| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
edge_connection_t: want_onehop if it must attach to a circuit with
only one hop (e.g. for the current tunnelled connections that use
begin_dir), and use_begindir if we mean to use a BEGIN_DIR relay
command to establish the stream rather than the normal BEGIN. Now
we can make anonymized begin_dir connections for (e.g.) more secure
hidden service posting and fetching.
svn:r12244
|
| |
|
|
|
|
|
| |
Turn all "Is DirPort nonzero? Because if it is, we must be a directory" logic into calls to dirserver_mode().
svn:r11817
|
| |
|
|
|
|
|
| |
Make some functions static; remove some dead code.
svn:r11750
|
| |
|
|
| |
svn:r11658
|
| |
|
|
|
|
|
|
| |
them anyway, and the code has probably rotted by now. Based on
patch from Karsten Loesing.
svn:r11496
|
| |
|
|
|
|
|
| |
Make controllers accept LF as well as CRLF. Update spec to reflect this. Remove now-dead code. Make controller warning about v0 protocol more accurate.
svn:r11299
|
| |
|
|
|
|
|
| |
Add a new ClientDNSRejectInternalAddresses option (default: on) to refuse to believe that any address can map to or from an internal address. This blocks some kinds of potential browser-based attacks, especially on hosts using DNSPort. Also clarify behavior in some comments. Backport candiate?
svn:r11287
|
| |
|
|
|
|
|
| |
Fix a bug caught by Kate: when we switched from masks to bits in 0.2.0.3-alpha, we added a spurious ! that made us never believe that any address fell inside a virtual address range. While we're at it, save a trip around the loop in the common case.
svn:r11129
|
| |
|
|
| |
svn:r11074
|
| |
|
|
|
|
|
| |
More documentation
svn:r10992
|
| |
|
|
|
|
|
| |
Fix bug 472: do not use spaces in pseudo-address for local link cons.
svn:r10979
|
| |
|
|
|
|
|
| |
ADDRMAP events should never have specified local time. Extend them to have the proper gmt time, and make GETINFO address-mappings always do the right thing (since it is new in this version).
svn:r10930
|
| |
|
|
|
|
|
| |
Another patch from croup: drop support for address masks that do not correspond to bit prefixes. Nobody has used this for a while, and we have given warnings for a long time.
svn:r10881
|
| |
|
|
|
|
|
| |
Patch from tup: new address-mappings/ GETINFO that includes expiry times.
svn:r10844
|
| |
|
|
|
|
|
| |
Get the RESOLVE controller code working.
svn:r10781
|
| |
|
|
|
|
|
| |
Backport candidate: fix a possible buffer overrun when using natd support on old BSDs. Based on a patch from "Mr. Croup".
svn:r10760
|
| |
|
|
|
|
|
| |
Patch from Robert Hogan: Generate STREAM NEW events for dnsport requests and tunneled directory connections. Log when we are testing for hijacking.
svn:r10737
|
| |
|
|
| |
svn:r10543
|
| |
|
|
|
|
|
| |
Deprecate RedirectExits.
svn:r10526
|
| |
|
|
|
|
|
| |
Patch from peter palfrader: control interface via unix domain socket
svn:r10504
|
| |
|
|
|
|
|
|
| |
connection to a port that the hidden service didn't configure.
Resolves bug 444.
svn:r10478
|
| |
|
|
|
|
|
| |
Patch from Tup: treat RESOLVED_TYPE_ERROR_TRANSIENT as a SERVERFAILED, and RESOLVED_TYPE_ERROR as NOTEXIST. Generate transient/nontransient errors more sensibly. Set flags better on DNS replies.
svn:r10427
|
| |
|
|
|
|
|
| |
Cleanup whitespace.
svn:r10425
|
| |
|
|
|
|
|
| |
Resolve all but 3 DOCDOCs.
svn:r10393
|
| |
|
|
| |
svn:r10335
|
| |
|
|
|
|
|
| |
hack to make reverse lookups work with dnsport. note that it is a hack. note some trouble spots.
