Commit Graph

6130 Commits

Author SHA1 Message Date
Karsten Loesing
9e97067b2f Prevent bridges from publishing router descriptors.
Bridges are not supposed to publish router descriptors to the directory
authorities. It defeats the point of bridges when they are included in the
public relay directory.

This patch puts out a warning and exits when the node is configured as
a bridge and to publish v1, v2, or v3 descriptors at the same time.

Also fixes part of bug 932.
2009-05-13 16:45:59 -04:00
Nick Mathewson
fc091e8a96 When our bridge status changes, forget old geoip data.
This fixes bug 932, where all of our usage totals for users when we
were a regular server would get included in the extrainfo document.
2009-05-13 16:45:59 -04:00
Nick Mathewson
a271c5370a Merge commit 'origin/maint-0.2.1' into m3 2009-05-12 14:04:51 -04:00
Sebastian Hahn
a28215a150 Warn when hibernation and low-port on non-windows is configured
This addresses the first part of bug 918. Users are now warned when
they try to use hibernation in combination with a port below 1024
when they're not on Windows. We don't want to die here, because
people might run Tor as root, use a capabilities system or some
other platform that will allow them to re-attach low ports.

Wording suggested by Marian
2009-05-12 20:00:00 +02:00
Nick Mathewson
5fc08d1920 Merge 0.2.1 onto the development branch.
Manually resolved conflicts on version number; all else applied cleanly.
2009-05-12 13:57:58 -04:00
Nick Mathewson
88d81ead83 Better debugging output for bug 977 case.
(Don't crash immediately if we have leftover chunks to free after
freeing chunks in a buffer freelist; instead log a debugging message
that might help.)
2009-05-12 13:54:21 -04:00
Nick Mathewson
fdbdb4dc15 Include the *_sha1.i files in their own *_codedigest.c files.
This way we do not need to rebuild util.c and/or config.c whenever
any unrelated source file in src/common or src/or has changed.
2009-05-08 12:35:36 -04:00
Karsten Loesing
948835c680 Remove unused rendversion parameters. YAGNI. 2009-05-04 13:46:30 -04:00
Karsten Loesing
f79688ddef Clients do not request version 0 hidserv descs anymore. 2009-05-04 13:46:30 -04:00
Karsten Loesing
0d68da2381 Drop version 0 hidserv support on service side. 2009-05-04 13:46:29 -04:00
Karsten Loesing
9b32e8c141 Update copyright to 2009. 2009-05-04 11:28:27 -04:00
Karsten Loesing
4ebcc4da34 Update copyright to 2009. 2009-05-02 22:00:54 +02:00
Karsten Loesing
e25fdce900 Documentation fix. 2009-05-02 21:47:03 +02:00
Nick Mathewson
596e852c31 Remove the long-deprecated GETINFO addr-mappings/ 2009-05-01 06:25:18 -04:00
Nick Mathewson
6ac3a8b0cd Command-line option to dump SHA1 digests of all source files.
Now, when you call tor --digests, it dumps the SHA1 digest of each
source file that Tor was built with.  We support both 'sha1sum' and
'openssl sha1'.  If the user is building from a tarball and they
haven't edited anything, they don't need any program that calculates
SHA1.  If they _have_ modified a file but they don't have a program to
calculate SHA1, we try to build so we do not output digests.
2009-04-29 14:46:04 -04:00
Sebastian Hahn
5675be39a0 Return -1 in the error case from read_bandwidth_usage.
svn:r19367
2009-04-23 22:04:10 +00:00
Karsten Loesing
4e6120cffb Documentation fix.
svn:r19337
2009-04-16 08:25:36 +00:00
Roger Dingledine
39ceda7e05 Raise the minimum bandwidth to be a relay from 20000 bytes to 20480
bytes (aka 20KB/s), to match our documentation. Also update
directory authorities so they always assign the Fast flag to relays
with 20KB/s of capacity. Now people running relays won't suddenly
find themselves not seeing any use, if the network gets faster
on average.


svn:r19305
2009-04-12 07:56:58 +00:00
Roger Dingledine
c024928b63 For belt-and-suspenders, relays that don't set Address in their config
now avoid using begin_dir for all direct connections.


