Commit Graph

8898 Commits

Author SHA1 Message Date
Nick Mathewson
21ed575826 Handle NULL argument to get_configured_bridge_by_addr_port_digest
Fixes bug 2313; bugfix on 0.2.2.26-beta.
2011-05-17 19:46:47 -04:00
Nick Mathewson
2e07925a52 Oops; that function got renamed. 2011-05-17 19:45:05 -04:00
Robert Ransom
480a75cbbd Check onion keys in microdescriptors, too 2011-05-17 19:39:00 -04:00
Michael Yakubovich
a3707a1052 Fix bug2752 : 48-char HTTPProxyAuthenticator limitation
Bumped the char maximum to 512 for HTTPProxyAuthenticator &
HTTPSProxyAuthenticator. Now stripping all '\n' after base64
encoding in alloc_http_authenticator.
2011-05-16 16:09:35 -04:00
Nick Mathewson
e908e3a332 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
Fixed trivial conflict due to headers moving into their own .h files
from or.h.

Conflicts:
	src/or/or.h
2011-05-16 14:49:55 -04:00
Nick Mathewson
4a22046c86 squash! Add crypto_pk_check_key_public_exponent function
Rename crypto_pk_check_key_public_exponent to crypto_pk_public_exponent_ok:
it's nice to name predicates s.t. you can tell how to interpret true
and false.
2011-05-16 14:45:06 -04:00
Robert Ransom
987190c2bc Require that certain public keys have public exponent 65537 2011-05-16 14:28:46 -04:00
Robert Ransom
d2629f78a0 Add crypto_pk_check_key_public_exponent function 2011-05-16 14:07:34 -04:00
Robert Ransom
7571e9f1cb Check fetched rendezvous descriptors' service IDs 2011-05-16 14:07:24 -04:00
Nick Mathewson
919bf6ff3c Merge remote-tracking branch 'public/bug2850' into maint-0.2.2
Fixed a trivial conflict where this and the ControlSocketGroupWritable
code both added different functions to the same part of connection.c.

Conflicts:
	src/or/connection.c
2011-05-16 11:10:17 -04:00
Nick Mathewson
83fe07d3f2 Increase the length of the buffer in smartlist_string_num_isin().
This was harmless, since we only used this for checking for lists of
port values, but it's the principle of the thing.

Fixes 3175; bugfix on 0.1.0.1-rc
2011-05-15 22:13:53 -04:00
Nick Mathewson
b95dd03e5f Log descriptions of nodes, not just nicknames.
This patch introduces a few new functions in router.c to produce a
more helpful description of a node than its nickame, and then tweaks
nearly all log messages taking a nickname as an argument to call these
functions instead.

There are a few cases where I left the old log messages alone: in
these cases, the nickname was that of an authority (whose nicknames
are useful and unique), or the message already included an identity
and/or an address.  I might have missed a couple more too.

This is a fix for bug 3045.
2011-05-15 21:58:46 -04:00
Nick Mathewson
f72e792be5 Make check_private_dir check for group ownership as appropriate 2011-05-15 20:20:30 -04:00
Nick Mathewson
287f6cb128 Fix up some comment issues spotted by rransom 2011-05-15 20:20:30 -04:00
Nick Mathewson
4b800408fa Check permissions on the directory holding a control socket 2011-05-15 20:20:29 -04:00
Nick Mathewson
5d147d8527 Add a new flag to check_private_dir to make it _not_ change permissions
We'll need this for checking permissions on the directories that hold
control sockets: if somebody says "ControlSocket ~/foo", it would be
pretty rude to do a chmod 700 on their homedir.
2011-05-15 20:20:29 -04:00
Nick Mathewson
3b6cbf2534 Add a function to pull off the final component of a path 2011-05-15 20:20:29 -04:00
Nick Mathewson
b147c01295 Make check_private_dir accept g+rx dirs if told to do so. 2011-05-15 20:20:29 -04:00
Sebastian Hahn
4198261291 Clean up the 2972 implementation a little 2011-05-15 20:20:28 -04:00
Jérémy Bobbio
d41ac64ad6 Add UnixSocketsGroupWritable config flag
When running a system-wide instance of Tor on Unix-like systems, having
a ControlSocket is a quite handy mechanism to access Tor control
channel.  But it would be easier if access to the Unix domain socket can
be granted by making control users members of the group running the Tor
process.

This change introduces a UnixSocketsGroupWritable option, which will
create Unix domain sockets (and thus ControlSocket) 'g+rw'. This allows
ControlSocket to offer same access control measures than
ControlPort+CookieAuthFileGroupReadable.

See <http://bugs.debian.org/552556> for more details.
2011-05-15 20:20:28 -04:00
Nick Mathewson
2b9c5ee301 Preserve bridge download status across SETCONF, HUP
This code changes it so that we don't remove bridges immediately when
we start re-parsing our configuration.  Instead, we mark them all, and
remove all the marked ones after re-parsing our bridge lines.  As we
add a bridge, we see if it's already in the list.  If so, we just
unmark it.

This new behavior will lose the property we used to have that bridges
were in bridge_list in the same order in which they appeared in the
torrc.  I took a quick look through the code, and I'm pretty sure we
didn't actually depend on that anywhere.

This is for bug 3019; it's a fix on 0.2.0.3-alpha.
2011-05-15 20:13:44 -04:00
Nick Mathewson
bc44393eb5 Fixup whitespace issues from 3122 commit 2011-05-15 20:12:01 -04:00
Nick Mathewson
4c3853aca8 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
Conflicts:
	src/or/networkstatus.c
2011-05-15 20:09:10 -04:00
Nick Mathewson
00ff80e0ae Fixup whitespace issues from 3122 commit 2011-05-15 20:06:36 -04:00
Nick Mathewson
d29c2eb921 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-05-15 19:56:27 -04:00
Nick Mathewson
10d670674a Another doc tweak on tor_memcmp: <b>b</b>, not <b>. 2011-05-15 19:56:05 -04:00
Roger Dingledine
b48f83ab8c minor tweaks to 4b19730c82 2011-05-15 19:20:42 -04:00
Nick Mathewson
69ff26b05c Merge branch 'bug3026' into maint-0.2.2 2011-05-15 12:18:23 -04:00
Nick Mathewson
f287100934 Replace a nasty add-malloc-snprintf with a nice clean asprintf 2011-05-15 11:41:49 -04:00
Nick Mathewson
a5d40c2d0f Merge branch 'bug1345' into maint-0.2.2 2011-05-15 11:40:14 -04:00
Nick Mathewson
2bb6bdc3f9 Better doc for consider_recording_trackexithost 2011-05-15 11:37:33 -04:00
Nick Mathewson
228b77f64e Merge branch 'bug2732-simpler' into maint-0.2.2 2011-05-15 11:17:54 -04:00
Nick Mathewson
1b512fb914 Rip out more of hid_serv_acting_as_directory
rransom notes correctly that now that we aren't checking our HSDir
flag, we have no actual reason to check whether we are listed in the
consensus at all when determining if we should act like a hidden
service directory.
2011-05-15 11:17:44 -04:00
Nick Mathewson
da8297dbcb Handle transitions in Automap*, VirtualAddrNetwork correctly
Previously, if they changed in torrc during a SIGHUP, all was well,
since we would just clear all transient entries from the addrmap
thanks to bug 1345.  But if you changed them from the controller, Tor
would leave old mappings in place.

