Merge branch 'maint-0.2.1' into release-0.2.1
This commit is contained in:
commit
64d1b8364e
41
LICENSE
41
LICENSE
|
@ -8,7 +8,6 @@
|
|||
If you got this file as a part of a larger bundle,
|
||||
there may be other license terms that you should be aware of.
|
||||
|
||||
|
||||
===============================================================================
|
||||
Tor is distributed under this license:
|
||||
|
||||
|
@ -72,14 +71,42 @@ under the following license:
|
|||
* OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
|
||||
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
|
||||
===============================================================================
|
||||
src/config/geoip is licensed under the following license:
|
||||
|
||||
OPEN DATA LICENSE (GeoLite Country and GeoLite City databases)
|
||||
|
||||
Copyright (c) 2008 MaxMind, Inc. All Rights Reserved.
|
||||
|
||||
All advertising materials and documentation mentioning features or use of
|
||||
this database must display the following acknowledgment:
|
||||
"This product includes GeoLite data created by MaxMind, available from
|
||||
http://maxmind.com/"
|
||||
|
||||
Redistribution and use with or without modification, are permitted provided
|
||||
that the following conditions are met:
|
||||
1. Redistributions must retain the above copyright notice, this list of
|
||||
conditions and the following disclaimer in the documentation and/or other
|
||||
materials provided with the distribution.
|
||||
2. All advertising materials and documentation mentioning features or use of
|
||||
this database must display the following acknowledgement:
|
||||
"This product includes GeoLite data created by MaxMind, available from
|
||||
http://maxmind.com/"
|
||||
3. "MaxMind" may not be used to endorse or promote products derived from this
|
||||
database without specific prior written permission.
|
||||
|
||||
THIS DATABASE IS PROVIDED BY MAXMIND, INC ``AS IS'' AND ANY
|
||||
EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
||||
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
||||
DISCLAIMED. IN NO EVENT SHALL MAXMIND BE LIABLE FOR ANY
|
||||
DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
|
||||
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
|
||||
ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
|
||||
DATABASE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
===============================================================================
|
||||
If you got Tor as a static binary with OpenSSL included, then you should know:
|
||||
"This product includes software developed by the OpenSSL Project
|
||||
for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||
===============================================================================
|
||||
"This program uses the IP-to-Country Database provided by
|
||||
WebHosting.Info (http://www.webhosting.info), available from
|
||||
http://ip-to-country.webhosting.info."
|
||||
See the src/config/geoip file in particular.
|
||||
===============================================================================
|
||||
|
||||
|
|
|
@ -0,0 +1,10 @@
|
|||
o Major bugfixes
|
||||
- Do even more to reject (and not just ignore) annotations on
|
||||
router descriptors received anywhere but from the cache.
|
||||
Previously we would ignore such annotations at first, but cache
|
||||
them to disk anyway. Bugfix on 0.2.0.8-alpha. Found by piebeer.
|
||||
|
||||
o Minor bugfixes
|
||||
- Enforce multiplicity rules when parsing annotations. Bugfix on
|
||||
0.2.0.8-alpha. Found by piebeer.
|
||||
|
|
@ -0,0 +1,8 @@
|
|||
o Major bugfixes
|
||||
- Do not log messages to the controller while shrinking buffer
|
||||
freelists. Doing so would sometimes make the controller
|
||||
connection try to allocate a buffer chunk, which would mess
|
||||
up the internals of the freelist and cause an assertion
|
||||
failure. Fixes bug 1125; fixed by Robert Ransom. Bugfix on
|
||||
Tor 0.2.0.16-alpha.
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
o Minor bugfixes:
|
||||
- Fix an assertion failure that could occur in caches or bridge users
|
||||
when using a very short voting interval on a testing network.
|
||||
Diagnosed by Robert Hogan. Fixes bug 1141; bugfix on 0.2.0.8-alpha.
|
||||
|
|
@ -0,0 +1,7 @@
|
|||
o Minor bugfixes:
|
||||
- Allow handshaking OR connections to take a full KeepalivePeriod
|
||||
seconds to handshake. Previously, we would close them after
|
||||
IDLE_OR_CONN_TIMEOUT seconds, as if they were open. This is a
|
||||
bugfix on 0.2.1.26. Thanks to mingw-san for analysis help. Fixes
|
||||
bug 1840.
|
||||
|
|
@ -0,0 +1,6 @@
|
|||
o Major bugfixes:
|
||||
- When you use bridges and your network goes away and your bridges
|
||||
get marked as down, recover when you attempt a new socks connection
|
||||
(if the network is back) rather than waiting up to an hour to try
|
||||
fetching new descriptors for your bridges. Bugfix on 0.2.0.3-alpha;
|
||||
fixes bug 1981.
|
|
@ -0,0 +1,5 @@
|
|||
o Major bugfixes:
|
||||
- Learn our external IP address when we're a relay or bridge, even if
|
||||
we set PublishServerDescriptor to 0. Bugfix on 0.2.0.3-alpha,
|
||||
where we introduced bridge relays that don't need to publish to
|
||||
be useful. Fixes bug 2050.
|
|
@ -0,0 +1,7 @@
|
|||
o Major bugfixes
|
||||
- Do not set the tlsext_host_name extension on server SSL objects;
|
||||
only on client SSL objects. We set it to immitate a browser, not a
|
||||
vhosting server. This resolves an incompatibility with openssl 0.9.8p
|
||||
and openssl 1.0.0b. Fixes bug 2204; bugfix on 0.2.1.1-alpha.
|
||||
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
o Minor features:
|
||||
- Update to the October 1 2010 Maxmind GeoLite Country database.
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
o Minor features:
|
||||
- Update to the September 1 2010 Maxmind GeoLite Country database.
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
o Minor features
|
||||
- Update to the August 1 2010 Maxmind GeoLite Country database.
|
||||
|
|
@ -0,0 +1,2 @@
|
|||
o Minor features
|
||||
- Update to the June 1 2010 Maxmind GeoLite Country database.
|
|
@ -0,0 +1,3 @@
|
|||
o New directory authorities:
|
||||
- Set up maatuska (run by Linus Nordberg) as the eighth v3 directory
|
||||
authority.
|
|
@ -0,0 +1,3 @@
|
|||
o Minor features:
|
||||
- Have clients begin understanding the new END_STREAM_REASON_NOROUTE
|
||||
error code.
|
|
@ -0,0 +1,5 @@
|
|||
o Major features:
|
||||
- Move to the Maxmind GeoIP db (rather than the June 2009
|
||||
ip-to-country GeoIP db) for our statistics that count how many
|
||||
users relays are seeing from each country. Now we have more accurate
|
||||
data for many African countries.
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes:
|
||||
- When building with --enable-gcc-warnings on OpenBSD, disable
|
||||
warnings in system headers. This makes --enable-gcc-warnings
|
||||
pass on OpenBSD 4.8.
|
|
@ -0,0 +1,5 @@
|
|||
o Removed files:
|
||||
- Remove the old debian/ directory from the main Tor distribution.
|
||||
The official Tor-for-debian git repository lives at the URL
|
||||
https://git.torproject.org/debian/tor.git .
|
||||
|
11
configure.in
11
configure.in
|
@ -819,6 +819,15 @@ if test x$enable_gcc_warnings = xyes || test x$enable_gcc_warnings_advisory = xy
|
|||
have_shorten64_flag=no)
|
||||
CFLAGS="$save_CFLAGS"
|
||||
|
||||
case $host in
|
||||
*-*-openbsd*)
|
||||
# Some OpenBSD versions (like 4.8) have -Wsystem-headers by default.
|
||||
# That's fine, except that the headers don't pass -Wredundant-decls.
|
||||
# Therefore, let's disable -Wsystem-headers when we're building
|
||||
# with maximal warnings on OpenBSD.
|
||||
CFLAGS="$CFLAGS -Wno-system-headers" ;;
|
||||
esac
|
||||
|
||||
CFLAGS="$CFLAGS -W -Wfloat-equal -Wundef -Wpointer-arith -Wstrict-prototypes -Wmissing-prototypes -Wwrite-strings -Wredundant-decls -Wchar-subscripts -Wcomment -Wformat=2 -Wwrite-strings -Wmissing-declarations -Wredundant-decls -Wnested-externs -Wbad-function-cast -Wswitch-enum"
|
||||
if test x$enable_gcc_warnings = xyes; then
|
||||
CFLAGS="$CFLAGS -Werror"
|
||||
|
@ -826,7 +835,7 @@ if test x$enable_gcc_warnings = xyes || test x$enable_gcc_warnings_advisory = xy
|
|||
|
||||
# Disabled, so we can use mallinfo(): -Waggregate-return
|
||||
|
||||
if test x$have_gcc4 = xyes ; then
|
||||
if test x$have_gcc4 = xyes ; then
|
||||
# These warnings break gcc 3.3.5 and work on gcc 4.0.2
|
||||
CFLAGS="$CFLAGS -Winit-self -Wmissing-field-initializers -Wdeclaration-after-statement -Wold-style-definition"
|
||||
fi
|
||||
|
|
|
@ -1,16 +0,0 @@
|
|||
This is the Debian package for Tor, The Onion Router.
|
||||
|
||||
Some changes have been made to the Tor source to integrate it better into
|
||||
Debian. If Tor is started as root or the 'debian-tor' user, then:
|
||||
|
||||
- RunAsDaemon is enabled,
|
||||
- PidFile is set to /var/run/tor/tor.pid (No default upstream),
|
||||
- default logging goes to /var/log/tor/log (instead of stdout),
|
||||
- DataDirectory is set to /var/lib/tor (uses $HOME/.tor upstream),
|
||||
- User is set to "debian-tor".
|
||||
|
||||
If Tor is started as any other user it behaves just like upstream's.
|
||||
|
||||
--
|
||||
Peter Palfrader, Mon, 24 Jul 2006 05:20:30 +0200
|
||||
Sat, 23 Feb 2008 13:44:40 +0100
|
|
@ -1,18 +0,0 @@
|
|||
Tor only provides TCP layer anonymity. It does not do any protocol
|
||||
cleaning, so if you are going to browse the web you still give away a
|
||||
lot of information to servers.
|
||||
|
||||
The privoxy package provides a privacy enhancing HTTP proxy, which
|
||||
is good at filtering headers, cookies, and much more. To view the
|
||||
description of the Debian privoxy package just run "apt-cache show
|
||||
privoxy". Please refer to the privoxy documentation for more details.
|
||||
|
||||
In order to use privoxy over tor, add the following line to your
|
||||
privoxy configuration file:
|
||||
forward-socks4a / localhost:9050 .
|
||||
(the dot is important)
|
||||
|
||||
Then configure your browser to use privoxy as its HTTP proxy.
|
||||
|
||||
--
|
||||
Peter Palfrader <weasel@debian.org>, Tue, 17 Feb 2004 02:15:36 +0100
|
|
@ -1,10 +0,0 @@
|
|||
Legend:
|
||||
- Not done
|
||||
* Top priority
|
||||
. Partially done
|
||||
o Done
|
||||
D Deferred
|
||||
X Abandoned
|
||||
|
||||
- don't enable coredumps by default
|
||||
- fix shipped html docs to refer to local stylesheet
|
File diff suppressed because it is too large
Load Diff
|
@ -1 +0,0 @@
|
|||
5
|
|
@ -1,74 +0,0 @@
|
|||
Source: tor
|
||||
Section: comm
|
||||
Priority: optional
|
||||
Maintainer: Peter Palfrader <weasel@debian.org>
|
||||
Build-Depends: debhelper (>= 5), libssl-dev, dpatch, zlib1g-dev, libevent-dev (>= 1.1), texlive-base-bin, texlive-latex-base, texlive-fonts-recommended, transfig, ghostscript, binutils (>= 2.14.90.0.7)
|
||||
Standards-Version: 3.8.1
|
||||
Homepage: https://www.torproject.org/
|
||||
|
||||
Package: tor
|
||||
Architecture: any
|
||||
Depends: ${shlibs:Depends}, adduser, tsocks
|
||||
Conflicts: libssl0.9.8 (<< 0.9.8g-9)
|
||||
Recommends: privoxy | polipo (>= 1), socat, logrotate, tor-geoipdb
|
||||
Suggests: mixmaster, mixminion, anon-proxy
|
||||
Description: anonymizing overlay network for TCP
|
||||
Tor is a connection-based low-latency anonymous communication system which
|
||||
addresses many flaws in the original onion routing design.
