aboutsummaryrefslogtreecommitdiff
path: root/src/or/connection_edge.c
Commit message (Collapse)AuthorAge
* Update copyright dates to 2012; add a few missing copyright statementsNick Mathewson2012-06-04
|
* Add about 60 more DOCDOC comments to 0.2.3Nick Mathewson2012-06-04
| | | | | | | | Also, try to resolve some doxygen issues. First, define a magic "This is doxygen!" macro so that we take the correct branch in various #if/#else/#endifs in order to get the right documentation. Second, add in a few grouping @{ and @} entries in order to get some variables and fields to get grouped together.
* Resolve all currently pending DOCDOC items in masterNick Mathewson2012-06-04
|
* In connection_ap_handshake_process_socks(), mark the socks request as ↵Fabian Keil2012-05-16
| | | | | | | | | | finished if a reply is send after a parse error Silences the log message: [warn] {BUG} _connection_mark_unattached_ap(): Bug: stream (marked at connection_edge.c:2224) sending two socks replies? after the client triggered the "Tor is not an HTTP Proxy" response. No additional socks reply was sent, though.
* Merge remote-tracking branch 'public/bug2822'Nick Mathewson2012-05-16
|\
| * Reject SOCKS requests for "localhost" or ".local"Nick Mathewson2012-03-28
| | | | | | | | | | Sending them on is futile, since we will be told "127.0.0.1" and then think we've been lied to. Partial fix for 2822.
| * Rate-limit the warnings as a client when asked to connect a private addrNick Mathewson2012-03-28
| | | | | | | | Partial fix for ticket 2822.
* | Add a missing ntohl to tell_controller_about_resolve_resultNick Mathewson2012-05-01
| | | | | | | | Fix for bug 5723; bugfix on 0.2.3.1-alpha (commit 22f723e4)
* | be willing to use nodes in excludeexitnodes as directory mirrorsRoger Dingledine2012-04-24
|/ | | | fixes bug 5623.
* Merge remote-tracking branch 'public/bug3325'Nick Mathewson2012-01-16
|\
| * Move logging of bad hostnames into parse_extended_hostnameNick Mathewson2012-01-11
| | | | | | | | This fixes bug 3325, where a bad .exit would get logged as a bad .onion
* | Convert instances of tor_malloc+tor_snprintf into tor_asprintfNick Mathewson2012-01-16
| | | | | | | | | | | | | | | | | | | | These were found by looking for tor_snprintf() instances that were preceeded closely by tor_malloc(), though I probably converted some more snprintfs as well. (In every case, make sure that the length variable (if any) is removed, renamed, or lowered, so that anything else that might have assumed a longer buffer doesn't exist.)
* | Convert instances of tor_snprintf+strdup into tor_asprintfNick Mathewson2012-01-16
|/ | | | | | These were found by looking for tor_snprintf() instances that were followed closely by tor_strdup(), though I probably converted some other snprintfs as well.
* Merge branch 'feature2553-v4-rebased'Nick Mathewson2011-11-30
|\
| * Add ifdefs to disable assertion in connection_ap_handshake_send_beginRobert Ransom2011-11-30
| |
| * Don't allow tor2web-mode Tors to connect to non-HS addressesRobert Ransom2011-11-30
| | | | | | | | | | | | The client's anonymity when accessing a non-HS address in tor2web-mode would be easily nuked by inserting an inline image with a .onion URL, so don't even pretend to access non-HS addresses through Tor.
* | Merge branch 'bug933_nm_rebased_v2'Nick Mathewson2011-11-30
|\ \ | | | | | | | | | | | | Conflicts: src/test/test.c
| * | Tweak addressmap_rewrite a little moreNick Mathewson2011-11-30
| | | | | | | | | | | | | | | | | | This resolves a loop warning on "MapAddress *.example.com example.com", makes the rewrite log messages correct, and fixes the behavior of "MapAddress *.a *.b" when just given "a" as an input.
| * | Fix an issue in my mapaddress domains code spotted by armaNick Mathewson2011-11-30
| | | | | | | | | | | | | | | | | | MapAddress *.torproject.org torproject.org would have been interpreted as a map from a domain to itself, and would have cleared the mapping. Now we require not only a match of domains, but of wildcards.
