| Commit message (Expand) | Author | Age |
|---|
| * | Downgrade 'Got a certificate, but we already have it' log message from warnin... | Andrea Shepard | 2012-06-28 |
| * | Triage the XXX023 and XXX022 comments: postpone many. | Nick Mathewson | 2012-06-15 |
| * | changes file and whitespace fix for bug5235 patch | Nick Mathewson | 2012-06-08 |
| * | Rate-limit 'Weighted bandwidth is 0.000000 ...' message; it can be produced i... | Andrea Shepard | 2012-06-08 |
| * | Fix "make check-spaces" issues | Nick Mathewson | 2012-06-05 |
| * | Update copyright dates to 2012; add a few missing copyright statements | Nick Mathewson | 2012-06-04 |
| * | Add about 60 more DOCDOC comments to 0.2.3•••Also, try to resolve some doxygen issues. First, define a magic
"This is doxygen!" macro so that we take the correct branch in
various #if/#else/#endifs in order to get the right documentation.
Second, add in a few grouping @{ and @} entries in order to get some
variables and fields to get grouped together.
| Nick Mathewson | 2012-06-04 |
| * | Resolve some markup complaints from doxygen | Nick Mathewson | 2012-06-04 |
| * | Resolve all currently pending DOCDOC items in master | Nick Mathewson | 2012-06-04 |
| * | Merge remote-tracking branch 'public/bug3196' | Nick Mathewson | 2012-05-31 |
| |\ |
|
| | * | Raise thresholds for declaring bootstrapping complete.•••This patch changes the total serverdesc threshold from 25% to 75%
and the exit threshold from 33% to 50%. The goal is to make
initially constructed circuits less horrible, and to make initial
less awful (since fetching directory information in parallel with
whatever the user is trying to do can hurt their performance).
Implements ticket 3196.
| Nick Mathewson | 2012-05-11 |
| * | | Merge remote-tracking branch 'public/bug2297' | Nick Mathewson | 2012-05-16 |
| |\ \ |
|
| | * | | Exits don't need to fetch certs for unknown authorities•••When we started RefuseUnknownExits back in 0.2.2.11-alpha, we
started making exits act like they cache directory info (since they
need an up-to-date idea of who is really a router). But this
included fetching needless (unrecognized) authorities' certs, which
doesn't make any sense for them.
This is related to, but not necessarily the same as, the issue that
Ian reported for bug #2297.
(This patch is based on a patch from a user who I believe has asked
not to be named. If I'm wrong about that, please add the
appropriate name onto the changelog.)
| Nick Mathewson | 2012-03-30 |
| * | | | Merge remote-tracking branch 'origin/maint-0.2.2' | Nick Mathewson | 2012-05-16 |
| |\ \ \
| |_|/
|/| | |
|
| | * | | Correct the bulletproofing of routerlist_insert()•••The original code updated some variables, but forgot to remove a
replaced old-routerdesc from rl->old_routers.
Related to bug 1776.
| Nick Mathewson | 2012-05-16 |
| * | | | Twiddle ROUTER_{MAX_COSMETIC_TIME_DIFFERENCE,MAX_AGE_TO_PUBLISH}•••This is ticket 2479. Roger's original explanation was:
We have a series of bugs where relays publish a descriptor within
12 hours of their last descriptor, but the authorities drop it
because it's not different "enough" from the last one and it's
too close to the last one.
The original goal of this idea was to a) reduce the number of new
descriptors authorities accept (and thus have to store) and b)
reduce the total number of descriptors that clients and mirrors
fetch. It's a defense against bugs where relays publish a new
descriptor every minute.
Now that we're putting out one consensus per hour, we're doing
better at the total damage that can be caused by 'b'.
There are broader-scale design changes that would help here, and
we've had a trac entry open for years about how relays should
recognize that they're not in the consensus, or recognize when
their publish failed, and republish sooner.
