aboutsummaryrefslogtreecommitdiff
path: root/src/or/circuitlist.c
Commit message (Expand)AuthorAge
* Add and use and unlikely-to-be-eliminated memwipe()•••Apparently some compilers like to eliminate memset() operations on data that's about to go out-of-scope. I've gone with the safest possible replacement, which might be a bit slow. I don't think this is critical path in any way that will affect performance, but if it is, we can work on that in 0.2.4. Fixes bug 7352. Nick Mathewson2012-11-08
* Triage the XXX023 and XXX022 comments: postpone many.Nick Mathewson2012-06-15
* Update copyright dates to 2012; add a few missing copyright statementsNick Mathewson2012-06-04
* Don't cannibalize already cannibalized circuits•••This ensures we don't build circuits that have 5 hops or more. Patch contributed by wanoskarnet, thanks! Sebastian Hahn2012-02-25
* Rename nonconformant identifiers.•••Fixes bug 4893. These changes are pure mechanical, and were generated with this perl script: /usr/bin/perl -w -i.bak -p s/crypto_pk_env_t/crypto_pk_t/g; s/crypto_dh_env_t/crypto_dh_t/g; s/crypto_cipher_env_t/crypto_cipher_t/g; s/crypto_digest_env_t/crypto_digest_t/g; s/aes_free_cipher/aes_cipher_free/g; s/crypto_free_cipher_env/crypto_cipher_free/g; s/crypto_free_digest_env/crypto_digest_free/g; s/crypto_free_pk_env/crypto_pk_free/g; s/_crypto_dh_env_get_dh/_crypto_dh_get_dh/g; s/_crypto_new_pk_env_rsa/_crypto_new_pk_from_rsa/g; s/_crypto_pk_env_get_evp_pkey/_crypto_pk_get_evp_pkey/g; s/_crypto_pk_env_get_rsa/_crypto_pk_get_rsa/g; s/crypto_new_cipher_env/crypto_cipher_new/g; s/crypto_new_digest_env/crypto_digest_new/g; s/crypto_new_digest256_env/crypto_digest256_new/g; s/crypto_new_pk_env/crypto_pk_new/g; s/crypto_create_crypto_env/crypto_cipher_new/g; s/connection_create_listener/connection_listener_new/g; s/smartlist_create/smartlist_new/g; s/transport_create/transport_new/g; Nick Mathewson2012-01-18
* Don't remove rend cpath element from relaunched service-side rend circs•••Fixes bug 4842, not in any release. Robert Ransom2012-01-06
* Merge remote-tracking branch 'rransom-tor/bug1297b-v2'Nick Mathewson2012-01-04
|\
| * Look up the rend circ whose INTRODUCE1 is being ACKed correctly•••This change cannibalizes circuit_get_by_rend_query_and_purpose because it had exactly one caller. Robert Ransom2011-12-22
* | Don't exit when marking a newly created _C_INTRODUCING circ for closeRobert Ransom2011-12-28
* | Report HS circ states stored in circ purpose field in CIRC eventsRobert Ransom2011-11-24
|/
* Merge remote-tracking branch 'rransom-tor/bug3825c'Nick Mathewson2011-10-23
|\
| * Check for intro circ timeouts properly•••Previously, we would treat an intro circuit failure as a timeout iff the circuit failed due to a mismatch in relay identity keys. (Due to a bug elsewhere, we only recognize relay identity-key mismatches on the first hop, so this isn't as bad as it could have been.) Bugfix on commit eaed37d14c6e1dc93a392f62ef2e501f75e4878a, not yet in any release. Robert Ransom2011-10-12
* | Merge remote-tracking branch 'rransom-tor/bug3335-v2'•••Conflicts: src/or/connection_edge.c src/or/rendclient.c Nick Mathewson2011-10-03
|\|
| * Detect and remove unreachable intro pointsRobert Ransom2011-10-02
| * Record intro point timeouts in rend_intro_point_tRobert Ransom2011-10-02
* | Clear socks auth fields before freeNick Mathewson2011-08-05
* | Do not cannibalize a circuit with isolation values set.Nick Mathewson2011-07-20
* | Take a smarter approach to clearing isolation info•••Back when I added this logic in 20c0581a79, the rule was that whenever a circuit finished building, we cleared its isolation info. I did that so that we would still use the circuit even if all the streams that had previously led us to tentatively set its isolation info had closed. But there were problems with that approach: We could pretty easily get into a case where S1 had led us to launch C1 and S2 had led us to launch C2, but when C1 finished, we cleared its isolation and attached S2 first. Since C2 was still marked in a way that made S1 unattachable to it, we'd then launch another circuit needlessly. So instead, we try the following approach now: when a circuit is done building, we try to attach streams to it. If it remains unused after we try attaching streams, then we clear its isolation info, and try again to attach streams. Thanks to Sebastian for helping me figure this out. Nick Mathewson2011-07-19
