| Commit message (Expand) | Author | Age |
|---|
| * | Add and use and unlikely-to-be-eliminated memwipe()•••Apparently some compilers like to eliminate memset() operations on
data that's about to go out-of-scope. I've gone with the safest
possible replacement, which might be a bit slow. I don't think this
is critical path in any way that will affect performance, but if it
is, we can work on that in 0.2.4.
Fixes bug 7352.
| Nick Mathewson | 2012-11-08 |
| * | Triage the XXX023 and XXX022 comments: postpone many. | Nick Mathewson | 2012-06-15 |
| * | Update copyright dates to 2012; add a few missing copyright statements | Nick Mathewson | 2012-06-04 |
| * | Don't cannibalize already cannibalized circuits•••This ensures we don't build circuits that have 5 hops or more. Patch
contributed by wanoskarnet, thanks!
| Sebastian Hahn | 2012-02-25 |
| * | Rename nonconformant identifiers.•••Fixes bug 4893.
These changes are pure mechanical, and were generated with this
perl script:
/usr/bin/perl -w -i.bak -p
s/crypto_pk_env_t/crypto_pk_t/g;
s/crypto_dh_env_t/crypto_dh_t/g;
s/crypto_cipher_env_t/crypto_cipher_t/g;
s/crypto_digest_env_t/crypto_digest_t/g;
s/aes_free_cipher/aes_cipher_free/g;
s/crypto_free_cipher_env/crypto_cipher_free/g;
s/crypto_free_digest_env/crypto_digest_free/g;
s/crypto_free_pk_env/crypto_pk_free/g;
s/_crypto_dh_env_get_dh/_crypto_dh_get_dh/g;
s/_crypto_new_pk_env_rsa/_crypto_new_pk_from_rsa/g;
s/_crypto_pk_env_get_evp_pkey/_crypto_pk_get_evp_pkey/g;
s/_crypto_pk_env_get_rsa/_crypto_pk_get_rsa/g;
s/crypto_new_cipher_env/crypto_cipher_new/g;
s/crypto_new_digest_env/crypto_digest_new/g;
s/crypto_new_digest256_env/crypto_digest256_new/g;
s/crypto_new_pk_env/crypto_pk_new/g;
s/crypto_create_crypto_env/crypto_cipher_new/g;
s/connection_create_listener/connection_listener_new/g;
s/smartlist_create/smartlist_new/g;
s/transport_create/transport_new/g;
| Nick Mathewson | 2012-01-18 |
| * | Don't remove rend cpath element from relaunched service-side rend circs•••Fixes bug 4842, not in any release.
| Robert Ransom | 2012-01-06 |
| * | Merge remote-tracking branch 'rransom-tor/bug1297b-v2' | Nick Mathewson | 2012-01-04 |
| |\ |
|
| | * | Look up the rend circ whose INTRODUCE1 is being ACKed correctly•••This change cannibalizes circuit_get_by_rend_query_and_purpose because it
had exactly one caller.
| Robert Ransom | 2011-12-22 |
| * | | Don't exit when marking a newly created _C_INTRODUCING circ for close | Robert Ransom | 2011-12-28 |
| * | | Report HS circ states stored in circ purpose field in CIRC events | Robert Ransom | 2011-11-24 |
| |/ |
|
| * | Merge remote-tracking branch 'rransom-tor/bug3825c' | Nick Mathewson | 2011-10-23 |
| |\ |
|
| | * | Check for intro circ timeouts properly•••Previously, we would treat an intro circuit failure as a timeout iff the
circuit failed due to a mismatch in relay identity keys. (Due to a bug
elsewhere, we only recognize relay identity-key mismatches on the first
hop, so this isn't as bad as it could have been.)
Bugfix on commit eaed37d14c6e1dc93a392f62ef2e501f75e4878a, not yet in any
release.
| Robert Ransom | 2011-10-12 |
| * | | Merge remote-tracking branch 'rransom-tor/bug3335-v2'•••Conflicts:
src/or/connection_edge.c
src/or/rendclient.c
| Nick Mathewson | 2011-10-03 |
| |\| |
|
| | * | Detect and remove unreachable intro points | Robert Ransom | 2011-10-02 |
| | * | Record intro point timeouts in rend_intro_point_t | Robert Ransom | 2011-10-02 |
| * | | Clear socks auth fields before free | Nick Mathewson | 2011-08-05 |
| * | | Do not cannibalize a circuit with isolation values set. | Nick Mathewson | 2011-07-20 |
| * | | Take a smarter approach to clearing isolation info•••Back when I added this logic in 20c0581a79, the rule was that whenever
a circuit finished building, we cleared its isolation info. I did that
so that we would still use the circuit even if all the streams that
had previously led us to tentatively set its isolation info had closed.
