| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
| |
svn:r951
|
| |
|
|
|
|
|
|
| |
initialize digests from shared secrets at handshake
make circuit_send_next_onion_skin use connection_edge_send_command
svn:r948
|
| |
|
|
|
|
|
|
|
| |
move length to 2 bytes, put it in the relay header
remove 4 reserved bytes in cell
add 4 bytes to relay header for the integrity check
svn:r942
|
| |
|
|
|
|
|
|
|
|
| |
verify it at the client end
abstract the onionskin handshake lengths
breaks backward compatibility (again)
svn:r941
|
| |
|
|
| |
svn:r928
|
| |
|
|
| |
svn:r924
|
| |
|
|
| |
svn:r915
|
| |
|
|
|
|
|
|
| |
if your best choices happen to include any of your preferred exit nodes,
you choose among just those preferred exit nodes.
svn:r911
|
| |
|
|
|
|
|
|
|
| |
* now we know for sure if an acceptable node is available; we
don't have to keep guessing and checking
* we try options.EntryNodes first for picking the first node
svn:r904
|
| |
|
|
| |
svn:r898
|
| |
|
|
|
|
|
| |
no need to have new circs handle it too.
svn:r896
|
| |
|
|
|
|
|
| |
we accept that.
svn:r892
|
| |
|
|
| |
svn:r889
|
| |
|
|
|
|
|
| |
and routerlist.c for handling routerlist.
svn:r887
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
directory is the string that dirserv.c and directory.c deal with
routerlist is routerinfo's that are bundled together in routers.c
rename some of the get_routerlist functions to set_routerlist
preparing to break into router.c for stuff the router does,
and routerlist.c for handling routerlist.
svn:r886
|
| |
|
|
| |
svn:r880
|
| |
|
|
| |
svn:r879
|
| |
|
|
|
|
|
|
|
|
|
| |
never work.
fix vicious bug in choose_good_exit_server that caused it to *skip over*
pending circuits, and look only at *non-pending circuits*, when choosing
a good exit node for the new circuit.
bugfix: remove incorrect asserts in circuit_get_newest()
svn:r876
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
then use the wrong one.
bugfix in connection_ap_can_use_exit: it was using the wrong port
bugfix: the OP now handles a port of '*' correctly when the IP is not
yet known and it's trying to guess whether a router's exit policy
might accept it.
we now don't ever pick exit routers which will reject *:*
attach_circuit now fails a new stream outright if it will never work.
when you get an 'end' cell that resolves an IP, now it will fail the circuit outright if no safe exit nodes exist for that IP.
don't try building a new circuit after an 'end' if a suitable one is
already on the way.
svn:r874
|
| |
|
|
| |
svn:r857
|
| |
|
|
| |
svn:r845
|
| |
|
|
| |
svn:r843
|
| |
|
|
| |
svn:r842
|
| |
|
|
|
|
|
| |
and it didn't notice
svn:r841
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
bugfix: keep going when a circ fails in circuit_n_conn_open
(make circuit_enumerate_by_naddr_nport obsolete)
bugfix: make circuit_n_conn_open only look at circ's that start at us
bugfix: only try circuit_n_conn_open if we're an OP. Otherwise we
expect connections to always already be up.
bugfix: when choosing path length, pay attention to whether the directory
says a router is down.
bugfix: when picking good exit, skip routers which are known to be down
(more work needs to be done on this one)
svn:r838
|
| |
|
|
| |
svn:r837
|
| |
|
|
|
|
|
|
| |
single slip-up."
-- General "Buck" Turgidson, _Doctor Strangelove_
svn:r828
|
| |
|
|
| |
svn:r822
|
| |
|
|
| |
svn:r820
|
| |
|
|
| |
svn:r818
|
| |
|
|
| |
svn:r814
|
| |
|
|
|
|
| |
automatically starting circuit builds.
svn:r813
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Exit policies now support bitmasks (18.0.0.0/255.0.0.0) and bitcounts
18.0.0.0/8. Policies are parsed on startup, not when comparing to them.
- desired_path_len is now part of an opaque cpath_build_state_t structure.
- END_REASON_EXITPOLICY cells no longer include a port.
- RELAY_COMMAND_CONNECTED cells now include the IP address we've connected
to.
- connection_edge now has a client_dns cache to remember resolved addresses.
It gets populated by RELAY_COMMAND_CONNECTED cells and END_REASON_EXITPOLICY
cells. It gets used by connection_ap_handshake_send_begin. We don't
compare it to exit policies yet.
svn:r812
|
| |
|
|
| |
svn:r810
|
| |
|
|
| |
svn:r805
|
| |
|
|
| |
svn:r797
|
| |
|
|
| |
svn:r794
|
| |
|
|
| |
svn:r793
|
| |
|
|
|
|
|
|
|
|
|
| |
is a the first step in computing hops one step at a time. Next, we move
the responsibility for calling onion_extend_cpath into circuit.c
(Later, we may want to special-case onion_extend_cpath to treat entry
and exit routers differently.)
svn:r792
|
| |
|
|
| |
svn:r784
|
| |
|
|
|
|
|
|
| |
rename APPort to SocksPort
introduce new tor_free() macro
svn:r642
|
| |
|
|
|
|
|
| |
and fix a few typos
svn:r571
|
| |
|
|
| |
svn:r569
|
| |
|
|
| |
svn:r560
|
| |
|
|
| |
svn:r551
|
| |
|
|
| |
svn:r537
|
| |
|
|
|
|
|
| |
ACIs are decided now by strcmp'ing nicknames, rather than comparing addr:port
svn:r529
|
| |
|
|
|
|
|
|
| |
we now add our own descriptor to the descriptor list
and we rebuild the directory (and dump to disk) after receiving a POST
svn:r509
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ERR is if something fatal just happened
WARNING is something bad happened, but we're still running. The bad thing
is either a bug in the code, an attack or buggy protocol/implementation
of the remote peer, etc. The operator should examine the bad thing and
try to correct it.
(No error or warning messages should be expected. I expect most people
to run on -l warning eventually.)
NOTICE is never ever used.
INFO means something happened (maybe bad, maybe ok), but there's nothing
you need to (or can) do about it.
DEBUG is for everything louder than INFO.
svn:r486
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
'buf_t' is now an opaque type defined in buffers.c .
Router descriptors now include all keys; routers generate keys as
needed on startup (in a newly defined "data directory"), and generate
their own descriptors. Descriptors are now self-signed.
Implementation is not complete: descriptors are never published; and
upon receiving a descriptor, the directory doesn't do anything with
it.
At least "routers.or" and orkeygen are now obsolete, BTW.
svn:r483
|