* | Use socks username/password information in stream isolationNick Mathewson2011-07-19
* | Launch sufficient circuits to satisfy pending isolated streams•••Our old "do we need to launch a circuit for stream S" logic was, more or less, that if we had a pending circuit that could handle S, we didn't need to launch a new one. But now that we have streams isolated from one another, we need something stronger here: It's possible that some pending C can handle either S1 or S2, but not both. This patch reuses the existing isolation logic for a simple solution: when we decide during circuit launching that some pending C would satisfy stream S1, we "hypothetically" mark C as though S1 had been connected to it. Now if S2 is incompatible with S1, it won't be something that can attach to C, and so we'll launch a new stream. When the circuit becomes OPEN for the first time (with no streams attached to it), we reset the circuit's isolation status. I'm not too sure about this part: I wanted some way to be sure that, if all streams that would have used a circuit die before the circuit is done, the circuit can still get used. But I worry that this approach could also lead to us launching too many circuits. Careful thought needed here. Nick Mathewson2011-07-19
* | (Unused) backend logic for stream isolation•••This patch adds fields to track how streams should be isolated, and ensures that those fields are set correctly. It also adds fields to track what streams can go on a circuit, and adds functions to see whether a streams can go on a circuit and update the circuit accordingly. Those functions aren't yet called. Nick Mathewson2011-07-19
* | Merge branch 'bug3465-022' into bug3465-023•••* bug3465-022: Add BUILDTIMEOUT_SET to the result of GETINFO events/names Correct a comment Fix minor comment issues Robert Ransom2011-06-25
|\|
| * Correct a commentRobert Ransom2011-06-24
* | Make the get_options() return const•••This lets us make a lot of other stuff const, allows the compiler to generate (slightly) better code, and will make me get slightly fewer patches from folks who stick mutable stuff into or_options_t. const: because not every input is an output! Nick Mathewson2011-06-14
* | Merge remote-tracking branch 'origin/maint-0.2.2'Nick Mathewson2011-06-14
|\|
| * Comment out some obviously dead code.•••Coverity warned about it, it's harmless to comment out. Sebastian Hahn2011-06-08
* | Merge remote-tracking branch 'origin/maint-0.2.2'•••The conflicts were mainly caused by the routerinfo->node transition. Conflicts: src/or/circuitbuild.c src/or/command.c src/or/connection_edge.c src/or/directory.c src/or/dirserv.c src/or/relay.c src/or/rendservice.c src/or/routerlist.c Nick Mathewson2011-05-30
|\|
| * Log descriptions of nodes, not just nicknames.•••This patch introduces a few new functions in router.c to produce a more helpful description of a node than its nickame, and then tweaks nearly all log messages taking a nickname as an argument to call these functions instead. There are a few cases where I left the old log messages alone: in these cases, the nickname was that of an authority (whose nicknames are useful and unique), or the message already included an identity and/or an address. I might have missed a couple more too. This is a fix for bug 3045. Nick Mathewson2011-05-15
