diff options
| -rw-r--r-- | changes/bug2181 | 4 | ||||
| -rw-r--r-- | changes/bug2409 | 4 | ||||
| -rw-r--r-- | contrib/tor-exit-notice.html | 18 | ||||
| -rw-r--r-- | doc/tor.1.txt | 4 | ||||
| -rw-r--r-- | src/or/circuitbuild.c | 4 | ||||
| -rw-r--r-- | src/or/hibernate.c | 6 | ||||
| -rw-r--r-- | src/or/routerparse.c | 2 |
7 files changed, 27 insertions, 15 deletions
diff --git a/changes/bug2181 b/changes/bug2181 new file mode 100644 index 000000000..0a095488e --- /dev/null +++ b/changes/bug2181 @@ -0,0 +1,4 @@ + o Minor features + - Log a little more clearly about the times at which we're no longer + accepting new connections. Resolves bug 2181. + diff --git a/changes/bug2409 b/changes/bug2409 new file mode 100644 index 000000000..5523458b6 --- /dev/null +++ b/changes/bug2409 @@ -0,0 +1,4 @@ + o Minor bugfixes + - Resolve a bug in verifying signatures of directory objects + with digests longer than SHA1. Bugfix on 0.2.2.20-alpha; + fixes bug 2409; found by "piebeer". diff --git a/contrib/tor-exit-notice.html b/contrib/tor-exit-notice.html index 8b37edc3f..de3be1744 100644 --- a/contrib/tor-exit-notice.html +++ b/contrib/tor-exit-notice.html @@ -32,7 +32,7 @@ Tor Exit Router</p> Most likely you are accessing this website because you had some issue with the traffic coming from this IP. This router is part of the <a href="https://www.torproject.org/">Tor Anonymity Network</a>, which is -dedicated to <a href="https://www.torproject.org/overview.html">providing +dedicated to <a href="https://www.torproject.org/about/overview">providing privacy</a> to people who need it most: average computer users. This router IP should be generating no other traffic, unless it has been compromised.</p> @@ -42,19 +42,19 @@ compromised.</p> and serve it locally --> <p style="text-align:center"> -<a href="https://www.torproject.org/overview.html"> +<a href="https://www.torproject.org/about/overview"> <img src="https://www.torproject.org/images/how_tor_works_thumb.png" alt="How Tor works" style="border-style:none"/> </a></p> <p> -Tor sees use by <a href="https://www.torproject.org/torusers.html">many +Tor sees use by <a href="https://www.torproject.org/about/torusers">many important segments of the population</a>, including whistle blowers, journalists, Chinese dissidents skirting the Great Firewall and oppressive censorship, abuse victims, stalker targets, the US military, and law enforcement, just to name a few. While Tor is not designed for malicious computer users, it is true that they can use the network for malicious ends. In reality however, the actual amount of <a -href="https://www.torproject.org/faq-abuse.html">abuse</a> is quite low. This +href="https://www.torproject.org/docs/faq-abuse">abuse</a> is quite low. This is largely because criminals and hackers have significantly better access to privacy and anonymity than do the regular users whom they prey upon. Criminals can and do <a @@ -108,15 +108,15 @@ equipment, in accordance with <a href="http://www4.law.cornell.edu/uscode/html/uscode17/usc_sec_17_00000512----000-.html">DMCA "safe harbor" provisions</a>. In other words, you will have just as much luck sending a takedown notice to the Internet backbone providers. Please consult -<a href="https://www.torproject.org/eff/tor-dmca-response.html">EFF's prepared +<a href="https://www.torproject.org/eff/tor-dmca-response">EFF's prepared response</a> for more information on this matter.