Merge branch 'master' of ssh://git@git-rw.torproject.org/tor

8 files changed, 163 insertions, 43 deletions

diff --git a/ChangeLog b/ChangeLog
index ab11ddb6d..c1237ed08 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -15,6 +15,10 @@ Changes in version 0.2.2.10-alpha - 2010-??-??
       circuits now only differ from fast ones in that they can use nodes
       not marked with the Fast flag.
 
+  o Minor features:
+    - Allow disabling building of the manpages. This speeds up the
+      build considerably.
+
   o Minor bugfixes:
     - Fix a memleak in the EXTENDCIRCUIT logic. Spotted by coverity.
       Bugfix on 0.2.2.9-alpha.
@@ -23,11 +27,16 @@ Changes in version 0.2.2.10-alpha - 2010-??-??
       fixes bug 1255.
     - Disallow values larger than INT32_MAX for PerConnBWRate|Burst
       config option. Bugfix on 0.2.2.7-alpha.
+    - Ship the asciidoc-helper file in the tarball, so that people can
+      build from source if they want to, and touching the .1.txt files
+      doesn't break the build. Bugfix on 0.2.2.9-alpha.
 
   o Code simplifications and refactoring:
     - Fix some urls in the exit notice file and make it XHTML1.1 strict
       compliant. Based on a patch from Christian Kujau.
-
+    - Don't use sed in asciidoc-helper anymore.
+    - Make the build process fail if asciidoc cannot be found, and
+      building with asciidoc isn't disabled.
 
 Changes in version 0.2.2.9-alpha - 2010-02-22
   o Directory authority changes:
@@ -115,6 +124,10 @@ Changes in version 0.2.1.25 - 2010-??-??
     - When freeing a cipher, zero it out completely. We only zeroed
       the first ptrsize bytes. Bugfix on tor-0.0.2pre8. Discovered
       and patched by ekir. Fixes bug 1254.
+    - Avoid a bug that set IPs incorrectly on relays that did't set
+      Address to an IP address, when that address fails to resolve.
+      Fixes bug 1269.
+
   o Minor bugfixes:
     - Fix a dereference-then-NULL-check sequence when publishing
       descriptors. Bugfix on tor-0.2.1.5-alpha. Discovered by ekir,
diff --git a/configure.in b/configure.in
index e045c08b3..6e73a2aad 100644
--- a/configure.in
+++ b/configure.in
@@ -49,6 +49,15 @@ AC_ARG_ENABLE(transparent,
         *) AC_MSG_ERROR(bad value for --enable-transparent) ;;
       esac], [transparent=true])
 
+AC_ARG_ENABLE(asciidoc,
+     AS_HELP_STRING(--disable-asciidoc, don't use asciidoc (disables building of manpages)),
+     [case "${enableval}" in
+        yes) asciidoc=true ;;
+        no)  asciidoc=false ;;
+        *) AC_MSG_ERROR(bad value for --disable-asciidoc) ;;
+      esac], [asciidoc=true])
+
+
 AC_ARG_ENABLE(threads,
      AS_HELP_STRING(--disable-threads, disable multi-threading support))
 
@@ -97,6 +106,20 @@ AC_CHECK_PROG([SED],[sed],[sed],[/bin/false])
 dnl check for asciidoc and a2x
 AC_PATH_PROG([ASCIIDOC], [asciidoc], none)
 AC_PATH_PROG([A2X], [a2x], none)
+AC_PATH_PROG([XSLTPROC], [xsltproc], none)
+if test x$asciidoc = xtrue ; then
+   if test x$ASCIIDOC = xnone ; then
+       AC_MSG_ERROR("Couldn't find asciidoc. reconfigure with --disable-asciidoc to build without asciidoc.")
+   fi
+   if test x$A2X = xnone ; then
+       AC_MSG_ERROR("Couldn't find a2x. reconfigure with --disable-asciidoc to build without a2x.")
+   fi
+   if test x$XSLTPROC = xnone ; then
+       AC_MSG_ERROR("Couldn't find xsltproc. reconfigure with --disable-asciidoc to build without xsltproc.")
+   fi
+fi
+
+AM_CONDITIONAL(USE_ASCIIDOC, test x$asciidoc = xtrue)
 
