| Commit message (Expand) | Author | Age |
|---|
| * | Exit policies now reject connections that are addressed to a•••relay's public (external) IP address too, unless
ExitPolicyRejectPrivate is turned off. We do this because too
many relays are running nearby to services that trust them based
on network address.
svn:r12459
| Roger Dingledine | 2007-11-10 |
| * | more of r12364•••svn:r12366
| Roger Dingledine | 2007-11-04 |
| * | r14623@tombo: nickm | 2007-11-01 22:25:18 -0400••• More tweaks from karsten, with some cleanup and commentary.
svn:r12319
| Nick Mathewson | 2007-11-02 |
| * | And more places with the wrong url, now updated.•••svn:r12267
| Andrew Lewman | 2007-10-29 |
| * | clean up some old syntax errors in the man page•••svn:r11972
| Roger Dingledine | 2007-10-16 |
| * | give PublishServerDescriptor a real man page entry•••svn:r11971
| Roger Dingledine | 2007-10-16 |
| * | un-deprecate FascistFirewall•••svn:r11873
| Roger Dingledine | 2007-10-11 |
| * | r15422@catbus: nickm | 2007-09-27 16:42:35 -0400••• Use descriptor annotations to record the source, download t time, and purpose of every descriptor we add to the store. The remaining to-do item is to stop setting do_not_cache on bridges.
svn:r11680
| Nick Mathewson | 2007-09-27 |
| * | fix a syntax error in the man page•••svn:r11589
| Roger Dingledine | 2007-09-23 |
| * | The manpage now tells uses that they can use identity fingerprints in most pl...•••svn:r11570
| Peter Palfrader | 2007-09-21 |
| * | r14227@Kushana: nickm | 2007-08-27 11:33:28 -0400••• Add a new ClientDNSRejectInternalAddresses option (default: on) to refuse to believe that any address can map to or from an internal address. This blocks some kinds of potential browser-based attacks, especially on hosts using DNSPort. Also clarify behavior in some comments. Backport candiate?
svn:r11287
| Nick Mathewson | 2007-08-27 |
| * | r14758@catbus: nickm | 2007-08-21 01:36:03 -0400••• Finish implementing and documenting proposal 108: Authorities now use MTBF data to set their stability flags, once they have at least 4 days of data to use.
svn:r11240
| Nick Mathewson | 2007-08-21 |
| * | clean up the cookieauth stuff•••svn:r11146
| Roger Dingledine | 2007-08-16 |
| * | r14606@catbus: nickm | 2007-08-16 13:45:01 -0400••• Implement CookieAuthFile and CookieAuthFileGroupReadable. Backport candidate.
svn:r11141
| Nick Mathewson | 2007-08-16 |
| * | r13774@catbus: nickm | 2007-07-16 12:23:28 -0400••• Tweaks on constrained socket buffers patch from coderman: Add a changelog; rename some variables; fix some long lines and whitespace; make ConstrainedSockSize a memunit; pass setsockopt a void.
svn:r10843
| Nick Mathewson | 2007-07-16 |
| * | r13773@catbus: nickm | 2007-07-16 11:58:25 -0400••• Initial "constrained socket buffers" patch from coderman. needs tweaking.
svn:r10842
| Nick Mathewson | 2007-07-16 |
| * | r13304@catbus: nickm | 2007-06-07 13:25:37 -0400••• Deprecate RedirectExits.
svn:r10526
| Nick Mathewson | 2007-06-07 |
| * | r13267@catbus: nickm | 2007-06-05 16:54:20 -0400••• Man page and small tweaks for last patch.
svn:r10505
| Nick Mathewson | 2007-06-05 |
| * | r13127@catbus: nickm | 2007-05-31 21:43:05 -0400••• Mention that SocksPolicy applies to DNSPort.
svn:r10438
| Nick Mathewson | 2007-06-01 |
| * | r13115@catbus: nickm | 2007-05-31 15:12:43 -0400••• Document DNSPort, DNSListenAddress, AutomapHostsOnResolve, AutomapHostsSuffixes, and DownloadExtraInfo in the manpage.
svn:r10426
| Nick Mathewson | 2007-05-31 |
| * | r13068@catbus: nickm | 2007-05-29 14:58:13 -0400••• Add some code to mitigate bug 393: Choose at random from multiple hidden service ports with the same virtport. This allows limited ad-hoc round-robining.
svn:r10398
| Nick Mathewson | 2007-05-29 |
| * | cleanups on man page from edmanm•••svn:r10350
| Roger Dingledine | 2007-05-26 |
| * | add a 'bridge' flag for dirserver config entries•••svn:r10128
| Roger Dingledine | 2007-05-07 |
| * | New config option V2AuthoritativeDirectory that all directory•••authorities should set. This will let future authorities choose
not to serve V2 directory information.
