| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
| |
around this. Should make stuff more bulletproof.
svn:r1788
|
| |
|
|
| |
svn:r1756
|
| |
|
|
|
|
|
| |
remove obsolete BUF_OK macro
svn:r1697
|
| |
|
|
|
|
| |
than connections. Also add more log messages
svn:r1693
|
| |
|
|
| |
svn:r1685
|
| |
|
|
| |
svn:r1684
|
| |
|
|
| |
svn:r1683
|
| |
|
|
| |
svn:r1571
|
| |
|
|
| |
svn:r1521
|
| |
|
|
| |
svn:r1359
|
| |
|
|
|
|
|
|
| |
when connecting to a dirserver or OR and the network is down,
we would crash.
svn:r1340
|
| |
|
|
| |
svn:r1328
|
| |
|
|
|
|
| |
circuits, even when SocksPort is off.
svn:r1327
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
successful/failed connections, successful/failed extends, and
connection uptimes.
It's still not done: more tests are needed, and not everything calls
connection/circuit_mark_for_close properly. This skews the results.
Also, there needs to be a 'testing' mode for non-OP ORs, where they
periodically build circuits just to test whether extends work.
svn:r1313
|
| |
|
|
|
|
|
| |
but give the dirserver operator more information
svn:r1246
|
| |
|
|
|
|
|
| |
it's simply not true
svn:r1236
|
| |
|
|
|
|
|
| |
and also note/fix a variety of other stream-based bugs
svn:r1210
|
| |
|
|
|
|
| |
only a close path; add some missing end cells; change return conventions a little.
svn:r1149
|
| |
|
|
|
|
|
|
| |
still need to make a decision about per-connection rate limiting
(take it out? update it?)
svn:r984
|
| |
|
|
|
|
|
|
| |
include the infrastructure for inserting padding cells when there's
a relay-recognized conflict, but it does not work currently.
svn:r958
|
| |
|
|
| |
svn:r951
|
| |
|
|
|
|
|
|
|
| |
move length to 2 bytes, put it in the relay header
remove 4 reserved bytes in cell
add 4 bytes to relay header for the integrity check
svn:r942
|
| |
|
|
| |
svn:r857
|
| |
|
|
| |
svn:r844
|
| |
|
|
|
|
|
| |
time for bed
svn:r840
|
| |
|
|
|
|
|
| |
fix leaked pk in connection_tls_finish_handshake
svn:r839
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
bugfix: keep going when a circ fails in circuit_n_conn_open
(make circuit_enumerate_by_naddr_nport obsolete)
bugfix: make circuit_n_conn_open only look at circ's that start at us
bugfix: only try circuit_n_conn_open if we're an OP. Otherwise we
expect connections to always already be up.
bugfix: when choosing path length, pay attention to whether the directory
says a router is down.
bugfix: when picking good exit, skip routers which are known to be down
(more work needs to be done on this one)
svn:r838
|
| |
|
|
| |
svn:r834
|
| |
|
|
| |
svn:r800
|
| |
|
|
| |
svn:r784
|
| |
|
|
|
|
|
|
| |
rename APPort to SocksPort
introduce new tor_free() macro
svn:r642
|
| |
|
|
| |
svn:r628
|
| |
|
|
| |
svn:r595
|
| |
|
|
|
|
|
| |
and fix a few typos
svn:r571
|
| |
|
|
| |
svn:r569
|
| |
|
|
| |
svn:r564
|
| |
|
|
| |
svn:r560
|
| |
|
|
|
|
|
| |
plus make exit policy comparisons not always reject
svn:r559
|
| |
|
|
| |
svn:r538
|
| |
|
|
| |
svn:r537
|
| |
|
|
|
|
|
| |
ACIs are decided now by strcmp'ing nicknames, rather than comparing addr:port
svn:r529
|
| |
|
|
| |
svn:r518
|
| |
|
|
| |
svn:r510
|
| |
|
|
| |
svn:r503
|
| |
|
|
| |
svn:r502
|
| |
|
|
| |
svn:r497
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ERR is if something fatal just happened
WARNING is something bad happened, but we're still running. The bad thing
is either a bug in the code, an attack or buggy protocol/implementation
of the remote peer, etc. The operator should examine the bad thing and
try to correct it.
(No error or warning messages should be expected. I expect most people
to run on -l warning eventually.)
NOTICE is never ever used.
INFO means something happened (maybe bad, maybe ok), but there's nothing
you need to (or can) do about it.
DEBUG is for everything louder than INFO.
svn:r486
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
redo all the config files for the new format (we'll redo them again soon)
fix (another! yuck) segfault in log_fn when input is too large
tor_tls_context_new() returns -1 for error, not NULL
fix segfault in check_conn_marked() on conn's that die during tls handshake
make ORs also initialize conn from router when we're the receiving node
make non-dirserver ORs upload descriptor to every dirserver on startup
add our local address to the descriptor
add Content-Length field to POST command
revert the Content-Length search in fetch_from_buf_http() to previous code
fix segfault in memmove in fetch_from_buf_http()
raise maximum allowed headers/body size in directory.c
svn:r484
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
'buf_t' is now an opaque type defined in buffers.c .
Router descriptors now include all keys; routers generate keys as
needed on startup (in a newly defined "data directory"), and generate
their own descriptors. Descriptors are now self-signed.
Implementation is not complete: descriptors are never published; and
upon receiving a descriptor, the directory doesn't do anything with
it.
At least "routers.or" and orkeygen are now obsolete, BTW.
svn:r483
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixed up the assert_*_ok funcs some (more work remains)
Changed config so it reads either /etc/torrc or the -f arg, never both
Finally tracked down a nasty bug with our use of tls:
It turns out that if you ask SSL_read() for no more than n bytes, it
will read the entire record from the network (and maybe part of the next
record, I'm not sure), give you n bytes of it, and keep the remaining
bytes internally. This is fine, except our poll-for-read looks at the
network, and there are no bytes pending on the network, so we never know
to ask SSL_read() for more bytes. Currently I've hacked it so if we ask
for n bytes and it returns n bytes, then it reads again right then. This
will interact poorly with our rate limiting; we need a cleaner solution.
svn:r481
|