Compare commits
368 Commits
master
...
maint-0.2.
Author | SHA1 | Date |
---|---|---|
Peter Palfrader | b1859cab25 | |
Nick Mathewson | 935f457263 | |
Nick Mathewson | 5e095b0b2a | |
Andrew Lewman | 3f0aede7ff | |
Karsten Loesing | 2bcf2cb099 | |
Karsten Loesing | 2378e37a5d | |
Andrew Lewman | 025f526e63 | |
Karsten Loesing | da34729532 | |
Nick Mathewson | 632579f592 | |
Roger Dingledine | 3a5259ef68 | |
Nick Mathewson | bd0eaa0022 | |
Roger Dingledine | 16bca35eab | |
Nick Mathewson | 74aba22040 | |
Karsten Loesing | e7d29fbcee | |
Nick Mathewson | a4f58b534e | |
Nick Mathewson | fa5c25709f | |
Roger Dingledine | 1f6152fd4b | |
Roger Dingledine | afdb9f8b1f | |
Roger Dingledine | 87e127ad75 | |
Nick Mathewson | d7be44f238 | |
Andrew Lewman | 94e713bc5c | |
Nick Mathewson | 62e782644f | |
Nick Mathewson | 19431c43c1 | |
Nick Mathewson | 7cc7e24159 | |
Roger Dingledine | e6f8ea5aef | |
Nick Mathewson | 8ebaac0ca1 | |
Nick Mathewson | 47596a4d30 | |
Roger Dingledine | 3661a9147f | |
Peter Palfrader | e115273698 | |
Roger Dingledine | be9efc51c9 | |
Roger Dingledine | 6c21f610c5 | |
Nick Mathewson | 4c7a884129 | |
Nick Mathewson | 248805262d | |
Roger Dingledine | bc1aa63c33 | |
Roger Dingledine | 48642326cb | |
Roger Dingledine | 3040f3760e | |
Nick Mathewson | c283368f60 | |
Roger Dingledine | 66be733bbb | |
Andrew Lewman | febf16c74f | |
Andrew Lewman | 1b7ba021e8 | |
Nick Mathewson | 1d55b06902 | |
Peter Palfrader | 5e457a1f77 | |
Nick Mathewson | 2451479cbc | |
Nick Mathewson | 55de7d1f57 | |
Roger Dingledine | 25290b32a3 | |
Nick Mathewson | 842ca9b834 | |
Nick Mathewson | 0bb9f59083 | |
Roger Dingledine | ed899730e7 | |
Roger Dingledine | 5954698422 | |
Andrew Lewman | 08f1406cfb | |
Nick Mathewson | 866b6f5cec | |
Nick Mathewson | b274ea202e | |
Karsten Loesing | e600b87e75 | |
Roger Dingledine | 243ded6b57 | |
Roger Dingledine | 751b268267 | |
Roger Dingledine | 59e380c559 | |
Nick Mathewson | 1443069018 | |
Roger Dingledine | 33d22e0f86 | |
Roger Dingledine | b28329f46e | |
Roger Dingledine | a5b730a0dc | |
Roger Dingledine | 801eed4c55 | |
Nick Mathewson | 21e7fcbbfe | |
Nick Mathewson | 1a19dbef29 | |
Roger Dingledine | 107eddda64 | |
Karsten Loesing | 363d9b21c6 | |
Nick Mathewson | d67be22e73 | |
Nick Mathewson | d2a2da8de8 | |
Nick Mathewson | 39117bb422 | |
Nick Mathewson | e53bba1e2a | |
Nick Mathewson | 4ee823668b | |
Nick Mathewson | 569e882496 | |
Nick Mathewson | 6515b74f0e | |
Andrew Lewman | 8f211bad8b | |
Karsten Loesing | 61e7489691 | |
Karsten Loesing | 54e5655924 | |
Nick Mathewson | ca248222bb | |
Nick Mathewson | 9b72e96f95 | |
Nick Mathewson | 5efd2b2fa7 | |
Nick Mathewson | eb1752e458 | |
Roger Dingledine | 97b20ca31d | |
Roger Dingledine | bc5e4cd39e | |
Nick Mathewson | 0d4abea193 | |
Nick Mathewson | a89852636c | |
Nick Mathewson | 76eed8cc18 | |
Nick Mathewson | 119fd23f1e | |
Nick Mathewson | fea3382aca | |
Nick Mathewson | a750683d2f | |
Nick Mathewson | 2548454bc5 | |
Roger Dingledine | c41a27ecec | |
Nick Mathewson | 746980bba7 | |
Nick Mathewson | cc93490e7c | |
Nick Mathewson | eb776e62e2 | |
Nick Mathewson | 61239dd0eb | |
Nick Mathewson | 3e9e1639d7 | |
Nick Mathewson | da1a18d327 | |
Andrew Lewman | 3c8f78b944 | |
Andrew Lewman | 7cf6ceeeee | |
Nick Mathewson | 05c185bec1 | |
Andrew Lewman | 0ee5704545 | |
Roger Dingledine | 78d8680672 | |
Roger Dingledine | d973aea86c | |
Nick Mathewson | d33880d0df | |
Nick Mathewson | 0d091964dd | |
Nick Mathewson | 7e1123bd7e | |
Nick Mathewson | 94ed846ee9 | |
Andrew Lewman | 3e613b2ed7 | |
Roger Dingledine | ac4a96555d | |
Peter Palfrader | f0af560203 | |
Peter Palfrader | 2af266e764 | |
Peter Palfrader | 68640ef02a | |
Nick Mathewson | 686d30edb6 | |
Roger Dingledine | 3769ef4cd2 | |
Roger Dingledine | e5583139fe | |
Roger Dingledine | 411de1fc79 | |
Nick Mathewson | 6489570b89 | |
Nick Mathewson | 6694a86033 | |
Karsten Loesing | ec9690b0f8 | |
Karsten Loesing | 257215489d | |
Steven Murdoch | db94f36633 | |
Steven Murdoch | 5fbba9fa33 | |
Nick Mathewson | 3882cef643 | |
Nick Mathewson | a84e7e26dc | |
Nick Mathewson | b659adadd7 | |
Nick Mathewson | 628fd8814a | |
Andrew Lewman | 87cdf5fd79 | |
Roger Dingledine | d386b81512 | |
Roger Dingledine | 73b7088758 | |
Nick Mathewson | a25d87c651 | |
Karsten Loesing | 43b6ce2689 | |
Roger Dingledine | 543a622314 | |
Roger Dingledine | f789f1f16b | |
Nick Mathewson | 115ea29952 | |
Nick Mathewson | efea050fff | |
Roger Dingledine | 386b7d594b | |
Nick Mathewson | b9ea49103a | |
Nick Mathewson | 9d296f7701 | |
Roger Dingledine | c4397f6257 | |
Nick Mathewson | 618360cf65 | |
Peter Palfrader | d27eafdbcb | |
Nick Mathewson | afba08482f | |
Nick Mathewson | 066104e853 | |
Nick Mathewson | cbadc6efe3 | |
Roger Dingledine | a03e48c541 | |
Roger Dingledine | de8f03be1a | |
Nick Mathewson | 194a66d22a | |
Roger Dingledine | a04e98dd20 | |
Roger Dingledine | e78e004118 | |
Roger Dingledine | 28e38f4e1e | |
Nick Mathewson | 6784c9e314 | |
Nick Mathewson | 278a89d75a | |
Andrew Lewman | 8cf2773aa7 | |
Roger Dingledine | b94d7042ab | |
Andrew Lewman | f4ee118639 | |
Andrew Lewman | ce0eeee5e4 | |
Andrew Lewman | 214955a322 | |
Andrew Lewman | c3491ef061 | |
Andrew Lewman | b1f4c50fe9 | |
Nick Mathewson | ff5898a6ce | |
Nick Mathewson | 772a824d56 | |
Nick Mathewson | 5ec2950ce0 | |
Roger Dingledine | dc15638bf0 | |
Nick Mathewson | 62340f1d76 | |
Nick Mathewson | 355d84d122 | |
Nick Mathewson | 9250b0bd62 | |
Nick Mathewson | c5ef95b802 | |
Nick Mathewson | a062b6d306 | |
Nick Mathewson | ced8657ce2 | |
Peter Palfrader | 240bb9487e | |
Peter Palfrader | fed52f329a | |
Peter Palfrader | 9cd1852d1a | |
Peter Palfrader | 813dc8f494 | |
Roger Dingledine | 48d9b654bd | |
Roger Dingledine | 39f09b4602 | |
Roger Dingledine | cd32629624 | |
Peter Palfrader | 08fd0ab6ed | |
Nick Mathewson | 74afd86208 | |
Nick Mathewson | 26e12f2375 | |
Nick Mathewson | c9f8101f21 | |
Nick Mathewson | be5d943cec | |
Peter Palfrader | fcf0a324fd | |
Andrew Lewman | 243df9c20b | |
Roger Dingledine | 59b5df9b4e | |
Nick Mathewson | 2eda750489 | |
Peter Palfrader | beeacfde3a | |
Peter Palfrader | 555a6e1f8a | |
Nick Mathewson | d4941a0e0b | |
Nick Mathewson | 2dbf09d7f9 | |
Nick Mathewson | 5a48b4faac | |
Roger Dingledine | aeca4d90ed | |
Roger Dingledine | a9e8784c2f | |
Roger Dingledine | cb8386bc08 | |
Nick Mathewson | d5046d7299 | |
Karsten Loesing | 706d1b31a9 | |
Roger Dingledine | 80f03b67ef | |
Roger Dingledine | be21d71eee | |
Nick Mathewson | dfdb74961c | |
Nick Mathewson | e82fcbeac1 | |
Peter Palfrader | 01d712164d | |
Peter Palfrader | 155e5ee6e3 | |
Roger Dingledine | 3c31afb6c4 | |
Roger Dingledine | 753a764939 | |
Roger Dingledine | 6a3755d1f9 | |
Roger Dingledine | d2ec69a7b0 | |
Roger Dingledine | a18d241252 | |
Roger Dingledine | b3947f4e98 | |
Andrew Lewman | e649a72d9c | |
Karsten Loesing | b3aaa47d3e | |
Roger Dingledine | 1fde6994d5 | |
Peter Palfrader | 2f200e5f38 | |
Peter Palfrader | 8b9d97ac63 | |
Peter Palfrader | fccc74c062 | |
Roger Dingledine | 6260054d96 | |
Roger Dingledine | 474e1961a9 | |
Roger Dingledine | 01aa4f95ac | |
Roger Dingledine | 953b775155 | |
Roger Dingledine | d66bb67ae8 | |
Peter Palfrader | 85a80ad73e | |
Peter Palfrader | 1ca7db22e4 | |
Peter Palfrader | e6d48fc2d9 | |
Peter Palfrader | b2d3060c8c | |
Peter Palfrader | 7f0cfe119b | |
Peter Palfrader | 74d92c88d7 | |
Peter Palfrader | 8b6029eefa | |
Peter Palfrader | b972260324 | |
Peter Palfrader | 0577c38c20 | |
Peter Palfrader | cd6f530296 | |
Peter Palfrader | 574f265faf | |
Peter Palfrader | 569de488ef | |
Roger Dingledine | 2f78ff9e18 | |
Roger Dingledine | 32f41a470e | |
Nick Mathewson | e13654799a | |
Nick Mathewson | 0031fee791 | |
Roger Dingledine | 4b34404ac1 | |
Roger Dingledine | 51300f9a90 | |
Roger Dingledine | 2d32de74e3 | |
Roger Dingledine | f3d3d4451f | |
Andrew Lewman | e361de2365 | |
Roger Dingledine | 5b8e84255f | |
Roger Dingledine | ee60a8ddff | |
Roger Dingledine | 2c9d5a4ff8 | |
Nick Mathewson | 613d5cffc2 | |
Nick Mathewson | 11b1ee320e | |
Andrew Lewman | 74a7bca444 | |
Andrew Lewman | fd88349873 | |
Nick Mathewson | c6f406a06c | |
Nick Mathewson | d12b9965f9 | |
Nick Mathewson | 3c504e3fbf | |
Andrew Lewman | 9225f60ed7 | |
Nick Mathewson | 8ff53f98e5 | |
Andrew Lewman | bbe2249030 | |
Andrew Lewman | 8cf5c025d6 | |
Roger Dingledine | df8a602cbe | |
Nick Mathewson | 1ffb56c4bd | |
Nick Mathewson | b206123140 | |
Roger Dingledine | 49595c40ff | |
Roger Dingledine | 18e429c077 | |
Nick Mathewson | 033dea67c0 | |
Nick Mathewson | d67f8df66b | |
Nick Mathewson | a868231584 | |
Roger Dingledine | ef28919ff0 | |
Roger Dingledine | 376b8a573d | |
Roger Dingledine | 0285a82079 | |
Nick Mathewson | 410892763c | |
Nick Mathewson | 611d58e0bc | |
Roger Dingledine | 9704ff2c57 | |
Peter Palfrader | 5b3efdbec3 | |
Nick Mathewson | 9b87cfbdf8 | |
Nick Mathewson | 0fa5a9de05 | |
Nick Mathewson | 040754b3a0 | |
Nick Mathewson | 029a897634 | |
Nick Mathewson | befa56c72e | |
Nick Mathewson | 89f452d077 | |
Roger Dingledine | 41640c6065 | |
Roger Dingledine | f61c2a5f6a | |
Roger Dingledine | 4833d1a30a | |
Roger Dingledine | c590ddd188 | |
Nick Mathewson | e14725a577 | |
Nick Mathewson | 5dfd0c354f | |
Peter Palfrader | 94a9eaaf14 | |
Roger Dingledine | 5b2371a057 | |
Roger Dingledine | a4b4ae3e46 | |
Roger Dingledine | b19167293c | |
Nick Mathewson | ede6ac7c9d | |
Nick Mathewson | 2e0bf9d8bf | |
Nick Mathewson | a041553e21 | |
Nick Mathewson | 2fd8c928b3 | |
Nick Mathewson | a25b424d4b | |
Nick Mathewson | 8a05bd90ce | |
Nick Mathewson | 68b2a57ffd | |
Roger Dingledine | fbb0c6eec3 | |
Roger Dingledine | 28c802b5fd | |
Andrew Lewman | 5f85fc9681 | |
Andrew Lewman | 1e17860d20 | |
Roger Dingledine | 6322457b65 | |
Nick Mathewson | 09c798f3a7 | |
Nick Mathewson | d3b6da8178 | |
Nick Mathewson | 27ddacce62 | |
Nick Mathewson | ae0d14d346 | |
Nick Mathewson | 73842d8045 | |
Roger Dingledine | ec673cf9ae | |
Peter Palfrader | cb59d39e6f | |
Nick Mathewson | f571799a67 | |
Nick Mathewson | f219ebed3e | |
Andrew Lewman | 4128104807 | |
Andrew Lewman | e1ad6b4ad3 | |
Andrew Lewman | 007a10886c | |
Nick Mathewson | f58d16ed9e | |
Nick Mathewson | f5557c0d28 | |
Nick Mathewson | 83825b4883 | |
Nick Mathewson | da74dbd35e | |
Nick Mathewson | 18c2beec07 | |
Roger Dingledine | 55b2833528 | |
Peter Palfrader | a6246d2a20 | |
Peter Palfrader | 176d5c63b1 | |
Roger Dingledine | 54c52cb5b1 | |
Roger Dingledine | 981ad6021d | |
Andrew Lewman | ef551d7d26 | |
Peter Palfrader | 504a9308b0 | |
Peter Palfrader | 8b8f7ed919 | |
Peter Palfrader | 9dcc7b714b | |
Andrew Lewman | 2af8051fbc | |
Andrew Lewman | 6827af274c | |
Roger Dingledine | 77302e3578 | |
Roger Dingledine | fc3f30c95e | |
Roger Dingledine | 6c37f1e309 | |
Roger Dingledine | c45819368b | |
Nick Mathewson | 0be0f230ee | |
Nick Mathewson | a258f9b594 | |
Nick Mathewson | 877ee496b1 | |
Nick Mathewson | 1c614a1a0c | |
Nick Mathewson | cc45318989 | |
Nick Mathewson | fd881ec282 | |
Nick Mathewson | 726141b4da | |
Roger Dingledine | 2d179e35ab | |
Nick Mathewson | 5109f64107 | |
Nick Mathewson | 5e63abc20b | |
Nick Mathewson | 7f61a72111 | |
Peter Palfrader | 7b3af83389 | |
Nick Mathewson | c33722b5c0 | |
Roger Dingledine | ada5a66961 | |
Nick Mathewson | 8785759e0d | |
Nick Mathewson | a8d72cdfff | |
Nick Mathewson | a1b8b1bf12 | |
Nick Mathewson | 8b36025a21 | |
Peter Palfrader | 1126cf41f2 | |
Peter Palfrader | 46b104b9e7 | |
Nick Mathewson | fc33b331df | |
Nick Mathewson | 9349137f6e | |
Nick Mathewson | cd4ae7193d | |
Peter Palfrader | e1829bf8cd | |
Nick Mathewson | 2c66c7d1e0 | |
Nick Mathewson | 5c6d0919ba | |
Roger Dingledine | d8651d1072 | |
Roger Dingledine | 80ac7afb2e | |
Nick Mathewson | 77edf15f0d | |
Peter Palfrader | 1cdf610622 | |
Roger Dingledine | 517bc3dc64 | |
Peter Palfrader | 9a8c5aae2d | |
Peter Palfrader | 4f4df7e6e7 | |
Peter Palfrader | 977da15690 | |
Roger Dingledine | 1ff70f2402 | |
Roger Dingledine | cc4ade840a | |
Roger Dingledine | 37f2f548bf | |
Nick Mathewson | 211da8ea14 | |
Roger Dingledine | a52c215dd1 | |
Roger Dingledine | 4c7e515a40 | |
Nick Mathewson | b229154fa8 | |
Nick Mathewson | 28f353a684 |
|
@ -0,0 +1,136 @@
|
|||
# Editor droppings
|
||||
\#*\#
|
||||
.#*
|
||||
*~
|
||||
# C stuff
|
||||
*.o
|
||||
# Diff droppings
|
||||
*.orig
|
||||
*.rej
|
||||
# gcov stuff
|
||||
*.gcno
|
||||
*.gcov
|
||||
*.gcda
|
||||
# latex stuff
|
||||
*.aux
|
||||
*.dvi
|
||||
*.blg
|
||||
*.bbl
|
||||
*.log
|
||||
# Autotools stuff
|
||||
.deps
|
||||
# Stuff made by our makefiles
|
||||
*.bak
|
||||
|
||||
# /
|
||||
/Makefile
|
||||
/Makefile.in
|
||||
/aclocal.m4
|
||||
/autom4te.cache
|
||||
/build-stamp
|
||||
/configure
|
||||
/Doxyfile
|
||||
/orconfig.h
|
||||
/orconfig.h.in
|
||||
/config.cache
|
||||
/config.log
|
||||
/config.status
|
||||
/config.guess
|
||||
/config.sub
|
||||
/conftest*
|
||||
/patch-stamp
|
||||
/stamp-h
|
||||
/stamp-h.in
|
||||
/stamp-h1
|
||||
/tor.sh
|
||||
/tor.spec
|
||||
/depcomp
|
||||
/install-sh
|
||||
/missing
|
||||
/mkinstalldirs
|
||||
/Tor*Bundle.dmg
|
||||
/tor-*-win32.exe
|
||||
|
||||
# /contrib/
|
||||
/contrib/Makefile
|
||||
/contrib/Makefile.in
|
||||
/contrib/tor.sh
|
||||
/contrib/torctl
|
||||
/contrib/torify
|
||||
/contrib/*.pyc
|
||||
/contrib/*.pyo
|
||||
/contrib/tor.logrotate
|
||||
/contrib/tor.wxs
|
||||
|
||||
# /contrib/osx/
|
||||
/contrib/osx/Makefile
|
||||
/contrib/osx/Makefile.in
|
||||
/contrib/osx/TorBundleDesc.plist
|
||||
/contrib/osx/TorBundleInfo.plist
|
||||
/contrib/osx/TorDesc.plist
|
||||
/contrib/osx/TorInfo.plist
|
||||
/contrib/osx/TorStartupDesc.plist
|
||||
/contrib/osx/net.freehaven.tor.plist
|
||||
|
||||
# /contrib/suse/
|
||||
/contrib/suse/tor.sh
|
||||
/contrib/suse/Makefile.in
|
||||
/contrib/suse/Makefile
|
||||
|
||||
# /debian/
|
||||
/debian/files
|
||||
/debian/patched
|
||||
/debian/tor
|
||||
/debian/tor.postinst.debhelper
|
||||
/debian/tor.postrm.debhelper
|
||||
/debian/tor.prerm.debhelper
|
||||
/debian/tor.substvars
|
||||
|
||||
# /doc/
|
||||
/doc/Makefile
|
||||
/doc/Makefile.in
|
||||
/doc/tor.1
|
||||
/doc/doxygen
|
||||
|
||||
# /doc/design-paper/
|
||||
/doc/design-paper/Makefile
|
||||
/doc/design-paper/Makefile.in
|
||||
|
||||
# /doc/spec/
|
||||
/doc/spec/Makefile
|
||||
/doc/spec/Makefile.in
|
||||
|
||||
# /src/
|
||||
/src/Makefile
|
||||
/src/Makefile.in
|
||||
|
||||
# /src/common/
|
||||
/src/common/Makefile
|
||||
/src/common/Makefile.in
|
||||
/src/common/libor.a
|
||||
/src/common/libor-crypto.a
|
||||
|
||||
# /src/config/
|
||||
/src/config/Makefile
|
||||
/src/config/Makefile.in
|
||||
/src/config/sample-server-torrc
|
||||
/src/config/torrc
|
||||
/src/config/torrc.sample
|
||||
|
||||
# /src/or/
|
||||
/src/or/Makefile
|
||||
/src/or/Makefile.in
|
||||
/src/or/micro-revision.*
|
||||
/src/or/tor
|
||||
/src/or/test
|
||||
|
||||
# /src/tools/
|
||||
/src/tools/tor-checkkey
|
||||
/src/tools/tor-resolve
|
||||
/src/tools/tor-gencert
|
||||
/src/tools/Makefile
|
||||
/src/tools/Makefile.in
|
||||
|
||||
# /src/win32/
|
||||
/src/win32/Makefile
|
||||
/src/win32/Makefile.in
|
613
ChangeLog
613
ChangeLog
|
@ -1,4 +1,612 @@
|
|||
Changes in version 0.2.0.21-rc - 2008-0?-??
|
||||
Changes in version 0.2.0.35 - 2009-06-24
|
||||
o Security fix:
|
||||
- Avoid crashing in the presence of certain malformed descriptors.
|
||||
Found by lark, and by automated fuzzing.
|
||||
- Fix an edge case where a malicious exit relay could convince a
|
||||
controller that the client's DNS question resolves to an internal IP
|
||||
address. Bug found and fixed by "optimist"; bugfix on 0.1.2.8-beta.
|
||||
|
||||
o Major bugfixes:
|
||||
- Finally fix the bug where dynamic-IP relays disappear when their
|
||||
IP address changes: directory mirrors were mistakenly telling
|
||||
them their old address if they asked via begin_dir, so they
|
||||
never got an accurate answer about their new address, so they
|
||||
just vanished after a day. For belt-and-suspenders, relays that
|
||||
don't set Address in their config now avoid using begin_dir for
|
||||
all direct connections. Should fix bugs 827, 883, and 900.
|
||||
- Fix a timing-dependent, allocator-dependent, DNS-related crash bug
|
||||
that would occur on some exit nodes when DNS failures and timeouts
|
||||
occurred in certain patterns. Fix for bug 957.
|
||||
|
||||
o Minor bugfixes:
|
||||
- When starting with a cache over a few days old, do not leak
|
||||
memory for the obsolete router descriptors in it. Bugfix on
|
||||
0.2.0.33; fixes bug 672.
|
||||
- Hidden service clients didn't use a cached service descriptor that
|
||||
was older than 15 minutes, but wouldn't fetch a new one either,
|
||||
because there was already one in the cache. Now, fetch a v2
|
||||
descriptor unless the same descriptor was added to the cache within
|
||||
the last 15 minutes. Fixes bug 997; reported by Marcus Griep.
|
||||
|
||||
|
||||
Changes in version 0.2.0.34 - 2009-02-08
|
||||
Tor 0.2.0.34 features several more security-related fixes. You should
|
||||
upgrade, especially if you run an exit relay (remote crash) or a
|
||||
directory authority (remote infinite loop), or you're on an older
|
||||
(pre-XP) or not-recently-patched Windows (remote exploit).
|
||||
|
||||
This release marks end-of-life for Tor 0.1.2.x. Those Tor versions
|
||||
have many known flaws, and nobody should be using them. You should
|
||||
upgrade. If you're using a Linux or BSD and its packages are obsolete,
|
||||
stop using those packages and upgrade anyway.
|
||||
|
||||
o Security fixes:
|
||||
- Fix an infinite-loop bug on handling corrupt votes under certain
|
||||
circumstances. Bugfix on 0.2.0.8-alpha.
|
||||
- Fix a temporary DoS vulnerability that could be performed by
|
||||
a directory mirror. Bugfix on 0.2.0.9-alpha; reported by lark.
|
||||
- Avoid a potential crash on exit nodes when processing malformed
|
||||
input. Remote DoS opportunity. Bugfix on 0.2.0.33.
|
||||
- Do not accept incomplete ipv4 addresses (like 192.168.0) as valid.