|
||||
.
|
||||
In brief, Onion Routing is a connection-oriented anonymizing communication
|
||||
service. Users choose a source-routed path through a set of nodes, and
|
||||
negotiate a "virtual circuit" through the network, in which each node
|
||||
knows its predecessor and successor, but no others. Traffic flowing down
|
||||
the circuit is unwrapped by a symmetric key at each node, which reveals
|
||||
the downstream node.
|
||||
.
|
||||
Basically Tor provides a distributed network of servers ("onion
|
||||
routers"). Users bounce their tcp streams (web traffic, ftp, ssh, etc)
|
||||
around the routers, and recipients, observers, and even the routers
|
||||
themselves have difficulty tracking the source of the stream.
|
||||
.
|
||||
Note that Tor does no protocol cleaning. That means there is a danger that
|
||||
application protocols and associated programs can be induced to reveal
|
||||
information about the initiator. Tor depends on Privoxy and similar protocol
|
||||
cleaners to solve this problem.
|
||||
.
|
||||
Client applications can use the Tor network by connecting to the local
|
||||
onion proxy. If the application itself does not come with socks support
|
||||
you can use a socks client such as tsocks. Some web browsers like mozilla
|
||||
and web proxies like privoxy come with socks support, so you don't need an
|
||||
extra socks client if you want to use Tor with them.
|
||||
.
|
||||
This package enables only the onion proxy by default, but it can be configured
|
||||
as a relay (server) node.
|
||||
.
|
||||
Remember that this is development code -- don't rely on the current Tor
|
||||
network if you really need strong anonymity.
|
||||
.
|
||||
The latest information can be found at https://www.torproject.org/, or on the
|
||||
mailing lists, archived at http://archives.seul.org/or/talk/ or
|
||||
http://archives.seul.org/or/announce/.
|
||||
|
||||
Package: tor-dbg
|
||||
Architecture: any
|
||||
Depends: tor (= ${binary:Version})
|
||||
Suggests: gdb
|
||||
Priority: extra
|
||||
Section: debug
|
||||
Description: debugging symbols for Tor
|
||||
This package provides the debugging symbols for Tor, The Onion Router.
|
||||
Those symbols allow your debugger to assign names to your backtraces, which
|
||||
makes it somewhat easier to interpret core dumps.
|
||||
|
||||
Package: tor-geoipdb
|
||||
Architecture: all
|
||||
Priority: extra
|
||||
Depends: tor (>= ${source:Version})
|
||||
Description: geoIP database for Tor
|
||||
This package provides a geoIP database for Tor, i.e. it maps IPv4 addresses
|
||||
to countries.
|
||||
.
|
||||
Bridges (special Tor relays that aren't listed in the main Tor directory) use
|
||||
this information to report which countries they get access from. This allows
|
||||
the Tor network operators to learn if certain countries started blocking
|
||||
access to bridges.
|
|
@ -1,124 +0,0 @@
|
|||
This package was debianized by Peter Palfrader <weasel@debian.org> on
|
||||
Sat, 10 Jan 2004 11:20:06 +0100.
|
||||
|
||||
It was downloaded from https://www.torproject.org/
|
||||
|
||||
Upstream Authors: Roger Dingledine <arma@freehaven.net>
|
||||
Nick Mathewson <nickm@freehaven.net>
|
||||
|
||||
Copyright (c) 2001 Matej Pfajfar
|
||||
Copyright (c) 2001-2004, Roger Dingledine
|
||||
Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson
|
||||
Copyright (c) 2007-2008, The Tor Project, Inc.
|
||||
strlcat, strlcpy: Copyright (c) 1998 Todd C. Miller <Todd.Miller@courtesan.com>
|
||||
ht.h: Copyright (c) 2002, Christopher Clark, 2006 Nick Mathewson
|
||||
OpenBSD_malloc_Linux.c: phk@FreeBSD.ORG
|
||||
Modifications for Debian: Copyright (c) 2004, 2005, 2006, 2007, 2008 Peter Palfrader
|
||||
|
||||
Tor is distributed under this license:
|
||||
===============================================================================
|
||||
Copyright (c) 2001-2004, Roger Dingledine
|
||||
Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson
|
||||
Copyright (c) 2007-2008, The Tor Project, Inc.
|
||||
|
||||
Redistribution and use in source and binary forms, with or without
|
||||
modification, are permitted provided that the following conditions are
|
||||
met:
|
||||
|
||||
* Redistributions of source code must retain the above copyright
|
||||
notice, this list of conditions and the following disclaimer.
|
||||
|
||||
* Redistributions in binary form must reproduce the above
|
||||
copyright notice, this list of conditions and the following disclaimer
|
||||
in the documentation and/or other materials provided with the
|
||||
distribution.
|
||||
|
||||
* Neither the names of the copyright owners nor the names of its
|
||||
contributors may be used to endorse or promote products derived from
|
||||
this software without specific prior written permission.
|
||||
|
||||
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
||||
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
||||
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
|
||||
A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
||||
OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
||||
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
||||
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
||||
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
||||
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
|
||||
===============================================================================
|
||||
strlcat and strlcpy by Todd C. Miller are licensed under the following license:
|
||||
|
||||
* Copyright (c) 1998 Todd C. Miller <Todd.Miller@courtesan.com>
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. The name of the author may not be used to endorse or promote products
|
||||
* derived from this software without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
|
||||
* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
|
||||
* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
|
||||
* THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
|
||||
* EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
|
||||
* PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
|
||||
* OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
|
||||
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
|
||||
* OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
|
||||
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
===============================================================================
|
||||
ht.h by Nick Mathewson is licensed as follows:
|
||||
/*
|
||||
* Copyright 2005, Nick Mathewson. Implementation logic is adapted from code
|
||||
* by Cristopher Clark, retrofit to allow drop-in memory management, and to
|
||||
* use the same interface as Niels Provos's HT_H. I'm not sure whether this
|
||||
* is a derived work any more, but whether it is or not, the license below
|
||||
* applies.
|
||||
*
|
||||
* Copyright (c) 2002, Christopher Clark
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* * Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* * Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* * Neither the name of the original author; nor the names of any contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
||||
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
|
||||
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER
|
||||
* OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
|
||||
* EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
|
||||
* PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
|
||||
* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
||||
* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
|
||||
* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
|
||||
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*/
|
||||
===============================================================================
|
||||
OpenBSD_malloc_Linux.c:
|
||||
* "THE BEER-WARE LICENSE" (Revision 42):