| * | Refactor addressmap_match_superdomains and representation of wildcardsNick Mathewson2011-11-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In this new representation for wildcarded addresses, there are no longer any 'magic addresses': rather, "a.b c.d", "*.a.b c.d" and "*.a.b *.c.d" are all represented by a mapping from "a.b" to "c.d". we now distinguish them by setting bits in the addressmap_entry_t structure, where src_wildcard is set if the source address had a wildcard, and dst_wildcard is set if the target address had a wildcard. This lets the case where "*.a.b *.c.d" or "*.a.b c.d" remap the address "a.b" get handled trivially, and lets us simplify and improve the addressmap_match_superdomains implementation: we can now have it run in O(parts of address) rather than O(entries in addressmap).
| * | Address nickm's comments at ↵Robert Hogan2011-11-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | https://trac.torproject.org/projects/tor/ticket/933#comment:8 1. Only allow '*.' in MapAddress expressions. Ignore '*ample.com' and '.example.com'. This has resulted in a slight refactoring of config_register_addressmaps. 2. Add some more detail to the man page entry for AddressMap. 3. Fix initialization of a pointer to NULL rather than 0. 4. Update the unit tests to cater for the changes in 1 and test more explicitly for recursive mapping.
| * | Address nickm's comments at ↵Robert Hogan2011-11-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | https://trac.torproject.org/projects/tor/ticket/933#comment:4 1. Implement the following mapping rules: MapAddress a.b.c d.e.f # This is what we have now MapAddress .a.b.c d.e.f # Replaces any address ending with .a.b.c with d.e.f MapAddress .a.b.c .d.e.f # Replaces the .a.b.c at the end of any addr with .d.e.f (Note that 'a.b.c .d.e.f' is invalid, and will be rejected.) 2. Add tests for the new rules. 3. Allow proper wildcard annotation, i.e. '*.d.e' '.d.e' will still work. 4. Update addressmap_entry_t with an is_wildcard member.
| * | bug933 - Match against super-domains in MapAddressRobert Hogan2011-11-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | Allow MapAddress to handle directives such as: MapAddress .torproject.org .torserver.exit MapAddress .org 1.1.1.1 Add tests for addressmap_rewrite.
* | | Use correct address family where necessary for bridges on IPv6.Linus Nordberg2011-11-30
| |/ |/|
* | Merge remote-tracking branch 'origin/maint-0.2.2'Nick Mathewson2011-10-19
|\ \
| * | Fix crash when changing node restrictions with DNS lookup in progressNick Mathewson2011-10-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes bug 4259, bugfix on 0.2.2.25-alpha. Bugfix by "Tey'". Original message by submitter: Changing nodes restrictions using a controller while Tor is doing DNS resolution could makes Tor crashes (on WinXP at least). The problem can be repeated by trying to reach a non-existent domain using Tor: curl --socks4a 127.0.0.1:9050 inexistantdomain.ext .. and changing the ExitNodes parameter through the control port before Tor returns a DNS resolution error (of course, the following command won't work directly if the control port is password protected): echo SETCONF ExitNodes=TinyTurtle | nc -v 127.0.0.1 9051 Using a non-existent domain is needed to repeat the issue so that Tor takes a few seconds for resolving the domain (which allows us to change the configuration). Tor will crash while processing the configuration change. The bug is located in the addressmap_clear_excluded_trackexithosts method which iterates over the entries of the addresses map in order to check whether the changes made to the configuration will impact those entries. When a DNS resolving is in progress, the new_adress field of the associated entry will be set to NULL. The method doesn't expect this field to be NULL, hence the crash.
| * | trivial whitespace changes, take twoRoger Dingledine2011-09-24
| | |
| * | Trivial whitespace fixesNick Mathewson2011-09-24
| | |
* | | Stop using addr_port_lookup as an address splitting functionNick Mathewson2011-10-11
| | | | | | | | | | | | | | | | | | It's too risky to have a function where if you leave one parameter NULL, it splits up address:port strings, but if you set it, it does hostname resolution.