|
||||
Spec conformance issue. Bugfix on Tor 0.0.2pre27.
|
||||
|
||||
o Minor bugfixes:
|
||||
- Fix compilation on systems where time_t is a 64-bit integer.
|
||||
Patch from Matthias Drochner.
|
||||
- Don't consider expiring already-closed client connections. Fixes
|
||||
bug 893. Bugfix on 0.0.2pre20.
|
||||
|
||||
|
||||
Changes in version 0.2.0.33 - 2009-01-21
|
||||
Tor 0.2.0.33 fixes a variety of bugs that were making relays less
|
||||
useful to users. It also finally fixes a bug where a relay or client
|
||||
that's been off for many days would take a long time to bootstrap.
|
||||
|
||||
This update also fixes an important security-related bug reported by
|
||||
Ilja van Sprundel. You should upgrade. (We'll send out more details
|
||||
about the bug once people have had some time to upgrade.)
|
||||
|
||||
o Security fixes:
|
||||
- Fix a heap-corruption bug that may be remotely triggerable on
|
||||
some platforms. Reported by Ilja van Sprundel.
|
||||
|
||||
o Major bugfixes:
|
||||
- When a stream at an exit relay is in state "resolving" or
|
||||
"connecting" and it receives an "end" relay cell, the exit relay
|
||||
would silently ignore the end cell and not close the stream. If
|
||||
the client never closes the circuit, then the exit relay never
|
||||
closes the TCP connection. Bug introduced in Tor 0.1.2.1-alpha;
|
||||
reported by "wood".
|
||||
- When sending CREATED cells back for a given circuit, use a 64-bit
|
||||
connection ID to find the right connection, rather than an addr:port
|
||||
combination. Now that we can have multiple OR connections between
|
||||
the same ORs, it is no longer possible to use addr:port to uniquely
|
||||
identify a connection.
|
||||
- Bridge relays that had DirPort set to 0 would stop fetching
|
||||
descriptors shortly after startup, and then briefly resume
|
||||
after a new bandwidth test and/or after publishing a new bridge
|
||||
descriptor. Bridge users that try to bootstrap from them would
|
||||
get a recent networkstatus but would get descriptors from up to
|
||||
18 hours earlier, meaning most of the descriptors were obsolete
|
||||
already. Reported by Tas; bugfix on 0.2.0.13-alpha.
|
||||
- Prevent bridge relays from serving their 'extrainfo' document
|
||||
to anybody who asks, now that extrainfo docs include potentially
|
||||
sensitive aggregated client geoip summaries. Bugfix on
|
||||
0.2.0.13-alpha.
|
||||
- If the cached networkstatus consensus is more than five days old,
|
||||
discard it rather than trying to use it. In theory it could be
|
||||
useful because it lists alternate directory mirrors, but in practice
|
||||
it just means we spend many minutes trying directory mirrors that
|
||||
are long gone from the network. Also discard router descriptors as
|
||||
we load them if they are more than five days old, since the onion
|
||||
key is probably wrong by now. Bugfix on 0.2.0.x. Fixes bug 887.
|
||||
|
||||
o Minor bugfixes:
|
||||
- Do not mark smartlist_bsearch_idx() function as ATTR_PURE. This bug
|
||||
could make gcc generate non-functional binary search code. Bugfix
|
||||
on 0.2.0.10-alpha.
|
||||
- Build correctly on platforms without socklen_t.
|
||||
- Compile without warnings on solaris.
|
||||
- Avoid potential crash on internal error during signature collection.
|
||||
Fixes bug 864. Patch from rovv.
|
||||
- Correct handling of possible malformed authority signing key
|
||||
certificates with internal signature types. Fixes bug 880.
|
||||
Bugfix on 0.2.0.3-alpha.
|
||||
- Fix a hard-to-trigger resource leak when logging credential status.
|
||||
CID 349.
|
||||
- When we can't initialize DNS because the network is down, do not
|
||||
automatically stop Tor from starting. Instead, we retry failed
|
||||
dns_init() every 10 minutes, and change the exit policy to reject
|
||||
*:* until one succeeds. Fixes bug 691.
|
||||
- Use 64 bits instead of 32 bits for connection identifiers used with
|
||||
the controller protocol, to greatly reduce risk of identifier reuse.
|
||||
- When we're choosing an exit node for a circuit, and we have
|
||||
no pending streams, choose a good general exit rather than one that
|
||||
supports "all the pending streams". Bugfix on 0.1.1.x. Fix by rovv.
|
||||
- Fix another case of assuming, when a specific exit is requested,
|
||||
that we know more than the user about what hosts it allows.
|
||||
Fixes one case of bug 752. Patch from rovv.
|
||||
- Clip the MaxCircuitDirtiness config option to a minimum of 10
|
||||
seconds. Warn the user if lower values are given in the
|
||||
configuration. Bugfix on 0.1.0.1-rc. Patch by Sebastian.
|
||||
- Clip the CircuitBuildTimeout to a minimum of 30 seconds. Warn the
|
||||
user if lower values are given in the configuration. Bugfix on
|
||||
0.1.1.17-rc. Patch by Sebastian.
|
||||
- Fix a memory leak when we decline to add a v2 rendezvous descriptor to
|
||||
the cache because we already had a v0 descriptor with the same ID.
|
||||
Bugfix on 0.2.0.18-alpha.
|
||||
- Fix a race condition when freeing keys shared between main thread
|
||||
and CPU workers that could result in a memory leak. Bugfix on
|
||||
0.1.0.1-rc. Fixes bug 889.
|
||||
- Send a valid END cell back when a client tries to connect to a
|
||||
nonexistent hidden service port. Bugfix on 0.1.2.15. Fixes bug
|
||||
840. Patch from rovv.
|
||||
- Check which hops rendezvous stream cells are associated with to
|
||||
prevent possible guess-the-streamid injection attacks from
|
||||
intermediate hops. Fixes another case of bug 446. Based on patch
|
||||
from rovv.
|
||||
- If a broken client asks a non-exit router to connect somewhere,
|
||||
do not even do the DNS lookup before rejecting the connection.
|
||||
Fixes another case of bug 619. Patch from rovv.
|
||||
- When a relay gets a create cell it can't decrypt (e.g. because it's
|
||||
using the wrong onion key), we were dropping it and letting the
|
||||
client time out. Now actually answer with a destroy cell. Fixes
|
||||
bug 904. Bugfix on 0.0.2pre8.
|
||||
|
||||
o Minor bugfixes (hidden services):
|
||||
- Do not throw away existing introduction points on SIGHUP. Bugfix on
|
||||
0.0.6pre1. Patch by Karsten. Fixes bug 874.
|
||||
|
||||
o Minor features:
|
||||
- Report the case where all signatures in a detached set are rejected
|
||||
differently than the case where there is an error handling the
|
||||
detached set.
|
||||
- When we realize that another process has modified our cached
|
||||
descriptors, print out a more useful error message rather than
|
||||
triggering an assertion. Fixes bug 885. Patch from Karsten.
|
||||
- Implement the 0x20 hack to better resist DNS poisoning: set the
|
||||
case on outgoing DNS requests randomly, and reject responses that do
|
||||
not match the case correctly. This logic can be disabled with the
|
||||
ServerDNSRamdomizeCase setting, if you are using one of the 0.3%
|
||||
of servers that do not reliably preserve case in replies. See
|
||||
"Increased DNS Forgery Resistance through 0x20-Bit Encoding"
|
||||
for more info.
|
||||
- Check DNS replies for more matching fields to better resist DNS
|
||||
poisoning.
|
||||
- Never use OpenSSL compression: it wastes RAM and CPU trying to
|
||||
compress cells, which are basically all encrypted, compressed, or
|
||||
both.
|
||||
|
||||
|
||||
Changes in version 0.2.0.32 - 2008-11-20
|
||||
Tor 0.2.0.32 fixes a major security problem in Debian and Ubuntu
|
||||
packages (and maybe other packages) noticed by Theo de Raadt, fixes
|
||||
a smaller security flaw that might allow an attacker to access local
|
||||
services, further improves hidden service performance, and fixes a
|
||||
variety of other issues.
|
||||
|
||||
o Security fixes:
|
||||
- The "User" and "Group" config options did not clear the
|
||||
supplementary group entries for the Tor process. The "User" option
|
||||
is now more robust, and we now set the groups to the specified
|
||||
user's primary group. The "Group" option is now ignored. For more
|
||||
detailed logging on credential switching, set CREDENTIAL_LOG_LEVEL
|
||||
in common/compat.c to LOG_NOTICE or higher. Patch by Jacob Appelbaum
|
||||
and Steven Murdoch. Bugfix on 0.0.2pre14. Fixes bug 848 and 857.
|
||||
- The "ClientDNSRejectInternalAddresses" config option wasn't being
|
||||
consistently obeyed: if an exit relay refuses a stream because its
|
||||
exit policy doesn't allow it, we would remember what IP address
|
||||
the relay said the destination address resolves to, even if it's
|
||||
an internal IP address. Bugfix on 0.2.0.7-alpha; patch by rovv.
|
||||
|
||||
o Major bugfixes:
|
||||
- Fix a DOS opportunity during the voting signature collection process
|
||||
at directory authorities. Spotted by rovv. Bugfix on 0.2.0.x.
|
||||
|
||||
o Major bugfixes (hidden services):
|
||||
- When fetching v0 and v2 rendezvous service descriptors in parallel,
|
||||
we were failing the whole hidden service request when the v0
|
||||
descriptor fetch fails, even if the v2 fetch is still pending and
|
||||
might succeed. Similarly, if the last v2 fetch fails, we were
|
||||
failing the whole hidden service request even if a v0 fetch is
|
||||
still pending. Fixes bug 814. Bugfix on 0.2.0.10-alpha.
|
||||
- When extending a circuit to a hidden service directory to upload a
|
||||
rendezvous descriptor using a BEGIN_DIR cell, almost 1/6 of all
|
||||
requests failed, because the router descriptor has not been
|
||||
downloaded yet. In these cases, do not attempt to upload the
|
||||
rendezvous descriptor, but wait until the router descriptor is
|
||||
downloaded and retry. Likewise, do not attempt to fetch a rendezvous
|
||||
descriptor from a hidden service directory for which the router
|
||||
descriptor has not yet been downloaded. Fixes bug 767. Bugfix
|
||||
on 0.2.0.10-alpha.
|
||||
|
||||
o Minor bugfixes:
|
||||
- Fix several infrequent memory leaks spotted by Coverity.
|
||||
- When testing for libevent functions, set the LDFLAGS variable
|
||||
correctly. Found by Riastradh.
|
||||
- Avoid a bug where the FastFirstHopPK 0 option would keep Tor from
|
||||
bootstrapping with tunneled directory connections. Bugfix on
|
||||
0.1.2.5-alpha. Fixes bug 797. Found by Erwin Lam.
|
||||
- When asked to connect to A.B.exit:80, if we don't know the IP for A
|
||||
and we know that server B rejects most-but-not all connections to
|
||||
port 80, we would previously reject the connection. Now, we assume
|
||||
the user knows what they were asking for. Fixes bug 752. Bugfix
|
||||
on 0.0.9rc5. Diagnosed by BarkerJr.
|
||||
- If we overrun our per-second write limits a little, count this as
|
||||
having used up our write allocation for the second, and choke
|
||||
outgoing directory writes. Previously, we had only counted this when
|
||||
we had met our limits precisely. Fixes bug 824. Patch from by rovv.
|
||||
Bugfix on 0.2.0.x (??).
|
||||
- Remove the old v2 directory authority 'lefkada' from the default
|
||||
list. It has been gone for many months.
|
||||
- Stop doing unaligned memory access that generated bus errors on
|
||||
sparc64. Bugfix on 0.2.0.10-alpha. Fixes bug 862.
|
||||
- Make USR2 log-level switch take effect immediately. Bugfix on
|
||||
0.1.2.8-beta.
|
||||
|
||||
o Minor bugfixes (controller):
|
||||
- Make DNS resolved events into "CLOSED", not "FAILED". Bugfix on
|
||||
0.1.2.5-alpha. Fix by Robert Hogan. Resolves bug 807.
|
||||
|
||||
|
||||
Changes in version 0.2.0.31 - 2008-09-03
|
||||
Tor 0.2.0.31 addresses two potential anonymity issues, starts to fix
|
||||
a big bug we're seeing where in rare cases traffic from one Tor stream
|
||||
gets mixed into another stream, and fixes a variety of smaller issues.
|
||||
|
||||
o Major bugfixes:
|
||||
- Make sure that two circuits can never exist on the same connection
|
||||
with the same circuit ID, even if one is marked for close. This
|
||||
is conceivably a bugfix for bug 779. Bugfix on 0.1.0.4-rc.
|
||||
- Relays now reject risky extend cells: if the extend cell includes
|
||||
a digest of all zeroes, or asks to extend back to the relay that
|
||||
sent the extend cell, tear down the circuit. Ideas suggested
|
||||
by rovv.
|
||||
- If not enough of our entry guards are available so we add a new
|
||||
one, we might use the new one even if it overlapped with the
|
||||
current circuit's exit relay (or its family). Anonymity bugfix
|
||||
pointed out by rovv.
|
||||
|
||||
o Minor bugfixes:
|
||||
- Recover 3-7 bytes that were wasted per memory chunk. Fixes bug
|
||||
794; bug spotted by rovv. Bugfix on 0.2.0.1-alpha.
|
||||
- Correctly detect the presence of the linux/netfilter_ipv4.h header
|
||||
when building against recent kernels. Bugfix on 0.1.2.1-alpha.
|
||||
- Pick size of default geoip filename string correctly on windows.
|
||||
Fixes bug 806. Bugfix on 0.2.0.30.
|
||||
- Make the autoconf script accept the obsolete --with-ssl-dir
|
||||
option as an alias for the actually-working --with-openssl-dir
|
||||
option. Fix the help documentation to recommend --with-openssl-dir.
|
||||
Based on a patch by "Dave". Bugfix on 0.2.0.1-alpha.
|
||||
- Disallow session resumption attempts during the renegotiation
|
||||
stage of the v2 handshake protocol. Clients should never be trying
|
||||
session resumption at this point, but apparently some did, in
|
||||
ways that caused the handshake to fail. Bug found by Geoff Goodell.
|
||||
Bugfix on 0.2.0.20-rc.
|
||||
- When using the TransPort option on OpenBSD, and using the User
|
||||
option to change UID and drop privileges, make sure to open
|
||||
/dev/pf before dropping privileges. Fixes bug 782. Patch from
|
||||
Christopher Davis. Bugfix on 0.1.2.1-alpha.
|
||||
- Try to attach connections immediately upon receiving a RENDEZVOUS2
|
||||
or RENDEZVOUS_ESTABLISHED cell. This can save a second or two
|
||||
on the client side when connecting to a hidden service. Bugfix
|
||||
on 0.0.6pre1. Found and fixed by Christian Wilms; resolves bug 743.
|
||||
- When closing an application-side connection because its circuit is
|
||||
getting torn down, generate the stream event correctly. Bugfix on
|
||||
0.1.2.x. Anonymous patch.
|
||||
|
||||
|
||||
Changes in version 0.2.0.30 - 2008-07-15
|
||||
o Minor bugfixes:
|
||||
- Stop using __attribute__((nonnull)) with GCC: it can give us useful
|
||||
warnings (occasionally), but it can also cause the compiler to
|
||||
eliminate error-checking code. Suggested by Peter Gutmann.
|
||||
|
||||
|
||||
Changes in version 0.2.0.29-rc - 2008-07-08
|
||||
Tor 0.2.0.29-rc fixes two big bugs with using bridges, fixes more
|
||||
hidden-service performance bugs, and fixes a bunch of smaller bugs.
|
||||
|
||||
o Major bugfixes:
|
||||
- If you have more than one bridge but don't know their keys,
|
||||
you would only launch a request for the descriptor of the first one
|
||||
on your list. (Tor considered launching requests for the others, but
|
||||
found that it already had a connection on the way for $0000...0000
|
||||
so it didn't open another.) Bugfix on 0.2.0.x.
|
||||
- If you have more than one bridge but don't know their keys, and the
|
||||
connection to one of the bridges failed, you would cancel all
|
||||
pending bridge connections. (After all, they all have the same
|
||||
digest.) Bugfix on 0.2.0.x.
|
||||
- When a hidden service was trying to establish an introduction point,
|
||||
and Tor had built circuits preemptively for such purposes, we
|
||||
were ignoring all the preemptive circuits and launching a new one
|
||||
instead. Bugfix on 0.2.0.14-alpha.
|
||||
- When a hidden service was trying to establish an introduction point,
|
||||
and Tor *did* manage to reuse one of the preemptively built
|
||||
circuits, it didn't correctly remember which one it used,
|
||||
so it asked for another one soon after, until there were no
|
||||
more preemptive circuits, at which point it launched one from
|
||||
scratch. Bugfix on 0.0.9.x.
|
||||
- Make directory servers include the X-Your-Address-Is: http header in
|
||||
their responses even for begin_dir conns. Now clients who only
|
||||
ever use begin_dir connections still have a way to learn their IP
|
||||
address. Fixes bug 737; bugfix on 0.2.0.22-rc. Reported by goldy.
|
||||
|
||||
o Minor bugfixes:
|
||||
- Fix a macro/CPP interactions that was confusing some compilers:
|
||||
some GCCs don't like #if/#endif pairs inside macro arguments.
|
||||
Fix for bug 707.
|
||||
- Fix macro collision between OpenSSL 0.9.8h and Windows headers.
|
||||
Fixes bug 704; fix from Steven Murdoch.
|
||||
- When opening /dev/null in finish_daemonize(), do not pass the
|
||||
O_CREAT flag. Fortify was complaining, and correctly so. Fixes
|
||||
bug 742; fix from Michael Scherer. Bugfix on 0.0.2pre19.
|
||||
- Correctly detect transparent proxy support on Linux hosts that
|
||||
require in.h to be included before netfilter_ipv4.h. Patch
|
||||
from coderman.
|
||||
|
||||
|
||||
Changes in version 0.2.0.28-rc - 2008-06-13
|
||||
o Anonymity fixes:
|
||||
- Fix a bug where, when we were choosing the 'end stream reason' to
|
||||
put in our relay end cell that we send to the exit relay, Tor
|
||||
clients on Windows were sometimes sending the wrong 'reason'. The
|
||||
anonymity problem is that exit relays may be able to guess whether
|
||||
the client is running Windows, thus helping partition the anonymity
|
||||
set. Down the road we should stop sending reasons to exit relays,
|
||||
or otherwise prevent future versions of this bug.
|
||||
|
||||
o Major bugfixes:
|
||||
- While setting up a hidden service, some valid introduction circuits
|
||||
were overlooked and abandoned. This might be the reason for
|
||||
the long delay in making a hidden service available. Bugfix on
|
||||
0.2.0.14-alpha.
|
||||
|
||||
o Minor features:
|
||||
- Update to the "June 9 2008" ip-to-country file.
|
||||
- Run 'make test' as part of 'make dist', so we stop releasing so
|
||||
many development snapshots that fail their unit tests.
|
||||
|
||||
o Minor bugfixes:
|
||||
- When we're checking if we have enough dir info for each relay
|
||||
to begin establishing circuits, make sure that we actually have
|
||||
the descriptor listed in the consensus, not just any descriptor.
|
||||
- Bridge relays no longer print "xx=0" in their extrainfo document
|
||||
for every single country code in the geoip db.
|
||||
- Only warn when we fail to load the geoip file if we were planning to
|
||||
include geoip stats in our extrainfo document.
|
||||
- If we change our MaxAdvertisedBandwidth and then reload torrc,
|
||||
Tor won't realize it should publish a new relay descriptor. Fixes
|
||||
bug 688, reported by mfr.
|
||||
- When we haven't had any application requests lately, don't bother
|
||||
logging that we have expired a bunch of descriptors.
|
||||
- Make relay cells written on a connection count as non-padding when
|
||||
tracking how long a connection has been in use. Bugfix on
|
||||
0.2.0.1-alpha. Spotted by lodger.
|
||||
- Fix unit tests in 0.2.0.27-rc.
|
||||
- Fix compile on Windows.
|
||||
|
||||
|
||||
Changes in version 0.2.0.27-rc - 2008-06-03
|
||||
o Major features:
|
||||
- Include an IP-to-country GeoIP file in the tarball, so bridge
|
||||
relays can report sanitized summaries of the usage they're seeing.
|
||||
|
||||
o Minor features:
|
||||
- Add a "PURPOSE=" argument to "STREAM NEW" events, as suggested by
|
||||
Robert Hogan. Fixes the first part of bug 681.
|
||||
- Make bridge authorities never serve extrainfo docs.
|
||||
- Add support to detect Libevent versions in the 1.4.x series
|
||||
on mingw.
|
||||
- Fix build on gcc 4.3 with --enable-gcc-warnings set.
|
||||
- Include a new contrib/tor-exit-notice.html file that exit relay
|
||||
operators can put on their website to help reduce abuse queries.
|
||||
|
||||
o Minor bugfixes:
|
||||
- When tunneling an encrypted directory connection, and its first
|
||||
circuit fails, do not leave it unattached and ask the controller
|
||||
to deal. Fixes the second part of bug 681.
|
||||
- Make bridge authorities correctly expire old extrainfo documents
|
||||
from time to time.
|
||||
|
||||
|
||||
Changes in version 0.2.0.26-rc - 2008-05-13
|
||||
Tor 0.2.0.26-rc fixes a major security vulnerability caused by a bug
|
||||
in Debian's OpenSSL packages. All users running any 0.2.0.x version
|
||||
should upgrade, whether they're running Debian or not.
|
||||
|
||||
o Major security fixes:
|
||||
- Use new V3 directory authority keys on the tor26, gabelmoo, and
|
||||
moria1 V3 directory authorities. The old keys were generated with
|
||||
a vulnerable version of Debian's OpenSSL package, and must be
|
||||
considered compromised. Other authorities' keys were not generated
|
||||
with an affected version of OpenSSL.
|
||||
|
||||
o Major bugfixes:
|
||||
- List authority signatures as "unrecognized" based on DirServer
|
||||
lines, not on cert cache. Bugfix on 0.2.0.x.
|
||||
|
||||
o Minor features:
|
||||
- Add a new V3AuthUseLegacyKey option to make it easier for
|
||||
authorities to change their identity keys if they have to.
|
||||
|
||||
|
||||
Changes in version 0.2.0.25-rc - 2008-04-23
|
||||
Tor 0.2.0.25-rc makes Tor work again on OS X and certain BSDs.
|
||||
|
||||
o Major bugfixes:
|
||||
- Remember to initialize threading before initializing logging.
|
||||
Otherwise, many BSD-family implementations will crash hard on
|
||||
startup. Fixes bug 671. Bugfix on 0.2.0.24-rc.
|
||||
|
||||
o Minor bugfixes:
|
||||
- Authorities correctly free policies on bad servers on
|
||||
exit. Fixes bug 672. Bugfix on 0.2.0.x.
|
||||
|
||||
|
||||
Changes in version 0.2.0.24-rc - 2008-04-22
|
||||
Tor 0.2.0.24-rc adds dizum (run by Alex de Joode) as the new sixth
|
||||
v3 directory authority, makes relays with dynamic IP addresses and no
|
||||
DirPort notice more quickly when their IP address changes, fixes a few
|
||||
rare crashes and memory leaks, and fixes a few other miscellaneous bugs.
|
||||
|
||||
o New directory authorities:
|
||||
- Take lefkada out of the list of v3 directory authorities, since
|
||||
it has been down for months.
|
||||
- Set up dizum (run by Alex de Joode) as the new sixth v3 directory
|
||||
authority.
|
||||
|
||||
o Major bugfixes:
|
||||
- Detect address changes more quickly on non-directory mirror
|
||||
relays. Bugfix on 0.2.0.18-alpha; fixes bug 652.
|
||||
|
||||
o Minor features (security):
|
||||
- Reject requests for reverse-dns lookup of names that are in
|
||||
a private address space. Patch from lodger.
|
||||
- Non-exit relays no longer allow DNS requests. Fixes bug 619. Patch
|
||||
from lodger.
|
||||
|
||||
o Minor bugfixes (crashes):
|
||||
- Avoid a rare assert that can trigger when Tor doesn't have much
|
||||
directory information yet and it tries to fetch a v2 hidden
|
||||
service descriptor. Fixes bug 651, reported by nwf.
|
||||
- Initialize log mutex before initializing dmalloc. Otherwise,
|
||||
running with dmalloc would crash. Bugfix on 0.2.0.x-alpha.
|
||||
- Use recursive pthread mutexes in order to avoid deadlock when
|
||||
logging debug-level messages to a controller. Bug spotted by nwf,
|
||||
bugfix on 0.2.0.16-alpha.
|
||||
|
||||
o Minor bugfixes (resource management):
|
||||
- Keep address policies from leaking memory: start their refcount
|
||||
at 1, not 2. Bugfix on 0.2.0.16-alpha.
|
||||
- Free authority certificates on exit, so they don't look like memory
|
||||
leaks. Bugfix on 0.2.0.19-alpha.
|
||||
- Free static hashtables for policy maps and for TLS connections on
|
||||
shutdown, so they don't look like memory leaks. Bugfix on 0.2.0.x.
|
||||
- Avoid allocating extra space when computing consensuses on 64-bit
|
||||
platforms. Bug spotted by aakova.
|
||||
|
||||
o Minor bugfixes (misc):
|
||||
- Do not read the configuration file when we've only been told to
|
||||
generate a password hash. Fixes bug 643. Bugfix on 0.0.9pre5. Fix
|
||||
based on patch from Sebastian Hahn.