 AC_PATH_PROG([SHA1SUM], [sha1sum], none)
 AC_PATH_PROG([OPENSSL], [openssl], none)
diff --git a/doc/Makefile.am b/doc/Makefile.am
index 492dd3bd5..e7edb0476 100644
--- a/doc/Makefile.am
+++ b/doc/Makefile.am
@@ -13,13 +13,17 @@
 # part of the source distribution, so that people without asciidoc can
 # just use the .1 and .html files.
 
+if USE_ASCIIDOC
 asciidoc_files = tor tor-gencert tor-resolve torify
+else
+asciidoc_files =
+endif
 
 html_in = $(asciidoc_files:=.html.in)
 
 man_in = $(asciidoc_files:=.1.in)
 
-EXTRA_DIST = HACKING                                         \
+EXTRA_DIST = HACKING asciidoc-helper.sh                      \
              $(html_in) $(man_in) $(asciidoc_files:=.1.txt)  \
              tor-osx-dmg-creation.txt tor-rpm-creation.txt   \
              tor-win32-mingw-creation.txt
@@ -39,7 +43,7 @@ DIST_SUBDIRS = spec
 # Generate the html documentation from asciidoc, but don't do
 # machine-specific replacements yet
 $(html_in) :
-	$(top_srcdir)/doc/asciidoc-helper.sh html @ASCIIDOC@ @SED@ $(top_srcdir)/doc/$@
+	$(top_srcdir)/doc/asciidoc-helper.sh html @ASCIIDOC@ $(top_srcdir)/doc/$@
 
 tor.html.in : tor.1.txt
 torify.html.in : torify.1.txt
@@ -49,7 +53,7 @@ tor-resolve.html.in : tor-resolve.1.txt
 # Generate the manpage from asciidoc, but don't do
 # machine-specific replacements yet
 $(man_in) :
-	$(top_srcdir)/doc/asciidoc-helper.sh man @A2X@ @SED@ $(top_srcdir)/doc/$@
+	$(top_srcdir)/doc/asciidoc-helper.sh man @A2X@ $(top_srcdir)/doc/$@
 
 tor.1.in : tor.1.txt
 torify.1.in : torify.1.txt
diff --git a/doc/asciidoc-helper.sh b/doc/asciidoc-helper.sh
index 90a003d49..d24b31918 100755
--- a/doc/asciidoc-helper.sh
+++ b/doc/asciidoc-helper.sh
@@ -4,51 +4,34 @@
 # See LICENSE for licensing information
 # Run this to generate .html.in or .1.in files from asciidoc files.
 # Arguments:
-# html|man asciidocpath sedpath outputfile
+# html|man asciidocpath outputfile
 
 set -e
 
-if [ $# != 4 ]; then
+if [ $# != 3 ]; then
   exit 1;
 fi
 
-output=$4
-input=`echo $output | $3 -e 's/html\.in$/1\.txt/g' -e 's/1\.in$/1\.txt/g'`
-base=`echo $output | $3 -e 's/\.html\.in$//g' -e 's/\.1\.in$//g'`
+output=$3
 
