aboutsummaryrefslogtreecommitdiff
path: root/src/or/connection_edge.c
Commit message (Collapse)AuthorAge
* Security bugfixes:Roger Dingledine2006-10-09
| | | | | | | | When the user sends a NEWNYM signal, clear the client-side DNS cache too. Otherwise we continue to act on previous information. svn:r8679
* r8957@totoro: nickm | 2006-10-08 22:35:17 -0400Nick Mathewson2006-10-09
| | | | | | | The otherwise regrettable MIPSpro C compiler warns about values set but never used, and about mixing enums and ints; these are good warnings, and so should be fixed. This removes some dead code and some potential bugs. Thanks to pnx. svn:r8664
* finish poking and prodding. i'm all happy now.Roger Dingledine2006-10-07
| | | | svn:r8633
* minor cleanupsRoger Dingledine2006-10-07
| | | | svn:r8622
* checkpoint some cleanupsRoger Dingledine2006-10-05
| | | | svn:r8599
* r8839@totoro: nickm | 2006-10-02 15:31:49 -0400Nick Mathewson2006-10-03
| | | | | | | Make a field longer to accomodate verbose nicknames; note that verbose nicknames will never reach this point. svn:r8583
* r8822@totoro: nickm | 2006-10-01 16:24:22 -0400Nick Mathewson2006-10-01
| | | | | | | Fix bug 303: reject attempts to use Tor as a one-hop proxy. svn:r8566
* if we fail to build a circuit to an intended enclave, and it'sRoger Dingledine2006-10-01
| | | | | | | not mandatory that we use that enclave, stop wanting it. svn:r8559
* r9025@Kushana: nickm | 2006-09-29 18:33:13 -0400Nick Mathewson2006-09-29
| | | | | | | Differentiate more duplicated log entries svn:r8542
* r8997@Kushana: nickm | 2006-09-28 23:40:22 -0400Nick Mathewson2006-09-29
| | | | | | | | | | | | | | [Needs review.] Add a BEGIN_DIR relay cell type for an easier in-protocol way to connect to directory servers through Tor. Previously, clients could only connect to director servers over Tor from exit nodes, but couldn't get directory information anonymously from a non-exit cache without getting a directory server involved. This needs testing, and needs client-side code to actually exercise it. svn:r8527
* Backport candidate: Fix a long-standing server-side DNS bug. When aNick Mathewson2006-09-24
| | | | | | | | | | client asks us to resolve (not connect to) an address, and we have a cached answer, give them the cached answer. Previously, we would give them no answer at all. svn:r8478
* r8895@Kushana: nickm | 2006-09-21 20:05:11 -0400Nick Mathewson2006-09-22
| | | | | | | Debug client-side reverse dns code. svn:r8452
* r8894@Kushana: nickm | 2006-09-21 18:30:42 -0400Nick Mathewson2006-09-22
| | | | | | | Specify and implement SOCKS5 interface for reverse hostname lookup. svn:r8451
* remove some loud log messagesRoger Dingledine2006-09-22
| | | | svn:r8450
* r8877@Kushana: nickm | 2006-09-21 17:12:33 -0400Nick Mathewson2006-09-21
| | | | | | | Consider non-exit servers unsuitable for RESOLVE commands. svn:r8442
* r8576@Kushana: nickm | 2006-08-25 17:16:01 -0400Nick Mathewson2006-08-25
| | | | | | | Fix bug 314: Instead of checking address_in_virtualrange, check addressmap_have_mapping(). This should be more accurate. [Rename to addressmap_have_mapping() from addressmap_already_mapped().] svn:r8226
* simplify compare_cached_resolves_by_expiry() to make it matchRoger Dingledine2006-08-14
| | | | | | | | the idioms of other compare functions. hopefully i didn't break it? svn:r7048
* save 3-7 bytes per edge connectionRoger Dingledine2006-08-14
| | | | svn:r7044
* r7304@Kushana: nickm | 2006-08-10 01:58:05 -0700Nick Mathewson2006-08-10
| | | | | | | Fix verbose compilation errors; make sure transparent proxy fails when no method is configured. svn:r7012
* r7303@Kushana: nickm | 2006-08-10 01:52:19 -0700Nick Mathewson2006-08-10
| | | | | | | whitespace fixes svn:r7011
* r7301@Kushana: nickm | 2006-08-10 01:41:27 -0700Nick Mathewson2006-08-10
| | | | | | | Only open /dev/pf once. svn:r7009
* r7300@Kushana: nickm | 2006-08-10 01:36:40 -0700Nick Mathewson2006-08-10
| | | | | | | Distinguish netfilter vs pf at configure time based on headers, not on OS. svn:r7008
* r7299@Kushana: nickm | 2006-08-10 01:08:58 -0700Nick Mathewson2006-08-10
| | | | | | | Patch from Tup to add support for transparent AP connections: this basically bundles the functionality of trans-proxy-tor into the tor mainline. Now hosts with compliant pf/netfilter implementations can redirect TCP connections straight to Tor without diverting through SOCKS. svn:r7007
* defense in depthRoger Dingledine2006-07-30
| | | | svn:r6939
* r6922@Kushana: nickm | 2006-07-26 16:32:24 -0400Nick Mathewson2006-07-27
| | | | | | | Rename some fields, compress a bitfield, and document some structs and fields svn:r6919
* r6909@Kushana: nickm | 2006-07-26 13:05:58 -0400Nick Mathewson2006-07-26
| | | | | | | Clean up wide lines from last patch. svn:r6907
* r6908@Kushana: nickm | 2006-07-26 12:38:52 -0400Nick Mathewson2006-07-26
