Use descriptor annotations to record the source, download t time, and purpose of every descriptor we add to the store. The remaining to-do item is to stop setting do_not_cache on bridges.
svn:r11680
Remove annotated_desc_store store (which we never used). Instead, shift name of router store to cached-descriptors, but initialize it from cached-routers as needed
svn:r11678
Fix a stupid logic error in authority_cert_get_by_sk_digest: the presence of an authority lacking a v3 cert does not mean that subsequent authorities lack them too.
svn:r11668
More annotated-store work: handle annotations in lists correctly. Add ability to prepend annotations to a routerdesc (and to every rtouredesc in a list), while verifying that the routerdesc is not already annotated.
svn:r11665
Backend for descriptor annotations: parse annotations as keywords; only allow them to appear in the cache; do not serve them as part of the descriptor if we are a dirserver. Still need mechanism to set annotations. Still need to rename cache file.
svn:r11654
users configure that and specify a bridge with an identity
fingerprint, now they will lookup the bridge descriptor at the
default bridge authority via a one-hop tunnel, but once circuits
are established they will switch to a three-hop tunnel for later
connections to the bridge authority.
svn:r11550
19:00 < weasel> Sep 21 01:00:01.926 [warn] Consensus published.
19:00 < weasel> hah
19:00 < nickm> ha indeed
19:00 < nickm> a winner is me
19:00 < weasel> _warn_ :)
19:01 < nickm> watch out! It could go off at any moment!
19:01 * weasel backs away
svn:r11546
Fix a bug that made servers send a "404 Not found" in response to
attempts to fetch their server descriptor. This caused Tor servers
to take many minutes to establish reachability for their DirPort,
and it totally crippled bridges. Bugfix on 0.2.0.5-alpha.
svn:r11545
Re-optimize counter-mode: save about 15% on my core2 by (1) not regenerating the entire counter buffer every time we encrypt a block of keystream (2) using the platform-optimized htonl to convert to big-endian (It's a single instruction on 486 and later ) and (3) not even keeping a separate "counter" and "buffer" when the platform is big-endian. The third still needs testing.
svn:r11536
New (untested) code to implement AES-with-IV. Currently, IVs are generated randomly. Once tested, should be (almost) a drop-in replacement for the CBC functions.
svn:r11519
Switch our AES implementation from "128 bit counter with to 64 bits set to 0" to a proper implementation of counter mode. Also, add an aes_set_iv function to initialize the counter to a nonzero value.
svn:r11518
Carry a new evdns function over from libevent: do not rely on compile-time code to set the transaction ID correctly. This will be important when we finally drop our internal copy of eventdns.c
svn:r11517
clients specify their chosen rendezvous point by identity digest
rather than by (potentially ambiguous) nickname. This change could
speed up hidden service connections dramatically.
svn:r11499
Get rid of a needless malloc() when parsing address policies. Original patch from "Some guy on #tor", via arma. Altered to have a sufficiently large buffer, and not use the buffer so much, and to save a strlcpy.
svn:r11480
BandwidthRate, RelayBandwidthRate, or MaxAdvertisedBandwidth
were below a threshold. Now they only look at BandwidthRate and
RelayBandwidthRate.
svn:r11465
Remove some needless complexity from the code to add signatures to a consensus: previously, we had a path to add new signatures, and a second path to replace signatures. But the second path sufficed as a common case, and the code isn't invoked nearly enough to justify the optimization of having the first path.
svn:r11433
Refactor store_stats_t to hold a pointer to the proper mmap, and turn it into a full-fledged type. This sets stuff up nicely for adding a separate "annotated" store. Add some XXXX NM items that need to be fixed when annotated stores exist
svn:r11338
Teach tor about more libevent versions. Be more clear that "Known bugs" means "it will crash or something." Most significantly, stop issuing dire warnings every time we run with kqueue on os x: it seems to have worked for a while now.
svn:r11314
Refactor write_chunks_to_file_impl: break out the "pick a temporary name if it makes sense, and open the right filename" logic and the "close the file and unlink or rename if necessary" logic. This will let us write big files in a smarter way than "Build a big string" or "make a list of chunks", once we get around to using it.
svn:r11300
Make controllers accept LF as well as CRLF. Update spec to reflect this. Remove now-dead code. Make controller warning about v0 protocol more accurate.
svn:r11299
Add a line to the state file for each guard to let us know which version added the guard. If the line is absent, assume the guard was added by whatever version of Tor last wrote the state file. Remove guards if the version that added them was using a bad guard selection algorithm. (Previously, we removed guards if the version that wrote the file was using a bad guard selection algorithm, even if the guards themselves were chosen by a good version.)
svn:r11298
Most configuration options have the same names in or.h and in torrc. Make the macros reflect this, so that it is easier to fit them onto a line, and so that mismatched options stand out more
svn:r11290
Add a new ClientDNSRejectInternalAddresses option (default: on) to refuse to believe that any address can map to or from an internal address. This blocks some kinds of potential browser-based attacks, especially on hosts using DNSPort. Also clarify behavior in some comments. Backport candiate?
svn:r11287
want, which is to expire old guards *every* time somebody moves
from an old version to the new one.
also, refine which version numbers count as 'new enough'.
svn:r11272
Fix a bug in last patch; add support for getting extrainfo documents by the control port (since it is silly to tell tools to do it without actually giving them an interface).
svn:r11270
Add a hacked-up GETINFO desc/all-recent-extrainfo-hack so that torstat can keep working with a minimum of fuss, until it learns about extrainfo documents.
svn:r11269
since we want the default guardversion to be 0 (which is what it is
if there's no guardversion line), yet when we're validating a freshly
configed and defaulted state, we don't want to complain.
svn:r11264
Finish implementing and documenting proposal 108: Authorities now use MTBF data to set their stability flags, once they have at least 4 days of data to use.
svn:r11240
Clean up MTBF storage code. Do not count times that we have been down toward the current run. Handle backward timewarps correctly. Store MTBF data on exit in addition to periodically.
svn:r11225
Add debugging warning to not abort in the case of bug 483. This is probably not an actual error case, so we should figure out what is really causing it and do something more sensible.
svn:r11215
Expire application streams in all cases if they've been around
longer than SocksTimeout. Right now there are some cases where the
stream will live forever, demanding a new circuit every 15 seconds.
Bugfix on 0.1.2.7-alpha; fixes bug 454; reported by lodger.
svn:r11186
Long overdue test.c refactoring: add --warn/--notice/--info/--debug command line options to set logging levels, and let the user specify which tests to run from the commmand line.
svn:r11167
When we are loading state info from disk, never believe any date in the future. Doing so can keep us from retrying guards, rotating onion keys, storing bandwidth info, etc. Fixes bug 434, and others. Backport candidate, once it has been tested.
svn:r11166
Link note_router_reachable and note_router_unreachable to mtbf code. decouple mtbf from connect/disconnect. log it in USR1. do not blow it away on cleanup if we are an authority.
svn:r11151
Fix a bug caught by Kate: when we switched from masks to bits in 0.2.0.3-alpha, we added a spurious ! that made us never believe that any address fell inside a virtual address range. While we're at it, save a trip around the loop in the common case.
svn:r11129
