aboutsummaryrefslogtreecommitdiff
path: root/src
Commit message (Collapse)AuthorAge
...
| | * | Fix logic error in router_dump_router_to_string.Robert Ransom2010-11-19
| | | | | | | | | | | | | | | | Spotted by Nick Mathewson.
| | * | Generate a router descriptor even if generating an extra-info descriptor fails.Robert Ransom2010-11-17
| | | | | | | | | | | | | | | | Fixes bug #2195.
| | * | Do not emit an extra-info-digest descriptor line if the digest is zero.Robert Ransom2010-11-17
| | | |
| * | | Add comments to some of the bug2183 fix codeNick Mathewson2010-11-19
| | | |
| * | | Tweak the bugfix for 2183 a bit more.Karsten Loesing2010-11-17
| | | |
| * | | Don't use log_err for non-criticial warnings.Karsten Loesing2010-11-15
| | | |
| * | | Try harder not to exceed the 50 KB extra-info descriptor limit.Karsten Loesing2010-11-15
| |/ / | | | | | | | | | | | | | | | Our checks that we don't exceed the 50 KB size limit of extra-info descriptors apparently failed. This patch fixes these checks and reserves another 250 bytes for appending the signature. Fixes bug 2183.
* | | new development versionRoger Dingledine2010-11-16
| | |
* | | bump to 0.2.2.18-alphaRoger Dingledine2010-11-16
| | |
* | | warn more about AllowSingleHopExitsRoger Dingledine2010-11-16
| | |
* | | Merge commit 'nickm/1776_redux_v1' into maint-0.2.2Roger Dingledine2010-11-15
|\ \ \
| * | | Clean up my 1776 fix a bitNick Mathewson2010-11-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Sebastian notes (and I think correctly) that one of our ||s should have been an &&, which simplifies a boolean expression to decide whether to replace bridges. I'm also refactoring out the negation at the start of the expression, to make it more readable.
| * | | Bulletproof the routerlist manipulation functions to handle reinserting the ↵Nick Mathewson2010-11-10
| | | | | | | | | | | | | | | | same descriptor
| * | | Fix the assert in bug 1776Nick Mathewson2010-11-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | In the case where old_router == NULL but sdmap has an entry for the router, we can currently safely infer that the old_router was not a bridge. Add an assert to ensure that this remains true, and fix the logic not to die with the tor_assert(old_router) call.
* | | | Move controller event for socks warning into log_unsafe_socks_warningNick Mathewson2010-11-15
| | | |
* | | | Merge branch 'bug2000_nm_022' into maint-0.2.2Nick Mathewson2010-11-15
|\ \ \ \
| * | | | Rate-limit unsafe socks warningSebastian Hahn2010-11-15
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Pick 5 seconds as the limit. 5 seconds is a compromise here between making sure the user notices that the bad behaviour is (still) happening and not spamming their log too much needlessly (the log message is pretty long). We also keep warning every time if safesocks is specified, because then the user presumably wants to hear about every blocked instance. (This is based on the original patch by Sebastian, then backported to 0.2.2 and with warnings split into their own function.)
* | | | Merge remote branch 'sebastian/manpagefixups' into maint-0.2.2Nick Mathewson2010-11-15
|\ \ \ \ | |/ / / |/| | |
| * | | Break NoPublish supportSebastian Hahn2010-11-10
| | | |
| * | | Change Natd into NATD in our options.Sebastian Hahn2010-11-10
| | | | | | | | | | | | | | | | | | | | Breaking this out of the last commit because this might be more controversial.
| * | | Synx manpage and source wrt option capitalizationSebastian Hahn2010-11-10
| | | | | | | | | | | | | | | | | | | | | | | | We had a spelling discrepancy between the manpage and the source code for some option. Resolve these in favor of the manpage, because it makes more sense (for example, HTTP should be capitalized).
| * | | Comment out the (unused) RunTesting optionSebastian Hahn2010-11-10
| | | | | | | | | | | | | | | | | | | | | | | | The code that makes use of the RunTesting option is #if 0, so setting this option has no effect. Mark the option as obsolete for now, so that Tor doesn't list it as an available option erroneously.
| * | | Remove the torrc.complete file.Sebastian Hahn2010-11-10
| | | | | | | | | | | | | | | | | | | | We haven't been keeping it up to date, and the manpage exists as a replacement for users who want an overview of all available options.