|
||||
* <phk@FreeBSD.ORG> wrote this file. As long as you retain this notice you
|
||||
* can do whatever you want with this stuff. If we meet some day, and you think
|
||||
* this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp
|
|
@ -1,155 +0,0 @@
|
|||
255044462d312e330a25c7ec8fa20a362030206f626a0a3c3c2f4c656e6774682037203020522f46
|
||||
696c746572202f466c6174654465636f64653e3e0a73747265616d0a789c5d90cd4ec3300cc7ef79
|
||||
0adf188795384ddae638560e48e3c09617d84a988a56a47e48686f4f9cafc114b5b17ffedbb13d02
|
||||
2f10389d7877031bd9d35ec27966b250f0c3107a5656356053c3e0ad1a2eecc0aa46444656601413
|
||||
4a7017e030594748afb488991245ce0d94ac4443fc7f3e629d9ef66678075599299991d698299991
|
||||
ea265332031d01fdd8e9ea0678366e70245234603e595808822a84ffccc056db7eea5edb47f3c5b0
|
||||
74db4127fc602b41400807d691ecede578255aa2a3dcb3c332d9e310b2a5ceb8edcf765eeeb43bfb
|
||||
4da42a9368633604d6024924b9fb11bff5535651ba7d6b8352dc35f8a73cfa097893fb4df57d92d9
|
||||
51c64318312962599d4afa1214ccbd28aee1745dec1c22e8f791a35eef3d7e6b4926aff2b579f4a4
|
||||
6ec87f31f0cee8fc02f62c8fb3656e6473747265616d0a656e646f626a0a372030206f626a0a3330
|
||||
350a656e646f626a0a352030206f626a0a3c3c2f547970652f506167652f4d65646961426f78205b
|
||||
302030203235342037345d0a2f506172656e742033203020520a2f5265736f75726365733c3c2f50
|
||||
726f635365745b2f504446202f546578745d0a2f457874475374617465203132203020520a2f466f
|
||||
6e74203133203020520a3e3e0a2f436f6e74656e74732036203020520a3e3e0a656e646f626a0a33
|
||||
2030206f626a0a3c3c202f54797065202f5061676573202f4b696473205b0a35203020520a5d202f
|
||||
436f756e7420310a3e3e0a656e646f626a0a312030206f626a0a3c3c2f54797065202f436174616c
|
||||
6f67202f50616765732033203020520a3e3e0a656e646f626a0a342030206f626a0a3c3c2f547970
|
||||
652f4578744753746174652f4e616d652f52342f54522f4964656e746974792f4f504d20312f534d
|
||||
20302e30323e3e0a656e646f626a0a392030206f626a0a3c3c2f547970652f466f6e744465736372
|
||||
6970746f722f466f6e744e616d652f524a464b46552b54696d65732d526f6d616e2f466f6e744242
|
||||
6f785b2d313638202d3238312031303331203932345d2f466c6167732033340a2f417363656e7420
|
||||
3932340a2f436170486569676874203637360a2f44657363656e74202d3238310a2f4974616c6963
|
||||
416e676c6520300a2f5374656d56203131310a2f4d697373696e675769647468203235300a2f5848
|
||||
6569676874203436310a2f43686172536574282f73706163652f7a65726f2f6f6e652f74776f2f66
|
||||
6f75722f666976652f7369782f65696768742f6e696e652f412f432f442f492f4c2f4d2f522f532f
|
||||
542f612f622f632f652f672f692f6c2f6d2f6e2f722f732f742f79290a2f466f6e7446696c653320
|
||||
38203020523e3e0a656e646f626a0a382030206f626a0a3c3c2f537562747970652f547970653143
|
||||
2f46696c7465722f466c6174654465636f64652f4c656e677468203131203020523e3e7374726561
|
||||
6d0a789c6556695453e7bade31247b3b715a737304ac496aadf6d409ad56a8536570442b838c2a83
|
||||
040886843109210904c2f83287210408934c822032aa200e60716aab56056d0fdada5b3b1ee939eb
|
||||
7e9b7efcb83b9c75effd71d7cada2b6befef7bbeef7ddfe77d9e9745d82c20582c16cfebd0bec3fb
|
||||
8eaff391c488133678c9634265d6d76be9152cfa9d05f44a36de89cfff59fda7236725e151cb5e5a
|
||||
ff8eedc0325af8367af11734fa16c166b17aee7eeb2a8f4d8e974446258a3e38eee5f7b775ebd6ff
|
||||
df9bcdcececea2b0e4fff922721327482265a235cc1f85582a8f8d11cb1277885c99d552a9e4b428
|
||||
529a1c1b95200a0d0f17875bb7f9864ac56744fb2452496cac5c21fac0f56fa22d8e8e9b37308f2d
|
||||
3b44479362c4f1f2f522892c42229324268b4265e1a2cf62c491a1a298d070b115c02d4692189f2c
|
||||
daea2891fdefeea39298b0a404d17cb4a2a372679187c84b1c99240d8dffff5f0882107aec4d969d
|
||||
3ee22a768b8f4cf04a9478fb1c9486c6846ddeb275dbc74ece224782d840ac220289cf08376223b1
|
||||
9ad847bc4f781307081fe223e2387188d84a6c233e248e102ec451c2955846f0083ef1576239614f
|
||||
38102ce26d42c45482b06100aeb076b0ce2fe02c885bf033fb20fba6cd2a0ec1a9e2aee62ab97748
|
||||
093940bea13650f7176a174e2d122c4a5cd4bef8ddc5c54b784b3296642df91115dad2082caa8bf4
|
||||
1bcbb2ef6696f362e907c885af166b1335eaa8709f6427a00e705d74255d423a8684875555cf8a29
|
||||
0bee52918f334d5a70a7e68e91bc0be0aed5b864512a92d9dec5bd825c38b6b3116041017df4bb75
|
||||
ac595f0bff54a1be3cea312ea0efd929b9387c2ef5305e939a12946baf4281163248696aad2cac2a
|
||||
36092fa1851c64e6f6adab8c2d8d03ad3dc4ab337cf328153292733a54ce47246a45146ee5d8d239
|
||||
5836435f31b36839edcbc72b34dc8eeaf494ecbccc1c83f043dc8649549259956d820a7ba835970e
|
||||
1450661ca6259bb36bd28c6ac4c579768519e698d680ea48d0d88326d1431da38d4b52692113d20b
|
||||
f4c5aa5275911aa844a53221ba23beff8b2b37d1eaeb42b4915e6feaa8286f2ab467ce0733ed7083
|
||||
75771ab94db3abe955fc92c2f2fc0aa05acb3481429c4f82579ad63f9bd2a02833e95fa4a9846e0a
|
||||
9d27af0c3554760235dc243d28c462123c74ea00eba2703319589c5a09c3144a267f0abeb9f7a454
|
||||
7d78bfe0196928084c96a4f9a430271ed33fa2396d2c9864d3ab90233fc89da115508e879f23f28f
|
||||
1b0fbfe936a545940b4b928cf2dae47ab06f6eb034de74bfbc3dd05f1919260c0896ef879d14feeb
|
||||
b38d883dd45b7dae5bd0d2646969bf45d9feb9142cb33616d6af8374ed0c7bf663fa017f2e8004a7
|
||||
54dd4ea6a6a8d342ba146babe021451f631860323d2e61181044e2b8b9029c42177070a08afb6d96
|
||||
29155ca8b90f4958ad55396532fb522de4ee227523bca1e8b5242a9abbcc70d2767693769076aa47
|
||||
cebd2c40147b96606a978e141c0537539192aa8474d0146a4a02ab038c27c0199ca4477cdc8f8837
|
||||
025e001bdbb75df5fafcd08fe2df0171e0f74b13df50c9b57bdd0ec63881bd0778d785f4f80c4b7f
|
||||
00c4a6d0c1d768217a7f6c5471ba57d071c62cb71ca2acc9fb0ac93a10d9cda2d723277ed09e10d9
|
||||
61f0829036d958728fa13377824213dc8c7bfab6f88e98ee93f57e10002792c5921361b16ee04c61
|
||||
c1a36d88fcf9c92d44f40bf0145acfaf983a7f610226a0496eda4acdd35d75817e71416559f6fd0c
|
||||
cd45ace5bc9a7f22161f5c53757be65b438a2e701105ffeabc7df3dead0bafe057f82166cae7c6fe
|
||||
af30ab1baf048a57831b55dc6786b274d84bcd74f279d27315c6be97f75224570453c7fbb6012600
|
||||
2f0adbfec9097f9967ea56a04ea79675086dd14b30a37ffcc67a38cd2ea51df8558565f995409d2d
|
||||
4b0916e24212020c86c3a90cbf0c66727fa1da0c63144a223b06465a4acab2f415826a6d45a609a8
|
||||
26734d6ba7a24e122a4b740b14fe486615f82645ea8ea9ece7db6c0cdd398ba22f16b72e8307b2bf
|
||||
23f7c99696e53c4c47d376fc8bbb49255332656992d12eb63cb6388e89036ddcebeae8d122be1f2d
|
||||
542527ab33b3a2653a2528415199daa7a478d8cd2f363ac2c1772af8e72753cdfda3829e73351dd0
|
||||
03b74ff4ef2dc4fc123bdf82f832a886baceae1663595e695e2158724d792570017acde75a3a5bcd
|
||||
5d30026d598dda0e0a1be61cf89d86e799c340fd67a72ed2734f38e67ce4d936d8586aea1f11f250
|
||||
317acdbfd5da75e95cb33aa65a501b557912c2296f59d4c9cf42effd22b0a5edf50d29f5f4e63a5d
|
||||
c332b88d9c1f3055435fa22ff8bcf5d9e81d4e1a373737dd9097970df699a02f482b668a644c4a2a
|
||||
8a5bb1d3cbdfd5bbe3f48b20e1787497b22601a4f6c167e4fe12a9a94125509c4d6fd48d51295c9e
|
||||
07763491a5e5450595500655b98d990c40666b4b76ed8ac9bbe30f46123a3feb1662e2aebc5a7316
|
||||
5aec7bcfb55e1a6b976c6914307d0216fa0f2b9b5ecc209d954d43b36b2d7c71a1b25c761e87a112
|
||||
bb2f4ced959d2d1dcd967eb80c03ba0b716d146fb24fecd4bc61056f08b7a9b84f32cad3c08d9a73
|
||||
675a599ffaa9b525db99962cd699e0118502c89b05281d4f70d036ee5c10fd92cf9b6cad30f6a2b7
|
||||
c7433604284223558293715199eb72295b744e3f4a2fe9608d4db3919169d73588e296e715660a0c
|
||||
e999e906bdd8272428253bcd9069802cc8c9cf2dcca5aee1ebdceded21b7867b9a463b05ba0a45bc
|
||||
5a9f04f6119a963b4274f10dc94032da796786f58c8174a543f878930f47431af32b0b4cf96560df
|
||||
344f5e0d09aefab47d5671d49bc983c519e5d67b23d21f29f8b18989727943626b5b63435b6b62a3
|
||||
4c684b5fd3d52bbae823f5685ddfb2b69748fb66396f98f69e75e22bb8d98969696ad00323e9c688
|
||||
aa08e31908816075b42c4a9a1c0a7eb063d01bd91c7b241e0d3b2b2ed3152b2081e2690e049c74d9
|
||||
e27103d9060812b9bce1761cc569e0e65b2aabcc500135d916438fa637a3172844be7af6c7b73ef7
|
||||
b0dd43e1aaf1d041b84edde8efb93dd4af8aec129c3b5315577d8c3acb9d3759fab77e16d2cfb051
|
||||
e92cc19fcb21e1e3b43427abc20e5948e722ad09bea668e3751271a121b9112fa09ab8996837676e
|
||||
829b8977739ab84d88d568413640595bfedf82cd6091568df95497ba3d87011a61800a53aaac408c
|
||||
547f5d659a2e62a47a4445bec8aa4c6354653ef1d6ac5b66d9fc126e457e65be11a88e72ed09e15c
|
||||
1c09c7b53a8f2c26dd6966d2a328b51c6e50f44f6476819f5aacdfa79ef79f71daae69197cbfef7b
|
||||
f4de37cb79afe9a3f7f96a6d6a9686714a43d5a010f991309ad5a6694aea0eb11c63a46072c3de40
|
||||
8fc43a6563537d5d43515e715ea930b72ccf08a5544b4743ef708becb8e02889371e5167848829de
|
||||
eb24a55612ede031183c31d8573f3a2128f6ab55f4c179a8afeceaa1f0a6bff3419a95ae484dd0ca
|
||||
d3154045c9cf0f088b48b8d5d78d960e321a6c6158b57294f5601a79587f6c0b63caa642a3d5949b
|
||||
cb528284b8c41aa3c63b8f8931de4cfa16682ae02285ba4828309697969e6d1ca8e9026ab021ca5d
|
||||
889961c73b2dcdcbcabe4433e995afa981db142a26db073a6b2f0135561beb24c4918cc96764781a
|
||||
9845723319571053a0ab858bf6288c448bc23fdfede91fe7795c903c2669390ec120d73a79504f18
|
||||
3ff757317eaeb14aabbe835e7c87757f1a29bf67a30db3bbf85905a19ad88c133a7b590627852cc9
|
||||
2f8252a07acbd2438573d5a4f445f47364378316a0f7d05ff6fcb4f6a86764a052e06b73f172f7e8
|
||||
d4c82e6c8bd941879dfd4e359e15cc4f27ac99976c34c874003ee0c8d19295c515454505b5a53545
|
||||
e540d59769ce08ad2e1f9d919892ae49d7e6845ab3d2662677e6a794c3158afe95b4823ca51b1fb3
|
||||
d0c44b362d472bf9bae2082f5dfa29b0c7195cb413b9bd7a7df1294cd9ffe393c9f77cfc924e4708
|
||||
ce483467d46ef55976bdbf75777c05d4f498d7f65d27376edf22c4fbb0272795769847ad476beed2
|
||||
bbea58e83c33ca48510aff7dda33988bbf98f3e41c46e7f18e49b46386c407eef2b1818b0ce817eb
|
||||
b4473f7fc642530fd8e820fd9c8ffcb9d550545058daf3ca2ebd54a3d06729984b89b99885f579b9
|
||||
9007b9f6594539c68e5e83ae4f80c8886b47e0036addd14f7729d5a50d3182338d89e50c8164dad4
|
||||
78f1e58427d38f5aae8e082f0dd58fc15378a4ba1430123ce8d58817d53363438eb695b6b9c482d7
|
||||
a8e80736ed35fb291f73f59e2a177f4cec3e86b9801d606bcb4703013dc1d7136e3372f0d6cb9f91
|
||||
00fd87cb37980c5618c41ec216b40ed920026d6ea67018bec87f39e28adfc60bc28fba7f74fc27b4
|
||||
e9aab1b5ce2cacaf3e57c6506ffeb8595bc6679fba3f46f2af7c9e2ee7bd420334c9a8f3efd7bafa
|
||||
bf74f8d6f5f3b598f5c901c74316d9bf360978af30e19c24ddeff0e1b3fd8883964cdeff6352328c
|
||||
97fe20485ecdffdaaf2912bca943a74e1ddae33ffedddd86fef1cb82e149066bcb78e4a59b0ee343
|
||||
7d77be1c08dee7253fe5251664e50064e758af80f403b44d2b0b7e44865fd9b792f8c8c674c3f2e5
|
||||
f03f9f4ea0b700ada090f326b410f3f1e22d6bf00a6cfbe81344dce8afeebb2608c3db315b84d7c7
|
||||
51e8169ae583323b3d2d5d9e10a18b046a4fd013b478acfaf3fa66614dddd98a36a0be1bda867732
|
||||
f34ba135eae6d965cd2cf805997eb1caa313df0742d511519ede624c025e0898d589175ef6be107c
|
||||
35611caec2404d77d7f88d1e669a424b2914ea88dec5cb053971fce921ccc1622c0e166ddb16fc5f
|
||||
