| Commit message (Expand) | Author | Age |
|---|
| * | Create rephist.h | Sebastian Hahn | 2010-07-27 |
| * | Create relay.h | Sebastian Hahn | 2010-07-27 |
| * | Create reasons.h | Sebastian Hahn | 2010-07-27 |
| * | Create networkstatus.h | Sebastian Hahn | 2010-07-27 |
| * | Create main.h | Sebastian Hahn | 2010-07-27 |
| * | Create dirserv.h | Sebastian Hahn | 2010-07-27 |
| * | Create control.h | Sebastian Hahn | 2010-07-27 |
| * | Create connection_or.h | Sebastian Hahn | 2010-07-27 |
| * | Create connection.h | Sebastian Hahn | 2010-07-27 |
| * | Create config.h | Sebastian Hahn | 2010-07-27 |
| * | Create command.h | Sebastian Hahn | 2010-07-27 |
| * | Create circuitbuild.h | Sebastian Hahn | 2010-07-27 |
| * | Create buffers.h | Sebastian Hahn | 2010-07-27 |
| * | Create routerlist.h | Sebastian Hahn | 2010-07-27 |
| * | Create router.h | Sebastian Hahn | 2010-07-27 |
| * | Create geoip.h | Sebastian Hahn | 2010-07-27 |
| * | Let bridge users use the non-primary address of a multi-homed bridge | Roger Dingledine | 2010-06-03 |
| * | Clarify 'marking connection as too old' messages•••Back when we changed the idea of a connection being "too old" for new
circuits into the connection being "bad" for new circuits, we didn't
actually change the info messages. This led to telling the user that
we were labelling connections as "too old" for being worse than
connections that were actually older than them.
Found by Scott on or-talk.
| Nick Mathewson | 2010-05-12 |
| * | let people test the RefuseUnknownExits idea | Roger Dingledine | 2010-03-10 |
| * | Merge remote branch 'origin/maint-0.2.1'•••Conflicts:
src/common/test.h
src/or/test.c
| Nick Mathewson | 2010-02-27 |
| |\ |
|
| | * | Update Tor Project copyright years | Nick Mathewson | 2010-02-27 |
| * | | add config options to override.•••somebody should add man page entries.
| Roger Dingledine | 2009-12-29 |
| * | | add separate per-conn write limiting | Roger Dingledine | 2009-12-29 |
| * | | New consensus params "bwconnrate" and "bwconnburst"•••...to let us
rate-limit client connections as they enter the network. It's
controlled in the consensus so we can turn it on and off for
experiments. It's starting out off. Based on proposal 163.
| Roger Dingledine | 2009-12-23 |
| * | | Remove duplicate words and a duplicate newline. | Karsten Loesing | 2009-12-18 |
| * | | Make changes to latest bridge-stats fixes as suggested by Nick. | Karsten Loesing | 2009-12-17 |
| * | | Merge branch 'safelogging2'•••Conflicts:
ChangeLog
| Nick Mathewson | 2009-12-15 |
| |\ \ |
|
| | * | | Refactor the safe_str_*() API to make more sense.•••The new rule is: safe_str_X() means "this string is a piece of X
information; make it safe to log." safe_str() on its own means
"this string is a piece of who-knows-what; make it safe to log".
| Nick Mathewson | 2009-12-15 |
| | * | | Allow SafeLogging to exclude client related information | Sebastian Hahn | 2009-12-12 |
| * | | | Now that FOO_free(NULL) always works, remove checks before calling it. | Nick Mathewson | 2009-12-12 |
| * | | | *_free functions now accept NULL•••Some *_free functions threw asserts when passed NULL. Now all of them
accept NULL as input and perform no action when called that way.
This gains us consistence for our free functions, and allows some
code simplifications where an explicit null check is no longer necessary.
| Sebastian Hahn | 2009-12-12 |
| |/ / |
|
| * | | Merge commit 'origin/maint-0.2.1'•••Conflicts:
src/common/tortls.c
| Nick Mathewson | 2009-11-06 |
| |\| |
|
| | * | Make Tor work with OpenSSL 0.9.8l•••To fix a major security problem related to incorrect use of
SSL/TLS renegotiation, OpenSSL has turned off renegotiation by
default. We are not affected by this security problem, however,
since we do renegotiation right. (Specifically, we never treat a
renegotiated credential as authenticating previous communication.)
