aboutsummaryrefslogtreecommitdiff
path: root/src/or/circuituse.c
Commit message (Expand)AuthorAge
* Make begindir_cutoff the same as general_cutoff•••Allow one-hop directory fetching circuits the full "circuit build timeout" period, rather than just half of it, before failing them and marking the relay down. This fix should help reduce cases where clients declare relays (or worse, bridges) unreachable because the TLS handshake takes a few seconds to complete. Fixes bug 6743 (one piece of bug 3443); bugfix on 0.2.2.2-alpha, where we changed the timeout from a static 30 seconds. Roger Dingledine2012-09-01
* Triage the XXX023 and XXX022 comments: postpone many.Nick Mathewson2012-06-15
* Don't poll to see if we need to build circuits for timeout data if LearnCircu...Andrea Shepard2012-06-13
* Update copyright dates to 2012; add a few missing copyright statementsNick Mathewson2012-06-04
* Merge remote-tracking branch 'origin/maint-0.2.2'Nick Mathewson2012-05-31
|\
| * Make all begindir or one-hop circuits internal•••This solves bug 5283, where client traffic could get sent over the same circuit as an anonymized connection to a directory, even if that circuit used an exit node unsuitable for clients. By marking the directory connection as needs_internal, we ensure that the (non-internal!) client-traffic connection won't be sent over the same circuit. Nick Mathewson2012-05-31
* | Don't crash when HS circs which have not yet found an OR conn time out•••Fixes bug #4897, not yet in any release. Using n_circ_id alone here (and below, when n_conn is NULL) really sucks, but that's a separate bug which will need a changes/ file. Robert Ransom2012-01-12
* | Merge branch 'feature3457-v4-nm-squashed'•••Conflicts: src/or/rendclient.c Nick Mathewson2012-01-11
|\ \
| * | Add clarity/typesafety wrappers for control_event_circuit_status_minorNick Mathewson2012-01-11
| * | Rename CIRC2 to CIRC_MINOR•••Also give the arguments to control_event_circuit_status_minor real names. Nick Mathewson2012-01-11
| * | Send CIRC2 event when a circuit is cannibalizedRobert Ransom2011-11-24
| * | Add CIRC2 control-port event, and send it when a circ's purpose changesRobert Ransom2011-11-24
| * | Log whenever a circuit's purpose is changedRobert Ransom2011-11-24
* | | Add an option to close HS service-side rend circs on timeoutRobert Ransom2011-12-27
* | | Don't close HS service-side rend circs on timeoutRobert Ransom2011-12-27
* | | Add an option to close 'almost-connected' HS client circs on timeoutRobert Ransom2011-12-27
* | | Don't close HS client circs which are 'almost connected' on timeoutRobert Ransom2011-12-27
* | | Refactor stream attachment in circuit_has_opened•••Put the 'try attaching streams, clear isolation state if possible, retry attaching streams' loop in its own separate function, where it belongs. Robert Ransom2011-12-09
* | | Add comment about bug4651 fixNick Mathewson2011-12-05
* | | Don't send two ESTABLISH_RENDEZVOUS cells when opening a new rend circRobert Ransom2011-12-03
* | | Merge branch 'feature2553-v4-rebased'Nick Mathewson2011-11-30
|\ \ \
| * | | Use single-hop intro and rend circuits when in tor2web modeRobert Ransom2011-11-30
| |/ /
* | | Merge branch 'bug933_nm_rebased_v2'•••Conflicts: src/test/test.c Nick Mathewson2011-11-30
|\ \ \
| * | | Add some post-comma spaces to please arma•••Incidentally, we've got 30969 lines in master with a comma in them, of which 1995 have a comma followed by a non-newline, non-space character. So about 93% of our commas are right, but we have a substantial number of "crowded" lines. Nick Mathewson2011-11-30
| * | | Refactor addressmap_match_superdomains and representation of wildcards•••In this new representation for wildcarded addresses, there are no longer any 'magic addresses': rather, "a.b c.d", "*.a.b c.d" and "*.a.b *.c.d" are all represented by a mapping from "a.b" to "c.d". we now distinguish them by setting bits in the addressmap_entry_t structure, where src_wildcard is set if the source address had a wildcard, and dst_wildcard is set if the target address had a wildcard. This lets the case where "*.a.b *.c.d" or "*.a.b c.d" remap the address "a.b" get handled trivially, and lets us simplify and improve the addressmap_match_superdomains implementation: we can now have it run in O(parts of address) rather than O(entries in addressmap). Nick Mathewson2011-11-30
