| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
| |
When the user sends a NEWNYM signal, clear the client-side DNS
cache too. Otherwise we continue to act on previous information.
svn:r8679
|
|
|
|
|
|
|
| |
The otherwise regrettable MIPSpro C compiler warns about values set but never used, and about mixing enums and ints; these are good warnings, and so should be fixed. This removes some dead code and some potential bugs. Thanks to pnx.
svn:r8664
|
|
|
|
| |
svn:r8633
|
|
|
|
| |
svn:r8622
|
|
|
|
| |
svn:r8599
|
|
|
|
|
|
|
| |
Make a field longer to accomodate verbose nicknames; note that verbose nicknames will never reach this point.
svn:r8583
|
|
|
|
|
|
|
| |
Fix bug 303: reject attempts to use Tor as a one-hop proxy.
svn:r8566
|
|
|
|
|
|
|
| |
not mandatory that we use that enclave, stop wanting it.
svn:r8559
|
|
|
|
|
|
|
| |
Differentiate more duplicated log entries
svn:r8542
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
[Needs review.] Add a BEGIN_DIR relay cell type for an easier
in-protocol way to connect to directory servers through Tor.
Previously, clients could only connect to director servers over Tor
from exit nodes, but couldn't get directory information anonymously
from a non-exit cache without getting a directory server involved.
This needs testing, and needs client-side code to actually exercise it.
svn:r8527
|
|
|
|
|
|
|
|
|
|
| |
client asks us to resolve (not connect to) an address, and we have a
cached answer, give them the cached answer. Previously, we would give
them no answer at all.
svn:r8478
|
|
|
|
|
|
|
| |
Debug client-side reverse dns code.
svn:r8452
|
|
|
|
|
|
|
| |
Specify and implement SOCKS5 interface for reverse hostname lookup.
svn:r8451
|
|
|
|
| |
svn:r8450
|
|
|
|
|
|
|
| |
Consider non-exit servers unsuitable for RESOLVE commands.
svn:r8442
|
|
|
|
|
|
|
| |
Fix bug 314: Instead of checking address_in_virtualrange, check addressmap_have_mapping(). This should be more accurate. [Rename to addressmap_have_mapping() from addressmap_already_mapped().]
svn:r8226
|
|
|
|
|
|
|
|
| |
the idioms of other compare functions. hopefully i didn't
break it?
svn:r7048
|
|
|
|
| |
svn:r7044
|
|
|
|
|
|
|
| |
Fix verbose compilation errors; make sure transparent proxy fails when no method is configured.
svn:r7012
|
|
|
|
|
|
|
| |
whitespace fixes
svn:r7011
|
|
|
|
|
|
|
| |
Only open /dev/pf once.
svn:r7009
|
|
|
|
|
|
|
| |
Distinguish netfilter vs pf at configure time based on headers, not on OS.
svn:r7008
|
|
|
|
|
|
|
| |
Patch from Tup to add support for transparent AP connections: this basically bundles the functionality of trans-proxy-tor into the tor mainline. Now hosts with compliant pf/netfilter implementations can redirect TCP connections straight to Tor without diverting through SOCKS.
svn:r7007
|
|
|
|
| |
svn:r6939
|
|
|
|
|
|
|
| |
Rename some fields, compress a bitfield, and document some structs and fields
svn:r6919
|
|
|
|
|
|
|
| |
Clean up wide lines from last patch.
svn:r6907
|
|
|
|
|
|
|
| |
Refactor connection_t into edge, or, dir, control, and base subtypes. This might save some RAM on busy exit servers, but really matters most in terms of correctness.
svn:r6906
|
|
|
|
|
|
|
| |
Move rend_query to origin_circuit_t where it belongs; save another 17 bytes per OR circuit.
svn:r6903
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
circuit_t into origin_circuit_t and or_circuit_t. I fixed some
segaults; there may be more. We still need to move more rendezvous
stuff into subtypes.
This is a trial run for splitting up connection_t; if the approach is
insane, please say so soon so we can do something smarter.
Also, this discards the old HALF_OPEN code, which nobody seems to
want.
svn:r6817
|
|
|
|
| |
svn:r6791
|
|
|
|
|
|
|
|
|
|
|
|
| |
application connections. Rather than waiting a fixed amount of
time between each retry, we wait only 5 seconds for the first,
10 seconds for the second, and 15 seconds for each retry after
that. Hopefully this will improve the expected experience.
Addresses bug 297.
svn:r6790
|
|
|
|
|
|
|
|
| |
its webserver is misconfigured to not listen on localhost, then back
off and try connecting from somewhere else before we fail.
svn:r6783
|
|
|
|
| |
svn:r6763
|
|
|
|
|
|
|
| |
the node operator, since he can't do anything about it.
svn:r6733
|
|
|
|
|
|
|
|
|
|
| |
connection_add being called with socket = -1. The only places I can see
where that happen would be if our tor_socketpair succeeds but it hands
back negative values for some of its file descriptors. Perhaps this will
produce more useful assert errors next time.
svn:r6550
|
|
|
|
|
|
| |
minimum.
svn:r6527
|
|
|
|
|
|
|
|
|
|
|
| |
possible. Cache at the server side independently from the TTL, to
prevent attackers from probing the server to see who has been asking
for what hostnames. (Hi, Dan Kaminski!)
Also, clean some whitespace.
svn:r6526
|
|
|
|
|
|
|
| |
11 minute jump into the future.
svn:r6465
|
|
|
|
| |
svn:r6404
|
|
|
|
| |
svn:r6402
|
|
|
|
| |
svn:r6400
|
|
|
|
|
|
| |
get handed out in response to mapaddress requests. Needs testing and docs!
svn:r6398
|
|
|
|
|
|
|
|
| |
are reachability testing and rendserv upload/downloads, and they
have their own failure messages elsewhere.
svn:r6343
|
|
|
|
|
|
|
| |
Fix some minor bugs and memory leaks along the way.
svn:r6246
|
|
|
|
|
|
|
|
|
|
| |
wait unattached before we fail it?
Use this value for controller socks timeout, for normal socks
timeout, and for hidden-service socks timeout.
svn:r6217
|
|
|
|
|
|
|
|
|
| |
connecting and for resolving). Now we tolerate applications
that don't follow the RFCs. But continue to block malformed
names at the socks side.
svn:r6193
|
|
|
|
| |
svn:r6192
|
|
|
|
|
|
|
| |
when people ask for "serifos.exit".
svn:r6187
|
|
|
|
| |
svn:r6173
|
|
|
|
|
|
|
|
|
|
|
|
| |
characters, then fail. this time don't even bother telling the
server operator about these cases, because what's he going to do?
if it turns out that some significant population somewhere in the
world uses non-printable hostnames and wants to use tor, then i
hereby assume that they will contact us.
svn:r6171
|