| Commit message (Expand) | Author | Age |
|---|
| * | Resolve some XXXs•••svn:r1889
| Nick Mathewson | 2004-05-18 |
| * | it's amazing what a bit of punctuation can do for appearances•••svn:r1843
| Roger Dingledine | 2004-05-10 |
| * | Doxygenate common.•••svn:r1829
| Nick Mathewson | 2004-05-10 |
| * | Working strerror for windows socket errors, plus some snide comments.•••svn:r1775
| Nick Mathewson | 2004-05-02 |
| * | some patches on the patches•••svn:r1761
| Roger Dingledine | 2004-05-01 |
| * | Handle windows socket errors correctly; comment most of common.•••svn:r1756
| Nick Mathewson | 2004-05-01 |
| * | Some versions of openssl have an SSL_pending function that erroneously•••returns bytes when there is a non-application record pending.
I have no idea when/why this would even happen, but let's catch it and
make sure tor_tls_get_pending_bytes stays correct.
svn:r1727
| Nick Mathewson | 2004-04-26 |
| * | Add a macro to catch unhandled openssl errors.•••svn:r1723
| Nick Mathewson | 2004-04-26 |
| * | log debug so nick can see it too•••svn:r1721
| Roger Dingledine | 2004-04-26 |
| * | Include strerror(errno) with tls syscall errors•••svn:r1718
| Nick Mathewson | 2004-04-26 |
| * | Log pending TLS errors in a couple more places, in case they are possible.•••svn:r1716
| Nick Mathewson | 2004-04-26 |
| * | Call tls_log_errors at a more appropriate location; we can remove the other c...•••svn:r1709
| Nick Mathewson | 2004-04-26 |
| * | Very blunt debugging code: log pending errors at start and end of tor_tls_verify•••svn:r1707
| Nick Mathewson | 2004-04-26 |
| * | use tor_assert and PUBLIC_KEY_OK•••but don't use tor_assert inside log.c, to avoid loops
svn:r1696
| Roger Dingledine | 2004-04-25 |
| * | Merge flagday into main branch.•••svn:r1683
| Nick Mathewson | 2004-04-24 |
| * | quiet a -l info that should be -l debug•••svn:r1634
| Roger Dingledine | 2004-04-15 |
| * | allow 90 minutes of clock skew, not 30•••svn:r1544
| Roger Dingledine | 2004-04-08 |
| * | Document stuff, reduce magic numbers, add emacs magic•••svn:r1502
| Nick Mathewson | 2004-04-06 |
| * | Make "common" no longer depend on or.h•••svn:r1466
| Nick Mathewson | 2004-04-03 |
| * | Refactor the heck out of crypto interface: admit that we will stick with one ...•••svn:r1458
| Nick Mathewson | 2004-04-03 |
| * | Make tor build on windows again. More work still needed•••svn:r1247
| Nick Mathewson | 2004-03-09 |
| * | bugfix: stop trying to write to a stderr that may not be there•••also, tell start_daemon our desired cwd
svn:r1170
| Roger Dingledine | 2004-02-28 |
| * | fix typo•••svn:r1007
| Roger Dingledine | 2004-01-20 |
| * | Note discrepency between N bytes transmitted over TLS and actual bandwidth us...•••svn:r986
| Nick Mathewson | 2004-01-13 |
| * | clean tabs, trailing whitespace•••svn:r952
| Roger Dingledine | 2003-12-17 |
| * | Stop leaking X509 certs; those things are _nasty_ on the carpet•••svn:r833
| Nick Mathewson | 2003-11-18 |
| * | fix a bug in handling clock skew•••svn:r785
| Roger Dingledine | 2003-11-11 |
| * | resolve warning•••svn:r664
| Nick Mathewson | 2003-10-23 |
| * | Two-pronged attack at my overzealous skew fixes.•••The problem was that the fixes had us generating TLS certs with a
2-day lifetime on the assumption that we'd rotate fairly often. In
fact, we never rotate our TLS keys.
This patch fixes the situation in 2 ways:
1. It bumps the default lifetime back up to one year until we get
rotation in place.
2. It changes tor_tls_context_new() so that it doesn't leak memory
when you call it more than once.
svn:r663
| Nick Mathewson | 2003-10-23 |
| * | Clock skew fixes.•••Allow some slop (currently 3 minutes) when checking certificate validity.
