aboutsummaryrefslogtreecommitdiff
path: root/src
Commit message (Collapse)AuthorAge
* stop putting wacky values into state->lastwrittenRoger Dingledine2011-04-28
|
* fix a function commentRoger Dingledine2011-04-28
|
* Avoid false positives from proxy_mode()Nick Mathewson2011-04-28
| | | | | | | Previously it would erroneously return true if ListenAddr was set for a client port, even if that port itself was 0. This would give false positives, which were not previously harmful... but which were about to become.
* Fix bug 1930Robert Ransom2011-04-28
|
* Ignore SIGNAL NEWNYM on relay-only Tor instancesRobert Ransom2011-04-28
|
* Don't allow v0 HS auths to act as clientsRobert Ransom2011-04-28
| | | | | | | A v0 HS authority stores v0 HS descriptors in the same descriptor cache that its HS client functionality uses. Thus, if the HS authority operator clears its client HS descriptor cache, ALL v0 HS descriptors will be lost. That would be bad.
* Correct the logic from f14754fbd for tor_gmtime_rJohn Brooks2011-04-28
|
* Detect and handle NULL returns from (gm/local)time_rNick Mathewson2011-04-28
| | | | | | | | | | | | | | | | | | | | | These functions can return NULL for otherwise-valid values of time_t. Notably, the glibc gmtime manpage says it can return NULL if the year if greater than INT_MAX, and the windows MSDN gmtime page says it can return NULL for negative time_t values. Also, our formatting code is not guaranteed to correctly handle years after 9999 CE. This patch tries to correct this by detecting NULL values from gmtime/localtime_r, and trying to clip them to a reasonable end of the scale. If they are in the middle of the scale, we call it a downright error. Arguably, it's a bug to get out-of-bounds dates like this to begin with. But we've had bugs of this kind in the past, and warning when we see a bug is much kinder than doing a NULL-pointer dereference. Boboper found this one too.
* Merge remote-tracking branch 'sebastian/bug2497' into maint-0.2.2Nick Mathewson2011-04-28
|\
| * Don't report empty bw-history lines in extrainfoSebastian Hahn2011-04-19
| | | | | | | | | | | | | | | | | | | | | | Some tor relays would report lines like these in their extrainfo documents: dirreq-write-history 2011-03-14 16:46:44 (900 s) This was confusing to some people who look at the stats. It would happen whenever a relay first starts up, or when a relay has dirport disabled. Change this so that lines without actual bw entries are omitted. Implements ticket 2497.
* | Clean up merge of bug3k_021Robert Ransom2011-04-28
| |
* | Merge branch 'bug3k_021' into bug3k_022Sebastian Hahn2011-04-28
|\ \ | | | | | | | | | | | | | | | Conflicts: src/or/or.h src/or/rendclient.c
| * | Fix a failure case of connection_ap_handshake_attach_circuit()Sebastian Hahn2011-04-28
| | | | | | | | | | | | | | | tor_fragile_assert() might be a no-op, so we have to return something here to indicate failure to the caller.
| * | Fix a bug introduced by purging rend_cache on NEWNYMRobert Ransom2011-04-28
| | | | | | | | | | | | | | | | | | | | | | | | If the user sent a SIGNAL NEWNYM command after we fetched a rendezvous descriptor, while we were building the introduction-point circuit, we would give up entirely on trying to connect to the hidden service. Original patch by rransom slightly edited to go into 0.2.1
| * | Allow rend_client_send_introduction to fail transientlyRobert Ransom2011-04-28
| | | | | | | | | | | | i.e. without closing the AP connection.
| * | Forget all rendezvous client state on SIGNAL NEWNYMRobert Ransom2011-04-28
| | |
* | | Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2Nick Mathewson2011-04-27
|\| | | | | | | | | | | | | | Conflicts: src/common/torint.h
| * | Make SIZE_T_CEILING unsigned; add a signed SSIZE_T_CEILINGNick Mathewson2011-04-26
| | | | | | | | | | | | | | | | | | | | | None of the comparisons were _broken_ previously, but avoiding signed/unsigned comparisons makes everybody happier. Fixes bug2475.
* | | Fix clear_trackhostexits_mapping() to actually work as advertisedNick Mathewson2011-04-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, it would remove every trackhostexits-derived mapping *from* xyz.<exitname>.exit; it was supposed to remove every trackhostexits-derived mapping *to* xyz.<exitname>.exit. Bugfix on 0.2.0.20-rc: fixes an XXX020 added while staring at bug-1090 issues.
* | | make make check-spaces happier.Roger Dingledine2011-04-27
| | | | | | | | | | | | (still not happy.)
* | | Fix double-free bug in microdesc parsercypherpunks2011-04-27
| | |
* | | explain an argument in a function commentRoger Dingledine2011-04-27
| | |
* | | Instead of checking whether we have unremoved intro points, check for usable ↵Nick Mathewson2011-04-27
| | | | | | | | | | | | ones
* | | better user-facing warnings for unexpected last hopsRoger Dingledine2011-04-27
| | | | | | | | | | | | | | | these still aren't perfect, but we won't know how to correct them until we start experiencing surprised users.