But there were problems with that approach: We could pretty easily get
into a case where S1 had led us to launch C1 and S2 had led us to
launch C2, but when C1 finished, we cleared its isolation and attached
S2 first. Since C2 was still marked in a way that made S1
unattachable to it, we'd then launch another circuit needlessly.
So instead, we try the following approach now: when a circuit is done
building, we try to attach streams to it. If it remains unused after
we try attaching streams, then we clear its isolation info, and try
again to attach streams.
Thanks to Sebastian for helping me figure this out.
| Nick Mathewson | 2011-07-19 |
| * | | Use socks username/password information in stream isolation | Nick Mathewson | 2011-07-19 |
| * | | Launch sufficient circuits to satisfy pending isolated streams•••Our old "do we need to launch a circuit for stream S" logic was,
more or less, that if we had a pending circuit that could handle S,
we didn't need to launch a new one.
But now that we have streams isolated from one another, we need
something stronger here: It's possible that some pending C can
handle either S1 or S2, but not both.
This patch reuses the existing isolation logic for a simple
solution: when we decide during circuit launching that some pending
C would satisfy stream S1, we "hypothetically" mark C as though S1
had been connected to it. Now if S2 is incompatible with S1, it
won't be something that can attach to C, and so we'll launch a new
stream.
When the circuit becomes OPEN for the first time (with no streams
attached to it), we reset the circuit's isolation status. I'm not
too sure about this part: I wanted some way to be sure that, if all
streams that would have used a circuit die before the circuit is
done, the circuit can still get used. But I worry that this
approach could also lead to us launching too many circuits. Careful
thought needed here.
| Nick Mathewson | 2011-07-19 |
| * | | (Unused) backend logic for stream isolation•••This patch adds fields to track how streams should be isolated, and
ensures that those fields are set correctly. It also adds fields to
track what streams can go on a circuit, and adds functions to see
whether a streams can go on a circuit and update the circuit
accordingly. Those functions aren't yet called.
| Nick Mathewson | 2011-07-19 |
| * | | Merge branch 'bug3465-022' into bug3465-023•••* bug3465-022:
Add BUILDTIMEOUT_SET to the result of GETINFO events/names
Correct a comment
Fix minor comment issues
| Robert Ransom | 2011-06-25 |
| |\| |
|
| | * | Correct a comment | Robert Ransom | 2011-06-24 |
| * | | Make the get_options() return const•••This lets us make a lot of other stuff const, allows the compiler to
generate (slightly) better code, and will make me get slightly fewer
patches from folks who stick mutable stuff into or_options_t.
const: because not every input is an output!
| Nick Mathewson | 2011-06-14 |
| * | | Merge remote-tracking branch 'origin/maint-0.2.2' | Nick Mathewson | 2011-06-14 |
| |\| |
|
| | * | Comment out some obviously dead code.•••Coverity warned about it, it's harmless to comment out.
| Sebastian Hahn | 2011-06-08 |
| * | | Merge remote-tracking branch 'origin/maint-0.2.2'•••The conflicts were mainly caused by the routerinfo->node transition.
Conflicts:
src/or/circuitbuild.c
src/or/command.c
src/or/connection_edge.c
src/or/directory.c
src/or/dirserv.c
src/or/relay.c
src/or/rendservice.c
src/or/routerlist.c
| Nick Mathewson | 2011-05-30 |
| |\| |
|
| | * | Log descriptions of nodes, not just nicknames.•••This patch introduces a few new functions in router.c to produce a
more helpful description of a node than its nickame, and then tweaks
nearly all log messages taking a nickname as an argument to call these
functions instead.
There are a few cases where I left the old log messages alone: in
these cases, the nickname was that of an authority (whose nicknames
are useful and unique), or the message already included an identity
and/or an address. I might have missed a couple more too.
