch 'sebastian/bug2504' into maint-0.2.2 2011-02-22 12:47:21 -05:00
Nick Mathewson
ce4f879101 Add a changes file for the heartbeat code 2011-02-22 12:41:22 -05:00
Nick Mathewson
0ba69714b4 Merge remote branch 'sebastian/bug2444' 2011-02-22 11:10:57 -05:00
Nick Mathewson
d120ee1c63 Merge remote branch 'origin/maint-0.2.2' 2011-02-22 01:03:06 -05:00
Nick Mathewson
e9fb50c797 Remove changes files that predate current origin/release-0.2.2 2011-02-21 14:22:12 -05:00
Robert Ransom
444a955e4a Don't crash a bridge authority on SIGHUP if it's not in the consensus
Fixes bug 2572.
2011-02-16 04:12:37 -08:00
Sebastian Hahn
5dbaf9dbd5 Windows has EACCES, not EACCESS
Once again spotted by mobmix

Also add a changes file for the fix
2011-02-11 17:02:26 +01:00
Roger Dingledine
1c5b19a31a Merge branch 'maint-0.2.2' 2011-02-11 01:21:04 -05:00
Roger Dingledine
9b745cdbf9 Merge branch 'maint-0.2.1' into maint-0.2.2 2011-02-11 01:20:47 -05:00
Roger Dingledine
28de4d83fd fix the other half of bug 1074 2011-02-10 17:11:06 -05:00
Nick Mathewson
50c259d763 Make the DH parameter we use for TLS match the one from Apache's mod_ssl
Our regular DH parameters that we use for circuit and rendezvous
crypto are unchanged.  This is yet another small step on the path of
protocol fingerprinting resistance.

(Backport from 0.2.2's 5ed73e3807)
2011-02-10 15:55:06 -05:00
Nick Mathewson
f1a004797e Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	doc/tor.1.txt
2011-02-10 15:52:04 -05:00
Robert Ransom
449d895f06 Merge branch 'bug2408-v2-021-common' into bug2408-v2-022 2011-02-09 03:05:21 -08:00
Robert Ransom
7bf06d4a4f Ignore and warn about "PublishServerDescriptor hidserv"
Fixes #2408.
2011-02-09 02:33:24 -08:00
Nick Mathewson
cc9809c1f7 Merge remote branch 'origin/maint-0.2.2' 2011-02-08 14:37:31 -05:00
Nick Mathewson
d43470ad8a Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-02-08 14:37:02 -05:00
Roger Dingledine
7d2a91f5e5 support multihomed bridges (bug 2510) 2011-02-08 09:10:14 -05:00
Roger Dingledine
9a1a96ba09 don't use old non-configured bridges (bug 2511) 2011-02-08 08:08:47 -05:00
Roger Dingledine
20b75989ac dtrt when only relaybandwidthburst is set
fixes bug 2470
2011-02-07 23:21:33 -05:00
Roger Dingledine
4b6b398cff Merge branch 'maint-0.2.2' 2011-02-07 22:21:01 -05:00
Roger Dingledine
54ccc80a4a Merge branch 'maint-0.2.1' into maint-0.2.2 2011-02-07 22:20:35 -05:00
Karsten Loesing
9c2cb6fc89 Update to the February 1 2011 Maxmind GeoLite Country database. 2011-02-07 22:19:37 -05:00
Sebastian Hahn
9b64227ffd Routers count as down when they change ORPort, too
rransom noticed that a change of ORPort is just as bad as a change of IP
address from a client's perspective, because both mean that the relay is
not available to them while the new information hasn't propagated.
Change the bug1035 fix accordingly.

Also make sure we don't log a bridge's IP address (which might happen
when we are the bridge authority).
2011-02-08 00:38:48 +01:00
Nick Mathewson
ff5810aea9 Merge remote branch 'origin/maint-0.2.2' 2011-02-07 12:47:04 -05:00
Nick Mathewson
98cef0ac1e Merge branch 'bug2279' into maint-0.2.2 2011-02-07 12:43:54 -05:00
Nick Mathewson
69f7c0385b Merge remote branch 'origin/maint-0.2.2' for bug2203_rebased
There was a merge conflict in routerlist.c due to the new node_t logic.

Conflicts:
	src/or/routerlist.c
2011-02-04 12:26:59 -05:00
Nick Mathewson
e9803aa710 Merge branch 'bug2203_rebased' into maint-0.2.2 2011-02-04 12:22:18 -05:00
Nick Mathewson
a6c811313a Merge remote branch 'origin/maint-0.2.2' 2011-02-03 14:21:14 -05:00
Nick Mathewson
f9e251ccf8 changes file for ASLR/DEP build on windows 2011-02-03 14:20:08 -05:00
Nick Mathewson
e94ee583d6 Merge remote branch 'sebastian/bug2450' into maint-0.2.2 2011-02-03 13:59:58 -05:00
Nick Mathewson
912b76a1bf Merge remote branch 'origin/maint-0.2.2' 2011-02-03 13:56:37 -05:00
Nick Mathewson
2fa9ddb958 Merge remote branch 'public/bug2378' into maint-0.2.2 2011-02-03 13:54:28 -05:00
Sebastian Hahn
f2bb7b17d7 Remove country codes from EntryNodes manpage entry 2011-01-28 14:19:28 +01:00
Sebastian Hahn
490d397dbf Log which config file we read
It is often not entirely clear what options Tor was built with, so it
might not be immediately obvious which config file Tor is using when it
found one. Log the config file at startup.
2011-01-27 15:31:34 +01:00
Nick Mathewson
0337fc7b06 Merge remote branch 'origin/maint-0.2.2' 2011-01-26 11:49:41 -05:00
Nick Mathewson
e6da9a98e9 Merge branch 'bug2181' into maint-0.2.2 2011-01-26 11:46:13 -05:00
Nick Mathewson
d92a415bed Add an option to disable the block-private-addresses feature
Suggested by rransom.  Probably necessary for testing network mode.
2011-01-26 11:35:24 -05:00
Nick Mathewson
a880429a76 Merge remote branch 'origin/maint-0.2.2' 2011-01-26 11:08:02 -05:00
Nick Mathewson
ba3b03def0 Merge branch 'bug2409' into maint-0.2.2 2011-01-26 11:06:59 -05:00
Nick Mathewson
411ec3c0f8 Add client code to detect attempts to connect to 127.0.0.1 etc
We detect and reject said attempts if there is no chosen exit node or
circuit: connecting to a private addr via a randomly chosen exit node
will usually fail (if all exits reject private addresses), is always
ill-defined (you're not asking for any particular host or service),
and usually an error (you've configured all requests to go over Tor
when you really wanted to configure all _remote_ requests to go over
Tor).

This can also help detect forwarding loop requests.

Found as part of bug2279.
2011-01-25 20:39:44 -05:00
Nick Mathewson
85da676108 Fix double-mark bug when failing to init transparent connection
Fixes part of bug 2279.  Bugfix on 0.1.2.1-alpha.
2011-01-25 19:07:03 -05:00
Nick Mathewson
5ce8182bdb Log more about soft-hibernation 2011-01-25 18:45:13 -05:00
Nick Mathewson
e80bdfb4a0 Correctly detect BIO_new failures
This bug was noticed by cypherpunks; fixes bug 2378.

Bugfix on svn commit r110.
2011-01-25 18:26:49 -05:00
Nick Mathewson
bfde636aad Always treat failure to allocate an RSA key as an unrecoverable allocation error 2011-01-25 18:19:09 -05:00
Mike Perry
3ede94159e Add changelog entry for bug2203. 2011-01-25 17:49:02 -05:00
Nick Mathewson
a38274b1ce Merge remote branch 'origin/maint-0.2.2' 2011-01-25 17:40:41 -05:00
Nick Mathewson
3d1057c712 Add changes file for bug2004 2011-01-25 17:37:37 -05:00
Nick Mathewson
71862ed763 Fix bug in verifying directory signatures with short digests
If we got a signed digest that was shorter than the required digest
length, but longer than 20 bytes, we would accept it as long
enough.... and then immediately fail when we want to check it.

Fixes bug 2409; bug in 0.2.2.20-alpha; found by piebeer.
2011-01-25 17:15:22 -05:00
Nick Mathewson
991b50c5a3 Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	src/or/geoip.c
2011-01-25 15:58:01 -05:00
Sebastian Hahn
7a446e6754 Tell which geoip file we're parsing 2011-01-25 15:54:51 -05:00
Nick Mathewson
89ee779f92 Add a torrc option to report log domains 2011-01-25 15:53:15 -05:00
Nick Mathewson
e261a1a3e6 Simplify syntax for negated log domains
Previously if you wanted to say "All messages except network
messages", you needed to say "[*,~net]" and if you said "[~net]" by
mistake, you would get no messages at all.  Now, if you say "[~net]",
you get everything except networking messages.
2011-01-25 15:03:36 -05:00
Nick Mathewson
23f8bedddb Add manpage entry for logging domains
Fixes issue 2215.
2011-01-25 15:02:36 -05:00
Nick Mathewson
36880b3f17 Merge remote branch 'origin/maint-0.2.2' 2011-01-25 14:30:01 -05:00
Sebastian Hahn
68f8ca357f Fix assert for relay/bridge state change
When we added support for separate client tls certs on bridges in
a2bb0bfdd5 we forgot to correctly initialize this when changing
from relay to bridge or vice versa while Tor is running. Fix that
by always initializing keys when the state changes.

Fixes bug 2433.
2011-01-25 14:13:06 -05:00
Nick Mathewson
a1073ee956 Simplest fix to bug2402: do not include SVN versions
When we stopped using svn, 0.2.1.x lost the ability to notice its svn
revision and report it in the version number.  However, it kept
looking at the micro-revision.i file... so if you switched to master,
built tor, then switched to 0.2.1.x, you'd get a micro-revision.i file
from master reported as an SVN tag.  This patch takes out the "include
the svn tag" logic entirely.

Bugfix on 0.2.1.15-rc; fixes bug 2402.
2011-01-25 14:08:13 -05:00
Nick Mathewson
aaa5737a2e Merge remote branch 'origin/maint-0.2.2' 2011-01-24 17:51:52 -05:00
Nick Mathewson
5ed73e3807 Make the DH parameter we use for TLS match the one from Apache's mod_ssl
Our regular DH parameters that we use for circuit and rendezvous
crypto are unchanged.  This is yet another small step on the path of
protocol fingerprinting resistance.
2011-01-24 16:50:11 -05:00
Nick Mathewson
c496229b0a Merge remote branch 'origin/maint-0.2.2' 2011-01-20 15:00:42 -05:00
Nick Mathewson
13e9a2b19d Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-01-20 15:00:24 -05:00
Nick Mathewson
1471e57743 Merge remote branch 'rransom/policy_summarize-assert' into maint-0.2.1 2011-01-20 14:59:23 -05:00
Robert Ransom
43414eb988 Fix bounds-checking in policy_summarize
Found by piebeer.
2011-01-20 11:17:57 -08:00
Nick Mathewson
f6a25a995e Merge remote branch 'origin/maint-0.2.2' 2011-01-19 13:26:23 -05:00
Nick Mathewson
a793f1f6f2 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-01-19 13:25:38 -05:00
Nick Mathewson
971e83ef9c Fix two more SIZE_T_CEILING issues
This patch imposes (very long) limits on the length of a line in a
directory document, and on the length of a certificate.  I don't
think it should actually be possible to overrun these remotely,
since we already impose a maximum size on any directory object we're
downloading, but a little defensive programming never hurt anybody.

