Commit Graph

31323 Commits

Author SHA1 Message Date
Nick Mathewson
57474d772a Revise section 1, remove very throughout.
svn:r679
2003-10-26 22:59:18 +00:00
Nick Mathewson
5432fb02cc Add note about DNS distinguishability attack
svn:r678
2003-10-26 22:58:04 +00:00
Roger Dingledine
acd415628c more circuit design section work
svn:r677
2003-10-26 22:49:07 +00:00
Nick Mathewson
866c449b8d Commit notes from Friday mtg with arma.
svn:r676
2003-10-26 16:25:06 +00:00
Roger Dingledine
b3497f989b crank more on design section
svn:r675
2003-10-26 10:47:49 +00:00
Roger Dingledine
52589289fe add DirBindAddress, parse the BindAddress's when you bind
exit if bind fails
add usage printfs
rearrange config options for readability


svn:r674
2003-10-25 12:01:09 +00:00
Roger Dingledine
8850eb1210 think more about the design section
svn:r673
2003-10-25 11:41:26 +00:00
Nick Mathewson
87969d98f9 Initial changes to intro.
svn:r672
2003-10-24 22:48:26 +00:00
Nick Mathewson
d4ad3bde8c Numerous notes of stuff to do from mtg with Roger; add outline for design section.
svn:r671
2003-10-24 21:18:38 +00:00
Nick Mathewson
28e93f3aa3 Note TODO items; add DROP relay cells
svn:r670
2003-10-24 21:16:43 +00:00
Roger Dingledine
f0a9d0ae8c some scribblings on exit policies
somebody please go turn this into a section


svn:r669
2003-10-24 11:21:19 +00:00
Roger Dingledine
d59864859c and dirservers are better for non-clique situations
svn:r668
2003-10-24 04:09:10 +00:00
Roger Dingledine
b29e29f64a directories are signed so they can be cached elsewhere
svn:r667
2003-10-24 03:39:14 +00:00
Roger Dingledine
b1d8973990 figured out how to make autoconf a bit less viral
(thanks cherub)


svn:r666
2003-10-24 03:27:53 +00:00
Nick Mathewson
faa0f7ffe7 Use daemon(3) function where available.
svn:r665
2003-10-23 14:28:44 +00:00
Nick Mathewson
71e5ad714b resolve warning
svn:r664
2003-10-23 14:27:53 +00:00
Nick Mathewson
6b79d8a7e9 Two-pronged attack at my overzealous skew fixes.
The problem was that the fixes had us generating TLS certs with a
2-day lifetime on the assumption that we'd rotate fairly often.  In
fact, we never rotate our TLS keys.

This patch fixes the situation in 2 ways:
   1. It bumps the default lifetime back up to one year until we get
      rotation in place.
   2. It changes tor_tls_context_new() so that it doesn't leak memory
      when you call it more than once.


svn:r663
2003-10-23 14:20:51 +00:00
Roger Dingledine
0396449097 add the dirservers section
svn:r662
2003-10-23 11:45:51 +00:00
Paul Syverson
8ee82830b4 Router twins described in intro. Some more stuff in assumptions section.
svn:r661
2003-10-22 22:40:30 +00:00
Paul Syverson
4e3345ff08 Added censorship resistant refs. Answered Roger's key question with
more questions.


svn:r660
2003-10-22 18:58:44 +00:00
Steven Hazel
4fef6f4566 switch_id() no longer tries to log the user name when it's calld on
Windows, since we don't know whether it's the user or the group that
was set.


svn:r659
2003-10-22 17:25:58 +00:00
Nick Mathewson
7604cfe61b Clock skew fixes.
Allow some slop (currently 3 minutes) when checking certificate validity.

Change certificate lifetime from 1 year to 2 days.  Since we
regenerate regularly (we regenerate regularly, right??), this
shouldn't be a problem.

Have directories reject descriptors published too far in the future
(currently 30 minutes).  If dirservs don't do this:
    0) Today is January 1, 2000.
    1) A very skewed server publishes descriptor X with a declared
       publication time of August 1, 2000.
    2) The directory includes X.
    3) Because of certificate lifetime issues, nobody can use the
       skewed server.
    4) The server fixes its skew, and goes to republish a new descriptor Y
       with publication time of January 1, 2000.
    5) But because the directory already has a "more recent" descriptor X,
       it rejects descriptor "Y" as superseded!

This patch should make step 2 go away.


svn:r658
2003-10-22 16:41:35 +00:00
Roger Dingledine
cf2fe9d1da some minor tweaks
svn:r657
2003-10-22 11:30:47 +00:00
Steven Hazel
4139c1c86a - fixed a bug in the id switching code -- setgid has to happen before
setuid, because after we setuid we don't have the priviledges we
  need to setgid anymore, duh.  merged switch_user() and
  switch_group() into switch_id(), since that code has to be wound
  together.

