| Commit message (Expand) | Author | Age |
|---|
| * | fix trivial typo•••svn:r808
| Roger Dingledine | 2003-11-13 |
| * | break out the string manipulation routines•••svn:r804
| Roger Dingledine | 2003-11-12 |
| * | Remove minor biasing problem from crypto_pseudo_rand_int•••svn:r799
| Nick Mathewson | 2003-11-12 |
| * | Make crypto_pseudo_rand* never fail.•••svn:r797
| Nick Mathewson | 2003-11-12 |
| * | fix a bug in handling clock skew•••svn:r785
| Roger Dingledine | 2003-11-11 |
| * | Check in a working cross-platform timegm•••svn:r779
| Nick Mathewson | 2003-11-10 |
| * | bugfix for win32 with lots of users•••plus general cleanup on switch_id()
svn:r684
| Roger Dingledine | 2003-10-27 |
| * | Use daemon(3) function where available.•••svn:r665
| Nick Mathewson | 2003-10-23 |
| * | resolve warning•••svn:r664
| Nick Mathewson | 2003-10-23 |
| * | Two-pronged attack at my overzealous skew fixes.•••The problem was that the fixes had us generating TLS certs with a
2-day lifetime on the assumption that we'd rotate fairly often. In
fact, we never rotate our TLS keys.
This patch fixes the situation in 2 ways:
1. It bumps the default lifetime back up to one year until we get
rotation in place.
2. It changes tor_tls_context_new() so that it doesn't leak memory
when you call it more than once.
svn:r663
| Nick Mathewson | 2003-10-23 |
| * | switch_id() no longer tries to log the user name when it's calld on•••Windows, since we don't know whether it's the user or the group that
was set.
svn:r659
| Steven Hazel | 2003-10-22 |
| * | Clock skew fixes.•••Allow some slop (currently 3 minutes) when checking certificate validity.
Change certificate lifetime from 1 year to 2 days. Since we
regenerate regularly (we regenerate regularly, right??), this
shouldn't be a problem.
Have directories reject descriptors published too far in the future
(currently 30 minutes). If dirservs don't do this:
0) Today is January 1, 2000.
1) A very skewed server publishes descriptor X with a declared
publication time of August 1, 2000.
2) The directory includes X.
3) Because of certificate lifetime issues, nobody can use the
skewed server.
4) The server fixes its skew, and goes to republish a new descriptor Y
with publication time of January 1, 2000.
5) But because the directory already has a "more recent" descriptor X,
it rejects descriptor "Y" as superseded!
This patch should make step 2 go away.
svn:r658
| Nick Mathewson | 2003-10-22 |
| * | - fixed a bug in the id switching code -- setgid has to happen before••• setuid, because after we setuid we don't have the priviledges we
need to setgid anymore, duh. merged switch_user() and
switch_group() into switch_id(), since that code has to be wound
together.
- return -1 from switch_id() if it's not defined to do anything else.
- moved daemoinize(), write_pidfile(), and switch_id() from main.c to
util.c
svn:r656
| Steven Hazel | 2003-10-22 |
| * | introduce new tor_free() macro•••svn:r643
| Roger Dingledine | 2003-10-21 |
| * | include our own timegm() impl, since it's not portable•••svn:r635
| Roger Dingledine | 2003-10-20 |
| * | warn, not err•••svn:r630
| Roger Dingledine | 2003-10-19 |
| * | Code to get nicknames from peer certs•••svn:r627
| Nick Mathewson | 2003-10-19 |
| * | let tls tolerate reallocing the buf•••and also remember the params for ssl_write if it returns wantread.
svn:r626
| Roger Dingledine | 2003-10-19 |
| * | first steps toward a WANTWRITE SSL_write tls bug fix•••how exactly the same do the arguments need to be? :(
svn:r625
| Roger Dingledine | 2003-10-18 |
| * | start to track down the 'peer has invalid cert' bug•••svn:r623
| Roger Dingledine | 2003-10-18 |
| * | we've been stomping on memory while reading config•••doesn't seem to have bitten us yet, but let's fix that :)
svn:r619
| Roger Dingledine | 2003-10-18 |
| * | rewrite close_logs so it could possibly work•••remove deadbeef memory-clobber testing (for now)
svn:r616
| Roger Dingledine | 2003-10-18 |
| * | Log TLS errors even harder•••svn:r604
| Nick Mathewson | 2003-10-15 |
| * | Add more logging on some ssl errors.•••svn:r603
| Nick Mathewson | 2003-10-15 |
| * | clean up logging, allow user to specify log files•••If DebugLogFile is specified, log to it at -l debug
If LogFile is specified, log to it at the -l from the commandline
(default info)
If no LogFile *and* not a Daemon, then log to stdout.