* | | Change "reverse_lookup_name" functions to refer to "PTR_name"sNick Mathewson2011-10-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Under the new convention, having a tor_addr.*lookup function that doesn't do hostname resolution is too close for comfort. I used this script here, and have made no other changes. s/tor_addr_parse_reverse_lookup_name/tor_addr_parse_PTR_name/g; s/tor_addr_to_reverse_lookup_name/tor_addr_to_PTR_name/g;
* | | Fix names of functions that convert strings to addrsNick Mathewson2011-10-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Now let's have "lookup" indicate that there can be a hostname resolution, and "parse" indicate that there wasn't. Previously, we had one "lookup" function that did resolution; four "parse" functions, half of which did resolution; and a "from_str()" function that didn't do resolution. That's confusing and error-prone! The code changes in this commit are exactly the result of this perl script, run under "perl -p -i.bak" : s/tor_addr_port_parse/tor_addr_port_lookup/g; s/parse_addr_port(?=[^_])/addr_port_lookup/g; s/tor_addr_from_str/tor_addr_parse/g; This patch leaves aton and pton alone: their naming convention and behavior is is determined by the sockets API. More renaming may be needed.
* | | Fix compilation of 3335 and 3825 fixesNick Mathewson2011-10-03
| | | | | | | | | | | | In master, they ran into problems with the edge_conn/entry_conn split.
* | | Merge remote-tracking branch 'rransom-tor/bug3335-v2'Nick Mathewson2011-10-03
|\ \ \ | |_|/ |/| | | | | | | | | | | Conflicts: src/or/connection_edge.c src/or/rendclient.c
| * | Clear the timed_out flag when an HS connection attempt endsRobert Ransom2011-10-02
| |/
* | Fix whitespace issues in patches merged today so farNick Mathewson2011-09-07
| |
* | Merge remote-tracking branch 'public/split_entry_conn'Nick Mathewson2011-09-07
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: src/or/connection.c src/or/connection_edge.c src/or/connection_edge.h src/or/dnsserv.c Some of these were a little tricky, since they touched code that changed because of the prop171 fixes.
| * | Move entry-only fields from edge_connection_t to entry_connection_tNick Mathewson2011-07-21
| | | | | | | | | | | | Also, refactor the code accordingly.
| * | Add a new type entry_connection_t for entry connectionsNick Mathewson2011-07-21
| | | | | | | | | | | | No fields have moved there yet; for now, it's just a placeholder type.
* | | Merge remote-tracking branch 'origin/maint-0.2.2'Nick Mathewson2011-09-06
|\ \ \ | | |/ | |/| | | | | | | | | | | | | Conflicts: src/or/connection_edge.c Conflicted on a router->node transition; fix was easy.
| * | Fix assertion in addressmap_clear_excluded_trackexithostsNick Mathewson2011-09-06
| | | | | | | | | | | | Fixes bug 3923; bugfix on 0.2.2.25-alpha; bugfix from 'laruldan' on trac.
* | | Sticking a size_t into long generates a warn on winSebastian Hahn2011-08-09
| | |
* | | Remove connection_edge_streams_are_compatibleRobert Ransom2011-08-08
| | | | | | | | | | | | It's dead code (not used anywhere by the current proposal 171 algorithm).
* | | Fix handling of ISO_STREAMRobert Ransom2011-08-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Now we track *which* stream with ISO_STREAM set is associated to a particular circuit, so that we won't think that stream is incompatible with its circuit and launch another one a second later, and we use that same field to mark circuits which have had an ISO_STREAM stream attached to them, so that we won't ever put a second stream on that circuit. Fixes bug 3695.
* | | Fix log message typoRobert Ransom2011-08-06
| | |
* | | Clear socks auth fields before freeNick Mathewson2011-08-05
| | |
* | | Treat socks_request->{username,password} as non-NUL-terminatedNick Mathewson2011-08-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | They *are* non-NUL-terminated, after all (and they have to be, since the SOCKS5 spec allows them to contain embedded NULs. But the code to implement proposal 171 was copying them with tor_strdup and comparing them with strcmp_opt. Fix for bug on 3683; bug not present in any yet-released version.
* | | Implement protocol-type isolation correctly.Nick Mathewson2011-08-02
| |/ |/| | | | | | | | | | | | | Previously we'd just looked at the connection type, but that's always CONN_TYPE_AP. Instead, we should be looking at the type of the listener that created the connection. Spotted by rransom; fixes bug 3636.
* | Improve log messages for optimistic data retryIan Goldberg2011-07-21
| |
* | For accuracy, s/exit_allows_optimistic_data/may_use_optimistic_data/Nick Mathewson2011-07-20
| |
* | Merge branch 'optimistic-client'Nick Mathewson2011-07-20
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | The conflicts are with the proposal 171 circuit isolation code, and they're all trivial: they're just a matter of both branches adding some unrelated code in the same places. Conflicts: src/or/circuituse.c src/or/connection.c