The VirtualAddrNetwork bug has been here since 0.1.1.19-rc; the
AutomapHosts* bug has been here since 0.2.0.1-alpha.
2011-05-13 16:59:31 -04:00
Nick Mathewson
a3ae591115 When TrackExitHosts changes, remove all no-longer-valid mappings
This bug couldn't happen when TrackExitHosts changed in torrc, since
the SIGHUP to reload the torrc would clear out all the transient
addressmap entries before.  But if you used SETCONF to change
TrackExitHosts, old entries would be left alone: that's a bug, and so
this is a bugfix on Tor 0.1.0.1-rc.
2011-05-13 16:28:50 -04:00
Nick Mathewson
ec81d17d0c Raise the TrackHostExits membership code into its own function 2011-05-13 16:22:10 -04:00
Nick Mathewson
09da83e1e8 Don't clear out transient addressmap entries on HUP
If you really want to purge the client DNS cache, the TrackHostExits
mappings, and the virtual address mappings, you should be using NEWNYM
instead.

Fixes bug 1345; bugfix on Tor 0.1.0.1-rc.

Note that this needs more work: now that we aren't nuking the
transient addressmap entries on HUP, we need to make sure that
configuration changes to VirtualAddressMap and TrackHostExits actually
have a reasonable effect.
2011-05-13 16:20:01 -04:00
Nick Mathewson
2253697a04 New smartlist function to see if two lists of strings are equal.
We'll use this to detect changes in CSV options.
2011-05-13 16:18:53 -04:00
Nick Mathewson
7f654a6a6f Add a ControlPortFileGroupWritable option 2011-05-13 10:41:29 -04:00
Nick Mathewson
dad12188a6 Write automatically-chosen control ports to a file. 2011-05-13 10:41:28 -04:00
Nick Mathewson
c55c8f0d49 new GETINFO command to return list of listeners of a given type 2011-05-13 10:41:19 -04:00
Nick Mathewson
28cc7b0180 Add a new "tor_sockaddr_to_str()" function
It does what it says on the tin.  It turns out I'll want this in a couple
of places.
2011-05-13 10:41:18 -04:00
Nick Mathewson
3da661b242 Advertise correct DirPort/ORPort when configured with "auto"
We'll eventually want to do more work here to make sure that the ports
are stable over multiple invocations.  Otherwise, turning your node on
and off will get you a new DirPort/ORPort needlessly.
2011-05-13 10:41:18 -04:00
Nick Mathewson
6f5998fd73 Correct the signature for is_listening_on_low_port for "auto" ports 2011-05-13 10:41:18 -04:00
Nick Mathewson
61c06cbc66 Teach retry_listener about "auto" ports.
Otherwise, it will just immediately close any port declared with "auto"
on the grounds that it wasn't configured.  Now, it will allow "auto" to
match any port.

This means FWIW if you configure a socks port with SocksPort 9999
and then transition to SocksPort auto, the original socksport will
not get closed and reopened.  I'm considering this a feature.
2011-05-13 10:41:18 -04:00
Nick Mathewson
5fec8fe559 "(Socks|Control|etc)Port auto" now tells Tor to open an arbitrary port
This is the major part of the implementation for trac issue 3076.
2011-05-13 10:41:18 -04:00
Nick Mathewson
e0d5a6e184 Downgrade the "we launched 10 circuits for this stream" message. (See bug 3080) 2011-05-12 19:41:08 -04:00
Nick Mathewson
59a6df8882 Merge remote-tracking branch 'public/bug3122_memcmp_022' into maint-0.2.2 2011-05-12 19:25:14 -04:00
Nick Mathewson
1f678277a1 Merge remote-tracking branch 'public/bug3122_memcmp_squashed' into maint-0.2.1 2011-05-12 19:20:40 -04:00
mikey99
42fcf059d2 Fixes ticket #2503
HTTPS error code 403 is now reported as:
"The https proxy refused to allow connection".
Used a switch statement for additional error codes to be explained
in the future.
2011-05-12 17:33:09 -04:00
Nick Mathewson
bdff7e3299 Unmap microdesc cache before replacing it.
If we do a replace-then-munmap, windows will never actually rewrite
the microdesc cache.

Found by wanoskarnet; bugfix on 0.2.2.6-alpha.
2011-05-12 11:19:52 -04:00
Robert Ransom
c714a098ea Improve a documentation comment 2011-05-12 02:57:09 -07:00
Robert Ransom
cb9df5e53c Fix comment typo 2011-05-12 00:27:19 -07:00
Nick Mathewson
7779c63e93 Accept hs descriptors even if we don't see an HSDir for us
The old behavior contributed to unreliability when hidden services and
hsdirs had different consensus versions, and so had different opinions
about who should be cacheing hsdir info.

Bugfix on 0.2.0.10-alpha; based on discussions surrounding bug 2732.
2011-05-12 00:53:07 -04:00
Nick Mathewson
6b83b3ba2a bug 3026: do not upload our vote to ourself 2011-05-12 00:47:00 -04:00
Nick Mathewson
b47f574c1e Merge branch 'bug1352' into maint-0.2.2 2011-05-12 00:14:10 -04:00
Nick Mathewson
8057b7363e Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-05-11 22:52:26 -04:00
Nick Mathewson
13847b8db6 Fix crash when read_file_to_string() fails in SAVECONF
The new behavior is to try to rename the old file if there is one there
that we can't read.  In all likelihood, that will fail too, but at least
we tried, and at least it won't crash.
2011-05-11 22:05:41 -04:00
Nick Mathewson
8fb38331c3 Hand-tune the new tor_memcmp instances in 0.2.2 2011-05-11 16:32:30 -04:00
Nick Mathewson
0cbcbc3412 Re-apply the automated conversion to 0.2.2 to make handle any memcmps that snuck in 2011-05-11 16:27:27 -04:00
Nick Mathewson
9964c314c6 fwd-port test_util_di_ops into tinytest format 2011-05-11 16:25:51 -04:00
Nick Mathewson
44ad734573 Merge remote-tracking branch 'public/3122_memcmp_squashed' into bug3122_memcmp_022
Conflicts throughout.  All resolved in favor of taking HEAD and
adding tor_mem* or fast_mem* ops as appropriate.

	src/common/Makefile.am
	src/or/circuitbuild.c
	src/or/directory.c
	src/or/dirserv.c
	src/or/dirvote.c
	src/or/networkstatus.c
	src/or/rendclient.c
	src/or/rendservice.c
	src/or/router.c
	src/or/routerlist.c
	src/or/routerparse.c
	src/or/test.c
2011-05-11 16:24:29 -04:00
Nick Mathewson
59f9097d5c Hand-conversion and audit phase of memcmp transition
Here I looked at the results of the automated conversion and cleaned
them up as follows:

   If there was a tor_memcmp or tor_memeq that was in fact "safe"[*] I
   changed it to a fast_memcmp or fast_memeq.