Make conn->s = -1 by default (this might break things)
When kill -USR1, prefer to log at INFO, but make sure they always see it.
svn:r596
| Roger Dingledine | 2003-10-15 |
| * | Build without warnings on OS X.•••svn:r595
| Nick Mathewson | 2003-10-15 |
| * | Make add_file_log return 0 on success.•••svn:r594
| Nick Mathewson | 2003-10-15 |
| * | Add tor_realloc to mirror tor_malloc•••svn:r582
| Nick Mathewson | 2003-10-14 |
| * | oops, bugfix•••svn:r572
| Roger Dingledine | 2003-10-10 |
| * | change WARNING to WARN•••svn:r570
| Roger Dingledine | 2003-10-10 |
| * | Update LICENSE and copyright dates.•••svn:r560
| Nick Mathewson | 2003-10-08 |
| * | Clear revents even when no events are received. Also, since everyone gets in...•••svn:r550
| Nick Mathewson | 2003-10-07 |
| * | Hoping to find an fd larger than ((unsigned)-1) is probably a lost cause.•••svn:r549
| Nick Mathewson | 2003-10-07 |
| * | do not ask for whom there's an error, it polls for thee•••svn:r548
| Roger Dingledine | 2003-10-07 |
| * | some early bugfixes•••our log() conflicts with log(3)
distribute only the correct files from doc/ and src/config/
sometimes laptops go back in time. i guess that's ok for now.
and bump the version number because we're live.
svn:r544
| Roger Dingledine | 2003-10-07 |
| * | wrap strdup; prefer time() to gettimeofday()•••svn:r538
| Roger Dingledine | 2003-10-04 |
| * | clean some includes•••svn:r535
| Roger Dingledine | 2003-10-04 |
| * | Make testcases run again; more sanity checking to descriptor generation.•••svn:r532
| Nick Mathewson | 2003-10-01 |
| * | Flush after fputs•••svn:r526
| Nick Mathewson | 2003-10-01 |
| * | make log use a larger buffer, for easier debugging•••svn:r515
| Roger Dingledine | 2003-09-30 |
| * | bugfixes and features: closer to making dirserv work•••fix a variety of seg faults
don't try to list OPs in running-routers
write cached-directory to disk when rebuilding the dir
on boot, dirservers load approved-routers file
on boot, dirservers load cached directory file
svn:r508
| Roger Dingledine | 2003-09-29 |
| * | more cleanup and rearranging•••still not finished integrating new dirserv stuff
svn:r507
| Roger Dingledine | 2003-09-29 |
| * | shift read_file_to_str() into util.c•••svn:r504
| Roger Dingledine | 2003-09-28 |
| * | Add function to wrap SSL_pending•••svn:r501
| Nick Mathewson | 2003-09-27 |
| * | finish enforcing the log convention•••svn:r494
| Roger Dingledine | 2003-09-26 |
| * | make writing descs work•••svn:r492
| Roger Dingledine | 2003-09-26 |
| * | Add code to parse fingerprint files and compare routers against fingerprint f...•••svn:r490
| Nick Mathewson | 2003-09-26 |
| * | Bugfixes in crypto_pk_write_private_key_to_filename•••svn:r489
| Nick Mathewson | 2003-09-26 |
| * | Refactor common file code into util.c; add published to descriptors•••svn:r487
| Nick Mathewson | 2003-09-26 |
| * | various bugfixes and updates•••redo all the config files for the new format (we'll redo them again soon)
fix (another! yuck) segfault in log_fn when input is too large
tor_tls_context_new() returns -1 for error, not NULL
fix segfault in check_conn_marked() on conn's that die during tls handshake
make ORs also initialize conn from router when we're the receiving node
make non-dirserver ORs upload descriptor to every dirserver on startup
add our local address to the descriptor
add Content-Length field to POST command
revert the Content-Length search in fetch_from_buf_http() to previous code
fix segfault in memmove in fetch_from_buf_http()
raise maximum allowed headers/body size in directory.c
svn:r484
| Roger Dingledine | 2003-09-25 |