Roger emailed me that doorss reported these on IRC, but nobody seems
to have put them on the bugtracker.
2011-01-19 13:22:50 -05:00
Roger Dingledine
4ff97e3775 Merge branch 'maint-0.2.2' 2011-01-15 22:39:15 -05:00
Roger Dingledine
7699014e1e Merge commit 'sebastian/bug2317' into maint-0.2.2 2011-01-15 21:54:49 -05:00
Nick Mathewson
07888ed8e4 Merge remote branch 'origin/maint-0.2.2' 2011-01-15 14:17:59 -05:00
Nick Mathewson
a7790d48af Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-01-15 14:15:19 -05:00
Nick Mathewson
ef6fa07e48 Fix a couple of non-cleared key issues in hidden services
we need to do more hunting, but this fixes the ones mentioned in 2385.
2011-01-15 14:10:54 -05:00
Nick Mathewson
9b09627edd Zero out some more key data before freeing it
Found by cypherpunks; fixes bug 2384.
2011-01-15 14:10:52 -05:00
Sebastian Hahn
026e7987ad Sanity-check consensus param values
We need to make sure that the worst thing that a weird consensus param
can do to us is to break our Tor (and only if the other Tors are
reliably broken in the same way) so that the majority of directory
authorities can't pull any attacks that are worse than the DoS that
they can trigger by simply shutting down.

One of these worse things was the cbtnummodes parameter, which could
lead to heap corruption on some systems if the value was sufficiently
large.

This commit fixes this particular issue and also introduces sanity
checking for all consensus parameters.
2011-01-15 19:42:17 +01:00
Nick Mathewson
1758ef51de Merge remote branch 'origin/maint-0.2.2' 2011-01-15 13:26:02 -05:00
Nick Mathewson
1393985768 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2
Conflicts:
	src/or/routerparse.c
	src/or/test.c
2011-01-15 13:25:13 -05:00
Nick Mathewson
b97b0efec8 Merge branch 'bug2352_obsize' into maint-0.2.1 2011-01-15 13:15:06 -05:00
Nick Mathewson
f550c96ade Merge remote branch 'origin/maint-0.2.2' 2011-01-15 12:16:18 -05:00
Nick Mathewson
cff4cfef4f Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-01-15 12:13:50 -05:00
Nick Mathewson
8f11642ceb Merge branch 'bug2324_uncompress' into maint-0.2.1 2011-01-15 12:12:34 -05:00
Nick Mathewson
1b8f2ef550 Merge remote branch 'origin/maint-0.2.2' 2011-01-15 12:03:44 -05:00
Nick Mathewson
ed87738ede Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2
Conflicts:
	src/or/config.c
	src/or/networkstatus.c
	src/or/rendcommon.c
	src/or/routerparse.c
	src/or/test.c
2011-01-15 12:02:55 -05:00
Nick Mathewson
50b06a2b76 make the description of tolen_asserts more dire
We have a CVE # for this bug.
2011-01-15 11:49:26 -05:00
Nick Mathewson
115782bdbe Fix a heap overflow found by debuger, and make it harder to make that mistake again
Our public key functions assumed that they were always writing into a
large enough buffer.  In one case, they weren't.

(Incorporates fixes from sebastian)
2011-01-15 11:49:25 -05:00
Nick Mathewson
a16902b9d4 Always nul-terminate the result passed to evdns_server_add_ptr_reply
In dnsserv_resolved(), we carefully made a nul-terminated copy of the
answer in a PTR RESOLVED cell... then never used that nul-terminated
copy.  Ouch.

Surprisingly this one isn't as huge a security problem as it could be.
The only place where the input to dnsserv_resolved wasn't necessarily
nul-terminated was when it was called indirectly from relay.c with the
contents of a relay cell's payload.  If the end of the payload was
filled with junk, eventdns.c would take the strdup() of the name [This
part is bad; we might crash there if the cell is in a bad part of the
stack or the heap] and get a name of at least length
495[*]. eventdns.c then rejects any name of length over 255, so the
bogus data would be neither transmitted nor altered.

  [*] If the name was less than 495 bytes long, the client wouldn't
     actually be reading off the end of the cell.

Nonetheless this is a reasonably annoying bug.  Better fix it.

Found while looking at bug 2332, reported by doorss.  Bugfix on
0.2.0.1-alpha.
2011-01-15 11:49:25 -05:00
Nick Mathewson
468da1c28a Merge remote branch 'origin/maint-0.2.2' 2011-01-12 14:00:56 -05:00
Nick Mathewson
43e12a7988 Merge remote branch 'public/bug2363' into maint-0.2.2 2011-01-12 14:00:20 -05:00
Nick Mathewson
a84c6e86fe Merge remote branch 'origin/maint-0.2.2' 2011-01-12 13:05:19 -05:00
Nick Mathewson
a2c41aa3e8 Merge remote branch 'sebastian/bug2337' into maint-0.2.2 2011-01-12 12:55:09 -05:00
Nick Mathewson
3dbfc6a734 Merge remote branch 'origin/maint-0.2.2' 2011-01-12 12:43:30 -05:00
Nick Mathewson
1e37d8678a Merge branch 'bug2331' into maint-0.2.2 2011-01-12 12:42:40 -05:00
Nick Mathewson
f4756051fe add a missing "not" in bug2331 changelog 2011-01-12 12:42:21 -05:00
Nick Mathewson
cbcae4aef1 Merge remote branch 'origin/maint-0.2.2' 2011-01-12 12:38:54 -05:00
Nick Mathewson
597433bcec Merge branch 'bug2346' into maint-0.2.2 2011-01-12 12:37:51 -05:00
Nick Mathewson
5044cb9752 Explain bug2346 fix better based on suggestions from arma 2011-01-12 12:37:42 -05:00
Nick Mathewson
c9f8a5eebc Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	src/or/buffers.c
2011-01-10 17:31:11 -05:00
Nick Mathewson
aa45e82593 Pull up more data when parsing socks messages
Previously, we only looked at up to 128 bytes.  This is a bad idea
since socks messages can be at least 256+x bytes long.  Now we look at
up to 512 bytes; this should be enough for 0.2.2.x to handle all valid
SOCKS messages.  For 0.2.3.x, we can think about handling trickier
cases.

Fixes 2330.  Bugfix on 0.2.0.16-alpha.
2011-01-10 17:24:16 -05:00
Nick Mathewson
95968a625e Wait 60 minutes before retrying failed state save; bug2346 2011-01-10 16:51:11 -05:00
Nick Mathewson
105b94b75b Add Maxima lists to bandwidth state.
Right now, Tor routers don't save the maxima values from the
bw_history_t between sessions.  That's no good, since we use those
values to determine bandwidth.  This code adds a new BWHist.*Maximum
set of values to the state file.  If they're not present, we estimate
them by taking the observed total bandwidth and dividing it by the
period length, which provides a lower bound.

This should fix bug 1863.  I'm calling it a feature.
2011-01-10 14:47:39 -05:00
Nick Mathewson
f12b253639 Merge remote branch 'origin/maint-0.2.2' 2011-01-10 14:12:53 -05:00
Nick Mathewson
5ae391762c Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-01-10 14:12:33 -05:00
Nick Mathewson
28844c8403 On bwhist state load failure, clear dir_read/write hist too 2011-01-10 13:15:51 -05:00
Nick Mathewson
7e1502c0d1 Fix bug when parsing bwhist with unexpected Interval
Previously, our state parsing code would fail to parse a bwhist
correctly if the Interval was anything other than the default
hardcoded 15 minutes.  This change makes the parsing less incorrect,
though the resulting history array might get strange values in it if
the intervals don't match the one we're using.  (That is, if stuff was
generated in 15 minute intervals, and we read it into an array that
expects 30 minute intervals, we're fine, since values can be combined
pairwise.  But if we generate data at 30 minute intervals and read it
into 15 minute intervals, alternating buckets will be empty.)

Bugfix on 0.1.1.11-alpha.
2011-01-10 13:06:50 -05:00
Nick Mathewson
373a1bc40e Impose maximum sizes on parsed objects
An object, you'll recall, is something between -----BEGIN----- and
-----END----- tags in a directory document.  Some of our code, as
doorss has noted in bug 2352, could assert if one of these ever
overflowed SIZE_T_CEILING but not INT_MAX.  As a solution, I'm setting
a maximum size on a single object such that neither of these limits
will ever be hit.  I'm also fixing the INT_MAX checks, just to be sure.
2011-01-10 12:12:11 -05:00
Karsten Loesing
d43cba6c69 Update to the January 1 2011 Maxmind GeoLite Country database. 2011-01-10 10:37:54 +01:00
Nick Mathewson
68d5b6bc52 Fix check for failed evdns request creation
When using libevent 2, we use evdns_base_resolve_*().  When not, we
fake evdns_base_resolve_*() using evdns_resolve_*().

Our old check was looking for negative values (like libevent 2
returns), but our eventdns.c code returns 1.  This code makes the
check just test for nonzero.

Note that this broken check was not for _resolve_ failures or even for
failures to _launch_ a resolve: it was for failures to _create_ or
_encode_ a resolve request.

Bug introduced in 81eee0ecfff3dac1e9438719d2f7dc0ba7e84a71; found by
lodger; uploaded to trac by rransom.  Bug 2363.  Fix on 0.2.2.6-alpha.
2011-01-09 19:02:57 -05:00
Nick Mathewson
9bbb4a1b40 Merge remote branch 'origin/maint-0.2.2' 2011-01-09 15:43:05 -05:00
Nick Mathewson
732275bb81 Describe tor-resolve defaults. Bug 2364. 2011-01-09 15:40:40 -05:00
Nick Mathewson
d16923a35d Merge remote branch 'origin/maint-0.2.2' 2011-01-07 22:05:11 -05:00
Nick Mathewson
54135b72f8 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-01-07 22:04:40 -05:00
Nick Mathewson
0a35ac6a22 Correctly detect and exclude addresses outside of our virtual address range
Found by cypherpunks; fixes more of 2328.  Bug was introduced in 3623a122;
first appeared in 0.2.0.5-alpha.
2011-01-07 12:24:36 -05:00
Damian Johnson
6661e16e7c GETINFO options for querying traffic usage
This was originally a patch provided by pipe
(http://www.mail-archive.com/or-talk@freehaven.net/msg13085.html) to
provide a method for controllers to query the total amount of traffic
tor has handled (this is a frequently requested piece of information
by relay operators).
2011-01-07 12:15:14 -05:00
Nick Mathewson
d4b265d692 Merge remote branch 'origin/maint-0.2.2' 2011-01-06 13:38:08 -05:00
Nick Mathewson
d6329eda96 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-01-06 13:37:39 -05:00
Nick Mathewson
d6b49c55c5 Merge branch 'bug2328_021' into maint-0.2.1 2011-01-06 13:36:29 -05:00
Nick Mathewson
eabddd8ca0 Handle a NULL return from addressmap_get_virtual_address
Fix for bug 2328; bugfix on 0.1.2.1-alpha; bug found by doorss.
2011-01-05 16:36:48 -05:00
Nick Mathewson
31d6659d97 Fix a double-counting bug in addrmap_get_virtual_address
We were decrementing "available" twice for each in-use address we ran
across.  This would make us declare that we ran out of virtual
addresses when the address space was only half full.
2011-01-05 16:02:43 -05:00
Nick Mathewson
fd8f7991e4 Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	Makefile.am
2011-01-03 17:25:30 -05:00
Nick Mathewson
0e9d7f105d Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-01-03 17:24:32 -05:00
Nick Mathewson
e4320689cc Note that Tor requires Automake 1.7. Fixes bug 2305 2011-01-03 17:24:16 -05:00
Nick Mathewson
81d69f4c2d Detect signed size_t and report an error at configure time. 2011-01-03 16:54:57 -05:00
Nick Mathewson
0222228d64 Fix up size and sign issues in base32 code
Fixes bug 2331.
2011-01-03 16:16:53 -05:00
Nick Mathewson
a87a55a9b6 Merge remote branch 'origin/maint-0.2.2' 2011-01-03 15:55:41 -05:00
Nick Mathewson
64798dab4f Detect and disallow compression bombs 2011-01-03 15:54:23 -05:00
Nick Mathewson
f089804332 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-01-03 15:31:19 -05:00
Nick Mathewson
e365aee971 Avoid assertion on read_file_to_str() with size==SIZE_T_CEILING-1
Spotted by doors, fixes bug 2326.
2011-01-03 15:30:11 -05:00
Nick Mathewson
a96b46570f Merge remote branch 'origin/maint-0.2.2' 2011-01-03 15:16:36 -05:00
Nick Mathewson
cee433d751 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-01-03 15:15:54 -05:00
Nick Mathewson
e09ab69703 Check size against SIZE_T_CEILING in realloc too.
Fixes bug 2324.
2011-01-03 15:15:27 -05:00
Nick Mathewson
0489f7e004 Merge remote branch 'origin/maint-0.2.2' 2011-01-03 13:19:10 -05:00
Nick Mathewson
27cefef3a2 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-01-03 13:18:33 -05:00
Nick Mathewson
394a6bf4cd Merge remote branch 'origin/maint-0.2.2' 2011-01-03 12:47:58 -05:00
Nick Mathewson
5c09431cc7 Never include pthread.h when building for Windows.
On Windows, we never use pthreads, since it doesn't usually exist,
and when it does it tends to be a little weirdly-behaved.  But some
mingw installations have a pthreads installed, so autoconf detects
pthread.h and tells us about it.  This would make us include
pthread.h, which could make for trouble when the iffy pthread.h
tried to include config.h.

