| Commit message (Expand) | Author | Age |
|---|
| * | Remove compare_addr_to_node_policy•••Instead, use compare_tor_addr_to_node_policy everywhere.
One advantage of this is that compare_tor_addr_to_node_policy can
better distinguish 0.0.0.0 from "unknown", which caused a nasty bug
with microdesc users.
| Nick Mathewson | 2011-07-15 |
| * | Treat null address as "unknown", not "rejected" in md policy•••Previously, we had an issue where we'd treat an unknown address as
0, which turned into "0.0.0.0", which looked like a rejected
address. This meant in practice that as soon as we started doing
comparisons of unknown uint32 addresses to short policies, we'd get
'rejected' right away. Because of the circumstances under which
this would be called, it would only happen when we had local DNS
cached entries and we were looking to launch new circuits.
| Nick Mathewson | 2011-07-15 |
| * | Remove compare_addr_to_addr_policy•••Nothing used it but the unit tests; everything else knows to use
compare_tor_addr_to_addr_policy instead.
| Nick Mathewson | 2011-07-15 |
| * | Remove a redundant condition in compare_addr_to_node_policy•••A && A == A.
Found by frosty_un
| Nick Mathewson | 2011-07-08 |
| * | Don't shadow parameters with local variables•••This is a little error-prone when the local has a different type
from the parameter, and is very error-prone with both have the same
type. Let's not do this.
Fixes CID #437,438,439,440,441.
| Nick Mathewson | 2011-07-01 |
| * | Make the get_options() return const•••This lets us make a lot of other stuff const, allows the compiler to
generate (slightly) better code, and will make me get slightly fewer
patches from folks who stick mutable stuff into or_options_t.
const: because not every input is an output!
| Nick Mathewson | 2011-06-14 |
| * | Merge remote-tracking branch 'origin/maint-0.2.2' | Nick Mathewson | 2011-06-14 |
| |\ |
|
| | * | Don't use signed 1-bit bitfields•••This was harmless, we never compared it to anything but itself or 0.
But Coverity complained, and it had a point.
| Sebastian Hahn | 2011-06-08 |
| * | | Merge remote branch 'origin/maint-0.2.2' | Nick Mathewson | 2011-03-06 |
| |\| |
|
| | * | Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2•••Conflicts:
src/or/policies.c
| Nick Mathewson | 2011-03-06 |
| | |\ |
|
| | | * | exit_policy_is_general_exit is IPv4 only; it should admit it. | Nick Mathewson | 2011-03-06 |
| * | | | Merge remote branch 'origin/maint-0.2.2'•••Conflicts:
src/or/policies.c
src/or/policies.h
| Nick Mathewson | 2011-02-22 |
| |\| | |
|
| | * | | Don't let bad DNS make exit policy and declared exit policy get out of sync•••Patch from "postman" on trac. Fixes bg 2366. Bug on 0.1.2.5-alpha.
| Nick Mathewson | 2011-02-22 |
| * | | | Merge remote branch 'origin/maint-0.2.2' | Nick Mathewson | 2011-01-20 |
| |\| | |
|
| | * | | Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 | Nick Mathewson | 2011-01-20 |
| | |\| |
|
| | | * | Fix bounds-checking in policy_summarize•••Found by piebeer.
| Robert Ransom | 2011-01-20 |
| * | | | Use autoconf's FLEXIBLE_ARRAY_MEMBER for unspecified-length arrays•••C99 allows a syntax for structures whose last element is of
unspecified length:
struct s {
int elt1;
...
char last_element[];
};
Recent (last-5-years) autoconf versions provide an
AC_C_FLEXIBLE_ARRAY_MEMBER test that defines FLEXIBLE_ARRAY_MEMBER
to either no tokens (if you have c99 flexible array support) or to 1
(if you don't). At that point you just use offsetof
[STRUCT_OFFSET() for us] to see where last_element begins, and
allocate your structures like:
struct s {
int elt1;
...
char last_element[FLEXIBLE_ARRAY_MEMBER];
};
tor_malloc(STRUCT_OFFSET(struct s, last_element) +
n_elements*sizeof(char));
The advantages are:
1) It's easier to see which structures and elements are of
unspecified length.