   Otherwise if there was a tor_memcmp that could turn into a
   tor_memneq or tor_memeq, I converted it.

This wants close attention.

[*] I'm erring on the side of caution here, and leaving some things
as tor_memcmp that could in my opinion use the data-dependent
fast_memcmp variant.
2011-05-11 16:12:51 -04:00
Nick Mathewson
db7b2a33ee Automated conversion of memcmp to tor_memcmp/tor_mem[n]eq
This commit is _exactly_ the result of

perl -i -pe 's/\bmemcmp\(/tor_memcmp\(/g' src/*/*.[ch]
perl -i -pe 's/\!\s*tor_memcmp\(/tor_memeq\(/g' src/*/*.[ch]
perl -i -pe 's/0\s*==\s*tor_memcmp\(/tor_memeq\(/g' src/*/*.[ch]
perl -i -pe 's/0\s*!=\s*tor_memcmp\(/tor_memneq\(/g' src/*/*.[ch]
git checkout src/common/di_ops.[ch]
git checkout src/or/test.c
git checkout src/common/test.h
2011-05-11 16:12:51 -04:00
Nick Mathewson
1d703ed22b Add a "di_ops.h" include to util.h 2011-05-11 16:12:51 -04:00
Nick Mathewson
4b19730c82 Add a data-independent variant of memcmp and a d-i memeq function.
The tor_memcmp code is by Robert Ransom, and the tor_memeq code is
by me.  Both incorporate some ideas from DJB's stuff.
2011-05-11 16:12:33 -04:00
Roger Dingledine
7206d784dc Merge branch 'maint-0.2.1' into maint-0.2.2 2011-05-10 23:05:51 -04:00
Roger Dingledine
e7b10e5ecf Update to the May 1 2011 Maxmind GeoLite Country database 2011-05-10 23:04:11 -04:00
Robert Ransom
b7452dcbcb Fix comment typo 2011-05-10 05:15:02 -07:00
Nick Mathewson
09d7af7789 Merge remote-tracking branch 'public/bug3022_v2' into maint-0.2.2 2011-05-09 13:37:56 -04:00
Sebastian Hahn
9da4e25183 Remove some dead code, found by clang 2011-05-09 13:19:46 -04:00
Sebastian Hahn
d7d25558fa Remove a duplicated line, found by clang 2011-05-09 13:19:46 -04:00
Sebastian Hahn
1c668540fe Fix potential null pointer deref during dirvote
Found by using clang's analyzer.
2011-05-09 13:19:46 -04:00
Sebastian Hahn
1827e60976 Fix a potential null deref when rebuilding md cache
Issue discovered using clang's static analyzer
2011-05-09 13:19:45 -04:00
Sebastian Hahn
8ebb3ce6e2 CONN_LOG_PROTECT()'s first argument may not be 0
Make that explicit by adding an assert and removing a null-check. All of
its callers currently depend on the argument being non-null anyway.
Silences a few clang complaints.
2011-05-09 13:19:45 -04:00
Sebastian Hahn
80e57af50f Appease clang - and my tortured mind
This possible div by 0 warning from clang's analyzer was quite fun to
track down. Turns out the current behaviour is safe.
2011-05-09 13:19:45 -04:00
Sebastian Hahn
58a16a4d6f Add an assert to un-confuse clang's analyzer
The analyzer assumed that bootstrap_percent could be less than 0 when we
call control_event_bootstrap_problem(), which would mean we're calling
log_fn() with undefined values. The assert makes it clear this can't
happen.
2011-05-09 13:19:44 -04:00
Sebastian Hahn
532c13693e Fix a docstring 2011-05-09 13:19:44 -04:00
Nick Mathewson
330116f034 Fix up some check-spaces issues 2011-05-05 21:53:46 -04:00
Nick Mathewson
9583a534ac Merge remote-tracking branch 'rransom/bug3106' into maint-0.2.2 2011-05-04 23:18:47 -04:00
Robert Ransom
66339f74b4 Handle crypto_pk_get_digest failures semi-sensibly
Fixes bug 3106.
2011-05-04 20:06:24 -07:00
Nick Mathewson
ab1460f3ae Merge remote-tracking branch 'sebastian/win_warning' into maint-0.2.2 2011-05-04 20:33:16 -04:00
Sebastian Hahn
9a490bb53b Fix compile warning on windows 2011-05-05 02:22:46 +02:00
Nick Mathewson
aba7bb705a Set SO_REUSEADDR on all sockets, not just listeners
See bug 2850 for rationale: it appears that on some busy exits, the OS
decides that every single port is now unusable because they have been
all used too recently.
2011-05-03 22:22:20 -04:00
Nick Mathewson
4126de6888 Fix circuit_list_path_impl(): internal circuits do not have an "exit". Trivial fix for 3079. 2011-05-03 21:53:59 -04:00
Nick Mathewson
68ae5afa5a Change who calls microdesc_cache_rebuild().
Previously we ensured that it would get called periodically by doing
it from inside the code that added microdescriptors.  That won't work
though: it would interfere with our code that tried to read microdescs
from disk initially.  Instead, we should consider rebuilding the cache
periodically, and on startup.
2011-05-03 17:28:28 -04:00
Nick Mathewson
cb6c909664 Rebuild the microdesc cache when a sufficient number of bytes are dropped
Previously on 0.2.2, we'd never clean the cache.  Now that we can
clean it, we want to add a condition to rebuild it: that should happen
whenever we have dropped enough microdescriptors that we could save a
lot of space.

