| Commit message (Expand) | Author | Age |
|---|
| * | Merge remote branch 'origin/maint-0.2.2' for bug 1859 patches•••Some of this is already done in nodelist.
| Nick Mathewson | 2010-10-21 |
| |\ |
|
| | * | Merge remote branch 'hoganrobert/bug1859' into maint-0.2.2 | Nick Mathewson | 2010-10-21 |
| | |\ |
|
| | | * | Issues with router_get_by_nickname()•••https://trac.torproject.org/projects/tor/ticket/1859
There are two problems in this bug:
1. When an OP makes a .exit request specifying itself as the exit, and the exit
is not yet listed, Tor gets all the routerinfos needed for the circuit but
discovers in circuit_is_acceptable() that its own routerinfo is not in the
routerdigest list and cannot be used. Tor then gets locked in a cycle of
repeating these two steps. When gathering the routerinfos for a circuit,
specifically when the exit has been chosen by .exit notation, Tor needs to
apply the same rules it uses later on when deciding if it can build a
circuit with those routerinfos.
2. A different bug arises in the above situation when the Tor instance's
routerinfo *is* listed in the routerlist, it shares its nickname with a
number of other Tor nodes, and it does not have 'Named' rights to its
nickname.
So for example, if (i) there are five nodes named Bob in the network, (ii) I
am running one of them but am flagged as 'Unnamed' because someone else
claimed the 'Bob' nickname first, and (iii) I run my Tor as both client
and exit the following can happen to me:
- I go to www.evil.com
- I click on a link www.evil.com.bob.exit
- My request will exit through my own Tor node rather than the 'Named'
node Bob or any of the others.
- www.evil.com now knows I am actually browsing from the same computer
that is running my 'Bob' node
So to solve both issues we need to ensure:
- When fulfilling a .exit request we only choose a routerinfo if it exists in
the routerlist, even when that routerinfo is ours.
- When getting a router by nickname we only return our own router information
if it is not going to be used for building a circuit.
We ensure this by removing the special treatment afforded our own router in
router_get_by_nickname(). This means the function will only return the
routerinfo of our own router if it is in the routerlist built from authority
info and has a unique nickname or is bound to a non-unique nickname.
There are some uses of router_get_by_nickname() where we are looking for the
router by name because of a configuration directive, specifically local
declaration of NodeFamilies and EntryNodes and other routers' declaration of
MyFamily. In these cases it is not at first clear if we need to continue
returning our own routerinfo even if our router is not listed and/or has a
non-unique nickname with the Unnamed flag.
The patch treats each of these cases as follows:
Other Routers' Declaration of MyFamily
This happens in routerlist_add_family(). If another router declares our router
in its family and our router has the Unnamed flag or is not in the routerlist
yet, should we take advantage of the fact that we know our own routerinfo to
add us in anyway? This patch says 'no, treat our own router just like any
other'. This is a safe choice because it ensures our client has the same view
of the network as other clients. We also have no good way of knowing if our
router is Named or not independently of the authorities, so we have to rely on
them in this.
Local declaration of NodeFamilies
Again, we have no way of knowing if the declaration 'NodeFamilies
Bob,Alice,Ringo' refers to our router Bob or the Named router Bob, so we have
to defer to the authorities and treat our own router like any other.
Local declaration of NodeFamilies
Again, same as above. There's also no good reason we would want our client to
choose it's own router as an entry guard if it does not meet the requirements
expected of any other router on the network.
In order to reduce the possibility of error, the patch also replaces two
instances where we were using router_get_by_nickname() with calls to
router_get_by_hexdigest() where the identity digest of the router
is available.
| Robert Hogan | 2010-10-13 |
| * | | | Remove more unused code from routerlist.c | Nick Mathewson | 2010-10-15 |
| * | | | Remove "is this too slow?" XXXX comments for code not appearing in profiles | Nick Mathewson | 2010-10-15 |
| * | | | Remove the unused old fuzzy-time code | Nick Mathewson | 2010-10-15 |
| * | | | Make check-spaces happy | Sebastian Hahn | 2010-10-14 |
| * | | | Rename router_get_by_digest()•••We now call the function router_get_by_id_digest() to make clear that
we're talking about the identity digest here, not descriptor digest.
| Sebastian Hahn | 2010-10-14 |
| * | | | Fix a few trivial bugs from the nodelist merge | Nick Mathewson | 2010-10-13 |
| * | | | Fix a couple more node_t-related nullpointer bugs | Nick Mathewson | 2010-10-04 |
| * | | | Fix a bug in smartlist_choose_node_by_bandwidth | Nick Mathewson | 2010-10-01 |
| * | | | Implement node-based router family code•••Also, make the NodeFamily option into a list of routersets. This
lets us git rid of router_in_nickname_list (or whatever it was
called) without porting it to work with nodes, and also lets people
specify country codes and IP ranges in NodeFamily
| Nick Mathewson | 2010-10-01 |
| * | | | Rename routerstatus_t.is_running to is_flagged_running•••This was the only flag in routerstatus_t that we would previously
change in a routerstatus_t in a consensus. We no longer have reason
to do so -- and probably never did -- as you can now confirm more
easily than you could have done by grepping for is_running before
this patch.
