| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
| |
Add support to get a callback invoked when the client renegotiate a connection. Also, make clients renegotiate. (not enabled yet, until they detect that the server acted like a v2 server)
svn:r12623
|
| |
|
|
|
|
|
| |
Start getting freaky with openssl callbacks in tortls.c: detect client ciphers, and if the list doesn't look like the list current Tors use, present only a single cert do not ask for a client cert. Also, support for client-side renegotiation. None of this is enabled unless you define V2_HANDSHAKE_SERVER.
svn:r12622
|
| |
|
|
| |
svn:r12610
|
| |
|
|
|
|
|
|
| |
better *not* publish a cosmetically similar descriptor within 12
hours of the last one.
svn:r12605
|
| |
|
|
| |
svn:r12604
|
| |
|
|
| |
svn:r12603
|
| |
|
|
| |
svn:r12602
|
| |
|
|
| |
svn:r12599
|
| |
|
|
| |
svn:r12598
|
| |
|
|
| |
svn:r12572
|
| |
|
|
| |
svn:r12566
|
| |
|
|
| |
svn:r12562
|
| |
|
|
| |
svn:r12555
|
| |
|
|
| |
svn:r12516
|
| |
|
|
|
|
|
| |
Initial phase of proposal 110: accept RELAY_EARLY cells, and turn them into RELAY cells when sending them on over a v1 OR connection.
svn:r12496
|
| |
|
|
|
|
|
| |
When we complete an OR handshake, set up all the internal fields and mark the connection as open.
svn:r12495
|
| |
|
|
| |
svn:r12482
|
| |
|
|
| |
svn:r12481
|
| |
|
|
| |
svn:r12474
|
| |
|
|
|
|
|
|
|
|
| |
relay's public (external) IP address too, unless
ExitPolicyRejectPrivate is turned off. We do this because too
many relays are running nearby to services that trust them based
on network address.
svn:r12459
|
| |
|
|
|
|
|
| |
Mess with the formula for the Guard flag again. Now it requires that you be in the most familiar 7/8 of nodes, and have above median wfu for that 7/8th. See spec for details. Also, log thresholds better.
svn:r12440
|
| |
|
|
| |
svn:r12438
|
| |
|
|
|
|
|
| |
Keep track, for each OR connection, of the last time we added a non-padding cell to its outbuf. Use this timestamp, not "lastwritten" to tell if it is time to close a circuitless connection. (We can'tuse lastwritten, since lastwritten is updated when ever the connection flushes anything, and by that point we can no longer tell what is a padding cell and what is not.)
svn:r12437
|
| |
|
|
|
|
|
| |
isn't worth it. also mention bug 546 again.
svn:r12432
|
| |
|
|
| |
svn:r12429
|
| |
|
|
| |
svn:r12427
|
| |
|
|
|
|
|
| |
some notes on 0.2.0.10-alpha blockers.
svn:r12426
|
| |
|
|
|
|
|
| |
"And $499 for knowing where to hit it." Fix bug 546.
svn:r12425
|
| |
|
|
| |
svn:r12422
|
| |
|
|
|
|
|
| |
Add "Blocking resistant TLS certificate usage" as proposal 124.
svn:r12405
|
| |
|
|
|
|
|
| |
Detect whether any of the descriptors we want are in old_routers. Possibly useful in tracking down bug 543.
svn:r12404
|
| |
|
|
|
|
|
| |
Parse CERT cells and act correctly when we get them.
svn:r12396
|
| |
|
|
|
|
|
| |
Send and Parse CERT cells correctly. Still need to understand the certs inside.
svn:r12392
|
| |
|
|
|
|
|
| |
Make VERSIONS variable-length.
svn:r12391
|
| |
|
|
|
|
|
| |
Initial code for variable-length cells. CERT and VERSIONS need to use them.
svn:r12390
|
| |
|
|
|
|
|
| |
Send and parse link_auth cells properly.
svn:r12386
|
| |
|
|
|
|
|
| |
Function to process link auth cells; stub function for cert cell processing
svn:r12385
|
| |
|
|
|
|
|
| |
Make TLS contexts reference-counted, and add a reference from TLS objects to their corresponding context. This lets us reliably get the certificates for a given TLS connection, even if we have rotated TLS contexts.
svn:r12383
|
| |
|
|
|
|
|
| |
Remember X509 certificates in the context. Store peer/self certificate digests in handshake state.
svn:r12382
|
| |
|
|
|
|
|
| |
Split handshake state into its own structure. Revise versions and netinfo code to use this structure.
svn:r12380
|
| |
|
|
|
|
|
| |
Edit TODO: remove some completed items, add breakdown for 105+TLS task.
svn:r12379
|
| |
|
|
| |
svn:r12367
|
| |
|
|
| |
svn:r12366
|
| |
|
|
| |
svn:r12348
|
| |
|
|
|
|
|
| |
lose it
svn:r12347
|
| |
|
|
|
|
|
| |
Merge revised behavior on proposal 105
svn:r12323
|
| |
|
|
|
|
|
| |
--disable-shared actually are, so remove it from docs and spec file.
svn:r12321
|
| |
|
|
| |
svn:r12320
|
| |
|
|
|
|
|
| |
More tweaks from karsten, with some cleanup and commentary.
svn:r12319
|
| |
|
|
| |
svn:r12316
|