| Commit message (Expand) | Author | Age |
|---|
| ... | |
| * | comment choose_good_exit_server•••svn:r822
| Nick Mathewson | 2003-11-17 |
| * | trivial bugfixes•••svn:r821
| Roger Dingledine | 2003-11-17 |
| * | Fix a segfault caused by a weird logic error and masked by another.•••svn:r820
| Nick Mathewson | 2003-11-17 |
| * | recognize in-progress circs and don't start redundant ones•••quickly notice streams that don't have a circ on the way, and start one
svn:r819
| Roger Dingledine | 2003-11-17 |
| * | bugfixes•••svn:r818
| Roger Dingledine | 2003-11-16 |
| * | change when circuits are built and expired•••not quite happy with it yet
svn:r817
| Roger Dingledine | 2003-11-16 |
| * | bugfix: if you recognize a relay cell, don't also pass it on.•••svn:r816
| Roger Dingledine | 2003-11-16 |
| * | dump exit policies correctly to descriptor•••svn:r815
| Roger Dingledine | 2003-11-16 |
| * | initial patches on patches•••svn:r814
| Roger Dingledine | 2003-11-16 |
| * | Finish implementing the rest of the exitpolicy stuff, except for automaticall...•••svn:r813
| Nick Mathewson | 2003-11-16 |
| * | Improved exit policy syntax; basic client-side DNS caching.•••- Exit policies now support bitmasks (18.0.0.0/255.0.0.0) and bitcounts
18.0.0.0/8. Policies are parsed on startup, not when comparing to them.
- desired_path_len is now part of an opaque cpath_build_state_t structure.
- END_REASON_EXITPOLICY cells no longer include a port.
- RELAY_COMMAND_CONNECTED cells now include the IP address we've connected
to.
- connection_edge now has a client_dns cache to remember resolved addresses.
It gets populated by RELAY_COMMAND_CONNECTED cells and END_REASON_EXITPOLICY
cells. It gets used by connection_ap_handshake_send_begin. We don't
compare it to exit policies yet.
svn:r812
| Nick Mathewson | 2003-11-14 |
| * | commencing the bughunt•••svn:r811
| Roger Dingledine | 2003-11-14 |
| * | bump default pathlen to 3; clean up surrounding code•••svn:r810
| Roger Dingledine | 2003-11-13 |
| * | let getconfig survive repeated calls. now we call it again when we hup.•••change RecommendedVersions into a config option, so dirservers can hup
for a new one
svn:r809
| Roger Dingledine | 2003-11-13 |
| * | fix trivial typo•••svn:r808
| Roger Dingledine | 2003-11-13 |
| * | warn on startup that we don't provide anonymity•••make exit dns cache entries last 15 minutes
svn:r807
| Roger Dingledine | 2003-11-13 |
| * | lay groundwork for EntryNodes and ExitNodes•••svn:r805
| Roger Dingledine | 2003-11-12 |
| * | break out the string manipulation routines•••svn:r804
| Roger Dingledine | 2003-11-12 |
| * | make dir parsing robust to invalid but well-formed descriptors•••svn:r800
| Roger Dingledine | 2003-11-12 |
| * | Remove minor biasing problem from crypto_pseudo_rand_int•••svn:r799
| Nick Mathewson | 2003-11-12 |
| * | connection_ap_handshake_send_begin always succeeds•••svn:r798
| Roger Dingledine | 2003-11-12 |
| * | Make crypto_pseudo_rand* never fail.•••svn:r797
| Nick Mathewson | 2003-11-12 |
| * | Restore erroneously removed assert•••svn:r796
| Nick Mathewson | 2003-11-12 |
| * | Fix thinko: Failure and success are different things.•••svn:r795
| Nick Mathewson | 2003-11-12 |
| * | Remove dead code•••svn:r794
| Nick Mathewson | 2003-11-12 |
| * | Compute paths as we build them.•••svn:r793
| Nick Mathewson | 2003-11-12 |
| * | Refactor onion_generate_cpath to build cpaths one hop at a time. This•••is a the first step in computing hops one step at a time. Next, we move
the responsibility for calling onion_extend_cpath into circuit.c
(Later, we may want to special-case onion_extend_cpath to treat entry
and exit routers differently.)