This patch changes compat.h so that we never include pthread.h on
Windows.  Fixes bug 2313; bugfix on 0.1.0.1-rc.
2011-01-03 12:45:13 -05:00
Nick Mathewson
1e295666d9 Tweak GETINFO process/* code: no need to print an int as anything other than %d 2011-01-03 12:11:09 -05:00
Sebastian Hahn
9ecf133686 Fix compile wanrings revealed by gcc 4.5 on mingw 2010-12-27 09:47:41 +01:00
Roger Dingledine
d97be399c9 Correct a broken faq link in the INSTALL file 2010-12-22 00:54:29 -05:00
Nick Mathewson
00775ab4ed Merge remote branch 'karsten/dirreq-stats-default'
Conflicts:
	src/or/config.c
2010-12-21 16:01:00 -05:00
Nick Mathewson
95e21779a3 Merge remote branch 'origin/maint-0.2.2' 2010-12-21 15:53:32 -05:00
Nick Mathewson
e895919b17 Merge remote branch 'public/bug2060' into maint-0.2.2 2010-12-21 15:53:03 -05:00
Nick Mathewson
0a3b7f1471 Merge remote branch 'origin/maint-0.2.2' 2010-12-21 15:50:09 -05:00
Nick Mathewson
cdbd6d0fe8 Merge remote branch 'rransom/bug2190_the_hard_way' into maint-0.2.2 2010-12-21 15:48:14 -05:00
Nick Mathewson
69771bb5fc Merge remote branch 'public/bug2190_021' into maint-0.2.1 2010-12-21 15:44:50 -05:00
Roger Dingledine
c79427a992 Merge branch 'maint-0.2.2' 2010-12-19 22:08:42 -05:00
Roger Dingledine
c63c937465 Merge commit 'nickm/fix_security_bug_022' into maint-0.2.2 2010-12-16 17:24:11 -05:00
Roger Dingledine
975ffe4398 Merge commit 'nickm/fix_security_bug_021' into maint-0.2.1 2010-12-16 16:59:12 -05:00
Nick Mathewson
1d0f8fe53c Merge remote branch 'origin/maint-0.2.2' 2010-12-16 10:06:36 -05:00
Nick Mathewson
591f65dde6 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2010-12-16 10:05:07 -05:00
Karsten Loesing
3c3b1d14fd Change gabelmoo's IP address and ports. 2010-12-16 13:28:30 +01:00
Nick Mathewson
b5e293afe6 Merge remote branch fix_security_bug_021 into fix_security_bug_022
Conflicts:
	src/common/memarea.c
	src/or/or.h
	src/or/rendclient.c
2010-12-15 22:48:23 -05:00
Nick Mathewson
b0def605a5 Add a changelog entry 2010-12-15 22:35:07 -05:00
Robert Hogan
8a2f7ef66a bug1666 - Pass-through support for SOCKS5 authentication(3)
Add changes file.
2010-12-14 19:47:22 +00:00
Nick Mathewson
a62b79dfc9 Merge remote branch 'origin/maint-0.2.2' 2010-12-14 14:13:56 -05:00
Nick Mathewson
ddfb398494 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2
Conflicts:
	src/config/geoip
2010-12-14 14:13:24 -05:00
Karsten Loesing
35148ba532 Update to the December 1 2010 Maxmind GeoLite Country database. 2010-12-08 17:59:40 +01:00
Nick Mathewson
4e9f9a4ee8 Merge remote branch 'origin/maint-0.2.2' 2010-12-07 11:37:14 -05:00
Nick Mathewson
f924fbf19f Merge branch 'bug2081_followup_022' into maint-0.2.2 2010-12-07 11:35:49 -05:00
Nick Mathewson
5efe6f04c6 Reject relay versions older than 0.2.0.26-rc
This was the first version to cache the correct directory information.

Fixes bug 2156.
2010-12-07 11:35:32 -05:00
Nick Mathewson
8f31a9da43 revise bug2081_followup changelog 2010-12-07 11:27:51 -05:00
Nick Mathewson
3fc43debfb Merge remote branch 'origin/maint-0.2.2' 2010-12-06 12:07:37 -05:00
Nick Mathewson
dc2f10bd81 Fix a bug in calculating wakeup time on 64-bit machines.
If you had TIME_MAX > INT_MAX, and your "time_to_exhaust_bw =
accountingmax/expected_bandwidth_usage * 60" calculation managed to
overflow INT_MAX, then your time_to_consider value could underflow and
wind up being rediculously low or high.  "Low" was no problem;
negative values got caught by the (time_to_consider <= 0) check.
"High", however, would get you a wakeup time somewhere in the distant
future.

The fix is to check for time_to_exhaust_bw overflowing INT_MAX, not
TIME_MAX: We don't allow any accounting interval longer than a month,
so if time_to_exhaust_bw is significantly larger than 31*24*60*60, we
can just clip it.

This is a bugfix on 0.0.9pre6, when accounting was first introduced.
It fixes bug 2146, unless there are other causes there too.  The fix
is from boboper.  (I tweaked it slightly by removing an assignment
that boboper marked as dead, and lowering a variable that no longer
needed to be function-scoped.)
2010-12-06 12:01:32 -05:00
Nick Mathewson
bbadf07d16 Merge remote branch 'origin/maint-0.2.2' 2010-12-06 11:37:37 -05:00
Nick Mathewson
feffbce814 Add a missing ! to directory_fetches_from_authorities
The old logic would have us fetch from authorities if we were refusing
unknown exits and our exit policy was reject*.  Instead, we want to
fetch from authorities if we're refusing unknown exits and our exit
policy is _NOT_ reject*.

Fixed by boboper.  Fixes more of 2097.  Bugfix on 0.2.2.16-alpha.
2010-12-06 11:36:01 -05:00
Nick Mathewson
0893793f01 Merge remote branch 'origin/maint-0.2.2' 2010-12-03 13:45:10 -05:00
Nick Mathewson
c0f1517d87 Don't crash when accountingmax is set in non-server Tors
We use a hash of the identity key to seed a prng to tell when an
accounting period should end.  But thanks to the bug998 changes,
clients no longer have server-identity keys to use as a long-term seed
in accounting calculations.  In any case, their identity keys (as used
in TLS) were never never fixed.  So we can just set the wakeup time
from a random seed instead there.  Still open is whether everybody
should be random.

This patch fixes bug 2235, which was introduced in 0.2.2.18-alpha.

Diagnosed with help from boboper on irc.
2010-12-03 13:37:13 -05:00
Karsten Loesing
076a688d76 Add ChangeLog entry and man page entry. 2010-12-03 16:47:52 +01:00
Nick Mathewson
520182579a Merge remote branch 'origin/maint-0.2.2' 2010-12-02 13:21:09 -05:00
Nick Mathewson
ee8f451bf1 Fix a harmless off-by-one error in counting controller argument lengths
Bugfix on 0.1.1.1-alpha; found by boboper.
2010-12-02 13:19:21 -05:00
Roger Dingledine
fa1a419622 Merge branch 'maint-0.2.2' 2010-12-01 00:12:33 -05:00
Roger Dingledine
b259c08318 Merge branch 'maint-0.2.1' into maint-0.2.2
Conflicts:

	doc/Makefile.am
2010-12-01 00:11:27 -05:00
Nick Mathewson
3ed7505dc5 Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	src/or/relay.c
2010-11-30 19:23:40 -05:00
Nick Mathewson
ad87d6172b fix changes file for 2210 2010-11-30 19:19:36 -05:00
Nick Mathewson
25b0fd8868 Revise comment on 2210 a little; clean up n_streams/num_streams confusion
Also add a changes file
2010-11-29 16:07:27 -05:00
Nick Mathewson
19019f26b0 Merge remote branch 'origin/maint-0.2.2' 2010-11-29 15:30:17 -05:00
Nick Mathewson
a5174b092e Merge branch 'exitstats' into maint-0.2.2 2010-11-29 15:28:22 -05:00
Nick Mathewson
ae6b31aba9 Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	configure.in
	contrib/tor-mingw.nsi.in
	src/win32/orconfig.h
2010-11-24 17:06:26 -05:00
Robert Ransom
de75afc556 Avoid dereferencing NULL if a bridge fails to build an ei descriptor.
Reported by an anonymous commenter on Trac.
2010-11-24 13:18:11 -08:00
Karsten Loesing
4fed43ab2e Report only the top 10 ports in exit-port stats. 2010-11-24 08:45:05 +01:00
mingw-san
78df6404eb Fix compilation with mingw and OpenSSL 0.9.8m+ 2010-11-23 12:47:38 -05:00
Roger Dingledine
2d6ee53fb9 stop shipping doc/img and doc/website in the tarball 2010-11-23 00:03:50 -05:00
Nick Mathewson
12f3186719 Disable DirPort when BridgeRelay is set 2010-11-22 13:12:48 -05:00
Nick Mathewson
5a9903b9e0 Handle negative run lengths in wfu/mtbf calculations 2010-11-22 12:39:22 -05:00
Nick Mathewson
bea0a31c1c Treat routers whose IPs have changed as having been down for MTBF/routerinfo
calculation purposes.
2010-11-22 12:32:29 -05:00
Nick Mathewson
2af14b671d Have authorities reject routers running verions susceptible to bug 1038. 2010-11-22 11:16:36 -05:00
Roger Dingledine
f54e75a2c6 prepare for our emergency openssl fix release 2010-11-21 16:59:42 -05:00
Nick Mathewson
cbd3745924 Merge remote branch 'origin/maint-0.2.2' 2010-11-21 14:34:22 -05:00
Nick Mathewson
2bd64f9e8f Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2010-11-21 14:33:11 -05:00
Nick Mathewson
a9d2148f53 Merge branch 'fix2204' into maint-0.2.1 2010-11-21 14:28:38 -05:00
Nick Mathewson
92a99736fd Do not set the hostname TLS extension server-side; only client-side
This may fix bug 2204, and resolve the incompatibility with openssl
0.9.8p/1.0.0b.
2010-11-20 22:21:50 -05:00
Nick Mathewson
d166d18643 Better fix for 2190: defer libevent->controller messages instead of dropping 2010-11-19 22:52:32 -05:00
Nick Mathewson
668f7a2639 Do not send Libevent log messages to a controller (0.2.1 backport)
Doing so could make Libevent call Libevent from inside a Libevent
logging call, which is a recipe for reentrant confusion and
hard-to-debug crashes.  This would especially hurt if Libevent
debug-level logging is enabled AND the user has a controller
watching for low-severity log messages.