svn:r19296
2009-04-11 19:40:42 +00:00
Roger Dingledine
419d158c74 make it compile too
svn:r19295
2009-04-11 19:22:38 +00:00
Roger Dingledine
9c6b135e1a play make-believe that addr isn't a uint32_t
svn:r19293
2009-04-11 18:21:18 +00:00
Roger Dingledine
fa003351ae fix the same bug in two more locations (thanks to lark for prodding
me further)


svn:r19292
2009-04-11 18:19:57 +00:00
Roger Dingledine
8d82583d97 Finally fix the bug where dynamic-IP relays disappear when their
IP address changes: directory mirrors were mistakenly telling them
their old address if they asked via begin_dir, so they never got
an accurate answer about their new address, so they just vanished
after a day. Should fix bugs 827, 883, and 900 -- but alas, only
after every directory mirror has upgraded.


svn:r19291
2009-04-11 18:09:15 +00:00
Roger Dingledine
235a1196b3 only log that at loglevel notice if there's a problem with the
version. otherwise there's no reason to tell the user we're
doing behind-the-scenes cleaning.


svn:r19288
2009-04-11 12:06:27 +00:00
Roger Dingledine
48118b228e Clients replace entry guards that were chosen more than a few months
ago. This change should significantly improve client performance,
especially once more people upgrade, since relays that have been
a guard for a long time are currently overloaded.


svn:r19287
2009-04-11 12:00:18 +00:00
Roger Dingledine
7e32f0d5c8 fix a comment
svn:r19262
2009-04-11 00:40:11 +00:00
Roger Dingledine
93c0a81491 If the bridge config line doesn't specify a port, assume 443.
This makes bridge lines a bit smaller and easier for users to
understand.

Also, remove a duplicate changelog entry from the past.


svn:r19260
2009-04-11 00:16:05 +00:00
Sebastian Hahn
8390787a5f Directory authorities should accept a descriptor as changed when the relay operator changed the bandwithrate or bandwithburst settings.
svn:r19259
2009-04-11 00:12:52 +00:00
Roger Dingledine
c4145e5390 commit sebastian's patch to not require contactinfo when testingtornetwork
is set


svn:r19257
2009-04-10 07:02:19 +00:00
Nick Mathewson
d50501e5ed Fix a few crash bugs related to malormed descriptors. Lark found one; fuzzing found the rest.
svn:r19250
2009-04-09 19:58:16 +00:00
Roger Dingledine
ee58153b50 log more verbosely when we accept or decline a router descriptor,
to help track whether we received them when a relay operator claims
they got sent.


svn:r19213
2009-04-01 13:02:04 +00:00
Roger Dingledine
b4ceb830e0 if a directory authority declines our server descriptors because it's
not new enough, write that in the logs. might be helpful one day.


svn:r19195
2009-03-31 05:24:36 +00:00
Roger Dingledine
7170c5b4f8 Limit uploaded directory documents to be 16M rather than 500K.
The directory authorities were refusing v3 consensus votes from
other authorities, since the votes are now 504K. Fixes bug 959;
bugfix on 0.0.2pre17 (where we raised it from 50K to 500K ;).


svn:r19194
2009-03-31 04:03:37 +00:00
Roger Dingledine
793f1ce007 Directory authorities should never send a 503 "busy" response to
requests for votes or keys. Bugfix on 0.2.0.8-alpha; exposed by
bug 959.


svn:r19189
2009-03-31 01:29:07 +00:00
Nick Mathewson
b5135f1190 Whitespace cleanup.
svn:r19080
2009-03-18 19:30:37 +00:00
Nick Mathewson
c2f8d97212 Do not generate the non-verbose circuit path when generating a circuit event unless we will use it.
svn:r19079
2009-03-18 19:30:34 +00:00
Nick Mathewson
a335b43a67 If we have a routerstatus but no routerinfo to name a router, use the routerstatus instead when generating circuit events. Also refactor a little.
svn:r19078
2009-03-18 19:30:30 +00:00
Nick Mathewson
e591aafca4 Add a function to get a LongName from a routerstatus. Needed for partial bug 941 fix.
svn:r19077
2009-03-18 19:30:26 +00:00
Nick Mathewson
30ec1d1d50 Don't double-free successful_uploads.
When we used smartlist_free to free the list of succesful uploads
because we had succeeded in uploading everywhere, we did not actually
set the successful_uploads field to NULL, so later it would get freed
again in rend_service_descriptor_free.  Fix for bug 948; bug
introduced in 0.2.1.6-alpha.

