| Commit message (Expand) | Author | Age |
|---|
| * | Merge remote-tracking branch 'origin/maint-0.2.2'•••The conflicts were mainly caused by the routerinfo->node transition.
Conflicts:
src/or/circuitbuild.c
src/or/command.c
src/or/connection_edge.c
src/or/directory.c
src/or/dirserv.c
src/or/relay.c
src/or/rendservice.c
src/or/routerlist.c
| Nick Mathewson | 2011-05-30 |
| |\ |
|
| | * | Log descriptions of nodes, not just nicknames.•••This patch introduces a few new functions in router.c to produce a
more helpful description of a node than its nickame, and then tweaks
nearly all log messages taking a nickname as an argument to call these
functions instead.
There are a few cases where I left the old log messages alone: in
these cases, the nickname was that of an authority (whose nicknames
are useful and unique), or the message already included an identity
and/or an address. I might have missed a couple more too.
This is a fix for bug 3045.
| Nick Mathewson | 2011-05-15 |
| * | | Merge remote-tracking branch 'origin/maint-0.2.2' | Nick Mathewson | 2011-05-15 |
| |\| |
|
| | * | Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2•••Conflicts:
src/or/networkstatus.c
| Nick Mathewson | 2011-05-15 |
| | |\ |
|
| | | * | Fixup whitespace issues from 3122 commit | Nick Mathewson | 2011-05-15 |
| * | | | Merge remote-tracking branch 'origin/maint-0.2.2'•••Conflicts:
src/or/routerlist.c
| Nick Mathewson | 2011-05-15 |
| |\| | |
|
| | * | | Merge branch 'bug2732-simpler' into maint-0.2.2 | Nick Mathewson | 2011-05-15 |
| | |\ \ |
|
| | | * | | Rip out more of hid_serv_acting_as_directory•••rransom notes correctly that now that we aren't checking our HSDir
flag, we have no actual reason to check whether we are listed in the
consensus at all when determining if we should act like a hidden
service directory.
| Nick Mathewson | 2011-05-15 |
| | | * | | Accept hs descriptors even if we don't see an HSDir for us•••The old behavior contributed to unreliability when hidden services and
hsdirs had different consensus versions, and so had different opinions
about who should be cacheing hsdir info.
Bugfix on 0.2.0.10-alpha; based on discussions surrounding bug 2732.
| Nick Mathewson | 2011-05-12 |
| * | | | | Merge remote-tracking branch 'public/bug3122_memcmp_022' into bug3122_memcmp_023•••Conflicts in various places, mainly node-related. Resolved them in
favor of HEAD, with copying of tor_mem* operations from bug3122_memcmp_022.
src/common/Makefile.am
src/or/circuitlist.c
src/or/connection_edge.c
src/or/directory.c
src/or/microdesc.c
src/or/networkstatus.c
src/or/router.c
src/or/routerlist.c
src/test/test_util.c
| Nick Mathewson | 2011-05-11 |
| |\| | | |
|
| | * | | | Hand-tune the new tor_memcmp instances in 0.2.2 | Nick Mathewson | 2011-05-11 |
| | * | | | Re-apply the automated conversion to 0.2.2 to make handle any memcmps that sn... | Nick Mathewson | 2011-05-11 |
| | * | | | Merge remote-tracking branch 'public/3122_memcmp_squashed' into bug3122_memcm...•••Conflicts throughout. All resolved in favor of taking HEAD and
adding tor_mem* or fast_mem* ops as appropriate.
src/common/Makefile.am
src/or/circuitbuild.c
src/or/directory.c
src/or/dirserv.c
src/or/dirvote.c
src/or/networkstatus.c
src/or/rendclient.c
src/or/rendservice.c
src/or/router.c
src/or/routerlist.c
src/or/routerparse.c
src/or/test.c
| Nick Mathewson | 2011-05-11 |
| | |\ \ \
| | |/ /
| |/| /
| | |/ |
|
| | | * | Hand-conversion and audit phase of memcmp transition•••Here I looked at the results of the automated conversion and cleaned
them up as follows:
If there was a tor_memcmp or tor_memeq that was in fact "safe"[*] I
changed it to a fast_memcmp or fast_memeq.
Otherwise if there was a tor_memcmp that could turn into a
tor_memneq or tor_memeq, I converted it.
This wants close attention.
