| Commit message (Expand) | Author | Age |
|---|
| * | Don't call fmt_addr() twice in a parameter list. | George Kadianakis | 2012-10-09 |
| * | properly free the return values of rate_limit_log()•••resolves bug 7022.
| Roger Dingledine | 2012-10-03 |
| * | Whitespace fixes | Nick Mathewson | 2012-09-18 |
| * | Bug 6866: Convert pathbias asserts into log messages.•••Asserts were hit by Tor2Web mode.
| Mike Perry | 2012-09-17 |
| * | Avoid segfault if EntryGuardPathBias precedes EntryGuard•••Fix for bug 6774; bugfix on 0.2.3.17-beta.
| Nick Mathewson | 2012-09-05 |
| * | Quiet "Set buildtimeout to low val" warnings: make them info•••Fix for #6251
| Nick Mathewson | 2012-08-27 |
| * | Downgrade path-bias warning messages to INFO for now.•••We've had over two months to fix them, and didn't. Now we need
0.2.3.x stable. Yes, it would be cool to get this working in
0.2.3.x, but not at the expense of delaying every other feature that
_does_ work in 0.2.3.x. We can do a real fix in 0.2.4.
| Nick Mathewson | 2012-08-27 |
| * | Disable extending to private/internal addresses by default•••This is important, since otherwise an attacker can use timing info
to probe the internal network.
Also, add an option (ExtendAllowPrivateAddresses) so that
TestingTorNetwork won't break.
Fix for bug 6710; bugfix on all released versions of Tor.
| Nick Mathewson | 2012-08-27 |
| * | Whitespace and build fixes on 6475 patch | Nick Mathewson | 2012-08-17 |
| * | Address Nick's comments from code review.•••Also promote log messages to notice and rate-limit them.
| Mike Perry | 2012-08-16 |
| * | Bug 6475: Explicitly track our path bias state.•••This is done to avoid spurious warns. Additional log lines are also
added to try to track down the codepaths where we are somehow overcounting
success counts.
| Mike Perry | 2012-08-15 |
| * | Change all SMARTLIST_FOREACH loops of >=10 lines to use BEGIN/END•••The SMARTLIST_FOREACH macro is more convenient than BEGIN/END when
you have a nice short loop body, but using it for long bodies makes
your preprocessor tell the compiler that all the code is on the same
line. That causes grief, since compiler warnings and debugger lines
will all refer to that one line.
So, here's a new style rule: SMARTLIST_FOREACH blocks need to be
short.
| Nick Mathewson | 2012-07-17 |
| * | Refer to the correct variable in a loop when parsing entry guard state•••Fixes bug 6397 and coverity issue 709599. Bugfix on 0.2.3.17-beta.
| Nick Mathewson | 2012-07-16 |
| * | fix grammar in comment | Roger Dingledine | 2012-06-28 |
| * | Catch a few more K&R violations with make check-spaces•••We now catch bare {s that should be on the previous line with a do,
while, if, or for, and elses that should share a line with their
preceding }.
That is,
if (foo)
{
and
if (foo) {
...
}
else
are now detected.
We should think about maybe making Tor uncrustify-clean some day,
but configuring uncrustify is an exercise in bizarreness, and
reformatting huge gobs of Tor is always painful.
| Nick Mathewson | 2012-06-23 |
| * | Triage the XXX023 and XXX022 comments: postpone many. | Nick Mathewson | 2012-06-15 |
| * | Downgrade log messages about cbt enabled/disabled. Bug 6169. | Nick Mathewson | 2012-06-15 |
| * | another little step at making debugging 5458 easier | Roger Dingledine | 2012-06-15 |
| * | Lower the default path bias notice rate to 40%.•••I saw 72% on a test run with 26 circuits. 70% might be a little close to the
line. That, or min_circs is too low and we need to be more patient. We still
need to test/simulate more.
| Mike Perry | 2012-06-14 |
| * | For now, never disable any guards. | Mike Perry | 2012-06-14 |
| * | Defend against entry node path bias attacks•••The defense counts the circuit failure rate for each guard for the past N
circuits. Failure is defined as the ability to complete a first hop, but not
finish completing the circuit all the way to the exit.