svn:r19073
2009-03-18 14:35:24 +00:00
Nick Mathewson
ad7ebec24c Free very-old descriptors that we do not want to add. Fix for bug 672. Backport candidate
svn:r19057
2009-03-16 18:47:45 +00:00
Karsten Loesing
309080b6aa Make directory usage recording work again. Fixing bug introduced in r17009.
svn:r18924
2009-03-11 22:08:37 +00:00
Roger Dingledine
4e094ddc4d when we get an unrecognized relay streamid, log it
svn:r18919
2009-03-11 20:51:47 +00:00
Roger Dingledine
4774e593b8 Bugfix on r17756:
Avoid trying to print raw memory to the logs when we decide to
give up on downloading a given relay descriptor. Bugfix on
0.2.1.9-alpha.


svn:r18831
2009-03-09 22:05:17 +00:00
Nick Mathewson
d40cbda2cd Log cached-at-exit exit policies to try to fix bug 672.
svn:r18827
2009-03-09 15:53:37 +00:00
Roger Dingledine
5d50bc3e1d We were already rejecting relay begin cells with destination port
of 0. Now also reject extend cells with destination port or address
of 0. Suggested by lark.


svn:r18812
2009-03-09 00:53:42 +00:00
Nick Mathewson
cbbc0c9c86 Actually use tor_sscanf() to parse untrusted input.
svn:r18761
2009-03-03 18:02:36 +00:00
Nick Mathewson
26d83fc04c Add a simple locale-independent no-surprises sscanf replacement.
tor_sscanf() only handles %u and %s for now, which will make it
adequate to replace sscanf() for date/time/IP parsing.  We want this
to prevent attackers from constructing weirdly formed descriptors,
cells, addresses, HTTP responses, etc, that validate under some
locales but not others.

svn:r18760
2009-03-03 18:02:31 +00:00
Nick Mathewson
9f8d095e0f Add and use set/get_uint64 on onion tags. [bug 604; backportable]
It seems that 64-bit Sparc Solaris demands 64-bit-aligned access to
uint64_t, but does not 64-bit-align the stack-allocated char array we
use for cpuworker tags.  So this patch adds a set/get_uint64 pair, and
uses them to access the conn_id field in the tag.

svn:r18743
2009-03-02 19:15:05 +00:00
Nick Mathewson
27c3b43817 Fix one case of bug 929.
svn:r18683
2009-02-23 20:04:51 +00:00
Nick Mathewson
c7f3416a9e Add some debugging code to try to catch the likely cause of bug 929
svn:r18682
2009-02-23 18:57:21 +00:00
Nick Mathewson
261670b57e Patch from lark: if we get two extend cells for the same circuit id, drop the second. Previously, we had leaked an extend_info if the target connection was not open when the second arrived.
svn:r18668
2009-02-21 19:07:05 +00:00
Nick Mathewson
192b701fac Patch from lark: drop BEGIN cells from a rendevous circuit if they do not originate from the end of the circuit.
svn:r18667
2009-02-21 19:07:01 +00:00
Roger Dingledine
1b6688786c send the newconsensus event if the controller has asked for newconsensus
events, not if he's asked for ns events


svn:r18656
2009-02-20 10:25:08 +00:00
Nick Mathewson
b13496b62a Possible fix for broken country settings in ExcludeExitNodes.
It turns out that we weren't updating the _ExcludeExitNodesUnion set's
country numbers when we reloaded (or first loaded!) the IP-to-country
file.  Spotted by Lark.  Bugfix on 0.2.1.6-alpha.

svn:r18575
2009-02-16 15:15:06 +00:00
Roger Dingledine
d3289c6b87 docdoc and changelog for r18556
svn:r18566
2009-02-16 10:39:10 +00:00
Roger Dingledine
d13cc5f989 and list the new event here too
svn:r18557
2009-02-16 06:18:44 +00:00
Roger Dingledine
9ded433abb new controller event NEWCONSENSUS that lists the networkstatus
lines for every recommended relay.

still needs docdoc and changelog entry.


svn:r18556
2009-02-16 06:18:03 +00:00
Roger Dingledine
c8474f9d93 If the controller claimed responsibility for a stream, but that
stream never finished making its connection, it would live
forever in circuit_wait state. Now we close it after SocksTimeout
seconds. Bugfix on 0.1.2.7-alpha; reported by Mike Perry.


