| Commit message (Expand) | Author | Age |
|---|
| * | Change all SMARTLIST_FOREACH loops of >=10 lines to use BEGIN/END•••The SMARTLIST_FOREACH macro is more convenient than BEGIN/END when
you have a nice short loop body, but using it for long bodies makes
your preprocessor tell the compiler that all the code is on the same
line. That causes grief, since compiler warnings and debugger lines
will all refer to that one line.
So, here's a new style rule: SMARTLIST_FOREACH blocks need to be
short.
| Nick Mathewson | 2012-07-17 |
| * | Fix GETINFO address-mappings/... with wildcarded addresses. | Nick Mathewson | 2012-06-27 |
| * | Fix a regression bug in AllowDotExit•••The code that detected the source of a remapped address checked that
an address mapping's source was a given rewrite rule if addr_orig had
no .exit, and addr did have a .exit after processing that rule. But
addr_orig was formatted for logging: it was not the original address
at all, but rather was the address escaped for logging and possibly
replaced with "[scrubbed]".
This new logic will correctly set ADDRMAPSRC_NONE in the case when the
address starts life as a .exit address, so that AllowDotExit can work
again.
Fixes bug 6211; bugfix on 0.2.3.17-beta
| Nick Mathewson | 2012-06-19 |
| * | Triage the XXX023 and XXX022 comments: postpone many. | Nick Mathewson | 2012-06-15 |
| * | Merge remote-tracking branch 'public/bug3940_redux' | Nick Mathewson | 2012-06-13 |
| |\ |
|
| | * | fixup! An attempt at bug3940 and making AllowDotExit 0 work with MapAddress | Nick Mathewson | 2012-06-11 |
| | * | Document the new exit_source_out argument to addressmap_rewrite | Nick Mathewson | 2012-06-04 |
| | * | An attempt at bug3940 and making AllowDotExit 0 work with MapAddress•••This time, I follow grarpamp's suggestion and move the check for
.exit+AllowDotExit 0 to the top of connection_ap_rewrite_and_attach,
before any rewriting occurs. This way, .exit addresses are
forbidden as they arrive from a socks connection or a DNSPort
request, and not otherwise.
It _is_ a little more complicated than that, though. We need to
treat any .exit addresses whose source is TrackHostExits as meaning
that we can retry without that exit. We also need to treat any
.exit address that comes from an AutomapHostsOnResolve operation as
user-provided (and thus forbidden if AllowDotExits==0), so that
transitioning from AllowDotExits==1 to AllowDotExits==0 will
actually turn off automapped .exit addresses.
| Nick Mathewson | 2012-05-11 |
| * | | Fix "make check-spaces" issues | Nick Mathewson | 2012-06-05 |
| * | | Update copyright dates to 2012; add a few missing copyright statements | Nick Mathewson | 2012-06-04 |
| * | | Add about 60 more DOCDOC comments to 0.2.3•••Also, try to resolve some doxygen issues. First, define a magic
"This is doxygen!" macro so that we take the correct branch in
various #if/#else/#endifs in order to get the right documentation.
Second, add in a few grouping @{ and @} entries in order to get some
variables and fields to get grouped together.
| Nick Mathewson | 2012-06-04 |
| * | | Resolve all currently pending DOCDOC items in master | Nick Mathewson | 2012-06-04 |
| * | | In connection_ap_handshake_process_socks(), mark the socks request as finishe...•••Silences the log message:
[warn] {BUG} _connection_mark_unattached_ap(): Bug: stream (marked at connection_edge.c:2224) sending two socks replies?
after the client triggered the "Tor is not an HTTP Proxy" response.
No additional socks reply was sent, though.
| Fabian Keil | 2012-05-16 |
| * | | Merge remote-tracking branch 'public/bug2822' | Nick Mathewson | 2012-05-16 |
| |\ \
| |/
|/| |
|
| | * | Reject SOCKS requests for "localhost" or ".local"•••Sending them on is futile, since we will be told "127.0.0.1" and then
think we've been lied to. Partial fix for 2822.
| Nick Mathewson | 2012-03-28 |
| | * | Rate-limit the warnings as a client when asked to connect a private addr•••Partial fix for ticket 2822.
| Nick Mathewson | 2012-03-28 |
| * | | Add a missing ntohl to tell_controller_about_resolve_result•••Fix for bug 5723; bugfix on 0.2.3.1-alpha (commit 22f723e4)
| Nick Mathewson | 2012-05-01 |
| * | | be willing to use nodes in excludeexitnodes as directory mirrors•••fixes bug 5623.
| Roger Dingledine | 2012-04-24 |
| |/ |
|
| * | Merge remote-tracking branch 'public/bug3325' | Nick Mathewson | 2012-01-16 |
| |\ |
|
| | * | Move logging of bad hostnames into parse_extended_hostname•••This fixes bug 3325, where a bad .exit would get logged as a bad .onion
| Nick Mathewson | 2012-01-11 |
| * | | Convert instances of tor_malloc+tor_snprintf into tor_asprintf•••These were found by looking for tor_snprintf() instances that were
preceeded closely by tor_malloc(), though I probably converted some
more snprintfs as well.