|
||||
- Exit relays that are used as a client can now reach themselves
|
||||
using the .exit notation, rather than just launching an infinite
|
||||
pile of circuits. Fixes bug 641. Reported by Sebastian Hahn.
|
||||
- When attempting to open a logfile fails, tell us why.
|
||||
- Fix a dumb bug that was preventing us from knowing that we should
|
||||
preemptively build circuits to handle expected directory requests.
|
||||
Fixes bug 660. Bugfix on 0.1.2.x.
|
||||
- Warn less verbosely about clock skew from netinfo cells from
|
||||
untrusted sources. Fixes bug 663.
|
||||
- Make controller stream events for DNS requests more consistent,
|
||||
by adding "new stream" events for DNS requests, and removing
|
||||
spurious "stream closed" events" for cached reverse resolves.
|
||||
Patch from mwenge. Fixes bug 646.
|
||||
- Correctly notify one-hop connections when a circuit build has
|
||||
failed. Possible fix for bug 669. Found by lodger.
|
||||
|
||||
|
||||
Changes in version 0.2.0.23-rc - 2008-03-24
|
||||
Tor 0.2.0.23-rc is the fourth release candidate for the 0.2.0 series. It
|
||||
makes bootstrapping faster if the first directory mirror you contact
|
||||
is down. The bundles also include the new Vidalia 0.1.2 release.
|
||||
|
||||
o Major bugfixes:
|
||||
- When a tunneled directory request is made to a directory server
|
||||
that's down, notice after 30 seconds rather than 120 seconds. Also,
|
||||
fail any begindir streams that are pending on it, so they can
|
||||
retry elsewhere. This was causing multi-minute delays on bootstrap.
|
||||
|
||||
|
||||
Changes in version 0.2.0.22-rc - 2008-03-18
|
||||
Tor 0.2.0.22-rc is the third release candidate for the 0.2.0 series. It
|
||||
enables encrypted directory connections by default for non-relays, fixes
|
||||
some broken TLS behavior we added in 0.2.0.20-rc, and resolves many
|
||||
other bugs. The bundles also include Vidalia 0.1.1 and Torbutton 1.1.17.
|
||||
|
||||
o Major features:
|
||||
- Enable encrypted directory connections by default for non-relays,
|
||||
so censor tools that block Tor directory connections based on their
|
||||
plaintext patterns will no longer work. This means Tor works in
|
||||
certain censored countries by default again.
|
||||
|
||||
o Major bugfixes:
|
||||
- Make sure servers always request certificates from clients during
|
||||
TLS renegotiation. Reported by lodger; bugfix on 0.2.0.20-rc.
|
||||
- Do not enter a CPU-eating loop when a connection is closed in
|
||||
the middle of client-side TLS renegotiation. Fixes bug 622. Bug
|
||||
diagnosed by lodger; bugfix on 0.2.0.20-rc.
|
||||
- Fix assertion failure that could occur when a blocked circuit
|
||||
became unblocked, and it had pending client DNS requests. Bugfix
|
||||
on 0.2.0.1-alpha. Fixes bug 632.
|
||||
|
||||
o Minor bugfixes (on 0.1.2.x):
|
||||
- Generate "STATUS_SERVER" events rather than misspelled
|
||||
"STATUS_SEVER" events. Caught by mwenge.
|
||||
- When counting the number of bytes written on a TLS connection,
|
||||
look at the BIO actually used for writing to the network, not
|
||||
at the BIO used (sometimes) to buffer data for the network.
|
||||
Looking at different BIOs could result in write counts on the
|
||||
order of ULONG_MAX. Fixes bug 614.
|
||||
- On Windows, correctly detect errors when listing the contents of
|
||||
a directory. Fix from lodger.
|
||||
|
||||
o Minor bugfixes (on 0.2.0.x):
|
||||
- Downgrade "sslv3 alert handshake failure" message to INFO.
|
||||
- If we set RelayBandwidthRate and RelayBandwidthBurst very high but
|
||||
left BandwidthRate and BandwidthBurst at the default, we would be
|
||||
silently limited by those defaults. Now raise them to match the
|
||||
RelayBandwidth* values.
|
||||
- Fix the SVK version detection logic to work correctly on a branch.
|
||||
- Make --enable-openbsd-malloc work correctly on Linux with alpha
|
||||
CPUs. Fixes bug 625.
|
||||
- Logging functions now check that the passed severity is sane.
|
||||
- Use proper log levels in the testsuite call of
|
||||
get_interface_address6().
|
||||
- When using a nonstandard malloc, do not use the platform values for
|
||||
HAVE_MALLOC_GOOD_SIZE or HAVE_MALLOC_USABLE_SIZE.
|
||||
- Make the openbsd malloc code use 8k pages on alpha CPUs and
|
||||
16k pages on ia64.
|
||||
- Detect mismatched page sizes when using --enable-openbsd-malloc.
|
||||
- Avoid double-marked-for-close warning when certain kinds of invalid
|
||||
.in-addr.arpa addresses are passed to the DNSPort. Part of a fix
|
||||
for bug 617. Bugfix on 0.2.0.1-alpha.
|
||||
- Make sure that the "NULL-means-reject *:*" convention is followed by
|
||||
all the policy manipulation functions, avoiding some possible crash
|
||||
bugs. Bug found by lodger. Bugfix on 0.2.0.16-alpha.
|
||||
- Fix the implementation of ClientDNSRejectInternalAddresses so that it
|
||||
actually works, and doesn't warn about every single reverse lookup.
|
||||
Fixes the other part of bug 617. Bugfix on 0.2.0.1-alpha.
|
||||
|
||||
o Minor features:
|
||||
- Only log guard node status when guard node status has changed.
|
||||
- Downgrade the 3 most common "INFO" messages to "DEBUG". This will
|
||||
make "INFO" 75% less verbose.
|
||||
|
||||
|
||||
Changes in version 0.2.0.21-rc - 2008-03-02
|
||||
Tor 0.2.0.21-rc is the second release candidate for the 0.2.0 series. It
|
||||
makes Tor work well with Vidalia again, fixes a rare assert bug,
|
||||
and fixes a pair of more minor bugs. The bundles also include Vidalia
|
||||
0.1.0 and Torbutton 1.1.16.
|
||||
|
||||
o Major bugfixes:
|
||||
- The control port should declare that it requires password auth
|
||||
when HashedControlSessionPassword is set too. Patch from Matt Edman;
|
||||
bugfix on 0.2.0.20-rc. Fixes bug 615.
|
||||
- Downgrade assert in connection_buckets_decrement() to a log message.
|
||||
This may help us solve bug 614, and in any case will make its
|
||||
symptoms less severe. Bugfix on 0.2.0.20-rc. Reported by fredzupy.
|
||||
- We were sometimes miscounting the number of bytes read from the
|
||||
network, causing our rate limiting to not be followed exactly.
|
||||
Bugfix on 0.2.0.16-alpha. Reported by lodger.
|
||||
|
||||
o Minor bugfixes:
|
||||
- Fix compilation with OpenSSL 0.9.8 and 0.9.8a. All other supported
|
||||
OpenSSL versions should have been working fine. Diagnosis and patch
|
||||
from lodger, Karsten Loesing and Sebastian Hahn. Fixes bug 616.
|
||||
Bugfix on 0.2.0.20-rc.
|
||||
|
||||
|
||||
Changes in version 0.2.0.20-rc - 2008-02-24
|
||||
|
@ -77,7 +685,8 @@ Changes in version 0.2.0.20-rc - 2008-02-24
|
|||
o Minor bugfixes (memory leaks and code problems):
|
||||
- We were leaking a file descriptor if Tor started with a zero-length
|
||||
cached-descriptors file. Patch by freddy77; bugfix on 0.1.2.
|
||||
- Detect size overflow in zlib code. Reported by Dan Kaminsky.
|
||||
- Detect size overflow in zlib code. Reported by Justin Ferguson and
|
||||
Dan Kaminsky.
|
||||
- We were comparing the raw BridgePassword entry with a base64'ed
|
||||
version of it, when handling a "/tor/networkstatus-bridges"
|
||||
directory request. Now compare correctly. Noticed by Veracode.
|
||||
|
|
5
LICENSE
5
LICENSE
|
@ -77,4 +77,9 @@ If you got Tor as a static binary with OpenSSL included, then you should know:
|
|||
"This product includes software developed by the OpenSSL Project
|
||||
for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||
===============================================================================
|
||||
"This program uses the IP-to-Country Database provided by
|
||||
WebHosting.Info (http://www.webhosting.info), available from
|
||||
http://ip-to-country.webhosting.info."
|
||||
See the src/config/geoip file in particular.
|
||||
===============================================================================
|
||||
|
||||
|
|
18
Makefile.am
18
Makefile.am
|
@ -26,14 +26,14 @@ dist-rpm:
|
|||
mkdir $$RPM_BUILD_DIR/$$subdir; \
|
||||
done; \
|
||||
mkdir $$RPM_BUILD_DIR/SOURCES/tor-$(VERSION); \
|
||||
cp -R ./ $$RPM_BUILD_DIR/SOURCES/tor-$(VERSION)/; \
|
||||
pushd $$RPM_BUILD_DIR/SOURCES/; \
|
||||
tar zcf tor-$(VERSION).tar.gz ./; \
|
||||
popd; \
|
||||
rpmbuild -ba --define "_topdir $$RPM_BUILD_DIR" tor.spec; \
|
||||
mv $$RPM_BUILD_DIR/SRPMS/* .; \
|
||||
mv $$RPM_BUILD_DIR/RPMS/* .; \
|
||||
rm -rf $$RPM_BUILD_DIR
|
||||
cp -R ./ $$RPM_BUILD_DIR/SOURCES/tor-$(VERSION)/; \
|
||||
pushd $$RPM_BUILD_DIR/SOURCES/; \
|
||||
tar zcf tor-$(VERSION).tar.gz ./; \
|
||||
popd; \
|
||||
LIBS=-lrt rpmbuild -ba --define "_topdir $$RPM_BUILD_DIR" tor.spec; \
|
||||
mv $$RPM_BUILD_DIR/SRPMS/* .; \
|
||||
mv $$RPM_BUILD_DIR/RPMS/* .; \
|
||||
rm -rf $$RPM_BUILD_DIR
|
||||
|
||||
|
||||
dist-osx:
|
||||
|
@ -61,6 +61,8 @@ doxygen:
|
|||
test:
|
||||
./src/or/test
|
||||
|
||||
dist: check
|
||||
|
||||
# Avoid strlcpy.c, strlcat.c, tree.h
|
||||
check-spaces:
|
||||
./contrib/checkSpace.pl -C \
|
||||
|
|
1050
ReleaseNotes
1050
ReleaseNotes
File diff suppressed because it is too large
Load Diff
15
acinclude.m4
15
acinclude.m4
|
@ -72,7 +72,12 @@ dnl against it.
|
|||
dnl
|
||||
dnl TOR_SEARCH_LIBRARY(1:libname, 2:IGNORED, 3:linkargs, 4:headers,
|
||||
dnl 5:prototype,
|
||||
dnl 6:code, 7:optionname, 8:searchextra)
|
||||
dnl 6:code, 7:IGNORED, 8:searchextra)
|
||||
dnl
|
||||
dnl Special variables:
|
||||
dnl ALT_{libname}_WITHVAL -- another possible value for --with-$1-dir.
|
||||
dnl Used to support renaming --with-ssl-dir to --with-openssl-dir
|
||||
dnl
|
||||
AC_DEFUN([TOR_SEARCH_LIBRARY], [
|
||||
try$1dir=""
|
||||
AC_ARG_WITH($1-dir,
|
||||
|
@ -82,6 +87,10 @@ AC_ARG_WITH($1-dir,
|
|||
try$1dir="$withval"
|
||||
fi
|
||||
])
|
||||
if test "x$try$1dir" = x && test "x$ALT_$1_WITHVAL" != x ; then
|
||||
try$1dir="$ALT_$1_WITHVAL"
|
||||
fi
|
||||
|
||||
tor_saved_LIBS="$LIBS"
|
||||
tor_saved_LDFLAGS="$LDFLAGS"
|
||||
tor_saved_CPPFLAGS="$CPPFLAGS"
|
||||
|
@ -129,7 +138,7 @@ AC_CACHE_CHECK([for $1 directory], tor_cv_library_$1_dir, [
|
|||
|
||||
if test "$tor_$1_dir_found" = no; then
|
||||
if test "$tor_$1_any_linkable" = no ; then
|
||||
AC_MSG_WARN([Could not find a linkable $1. If you have it installed somewhere unusal, you can specify an explicit path using $7])
|
||||
AC_MSG_WARN([Could not find a linkable $1. If you have it installed somewhere unusual, you can specify an explicit path using --with-$1-dir])
|
||||
TOR_WARN_MISSING_LIB($1, pkg)
|
||||
AC_MSG_ERROR([Missing libraries; unable to proceed.])
|
||||
else
|
||||
|
@ -178,7 +187,7 @@ if test "$cross_compiling" != yes; then
|
|||
done
|
||||
|
||||
if test "$runnable" = no; then
|
||||
AC_MSG_ERROR([Found linkable $1 in $tor_cv_library_$1_dir, but it does not seem to run, even with -R. Maybe specify another using $7}])
|
||||
AC_MSG_ERROR([Found linkable $1 in $tor_cv_library_$1_dir, but it does not seem to run, even with -R. Maybe specify another using --with-$1-dir}])
|
||||
fi
|
||||
LDFLAGS="$orig_LDFLAGS"
|
||||
]) dnl end cache check check for extra options.
|
||||
|
|
66
configure.in
66
configure.in
|
@ -5,7 +5,7 @@ dnl Copyright (c) 2007-2008, The Tor Project, Inc.
|
|||
dnl See LICENSE for licensing information
|
||||
|
||||
AC_INIT
|
||||
AM_INIT_AUTOMAKE(tor, 0.2.0.20-rc-dev)
|
||||
AM_INIT_AUTOMAKE(tor, 0.2.0.35)
|
||||
AM_CONFIG_HEADER(orconfig.h)
|
||||
|
||||
AC_CANONICAL_HOST
|
||||
|
@ -183,7 +183,18 @@ dnl -------------------------------------------------------------------
|
|||
dnl Check for functions before libevent, since libevent-1.2 apparently
|
||||
dnl exports strlcpy without defining it in a header.
|
||||
|
||||
AC_CHECK_FUNCS(gettimeofday ftime socketpair uname inet_aton strptime getrlimit strlcat strlcpy strtoull ftello getaddrinfo localtime_r gmtime_r memmem strtok_r inet_pton inet_ntop mallinfo malloc_good_size malloc_usable_size)
|
||||
AC_CHECK_FUNCS(gettimeofday ftime socketpair uname inet_aton strptime getrlimit strlcat strlcpy strtoull ftello getaddrinfo localtime_r gmtime_r memmem strtok_r inet_pton inet_ntop)
|
||||
|
||||
using_custom_malloc=no
|
||||
if test x$enable_openbsd_malloc = xyes ; then
|
||||
using_custom_malloc=yes
|
||||
fi
|
||||
if test x$tcmalloc = xyes ; then
|
||||
using_custom_malloc=yes
|
||||
fi
|
||||
if test $using_custom_malloc = no ; then
|
||||
AC_CHECK_FUNCS(mallinfo malloc_good_size malloc_usable_size)
|
||||
fi
|
||||
|
||||
if test "$enable_threads" = "yes"; then
|
||||
AC_CHECK_HEADERS(pthread.h)
|
||||
|
@ -220,18 +231,30 @@ tor_libevent_devpkg_redhat="libevent-devel"
|
|||
tor_libevent_devpkg_debian="libevent-dev"
|
||||
|
||||
TOR_SEARCH_LIBRARY(libevent, $trylibeventdir, [-levent $TOR_LIB_WS32], [
|
||||
#ifdef WIN32
|
||||
#include <winsock2.h>
|
||||
#endif
|
||||
#include <stdlib.h>
|
||||
#include <sys/time.h>
|
||||
#include <sys/types.h>
|
||||
#include <event.h>], [void exit(int); void *event_init(void);],
|
||||
[event_init(); exit(0);], [--with-libevent-dir], [/opt/libevent])
|
||||
#include <event.h>], [
|
||||
#ifdef WIN32
|
||||
#include <winsock2.h>
|
||||
#endif
|
||||
void exit(int); void *event_init(void);],
|
||||
[
|
||||
#ifdef WIN32
|
||||
{WSADATA d; WSAStartup(0x101,&d); }
|
||||
#endif
|
||||
event_init(); exit(0);
|
||||
], [--with-libevent-dir], [/opt/libevent])
|
||||
|
||||
dnl Now check for particular libevent functions.
|
||||
save_LIBS="$LIBS"
|
||||
save_LDFLAGS="$LDFLAGS"
|
||||
save_CPPFLAGS="$CPPFLAGS"
|
||||
LIBS="-levent $TOR_LIB_WS32 $LIBS"
|
||||
LDFLAGS="$TOR_LDFLAGS_libevent $LIBS"
|
||||
LDFLAGS="$TOR_LDFLAGS_libevent $LDFLAGS"
|
||||
CPPFLAGS="$TOR_CPPFLAGS_libevent $CPPFLAGS"
|
||||
AC_CHECK_FUNCS(event_get_version event_get_method event_set_log_callback)
|
||||
LIBS="$save_LIBS"
|
||||
|
@ -246,10 +269,19 @@ tor_openssl_pkg_debian="libssl"
|
|||
tor_openssl_devpkg_redhat="openssl-devel"
|
||||
tor_openssl_devpkg_debian="libssl-dev"
|
||||
|
||||
ALT_openssl_WITHVAL=""
|
||||
AC_ARG_WITH(ssl-dir,
|
||||
[ --with-ssl-dir=PATH Obsolete alias for --with-openssl-dir ],
|
||||
[
|
||||
if test "x$withval" != xno && test "x$withval" != "x" ; then
|
||||
ALT_openssl_WITHVAL="$withval"
|
||||
fi
|
||||
])
|
||||
|
||||
TOR_SEARCH_LIBRARY(openssl, $tryssldir, [-lssl -lcrypto $TOR_LIB_GDI],
|
||||
[#include <openssl/rand.h>],
|
||||
[void RAND_add(const void *buf, int num, double entropy);],
|
||||
[RAND_add((void*)0,0,0); exit(0);], [--with-ssl-dir],
|
||||
[RAND_add((void*)0,0,0); exit(0);], [],
|
||||
[/usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/athena /opt/openssl])
|
||||
|
||||
dnl XXXX check for OPENSSL_VERSION_NUMBER == SSLeay()
|
||||
|
@ -272,13 +304,13 @@ dnl Make sure to enable support for large off_t if available.
|
|||
|
||||
AC_SYS_LARGEFILE
|
||||
|
||||
AC_CHECK_HEADERS(unistd.h string.h signal.h ctype.h sys/stat.h sys/types.h fcntl.h sys/fcntl.h sys/time.h errno.h assert.h time.h, , AC_MSG_WARN(Some headers were not found, compilation may fail. If compilation succeeds, please send your orconfig.h to the developers so we can fix this warning.))
|
||||
AC_CHECK_HEADERS(unistd.h string.h signal.h sys/stat.h sys/types.h fcntl.h sys/fcntl.h sys/time.h errno.h assert.h time.h, , AC_MSG_WARN(Some headers were not found, compilation may fail. If compilation succeeds, please send your orconfig.h to the developers so we can fix this warning.))
|
||||
|
||||
AC_CHECK_HEADERS(netdb.h sys/ioctl.h sys/socket.h arpa/inet.h netinet/in.h pwd.h grp.h sys/un.h)
|
||||
|
||||
dnl These headers are not essential
|
||||
|
||||
AC_CHECK_HEADERS(stdint.h sys/types.h inttypes.h sys/param.h sys/wait.h limits.h sys/limits.h netinet/in.h arpa/inet.h machine/limits.h syslog.h sys/time.h sys/resource.h inttypes.h utime.h sys/utime.h sys/mman.h netintet/in.h netinet/in6.h malloc.h sys/syslimits.h malloc/malloc.h)
|
||||
AC_CHECK_HEADERS(stdint.h sys/types.h inttypes.h sys/param.h sys/wait.h limits.h sys/limits.h netinet/in.h arpa/inet.h machine/limits.h syslog.h sys/time.h sys/resource.h inttypes.h utime.h sys/utime.h sys/mman.h netinet/in6.h malloc.h sys/syslimits.h malloc/malloc.h linux/types.h)
|
||||
|
||||
TOR_CHECK_PROTOTYPE(malloc_good_size, HAVE_MALLOC_GOOD_SIZE_PROTOTYPE,
|
||||
[#ifdef HAVE_MALLOC_H
|
||||
|
@ -312,6 +344,18 @@ AC_CHECK_HEADERS(linux/netfilter_ipv4.h,
|
|||
#endif
|
||||
#ifdef HAVE_SYS_SOCKET_H
|
||||
#include <sys/socket.h>
|
||||
#endif
|
||||
#ifdef HAVE_LIMITS_H
|
||||
#include <limits.h>
|
||||
#endif
|
||||
#ifdef HAVE_LINUX_TYPES_H
|
||||
#include <linux/types.h>
|
||||
#endif
|
||||
#ifdef HAVE_NETINET_IN6_H
|
||||
#include <netinet/in6.h>
|
||||
#endif
|
||||
#ifdef HAVE_NETINET_IN_H
|
||||
#include <netinet/in.h>
|
||||
#endif])
|
||||
|
||||
if test x$transparent = xtrue ; then
|
||||
|
@ -572,6 +616,9 @@ syslog_facility="$withval", syslog_facility="LOG_DAEMON")
|
|||
AC_DEFINE_UNQUOTED(LOGFACILITY,$syslog_facility,[name of the syslog facility])
|
||||
AC_SUBST(LOGFACILITY)
|
||||
|
||||
# Check if we have getresuid and getresgid
|
||||
AC_CHECK_FUNCS(getresuid getresgid)
|
||||
|
||||
# Check for gethostbyname_r in all its glorious incompatible versions.
|
||||
# (This logic is based on that in Python's configure.in)
|
||||
AH_TEMPLATE(HAVE_GETHOSTBYNAME_R,
|
||||
|
@ -729,7 +776,8 @@ if test x$enable_gcc_warnings = xyes; then
|
|||
# These warnings break gcc 4.0.2 and work on gcc 4.2
|
||||
# XXXX020 Use -fstack-protector.
|
||||
# XXXX020 See if any of these work with earlier versions.
|
||||
CFLAGS="$CFLAGS -Waddress -Wmissing-noreturn -Wnormalized=id -Woverride-init -Wstrict-overflow=5"
|
||||
CFLAGS="$CFLAGS -Waddress -Wmissing-noreturn -Wnormalized=id -Woverride-init -Wstrict-overflow=1"
|
||||
# We used to use -Wstrict-overflow=5, but that breaks us heavily under 4.3.
|
||||
fi
|
||||
|
||||
if test x$have_shorten64_flag = xyes ; then
|
||||
|
|
|
@ -3,7 +3,7 @@ DIST_SUBDIRS = osx suse
|
|||
|
||||
confdir = $(sysconfdir)/tor
|
||||
|
||||
EXTRA_DIST = exitlist tor-tsocks.conf torify.1 tor.nsi.in tor.sh torctl rc.subr cross.sh tor-mingw.nsi.in package_nsis-mingw.sh tor.ico tor-ctrl.sh
|
||||
EXTRA_DIST = exitlist tor-tsocks.conf torify.1 tor.nsi.in tor.sh torctl rc.subr cross.sh tor-mingw.nsi.in package_nsis-mingw.sh tor.ico tor-ctrl.sh linux-tor-prio.sh tor-exit-notice.html
|
||||
|
||||
conf_DATA = tor-tsocks.conf
|
||||
|
||||
|
|
|
@ -55,9 +55,10 @@ while (<F>) {
|
|||
if ($considerNextLine and
|
||||
m!^\\fB([A-Za-z0-9_]+)!) {
|
||||
$manPageOptions{lc $1} = 1;
|
||||
next;
|
||||
}
|
||||
|
||||
if (m!^\.(?:SH|TP)!) {
|
||||
if (m!^\.(?:SH|TP|PP)!) {
|
||||
$considerNextLine = 1; next;
|
||||
} else {
|
||||
$considerNextLine = 0;