* | | warn if we launch too many circuits for a given streamRoger Dingledine2011-04-27
| | |
* | | revert most of ef81649d2fcRoger Dingledine2011-04-27
| | | | | | | | | | | | | | | | | | | | | | | | Now we believe it to be the case that we never build a circuit for our stream that has an unsuitable exit, so we'll never need to use such a circuit. The risk is that we have some code that builds the circuit, but now we refuse to use it, meaning we just build a bazillion circuits and ignore them all.
* | | Add a circuit_purpose_to_string() function, and use itNick Mathewson2011-04-27
| | | | | | | | | | | | | | | We had a circuit_purpose_to_controller_string() function, but it was pretty coarse-grained and didn't try to be human-readable.
* | | Fix a check-spaces complaintSebastian Hahn2011-04-26
| | |
* | | Explain the "using anyway" log message betterSebastian Hahn2011-04-26
| | | | | | | | | | | | | | | Also add a request to report any cases where we are not honoring StrictNodes to the developers: These should now all be bugs.
* | | Fix a log msgSebastian Hahn2011-04-26
| | |
* | | Check transition of circuit purpose from INTRO->GENERAL if nodes are constrainedNick Mathewson2011-04-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This looked at first like another fun way around our node selection logic: if we had introduction circuits, and we wound up building too many, we would turn extras into general-purpose circuits. But when we did so, we wouldn't necessarily check whether the general-purpose circuits conformed to our node constraints. For example, the last node could totally be in ExcludedExitNodes and we wouldn't have cared... ...except that the circuit should already be internal, so it won't get user streams attached to it, so the transition should generally be allowed. Add an assert to make sure we're right about this, and have it not check whether ExitNodes is set, since that's irrelevant to internal circuits.
* | | When cannibalizing a circuit, make sure it has no ExcludeNodes on itNick Mathewson2011-04-26
| | | | | | | | | | | | | | | This could happen if StrictNodes was 0 and we were forced to pick an excluded node as the last hop of the circuit.
* | | When there is a transition in permitted nodes, apply it to trackexithosts mapNick Mathewson2011-04-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | IOW, if we were using TrackExitHosts, and we added an excluded node or removed a node from exitnodes, we wouldn't actually remove the mapping that points us at the new node. Also, note with an XXX022 comment a place that I think we are looking at the wrong string.
* | | Simplify calls to routerset_equalNick Mathewson2011-04-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | The routerset_equal function explicitly handles NULL inputs, so there's no need to check inputs for NULL before calling it. Also fix a bug in routerset_equal where a non-NULL routerset with no entries didn't get counted as equal to a NULL routerset. This was untriggerable, I think, but potentially annoying down the road.
* | | If we have chosen an exit that shares a family with all bridges, fail the ↵Nick Mathewson2011-04-26
| | | | | | | | | | | | | | | | | | | | | circuit We could probably do something smarter here, but the situation is unusual enough that it's okay to just fail the circuit.
* | | Do not try to download descriptors for bridges in ExcludeNodes.Nick Mathewson2011-04-26
| | |
* | | Correct the behavior of .exit with ExcludeNodes, StrictNodes, etc.Nick Mathewson2011-04-26
| | | | | | | | | | | | | | | | | | | | | ExcludeExitNodes foo now means that foo.exit doesn't work. If StrictNodes is set, then ExcludeNodes foo also overrides foo.exit. foo.exit , however, still works even if foo is not listed in ExitNodes.
* | | Note another place that we need to fix a 1090 issue.Nick Mathewson2011-04-26
| | |
* | | Do not automatically ignore Fast/Stable for exits when ExitNodes is setNick Mathewson2011-04-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This once maybe made sense when ExitNodes meant "Here are 3 exits; use them all", but now it more typically means "Here are 3 countries; exit from there." Using non-Fast/Stable exits created a potential partitioning opportunity and an annoying stability problem. (Don't worry about the case where all of our ExitNodes are non-Fast or non-Stable: we handle that later in the function by retrying with need_capacity and need_uptime set to 0.)
* | | Note a slightly less likely way to violate ExcludeNodesNick Mathewson2011-04-26
| | |
* | | Note that circuit purpose changing can violate ExcludeNodesNick Mathewson2011-04-26
| | |
* | | If we're excluded, and StrictNodes is set, do not do self-tests.Nick Mathewson2011-04-26
| | |
* | | Add an XXX022-1090 to note consider_exit_fmily b0rkennessNick Mathewson2011-04-26
| | |
* | | three more cases where maybe we want to excludeRoger Dingledine2011-04-26
| | |
* | | make formal a constraint that's been true a while nowRoger Dingledine2011-04-26
| | |
* | | refuse moria1.exit if moria1 is excludedRoger Dingledine2011-04-26
| | | | | | | | | | | | add a note reminding us to do this for foo.moria1.exit if we decide to.
* | | note another case where strictnodes is considered for exitsRoger Dingledine2011-04-26
| | |
* | | If ExitNodes and Exclude{Exit}Nodes overlap, obey Exclude{Exit}Nodes.Roger Dingledine2011-04-26
| | | | | | | | | | | | Also, ExitNodes are always strict.
* | | the new entrynodes behavior is always strictRoger Dingledine2011-04-26
| | |
* | | don't exit enclave to excluded relaysRoger Dingledine2011-04-26
| | |