- return -1 from switch_id() if it's not defined to do anything else.

- moved daemoinize(), write_pidfile(), and switch_id() from main.c to
  util.c


svn:r656
2003-10-22 11:21:29 +00:00
Roger Dingledine
c78d5d7d30 play with connection_edge_send_command
maybe more robust now


svn:r655
2003-10-22 09:08:10 +00:00
Roger Dingledine
c35fc271d2 move default exit policy into config files
svn:r654
2003-10-22 07:56:11 +00:00
Roger Dingledine
c6b442a346 make end relay cells have payloads
move default exit policy into config files


svn:r653
2003-10-22 07:55:44 +00:00
Steven Hazel
b1eca56b77 added User and Group options -- if you set them, tor will try to
setuid and setgid respectively, and die if it can't.

(If the User option is set, tor will setgid to the user's gid as well.)

This happens after the pidfile is created, so that in cases where tor
needs to be root to work with the pidfile, it will at least be able to
create it, although it won't be able to delete it.  That sucks, but
it's somewhat better than not being able to create the pidfile in the
first place.


svn:r652
2003-10-22 06:03:11 +00:00
Roger Dingledine
524d63ecc6 todo now reflects what we need to do.
svn:r651
2003-10-22 05:15:08 +00:00
Roger Dingledine
f84cdb9005 force the admin to mkdir the datadirectory himself,
so he gets the permissions right.

also this means clients will never need to make the datadirectory.

also remind the admin to fix his clock before setting up his node.


svn:r650
2003-10-22 04:33:11 +00:00
Roger Dingledine
1bf10257da fill in some lncs numbers
svn:r649
2003-10-21 22:13:18 +00:00
Paul Syverson
ac7a9ccadf Adversary model mostly done? Some other small changes in assumptions et passim.
svn:r648
2003-10-21 21:44:00 +00:00
Nick Mathewson
009f2f6dbb Update .cvsignores to exclude files generated due to recent build improvements
svn:r647
2003-10-21 17:49:52 +00:00
Nick Mathewson
53dca60b13 Add design goals section
svn:r646
2003-10-21 17:43:26 +00:00
Roger Dingledine
24536a65f3 fix error in rendezvous description
svn:r645
2003-10-21 09:50:06 +00:00
Roger Dingledine
0e137e413f APPort is now SocksPort
svn:r644
2003-10-21 09:49:39 +00:00
Roger Dingledine
069227db5b introduce new tor_free() macro
svn:r643
2003-10-21 09:48:58 +00:00
Roger Dingledine
e4127e4d36 move closer to being able to reload config on HUP
rename APPort to SocksPort
introduce new tor_free() macro


svn:r642
2003-10-21 09:48:17 +00:00
Roger Dingledine
80d428b225 remove obsolete config file
svn:r641
2003-10-21 09:22:38 +00:00
Roger Dingledine
4a66865d0b send the end cell when we realize we're going to end,
not when we're closing the stream.

this lets us put a payload in the end cell if we want to,
to describe why we're closing the stream.

there are still some places where we don't send the end cell
immediately. i need to track them down. but it's a low priority,
since i've made it send the end cell when we close the stream if
we haven't already sent it.


svn:r640
2003-10-21 08:37:07 +00:00
Roger Dingledine
f8a72b1c21 i seem to be listing hard problems.
still plenty more hard problems where those came from.


svn:r639
2003-10-21 08:09:55 +00:00
Roger Dingledine
668ec0b435 first draft of a conclusion / future works
svn:r638
2003-10-21 04:27:54 +00:00
Roger Dingledine
53baa69705 first draft of the rendezvous section done
svn:r637
2003-10-21 01:11:29 +00:00
Paul Syverson
08c44fc1ab Few more changes to intro. First complete draft of background.
Cut in threats from PETs 2000 paper and started adapting them.


svn:r636
2003-10-20 23:44:53 +00:00
Roger Dingledine
5f1750a288 include our own timegm() impl, since it's not portable
svn:r635
2003-10-20 20:19:59 +00:00
Roger Dingledine
b40d0bffa7 a skeletal print_usage() function
svn:r634
2003-10-20 01:19:54 +00:00
Roger Dingledine
db33eac4c4 add an Address line to the sample server rc file
svn:r633
2003-10-19 05:50:52 +00:00
Roger Dingledine
b4117d2a37 move to 0.0.2pre13
svn:r631
2003-10-19 05:45:22 +00:00
Roger Dingledine
dc85b7af3c warn, not err
svn:r630
2003-10-19 01:15:36 +00:00
Roger Dingledine
efce1b8b3e put small buffers back in place
svn:r629
2003-10-19 01:10:38 +00:00