|
||||
|
|
|
@ -1,14 +1,55 @@
|
|||
#!/bin/bash
|
||||
# Written by Marco Bonetti & Mike Perry
|
||||
# Based on instructions from Dan Singletary's ADSL Bandwidth Management HOWTO
|
||||
# Based on instructions from Dan Singletary's ADSL BW Management HOWTO:
|
||||
# http://www.faqs.org/docs/Linux-HOWTO/ADSL-Bandwidth-Management-HOWTO.html
|
||||
# This script is Public Domain.
|
||||
|
||||
############################### README #################################
|
||||
|
||||
# This script provides prioritization of Tor traffic below other
|
||||
# traffic on a Linux server. It has two modes of operation: UID based
|
||||
# and IP based. The UID based method requires that Tor be launched from
|
||||
# a specific user ID. The "User" Tor config setting is
|
||||
# insufficient, as it sets the UID after the socket is created.
|
||||
# Here is a three line C wrapper you can use to execute Tor and drop
|
||||
# privs to UID 501 before it creates any sockets. Change the UID
|
||||
# to the UID for your tor server user, and compile with
|
||||
# 'gcc tor_wrap.c -o tor_wrap':
|
||||
|
||||
# #include <unistd.h>
|
||||
# int main(int argc, char **argv) {
|
||||
# if(setresuid(501, 501, 501) == -1) { perror("setresuid"); return 1; }
|
||||
# execl("/bin/tor", "/bin/tor", "-f", "/etc/tor/torrc", NULL);
|
||||
# perror("execl"); return 1;
|
||||
# }
|
||||
|
||||
# The IP setting requires that a separate IP address be dedicated to Tor.
|
||||
# Your Torrc should be set to bind to this IP for "OutboundBindAddress",
|
||||
# "ListenAddress", and "Address".
|
||||
|
||||
# You should also tune the individual connection rate parameters below
|
||||
# to your individual connection. In particular, you should leave *some*
|
||||
# minimum amount of bandwidth for Tor, so that Tor users are not
|
||||
# completely choked out when you use your server's bandwidth. 30% is
|
||||
# probably a polite choice.
|
||||
|
||||
# To start the shaping, run it as:
|
||||
# ./linux-tor-prio.sh
|
||||
|
||||
# To get status information (useful to verify packets are getting marked
|
||||
# and prioritized), run:
|
||||
# ./linux-tor-prio.sh status
|
||||
|
||||
# And to stop prioritization:
|
||||
# ./linux-tor-prio.sh stop
|
||||
|
||||
########################################################################
|
||||
|
||||
# BEGIN USER TUNABLE PARAMETERS
|
||||
|
||||
DEV=eth0
|
||||
|
||||
# NOTE! You must START Tor under this UID. Using the Tor User/Group
|
||||
# NOTE! You must START Tor under this UID. Using the Tor User
|
||||
# config setting is NOT sufficient.
|
||||
TOR_UID=$(id -u tor)
|
||||
|
||||
|
@ -27,7 +68,10 @@ RTT_LATENCY=40
|
|||
RATE_UP=5000
|
||||
|
||||
# RATE_UP_TOR is the minimum speed your Tor connections will have.
|
||||
# They will have at least this much bandwidth for upload
|
||||
# They will have at least this much bandwidth for upload. In general,
|
||||
# you probably shouldn't set this too low, or else Tor users who use
|
||||
# your node will be completely choked out whenever your machine
|
||||
# does any other network activity. That is not very fun.
|
||||
RATE_UP_TOR=1500
|
||||
|
||||
# RATE_UP_TOR_CEIL is the maximum rate allowed for all Tor trafic
|
||||
|
@ -38,7 +82,7 @@ CHAIN=OUTPUT
|
|||
#CHAIN=POSTROUTING
|
||||
|
||||
MTU=1500
|
||||
AVG_PKT=900
|
||||
AVG_PKT=900 # should be more like 600 for non-exit nodes
|
||||
|
||||
# END USER TUNABLE PARAMETERS
|
||||
|
||||
|
|
|
@ -25,15 +25,16 @@ if [ -x /usr/bin/sw_vers ]; then
|
|||
# the OS version
|
||||
OSVER=`/usr/bin/sw_vers | grep ProductVersion | cut -f2 | cut -d"." -f1,2`
|
||||
case "$OSVER" in
|
||||
"10.5") OS="leopard" ARCH="universal";;
|
||||
"10.4") OS="tiger" ARCH="universal";;
|
||||
"10.3") OS="panther" ARCH="ppc";;
|
||||
"10.2") OS="jaguar" ARCH="ppc";;
|
||||
"10.1") OS="puma" ARCH="ppc";;
|
||||
"10.0") OS="cheetah" ARCH="ppc";;
|
||||
"10.6") ARCH="universal";;
|
||||
"10.5") ARCH="universal";;
|
||||
"10.4") ARCH="universal";;
|
||||
"10.3") ARCH="ppc";;
|
||||
"10.2") ARCH="ppc";;
|
||||
"10.1") ARCH="ppc";;
|
||||
"10.0") ARCH="ppc";;
|
||||
esac
|
||||
else
|
||||
OS="unknown"
|
||||
ARCH="unknown"
|
||||
fi
|
||||
|
||||
if [ $ARCH != "universal" ]; then
|
||||
|
|
|
@ -8,7 +8,7 @@
|
|||
<string>Tor Bundle @VERSION@</string>
|
||||
<key>CFBundleIdentifier</key>
|
||||
<string>net.freehaven.torbundle</string>
|
||||
<key>CFBundleSortVersionString</key>
|
||||
<key>CFBundleShortVersionString</key>
|
||||
<string>@VERSION@</string>
|
||||
<key>IFPkgFlagComponentDirectory</key>
|
||||
<string>../.contained_packages</string>
|
||||
|
@ -20,30 +20,12 @@
|
|||
<key>IFPkgFlagPackageSelection</key>
|
||||
<string>required</string>
|
||||
</dict>
|
||||
<dict>
|
||||
<key>IFPkgFlagPackageLocation</key>
|
||||
<string>Privoxy.pkg</string>
|
||||
<key>IFPkgFlagPackageSelection</key>
|
||||
<string>selected</string>
|
||||
</dict>
|
||||
<dict>
|
||||
<key>IFPkgFlagPackageLocation</key>
|
||||
<string>privoxyconf.pkg</string>
|
||||
<key>IFPkgFlagPackageSelection</key>
|
||||
<string>selected</string>
|
||||
</dict>
|
||||
<dict>
|
||||
<key>IFPkgFlagPackageLocation</key>
|
||||
<string>torstartup.pkg</string>
|
||||
<key>IFPkgFlagPackageSelection</key>
|
||||
<string>selected</string>
|
||||
</dict>
|
||||
<dict>
|
||||
<key>IFPkgFlagPackageLocation</key>
|
||||
<string>torbutton.pkg</string>
|
||||
<key>IFPkgFlagPackageSelection</key>
|
||||
<string>selected</string>
|
||||
</dict>
|
||||
</array>
|
||||
<key>IFPkgFormatVersion</key>
|
||||
<real>0.10000000149011612</real>
|
||||
|
|
|
@ -8,7 +8,7 @@
|
|||
<string>Tor @VERSION@</string>
|
||||
<key>CFBundleName</key>
|
||||
<string>Tor</string>
|
||||
<key>CFBundleSortVersionString</key>
|
||||
<key>CFBundleShortVersionString</key>
|
||||
<string>@VERSION@</string>
|
||||
<key>IFPkgFlagAllowBackRev</key>
|
||||
<true/>
|
||||
|
|
|
@ -46,7 +46,7 @@ TORGROUP=daemon
|
|||
TARGET=$2/Library/Tor
|
||||
TORDIR=$TARGET/var/lib/tor
|
||||
LOGFILE=/var/log/tor.log
|
||||
TORBUTTON_VERSION="1.1.11-alpha"
|
||||
TORBUTTON_VERSION="1.2.0-fx"
|
||||
|
||||
# Check defaults for TARGET
|
||||
if [ "$TARGET" == "//Library/Tor" ]; then
|
||||
|
@ -77,6 +77,11 @@ if [ ! -f $TARGET/torrc ]; then
|
|||
cp $TARGET/torrc.sample $TARGET/torrc
|
||||
fi
|
||||
|
||||
# Put the geoip database into the datadir
|
||||
if [ ! -f $TORDIR/geoip ]; then
|
||||
cp $PACKAGE_PATH/Contents/Resources/geoip $TORDIR/geoip
|
||||
fi
|
||||
|
||||
# Ensure symbolic links
|
||||
cd /usr/bin
|
||||
if [ -e /usr/bin/tor -a ! -L /usr/bin/tor ]; then
|
||||
|
@ -121,18 +126,11 @@ if [ -d /Library/StartupItems/Tor ]; then
|
|||
echo "$TARGET" > /Library/StartupItems/Tor/Tor.loc
|
||||
fi
|
||||
|
||||
# This only works if the user installing us is an Admin user.
|
||||
# Otherwise, this will silently fail to install torbutton in firefox.
|
||||
if [ -f /Applications/Firefox.app/Contents/MacOS/firefox ]; then
|
||||
if [ -f $TARGET/torbutton-$TORBUTTON_VERSION.xpi ]; then
|
||||
/Applications/Firefox.app/Contents/MacOS/firefox -install-global-extension $TARGET/torbutton-$TORBUTTON_VERSION.xpi
|
||||
# The following is a kludge to get around the fact that the installer
|
||||
# runs as root. This means the Torbutton extension will install with
|
||||
# root permissions; thereby making uninstalling Torbutton from inside
|
||||
# Firefox impossible. The user will be caught in an endless loop of
|
||||
# uninstall -> automatic re-installation of Torbutton. The OSX
|
||||
# installer doesn't tell you the owner of Firefox, therefore we have to
|
||||
# parse it.
|
||||
USR=`ls -alrt /Applications/Firefox.app/Contents/MacOS/extensions/ | tail -1 | awk '{print $3}'`
|
||||
GRP=`ls -alrt /Applications/Firefox.app/Contents/MacOS/extensions/ | tail -1 | awk '{print $4}'`
|
||||
chown -R $USR:$GRP /Applications/Firefox.app/Contents/MacOS/extensions/
|
||||
if [ -f /Library/Torbutton/torbutton-$TORBUTTON_VERSION.xpi ]; then
|
||||
# Open firefox with a prompt to install the torbutton xpi
|
||||
su $USER open -a /Applications/Firefox.app /Library/Torbutton/torbutton-$TORBUTTON_VERSION.xpi
|
||||
fi
|
||||
fi
|
||||
|
|
|
@ -8,7 +8,7 @@
|
|||
<string>Tor Startup Script</string>
|
||||
<key>CFBundleName</key>
|
||||
<string>Tor Startup Script</string>
|
||||
<key>CFBundleSortVersionString</key>
|
||||
<key>CFBundleShortVersionString</key>
|
||||
<string>0.1</string>
|
||||
<key>IFPkgFlagAllowBackRev</key>
|
||||
<true/>
|
||||
|
|
|
@ -0,0 +1,26 @@
|
|||
<?xml version=\"1.0\" encoding=\"UTF-8\"?>
|
||||
<!DOCTYPE plist PUBLIC \"-//Apple Computer//DTD PLIST 1.0//EN\"
|
||||
\"http://www.apple.com/DTDs/PropertyList-1.0.dtd\">
|
||||
<plist version=\"1.0\">
|
||||
<dict>
|
||||
<key>Label</key>
|
||||
<string>org.torproject.tor</string>
|
||||
<key>ProgramArguments</key>
|
||||
<array>
|
||||
<string>/usr/bin/tor</string>
|
||||
<string>-f</string>
|
||||
<string>/Library/Tor/torrc</string>
|
||||
</array>
|
||||
<key>RunAtLoad</key>
|
||||
<true/>
|
||||
<key>OnDemand</key>
|
||||
<false/>
|
||||
|
||||
<key>UserName</key>
|
||||
<string>_tor</string>
|
||||
<key>GroupName</key>
|
||||
<string>daemon</string>
|
||||
|
||||
</dict>
|
||||
|
||||
</plist>
|
|
@ -2,14 +2,12 @@
|
|||
# $Id$
|
||||
# Copyright 2004-2005 Nick Mathewson.
|
||||
# Copyright 2005-2007 Andrew Lewman
|
||||
# Copyright 2008 The Tor Project
|
||||
# See LICENSE in Tor distribution for licensing information.
|
||||
|
||||
# This script builds a Macintosh OS X metapackage containing 4 packages:
|
||||
# This script builds a Macintosh OS X metapackage containing 2 packages:
|
||||
# - One for Tor.
|
||||
# - One for Privoxy.
|
||||
# - One for a tor-specific privoxy configuration script.
|
||||
# - One for Startup scripts for Tor.
|
||||
# - One for Torbutton, an extension for FireFox
|
||||
#
|
||||
# This script expects to be run from the toplevel makefile, with VERSION
|
||||
# set to the latest Tor version, and Tor already built.
|
||||
|
@ -18,22 +16,13 @@
|
|||
# Read the documentation located in tor/doc/tor-osx-dmg-creation.txt on
|
||||
# how to build Tor for OSX
|
||||
|
||||
# Where have we put the zip file containing Privoxy? Edit this if your
|
||||
# privoxy lives somewhere else.
|
||||
PRIVOXY_PKG_ZIP=~/tmp/privoxyosx_setup_3.0.6.zip
|
||||
|
||||
# Where have we put the xpi and license for Torbutton? Edit this if your
|
||||
# torbutton and torbutton license live somewhere else.
|
||||
TORBUTTON_PATH=~/tmp/torbutton-1.1.14-alpha.xpi
|
||||
TORBUTTON_LIC_PATH=~/tmp/LICENSE
|
||||
|
||||
###
|
||||
# Helpful info on OS X packaging:
|
||||
# http://developer.apple.com/documentation/DeveloperTools/Conceptual/SoftwareDistribution/index.html
|
||||
# man packagemaker
|
||||
|
||||
# Make sure VERSION is set, so we don't name the package
|
||||
# "Tor--$OS-$ARCH-Bundle.dmg"
|
||||
# "Tor--$ARCH-Bundle.dmg"
|
||||
if [ "XX$VERSION" = 'XX' ]; then
|
||||
echo "VERSION not set."
|
||||
exit 1
|
||||
|
@ -46,16 +35,17 @@ if [ -x /usr/bin/sw_vers ]; then
|
|||
# the OS version
|
||||
OSVER=`/usr/bin/sw_vers | grep ProductVersion | cut -f2 | cut -d"." -f1,2`
|
||||
case "$OSVER" in
|
||||
"10.5") OS="leopard" ARCH="universal";;
|
||||
"10.4") OS="tiger" ARCH="universal";;
|
||||
"10.3") OS="panther" ARCH="ppc";;
|
||||
"10.2") OS="jaguar" ARCH="ppc";;
|
||||
"10.1") OS="puma" ARCH="ppc";;
|
||||
"10.0") OS="cheetah" ARCH="ppc";;
|
||||
*) OS="unknown";;
|
||||
"10.6") ARCH="universal";;
|
||||
"10.5") ARCH="universal";;
|
||||
"10.4") ARCH="universal";;
|
||||
"10.3") ARCH="ppc";;
|
||||
"10.2") ARCH="ppc";;
|
||||
"10.1") ARCH="ppc";;
|
||||
"10.0") ARCH="ppc";;
|
||||
*) ARCH="unknown";;
|
||||
esac
|
||||
else
|
||||
OS="unknown"
|
||||
ARCH="unknown"
|
||||
fi
|
||||
|
||||
# Where will we put our temporary files?
|
||||
|
@ -71,9 +61,7 @@ sudo rm -rf $BUILD_DIR
|
|||
mkdir $BUILD_DIR || exit 1
|
||||
for subdir in tor_packageroot tor_resources \
|
||||
torstartup_packageroot \
|
||||
privoxyconf_packageroot \
|
||||
torbundle_resources \
|
||||
torbutton_packageroot \
|
||||
output; do
|
||||
mkdir $BUILD_DIR/$subdir
|
||||
done
|
||||
|
@ -81,9 +69,7 @@ done
|
|||
### Make Tor package.
|
||||
|
||||
make install DESTDIR=$BUILD_DIR/tor_packageroot
|
||||
#mv $BUILD_DIR/tor_packageroot/Library/Tor/torrc.sample $BUILD_DIR/tor_packageroot/Library/Tor/torrc
|
||||
cp contrib/osx/ReadMe.rtf $BUILD_DIR/tor_resources
|
||||
#cp contrib/osx/License.rtf $BUILD_DIR/tor_resources
|
||||
chmod 755 contrib/osx/TorPostflight
|
||||
cp contrib/osx/TorPostflight $BUILD_DIR/tor_resources/postflight
|
||||
cp contrib/osx/addsysuser $BUILD_DIR/tor_resources/addsysuser
|
||||
|
@ -91,6 +77,7 @@ cp contrib/osx/Tor_Uninstaller.applescript $BUILD_DIR/tor_resources/Tor_Uninstal
|
|||
cp contrib/osx/uninstall_tor_bundle.sh $BUILD_DIR/tor_resources/uninstall_tor_bundle.sh
|
||||
cp contrib/osx/package_list.txt $BUILD_DIR/tor_resources/package_list.txt
|
||||
cp contrib/osx/tor_logo.gif $BUILD_DIR/tor_resources/background.gif
|
||||
cp src/config/geoip $BUILD_DIR/tor_resources/geoip
|
||||
cat <<EOF > $BUILD_DIR/tor_resources/Welcome.txt
|
||||
Tor: an anonymous Internet communication system
|
||||
|
||||
|
@ -103,12 +90,6 @@ EOF
|
|||
DOC=$BUILD_DIR/tor_resources/documents
|
||||
mkdir $DOC
|
||||
mkdir $DOC/howto
|
||||
#cp doc/website/stylesheet.css doc/website/tor-doc-osx.html.* $DOC/howto
|
||||
#cp doc/website/tor-doc-server.html.* $DOC/howto
|
||||
#cp doc/website/tor-hidden-service.html.* $DOC/howto
|
||||
#cp doc/website/tor-switchproxy.html.* $DOC/howto
|
||||
#mkdir $DOC/img
|
||||
#cp doc/img/screenshot-osx* $DOC/img
|
||||
cp AUTHORS $DOC/AUTHORS.txt
|
||||
groff doc/tor.1.in -T ps -m man | pstopdf -i -o $DOC/tor-reference.pdf
|
||||
groff doc/tor-resolve.1 -T ps -m man | pstopdf -i -o $DOC/tor-resolve.pdf
|
||||
|
@ -134,18 +115,6 @@ $PACKAGEMAKER -build \
|
|||
-i contrib/osx/TorInfo.plist \
|
||||
-d contrib/osx/TorDesc.plist
|
||||
|
||||
### Put privoxy configuration package in place.
|
||||
mkdir -p $BUILD_DIR/privoxyconf_packageroot/Library/Privoxy
|
||||
cp contrib/osx/privoxy.config $BUILD_DIR/privoxyconf_packageroot/Library/Privoxy/config
|
||||
|
||||
find $BUILD_DIR/privoxyconf_packageroot -print0 |sudo xargs -0 chown root:wheel
|
||||
|
||||
$PACKAGEMAKER -build \
|
||||
-p $BUILD_DIR/output/privoxyconf.pkg \
|
||||
-f $BUILD_DIR/privoxyconf_packageroot \
|
||||
-i contrib/osx/PrivoxyConfInfo.plist \
|
||||
-d contrib/osx/PrivoxyConfDesc.plist
|
||||
|
||||
### Make Startup Script package
|
||||
|
||||
mkdir -p $BUILD_DIR/torstartup_packageroot/Library/StartupItems/Tor
|
||||
|
@ -160,55 +129,35 @@ $PACKAGEMAKER -build \
|
|||
-i contrib/osx/TorStartupInfo.plist \
|
||||
-d contrib/osx/TorStartupDesc.plist
|
||||
|
||||
### Make Torbutton Installation package
|
||||
|
||||
mkdir -p $BUILD_DIR/torbutton_packageroot/Library/Torbutton
|
||||
cp $TORBUTTON_PATH $BUILD_DIR/torbutton_packageroot/Library/Torbutton/
|
||||
cp $TORBUTTON_LIC_PATH $BUILD_DIR/torbutton_packageroot/Library/Torbutton/Torbutton-LICENSE.txt
|
||||
|
||||
find $BUILD_DIR/torbutton_packageroot -print0 | sudo xargs -0 chown root:wheel
|
||||
|
||||
$PACKAGEMAKER -build \
|
||||
-p $BUILD_DIR/output/torbutton.pkg \
|
||||
-f $BUILD_DIR/torbutton_packageroot \
|
||||
-i contrib/osx/TorbuttonInfo.plist \
|
||||
-d contrib/osx/TorbuttonDesc.plist
|
||||
|
||||
### Assemble the metapackage. Packagemaker won't buld metapackages from
|
||||
# the command line, so we need to do it by hand.
|
||||
|
||||
MPKG=$BUILD_DIR/output/Tor-$VERSION-$OS-$ARCH-Bundle.mpkg
|
||||
MPKG=$BUILD_DIR/output/Tor-$VERSION-$ARCH-Bundle.mpkg
|
||||
mkdir -p "$MPKG/Contents/Resources"
|
||||
echo -n "pmkrpkg1" > "$MPKG/Contents/PkgInfo"
|
||||
cp contrib/osx/ReadMe.rtf "$MPKG/Contents/Resources"
|
||||
#cp contrib/osx/License.rtf "$MPKG/Contents/Resources"
|
||||
cp contrib/osx/TorBundleInfo.plist "$MPKG/Contents/Info.plist"
|
||||
cp contrib/osx/TorBundleWelcome.rtf "$MPKG/Contents/Resources/Welcome.rtf"
|
||||
cp contrib/osx/TorBundleDesc.plist "$MPKG/Contents/Resources/Description.plist"
|
||||
cp contrib/osx/tor_logo.gif "$MPKG/Contents/Resources/background.gif"
|
||||
|
||||
# Move all the subpackages into place. unzip Privoxy.pkg into place,
|
||||
# and fix its file permissions so we can rm -rf it later.
|
||||
# Move all the subpackages into place.
|
||||
mkdir $BUILD_DIR/output/.contained_packages
|
||||
mv $BUILD_DIR/output/*.pkg $BUILD_DIR/OUTPUT/.contained_packages
|
||||
( cd $BUILD_DIR/output/.contained_packages && unzip $PRIVOXY_PKG_ZIP && find Privoxy.pkg -type d -print0 | xargs -0 chmod u+w )
|
||||
( cd $BUILD_DIR/output/.contained_packages )
|
||||
|
||||
### Copy readmes and licenses into toplevel.
|
||||
PRIVOXY_RESDIR=$BUILD_DIR/output/.contained_packages/Privoxy.pkg/Contents/Resources
|
||||
cp $PRIVOXY_RESDIR/License.html $BUILD_DIR/output/Privoxy\ License.html
|
||||
cp $PRIVOXY_RESDIR/ReadMe.txt $BUILD_DIR/output/Privoxy\ ReadMe.txt
|
||||
cp contrib/osx/ReadMe.rtf $BUILD_DIR/output/Tor\ ReadMe.rtf
|
||||
cp LICENSE $BUILD_DIR/output/Tor\ License.txt
|
||||
cp $TORBUTTON_LIC_PATH $BUILD_DIR/output/Torbutton_LICENSE.txt
|
||||
|
||||
### Package it all into a DMG
|
||||
|
||||
find $BUILD_DIR/output -print0 | sudo xargs -0 chown root:wheel
|
||||
|
||||
mv $BUILD_DIR/output "$BUILD_DIR/Tor-$VERSION-$OS-$ARCH-Bundle"
|
||||
rm -f "Tor-$VERSION-$OS-$ARCH-Bundle.dmg"
|
||||
mv $BUILD_DIR/output "$BUILD_DIR/Tor-$VERSION-$ARCH-Bundle"
|
||||
rm -f "Tor-$VERSION-$ARCH-Bundle.dmg"
|
||||
USER="`whoami`"
|
||||
sudo hdiutil create -format UDZO -srcfolder "$BUILD_DIR/Tor-$VERSION-$OS-$ARCH-Bundle" "Tor-$VERSION-$OS-$ARCH-Bundle.dmg"
|
||||
sudo chown "$USER" "Tor-$VERSION-$OS-$ARCH-Bundle.dmg"
|
||||
sudo hdiutil create -format UDZO -imagekey zlib-level=9 -srcfolder "$BUILD_DIR/Tor-$VERSION-$ARCH-Bundle" "Tor-$VERSION-$ARCH-Bundle.dmg"
|
||||
sudo chown "$USER" "Tor-$VERSION-$ARCH-Bundle.dmg"
|
||||
|
||||
sudo rm -rf $BUILD_DIR
|
||||
|
|
|
@ -31,7 +31,7 @@
|
|||
|
||||
### this is the location of a file which contains all the actual package names
|
||||
## (ie "Tor", "torstartup", ...) the list should be new-line-delimited.
|
||||
PACKAGE_LIST_SRC=./package_list.txt
|
||||
PACKAGE_LIST_SRC=/Library/Tor/package_list.txt
|
||||
|
||||
### this is the name of the user created in the install process of Tor
|
||||
TOR_USER=_tor
|
||||
|
|
|
@ -4,6 +4,7 @@
|
|||
# package_nsis-ming.sh is distributed under this license:
|
||||
|
||||
# Copyright (c) 2006-2007 Andrew Lewman
|
||||
# Copyright (c) 2008 The Tor Project, Inc.
|
||||
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
# modification, are permitted provided that the following conditions are
|
||||
|
@ -56,9 +57,7 @@ mkdir win_tmp/tmp
|
|||
cp src/or/tor.exe win_tmp/bin/
|
||||
cp src/tools/tor-resolve.exe win_tmp/bin/
|
||||
cp contrib/tor.ico win_tmp/bin/
|
||||
|
||||
# YOU must copy torbutton xpi into the contrib dir
|
||||
#cp contrib/torbutton-1.0.4-fx+tb.xpi win_tmp/bin/
|
||||
cp src/config/geoip win_tmp/bin/
|
||||
|
||||
# There is no man2html in mingw.
|
||||
# Maybe we should add this into make dist instead.
|
||||
|
|
|
@ -14,7 +14,6 @@
|
|||
# tor_conf (str): Points to your tor conf file
|
||||
# Default: /usr/local/etc/tor/torrc
|
||||
# tor_user (str): Tor Daemon user. Default _tor
|
||||
# tor_groupr (str): Tor Daemon group. Default _tor
|
||||
#
|
||||
|
||||
. /etc/rc.subr
|
||||
|
@ -27,7 +26,6 @@ load_rc_config ${name}
|
|||
: ${tor_enable="NO"}
|
||||
: ${tor_conf="/usr/local/etc/tor/torrc"}
|
||||
: ${tor_user="_tor"}
|
||||
: ${tor_group="_tor"}
|
||||
: ${tor_pidfile="/var/run/tor/tor.pid"}
|
||||
: ${tor_logfile="/var/log/tor"}
|
||||
: ${tor_datadir="/var/run/tor"}
|
||||
|
@ -35,7 +33,7 @@ load_rc_config ${name}
|
|||
required_files=${tor_conf}
|
||||
required_dirs=${tor_datadir}
|
||||
command="/usr/local/bin/${name}"
|
||||
command_args="-f ${tor_conf} --pidfile ${tor_pidfile} --runasdaemon 1 --datadirectory ${tor_datadir} --user ${tor_user} --group ${tor_group}"
|
||||
command_args="-f ${tor_conf} --pidfile ${tor_pidfile} --runasdaemon 1 --datadirectory ${tor_datadir} --user ${tor_user}"
|
||||
extra_commands="log"
|
||||
log_cmd="${name}_log"
|
||||
|
||||
|
|
|
@ -0,0 +1,125 @@
|
|||
<html>
|
||||
<head>
|
||||
<title>This is a Tor Exit Router</title>
|
||||
|
||||
<!--
|
||||
|
||||
This notice is intended to be placed on a virtual host for a domain that
|
||||
your Tor exit node IP reverse resolves to so that people who may be about
|
||||
to file an abuse complaint would check it first before bothering you or
|
||||
your ISP. Ex:
|
||||
http://tor-exit.yourdomain.org or http://tor-readme.yourdomain.org.