 if [ "$1" = "html" ]; then
-    if [ "$2" != none ]; then
-      "$2" -d manpage -o $output $input;
-    else
-      echo "==================================";
-      echo;
-      echo "The manpage in html form for $base will ";
-      echo "NOT be available, because asciidoc doesn't appear to be ";
-      echo "installed!";
-      echo;
-      echo "==================================";
-    fi
+    input=${output%%.html.in}.1.txt
+    base=${output%%.html.in}
+    "$2" -d manpage -o $output $input;
 elif [ "$1" = "man" ]; then
-    if test "$2" != none; then
-      if $2 -f manpage $input; then
-        mv $base.1 $output;
-      else
-        echo "==================================";
-        echo;
-        echo "a2x is installed, but some required docbook support files are";
-        echo "missing. Please install docbook-xsl and docbook-xml (Debian)";
-        echo "or similar.";
-        echo;
-        echo "==================================";
-      fi;
+    input=${output%%.1.in}.1.txt
+    base=${output%%.1.in}
+    
+    if "$2" -f manpage $input; then
+      mv $base.1 $output;
     else
       echo "==================================";
       echo;
-      echo "The manpage for $base will NOT be ";
-      echo "available, because a2x doesn't appear to be installed!";
+      echo "a2x is installed, but some required docbook support files are";
+      echo "missing. Please install docbook-xsl and docbook-xml (Debian)";
+      echo "or similar.";
       echo;
       echo "==================================";
+      exit 1;
     fi
 fi
-
-touch $output; \
diff --git a/doc/spec/proposals/000-index.txt b/doc/spec/proposals/000-index.txt
index 664c5654d..62327a1e6 100644
--- a/doc/spec/proposals/000-index.txt
+++ b/doc/spec/proposals/000-index.txt
@@ -90,6 +90,7 @@ Proposals by number:
 167  Vote on network parameters in consensus [CLOSED]
 168  Reduce default circuit window [OPEN]
 169  Eliminate TLS renegotiation for the Tor connection handshake [DRAFT]
+170  Configuration options regarding circuit building [DRAFT]
 
