| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
The big change is to add a function to display the current SSL handshake
state, and to log it everywhere reasonable. (A failure in
SSL23_ST_CR_SRVR_HELLO_A is different from one in
SSL3_ST_CR_SESSION_TICKET_A.)
This patch also adds a new log domain for OR handshaking, so you can pull out
all the handshake log messages without having to run at debug for everything.
For example, you'd just say "log notice-err [handshake]debug-err file
tor.log".
|
| |
|
|
|
| |
Also add code to keep creating circuits every minute until we
hit our minimum threshhold.
|
| | |
|
| |
|
|
|
|
| |
Added a sanity check in config.c and a check in directory.c
directory_initiate_command_rend() to catch any direct connection attempts
when a socks proxy is configured.
|
| |
|
|
|
|
| |
The rest of the code was only including event.h so that it could see
EV_READ and EV_WRITE, which we were using as part of the
connection_watch_events interface for no very good reason.
|
| | |
|
| |
|
|
|
|
|
|
| |
to forgive our bridges and try again when we get an application
request. Bugfix on 0.2.0.x.
svn:r18396
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes the last known case of bug 891, which could happen if two
hosts, A and B, disagree about how long a circuit has been open,
because of clock drift of some kind. Host A would then mark the
connection as is_bad_for_new_circs when it got too old and open a new
connection. In between when B receives a NETINFO cell on the new
conn, and when B receives a conn cell on the new circuit, the new
circuit will seem worse to B than the old one, and so B will mark it
as is_bad_for_new_circs in the second or third loop of
connection_or_group_set_badness().
Bugfix on 0.1.1.13-alpha. Bug found by rovv.
Not a backport candidate: the bug is too obscure and the fix too tricky.
svn:r18303
|
| |
|
|
|
|
|
|
| |
The subversion $Id$ fields made every commit force a rebuild of
whatever file got committed. They were not actually useful for
telling the version of Tor files in the wild.
svn:r17867
|
| |
|
|
|
|
| |
doesn' actually need to get fixed in 0.2.1, I think.
svn:r17819
|
| |
|
|
| |
svn:r17757
|
| |
|
|
| |
svn:r17702
|
| |
|
|
|
|
| |
patch.
svn:r17686
|
| |
|
|
| |
svn:r17642
|
| |
|
|
|
|
| |
connection.
svn:r17627
|
| |
|
|
|
|
| |
had thought: it gave bus errors when messing with var-cell headers. Maybe this patch will fix bug 862.
svn:r17262
|
| |
|
|
|
|
|
| |
fails to establish a TCP connection. Cleanup on 0.2.1.x.
svn:r16803
|
| |
|
|
| |
svn:r16785
|
| |
|
|
|
|
|
| |
Add a missing safe_str for a debug_log_message. Fix the bad part of bug 674.
svn:r16462
|
| |
|
|
|
|
|
| |
Initial conversion of uint32_t addr to tor_addr_t addr in connection_t and related types. Most of the Tor wire formats using these new types are in, but the code to generate and use it is not. This is a big patch. Let me know what it breaks for you.
svn:r16435
|
| |
|
|
|
|
|
| |
Make generic address manipulation functions work better. Switch address policy code to use tor_addr_t, so it can handle IPv6. That is a good place to start.
svn:r16178
|
| |
|
|
|
|
|
| |
Make circid_t and streamid_t get used instead of uint16_t; it is possible we will soon want to make circid_t change to uint32_t.
svn:r16155
|
| |
|
|
|
|
|
|
| |
problems just because they do a lot of reachability testing and
some of the connection attempts fail.
svn:r15348
|
| |
|
|
|
|
|
| |
reaching relays.
svn:r15116
|
| |
|
|
| |
svn:r15111
|
| |
|
|
|
|
|
|
| |
we never bothered learning why OR conns fail, so next step is to add some
infrastructure for that.
svn:r15091
|
| |
|
|
|
|
|
|
| |
tell the controller how we're doing at bootstrapping, and it can
tell the user.
svn:r15008
|
| |
|
|
|
|
| |
--enable-geoip-stats passed to configure.
svn:r14802
|
| |
|
|
|
|
|
|
| |
older ones might be better, close any circuits pending on that
new entry guard connection. Bugfix on 0.1.2.8-beta; found by lodger.
svn:r14417
|
| |
|
|
|
|
|
| |
Do a slightly better fix for r14329: don't call time() quite so much. Also note the time(NULL) hack we wanted to do in the TODO.
svn:r14334
|
| |
|
|
|
|
|
| |
More 64-to-32 fixes. Partial backport candidate. still not done.
svn:r13680
|
| |
|
|
|
|
|
| |
When SafeLogging is off, have TLS errors and messages logged with their associated addresses.
svn:r13591
|
| |
|
|
|
|
|
| |
Fix all but 2 DOCDOC items; defer many XXX020s (particularly those where fixing them would fix no bugs at the risk of introducing some bugs).
svn:r13529
|
| |
|
|
|
|
|
| |
Add roger's responses from IRC to some XXX020 items.
svn:r13487
|
| |
|
|
|
|
|
| |
Re-tune mempool parametes based on testing on peacetime: use smaller chuncks, free them a little more aggressively, and try very hard to concentrate allocations on fuller chunks. Also, lots of new documentation.
svn:r13484
|
| |
|
|
|
|
|
| |
add some documentation
svn:r13462
|
| |
|
|
|
|
|
| |
Merge connection_or_act_on_netinfo into command.c; remove some fields from or_handshake_state().
svn:r13458
|
| |
|
|
| |
svn:r13440
|
| |
|
|
|
|
|
| |
More protocol negotiation work. Make the negotiation actually complete and set the state to open. Fix a crash bug that occured when we forcibly stopped the connection from writing.
svn:r13434
|
| |
|
|
|
|
|
| |
Add a bunch more code documentation; change the interface of fetch_var_cell_from_buf() so it takes the current link protocol into account and can't get confused by weird command bytes on v1 connections.
svn:r13430
|
| |
|
|
| |
svn:r13412
|
| |
|
|
|
|
|
| |
The SSL portion of the revised handshake now seems to work: I just finally got a client and a server to negotiate versions. Now to make sure certificate verification is really happening, connections are getting opened, etc.
svn:r13409
|
| |
|
|
|
|
|
| |
Fix/downgrade some more XXX020s.
svn:r13397
|
| |
|
|
|
|
|
| |
Remove a dead function.
svn:r13389
|
| |
|
|
|
|
|
| |
Correctly insert connections into the identity->connection map when we connect to a bridge without having specified its key. Fixes bug 574.
svn:r13341
|
| |
|
|
| |
svn:r13190
|
| |
|
|
|
|
|
| |
Basic hacks to get TLS handshakes working: remove dead code; fix post-handshake logic; keep servers from writing while the client is supposed to be renegotiating. This may work. Needs testing.
svn:r13122
|
| |
|
|
|
|
|
| |
Add a reverse mapping from SSL to tor_tls_t*: we need this in order to do a couple of things the sensible way from inside callbacks. Also, add a couple of missing cases in connection_or.c
svn:r13040
|
| |
|
|
|
|
|
| |
self-reachability and authority-reachability tests.
svn:r12960
|
| |
|
|
|
|
|
| |
First wodge of geoip code so bridges can figure out which countries are blocking them.
svn:r12845
|