(In every case, make sure that the length variable (if any) is
removed, renamed, or lowered, so that anything else that might have
assumed a longer buffer doesn't exist.)
| Nick Mathewson | 2012-01-16 |
| * | | Convert instances of tor_snprintf+strdup into tor_asprintf•••These were found by looking for tor_snprintf() instances that were
followed closely by tor_strdup(), though I probably converted some
other snprintfs as well.
| Nick Mathewson | 2012-01-16 |
| |/ |
|
| * | Merge branch 'feature2553-v4-rebased' | Nick Mathewson | 2011-11-30 |
| |\ |
|
| | * | Add ifdefs to disable assertion in connection_ap_handshake_send_begin | Robert Ransom | 2011-11-30 |
| | * | Don't allow tor2web-mode Tors to connect to non-HS addresses•••The client's anonymity when accessing a non-HS address in tor2web-mode
would be easily nuked by inserting an inline image with a .onion URL, so
don't even pretend to access non-HS addresses through Tor.
| Robert Ransom | 2011-11-30 |
| * | | Merge branch 'bug933_nm_rebased_v2'•••Conflicts:
src/test/test.c
| Nick Mathewson | 2011-11-30 |
| |\ \ |
|
| | * | | Tweak addressmap_rewrite a little more•••This resolves a loop warning on "MapAddress *.example.com
example.com", makes the rewrite log messages correct, and fixes the
behavior of "MapAddress *.a *.b" when just given "a" as an input.
| Nick Mathewson | 2011-11-30 |
| | * | | Fix an issue in my mapaddress domains code spotted by arma•••MapAddress *.torproject.org torproject.org would have been interpreted
as a map from a domain to itself, and would have cleared the mapping.
Now we require not only a match of domains, but of wildcards.
| Nick Mathewson | 2011-11-30 |
| | * | | Refactor addressmap_match_superdomains and representation of wildcards•••In this new representation for wildcarded addresses, there are no
longer any 'magic addresses': rather, "a.b c.d", "*.a.b c.d" and
"*.a.b *.c.d" are all represented by a mapping from "a.b" to "c.d". we
now distinguish them by setting bits in the addressmap_entry_t
structure, where src_wildcard is set if the source address had a
wildcard, and dst_wildcard is set if the target address had a
wildcard.
This lets the case where "*.a.b *.c.d" or "*.a.b c.d" remap the
address "a.b" get handled trivially, and lets us simplify and improve
the addressmap_match_superdomains implementation: we can now have it
run in O(parts of address) rather than O(entries in addressmap).
| Nick Mathewson | 2011-11-30 |
| | * | | Address nickm's comments at https://trac.torproject.org/projects/tor/ticket/9...••• 1. Only allow '*.' in MapAddress expressions. Ignore '*ample.com' and '.example.com'.
This has resulted in a slight refactoring of config_register_addressmaps.
2. Add some more detail to the man page entry for AddressMap.
3. Fix initialization of a pointer to NULL rather than 0.
4. Update the unit tests to cater for the changes in 1 and test more explicitly for
recursive mapping.
| Robert Hogan | 2011-11-30 |
| | * | | Address nickm's comments at https://trac.torproject.org/projects/tor/ticket/9...•••1. Implement the following mapping rules:
MapAddress a.b.c d.e.f # This is what we have now
MapAddress .a.b.c d.e.f # Replaces any address ending with .a.b.c with d.e.f
MapAddress .a.b.c .d.e.f # Replaces the .a.b.c at the end of any addr with .d.e.f
(Note that 'a.b.c .d.e.f' is invalid, and will be rejected.)
2. Add tests for the new rules.
3. Allow proper wildcard annotation, i.e. '*.d.e' '.d.e' will still work.
4. Update addressmap_entry_t with an is_wildcard member.
| Robert Hogan | 2011-11-30 |
| | * | | bug933 - Match against super-domains in MapAddress•••Allow MapAddress to handle directives such as:
MapAddress .torproject.org .torserver.exit
MapAddress .org 1.1.1.1
Add tests for addressmap_rewrite.
| Robert Hogan | 2011-11-30 |
| * | | | Use correct address family where necessary for bridges on IPv6. | Linus Nordberg | 2011-11-30 |
| | |/
|/| |
|
| * | | Merge remote-tracking branch 'origin/maint-0.2.2' | Nick Mathewson | 2011-10-19 |
| |\ \ |
|
| | * | | Fix crash when changing node restrictions with DNS lookup in progress•••Fixes bug 4259, bugfix on 0.2.2.25-alpha. Bugfix by "Tey'".