Fix bug 2190; fix on 0.1.0.2-rc.
2010-11-19 22:27:40 -05:00
Nick Mathewson
6199ac5fbe Do not send Libevent log messages to a controller.
Doing so could make Libevent call Libevent from inside a Libevent
logging call, which is a recipe for reentrant confusion and
hard-to-debug crashes.  This would especially hurt if Libevent
debug-level logging is enabled AND the user has a controller
watching for low-severity log messages.

Fix bug 2190; fix on 0.1.0.2-rc.
2010-11-19 22:22:43 -05:00
Nick Mathewson
e361de80bb Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	src/or/router.c
2010-11-19 16:58:22 -05:00
Nick Mathewson
54551f3148 Merge branch 'fix2183', remote branch 'rransom/fix2195-v2' into maint-0.2.2 2010-11-19 16:48:13 -05:00
Robert Ransom
b3470ce957 Add changes file for bug2195. 2010-11-19 13:46:09 -08:00
Nick Mathewson
576b399b19 Add a changes file for SIGNAL events 2010-11-19 15:54:02 -05:00
Roger Dingledine
6b82a6e88d Merge branch 'maint-0.2.2' 2010-11-16 00:16:25 -05:00
Roger Dingledine
e0b922b7e6 merge in more changelog entries 2010-11-15 23:54:20 -05:00
Roger Dingledine
a641646a98 Merge commit 'nickm/1776_redux_v1' into maint-0.2.2 2010-11-15 23:29:09 -05:00
Nick Mathewson
9399b885cd Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	src/or/buffers.c
2010-11-15 15:37:23 -05:00
Nick Mathewson
522c204ac9 Merge branch 'bug2000_nm_022' into maint-0.2.2 2010-11-15 15:31:40 -05:00
Nick Mathewson
ba1b7a1ce1 Merge remote branch 'origin/maint-0.2.2' 2010-11-15 14:30:12 -05:00
Nick Mathewson
29c468146d changes entry for nopublish removal in 5040c855d 2010-11-15 14:29:53 -05:00
Nick Mathewson
8c2affe637 Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	src/or/config.c
	src/or/cpuworker.c
2010-11-15 14:14:13 -05:00
Nick Mathewson
433a98131a Merge remote branch 'sebastian/manpagefixups' into maint-0.2.2 2010-11-15 14:07:00 -05:00
Sebastian Hahn
da3a6e724f Rate-limit unsafe socks warning
Pick 5 seconds as the limit. 5 seconds is a compromise here between
making sure the user notices that the bad behaviour is (still) happening
and not spamming their log too much needlessly (the log message is
pretty long). We also keep warning every time if safesocks is
specified, because then the user presumably wants to hear about every
blocked instance.

(This is based on the original patch by Sebastian, then backported to
0.2.2 and with warnings split into their own function.)
2010-11-15 13:57:37 -05:00
Karsten Loesing
cec21652a7 Try harder not to exceed the 50 KB extra-info descriptor limit.
Our checks that we don't exceed the 50 KB size limit of extra-info
descriptors apparently failed. This patch fixes these checks and reserves
another 250 bytes for appending the signature. Fixes bug 2183.
2010-11-15 12:51:51 +01:00
Robert Hogan
5cd7953a21 Issues with router_get_by_nickname() (3)
Add changes file
2010-11-12 19:51:06 -05:00
Nick Mathewson
3d7772ece3 Merge remote branch 'karsten/enhancement1883' 2010-11-12 14:13:17 -05:00
Nick Mathewson
d61736aa6a Merge remote branch 'origin/maint-0.2.2' 2010-11-12 13:06:54 -05:00
Nick Mathewson
3a7614c670 Add changes file for bug1125 2010-11-12 13:03:18 -05:00
Nick Mathewson
566a115be1 Add changes file for bug1125 2010-11-12 12:59:42 -05:00
Nick Mathewson
edec2797d7 Stop linking src/tools/* against libevent 2010-11-11 23:50:33 -05:00
Nick Mathewson
2b4ed1d07e Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	configure.in
2010-11-11 13:59:18 -05:00
Nick Mathewson
5beb8ee4e1 Merge remote branch 'sebastian/remove-osx-expert-package' into maint-0.2.2 2010-11-11 13:53:53 -05:00
Roger Dingledine
a29596556c Merge branch 'maint-0.2.2'
Conflicts:

	src/or/config.c
2010-11-11 12:19:37 -05:00
Roger Dingledine
362bb5c625 Merge branch 'maint-0.2.1' into maint-0.2.2 2010-11-11 12:12:17 -05:00
Roger Dingledine
0a38358210 let unpublished bridges learn their ip address too 2010-11-11 11:26:42 -05:00
Nick Mathewson
d4e660ff68 Merge remote branch 'origin/maint-0.2.2' 2010-11-10 16:07:04 -05:00
Nick Mathewson
a4bf5b51e9 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2010-11-10 16:06:43 -05:00
Nick Mathewson
2a50dd9359 Enforce multiplicity rules when parsing annotations.
We would never actually enforce multiplicity rules when parsing
annotations, since the counts array never got entries added to it for
annotations in the token list that got added by earlier calls to
tokenize_string.

Found by piebeer.
2010-11-10 16:02:02 -05:00
Nick Mathewson
089137f011 Fix a bug where seting allow_annotations==0 only ignores annotations, but does not block them 2010-11-10 16:02:02 -05:00
Sebastian Hahn
6bde512edc Document hs dht min uptime change in privnets
In f87c6f100d we made it so that MinUptimeHidServDirectoryV2
defaults to 0 if TestingTorNetwork is set. Add a manpage entry and a
changes file.
2010-11-10 15:48:26 +01:00
Sebastian Hahn
b9cac605ab Synx manpage and source wrt option capitalization
We had a spelling discrepancy between the manpage and the source code
for some option. Resolve these in favor of the manpage, because it
makes more sense (for example, HTTP should be capitalized).
2010-11-10 15:48:26 +01:00
Sebastian Hahn
40fd0c1ca1 Remove the torrc.complete file.
We haven't been keeping it up to date, and the manpage exists as a
replacement for users who want an overview of all available options.
2010-11-10 15:48:25 +01:00
Karsten Loesing
499661524b Turn on directory request statistics by default.
Change the default values for collecting directory request statistics and
inlcuding them in extra-info descriptors to 1.

Don't break if we are configured to collect directory request or entry
statistics and don't have a GeoIP database. Instead, print out a notice
and skip initializing the affected statistics code.
2010-11-10 12:11:08 +01:00
Sebastian Hahn
fcdf1470c0 Remove everything related to os x expert package
We decided to no longer ship expert packages for OS X because they're a
lot of trouble to keep maintained and confuse users. For those who want
a tor on OS X without Vidalia, macports is a fine option. Alternatively,
building from source is easy, too.

The polipo stuff that is still required for the Vidalia bundle build can
now be found in the torbrowser repository,
git://git.torproject.org/torbrowser.git.
2010-11-10 04:04:29 +01:00
Roger Dingledine
28d592267e Merge branch 'maint-0.2.2' 2010-11-09 21:51:08 -05:00
Roger Dingledine
6b4db953c9 fold the changes files into a changelog 2010-11-09 21:50:30 -05:00
Karsten Loesing
423c2a7a27 Add GeoIP file digest to extra-info descriptor. 2010-11-09 09:42:36 +01:00
Nick Mathewson
1fb342dfab Merge branch 'loggranularity' 2010-11-08 12:40:33 -05:00
Roger Dingledine
d96c9cd00e Merge branch 'maint-0.2.2' 2010-11-06 17:42:37 -04:00
Roger Dingledine
70411a50b1 move to the november 1 maxmind geoip db 2010-11-06 17:41:36 -04:00
Nick Mathewson
114a371c0e Fix the assert in bug 1776
In the case where old_router == NULL but sdmap has an entry for the
router, we can currently safely infer that the old_router was not a
bridge.  Add an assert to ensure that this remains true, and fix the
logic not to die with the tor_assert(old_router) call.
2010-11-02 11:20:09 -04:00
Nick Mathewson
f32140238f Merge remote branch 'origin/maint-0.2.2' for bug 1859 patches
Some of this is already done in nodelist.
2010-10-21 11:17:34 -04:00
Nick Mathewson
0e8d1c2217 Merge remote branch 'hoganrobert/bug1859' into maint-0.2.2 2010-10-21 11:01:12 -04:00
Nick Mathewson
2c3dafc342 Merge remote branch 'origin/maint-0.2.2' 2010-10-21 10:52:12 -04:00
Nick Mathewson
ea7f4be6d2 Merge remote branch 'sebastian/relay_early_rend' into maint-0.2.2 2010-10-21 10:49:44 -04:00
Nick Mathewson
444193ff5d Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	src/or/networkstatus.c
2010-10-20 13:53:11 -04:00
Nick Mathewson
2849a95691 Add a ! to directory_caches_dir_info() to fix a logic error
We want to fetch directory info more aggressively if we need it to
refuseunknownexits.  Thus, we'll want it if our exit policy is _NOT_
reject *.
2010-10-20 13:49:38 -04:00
Nick Mathewson
c2323f1340 Merge branch 'bug2097' into maint-0.2.2 2010-10-20 13:45:53 -04:00
Nick Mathewson
98aee8472f Fix a read of a freed pointer while in set_current_consensus
Found by rransom while working on issue #988.  Bugfix on
0.2.2.17-alpha.  Fixes bug 2097.
2010-10-20 13:10:20 -04:00
Nick Mathewson
ca7d5dc299 Merge remote branch 'origin/maint-0.2.2' 2010-10-20 13:07:25 -04:00
Sebastian Hahn
cee4dc6101 Use ssp-buffer-size param when hardening
We used to enable ssp-buffer-size=1 only when building with
--enable-gcc-warnings. That would result in warnings (and no
protection for small arrays) when building with
--enable-gcc-hardening without enabling warnings, too. Fixes bug
2031.

