Commit Graph

18222 Commits

Author SHA1 Message Date
unixninja92
898154f717 PredictedCircsRelevanceTime: limit how long we predict a port will be used
By default, after you've made a connection to port XYZ, we assume
you might still want to have an exit ready to connect to XYZ for one
hour. This patch lets you lower that interval.

Implements ticket 91
2014-03-05 14:29:54 -05:00
Nick Mathewson
f0b2dc83b6 Merge remote-tracking branch 'arma/ticket5528'
Conflicts:
	src/or/router.c
	src/test/test_dir.c
2014-03-05 12:44:40 -05:00
Nick Mathewson
1295490862 Merge remote-tracking branch 'public/bug8788' 2014-03-05 12:17:31 -05:00
Nick Mathewson
27d231ca13 Document alternate bandwidth/memory unit spellings 2014-03-04 12:12:36 -05:00
Nick Mathewson
496fe685fd Include v3 in documented 'protocols' in rend_service_descriptor_t
Also make it unsigned and document that it's for INTRODUCE cell versions.

Fixes 9099; bugfix on 0.2.1.5-alpha, which introduced the v3 protocol.
2014-03-04 12:03:18 -05:00
Nick Mathewson
ab225aaf28 Merge branch 'bug10169_025_v2'
Conflicts:
	src/test/test.c
2014-03-04 11:03:30 -05:00
Nick Mathewson
bb37544214 Merge remote-tracking branch 'public/bug10169_024' into bug10169_025_v2
Conflicts:
	src/common/compat_libevent.h
	src/or/relay.c
2014-03-04 11:00:02 -05:00
Nick Mathewson
46118d7d75 Merge remote-tracking branch 'public/bug10169_023' into bug10169_024
Conflicts:
	src/or/relay.c
2014-03-04 10:54:54 -05:00
Nick Mathewson
bfa0e022bc Mention doc/HACKING in the readme 2014-03-04 10:34:25 -05:00
Nick Mathewson
0db39eb89f ATTR_NORETURN is needed on lost_owning_controller now
This should fixes some "hey, that function could have
__attribute__((noreturn))" warnings  introduced by f96400d9.

Bug not in any released version of Tor.
2014-03-03 10:54:20 -05:00
Nick Mathewson
4050dfa320 Warn if ports are specified in {Socks,Dir}Policy
We have ignored any ports listed here since 80365b989 (0.0.7rc1),
but we didn't warn the user that we were ignoring them.  This patch
adds a warning if you put explicit ports in any of the options
{Socks,Dir}Policy or AuthDir{Reject,Invalid,BadDir,BadExit}.  It
also adjusts the manpage to say that ports are ignored.

Fixes ticket 11108.
2014-03-03 10:45:39 -05:00
Nick Mathewson
d98f743b28 Fix compilation warnings in tor_addr_make_null patch
There was one "missing prototype" warning because the test function
wasn't static, and one "unused parameter" warning about the "data"
parameter.

Also, I added a couple of tests to make sure that the "make_null"
addresses really were the addresses we expected, by formatting them
as strings.
2014-03-03 10:05:02 -05:00
Kevin Murray
4deae59e1c add test for tor_addr_make_null
Signed-off-by: Kevin Murray <spam@kdmurray.id.au>
2014-03-03 09:58:01 -05:00
Nick Mathewson
1afa52349c tweak changes file. 2014-03-03 09:56:17 -05:00
Lunar
3a425ac3a8 Fix max client name length in HiddenServiceAuthorizeClient description
REND_CLIENTNAME_MAX_LEN is set to 16, not 19.
2014-03-03 09:53:38 -05:00
Roger Dingledine
bd49653f8e trivial whitespace fixes 2014-03-03 06:53:08 -05:00
Roger Dingledine
4348c52a35 forward-port the 0.2.4.21 release notes 2014-03-01 04:09:34 -05:00
Nick Mathewson
0b7a66fac7 whitespace fix 2014-02-28 08:57:29 -05:00
Nick Mathewson
273f536d72 Merge branch 'bug10884_squashed' 2014-02-28 08:54:50 -05:00
Nick Mathewson
886d4be149 Unit tests for test_routerkeys_write_fingerprint 2014-02-28 08:53:14 -05:00
Nick Mathewson
0be9e6099b Unit tests for pk fingerprint functions 2014-02-28 08:53:14 -05:00
Nick Mathewson
25c0435aa5 Tighten router_write_fingerprint impl 2014-02-28 08:53:14 -05:00
Karsten Loesing
3ca5fe81e3 Write hashed bridge fingerprint to logs and to disk.
Implements #10884.
2014-02-28 08:53:13 -05:00
Nick Mathewson
043329eeb6 Merge remote-tracking branch 'karsten/task-5824' 2014-02-28 08:32:13 -05:00
Nick Mathewson
833d027778 Monotonize the OOM-killer data timers
In a couple of places, to implement the OOM-circuit-killer defense
against sniper attacks, we have counters to remember the age of
cells or data chunks.  These timers were based on wall clock time,
which can move backwards, thus giving roll-over results for our age
calculation.  This commit creates a low-budget monotonic time, based
on ratcheting gettimeofday(), so that even in the event of a time
rollback, we don't do anything _really_ stupid.