svn:r18516
2009-02-13 04:11:14 +00:00
Nick Mathewson
65dc835773 Revert an erroneous part of the non-fix to bug 326, and add comments to explain why it was erroneous.
svn:r18494
2009-02-11 17:23:11 +00:00
Nick Mathewson
6e4afe6f13 I worry that the CLEAR() macro in eventdns.c is hiding bugs. That is sad, because it was meant to make them more detectable. Change it to change stuff to garbage rather than to 0. If no bugs turn up, we can remove it in 0.2.2.x
svn:r18493
2009-02-11 17:22:34 +00:00
Nick Mathewson
8d9aadf57c Port some mostly cosmetic eventdns changes from libevent
svn:r18492
2009-02-11 17:22:29 +00:00
Nick Mathewson
356b40f58b Clients and non-caches do not need to cache unrecognized authority certificates.
svn:r18480
2009-02-10 20:28:30 +00:00
Karsten Loesing
34b285b09f As an exit node, scrub the IP address to which we are exiting in the logs. Bugfix on 0.2.1.8-alpha.
svn:r18477
2009-02-10 18:52:47 +00:00
Nick Mathewson
91fece7be2 Don't extend introduction circuits indefinitely.
Doing so could run you out of relay_early cells and give you a
senselessly long circuit.  Patch from Karsten; may fix bug 878.

svn:r18459
2009-02-10 00:45:30 +00:00
Nick Mathewson
6f90f6f2a2 Retry circuits if the exit node is optional and nonexistant.
Previously, when we had the chosen_exit set but marked optional, and
we failed because we couldn't find an onion key for it, we'd just give
up on the circuit.  But what we really want to do is try again, without
the forced exit node.

Spotted by rovv.  Another case of bug 752.  I think this might be
unreachable in our current code, but proposal 158 could change that.

svn:r18451
2009-02-09 16:55:48 +00:00
Nick Mathewson
c7315e65ae Disable KQUEUE from inside Tor if the OSX version is prior to 10.4.0
svn:r18450
2009-02-09 16:07:02 +00:00
Roger Dingledine
28d97f8262 uh, and commit the patch too.
svn:r18423
2009-02-09 03:13:14 +00:00
Nick Mathewson
fe987d3a17 Remove some deadcode and use tor_inet_aton uniformly.
svn:r18422
2009-02-09 03:13:05 +00:00
Nick Mathewson
2ebdf91a52 Fix a remote-crash bug. This will need a patch release.
svn:r18421
2009-02-09 03:13:02 +00:00
Roger Dingledine
3845087b04 decide that mikeperry's bug should be fixed in 0.2.1.x
(but not in 0.2.1.12-alpha, sorry)


svn:r18417
2009-02-09 02:50:19 +00:00
Roger Dingledine
decdf4537a If we're using bridges and our network goes away, be more willing
to forgive our bridges and try again when we get an application
request. Bugfix on 0.2.0.x.


svn:r18396
2009-02-04 23:27:35 +00:00
Roger Dingledine
45aeabf8f7 make a note about a clause in connection_edge.c that is probably
redundant, and is definitely confusing. we should take it out
in 0.2.2.x and see who squeaks.


svn:r18383
2009-02-04 08:27:36 +00:00
Nick Mathewson
261f49fe26 Fix a possible cause of bug 915 when parsing multiple votes one of which was bad. Bugfix on 0.2.0.8-alpha.
svn:r18354
2009-01-31 18:27:38 +00:00
Nick Mathewson
0f2e171653 fix a wide line.
svn:r18341
2009-01-30 15:23:44 +00:00
Nick Mathewson
e1f03572ca Support setting serverdnsrandomizecase during sighup. Backportable, unless too trivial.
svn:r18307
2009-01-28 19:53:03 +00:00
Nick Mathewson
f78793879d Fix a race condition on nameserver reconfiguration.
This resolves bug 526, wherein we would crash if the following
events occurred in this order:
  A: We're an OR, and one of our nameservers goes down.
  B: We launch a probe to it to see if it's up again. (We do this hourly
     in steady-state.)
  C: Before the probe finishes, we reconfigure our nameservers,
     usually because we got a SIGHUP and the resolve.conf file changed.
  D: The probe reply comes back, or times out. (There is a five-second
     window for this, after B has happens).

IOW, if one of our nameservers is down and our nameserver
configuration has changed, there were 5 seconds per hour where HUPing
the server was unsafe.