Also remove an XXX: We now allow to build with -fstack-protector
by using --enable-gcc-hardening.
2010-10-20 13:13:44 +02:00
Sebastian Hahn
d3b67cba3c Send relay_early cells in rend circs
There are no relay left that run version 0.2.1.3 through 0.2.1.18, so
changing this behaviour should be safe now.
2010-10-18 07:46:51 +02:00
Robert Hogan
69a496ba98 Issues with router_get_by_nickname() (3)
Add changes file
2010-10-17 15:12:25 +01:00
Nick Mathewson
3aec655694 Merge remote branch 'arma/bug1982_2'
Resolved a minor conflict in:
	src/or/circuitbuild.c
2010-10-13 16:07:37 -04:00
Nick Mathewson
8c837db38f Merge branch 'nodes' 2010-10-13 16:04:25 -04:00
Nick Mathewson
c1c74c51d4 Merge remote branch 'origin/maint-0.2.2' 2010-10-12 14:50:57 -04:00
Sebastian Hahn
f3d000f496 Fix MIPSpro and time_t signedness detection
3d6e283087 silenced the autogen.sh warnings as it was supposed to, but
introduced two bugs. Fix them.
2010-10-11 19:24:25 +02:00
Nick Mathewson
4c71be65d8 Merge remote branch 'origin/maint-0.2.2' 2010-10-04 13:56:17 -04:00
Robert Ransom
c70d9d77ab Correct a couple of log messages in tortls.c 2010-10-04 13:53:48 -04:00
Nick Mathewson
3e5ada6a29 Merge remote branch 'origin/maint-0.2.2' 2010-10-04 12:32:52 -04:00
Nick Mathewson
69b4138c00 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2010-10-04 12:32:35 -04:00
Karsten Loesing
bad609ae6b Update to the October 1 2010 Maxmind GeoLite Country database. 2010-10-04 11:45:53 +02:00
Karsten Loesing
8c5ba9388b Make logging resolution configurable.
Implements enhancement 1668.
2010-10-04 08:15:18 +02:00
Nick Mathewson
26e897420e Initial conversion to use node_t throughout our codebase.
A node_t is an abstraction over routerstatus_t, routerinfo_t, and
microdesc_t.  It should try to present a consistent interface to all
of them.  There should be a node_t for a server whenever there is
  * A routerinfo_t for it in the routerlist
  * A routerstatus_t in the current_consensus.
(note that a microdesc_t alone isn't enough to make a node_t exist,
since microdescriptors aren't usable on their own.)

There are three ways to get a node_t right now: looking it up by ID,
looking it up by nickname, and iterating over the whole list of
microdescriptors.

All (or nearly all) functions that are supposed to return "a router"
-- especially those used in building connections and circuits --
should return a node_t, not a routerinfo_t or a routerstatus_t.

A node_t should hold all the *mutable* flags about a node.  This
patch moves the is_foo flags from routerinfo_t into node_t.  The
flags in routerstatus_t remain, but they get set from the consensus
and should not change.

Some other highlights of this patch are:

  * Looking up routerinfo and routerstatus by nickname is now
    unified and based on the "look up a node by nickname" function.
    This tries to look only at the values from current consensus,
    and not get confused by the routerinfo_t->is_named flag, which
    could get set for other weird reasons.  This changes the
    behavior of how authorities (when acting as clients) deal with
    nodes that have been listed by nickname.

  * I tried not to artificially increase the size of the diff here
    by moving functions around.  As a result, some functions that
    now operate on nodes are now in the wrong file -- they should
    get moved to nodelist.c once this refactoring settles down.
    This moving should happen as part of a patch that moves
    functions AND NOTHING ELSE.

  * Some old code is now left around inside #if 0/1 blocks, and
    should get removed once I've verified that I don't want it
    sitting around to see how we used to do things.

There are still some unimplemented functions: these are flagged
with "UNIMPLEMENTED_NODELIST()."  I'll work on filling in the
implementation here, piece by piece.

I wish this patch could have been smaller, but there did not seem to
be any piece of it that was independent from the rest.  Moving flags
forces many functions that once returned routerinfo_t * to return
node_t *, which forces their friends to change, and so on.
2010-10-01 18:14:27 -04:00
Roger Dingledine
165aaf560a Merge branch 'maint-0.2.2' 2010-10-01 14:12:11 -04:00
Roger Dingledine
6cb5383e56 log when we guess our ip address, not just when we fail 2010-10-01 13:32:38 -04:00
Nick Mathewson
92640aa578 The build stuff for tor-fw-helper means we need automake 1.6 or later 2010-10-01 00:01:08 -04:00
Roger Dingledine
fe9402271a Merge branch 'maint-0.2.2'
Conflicts:

	configure.in
	contrib/tor-mingw.nsi.in
	src/win32/orconfig.h
2010-09-30 17:55:01 -04:00
Roger Dingledine
d62a2d6ee5 write up a changelog file 2010-09-30 17:32:17 -04:00
Nick Mathewson
495e630a49 Merge branch 'tor-fw-squashed2'
Conflicts:
	src/common/util.c
2010-09-30 16:22:39 -04:00
Nick Mathewson
d39e46c26d Merge remote branch 'origin/maint-0.2.2' 2010-09-30 15:30:14 -04:00
Jacob Appelbaum
3eaa9a376c Changes to tor-fw-helper, some based on Nick's review
* MINIUPNPC rather than the generic UPNP
 * Nick suggested a better abstraction model for tor-fw-helper
 * Fix autoconf to build with either natpmp or miniupnpc
 * Add AM_PROG_CC_C_O to fix automake complaint
 * update spec to address nickm's concern
 * refactor nat-pmp to match upnp state
 * we prefer tor_snprintf to snprintf
 * link properlty for tor_snprintf
 * rename test_commandline_options to log_commandline_options
 * cast this uint as an int
 * detect possible FD_SETSIZE errors
 * make note about future enhancements for natpmp
 * add upnp enhancement note
 * ChangeLog entry
 * doxygen and check-spaces cleanup
 * create tor-fw-helper.1.txt
2010-09-30 11:39:34 -04:00
Sebastian Hahn
5a19df1d94 Add a changes file for the bug1912 fix 2010-09-30 06:24:01 +02:00
Roger Dingledine
ea6ac0f0d1 Merge branch 'maint-0.2.2' 2010-09-30 00:10:14 -04:00
Roger Dingledine
3cbe463e96 Merge branch 'bug1772' into maint-0.2.2 2010-09-29 23:52:18 -04:00
Roger Dingledine
355fc63790 Merge branch 'maint-0.2.2' 2010-09-29 17:21:43 -04:00
Roger Dingledine
48cd096276 Merge commit 'mikeperry/bug1739' into maint-0.2.2 2010-09-29 17:17:59 -04:00
Roger Dingledine
474e4d2722 Merge commit 'mikeperry/bug1740' into maint-0.2.2 2010-09-29 17:05:38 -04:00
Mike Perry
f1b0e4e4b4 Add changes file. 2010-09-29 11:49:43 -07:00
Mike Perry
4caf39f1c8 Add changes file. 2010-09-29 11:46:36 -07:00
Mike Perry
caba3bc57e Add changes file. 2010-09-29 11:41:35 -07:00
Roger Dingledine
0ed8d5a537 allow countries and IP addresses in EntryNodes 2010-09-29 03:00:06 -04:00
Nick Mathewson
703eb087f5 Merge remote branch 'origin/maint-0.2.2' 2010-09-29 00:38:44 -04:00
Nick Mathewson
f3e8bc391a Remove the has_old_dnsworkers flag. 2010-09-28 23:37:45 -04:00
Roger Dingledine
7e644b3f69 a changelog entry for the entrynodes retry mess 2010-09-28 22:49:36 -04:00
Roger Dingledine
8d1fe50284 Merge branch 'maint-0.2.2' 2010-09-28 18:42:04 -04:00
Roger Dingledine
09a715bb72 Merge branch 'maint-0.2.1' into maint-0.2.2 2010-09-28 18:37:55 -04:00
Roger Dingledine
339993b409 actually retry bridges when your network goes away 2010-09-28 18:36:15 -04:00
Nick Mathewson
73d93c033d Autodetect the number of CPUs when possible if NumCPUs==0
This is needed for IOCP, since telling the IOCP backend about all
your CPUs is a good idea.  It'll also come in handy with asn's
multithreaded crypto stuff, and for people who run servers without
reading the manual.
2010-09-28 14:42:21 -04:00
Nick Mathewson
c612ddee17 Add a new option to enable/disable IOCP support 2010-09-28 14:01:45 -04:00
Nick Mathewson
4e0f7f4ffc Code to download, parse, and store microdesc consensuses 2010-09-27 18:04:43 -04:00
Nick Mathewson
af7fab020a Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	src/or/config.c
2010-09-27 17:52:20 -04:00
Roger Dingledine
8df3a90946 the actual changelog entry this time 2010-09-27 17:44:51 -04:00
Sebastian Hahn
c951830002 Fix a bridge segfault
When we enabled support to change statistic options without restarting
Tor we forgot to initialize geoip_countries. Fix that.
2010-09-27 23:19:25 +02:00
Nick Mathewson
5c83c06c98 Merge branch 'bufferevent5' 2010-09-27 16:48:25 -04:00
Nick Mathewson
501399d14a Merge remote branch 'origin/maint-0.2.2' 2010-09-27 15:42:08 -04:00
Nick Mathewson
e385961542 Merge remote branch 'public/bug1954' into maint-0.2.2 2010-09-27 15:39:40 -04:00
Nick Mathewson
89e8f31c42 Add a changes file for bufferevents 2010-09-27 14:22:18 -04:00
Nick Mathewson
26811a8e2d Merge remote branch 'origin/maint-0.2.2' 2010-09-27 12:26:23 -04:00
Nick Mathewson
24a45f54d2 Merge branch 'bug1805' into maint-0.2.2 2010-09-27 12:25:32 -04:00
Nick Mathewson
1cbdbff961 Merge remote branch 'mikeperry/bug1952-merge' into maint-0.2.2 2010-09-27 12:17:41 -04:00
Mike Perry
dfe8c2146c Add changelog for bug 1952. 2010-09-27 09:12:00 -07:00
Nick Mathewson
2579d827ab Use autoreconf, not autoconf&&automake&&etc in autogen.sh
The autoreconf tool deals much better with detecting which tools to
use on your particular platform, handling cases where your
install-sh script gets stable, and lots of other little tricky
issues.

We still fall back to autoconf&&automake&&etc in the case where
"`which autoreconf 2>/dev/null`" says something we can't run.

This is the first change of the 0.2.3.x series.
2010-09-27 11:20:12 -04:00
Nick Mathewson
c8e1538a0b Merge remote branch 'sebastian/continuation' 2010-09-24 13:43:55 -04:00
Nick Mathewson
9b49a89430 Merge branch 'bug1511' 2010-09-23 23:16:25 -04:00
Nick Mathewson
0a0cc4599f Tweak continuation-and-comment logic
I think there was a read-off-the-end-of-the-buffer bug that I fixed.
At least I added some good comments, I hope.
2010-09-23 22:58:04 -04:00
Nick Mathewson
31f22505a6 Merge remote branch 'arma/bug1362' 2010-09-22 01:45:57 -04:00
Nick Mathewson
aa7f55c45f Use load_windows_system_library in place of LoadLibrary 2010-09-21 14:40:10 -04:00
Nick Mathewson
e476ffc2ba Merge branch 'bug1789' 2010-09-21 14:29:59 -04:00
Nick Mathewson
9cba61eb8c Bug1789 cleanups suggested by arma
The significant one is that we look at RelayBandwidthRate if it is set.
2010-09-21 14:02:04 -04:00
Roger Dingledine
fe42f10954 log when we finish a circuit after being offline 2010-09-21 02:16:43 -04:00
Nick Mathewson
5a55662a6b Merge branch 'bug1956' 2010-09-21 00:07:45 -04:00
Roger Dingledine
fec297338f changelog entry for bug 1943 2010-09-20 21:32:18 -04:00
Nick Mathewson
1411842933 Count unknown authorities as unknown only once, not once per signature.
Do not double-report signatures from unrecognized authorities both as
"from unknown authority" and "not present".  Fixes bug 1956, bugfix on
0.2.2.16-alpha.
2010-09-20 13:33:57 -04:00
Sebastian Hahn
ff5ffd1776 Attempt to fix compilation on Windows
Our attempt to make compilation work on old versions of Windows
again while keeping wince compatibility broke the build for Win2k+.
helix reports this patch fixes the issue for WinXP. Bugfix on
0.2.2.15-alpha; related to bug 1797.
2010-09-19 13:39:30 +02:00
Roger Dingledine
80b631844b fold in the recent changes files 2010-09-16 13:45:54 -04:00
Nick Mathewson
cc2511c347 Change 'bugfix on' line for changes/bug1921.
Karsten says: "the ChangeLog should say it's a bugfix on
0.2.2.15-alpha, because enabling stats while Tor is running (which
leads to this false log message) is only possible since then."