281c450d21f64ba1adb28ef6ad433e75dcf6452f16b71b972c7951bb642941fc37bd8f00ed0a656e
|
||||
6473747265616d0a656e646f626a0a31312030206f626a0a333531350a656e646f626a0a31322030
|
||||
206f626a0a3c3c2f52340a34203020523e3e0a656e646f626a0a31332030206f626a0a3c3c2f5231
|
||||
300a3130203020523e3e0a656e646f626a0a31302030206f626a0a3c3c2f537562747970652f5479
|
||||
7065312f42617365466f6e742f524a464b46552b54696d65732d526f6d616e2f547970652f466f6e
|
||||
742f4e616d652f5231302f466f6e7444657363726970746f722039203020522f4669727374436861
|
||||
722033322f4c61737443686172203235312f5769647468735b0a3235302033333320343038203530
|
||||
30203530302038333320373738203333332033333320333333203530302035363420323530203333
|
||||
3320323530203237380a353030203530302035303020353030203530302035303020353030203530
|
||||
3020353030203530302032373820323738203536342035363420353634203434340a393231203732
|
||||
32203636372036363720373232203631312035353620373232203732322033333320333839203732
|
||||
32203631312038383920373232203732320a35353620373232203636372035353620363131203732
|
||||
32203732322039343420373232203732322036313120333333203237382033333320343639203530
|
||||
300a3333332034343420353030203434342035303020343434203333332035303020353030203237
|
||||
382032373820353030203237382037373820353030203530300a3530302035303020333333203338
|
||||
39203237382035303020353030203732322035303020353030203434342034383020323030203438
|
||||
3020353431203235300a323530203235302032353020323530203235302032353020323530203235
|
||||
3020323530203235302032353020323530203235302032353020323530203235300a323530203235
|
||||
30203235302032353020323530203235302032353020323530203235302032353020323530203235
|
||||
30203235302032353020323530203235300a32353020333333203530302035303020313637203530
|
||||
30203530302035303020353030203138302034343420353030203333332033333320353536203535
|
||||
360a3235302035303020353030203530302032353020323530203435332033353020333333203434
|
||||
3420343434203530302031303030203130303020323530203434340a323530203333332033333320
|
||||
33333320333333203333332033333320333333203333332032353020333333203333332032353020
|
||||
33333320333333203333330a31303030203235302032353020323530203235302032353020323530
|
||||
2032353020323530203235302032353020323530203235302032353020323530203235300a323530
|
||||
20383839203235302032373620323530203235302032353020323530203631312037323220383839
|
||||
20333130203235302032353020323530203235300a32353020363637203235302032353020323530
|
||||
203237382032353020323530203237382035303020373232203530305d0a3e3e0a656e646f626a0a
|
||||
322030206f626a0a3c3c2f50726f6475636572284553502047686f737473637269707420372e3037
|
||||
293e3e656e646f626a0a787265660a302031340a303030303030303030302036353533352066200a
|
||||
30303030303030363138203030303030206e200a30303030303035373630203030303030206e200a
|
||||
30303030303030353539203030303030206e200a30303030303030363636203030303030206e200a
|
||||
30303030303030343039203030303030206e200a30303030303030303135203030303030206e200a
|
||||
30303030303030333930203030303030206e200a30303030303031303535203030303030206e200a
|
||||
30303030303030373335203030303030206e200a30303030303034373338203030303030206e200a
|
||||
30303030303034363535203030303030206e200a30303030303034363736203030303030206e200a
|
||||
30303030303034373036203030303030206e200a747261696c65720a3c3c202f53697a6520313420
|
||||
2f526f6f74203120302052202f496e666f2032203020520a3e3e0a7374617274787265660a353831
|
||||
300a2525454f460a
|
File diff suppressed because it is too large
Load Diff
|
@ -1,5 +0,0 @@
|
|||
# 02_add_debian_files_in_manpage.dpatch
|
||||
03_tor_manpage_in_section_8.dpatch
|
||||
06_add_compile_time_defaults.dpatch
|
||||
07_log_to_file_by_default.dpatch
|
||||
14_fix_geoip_warning
|
|
@ -1,45 +0,0 @@
|
|||
#! /bin/sh -e
|
||||
## 02_add_debian_files_in_manpage.dpatch by <weasel@debian.org>
|
||||
##
|
||||
## All lines beginning with `## DP:' are a description of the patch.
|
||||
## DP: Change the FILES section of the manpage to properly describe the situation on Debian systems.
|
||||
|
||||
if [ $# -lt 1 ]; then
|
||||
echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts
|
||||
patch_opts="${patch_opts:--f --no-backup-if-mismatch} ${2:+-d $2}"
|
||||
|
||||
case "$1" in
|
||||
-patch) patch -p1 ${patch_opts} < $0;;
|
||||
-unpatch) patch -R -p1 ${patch_opts} < $0;;
|
||||
*)
|
||||
echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
|
||||
exit 1;;
|
||||
esac
|
||||
|
||||
exit 0
|
||||
|
||||
@DPATCH@
|
||||
diff -urNad tor-0.1.1.5/doc/tor.1.in /tmp/dpep.E9VjWB/tor-0.1.1.5/doc/tor.1.in
|
||||
--- tor-0.1.1.12/doc/tor.1.in
|
||||
+++ /tmp/dpep.E9VjWB/tor-0.1.1.12/doc/tor.1.in
|
||||
@@ -700,9 +700,15 @@
|
||||
.TP
|
||||
.B @LOCALSTATEDIR@/lib/tor/
|
||||
The tor process stores keys and other data here.
|
||||
+.TP
|
||||
+.B /var/log/tor/
|
||||
+The tor server logs to this directory.
|
||||
+.TP
|
||||
+.B /var/run/tor/tor.pid
|
||||
+The PID of the tor (master) process is stored in this file.
|
||||
.LP
|
||||
.TP
|
||||
-.B \fIDataDirectory\fP/approved-routers
|
||||
+.B /var/lib/tor/approved-routers
|
||||
Only for naming authoritative directory servers
|
||||
(see \fBNamingAuthoritativeDirectory\fP).
|
||||
This file lists nickname to identity bindings. Each line lists a
|
|
@ -1,45 +0,0 @@
|
|||
#! /bin/sh -e
|
||||
## 03_tor_manpage_in_section_8.dpatch by <weasel@debian.org>
|
||||
##
|
||||
## All lines beginning with `## DP:' are a description of the patch.
|
||||
## DP: Move the Tor manpage from section 1 to section 8.
|
||||
|
||||
if [ $# -lt 1 ]; then
|
||||
echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts
|
||||
patch_opts="${patch_opts:--f --no-backup-if-mismatch} ${2:+-d $2}"
|
||||
|
||||
case "$1" in
|
||||
-patch) patch -p1 ${patch_opts} < $0;;
|
||||
-unpatch) patch -R -p1 ${patch_opts} < $0;;
|
||||
*)
|
||||
echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
|
||||
exit 1;;
|
||||
esac
|
||||
|
||||
exit 0
|
||||
|
||||
@DPATCH@
|
||||
diff -urNad tor-0.1.1.5/contrib/torify.1 /tmp/dpep.fOA3Mm/tor-0.1.1.5/contrib/torify.1
|
||||
--- tor-0.1.1.5/contrib/torify.1
|
||||
+++ /tmp/dpep.fOA3Mm/tor-0.1.1.5/contrib/torify.1
|
||||
@@ -18,6 +18,6 @@
|
||||
to suid binaries.
|
||||
|
||||
.SH SEE ALSO
|
||||
-.BR tor (1),
|
||||
+.BR tor (8),
|
||||
.BR tor-resolve (1),
|
||||
.BR tsocks (1),
|
||||
diff -urNad tor-0.1.1.5/doc/tor.1.in /tmp/dpep.fOA3Mm/tor-0.1.1.5/doc/tor.1.in
|
||||
--- tor-0.1.1.5/doc/tor.1.in
|
||||
+++ /tmp/dpep.fOA3Mm/tor-0.1.1.5/doc/tor.1.in
|
||||
@@ -1,4 +1,4 @@
|
||||
-.TH TOR 1 "January 2009" "TOR"
|
||||
+.TH TOR 8 "January 2009" "TOR"
|
||||
.SH NAME
|
||||
tor \- The second-generation onion router
|
||||
.SH SYNOPSIS
|
|
@ -1,118 +0,0 @@
|
|||
#! /bin/sh -e
|
||||
## 06_add_compile_time_defaults.dpatch by <weasel@debian.org>
|
||||
##
|
||||
## All lines beginning with `## DP:' are a description of the patch.
|
||||
## DP: Change a few compile time defaults so that Tor is better integrated on a Debian system
|
||||
|
||||
if [ $# -lt 1 ]; then
|
||||
echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts
|
||||
patch_opts="${patch_opts:--f --no-backup-if-mismatch} ${2:+-d $2}"
|
||||
|
||||
case "$1" in
|
||||
-patch) patch -p1 ${patch_opts} < $0;;
|
||||
-unpatch) patch -R -p1 ${patch_opts} < $0;;
|
||||
*)
|
||||
echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
|
||||
exit 1;;
|
||||
esac
|
||||
|
||||
exit 0
|
||||
|
||||
@DPATCH@
|
||||
diff -urNad tor-trunk~/src/or/config.c tor-trunk/src/or/config.c
|
||||
--- tor-trunk~/src/or/config.c 2009-01-18 01:47:33.000000000 +0100
|
||||
+++ tor-trunk/src/or/config.c 2009-02-05 00:25:17.614844812 +0100
|
||||
@@ -12,6 +12,7 @@
|
||||
#define CONFIG_PRIVATE
|
||||
|
||||
#include "or.h"
|
||||
+#include <pwd.h>
|
||||
#ifdef MS_WINDOWS
|
||||
#include <shlobj.h>
|
||||
#endif
|
||||
@@ -711,6 +712,8 @@
|
||||
#if defined(HAVE_EVENT_GET_VERSION) && defined(HAVE_EVENT_GET_METHOD)
|
||||
static void check_libevent_version(const char *m, int server);
|
||||
#endif
|
||||
+static int debian_running_as_debiantor();
|
||||
+static int debian_config_fix_defaults();
|
||||
|
||||
/** Magic value for or_options_t. */
|
||||
#define OR_OPTIONS_MAGIC 9090909
|
||||
@@ -3917,6 +3920,9 @@
|
||||
char *command_arg = NULL;
|
||||
char *errmsg=NULL;
|
||||
|
||||
+ if (debian_config_fix_defaults() < 0)
|
||||
+ goto err;
|
||||
+
|
||||
if (argv) { /* first time we're called. save command line args */
|
||||
backup_argv = argv;
|
||||
backup_argc = argc;
|
||||
@@ -5307,3 +5313,62 @@
|
||||
return 0;
|
||||
}
|
||||
|
||||
+/* Checks whether we are running as the debian-tor user.
|
||||
+ * Returns -1 on error, 2 if we are root, 1 if we are debian-tor, 0 if we are any normal user */
|
||||
+static int
|
||||
+debian_running_as_debiantor()
|
||||
+{
|
||||
+ struct passwd *pw = NULL;
|
||||
+ int uid;
|
||||
+
|
||||
+ uid = getuid();
|
||||
+ /* If we run as root we also apply our debian defaults. */
|
||||
+ if (uid == 0)
|
||||
+ return 2;
|
||||
+
|
||||
+ pw = getpwuid(uid);
|
||||
+ if (!pw) {
|
||||
+ log(LOG_WARN, LD_GENERAL, "Could not get passwd information for uid %d.", uid);
|
||||
+ return -1;
|
||||
+ }
|
||||
+ assert(pw->pw_name);
|
||||
+ if (strcmp(pw->pw_name, "debian-tor") == 0)
|
||||
+ return 1;
|
||||
+ else
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+static int
|
||||
+debian_config_fix_defaults()
|
||||
+{
|
||||
+ config_var_t *var;
|
||||
+ static int fixed = 0;
|
||||
+ int running_as_debian;
|
||||
+
|
||||
+ if (fixed) return 0;
|
||||
+ fixed = 1;
|
||||
+
|
||||
+ running_as_debian = debian_running_as_debiantor();
|
||||
+ if (running_as_debian < 0) return -1;
|
||||
+ if (!running_as_debian) return 0;
|
||||
+
|
||||
+ var = config_find_option(&options_format, "DataDirectory");
|
||||
+ tor_assert(var);
|
||||
+ var->initvalue = tor_strdup("/var/lib/tor");
|
||||
+
|
||||
+ var = config_find_option(&options_format, "PidFile");
|
||||
+ tor_assert(var);
|
||||
+ var->initvalue = tor_strdup("/var/run/tor/tor.pid");
|
||||
+
|
||||
+ var = config_find_option(&options_format, "RunAsDaemon");
|
||||
+ tor_assert(var);
|
||||
+ var->initvalue = tor_strdup("1");
|
||||
+
|
||||
+ if (running_as_debian == 2) {
|
||||
+ var = config_find_option(&options_format, "User");
|
||||
+ tor_assert(var);
|
||||
+ var->initvalue = tor_strdup("debian-tor");
|
||||
+ };
|
||||
+
|
||||
+ return 0;