No changes file, since 0.2.3 doesn't need one and 0.2.2 already has some
changes files for the backport of the microdesc_clean_cahce() function.
2011-05-03 17:03:49 -04:00
Nick Mathewson
56fbd728c2 Backport microdesc_cache_clean to 0.2.2
Otherwise we have no way to keep authorities' microdesc caches in 0.2.2
from growing without bound.
2011-05-03 16:45:15 -04:00
Nick Mathewson
970715dd8f Fix a check for when to rebuild the microdesc cache. (Backport from 0.2.3. 2011-05-03 16:29:39 -04:00
Nick Mathewson
698fa0fc67 Add missing code to set cache->journal_len when reading microdesc journal
This could be one reason that authorities' journals would grow without
bound; related to bug 2230. Bugfix on 0.2.2.6-alpha.  Fix by
"cypherpunks".
2011-05-03 16:22:31 -04:00
Nick Mathewson
dbd73b9689 Clean up a warning a bit 2011-04-29 11:14:53 -04:00
Nick Mathewson
bcdffc0f80 Rate-limit v2 networkstatus download fail warnings
This fixes part of 1352.  We don't care deeply about these warnings,
since v2 networkstatuses aren't a big deal.
2011-04-28 21:25:24 -04:00
Nick Mathewson
50c6b55757 Rename connection_dir_download_networkstatus_failed: be clear that it means v2 2011-04-28 21:23:32 -04:00
Nick Mathewson
f0d9e2d650 Merge remote-tracking branch 'arma/bug3012' into maint-0.2.2 2011-04-28 21:15:14 -04:00
Roger Dingledine
66de6f7eb8 relays checkpoint their state file twice a day 2011-04-28 21:06:25 -04:00
Nick Mathewson
cd42ae7185 Only authorities should automatically download v2 networkstatus documents
Clients and relays haven't used them since early 0.2.0.x.  The only
remaining use by authorities learning about new relays ahead of scedule;
see proposal 147 for what we intend to do about that.

We're leaving in an option (FetchV2Networkstatus) to manually fetch v2
networkstatuses, because apparently dnsel and maybe bwauth want them.

This fixes bug 3022.
2011-04-28 21:06:07 -04:00
Nick Mathewson
4010427b51 Merge remote-tracking branch 'arma/bug3039' into maint-0.2.2 2011-04-28 20:53:44 -04:00
Roger Dingledine
df3cf881d1 stop putting wacky values into state->lastwritten 2011-04-28 20:40:15 -04:00
Nick Mathewson
5693fedb60 Clarify comment to say which version fixed 2722 2011-04-28 20:38:15 -04:00
Nick Mathewson
6b9aadd557 Merge remote-tracking branches 'rransom/bug2722' and 'rransom/bug2722b' into maint-0.2.2 2011-04-28 20:36:38 -04:00
Nick Mathewson
c122897925 Merge remote-tracking branch 'sebastian/bug3020' into maint-0.2.2 2011-04-28 20:03:57 -04:00
Roger Dingledine
710227a77f fix a function comment 2011-04-28 19:19:04 -04:00
Sebastian Hahn
525d2700dd Correctly check elapsed time in last hibernation period
Fix bug 3020.
2011-04-29 01:18:32 +02:00
Nick Mathewson
6dfc0d5301 Avoid false positives from proxy_mode()
Previously it would erroneously return true if ListenAddr was set for
a client port, even if that port itself was 0.  This would give false
positives, which were not previously harmful... but which were about
to become.
2011-04-28 18:11:58 -04:00
Robert Ransom
b8708b5bd3 Fix bug 1930 2011-04-28 18:11:58 -04:00
Robert Ransom
ddd1b7be2d Ignore SIGNAL NEWNYM on relay-only Tor instances 2011-04-28 18:10:17 -04:00
Robert Ransom
df5c7fedbd Don't allow v0 HS auths to act as clients
A v0 HS authority stores v0 HS descriptors in the same descriptor
cache that its HS client functionality uses.  Thus, if the HS
authority operator clears its client HS descriptor cache, ALL v0
HS descriptors will be lost.  That would be bad.
2011-04-28 18:10:16 -04:00
John Brooks
2dc9546eef Correct the logic from f14754fbd for tor_gmtime_r 2011-04-28 17:13:45 -04:00
Nick Mathewson
51e551d383 Detect and handle NULL returns from (gm/local)time_r
These functions can return NULL for otherwise-valid values of
time_t.  Notably, the glibc gmtime manpage says it can return NULL
if the year if greater than INT_MAX, and the windows MSDN gmtime
page says it can return NULL for negative time_t values.

Also, our formatting code is not guaranteed to correctly handle
years after 9999 CE.

This patch tries to correct this by detecting NULL values from
gmtime/localtime_r, and trying to clip them to a reasonable end of
the scale.  If they are in the middle of the scale, we call it a
downright error.

Arguably, it's a bug to get out-of-bounds dates like this to begin
with.  But we've had bugs of this kind in the past, and warning when
we see a bug is much kinder than doing a NULL-pointer dereference.

Boboper found this one too.
2011-04-28 17:12:54 -04:00
Nick Mathewson
3055acbdbe Merge remote-tracking branch 'sebastian/bug2497' into maint-0.2.2 2011-04-28 16:05:34 -04:00
Robert Ransom
2c0258b69a Clean up merge of bug3k_021 2011-04-28 15:52:42 -04:00
Sebastian Hahn
4b13ebd5ab Merge branch 'bug3k_021' into bug3k_022
Conflicts:
	src/or/or.h
	src/or/rendclient.c
2011-04-28 19:00:34 +02:00
Sebastian Hahn
8a36f21251 Fix a failure case of connection_ap_handshake_attach_circuit()
tor_fragile_assert() might be a no-op, so we have to return something
here to indicate failure to the caller.
2011-04-28 18:14:50 +02:00
Robert Ransom
f1cf9bd74d Fix a bug introduced by purging rend_cache on NEWNYM
If the user sent a SIGNAL NEWNYM command after we fetched a rendezvous
descriptor, while we were building the introduction-point circuit, we
would give up entirely on trying to connect to the hidden service.

Original patch by rransom slightly edited to go into 0.2.1
2011-04-28 18:14:50 +02:00
Robert Ransom
2ad18ae736 Allow rend_client_send_introduction to fail transiently
i.e. without closing the AP connection.
2011-04-28 18:14:50 +02:00
Robert Ransom
440e48ddf2 Forget all rendezvous client state on SIGNAL NEWNYM 2011-04-28 18:14:50 +02:00
Nick Mathewson
0130e7c9d2 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
Conflicts:
	src/common/torint.h
2011-04-27 22:14:28 -04:00
Nick Mathewson
34510f9278 Fix clear_trackhostexits_mapping() to actually work as advertised
Previously, it would remove every trackhostexits-derived mapping
*from* xyz.<exitname>.exit; it was supposed to remove every
trackhostexits-derived mapping *to* xyz.<exitname>.exit.