Sounds right enough to me.  Tell me if I'm wrong.
2010-09-16 10:54:09 -04:00
Nick Mathewson
c009c9da01 Merge remote branch 'sebastian/bug1921' 2010-09-16 10:52:43 -04:00
Roger Dingledine
0ac67bf3c3 perconnbwrate and perconnbwburst consensus params 2010-09-16 00:17:39 -04:00
Sebastian Hahn
4f1e36ca1d Demote a warn when enabling CellStatistics
When the CellStatistics option is off, we don't store cell insertion
times. Doing so would also not be very smart, because there seem to
still be some performance issues with this type of statistics. Nothing
harmful happens when we don't have insertion times, so we don't need to
alarm the user.
2010-09-16 01:13:51 +02:00
Nick Mathewson
c18bcc8a55 Merge branch 'bug1184' 2010-09-15 14:20:28 -04:00
Nick Mathewson
87f18c9578 Never queue a cell on a marked circuit 2010-09-15 13:06:54 -04:00
Nick Mathewson
60e3def3ed Merge branch 'bug1899' 2010-09-14 22:19:25 -04:00
Nick Mathewson
e2b71d8841 Merge branch 'bug911' 2010-09-14 22:19:22 -04:00
Nick Mathewson
a445daf0cf Merge remote branch 'sebastian/bug1776_v3' 2010-09-14 13:50:28 -04:00
Nick Mathewson
424ca963ad Make circuit_resume_edge_reading_helper treat streams more fairly.
Previously[*], the function would start with the first stream on the
circuit, and let it package as many cells as it wanted before
proceeding to the next stream in turn.  If a circuit had many live
streams that all wanted to package data, the oldest would get
preference, and the newest would get ignored.

Now, we figure out how many cells we're willing to send per stream,
and try to allocate them fairly.

Roger diagnosed this in the comments for bug 1298.

[*] This bug has existed since before the first-ever public release
    of Tor.  It was added by r152 of Tor on 26 Jan 2003, which was
    the first commit to implement streams (then called "topics").

    This is not the oldest bug to be fixed in 0.2.2.x: that honor
    goes to the windowing bug in r54, which got fixed in e50b7768 by
    Roger with diagnosis by Karsten.  This is, however, the most
    long-lived bug to be fixed in 0.2.2.x: the r54 bug was fixed
    2580 days after it was introduced, whereas I am writing this
    commit message 2787 days after r152.
2010-09-13 18:59:50 -04:00
Sebastian Hahn
1dab6cf4cb Document multiline options in the manpage 2010-09-11 01:44:20 +02:00
Nick Mathewson
07049b3d25 Support mutli-line torrc options via the usual backslash syntax 2010-09-10 09:19:10 -04:00
Nick Mathewson
c05c8dbd78 Merge remote branch 'origin/maint-0.2.1' 2010-09-08 10:59:45 -04:00
Nick Mathewson
f3f9820058 Merge remote branch 'karsten/geoip-sep2010' into maint-0.2.1 2010-09-08 10:57:13 -04:00
Nick Mathewson
aa42f941dc Merge branch 'bug1653' 2010-09-08 10:49:24 -04:00
Nick Mathewson
669fd05ed8 Merge remote branch 'origin/maint-0.2.1' 2010-09-08 10:28:41 -04:00
Karsten Loesing
80d9dbac20 Update to the September 1 2010 Maxmind GeoLite Country database. 2010-09-08 11:03:26 +02:00
Sebastian Hahn
303beead53 Kill warn when picking bridges without bw weight
Bridges and other relays not included in the consensus don't
necessarily have a non-zero bandwidth capacity. If all our
configured bridges had a zero bw capacity we would warn the
user. Change that.
2010-09-06 18:44:11 +02:00
Nick Mathewson
edc9256e95 Merge remote branch 'public/win_unicode_fixes' 2010-09-06 10:06:07 -04:00
Nick Mathewson
2920d88667 Base our expected bw accounting usage on time before soft limit
Previously, we were also considering the time spent in
soft-hibernation.  If this was a long time, we would wind up
underestimating our bandwidth by a lot, and skewing our wakeup time
towards the start of the accounting interval.

This patch also makes us store a few more fields in the state file,
including the time at which we entered soft hibernation.

Fixes bug 1789.  Bugfix on 0.0.9pre5.
2010-09-03 14:29:17 -04:00
Nick Mathewson
d0acaac781 Use a more sophisticated soft-hibernation-limit calculation
This should help address bug 1789.
2010-09-03 14:09:55 -04:00
Nick Mathewson
80b3de8753 Tolerate a little skew in accounting intervals.
This will make changes for DST still work, and avoid double-spending
bytes when there are slight changes to configurations.

Fixes bug 1511; the DST issue is a bugfix on 0.0.9pre5.
2010-09-03 12:19:17 -04:00
Nick Mathewson
4d2e9974f9 Close a non-open OR connection *only* after KeepalivePeriod.
When we introduced the code to close non-open OR connections after
KeepalivePeriod had passed, we replaced some code that said
    if (!connection_is_open(conn)) {
     /* let it keep handshaking forever */
    } else if (do other tests here) {
      ...
with new code that said
    if (!connection_is_open(conn) && past_keepalive) {
     /* let it keep handshaking forever */
    } else if (do other tests here) {
      ...

This was a mistake, since it made all the other tests start applying
to non-open connections, thus causing bug 1840, where non-open
connections get closed way early.

Fixes bug 1840.  Bugfix on 0.2.1.26 (commit 67b38d50).
2010-09-03 11:32:35 -04:00
Nick Mathewson
b2473357f2 Launch reachability tests for routers whose IP or ORPort change
Implements #1899, suggested by Sebastian.  Depends on #911 fix.
2010-09-03 10:53:29 -04:00
Nick Mathewson
bfa1962d80 Complicate the rules on WARN vs INFO in consensus verification
It's normal when bootstrapping to have a lot of different certs
missing, so we don't want missing certs to make us warn... unless
the certs we're missing are ones that we've tried to fetch a couple
of times and failed at.

May fix bug 1145.
2010-09-02 16:46:03 -04:00
Nick Mathewson
2081740317 Merge branch 'ratelim' 2010-08-31 12:59:36 -04:00
Nick Mathewson
c66138609a Merge remote branch 'origin/maint-0.2.1' 2010-08-26 14:32:22 -04:00
Nick Mathewson
30b766ba12 Use -Wno-system-headers on openbsd to resolve 2nd case of bug1848 2010-08-26 19:03:51 +02:00
Sebastian Hahn
2af6aadfe9 Fix a compile warning on OpenBSD 2010-08-22 13:58:23 +02:00
Sebastian Hahn
33ae3f4b5c Allow clients to use relays as bridges 2010-08-20 23:45:00 +02:00
Nick Mathewson
c0c7868250 Make the windows build succeed with or without -DUNICODE enabled.
This should keep WinCE working (unicode always-on) and get Win98
working again (unicode never-on).

There are two places where we explicitly use ASCII-only APIs, still:
in ntmain.c and in the unit tests.

This patch also fixes a bug in windoes tor_listdir that would cause
the first file to be listed an arbitrary number of times that was
also introduced with WinCE support.

Should fix bug 1797.
2010-08-20 13:40:01 -04:00
Sebastian Hahn
219f7415d1 Warn for bad combination of cookie options
Setting CookieAuthFileGroupReadable but without setting CookieAuthFile makes
no sense, because unix directory permissions for the data directory prevent
the group from accessing the file anyways.
2010-08-20 02:45:10 +02:00
Nick Mathewson
6f9f1f3324 Make the "2 unknown, 7 missing key..." messages easier to understand
This patch should fix the cases we care about for bugs 1290 and 1145.

     "30-56-99 are correct. Limited 4 and 8 are missing".
2010-08-19 11:13:35 -04:00
Roger Dingledine
f6734103e1 fold in even more changelog entries 2010-08-18 16:42:15 -04:00
Roger Dingledine
c1260cb6ec delay geoip stats even more for relays-turned-bridges 2010-08-18 16:12:44 -04:00
Nick Mathewson
ba9c1275c4 Add a generic rate-limited log mechanism, and use it in a few places
Incidentally fixes bug 1042.
2010-08-18 15:55:49 -04:00
Nick Mathewson
9456da17db Mashael has a last name. (Taken from Ian's cv page.) 2010-08-18 14:42:27 -04:00
Nick Mathewson
8782dcf6a2 Detect if we try to put a cell onto a supposedly blocked cell queue.
When this happens, run through the streams on the circuit and make
sure they're all blocked.  If some aren't, that's a bug: block them
all and log it!  If they all are, where did the cell come from?  Log
it!

(I suspect that this actually happens pretty frequently, so I'm making
these log messages appear at INFO.)
2010-08-18 14:33:41 -04:00
Nick Mathewson
80391b88a5 Decide whether to ignore SENDMEs based on streams_blocked, not queue size 2010-08-18 14:33:41 -04:00
Sebastian Hahn
78e4aa63fb Backport END_STREAM_REASON_NOROUTE for client use.
(Partial backport of 150ed553df, 161b275028, and 4c948ffd6.)
2010-08-18 11:12:32 -04:00
Nick Mathewson
a509dbba50 Merge commit 'karsten/dirbytes2'
Conflicts:
	src/or/rephist.h
2010-08-18 10:06:14 -04:00
Karsten Loesing
58b6195455 Correctly report written bytes on linked connections. 2010-08-18 13:54:41 +02:00
Karsten Loesing
db94b7f46e Count bytes we spend on answering directory requests. 2010-08-18 13:54:41 +02:00
Sebastian Hahn
d5c83f2014 Remove unused function declarations
Also remove some #if 0'd code from the unit tests for buffers. The
code was killed in e6794e5808 (5 years
ago), and is now broken anyways.
2010-08-17 23:49:39 +02:00
Nick Mathewson
5ffe105598 Merge branch 'maint-0.2.1'
Resolved conflict in
	src/or/networkstatus.c
2010-08-17 12:07:19 -04:00
Nick Mathewson
fc66a2ad1b Merge branch 'bug1141_v3' into maint-0.2.1 2010-08-17 11:55:58 -04:00
Nick Mathewson
6f58481335 Scale CONSENSUS_MIN_SECONDS_BEFORE_CACHING by voting interval
If the voting interval was short enough, the two-minutes delay
of CONSENSUS_MIN_SECONDS_BEFORE_CACHING would confuse bridges
to the point where they would assert before downloading a consensus.
It it was even shorter (<4 minutes, I think), caches would
assert too.  This patch fixes that by having replacing the
two-minutes value with MIN(2 minutes, interval/16).