* | Merge remote-tracking branch 'public/bug3122_memcmp_022' into bug3122_memcmp_023•••Conflicts in various places, mainly node-related. Resolved them in favor of HEAD, with copying of tor_mem* operations from bug3122_memcmp_022. src/common/Makefile.am src/or/circuitlist.c src/or/connection_edge.c src/or/directory.c src/or/microdesc.c src/or/networkstatus.c src/or/router.c src/or/routerlist.c src/test/test_util.c Nick Mathewson2011-05-11
|\|
| * Merge remote-tracking branch 'public/3122_memcmp_squashed' into bug3122_memcm...•••Conflicts throughout. All resolved in favor of taking HEAD and adding tor_mem* or fast_mem* ops as appropriate. src/common/Makefile.am src/or/circuitbuild.c src/or/directory.c src/or/dirserv.c src/or/dirvote.c src/or/networkstatus.c src/or/rendclient.c src/or/rendservice.c src/or/router.c src/or/routerlist.c src/or/routerparse.c src/or/test.c Nick Mathewson2011-05-11
| |\
| | * Hand-conversion and audit phase of memcmp transition•••Here I looked at the results of the automated conversion and cleaned them up as follows: If there was a tor_memcmp or tor_memeq that was in fact "safe"[*] I changed it to a fast_memcmp or fast_memeq. Otherwise if there was a tor_memcmp that could turn into a tor_memneq or tor_memeq, I converted it. This wants close attention. [*] I'm erring on the side of caution here, and leaving some things as tor_memcmp that could in my opinion use the data-dependent fast_memcmp variant. Nick Mathewson2011-05-11
| | * Automated conversion of memcmp to tor_memcmp/tor_mem[n]eq•••This commit is _exactly_ the result of perl -i -pe 's/\bmemcmp\(/tor_memcmp\(/g' src/*/*.[ch] perl -i -pe 's/\!\s*tor_memcmp\(/tor_memeq\(/g' src/*/*.[ch] perl -i -pe 's/0\s*==\s*tor_memcmp\(/tor_memeq\(/g' src/*/*.[ch] perl -i -pe 's/0\s*!=\s*tor_memcmp\(/tor_memneq\(/g' src/*/*.[ch] git checkout src/common/di_ops.[ch] git checkout src/or/test.c git checkout src/common/test.h Nick Mathewson2011-05-11
* | | Merge maint-0.2.2 for the bug1090-part1-squashed branch•••Resolved conflicts in: doc/tor.1.txt src/or/circuitbuild.c src/or/circuituse.c src/or/connection_edge.c src/or/connection_edge.h src/or/directory.c src/or/rendclient.c src/or/routerlist.c src/or/routerlist.h These were mostly releated to the routerinfo_t->node_t conversion. Nick Mathewson2011-04-27
|\| |
| * | Add a circuit_purpose_to_string() function, and use it•••We had a circuit_purpose_to_controller_string() function, but it was pretty coarse-grained and didn't try to be human-readable. Nick Mathewson2011-04-27
| * | When cannibalizing a circuit, make sure it has no ExcludeNodes on it•••This could happen if StrictNodes was 0 and we were forced to pick an excluded node as the last hop of the circuit. Nick Mathewson2011-04-26
| * | Note a slightly less likely way to violate ExcludeNodesNick Mathewson2011-04-26
* | | Merge remote-tracking branch 'origin/maint-0.2.2'•••Conflicts: src/common/address.c src/common/compat_libevent.c src/common/memarea.c src/common/util.h src/or/buffers.c src/or/circuitbuild.c src/or/circuituse.c src/or/connection.c src/or/directory.c src/or/networkstatus.c src/or/or.h src/or/routerlist.c Nick Mathewson2011-04-07
|\| |
| * | Merge remote-tracking branch 'public/xxx_fixups' into maint-0.2.2•••Conflicts: src/or/or.h Nick Mathewson2011-04-07
| |\ \
| | * | Add XXX023s for our timestamp_dirty abuse.Nick Mathewson2011-03-25
* | | | Merge remote-tracking branch 'origin/maint-0.2.2'•••Conflicts: src/common/compat.h src/or/circuitlist.c src/or/circuituse.c src/or/or.h src/or/rephist.c Nick Mathewson2011-03-30
|\| | |
| * | | Use timevals, not time_t, when expiring circuits.•••We've got millisecond timers now, we might as well use them. This change won't actually make circuits get expiered with microsecond precision, since we only call the expiry functions once per second. Still, it should avoid the situation where we have a circuit get expired too early because of rounding. A couple of the expiry functions now call tor_gettimeofday: this should be cheap since we're only doing it once per second. If it gets to be called more often, though, we should onsider having the current time be an argument again. Nick Mathewson2011-03-30
