| Commit message (Expand) | Author | Age |
|---|
| * | Make begindir_cutoff the same as general_cutoff•••Allow one-hop directory fetching circuits the full "circuit build timeout"
period, rather than just half of it, before failing them and marking
the relay down. This fix should help reduce cases where clients declare
relays (or worse, bridges) unreachable because the TLS handshake takes
a few seconds to complete.
Fixes bug 6743 (one piece of bug 3443); bugfix on 0.2.2.2-alpha, where
we changed the timeout from a static 30 seconds.
| Roger Dingledine | 2012-09-01 |
| * | Triage the XXX023 and XXX022 comments: postpone many. | Nick Mathewson | 2012-06-15 |
| * | Don't poll to see if we need to build circuits for timeout data if LearnCircu... | Andrea Shepard | 2012-06-13 |
| * | Update copyright dates to 2012; add a few missing copyright statements | Nick Mathewson | 2012-06-04 |
| * | Merge remote-tracking branch 'origin/maint-0.2.2' | Nick Mathewson | 2012-05-31 |
| |\ |
|
| | * | Make all begindir or one-hop circuits internal•••This solves bug 5283, where client traffic could get sent over the
same circuit as an anonymized connection to a directory, even if
that circuit used an exit node unsuitable for clients. By marking
the directory connection as needs_internal, we ensure that the
(non-internal!) client-traffic connection won't be sent over the
same circuit.
| Nick Mathewson | 2012-05-31 |
| * | | Don't crash when HS circs which have not yet found an OR conn time out•••Fixes bug #4897, not yet in any release.
Using n_circ_id alone here (and below, when n_conn is NULL) really sucks,
but that's a separate bug which will need a changes/ file.
| Robert Ransom | 2012-01-12 |
| * | | Merge branch 'feature3457-v4-nm-squashed'•••Conflicts:
src/or/rendclient.c
| Nick Mathewson | 2012-01-11 |
| |\ \ |
|
| | * | | Add clarity/typesafety wrappers for control_event_circuit_status_minor | Nick Mathewson | 2012-01-11 |
| | * | | Rename CIRC2 to CIRC_MINOR•••Also give the arguments to control_event_circuit_status_minor real
names.
| Nick Mathewson | 2012-01-11 |
| | * | | Send CIRC2 event when a circuit is cannibalized | Robert Ransom | 2011-11-24 |
| | * | | Add CIRC2 control-port event, and send it when a circ's purpose changes | Robert Ransom | 2011-11-24 |
| | * | | Log whenever a circuit's purpose is changed | Robert Ransom | 2011-11-24 |
| * | | | Add an option to close HS service-side rend circs on timeout | Robert Ransom | 2011-12-27 |
| * | | | Don't close HS service-side rend circs on timeout | Robert Ransom | 2011-12-27 |
| * | | | Add an option to close 'almost-connected' HS client circs on timeout | Robert Ransom | 2011-12-27 |
| * | | | Don't close HS client circs which are 'almost connected' on timeout | Robert Ransom | 2011-12-27 |
| * | | | Refactor stream attachment in circuit_has_opened•••Put the 'try attaching streams, clear isolation state if possible, retry
attaching streams' loop in its own separate function, where it belongs.
| Robert Ransom | 2011-12-09 |
| * | | | Add comment about bug4651 fix | Nick Mathewson | 2011-12-05 |
| * | | | Don't send two ESTABLISH_RENDEZVOUS cells when opening a new rend circ | Robert Ransom | 2011-12-03 |
| * | | | Merge branch 'feature2553-v4-rebased' | Nick Mathewson | 2011-11-30 |
| |\ \ \ |
|
| | * | | | Use single-hop intro and rend circuits when in tor2web mode | Robert Ransom | 2011-11-30 |
| | |/ / |
|
| * | | | Merge branch 'bug933_nm_rebased_v2'•••Conflicts:
src/test/test.c
| Nick Mathewson | 2011-11-30 |
| |\ \ \ |
|
| | * | | | Add some post-comma spaces to please arma•••Incidentally, we've got 30969 lines in master with a comma
in them, of which 1995 have a comma followed by a non-newline,
non-space character. So about 93% of our commas are right,
but we have a substantial number of "crowded" lines.
| Nick Mathewson | 2011-11-30 |
| | * | | | Refactor addressmap_match_superdomains and representation of wildcards•••In this new representation for wildcarded addresses, there are no
longer any 'magic addresses': rather, "a.b c.d", "*.a.b c.d" and
"*.a.b *.c.d" are all represented by a mapping from "a.b" to "c.d". we
now distinguish them by setting bits in the addressmap_entry_t
structure, where src_wildcard is set if the source address had a
wildcard, and dst_wildcard is set if the target address had a
wildcard.