svn:r10332
|
| |
|
|
|
|
|
| |
The second time that we resolve a.com and get 1.2.3.4, return an A record mapping (a->1.2.3.4), not mapping (1.2.3.4->1.2.3.4).
svn:r10329
|
| |
|
|
|
|
|
| |
Fix more dnsport bugs: set state correctly, and actually cache the answers.
svn:r10328
|
| |
|
|
|
|
|
| |
Fix a dnsserv bug: mark the connectino as "finished handshaking" once dnsserv_resolved is called.
svn:r10327
|
| |
|
|
|
|
|
| |
Add an AutomapHostsOnResolve option. It seems to work.
svn:r10324
|
| |
|
|
|
|
|
| |
Well, that was easier than I thought it would be. Tor is now a DNS proxy as well as a socks proxy. Probably some bugs remain, but since it A) has managed to resolve one address for me successfully, and B) will not affect anybody who leaves DNSPort unset, it feel like a good time to commit.
svn:r10317
|
| |
|
|
|
|
|
| |
Review XXXX comments without a version; upgrade some to XXXX020.
svn:r10315
|
| |
|
|
|
|
|
| |
Make connection_array into a smartlist.
svn:r10292
|
| |
|
|
|
|
|
| |
Fix compilation in connection_edge.c
svn:r10186
|
| |
|
|
| |
svn:r10182
|
| |
|
|
|
|
|
|
|
|
| |
If a directory server runs out of space in the connection table
as it's processing a begin_dir request, it will free the exit stream
but leave it attached to the circuit, leading to unpredictable
behavior. (Reported by seeess, fixes bug 425.)
svn:r10154
|
| |
|
|
|
|
|
|
|
| |
from a circuit, even if the exit node is in the middle.
there are probably a few more places that need this fix too.
svn:r10076
|
| |
|
|
|
|
|
| |
Misc cleanup and bulletproofing on r10056.
svn:r10058
|
| |
|
|
|
|
|
| |
so we can exit from the middle of the circuit.
svn:r10056
|
| |
|
|
|
|
|
| |
Initial version of code to stop using socket pairs for linked connections. Superficially, it seems to work, but it probably needs a lot more testing and attention.
svn:r9995
|
| |
|
|
|
|
|
| |
Try to fix bug 410: move responsibility for attaching/detaching initial streams from circuits into dns_resolve. Needs refactoring a little.
svn:r9931
|
| |
|
|
|
|
|
| |
A surprisingly simple patch to stop reading on edge connections when their circuits get too full, and start again when they empty out. This lets us remove the logic to block begin_dir conns when the corresponding or conns get full: it was already broken by cell queues anyway.
svn:r9905
|
| |
|
|
|
|
|
| |
Possibly resolve bug reported by xiando.
svn:r9903
|
| |
|
|
|
|
|
| |
Eliminate more redundant circuit_t arguments when edge_connection_t is already supplied and the circuit is already attached.
svn:r9900
|
| |
|
|
|
|
|
| |
Refactor a bunch of functions that take edge_connection_t not to also take a crypt_path_t; the cpath is implicit.
svn:r9899
|
| |
|
|
|
|
|
| |
whether we've attached a stream.
svn:r9883
|
| |
|
|
|
|
|
|
| |
stricter rate limiting to all OR conns except those that have
been touched by local circuits.
svn:r9882
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
behavior for getinfo addr-mappings/*. this is because
the code and spec have been mismatched since at least
0.1.1.x, so i would be surprised if nobody at all is
relying on the current behavior.
backport candidate.
backbackport candidate.
svn:r9823
|
| |
|
|
| |
svn:r9822
|
| |
|
|
|
|
|
| |
Make all LD_BUG log messsages get prefixed with "Bug: ". Remove manually-generated "Bug: "s from log-messages. (Apparently, we remembered to add them about 40% of the time.)
svn:r9733
|