| Commit message (Expand) | Author | Age |
|---|
| * | Fix a bunch of whitespace errors | Nick Mathewson | 2011-10-11 |
| * | Cell types and states for new OR handshake•••Also, define all commands > 128 as variable-length when using
v3 or later link protocol. Running into a var cell with an
unrecognized type is no longer a bug.
| Nick Mathewson | 2011-10-10 |
| * | Rephrase the log messages emitted if the TestSocks check is positive•••Previously Tor would always claim to have been given a hostname
by the client, while actually only verifying that the client
is using SOCKS4A or SOCKS5 with hostnames. Both protocol versions
allow IP addresses, too, in which case the log messages were wrong.
Fixes #4094.
| Fabian Keil | 2011-10-03 |
| * | Remove warning about a loop parsing evbuffer socks•••This behavior is normal when we want more data than the evbuffer
actually has for us. We'll ask for (say) 7 bytes, get only 5
(because that's all there is), try to parse the 5 bytes, and get
told "no, I want 7". One option would be to bail out early whenever
want_length is > buflen, but sometimes we use an over-large
want_length. So instead, let's just remove the warning here: it's
not a bug after all.
| Nick Mathewson | 2011-08-18 |
| * | Appease "make check-spaces" | Nick Mathewson | 2011-08-18 |
| * | Use evbuffer_copyout() in inspect_evbuffer(). | Nick Mathewson | 2011-08-17 |
| * | Clear socks auth fields before free | Nick Mathewson | 2011-08-05 |
| * | Merge branch 'optimistic-client'•••The conflicts are with the proposal 171 circuit isolation code, and
they're all trivial: they're just a matter of both branches adding
some unrelated code in the same places.
Conflicts:
src/or/circuituse.c
src/or/connection.c
| Nick Mathewson | 2011-07-20 |
| |\ |
|
| | * | Add a generic_buffer_t to use the best buffer type we have on hand•••Also add a quick function to copy all the data in a buffer. (This
one could be done much better, but let's see if it matters.)
| Nick Mathewson | 2011-07-18 |
| * | | Fix spurious warning in bufferevent socks parsing•••The problem was that we weren't initializing want_length to 0 before
calling parse_socks() the first time, so it looked like we were
risking an infinite loop when in fact we were safe.
Fixes 3615; bugfix on 0.2.3.2-alpha.
| Nick Mathewson | 2011-07-19 |
| |/ |
|
| * | Merge remote-tracking branch 'public/bug1666'•••Conflicts:
doc/spec/socks-extensions.txt
src/or/buffers.c
src/or/config.c
src/or/connection_edge.c
| Nick Mathewson | 2011-07-13 |
| |\ |
|
| | * | Add more error checks to socks parsing code•••Suggested by Linus to avoid uninitialized reads or infinite loops if
it turns out our code is buggier than we had thought.
| Nick Mathewson | 2011-07-12 |
| | * | Refactor fetch_from_buf_socks() to be greedy•••Previously, fetch_from_buf_socks() might return 0 if there was still
data on the buffer and a subsequent call to fetch_from_buf_socks()
would return 1. This was making some of the socks5 unit tests
harder to write, and could potentially have caused misbehavior with
some overly verbose SOCKS implementations. Now,
fetch_from_buf_socks() does as much processing as it can, and
returns 0 only if it really needs more data. This brings it into
line with the evbuffer socks implementation.
| Nick Mathewson | 2011-06-29 |
| | * | Don't drain extra data when parsing socks auth methods•••We added this back in 0649fa14 in 2006, to deal with the case where
the client unconditionally sent us authentication data. Hopefully,
that's not needed any longer, since we now can actually parse
authentication data.
| Nick Mathewson | 2011-06-29 |
| | * | Record username/password data in socks_request_t•••This change also requires us to add and use a pair of
allocator/deallocator functions for socks_request_t, instead of
using tor_malloc_zero/tor_free directly.
| Nick Mathewson | 2011-06-29 |
| | * | If we negotiate authentication, require it. | Nick Mathewson | 2011-06-29 |
| | * | Be more strict about when to accept socks auth message•••In the code as it stood, we would accept any number of socks5
username/password authentication messages, regardless of whether we
had actually negotiated username/password authentication. Instead,
we should only accept one, and only if we have really negotiated
username/password authentication.