|
||||
|
||||
This type of setup has proven very effective at reducing abuse complaints
|
||||
for exit node operators.
|
||||
|
||||
There are a few places in this document that you may want to customize.
|
||||
They are marked with FIXME.
|
||||
|
||||
-->
|
||||
|
||||
</head>
|
||||
<body bgcolor=white text=black>
|
||||
|
||||
<center><h1>This is a Tor Exit Router</h1></center>
|
||||
|
||||
<p>Most likely you are accessing this website because you had some issue with
|
||||
the traffic coming from this IP. This router is part of the <a
|
||||
href="https://www.torproject.org/">Tor Anonymity Network</a>, which is
|
||||
dedicated to providing people with anonymity who need it most: average
|
||||
computer users. This router IP should be generating no other traffic, unless
|
||||
it has been compromised.
|
||||
|
||||
<p>
|
||||
|
||||
While Tor is not designed for malicious computer users, it is inevitable that
|
||||
some may use the network for malicious ends. In the mind of this operator,
|
||||
the social need for easily accessible censorship-resistant anonymous
|
||||
communication trumps the risk. Tor sees use by many important segments of the
|
||||
population, including whistle blowers, journalists, Chinese dissidents
|
||||
skirting the Great Firewall and oppressive censorship, abuse victims,
|
||||
stalker targets, the US military, and law enforcement, just to name a few.
|
||||
|
||||
<p>
|
||||
|
||||
<!-- FIXME: you should probably grab your own copy of tor-route.png
|
||||
and serve it locally -->
|
||||
<center><a href="https://www.torproject.org/overview.html.en">
|
||||
<img src="http://tor-exit.fscked.org/tor-route.png"></a></center>
|
||||
|
||||
<p>
|
||||
|
||||
In terms of applicable law, the best way to understand Tor is to consider it a
|
||||
network of routers operating as common carriers, much like the Internet
|
||||
backbone. However, unlike the Internet backbone routers, Tor routers
|
||||
explicitly do not contain identifiable routing information about the source of
|
||||
a packet.
|
||||
|
||||
<p>
|
||||
|
||||
As such, there is little the operator of this router can do to help you track
|
||||
the connection further. This router maintains no logs of any of the Tor
|
||||
traffic, so there is little that can be done to trace either legitimate or
|
||||
illegitimate traffic (or to filter one from the other). Attempts to
|
||||
seize this router will accomplish nothing.
|
||||
<p>
|
||||
|
||||
<!--- FIXME: US-Only section. Remove if you are a non-US operator -->
|
||||
|
||||
Furthermore, this machine also serves as a carrier of email, which means that
|
||||
its contents are further protected under the ECPA. <a
|
||||
href="http://www4.law.cornell.edu/uscode/html/uscode18/usc_sec_18_00002707----000-.html">18
|
||||
USC 2707</a> explicitly allows for civil remedies ($1000/account
|
||||
<i><b><u>plus</u></b></i> legal fees)
|
||||
in the event of a seizure executed without good faith or probable cause (it
|
||||
should be clear at this point that traffic with an originating IP address of
|
||||
FIXME_DNS_NAME should not constitute probable cause to seize the
|
||||
machine). Similar considerations exist for 1st amendment content on this
|
||||
machine.
|
||||
|
||||
<p>
|
||||
|
||||
<!-- FIXME: May or may not be US-only. Some non-US tor nodes have in
|
||||
fact reported DMCA harassment... -->
|
||||
|
||||
If you are a representative of a company who feels that this router is being
|
||||
used to violate the DMCA, please be aware that this machine does not host or
|
||||
contain any illegal content. Also be aware that network infrastructure
|
||||
maintainers are not liable for the type of content that passes over their
|
||||
equipment, in accordance with <a
|
||||
href="http://www4.law.cornell.edu/uscode/html/uscode17/usc_sec_17_00000512----000-.html">DMCA
|
||||
"safe harbor" provisions</a>. In other words, you will have just as much luck
|
||||
sending a takedown notice to the Internet backbone providers. Please consult
|
||||
<a href="https://www.torproject.org/eff/tor-dmca-response.html">EFF's prepared
|
||||
response</a> for more information on this matter.
|
||||
|
||||
<p>For more information, please consult the following documentation:
|
||||
|
||||
<ol>
|
||||
<li><a href="https://www.torproject.org/overview.html">Tor Overview</a></li>
|
||||
<li><a href="https://www.torproject.org/faq-abuse.html">Tor Abuse FAQ</a></li>
|
||||
<li><a href="https://www.torproject.org//eff/tor-legal-faq.html">Tor Legal FAQ</a></li>
|
||||
</ol>
|
||||
<p>
|
||||
|
||||
That being said, if you still have a complaint about the router, you may
|
||||
email the <a href="mailto:FIXME_YOUR_EMAIL_ADDRESS">maintainer</a>. If
|
||||
complaints are related to a particular service that is being abused, I will
|
||||
consider removing that service from my exit policy, which would prevent my
|
||||
router from allowing that traffic to exit through it. I can only do this on an
|
||||
IP+destination port basis, however. Common P2P ports are
|
||||
already blocked.
|
||||
|
||||
<p>You also have the option of blocking this IP address and others on
|
||||
the Tor network if you so desire. The Tor project provides a <a
|
||||
href="https://www.torproject.org/cvs/tor/contrib/exitlist">python script</a> to
|
||||
extract all IP addresses of Tor exit nodes, and an official <a
|
||||
href="http://exitlist.torproject.org/">DNSRBL</a> is also available to
|
||||
determine if a given IP address is actually a Tor exit server. Please
|
||||
be considerate
|
||||
when using these options. It would be unfortunate to deny all Tor users access
|
||||
to your site indefinitely simply because of a few bad apples.
|
||||
|
||||
</body>
|
||||
</html>
|
||||
|
|
@ -1,6 +1,6 @@
|
|||
;tor.nsi - A basic win32 installer for Tor
|
||||
; Originally written by J Doe.
|
||||
; Modified by Steve Topletz
|
||||
; Modified by Steve Topletz, Andrew Lewman
|
||||
; See the Tor LICENSE for licensing information
|
||||
;-----------------------------------------
|
||||
;
|
||||
|
@ -9,7 +9,7 @@
|
|||
!include "FileFunc.nsh"
|
||||
!insertmacro GetParameters
|
||||
|
||||
!define VERSION "0.2.0.20-rc-dev"
|
||||
!define VERSION "0.2.0.35"
|
||||
!define INSTALLER "tor-${VERSION}-win32.exe"
|
||||
!define WEBSITE "https://www.torproject.org/"
|
||||
!define LICENSE "LICENSE"
|
||||
|
@ -96,6 +96,11 @@ Section "Tor" Tor
|
|||
Next:
|
||||
${EndIf}
|
||||
File /oname=$CONFIGFILE "..\src\config\torrc.sample"
|
||||
|
||||
; the geoip file needs to be included and stuffed into the right directory
|
||||
; otherwise tor is unhappy
|
||||
SetOutPath $APPDATA\Tor
|
||||
Call ExtractGEOIP
|
||||
SectionEnd
|
||||
|
||||
Section "Documents" Docs
|
||||
|
@ -113,7 +118,6 @@ Section "Start Menu" StartMenu
|
|||
${If} ${FileExists} "$INSTDIR\Documents\*.*"
|
||||
Call CreateDocLinks
|
||||
${EndIf}
|
||||
endifdocs:
|
||||
SectionEnd
|
||||
|
||||
Section "Desktop" Desktop
|
||||
|
@ -156,12 +160,15 @@ Function ExtractBinaries
|
|||
File "${BIN}\tor-resolve.exe"
|
||||
FunctionEnd
|
||||
|
||||
Function ExtractGEOIP
|
||||
File "${BIN}\geoip"
|
||||
FunctionEnd
|
||||
|
||||
Function ExtractIcon
|
||||
File "${BIN}\tor.ico"
|
||||
FunctionEnd
|
||||
|
||||
Function ExtractSpecs
|
||||
;File "doc\FAQ"
|
||||
File "..\doc\HACKING"
|
||||
File "..\doc\spec\address-spec.txt"
|
||||
File "..\doc\spec\control-spec.txt"
|
||||
|
|
|
@ -31,8 +31,6 @@ TORCTL=@BINDIR@/torctl
|
|||
# torctl will use these environment variables
|
||||
TORUSER=@TORUSER@
|
||||
export TORUSER
|
||||
TORGROUP=@TORGROUP@
|
||||
export TORGROUP
|
||||
|
||||
if [ -x /bin/su ] ; then
|
||||
SUPROG=/bin/su
|
||||
|
|
|
@ -41,22 +41,18 @@ TORDATA="@LOCALSTATEDIR@/lib/tor"
|
|||
TORARGS="--pidfile $PIDFILE --log \"notice file $LOGFILE\" --runasdaemon 1"
|
||||
TORARGS="$TORARGS --datadirectory $TORDATA"
|
||||
|
||||
# If user and group names are set in the environment, then use them;
|
||||
# If user name is set in the environment, then use it;
|
||||
# otherwise run as the invoking user (or whatever user the config
|
||||
# file says)... unless the invoking user is root. The idea here is to
|
||||
# let an unprivileged user run tor for her own use using this script,
|
||||
# while still providing for it to be used as a system daemon.
|
||||
if [ "x`id -u`" = "x0" ]; then
|
||||
TORUSER=@TORUSER@
|
||||
TORGROUP=@TORGROUP@
|
||||
fi
|
||||
|
||||
if [ "x$TORUSER" != "x" ]; then
|
||||
TORARGS="$TORARGS --user $TORUSER"
|
||||
fi
|
||||
if [ "x$TORGROUP" != "x" ]; then
|
||||
TORARGS="$TORARGS --group $TORGROUP"
|
||||
fi
|
||||
|
||||
# We no longer wrap the Tor daemon startup in an su when running as
|
||||
# root, because it's too painful to make the use of su portable.
|
||||
|
|
|
@ -1,3 +1,175 @@
|
|||
tor (0.2.0.35-1) unstable; urgency=low
|
||||
|
||||
* New upstream version:
|
||||
o security fixes:
|
||||
- Avoid crashing in the presence of certain malformed descriptors.
|
||||
- Fix an edge case where a malicious exit relay could convince a
|
||||
controller that the client's DNS question resolves to an internal IP
|
||||
address.
|
||||
o bugfixes:
|
||||
- Finally fix the bug where dynamic-IP relays disappear when their
|
||||
IP address changes.
|
||||
- Fix a DNS-related crash bug (apparently depending on everything
|
||||
but the phase of the moon).
|
||||
- Fix a memory leak when starting with a cache over a few days old
|
||||
- Hidden service clients didn't use a cached service descriptor that
|
||||
was older than 15 minutes, but wouldn't fetch a new one either.
|
||||
[More details are in the upstream changelog.]
|
||||
|
||||
-- Peter Palfrader <weasel@debian.org> Fri, 26 Jun 2009 01:56:14 +0200
|
||||
|
||||
tor (0.2.0.34-1) unstable; urgency=high
|
||||
|
||||
* New upstream version:
|
||||
- Avoid a potential crash on exit nodes when processing malformed
|
||||
input. Remote DoS opportunity (closes: #514579).
|
||||
- Fix a temporary DoS vulnerability that could be performed by
|
||||
a directory mirror (closes: #514580).
|
||||
|
||||
-- Peter Palfrader <weasel@debian.org> Mon, 09 Feb 2009 09:53:48 +0100
|
||||
|
||||
tor (0.2.0.33-1) unstable; urgency=high
|
||||
|
||||
* New upstream version:
|
||||
- Fixes a possible remote heap buffer overflow bug (closes: #512728)
|
||||
(Secunia Advisory [SA33635]).
|
||||
- better resist DNS poisoning.
|
||||
- and more - see upstream changelog.
|
||||
|
||||
-- Peter Palfrader <weasel@debian.org> Fri, 23 Jan 2009 12:05:06 +0100
|
||||
|
||||
tor (0.2.0.32-1) unstable; urgency=high
|
||||
|
||||
* New upstream version.
|
||||
- Properly drops privileges when being configured to do
|
||||
so (closes: #505178).
|
||||
* No longer set now obsolete Group setting in built-in debian config.
|
||||
|
||||
-- Peter Palfrader <weasel@debian.org> Fri, 21 Nov 2008 23:33:15 +0100
|
||||
|
||||
tor (0.2.0.31-1) unstable; urgency=low
|
||||
|
||||
* New upstream version.
|
||||
* Tweak a few error messages in the init script to use the proper variables
|
||||
(not that it should matter, the Right One has the same value, but still)
|
||||
and to list more possible error reasons.
|
||||
|
||||
-- Peter Palfrader <weasel@debian.org> Tue, 09 Sep 2008 09:56:54 +0200
|
||||
|
||||
tor (0.2.0.30-2) unstable; urgency=low
|
||||
|
||||
* Stop requiring that the binary in /usr/sbin/tor is still the same as the
|
||||
one that actually is the running tor when we try to stop or reload the
|
||||
daemon using the init script. If the process is called tor, running as
|
||||
debian-tor, and the pid file agrees too then it probably is the Tor you
|
||||
want to stop (closes: #491246).
|
||||
|
||||
-- Peter Palfrader <weasel@debian.org> Fri, 18 Jul 2008 01:50:37 +0200
|
||||
|
||||
tor (0.2.0.30-1) unstable; urgency=low
|
||||
|
||||
* New upstream version.
|
||||
|
||||
-- Peter Palfrader <weasel@debian.org> Wed, 16 Jul 2008 02:19:08 +0200
|
||||
|
||||
tor (0.2.0.29-rc-2) unstable; urgency=low
|
||||
|
||||
* Upload to unstable.
|
||||
|
||||
-- Peter Palfrader <weasel@debian.org> Tue, 15 Jul 2008 22:16:08 +0200
|
||||
|
||||
tor (0.2.0.29-rc-1) experimental; urgency=low
|
||||
|
||||
* New upstream version.
|
||||
* Warn the admin if the number of file descriptors on his system is
|
||||
tiny.
|
||||
|
||||
-- Peter Palfrader <weasel@debian.org> Wed, 09 Jul 2008 14:02:06 +0200
|
||||
|
||||
tor (0.2.0.28-rc-1) experimental; urgency=low
|
||||
|
||||
* New upstream version.
|
||||
* Remove debian/patches/11_tor_as_root_more_helpful.dpatch as
|
||||
it is no longer needed: We now setuid() to the Tor user
|
||||
when run as root and it all just works.
|
||||
* Add comments to the dpatch headers so lintian shuts up.
|
||||
* Add patches/14_fix_geoip_warning: Change geoipdb open failed message.
|
||||
* Require unit tests to pass again.
|
||||
|
||||
-- Peter Palfrader <weasel@debian.org> Fri, 13 Jun 2008 10:28:36 +0200
|
||||
|
||||
tor (0.2.0.27-rc-1) experimental; urgency=low
|
||||
|
||||
* New upstream version.
|
||||
* Add tor-geoipdb arch: all package for the geoip database.
|
||||
* Update debian/rules so that there now is a binary-common target
|
||||
and the binary-indep and binary-arch targets call make with
|
||||
proper DH_OPTIONS options. This is taken from the template
|
||||
that dh_make nowadays uses for multi-binary packages.
|
||||
* Unit tests are broken, yay.
|
||||
* Use ${binary:Version} to depend on the right tor binary package from
|
||||
the tor-dbg package instead of ${Source-Version}. Some guy on the
|
||||
internet said the latter was deprecated.
|
||||
* Add Homepage: https://www.torproject.org/ field to control file.
|
||||
* And mention www.tp.o instead of the old tor.eff.org in the long
|
||||
description.
|
||||
* No longer ignore failure of make clean in the clean target.
|
||||
* Support passing of parallel=<n> in build options.
|
||||
* Change declared Standards-Version to 3.8.0.
|
||||
|
||||
-- Peter Palfrader <weasel@debian.org> Fri, 06 Jun 2008 01:11:33 +0200
|
||||
|
||||
tor (0.2.0.26-rc-1) experimental; urgency=critical
|
||||
|
||||
* New upstream version.
|
||||
* Conflict with old libssls.
|
||||
* On upgrading from versions prior to, including, 0.1.2.19-2, or
|
||||
from versions later than 0.2.0 and prior to 0.2.0.26-rc do the
|
||||
following, and if we are a server (we have a /var/lib/tor/keys
|
||||
directory)
|
||||
- move /var/lib/tor/keys/secret_onion_key out of the way.
|
||||
- move /var/lib/tor/keys/secret_onion_key.old out of the way.
|
||||
- move /var/lib/tor/keys/secret_id_key out of the way if it was
|
||||
created on or after 2006-09-17, which is the day the bad
|
||||
libssl was uploaded to Debian unstable.
|
||||
* Add a NEWS file explaining this change.
|
||||
|
||||
-- Peter Palfrader <weasel@debian.org> Tue, 13 May 2008 16:11:21 +0200
|
||||
|
||||
tor (0.2.0.24-rc-1) experimental; urgency=low
|
||||
|
||||
* New upstream version.
|
||||
|
||||
-- Peter Palfrader <weasel@debian.org> Wed, 23 Apr 2008 02:25:22 +0200
|
||||
|
||||
tor (0.2.0.23-rc-1) experimental; urgency=low
|
||||
|
||||
* New upstream version.
|
||||
* Mention OpenBSD_malloc_Linux.c in debian/copyright.
|
||||
* Add a recommends on logrotate.
|
||||
|
||||
-- Peter Palfrader <weasel@debian.org> Tue, 25 Mar 2008 09:34:37 +0100
|
||||
|
||||
tor (0.2.0.22-rc-1) experimental; urgency=low
|
||||
|
||||
* New upstream version.
|
||||
* Work around fig2dev failing to build the images on all archs
|
||||
(re #457568).
|
||||
* Build with --enable-openbsd-malloc, unless no-enable-openbsd-malloc is
|
||||
found in DEB_BUILD_OPTIONS. Hopefully this deals with some of the
|
||||
horrible memory fragmentation that glibc's malloc causes.
|
||||
|
||||
-- Peter Palfrader <weasel@debian.org> Wed, 19 Mar 2008 08:03:47 +0100
|
||||
|
||||
tor (0.2.0.21-rc-1) experimental; urgency=low
|
||||
|
||||
* New upstream version.
|
||||
* Run --verify-config before start/reload/restart as root. No longer
|
||||
su - to debian-tor tor run it. Given that we now even start Tor as
|
||||
root (it setuids later on) this should be fine (closes: #468566).
|
||||
|
||||
-- Peter Palfrader <weasel@debian.org> Mon, 3 Mar 2008 13:36:59 +0100
|
||||
|
||||
tor (0.2.0.20-rc-1) experimental; urgency=low
|
||||
|
||||
* New upstream version.
|
||||
|
|
|
@ -3,12 +3,14 @@ Section: comm
|
|||
Priority: optional
|
||||
Maintainer: Peter Palfrader <weasel@debian.org>
|
||||
Build-Depends: debhelper (>= 4.1.65), libssl-dev, dpatch, zlib1g-dev, libevent-dev (>= 1.1), texlive-base-bin, texlive-latex-base, texlive-fonts-recommended, transfig, gs, binutils (>= 2.14.90.0.7)
|
||||
Standards-Version: 3.7.2
|
||||
Standards-Version: 3.8.0
|
||||
Homepage: https://www.torproject.org/
|
||||
|
||||
Package: tor
|
||||
Architecture: any
|
||||
Depends: ${shlibs:Depends}, adduser, tsocks
|
||||
Recommends: privoxy | polipo (>= 1), socat
|
||||
Conflicts: libssl0.9.8 (<< 0.9.8g-9)
|
||||
Recommends: privoxy | polipo (>= 1), socat, logrotate, tor-geoipdb
|
||||
Suggests: mixmaster, mixminion, anon-proxy
|
||||
Description: anonymizing overlay network for TCP
|
||||
Tor is a connection-based low-latency anonymous communication system which
|
||||
|
@ -43,16 +45,29 @@ Description: anonymizing overlay network for TCP
|
|||
Remember that this is development code -- don't rely on the current Tor
|
||||
network if you really need strong anonymity.
|
||||
.
|
||||
The latest information can be found at http://tor.eff.org/, or on the
|
||||
The latest information can be found at https://www.torproject.org/, or on the
|
||||
mailing lists, archived at http://archives.seul.org/or/talk/ or
|
||||
http://archives.seul.org/or/announce/.
|
||||
|
||||
Package: tor-dbg
|
||||
Architecture: any
|
||||
Depends: tor (= ${Source-Version})
|
||||
Depends: tor (= ${binary:Version})
|
||||
Suggests: gdb
|
||||
Priority: extra
|
||||
Description: debugging symbols for Tor
|
||||
This package provides the debugging symbols for Tor, The Onion Router.
|
||||
Those symbols allow your debugger to assign names to your backtraces, which
|
||||
makes it somewhat easier to interpret core dumps.
|
||||
|
||||
Package: tor-geoipdb
|
||||
Architecture: all
|
||||
Priority: extra
|
||||
Depends: tor (>= ${source:Version})
|
||||
Description: geoIP database for Tor
|
||||
This package provides a geoIP database for Tor, i.e. it maps IPv4 addresses
|
||||
to countries.
|
||||
.
|
||||
Bridges (special Tor relays that aren't listed in the main Tor directory) use
|
||||
this information to report which countries they get access from. This allows
|
||||
the Tor network operators to learn if certain countries started blocking
|
||||
access to bridges.
|
||||
|
|
|
@ -12,6 +12,7 @@ Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson
|
|||
Copyright (c) 2007-2008, The Tor Project, Inc.