* | | | First chunk of support for bridges on IPv6•••Comments below focus on changes, see diff for added code. New type tor_addr_port_t holding an IP address and a TCP/UDP port. New flag in routerinfo_t, ipv6_preferred. This should go in the node_t instead but not now. Replace node_get_addr() with - node_get_prim_addr() for primary address, i.e. IPv4 for now - node_get_pref_addr() for preferred address, IPv4 or IPv6. Rename node_get_addr_ipv4h() node_get_prim_addr_ipv4h() for consistency. The primary address will not allways be an IPv4 address. Same for node_get_orport() -> node_get_prim_orport(). Rewrite node_is_a_configured_bridge() to take all OR ports into account. Extend argument list to extend_info_from_node and extend_info_from_router with a flag indicating if we want to use the routers primary address or the preferred address. Use the preferred address in as few situtations as possible for allowing clients to connect to bridges over IPv6. Linus Nordberg2011-11-30
| |/ / |/| |
* | | Fix names of functions that convert strings to addrs•••Now let's have "lookup" indicate that there can be a hostname resolution, and "parse" indicate that there wasn't. Previously, we had one "lookup" function that did resolution; four "parse" functions, half of which did resolution; and a "from_str()" function that didn't do resolution. That's confusing and error-prone! The code changes in this commit are exactly the result of this perl script, run under "perl -p -i.bak" : s/tor_addr_port_parse/tor_addr_port_lookup/g; s/parse_addr_port(?=[^_])/addr_port_lookup/g; s/tor_addr_from_str/tor_addr_parse/g; This patch leaves aton and pton alone: their naming convention and behavior is is determined by the sockets API. More renaming may be needed. Nick Mathewson2011-10-11
* | | Fix compilation of 3335 and 3825 fixes•••In master, they ran into problems with the edge_conn/entry_conn split. Nick Mathewson2011-10-03
* | | Merge remote-tracking branch 'rransom-tor/bug3335-v2'•••Conflicts: src/or/connection_edge.c src/or/rendclient.c Nick Mathewson2011-10-03
|\ \ \ | |/ / |/| |
| * | Clear the timed_out flag when an HS connection attempt endsRobert Ransom2011-10-02
| |/
* | Move entry-only fields from edge_connection_t to entry_connection_t•••Also, refactor the code accordingly. Nick Mathewson2011-07-21
* | remember our future plan for bug 3617•••(that is, to change the default for "UseOptimisticData auto" to 1 once we are more convinced that it works correctly.) Roger Dingledine2011-07-21
* | Add another precondition for isolation-clearing; fix 3620Nick Mathewson2011-07-20
* | For accuracy, s/exit_allows_optimistic_data/may_use_optimistic_data/Nick Mathewson2011-07-20
* | Add an OptimisticData option to control client-side optimistic dataNick Mathewson2011-07-20
* | Merge branch 'optimistic-client'•••The conflicts are with the proposal 171 circuit isolation code, and they're all trivial: they're just a matter of both branches adding some unrelated code in the same places. Conflicts: src/or/circuituse.c src/or/connection.c Nick Mathewson2011-07-20
|\ \
| * | Only use optimistic data with exits that support it•••This adds a little code complexity: we need to remember for each node whether it supports the right feature, and then check for each connection whether it's exiting at such a node. We store this in a flag in the edge_connection_t, and set that flag at link time. Nick Mathewson2011-07-18
* | | Take a smarter approach to clearing isolation info•••Back when I added this logic in 20c0581a79, the rule was that whenever a circuit finished building, we cleared its isolation info. I did that so that we would still use the circuit even if all the streams that had previously led us to tentatively set its isolation info had closed. But there were problems with that approach: We could pretty easily get into a case where S1 had led us to launch C1 and S2 had led us to launch C2, but when C1 finished, we cleared its isolation and attached S2 first. Since C2 was still marked in a way that made S1 unattachable to it, we'd then launch another circuit needlessly. So instead, we try the following approach now: when a circuit is done building, we try to attach streams to it. If it remains unused after we try attaching streams, then we clear its isolation info, and try again to attach streams. Thanks to Sebastian for helping me figure this out. Nick Mathewson2011-07-19