Bugfix on 0.1.2.1-alpha.  Too obscure to backport.

svn:r18306
2009-01-28 18:26:20 +00:00
Nick Mathewson
e06de61d84 Don't obsolete a very-new connection for having no circuits yet.
This fixes the last known case of bug 891, which could happen if two
hosts, A and B, disagree about how long a circuit has been open,
because of clock drift of some kind.  Host A would then mark the
connection as is_bad_for_new_circs when it got too old and open a new
connection.  In between when B receives a NETINFO cell on the new
conn, and when B receives a conn cell on the new circuit, the new
circuit will seem worse to B than the old one, and so B will mark it
as is_bad_for_new_circs in the second or third loop of
connection_or_group_set_badness().

Bugfix on 0.1.1.13-alpha.  Bug found by rovv.

Not a backport candidate: the bug is too obscure and the fix too tricky.

svn:r18303
2009-01-28 17:36:41 +00:00
Nick Mathewson
0d5f4d4e73 Remove some dead code.
svn:r18301
2009-01-28 17:36:34 +00:00
Nick Mathewson
8027c8c6dd Forward-port: Fix bug 893: check AP connections for markedness before expiring them.
svn:r18299
2009-01-28 16:30:06 +00:00
Nick Mathewson
ef001cf85d Actually send the extra_headers content in write_http_response_header_impl. This make X-Descriptor-Now-New get sent. Bugfix on 0.2.0.10-alpha. Spotted by "multiplication".
svn:r18297
2009-01-28 16:06:46 +00:00
Roger Dingledine
9fdae765e3 clean up r18287
svn:r18288
2009-01-28 07:16:22 +00:00
Roger Dingledine
edff606317 patch from matt to implement 'getinfo status/clients-seen'
svn:r18287
2009-01-28 06:50:36 +00:00
Roger Dingledine
59f57a0117 gah. yet another place that needs to be edited when we add
a new event. what a mess.


svn:r18277
2009-01-27 04:43:43 +00:00
Nick Mathewson
25c6ff6f55 Support 64-bit time_t. Patch from Matthias Drochner. Partial backport candidate.
svn:r18234
2009-01-22 16:28:12 +00:00
Nick Mathewson
8ebceeb352 Make sure that even in the weird fiddly paths that lead to init_keys,
crypto_global_init gets called.  Also have it be crypto_global_init
that calls crypto_seed_rng, so we are not dependent on OpenSSL's
RAND_poll in these fiddly cases.

Should fix bug 907.  Bugfix on 0.0.9pre6.  Backport candidate.

svn:r18210
2009-01-21 15:38:39 +00:00
Roger Dingledine
a5a6b9a08a Let controllers actually ask for the "clients_seen" event. Bugfix
on 0.2.1.10-alpha; reported by Matt Edman.


svn:r18201
2009-01-21 03:24:27 +00:00
Nick Mathewson
87124f54d0 This patch changes the default location where config and data files
are stored when the --enable-local-appdata option is configured.  This
changes the Windows path from %APPDATA% to a host local
%USERPROFILE%\Local Settings\Application Data\ path (aka,
LOCAL_APPDATA).

Patch from coderman.



svn:r18122
2009-01-15 23:07:11 +00:00
Nick Mathewson
a899f5eaf2 make an assert tighter and replace another with an if.
svn:r18102
2009-01-14 06:36:33 +00:00
Nick Mathewson
6bf5d49b8a Now that we can hit the end of router_rebuild_store before chunk_list is set, we need to test it before freeing it.
svn:r18101
2009-01-14 06:36:30 +00:00
Nick Mathewson
d7be03427d Refactor MIN_IPS_TO_NOTE_* macros in geoip.c: simplify code.
It was dumb to have an "announce the value if it's over 0" version of
the code coexisting with an "announce the value if it's at least N"
version.  Retain the latter only, with N set to 1.

