| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
| |
skewed-descriptor messages better.
svn:r4047
|
| |
|
|
| |
svn:r4023
|
| |
|
|
|
|
| |
splay tree of (circid,orconn)->circuit mappings to make circuit_get_by_circid_conn much faster.
svn:r4020
|
| |
|
|
|
|
| |
called on a marked connection; rename it to connection_mark_unattached_ap.
svn:r3990
|
| |
|
|
| |
svn:r3982
|
| |
|
|
| |
svn:r3967
|
| |
|
|
|
|
|
| |
running at least 0.0.9.7
svn:r3966
|
| |
|
|
| |
svn:r3942
|
| |
|
|
|
|
|
|
|
| |
when building testing circs for orport testing, require high-bandwidth
nodes, so fewer circs fail. complain about unreachable orport separately
from unreachable dirport.
svn:r3935
|
| |
|
|
|
|
|
| |
we didn't initiate the conn.
svn:r3932
|
| |
|
|
| |
svn:r3900
|
| |
|
|
|
|
|
|
| |
the socks reject. audit for remaining ones. also make things more
uniform so we always remember to hold-open-until-flushed, etc.
svn:r3891
|
| |
|
|
|
|
|
| |
of uptime.
svn:r3884
|
| |
|
|
|
|
|
|
| |
its reachability. tell him when it succeeds, or when 20
minutes pass and it hasn't succeeded yet.
svn:r3882
|
| |
|
|
|
|
| |
cpaths from freed ones. I audited this once; it could use another audit.
svn:r3831
|
| |
|
|
|
|
|
| |
a path for the circuit fails.
svn:r3822
|
| |
|
|
| |
svn:r3798
|
| |
|
|
|
|
|
|
| |
Also refactor circuit building so we plan the whole path ahead
of time.
svn:r3797
|
| |
|
|
|
|
|
| |
has gone wrong with our network and abandon all not-yet-used circs.
svn:r3792
|
| |
|
|
|
|
|
| |
gets processed
svn:r3791
|
| |
|
|
|
|
| |
address our "Ah, you allow 1.2.3.4:80. You are a good choice for google.com" problem.
svn:r3786
|
| |
|
|
|
|
|
|
| |
also, consider your ORPort reachable after you've processed a
create cell from any non-local address.
svn:r3763
|
| |
|
|
| |
svn:r3757
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Add 'testing' circuit purpose, for reachability testing.
Notice when our IP changes, and reset stats.
Try to pull down a directory via Tor to see if our DirPort is working.
Try to extend a circuit back to us to see if our ORPort is working.
Only publish a descriptor if they're both reachable.
These mostly work, and I'd better get them in before I cause conflicts.
svn:r3703
|
| |
|
|
| |
svn:r3656
|
| |
|
|
| |
svn:r3629
|
| |
|
|
|
|
|
|
| |
something goes wrong. this should only be used by people actively
tracking bugs.
svn:r3487
|
| |
|
|
|
|
|
|
| |
streams. consolidate the looking into one function so it doesn't
happen again.
svn:r3372
|
| |
|
|
| |
svn:r3361
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
to the exit policy of the last hop. Intro and rendezvous circs must
be internal circs, to avoid leaking information. Resolve and connect
streams can use internal circs if they want.
New circuit pooling algorithm: make sure to have enough circs around
to satisfy any predicted ports, and also make sure to have 2 internal
circs around if we've required internal circs lately (with high uptime
if we've seen that lately).
Split NewCircuitPeriod config option into NewCircuitPeriod (30 secs),
which describes how often we retry making new circuits if current ones
are dirty, and MaxCircuitDirtiness (10 mins), which describes how long
we're willing to make use of an already-dirty circuit.
Once rendezvous circuits are established, keep using the same circuit as
long as you attach a new stream to it at least every 10 minutes. (So web
browsing doesn't require you to build new rend circs every 30 seconds.)
Cannibalize GENERAL circs to be C_REND, C_INTRO, S_INTRO, and S_REND
circ as necessary, if there are any completed ones lying around when
we try to launch one.
Re-instate the ifdef's to use version-0 style introduce cells, since
there was yet another bug in handling version-1 style. We'll try switching
over again after 0.0.9 is obsolete.
Bugfix: when choosing an exit node for a new non-internal circ, don't take
into account whether it'll be useful for any pending x.onion addresses --
it won't.
Bugfix: we weren't actually publishing the hidden service descriptor when
it became dirty. So we only published it every 20 minutes or so, which
means when you first start your Tor, the hidden service will seem broken.
svn:r3360
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
high capacity nodes. When building circuits, choose appropriate nodes.
New config option LongLivedPorts to indicate application streams
that will want high uptime circuits.
When attaching a stream to a circuit, pay attention to its requirements.
This means that every single node in an intro rend circuit, not just
the last one, will have a minimum uptime.
Boost the min uptime from an hour to 24 hours.
svn:r3339
|
| |
|
|
|
|
|
|
| |
if we're an OR we were listing circuits that *end* at us as
being pending on every listener, dns/cpu worker, etc. Stop that.
svn:r3171
|
| |
|
|
|
|
|
|
|
| |
make it clearer which warns are bugs,
make the control log event match its specification,
point out a bug in how we deal with failure when renewing the tls context.
svn:r3138
|
| |
|
|
|
|
|
|
|
| |
Stop treating the uint16_t's as null-terminated strings,
and stop looking at the byte after them to see if it's null,
because sometimes you're not allowed to look there.
svn:r3108
|
| |
|
|
| |
svn:r3107
|
| |
|
|
| |
svn:r3105
|
| |
|
|
| |
svn:r3103
|
| |
|
|
| |
svn:r3081
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
the past 6 hours, and always try to have 2 circuits open or on the way
that will handle each such port. (We can extend this to include addresses
if exit policies shift to require that.) Seed us with port 80 so web
browsers won't complain that Tor is "slow to start up".
This was necessary because our old circuit building strategy just involved
counting circuits, and as time went by we would build up a big pile of
circuits that had peculiar exit policies (e.g. only exit to 9001-9100)
which would take up space in the circuit pile but never get used.
Fix router_compare_addr_to_addr_policy: it was not treating a port of *
as always matching, so we were picking reject *:* nodes as exit nodes too.
If you haven't used a clean circuit in an hour, throw it away, just to
be on the safe side.
This means after 6 hours a totally unused Tor client will have no
circuits open.
svn:r3078
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
waiting for its connected cell, we were calculating time from when the
ap_conn was created. So if it waited say 20 seconds before being attached,
then we would immediately decide that the circuit had timed out.
Also, make circuit_dump_by_conn() display actual circuit progress,
including circuits that haven't been attached to the conn yet but
hope to when it finishes connecting.
svn:r3072
|
| |
|
|
| |
svn:r3068
|
| |
|
|
| |
svn:r3046
|
| |
|
|
|
|
| |
every file.
svn:r3019
|
| |
|
|
|
|
|
| |
totally unacceptable to me.
svn:r3005
|
| |
|
|
| |
svn:r3003
|
| |
|
|
| |
svn:r2989
|
| |
|
|
|
|
|
| |
have to know how."
svn:r2948
|
| |
|
|
|
|
| |
reimplement circuit_log_cpath using circuit_list_cpath).
svn:r2946
|
| |
|
|
|
|
|
|
| |
this may have some bugs in it still.
and it may end up not being what we want to do.
svn:r2928
|
| |
|
|
| |
svn:r2904
|