* | | | Avoid perma-blocking the controller on bug in shrink_freelistNick Mathewson2010-11-12
| | | | | | | | | | | | | | | | | | | | In all likelihood, this bug would make Tor assert, but if it doesn't, let's not have two bugs.
* | | | Disable logging to control port connections in buf_shrink_freelists.Robert Ransom2010-11-12
| | | | | | | | | | | | | | | | | | | | If buf_shrink_freelists calls log_warn for some reason, we don't want the log call itself to throw buf_shrink_freelists further off the rails.
* | | | Move the original log_info call out of the core of buf_shrink_freelists.Robert Ransom2010-11-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Sending a log message to a control port can cause Tor to allocate a buffer, thereby changing the length of the freelist behind buf_shrink_freelists's back, thereby causing an assertion to fail. Fixes bug #1125.
* | | | Merge branch 'maint-0.2.1' into maint-0.2.2Roger Dingledine2010-11-11
|\ \ \ \ | | |_|/ | |/| |
| * | | let unpublished bridges learn their ip address tooRoger Dingledine2010-11-11
| | | |
* | | | Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2Nick Mathewson2010-11-10
|\| | | | |/ / |/| |
| * | Enforce multiplicity rules when parsing annotations.Nick Mathewson2010-11-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | We would never actually enforce multiplicity rules when parsing annotations, since the counts array never got entries added to it for annotations in the token list that got added by earlier calls to tokenize_string. Found by piebeer.
| * | Fix a bug where seting allow_annotations==0 only ignores annotations, but ↵Nick Mathewson2010-11-10
| | | | | | | | | | | | does not block them
* | | move to the november 1 maxmind geoip dbRoger Dingledine2010-11-06
| | |
* | | Remove delay to become HSDir in privnetsSebastian Hahn2010-10-26
| |/ |/|
* | Properly refcount client_identity_keySebastian Hahn2010-10-26
| | | | | | | | | | | | | | | | | | | | In a2bb0bf we started using a separate client identity key. When we are in "public server mode" (that means not a bridge) we will use the same key. Reusing the key without doing the proper refcounting leads to a segfault on cleanup during shutdown. Fix that. Also introduce an assert that triggers if our refcount falls below 0. That should never happen.
* | Fix a whitespace errorNick Mathewson2010-10-21
| |
* | Merge branch 'bug988-nm' into maint-0.2.2Nick Mathewson2010-10-21
|\ \
| * | Add some asserts to get_{tlsclient|server}_identity_keyNick Mathewson2010-10-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | We now require that: - Only actual servers should ever call get_server_identity_key - If you're being a client or bridge, the client and server keys should differ. - If you're being a public relay, the client and server keys should be the same.
| * | Rename get_client_identity_key to get_tlsclient_identity_keyNick Mathewson2010-10-21
| | |
| * | Maintain separate server and client identity keys when appropriate.Robert Ransom2010-10-04
| | | | | | | | | | | | Fixes a bug described in ticket #988.
| * | Maintain separate server and client TLS contexts.Robert Ransom2010-10-04
| | | | | | | | | | | | Fixes bug #988.
| * | Refactor tor_tls_context_new:Robert Ransom2010-10-04
| | | | | | | | | | | | | | | | | | | | | * Make tor_tls_context_new internal to tortls.c, and return the new tor_tls_context_t from it. * Add a public tor_tls_context_init wrapper function to replace it.
| * | Add public_server_mode function.Robert Ransom2010-10-04
| | |
* | | Fix a remaining bug in Robert's bug1859 fix.Nick Mathewson2010-10-21
| | | | | | | | | | | | | | | | | | When intro->extend_info is created for an introduction point, it only starts out with a nickname, not necessarily an identity digest. Thus, doing router_get_by_digest isn't necessarily safe.
