aboutsummaryrefslogtreecommitdiff
path: root/src
Commit message (Collapse)AuthorAge
* bugfix for win32 with lots of usersRoger Dingledine2003-10-27
| | | | | | | plus general cleanup on switch_id() svn:r684
* remove obsolete config fileRoger Dingledine2003-10-27
| | | | svn:r681
* add DirBindAddress, parse the BindAddress's when you bindRoger Dingledine2003-10-25
| | | | | | | | | exit if bind fails add usage printfs rearrange config options for readability svn:r674
* Use daemon(3) function where available.Nick Mathewson2003-10-23
| | | | svn:r665
* resolve warningNick Mathewson2003-10-23
| | | | svn:r664
* Two-pronged attack at my overzealous skew fixes.Nick Mathewson2003-10-23
| | | | | | | | | | | | | | | The problem was that the fixes had us generating TLS certs with a 2-day lifetime on the assumption that we'd rotate fairly often. In fact, we never rotate our TLS keys. This patch fixes the situation in 2 ways: 1. It bumps the default lifetime back up to one year until we get rotation in place. 2. It changes tor_tls_context_new() so that it doesn't leak memory when you call it more than once. svn:r663
* switch_id() no longer tries to log the user name when it's calld onSteven Hazel2003-10-22
| | | | | | | | Windows, since we don't know whether it's the user or the group that was set. svn:r659
* Clock skew fixes.Nick Mathewson2003-10-22
| | | | | | | | | | | | | | | | | | | | | | | | | | Allow some slop (currently 3 minutes) when checking certificate validity. Change certificate lifetime from 1 year to 2 days. Since we regenerate regularly (we regenerate regularly, right??), this shouldn't be a problem. Have directories reject descriptors published too far in the future (currently 30 minutes). If dirservs don't do this: 0) Today is January 1, 2000. 1) A very skewed server publishes descriptor X with a declared publication time of August 1, 2000. 2) The directory includes X. 3) Because of certificate lifetime issues, nobody can use the skewed server. 4) The server fixes its skew, and goes to republish a new descriptor Y with publication time of January 1, 2000. 5) But because the directory already has a "more recent" descriptor X, it rejects descriptor "Y" as superseded! This patch should make step 2 go away. svn:r658
* - fixed a bug in the id switching code -- setgid has to happen beforeSteven Hazel2003-10-22
| | | | | | | | | | | | | | | setuid, because after we setuid we don't have the priviledges we need to setgid anymore, duh. merged switch_user() and switch_group() into switch_id(), since that code has to be wound together. - return -1 from switch_id() if it's not defined to do anything else. - moved daemoinize(), write_pidfile(), and switch_id() from main.c to util.c svn:r656
* play with connection_edge_send_commandRoger Dingledine2003-10-22
| | | | | | | maybe more robust now svn:r655
* move default exit policy into config filesRoger Dingledine2003-10-22
| | | | svn:r654
* make end relay cells have payloadsRoger Dingledine2003-10-22
| | | | | | | move default exit policy into config files svn:r653
* added User and Group options -- if you set them, tor will try toSteven Hazel2003-10-22
| | | | | | | | | | | | | | | setuid and setgid respectively, and die if it can't. (If the User option is set, tor will setgid to the user's gid as well.) This happens after the pidfile is created, so that in cases where tor needs to be root to work with the pidfile, it will at least be able to create it, although it won't be able to delete it. That sucks, but it's somewhat better than not being able to create the pidfile in the first place. svn:r652
* Update .cvsignores to exclude files generated due to recent build improvementsNick Mathewson2003-10-21
| | | | svn:r647
* APPort is now SocksPortRoger Dingledine2003-10-21
| | | | svn:r644
* introduce new tor_free() macroRoger Dingledine2003-10-21
| | | | svn:r643
* move closer to being able to reload config on HUPRoger Dingledine2003-10-21
| | | | | | | | rename APPort to SocksPort introduce new tor_free() macro svn:r642
* remove obsolete config fileRoger Dingledine2003-10-21