This patch also makes some fields of socks_request_t into uint8_t,
for safety.
| Nick Mathewson | 2011-06-29 |
| | * | Fix 'make check-spaces' | Nick Mathewson | 2011-06-29 |
| | * | Correct byte-counting in socks auth parsing code | Nick Mathewson | 2011-06-29 |
| | * | bug1666 - Pass-through support for SOCKS5 authentication(4)•••Implement nickm's suggestion that we tolerate SOCKS5 clients
that send authentication credentials and SOCKS commands all in
one go.
| Robert Hogan | 2010-12-14 |
| | * | bug1666 - Pass-through support for SOCKS5 authentication (2)•••Address Nick's comments:
- Refactor against changes in buffers.c
- Ensure we have negotiated a method before accepting
authentication credentials
| Robert Hogan | 2010-12-14 |
| | * | bug1666 - Pass-through support for SOCKS5 authentication•••If a SOCKS5 client insists on authentication, allow it to
negotiate a connection with Tor's SOCKS server successfully.
Any credentials the client provides are ignored.
This allows Tor to work with SOCKS5 clients that can only
support 'authenticated' connections.
Also add a bunch of basic unit tests for SOCKS4/4a/5 support
in buffers.c.
| Robert Hogan | 2010-12-14 |
| * | | Remove unused var in write_to_evbuffer_zlib | Nick Mathewson | 2011-07-07 |
| * | | Make the get_options() return const•••This lets us make a lot of other stuff const, allows the compiler to
generate (slightly) better code, and will make me get slightly fewer
patches from folks who stick mutable stuff into or_options_t.
const: because not every input is an output!
| Nick Mathewson | 2011-06-14 |
| * | | Merge remote-tracking branch 'origin/maint-0.2.2'•••Conflicts:
src/common/compat.c
src/or/main.c
| Nick Mathewson | 2011-05-30 |
| |\ \ |
|
| | * | | Use a 64-bit type to hold sockets on win64.•••On win64, sockets are of type UINT_PTR; on win32 they're u_int;
elsewhere they're int. The correct windows way to check a socket for
being set is to compare it with INVALID_SOCKET; elsewhere you see if
it is negative.
On Libevent 2, all callbacks take sockets as evutil_socket_t; we've
been passing them int.
This patch should fix compilation and correctness when built for
64-bit windows. Fixes bug 3270.
| Nick Mathewson | 2011-05-23 |
| * | | | Merge remote-tracking branch 'origin/maint-0.2.2'•••Conflicts:
src/common/address.c
src/common/compat_libevent.c
src/common/memarea.c
src/common/util.h
src/or/buffers.c
src/or/circuitbuild.c
src/or/circuituse.c
src/or/connection.c
src/or/directory.c
src/or/networkstatus.c
src/or/or.h
src/or/routerlist.c
| Nick Mathewson | 2011-04-07 |
| |\| | |
|
| | * | | Triage the XXX022 and XXX021 comments remaining in the code•••Remove some, postpone others, leave some alone. Now the only
remaining XXX022s are ones that seem important to fix or investigate.
| Nick Mathewson | 2011-03-25 |
| | * | | Fix another instance of "128" in buffers.c. More bug2330. | Nick Mathewson | 2011-01-15 |
| * | | | Merge branch 'bug2320' | Nick Mathewson | 2011-01-12 |
| |\ \ \ |
|
| | * | | | Use autoconf's FLEXIBLE_ARRAY_MEMBER for unspecified-length arrays•••C99 allows a syntax for structures whose last element is of
unspecified length:
struct s {
int elt1;
...
char last_element[];
};
Recent (last-5-years) autoconf versions provide an
AC_C_FLEXIBLE_ARRAY_MEMBER test that defines FLEXIBLE_ARRAY_MEMBER
to either no tokens (if you have c99 flexible array support) or to 1
(if you don't). At that point you just use offsetof
[STRUCT_OFFSET() for us] to see where last_element begins, and
allocate your structures like:
struct s {
int elt1;
...
char last_element[FLEXIBLE_ARRAY_MEMBER];
};
tor_malloc(STRUCT_OFFSET(struct s, last_element) +
n_elements*sizeof(char));
The advantages are:
1) It's easier to see which structures and elements are of
unspecified length.
2) The compiler and related checking tools can also see which
structures and elements are of unspecified length, in case they
wants to try weird bounds-checking tricks or something.