Incidentally, this should fix a Coverity REVERSE_INULL warning.

svn:r18100
2009-01-14 06:20:57 +00:00
Nick Mathewson
2aaf71826d Fix a compile warning on win32.
svn:r18099
2009-01-14 04:03:24 +00:00
Karsten Loesing
42c824b405 True, 17 is greater than 0. But this applies to 4111 as well.
svn:r18097
2009-01-13 15:02:32 +00:00
Nick Mathewson
a33452c401 Fix up (I hope) most ot the things that coverity suddenly claimed were REVERSE_INULL. This is what we get for bragging about being down to 0 issues.
svn:r18096
2009-01-13 14:43:51 +00:00
Nick Mathewson
c32a4ce6b3 Do the tor_assert hack everywhere in test_crypto_aes_iv.
svn:r18095
2009-01-13 14:43:46 +00:00
Nick Mathewson
dbc8a44bae Fix ServerDNSRandomizeCase so that setting it to 0 works.
Bugfix on 0.2.1.7-alpha.  Backport candidate. Fixes bug 905.

svn:r18063
2009-01-10 14:38:14 +00:00
Nick Mathewson
a0a5440826 Make the last bunch of libevent version detection silliness work on macosx.
svn:r18015
2009-01-07 21:13:02 +00:00
Nick Mathewson
a6504cdea7 Check that Libevent header version matches Libevent library version.
Unfortunately, old Libevents don't _put_ a version in their headers, so
this can get a little tricky.  Fortunately, the only binary-compatibility
issue we care about is the size of struct event.  Even more fortunately,
Libevent 2.0 will let us keep binary compatiblity forever by letting us
decouple ourselves from the structs, if we like.

svn:r18014
2009-01-07 21:05:02 +00:00
Roger Dingledine
c123163043 Discard router descriptors as we load them if they are more than
five days old. Otherwise if Tor is off for a long time and then
starts with cached descriptors, it will try to use the onion
keys in those obsolete descriptors when building circuits. Bugfix
on 0.2.0.x. Fixes bug 887.


svn:r17993
2009-01-07 02:13:42 +00:00
Roger Dingledine
18ffea77ae actually find the right identity_digest to blame when we get
a destroy cell from our first hop.


svn:r17991
2009-01-07 00:30:12 +00:00
Roger Dingledine
bf33182459 well, that was a disaster. this time for sure.
svn:r17989
2009-01-06 22:20:31 +00:00
Roger Dingledine
c052494a4f no actual changes besides a seg fault on startup, i meant
svn:r17986
2009-01-06 21:42:05 +00:00
Roger Dingledine
cdda852cec simplify. no actual changes i think. ;)
svn:r17985
2009-01-06 21:31:46 +00:00
Roger Dingledine
b36a98ff5a When our circuit fails at the first hop (e.g. we get a destroy
cell back), avoid using that OR connection anymore, and also
tell all the one-hop directory requests waiting for it that they
should fail. Bugfix on 0.2.1.3-alpha.


svn:r17984
2009-01-06 21:28:48 +00:00
Nick Mathewson
462f64b6b9 Make outgoing DNS requests respect OutboundBindAddress.
Fixes the bug part of bug 789.

svn:r17983
2009-01-06 20:50:55 +00:00
Roger Dingledine
4f27e73aaa clarify which relay gave us the good netinfo cell
svn:r17973
2009-01-06 19:21:47 +00:00
Roger Dingledine
68806c7fb7 When a relay gets a create cell it can't decrypt (e.g. because it's
using the wrong onion key), we were dropping it and letting the
client time out. Now actually answer with a destroy cell. Bugfix
on 0.0.2pre8.


svn:r17970
2009-01-06 19:03:15 +00:00
Roger Dingledine
0955a1b9e1 Jan 06 13:03:57.309 [info] networkstatus_set_current_consensus(): Loaded an obsolete consensus. Discarding.
Jan 06 13:03:57.309 [warn] Couldn't load consensus networkstatus from "bridge/cached-consensus"

doesn't need a real warn.


svn:r17969
2009-01-06 18:06:49 +00:00
Nick Mathewson
5e44581412 Clean up (and mark for 0.2.2.) comments relating to non-beauty of current bug-743 fix.
svn:r17966
2009-01-06 17:37:22 +00:00
Nick Mathewson
6f1ceaefaa Slightly better messages on ControlListenAddress 0.0.0.0
svn:r17963
2009-01-06 16:57:42 +00:00
Roger Dingledine
e127072318 Prevent bridge relays from serving their 'extrainfo' document
to anybody who asks, now that extrainfo docs include potentially
sensitive aggregated client geoip summaries.