 
 Proposals by status:
@@ -101,6 +102,7 @@ Proposals by status:
    141  Download server descriptors on demand
    144  Increase the diversity of circuits by detecting nodes belonging the same provider
    169  Eliminate TLS renegotiation for the Tor connection handshake [for 0.2.2]
+   170  Configuration options regarding circuit building
  NEEDS-REVISION:
    131  Help users to verify they are using Tor
  OPEN:
diff --git a/doc/spec/proposals/170-user-path-config.txt b/doc/spec/proposals/170-user-path-config.txt
new file mode 100644
index 000000000..fa74c76f7
--- /dev/null
+++ b/doc/spec/proposals/170-user-path-config.txt
@@ -0,0 +1,95 @@
+Title: Configuration options regarding circuit building
+Filename: 170-user-path-config.txt
+Author: Sebastian Hahn
+Created: 01-March-2010
+Status: Draft
+
+Overview:
+
+    This document outlines how Tor handles the user configuration
+    options to influence the circuit building process.
+
+Motivation:
+
+    Tor's treatment of the configuration *Nodes options was surprising
+    to many users, and quite a few conspiracy theories have crept up. We
+    should update our specification and code to better describe and
+    communicate what is going during circuit building, and how we're
+    honoring configuration. So far, we've been tracking a bugreport
+    about this behaviour (
+    https://bugs.torproject.org/flyspray/index.php?do=details&id=1090 )
+    and Nick replied in a thread on or-talk (
+    http://archives.seul.org/or/talk/Feb-2010/msg00117.html ).
+
+    This proposal tries to document our intention for those configuration
+    options.
+
+Design:
+
+    Five configuration options are available to users to influence Tor's
+    circuit building. EntryNodes and ExitNodes define a list of nodes
+    that are for the Entry/Exit position in all circuits. ExcludeNodes
+    is a list of nodes that are used for no circuit, and
+    ExcludeExitNodes is a list of nodes that aren't used as the last
+    hop. StrictNodes defines Tor's behaviour in case of a conflict, for
+    example when a node that is excluded is the only available
+    introduction point. Setting StrictNodes to 1 breaks Tor's
+    functionality in that case, and it will refuse to build such a
+    circuit.
+
+    Neither Nick's email nor bug 1090 have clear suggestions how we
+    should behave in each case, so I tried to come up with something
+    that made sense to me.
+
+Security implications:
+
+    Deviating from normal circuit building can break one's anonymity, so
+    the documentation of the above option should contain a warning to
+    make users aware of the pitfalls.
+
+Specification:
+
+    It is proposed that the "User configuration" part of path-spec
+    (section 2.2.2) be replaced with this:
+
+    Users can alter the default behavior for path selection with
+    configuration options. In case of conflicts (excluding and requiring
+    the same node) the "StrictNodes" option is used to determine
+    behaviour. If a nodes is both excluded and required via a
+    configuration option, the exclusion takes preference.
+
+    - If "ExitNodes" is provided, then every request requires an exit
+      node on the ExitNodes list. If a request is supported by no nodes
+      on that list, and "StrictNodes" is false, then Tor treats that
+      request as if ExitNodes were not provided.
+
+    - "EntryNodes" behaves analogously.
+
+    - If "ExcludeNodes" is provided, then no circuit uses any of the
+      nodes listed. If a circuit requires an excluded node to be used,
+      and "StrictNodes" is false, then Tor uses the node in that
+      position while not using any other of the excluded nodes.
+
+    - If "ExcludeExitNodes" is provided, then Tor will not use the nodes
+      listed for the exit position in a circuit. If a circuit requires
+      an excluded node to be used in the exit position and "StrictNodes"
+      is false, then Tor builds that circuit as if ExcludeExitNodes were
+      not provided.
+
+    - If a user tries to connect to or resolve a hostname of the form
+      <target>.<servername>.exit and the "AllowDotExit" configuration
+      option is set to 1, the request is rewritten to a request for
+      <target>, and the request is only supported by the exit whose
+      nickname or fingerprint is <servername>. If "AllowDotExit" is set
+      to 0 (default), any request for <anything>.exit is denied.
+
+    - When any of the *Nodes settings are changed, all circuits are
+      expired immediately, to prevent a situation where a previously
+      built circuit is used even though some of its nodes are now
+      excluded.
+
+
+Compatibility:
+
+    The old Strict*Nodes options are deprecated, and the StrictNodes
+    option is new. Tor users may need to update their configuration file.
diff --git a/src/or/config.c b/src/or/config.c
index 0e92fbf7b..6292f8f17 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -2221,7 +2221,7 @@ resolve_my_address(int warn_severity, or_options_t *options,
   if (tor_inet_aton(hostname, &in) == 0) {
     /* then we have to resolve it */
     explicit_ip = 0;
-    if (!tor_lookup_hostname(hostname, &addr)) {
+    if (tor_lookup_hostname(hostname, &addr)) {
       uint32_t interface_ip;
 
       if (explicit_hostname) {
diff --git a/src/or/routerlist.c b/src/or/routerlist.c
index 69efd8879..0173c27e4 100644
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
@@ -1574,10 +1574,10 @@ smartlist_choose_by_bandwidth_weights(smartlist_t *sl,
              rule == WEIGHT_FOR_MID ||
              rule == WEIGHT_FOR_DIR);
 
-  if (!sl || smartlist_len(sl) == 0) {
+  if (smartlist_len(sl) == 0) {
     log_info(LD_CIRC,
-             "Empty routerlist passed in to node selection for rule %d",
-             rule);
+             "Empty routerlist passed in to consensus weight node "
+             "selection for rule %d", rule);
     return NULL;
   }
 
@@ -1781,9 +1781,9 @@ smartlist_choose_by_bandwidth(smartlist_t *sl, bandwidth_weight_rule_t rule,
              rule == WEIGHT_FOR_EXIT ||
              rule == WEIGHT_FOR_GUARD);
 
-  if (!sl || smartlist_len(sl) == 0) {
-    log_warn(LD_CIRC,
-             "Empty routerlist passed in to node selection for rule %d",
+  if (smartlist_len(sl) == 0) {
+    log_info(LD_CIRC,
+             "Empty routerlist passed in to old node selection for rule %d",
              rule);
     return NULL;
   }