| |/ /
* | | Merge branch 'maint-0.2.2'Roger Dingledine2011-01-15
|\| |
| * | Sanity-check consensus param values•••We need to make sure that the worst thing that a weird consensus param can do to us is to break our Tor (and only if the other Tors are reliably broken in the same way) so that the majority of directory authorities can't pull any attacks that are worse than the DoS that they can trigger by simply shutting down. One of these worse things was the cbtnummodes parameter, which could lead to heap corruption on some systems if the value was sufficiently large. This commit fixes this particular issue and also introduces sanity checking for all consensus parameters. Sebastian Hahn2011-01-15
* | | Merge remote branch 'origin/maint-0.2.2'Nick Mathewson2011-01-03
|\| |
| * | Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2•••Conflicts: src/common/test.h src/or/test.c Nick Mathewson2011-01-03
| |\|
| | * Bump copyright statements to 2011Nick Mathewson2011-01-03
* | | Fix a documention issue in circuitlist.cNick Mathewson2010-10-15
* | | Fold timestamp_created into highres_created•••There's no reason to keep a time_t and a struct timeval to represent the same value: highres_created.tv_sec was the same as timestamp_created. This should save a few bytes per circuit. Nick Mathewson2010-10-15
* | | Initial conversion to use node_t throughout our codebase.•••A node_t is an abstraction over routerstatus_t, routerinfo_t, and microdesc_t. It should try to present a consistent interface to all of them. There should be a node_t for a server whenever there is * A routerinfo_t for it in the routerlist * A routerstatus_t in the current_consensus. (note that a microdesc_t alone isn't enough to make a node_t exist, since microdescriptors aren't usable on their own.) There are three ways to get a node_t right now: looking it up by ID, looking it up by nickname, and iterating over the whole list of microdescriptors. All (or nearly all) functions that are supposed to return "a router" -- especially those used in building connections and circuits -- should return a node_t, not a routerinfo_t or a routerstatus_t. A node_t should hold all the *mutable* flags about a node. This patch moves the is_foo flags from routerinfo_t into node_t. The flags in routerstatus_t remain, but they get set from the consensus and should not change. Some other highlights of this patch are: * Looking up routerinfo and routerstatus by nickname is now unified and based on the "look up a node by nickname" function. This tries to look only at the values from current consensus, and not get confused by the routerinfo_t->is_named flag, which could get set for other weird reasons. This changes the behavior of how authorities (when acting as clients) deal with nodes that have been listed by nickname. * I tried not to artificially increase the size of the diff here by moving functions around. As a result, some functions that now operate on nodes are now in the wrong file -- they should get moved to nodelist.c once this refactoring settles down. This moving should happen as part of a patch that moves functions AND NOTHING ELSE. * Some old code is now left around inside #if 0/1 blocks, and should get removed once I've verified that I don't want it sitting around to see how we used to do things. There are still some unimplemented functions: these are flagged with "UNIMPLEMENTED_NODELIST()." I'll work on filling in the implementation here, piece by piece. I wish this patch could have been smaller, but there did not seem to be any piece of it that was independent from the rest. Moving flags forces many functions that once returned routerinfo_t * to return node_t *, which forces their friends to change, and so on. Nick Mathewson2010-10-01
* | | Try to make most routerinfo_t interfaces constNick Mathewson2010-10-01
|/ /