Bugfix on 0.2.0.20-rc: fixes an XXX020 added while staring at bug-1090
issues.
2011-04-27 17:23:05 -04:00
Roger Dingledine
cba1d29b7f make make check-spaces happier.
(still not happy.)
2011-04-27 15:18:34 -04:00
cypherpunks
247cbab6c8 Fix double-free bug in microdesc parser 2011-04-27 15:15:32 -04:00
Roger Dingledine
0c40dda3ad explain an argument in a function comment 2011-04-27 13:43:11 -04:00
Nick Mathewson
748350ace1 Instead of checking whether we have unremoved intro points, check for usable ones 2011-04-27 00:01:41 -04:00
Roger Dingledine
b8b557dcb2 better user-facing warnings for unexpected last hops
these still aren't perfect, but we won't know how to correct them until
we start experiencing surprised users.
2011-04-27 00:01:41 -04:00
Roger Dingledine
f7a5bc16d6 warn if we launch too many circuits for a given stream 2011-04-27 00:01:41 -04:00
Roger Dingledine
f962dda8c1 revert most of ef81649d2f
Now we believe it to be the case that we never build a circuit for our
stream that has an unsuitable exit, so we'll never need to use such
a circuit. The risk is that we have some code that builds the circuit,
but now we refuse to use it, meaning we just build a bazillion circuits
and ignore them all.
2011-04-27 00:01:41 -04:00
Nick Mathewson
8ee92f28e0 Add a circuit_purpose_to_string() function, and use it
We had a circuit_purpose_to_controller_string() function, but it was
pretty coarse-grained and didn't try to be human-readable.
2011-04-27 00:01:35 -04:00
Sebastian Hahn
e03e90bf59 Fix a check-spaces complaint 2011-04-26 23:55:23 -04:00
Sebastian Hahn
92ec36a061 Explain the "using anyway" log message better
Also add a request to report any cases where we are not honoring
StrictNodes to the developers: These should now all be bugs.
2011-04-26 23:55:23 -04:00
Sebastian Hahn
8e2904e269 Fix a log msg 2011-04-26 23:55:22 -04:00
Nick Mathewson
79a3b3cd37 Check transition of circuit purpose from INTRO->GENERAL if nodes are constrained
This looked at first like another fun way around our node selection
logic: if we had introduction circuits, and we wound up building too
many, we would turn extras into general-purpose circuits.  But when we
did so, we wouldn't necessarily check whether the general-purpose
circuits conformed to our node constraints.  For example, the last
node could totally be in ExcludedExitNodes and we wouldn't have cared...

...except that the circuit should already be internal, so it won't get user
streams attached to it, so the transition should generally be allowed.
Add an assert to make sure we're right about this, and have it not
check whether ExitNodes is set, since that's irrelevant to internal
circuits.
2011-04-26 23:54:18 -04:00
Nick Mathewson
6afad6b691 When cannibalizing a circuit, make sure it has no ExcludeNodes on it
This could happen if StrictNodes was 0 and we were forced to pick an
excluded node as the last hop of the circuit.
2011-04-26 23:54:17 -04:00
Nick Mathewson
80adb3de50 When there is a transition in permitted nodes, apply it to trackexithosts map
IOW, if we were using TrackExitHosts, and we added an excluded node or
removed a node from exitnodes, we wouldn't actually remove the mapping
that points us at the new node.

Also, note with an XXX022 comment a place that I think we are looking
at the wrong string.
2011-04-26 23:54:17 -04:00
Nick Mathewson
128582cc1f Simplify calls to routerset_equal
The routerset_equal function explicitly handles NULL inputs, so
there's no need to check inputs for NULL before calling it.

Also fix a bug in routerset_equal where a non-NULL routerset with no
entries didn't get counted as equal to a NULL routerset.  This was
untriggerable, I think, but potentially annoying down the road.
2011-04-26 23:54:17 -04:00
Nick Mathewson
84f0e87c6a If we have chosen an exit that shares a family with all bridges, fail the circuit
We could probably do something smarter here, but the situation is
unusual enough that it's okay to just fail the circuit.
2011-04-26 23:54:17 -04:00
Nick Mathewson
b59a289365 Do not try to download descriptors for bridges in ExcludeNodes. 2011-04-26 23:54:16 -04:00
Nick Mathewson
ad78bafb71 Correct the behavior of .exit with ExcludeNodes, StrictNodes, etc.
ExcludeExitNodes foo now means that foo.exit doesn't work.  If
StrictNodes is set, then ExcludeNodes foo also overrides foo.exit.

foo.exit , however, still works even if foo is not listed in ExitNodes.
2011-04-26 23:54:16 -04:00
Nick Mathewson
ed7c267743 Note another place that we need to fix a 1090 issue. 2011-04-26 23:54:16 -04:00
Nick Mathewson
4851de554d Do not automatically ignore Fast/Stable for exits when ExitNodes is set
This once maybe made sense when ExitNodes meant "Here are 3 exits;
use them all", but now it more typically means "Here are 3
countries; exit from there."  Using non-Fast/Stable exits created a
potential partitioning opportunity and an annoying stability
problem.

(Don't worry about the case where all of our ExitNodes are non-Fast
or non-Stable: we handle that later in the function by retrying with
need_capacity and need_uptime set to 0.)
2011-04-26 23:54:16 -04:00
Nick Mathewson
e4689d8402 Note a slightly less likely way to violate ExcludeNodes 2011-04-26 23:54:16 -04:00
Nick Mathewson
db2fd28308 Note that circuit purpose changing can violate ExcludeNodes 2011-04-26 23:54:16 -04:00
Nick Mathewson
ca74badbe9 If we're excluded, and StrictNodes is set, do not do self-tests. 2011-04-26 23:54:15 -04:00
Nick Mathewson
affdec8d04 Add an XXX022-1090 to note consider_exit_fmily b0rkenness 2011-04-26 23:54:15 -04:00
Roger Dingledine
5710ea6475 three more cases where maybe we want to exclude 2011-04-26 23:54:15 -04:00
Roger Dingledine
9f47cfc21a make formal a constraint that's been true a while now 2011-04-26 23:54:15 -04:00
Roger Dingledine
2b5c39211c refuse moria1.exit if moria1 is excluded
add a note reminding us to do this for foo.moria1.exit if we decide to.
2011-04-26 23:54:15 -04:00
Roger Dingledine
bcea155ce0 note another case where strictnodes is considered for exits 2011-04-26 23:54:14 -04:00
Roger Dingledine
0ad3836f73 If ExitNodes and Exclude{Exit}Nodes overlap, obey Exclude{Exit}Nodes.
Also, ExitNodes are always strict.
2011-04-26 23:54:14 -04:00
Roger Dingledine
5d12495d98 the new entrynodes behavior is always strict 2011-04-26 23:54:13 -04:00
Roger Dingledine
719b5b87de don't exit enclave to excluded relays 2011-04-26 23:54:13 -04:00
Roger Dingledine
7e2e8074d5 slight tweak on circuit_conforms_to_options
this function really needs to get a total rewrite (or die)

For now, use #if 0 to disable it.
2011-04-26 23:54:04 -04:00
Roger Dingledine
4906188b62 handle excludenodes for dir fetch/post
If we're picking a random directory node, never pick an excluded one.
But if we've chosen a specific one (or all), allow it unless strictnodes
is set (in which case warn so the user knows it's their fault).