Also, go through and revamp all the authdir_mode stuff so it tries
to do the right thing if you're an auth but not a V1 or V2 auth.
svn:r10092
| Roger Dingledine | 2007-05-02 |
| * | hsusage man page entries from karsten•••svn:r10084
| Roger Dingledine | 2007-05-01 |
| * | Fix the tex error I just introduced. •••svn:r9911
| Andrew Lewman | 2007-03-28 |
| * | Fix tex and spelling mistakes.•••svn:r9910
| Andrew Lewman | 2007-03-28 |
| * | Add a separate set of token buckets for relayed traffic. Right•••now that's just defined as answers to directory requests.
svn:r9881
| Roger Dingledine | 2007-03-20 |
| * | squeak in a bugfix for the VirtualAddrNetwork man page entry•••svn:r9706
| Roger Dingledine | 2007-03-02 |
| * | r11657@catbus: nickm | 2007-02-05 21:01:18 -0500••• Fix a missing word identified by roger.
svn:r9494
| Nick Mathewson | 2007-02-06 |
| * | nick, this was a typo too, right?•••svn:r9493
| Roger Dingledine | 2007-02-06 |
| * | nickm: to a larger what?•••svn:r9492
| Roger Dingledine | 2007-02-06 |
| * | cleanups based on looking through svn commits•••svn:r9491
| Roger Dingledine | 2007-02-06 |
| * | r11616@catbus: nickm | 2007-01-31 13:51:31 -0500••• Tweak Trans/NATDPort documention to be less tool-specific.
svn:r9471
| Nick Mathewson | 2007-01-31 |
| * | r11615@catbus: nickm | 2007-01-31 01:15:06 -0500••• Documentation patch from ioerror for TransPort and related issues.
svn:r9470
| Nick Mathewson | 2007-01-31 |
| * | r11583@catbus: nickm | 2007-01-29 11:19:48 -0500••• Make man page stop saying that BandwidthRate is for incoming bandwidth only; Add some XXX012s for config options that should maybe die.
svn:r9455
| Nick Mathewson | 2007-01-29 |
| * | r11492@catbus: nickm | 2007-01-24 18:41:07 -0500••• Try to be really explicit that ServerDNS options affect what your server does on behalf of clients, and nothing else.
svn:r9398
| Nick Mathewson | 2007-01-24 |
| * | Expire socks connections if they spend too long waiting for the•••handshake to finish. Previously we would let them sit around for
days, if the connecting application didn't close them either.
Also take this opportunity to refactor a duplicate bit of circuituse.c.
And change the semantics of SocksTimeout slightly, but I think it'll
be ok.
svn:r9350
| Roger Dingledine | 2007-01-15 |
| * | Clarify the --nt-service option.•••svn:r9345
| Andrew Lewman | 2007-01-13 |
| * | Update --nt-service•••svn:r9342
| Andrew Lewman | 2007-01-13 |
| * | Update copyright in config.c while I'm there. Update man page to•••reflect all available options to tor binary.
svn:r9341
| Andrew Lewman | 2007-01-13 |
| * | r11938@Kushana: nickm | 2007-01-11 11:02:28 -0500••• Check addresses for rfc953-saneness at exit too, and give a PROTOCOL_WARN when they fail. Also provide a mechanism to override this, so blossom can have its @@##$$^.whatever.exit hostnames if it wants.
svn:r9336
| Nick Mathewson | 2007-01-11 |
| * | fix a bug i introduced in r9249; and more cleanups.•••svn:r9263
| Roger Dingledine | 2007-01-04 |
| * | man page entries for TunnelDirConns and PreferTunneledDirConns•••and add a todo item for nick in case he gets bored :)
svn:r9260
| Roger Dingledine | 2007-01-04 |
| * | interim tweaks•••svn:r9246
| Roger Dingledine | 2007-01-03 |
| * | r11723@Kushana: nickm | 2006-12-28 13:52:48 -0500••• Fix bug 364: check for whether popular hostnames (curently google, yahoo, mit, and slashdot) are getting wildcarded. If they are, we are probably behind a DNS server that is useless: change our exit policy to reject *:*.
svn:r9199
| Nick Mathewson | 2006-12-28 |
| * | r11715@Kushana: nickm | 2006-12-24 22:53:06 -0500••• Document a couple more options in the man page.
svn:r9192
| Nick Mathewson | 2006-12-25 |
| * | r11676@Kushana: nickm | 2006-12-23 20:42:17 -0500••• Add an orport option to dirserver lines so that clients can tell where to connect to open an encrypted tunnel to a dirserver even before they have its descriptor.
svn:r9171
| Nick Mathewson | 2006-12-24 |
| * | r11657@Kushana: nickm | 2006-12-20 15:11:19 -0500••• Fixes to check-docs script; add some docs; mark some options as deprecated in the online docs.
svn:r9163
| Nick Mathewson | 2006-12-20 |
| * | Reject *:563 (NTTPS) in the default exit policy. We already reject•••NNTP by default, so this seems like a sensible addition.
(suggested by bug 331)
svn:r9149
| Roger Dingledine | 2006-12-18 |