This is a fix for bug 3045.
| Nick Mathewson | 2011-05-15 |
| * | | Merge remote-tracking branch 'public/bug3122_memcmp_022' into bug3122_memcmp_023•••Conflicts in various places, mainly node-related. Resolved them in
favor of HEAD, with copying of tor_mem* operations from bug3122_memcmp_022.
src/common/Makefile.am
src/or/circuitlist.c
src/or/connection_edge.c
src/or/directory.c
src/or/microdesc.c
src/or/networkstatus.c
src/or/router.c
src/or/routerlist.c
src/test/test_util.c
| Nick Mathewson | 2011-05-11 |
| |\| |
|
| | * | Merge remote-tracking branch 'public/3122_memcmp_squashed' into bug3122_memcm...•••Conflicts throughout. All resolved in favor of taking HEAD and
adding tor_mem* or fast_mem* ops as appropriate.
src/common/Makefile.am
src/or/circuitbuild.c
src/or/directory.c
src/or/dirserv.c
src/or/dirvote.c
src/or/networkstatus.c
src/or/rendclient.c
src/or/rendservice.c
src/or/router.c
src/or/routerlist.c
src/or/routerparse.c
src/or/test.c
| Nick Mathewson | 2011-05-11 |
| | |\ |
|
| | | * | Hand-conversion and audit phase of memcmp transition•••Here I looked at the results of the automated conversion and cleaned
them up as follows:
If there was a tor_memcmp or tor_memeq that was in fact "safe"[*] I
changed it to a fast_memcmp or fast_memeq.
Otherwise if there was a tor_memcmp that could turn into a
tor_memneq or tor_memeq, I converted it.
This wants close attention.
[*] I'm erring on the side of caution here, and leaving some things
as tor_memcmp that could in my opinion use the data-dependent
fast_memcmp variant.
| Nick Mathewson | 2011-05-11 |
| | | * | Automated conversion of memcmp to tor_memcmp/tor_mem[n]eq•••This commit is _exactly_ the result of
perl -i -pe 's/\bmemcmp\(/tor_memcmp\(/g' src/*/*.[ch]
perl -i -pe 's/\!\s*tor_memcmp\(/tor_memeq\(/g' src/*/*.[ch]
perl -i -pe 's/0\s*==\s*tor_memcmp\(/tor_memeq\(/g' src/*/*.[ch]
perl -i -pe 's/0\s*!=\s*tor_memcmp\(/tor_memneq\(/g' src/*/*.[ch]
git checkout src/common/di_ops.[ch]
git checkout src/or/test.c
git checkout src/common/test.h
| Nick Mathewson | 2011-05-11 |
| * | | | Merge maint-0.2.2 for the bug1090-part1-squashed branch•••Resolved conflicts in:
doc/tor.1.txt
src/or/circuitbuild.c
src/or/circuituse.c
src/or/connection_edge.c
src/or/connection_edge.h
src/or/directory.c
src/or/rendclient.c
src/or/routerlist.c
src/or/routerlist.h
These were mostly releated to the routerinfo_t->node_t conversion.
| Nick Mathewson | 2011-04-27 |
| |\| | |
|
| | * | | Add a circuit_purpose_to_string() function, and use it•••We had a circuit_purpose_to_controller_string() function, but it was
pretty coarse-grained and didn't try to be human-readable.
| Nick Mathewson | 2011-04-27 |
| | * | | When cannibalizing a circuit, make sure it has no ExcludeNodes on it•••This could happen if StrictNodes was 0 and we were forced to pick an
excluded node as the last hop of the circuit.
| Nick Mathewson | 2011-04-26 |
| | * | | Note a slightly less likely way to violate ExcludeNodes | Nick Mathewson | 2011-04-26 |
| * | | | Merge remote-tracking branch 'origin/maint-0.2.2'•••Conflicts:
src/common/address.c
src/common/compat_libevent.c
src/common/memarea.c
src/common/util.h
src/or/buffers.c
src/or/circuitbuild.c
src/or/circuituse.c
src/or/connection.c
src/or/directory.c
src/or/networkstatus.c
src/or/or.h
src/or/routerlist.c
| Nick Mathewson | 2011-04-07 |
| |\| | |
|
| | * | | Merge remote-tracking branch 'public/xxx_fixups' into maint-0.2.2•••Conflicts:
src/or/or.h
| Nick Mathewson | 2011-04-07 |
| | |\ \ |
|
| | | * | | Add XXX023s for our timestamp_dirty abuse. | Nick Mathewson | 2011-03-25 |
| * | | | | Merge remote-tracking branch 'origin/maint-0.2.2'•••Conflicts:
src/common/compat.h
src/or/circuitlist.c
src/or/circuituse.c
src/or/or.h
src/or/rephist.c
| Nick Mathewson | 2011-03-30 |
| |\| | | |
|
| | * | | | Use timevals, not time_t, when expiring circuits.•••We've got millisecond timers now, we might as well use them.