This lets the case where "*.a.b *.c.d" or "*.a.b c.d" remap the
address "a.b" get handled trivially, and lets us simplify and improve
the addressmap_match_superdomains implementation: we can now have it
run in O(parts of address) rather than O(entries in addressmap).
| Nick Mathewson | 2011-11-30 |
| * | | | | First chunk of support for bridges on IPv6•••Comments below focus on changes, see diff for added code.
New type tor_addr_port_t holding an IP address and a TCP/UDP port.
New flag in routerinfo_t, ipv6_preferred. This should go in the
node_t instead but not now.
Replace node_get_addr() with
- node_get_prim_addr() for primary address, i.e. IPv4 for now
- node_get_pref_addr() for preferred address, IPv4 or IPv6.
Rename node_get_addr_ipv4h() node_get_prim_addr_ipv4h() for
consistency. The primary address will not allways be an IPv4 address.
Same for node_get_orport() -> node_get_prim_orport().
Rewrite node_is_a_configured_bridge() to take all OR ports into account.
Extend argument list to extend_info_from_node and
extend_info_from_router with a flag indicating if we want to use the
routers primary address or the preferred address. Use the preferred
address in as few situtations as possible for allowing clients to
connect to bridges over IPv6.
| Linus Nordberg | 2011-11-30 |
| | |/ /
|/| | |
|
| * | | | Fix names of functions that convert strings to addrs•••Now let's have "lookup" indicate that there can be a hostname
resolution, and "parse" indicate that there wasn't. Previously, we
had one "lookup" function that did resolution; four "parse" functions,
half of which did resolution; and a "from_str()" function that didn't
do resolution. That's confusing and error-prone!
The code changes in this commit are exactly the result of this perl
script, run under "perl -p -i.bak" :
s/tor_addr_port_parse/tor_addr_port_lookup/g;
s/parse_addr_port(?=[^_])/addr_port_lookup/g;
s/tor_addr_from_str/tor_addr_parse/g;
This patch leaves aton and pton alone: their naming convention and
behavior is is determined by the sockets API.
More renaming may be needed.
| Nick Mathewson | 2011-10-11 |
| * | | | Fix compilation of 3335 and 3825 fixes•••In master, they ran into problems with the edge_conn/entry_conn split.
| Nick Mathewson | 2011-10-03 |
| * | | | Merge remote-tracking branch 'rransom-tor/bug3335-v2'•••Conflicts:
src/or/connection_edge.c
src/or/rendclient.c
| Nick Mathewson | 2011-10-03 |
| |\ \ \
| |/ /
|/| | |
|
| | * | | Clear the timed_out flag when an HS connection attempt ends | Robert Ransom | 2011-10-02 |
| | |/ |
|
| * | | Move entry-only fields from edge_connection_t to entry_connection_t•••Also, refactor the code accordingly.
| Nick Mathewson | 2011-07-21 |
| * | | remember our future plan for bug 3617•••(that is, to change the default for "UseOptimisticData auto" to
1 once we are more convinced that it works correctly.)
| Roger Dingledine | 2011-07-21 |
| * | | Add another precondition for isolation-clearing; fix 3620 | Nick Mathewson | 2011-07-20 |
| * | | For accuracy, s/exit_allows_optimistic_data/may_use_optimistic_data/ | Nick Mathewson | 2011-07-20 |
| * | | Add an OptimisticData option to control client-side optimistic data | Nick Mathewson | 2011-07-20 |
| * | | Merge branch 'optimistic-client'•••The conflicts are with the proposal 171 circuit isolation code, and
they're all trivial: they're just a matter of both branches adding
some unrelated code in the same places.
Conflicts:
src/or/circuituse.c
src/or/connection.c
| Nick Mathewson | 2011-07-20 |
| |\ \ |
|
| | * | | Only use optimistic data with exits that support it•••This adds a little code complexity: we need to remember for each
node whether it supports the right feature, and then check for each
connection whether it's exiting at such a node. We store this in a
flag in the edge_connection_t, and set that flag at link time.
| Nick Mathewson | 2011-07-18 |
| * | | | Take a smarter approach to clearing isolation info•••Back when I added this logic in 20c0581a79, the rule was that whenever
a circuit finished building, we cleared its isolation info. I did that
so that we would still use the circuit even if all the streams that
had previously led us to tentatively set its isolation info had closed.