[*] I'm erring on the side of caution here, and leaving some things
as tor_memcmp that could in my opinion use the data-dependent
fast_memcmp variant.
| Nick Mathewson | 2011-05-11 |
| | | * | Automated conversion of memcmp to tor_memcmp/tor_mem[n]eq•••This commit is _exactly_ the result of
perl -i -pe 's/\bmemcmp\(/tor_memcmp\(/g' src/*/*.[ch]
perl -i -pe 's/\!\s*tor_memcmp\(/tor_memeq\(/g' src/*/*.[ch]
perl -i -pe 's/0\s*==\s*tor_memcmp\(/tor_memeq\(/g' src/*/*.[ch]
perl -i -pe 's/0\s*!=\s*tor_memcmp\(/tor_memneq\(/g' src/*/*.[ch]
git checkout src/common/di_ops.[ch]
git checkout src/or/test.c
git checkout src/common/test.h
| Nick Mathewson | 2011-05-11 |
| * | | | Fix check-spaces issues in master | Nick Mathewson | 2011-05-05 |
| * | | | Move dummy authority.z fetch out of update_router_descriptor_downloads•••To make sure that a server learns if its IP has changed, the server
sometimes launches authority.z descriptor fetches from
update_router_descriptor_downloads. That's nice, but we're moving
towards a situation where update_router_descriptor_downloads doesn't
always get called. So this patch breaks the authority.z
check-and-fetch into a new function.
This function also renames last_routerdesc_download to a more
appropriate last_descriptor_download, and adds a new
update_all_descriptor_downloads() function.
(For now, this is unnecessary, since servers don't actually use
microdescriptors. But that could change, or bridges could start
using microdescriptors, and then we'll be glad this is refactored
nicely.)
| Nick Mathewson | 2011-05-05 |
| * | | | Code to make clients fetch and use microdescriptors for circuit building•••To turn this on, set UseMicrodescriptors to "1" (or "auto" if you
want it on-if-you're-a-client). It should go auto-by-default once
0.2.3.1-alpha is released.
Because of our node logic, directory caches will never use
microdescriptors when they have the right routerinfo available.
| Nick Mathewson | 2011-05-05 |
| * | | | Replace _AUTHORITY enum values with _DIRINFO values (automted) | Nick Mathewson | 2011-05-05 |
| * | | | Automated rename from authority_type_t to dirinfo_type_t•••We were already overloading this type to mean "a directory that can
serve us X" in addition to "a directory that is an authority for X."
| Nick Mathewson | 2011-05-05 |
| * | | | Merge remote-tracking branch 'origin/maint-0.2.2' | Nick Mathewson | 2011-04-28 |
| |\| | |
|
| | | \ | |
| | | \ | |
| | *-. \ | Merge remote-tracking branches 'rransom/bug2722' and 'rransom/bug2722b' into ... | Nick Mathewson | 2011-04-28 |
| | |\ \ \ |
|
| | | * | | | Revert "If we are not using BEGIN_DIR cells, don't attempt to contact hidden ...•••This reverts commit 9a7098487b2c25f36112b3521758f42621dcd6af.
Conflicts:
ChangeLog (left unchanged by this commit)
| Robert Ransom | 2011-03-12 |
| | | | |/
| | |/| |
|
| | | * | | Merge remote branch 'public/bug1859_021' into maint-0.2.1 | Nick Mathewson | 2011-02-22 |
| | | |\ \ |
|
| | | | * | | Issues with router_get_by_nickname()•••https://trac.torproject.org/projects/tor/ticket/1859
There are two problems in this bug:
1. When an OP makes a .exit request specifying itself as the exit, and the exit
is not yet listed, Tor gets all the routerinfos needed for the circuit but
discovers in circuit_is_acceptable() that its own routerinfo is not in the
routerdigest list and cannot be used. Tor then gets locked in a cycle of
repeating these two steps. When gathering the routerinfos for a circuit,
specifically when the exit has been chosen by .exit notation, Tor needs to
apply the same rules it uses later on when deciding if it can build a
circuit with those routerinfos.
2. A different bug arises in the above situation when the Tor instance's
routerinfo *is* listed in the routerlist, it shares its nickname with a
number of other Tor nodes, and it does not have 'Named' rights to its
nickname.
