Nick Mathewson
b03e8733f3
Change how OR conns get removed from the identity map; fix some warnings on shutdown.
...
svn:r5509
2005-12-05 19:15:27 +00:00
Nick Mathewson
9cec3a13f5
remove some functions that are not used; #if0 out some files that are not likely to be used.
...
svn:r5471
2005-11-30 06:27:59 +00:00
Nick Mathewson
3bd613b44d
Rename connection_get_by_identity_digest to reflect that it is OR-only. Make it use a hashtable instead of a linear search.
...
svn:r5469
2005-11-30 03:01:16 +00:00
Roger Dingledine
7aae63994f
Recover better from TCP connections to Tor servers that are broken but
...
don't tell you (it happens!); and rotate TLS connections once a week.
1) If an OR conn becomes more than a week old, make it obsolete.
2) If it's obsolete and empty, kill it.
3) When an OR makes a second connection to you, allow it.
4) If we want to send a new create cell, but the best conn we've
got is obsolete, and the router is 0.1.1.9-alpha-cvs or later, ask
for a new conn instead.
5) When we time out on circuit building on the first hop, make that
connection obsolete.
svn:r5429
2005-11-19 06:57:44 +00:00
Nick Mathewson
75d85c8214
On directory servers, old_routers was wasting hundreds of bytes per superseded router descriptor. Roll the signed descriptor info and identifying info into a cache_info struct, and use only that for old_routers.
...
svn:r5349
2005-11-05 20:15:27 +00:00
Nick Mathewson
5d85560d9e
Remove last vestiges of old logging interface.
...
svn:r5317
2005-10-25 18:01:01 +00:00
Nick Mathewson
932106f54c
Efficiency hack: call tor_fix_source_file late, not early. Add "BUG" domain. Domains are now bitmasks... just in case. Make some err msgs non-general.
...
svn:r5309
2005-10-25 07:05:03 +00:00
Peter Palfrader
0d9aedfcea
Downgrade a few INFO level logs to DEBUG again. Also add two or three new
...
logs in cases where a calling function's log was downgraded and we wouldn't
get any log message otherwise.
svn:r5263
2005-10-17 16:21:42 +00:00
Roger Dingledine
ae92a91d96
more log uncluttering
...
svn:r5254
2005-10-17 01:29:28 +00:00
Roger Dingledine
03dcef4c78
start the process of reducing clutter in server logs
...
svn:r5253
2005-10-17 00:35:53 +00:00
Nick Mathewson
998cf8d622
Try to extract as many descriptors as possible from truncated http responses. (when DIR_PURPOSE_FETCH_ROUTERDESC)
...
svn:r5249
2005-10-14 02:26:13 +00:00
Roger Dingledine
0e5b6a84eb
without braces, what will hold up the code?
...
svn:r5209
2005-10-06 05:08:00 +00:00
Nick Mathewson
ba24193ab5
Make doxygen marginally happier
...
svn:r5208
2005-10-06 04:33:40 +00:00
Nick Mathewson
61ea516885
Check for named servers when looking them up by nickname;
...
warn when we'recalling a non-named server by its nickname;
don't warn twice about the same name.
Fix a bug in routers_update_status_from_networkstatus that made nearly
all clients never update routerinfo_t.is_named.
Try to list MyFamily elements by key, not by nickname.
Only warn about names that we generated ourself, or got from the local
user.
On TLS handshake, only check the other router's nickname against its
expected nickname if is_named is set.
svn:r5185
2005-10-04 22:23:31 +00:00
Roger Dingledine
893acb3acc
Make a new AssumeReachable config option that will publish anyway.
...
Also, let authdirservers start without setting their Address field.
Something is still not working though. Will fix in morning.
svn:r4839
2005-08-26 07:41:19 +00:00
Roger Dingledine
a120cc20c1
Dirservers now do their own external reachability testing of each
...
Tor server, and only list them as running if they've been found to
be reachable.
Dirservers also log trouble servers, but only start complaining loudly
after they've been up for an hour, to reduce false positives. We still
need to do something about the fact that it is quite loud when there
are many trouble servers.
svn:r4829
2005-08-24 02:31:02 +00:00
Roger Dingledine
f35ef825f9
Our logic to decide if the OR we connected to was the right guy
...
was brittle and maybe open to a mitm for unverified routers.
Now we be sure to check the digest, and if the nickname he claims is
not a verified one then we don't care what nickname he claims.
svn:r4823
2005-08-23 09:50:51 +00:00
Nick Mathewson
c3a62c1739
Initial, somewhat dodgy implementation of helper nodes. It has too many XXXXs, it logs too verbosely, and it doesnt do persistence.
...
svn:r4633
2005-07-22 17:32:25 +00:00
Roger Dingledine
eedb7c243e
be consistent about printing out key digest $'s when we're getting a
...
different key than we expect
svn:r4609
2005-07-19 21:26:24 +00:00
Roger Dingledine
6ac245793c
downgrade a warning that could plausibly happen sometimes now that we
...
have controllers.
svn:r4589
2005-07-17 21:43:47 +00:00
Nick Mathewson
3ff473b47b
Appease the hungry god of GCC: it wants functions to be static or prototyped!
...
svn:r4471
2005-06-21 01:08:01 +00:00
Roger Dingledine
9c67ae34f1
overall cleanup and streamlining and doccing
...
also fix a DoS avenue on dirservers
svn:r4468
2005-06-20 23:04:13 +00:00
Nick Mathewson
232861ba42
Docment or add DOCDOC comments to undocumented functions in src/or. Make function definition format uniform.