svn:r792
| Nick Mathewson | 2003-11-12 |
| * | point out bug•••svn:r791
| Roger Dingledine | 2003-11-11 |
| * | more cleanups and bugfix•••svn:r790
| Roger Dingledine | 2003-11-11 |
| * | leave conn->socks_request around after the begin•••that way we can reuse it if we need to try another begin later
svn:r788
| Roger Dingledine | 2003-11-11 |
| * | conn->socks_version is obsolete•••svn:r787
| Roger Dingledine | 2003-11-11 |
| * | respond to nick's questions•••svn:r786
| Roger Dingledine | 2003-11-11 |
| * | fix a bug in handling clock skew•••svn:r785
| Roger Dingledine | 2003-11-11 |
| * | Rename aci to circ_id throughout.•••svn:r784
| Nick Mathewson | 2003-11-11 |
| * | Make AP connections wait for a circuit if none exists.•••Also:
- Refactor socks request into a separate struct
- Add a separate 'waiting for circuit' state to AP connections
between 'waiting for socks' and 'open'.
Arma: can you check out the XXX's I've added to connection_edge? I may
be mishandling some async and close logic.
svn:r783
| Nick Mathewson | 2003-11-11 |
| * | client now survives going offline better•••fix badness in usage()
if neither socksport nor orrport is defined, quit
obsolete connection_flush_buf()
svn:r780
| Roger Dingledine | 2003-11-10 |
| * | Check in a working cross-platform timegm•••svn:r779
| Nick Mathewson | 2003-11-10 |
| * | Add lots of logging to dns.c; change behavior of often-failing assertion•••svn:r778
| Nick Mathewson | 2003-11-08 |
| * | bugfix for win32 with lots of users•••plus general cleanup on switch_id()
svn:r684
| Roger Dingledine | 2003-10-27 |
| * | remove obsolete config file•••svn:r681
| Roger Dingledine | 2003-10-27 |
| * | add DirBindAddress, parse the BindAddress's when you bind•••exit if bind fails
add usage printfs
rearrange config options for readability
svn:r674
| Roger Dingledine | 2003-10-25 |
| * | Use daemon(3) function where available.•••svn:r665
| Nick Mathewson | 2003-10-23 |
| * | resolve warning•••svn:r664
| Nick Mathewson | 2003-10-23 |
| * | Two-pronged attack at my overzealous skew fixes.•••The problem was that the fixes had us generating TLS certs with a
2-day lifetime on the assumption that we'd rotate fairly often. In
fact, we never rotate our TLS keys.
This patch fixes the situation in 2 ways:
1. It bumps the default lifetime back up to one year until we get
rotation in place.
2. It changes tor_tls_context_new() so that it doesn't leak memory
when you call it more than once.
svn:r663
| Nick Mathewson | 2003-10-23 |
| * | switch_id() no longer tries to log the user name when it's calld on•••Windows, since we don't know whether it's the user or the group that
was set.
svn:r659
| Steven Hazel | 2003-10-22 |
| * | Clock skew fixes.•••Allow some slop (currently 3 minutes) when checking certificate validity.
Change certificate lifetime from 1 year to 2 days. Since we
regenerate regularly (we regenerate regularly, right??), this
shouldn't be a problem.
Have directories reject descriptors published too far in the future
(currently 30 minutes). If dirservs don't do this:
0) Today is January 1, 2000.
1) A very skewed server publishes descriptor X with a declared
publication time of August 1, 2000.
2) The directory includes X.
3) Because of certificate lifetime issues, nobody can use the
skewed server.
4) The server fixes its skew, and goes to republish a new descriptor Y
with publication time of January 1, 2000.
5) But because the directory already has a "more recent" descriptor X,
it rejects descriptor "Y" as superseded!
This patch should make step 2 go away.
svn:r658
| Nick Mathewson | 2003-10-22 |
| * | - fixed a bug in the id switching code -- setgid has to happen before••• setuid, because after we setuid we don't have the priviledges we
need to setgid anymore, duh. merged switch_user() and
switch_group() into switch_id(), since that code has to be wound
together.
- return -1 from switch_id() if it's not defined to do anything else.
- moved daemoinize(), write_pidfile(), and switch_id() from main.c to
util.c
svn:r656
| Steven Hazel | 2003-10-22 |
| * | play with connection_edge_send_command•••maybe more robust now
svn:r655
| Roger Dingledine | 2003-10-22 |
| * | move default exit policy into config files•••svn:r654
| Roger Dingledine | 2003-10-22 |
| * | make end relay cells have payloads•••move default exit policy into config files
svn:r653
| Roger Dingledine | 2003-10-22 |