This change won't actually make circuits get expiered with microsecond
precision, since we only call the expiry functions once per second.
Still, it should avoid the situation where we have a circuit get
expired too early because of rounding.
A couple of the expiry functions now call tor_gettimeofday: this
should be cheap since we're only doing it once per second. If it gets
to be called more often, though, we should onsider having the current
time be an argument again.
| Nick Mathewson | 2011-03-30 |
| | |/ / |
|
| * | | | Merge branch 'maint-0.2.2' | Roger Dingledine | 2011-01-15 |
| |\| | |
|
| | * | | Sanity-check consensus param values•••We need to make sure that the worst thing that a weird consensus param
can do to us is to break our Tor (and only if the other Tors are
reliably broken in the same way) so that the majority of directory
authorities can't pull any attacks that are worse than the DoS that
they can trigger by simply shutting down.
One of these worse things was the cbtnummodes parameter, which could
lead to heap corruption on some systems if the value was sufficiently
large.
This commit fixes this particular issue and also introduces sanity
checking for all consensus parameters.
| Sebastian Hahn | 2011-01-15 |
| * | | | Merge remote branch 'origin/maint-0.2.2' | Nick Mathewson | 2011-01-03 |
| |\| | |
|
| | * | | Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2•••Conflicts:
src/common/test.h
src/or/test.c
| Nick Mathewson | 2011-01-03 |
| | |\| |
|
| | | * | Bump copyright statements to 2011 | Nick Mathewson | 2011-01-03 |
| * | | | Fix a documention issue in circuitlist.c | Nick Mathewson | 2010-10-15 |
| * | | | Fold timestamp_created into highres_created•••There's no reason to keep a time_t and a struct timeval to represent
the same value: highres_created.tv_sec was the same as timestamp_created.
This should save a few bytes per circuit.
| Nick Mathewson | 2010-10-15 |
| * | | | Initial conversion to use node_t throughout our codebase.•••A node_t is an abstraction over routerstatus_t, routerinfo_t, and
microdesc_t. It should try to present a consistent interface to all
of them. There should be a node_t for a server whenever there is
* A routerinfo_t for it in the routerlist
* A routerstatus_t in the current_consensus.
(note that a microdesc_t alone isn't enough to make a node_t exist,
since microdescriptors aren't usable on their own.)
There are three ways to get a node_t right now: looking it up by ID,
looking it up by nickname, and iterating over the whole list of
microdescriptors.
All (or nearly all) functions that are supposed to return "a router"
-- especially those used in building connections and circuits --
should return a node_t, not a routerinfo_t or a routerstatus_t.
A node_t should hold all the *mutable* flags about a node. This
patch moves the is_foo flags from routerinfo_t into node_t. The
flags in routerstatus_t remain, but they get set from the consensus
and should not change.
Some other highlights of this patch are:
* Looking up routerinfo and routerstatus by nickname is now
unified and based on the "look up a node by nickname" function.
This tries to look only at the values from current consensus,
and not get confused by the routerinfo_t->is_named flag, which
could get set for other weird reasons. This changes the
behavior of how authorities (when acting as clients) deal with
nodes that have been listed by nickname.
* I tried not to artificially increase the size of the diff here
by moving functions around. As a result, some functions that
now operate on nodes are now in the wrong file -- they should
get moved to nodelist.c once this refactoring settles down.
This moving should happen as part of a patch that moves
functions AND NOTHING ELSE.
* Some old code is now left around inside #if 0/1 blocks, and
should get removed once I've verified that I don't want it
sitting around to see how we used to do things.
There are still some unimplemented functions: these are flagged
with "UNIMPLEMENTED_NODELIST()." I'll work on filling in the
implementation here, piece by piece.
I wish this patch could have been smaller, but there did not seem to
be any piece of it that was independent from the rest. Moving flags
forces many functions that once returned routerinfo_t * to return
node_t *, which forces their friends to change, and so on.
| Nick Mathewson | 2010-10-01 |
| * | | | Try to make most routerinfo_t interfaces const | Nick Mathewson | 2010-10-01 |
| |/ / |
|