Original message by submitter:
Changing nodes restrictions using a controller while Tor is doing
DNS resolution could makes Tor crashes (on WinXP at least). The
problem can be repeated by trying to reach a non-existent domain
using Tor:
curl --socks4a 127.0.0.1:9050 inexistantdomain.ext
.. and changing the ExitNodes parameter through the control port
before Tor returns a DNS resolution error (of course, the following
command won't work directly if the control port is password
protected):
echo SETCONF ExitNodes=TinyTurtle | nc -v 127.0.0.1 9051
Using a non-existent domain is needed to repeat the issue so that
Tor takes a few seconds for resolving the domain (which allows us to
change the configuration). Tor will crash while processing the
configuration change.
The bug is located in the addressmap_clear_excluded_trackexithosts
method which iterates over the entries of the addresses map in order
to check whether the changes made to the configuration will impact
those entries. When a DNS resolving is in progress, the new_adress
field of the associated entry will be set to NULL. The method
doesn't expect this field to be NULL, hence the crash.
| Nick Mathewson | 2011-10-19 |
| | * | | trivial whitespace changes, take two | Roger Dingledine | 2011-09-24 |
| | * | | Trivial whitespace fixes | Nick Mathewson | 2011-09-24 |
| * | | | Stop using addr_port_lookup as an address splitting function•••It's too risky to have a function where if you leave one parameter
NULL, it splits up address:port strings, but if you set it, it does
hostname resolution.
| Nick Mathewson | 2011-10-11 |
| * | | | Change "reverse_lookup_name" functions to refer to "PTR_name"s•••Under the new convention, having a tor_addr.*lookup function that
doesn't do hostname resolution is too close for comfort.
I used this script here, and have made no other changes.
s/tor_addr_parse_reverse_lookup_name/tor_addr_parse_PTR_name/g;
s/tor_addr_to_reverse_lookup_name/tor_addr_to_PTR_name/g;
| Nick Mathewson | 2011-10-11 |
| * | | | Fix names of functions that convert strings to addrs•••Now let's have "lookup" indicate that there can be a hostname
resolution, and "parse" indicate that there wasn't. Previously, we
had one "lookup" function that did resolution; four "parse" functions,
half of which did resolution; and a "from_str()" function that didn't
do resolution. That's confusing and error-prone!
The code changes in this commit are exactly the result of this perl
script, run under "perl -p -i.bak" :
s/tor_addr_port_parse/tor_addr_port_lookup/g;
s/parse_addr_port(?=[^_])/addr_port_lookup/g;
s/tor_addr_from_str/tor_addr_parse/g;
This patch leaves aton and pton alone: their naming convention and
behavior is is determined by the sockets API.
More renaming may be needed.
| Nick Mathewson | 2011-10-11 |
| * | | | Fix compilation of 3335 and 3825 fixes•••In master, they ran into problems with the edge_conn/entry_conn split.
| Nick Mathewson | 2011-10-03 |
| * | | | Merge remote-tracking branch 'rransom-tor/bug3335-v2'•••Conflicts:
src/or/connection_edge.c
src/or/rendclient.c
| Nick Mathewson | 2011-10-03 |
| |\ \ \
| |_|/
|/| | |
|
| | * | | Clear the timed_out flag when an HS connection attempt ends | Robert Ransom | 2011-10-02 |
| | |/ |
|
| * | | Fix whitespace issues in patches merged today so far | Nick Mathewson | 2011-09-07 |
| * | | Merge remote-tracking branch 'public/split_entry_conn'•••Conflicts:
src/or/connection.c
src/or/connection_edge.c
src/or/connection_edge.h
src/or/dnsserv.c
Some of these were a little tricky, since they touched code that
changed because of the prop171 fixes.
| Nick Mathewson | 2011-09-07 |
| |\ \ |
|
| | * | | Move entry-only fields from edge_connection_t to entry_connection_t•••Also, refactor the code accordingly.
| Nick Mathewson | 2011-07-21 |
| | * | | Add a new type entry_connection_t for entry connections•••No fields have moved there yet; for now, it's just a placeholder type.
| Nick Mathewson | 2011-07-21 |
| * | | | Merge remote-tracking branch 'origin/maint-0.2.2'•••Conflicts:
src/or/connection_edge.c
Conflicted on a router->node transition; fix was easy.
| Nick Mathewson | 2011-09-06 |
| |\ \ \
| | |/
| |/| |
|
| | * | | Fix assertion in addressmap_clear_excluded_trackexithosts•••Fixes bug 3923; bugfix on 0.2.2.25-alpha; bugfix from 'laruldan' on trac.
| Nick Mathewson | 2011-09-06 |
| * | | | Sticking a size_t into long generates a warn on win | Sebastian Hahn | 2011-08-09 |