The name change is to emphasize that the routerstatus_t is_running
flag is only there to tell you whether the consensus says it's
running, not whether it *you* think it's running.
| Nick Mathewson | 2010-10-01 |
| * | | | Initial conversion to use node_t throughout our codebase.•••A node_t is an abstraction over routerstatus_t, routerinfo_t, and
microdesc_t. It should try to present a consistent interface to all
of them. There should be a node_t for a server whenever there is
* A routerinfo_t for it in the routerlist
* A routerstatus_t in the current_consensus.
(note that a microdesc_t alone isn't enough to make a node_t exist,
since microdescriptors aren't usable on their own.)
There are three ways to get a node_t right now: looking it up by ID,
looking it up by nickname, and iterating over the whole list of
microdescriptors.
All (or nearly all) functions that are supposed to return "a router"
-- especially those used in building connections and circuits --
should return a node_t, not a routerinfo_t or a routerstatus_t.
A node_t should hold all the *mutable* flags about a node. This
patch moves the is_foo flags from routerinfo_t into node_t. The
flags in routerstatus_t remain, but they get set from the consensus
and should not change.
Some other highlights of this patch are:
* Looking up routerinfo and routerstatus by nickname is now
unified and based on the "look up a node by nickname" function.
This tries to look only at the values from current consensus,
and not get confused by the routerinfo_t->is_named flag, which
could get set for other weird reasons. This changes the
behavior of how authorities (when acting as clients) deal with
nodes that have been listed by nickname.
* I tried not to artificially increase the size of the diff here
by moving functions around. As a result, some functions that
now operate on nodes are now in the wrong file -- they should
get moved to nodelist.c once this refactoring settles down.
This moving should happen as part of a patch that moves
functions AND NOTHING ELSE.
* Some old code is now left around inside #if 0/1 blocks, and
should get removed once I've verified that I don't want it
sitting around to see how we used to do things.
There are still some unimplemented functions: these are flagged
with "UNIMPLEMENTED_NODELIST()." I'll work on filling in the
implementation here, piece by piece.
I wish this patch could have been smaller, but there did not seem to
be any piece of it that was independent from the rest. Moving flags
forces many functions that once returned routerinfo_t * to return
node_t *, which forces their friends to change, and so on.
| Nick Mathewson | 2010-10-01 |
| * | | | Try to make most routerstatus_t interfaces const | Nick Mathewson | 2010-10-01 |
| * | | | Try to make most routerinfo_t interfaces const | Nick Mathewson | 2010-10-01 |
| * | | | Implement a basic node and nodelist type•••The node_t type is meant to serve two key functions:
1) Abstracting difference between routerinfo_t and microdesc_t
so that clients can use microdesc_t instead of routerinfo_t.
2) Being a central place to hold mutable state about nodes
formerly held in routerstatus_t and routerinfo_t.
This patch implements a nodelist type that holds a node for every
router that we would consider using.
| Nick Mathewson | 2010-10-01 |
| * | | | Merge remote branch 'origin/maint-0.2.2' | Nick Mathewson | 2010-09-30 |
| |\| | |
|
| | * | | Note an XXX about potential overflow | Sebastian Hahn | 2010-09-30 |
| | * | | Use an upper and lower bound for bridge weights•••When picking bridges (or other nodes without a consensus entry (and
thus no bandwidth weights)) we shouldn't just trust the node's
descriptor. So far we believed anything between 0 and 10MB/s, where 0
would mean that a node doesn't get any use from use unless it is our
only one, and 10MB/s would be a quite siginficant weight. To make this
situation better, we now believe weights in the range from 20kB/s to
100kB/s. This should allow new bridges to get use more quickly, and
means that it will be harder for bridges to see almost all our traffic.
| Sebastian Hahn | 2010-09-30 |
| * | | | Whitespace fixes on recent merges to master. | Nick Mathewson | 2010-09-30 |
| * | | | Merge remote branch 'origin/maint-0.2.2' | Nick Mathewson | 2010-09-29 |
| |\| | |
|
| | * | | Actually notice when our last entrynode goes down•••Otherwise we'd never set have_minimum_dir_info to false, so the
"optimistic retry" would never trigger.