|
||||
+}
|
|
@ -1,44 +0,0 @@
|
|||
#! /bin/sh -e
|
||||
## 07_log_to_file_by_default.dpatch by <weasel@debian.org>
|
||||
##
|
||||
## All lines beginning with `## DP:' are a description of the patch.
|
||||
## DP: Change default logging target from stdout to a logfile
|
||||
|
||||
if [ $# -lt 1 ]; then
|
||||
echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts
|
||||
patch_opts="${patch_opts:--f --no-backup-if-mismatch} ${2:+-d $2}"
|
||||
|
||||
case "$1" in
|
||||
-patch) patch -p1 ${patch_opts} < $0;;
|
||||
-unpatch) patch -R -p1 ${patch_opts} < $0;;
|
||||
*)
|
||||
echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
|
||||
exit 1;;
|
||||
esac
|
||||
|
||||
exit 0
|
||||
|
||||
@DPATCH@
|
||||
diff -urNad tor~/src/or/config.c tor/src/or/config.c
|
||||
--- tor~/src/or/config.c 2006-07-24 05:15:02.576170550 +0200
|
||||
+++ tor/src/or/config.c 2006-07-24 05:18:45.286651501 +0200
|
||||
@@ -2118,8 +2118,13 @@
|
||||
REJECT("Failed to normalize old Log options. See logs for details.");
|
||||
|
||||
/* Special case on first boot if no Log options are given. */
|
||||
- if (!options->Logs && !options->RunAsDaemon && !from_setconf)
|
||||
- config_line_append(&options->Logs, "Log", "notice stdout");
|
||||
+ if (debian_running_as_debiantor()) {
|
||||
+ if (!options->Logs && !from_setconf)
|
||||
+ config_line_append(&options->Logs, "Log", "notice file /var/log/tor/log");
|
||||
+ } else {
|
||||
+ if (!options->Logs && !options->RunAsDaemon && !from_setconf)
|
||||
+ config_line_append(&options->Logs, "Log", "notice stdout");
|
||||
+ }
|
||||
|
||||
if (options_init_logs(options, 1)<0) /* Validate the log(s) */
|
||||
REJECT("Failed to validate Log options. See logs for details.");
|
|
@ -1,38 +0,0 @@
|
|||
#! /bin/sh -e
|
||||
## 14_fix_geoip_warning.dpatch by <weasel@debian.org>
|
||||
##
|
||||
## All lines beginning with `## DP:' are a description of the patch.
|
||||
## DP: Change geoipdb open failed message
|
||||
|
||||
if [ $# -lt 1 ]; then
|
||||
echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts
|
||||
patch_opts="${patch_opts:--f --no-backup-if-mismatch} ${2:+-d $2}"
|
||||
|
||||
case "$1" in
|
||||
-patch) patch -p1 ${patch_opts} < $0;;
|
||||
-unpatch) patch -R -p1 ${patch_opts} < $0;;
|
||||
*)
|
||||
echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
|
||||
exit 1;;
|
||||
esac
|
||||
|
||||
exit 0
|
||||
|
||||
@DPATCH@
|
||||
diff -urNad git-stable~/src/or/geoip.c git-stable/src/or/geoip.c
|
||||
--- git-stable~/src/or/geoip.c 2008-06-06 01:00:41.000000000 +0200
|
||||
+++ git-stable/src/or/geoip.c 2008-06-11 12:54:17.605150644 +0200
|
||||
@@ -182,7 +182,8 @@
|
||||
int severity = options_need_geoip_info(options, &msg) ? LOG_WARN : LOG_INFO;
|
||||
clear_geoip_db();
|
||||
if (!(f = fopen(filename, "r"))) {
|
||||
- log_fn(severity, LD_GENERAL, "Failed to open GEOIP file %s. %s",
|
||||
+ log_fn(severity, LD_GENERAL, "Failed to open GEOIP file %s. %s"
|
||||
+ " Do you have the tor-geoipdb package installed?",
|
||||
filename, msg);
|
||||
return -1;
|
||||
}
|
|
@ -1,211 +0,0 @@
|
|||
#!/usr/bin/make -f
|
||||
# -*- makefile -*-
|
||||
# Sample debian/rules that uses debhelper.
|
||||
# GNU copyright 1997 to 1999 by Joey Hess.
|
||||
|
||||
# Uncomment this to turn on verbose mode.
|
||||
#export DH_VERBOSE=1
|
||||
|
||||
export PACKAGE=tor
|
||||
include /usr/share/dpatch/dpatch.make
|
||||
|
||||
# These are used for cross-compiling and for saving the configure script
|
||||
# from having to guess our platform (since we know it already)
|
||||
#
|
||||
# See /usr/share/doc/autotools-dev/README.Debian.gz which suggests
|
||||
# this way of passing --build and --host. Also see the thread on
|
||||
# debian-devel './configure in debian/rules' from February/March 2006,
|
||||
# starting with <43FF212C.5020800@xs4all.nl> by Pjotr Kourzanov.
|
||||
export DEB_HOST_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE)
|
||||
export DEB_BUILD_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE)
|
||||
ifeq ($(DEB_BUILD_GNU_TYPE), $(DEB_HOST_GNU_TYPE))
|
||||
confflags += --build $(DEB_HOST_GNU_TYPE)
|
||||
else
|
||||
confflags += --build $(DEB_BUILD_GNU_TYPE) --host $(DEB_HOST_GNU_TYPE)
|
||||
endif
|
||||
|
||||
CFLAGS ?= -Wall -g
|
||||
|
||||
LOCALHOST_IP ?= $(shell getent hosts localhost | awk '{print $$1}')
|
||||
|
||||
# Do not optimize the build with "noopt"
|
||||
ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS)))
|
||||
CFLAGS += -O0
|
||||
else
|
||||
CFLAGS += -O2
|
||||
endif
|
||||
|
||||
# Do not strip the binary with "nostrip"
|
||||
#ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS)))
|
||||
# INSTALL_PROGRAM += -s
|
||||
#endif
|
||||
|
||||
# Prevent the unit tests from being run with "nocheck"
|
||||
ifneq (,$(findstring nocheck,$(DEB_BUILD_OPTIONS)))
|
||||
RUN_TEST = no
|
||||
endif
|
||||
ifneq (,$(findstring notest,$(DEB_BUILD_OPTIONS)))
|
||||
RUN_TEST = no
|
||||
endif
|
||||
|
||||
# Support passing of parallel=<n> in build options
|
||||
ifneq (,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
|
||||
NUMJOBS = $(patsubst parallel=%,%,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
|
||||
MAKEFLAGS += -j$(NUMJOBS)
|
||||
endif
|
||||
|
||||
CONF_OPTIONS =
|
||||
# build against libdmalloc4 - it better be installed
|
||||
ifneq (,$(findstring with-dmalloc,$(DEB_BUILD_OPTIONS)))
|
||||
CONF_OPTIONS += --with-dmalloc
|
||||
endif
|
||||
# allow building with --enable-openbsd-malloc
|
||||
ifneq (,$(findstring enable-openbsd-malloc,$(DEB_BUILD_OPTIONS)))
|
||||
CONF_OPTIONS += --enable-openbsd-malloc
|
||||
endif
|
||||
|
||||
configure: patch-stamp
|
||||
config.status: configure
|
||||
@if [ "$(LOCALHOST_IP)" != "127.0.0.1" ]; then echo; echo; echo; echo; echo; echo "######################################################################"; echo "WARNING: This system does not think localhost is 127.0.0.1. Will ignore result of testsuite. Please fix your system/chroot."; echo "######################################################################"; echo; echo; echo; echo; echo "Note: 'getent hosts localhost' should return '127.0.0.1 localhost'"; echo; fi
|
||||
dh_testdir
|
||||
CFLAGS="$(CFLAGS)" ./configure \
|
||||
$(confflags) \
|
||||
--prefix=/usr \
|
||||
--mandir=\$${prefix}/share/man \
|
||||
--infodir=\$${prefix}/share/info \
|
||||
--localstatedir=/var \
|
||||
--sysconfdir=/etc \
|
||||
$(CONF_OPTIONS)
|
||||
|
||||
|
||||
build: build-stamp
|
||||
|
||||
build-stamp: config.status
|
||||
dh_testdir
|
||||
|
||||
$(MAKE)
|
||||
@echo
|
||||
@echo
|
||||
# Running unit tests
|
||||
@if [ "$(RUN_TEST)" != "no" ]; then \
|
||||
if [ "$(LOCALHOST_IP)" != "127.0.0.1" ]; then \
|
||||
echo; echo; echo "######################################################################"; echo "WARNING: This system does not think localhost is 127.0.0.1. Will ignore result of testsuite. Please fix your system/chroot."; echo "######################################################################"; echo; echo; \
|
||||
echo "src/or/test || true"; \
|
||||
src/or/test || true; \
|
||||
else \
|
||||
echo "src/or/test"; \
|
||||
src/or/test; \
|
||||
fi; \
|
||||
else \
|
||||
echo -e "\n\nSkipping unittests\n\n"; \
|
||||
fi
|
||||
@echo
|
||||
|
||||
# XXX
|
||||
# So, gs-gpl on s390 is broken (#457568) and fails to properly build
|
||||
# .pdf files from .fig files using fig2dev. Therefore we ship them
|
||||
# until this bug is fixed.
|
||||
#
|
||||
# of course we can always give it a try
|
||||
#
|
||||
# the hexdumps were built using something like
|
||||
# perl -e 'while (<>) { print unpack ("H*", $_); }' interaction.pdf | fold > hexdump-interaction.pdf
|
||||
#
|
||||
# And it fails on a bunch of other archs too.
|
||||
cd doc/design-paper; \
|
||||
fig2dev -L pdf cell-struct.fig cell-struct.pdf || \
|
||||
( echo "** Using shipped pdf file because fig2dev failed"; \
|
||||
perl -e 'while (<>) { chomp; print pack ("H*", $$_); }' ../../debian/hexdump-cell-struct.pdf > cell-struct.pdf ); \
|
||||
fig2dev -L pdf interaction.fig interaction.pdf || \
|
||||
( echo "** Using shipped pdf file because fig2dev failed"; \
|
||||
perl -e 'while (<>) { chomp; print pack ("H*", $$_); }' ../../debian/hexdump-interaction.pdf > interaction.pdf ); \
|
||||
# XXX ends
|
||||
|
||||
make -C doc/design-paper tor-design.ps tor-design.pdf
|
||||
|
||||
touch build-stamp
|
||||
|
||||
clean: unpatch
|
||||
dh_testdir
|
||||
dh_testroot
|
||||
rm -f build-stamp
|
||||
|
||||
[ ! -f Makefile ] || $(MAKE) distclean
|
||||
|
||||
dh_clean
|
||||
|
||||
install: build
|
||||
dh_testdir
|
||||
dh_testroot
|
||||
dh_clean -k
|
||||
dh_installdirs
|
||||
|
||||
$(MAKE) install DESTDIR=$(CURDIR)/debian/tor
|
||||
# move tor to where it belongs
|
||||
mv $(CURDIR)/debian/tor/etc/tor/torrc.sample $(CURDIR)/debian/tor/etc/tor/torrc
|
||||
mv $(CURDIR)/debian/tor/usr/bin/tor $(CURDIR)/debian/tor/usr/sbin/tor
|
||||
install -d $(CURDIR)/debian/tor/usr/share/man/man8
|
||||
mv $(CURDIR)/debian/tor/usr/share/man/man1/tor.1 $(CURDIR)/debian/tor/usr/share/man/man8/tor.8
|
||||
|
||||
install -m 755 contrib/torify $(CURDIR)/debian/tor/usr/bin
|
||||
install -m 644 contrib/torify.1 $(CURDIR)/debian/tor/usr/share/man/man1
|
||||
install -m 644 contrib/tor-tsocks.conf $(CURDIR)/debian/tor/etc/tor
|
||||
|
||||
install -m 644 debian/tor.lintian-override $(CURDIR)/debian/tor/usr/share/lintian/overrides/tor
|
||||
|
||||
install -d -m 755 $(CURDIR)/debian/tor/usr/share/doc/tor/spec
|
||||
for i in doc/spec/*txt; do \
|
||||
install -m 644 $$i $(CURDIR)/debian/tor/usr/share/doc/tor/spec || exit 1; \
|
||||
done
|
||||
|
||||
dh_link usr/share/man/man8/tor.8 usr/share/man/man5/torrc.5
|
||||
|
||||
rm -f $(CURDIR)/debian/tor/usr/bin/tor-control.py
|
||||
|
||||
# tor-dbg doc dir
|
||||
install -d -m 755 $(CURDIR)/debian/tor-dbg/usr/share/doc
|
||||
ln -s tor $(CURDIR)/debian/tor-dbg/usr/share/doc/tor-dbg
|
||||
|
||||
# tor-geoip
|
||||
mv $(CURDIR)/debian/tor/usr/share/tor/geoip $(CURDIR)/debian/tor-geoipdb/usr/share/tor
|
||||
rmdir $(CURDIR)/debian/tor/usr/share/tor || true
|
||||
|
||||
install -d -m 755 $(CURDIR)/debian/tor-geoipdb/usr/share/doc/tor-geoipdb
|
||||
ln -s ../tor/changelog.gz $(CURDIR)/debian/tor-geoipdb/usr/share/doc/tor-geoipdb
|
||||
ln -s ../tor/changelog.Debian.gz $(CURDIR)/debian/tor-geoipdb/usr/share/doc/tor-geoipdb
|
||||
|
||||
install -m 644 debian/tor-geoipdb.lintian-override $(CURDIR)/debian/tor-geoipdb/usr/share/lintian/overrides/tor-geoipdb