Bugfix for 1141; the cache bug could occur since 0.2.0.8-alpha, so
I'm calling this a bugfix on that.  Robert Hogan diagnosed this.
Done as a patch against maint-0.2.1, since it makes it hard to
run some kinds of testing networks.
2010-08-17 11:55:39 -04:00
Roger Dingledine
2ede14c2ca fold in the next set of changelog entries 2010-08-16 02:02:11 -04:00
Nick Mathewson
bf8d66364f Merge commit 'public/warn1125' 2010-08-16 00:27:05 -04:00
Karsten Loesing
15379a7254 Fix compilation with --with-dmalloc
Fixes 1832; bugfix on 0.2.2.6-alpha
2010-08-16 00:14:06 -04:00
Nick Mathewson
a856f446c7 Merge commit 'sebastian/bug1831' 2010-08-15 23:43:36 -04:00
Nick Mathewson
6a77bde8d8 Make Sebastian's misc-reasons branch compile; frob the changes file 2010-08-15 21:32:06 -04:00
Nick Mathewson
9bcea4a8ef Merge commit 'sebastian/misc-reason' 2010-08-15 21:27:32 -04:00
Nick Mathewson
c370ee7aa7 Add a changes file for Karsten's stats-tests branch 2010-08-15 20:54:57 -04:00
Sebastian Hahn
b2dcff5766 Fix a memory leak in dirvote_compute_consensuses() 2010-08-16 00:46:44 +02:00
Sebastian Hahn
527581194c Fix a memory leak
It happened in dirvote_add_signatures_to_pending_consesus().
2010-08-16 00:46:42 +02:00
Sebastian Hahn
70f0ba1495 Fix a memory leak in circuit_build_times_parse_state
Thanks weasel for noticing.
2010-08-16 00:33:29 +02:00
Roger Dingledine
8d588e7b1a reinit per-conn token buckets on config or consensus change 2010-08-15 04:01:42 -04:00
Roger Dingledine
e50857b67f changes entry for bug 1741 2010-08-13 20:50:51 -04:00
Roger Dingledine
b1a5888553 fix a memory leak introduced by df1ef2f0f0 2010-08-13 17:30:50 -04:00
Roger Dingledine
a1686d867e fold in the makefile.am changes entry 2010-08-13 17:19:04 -04:00
Linus Nordberg
5b69cf85fa Fix changes/ file for bug #1773. 2010-08-11 09:41:51 -04:00
Roger Dingledine
267c976405 fold in most of the changes/foo files 2010-08-11 01:51:41 -04:00
Nick Mathewson
8150e2ad24 Make buf_shrink_freelists warn, not crash, when n_to_skip is too high
This mitigates bug 1125, but doesn't fix its root cause (whatever
that is).
2010-08-10 15:58:41 -04:00
Nick Mathewson
4c94192033 Add missing info to changes file 2010-08-10 15:32:56 -04:00
Nick Mathewson
93edf0cb6c Merge commit 'karsten/stats_v4_rebased' 2010-08-06 10:46:59 -04:00
Karsten Loesing
166c2f4d92 Allow enabling or disabling *Statistics while Tor is running.
With this patch we stop scheduling when we should write statistics using a
single timestamp in run_scheduled_events(). Instead, we remember when a
statistics interval starts separately for each statistic type in geoip.c
and rephist.c. Every time run_scheduled_events() tries to write stats to
disk, it learns when it should schedule the next such attempt.

This patch also enables all statistics to be stopped and restarted at a
later time.

This patch comes with a few refactorings, some of which were not easily
doable without the patch.
2010-08-05 13:05:25 +02:00
Nick Mathewson
de7ed2fd7a Merge commit 'origin/maint-0.2.1'
Conflicts:
	debian/changelog
	debian/control
	debian/patches/03_tor_manpage_in_section_8.dpatch
	debian/patches/06_add_compile_time_defaults.dpatch
	debian/rules
2010-08-04 12:37:30 -04:00
Nick Mathewson
e7d2a9b6c4 Remove the debian directory from the main git repository
Once upon a time it made sense to keep all the Debian files in the
main Tor distribution, since repeatedly merging them back in was hard.
Now that we're on git, that's no longer so.

Peter's debian repository at debian/tor.git on our git server has the
most recent version of the tor-on-debian packaging stuff, and the versions
in our own repository have gotten out of date.

Resolves bug #1735.
2010-08-04 12:21:48 -04:00
Sebastian Hahn
150ed553df Introduce END_STREAM_REASON_NOROUTE 2010-08-03 16:46:28 +02:00
Nick Mathewson
6d8b932659 Merge commit 'origin/maint-0.2.1' 2010-08-03 09:13:17 -04:00
Sebastian Hahn
b8aa14a39b Handle EHOSTUNREACH in errno_to_stream_end_reason()
We used to not recognize it and returned END_STREAM_REASON_MISC.
Instead, return END_STREAM_REASON_INTERNAL.
2010-08-03 14:03:36 +02:00
Karsten Loesing
f206209abf Update to the August 1 2010 Maxmind GeoLite Country database. 2010-08-03 13:04:09 +02:00
Nick Mathewson
9265190b16 Merge branch 'bug1384' 2010-08-02 12:53:52 -04:00
Sebastian Hahn
a9d055c5c5 Fix a compile warning on OS X 10.6
Also update the changes file to contain a note on which bug was
fixed by this.
2010-08-02 18:45:17 +02:00
Chris Ball
73a4c0690e Bug #919: Don't rebind ports if we receive SIGHUP while hibernating. 2010-08-02 12:14:01 -04:00
Chris Ball
9ffa977981 Bug #928: Disallow BridgeRelay 1 and ORPort 0 configuration 2010-08-02 12:04:04 -04:00
Chris Ball
600ba86f4a Bug #1107: Complain if PublishServerDescriptor receives 0 or 1 in a list
0 or 1 should only be passed as the sole argument. Warn for now, reject
in 0.2.3.x.
2010-08-02 12:02:06 -04:00
Nick Mathewson
fbfaa7bbc4 Merge commit 'sebastian/bug1776_v2' 2010-08-02 11:32:49 -04:00
Nick Mathewson
4504640b10 Merge branch 'bug1094_v2' 2010-08-02 11:11:02 -04:00
Chris Ball
1470eb2e91 Bug #1222: Clarify new circuit after sleep notice
("Application request when we're believed to be offline." ->
 "Application request when we haven't used client functionality lately.")
2010-07-31 16:58:49 -04:00
Nick Mathewson
fac272da31 If a router is hibernating, never vote that it is Running.
Also, clean up and comment some of the logic in
dirserv_set_router_is_running.
2010-07-31 16:33:45 -04:00
Nick Mathewson
8fca6fb2aa Make "Nowhere" explicitly listable in torrc.
We already had the country code ?? indicating an unknown country, so all we
needed to do to make unknown countries excludable was to make the ?? code
discoverable.
2010-07-31 15:00:06 -04:00
Nick Mathewson
39378bf182 Warn when encounter the same (non-list) option twice in the same place
It's okay to get (say) a SocksPort line in the torrc, and then a
SocksPort on the command line to override it, and then a SocksPort via
a controller to override *that*.  But if there are two occurrences of
SocksPort in the torrc, or on the command line, or in a single SETCONF
command, then the user is likely confused.  Our old code would not
help unconfuse the user, but would instead silently ignore all but
the last occurrence.

This patch changes the behavior so that if the some option is passed
more than once to any torrc, command line, or SETCONF (each of which
coincidentally corresponds to a call to config_assign()), and the
option is not a type that allows multiple occurrences (LINELIST or
LINELIST_X), then we can warn the user.

This closes trac entry 1384.
2010-07-31 13:16:48 -04:00
Sebastian Hahn
9ca311f622 Allow using regular relays as bridges 2010-07-31 10:24:24 +02:00
Nick Mathewson
6f45101327 Clear cell queues when marking or truncating a circuit.
At best, this patch helps us avoid sending queued relayed cells that
would get ignored during the time between when a destroy cell is
sent and when the circuit is finally freed.  At worst, it lets us
release some memory a little earlier than it would otherwise.

Fix for bug #1184.  Bugfix on 0.2.0.1-alpha.
2010-07-30 18:55:24 -04:00
Nick Mathewson
86a3b650b8 Add a changes file for Linus's makefile-var-exp branch. 2010-07-30 11:37:42 -04:00
Sebastian Hahn
02a57bbda5 Add the new header files to noinst_HEADERS
Also add a changes/ file.
2010-07-27 10:00:46 +02:00
mingw-san
856a36c434 Fix compilation with mingw and OpenSSL 0.9.8m+ 2010-07-26 15:05:11 -04:00
Sebastian Hahn
6cee3d466d Make sure we don't warn for libevent versions like 1.4.14b-stable 2010-07-26 20:39:12 +02:00
Roger Dingledine
a80ffbb6cc partial changelog for 0.2.2.15-alpha 2010-07-21 09:28:34 -04:00
Nick Mathewson
2314355bf7 Add missing changes file for d461799f0 2010-07-21 15:08:41 +02:00
Nick Mathewson
0b4b51314f Make the controller act more usefully when GETINFO fails
Right now it says "552 internal error" because there's no way for
getinfo_helper_*() countries to specify an error message.  This
patch changes the getinfo_helper_*() interface, and makes most of the
getinfo helpers give useful error messages in response to failures.

This should prevent recurrences of bug 1699, where a missing GeoIPFile
line in the torrc made GETINFO ip-to-county/* fail in a "not obvious
how to fix" way.
2010-07-18 17:05:58 +02:00
Mike Perry
9d5d0f040f Alter how guard flags are chosen.
V3 authorities no longer decide not to vote on Guard+Exit. The bandwidth
weights should take care of this now.

Also, lower the max threshold for WFU to 0.98, to allow more nodes to become
guards.
2010-07-14 20:49:19 -07:00
Roger Dingledine
54cdac97f1 print right controller purpose string for measure-timeout circs 2010-07-14 21:06:49 -04:00
Roger Dingledine
c6f5792404 No dirport should mean no hsdir flag (bug 1693) 2010-07-14 13:20:57 -04:00
Roger Dingledine
2ed2359852 i'm going to tag 0.2.2.14-alpha tonight 2010-07-12 16:43:46 -04:00
Nick Mathewson
14bc4dcc22 Rename log.h to torlog.h
This should make us conflict less with system files named "log.h".
Yes, we shouldn't have been conflicting with those anyway, but some
people's compilers act very oddly.

The actual change was done with one "git mv", by editing
Makefile.am, and running
   find . -name '*.[ch]' | xargs perl -i -pe 'if (/^#include.*\Wlog.h/) {s/log.h/torlog.h/; }'
2010-07-09 22:05:38 -04:00
Roger Dingledine
c3febf8660 fold in the latest changes 2010-07-09 14:07:54 -04:00
Mike Perry
a9edb0b4f6 More gracefully handle corrupt state files.
Save a backup if we get odd circuitbuildtimes and other state info.

In the case of circuit build times, we no longer assert, and reset our state.
2010-07-06 12:11:22 -07:00
Karsten Loesing
6bb8747ffb Make directory mirrors report non-zero dirreq-v[23]-shares again. 2010-07-05 10:45:24 +02:00
Nick Mathewson
bea55766af Merge remote branch 'mikeperry/cbt-bugfixes3' 2010-06-29 18:57:50 -04:00
Roger Dingledine
1d5b2da3a8 start an 0.2.2.14-alpha changelog 2010-06-29 18:40:08 -04:00
Nick Mathewson
faad8bd0e8 Merge branch 'bug1526-v2' 2010-06-25 18:56:15 -04:00
Nick Mathewson
ad2d8ac073 Use Libevent 2.0's periodic timers where available.
These timers behave better with non-monotonic clocks than our old
ones, and also try harder to make once-per-second events get called
one second apart, rather than one-plus-epsilon seconds apart.