In the mean time, I think we should change some of the parameters
to make the problem less painful.
| Nick Mathewson | 2012-03-30 |
| | |/
|/| |
|
| * | | Merge remote-tracking branch 'origin/maint-0.2.2' | Nick Mathewson | 2012-03-09 |
| |\| |
|
| | * | Revise "sufficient exit nodes" check to work with restrictive ExitNodes•••If you set ExitNodes so that only 1 exit node is accepted, the
previous patch would have made you unable to build circuits.
| Nick Mathewson | 2012-03-09 |
| * | | Merge remote-tracking branch 'origin/maint-0.2.2'•••Conflicts:
src/or/routerlist.c
| Nick Mathewson | 2012-03-09 |
| |\| |
|
| | * | Require a threshold of exit nodes before building circuits•••This mitigates an attack proposed by wanoskarnet, in which all of a
client's bridges collude to restrict the exit nodes that the client
knows about. Fixes bug 5343.
| Nick Mathewson | 2012-03-08 |
| * | | When not fetching v2 dir info, don't require it for cleaning descriptors•••Bugfix on 0.2.2.26-beta, which introduced the idea of caches not
cacheing v2 info. Fixes bug 4838.
| Daniel Bryg | 2012-02-23 |
| * | | Merge remote-tracking branch 'origin/maint-0.2.2' | Nick Mathewson | 2012-02-10 |
| |\| |
|
| | * | Downgrade "missing a certificate" from notice to info•••It was apparently getting mistaken for a problem, even though it was
at notice.
Fixes 5067; fix on 0.2.0.10-alpha.
| Nick Mathewson | 2012-02-10 |
| * | | Rename nonconformant identifiers.•••Fixes bug 4893.
These changes are pure mechanical, and were generated with this
perl script:
/usr/bin/perl -w -i.bak -p
s/crypto_pk_env_t/crypto_pk_t/g;
s/crypto_dh_env_t/crypto_dh_t/g;
s/crypto_cipher_env_t/crypto_cipher_t/g;
s/crypto_digest_env_t/crypto_digest_t/g;
s/aes_free_cipher/aes_cipher_free/g;
s/crypto_free_cipher_env/crypto_cipher_free/g;
s/crypto_free_digest_env/crypto_digest_free/g;
s/crypto_free_pk_env/crypto_pk_free/g;
s/_crypto_dh_env_get_dh/_crypto_dh_get_dh/g;
s/_crypto_new_pk_env_rsa/_crypto_new_pk_from_rsa/g;
s/_crypto_pk_env_get_evp_pkey/_crypto_pk_get_evp_pkey/g;
s/_crypto_pk_env_get_rsa/_crypto_pk_get_rsa/g;
s/crypto_new_cipher_env/crypto_cipher_new/g;
s/crypto_new_digest_env/crypto_digest_new/g;
s/crypto_new_digest256_env/crypto_digest256_new/g;
s/crypto_new_pk_env/crypto_pk_new/g;
s/crypto_create_crypto_env/crypto_cipher_new/g;
s/connection_create_listener/connection_listener_new/g;
s/smartlist_create/smartlist_new/g;
s/transport_create/transport_new/g;
| Nick Mathewson | 2012-01-18 |
| * | | Convert instances of tor_malloc+tor_snprintf into tor_asprintf•••These were found by looking for tor_snprintf() instances that were
preceeded closely by tor_malloc(), though I probably converted some
more snprintfs as well.
(In every case, make sure that the length variable (if any) is
removed, renamed, or lowered, so that anything else that might have
assumed a longer buffer doesn't exist.)
| Nick Mathewson | 2012-01-16 |
| * | | New 'DisableNetwork' option to prevent Tor from using the network•••Some controllers want this so they can mess with Tor's configuration
for a while via the control port before actually letting Tor out of
the house.
We do this with a new DisableNetwork option, that prevents Tor from
making any outbound connections or binding any non-control
listeners. Additionally, it shuts down the same functionality as
shuts down when we are hibernating, plus the code that launches
directory downloads.
To make sure I didn't miss anything, I added a clause straight to
connection_connect, so that we won't even try to open an outbound
socket when the network is disabled. In my testing, I made this an
assert, but since I probably missed something, I've turned it into a
BUG warning for testing.
| Nick Mathewson | 2011-11-28 |
| * | | Merge remote-tracking branch 'origin/maint-0.2.2'•••Conflicts:
configure.in
src/or/circuitbuild.c
| Nick Mathewson | 2011-09-09 |
| |\| |
|
| | * | Use %f with printf-style formatting, not %lf•••For printf, %f and %lf are synonymous, since floats are promoted to
doubles when passed as varargs. It's only for scanf that we need to
say "%lf" for doubles and "%f" for floats.
