| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
| |
relay's public (external) IP address too, unless
ExitPolicyRejectPrivate is turned off. We do this because too
many relays are running nearby to services that trust them based
on network address.
svn:r12459
|
| |
|
|
| |
svn:r12366
|
| |
|
|
|
|
|
| |
More tweaks from karsten, with some cleanup and commentary.
svn:r12319
|
| |
|
|
| |
svn:r12267
|
| |
|
|
| |
svn:r11972
|
| |
|
|
| |
svn:r11971
|
| |
|
|
| |
svn:r11873
|
| |
|
|
|
|
|
| |
Use descriptor annotations to record the source, download t time, and purpose of every descriptor we add to the store. The remaining to-do item is to stop setting do_not_cache on bridges.
svn:r11680
|
| |
|
|
| |
svn:r11589
|
| |
|
|
|
|
| |
places where they can use nicknames. Based on patch from karsten
svn:r11570
|
| |
|
|
|
|
|
| |
Add a new ClientDNSRejectInternalAddresses option (default: on) to refuse to believe that any address can map to or from an internal address. This blocks some kinds of potential browser-based attacks, especially on hosts using DNSPort. Also clarify behavior in some comments. Backport candiate?
svn:r11287
|
| |
|
|
|
|
|
| |
Finish implementing and documenting proposal 108: Authorities now use MTBF data to set their stability flags, once they have at least 4 days of data to use.
svn:r11240
|
| |
|
|
| |
svn:r11146
|
| |
|
|
|
|
|
| |
Implement CookieAuthFile and CookieAuthFileGroupReadable. Backport candidate.
svn:r11141
|
| |
|
|
|
|
|
| |
Tweaks on constrained socket buffers patch from coderman: Add a changelog; rename some variables; fix some long lines and whitespace; make ConstrainedSockSize a memunit; pass setsockopt a void.
svn:r10843
|
| |
|
|
|
|
|
| |
Initial "constrained socket buffers" patch from coderman. needs tweaking.
svn:r10842
|
| |
|
|
|
|
|
| |
Deprecate RedirectExits.
svn:r10526
|
| |
|
|
|
|
|
| |
Man page and small tweaks for last patch.
svn:r10505
|
| |
|
|
|
|
|
| |
Mention that SocksPolicy applies to DNSPort.
svn:r10438
|
| |
|
|
|
|
|
| |
Document DNSPort, DNSListenAddress, AutomapHostsOnResolve, AutomapHostsSuffixes, and DownloadExtraInfo in the manpage.
svn:r10426
|
| |
|
|
|
|
|
| |
Add some code to mitigate bug 393: Choose at random from multiple hidden service ports with the same virtport. This allows limited ad-hoc round-robining.
svn:r10398
|
| |
|
|
| |
svn:r10350
|
| |
|
|
| |
svn:r10128
|
| |
|
|
|
|
|
|
|
|
|
| |
authorities should set. This will let future authorities choose
not to serve V2 directory information.
Also, go through and revamp all the authdir_mode stuff so it tries
to do the right thing if you're an auth but not a V1 or V2 auth.
svn:r10092
|
| |
|
|
| |
svn:r10084
|
| |
|
|
| |
svn:r9911
|
| |
|
|
| |
svn:r9910
|
| |
|
|
|
|
|
| |
now that's just defined as answers to directory requests.
svn:r9881
|
| |
|
|
| |
svn:r9706
|
| |
|
|
|
|
|
| |
Fix a missing word identified by roger.
svn:r9494
|
| |
|
|
| |
svn:r9493
|
| |
|
|
| |
svn:r9492
|
| |
|
|
| |
svn:r9491
|
| |
|
|
|
|
|
| |
Tweak Trans/NATDPort documention to be less tool-specific.
svn:r9471
|
| |
|
|
|
|
|
| |
Documentation patch from ioerror for TransPort and related issues.
svn:r9470
|
| |
|
|
|
|
|
| |
Make man page stop saying that BandwidthRate is for incoming bandwidth only; Add some XXX012s for config options that should maybe die.
svn:r9455
|
| |
|
|
|
|
|
| |
Try to be really explicit that ServerDNS options affect what your server does on behalf of clients, and nothing else.
svn:r9398
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
handshake to finish. Previously we would let them sit around for
days, if the connecting application didn't close them either.
Also take this opportunity to refactor a duplicate bit of circuituse.c.
And change the semantics of SocksTimeout slightly, but I think it'll
be ok.
svn:r9350
|
| |
|
|
| |
svn:r9345
|
| |
|
|
| |
svn:r9342
|
| |
|
|
|
|
|
| |
reflect all available options to tor binary.
svn:r9341
|
| |
|
|
|
|
|
| |
Check addresses for rfc953-saneness at exit too, and give a PROTOCOL_WARN when they fail. Also provide a mechanism to override this, so blossom can have its @@##$$^.whatever.exit hostnames if it wants.
svn:r9336
|
| |
|
|
| |
svn:r9263
|
| |
|
|
|
|
|
| |
and add a todo item for nick in case he gets bored :)
svn:r9260
|
| |
|
|
| |
svn:r9246
|
| |
|
|
|
|
|
| |
Fix bug 364: check for whether popular hostnames (curently google, yahoo, mit, and slashdot) are getting wildcarded. If they are, we are probably behind a DNS server that is useless: change our exit policy to reject *:*.
svn:r9199
|
| |
|
|
|
|
|
| |
Document a couple more options in the man page.
svn:r9192
|
| |
|
|
|
|
|
| |
Add an orport option to dirserver lines so that clients can tell where to connect to open an encrypted tunnel to a dirserver even before they have its descriptor.
svn:r9171
|
| |
|
|
|
|
|
| |
Fixes to check-docs script; add some docs; mark some options as deprecated in the online docs.
svn:r9163
|
| |
|
|
|
|
|
|
| |
NNTP by default, so this seems like a sensible addition.
(suggested by bug 331)
svn:r9149
|