Change certificate lifetime from 1 year to 2 days. Since we
regenerate regularly (we regenerate regularly, right??), this
shouldn't be a problem.
Have directories reject descriptors published too far in the future
(currently 30 minutes). If dirservs don't do this:
0) Today is January 1, 2000.
1) A very skewed server publishes descriptor X with a declared
publication time of August 1, 2000.
2) The directory includes X.
3) Because of certificate lifetime issues, nobody can use the
skewed server.
4) The server fixes its skew, and goes to republish a new descriptor Y
with publication time of January 1, 2000.
5) But because the directory already has a "more recent" descriptor X,
it rejects descriptor "Y" as superseded!
This patch should make step 2 go away.
svn:r658
| Nick Mathewson | 2003-10-22 |
| * | introduce new tor_free() macro•••svn:r643
| Roger Dingledine | 2003-10-21 |
| * | warn, not err•••svn:r630
| Roger Dingledine | 2003-10-19 |
| * | Code to get nicknames from peer certs•••svn:r627
| Nick Mathewson | 2003-10-19 |
| * | let tls tolerate reallocing the buf•••and also remember the params for ssl_write if it returns wantread.
svn:r626
| Roger Dingledine | 2003-10-19 |
| * | first steps toward a WANTWRITE SSL_write tls bug fix•••how exactly the same do the arguments need to be? :(
svn:r625
| Roger Dingledine | 2003-10-18 |
| * | start to track down the 'peer has invalid cert' bug•••svn:r623
| Roger Dingledine | 2003-10-18 |
| * | Log TLS errors even harder•••svn:r604
| Nick Mathewson | 2003-10-15 |
| * | Add more logging on some ssl errors.•••svn:r603
| Nick Mathewson | 2003-10-15 |
| * | change WARNING to WARN•••svn:r570
| Roger Dingledine | 2003-10-10 |
| * | shift read_file_to_str() into util.c•••svn:r504
| Roger Dingledine | 2003-09-28 |
| * | Add function to wrap SSL_pending•••svn:r501
| Nick Mathewson | 2003-09-27 |
| * | finish enforcing the log convention•••svn:r494
| Roger Dingledine | 2003-09-26 |
| * | various bugfixes and updates•••redo all the config files for the new format (we'll redo them again soon)
fix (another! yuck) segfault in log_fn when input is too large
tor_tls_context_new() returns -1 for error, not NULL
fix segfault in check_conn_marked() on conn's that die during tls handshake
make ORs also initialize conn from router when we're the receiving node
make non-dirserver ORs upload descriptor to every dirserver on startup
add our local address to the descriptor
add Content-Length field to POST command
revert the Content-Length search in fetch_from_buf_http() to previous code
fix segfault in memmove in fetch_from_buf_http()
raise maximum allowed headers/body size in directory.c
svn:r484
| Roger Dingledine | 2003-09-25 |
| * | Refactor buffers; implement descriptors.•••'buf_t' is now an opaque type defined in buffers.c .
Router descriptors now include all keys; routers generate keys as
needed on startup (in a newly defined "data directory"), and generate
their own descriptors. Descriptors are now self-signed.
Implementation is not complete: descriptors are never published; and
upon receiving a descriptor, the directory doesn't do anything with
it.
At least "routers.or" and orkeygen are now obsolete, BTW.
svn:r483
| Nick Mathewson | 2003-09-25 |
| * | More fine-grained logging messages on ZeroReturn/Syscall error cases•••svn:r467
| Nick Mathewson | 2003-09-16 |
| * | Cipher lists need to be colon separated. Also make initialization more bulle...•••svn:r459
| Nick Mathewson | 2003-09-15 |
| * | Fix TLS error logging•••svn:r458
| Nick Mathewson | 2003-09-15 |
| * | Log protocol errors•••svn:r457
| Nick Mathewson | 2003-09-15 |
| * | fix the cpuworker circ-had-vanished bug (maybe)•••still several (many) tls-related bugs outstanding.
svn:r454
| Roger Dingledine | 2003-09-14 |
| * | Fix bugs in certificate generation and SSL context creation. Both seem to wo...•••svn:r447
| Nick Mathewson | 2003-09-11 |