|
||||
|
||||
# Must not depend on anything. This is to be called by
|
||||
# binary-arch/binary-indep
|
||||
# in another 'make' thread.
|
||||
binary-common:
|
||||
dh_testdir
|
||||
dh_testroot
|
||||
dh_installchangelogs --package=tor ChangeLog
|
||||
dh_installdocs
|
||||
dh_installexamples
|
||||
dh_installlogrotate
|
||||
dh_installinit
|
||||
dh_installman
|
||||
dh_link
|
||||
dh_strip --dbg-package=tor-dbg
|
||||
dh_compress
|
||||
dh_fixperms
|
||||
dh_installdeb
|
||||
dh_shlibdeps
|
||||
dh_gencontrol
|
||||
dh_md5sums
|
||||
dh_builddeb
|
||||
|
||||
# Build architecture independant packages using the common target.
|
||||
binary-indep: install
|
||||
$(MAKE) -f debian/rules DH_OPTIONS=-i binary-common
|
||||
|
||||
# Build architecture dependant packages using the common target.
|
||||
binary-arch: install
|
||||
$(MAKE) -f debian/rules DH_OPTIONS=-s binary-common
|
||||
@if [ "$(LOCALHOST_IP)" != "127.0.0.1" ]; then echo; echo; echo; echo; echo; echo "######################################################################"; echo "WARNING: This system does not think localhost is 127.0.0.1. Result of testsuite has been ignored. Please fix your system/chroot."; echo "######################################################################"; echo; echo; echo; echo; echo "Note: 'getent hosts localhost' should return '127.0.0.1 localhost'"; echo; fi
|
||||
|
||||
binary: binary-indep binary-arch
|
||||
.PHONY: build clean binary-common binary-indep binary-arch binary install
|
|
@ -1,35 +0,0 @@
|
|||
This geo-ip database was downloaded as part of the Tor distribution
|
||||
from <URL:https://www.torproject.org/>.
|
||||
|
||||
|
||||
It is the IP-to-Country Database provided by WebHosting.Info
|
||||
(http://www.webhosting.info), available from
|
||||
http://ip-to-country.webhosting.info.
|
||||
|
||||
|
||||
Copyright (c) 2003 Direct Information Pvt. Ltd. All Rights Reserved.
|
||||
|
||||
All usage, reproduction, modification and derivative works created from, and
|
||||
distribution and publication of the IP-to-Country Database and your derivative
|
||||
works thereof must keep intact all copyright notices and give credit by
|
||||
displaying the following acknowledgment by replacing 'work' with one of the
|
||||
following: script, product, page, service or application:
|
||||
|
||||
"This 'work' uses the IP-to-Country Database
|
||||
provided by WebHosting.Info (http://www.webhosting.info),
|
||||
available from http://ip-to-country.webhosting.info."
|
||||
|
||||
BECAUSE THE DATABASE IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE
|
||||
DATABASE, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE
|
||||
STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE
|
||||
DATABASE "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED,
|
||||
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
|
||||
FITNESS FOR A PARTICULAR PURPOSE OR ANY WARRANTIES REGARDING THE CONTENTS OR
|
||||
ACCURACY OF THE WORK.
|
||||
|
||||
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY
|
||||
COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE
|
||||
DATABASE AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
|
||||
GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR
|
||||
INABILITY TO USE THE DATABASE, EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN
|
||||
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
|
|
@ -1,2 +0,0 @@
|
|||
usr/share/tor
|
||||
usr/share/lintian/overrides
|
|
@ -1 +0,0 @@
|
|||
tor-geoipdb: debian-changelog-file-is-a-symlink
|
|
@ -1,16 +0,0 @@
|
|||
tor (0.2.0.26-rc-1) experimental; urgency=critical
|
||||
|
||||
* weak cryptographic keys
|
||||
|
||||
It has been discovered that the random number generator in Debian's
|
||||
openssl package is predictable. This is caused by an incorrect
|
||||
Debian-specific change to the openssl package (CVE-2008-0166). As a
|
||||
result, cryptographic key material may be guessable.
|
||||
|
||||
See Debian Security Advisory number 1571 (DSA-1571) for more information:
|
||||
http://lists.debian.org/debian-security-announce/2008/msg00152.html
|
||||
|
||||
If you run a Tor server using this package please see
|
||||
/var/lib/tor/keys/moved-away-by-tor-package/README.REALLY
|
||||
|
||||
-- Peter Palfrader <weasel@debian.org> Tue, 13 May 2008 12:49:05 +0200
|
|
@ -1,39 +0,0 @@
|
|||
# Defaults for tor initscript
|
||||
# sourced by /etc/init.d/tor
|
||||
# installed at /etc/default/tor by the maintainer scripts
|
||||
|
||||
#
|
||||
# This is a bash shell fragment
|
||||
#
|
||||
RUN_DAEMON="yes"
|
||||
|
||||
#
|
||||
# Servers sometimes may need more than the default 1024 file descriptors
|
||||
# if they are very busy and have many clients connected to them. The top
|
||||
# servers as of early 2008 regularly have more than 10000 connected
|
||||
# clients.
|
||||
# (ulimit -n)
|
||||
#
|
||||
# (the default varies as it depends on the number of available system-wide file
|
||||
# descriptors. See the init script in /etc/init.d/tor for details.)
|
||||
#
|
||||
# MAX_FILEDESCRIPTORS=
|
||||
|
||||
#
|
||||
# If tor is seriously hogging your CPU, taking away too much cycles from
|
||||
# other system resources, then you can renice tor. See nice(1) for a
|
||||
# bit more information. Another way to limit the CPU usage of an Onion
|
||||
# Router is to set a lower BandwidthRate, as CPU usage is mostly a function
|
||||
# of the amount of traffic flowing through your node. Consult the torrc(5)
|
||||
# manual page for more information on setting BandwidthRate.
|
||||
#
|
||||
# NICE="--nicelevel 5"
|
||||
|
||||
# Additional arguments to pass on tor's command line.
|
||||
#
|
||||
# ARGS=""
|
||||
|
||||
#
|
||||
# Uncomment this if you want to get coredumps
|
||||
#
|
||||
ulimit -c unlimited
|
|
@ -1,6 +0,0 @@
|
|||
etc/tor
|
||||
var/lib/tor
|
||||
var/log/tor
|
||||
usr/share/lintian/overrides
|
||||
usr/bin
|
||||
usr/sbin
|
|
@ -1,9 +0,0 @@
|
|||
AUTHORS
|
||||
debian/README.Debian
|
||||
debian/README.privoxy
|
||||
doc/HACKING
|
||||
doc/TODO
|
||||
doc/design-paper/tor-design.pdf
|
||||
doc/design-paper/tor-design.ps
|
||||
doc/website/stylesheet.css
|
||||
doc/website/tor-*
|
|
@ -1,191 +0,0 @@
|
|||
#! /bin/bash
|
||||
|
||||
### BEGIN INIT INFO
|
||||
# Provides: tor
|
||||
# Required-Start: $local_fs $remote_fs $network $named $time
|
||||
# Required-Stop: $local_fs $remote_fs $network $named $time
|
||||
# Should-Start: $syslog
|
||||
# Should-Stop: $syslog
|
||||
# Default-Start: 2 3 4 5
|
||||
# Default-Stop: 0 1 6
|
||||
# Short-Description: Starts The Onion Router daemon processes
|
||||
# Description: Start The Onion Router, a TCP overlay
|
||||
# network client that provides anonymous
|
||||
# transport.
|
||||
### END INIT INFO
|
||||
|
||||
set -e
|
||||
|
||||
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
|
||||
DAEMON=/usr/sbin/tor
|
||||
NAME=tor
|
||||
DESC="tor daemon"
|
||||
TORPIDDIR=/var/run/tor
|
||||
TORPID=$TORPIDDIR/tor.pid
|
||||
DEFAULTSFILE=/etc/default/$NAME
|
||||
WAITFORDAEMON=60
|
||||
ARGS=""
|
||||
# Let's try to figure our some sane defaults:
|
||||
if [ -r /proc/sys/fs/file-max ]; then
|
||||
system_max=`cat /proc/sys/fs/file-max`
|
||||
if [ "$system_max" -gt "80000" ] ; then
|
||||
MAX_FILEDESCRIPTORS=32768
|
||||
elif [ "$system_max" -gt "40000" ] ; then
|
||||
MAX_FILEDESCRIPTORS=16384
|
||||
elif [ "$system_max" -gt "10000" ] ; then
|
||||
MAX_FILEDESCRIPTORS=8192
|
||||
else
|
||||
MAX_FILEDESCRIPTORS=1024
|
||||
cat << EOF
|
||||
|
||||
Warning: Your system has very few filedescriptors available in total.
|
||||
|
||||
Maybe you should try raising that by adding 'fs.file-max=100000' to your
|
||||
/etc/sysctl.conf file. Feel free to pick any number that you deem appropriate.
|
||||
Then run 'sysctl -p'. See /proc/sys/fs/file-max for the current value, and
|
||||
file-nr in the same directory for how many of those are used at the moment.
|
||||
|
||||
EOF
|
||||
fi
|
||||
else
|
||||
MAX_FILEDESCRIPTORS=8192
|
||||
fi
|
||||
|
||||
NICE=""
|
||||
|
||||
test -x $DAEMON || exit 0
|
||||
|
||||
# Include tor defaults if available
|
||||
if [ -f $DEFAULTSFILE ] ; then
|
||||
. $DEFAULTSFILE
|
||||
fi
|
||||
|
||||
wait_for_deaddaemon () {
|
||||
pid=$1
|
||||
sleep 1
|
||||
if test -n "$pid"
|
||||
then
|
||||
if kill -0 $pid 2>/dev/null
|
||||
then
|
||||
echo -n "."
|
||||
cnt=0
|
||||
while kill -0 $pid 2>/dev/null
|
||||
do
|
||||
cnt=`expr $cnt + 1`
|
||||
if [ $cnt -gt $WAITFORDAEMON ]
|
||||
then
|
||||
echo " FAILED."
|
||||
return 1
|
||||
fi
|
||||
sleep 1
|
||||
echo -n "."
|
||||
done
|
||||
fi
|
||||
fi
|
||||
return 0
|
||||
}
|
||||
|
||||
|
||||
check_torpiddir () {
|
||||
if test ! -d $TORPIDDIR; then
|
||||
#echo "There is no $TORPIDDIR directory. Creating one for you."
|
||||
mkdir -m 02700 "$TORPIDDIR"
|
||||
chown debian-tor:debian-tor "$TORPIDDIR"
|
||||
fi
|
||||
|
||||
if test ! -x $TORPIDDIR; then
|
||||
echo "Cannot access $TORPIDDIR directory, are you root?" >&2
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
check_config () {
|
||||
if ! $DAEMON --verify-config > /dev/null; then
|
||||
echo "ABORTED: Tor configuration invalid:" >&2
|
||||
$DAEMON --verify-config >&2
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
|
||||
case "$1" in
|
||||
start)
|
||||
if [ "$RUN_DAEMON" != "yes" ]; then
|
||||
echo "Not starting $DESC (Disabled in $DEFAULTSFILE)."
|
||||
exit 0
|
||||
fi
|
||||
|
||||
if [ -n "$MAX_FILEDESCRIPTORS" ]; then
|
||||
echo -n "Raising maximum number of filedescriptors (ulimit -n) to $MAX_FILEDESCRIPTORS"
|
||||
if ulimit -n "$MAX_FILEDESCRIPTORS" ; then
|
||||
echo "."
|
||||
else
|
||||
echo ": FAILED."
|
||||
fi
|
||||
fi
|
||||
|
||||
check_torpiddir
|
||||
|
||||
echo "Starting $DESC: $NAME..."
|
||||
check_config
|
||||
|
||||
start-stop-daemon --start --quiet --oknodo \
|
||||
--pidfile $TORPID \
|
||||
$NICE \
|
||||
--exec $DAEMON -- $ARGS
|
||||
echo "done."
