| Commit message (Collapse) | Author | Age |
|---|
| | |
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Authorities don't set is_possible_guard on node_t, so they were
never deciding that they could build enough paths. This is a quick
and dirty fix.
Bug not in any released version of Tor
|
| |\ \
| |/
|/| |
|
| | |
| |
| |
| |
| |
| |
| | |
This prevents bug 8147, where such nodes would accrue points towards
Guard, Fast, HSDir, and so on.
Fixes bug 8147.
|
| | |
| |
| |
| | |
Another bug 8145 fix.
|
| | |
| |
| |
| | |
Fix for 8145.
|
| | | |
|
| | |
| |
| |
| | |
Fixes bug 8146.
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | | |
It appears that the code for 7291 gave an unused-value warning when
built with --disable-curve25519.
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| | |
The fix is to move the two functions to format/parse base64
curve25519 public keys into a new "crypto_format.c" file. I could
have put them in crypto.c, but that's a big file worth splitting
anyway.
Fixes bug 8153; bugfix on 0.2.4.8-alpha where I did the fix for 7869.
|
| |/
|
|
|
|
|
| |
These seem to have gotten conflicted out of existence while mike was
working on path bias stuff.
Thanks to sysrqb for collecting these in a handy patch.
|
| | |
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is ticket 7706, reported by "bugcatcher." The rationale here
is that if somebody says 'ExcludeNodes {tv}', then they probably
don't just want to block definitely Tuvaluan nodes: they also want
to block nodes that have unknown country, since for all they know
such nodes are also in Tuvalu.
This behavior is controlled by a new GeoIPExcludeUnknown autobool
option. With the default (auto) setting, we exclude ?? and A1 if
any country is excluded. If the option is 1, we add ?? and A1
unconditionally; if the option is 0, we never add them.
(Right now our geoip file doesn't actually seem to include A1: I'm
including it here in case it comes back.)
This feature only takes effect if you have a GeoIP file. Otherwise
you'd be excluding every node.
|
| |\ \ |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When we first implemented TLS, we assumed in conneciton_handle_write
that a TOR_TLS_WANT_WRITE from flush_buf_tls meant that nothing had
been written. But when we moved our buffers to a ring buffer
implementation back in 0.1.0.5-rc (!), we broke that invariant: it's
possible that some bytes have been written but nothing.
That's bad. It means that if we do a sequence of TLS writes that ends
with a WANTWRITE, we don't notice that we flushed any bytes, and we
don't (I think) decrement buckets.
Fixes bug 7708; bugfix on 0.1.0.5-rc
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | | |
This informational counter is probably now redundant, but might as well keep
it consistent I guess.
|
| | | |
| | |
| | |
| | | |
It had nothing to do with circuit build times.
|
| | | | |
|
| | | |
| | |
| | |
| | | |
The other remaining parameters don't really need range checks.
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Also document it better.
Mention this refactoring in the comments for the path state machine.
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | | |
Also, deprecate the torrc options for the scaling values. It's unlikely anyone
but developers will ever tweak them, even if we provided a single ratio value.
|
| | | | |
|
| | | | |
|
| | | | |
|
| |\ \ \ |
|
| | | | | |
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | | |
This is the non-automated portion of bug 7599.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This is meant to avoid conflict with the built-in log() function in
math.h. It resolves ticket 7599. First reported by dhill.
This was generated with the following perl script:
#!/usr/bin/perl -w -i -p
s/\blog\(LOG_(ERR|WARN|NOTICE|INFO|DEBUG)\s*,\s*/log_\L$1\(/g;
s/\blog\(/tor_log\(/g;
|
| |/ / /
| | |
| | |
| | |
| | | |
Improve the log message when "Bug/attack: unexpected sendme cell
from client" occurs.
|
| | | | |
|
| | | | |
|
| |\ \ \ |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This is allowed by the C statndard, which permits you to represent
doubles any way you like, but in practice we have some code that
assumes that memset() clears doubles in structs. Noticed as part of
7802 review; see 8081 for more info.
|
| | | | |
| | | |
| | | |
| | | | |
Cosmetic tweak on 5956; not in any released tor.
|
| | | | | |
|
| |\ \ \ \
| |/ / /
|/| | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Instead of hardcoding the minimum fraction of possible paths to 0.6, we
take it from the user, and failing that from the consensus, and
failing that we fall back to 0.6.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Previously we did this based on the fraction of descriptors we
had. But really, we should be going based on what fraction of paths
we're able to build based on weighted bandwidth, since otherwise a
directory guard or two could make us behave quite oddly.
Implementation for feature 5956
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
This way we get the usable nodes themselves, so we can feed them into
frac_nodes_with_descriptors
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This is a minimal refactoring to expose the weighted bandwidth
calculations for each node so I can use them to see what fraction of
nodes, weighted by bandwidth, we have descriptors for.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
When we implemented #5823 and removed v2 directory request info, we
never actually changed the unit tests not to expect it.
Fixes bug 8084; bug not in any released version of Tor.
|