A future version of Tor should update this function to do something
even less stupid here, like employ clock_gettime() or its kin.
2014-02-26 09:51:30 -05:00
Nick Mathewson
bf1678603f Merge remote-tracking branch 'public/bug10449' 2014-02-25 16:09:15 -05:00
Nick Mathewson
2f5d7bb7e9 Merge remote-tracking branch 'origin/maint-0.2.4' 2014-02-25 15:59:43 -05:00
Nick Mathewson
c3800f631b Merge remote-tracking branch 'public/no_itime_queue' into maint-0.2.4 2014-02-25 15:58:53 -05:00
Nick Mathewson
f8e3c1672d Trivial comment fix. 2014-02-25 10:23:38 -05:00
Nick Mathewson
92da2e27a2 Merge remote-tracking branch 'public/bug11048' 2014-02-25 10:23:09 -05:00
Nick Mathewson
613b0a3bc5 Merge remote-tracking branch 'karsten/geoip2regcountry' 2014-02-25 10:04:37 -05:00
Nick Mathewson
23a5921e9a Merge remote-tracking branch 'origin/maint-0.2.4' 2014-02-25 10:04:10 -05:00
Nick Mathewson
d7950eda2b Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2014-02-25 10:02:14 -05:00
Karsten Loesing
2658e70d16 Fix geoip by falling back to registered countries.
See 1d2179bc90 in master for details.

"""
Fall back to registered country if necessary.

When extracting geoip and geoip6 files from MaxMind's GeoLite2 Country
database, we only look at country->iso_code which is the two-character ISO
3166-1 country code of the country where MaxMind believes the end user is
located.

But if MaxMind thinks a range belongs to anonymous proxies, they don't put
anything there.  Hence, we omit those ranges and resolve them all to '??'.
That's not what we want.

What we should do is first try country->iso_code, and if there's no such
key, try registered_country->iso_code which is the country in which the
ISP has registered the IP address.

In short: let's fill all A1 entries with what ARIN et. al think.
"""
2014-02-25 13:28:34 +01:00
Karsten Loesing
1d2179bc90 Fall back to registered country if necessary.
When extracting geoip and geoip6 files from MaxMind's GeoLite2 Country
database, we only look at country->iso_code which is the two-character ISO
3166-1 country code of the country where MaxMind believes the end user is
located.

But if MaxMind thinks a range belongs to anonymous proxies, they don't put
anything there.  Hence, we omit those ranges and resolve them all to '??'.
That's not what we want.

What we should do is first try country->iso_code, and if there's no such
key, try registered_country->iso_code which is the country in which the
ISP has registered the IP address.

In short: let's fill all A1 entries with what ARIN et. al think.
2014-02-25 13:20:04 +01:00
Karsten Loesing
5015279153 Download MaxMind's geoip file over https.
If the cert turns out to be invalid or if wget is otherwise unable to
verify it, it's going to return an error and not download the file for us.

Spotted by nickm.
2014-02-25 11:26:27 +01:00
Nick Mathewson
0efa2821c7 Merge branch 'bug11047' 2014-02-24 13:06:55 -05:00
Nick Mathewson
9bd77019ca Merge remote-tracking branch 'origin/maint-0.2.4' 2014-02-24 13:06:40 -05:00
Nick Mathewson
d21b24b3b6 Merge remote-tracking branch 'public/feature9777_024_squashed' into maint-0.2.4 2014-02-24 13:05:25 -05:00
Nick Mathewson
a3ab31f5dc Threadproof our log_backtrace implementation
It's possible for two threads to hit assertion failures at the same
time.  If that happens, let's keep them from stomping on the same
cb_buf field.

Fixes bug 11048; bugfix on 0.2.5.2-alpha. Reported by "cypherpunks".
2014-02-24 12:15:32 -05:00
Nick Mathewson
68ed4878ca pass our compiler -fasynchronous-unwind-tables by default
This should make more platforms (in particular, ones with compilers
where -fomit-frame-pointer is on by default but table generation
isn't) support backtrace generation.  Thanks to cypherpunks for this
one.

Fixes bug 11047; bugfix on 0.2.5.2-alpha.
2014-02-24 11:45:03 -05:00
Karsten Loesing
c857276bd7 Include instructions on generating geoip files.
Implements #10924.
2014-02-21 19:13:33 +00:00
Nick Mathewson
1753975ece When not an exit node, don't test for DNS hijacking.
Back in 5e762e6a5c, non-exit servers
stopped launching DNS requests for users.  So there's no need for them
to see if their DNS answers are hijacked.

Patch from Matt Pagan.  I think this is a 965 fix.
2014-02-21 18:04:48 +00:00
Nick Mathewson
6eba3584b1 Merge remote-tracking branch 'public/bug10987_024' 2014-02-21 17:29:48 +00:00
Nick Mathewson
f3e8271652 Style tweaks on code, changes file for 10987 2014-02-21 17:27:35 +00:00
David Goulet
1532cff2ce Fix: send back correct IPv6 SOCKS5 connect reply
For a client using a SocksPort connection and IPv6, the connect reply
from tor daemon did not handle AF_INET6 thus sending back the wrong
payload to the client.

A changes file is provided and this fixes #10987

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2014-02-21 17:19:11 +00:00
Nick Mathewson
8d5215c6a0 Changes file for b063ebbc60
This bugfix didn't get a trac ticket because the internet in this
room is an exercise in futility.
2014-02-20 11:55:38 +00:00
Nick Hopper
b063ebbc60 fixed long -> int implicit cast warning line 3453 2014-02-20 11:54:01 +00:00
Nick Mathewson
c0835f8e75 Merge remote-tracking branch 'origin/maint-0.2.4' 2014-02-18 01:16:22 +00:00
Nick Mathewson
e616f5b513 whoops; mistaek in a496010642. so many comma 2014-02-18 01:15:59 +00:00