Apparenly, some older compilers think it's naughty to say %lf and like
to spew warnings about it.
Found by grarpamp.
| Nick Mathewson | 2011-08-30 |
| * | | Better messages when we're stalled because of microdescriptors•••It's a little confusing for me to say "only X/Y descriptors" when
I have microdescriptors enabled. So, let's fix that.
| Nick Mathewson | 2011-07-15 |
| * | | Remove compare_addr_to_node_policy•••Instead, use compare_tor_addr_to_node_policy everywhere.
One advantage of this is that compare_tor_addr_to_node_policy can
better distinguish 0.0.0.0 from "unknown", which caused a nasty bug
with microdesc users.
| Nick Mathewson | 2011-07-15 |
| * | | Rename and tweak nodelist_add_node_family() to add node•••It's very easy for nodelist_add_node_family(sl,node) to accidentally
add 'node', and kind of hard to make sure that it omits it. Instead
of taking pains to leave 'node' out, let's instead make sure that we
always include it.
I also rename the function to nodelist_add_node_and_family, and
audit its users so that they don't add the node itself any longer,
since the function will take care of that for them.
Resolves bug 2616, which was not actually a bug.
| Nick Mathewson | 2011-07-11 |
| * | | Look at the right consensus in router_add_to_routerlist()•••Just looking at the "latest" consensus could give us a microdesc
consensus, if microdescs were enabled. That would make us decide
that every routerdesc was unlisted in the latest consensus and drop
them all: Ouch.
Fixes bug 3113; bugfix on 0.2.3.1-alpha.
| Nick Mathewson | 2011-07-11 |
| * | | Kill redundant checks around routerset_contains_*()•••All of the routerset_contains*() functions return 0 if their
routerset_t argument is NULL. Therefore, there's no point in
doing "if (ExcludeNodes && routerset_contains*(ExcludeNodes...))",
for example.
This patch fixes every instance of
if (X && routerstatus_contains*(X,...))
Note that there are other patterns that _aren't_ redundant. For
example, we *don't* want to change:
if (EntryNodes && !routerstatus_contains(EntryNodes,...))
Fixes #2797. No bug here; just needless code.
| Nick Mathewson | 2011-07-07 |
| * | | Defensive programming: don't crash with broken node_t•••Every node_t has either a routerinfo_t or a routerstatus_t, so every
node_t *should* have a nickname. Nonetheless, let's make sure in
hex_digest_nickname_matches().
Should quiet CID 434.
| Nick Mathewson | 2011-07-01 |
| * | | Make the get_options() return const•••This lets us make a lot of other stuff const, allows the compiler to
generate (slightly) better code, and will make me get slightly fewer
patches from folks who stick mutable stuff into or_options_t.
const: because not every input is an output!
| Nick Mathewson | 2011-06-14 |
| * | | Merge remote-tracking branch 'origin/maint-0.2.2'•••The conflicts were mainly caused by the routerinfo->node transition.
Conflicts:
src/or/circuitbuild.c
src/or/command.c
src/or/connection_edge.c
src/or/directory.c
src/or/dirserv.c
src/or/relay.c
src/or/rendservice.c
src/or/routerlist.c
| Nick Mathewson | 2011-05-30 |
| |\| |
|
| | * | Log descriptions of nodes, not just nicknames.•••This patch introduces a few new functions in router.c to produce a
more helpful description of a node than its nickame, and then tweaks
nearly all log messages taking a nickname as an argument to call these
functions instead.
There are a few cases where I left the old log messages alone: in
these cases, the nickname was that of an authority (whose nicknames
are useful and unique), or the message already included an identity
and/or an address. I might have missed a couple more too.