2) The compiler and related checking tools can also see which
structures and elements are of unspecified length, in case they
wants to try weird bounds-checking tricks or something.
3) The compiler can warn us if we do something dumb, like try
to stack-allocate a flexible-length structure.
| Nick Mathewson | 2011-01-06 |
| * | | | Merge remote branch 'origin/maint-0.2.2' | Nick Mathewson | 2011-01-03 |
| |\| | |
|
| | * | | Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2•••Conflicts:
src/common/test.h
src/or/test.c
| Nick Mathewson | 2011-01-03 |
| | |\| |
|
| | | * | Bump copyright statements to 2011 | Nick Mathewson | 2011-01-03 |
| * | | | Remove "is this too slow?" XXXX comments for code not appearing in profiles | Nick Mathewson | 2010-10-15 |
| * | | | Make check-spaces happy | Sebastian Hahn | 2010-10-14 |
| * | | | Implement node_set_exit_policy_to_reject_all with a flag•••Also remove some debugging code.
| Nick Mathewson | 2010-10-13 |
| * | | | Add some missing documentation for things added in nodes branch | Nick Mathewson | 2010-10-07 |
| * | | | Implement policies for nodes (and for microdescriptors too) | Nick Mathewson | 2010-10-01 |
| * | | | Initial conversion to use node_t throughout our codebase.•••A node_t is an abstraction over routerstatus_t, routerinfo_t, and
microdesc_t. It should try to present a consistent interface to all
of them. There should be a node_t for a server whenever there is
* A routerinfo_t for it in the routerlist
* A routerstatus_t in the current_consensus.
(note that a microdesc_t alone isn't enough to make a node_t exist,
since microdescriptors aren't usable on their own.)
There are three ways to get a node_t right now: looking it up by ID,
looking it up by nickname, and iterating over the whole list of
microdescriptors.
All (or nearly all) functions that are supposed to return "a router"
-- especially those used in building connections and circuits --
should return a node_t, not a routerinfo_t or a routerstatus_t.
A node_t should hold all the *mutable* flags about a node. This
patch moves the is_foo flags from routerinfo_t into node_t. The
flags in routerstatus_t remain, but they get set from the consensus
and should not change.
Some other highlights of this patch are:
* Looking up routerinfo and routerstatus by nickname is now
unified and based on the "look up a node by nickname" function.
This tries to look only at the values from current consensus,
and not get confused by the routerinfo_t->is_named flag, which
could get set for other weird reasons. This changes the
behavior of how authorities (when acting as clients) deal with
nodes that have been listed by nickname.
* I tried not to artificially increase the size of the diff here
by moving functions around. As a result, some functions that
now operate on nodes are now in the wrong file -- they should
get moved to nodelist.c once this refactoring settles down.
This moving should happen as part of a patch that moves
functions AND NOTHING ELSE.
* Some old code is now left around inside #if 0/1 blocks, and
should get removed once I've verified that I don't want it
sitting around to see how we used to do things.
There are still some unimplemented functions: these are flagged
with "UNIMPLEMENTED_NODELIST()." I'll work on filling in the
implementation here, piece by piece.
I wish this patch could have been smaller, but there did not seem to
be any piece of it that was independent from the rest. Moving flags
forces many functions that once returned routerinfo_t * to return
node_t *, which forces their friends to change, and so on.
| Nick Mathewson | 2010-10-01 |
| * | | | Try to make most routerinfo_t interfaces const | Nick Mathewson | 2010-10-01 |
| |/ / |
|
| * | | Fix misplaced labels | Sebastian Hahn | 2010-08-16 |
| * | | Create routerparse.h | Sebastian Hahn | 2010-07-27 |
| * | | Create policies.h | Sebastian Hahn | 2010-07-27 |
| * | | Create dirserv.h | Sebastian Hahn | 2010-07-27 |
| * | | Create config.h | Sebastian Hahn | 2010-07-27 |
| * | | Make the controller act more usefully when GETINFO fails•••Right now it says "552 internal error" because there's no way for
getinfo_helper_*() countries to specify an error message. This
patch changes the getinfo_helper_*() interface, and makes most of the
getinfo helpers give useful error messages in response to failures.