When warning that we won't connect to a strictly excluded node,
log what it was we were trying to do at that node.

When ExcludeNodes is set but StrictNodes is not set, we only use
non-excluded nodes if we can, but fall back to using excluded nodes
if none of those nodes is usable.
2011-04-26 23:53:50 -04:00
Roger Dingledine
ad3da53536 If EntryNodes and ExcludeNodes overlap, obey ExcludeNodes. 2011-04-26 23:53:49 -04:00
Roger Dingledine
82178a81f6 refuse excluded hidserv nodes if strictnodes
Make hidden services more flaky for people who set both ExcludeNodes
and StrictNodes. Not recommended, especially for hidden service operators.
2011-04-26 23:53:20 -04:00
Nick Mathewson
f810a1afe9 Expose a new process_signal(uintptr_t), not signal_callback()
This is a tweak to the bug2917 fix.  Basically, if we want to simulate
a signal arriving in the controller, we shouldn't have to pretend that
we're Libevent, or depend on how Tor sets up its Libevent callbacks.
2011-04-26 15:20:08 -04:00
Nick Mathewson
a7a906603e Merge remote-tracking branch 'sebastian/bug2917' into maint-0.2.2 2011-04-26 15:17:03 -04:00
Nick Mathewson
b75d1daf40 Merge remote-tracking branch 'public/bug2332' into maint-0.2.2 2011-04-26 13:10:54 -04:00
Nick Mathewson
43ffd023e9 Make SIZE_T_CEILING unsigned; add a signed SSIZE_T_CEILING
None of the comparisons were _broken_ previously, but avoiding
signed/unsigned comparisons makes everybody happier.

Fixes bug2475.
2011-04-26 13:03:58 -04:00
Nick Mathewson
bb6d45af1f Downgrade notice to info when downloading a cert. 2011-04-26 12:47:09 -04:00
Roger Dingledine
9d673dcd20 fix some comments before they create conflicts 2011-04-26 11:29:22 -04:00
Nick Mathewson
1cff525973 Fix compilation in last patch 2011-04-26 11:14:46 -04:00
Nick Mathewson
f083347adf Merge remote-tracking branch 'sebastian/bug2704' into maint-0.2.2 2011-04-26 11:07:48 -04:00
Sebastian Hahn
6fde2b46d2 Fix more of bug 2704
The last entry of the *Maxima values in the state file was inflated by a
factor of NUM_SECS_ROLLING_MEASURE (currently 10). This could lead to
a wrong maximum value propagating through the state file history.
2011-04-26 15:36:17 +02:00
Sebastian Hahn
4c789ec08c Don't leak the local hostname in relay nicknames
Fixes bug 2979, reported by tagnaq.
2011-04-26 05:08:32 +02:00
Nick Mathewson
f3b58dfa53 Merge commit '91aa6f08bcf0acbdfa038aaffe73e327ddd87c67' into maint-0.2.2 2011-04-25 19:03:15 -04:00
Sebastian Hahn
91aa6f08bc Make the Log configuration option expand ~ 2011-04-22 16:06:52 +02:00
Nick Mathewson
a0514ba531 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-04-21 13:40:00 -04:00
Nick Mathewson
e98583594d Fix a bug in removing DNSPort requests from their circular list
Under heavy load, this could result in an assertion failure.  Fix for
bug 2933; bugfix on 0.2.0.10-alpha.
2011-04-21 13:39:00 -04:00
Sebastian Hahn
3f7f96d9e7 Prevent hugely inflated observed bandwidth values
When reading the bw history from the state file, we'd add the 900-second
value as traffic that occured during one second. Fix that by adding the
average value to each second.

This bug was present since 0.2.0.5-alpha, but was hidden until
0.2.23-alpha when we started using the saved values.
2011-04-19 15:38:26 -04:00
Sebastian Hahn
13c3884ff6 Don't sometimes undercount bw average
This fixes the first part of bug 2704. It should occur only rarely when
no bw maxima are known. Bugfix on 0.2.2.23-alpha. Fixes bug 2704.
2011-04-19 15:38:10 -04:00
Nick Mathewson
5cc322e547 Standardize our printf code on %d, not %i. 2011-04-19 12:40:29 -04:00
Nick Mathewson
dfc9c6a0f9 Merge remote-tracking branch 'rransom/bug2750-v3' into maint-0.2.1 2011-04-19 12:30:50 -04:00
Nick Mathewson
cfd7b118a7 Ouch: correctly tabify the micro-revision.i target in Makefile.am (0.2.1 only) 2011-04-19 12:29:20 -04:00
Sebastian Hahn
c1927d7d5f Don't report empty bw-history lines in extrainfo
Some tor relays would report lines like these in their extrainfo
documents:
dirreq-write-history 2011-03-14 16:46:44 (900 s)

This was confusing to some people who look at the stats. It would happen
whenever a relay first starts up, or when a relay has dirport disabled.
Change this so that lines without actual bw entries are omitted.
Implements ticket 2497.
2011-04-19 14:51:40 +02:00
Nick Mathewson
48bdc2f729 Correct HS descriptor length check
Fixes bug 2948.
2011-04-18 13:53:13 -07:00
Robert Ransom
130db1bdeb Merge branch 'bug2750-v3' into bug2948 2011-04-18 13:36:19 -07:00
Robert Ransom
adc31001c2 Add an XXX 2011-04-18 13:25:48 -07:00
Robert Ransom
bfebc942ea Correct the warning emitted when rejecting an oversized HS desc 2011-04-18 13:17:40 -07:00
Robert Ransom
134da2fbcf Add an XXX to the DA code regarding bug 2722 2011-04-18 12:00:48 -07:00
Sebastian Hahn
5114e3e442 Make SIGNAL DUMP work on FreeBSD
While doing so, get rid of the now unnecessary function
control_signal_act().

Fixes bug 2917, reported by Robert Ransom. Bugfix on commit
9b4aa8d2ab. This patch is loosely based on
a patch by Robert (Changelog entry).
2011-04-15 05:35:30 +02:00
Nick Mathewson
e247705afe Merge branch 'bug2373' into maint-0.2.2 2011-04-08 13:35:26 -04:00
Gisle Vanem
70e0291468 Use GetTempDir instead of hardcoded path to c:\windows\tmp for unittests 2011-04-07 18:34:11 -04:00
Nick Mathewson
1be1221385 Free pending_cb_messages on exit 2011-04-07 15:25:33 -04:00
Nick Mathewson
403b6cfded Free circuits_for_buffer_stats on shutdown 2011-04-07 14:59:28 -04:00
Nick Mathewson
71fb2af62c Fix up some cell-queue stats issues in rephist.c
- Document the structure and variables.
- Make circuits_for_buffer_stats into a static variable.
- Don't die horribly if interval_length is 0.
- Remove the unused local_circ_id field.
- Reorder the fields of circ_buffer_stats_t for cleaner alignment layout.
2011-04-07 14:56:50 -04:00
Nick Mathewson
ba0cd8094f Merge remote-tracking branch 'public/xxx_fixups' into maint-0.2.2
Conflicts:
	src/or/or.h
2011-04-07 12:03:04 -04:00
Nick Mathewson
118d8ffdcb Allow controllers a more up-to-date view of bridge usage.
Instead of answering GETINFO requests about our geoip usage only after
running for 24 hours, this patch makes us answer GETINFO requests
immediately.  We still round and quantize as before.