svn:r17958
2009-01-06 16:03:38 +00:00
Nick Mathewson
9abfb564a0 Make dirserv_get_routerdesc_fingerprints() treat extrainfos with send_unencrypted==0 correctly. Irrelevant, since we will soon never send them at all.
svn:r17953
2009-01-06 15:37:51 +00:00
Roger Dingledine
d95b63f1e4 Bugfix on r13098. Backport candidate.
When we made bridge authorities stop serving bridge descriptors over
unencrypted links, we also broke DirPort reachability testing for
bridges. So bridges with a non-zero DirPort were printing spurious
warns to their logs. Bugfix on 0.2.0.16-alpha. Fixes bug 709.


svn:r17945
2009-01-06 07:13:24 +00:00
Nick Mathewson
f772fc0c36 apply a variant of rovv's bug 872 patch, and document that we want a better solution for 0.2.2.x.
svn:r17924
2009-01-05 20:52:14 +00:00
Roger Dingledine
e3388230c4 Bridge relays that had DirPort set to 0 would stop fetching
descriptors shortly after startup, and then briefly resume
after a new bandwidth test and/or after publishing a new bridge
descriptor. Bridge users that try to bootstrap from them would
get a recent networkstatus but would get descriptors from up to
18 hours earlier, meaning most of the descriptors were obsolete
already. Reported by Tas; bugfix on 0.2.0.13-alpha.


svn:r17920
2009-01-05 18:54:11 +00:00
Roger Dingledine
9e75c06197 If the cached networkstatus consensus is more than five days old,
discard it rather than trying to use it. In theory it could
be useful because it lists alternate directory mirrors, but in
practice it just means we spend many minutes trying directory
mirrors that are long gone from the network. Helps bug 887 a bit;
bugfix on 0.2.0.x.


svn:r17917
2009-01-05 16:56:11 +00:00
Mike Perry
da430cfcf7 Preserve reporting of stream end reasons to the local control
port.  They were lost in the changes for Proposal 148.



svn:r17911
2009-01-05 14:14:57 +00:00
Karsten Loesing
fe9790740f Use doxygen-style comments instead of C-style comments.
svn:r17893
2009-01-04 23:44:43 +00:00
Nick Mathewson
743c6c8277 OpenBSD malloc.h believes that you should be able to detect headers with autoconf, or build without warnings, but not both. So never include malloc.h on OpenBSD. Backport candidate.
svn:r17891
2009-01-04 22:47:42 +00:00
Karsten Loesing
26482e855b Document some variables used for generating statistics on usage of V0 hidden service directory authorities.
svn:r17890
2009-01-04 19:59:35 +00:00
Nick Mathewson
92ce533f71 Another round of downgrading removing or postponing XXXX021 issues. Some remain, though.
svn:r17888
2009-01-04 19:47:21 +00:00
Nick Mathewson
9c94b428d9 Fix the oldest bug in a while: stop accepting 1.2.3 as a valid IPv4 address on any platform.
svn:r17887
2009-01-04 19:47:17 +00:00
Nick Mathewson
360a059948 Fix an xxx021: do not remove routerinfos as too old and unlisted unless we have a consensus. Backport candidate.
svn:r17886
2009-01-04 19:47:12 +00:00
Nick Mathewson
c4b8fef362 Remove svn $Id$s from our source, and remove tor --version --version.
The subversion $Id$ fields made every commit force a rebuild of
whatever file got committed.  They were not actually useful for
telling the version of Tor files in the wild.

svn:r17867
2009-01-04 00:35:51 +00:00
Nick Mathewson
9201586ed5 Another attempt at fixing coverity scan CID 361.
svn:r17863
2009-01-03 23:06:12 +00:00
Nick Mathewson
9c20441bcb Only set sin_len/sin6_len when they exist.
svn:r17851
2009-01-02 20:57:10 +00:00
Roger Dingledine
89d268848f take out my IMPOSSIBLE_TO_DOWNLOAD+1 hack
svn:r17850
2009-01-02 20:46:32 +00:00
Nick Mathewson
48f2ce298b Try harder to make sure we zero-out the extraneous sockaddr fields and that we set sockaddr_len. Conceivably a backport candidate, though nothing has yet been sen to break.
svn:r17849
2009-01-02 20:39:38 +00:00
Nick Mathewson
b07baba879 Increment n_download_failures up to IMPOSSIBLE_TO_DOWNLOAD-1, not up to IMPOSSIBLE_TO_DOWNLOAD.
svn:r17835
2008-12-31 17:22:18 +00:00
Roger Dingledine
dfc6555ddd switch over the bridge descriptor download mechanism to
use the same download mechanism as other places.