So for example, if (i) there are five nodes named Bob in the network, (ii) I
am running one of them but am flagged as 'Unnamed' because someone else
claimed the 'Bob' nickname first, and (iii) I run my Tor as both client
and exit the following can happen to me:
- I go to www.evil.com
- I click on a link www.evil.com.bob.exit
- My request will exit through my own Tor node rather than the 'Named'
node Bob or any of the others.
- www.evil.com now knows I am actually browsing from the same computer
that is running my 'Bob' node
So to solve both issues we need to ensure:
- When fulfilling a .exit request we only choose a routerinfo if it exists in
the routerlist, even when that routerinfo is ours.
- When getting a router by nickname we only return our own router information
if it is not going to be used for building a circuit.
We ensure this by removing the special treatment afforded our own router in
router_get_by_nickname(). This means the function will only return the
routerinfo of our own router if it is in the routerlist built from authority
info and has a unique nickname or is bound to a non-unique nickname.
There are some uses of router_get_by_nickname() where we are looking for the
router by name because of a configuration directive, specifically local
declaration of NodeFamilies and EntryNodes and other routers' declaration of
MyFamily. In these cases it is not at first clear if we need to continue
returning our own routerinfo even if our router is not listed and/or has a
non-unique nickname with the Unnamed flag.
The patch treats each of these cases as follows:
Other Routers' Declaration of MyFamily
This happens in routerlist_add_family(). If another router declares our router
in its family and our router has the Unnamed flag or is not in the routerlist
yet, should we take advantage of the fact that we know our own routerinfo to
add us in anyway? This patch says 'no, treat our own router just like any
other'. This is a safe choice because it ensures our client has the same view
of the network as other clients. We also have no good way of knowing if our
router is Named or not independently of the authorities, so we have to rely on
them in this.
Local declaration of NodeFamilies
Again, we have no way of knowing if the declaration 'NodeFamilies
Bob,Alice,Ringo' refers to our router Bob or the Named router Bob, so we have
to defer to the authorities and treat our own router like any other.
Local declaration of NodeFamilies
Again, same as above. There's also no good reason we would want our client to
choose it's own router as an entry guard if it does not meet the requirements
expected of any other router on the network.
In order to reduce the possibility of error, the patch also replaces two
instances where we were using router_get_by_nickname() with calls to
router_get_by_hexdigest() where the identity digest of the router
is available.
| Robert Hogan | 2010-11-12 |
| * | | | | | Merge maint-0.2.2 for the bug1090-part1-squashed branch•••Resolved conflicts in:
doc/tor.1.txt
src/or/circuitbuild.c
src/or/circuituse.c
src/or/connection_edge.c
src/or/connection_edge.h
src/or/directory.c
src/or/rendclient.c
src/or/routerlist.c
src/or/routerlist.h
These were mostly releated to the routerinfo_t->node_t conversion.
| Nick Mathewson | 2011-04-27 |
| |\| | | | |
|
| | * | | | | When there is a transition in permitted nodes, apply it to trackexithosts map•••IOW, if we were using TrackExitHosts, and we added an excluded node or
removed a node from exitnodes, we wouldn't actually remove the mapping
that points us at the new node.
Also, note with an XXX022 comment a place that I think we are looking
at the wrong string.
| Nick Mathewson | 2011-04-26 |
| | * | | | | Simplify calls to routerset_equal•••The routerset_equal function explicitly handles NULL inputs, so
there's no need to check inputs for NULL before calling it.
Also fix a bug in routerset_equal where a non-NULL routerset with no
entries didn't get counted as equal to a NULL routerset. This was
untriggerable, I think, but potentially annoying down the road.
| Nick Mathewson | 2011-04-26 |
| | * | | | | If ExitNodes and Exclude{Exit}Nodes overlap, obey Exclude{Exit}Nodes.•••Also, ExitNodes are always strict.
| Roger Dingledine | 2011-04-26 |
| | * | | | | don't exit enclave to excluded relays | Roger Dingledine | 2011-04-26 |
| | * | | | | handle excludenodes for dir fetch/post•••If we're picking a random directory node, never pick an excluded one.
But if we've chosen a specific one (or all), allow it unless strictnodes
is set (in which case warn so the user knows it's their fault).
When warning that we won't connect to a strictly excluded node,
log what it was we were trying to do at that node.