This is a fix for bug 3045.
| Nick Mathewson | 2011-05-15 |
| * | | Merge remote-tracking branch 'origin/maint-0.2.2' | Nick Mathewson | 2011-05-15 |
| |\| |
|
| | * | Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2•••Conflicts:
src/or/networkstatus.c
| Nick Mathewson | 2011-05-15 |
| | |\ |
|
| | | * | Fixup whitespace issues from 3122 commit | Nick Mathewson | 2011-05-15 |
| * | | | Merge remote-tracking branch 'origin/maint-0.2.2'•••Conflicts:
src/or/routerlist.c
| Nick Mathewson | 2011-05-15 |
| |\| | |
|
| | * | | Merge branch 'bug2732-simpler' into maint-0.2.2 | Nick Mathewson | 2011-05-15 |
| | |\ \ |
|
| | | * | | Rip out more of hid_serv_acting_as_directory•••rransom notes correctly that now that we aren't checking our HSDir
flag, we have no actual reason to check whether we are listed in the
consensus at all when determining if we should act like a hidden
service directory.
| Nick Mathewson | 2011-05-15 |
| | | * | | Accept hs descriptors even if we don't see an HSDir for us•••The old behavior contributed to unreliability when hidden services and
hsdirs had different consensus versions, and so had different opinions
about who should be cacheing hsdir info.
Bugfix on 0.2.0.10-alpha; based on discussions surrounding bug 2732.
| Nick Mathewson | 2011-05-12 |
| * | | | | Merge remote-tracking branch 'public/bug3122_memcmp_022' into bug3122_memcmp_023•••Conflicts in various places, mainly node-related. Resolved them in
favor of HEAD, with copying of tor_mem* operations from bug3122_memcmp_022.
src/common/Makefile.am
src/or/circuitlist.c
src/or/connection_edge.c
src/or/directory.c
src/or/microdesc.c
src/or/networkstatus.c
src/or/router.c
src/or/routerlist.c
src/test/test_util.c
| Nick Mathewson | 2011-05-11 |
| |\| | | |
|
| | * | | | Hand-tune the new tor_memcmp instances in 0.2.2 | Nick Mathewson | 2011-05-11 |
| | * | | | Re-apply the automated conversion to 0.2.2 to make handle any memcmps that sn... | Nick Mathewson | 2011-05-11 |
| | * | | | Merge remote-tracking branch 'public/3122_memcmp_squashed' into bug3122_memcm...•••Conflicts throughout. All resolved in favor of taking HEAD and
adding tor_mem* or fast_mem* ops as appropriate.
src/common/Makefile.am
src/or/circuitbuild.c
src/or/directory.c
src/or/dirserv.c
src/or/dirvote.c
src/or/networkstatus.c
src/or/rendclient.c
src/or/rendservice.c
src/or/router.c
src/or/routerlist.c
src/or/routerparse.c
src/or/test.c
| Nick Mathewson | 2011-05-11 |
| | |\ \ \
| | |/ /
| |/| /
| | |/ |
|
| | | * | Hand-conversion and audit phase of memcmp transition•••Here I looked at the results of the automated conversion and cleaned
them up as follows:
If there was a tor_memcmp or tor_memeq that was in fact "safe"[*] I
changed it to a fast_memcmp or fast_memeq.
Otherwise if there was a tor_memcmp that could turn into a
tor_memneq or tor_memeq, I converted it.
This wants close attention.
[*] I'm erring on the side of caution here, and leaving some things
as tor_memcmp that could in my opinion use the data-dependent
fast_memcmp variant.
| Nick Mathewson | 2011-05-11 |
| | | * | Automated conversion of memcmp to tor_memcmp/tor_mem[n]eq•••This commit is _exactly_ the result of
perl -i -pe 's/\bmemcmp\(/tor_memcmp\(/g' src/*/*.[ch]
perl -i -pe 's/\!\s*tor_memcmp\(/tor_memeq\(/g' src/*/*.[ch]
perl -i -pe 's/0\s*==\s*tor_memcmp\(/tor_memeq\(/g' src/*/*.[ch]
perl -i -pe 's/0\s*!=\s*tor_memcmp\(/tor_memneq\(/g' src/*/*.[ch]
git checkout src/common/di_ops.[ch]
git checkout src/or/test.c
git checkout src/common/test.h
| Nick Mathewson | 2011-05-11 |