Implements bug2711.

Also, refactor the heck out of the bridge usage formatting code.  No
longer should we need to do a generate-parse-and-regenerate cycle to
get the controller string, and that lets us simplify the code a lot.
2011-04-07 11:53:37 -04:00
Sebastian Hahn
286d44402e Fix a compile warning on OS X 10.6 2011-04-07 05:47:55 +02:00
Nick Mathewson
32341ac467 Merge remote-tracking branch 'public/bug2402_again' into maint-0.2.1 2011-04-06 16:13:22 -04:00
Roger Dingledine
9d2b3849b2 Merge branch 'maint-0.2.1' into maint-0.2.2 2011-04-04 03:53:38 -04:00
Roger Dingledine
0cdd262941 switch to the apr 2011 geoip db 2011-04-04 03:52:58 -04:00
Nick Mathewson
65eb0e41ac Use cbt to tell when to launch parallel intro circuit
Implement feature from trac #2799
2011-03-30 14:41:53 -04:00
Nick Mathewson
aa950e6c48 Use timevals, not time_t, when expiring circuits.
We've got millisecond timers now, we might as well use them.

This change won't actually make circuits get expiered with microsecond
precision, since we only call the expiry functions once per second.
Still, it should avoid the situation where we have a circuit get
expired too early because of rounding.

A couple of the expiry functions now call tor_gettimeofday: this
should be cheap since we're only doing it once per second.  If it gets
to be called more often, though, we should onsider having the current
time be an argument again.
2011-03-30 14:41:41 -04:00
Nick Mathewson
5eaba5ac21 Implement replacements for timer(add,cmp,sub) on platforms lacking them. 2011-03-30 14:41:41 -04:00
Nick Mathewson
fc64783278 Send END_STREAM_REASON_NOROUTE: clients that didn't grok it are now obsolete 2011-03-28 13:42:59 -04:00
Sebastian Hahn
9facf8918f Improve a few comments 2011-03-28 19:28:04 +02:00
Sebastian Hahn
8d81831d71 Add a missing cast to silence the compiler 2011-03-28 19:25:38 +02:00
Nick Mathewson
432734279d Fix handling of StreamID exhaustion.
Since svn r1475/git 5b6099e8 in tor-0.0.6, we have responded to an
exhaustion of all 65535 stream IDs on a circuit by marking that
circuit for close.  That's not the right response.  Instead, we
should mark the circuit as "too dirty for new circuits".

Of course in reality this isn't really right either.  If somebody
has managed to cram 65535 streams onto a circuit, the circuit is
probably not going to work well for any of those streams, so maybe
we should be limiting the number of streams on an origin circuit
concurrently.

Also, closing the stream in this case is probably the wrong thing to
do as well, but fixing that can also wait.
2011-03-25 18:32:28 -04:00
Nick Mathewson
f3b89c1141 Add XXX023s for our timestamp_dirty abuse. 2011-03-25 18:32:28 -04:00
Nick Mathewson
d38030381b Clarify some documentation and comments wrt resetting OR token buckets 2011-03-25 18:32:28 -04:00
Nick Mathewson
550749555c Remove workaround code for bug539
We fixed bug 539 (where directories would say "503" but send data
anyway) back in 0.2.0.16-alpha/0.1.2.19.  Because most directory
versions were affected, we added workaround to make sure that we
examined the contents of 503-replies to make sure there wasn't any
data for them to find.  But now that such routers are nonexistent,
we can remove this code.  (Even if somebody fired up an 0.1.2.19
directory cache today, it would still be fine to ignore data in its
erroneous 503 replies.)
2011-03-25 18:32:28 -04:00
Nick Mathewson
dddd333a80 Fix some 'impossible' overflow bugs in byte counting
The first was genuinely impossible, I think: it could only happen
when the amount we read differed from the amount we wanted to read
by more than INT_MAX.