When ExcludeNodes is set but StrictNodes is not set, we only use
non-excluded nodes if we can, but fall back to using excluded nodes
if none of those nodes is usable.
| Roger Dingledine | 2011-04-26 |
| | * | | | | If EntryNodes and ExcludeNodes overlap, obey ExcludeNodes. | Roger Dingledine | 2011-04-26 |
| * | | | | | Merge remote-tracking branch 'origin/maint-0.2.2'•••Conflicts:
src/or/rephist.c
| Nick Mathewson | 2011-04-26 |
| |\| | | | |
|
| | * | | | | Downgrade notice to info when downloading a cert. | Nick Mathewson | 2011-04-26 |
| | | |_|/
| |/| | |
|
| * | | | | Merge remote-tracking branch 'origin/maint-0.2.2'•••Conflicts:
src/common/address.c
src/common/compat_libevent.c
src/common/memarea.c
src/common/util.h
src/or/buffers.c
src/or/circuitbuild.c
src/or/circuituse.c
src/or/connection.c
src/or/directory.c
src/or/networkstatus.c
src/or/or.h
src/or/routerlist.c
| Nick Mathewson | 2011-04-07 |
| |\| | | |
|
| | * | | | Triage the XXX022 and XXX021 comments remaining in the code•••Remove some, postpone others, leave some alone. Now the only
remaining XXX022s are ones that seem important to fix or investigate.
| Nick Mathewson | 2011-03-25 |
| | * | | | Remove the "fuzzy time" code•••It was the start of a neat idea, but it only got used in 3 places,
none of which really needed it.
| Nick Mathewson | 2011-03-25 |
| * | | | | Merge remote branch 'origin/maint-0.2.2'•••Resolved nontrivial conflict around rewrite_x_address_for_bridge and
learned_bridge_descriptor. Now, since leanred_bridge_descriptor works
on nodes, we must make sure that rewrite_node_address_for_bridge also
works on nodes.
Conflicts:
src/or/circuitbuild.c
| Nick Mathewson | 2011-03-14 |
| |\| | | |
|
| | * | | | fix two issues pointed out by nickm | Roger Dingledine | 2011-03-13 |
| | * | | | don't use old non-configured bridges (bug 2511) | Roger Dingledine | 2011-02-08 |
| * | | | | Merge remote branch 'origin/maint-0.2.2' for bug2203_rebased•••There was a merge conflict in routerlist.c due to the new node_t logic.
Conflicts:
src/or/routerlist.c
| Nick Mathewson | 2011-02-04 |
| |\| | | |
|
| | * | | | Fix client side of 2203: Do not count BadExits as Exits. | Mike Perry | 2011-01-25 |
| * | | | | Merge branch 'maint-0.2.2' | Roger Dingledine | 2011-01-15 |
| |\| | | |
|
| | * | | | Sanity-check consensus param values•••We need to make sure that the worst thing that a weird consensus param
can do to us is to break our Tor (and only if the other Tors are
reliably broken in the same way) so that the majority of directory
authorities can't pull any attacks that are worse than the DoS that
they can trigger by simply shutting down.
One of these worse things was the cbtnummodes parameter, which could
lead to heap corruption on some systems if the value was sufficiently
large.
This commit fixes this particular issue and also introduces sanity
checking for all consensus parameters.
| Sebastian Hahn | 2011-01-15 |
| * | | | | Merge remote branch 'origin/maint-0.2.2' | Nick Mathewson | 2011-01-15 |
| |\| | | |
|
| | * | | | Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2•••Conflicts:
src/or/config.c
src/or/networkstatus.c
src/or/rendcommon.c
src/or/routerparse.c
src/or/test.c
| Nick Mathewson | 2011-01-15 |
| | |\| | |
|
| | | * | | Fix a heap overflow found by debuger, and make it harder to make that mistake...•••Our public key functions assumed that they were always writing into a
large enough buffer. In one case, they weren't.
(Incorporates fixes from sebastian)
| Nick Mathewson | 2011-01-15 |
| * | | | | Merge remote branch 'origin/maint-0.2.2' | Nick Mathewson | 2011-01-03 |
| |\| | | |
|
| | * | | | Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2•••Conflicts:
src/common/test.h
src/or/test.c
| Nick Mathewson | 2011-01-03 |
| | |\| | |
|
| | | * | | Bump copyright statements to 2011 | Nick Mathewson | 2011-01-03 |
| | | |/ |
|