Nevertheless, OpenSSL's new behavior requires us to explicitly
turn renegotiation back on in order to get our protocol working
again.
Amusingly, this is not so simple as "set the flag when you create
the SSL object" , since calling connect or accept seems to clear
the flags.
For belt-and-suspenders purposes, we clear the flag once the Tor
handshake is done. There's no way to exploit a second handshake
either, but we might as well not allow it.
| Nick Mathewson | 2009-11-05 |
| | * | Update copyright to 2009. | Karsten Loesing | 2009-05-04 |
| * | | Debugging logs for TLS handshake•••The big change is to add a function to display the current SSL handshake
state, and to log it everywhere reasonable. (A failure in
SSL23_ST_CR_SRVR_HELLO_A is different from one in
SSL3_ST_CR_SESSION_TICKET_A.)
This patch also adds a new log domain for OR handshaking, so you can pull out
all the handshake log messages without having to run at debug for everything.
For example, you'd just say "log notice-err [handshake]debug-err file
tor.log".
| Nick Mathewson | 2009-09-24 |
| * | | Recover from changing network connections.•••Also add code to keep creating circuits every minute until we
hit our minimum threshhold.
| Mike Perry | 2009-09-16 |
| * | | Change proxy-address type to tor_addr_t to allow ipv6 proxies. | Nick Mathewson | 2009-06-19 |
| * | | Enable Tor to connect through SOCKS 4/5 proxies•••Added a sanity check in config.c and a check in directory.c
directory_initiate_command_rend() to catch any direct connection attempts
when a socks proxy is configured.
| Christopher Davis | 2009-06-19 |
| * | | Isolate Libevent API dependency to just main.c and dns.c in src/or.•••The rest of the code was only including event.h so that it could see
EV_READ and EV_WRITE, which we were using as part of the
connection_watch_events interface for no very good reason.
| Nick Mathewson | 2009-06-12 |
| * | | Update copyright to 2009. | Karsten Loesing | 2009-05-02 |
| |/ |
|
| * | If we're using bridges and our network goes away, be more willing•••to forgive our bridges and try again when we get an application
request. Bugfix on 0.2.0.x.
svn:r18396
| Roger Dingledine | 2009-02-04 |
| * | Don't obsolete a very-new connection for having no circuits yet.•••This fixes the last known case of bug 891, which could happen if two
hosts, A and B, disagree about how long a circuit has been open,
because of clock drift of some kind. Host A would then mark the
connection as is_bad_for_new_circs when it got too old and open a new
connection. In between when B receives a NETINFO cell on the new
conn, and when B receives a conn cell on the new circuit, the new
circuit will seem worse to B than the old one, and so B will mark it
as is_bad_for_new_circs in the second or third loop of
connection_or_group_set_badness().
Bugfix on 0.1.1.13-alpha. Bug found by rovv.
Not a backport candidate: the bug is too obscure and the fix too tricky.
svn:r18303
| Nick Mathewson | 2009-01-28 |
| * | Remove svn $Id$s from our source, and remove tor --version --version.•••The subversion $Id$ fields made every commit force a rebuild of
whatever file got committed. They were not actually useful for
telling the version of Tor files in the wild.
svn:r17867
| Nick Mathewson | 2009-01-04 |
| * | Explain why the XXXX021 in connection_or.c was there, and explain why it does...•••svn:r17819
| Nick Mathewson | 2008-12-29 |
| * | Checkpoint my big bug-891 patch.•••svn:r17757
| Nick Mathewson | 2008-12-24 |
| * | More approx_time() calls. Noted by forest.•••svn:r17702
| Nick Mathewson | 2008-12-19 |
| * | Downlgrade tweak, and answer lots of XXX021s. No actual code fixes in this p...•••svn:r17686
| Nick Mathewson | 2008-12-18 |
| * | Rename or_is_obsolete and move it to or_connection_t where it belongs.•••svn:r17642
| Nick Mathewson | 2008-12-17 |
| * | Apply rovv's bug 805 fix: take more care never to prefer a non-canonical conn...•••svn:r17627
| Nick Mathewson | 2008-12-15 |
| * | Apparently sparc64 is way more strict about uint16_t access alignment than I ...•••svn:r17262
| Nick Mathewson | 2008-11-12 |