|
||||
strlcat, strlcpy: Copyright (c) 1998 Todd C. Miller <Todd.Miller@courtesan.com>
|
||||
ht.h: Copyright (c) 2002, Christopher Clark, 2006 Nick Mathewson
|
||||
OpenBSD_malloc_Linux.c: phk@FreeBSD.ORG
|
||||
Modifications for Debian: Copyright (c) 2004, 2005, 2006, 2007, 2008 Peter Palfrader
|
||||
|
||||
Tor is distributed under this license:
|
||||
|
@ -115,4 +116,9 @@ ht.h by Nick Mathewson is licensed as follows:
|
|||
* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
|
||||
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
===============================================================================
|
||||
OpenBSD_malloc_Linux.c:
|
||||
* "THE BEER-WARE LICENSE" (Revision 42):
|
||||
* <phk@FreeBSD.ORG> wrote this file. As long as you retain this notice you
|
||||
* can do whatever you want with this stuff. If we meet some day, and you think
|
||||
* this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp
|
||||
|
|
|
@ -2,4 +2,4 @@
|
|||
03_tor_manpage_in_section_8.dpatch
|
||||
06_add_compile_time_defaults.dpatch
|
||||
07_log_to_file_by_default.dpatch
|
||||
11_tor_as_root_more_helpful.dpatch
|
||||
14_fix_geoip_warning
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
## 02_add_debian_files_in_manpage.dpatch by <weasel@debian.org>
|
||||
##
|
||||
## All lines beginning with `## DP:' are a description of the patch.
|
||||
## DP: No description.
|
||||
## DP: Change the FILES section of the manpage to properly describe the situation on Debian systems.
|
||||
|
||||
if [ $# -lt 1 ]; then
|
||||
echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
## 03_tor_manpage_in_section_8.dpatch by <weasel@debian.org>
|
||||
##
|
||||
## All lines beginning with `## DP:' are a description of the patch.
|
||||
## DP: No description.
|
||||
## DP: Move the Tor manpage from section 1 to section 8.
|
||||
|
||||
if [ $# -lt 1 ]; then
|
||||
echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
## 06_add_compile_time_defaults.dpatch by <weasel@debian.org>
|
||||
##
|
||||
## All lines beginning with `## DP:' are a description of the patch.
|
||||
## DP: No description.
|
||||
## DP: Change a few compile time defaults so that Tor is better integrated on a Debian system
|
||||
|
||||
if [ $# -lt 1 ]; then
|
||||
echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
|
||||
|
@ -72,7 +72,7 @@ diff -urNad trunk~/src/or/config.c trunk/src/or/config.c
|
|||
if (errmsg) {
|
||||
log(LOG_WARN,LD_CONFIG,"Failed to parse/validate config: %s", errmsg);
|
||||
tor_free(errmsg);
|
||||
@@ -5011,3 +5018,64 @@
|
||||
@@ -5011,3 +5018,60 @@
|
||||
puts(routerparse_c_id);
|
||||
}
|
||||
|
||||
|
@ -131,9 +131,5 @@ diff -urNad trunk~/src/or/config.c trunk/src/or/config.c
|
|||
+ tor_assert(var);
|
||||
+ var->initvalue = tor_strdup("debian-tor");
|
||||
+
|
||||
+ var = config_find_option(&options_format, "Group");
|
||||
+ tor_assert(var);
|
||||
+ var->initvalue = tor_strdup("debian-tor");
|
||||
+
|
||||
+ return 0;
|
||||
+}
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
## 07_log_to_file_by_default.dpatch by <weasel@debian.org>
|
||||
##
|
||||
## All lines beginning with `## DP:' are a description of the patch.
|
||||
## DP: No description.
|
||||
## DP: Change default logging target from stdout to a logfile
|
||||
|
||||
if [ $# -lt 1 ]; then
|
||||
echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
|
||||
|
|
|
@ -1,36 +0,0 @@
|
|||
#! /bin/sh -e
|
||||
## 08_no_run_as_root.dpatch by <weasel@debian.org>
|
||||
##
|
||||
## All lines beginning with `## DP:' are a description of the patch.
|
||||
## DP: No description.
|
||||
|
||||
if [ $# -lt 1 ]; then
|
||||
echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts
|
||||
patch_opts="${patch_opts:--f --no-backup-if-mismatch} ${2:+-d $2}"
|
||||
|
||||
case "$1" in
|
||||
-patch) patch -p1 ${patch_opts} < $0;;
|
||||
-unpatch) patch -R -p1 ${patch_opts} < $0;;
|
||||
*)
|
||||
echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
|
||||
exit 1;;
|
||||
esac
|
||||
|
||||
exit 0
|
||||
|
||||
@DPATCH@
|
||||
--- tor~/src/or/main.c 2006-07-23 19:31:29.000000000 +0200
|
||||
+++ tor/src/or/main.c 2006-07-24 05:34:30.696138870 +0200
|
||||
@@ -1483,7 +1483,7 @@
|
||||
#ifndef MS_WINDOWS
|
||||
if (geteuid()==0)
|
||||
log_warn(LD_GENERAL,"You are running Tor as root. You don't need to, "
|
||||
- "and you probably shouldn't.");
|
||||
+ "and you probably shouldn't. Maybe you are looking for the init script? '/etc/init.d/tor start'");
|
||||
#endif
|
||||
|
||||
crypto_global_init(get_options()->HardwareAccel);
|
|
@ -0,0 +1,37 @@
|
|||
#! /bin/sh -e
|
||||
## 14_fix_geoip_warning.dpatch by <weasel@debian.org>
|
||||
##
|
||||
## All lines beginning with `## DP:' are a description of the patch.
|
||||
## DP: Change geoipdb open failed message
|
||||
|
||||
if [ $# -lt 1 ]; then
|
||||
echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts
|
||||
patch_opts="${patch_opts:--f --no-backup-if-mismatch} ${2:+-d $2}"
|
||||
|
||||
case "$1" in
|
||||
-patch) patch -p1 ${patch_opts} < $0;;
|
||||
-unpatch) patch -R -p1 ${patch_opts} < $0;;
|
||||
*)
|
||||
echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
|
||||
exit 1;;
|
||||
esac
|
||||
|
||||
exit 0
|
||||
|
||||
@DPATCH@
|
||||
diff -urNad git-stable~/src/or/geoip.c git-stable/src/or/geoip.c
|
||||
--- git-stable~/src/or/geoip.c 2008-06-06 01:00:41.000000000 +0200
|
||||
+++ git-stable/src/or/geoip.c 2008-06-11 12:54:17.605150644 +0200
|
||||
@@ -147,7 +147,7 @@
|
||||
int severity = should_record_bridge_info(options) ? LOG_WARN : LOG_INFO;
|
||||
clear_geoip_db();
|
||||
if (!(f = fopen(filename, "r"))) {
|
||||
- log_fn(severity, LD_GENERAL, "Failed to open GEOIP file %s.", filename);
|
||||
+ log_fn(severity, LD_GENERAL, "Failed to open GEOIP file %s. Do you have the tor-geoipdb package installed?", filename);
|
||||
return -1;
|
||||
}
|
||||
geoip_countries = smartlist_create();
|
|
@ -48,11 +48,21 @@ ifneq (,$(findstring notest,$(DEB_BUILD_OPTIONS)))
|
|||
RUN_TEST = no
|
||||
endif
|
||||
|
||||
# Support passing of parallel=<n> in build options
|
||||
ifneq (,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
|
||||
NUMJOBS = $(patsubst parallel=%,%,$(filter parallel=%,$(DEB_BUILD_OPTIONS)))
|
||||
MAKEFLAGS += -j$(NUMJOBS)
|
||||
endif
|
||||
|
||||
CONF_OPTIONS =
|
||||
# build against libdmalloc4 - it better be installed
|
||||
ifneq (,$(findstring with-dmalloc,$(DEB_BUILD_OPTIONS)))
|
||||
CONF_OPTIONS += --with-dmalloc
|
||||
endif
|
||||
# inhibit building with --enable-openbsd-malloc
|
||||
ifeq (,$(findstring no-enable-openbsd-malloc,$(DEB_BUILD_OPTIONS)))
|
||||
CONF_OPTIONS += --enable-openbsd-malloc
|
||||
endif
|
||||
|
||||
configure: patch-stamp
|
||||
config.status: configure
|
||||
|
@ -100,17 +110,15 @@ build-stamp: config.status
|
|||
#
|
||||
# the hexdumps were built using something like
|
||||
# perl -e 'while (<>) { print unpack ("H*", $_); }' interaction.pdf | fold > hexdump-interaction.pdf
|
||||
if [ "$(DEB_BUILD_GNU_TYPE)" = "s390-linux-gnu" ] || \
|
||||
[ "$(DEB_BUILD_GNU_TYPE)" = "sparc-linux-gnu" ] || \
|
||||
[ "$(DEB_BUILD_GNU_TYPE)" = "mipsel-linux" ]; then \
|
||||
cd doc/design-paper; \
|
||||
#
|
||||
# And it fails on a bunch of other archs too.
|
||||
cd doc/design-paper; \
|
||||
fig2dev -L pdf cell-struct.fig cell-struct.pdf || \
|
||||
( echo "** Using shipped pdf file because fig2dev failed"; \
|
||||
perl -e 'while (<>) { chomp; print pack ("H*", $$_); }' ../../debian/hexdump-cell-struct.pdf > cell-struct.pdf ); \
|
||||
fig2dev -L pdf interaction.fig interaction.pdf || \
|
||||
( echo "** Using shipped pdf file because fig2dev failed"; \
|
||||
perl -e 'while (<>) { chomp; print pack ("H*", $$_); }' ../../debian/hexdump-interaction.pdf > interaction.pdf ); \
|
||||
fi
|
||||
# XXX ends
|
||||
|
||||
make -C doc/design-paper tor-design.ps tor-design.pdf
|
||||
|
@ -122,7 +130,7 @@ clean: unpatch
|
|||
dh_testroot
|
||||
rm -f build-stamp
|
||||
|
||||
-$(MAKE) distclean
|
||||
[ ! -f Makefile ] || $(MAKE) distclean
|
||||
|
||||
dh_clean
|
||||
|
||||
|
@ -154,28 +162,31 @@ install: build
|
|||
|
||||
rm -f $(CURDIR)/debian/tor/usr/bin/tor-control.py
|
||||
|
||||
# tor-dbg doc dir
|
||||
install -d -m 755 $(CURDIR)/debian/tor-dbg/usr/share/doc
|
||||
ln -s tor $(CURDIR)/debian/tor-dbg/usr/share/doc/tor-dbg
|
||||
|
||||
# tor-geoip
|
||||
mv $(CURDIR)/debian/tor/usr/share/tor/geoip $(CURDIR)/debian/tor-geoipdb/usr/share/tor
|
||||
rmdir $(CURDIR)/debian/tor/usr/share/tor || true
|
||||
|
||||
# Build architecture-independent files here.
|
||||
binary-indep: build install
|
||||
# We have nothing to do by default.
|
||||
install -d -m 755 $(CURDIR)/debian/tor-geoipdb/usr/share/doc/tor-geoipdb
|
||||
ln -s ../tor/changelog.gz $(CURDIR)/debian/tor-geoipdb/usr/share/doc/tor-geoipdb
|
||||
ln -s ../tor/changelog.Debian.gz $(CURDIR)/debian/tor-geoipdb/usr/share/doc/tor-geoipdb
|
||||
|
||||
# Build architecture-dependent files here.
|
||||
binary-arch: build install
|
||||
install -m 644 debian/tor-geoipdb.lintian-override $(CURDIR)/debian/tor-geoipdb/usr/share/lintian/overrides/tor-geoipdb
|
||||
|
||||
# Must not depend on anything. This is to be called by
|
||||
# binary-arch/binary-indep
|
||||
# in another 'make' thread.
|
||||
binary-common:
|
||||
dh_testdir
|
||||
dh_testroot
|
||||
dh_installchangelogs ChangeLog
|
||||
dh_installchangelogs --package=tor ChangeLog
|
||||
dh_installdocs
|
||||
dh_installexamples
|
||||
# dh_install
|
||||
# dh_installdebconf
|
||||
dh_installlogrotate
|
||||
# dh_installemacsen
|
||||
# dh_installmime
|
||||
dh_installinit
|
||||
# dh_installcron
|
||||
dh_installman
|
||||
dh_link
|
||||
# Change this for debhelper compatibility level 5 or later!
|
||||
|
@ -187,7 +198,15 @@ binary-arch: build install
|
|||
dh_gencontrol
|
||||
dh_md5sums
|
||||
dh_builddeb
|
||||
|
||||
# Build architecture independant packages using the common target.
|
||||
binary-indep: install
|
||||
$(MAKE) -f debian/rules DH_OPTIONS=-i binary-common
|
||||
|
||||
# Build architecture dependant packages using the common target.
|
||||
binary-arch: install
|
||||
$(MAKE) -f debian/rules DH_OPTIONS=-s binary-common
|
||||
@if [ "$(LOCALHOST_IP)" != "127.0.0.1" ]; then echo; echo; echo; echo; echo; echo "######################################################################"; echo "WARNING: This system does not think localhost is 127.0.0.1. Result of testsuite has been ignored. Please fix your system/chroot."; echo "######################################################################"; echo; echo; echo; echo; echo "Note: 'getent hosts localhost' should return '127.0.0.1 localhost'"; echo; fi
|
||||
|
||||
binary: binary-indep binary-arch
|
||||
.PHONY: build clean binary-indep binary-arch binary install
|
||||
.PHONY: build clean binary-common binary-indep binary-arch binary install
|
||||
|
|
|
@ -0,0 +1,35 @@
|
|||
This geo-ip database was downloaded as part of the Tor distribution
|
||||
from <URL:https://www.torproject.org/>.
|
||||
|
||||
|
||||
It is the IP-to-Country Database provided by WebHosting.Info
|
||||
(http://www.webhosting.info), available from
|
||||
http://ip-to-country.webhosting.info.
|
||||
|
||||
|
||||
Copyright (c) 2003 Direct Information Pvt. Ltd. All Rights Reserved.
|
||||
|
||||
All usage, reproduction, modification and derivative works created from, and
|
||||
distribution and publication of the IP-to-Country Database and your derivative
|
||||
works thereof must keep intact all copyright notices and give credit by
|
||||
displaying the following acknowledgment by replacing 'work' with one of the
|
||||
following: script, product, page, service or application:
|
||||
|
||||
"This 'work' uses the IP-to-Country Database
|
||||
provided by WebHosting.Info (http://www.webhosting.info),
|
||||
available from http://ip-to-country.webhosting.info."
|
||||
|
||||
BECAUSE THE DATABASE IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE
|
||||
DATABASE, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE
|
||||
STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE
|
||||
DATABASE "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED,
|
||||
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
|
||||
FITNESS FOR A PARTICULAR PURPOSE OR ANY WARRANTIES REGARDING THE CONTENTS OR
|
||||
ACCURACY OF THE WORK.
|
||||
|
||||
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY
|
||||
COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE
|
||||
DATABASE AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
|
||||
GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR
|
||||
INABILITY TO USE THE DATABASE, EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN
|
||||
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
|
|
@ -0,0 +1,2 @@
|
|||
usr/share/tor
|
||||
usr/share/lintian/overrides
|
|
@ -0,0 +1 @@
|
|||
tor-geoipdb: debian-changelog-file-is-a-symlink
|
|
@ -0,0 +1,16 @@
|
|||
tor (0.2.0.26-rc-1) experimental; urgency=critical
|
||||
|
||||
* weak cryptographic keys
|
||||
|
||||
It has been discovered that the random number generator in Debian's
|
||||
openssl package is predictable. This is caused by an incorrect
|
||||
Debian-specific change to the openssl package (CVE-2008-0166). As a
|
||||
result, cryptographic key material may be guessable.
|
||||
|
||||
See Debian Security Advisory number 1571 (DSA-1571) for more information:
|
||||
http://lists.debian.org/debian-security-announce/2008/msg00152.html
|
||||
|
||||
If you run a Tor server using this package please see
|
||||
/var/lib/tor/keys/moved-away-by-tor-package/README.REALLY
|
||||
|
||||
-- Peter Palfrader <weasel@debian.org> Tue, 13 May 2008 12:49:05 +0200
|
|
@ -22,6 +22,8 @@ NAME=tor
|
|||
DESC="tor daemon"
|
||||
TORPIDDIR=/var/run/tor
|
||||
TORPID=$TORPIDDIR/tor.pid
|
||||
DAEMON_USER=debian-tor
|
||||
DAEMON_NAME=tor
|
||||
DEFAULTSFILE=/etc/default/$NAME
|
||||
WAITFORDAEMON=60
|
||||
ARGS=""
|
||||
|
@ -36,6 +38,16 @@ if [ -r /proc/sys/fs/file-max ]; then
|
|||
MAX_FILEDESCRIPTORS=8192
|
||||
else
|
||||
MAX_FILEDESCRIPTORS=1024
|
||||
cat << EOF
|
||||
|
||||
Warning: Your system has very few filedescriptors available in total.
|
||||
|
||||
Maybe you should try raising that by adding 'fs.file-max=100000' to your
|
||||
/etc/sysctl.conf file. Feel free to pick any number that you deem appropriate.
|
||||
Then run 'sysctl -p'. See /proc/sys/fs/file-max for the current value, and
|
||||
file-nr in the same directory for how many of those are used at the moment.
|
||||
|
||||
EOF
|
||||
fi
|
||||
else
|
||||
MAX_FILEDESCRIPTORS=8192
|
||||
|
@ -89,6 +101,14 @@ check_torpiddir () {
|
|||
fi
|
||||
}
|
||||
|
||||
check_config () {
|
||||
if ! $DAEMON --verify-config > /dev/null; then
|
||||
echo "ABORTED: Tor configuration invalid:" >&2
|
||||
$DAEMON --verify-config >&2
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
|
||||
case "$1" in
|
||||
start)
|
||||
|
@ -109,11 +129,7 @@ case "$1" in
|
|||
check_torpiddir
|
||||
|
||||
echo "Starting $DESC: $NAME..."
|
||||
if ! su -s /bin/sh -c "$DAEMON --verify-config" debian-tor > /dev/null; then
|
||||
echo "ABORTED: Tor configuration invalid:" >&2
|
||||
su -s /bin/sh -c "$DAEMON --verify-config" debian-tor >&2
|
||||
exit 1
|
||||
fi
|
||||
check_config
|
||||
|
||||
start-stop-daemon --start --quiet --oknodo \
|
||||
--pidfile $TORPID \
|
||||
|
@ -130,14 +146,14 @@ case "$1" in
|
|||
exit 0
|
||||
fi
|
||||
|
||||
if start-stop-daemon --stop --signal INT --quiet --pidfile $TORPID --exec $DAEMON; then
|
||||
if start-stop-daemon --stop --signal INT --quiet --pidfile $TORPID --name $DAEMON_NAME --user $DAEMON_USER; then
|
||||
wait_for_deaddaemon $pid
|
||||
echo "$NAME."
|
||||
elif kill -0 $pid 2>/dev/null
|
||||
then
|
||||
echo "FAILED (Is $pid not $NAME? Is $DAEMON a different binary now?)."
|
||||
echo "FAILED (Is $pid not $DAEMON_NAME or not running as $DAEMON_USER?)."
|
||||
else
|
||||
echo "FAILED ($DAEMON died: process $pid not running; or permission denied)."
|
||||
echo "FAILED ($DAEMON_NAME died: process $pid not running; or permission denied)."
|
||||
fi
|
||||
;;
|
||||
reload|force-reload)
|
||||
|
@ -149,28 +165,20 @@ case "$1" in
|
|||
exit 0
|
||||
fi
|
||||
|
||||
if ! su -s /bin/sh -c "$DAEMON --verify-config" debian-tor > /dev/null; then
|
||||
echo "ABORTED: Tor configuration invalid:" >&2
|
||||
su -s /bin/sh -c "$DAEMON --verify-config" debian-tor >&2
|
||||
exit 1
|
||||
fi
|
||||
check_config
|
||||
|
||||
if start-stop-daemon --stop --signal 1 --quiet --pidfile $TORPID --exec $DAEMON
|
||||
if start-stop-daemon --stop --signal 1 --quiet --pidfile $TORPID --name $DAEMON_NAME --user $DAEMON_USER
|
||||
then
|
||||
echo "$NAME."
|
||||
elif kill -0 $pid 2>/dev/null
|
||||
then
|
||||
echo "FAILED (Is $pid not $NAME? Is $DAEMON a different binary now?)."
|
||||
echo "FAILED (Is $pid not $DAEMON_NAME or not running as $DAEMON_USER?)."
|
||||
else
|
||||
echo "FAILED ($DAEMON died: process $pid not running; or permission denied)."
|
||||
echo "FAILED ($DAEMON_NAME died: process $pid not running; or permission denied)."
|
||||
fi
|
||||
;;
|
||||
restart)
|
||||
if ! su -s /bin/sh -c "$DAEMON --verify-config" debian-tor > /dev/null; then
|
||||
echo "Restarting Tor ABORTED: Tor configuration invalid:" >&2
|
||||
su -s /bin/sh -c "$DAEMON --verify-config" debian-tor >&2
|
||||
exit 1
|
||||
fi
|
||||
check_config
|
||||
|
||||
$0 stop
|
||||
sleep 1
|
||||
|
|
|
@ -51,6 +51,71 @@ find /var/log/tor \( \( ! -user debian-tor \) -o \( ! -group adm \) \) -print0 |
|
|||
find /var/log/tor -type d -print0 | xargs -0 --no-run-if-empty chmod 02750
|
||||
find /var/log/tor -type f -print0 | xargs -0 --no-run-if-empty chmod 00640
|
||||
|
||||
|
||||
move_away_keys=0
|
||||
|
||||
if [ "$1" = "configure" ] &&
|
||||
[ -e /var/lib/tor/keys ] &&
|
||||
[ ! -z "$2" ]; then
|
||||
if dpkg --compare-versions "$2" lt 0.1.2.19-2; then
|
||||
move_away_keys=1
|
||||
elif dpkg --compare-versions "$2" gt 0.2.0 &&
|
||||
dpkg --compare-versions "$2" lt 0.2.0.26-rc; then
|
||||
move_away_keys=1
|
||||
fi
|
||||
fi
|
||||
if [ "$move_away_keys" = "1" ]; then
|
||||
echo "Retiring possibly compromised keys. See /usr/share/doc/tor/NEWS.Debian.gz"
|
||||
echo "and /var/lib/tor/keys/moved-away-by-tor-package/README.REALLY for"
|
||||
echo "further information."
|
||||
if ! [ -d /var/lib/tor/keys/moved-away-by-tor-package ]; then
|
||||
mkdir /var/lib/tor/keys/moved-away-by-tor-package
|
||||
cat > /var/lib/tor/keys/moved-away-by-tor-package/README.REALLY << EOF
|
||||
It has been discovered that the random number generator in Debian's
|
||||
openssl package is predictable. This is caused by an incorrect
|
||||
Debian-specific change to the openssl package (CVE-2008-0166). As a
|
||||
result, cryptographic key material may be guessable.
|
||||
|
||||
See Debian Security Advisory number 1571 (DSA-1571) for more information:
|
||||
http://lists.debian.org/debian-security-announce/2008/msg00152.html
|
||||
|
||||
The Debian package for Tor has moved away the onion keys upon package
|
||||
upgrade, and it will have moved away your identity key if it was created
|
||||
in the affected timeframe. There is no sure way to automatically tell
|
||||
if your key was created with an affected openssl library, so this move
|
||||
is done unconditionally.
|
||||
|
||||
If you have restarted Tor since this change (and the package probably
|
||||
did that for you already unless you configured your system differently)
|
||||
then the Tor daemon already created new keys for itself and in all
|
||||
likelyhood is already working just fine with new keys.
|
||||
|
||||
If you are absolutely certain that your identity key was created with
|
||||
a non-affected version of openssl and for some reason you have to retain
|
||||
the old identity, then you can move back the copy of secret_id_key to
|
||||
/var/lib/tor/keys. Do not move back the onion keys, they were created
|
||||
only recently since they are temporary keys with a lifetime of only a few
|
||||
days anyway.
|
||||
|
||||
Sincerely,
|
||||
Peter Palfrader, Tue, 13 May 2008 13:32:23 +0200
|
||||
EOF
|
||||
fi
|
||||
for f in secret_onion_key secret_onion_key.old; do
|
||||
if [ -e /var/lib/tor/keys/"$f" ]; then
|
||||
mv -v /var/lib/tor/keys/"$f" /var/lib/tor/keys/moved-away-by-tor-package/"$f"
|
||||
fi
|
||||
done
|
||||
if [ -e /var/lib/tor/keys/secret_id_key ]; then
|
||||
id_mtime=`/usr/bin/stat -c %Y /var/lib/tor/keys/secret_id_key`
|
||||
sept=`date -d '2006-09-10' +%s`
|
||||
if [ "$id_mtime" -gt "$sept" ] ; then
|
||||
mv -v /var/lib/tor/keys/secret_id_key /var/lib/tor/keys/moved-away-by-tor-package/secret_id_key
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
|
||||
#DEBHELPER#
|
||||
|
||||
exit 0
|
||||
|
|
659
doc/TODO
659
doc/TODO
|
@ -1,659 +1,4 @@
|
|||
$Id$
|
||||
Legend:
|
||||
SPEC!! - Not specified
|
||||
SPEC - Spec not finalized
|
||||
N - nick claims
|
||||
R - arma claims
|
||||
P - phobos claims
|
||||
S - Steven claims
|
||||
M - Matt/Mike claims
|
||||
J - Jeff claims
|
||||
I - ioerror claims
|
||||
- Not done
|
||||
* Top priority
|
||||
. Partially done
|
||||
o Done
|
||||
d Deferrable
|
||||
D Deferred
|
||||
X Abandoned
|
||||
|
||||
=======================================================================
|
||||
|
||||
External constraints:
|
||||
- Mid Feb, blocking-resistance roll-out
|
||||
M - Adequately stable Vidalia snapshot, or 0.1.0 release
|
||||
R - Write some text for it
|
||||
S - New Tor Browser Bundle with above Vidalia
|
||||
|
||||
- Late Feb, NGO in a box
|
||||
- Have 0.2.0 beta or rc out
|
||||
|
||||
- Mid Mar, upnp
|
||||
S - Pick a suitable-looking upnp library and begin integrating it
|
||||
|
||||
- Mid Apr
|
||||
- More Torbrowser work:
|
||||
o Get polipo into it
|
||||
? - Resolve branding issue
|
||||
o Make Torbrowser website
|
||||
R - Get it integrated into the Tor download pages
|
||||
S - Zip-splitting:
|
||||
- Document the use of 7-zip to combine fractional files and
|
||||
reconstruct them after download. Host such files.
|
||||
- If it's faster to research a self-extracting splitter
|
||||
and use it, with simpler documentation, that's obviously fine.
|
||||
S - Finish first cut at integrating upnp lib into Vidalia
|
||||
R - get the geoip files onto some bridge relays, and gather stats
|
||||
J - Translation portal
|
||||
- Vidalia translations
|
||||
- Vidalia installer translations
|
||||
- Torbutton translations
|
||||
- Centralized instructions for how to help translate
|
||||
- Continue managing the tor-translations team to keep the Tor
|
||||
website translated
|
||||
|
||||
- Mid May
|
||||
S - More TorBrowser work
|
||||
- Integrate pidgin and OTR
|
||||
- move portablefirefox nsi goo into vidalia as appropriate
|
||||
- Figure out (or give up on) how to run Tor Browser and ordinary
|
||||
Firefox side-by-side.
|
||||
|
||||
- mid June
|
||||
R - SRI stuff
|
||||
|
||||
- End of June
|
||||
S - More TorBrowser work
|
||||
- Firefox extension framework for Torbrowser build-time
|
||||
- Progress bar during startup, including some "timeout" events to
|
||||
indicate when Tor's unlikely to succeed at startup.