|
||||
;;
|
||||
stop)
|
||||
echo -n "Stopping $DESC: "
|
||||
pid=`cat $TORPID 2>/dev/null` || true
|
||||
|
||||
if test ! -f $TORPID -o -z "$pid"; then
|
||||
echo "not running (there is no $TORPID)."
|
||||
exit 0
|
||||
fi
|
||||
|
||||
if start-stop-daemon --stop --signal INT --quiet --pidfile $TORPID --exec $DAEMON; then
|
||||
wait_for_deaddaemon $pid
|
||||
echo "$NAME."
|
||||
elif kill -0 $pid 2>/dev/null
|
||||
then
|
||||
echo "FAILED (Is $pid not $NAME? Is $DAEMON a different binary now?)."
|
||||
else
|
||||
echo "FAILED ($DAEMON died: process $pid not running; or permission denied)."
|
||||
fi
|
||||
;;
|
||||
reload|force-reload)
|
||||
echo -n "Reloading $DESC configuration: "
|
||||
pid=`cat $TORPID 2>/dev/null` || true
|
||||
|
||||
if test ! -f $TORPID -o -z "$pid"; then
|
||||
echo "not running (there is no $TORPID)."
|
||||
exit 0
|
||||
fi
|
||||
|
||||
check_config
|
||||
|
||||
if start-stop-daemon --stop --signal 1 --quiet --pidfile $TORPID --exec $DAEMON
|
||||
then
|
||||
echo "$NAME."
|
||||
elif kill -0 $pid 2>/dev/null
|
||||
then
|
||||
echo "FAILED (Is $pid not $NAME? Is $DAEMON a different binary now?)."
|
||||
else
|
||||
echo "FAILED ($DAEMON died: process $pid not running; or permission denied)."
|
||||
fi
|
||||
;;
|
||||
restart)
|
||||
check_config
|
||||
|
||||
$0 stop
|
||||
sleep 1
|
||||
$0 start
|
||||
;;
|
||||
*)
|
||||
echo "Usage: $0 {start|stop|restart|reload|force-reload}" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
exit 0
|
|
@ -1 +0,0 @@
|
|||
tor: package-contains-upstream-install-documentation
|
|
@ -1,13 +0,0 @@
|
|||
/var/log/tor/*log {
|
||||
daily
|
||||
rotate 5
|
||||
compress
|
||||
delaycompress
|
||||
missingok
|
||||
notifempty
|
||||
create 0640 debian-tor adm
|
||||
sharedscripts
|
||||
postrotate
|
||||
/etc/init.d/tor reload > /dev/null
|
||||
endscript
|
||||
}
|
|
@ -1,123 +0,0 @@
|
|||
#!/bin/sh -e
|
||||
|
||||
# checking debian-tor account
|
||||
|
||||
uid=`getent passwd debian-tor | cut -d ":" -f 3`
|
||||
home=`getent passwd debian-tor | cut -d ":" -f 6`
|
||||
|
||||
# if there is the uid the account is there and we can do
|
||||
# the sanit(ar)y checks otherwise we can safely create it.
|
||||
|
||||
if [ "$uid" ]; then
|
||||
if [ "$home" = "/var/lib/tor" ]; then
|
||||
:
|
||||
#echo "debian-tor homedir check: ok"
|
||||
else
|
||||
echo "ERROR: debian-tor account has an unexpected home directory!"
|
||||
echo "It should be '/var/lib/tor', but it is '$home'."
|
||||
echo "Removing the debian-tor user might fix this, but the question"
|
||||
echo "remains how you got into this mess to begin with."
|
||||
exit 1
|
||||
fi
|
||||
else
|
||||
adduser --quiet \
|
||||
--system \
|
||||
--disabled-password \
|
||||
--home /var/lib/tor \
|
||||
--no-create-home \
|
||||
--shell /bin/bash \
|
||||
--group \
|
||||
debian-tor
|
||||
fi
|
||||
|
||||
|
||||
for i in lib run log; do
|
||||
if ! [ -d "/var/$i/tor" ]; then
|
||||
echo "Something or somebody made /var/$i/tor disappear."
|
||||
echo "Creating one for you again."
|
||||
mkdir "/var/$i/tor"
|
||||
fi
|
||||
done
|
||||
|
||||
find /var/lib/tor \( \( ! -user debian-tor \) -o \( ! -group debian-tor \) \) -print0 | xargs -0 --no-run-if-empty chown debian-tor:debian-tor
|
||||
find /var/lib/tor -type d -print0 | xargs -0 --no-run-if-empty chmod 02700
|
||||
find /var/lib/tor -type f -print0 | xargs -0 --no-run-if-empty chmod 00600
|
||||
|
||||
if [ -e /var/run/tor ]; then
|
||||
find /var/run/tor \( \( ! -user debian-tor \) -o \( ! -group debian-tor \) \) -print0 | xargs -0 --no-run-if-empty chown debian-tor:debian-tor
|
||||
find /var/run/tor -type d -print0 | xargs -0 --no-run-if-empty chmod 02750
|
||||
find /var/run/tor -type f -print0 | xargs -0 --no-run-if-empty chmod 00600
|
||||
fi
|
||||
|
||||
find /var/log/tor \( \( ! -user debian-tor \) -o \( ! -group adm \) \) -print0 | xargs -0 --no-run-if-empty chown debian-tor:adm
|
||||
find /var/log/tor -type d -print0 | xargs -0 --no-run-if-empty chmod 02750
|
||||
find /var/log/tor -type f -print0 | xargs -0 --no-run-if-empty chmod 00640
|
||||
|
||||
|
||||
move_away_keys=0
|
||||
|
||||
if [ "$1" = "configure" ] &&
|
||||
[ -e /var/lib/tor/keys ] &&
|
||||
[ ! -z "$2" ]; then
|
||||
if dpkg --compare-versions "$2" lt 0.1.2.19-2; then
|
||||
move_away_keys=1
|
||||
elif dpkg --compare-versions "$2" gt 0.2.0 &&
|
||||
dpkg --compare-versions "$2" lt 0.2.0.26-rc; then
|
||||
move_away_keys=1
|
||||
fi
|
||||
fi
|
||||
if [ "$move_away_keys" = "1" ]; then
|
||||
echo "Retiring possibly compromised keys. See /usr/share/doc/tor/NEWS.Debian.gz"
|
||||
echo "and /var/lib/tor/keys/moved-away-by-tor-package/README.REALLY for"
|
||||
echo "further information."
|
||||
if ! [ -d /var/lib/tor/keys/moved-away-by-tor-package ]; then
|
||||
mkdir /var/lib/tor/keys/moved-away-by-tor-package
|
||||
cat > /var/lib/tor/keys/moved-away-by-tor-package/README.REALLY << EOF
|
||||
It has been discovered that the random number generator in Debian's
|
||||
openssl package is predictable. This is caused by an incorrect
|
||||
Debian-specific change to the openssl package (CVE-2008-0166). As a
|
||||
result, cryptographic key material may be guessable.
|
||||
|
||||
See Debian Security Advisory number 1571 (DSA-1571) for more information:
|
||||
http://lists.debian.org/debian-security-announce/2008/msg00152.html
|
||||
|
||||
The Debian package for Tor has moved away the onion keys upon package
|
||||
upgrade, and it will have moved away your identity key if it was created
|
||||
in the affected timeframe. There is no sure way to automatically tell
|
||||
if your key was created with an affected openssl library, so this move
|
||||
is done unconditionally.
|
||||
|
||||
If you have restarted Tor since this change (and the package probably
|
||||
did that for you already unless you configured your system differently)
|
||||
then the Tor daemon already created new keys for itself and in all
|
||||
likelyhood is already working just fine with new keys.
|
||||
|
||||
If you are absolutely certain that your identity key was created with
|
||||
a non-affected version of openssl and for some reason you have to retain
|
||||
the old identity, then you can move back the copy of secret_id_key to
|
||||
/var/lib/tor/keys. Do not move back the onion keys, they were created
|
||||
only recently since they are temporary keys with a lifetime of only a few
|
||||
days anyway.
|
||||
|
||||
Sincerely,
|
||||
Peter Palfrader, Tue, 13 May 2008 13:32:23 +0200
|
||||
EOF
|
||||
fi
|
||||
for f in secret_onion_key secret_onion_key.old; do
|
||||
if [ -e /var/lib/tor/keys/"$f" ]; then
|
||||
mv -v /var/lib/tor/keys/"$f" /var/lib/tor/keys/moved-away-by-tor-package/"$f"
|
||||
fi
|
||||
done
|
||||
if [ -e /var/lib/tor/keys/secret_id_key ]; then
|
||||
id_mtime=`/usr/bin/stat -c %Y /var/lib/tor/keys/secret_id_key`
|
||||
sept=`date -d '2006-09-10' +%s`
|
||||
if [ "$id_mtime" -gt "$sept" ] ; then
|
||||
mv -v /var/lib/tor/keys/secret_id_key /var/lib/tor/keys/moved-away-by-tor-package/secret_id_key