But there were problems with that approach: We could pretty easily get
into a case where S1 had led us to launch C1 and S2 had led us to
launch C2, but when C1 finished, we cleared its isolation and attached
S2 first. Since C2 was still marked in a way that made S1
unattachable to it, we'd then launch another circuit needlessly.
So instead, we try the following approach now: when a circuit is done
building, we try to attach streams to it. If it remains unused after
we try attaching streams, then we clear its isolation info, and try
again to attach streams.
Thanks to Sebastian for helping me figure this out.
| Nick Mathewson | 2011-07-19 |
| * | | | Add an option to limit the number of non-open client circuits.•••This is mainly meant as a way to keep clients from accidentally
DOSing themselves by (e.g.) enabling IsolateDestAddr or
IsolateDestPort on a port that they use for HTTP.
| Nick Mathewson | 2011-07-19 |
| * | | | Launch sufficient circuits to satisfy pending isolated streams•••Our old "do we need to launch a circuit for stream S" logic was,
more or less, that if we had a pending circuit that could handle S,
we didn't need to launch a new one.
But now that we have streams isolated from one another, we need
something stronger here: It's possible that some pending C can
handle either S1 or S2, but not both.
This patch reuses the existing isolation logic for a simple
solution: when we decide during circuit launching that some pending
C would satisfy stream S1, we "hypothetically" mark C as though S1
had been connected to it. Now if S2 is incompatible with S1, it
won't be something that can attach to C, and so we'll launch a new
stream.
When the circuit becomes OPEN for the first time (with no streams
attached to it), we reset the circuit's isolation status. I'm not
too sure about this part: I wanted some way to be sure that, if all
streams that would have used a circuit die before the circuit is
done, the circuit can still get used. But I worry that this
approach could also lead to us launching too many circuits. Careful
thought needed here.
| Nick Mathewson | 2011-07-19 |
| * | | | Implement stream isolation•••This is the meat of proposal 171: we change circuit_is_acceptable()
to require that the connection is compatible with every connection
that has been linked to the circuit; we update circuit_is_better to
prefer attaching streams to circuits in the way that decreases the
circuits' usefulness the least; and we update link_apconn_to_circ()
to do the appropriate bookkeeping.
| Nick Mathewson | 2011-07-19 |
| * | | | Const-ify a few functions | Nick Mathewson | 2011-07-19 |
| |/ / |
|
| * | | Remove compare_addr_to_node_policy•••Instead, use compare_tor_addr_to_node_policy everywhere.
One advantage of this is that compare_tor_addr_to_node_policy can
better distinguish 0.0.0.0 from "unknown", which caused a nasty bug
with microdesc users.
| Nick Mathewson | 2011-07-15 |
| * | | Merge remote-tracking branch 'origin/maint-0.2.2' | Nick Mathewson | 2011-06-17 |
| |\| |
|
| | * | Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 | Nick Mathewson | 2011-06-17 |
| | |\ |
|
| | | * | Abandon rendezvous circuits on SIGNAL NEWNYM | Robert Ransom | 2011-06-17 |
| * | | | Make the get_options() return const•••This lets us make a lot of other stuff const, allows the compiler to
generate (slightly) better code, and will make me get slightly fewer
patches from folks who stick mutable stuff into or_options_t.
const: because not every input is an output!
| Nick Mathewson | 2011-06-14 |
| * | | | Merge remote-tracking branch 'origin/maint-0.2.2'•••The conflicts were mainly caused by the routerinfo->node transition.
Conflicts:
src/or/circuitbuild.c
src/or/command.c
src/or/connection_edge.c
src/or/directory.c
src/or/dirserv.c
src/or/relay.c
src/or/rendservice.c
src/or/routerlist.c
| Nick Mathewson | 2011-05-30 |
| |\| | |
|
| | * | | Merge branch 'bug3045' into maint-0.2.2•••Conflicts:
src/or/circuitbuild.c
| Nick Mathewson | 2011-05-30 |
| | |\ \ |
|
| | | * | | Log descriptions of nodes, not just nicknames.•••This patch introduces a few new functions in router.c to produce a
more helpful description of a node than its nickame, and then tweaks
nearly all log messages taking a nickname as an argument to call these
functions instead.
There are a few cases where I left the old log messages alone: in
these cases, the nickname was that of an authority (whose nicknames
are useful and unique), or the message already included an identity
and/or an address. I might have missed a couple more too.
This is a fix for bug 3045.
| Nick Mathewson | 2011-05-15 |