|
||||
R - Make Tor put out appropriate events
|
||||
- Let Vidalia notice them and change its appearance
|
||||
- Enumerate and analyze traces left when running from USB
|
||||
R - Finish tor-doc-bridge.wml
|
||||
- More bridgedb work:
|
||||
R - Get the dkimproxy patch in
|
||||
? - Brainstorm about safe but effective ways for vidalia to
|
||||
auto-update its user's bridges via Tor in the background.
|
||||
NR - Include "stable" bridge and "port 443" bridge and "adequately
|
||||
new version" bridge free in every specially marked
|
||||
box!^W^W^Woutput batch.
|
||||
N - Detect proxies and treat them as the same address
|
||||
- More back-end work:
|
||||
N - Investigate and start resolving (or declare unresolvable) the ram
|
||||
issue for relays. Investigate and document all of, and do at
|
||||
least one of:
|
||||
- better buffer approaches in Tor
|
||||
- better buffer approaches in openssl
|
||||
- shipping Tor with its own integrated allocator.
|
||||
N - Write a research proposal for how to safely collect and aggregate
|
||||
some GeoIP data from non-bridge entry nodes. Deploy that if we
|
||||
think it's safe enough, or produce a clear roadmap to getting it
|
||||
safe if we don't think it's ready yet.
|
||||
N - Additional TLS-camouflage work (spoofing FF cipher suite, etc.)
|
||||
- spoof the cipher suites
|
||||
- spoof the extensions list
|
||||
- red-team testing (a.k.a, look at a packet dump and compare),
|
||||
- investigate the feasibility of handing connections off to a
|
||||
local apache if they don't look like Tor or if they don't
|
||||
portknock or whatever.
|
||||
R - Get closer to downloading far fewer descriptors
|
||||
- Instrument the code to track how many descriptors we download vs how
|
||||
many times we extend a circuit.
|
||||
- Write a proposal for how to fetch far fewer descriptors; assess
|
||||
anonymity attacks, like from looking at the size of the
|
||||
descriptor you fetch.
|
||||
J - Translation portal
|
||||
- Torbutton webpage
|
||||
- Torbrowser webpage
|
||||
- Tor website
|
||||
- check.torproject.org
|
||||
|
||||
=======================================================================
|
||||
|
||||
For Tor 0.2.0.x-rc:
|
||||
R - Figure out the autoconf problem with adding a fallback consensus.
|
||||
R - add a geoip file
|
||||
W - figure out license
|
||||
R - let bridges set relaybandwidthrate as low as 5kb
|
||||
R - bug: if we launch using bridges, and then stop using bridges, we
|
||||
still have our bridges in our entryguards section, and may use them.
|
||||
. make it easier to set up a private tor network on your own computer
|
||||
is very hard.
|
||||
R . FAQ entry which is wrong
|
||||
o Make BEGIN_DIR mandatory for asking questions of bridge authorities?
|
||||
(but only for bridge descriptors. not for ordinary cache stuff.)
|
||||
o Implement connection_dir_is_encrypted().
|
||||
o set up a filter to not answer any bridge descriptors on a
|
||||
non-encrypted request
|
||||
o write a tor-gencert man page
|
||||
|
||||
N . geoip caching and publishing for bridges
|
||||
d Track consecutive time up, not time since last-forgotten IP.
|
||||
- Mention in dir-spec.txt
|
||||
- Mention in control-spec.txt
|
||||
D have normal relays report geoip stats too.
|
||||
D different thresholds for bridges than for normal relays.
|
||||
o bridge relays round geoip stats *up*, not down.
|
||||
R - bridge communities
|
||||
. spec
|
||||
. deploy
|
||||
- man page entries for Alternate*Authority config options
|
||||
|
||||
Things we'd like to do in 0.2.0.x:
|
||||
o if we notice a cached-status directory and we're not serving v2 dir
|
||||
info and it's old enough, delete it.
|
||||
o same with cached-routers*.
|
||||
N - document the "3/4 and 7/8" business in the clients fetching consensus
|
||||
documents timeline.
|
||||
R - then document the bridge user download timeline.
|
||||
|
||||
N - Before the feature freeze:
|
||||
- 105+TLS, if possible.
|
||||
. TLS backend work
|
||||
. Enable.
|
||||
- Test
|
||||
o Verify version negotiation on client
|
||||
o Verify version negotiation on server
|
||||
o Verify that client->server connection becomes open
|
||||
- Verify that server->server connection becomes open and
|
||||
authenticated.
|
||||
- Verify that initiator sends no cert in first stage of TLS
|
||||
handshake.
|
||||
- NETINFO fallout
|
||||
- Don't extend a circuit over a noncanonical connection with
|
||||
mismatched address.
|
||||
- Learn our outgoing IP address from netinfo cells?
|
||||
|
||||
- Bugs.
|
||||
- Bug reports Roger has heard along the way that don't have enough
|
||||
details/attention to solve them yet.
|
||||
- arma noticed that when his network went away and he tried
|
||||
a new guard node and the connect() syscall failed to it,
|
||||
the guard wasn't being marked as down. 0.2.0.x.
|
||||
- after being without network for 12 hours, arma's tor decided
|
||||
it couldn't fetch any network statuses, and never tried again
|
||||
even when the network came back and arma clicked on things.
|
||||
also 0.2.0.
|
||||
R - for above two, roger should turn them into flyspray entry.
|
||||
|
||||
- Proposals:
|
||||
o 101: Voting on the Tor Directory System (plus 103)
|
||||
N - Use if-modified-since on consensus download
|
||||
- Controller support
|
||||
D GETINFO to get consensus
|
||||
N - Event when new consensus arrives
|
||||
. 111: Prioritize local traffic over relayed.
|
||||
R - Merge into tor-spec.txt.
|
||||
|
||||
- Refactoring:
|
||||
. Make cells get buffered on circuit, not on the or_conn.
|
||||
. Switch to pool-allocation for cells?
|
||||
N - Benchmark pool-allocation vs straightforward malloc.
|
||||
N - Adjust memory allocation logic in pools to favor a little less
|
||||
slack memory.
|
||||
. Remove socketpair-based bridges conns, and the word "bridge". (Use
|
||||
shared (or connected) buffers for communication, rather than sockets.)
|
||||
. Implement
|
||||
N - Handle rate-limiting on directory writes to linked directory
|
||||
connections in a more sensible manner.
|
||||
Nick thinks he did this already?
|
||||
N - Find more ways to test this.
|
||||
(moria doesn't rate limit, so testing on moria not so good.)
|
||||
|
||||
- Documentation
|
||||
- HOWTO for DNSPort. See tup's wiki page.
|
||||
. Document transport and natdport in a good HOWTO.
|
||||
N - Quietly document NT Service options: revise (or create) FAQ entry
|
||||
|
||||
R - make sure you solved bug 556
|
||||
|
||||
P - Make documentation realize that location of system configuration file
|
||||
will depend on location of system defaults, and isn't always /etc/torrc.
|
||||
P - Figure out why dll's compiled in mingw don't work right in WinXP.
|
||||
P - create a "make win32-bundle" for vidalia-privoxy-tor-torbutton bundle
|
||||
|
||||
=======================================================================
|
||||
|
||||
Planned for 0.2.1.x:
|
||||
- Things that have been bugging Nick
|
||||
- Make better use of multi-core machines: Do AES crypto and
|
||||
compression in worker threads
|
||||
- Maybe use jemalloc from freebsd via firefox 3, once its windows
|
||||
and osx ports are more mature.
|
||||
- MMap the cached-descriptors.new file as well as the regular ones
|
||||
- Actually use SSL_shutdown to close our TLS connections.
|
||||
- Refactor the HTTP logic so the functions aren't so large.
|
||||
- Get a "use less buffer ram" patch into openssl.
|
||||
- Get IOCP patch into libevent
|
||||
- Use libevent's evdns code where applicable.
|
||||
- Refactor buf_read and buf_write to have sensible ways to return
|
||||
error codes after partial writes
|
||||
- Improve unit test coverage
|
||||
- Logging domains.
|
||||
|
||||
- bridge communities with local bridge authorities:
|
||||
- clients who have a password configured decide to ask their bridge
|
||||
authority for a networkstatus
|
||||
- be able to have bridges that aren't in your torrc. save them in
|
||||
state file, etc.
|
||||
- router_choose_random_node() has a big pile of args. make it "flags".
|
||||
- Consider if we can solve: the Tor client doesn't know what flags
|
||||
its bridge has (since it only gets the descriptor), so it can't
|
||||
make decisions based on Fast or Stable.
|
||||
- anonymity concern: since our is-consensus-fresh-enough check is
|
||||
sloppy so clients will actually work when a consensus wasn't formed,
|
||||
does that mean that if users are idle for 5 hours and then click on
|
||||
something, we will immediately use the old descriptors we've got,
|
||||
while we try fetching the newer descriptors?
|
||||
related to bug 401.
|
||||
. Finish path-spec.txt
|
||||
- More prominently, we should have a recommended apps list.
|
||||
- recommend pidgin (gaim is renamed)
|
||||
- unrecommend IE because of ftp:// bug.
|
||||
- we should add a preamble to tor-design saying it's out of date.
|
||||
- Refactor networkstatus generation:
|
||||
- Include "v" line in getinfo values.
|
||||
- config option __ControllerLimit that hangs up if there are a limit
|
||||
of controller connections already.
|
||||
- Features (other than bridges):
|
||||
- Audit how much RAM we're using for buffers and cell pools; try to
|
||||
trim down a lot.
|
||||
- Base relative control socket paths on datadir.
|
||||
- Make TrackHostExits expire TrackHostExitsExpire seconds after their
|
||||
*last* use, not their *first* use.
|
||||
P - Plan a switch to polipo. Perhaps we'll offer two http proxies in
|
||||
the future.
|
||||
P - Consider creating special Tor-Polipo-Vidalia test packages,
|
||||
requested by Dmitri Vitalev
|
||||
- Create packages for Nokia 800, requested by Chris Soghoian
|
||||
- mirror tor downloads on (via) tor dir caches
|
||||
. spec
|
||||
- deploy
|
||||
- interface for letting soat modify flags that authorities assign
|
||||
. spec
|
||||
- proposal 118 if feasible and obvious
|
||||
- Maintain a skew estimate and use ftime consistently.
|
||||
- Tor logs the libevent version on startup, for debugging purposes.
|
||||
This is great. But it does this before configuring the logs, so
|
||||
it only goes to stdout and is then lost.
|
||||
- Deprecations:
|
||||
- can we deprecate 'getinfo network-status'?
|
||||
- can we deprecate the FastFirstHopPK config option?
|
||||
- Bridges:
|
||||
. Bridges users (rudimentary version)
|
||||
. Ask all directory questions to bridge via BEGIN_DIR.
|
||||
- use the bridges for dir fetches even when our dirport is open.
|
||||
- drop 'authority' queries if they're to our own identity key; accept
|
||||
them otherwise.
|
||||
- give extend_info_t a router_purpose again
|
||||
d Limit to 2 dir, 2 OR, N SOCKS connections per IP.
|
||||
- Or maybe close connections from same IP when we get a lot from one.
|
||||
- Or maybe block IPs that connect too many times at once.
|
||||
- Do TLS connection rotation more often than "once a week" in the
|
||||
extra-stable case.
|
||||
- Streamline how we pick entry nodes: Make choose_random_entry() have
|
||||
less magic and less control logic.
|
||||
- when somebody uses the controlport as an http proxy, give them
|
||||
a "tor isn't an http proxy" error too like we do for the socks port.
|
||||
- we try to build 4 test circuits to break them over different
|
||||
servers. but sometimes our entry node is the same for multiple
|
||||
test circuits. this defeats the point.
|
||||
- enforce a lower limit on MaxCircuitDirtiness and CircuitBuildTimeout.
|
||||
- configurable timestamp granularity. defaults to 'seconds'.
|
||||
- consider making 'safelogging' extend to info-level logs too.
|
||||
- we should consider a single config option TorPrivateNetwork that
|
||||
turns on all the config options for running a private test tor
|
||||
network. having to keep updating all the tools, and the docs,
|
||||
just isn't working.
|
||||
- consider whether a single Guard flag lets us distinguish between
|
||||
"was good enough to be a guard when we picked it" and "is still
|
||||
adequate to be used as a guard even after we've picked it". We should
|
||||
write a real proposal for this.
|
||||
- switch out privoxy in the bundles and replace it with polipo.
|
||||
- make the new tls handshake blocking-resistant.
|
||||
- figure out some way to collect feedback about what countries are using
|
||||
bridges, in a way that doesn't screw anonymity too much.
|
||||
- let tor dir mirrors proxy connections to the tor download site, so
|
||||
if you know a bridge you can fetch the tor software.
|
||||
- more strategies for distributing bridge addresses in a way that
|
||||
doesn't rely on knowing somebody who runs a bridge for you.
|
||||
- A way to adjust router status flags from the controller. (How do we
|
||||
prevent the authority from clobbering them soon afterward?)
|
||||
- Bridge authorities should do reachability testing but only on the
|
||||
purpose==bridge descriptors they have.
|
||||
- Clients should estimate their skew as median of skew from servers
|
||||
over last N seconds.
|
||||
- Investigate RAM use in Tor servers.
|
||||
- Start on the WSAENOBUFS solution.
|
||||
- Start on Windows auto-update for Tor
|
||||
|
||||
Deferred from 0.2.0.x:
|
||||
- Proposals
|
||||
- 113: Simplifying directory authority administration
|
||||
- 110: prevent infinite-length circuits (phase one)
|
||||
- 118: Listen on and advertise multiple ports:
|
||||
- Tor should be able to have a pool of outgoing IP addresses that it is
|
||||
able to rotate through. (maybe. Possible overlap with proposal 118.)
|
||||
- config option to publish what ports you listen on, beyond
|
||||
ORPort/DirPort. It should support ranges and bit prefixes (?) too.
|
||||
(This is very similar to proposal 118.)
|
||||
- 117: IPv6 Exits
|
||||
- Internal code support for ipv6:
|
||||
o Clone ipv6 functions (inet_ntop, inet_pton) where they don't exist.
|
||||
- Most address variables need to become tor_addr_t
|
||||
- Teach resolving code how to handle ipv6.
|
||||
- Teach exit policies about ipv6 (consider ipv4/ipv6 interaction!)
|
||||
- Features
|
||||
- Let controller set router flags for authority to transmit, and for
|
||||
client to use.
|
||||
- add an 'exit-address' line in the descriptor for servers that exit
|
||||
from something that isn't their published address.
|
||||
- More work on AvoidDiskWrites?
|
||||
- Features
|
||||
- Make a TCP DNSPort
|
||||
- Protocol work
|
||||
- MAYBE kill stalled circuits rather than stalled connections. This is
|
||||
possible thanks to cell queues, but we need to consider the anonymity
|
||||
implications.
|
||||
- Implement TLS shutdown properly when possible.
|
||||
- Bugs
|
||||
- If the client's clock is too far in the past, it will drop (or just not
|
||||
try to get) descriptors, so it'll never build circuits.
|
||||
- Refactoring
|
||||
- Make resolves no longer use edge_connection_t unless they are actually
|
||||
_on_ a socks connection: have edge_connection_t and (say)
|
||||
dns_request_t both extend an edge_stream_t, and have p_streams and
|
||||
n_streams both be linked lists of edge_stream_t.
|
||||
- Generate torrc.{complete|sample}.in, tor.1.in, the HTML manual, and the
|
||||
online config documentation from a single source.
|
||||
- Move all status info out of routerinfo into local_routerstatus. Make
|
||||
"who can change what" in local_routerstatus explicit. Make
|
||||
local_routerstatus (or equivalent) subsume all places to go for "what
|
||||
router is this?"
|
||||
- Blocking/scanning-resistance
|
||||
- It would be potentially helpful to respond to https requests on
|
||||
the OR port by acting like an HTTPS server.
|
||||
- Do we want to maintain our own set of entryguards that we use as
|
||||
next hop after the bridge? Open research question; let's say no
|
||||
for 0.2.0 unless we learn otherwise.
|
||||
- Some mechanism for specifying that we want to stop using a cached
|
||||
bridge.
|
||||
- Build:
|
||||
- Detect correct version of libraries from autoconf script.
|
||||
|
||||
=======================================================================
|
||||
|
||||
Future versions:
|
||||
- deprecate router_digest_is_trusted_dir() in favor of
|
||||
router_get_trusteddirserver_by_digest()
|
||||
|
||||
- See also Flyspray tasks.
|
||||
- See also all OPEN/ACCEPTED proposals.
|
||||
- See also all items marked XXXX and FFFF in the code.
|
||||
|
||||
- Protocol:
|
||||
- Our current approach to block attempts to use Tor as a single-hop proxy
|
||||
is pretty lame; we should get a better one.
|
||||
- Allow small cells and large cells on the same network?
|
||||
- Cell buffering and resending. This will allow us to handle broken
|
||||
circuits as long as the endpoints don't break, plus will allow
|
||||
connection (tls session key) rotation.
|
||||
- Implement Morphmix, so we can compare its behavior, complexity,
|
||||
etc. But see paper breaking morphmix.
|
||||
- Other transport. HTTP, udp, rdp, airhook, etc. May have to do our own
|
||||
link crypto, unless we can bully DTLS into it.
|
||||
- Need a relay teardown cell, separate from one-way ends.
|
||||
(Pending a user who needs this)
|
||||
- Handle half-open connections: right now we don't support all TCP
|
||||
streams, at least according to the protocol. But we handle all that
|
||||
we've seen in the wild.
|
||||
(Pending a user who needs this)
|
||||
|
||||
- Directory system
|
||||
- BEGIN_DIR items
|
||||
X turn the received socks addr:port into a digest for setting .exit
|
||||
- handle connect-dir streams that don't have a chosen_exit_name set.
|
||||
- Have a "Faster" status flag that means it. Fast2, Fast4, Fast8?
|
||||
- Add an option (related to AvoidDiskWrites) to disable directory
|
||||
caching. (Is this actually a good idea??)
|
||||
- Add d64 and fp64 along-side d and fp so people can paste status
|
||||
entries into a url. since + is a valid base64 char, only allow one
|
||||
at a time. Consider adding to controller as well.
|
||||
- Some back-out mechanism for auto-approval on authorities
|
||||
- a way of rolling back approvals to before a timestamp
|
||||
- Consider minion-like fingerprint file/log combination.
|
||||
- Have new people be in limbo and need to demonstrate usefulness
|
||||
before we approve them.
|
||||
|
||||
- Hidden services:
|
||||
- Standby/hotswap/redundant hidden services.
|
||||
. Update the hidden service stuff for the new dir approach. (Much
|
||||
of this will be superseded by 114.)
|
||||
- switch to an ascii format, maybe sexpr?
|
||||
- authdirservers publish blobs of them.
|
||||
- other authdirservers fetch these blobs.
|
||||
- hidserv people have the option of not uploading their blobs.
|
||||
- you can insert a blob via the controller.
|
||||
- and there's some amount of backwards compatibility.
|
||||
- teach clients, intro points, and hidservs about auth mechanisms.
|
||||
- come up with a few more auth mechanisms.
|
||||
- auth mechanisms to let hidden service midpoint and responder filter
|
||||
connection requests.
|
||||
- Let each hidden service (or other thing) specify its own
|
||||
OutboundBindAddress?
|
||||
- Hidserv offerers shouldn't need to define a SocksPort
|
||||
|
||||
- Server operation
|
||||
X When we notice a 'Rejected: There is already a named server with
|
||||
this nickname' message... or maybe instead when we see in the
|
||||
networkstatuses that somebody else is Named with the name we
|
||||
want: warn the user, send a STATUS_SERVER message, and fall back
|
||||
to unnamed.
|
||||
- If the server is spewing complaints about raising your ulimit -n,
|
||||
we should add a note about this to the server descriptor so other
|
||||
people can notice too.
|
||||
- When we hit a funny error from a dir request (eg 403 forbidden),
|
||||
but tor is working and happy otherwise, and we haven't seen many
|
||||
such errors recently, then don't warn about it.
|
||||
|
||||
- Controller
|
||||
- Implement missing status events and accompanying getinfos
|
||||
- DIR_REACHABLE
|
||||
- BAD_DIR_RESPONSE (Unexpected directory response; maybe we're behind
|
||||
a firewall.)
|
||||
- BAD_PROXY (Bad http or https proxy)
|
||||
- UNRECOGNIZED_ROUTER (a nickname we asked for is unavailable)
|
||||
- Status events related to hibernation
|
||||
- something about failing to parse our address?
|
||||
from resolve_my_address() in config.c
|
||||
- sketchy OS, sketchy threading
|
||||
- too many onions queued: threading problems or slow CPU?
|
||||
- Implement missing status event fields:
|
||||
- TIMEOUT on CHECKING_REACHABILITY
|
||||
- GETINFO status/client, status/server, status/general: There should be
|
||||
some way to learn which status events are currently "in effect."
|
||||
We should specify which these are, what format they appear in, and so
|
||||
on.
|
||||
- More information in events:
|
||||
- Include bandwidth breakdown by conn->type in BW events.
|
||||
- Change circuit status events to give more details, like purpose,
|
||||
whether they're internal, when they become dirty, when they become
|
||||
too dirty for further circuits, etc.
|
||||
- Change stream status events analogously.
|
||||
- Expose more information via getinfo:
|
||||
- import and export rendezvous descriptors
|
||||
- Review all static fields for additional candidates
|
||||
- Allow EXTENDCIRCUIT to unknown server.
|
||||
- We need some way to adjust server status, and to tell tor not to
|
||||
download directories/network-status, and a way to force a download.
|
||||
- Make everything work with hidden services
|
||||
|
||||
- Performance/resources
|
||||
- per-conn write buckets
|
||||
- separate config options for read vs write limiting
|
||||
(It's hard to support read > write, since we need better
|
||||
congestion control to avoid overfull buffers there. So,
|
||||
defer the whole thing.)
|
||||
- Look into pulling serverdescs off buffers as they arrive.
|
||||
- Rate limit exit connections to a given destination -- this helps
|
||||
us play nice with websites when Tor users want to crawl them; it
|
||||
also introduces DoS opportunities.
|
||||
- Consider truncating rather than destroying failed circuits,
|
||||
in order to save the effort of restarting. There are security
|
||||
issues here that need thinking, though.
|
||||
- Handle full buffers without totally borking
|
||||
- Rate-limit OR and directory connections overall and per-IP and
|
||||
maybe per subnet.
|
||||
|
||||
- Misc
|
||||
- Hold-open-until-flushed now works by accident; it should work by
|
||||
design.
|
||||
- Display the reasons in 'destroy' and 'truncated' cells under
|
||||
some circumstances?
|
||||
- Make router_is_general_exit() a bit smarter once we're sure what
|
||||
it's for.
|
||||
- Automatically determine what ports are reachable and start using
|
||||
those, if circuits aren't working and it's a pattern we
|
||||
recognize ("port 443 worked once and port 9001 keeps not
|
||||
working").
|
||||
|
||||
- Security
|
||||
- some better fix for bug #516?
|
||||
- don't do dns hijacking tests if we're reject *:* exit policy?
|
||||
(deferred until 0.1.1.x is less common)
|
||||
- Directory guards
|
||||
- Mini-SoaT:
|
||||
- Servers might check certs for known-good ssl websites, and if
|
||||
they come back self-signed, declare themselves to be
|
||||
non-exits. Similar to how we test for broken/evil dns now.
|
||||
- Authorities should try using exits for http to connect to some
|
||||
URLS (specified in a configuration file, so as not to make the
|
||||
List Of Things Not To Censor completely obvious) and ask them
|
||||
for results. Exits that don't give good answers should have
|
||||
the BadExit flag set.
|
||||
- Alternatively, authorities should be able to import opinions
|
||||
from Snakes on a Tor.
|
||||
- More consistent error checking in router_parse_entry_from_string().
|
||||
I can say "banana" as my bandwidthcapacity, and it won't even squeak.
|
||||
- Bind to random port when making outgoing connections to Tor servers,
|
||||
to reduce remote sniping attacks.
|
||||
- Audit everything to make sure rend and intro points are just as
|
||||
likely to be us as not.
|
||||
- Do something to prevent spurious EXTEND cells from making
|
||||
middleman nodes connect all over. Rate-limit failed
|
||||
connections, perhaps?
|
||||
- DoS protection: TLS puzzles, public key ops, bandwidth exhaustion.
|
||||
|
||||
- Needs thinking
|
||||
- Now that we're avoiding exits when picking non-exit positions,
|
||||
we need to consider how to pick nodes for internal circuits. If
|
||||
we avoid exits for all positions, we skew the load balancing. If
|
||||
we accept exits for all positions, we leak whether it's an
|
||||
internal circuit at every step. If we accept exits only at the
|
||||
last hop, we reintroduce Lasse's attacks from the Oakland paper.
|
||||
|
||||
- Windows server usability
|
||||
- Solve the ENOBUFS problem.
|
||||
- make tor's use of openssl operate on buffers rather than sockets,
|
||||
so we can make use of libevent's buffer paradigm once it has one.
|
||||
- make tor's use of libevent tolerate either the socket or the
|
||||
buffer paradigm; includes unifying the functions in connect.c.
|
||||
- We need a getrlimit equivalent on Windows so we can reserve some
|
||||
file descriptors for saving files, etc. Otherwise we'll trigger
|
||||
asserts when we're out of file descriptors and crash.