* | | Merge remote branch 'hoganrobert/bug1859' into maint-0.2.2Nick Mathewson2010-10-21
|\ \ \
| * | | Issues with router_get_by_nickname()Robert Hogan2010-10-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | https://trac.torproject.org/projects/tor/ticket/1859 Use router_get_by_digest() instead of router_get_by_hexdigest() in circuit_discard_optional_exit_enclaves() and rend_client_get_random_intro(), per Nick's comments. Using router_get_by_digest() in rend_client_get_random_intro() will break hidden services published by Tor versions pre 0.1.2.18 and 0.2.07-alpha as they only publish by nickname. This is acceptable however as these versions only publish to authority tor26 and don't work for versions in the 0.2.2.x series anyway.
| * | | Issues with router_get_by_nickname()Robert Hogan2010-10-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | https://trac.torproject.org/projects/tor/ticket/1859 There are two problems in this bug: 1. When an OP makes a .exit request specifying itself as the exit, and the exit is not yet listed, Tor gets all the routerinfos needed for the circuit but discovers in circuit_is_acceptable() that its own routerinfo is not in the routerdigest list and cannot be used. Tor then gets locked in a cycle of repeating these two steps. When gathering the routerinfos for a circuit, specifically when the exit has been chosen by .exit notation, Tor needs to apply the same rules it uses later on when deciding if it can build a circuit with those routerinfos. 2. A different bug arises in the above situation when the Tor instance's routerinfo *is* listed in the routerlist, it shares its nickname with a number of other Tor nodes, and it does not have 'Named' rights to its nickname. So for example, if (i) there are five nodes named Bob in the network, (ii) I am running one of them but am flagged as 'Unnamed' because someone else claimed the 'Bob' nickname first, and (iii) I run my Tor as both client and exit the following can happen to me: - I go to www.evil.com - I click on a link www.evil.com.bob.exit - My request will exit through my own Tor node rather than the 'Named' node Bob or any of the others. - www.evil.com now knows I am actually browsing from the same computer that is running my 'Bob' node So to solve both issues we need to ensure: - When fulfilling a .exit request we only choose a routerinfo if it exists in the routerlist, even when that routerinfo is ours. - When getting a router by nickname we only return our own router information if it is not going to be used for building a circuit. We ensure this by removing the special treatment afforded our own router in router_get_by_nickname(). This means the function will only return the routerinfo of our own router if it is in the routerlist built from authority info and has a unique nickname or is bound to a non-unique nickname. There are some uses of router_get_by_nickname() where we are looking for the router by name because of a configuration directive, specifically local declaration of NodeFamilies and EntryNodes and other routers' declaration of MyFamily. In these cases it is not at first clear if we need to continue returning our own routerinfo even if our router is not listed and/or has a non-unique nickname with the Unnamed flag. The patch treats each of these cases as follows: Other Routers' Declaration of MyFamily This happens in routerlist_add_family(). If another router declares our router in its family and our router has the Unnamed flag or is not in the routerlist yet, should we take advantage of the fact that we know our own routerinfo to add us in anyway? This patch says 'no, treat our own router just like any other'. This is a safe choice because it ensures our client has the same view of the network as other clients. We also have no good way of knowing if our router is Named or not independently of the authorities, so we have to rely on them in this. Local declaration of NodeFamilies Again, we have no way of knowing if the declaration 'NodeFamilies Bob,Alice,Ringo' refers to our router Bob or the Named router Bob, so we have to defer to the authorities and treat our own router like any other. Local declaration of NodeFamilies Again, same as above. There's also no good reason we would want our client to choose it's own router as an entry guard if it does not meet the requirements expected of any other router on the network. In order to reduce the possibility of error, the patch also replaces two instances where we were using router_get_by_nickname() with calls to router_get_by_hexdigest() where the identity digest of the router is available.
* | | | Merge remote branch 'sebastian/relay_early_rend' into maint-0.2.2Nick Mathewson2010-10-21
|\ \ \ \
| * | | | Send relay_early cells in rend circsSebastian Hahn2010-10-18
| | |/ / | |/| | | | | | | | | | | | | | There are no relay left that run version 0.2.1.3 through 0.2.1.18, so changing this behaviour should be safe now.
* | | | Fix a logic error in 98aee84. Found by boboperNick Mathewson2010-10-20
| | | |
* | | | Add a ! to directory_caches_dir_info() to fix a logic errorNick Mathewson2010-10-20
| | | | | | | | | | | | | | | | | | | | | | | | We want to fetch directory info more aggressively if we need it to refuseunknownexits. Thus, we'll want it if our exit policy is _NOT_ reject *.
generated by cgit v1.2.3 (git 2.49.0) at 2025-04-27 15:46:09 +0000