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
|
||||
#DEBHELPER#
|
||||
|
||||
exit 0
|
|
@ -1,11 +0,0 @@
|
|||
#!/bin/sh -e
|
||||
|
||||
if [ "$1" = "purge" ]; then
|
||||
# logs have to be removed according to policy.
|
||||
rm -rf /var/log/tor/
|
||||
rm -rf /var/lib/tor/
|
||||
fi
|
||||
|
||||
#DEBHELPER#
|
||||
|
||||
exit 0
|
|
@ -1,2 +0,0 @@
|
|||
version=2
|
||||
http://tor.eff.org/dist/tor-(.*)\.tar\.gz
|
|
@ -898,7 +898,7 @@ tor_tls_new(int sock, int isServer)
|
|||
|
||||
#ifdef SSL_set_tlsext_host_name
|
||||
/* Browsers use the TLS hostname extension, so we should too. */
|
||||
{
|
||||
if (!isServer) {
|
||||
char *fake_hostname = crypto_random_hostname(4,25, "www.",".com");
|
||||
SSL_set_tlsext_host_name(result->ssl, fake_hostname);
|
||||
tor_free(fake_hostname);
|
||||
|
|
96871
src/config/geoip
96871
src/config/geoip
File diff suppressed because it is too large
Load Diff
|
@ -251,6 +251,7 @@ buf_shrink_freelists(int free_all)
|
|||
{
|
||||
#ifdef ENABLE_BUF_FREELISTS
|
||||
int i;
|
||||
disable_control_logging();
|
||||
for (i = 0; freelists[i].alloc_size; ++i) {
|
||||
int slack = freelists[i].slack;
|
||||
assert_freelist_ok(&freelists[i]);
|
||||
|
@ -259,12 +260,10 @@ buf_shrink_freelists(int free_all)
|
|||
(freelists[i].lowest_length - slack);
|
||||
int n_to_skip = freelists[i].cur_length - n_to_free;
|
||||
int orig_n_to_free = n_to_free, n_freed=0;
|
||||
int orig_n_to_skip = n_to_skip;
|
||||
int new_length = n_to_skip;
|
||||
chunk_t **chp = &freelists[i].head;
|
||||
chunk_t *chunk;
|
||||
log_info(LD_MM, "Cleaning freelist for %d-byte chunks: keeping %d, "
|
||||
"dropping %d.",
|
||||
(int)freelists[i].alloc_size, n_to_skip, n_to_free);
|
||||
while (n_to_skip) {
|
||||
tor_assert((*chp)->next);
|
||||
chp = &(*chp)->next;
|
||||
|
@ -291,10 +290,14 @@ buf_shrink_freelists(int free_all)
|
|||
}
|
||||
// tor_assert(!n_to_free);
|
||||
freelists[i].cur_length = new_length;
|
||||
log_info(LD_MM, "Cleaned freelist for %d-byte chunks: kept %d, "
|
||||
"dropped %d.",
|
||||
(int)freelists[i].alloc_size, orig_n_to_skip, orig_n_to_free);
|
||||
}
|
||||
freelists[i].lowest_length = freelists[i].cur_length;
|
||||
assert_freelist_ok(&freelists[i]);
|
||||
}
|
||||
enable_control_logging();
|
||||
#else
|
||||
(void) free_all;
|
||||
#endif
|
||||
|
|
|
@ -3162,6 +3162,10 @@ learned_bridge_descriptor(routerinfo_t *ri, int from_cache)
|
|||
add_an_entry_guard(ri, 1);
|
||||
log_notice(LD_DIR, "new bridge descriptor '%s' (%s)", ri->nickname,
|
||||
from_cache ? "cached" : "fresh");
|
||||
/* set entry->made_contact so if it goes down we don't drop it from
|
||||
* our entry node list */
|
||||
entry_guard_register_connect_status(ri->cache_info.identity_digest,
|
||||
1, 0, now);
|
||||
if (first)
|
||||
routerlist_retry_directory_downloads(now);
|
||||
}
|
||||
|
@ -3227,7 +3231,8 @@ bridges_retry_helper(int act)
|
|||
}
|
||||
}
|
||||
});
|
||||
log_debug(LD_DIR, "any_known %d, any_running %d", any_known, any_running);
|
||||
log_debug(LD_DIR, "%d: any_known %d, any_running %d",
|
||||
act, any_known, any_running);
|
||||
return any_known && !any_running;
|
||||
}
|
||||
|
||||
|
|
|
@ -922,6 +922,9 @@ add_default_trusted_dir_authorities(authority_type_t type)
|
|||
"193.23.244.244:80 7BE6 83E6 5D48 1413 21C5 ED92 F075 C553 64AC 7123",
|
||||
"urras orport=80 no-v2 v3ident=80550987E1D626E3EBA5E5E75A458DE0626D088C "
|
||||
"208.83.223.34:443 0AD3 FA88 4D18 F89E EA2D 89C0 1937 9E0E 7FD9 4417",
|
||||
"maatuska orport=80 no-v2 "
|
||||
"v3ident=49015F787433103580E3B66A1707A00E60F2D15B "
|
||||
"213.115.239.118:443 BD6A 8292 55CB 08E6 6FBE 7D37 4836 3586 E46B 3810",
|
||||
NULL
|
||||
};
|
||||
for (i=0; dirservers[i]; i++) {
|
||||
|
@ -2425,8 +2428,7 @@ resolve_my_address(int warn_severity, or_options_t *options,
|
|||
}
|
||||
|
||||
tor_inet_ntoa(&in,tmpbuf,sizeof(tmpbuf));
|
||||
if (is_internal_IP(ntohl(in.s_addr), 0) &&
|
||||
options->_PublishServerDescriptor) {
|
||||
if (is_internal_IP(ntohl(in.s_addr), 0)) {
|
||||
/* make sure we're ok with publishing an internal IP */
|
||||
if (!options->DirServers && !options->AlternateDirAuthority) {
|
||||
/* if they are using the default dirservers, disallow internal IPs
|
||||
|
|
|
@ -735,12 +735,13 @@ run_connection_housekeeping(int i, time_t now)
|
|||
"Tor gave up on the connection");
|
||||
connection_mark_for_close(conn);
|
||||
conn->hold_open_until_flushed = 1;
|
||||
} else if (past_keepalive && !connection_state_is_open(conn)) {
|
||||
/* We never managed to actually get this connection open and happy. */
|
||||
log_info(LD_OR,"Expiring non-open OR connection to fd %d (%s:%d).",
|
||||
conn->s,conn->address, conn->port);
|
||||
connection_mark_for_close(conn);
|
||||
conn->hold_open_until_flushed = 1;
|
||||
} else if (!connection_state_is_open(conn)) {
|
||||
if (past_keepalive) {
|
||||
/* We never managed to actually get this connection open and happy. */
|
||||
log_info(LD_OR,"Expiring non-open OR connection to fd %d (%s:%d).",
|
||||
conn->s,conn->address, conn->port);
|
||||
connection_mark_for_close(conn);
|
||||
}
|
||||
} else if (we_are_hibernating() && !or_conn->n_circuits &&
|
||||
!buf_datalen(conn->outbuf)) {
|
||||
/* We're hibernating, there's no circuits, and nothing to flush.*/
|
||||
|
|
|
@ -1132,11 +1132,21 @@ update_consensus_networkstatus_fetch_time(time_t now)
|
|||
if (c) {
|
||||
long dl_interval;
|
||||
long interval = c->fresh_until - c->valid_after;
|
||||
long min_sec_before_caching = CONSENSUS_MIN_SECONDS_BEFORE_CACHING;
|
||||
time_t start;
|
||||
|
||||
if (min_sec_before_caching > interval/16) {
|
||||
/* Usually we allow 2-minutes slop factor in case clocks get
|
||||
desynchronized a little. If we're on a private network with
|
||||
a crazy-fast voting interval, though, 2 minutes may be too
|
||||
much. */
|
||||
min_sec_before_caching = interval/16;
|
||||
}
|
||||
|
||||
if (directory_fetches_dir_info_early(options)) {
|
||||
/* We want to cache the next one at some point after this one
|
||||
* is no longer fresh... */
|
||||
start = c->fresh_until + CONSENSUS_MIN_SECONDS_BEFORE_CACHING;
|
||||
start = c->fresh_until + min_sec_before_caching;
|
||||
/* But only in the first half-interval after that. */
|
||||
dl_interval = interval/2;
|
||||
} else {
|
||||
|
@ -1150,10 +1160,9 @@ update_consensus_networkstatus_fetch_time(time_t now)
|
|||
* to choose the rest of the interval *after* them. */
|
||||
if (directory_fetches_dir_info_later(options)) {
|
||||
/* Give all the *clients* enough time to download the consensus. */
|
||||
start = start + dl_interval + CONSENSUS_MIN_SECONDS_BEFORE_CACHING;
|
||||
start = start + dl_interval + min_sec_before_caching;
|
||||
/* But try to get it before ours actually expires. */
|
||||
dl_interval = (c->valid_until - start) -
|
||||
CONSENSUS_MIN_SECONDS_BEFORE_CACHING;
|
||||
dl_interval = (c->valid_until - start) - min_sec_before_caching;
|
||||
}
|
||||
}
|
||||
if (dl_interval < 1)
|
||||
|
|
|
@ -544,7 +544,7 @@ typedef enum {
|
|||
#define END_STREAM_REASON_DESTROY 5
|
||||
#define END_STREAM_REASON_DONE 6
|
||||
#define END_STREAM_REASON_TIMEOUT 7
|
||||
/* 8 is unallocated for historical reasons. */
|
||||
#define END_STREAM_REASON_NOROUTE 8
|
||||
#define END_STREAM_REASON_HIBERNATING 9
|
||||
#define END_STREAM_REASON_INTERNAL 10
|
||||
#define END_STREAM_REASON_RESOURCELIMIT 11
|
||||
|
|
|
@ -26,6 +26,7 @@ stream_end_reason_to_control_string(int reason)
|
|||
case END_STREAM_REASON_DESTROY: return "DESTROY";
|
||||
case END_STREAM_REASON_DONE: return "DONE";
|
||||
case END_STREAM_REASON_TIMEOUT: return "TIMEOUT";
|
||||
case END_STREAM_REASON_NOROUTE: return "NOROUTE";
|
||||
case END_STREAM_REASON_HIBERNATING: return "HIBERNATING";
|
||||
case END_STREAM_REASON_INTERNAL: return "INTERNAL";
|
||||
case END_STREAM_REASON_RESOURCELIMIT: return "RESOURCELIMIT";
|
||||
|
@ -60,6 +61,7 @@ stream_end_reason_to_string(int reason)
|
|||
case END_STREAM_REASON_DESTROY: return "destroyed";
|
||||
case END_STREAM_REASON_DONE: return "closed normally";
|
||||
case END_STREAM_REASON_TIMEOUT: return "gave up (timeout)";
|
||||
case END_STREAM_REASON_NOROUTE: return "no route to host";
|
||||
case END_STREAM_REASON_HIBERNATING: return "server is hibernating";
|
||||
case END_STREAM_REASON_INTERNAL: return "internal error at server";
|
||||
case END_STREAM_REASON_RESOURCELIMIT: return "server out of resources";
|
||||
|
@ -102,6 +104,8 @@ stream_end_reason_to_socks5_response(int reason)
|
|||
return SOCKS5_SUCCEEDED;
|
||||
case END_STREAM_REASON_TIMEOUT:
|
||||
return SOCKS5_TTL_EXPIRED;
|
||||
case END_STREAM_REASON_NOROUTE:
|
||||
return SOCKS5_HOST_UNREACHABLE;
|
||||
case END_STREAM_REASON_RESOURCELIMIT:
|
||||
return SOCKS5_GENERAL_ERROR;
|
||||
case END_STREAM_REASON_HIBERNATING:
|
||||
|
@ -162,6 +166,14 @@ errno_to_stream_end_reason(int e)
|
|||
S_CASE(ENOTCONN):
|
||||
S_CASE(ENETUNREACH):
|
||||
return END_STREAM_REASON_INTERNAL;
|
||||
E_CASE(EHOSTUNREACH):
|
||||
/* XXXX022
|
||||
* The correct behavior is END_STREAM_REASON_NOROUTE, but older
|
||||
* clients don't recognize it. So we're going to continue sending
|
||||
* "MISC" until 0.2.1.27 or later is "well established".
|
||||
*/
|
||||
/* return END_STREAM_REASON_NOROUTE; */
|
||||
return END_STREAM_REASON_MISC;
|
||||
S_CASE(ECONNREFUSED):
|
||||
return END_STREAM_REASON_CONNECTREFUSED;
|
||||
S_CASE(ECONNRESET):
|
||||
|
|
|
@ -648,7 +648,8 @@ edge_reason_is_retriable(int reason)
|
|||
reason == END_STREAM_REASON_RESOURCELIMIT ||
|
||||
reason == END_STREAM_REASON_EXITPOLICY ||
|
||||
reason == END_STREAM_REASON_RESOLVEFAILED ||
|
||||
reason == END_STREAM_REASON_MISC;
|
||||
reason == END_STREAM_REASON_MISC ||
|
||||
reason == END_STREAM_REASON_NOROUTE;
|
||||
}
|
||||
|
||||
/** Called when we receive an END cell on a stream that isn't open yet,
|
||||
|
@ -743,6 +744,7 @@ connection_ap_process_end_not_open(
|
|||
case END_STREAM_REASON_RESOLVEFAILED:
|
||||
case END_STREAM_REASON_TIMEOUT:
|
||||
case END_STREAM_REASON_MISC:
|
||||
case END_STREAM_REASON_NOROUTE:
|
||||
if (client_dns_incr_failures(conn->socks_request->address)
|
||||
< MAX_RESOLVE_FAILURES) {
|
||||
/* We haven't retried too many times; reattach the connection. */
|
||||
|
|
|
@ -1177,10 +1177,16 @@ router_parse_entry_from_string(const char *s, const char *end,
|
|||
s = cp+1;
|
||||
}
|
||||
|
||||
if (allow_annotations && start_of_annotations != s) {
|
||||
if (tokenize_string(area,start_of_annotations,s,tokens,
|
||||
routerdesc_token_table,TS_NOCHECK)) {
|
||||
log_warn(LD_DIR, "Error tokenizing router descriptor (annotations).");
|
||||
if (start_of_annotations != s) { /* We have annotations */
|
||||
if (allow_annotations) {
|
||||
if (tokenize_string(area,start_of_annotations,s,tokens,
|
||||
routerdesc_token_table,TS_NOCHECK)) {
|
||||
log_warn(LD_DIR, "Error tokenizing router descriptor (annotations).");
|
||||
goto err;
|
||||
}
|
||||
} else {
|
||||
log_warn(LD_DIR, "Found unexpected annotations on router descriptor not "
|
||||
"loaded from disk. Dropping it.");
|
||||
goto err;
|
||||
}
|
||||
}
|
||||
|
@ -3175,6 +3181,9 @@ tokenize_string(memarea_t *area,
|
|||
end = start+strlen(start);
|
||||
for (i = 0; i < _NIL; ++i)
|
||||
counts[i] = 0;
|
||||
|
||||
SMARTLIST_FOREACH(out, const directory_token_t *, t, ++counts[t->tp]);
|
||||
|
||||
while (*s < end && (!tok || tok->tp != _EOF)) {
|
||||
tok = get_next_token(area, s, end, table);
|
||||
if (tok->tp == _ERR) {
|
||||
|
|
Loading…
Reference in New Issue