i had to make an ugly hack around "IMPOSSIBLE_TO_DOWNLOAD+1".
we should unhack that sometime.


svn:r17834
2008-12-31 14:19:57 +00:00
Roger Dingledine
9ea7e7f0cd fix a bug in download failure logging; don't do this "stop
downloading forever" thing with bridge descriptor downloads.


svn:r17833
2008-12-31 14:11:46 +00:00
Karsten Loesing
9a04358d87 Debug code for task 878.
svn:r17828
2008-12-30 11:43:50 +00:00
Nick Mathewson
52932d6f1a Remove some code that is #ifdefed out, and that we no longer seem to use, if we ever did.
svn:r17827
2008-12-30 04:16:49 +00:00
Nick Mathewson
ffe22fab9b Indeed, arma was right. There was one ntohl too many in debug_ntop in eventdns.c
svn:r17826
2008-12-30 04:08:45 +00:00
Roger Dingledine
c190842a34 point out the bug location to nick. unless i'm wrong.
svn:r17825
2008-12-30 02:36:11 +00:00
Nick Mathewson
3a8a2cb2de Downgrade some xxx021s, comment more on others, etc
svn:r17823
2008-12-29 20:17:24 +00:00
Nick Mathewson
8625297cee Actually log reasons on unusable guards again.
svn:r17822
2008-12-29 20:17:20 +00:00
Nick Mathewson
d640e2ab00 Spec compliance: if weighted MTBF of a router is at least 5 days, always vote it as Stable.
svn:r17821
2008-12-29 20:17:18 +00:00
Nick Mathewson
f7fb1bf931 Refactor sockaddr family match check into a new function
svn:r17820
2008-12-29 19:57:17 +00:00
Nick Mathewson
83491796ee Explain why the XXXX021 in connection_or.c was there, and explain why it doesn' actually need to get fixed in 0.2.1, I think.
svn:r17819
2008-12-29 19:57:13 +00:00
Nick Mathewson
45bd6c650d Replace kludgy assert with something a little less awful, and avoid needless strlcpy in rend descriptor encoding.
svn:r17818
2008-12-29 19:57:08 +00:00
Nick Mathewson
76a2e11f91 Downgrade the last xxx021 in routerparse. The duplicate code stands for now.
svn:r17817
2008-12-29 19:57:04 +00:00
Nick Mathewson
c1c7f982d9 Do not not cannibalize a circuit that has run out of RELAY_EARLY cells. Partial bug 878 fix.
svn:r17815
2008-12-29 19:55:17 +00:00
Nick Mathewson
145ead96ed Do not cannibalize a circuit that has run out of RELAY_EARLY cells. Partial bug 878 fix.
svn:r17814
2008-12-29 19:55:13 +00:00
Nick Mathewson
a332805a55 Extact parse-the-token-arguments to its own function, and change it to a single-pass algorithm. This simplifies the parsing code and speeds it up a little.
svn:r17812
2008-12-29 16:54:56 +00:00
Nick Mathewson
fa6e72dc4b Remove a call to find_whitespace_eos that didn't actually do anything.
svn:r17811
2008-12-29 16:54:51 +00:00
Nick Mathewson
a42e82b0de While I'm at it, refactor control.c a little so that the dead code no longer exists.
svn:r17810
2008-12-29 14:21:25 +00:00
Nick Mathewson
272b007268 coverity thinks it's dumb to check networkstatus_v2_list in one place and not another. Coverity has a point, even though the check may be redundant. CID 361.
svn:r17809
2008-12-29 14:06:47 +00:00
Nick Mathewson
2c4097e99d More compilation tweaks on Android: fix two clear errors in our code that apparently the compiler cares about there.
svn:r17808
2008-12-29 04:01:58 +00:00
Nick Mathewson
e8a3fa91a6 Use a consistent naming standard for header file guard macros, taking care not to collide with any system headers. This tripped us up on Android.
svn:r17805
2008-12-29 02:21:02 +00:00
Nick Mathewson
46f8ef8116 Switch address comparisons in policies to be exact rather than semantic. Until we do ipv6 exit policies and until we know whether we even allow ::ffff:0:0/96 addresses, there is no point in doing "semantic" comparisons. This was also showing up on oprofile.
svn:r17803
2008-12-29 01:47:33 +00:00