| | | | svn:r641
* send the end cell when we realize we're going to end,Roger Dingledine2003-10-21
| | | | | | | | | | | | | | | not when we're closing the stream. this lets us put a payload in the end cell if we want to, to describe why we're closing the stream. there are still some places where we don't send the end cell immediately. i need to track them down. but it's a low priority, since i've made it send the end cell when we close the stream if we haven't already sent it. svn:r640
* include our own timegm() impl, since it's not portableRoger Dingledine2003-10-20
| | | | svn:r635
* a skeletal print_usage() functionRoger Dingledine2003-10-20
| | | | svn:r634
* add an Address line to the sample server rc fileRoger Dingledine2003-10-19
| | | | svn:r633
* move to 0.0.2pre13Roger Dingledine2003-10-19
| | | | svn:r631
* warn, not errRoger Dingledine2003-10-19
| | | | svn:r630
* put small buffers back in placeRoger Dingledine2003-10-19
| | | | svn:r629
* Example code to get nickname from certNick Mathewson2003-10-19
| | | | svn:r628
* Code to get nicknames from peer certsNick Mathewson2003-10-19
| | | | svn:r627
* let tls tolerate reallocing the bufRoger Dingledine2003-10-19
| | | | | | | and also remember the params for ssl_write if it returns wantread. svn:r626
* first steps toward a WANTWRITE SSL_write tls bug fixRoger Dingledine2003-10-18
| | | | | | | how exactly the same do the arguments need to be? :( svn:r625
* another minor memory leakRoger Dingledine2003-10-18
| | | | | | | make dnsconn->address reflect what it's currently resolving svn:r624
* start to track down the 'peer has invalid cert' bugRoger Dingledine2003-10-18
| | | | svn:r623
* no more memory leaksRoger Dingledine2003-10-18
| | | | | | | | when you run it under normal operation for as many as three minutes svn:r622
* fix two more memory problemsRoger Dingledine2003-10-18
| | | | | | | one remains :) svn:r621
* clean up memory leaks, confusionsRoger Dingledine2003-10-18
| | | | | | | still one memory leak remaining here. svn:r620
* we've been stomping on memory while reading configRoger Dingledine2003-10-18
| | | | | | | doesn't seem to have bitten us yet, but let's fix that :) svn:r619
* log to stdout while parsing config,Roger Dingledine2003-10-18
| | | | | | | otherwise we log to nothing and give no feedback! svn:r617
* rewrite close_logs so it could possibly workRoger Dingledine2003-10-18
| | | | | | | remove deadbeef memory-clobber testing (for now) svn:r616
* put a blank line in the directory, before the first routerRoger Dingledine2003-10-17
| | | | | | | this makes it easier to read (at least for me) svn:r613
* try to make cvs more stable for now. need to test this more in a bit.Roger Dingledine2003-10-17
| | | | svn:r612
* reload the fingerprints file on HUPRoger Dingledine2003-10-17
| | | | svn:r611
* catch misconfigured machines that return hostname as fqdnRoger Dingledine2003-10-17
| | | | svn:r610
* Log TLS errors even harderNick Mathewson2003-10-15
| | | | svn:r604
* Add more logging on some ssl errors.Nick Mathewson2003-10-15
| | | | svn:r603
* closing stdout *should* be safe (we'll see)Roger Dingledine2003-10-15
| | | | svn:r601
* Report delivery cell fullness correctlyNick Mathewson2003-10-15
| | | | svn:r600
* change buf->buf to buf->memRoger Dingledine2003-10-15
| | | | | | | maybe this will mean fewer dumb errors svn:r599
* fix bug with overzealous shrinking; add more comments.Nick Mathewson2003-10-15
| | | | svn:r597
* clean up logging, allow user to specify log filesRoger Dingledine2003-10-15
| | | | | | | | | | | | If DebugLogFile is specified, log to it at -l debug If LogFile is specified, log to it at the -l from the commandline (default info) If no LogFile *and* not a Daemon, then log to stdout. Make conn->s = -1 by default (this might break things) When kill -USR1, prefer to log at INFO, but make sure they always see it. svn:r596
* Build without warnings on OS X.Nick Mathewson2003-10-15
| | | | svn:r595
* Make add_file_log return 0 on success.Nick Mathewson2003-10-15
| | | | svn:r594