| Roger Dingledine | 2010-09-28 |
| * | | | Remove the has_old_dnsworkers flag. | Nick Mathewson | 2010-09-28 |
| * | | | Download microdescriptors if you're a cache•••This commit adds some functions to see what microdescriptors we're missing,
and adds fetch-microdesc/store-microdesc logic to the directory code.
| Nick Mathewson | 2010-09-27 |
| * | | | When updating routerdesc downloads, look specifically at the ns consensus•••This will be needed when "get_live_consensus" potentially returns a
microdesc consensus.
| Nick Mathewson | 2010-09-27 |
| |/ / |
|
| * | | Merge branch 'bug1805' into maint-0.2.2 | Nick Mathewson | 2010-09-27 |
| |\ \
| |/
|/| |
|
| | * | Clean up some bug1805 comments based on arma's feedback | Nick Mathewson | 2010-09-27 |
| | * | Kill warn when picking bridges without bw weight•••Bridges and other relays not included in the consensus don't
necessarily have a non-zero bandwidth capacity. If all our
configured bridges had a zero bw capacity we would warn the
user. Change that.
| Sebastian Hahn | 2010-09-06 |
| * | | Rename has_completed_circuit to can_complete_circuit•••Also redocument it. Related to #1362.
| Nick Mathewson | 2010-09-22 |
| * | | Merge remote branch 'arma/bug1362' | Nick Mathewson | 2010-09-22 |
| |\ \ |
|
| | * | | log when we finish a circuit after being offline | Roger Dingledine | 2010-09-21 |
| * | | | Changes to bug1959_part1 on review from arma.•••Significant one: we want to say "not enough entry nodes descriptors, so we
can't build circuits" only when we have 0 descriptors.
| Nick Mathewson | 2010-09-22 |
| * | | | Make our min-info check also check for entry node presence•••Part of a fix for bug1959
| Nick Mathewson | 2010-09-21 |
| |/ / |
|
| * | | Add a simple integer-ceiling-division macro before we get it wrong | Nick Mathewson | 2010-09-14 |
| * | | Merge branch 'bug1899' | Nick Mathewson | 2010-09-14 |
| |\ \ |
|
| | * | | Extract the "do these routers have the same addr:orport" logic into a fn | Nick Mathewson | 2010-09-14 |
| * | | | Merge branch 'bug911' | Nick Mathewson | 2010-09-14 |
| |\| | |
|
| | * | | Move code for launching tests out of router_add_to_routerlist()•••router_add_to_routerlist() is supposed to be a nice minimal function
that only touches the routerlist structures, but it included a call to
dirserv_single_reachability_test().
We have a function that gets called _after_ adding descriptors
successfully: routerlist_descriptors_added. This patch moves the
responsibility for testing there.
Because the decision of whether to test or not depends on whether
there was an old routerinfo for this router or not, we have to first
detect whether we _will_ want to run the tests if the router is added.
We make this the job of
routers_update_status_from_consensus_networkstatus().
Finally, this patch makes the code notice if a router is going from
hibernating to non-hibernating, and if so causes a reachability test
to get launched.
| Nick Mathewson | 2010-08-18 |
| * | | | Merge remote branch 'sebastian/bug1776_v3' | Nick Mathewson | 2010-09-14 |
| |\ \ \ |
|
| | * | | | Allow clients to use relays as bridges | Sebastian Hahn | 2010-08-20 |
| | | |/
| |/| |
|
| * / | | Complicate the rules on WARN vs INFO in consensus verification•••It's normal when bootstrapping to have a lot of different certs
missing, so we don't want missing certs to make us warn... unless
the certs we're missing are ones that we've tried to fetch a couple
of times and failed at.
May fix bug 1145.
| Nick Mathewson | 2010-09-02 |
| |/ / |
|
| * / | Allow using regular relays as bridges | Sebastian Hahn | 2010-07-31 |
| |/ |
|
| * | Move the header for bandwidth_weight_rule_to_string into reasons.h | Sebastian Hahn | 2010-07-27 |
| * | Create routerparse.h | Sebastian Hahn | 2010-07-27 |
| * | Create rephist.h | Sebastian Hahn | 2010-07-27 |
| * | Create policies.h | Sebastian Hahn | 2010-07-27 |
| * | Create networkstatus.h | Sebastian Hahn | 2010-07-27 |
| * | Create main.h | Sebastian Hahn | 2010-07-27 |
| * | Create hibernate.h | Sebastian Hahn | 2010-07-27 |