...
svn:r4411
2005-06-11 18:52:12 +00:00
Nick Mathewson
0831823763
Change end-of-file NLNL convention. It turns out arma I and I agree.
...
svn:r4382
2005-06-09 19:03:31 +00:00
Nick Mathewson
a6f51001a5
New whitespace normalization rule: no blank line at EOF.
...
svn:r4378
2005-06-09 16:46:51 +00:00
Roger Dingledine
aff308e6d9
reenable the part of the code that tries to flush as soon as an OR outbuf
...
has a full tls record available. perhaps this will make OR outbufs not grow
as huge except in rare cases, thus saving lots of cpu time plus memory.
svn:r4343
2005-06-08 04:55:06 +00:00
Roger Dingledine
f0e309e5bd
add HttpProxyAuthenticator config option too
...
svn:r4272
2005-05-20 08:51:45 +00:00
Roger Dingledine
5265bbd2b8
first iteration of scrubbing sensitive strings from logs.
...
also generally clean up log messages.
svn:r4174
2005-05-03 10:04:08 +00:00
Roger Dingledine
509405a5f7
clean up this TOR_FRAGILE business
...
svn:r4116
2005-04-26 18:52:16 +00:00
Roger Dingledine
5e86e87124
Add basic HttpsProxyAuthenticator support, based on patch
...
from Adam Langley.
svn:r4115
2005-04-26 18:33:33 +00:00
Roger Dingledine
662cfc976d
only call the connection open once we've decided we like the cert.
...
svn:r4112
2005-04-25 17:23:52 +00:00
Nick Mathewson
5827e2e216
Fix "JAP-client" hideous ASN1 bug, twice. (Fix1: check more thoroughly for TLS errors when handling certs. Fix2: stop assert(0)ing on uncaught TLS errors.)
...
svn:r4085
2005-04-23 14:26:02 +00:00
Nick Mathewson
7709547c08
When we connect and finish TLS negotiation with address:port, it is obvious that any other key or nickname we might know about (as an authdirserver) does not actually exist at address:port.
...
svn:r4036
2005-04-06 21:09:47 +00:00
Roger Dingledine
8596947ee2
quiet another instance where we whine to an innocent OR operator's
...
logs when some other server switches keys unexpectedly.
svn:r4032
2005-04-06 18:55:14 +00:00
Roger Dingledine
94cecc712d
note some features we intend to add.
...
svn:r4021
2005-04-06 05:35:06 +00:00
Roger Dingledine
f860b490be
When we're connecting to an OR and he's got a different nickname/key
...
than we were expecting, only complain loudly if we're an OP or an
authdirserver. Complaining loudly to OR admins just confuses people.
svn:r4014
2005-04-06 00:50:40 +00:00
Nick Mathewson
0e81265359
update copyright notices.
...
svn:r3982
2005-04-01 20:15:56 +00:00
Nick Mathewson
e04a82ecaf
Patch: when extending to an unknown router, compare identity to expected identity; not nickname-to-expected identity.
...
svn:r3937
2005-03-31 23:30:13 +00:00
Nick Mathewson
2d40991427
Report HTTP reasons to directory clients. (Also, fix format on new TODO items)
...
svn:r3811
2005-03-22 18:43:24 +00:00
Nick Mathewson
97dad670ea
Renormalize whitespace
...
svn:r3757
2005-03-14 03:18:35 +00:00
Roger Dingledine
6faaac2706
add support for CONNECTing through https proxies.
...
not sure if it works. i don't have an https proxy.
svn:r3682
2005-02-24 10:56:55 +00:00
Nick Mathewson
6e6d95b3db
Change from inet_ntoa to a threadproof tor_inet_ntoa.
...
svn:r3656
2005-02-22 08:18:36 +00:00
Roger Dingledine
efa9bb5535
fix the latest bug: don't explode when some router declares a
...
bandwidthburst of 500 gigabytes.
this bug seems to have taken down most of the network. oops.
svn:r3523
2005-02-03 22:58:22 +00:00
Roger Dingledine
2e97593d25
define TOR_FRAGILE if you want tor to give you a core when
...
something goes wrong. this should only be used by people actively
tracking bugs.
svn:r3487
2005-02-01 00:37:16 +00:00
Roger Dingledine
5d8659429e
be less noisy about complaining when a jap client tries to connect
...
and we refuse him.
svn:r3472
2005-01-30 23:52:47 +00:00
Roger Dingledine
e432d2ceea
we should handle the case where the client has no cert, for
...
backwards compatibility with jap clients.
svn:r3466
2005-01-30 08:02:33 +00:00
Roger Dingledine
0aff4ff4cb
get rid of 0.0.8 backwards compatibility
...
svn:r3353
2005-01-13 20:22:38 +00:00
Nick Mathewson
324b192f68
Make Tor use Niels Provos's libevent instead of it's current
...
poll-but-sometimes-select mess. This will let us use faster async cores
(like epoll, kpoll, and /dev/poll), and hopefully work better on Windows
too.
There are some fairly nasty changes to main.c here; this will almost
certainly break something. But hey, that's what alphas are for.
svn:r3341
2005-01-12 06:42:32 +00:00
Nick Mathewson
fca7ba9777
Resolve task 42: find where 19-char nicknames were getting truncated when read from certs, and fix it. Also audit use of MAX_NICKNAME_LEN; no other badness found, but some docs/code cleaned up a touch.
...
svn:r3244
2005-01-03 17:53:20 +00:00
Roger Dingledine
70075933c6
stop checking for clock skew, even for servers.
...
this means we are vulnerable to an attack where somebody recovers
and uses a really old certificate. however, if they do that, they
probably can get our identity key just as easily.
svn:r3241
2005-01-03 17:10:32 +00:00