If the failure rate exceeds a certain amount, a notice is emitted.
If it exceeds a greater amount, a warn is emitted and the guard is disabled.
These values are governed by consensus parameters which we intend to tune as
we perform experiments and statistical simulations.
| Mike Perry | 2012-06-14 |
| * | Merge remote-tracking branch 'asn-mytor/bug5589_take2' | Nick Mathewson | 2012-06-14 |
| |\ |
|
| | * | Remove validate_pluggable_transports_config(): redundant since 9d9b5ed0.•••The warning message of validate_pluggable_transports_config() is
superseded by the changes in the warning message of
connection_or_connect() when the proxy credentials can't be found.
| George Kadianakis | 2012-06-14 |
| * | | Satisfy make check-spaces | Andrea Shepard | 2012-06-13 |
| * | | Move cbt->liveness.timeouts_after_firsthop free code into its own function | Andrea Shepard | 2012-06-13 |
| * | | Early exit from circuit_build_times_set_timeout() if adaptive timeouts are di... | Andrea Shepard | 2012-06-13 |
| * | | Use K&R style | Andrea Shepard | 2012-06-13 |
| * | | Unconditionally use config CircuitBuildTimeout if LearnCircuitBuildTimeout is... | Andrea Shepard | 2012-06-13 |
| * | | Don't track circuit timeout history unless we're actually using adaptive time... | Andrea Shepard | 2012-06-13 |
| * | | Add debug logging to circuit_build_times_* of circuitbuild.c to trace queries... | Andrea Shepard | 2012-06-13 |
| |/ |
|
| * | Merge branch 'bug5603' | Nick Mathewson | 2012-06-05 |
| |\ |
|
| | * | Minor changes to bug5603••• * Minor stylistic changes to comments and doxygen
* Use strcmp_opt; it already exists.
* Tighten bridge_has_digest implementation a little.
| Nick Mathewson | 2012-06-05 |
| | * | Improve conflict resolution when adding new bridges. | George Kadianakis | 2012-06-03 |
| * | | Update copyright dates to 2012; add a few missing copyright statements | Nick Mathewson | 2012-06-04 |
| * | | Add about 60 more DOCDOC comments to 0.2.3•••Also, try to resolve some doxygen issues. First, define a magic
"This is doxygen!" macro so that we take the correct branch in
various #if/#else/#endifs in order to get the right documentation.
Second, add in a few grouping @{ and @} entries in order to get some
variables and fields to get grouped together.
| Nick Mathewson | 2012-06-04 |
| |/ |
|
| * | Use a more helpful log message when we can't find a proxy. | George Kadianakis | 2012-05-18 |
| * | Remove over-two-months-old entry guards even while running.•••Previously, we only did this check at startup, which could lead to
us holding a guard indefinitely, and give weird results. Fixes bug
5380; bugfix on 0.2.1.14-rc.
(Patch by Roger; changes file and commit message by Nick)
| Roger Dingledine | 2012-05-16 |
| * | Correct documentation for remove_obsolete_entry_guards. | Nick Mathewson | 2012-05-16 |
| * | When no usable exit satisfies a predicted port, stop predicting it.•••Fix for bug 3296.
| Nick Mathewson | 2012-05-11 |
| * | Trivially refactor validate_pluggable_transports_config().•••* Remove the ugly if statement.