This fixes bug 943 for everybody using Libevent 2.0 or later.
2010-06-25 15:31:46 -04:00
Nick Mathewson
1a52e39c22 Fix zlib macro brokenness on osx with zlib 1.2.4 and higher.
From the code:
   zlib 1.2.4 and 1.2.5 do some "clever" things with macros.  Instead of
   saying "(defined(FOO) ? FOO : 0)" they like to say "FOO-0", on the theory
   that nobody will care if the compile outputs a no-such-identifier warning.

   Sorry, but we like -Werror over here, so I guess we need to define these.
   I hope that zlib 1.2.6 doesn't break these too.

Possible fix for bug 1526.
2010-06-22 23:25:08 -04:00
Nick Mathewson
8e1bf98f4a Log an error if openssl fails to copy a key for us
This should never happen unless openssl is buggy or some of our
assumptions are deeply wrong, but one of those might have been the
cause of the not-yet-reproducible bug 1209.  If it ever happens again,
let's get some info we can use.
2010-06-22 22:20:52 -04:00
Florian Zumbiehl
426116113f Save a couple characters' allocation in esc_for_log 2010-06-14 14:05:18 -04:00
Roger Dingledine
b958eae573 remove old changes that were folded into 0.2.1.26 2010-06-13 16:04:32 -04:00
Nick Mathewson
945633476a Merge commit 'sebastian/hostnamewarn' 2010-06-11 13:21:31 -04:00
Nick Mathewson
be1c4672c4 Merge commit 'origin/maint-0.2.1' 2010-06-11 13:20:20 -04:00
Karsten Loesing
6c49b6bb77 Add maatuska as eighth v3 directory authority. 2010-06-11 19:10:55 +02:00
Sebastian Hahn
f7b40f45b7 Don't crash when reading cached*consensus files on startup
Fixes bug 1352
2010-06-10 16:18:26 +02:00
Mike Perry
473f0c3ebb Update changelog. 2010-06-09 00:22:39 -07:00
Nick Mathewson
bedb59c034 Merge remote branch 'origin/maint-0.2.1' 2010-06-07 15:10:48 -04:00
Nick Mathewson
2f67ef58b7 add changes file for geoip db update 2010-06-07 15:09:48 -04:00
Nick Mathewson
f4f11adf4c In asciidoc-helper.sh, be more verbose when a2x fails.
Previously, we said (more or less), "a2x is broken and here's how you could
try to fix it".  Instead, we now say "We need a2x to build manpages; a2x
didn't work; here is a fix that might work for you; alternatively you
could just skip manpage building."

Addresses bug 1524.

Also, give the message as a here-document rather than a bunch of echos.
2010-06-07 11:40:42 -04:00
Sebastian Hahn
10fdb9ee0a Add option to not warn when getting an IP instead of hostname 2010-06-07 12:44:25 +02:00
Sebastian Hahn
0882e1e839 Treat unset $HOME like empty $HOME
This means Tor no longer dies when it doesn't have a $HOME.
2010-06-07 02:18:01 +02:00
Sebastian Hahn
faf51fa52a Don't cannibalize one-hop circuits
In rare cases, we could cannibalize a one-hop circuit, ending up
with a two-hop circuit. This circuit would not be actually used,
but we should prevent its creation in the first place.

Thanks to outofwords and swissknife for helping to analyse this.
2010-06-04 21:04:08 +02:00
Roger Dingledine
7e300cbba3 Let bridge users use the non-primary address of a multi-homed bridge 2010-06-03 20:29:29 -04:00
Nick Mathewson
7dcf88e69b Add 'changes' file for Windows CE port 2010-05-24 11:46:54 -04:00
Mike Perry
8ada0011f9 Add changelog for this branch. 2010-05-10 19:57:31 -07:00
Roger Dingledine
8ba00e4305 Merge commit 'ioerror/compileTimeHardening' 2010-05-07 12:05:26 -04:00
Jacob Appelbaum
04fa935e02 Add support for gcc compiler/linker hardening flags.
This patch adds support for two new configure options:
    '--enable-gcc-hardening'
    This sets CFLAGS to include:
        "-D_FORTIFY_SOURCE=2 -fstack-protector-all"
        "-fwrapv -fPIE -Wstack-protector -Wformat -Wformat-security"
        "-Wpointer-sign"
    It sets LDFLAGS to include:
        "-pie"

    '--enable-linker-hardening'
    This sets LDFLAGS to include:
        " -z relro -z now"
2010-05-07 16:15:26 +02:00
Roger Dingledine
89bb5fbce6 Merge branch 'maint-0.2.1' 2010-05-06 07:18:44 -04:00
Roger Dingledine
befcc84f43 move to maxmind geoip db 2010-05-06 07:15:22 -04:00
Nick Mathewson
0c030b0b2f Merge branch 'hacking' 2010-04-27 12:29:03 -04:00
Nick Mathewson
8ec5f939a6 Add new sections to the HACKING file
The main changes are to explain how we use git branches, how we use
changes files, and what should go into a patch.  Putting these in
HACKING means that we shouldn't need to constantly refer to the or-dev
emails where we explain this stuff.
2010-04-27 12:24:35 -04:00
Roger Dingledine
8afc7d563d prepare the 0.2.2.13-alpha changelog 2010-04-23 20:59:20 -04:00
Roger Dingledine
e7bd97493c Merge branch 'maint-0.2.1' 2010-04-23 20:26:23 -04:00
Roger Dingledine
67b38d5068 close idle tls conns early 2010-04-23 20:23:00 -04:00
Roger Dingledine
b3019c6d2b Merge branch 'maint-0.2.1' 2010-04-23 19:46:29 -04:00
Roger Dingledine
b264192083 finally get rid of "clique mode" 2010-04-23 19:39:42 -04:00
Roger Dingledine
cb31978adb close idle dir-fetch circs early 2010-04-23 18:35:11 -04:00
Roger Dingledine
573e1d40b3 finally get rid of "clique mode" 2010-04-21 21:35:18 -04:00
Roger Dingledine
6952b445cc stop authority reachability check on startup 2010-04-21 04:27:56 -04:00
Roger Dingledine
4f307e0382 immediate reachability check for new relays 2010-04-21 03:12:14 -04:00
Roger Dingledine
3d8879a04d merge in the bug 1364 fix 2010-04-20 03:59:23 -04:00
Sebastian Hahn
0b82ce3eb6 Demote a warning about missing client ciphers 2010-04-20 03:57:33 -04:00
Roger Dingledine
ea6cdafee5 prepare for 0.2.2.12-alpha 2010-04-20 03:53:07 -04:00
Roger Dingledine
eaf5487d95 fetch descriptors from the authority that told us about them 2010-04-20 03:20:31 -04:00
Nick Mathewson
f2c30e97cc Switch geoip_get_request_history to asprintf; fix bug 1365 2010-04-20 01:09:40 -04:00
Nick Mathewson
e3cd535c7c Move the declaration of bandwidth_rate_rule_to_string
It's natural for the definition of bandwidth_rule_t to be with the functions
that actually care about its values.  Unfortunately, this means declaring
bandwidth_rate_rule_to_string() out of sequence.  Someday we'll just rename
reasons.c to strings.c, and put it at the end of or.h, and this will all be
better.
2010-04-19 16:39:29 -04:00
Nick Mathewson
af9dd4af02 Fix two compile-blockers in tor_vasprintf().
1) mingw doesn't have _vscprintf(); mingw instead has a working snprintf.

2) windows compilers that _do_ have a working _vscprintf spell it so; they do
   not spell it _vcsprintf().
2010-04-19 16:37:26 -04:00
Roger Dingledine
eafbc3caa1 gather together the 0.2.2.11-alpha changelog 2010-04-15 10:48:33 -04:00
Nick Mathewson
c38fa93ad1 Merge commit 'origin/maint-0.2.1' 2010-04-15 10:35:09 -04:00
Sebastian Hahn
71fb687ddd Add --enable-static-zlib option
Works like the --enable-static-openssl/libevent options. Requires
--with-zlib-dir to be set. Note that other dependencies might still
pull in a dynamicly linked zlib, if you don't link them in statically
too.
2010-04-14 19:28:21 +02:00
Nick Mathewson
6ad09cc6af Fix renegotiation on OpenSSL versions that backport RFC5746.
Our code assumed that any version of OpenSSL before 0.9.8l could not
possibly require SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION.  This is
so... except that many vendors have backported the flag from later
versions of openssl when they backported the RFC5476 renegotiation
feature.

The new behavior is particularly annoying to detect.  Previously,
leaving SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION unset meant that
clients would fail to renegotiate.  People noticed that one fast!
Now, OpenSSL's RFC5476 support means that clients will happily talk to
any servers there are, but servers won't accept renegotiation requests
from unpatched clients unless SSL_OP_ALLOW_etc is set.  More fun:
servers send back a "no renegotiation for you!" error, which unpatched
clients respond to by stalling, and generally producing no useful
error message.

This might not be _the_ cause of bug 1346, but it is quite likely _a_
cause for bug 1346.
2010-04-13 15:05:03 -04:00
Nick Mathewson
fe57aab283 Merge branch 'correct_halflife' 2010-04-13 13:37:33 -04:00
Nick Mathewson
96a0edf373 Rename CircPriorityHalflifeMsec to CircuitPriorityHalflifeMsec
Everything that accepted the 'Circ' name handled it wrong, so even now
that we fixed the handling of the parameter, we wouldn't be able to
set it without making all the 0.2.2.7..0.2.2.10 relays act wonky.
This patch makes Tors accept the 'Circuit' name instead, so we can
turn on circuit priorities without confusing the versions that treated
the 'Circ' name as occasion to act weird.
2010-04-13 13:29:30 -04:00
Nick Mathewson
7221d15acc Merge commit 'origin/maint-0.2.1'
Conflicts:
	src/or/test.c
2010-04-12 18:22:06 -04:00
Peter Palfrader
5e679acc72 testsuite: Prevent the main thread from starving the worker threads 2010-04-12 18:15:20 -04:00
Peter Palfrader
a02923122e testsuite: Only free the main mutex when and if all the worker threads are done 2010-04-12 18:15:17 -04:00
Nick Mathewson
d888a8210f Fix a bug in reading CircPriorityHalflife from consensus
When you mean (a=b(c,d)) >= 0, you had better not say (a=b(c,d)>=0).
We did the latter, and so whenever CircPriorityHalflife was in the
consensus, it was treated as having a value of 1 msec (that is,
boolean true).
2010-04-12 15:38:54 -04:00
Roger Dingledine
8aec982f91 Merge branch 'maint-0.2.1'
Conflicts:

	ChangeLog
	configure.in
	contrib/tor-mingw.nsi.in
	src/win32/orconfig.h
2010-04-03 22:05:02 -04:00
Roger Dingledine
0324d3b0ec fetch relay descriptors from v3 authorities 2010-04-03 21:53:29 -04:00
Sebastian Hahn
80d9737e70 Fix a segfault when a client is hup'd.
We need to make sure we have an event_base in dns.c before we call
anything that wants one. Make sure we always have one in dns_reset()
when we're a client. Fixes bug 1341.
2010-04-03 12:31:59 +02:00
Roger Dingledine
51d084f805 fold in the recent changelog entries 2010-04-02 15:33:38 -04:00
Sebastian Hahn
cae769d646 Segfault less during consensus generation without params
If no authority votes on any params, Tor authorities segfault when
trying to make a new consensus from the votes. Let's change that.
2010-03-29 22:25:37 +02:00
Sebastian Hahn
fca673bcd3 Don't require asciidoc when building Tor from a tarball
If asciidoc is required, the user receives an error message telling
them about the --disable-asciidoc configure switch and the build
breaks.
2010-03-09 03:00:59 +01:00