The second is just very unlikely: it would give incorrect results to
the controller if you somehow wrote or read more than 4GB on one
edge conn in one second.  That one is a bugfix on 0.1.2.8-beta.
2011-03-25 18:32:28 -04:00
Nick Mathewson
6a5b94de6c Look at the right errno when sending reason for connect() failure
In afe414 (tor-0.1.0.1-rc~173), when we moved to
connection_edge_end_errno(), we used it in handling errors from
connection_connect().  That's not so good, since by the time
connection_connect() returns, the socket is no longer set, and we're
supposed to be looking at the socket_errno return value from
connection_connect() instead.  So do what we should've done, and
look at the socket_errno value that we get from connection_connect().
2011-03-25 18:32:28 -04:00
Nick Mathewson
05887f10ff Triage the XXX022 and XXX021 comments remaining in the code
Remove some, postpone others, leave some alone.  Now the only
remaining XXX022s are ones that seem important to fix or investigate.
2011-03-25 18:32:27 -04:00
Nick Mathewson
c4bd067359 Comment out ancient asserts for bug 930; resolve an xxx021 2011-03-25 16:28:38 -04:00
Nick Mathewson
41380fa3b3 Fixup tor_addr_to_sockaddr return convention 2011-03-25 16:28:38 -04:00
Nick Mathewson
88bb40d8f8 Clean up a comment-conversation about bad libevent version/method combos 2011-03-25 16:28:38 -04:00
Nick Mathewson
444e46d96d Remove the "fuzzy time" code
It was the start of a neat idea, but it only got used in 3 places,
none of which really needed it.
2011-03-25 16:28:37 -04:00
Nick Mathewson
fe86be61b6 Fix signed/unsigned compare warning 2011-03-18 12:42:00 -04:00
Nick Mathewson
f3d6663665 Merge remote branch 'sebastian/bug2696' into maint-0.2.2 2011-03-18 12:39:40 -04:00
Nick Mathewson
547635c004 Futz with the clang patch a bit and tidy some geoip.c stuff 2011-03-17 14:06:04 -04:00
Nick Mathewson
9dfa244484 Document a few more members. 2011-03-16 18:10:15 -04:00
Nick Mathewson
721954b3a2 Resolve the one DOCDOC in the 0.2.2 code atm 2011-03-16 18:07:55 -04:00
Nick Mathewson
8f9cfa0abe Remove a useless doxygen comment 2011-03-16 18:07:42 -04:00
Nick Mathewson
27d1675d93 Move the decl for tor_gettimofday_cache_clear to the right header 2011-03-16 17:54:48 -04:00
Nick Mathewson
3310dd2358 Clean up whitespace 2011-03-16 17:11:30 -04:00
Nick Mathewson
6617822b84 Doxygen documentation for about 100 things that didn't have any
About 860 doxygen-less things remain in 0.2.2
2011-03-16 17:05:37 -04:00
Nick Mathewson
7f6af7a602 Fix up all doxygen warnings other than "foo is not documented" 2011-03-16 14:47:27 -04:00
Nick Mathewson
c5ffd44ccd Merge branch 'bug2756_relay' into maint-0.2.2 2011-03-15 17:13:07 -04:00
Nick Mathewson
a86e27cf00 Fix comment for connection_edge_consider_sending_sendme 2011-03-15 15:35:11 -04:00
Nick Mathewson
ab418447eb Merge branch 'bug2757' into maint-0.2.2 2011-03-15 15:18:15 -04:00
Nick Mathewson
5938804d17 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-03-15 15:14:12 -04:00
Sebastian Hahn
30b3f0cdb1 Fix a compile warning when using clang
Issue noticed by Steven Murdoch; fixes bug 2689. The cast didn't do
anything, and we don't need to look at the return value of the function
here.
2011-03-15 15:13:35 -04:00
Robert Ransom
98abe1420d Fix a log message typo 2011-03-15 09:48:26 -07:00
Robert Ransom
3af59dcaee Log the source of a rejected POSTed v3 vote
Related to ticket 2683.
2011-03-15 09:16:58 -07:00
Nick Mathewson
06f026de66 Check newconn, not conn, before marking newconn for close
This fixes bug 2757.  It's a bugfix on 85da676108.
2011-03-14 18:52:15 -04:00
Nick Mathewson
1d36a8e9ae Consider sending stream-level SENDME cells on partial flushes.
Right now, we only consider sending stream-level SENDME cells when we
have completely flushed a connection_edge's outbuf, or when it sends
us a DATA cell.  Neither of these is ideal for throughput.

This patch changes the behavior so we now call
connection_edge_consider_sending_sendme when we flush _some_ data from
an edge outbuf.

Fix for bug 2756; bugfix on svn r152.
2011-03-14 17:48:45 -04:00
Nick Mathewson
b97d9abd09 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-03-14 17:04:53 -04:00
Nick Mathewson
0588330c1d Merge remote branch 'arma/bug2510' into maint-0.2.2 2011-03-14 16:14:54 -04:00
Roger Dingledine
cb101c4815 Merge branch 'bug2511' into bug2510 2011-03-14 15:52:53 -04:00
Nick Mathewson
b639add1a0 Merge remote branch 'arma/bug2716' into maint-0.2.2 2011-03-14 15:29:02 -04:00
Robert Ransom
96b929e743 Log malformed HS descriptor requests at the proper level
This log message should be a 'protocol warning', not a 'warning'.
2011-03-14 01:15:36 -07:00
Robert Ransom
c90097e74a Remove dead code from rend_cache_lookup_v2_desc_as_dir
hid_serv_responsible_for_desc_id's return value is never negative, and
there is no need to search through the consensus to find out whether we
are responsible for a descriptor ID before we look in our cache for a
descriptor.
2011-03-14 01:14:05 -07:00
Roger Dingledine
72b89c96bf fix two issues pointed out by nickm 2011-03-13 16:56:41 -04:00
Roger Dingledine
1a9d19e972 we're not reachable if we don't have a routerinfo yet 2011-03-13 15:47:59 -04:00
Roger Dingledine
61f648ae37 fix one more typo 2011-03-13 15:22:45 -04:00
Robert Ransom
a6cc15e2ae Revert "If we are not using BEGIN_DIR cells, don't attempt to contact hidden service directories with non-open dir port."
This reverts commit 9a7098487b.

Conflicts:

	ChangeLog (left unchanged by this commit)
2011-03-12 07:30:24 -08:00
Nick Mathewson
176fde505f Tweak bug2716 patch a little
Name the magic value "10" rather than re-deriving it.

Comment more.

Use the pattern that works for periodic timers, not the pattern that
doesn't work. ;)
2011-03-12 00:19:52 -05:00
Nick Mathewson
d34a5cdc59 Merge branch 'hsdir_assignment' into maint-0.2.2 2011-03-11 23:30:25 -05:00
Nick Mathewson
3a0c602155 Clarify threat description and avoid negative uptimes. 2011-03-11 23:27:53 -05:00
Roger Dingledine
977e396e86 improve accuracy for when a relay went unreachable 2011-03-11 22:12:15 -05:00
Roger Dingledine
600ad7bf8d Merge commit 'sebastian/bug2663' into maint-0.2.2 2011-03-11 20:37:21 -05:00
Sebastian Hahn
f7a3cdc8f2 Use observed instead of declared uptime for HSDir
It is important to verify the uptime claim of a relay instead of just
trusting it, otherwise it becomes too easy to blackhole a specific
hidden service. rephist already has data available that we can use here.

Bugfix on 0.2.0.10-alpha.
2011-03-11 18:44:35 +01:00
Nick Mathewson
02d93caa09 Backport: Generate version tags using Git, not (broken) svn revisions.
Partial backport of daa0326aaa .
Resolves bug 2402.  Bugfix on 0.2.1.15 (for the part where we switched to
git) and on 0.2.1.30 (for the part where we dumped micro-revisions.)
2011-03-11 11:01:17 -05:00
Nick Mathewson
671318c3a8 Revert "Simplest fix to bug2402: do not include SVN versions"
This reverts commit a1073ee956.

Apparently, we totally misunderstood how the debian packages were using
microrevisions.  Better fix that!
2011-03-11 10:47:25 -05:00
Sebastian Hahn
473ff26563 Fix two compile warnings when using clang
Issue found by Steven Murdoch
2011-03-10 01:48:19 +01:00
Roger Dingledine
6426cd14f3 Merge branch 'maint-0.2.1' into maint-0.2.2 2011-03-08 18:16:06 -05:00
Roger Dingledine
d080fe8db1 move to march 2011 geoip file 2011-03-08 18:15:17 -05:00
Nick Mathewson
00446973f2 Merge remote branch 'sebastian/bug2250' into maint-0.2.2 2011-03-08 16:13:28 -05:00
Nick Mathewson
0d78a16c36 Merge remote branch 'sebastian/bug1035' into maint-0.2.2 2011-03-08 15:52:43 -05:00
Nick Mathewson
9ad083d573 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-03-08 15:20:48 -05:00