* constify 'bridge_info_t' in SMARTLIST_FOREACH_BEGIN.
| George Kadianakis | 2012-04-12 |
| * | Improve the message of validate_pluggable_transports_config(). | George Kadianakis | 2012-04-12 |
| * | Refactor the API for setting up a block cipher.•••It allows us more flexibility on the backend if the user needs to
specify the key and IV at setup time.
| Nick Mathewson | 2012-03-27 |
| * | Merge remote-tracking branch 'origin/maint-0.2.2'•••Conflicts:
src/or/circuitbuild.c
| Nick Mathewson | 2012-03-09 |
| |\ |
|
| | * | Never choose a bridge as an exit. Bug 5342. | Nick Mathewson | 2012-03-09 |
| * | | Unpack a smartlist_foreach and add an assert: try to hunt #5102 | Nick Mathewson | 2012-02-12 |
| * | | if we ever have an old bridge, never again use microdescs•••should reduce the risk of oscillation if our 0.2.2 bridge comes and goes
| Roger Dingledine | 2012-01-27 |
| * | | Allow 0.2.3.x clients to use 0.2.2.x bridges.•••Previously the client would ask the bridge for microdescriptors, which are
only supported in 0.2.3.x and later, and then fail to bootstrap when it
didn't get the answers it wanted. Fixes bug 4013; bugfix on 0.2.3.2-alpha.
The fix here is to revert to using normal descriptors if any of our
bridges are known to not support microdescs. This is not ideal, a) because
we'll start downloading a microdesc consensus as soon as we get a bridge
descriptor, and that will waste time if we later get a bridge descriptor
that tells us we don't like microdescriptors; and b) by changing our mind
we're leaking to our other bridges that we have an old-version bridge.
The alternate fix would have been to change
we_use_microdescriptors_for_circuits() to ask if *any* of our bridges
can support microdescriptors, and then change the directory logic that
picks a bridge to only select from those that do. For people living in
the future, where 0.2.2.x is obsolete, there won't be a difference.
Note that in either of these potential fixes, we have risk of oscillation
if our one funny-looking bridges goes away / comes back.
| Roger Dingledine | 2012-01-25 |
| * | | Rename nonconformant identifiers.•••Fixes bug 4893.
These changes are pure mechanical, and were generated with this
perl script:
/usr/bin/perl -w -i.bak -p
s/crypto_pk_env_t/crypto_pk_t/g;
s/crypto_dh_env_t/crypto_dh_t/g;
s/crypto_cipher_env_t/crypto_cipher_t/g;
s/crypto_digest_env_t/crypto_digest_t/g;
s/aes_free_cipher/aes_cipher_free/g;
s/crypto_free_cipher_env/crypto_cipher_free/g;
s/crypto_free_digest_env/crypto_digest_free/g;
s/crypto_free_pk_env/crypto_pk_free/g;
s/_crypto_dh_env_get_dh/_crypto_dh_get_dh/g;
s/_crypto_new_pk_env_rsa/_crypto_new_pk_from_rsa/g;
s/_crypto_pk_env_get_evp_pkey/_crypto_pk_get_evp_pkey/g;
s/_crypto_pk_env_get_rsa/_crypto_pk_get_rsa/g;
s/crypto_new_cipher_env/crypto_cipher_new/g;
s/crypto_new_digest_env/crypto_digest_new/g;
s/crypto_new_digest256_env/crypto_digest256_new/g;
s/crypto_new_pk_env/crypto_pk_new/g;
s/crypto_create_crypto_env/crypto_cipher_new/g;
s/connection_create_listener/connection_listener_new/g;
s/smartlist_create/smartlist_new/g;
s/transport_create/transport_new/g;
| Nick Mathewson | 2012-01-18 |
| * | | Convert instances of tor_malloc+tor_snprintf into tor_asprintf•••These were found by looking for tor_snprintf() instances that were
preceeded closely by tor_malloc(), though I probably converted some
more snprintfs as well.
(In every case, make sure that the length variable (if any) is
removed, renamed, or lowered, so that anything else that might have
assumed a longer buffer doesn't exist.)
| Nick Mathewson | 2012-01-16 |
| * | | Convert instances of tor_snprintf+strdup into tor_asprintf•••These were found by looking for tor_snprintf() instances that were
followed closely by tor_strdup(), though I probably converted some
other snprintfs as well.
| Nick Mathewson | 2012-01-16 |