| | | | | | | Refactor connection_t into edge, or, dir, control, and base subtypes. This might save some RAM on busy exit servers, but really matters most in terms of correctness. svn:r6906
* r6902@Kushana: nickm | 2006-07-25 17:30:27 -0400Nick Mathewson2006-07-26
| | | | | | | Move rend_query to origin_circuit_t where it belongs; save another 17 bytes per OR circuit. svn:r6903
* Don't tell anybody, but we're going OO here. This patch splitsNick Mathewson2006-07-23
| | | | | | | | | | | | | | | circuit_t into origin_circuit_t and or_circuit_t. I fixed some segaults; there may be more. We still need to move more rendezvous stuff into subtypes. This is a trial run for splitting up connection_t; if the approach is insane, please say so soon so we can do something smarter. Also, this discards the old HALF_OPEN code, which nobody seems to want. svn:r6817
* don't squeal if the first few retries fail.Roger Dingledine2006-07-18
| | | | svn:r6791
* Define a schedule for how long to wait between retryingRoger Dingledine2006-07-18
| | | | | | | | | | | | application connections. Rather than waiting a fixed amount of time between each retry, we wait only 5 seconds for the first, 10 seconds for the second, and 15 seconds for each retry after that. Hopefully this will improve the expected experience. Addresses bug 297. svn:r6790
* If we are using an exit enclave and we can't connect, e.g. becauseRoger Dingledine2006-07-18
| | | | | | | | its webserver is misconfigured to not listen on localhost, then back off and try connecting from somewhere else before we fail. svn:r6783
* stick to nick's nul/null conventionRoger Dingledine2006-07-15
| | | | svn:r6763
* when an exit node gets a malformed begin cell, don't complain toRoger Dingledine2006-07-06
| | | | | | | the node operator, since he can't do anything about it. svn:r6733
* We got an obscure report of an assert error on a windows Tor server withRoger Dingledine2006-06-06
| | | | | | | | | | connection_add being called with socket = -1. The only places I can see where that happen would be if our tor_socketpair succeeds but it hands back negative values for some of its file descriptors. Perhaps this will produce more useful assert errors next time. svn:r6550
* Oops. When we dont get a TTL, we should default to the default, not to the ↵Nick Mathewson2006-06-03
| | | | | | minimum. svn:r6527
* More DNS fixes. Send meaningful TTLs back to the client whenNick Mathewson2006-06-03
| | | | | | | | | | | possible. Cache at the server side independently from the TTL, to prevent attackers from probing the server to see who has been asking for what hostnames. (Hi, Dan Kaminski!) Also, clean some whitespace. svn:r6526
* add a few more debugging lines to help mikec track down hisRoger Dingledine2006-05-23
| | | | | | | 11 minute jump into the future. svn:r6465
* class B really means /16 hereRoger Dingledine2006-04-18
| | | | svn:r6404
* require at least 2**16 assignable virtual addressesNick Mathewson2006-04-18
| | | | svn:r6402
* [Forward-port ]Test and document last patch.Nick Mathewson2006-04-18
| | | | svn:r6400
* [forward-port] Implement an option, VirtualAddrMask, to set which addresses ↵Nick Mathewson2006-04-18
| | | | | | get handed out in response to mapaddress requests. Needs testing and docs! svn:r6398
* Don't yell loudly about failed internal/bridge connections. TheseRoger Dingledine2006-04-09
| | | | | | | | are reachability testing and rendserv upload/downloads, and they have their own failure messages elsewhere. svn:r6343
* Refactor and consolidate addr/exit policies into a new policies.c.Roger Dingledine2006-03-27
| | | | | | | Fix some minor bugs and memory leaks along the way. svn:r6246
* new config option SocksTimeout: How long do we let a socks connectionRoger Dingledine2006-03-21
| | | | | | | | | | wait unattached before we fail it? Use this value for controller socks timeout, for normal socks timeout, and for hidden-service socks timeout. svn:r6217
* Allow non-printable characters for exit streams (both forRoger Dingledine2006-03-19
| | | | | | | | | connecting and for resolving). Now we tolerate applications that don't follow the RFCs. But continue to block malformed names at the socks side. svn:r6193
* i'm a little teapot, short and stoutRoger Dingledine2006-03-19
| | | | svn:r6192
* simplify when we're picking a default address forRoger Dingledine2006-03-18
| | | | | | | when people ask for "serifos.exit". svn:r6187
* normalize whitespace.Nick Mathewson2006-03-17
| | | | svn:r6173
* resume being printist: if the hostname contains non-printableRoger Dingledine2006-03-15
| | | | | | | | | | | | characters, then fail. this time don't even bother telling the server operator about these cases, because what's he going to do? if it turns out that some significant population somewhere in the world uses non-printable hostnames and wants to use tor, then i hereby assume that they will contact us. svn:r6171
generated by cgit v1.2.3 (git 2.25.4) at 2024-09-22 15:21:51 +0000