| Commit message (Collapse) | Author | Age |
|---|
| ... | |
| |/ / /
| | |
| | |
| | |
| | | |
Found by rransom while working on issue #988. Bugfix on
0.2.2.17-alpha. Fixes bug 2097.
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Whether or not OpenSSL reference-counts SSL_CTX objects is irrelevant;
what matters is that Tor reference-counts its wrapper objects for
SSL_CTXs.
|
| | | | |
|
| | | | |
|
| |\ \ \
| | |/
| |/| |
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When picking bridges (or other nodes without a consensus entry (and
thus no bandwidth weights)) we shouldn't just trust the node's
descriptor. So far we believed anything between 0 and 10MB/s, where 0
would mean that a node doesn't get any use from use unless it is our
only one, and 10MB/s would be a quite siginficant weight. To make this
situation better, we now believe weights in the range from 20kB/s to
100kB/s. This should allow new bridges to get use more quickly, and
means that it will be harder for bridges to see almost all our traffic.
|
| | | | |
|
| |\ \ \ |
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
This won't change any behavior, since it will still be rounded back
up to 2seconds, but should reduce the chances of some extra warns.
|
| |\ \ \ \ |
|
| | |/ / / |
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
In the first 100 circuits, our timeout_ms and close_ms
are the same. So we shouldn't transition circuits to purpose
CIRCUIT_PURPOSE_C_MEASURE_TIMEOUT, since they will just timeout again
next time we check.
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | | |
Also, cap the measurement timeout to 2X the max we've seen.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
We really should ignore any timeouts that have *no* network activity for their
entire measured lifetime, now that we have the 95th percentile measurement
changes. Usually this is up to a minute, even on fast connections.
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
If we really want all this complexity for these stages here, we need to handle
it better for people with large timeouts. It should probably go away, though.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Rechecking the timeout condition was foolish, because it is checked on the
same codepath. It was also wrong, because we didn't round.
Also, the liveness check itself should be <, and not <=, because we only have
1 second resolution.
|
| |\| | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
We now differentiate between timeouts and cutoffs by the REASON string and
the PURPOSE string.
|
| |\| | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
Use 4/3 of this timeout value for 4 hop circuits, and use half of it for
canabalized circuits.
|
| | | | | |
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Specifically, a circ attempt that we'd launched while the network was
down could timeout after we've marked our entrynodes up, marking them
back down again. The fix is to annotate as bad the OR conns that were
around before we did the retry, so if a circuit that's attached to them
times out we don't do anything about it.
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
Otherwise we'd never set have_minimum_dir_info to false, so the
"optimistic retry" would never trigger.
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
We used to mark all our known bridges up when they're all down and we
get a new socks request. Now do that when we've set EntryNodes too.
|
| | | | | |
|
| | | | | |
|
| |\ \ \ \
| | |/ /
| |/| | |
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | | |
plus quiet a log line
|
| | | | | |
|
| |\ \ \ \ |
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
When we enabled support to change statistic options without restarting
Tor we forgot to initialize geoip_countries. Fix that.
|
| |\ \ \ \ \
| |/ / / /
|/| | | | |
|
| | | | | | |
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
The RefuseUnknownExits config option is now a tristate, with "1"
meaning "enable it no matter what the consensus says", "0" meaning
"disable it no matter what the consensus says", and "auto" meaning "do
what the consensus says". If the consensus is silent, we enable
RefuseUnknownExits.
This patch also changes the dirserv logic so that refuseunknownexits
won't make us cache unless we're an exit.
|
| |\ \ \ \ \ |
|
| | | | | | | |
|
| | | | | | | |
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
This function uses GetSystemDirectory() to make sure we load the version
of the library from c:\windows\system32 (or local equivalent) rather than
whatever version lives in the cwd.
|
| |\ \ \ \ \ \ |
|
| | | | | | | | |
|