3) The compiler can warn us if we do something dumb, like try
to stack-allocate a flexible-length structure.
| Nick Mathewson | 2011-01-06 |
| * | | | | Merge remote branch 'origin/maint-0.2.2'•••Conflicts:
src/or/buffers.c
| Nick Mathewson | 2011-01-10 |
| |\ \ \ \
| |/ / /
|/| / /
| |/ / |
|
| | * | | Pull up more data when parsing socks messages•••Previously, we only looked at up to 128 bytes. This is a bad idea
since socks messages can be at least 256+x bytes long. Now we look at
up to 512 bytes; this should be enough for 0.2.2.x to handle all valid
SOCKS messages. For 0.2.3.x, we can think about handling trickier
cases.
Fixes 2330. Bugfix on 0.2.0.16-alpha.
| Nick Mathewson | 2011-01-10 |
| * | | | Merge remote branch 'rransom/bug2327-v2' | Nick Mathewson | 2011-01-03 |
| |\ \ \ |
|
| | * | | | Don't throw away incomplete SOCKS proxy responses.•••Introduced in 9796b9bfa6a757780d6185547e4baf739c53cdac.
| Robert Ransom | 2010-12-29 |
| | * | | | Use evbuffer_pullup properly in fetch_from_evbuffer_socks_client.•••evbuffer_pullup does nothing and returns NULL if the caller asks it to
linearize more data than the buffer contains.
Introduced in 9796b9bfa6a757780d6185547e4baf739c53cdac.
Reported by piebeer; fixed with help from doors.
| Robert Ransom | 2010-12-29 |
| * | | | | Merge remote branch 'origin/maint-0.2.2' | Nick Mathewson | 2011-01-03 |
| |\ \ \ \
| |/ / /
|/| / /
| |/ / |
|
| | * | | Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2•••Conflicts:
src/common/test.h
src/or/test.c
| Nick Mathewson | 2011-01-03 |
| | |\ \ |
|
| | | * | | Bump copyright statements to 2011 | Nick Mathewson | 2011-01-03 |
| * | | | | Merge branch 'maint-0.2.2' | Roger Dingledine | 2010-12-19 |
| |\| | |
| |_|/
|/| | |
|
| | * | | Merge remote branch fix_security_bug_021 into fix_security_bug_022•••Conflicts:
src/common/memarea.c
src/or/or.h
src/or/rendclient.c
| Nick Mathewson | 2010-12-15 |
| | |\| |
|
| | | * | Make payloads into uint8_t.•••This will avoid some signed/unsigned assignment-related bugs.
| Nick Mathewson | 2010-12-15 |
| | | * | Disable logging to control port connections in buf_shrink_freelists.•••If buf_shrink_freelists calls log_warn for some reason, we don't want the log
call itself to throw buf_shrink_freelists further off the rails.
| Robert Ransom | 2010-11-12 |
| | | * | Move the original log_info call out of the core of buf_shrink_freelists.•••Sending a log message to a control port can cause Tor to allocate a buffer,
thereby changing the length of the freelist behind buf_shrink_freelists's back,
thereby causing an assertion to fail.
Fixes bug #1125.
| Robert Ransom | 2010-11-12 |
| * | | | Merge remote branch 'origin/maint-0.2.2' | Nick Mathewson | 2010-11-15 |
| |\| | |
|
| | * | | Move controller event for socks warning into log_unsafe_socks_warning | Nick Mathewson | 2010-11-15 |
| * | | | Merge remote branch 'origin/maint-0.2.2'•••Conflicts:
src/or/buffers.c
| Nick Mathewson | 2010-11-15 |
| |\| | |
|
| | * | | Rate-limit unsafe socks warning•••Pick 5 seconds as the limit. 5 seconds is a compromise here between
making sure the user notices that the bad behaviour is (still) happening
and not spamming their log too much needlessly (the log message is
pretty long). We also keep warning every time if safesocks is
specified, because then the user presumably wants to hear about every
blocked instance.
(This is based on the original patch by Sebastian, then backported to
0.2.2 and with warnings split into their own function.)
| Sebastian Hahn | 2010-11-15 |
| * | | | Merge remote branch 'origin/maint-0.2.2' | Nick Mathewson | 2010-11-12 |
| |\| | |
|
| | * | | Avoid perma-blocking the controller on bug in shrink_freelist•••In all likelihood, this bug would make Tor assert, but if it doesn't,
let's not have two bugs.
| Nick Mathewson | 2010-11-12 |