</p> <p>For more information, please consult the following documentation:</p> <ol> -<li><a href="https://www.torproject.org/overview.html">Tor Overview</a></li> -<li><a href="https://www.torproject.org/faq-abuse.html">Tor Abuse FAQ</a></li> -<li><a href="https://www.torproject.org/eff/tor-legal-faq.html">Tor Legal FAQ</a></li> +<li><a href="https://www.torproject.org/about/overview">Tor Overview</a></li> +<li><a href="https://www.torproject.org/docs/faq-abuse">Tor Abuse FAQ</a></li> +<li><a href="https://www.torproject.org/eff/tor-legal-faq">Tor Legal FAQ</a></li> </ol> <p> @@ -134,7 +134,7 @@ the Tor network if you so desire. The Tor project provides a <a href="https://check.torproject.org/cgi-bin/TorBulkExitList.py">web service</a> to fetch a list of all IP addresses of Tor exit nodes that allow exiting to a specified IP:port combination, and an official <a -href="https://www.torproject.org/tordnsel/">DNSRBL</a> is also available to +href="https://www.torproject.org/tordnsel/dist/">DNSRBL</a> is also available to determine if a given IP address is actually a Tor exit server. Please be considerate when using these options. It would be unfortunate to deny all Tor users access diff --git a/doc/tor.1.txt b/doc/tor.1.txt index c8608eb84..8fe73b026 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -900,7 +900,9 @@ is non-zero): period, or receive more than that number in the period. For example, with AccountingMax set to 1 GB, a server could send 900 MB and receive 800 MB and continue running. It will only hibernate once one of the two reaches 1 - GB. When the number of bytes is exhausted, Tor will hibernate until some + GB. When the number of bytes gets low, Tor will stop accepting new + connections and circuits. When the number of bytes + is exhausted, Tor will hibernate until some time in the next accounting period. To prevent all servers from waking at the same time, Tor will also wait until a random point in each period before waking up. If you have bandwidth cost issues, enabling hibernation diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c index b49b7e08d..4f8f5fbab 100644 --- a/src/or/circuitbuild.c +++ b/src/or/circuitbuild.c @@ -660,9 +660,9 @@ circuit_build_times_update_state(circuit_build_times_t *cbt, static void circuit_build_times_shuffle_and_store_array(circuit_build_times_t *cbt, build_time_t *raw_times, - int num_times) + uint32_t num_times) { - int n = num_times; + uint32_t n = num_times; if (num_times > CBT_NCIRCUITS_TO_OBSERVE) { log_notice(LD_CIRC, "The number of circuit times that this Tor version " "uses to calculate build times is less than the number stored " diff --git a/src/or/hibernate.c b/src/or/hibernate.c index 48a7ce75b..1878d5d52 100644 --- a/src/or/hibernate.c +++ b/src/or/hibernate.c @@ -783,7 +783,8 @@ hibernate_begin(hibernate_state_t new_state, time_t now) /* XXX upload rendezvous service descriptors with no intro points */ if (new_state == HIBERNATE_STATE_EXITING) { - log_notice(LD_GENERAL,"Interrupt: will shut down in %d seconds. Interrupt " + log_notice(LD_GENERAL,"Interrupt: we have stopped accepting new " + "connections, and will shut down in %d seconds. Interrupt " "again to exit now.", options->ShutdownWaitLength); shutdown_time = time(NULL) + options->ShutdownWaitLength; } else { /* soft limit reached */ @@ -940,7 +941,8 @@ consider_hibernation(time_t now) if (hibernate_state == HIBERNATE_STATE_LIVE) { if (hibernate_soft_limit_reached()) { log_notice(LD_ACCT, - "Bandwidth soft limit reached; commencing hibernation."); + "Bandwidth soft limit reached; commencing hibernation. " + "No new conncetions will be accepted"); hibernate_begin(HIBERNATE_STATE_LOWBANDWIDTH, now); } else if (accounting_enabled && now < interval_wakeup_time) { format_local_iso_time(buf,interval_wakeup_time); diff --git a/src/or/routerparse.c b/src/or/routerparse.c index 5ceb298b8..db7161e3d 100644 --- a/src/or/routerparse.c +++ b/src/or/routerparse.c @@ -1088,7 +1088,7 @@ check_signature_token(const char *digest, signed_digest = tor_malloc(keysize); if (crypto_pk_public_checksig(pkey, signed_digest, keysize, tok->object_body, tok->object_size) - < DIGEST_LEN) { + < digest_len) { log_warn(LD_DIR, "Error reading %s: invalid signature.", doctype); tor_free(signed_digest); return -1; |