| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
| |
UseBridges 1 now means "connect only to bridges; if you know no
bridges, don't make connections." UseBridges auto means "Use bridges
if they are known, and we have no EntryNodes set, and we aren't a
server." UseBridges 0 means "don't use bridges."
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
On win64, sockets are of type UINT_PTR; on win32 they're u_int;
elsewhere they're int. The correct windows way to check a socket for
being set is to compare it with INVALID_SOCKET; elsewhere you see if
it is negative.
On Libevent 2, all callbacks take sockets as evutil_socket_t; we've
been passing them int.
This patch should fix compilation and correctness when built for
64-bit windows. Fixes bug 3270.
|
| | |
| |
| |
| |
| |
| | |
Fixes part of #1297; bugfix on 48e0228f1e031a709c1deb149c7dfd187c3609cf,
when circuit_expire_building was changed to assume that timestamp_dirty
was set when a circuit changed purpose to _C_REND_READY. (It wasn't.)
|
| |\ \
| |/
|/|
| |
| | |
Conflicts:
src/common/Makefile.am
|
| | | |
|
| | | |
|
| | |
| |
| |
| | |
Implements part of feature 3049.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When running a system-wide instance of Tor on Unix-like systems, having
a ControlSocket is a quite handy mechanism to access Tor control
channel. But it would be easier if access to the Unix domain socket can
be granted by making control users members of the group running the Tor
process.
This change introduces a UnixSocketsGroupWritable option, which will
create Unix domain sockets (and thus ControlSocket) 'g+rw'. This allows
ControlSocket to offer same access control measures than
ControlPort+CookieAuthFileGroupReadable.
See <http://bugs.debian.org/552556> for more details.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously, if they changed in torrc during a SIGHUP, all was well,
since we would just clear all transient entries from the addrmap
thanks to bug 1345. But if you changed them from the controller, Tor
would leave old mappings in place.
The VirtualAddrNetwork bug has been here since 0.1.1.19-rc; the
AutomapHosts* bug has been here since 0.2.0.1-alpha.
|
| | | |
|
| | | |
|
| |/
|
|
| |
This is the major part of the implementation for trac issue 3076.
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Clients and relays haven't used them since early 0.2.0.x. The only
remaining use by authorities learning about new relays ahead of scedule;
see proposal 147 for what we intend to do about that.
We're leaving in an option (FetchV2Networkstatus) to manually fetch v2
networkstatuses, because apparently dnsel and maybe bwauth want them.
This fixes bug 3022.
|
| |/
|
|
|
|
| |
Make that explicit by adding an assert and removing a null-check. All of
its callers currently depend on the argument being non-null anyway.
Silences a few clang complaints.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
| |
While doing so, get rid of the now unnecessary function
control_signal_act().
Fixes bug 2917, reported by Robert Ransom. Bugfix on commit
9b4aa8d2abbce71398e58188209a1b1d04885b96. This patch is loosely based on
a patch by Robert (Changelog entry).
|
| |\
| |
| |
| |
| | |
Conflicts:
src/or/or.h
|
| | | |
|
| | |
| |
| |
| |
| | |
Remove some, postpone others, leave some alone. Now the only
remaining XXX022s are ones that seem important to fix or investigate.
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
| |
We've got millisecond timers now, we might as well use them.
This change won't actually make circuits get expiered with microsecond
precision, since we only call the expiry functions once per second.
Still, it should avoid the situation where we have a circuit get
expired too early because of rounding.
A couple of the expiry functions now call tor_gettimeofday: this
should be cheap since we're only doing it once per second. If it gets
to be called more often, though, we should onsider having the current
time be an argument again.
|
| |
|
|
| |
About 860 doxygen-less things remain in 0.2.2
|
| |\ |
|
| | | |
|
| | |
| |
| |
| |
| |
| | |
Rename the _UsingTestingTorNetwork hidden option to
_UsingTestNetworkDefaults (thanks Nick for the suggestion) and added a
changes file.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
In private networks, the defaults for some options are changed. This
means that in options_validate(), where we're testing that the defaults
are what we think they are, we fail. Use a workaround by setting a
hidden configuration option _UsingTestingTorNetwork when we have altered
the configuration this way, so that options_validate() can do the right
thing.
Fixes bug 2250, bugfix on 0.2.1.2-alpha (the version introducing private
network options).
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Right now, Tor routers don't save the maxima values from the
bw_history_t between sessions. That's no good, since we use those
values to determine bandwidth. This code adds a new BWHist.*Maximum
set of values to the state file. If they're not present, we estimate
them by taking the observed total bandwidth and dividing it by the
period length, which provides a lower bound.
This should fix bug 1863. I'm calling it a feature.
|
| |\ \ \
| |_|/
|/| | |
|
| | | | |
|
| | | |
| | |
| | |
| | | |
Suggested by rransom. Probably necessary for testing network mode.
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We detect and reject said attempts if there is no chosen exit node or
circuit: connecting to a private addr via a randomly chosen exit node
will usually fail (if all exits reject private addresses), is always
ill-defined (you're not asking for any particular host or service),
and usually an error (you've configured all requests to go over Tor
when you really wanted to configure all _remote_ requests to go over
Tor).
This can also help detect forwarding loop requests.
Found as part of bug2279.
|
| | |
| |
| |
| | |
Based on discussion in bug 2317, these values seem to be sane.
|
| | |
| |
| |
| |
| | |
This addresses Nick's concern about doing non-constant bounds checking
inside networkstatus_get_param().
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We need to make sure that the worst thing that a weird consensus param
can do to us is to break our Tor (and only if the other Tors are
reliably broken in the same way) so that the majority of directory
authorities can't pull any attacks that are worse than the DoS that
they can trigger by simply shutting down.
One of these worse things was the cbtnummodes parameter, which could
lead to heap corruption on some systems if the value was sufficiently
large.
This commit fixes this particular issue and also introduces sanity
checking for all consensus parameters.
|
| |\
| |
| |
| |
| |
| | |
Conflicts:
src/common/test.h
src/or/test.c
|
| | | |
|
| |\|
| |
| |
| |
| |
| |
| | |
Conflicts:
src/common/memarea.c
src/or/or.h
src/or/rendclient.c
|
| | |
| |
| |
| | |
This will avoid some signed/unsigned assignment-related bugs.
|
| | |
| |
| |
| | |
(Partial backport of 150ed553dfce9, 161b275028e90, and 4c948ffd6.)
|
| | | |
|
| | |
| |
| |
| |
| | |
Breaking this out of the last commit because this might be more
controversial.
|
| | |
| |
| |
| |
| |
| | |
We had a spelling discrepancy between the manpage and the source code
for some option. Resolve these in favor of the manpage, because it
makes more sense (for example, HTTP should be capitalized).
|
| | |
| |
| |
| |
| |
| | |
The code that makes use of the RunTesting option is #if 0, so setting
this option has no effect. Mark the option as obsolete for now, so that
Tor doesn't list it as an available option erroneously.
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | | |
This won't change any behavior, since it will still be rounded back
up to 2seconds, but should reduce the chances of some extra warns.
|
| |\| | |
|