* | | Add an option to limit the number of non-open client circuits.•••This is mainly meant as a way to keep clients from accidentally DOSing themselves by (e.g.) enabling IsolateDestAddr or IsolateDestPort on a port that they use for HTTP. Nick Mathewson2011-07-19
* | | Launch sufficient circuits to satisfy pending isolated streams•••Our old "do we need to launch a circuit for stream S" logic was, more or less, that if we had a pending circuit that could handle S, we didn't need to launch a new one. But now that we have streams isolated from one another, we need something stronger here: It's possible that some pending C can handle either S1 or S2, but not both. This patch reuses the existing isolation logic for a simple solution: when we decide during circuit launching that some pending C would satisfy stream S1, we "hypothetically" mark C as though S1 had been connected to it. Now if S2 is incompatible with S1, it won't be something that can attach to C, and so we'll launch a new stream. When the circuit becomes OPEN for the first time (with no streams attached to it), we reset the circuit's isolation status. I'm not too sure about this part: I wanted some way to be sure that, if all streams that would have used a circuit die before the circuit is done, the circuit can still get used. But I worry that this approach could also lead to us launching too many circuits. Careful thought needed here. Nick Mathewson2011-07-19
* | | Implement stream isolation•••This is the meat of proposal 171: we change circuit_is_acceptable() to require that the connection is compatible with every connection that has been linked to the circuit; we update circuit_is_better to prefer attaching streams to circuits in the way that decreases the circuits' usefulness the least; and we update link_apconn_to_circ() to do the appropriate bookkeeping. Nick Mathewson2011-07-19
* | | Const-ify a few functionsNick Mathewson2011-07-19
|/ /
* | Remove compare_addr_to_node_policy•••Instead, use compare_tor_addr_to_node_policy everywhere. One advantage of this is that compare_tor_addr_to_node_policy can better distinguish 0.0.0.0 from "unknown", which caused a nasty bug with microdesc users. Nick Mathewson2011-07-15
* | Merge remote-tracking branch 'origin/maint-0.2.2'Nick Mathewson2011-06-17
|\|
| * Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2Nick Mathewson2011-06-17
| |\
| | * Abandon rendezvous circuits on SIGNAL NEWNYMRobert Ransom2011-06-17
* | | Make the get_options() return const•••This lets us make a lot of other stuff const, allows the compiler to generate (slightly) better code, and will make me get slightly fewer patches from folks who stick mutable stuff into or_options_t. const: because not every input is an output! Nick Mathewson2011-06-14
* | | Merge remote-tracking branch 'origin/maint-0.2.2'•••The conflicts were mainly caused by the routerinfo->node transition. Conflicts: src/or/circuitbuild.c src/or/command.c src/or/connection_edge.c src/or/directory.c src/or/dirserv.c src/or/relay.c src/or/rendservice.c src/or/routerlist.c Nick Mathewson2011-05-30
|\| |
| * | Merge branch 'bug3045' into maint-0.2.2•••Conflicts: src/or/circuitbuild.c Nick Mathewson2011-05-30
| |\ \
| | * | Log descriptions of nodes, not just nicknames.•••This patch introduces a few new functions in router.c to produce a more helpful description of a node than its nickame, and then tweaks nearly all log messages taking a nickname as an argument to call these functions instead. There are a few cases where I left the old log messages alone: in these cases, the nickname was that of an authority (whose nicknames are useful and unique), or the message already included an identity and/or an address. I might have missed a couple more too. This is a fix for bug 3045. Nick Mathewson2011-05-15