sarah
/
tor
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
10,242 Commits 31 Branches 486 Tags 66 MiB
Commit Graph

1216 Commits

Author SHA1 Message Date
Nick Mathewson 5e2cdc1666 When we get a duplicated certificate, treat it as a failure and increment the download count. Do not claim to be downloading certificates that we merely want. 
svn:r17209
 2008-11-07 14:01:44 +00:00
Nick Mathewson a15bdd3edd patch from karsten to not use or accept expired certs. fixes bug 851. 
svn:r17208
 2008-11-07 13:38:49 +00:00
Roger Dingledine 311b8b274c minor changelog cleanups. declare that friday is when we release it. 
svn:r17207
 2008-11-07 05:11:41 +00:00
Steven Murdoch 9d68ed08e9 Patch from Jacob Appelbaum and me to make User option more robust, properly set supplementary groups, deprecated the Group option, and log more information on credential switching 
svn:r17200
 2008-11-07 02:06:12 +00:00
Nick Mathewson 3ebd1ebeca The chunk_size field in memarea_t was never actually set. Remove the whole thing. 
svn:r17195
 2008-11-05 20:34:22 +00:00
Nick Mathewson 73c6cb8353 Fix unit test failure related to intro point parsing. 
svn:r17188
 2008-11-03 16:36:15 +00:00
Nick Mathewson 69cda76168 missing changelog for 0x20 hack 
svn:r17185
 2008-11-03 15:45:27 +00:00
Nick Mathewson 8c78a68cc0 Move changelog entry to correct section 
svn:r17180
 2008-11-01 20:28:10 +00:00
Nick Mathewson c534b96e58 Fix an assertion failure on double-marked circuits, and a double-mark. 
svn:r17179
 2008-11-01 20:27:41 +00:00
Nick Mathewson c8a5e2d588 Work better with tools that resist DNS poisoning by using the 0x20 hack: make DNSPort replies perserve case. 
svn:r17170
 2008-10-29 15:31:26 +00:00
Nick Mathewson 361086005c Fix a possible negative shift in address comparison. May fix bug 845 and bug 811 
svn:r17169
 2008-10-29 13:29:54 +00:00
Nick Mathewson ee31e0829e Verify cpath_layer match on rendezvous cells too. Fixes another case of bug 446. Based on patch from rovv. 
svn:r17162
 2008-10-27 16:46:45 +00:00
Nick Mathewson b166a43cb6 Fix another case of refusing to use a chosen exit node because we think it will reject _mostly_ everything. Based on patch from rovv. See bug 752. 
svn:r17139
 2008-10-21 17:09:04 +00:00
Nick Mathewson 5e762e6a5c Fix the rest of bug 619: reject *:* servers should not do DNS lookups, even if broken clients send them RELAY_BEGIN cells. Patch from rovv. 
svn:r17138
 2008-10-21 16:51:59 +00:00
Nick Mathewson b593fd5c20 Patch from rovv: send back END cell in response to connect attempts to nonexistent hidden service port. 
svn:r17137
 2008-10-21 16:41:20 +00:00
Roger Dingledine bca46cc628 backport candidate: 
The "ClientDNSRejectInternalAddresses" config option wasn't being
consistently obeyed: if an exit relay refuses a stream because its
exit policy doesn't allow it, we would remember what IP address
the relay said the destination address resolves to, even if it's
an internal IP address. Bugfix on 0.2.0.7-alpha; patch by rovv.


svn:r17135
 2008-10-17 22:08:49 +00:00
Roger Dingledine d374dc94e5 fix changelog entry for proposal 155, patch 1 
svn:r17113
 2008-10-15 22:01:17 +00:00
Roger Dingledine a5769eefa4 patch4 from proposal 155: 
Hidden services start out building five intro circuits rather
than three, and when the first three finish they publish a service
descriptor using those. Now we publish our service descriptor much
faster after restart.


svn:r17110
 2008-10-15 20:59:48 +00:00
Roger Dingledine d06182f0bd add patch2 from proposal 155: 
Launch a second client-side introduction circuit in parallel
after a delay of 15 seconds (based on work by Christian Wilms).


svn:r17108
 2008-10-15 18:52:06 +00:00
Roger Dingledine 4520500cde put in karsten's patch #1 for proposal 155, modified 
svn:r17106
 2008-10-15 00:36:09 +00:00
Nick Mathewson 846e40d193 Patch from rovv: when we have no pending streams, choose exits with choose_good_exit_server_general() rather than with circuit_get_unhandled_ports() and friends. Bugfix on 0.1.1.x, at least. 
svn:r17091
 2008-10-14 17:05:52 +00:00
Roger Dingledine d7cfa1f56c Minor fix in the warning messages when you're having problems 
bootstrapping; also, be more forgiving of bootstrap problems when
we're still making incremental progress on a given bootstrap phase.


svn:r17066
 2008-10-13 03:34:29 +00:00
Roger Dingledine 37883ca4bc put the 0.2.1.6-alpha blurb into the changelog 
svn:r17059
 2008-10-12 00:51:02 +00:00
Roger Dingledine c7af43a624 Now NodeFamily and MyFamily config options allow spaces in 
identity fingerprints, so it's easier to paste them in.
Suggested by Lucky Green.


svn:r17021
 2008-10-01 03:41:33 +00:00
Roger Dingledine a04baf14b6 bump to 0.2.1.6-alpha, and note that the exclude*nodes config 
discussion hasn't finished.