This should prevent recurrences of bug 1699, where a missing GeoIPFile
line in the torrc made GETINFO ip-to-county/* fail in a "not obvious
how to fix" way.
| Nick Mathewson | 2010-07-18 |
| * | | Merge remote branch 'origin/maint-0.2.1'•••Conflicts:
src/common/test.h
src/or/test.c
| Nick Mathewson | 2010-02-27 |
| |\| |
|
| | * | Update Tor Project copyright years | Nick Mathewson | 2010-02-27 |
| * | | Speed up the execution of exit_policy_is_general_exit_helper()•••It isn't necessary to walk through all possible subnets when the policy
we're looking at doesn't touch that subnet.
| Sebastian Hahn | 2010-02-09 |
| * | | 0/8 doesn't count as a /8 subnet towards an Exit flag | Sebastian Hahn | 2010-02-08 |
| * | | Trivial doc fix for exit_policy_is_general_exit_helper•••The original comment said what it did if there was at least one /8 that
allowed access to the port, but not what it did otherwise.
| Nick Mathewson | 2010-02-03 |
| * | | Don't assign Exit flag incorrectly•••exit_policy_is_general_exit() assumed that there are no redundancies
in the passed policy, in the sense that we actively combine entries
in the policy to really get rid of any redundancy. Since we cannot
do that without massively rewriting the policy lines the relay
operators set, fix exit_policy_is_general_exit().
Fixes bug 1238, discovered by Martin Kowalczyk.
| Sebastian Hahn | 2010-02-03 |
| * | | remove redundant validate_addr_policies() checks | Roger Dingledine | 2010-01-15 |
| * | | *_free functions now accept NULL•••Some *_free functions threw asserts when passed NULL. Now all of them
accept NULL as input and perform no action when called that way.
This gains us consistence for our free functions, and allows some
code simplifications where an explicit null check is no longer necessary.
| Sebastian Hahn | 2009-12-12 |
| * | | Fix bug 1113.•••Bridges do not use the default exit policy, but reject *:* by default.
| Karsten Loesing | 2009-10-27 |
| |/ |
|
| * | Avoid a memory corruption problem related to "private" in DirPolicy.•••This is a posible fix for bug 996.
| Nick Mathewson | 2009-06-05 |
| * | Spell-check Tor. | Nick Mathewson | 2009-05-27 |
| * | Update copyright to 2009. | Karsten Loesing | 2009-05-04 |
| * | Log cached-at-exit exit policies to try to fix bug 672.•••svn:r18827
| Nick Mathewson | 2009-03-09 |
| * | Remove svn $Id$s from our source, and remove tor --version --version.•••The subversion $Id$ fields made every commit force a rebuild of
whatever file got committed. They were not actually useful for
telling the version of Tor files in the wild.
svn:r17867
| Nick Mathewson | 2009-01-04 |
| * | Switch address comparisons in policies to be exact rather than semantic. Unt...•••svn:r17803
| Nick Mathewson | 2008-12-29 |
| * | Refactor some exit-policy-related functions that showed up in oprofile.•••Specifically, split compare_tor_addr_to_addr_policy() from a loop with a bunch
of complicated ifs inside into some ifs, each with a simple loop. Rearrange
router_find_exact_exit_enclave() to run a little faster. Bizarrely,
router_policy_rejects_all() shows up on oprofile, so precalculate it per
routerinfo.
svn:r17802
| Nick Mathewson | 2008-12-29 |
| * | Fix most DOCDOCs remaining and/or added by redox.•••svn:r17734
| Nick Mathewson | 2008-12-22 |