| Commit message (Collapse) | Author | Age |
|---|
| ... | |
| |
|
|
|
|
|
|
| |
I still need to turn the list of attacks into a paragraph or two
before I move from 3 onto 4.
svn:r690
|
| |
|
|
| |
svn:r689
|
| |
|
|
| |
svn:r688
|
| |
|
|
| |
svn:r687
|
| |
|
|
| |
svn:r686
|
| |
|
|
| |
svn:r685
|
| |
|
|
|
|
|
| |
plus general cleanup on switch_id()
svn:r684
|
| |
|
|
| |
svn:r683
|
| |
|
|
| |
svn:r682
|
| |
|
|
| |
svn:r681
|
| |
|
|
| |
svn:r680
|
| |
|
|
| |
svn:r679
|
| |
|
|
| |
svn:r678
|
| |
|
|
| |
svn:r677
|
| |
|
|
| |
svn:r676
|
| |
|
|
| |
svn:r675
|
| |
|
|
|
|
|
|
|
| |
exit if bind fails
add usage printfs
rearrange config options for readability
svn:r674
|
| |
|
|
| |
svn:r673
|
| |
|
|
| |
svn:r672
|
| |
|
|
|
|
| |
section.
svn:r671
|
| |
|
|
| |
svn:r670
|
| |
|
|
|
|
|
| |
somebody please go turn this into a section
svn:r669
|
| |
|
|
| |
svn:r668
|
| |
|
|
| |
svn:r667
|
| |
|
|
|
|
|
| |
(thanks cherub)
svn:r666
|
| |
|
|
| |
svn:r665
|
| |
|
|
| |
svn:r664
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The problem was that the fixes had us generating TLS certs with a
2-day lifetime on the assumption that we'd rotate fairly often. In
fact, we never rotate our TLS keys.
This patch fixes the situation in 2 ways:
1. It bumps the default lifetime back up to one year until we get
rotation in place.
2. It changes tor_tls_context_new() so that it doesn't leak memory
when you call it more than once.
svn:r663
|
| |
|
|
| |
svn:r662
|
| |
|
|
| |
svn:r661
|
| |
|
|
|
|
|
| |
more questions.
svn:r660
|
| |
|
|
|
|
|
|
| |
Windows, since we don't know whether it's the user or the group that
was set.
svn:r659
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Allow some slop (currently 3 minutes) when checking certificate validity.
Change certificate lifetime from 1 year to 2 days. Since we
regenerate regularly (we regenerate regularly, right??), this
shouldn't be a problem.
Have directories reject descriptors published too far in the future
(currently 30 minutes). If dirservs don't do this:
0) Today is January 1, 2000.
1) A very skewed server publishes descriptor X with a declared
publication time of August 1, 2000.
2) The directory includes X.
3) Because of certificate lifetime issues, nobody can use the
skewed server.
4) The server fixes its skew, and goes to republish a new descriptor Y
with publication time of January 1, 2000.
5) But because the directory already has a "more recent" descriptor X,
it rejects descriptor "Y" as superseded!
This patch should make step 2 go away.
svn:r658
|
| |
|
|
| |
svn:r657
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
setuid, because after we setuid we don't have the priviledges we
need to setgid anymore, duh. merged switch_user() and
switch_group() into switch_id(), since that code has to be wound
together.
- return -1 from switch_id() if it's not defined to do anything else.
- moved daemoinize(), write_pidfile(), and switch_id() from main.c to
util.c
svn:r656
|
| |
|
|
|
|
|
| |
maybe more robust now
svn:r655
|
| |
|
|
| |
svn:r654
|
| |
|
|
|
|
|
| |
move default exit policy into config files
svn:r653
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
setuid and setgid respectively, and die if it can't.
(If the User option is set, tor will setgid to the user's gid as well.)
This happens after the pidfile is created, so that in cases where tor
needs to be root to work with the pidfile, it will at least be able to
create it, although it won't be able to delete it. That sucks, but
it's somewhat better than not being able to create the pidfile in the
first place.
svn:r652
|
| |
|
|
| |
svn:r651
|
| |
|
|
|
|
|
|
|
|
|
| |
so he gets the permissions right.
also this means clients will never need to make the datadirectory.
also remind the admin to fix his clock before setting up his node.
svn:r650
|
| |
|
|
| |
svn:r649
|
| |
|
|
| |
svn:r648
|
| |
|
|
| |
svn:r647
|
| |
|
|
| |
svn:r646
|
| |
|
|
| |
svn:r645
|
| |
|
|
| |
svn:r644
|
| |
|
|
| |
svn:r643
|
| |
|
|
|
|
|
|
| |
rename APPort to SocksPort
introduce new tor_free() macro
svn:r642
|
| |
|
|
| |
svn:r641
|