svn:r17011
 2008-09-30 09:37:18 +00:00
Nick Mathewson 25f8335528 Include circuit purposes in circuit events. Now all circuit events are extended; this makes the code simpler. 
svn:r17007
 2008-09-29 22:34:22 +00:00
Roger Dingledine 26aa741169 Remove the old v2 directory authority 'lefkada' from the default 
list. It has been gone for many months.


svn:r17005
 2008-09-29 19:27:20 +00:00
Nick Mathewson ae3ce7b387 Patch from mwenge: update TrackHostExits mapping expiry times when the mappings are used, so that they expire a while after their last use, not a while after their creation. 
svn:r17004
 2008-09-29 14:53:53 +00:00
Nick Mathewson ee0078ead4 Make tor-resolve take a -p port option in addition to the current host:port syntax. 
svn:r17002
 2008-09-29 14:18:47 +00:00
Roger Dingledine 9678f166a8 If we have correct permissions on $datadir, we complain to stdout 
and fail to start. But dangerous permissions on
$datadir/cached-status/ would cause us to open a log and complain
there. Now complain to stdout and fail to start in both cases. Fixes
bug 820, reported by seeess.


svn:r16998
 2008-09-29 10:09:05 +00:00
Roger Dingledine c846979ab7 Fix a bug where an unreachable relay would establish enough 
reachability testing circuits to do a bandwidth test -- if
we already have a connection to the middle hop of the testing
circuit, then it could establish the last hop by using the existing
connection. Bugfix on 0.1.2.2-alpha, exposed when we made testing
circuits no longer use entry guards in 0.2.1.3-alpha.


svn:r16997
 2008-09-29 09:36:42 +00:00
Roger Dingledine 81b216086b rearrange the changelog a bit more 
svn:r16996
 2008-09-29 09:30:06 +00:00
Roger Dingledine 57942415ef changelog cleanups. give 0.2.1.6-alpha a deadline. 
svn:r16995
 2008-09-29 06:54:32 +00:00
Nick Mathewson 99755f374d Fix 0/0 calculation in get_weighted_fractional_uptime(). 
svn:r16994
 2008-09-28 15:48:36 +00:00
Nick Mathewson bb1685318c Commit fix for bug 807 from mwenge: send CLOSED controller event for reverse dns resolve, not FAILED. 
svn:r16985
 2008-09-26 20:25:35 +00:00
Nick Mathewson e147e867be Proposal 152 implementation from Josh Albrecht, with tweaks. 
svn:r16983
 2008-09-26 18:58:45 +00:00
Nick Mathewson e7e12236ac Code to serve a current stability calculations from /tor/dbg-stability.txt. Untested: somebody please run this on an authority and let me know if it is broken. 
svn:r16981
 2008-09-26 18:02:48 +00:00
Nick Mathewson ae33d3ead7 Apply rovv's fix for bug 824. 
svn:r16975
 2008-09-26 15:30:26 +00:00
Nick Mathewson 8bbbbaf87b Add country-code support to configured node lists to implement the ever-popular "no exits in Monaco" feature (ExcludeExitNodes {MC}). Also allow country codes and IP ranges in ExitNodes. (EntryNodes needs more work.) Based on code by Robert Hogan. Needs more testing. 
svn:r16966
 2008-09-25 20:21:35 +00:00
Karsten Loesing 6bb4492a6f Having two "Major features:" sections seems too much of a good thing. 
svn:r16962
 2008-09-25 09:53:19 +00:00
Karsten Loesing f2ff3e74ae All relays now store and serve v2 hidden service descriptors by default (not only directory mirrors). 
svn:r16961
 2008-09-24 22:33:47 +00:00
Karsten Loesing 9a7098487b If we are not using BEGIN_DIR cells, don't attempt to contact hidden service directories with non-open dir port. 
svn:r16960
 2008-09-24 22:29:22 +00:00
Roger Dingledine 8dfe8194c9 changelog cleanup / rearranging 
svn:r16957
 2008-09-24 17:01:43 +00:00
Nick Mathewson 8bc1536a9e Add patch 4 from Karsten for proposal 121, slightly modified. Karsten should definitely re-review the bits I changed. 
svn:r16955
 2008-09-24 14:44:29 +00:00
Roger Dingledine f59c13b7a3 fix a bad typo, add a missing word 
svn:r16946
 2008-09-23 21:01:54 +00:00
Nick Mathewson 75977fd79b Patch from roger for 752, but with more comments: When we get an A.B.exit:P address, and B would reject most connections to P, but we do not know whether it would allow A, then allow the connection to procede. Bugfix, amusingly, on 0.0.9rc5. 
svn:r16944
 2008-09-23 20:25:01 +00:00
Nick Mathewson 545b317e1f Fix for bug 797 (by arma, with tweaks): always use create_fast for circuits where we do not know an onion key. 
svn:r16942
 2008-09-23 20:13:23 +00:00
Nick Mathewson f28fc83ea5 More logging for mtbf/wfu calculations. 
svn:r16941
 2008-09-23 18:24:20 +00:00
Roger Dingledine 29abfab8bf Update to the "September 1 2008" ip-to-country file. 
svn:r16940
 2008-09-23 09:51:05 +00:00
Nick Mathewson b0c48d8e45 Oops; we need to make sure that DNS request names are matched in the _questions_ section of the replies. Rejecting answers whether the _answers_ section did not match made us reject A records waiting at the end of a CNAME record. Bug 823. 
svn:r16933
 2008-09-22 20:06:25 +00:00