|
||||
- Merge code from Urz into libevent
|
||||
- Make Tor use evbuffers.
|
||||
|
||||
- Documentation
|
||||
- a way to generate the website diagrams from source, so we can
|
||||
translate them as utf-8 text rather than with gimp. (svg? or
|
||||
imagemagick?)
|
||||
. Flesh out options_description array in src/or/config.c
|
||||
. multiple sample torrc files
|
||||
. figure out how to make nt service stuff work?
|
||||
. Document it.
|
||||
- Refactor tor man page to divide generally useful options from
|
||||
less useful ones?
|
||||
- Add a doxygen style checker to make check-spaces so nick doesn't drift
|
||||
too far from arma's undocumented styleguide. Also, document that
|
||||
styleguide in HACKING. (See r9634 for example.)
|
||||
- exactly one space at beginning and at end of comments, except i
|
||||
guess when there's line-length pressure.
|
||||
- if we refer to a function name, put a () after it.
|
||||
- only write <b>foo</b> when foo is an argument to this function.
|
||||
- doxygen comments must always end in some form of punctuation.
|
||||
- capitalize the first sentence in the doxygen comment, except
|
||||
when you shouldn't.
|
||||
- avoid spelling errors and incorrect comments. ;)
|
||||
|
||||
- Packaging
|
||||
- The Debian package now uses --verify-config when (re)starting,
|
||||
to distinguish configuration errors from other errors. Perhaps
|
||||
the RPM and other startup scripts should too?
|
||||
- add a "default.action" file to the tor/vidalia bundle so we can
|
||||
fix the https thing in the default configuration:
|
||||
http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#PrivoxyWeirdSSLPort
|
||||
|
||||
- Related tools
|
||||
- Patch privoxy and socks protocol to pass strings to the browser.
|
||||
|
||||
=======================================================================
|
||||
|
||||
Documentation, non-version-specific.
|
||||
- Specs
|
||||
- Mark up spec; note unclear points about servers
|
||||
NR - write a spec appendix for 'being nice with tor'
|
||||
- Specify the keys and key rotation schedules and stuff
|
||||
- Mention controller libs someplace.
|
||||
- Remove need for HACKING file.
|
||||
- document http://wiki.noreply.org/noreply/TheOnionRouter/TransparentProxy on freebsd and osx
|
||||
P - figure out why x86_64 won't build rpms from tor.spec
|
||||
P - figure out spec files for bundles of vidalia-tor-polipo
|
||||
P - figure out polipo install scripts for bundles of vidalia-tor-polipo on osx, win32
|
||||
- figure out selinux policy for tor
|
||||
P - change packaging system to more automated and specific for each
|
||||
platform, suggested by Paul Wouter
|
||||
P - Setup repos for redhat and suse rpms & start signing the rpms the
|
||||
way package management apps prefer
|
||||
|
||||
Website:
|
||||
J - tor-in-the-media page
|
||||
P - Figure out licenses for website material.
|
||||
(Phobos reccomends the Open Publication License with Option A at
|
||||
http://opencontent.org/openpub/)
|
||||
P - put the logo on the website, in source form, so people can put it on
|
||||
stickers directly, etc.
|
||||
P - put the source image for the stickers on the website, so people can
|
||||
print their own
|
||||
P - figure out a license for the logos and docs we publish (trademark
|
||||
figures into this)
|
||||
(Phobos reccomends the Open Publication License with Option A at
|
||||
http://opencontent.org/openpub/)
|
||||
R - make a page with the hidden service diagrams.
|
||||
P - ask Jan/Jens to be the translation coordinator? add to volunteer page.
|
||||
- add a page for localizing all tor's components.
|
||||
- It would be neat if we had a single place that described _all_ the
|
||||
tor-related tools you can use, and what they give you, and how well they
|
||||
work. Right now, we don't give a lot of guidance wrt
|
||||
torbutton/foxproxy/privoxy/polipo in any consistent place.
|
||||
P - create a 'blog badge' for tor fans to link to and feature on their
|
||||
blogs. A sample can be found at http://interloper.org/tmp/tor/tor-button.png
|
||||
|
||||
- Tor mirrors
|
||||
- make a mailing list with the mirror operators
|
||||
- make an automated tool to check /project/trace/ at mirrors to
|
||||
learn which ones are lagging behind.
|
||||
- auto (or manually) cull the mirrors that are broken; and
|
||||
contact their operator?
|
||||
- a set of instructions for mirror operators to make their apaches
|
||||
serve our charsets correctly, and bonus points for language
|
||||
negotiation.
|
||||
- figure out how to load-balance the downloads across mirrors?
|
||||
- ponder how to get users to learn that they should google for
|
||||
"tor mirrors" if the main site is blocked.
|
||||
- find a mirror volunteer to coordinate all of this
|
||||
|
||||
Blog todo:
|
||||
- Link to the blog from the main Tor website
|
||||
This file is obsolete. Go look at the one in trunk, e.g.
|
||||
https://www.torproject.org/svn/trunk/doc/TODO
|
||||
|
||||
|
|
|
@ -0,0 +1,25 @@
|
|||
|
||||
(Remember to include both the revision number _AND_ an abbreviated
|
||||
description of the patch.)
|
||||
|
||||
Backport for 0.2.0:
|
||||
o r19291, r19292, r19295, r19296: Dir mirrors tell relays their actual
|
||||
IP address, not just the address listed in the directory currently.
|
||||
|
||||
Backport for 0.2.0 once better tested:
|
||||
- r17208,r17209,r7211,r17212,r17214: Avoid gotterdammerung when an
|
||||
authority has an expired certificate.
|
||||
- r17886: Don't remove routerinfos as unlisted unless we have a
|
||||
consensus.
|
||||
- r17924: Close streams when an exit hands us a local IP.
|
||||
- r18667: Drop BEGIN cells from wrong circuit hop.
|
||||
- r18743: Fix alignment-related crash on Sparc.
|
||||
- r18809: Build correctly from outside the main source tree.
|
||||
|
||||
Backport for 0.2.0, maybe:
|
||||
d r17945: bridges always fail dirport reachability tests. i think
|
||||
it's cosmetic, so no need to backport.
|
||||
d r18668: Drop duplicate extend cells to same circuit ID; prevent mem leak.
|
||||
d r18210: Call crypto_global_init() with hardwareaccel flag set right in
|
||||
all cases.
|
||||
|
|
@ -984,6 +984,7 @@ $Id$
|
|||
"650" SP "STREAM" SP StreamID SP StreamStatus SP CircID SP Target
|
||||
[SP "REASON=" Reason [ SP "REMOTE_REASON=" Reason ]]
|
||||
[SP "SOURCE=" Source] [ SP "SOURCE_ADDR=" Address ":" Port ]
|
||||
[SP "PURPOSE=" Purpose]
|
||||
CRLF
|
||||
|
||||
StreamStatus =
|
||||
|
@ -1033,6 +1034,13 @@ $Id$
|
|||
that requested the connection, and can be (e.g.) used to look up the
|
||||
requesting program.
|
||||
|
||||
Purpose = "DIR_FETCH" / "UPLOAD_DESC" / "DNS_REQUEST" /
|
||||
"USER" / "DIRPORT_TEST"
|
||||
|
||||
The "PURPOSE" field is provided only for NEW and NEWRESOLVE events, and
|
||||
only if extended events are enabled (see 3.19). Clients MUST accept
|
||||
purposes not listed above.
|
||||
|
||||
4.1.3. OR Connection status changed
|
||||
|
||||
The syntax is:
|
||||
|
|
|
@ -42,7 +42,7 @@ Status: Finished
|
|||
can supply their bridge users with cached copies of all the various
|
||||
Tor network information.
|
||||
|
||||
As for Tor 0.2.0.13-alpha, bridges will answer begin_dir questions
|
||||
As of Tor 0.2.0.13-alpha, bridges will answer begin_dir questions
|
||||
(and cache dir info they see so the answers will be more useful)
|
||||
whether their DirPort is enabled or not. (After all, we don't care if
|
||||
they have an open or reachable DirPort to answer begin_dir questions.)
|
||||
|
|
|
@ -7,40 +7,31 @@ OSX builds of tor.
|
|||
Summary:
|
||||
1) Compile and install a static version of the latest release of
|
||||
libevent.
|
||||
2) Acquire privoxyosx_setup_3.0.6.zip.
|
||||
http://downloads.sourceforge.net/ijbswa/privoxyosx_setup_3.0.6.zip?modtime=1164104652&big_mirror=0
|
||||
Remember where you put this file.
|
||||
3) Acquire torbutton xpi and license file.
|
||||
4) Acquire and install your preferred version of tor. Extract.
|
||||
5) Update some variables in contrib/osx/package.sh
|
||||
6) "make dist-osx"
|
||||
7) You now have a dmg from which you can install Tor, Privoxy, and the
|
||||
Torbutton extension for Firefox.
|
||||
2) Acquire and install your preferred version of tor. Extract.
|
||||
3) "make dist-osx"
|
||||
4) You now have a dmg from which you can install Tor.
|
||||
|
||||
## Universal Binaries for OSX PPC and X86
|
||||
## This method works in OSX 10.4 (Tiger) and 10.5 (Leopard) only.
|
||||
## This method works in OSX 10.4 (Tiger) and newer OSX versions.
|
||||
## See far below if you don't care about cross compiling for PPC and X86.
|
||||
## The single architecture process starts with "###"
|
||||
|
||||
1) Install XCode 2.4.1 updates available from http://developer.apple.com.
|
||||
1) Install the latest XCode updates available from http://developer.apple.com.
|
||||
|
||||
## Compiling libevent
|
||||
|
||||
2) Download latest libevent from
|
||||
2) Download latest stable libevent from
|
||||
http://www.monkey.org/~provos/libevent/
|
||||
|
||||
3) The first step of compiling libevent is to configure it as
|
||||
follows:
|
||||
CFLAGS="-O -g -isysroot /Developer/SDKs/MacOSX10.4u.sdk -arch i386 -arch ppc" \
|
||||
CFLAGS="-O -g -mmacosx-version-min=10.4 -isysroot /Developer/SDKs/MacOSX10.4u.sdk -arch i386 -arch ppc" \
|
||||
LDFLAGS="-Wl,-syslibroot,/Developer/SDKs/MacOSX10.4u.sdk" \
|
||||
./configure --enable-static --disable-shared --disable-dependency-tracking
|
||||
|
||||
3) Complete the "make" and "make install". You will need to be root,
|
||||
4) Complete the "make" and "make install". You will need to be root,
|
||||
or sudo -s, to complete the "make install".
|
||||
|
||||
4) If you have previouslly installed libevent, rm the old libevent.*, located
|
||||
by default, in /usr/local/lib/.
|
||||
|
||||
5) Check for a successful universal binary of libevent.a in, by default,
|
||||
/usr/local/lib by using the following command:
|
||||
"file /usr/local/lib/libevent.a"
|
||||
|
@ -50,59 +41,36 @@ by default, in /usr/local/lib/.
|
|||
/usr/local/lib/libevent.a (for architecture i386): current ar archive random library
|
||||
/usr/local/lib/libevent.a (for architecture ppc): current ar archive
|
||||
|
||||
## Acquiring privoxy
|
||||
|
||||
6) Download osx privoxy source from
|
||||
http://downloads.sourceforge.net/ijbswa/privoxyosx_setup_3.0.6.zip?modtime=1164104652&big_mirror=0
|
||||
|
||||
7) Place the privoxyosx_setup_3.0.6.zip in a location of your choice.
|
||||
Remember this location.
|
||||
|
||||
8) Get your preferred version of Torbutton from https://torbutton.torproject.org.
|
||||
Place into a location of your choosing, remember this location.
|
||||
|
||||
9) Get the torbutton LICENSE file from https://torbutton.torproject.org.
|
||||
Place into a location of your choosing, remember this location.
|
||||
|
||||
10) Get your preferred version of the tor source from https://www.torproject.org/download.
|
||||
6) Get your preferred version of the tor source from https://www.torproject.org/download.
|
||||
Extract the tarball.
|
||||
|
||||
11) Update three variables in contrib/osx/package.sh:
|
||||
PRIVOXY_PKG_ZIP=~/tmp/privoxyosx_setup_3.0.6.zip
|
||||
TORBUTTON_PATH=~/tmp/torbutton-1.1.14-alpha.xpi
|
||||
TORBUTTON_LIC_PATH=~/tmp/LICENSE
|
||||
|
||||
Make sure the paths are correct. The build will fail if they are not.
|
||||
|
||||
12) In the top level, this means /path/to/tor/, not tor/contrib/osx,
|
||||
7) In the top level, this means /path/to/tor/, not tor/contrib/osx,
|
||||
do a configure with these parameters:
|
||||
CFLAGS="-O -g -isysroot /Developer/SDKs/MacOSX10.4u.sdk -arch i386 -arch ppc" \
|
||||
CFLAGS="-O -g -mmacosx-version-min=10.4 -isysroot /Developer/SDKs/MacOSX10.4u.sdk -arch i386 -arch ppc" \
|
||||
LDFLAGS="-Wl,-syslibroot,/Developer/SDKs/MacOSX10.4u.sdk" \
|
||||
CONFDIR=/Library/Tor \
|
||||
./configure --prefix=/Library/Tor --bindir=/Library/Tor \
|
||||
--sysconfdir=/Library --disable-dependency-tracking
|
||||
|
||||
13) "make dist-osx"
|
||||
8) "make dist-osx"
|
||||
|
||||
14) Confirm you have created a universal binary by issuing the follow command:
|
||||
9) Confirm you have created a universal binary by issuing the follow command:
|
||||
"file src/or/tor". Its output should be as follows:
|
||||
src/or/tor: Mach-O fat file with 2 architectures
|
||||
src/or/tor (for architecture i386): Mach-O executable i386
|
||||
src/or/tor (for architecture ppc): Mach-O executable ppc
|
||||
|
||||
15) There should exist in the top-level directory a
|
||||
Tor-$VERSION-universal-$OS-Bundle.dmg
|
||||
|
||||
16) Congrats. You have a universal binary. You are now ready to install Tor,
|
||||
Privoxy, and the Torbutton extension for Firefox.
|
||||
10) There should exist in the top-level directory a
|
||||
Tor-$VERSION-universal-Bundle.dmg
|
||||
|
||||
11) Congrats. You have a universal binary. You are now ready to install Tor.
|
||||
|
||||
### Single Architecture Binaries for PPC or X86, not both.
|
||||
### This method works in all versions of OSX 10.1 through 10.5
|
||||
### This method works in all versions of OSX 10.3 through 10.5
|
||||
|
||||
### Compiling libevent
|
||||
|
||||
1) Download the latest libevent from
|
||||
1) Download the latest stable libevent from
|
||||
http://www.monkey.org/~provos/libevent/
|
||||
|
||||
2) The first step of compiling libevent is to configure it as
|
||||
|
@ -112,36 +80,11 @@ follows:
|
|||
3) Complete the "make" and "make install". You will need to be root,
|
||||
or sudo -s, to complete the "make install".
|
||||
|
||||
4) If you have previouslly installed libevent, go rm the old libevent.so*
|
||||
files so the linker doesn't get suckered into using them.
|
||||
|
||||
### Acquiring privoxy
|
||||
|
||||
1) Download osx privoxy source from
|
||||
http://downloads.sourceforge.net/ijbswa/privoxyosx_setup_3.0.6.zip?modtime=1164104652&big_mirror=0
|
||||
|
||||
2) Place the privoxyosx_setup_3.0.6.zip in a location of your choice.
|
||||
Remember this location.
|
||||
|
||||
### Compiling Tor
|
||||
|
||||
1) Get your preferred version of Torbutton from
|
||||
https://torbutton.torproject.org.
|
||||
Place into a location of your choosing, remember this location.
|
||||
|
||||
2) Get the torbutton LICENSE file from https://torbutton.torproject.org.
|
||||
Place into a location of your choosing, remember this location.
|
||||
|
||||
3) Get your preferred version of the tor source from https://www.torproject.org. Extract the
|
||||
4) Get your preferred version of the tor source from https://www.torproject.org. Extract the
|
||||
tarball.
|
||||
|
||||
4) Update three variables in contrib/osx/package.sh:
|
||||
PRIVOXY_PKG_ZIP=~/tmp/privoxyosx_setup_3.0.6.zip
|
||||
TORBUTTON_PATH=~/tmp/torbutton-1.1.14-alpha.xpi
|
||||
TORBUTTON_LIC_PATH=~/tmp/LICENSE
|
||||
|
||||
Make sure the paths are correct. The build will fail if they are not.
|
||||
|
||||
5) In the top level, this means /path/to/tor/, not tor/contrib/osx,
|
||||
do a configure with these parameters:
|
||||
CONFDIR=/Library/Tor ./configure --prefix=/Library/Tor \
|
||||
|
|
|
@ -1,14 +1,17 @@
|
|||
## Instructions for building the official rpms.
|
||||
##
|
||||
These are instructions for building Tor binaries in the rpm format on
|
||||
various cpu architectures and operating systems. Each rpm will require
|
||||
glibc on the target system. It is believed that any rpm-based linux
|
||||
distribution should have semi-current glibc installed by default.
|
||||
If you run into a distribution that does not work with glibc, or does
|
||||
not contain it, please let us know the details.
|
||||
##
|
||||
The process used to create the official rpms is as follows:
|
||||
|
||||
These are the exact steps used to build the official rpms of Tor.
|
||||
Download and Extract the latest tor source code from https://www.torproject.org/.
|
||||
In the resulting directory:
|
||||
./configure
|
||||
make dist-rpm
|
||||
|
||||
You should have at least two, maybe three, rpms. There should be the binary
|
||||
i386.rpm, a src.rpm, and on redhat/centos machines, a debuginfo.rpm.
|
||||
|
||||
## Optional customization
|
||||
##
|
||||
If you wish to further tune Tor binaries in rpm format beyond this list,
|
||||
see the GCC doc page for further options:
|
||||
http://gcc.gnu.org/onlinedocs/gcc-4.0.2/gcc/
|
||||
|
@ -54,13 +57,5 @@ This parameter controls the target operating system. Normally, this is
|
|||
only "linux". If you wish to build rpms for a non-linux operating
|
||||
system, you can replace "linux" with your operating system.
|
||||
|
||||
The process used to create the distributed rpms is as follows:
|
||||
|
||||
Download and Extract the latest tor source code from https://www.torproject.org/.
|
||||
In the Tor directory:
|
||||
./configure
|
||||
make dist-rpm
|
||||
|
||||
You should have at least two, maybe three, rpms. There should be the binary
|
||||
i386.rpm, a src.rpm, and on redhat/centos machines, a debuginfo.rpm.
|
||||
|
||||
|
|
|
@ -5,7 +5,7 @@ Stage One: Download and Install MinGW.
|
|||
---------------------------------------
|
||||
|
||||
Download mingw:
|
||||
http://prdownloads.sf.net/mingw/MinGW-5.1.3.exe?download
|
||||
http://prdownloads.sf.net/mingw/MinGW-5.1.4.exe?download
|
||||
|
||||
Download msys:
|
||||
http://prdownloads.sf.net/mingw/MSYS-1.0.10.exe?download
|
||||
|
@ -27,15 +27,17 @@ Stage Two: Download, extract, compile openssl
|
|||
----------------------------------------------
|
||||
|
||||
Download openssl:
|
||||
http://www.openssl.org/source/openssl-0.9.8g.tar.gz
|
||||
http://www.openssl.org/source/openssl-0.9.8k.tar.gz
|
||||
|
||||
Extract openssl:
|
||||
Copy the openssl tarball into the "tor-mingw" directory.
|
||||
Type "cd tor-mingw/"
|
||||
Type "tar zxf openssl-0.9.8g.tar.gz"
|
||||
Type "tar zxf openssl-0.9.8k.tar.gz"
|
||||
(Note: There are many symlink errors because Windows doesn't support
|
||||
symlinks. You can ignore these errors.)
|
||||
|
||||
Make openssl libraries:
|
||||
Type "cd tor-mingw/openssl-0.9.8g/"
|
||||
Type "cd tor-mingw/openssl-0.9.8k/"
|
||||
Type "./Configure -no-idea -no-rc5 -no-mdc2 mingw"
|
||||
Edit Makefile and remove the "test:" and "tests:" sections.
|
||||
Type "rm -rf ./test"
|
||||
|
@ -45,12 +47,14 @@ Type "cd ../ssl/"
|
|||
Type "find ./ -name "*.h" -exec cp {} ../include/openssl/ \;"
|
||||
Type "cd .."
|
||||
Type "cp *.h include/openssl/"
|
||||
Type "cp fips/fips.h include/openssl/"
|
||||
# The next steps can take up to 30 minutes to complete.
|
||||
Type "make"
|
||||
Type "make install"
|
||||
|
||||
Alternatively:
|
||||
Download the pre-compiled openssl for win32.
|
||||
Download the pre-compiled openssl for win32 from
|
||||
http://gnuwin32.sourceforge.net/packages/openssl.htm
|
||||
Install and proceed.
|
||||
|
||||
|
||||
|
@ -83,10 +87,10 @@ Type "make -f win32/Makefile.gcc"
|
|||
Done.
|
||||
|
||||
|
||||
Stage Four: Download, extract, and compile libevent-1.3e
|
||||
Stage Four: Download, extract, and compile libevent
|
||||
------------------------------------------------------
|
||||
|
||||
Download the libevent 1.3e release:
|
||||
Download the latest libevent release:
|
||||
http://www.monkey.org/~provos/libevent/
|
||||
|
||||
Copy the libevent tarball into the "tor-mingw" directory.
|
||||
|
@ -101,7 +105,7 @@ Type "make install"
|
|||
Stage Five: Build Tor
|
||||
----------------------
|
||||
|
||||
Download the current Tor alpha release from https://www.torproject.org/download.html.
|
||||
Download the current Tor alpha release source code from https://torproject.org/download.html.
|
||||
Copy the Tor tarball into the "tor-mingw" directory.
|
||||
Extract Tor:
|
||||
Type "tar zxf latest-tor-alpha.tar.gz"
|
||||
|
|
102
doc/tor.1.in
102
doc/tor.1.in
|
@ -87,8 +87,8 @@ server without impacting network performance.
|
|||
If defined, a separate token bucket limits the average incoming bandwidth
|
||||
usage for _relayed traffic_ on this node to the specified number of
|
||||
bytes per second, and the average outgoing bandwidth usage to that same
|
||||
value. Relayed traffic is currently defined as answers to directory
|
||||
requests, but that may change. (Default: 0)
|
||||
value. Relayed traffic currently is calculated to include answers to directory
|
||||
requests, but that may change in future versions. (Default: 0)
|
||||
.LP
|
||||
.TP
|
||||
\fBRelayBandwidthBurst \fR\fIN\fR \fBbytes\fR|\fBKB\fR|\fBMB\fR|\fBGB\fR|\fBTB\fP
|
||||
|
@ -206,10 +206,11 @@ authority for old-style (v1) directories as well. (Only directory mirrors
|
|||
care about this.) Tor will use this server as an authority for hidden
|
||||
service information if the "hs" flag is set, or if the "v1" flag is set and
|
||||
the "no-hs" flag is \fBnot\fP set. Tor will use this authority as a bridge
|
||||
authoritative directory if the "bridge" flag is set. Lastly, if a flag
|
||||
authoritative directory if the "bridge" flag is set. If a flag
|
||||
"orport=\fBport\fR" is given, Tor will use the given port when opening
|
||||
encrypted tunnels to the dirserver.
|
||||
[XXX020 also mention v3ident= flag here]
|
||||
encrypted tunnels to the dirserver. Lastly, if a flag "v3ident=\fBfp\fR" is
|
||||
given, the dirserver is a v3 directory authority whose v3 long-term
|
||||
signing key has the fingerprint \fBfp\fR.
|
||||
|
||||
If no \fBdirserver\fP line is given, Tor will use the default
|
||||
directory servers. NOTE: this option is intended
|
||||
|
@ -218,6 +219,16 @@ you use it, you will be distinguishable from other users, because you won't
|
|||
believe the same authorities they do.
|
||||
.LP
|
||||
.TP
|
||||
\fBAlternateDirAuthority \fR[\fInickname\fR] [\fBflags\fR] \fIaddress\fR\fB:\fIport fingerprint\fP
|
||||
\fBAlternateHSAuthority \fR[\fInickname\fR] [\fBflags\fR] \fIaddress\fR\fB:\fIport fingerprint\fP
|
||||
\fBAlternateBridgeAuthority \fR[\fInickname\fR] [\fBflags\fR] \fIaddress\fR\fB:\fIport fingerprint\fP
|
||||
As DirServer, but replaces less of the default directory authorities.
|
||||
Using AlternateDirAuthority replaces the default Tor directory
|
||||
authorities, but leaves the hidden service authorities and bridge
|
||||
authorities in place. Similarly, Using AlternatieHSAuthority replaces
|
||||
the default hidden service authorities, but not the directory or
|
||||
bridge authorities.
|
||||
|
||||
\fBFetchDirInfoEarly \fR\fB0\fR|\fB1\fR\fP
|
||||
If set to 1, Tor will always fetch directory information like other
|
||||
directory caches, even if you don't meet the normal criteria for
|
||||
|
@ -248,10 +259,6 @@ script to enumerate Tor nodes that exit to certain addresses.
|
|||
(Default: 0)
|
||||
.LP
|
||||
.TP
|
||||
\fBGroup \fR\fIGID\fP
|
||||
On startup, setgid to this group.
|
||||
.LP
|
||||
.TP
|
||||
\fBHttpProxy\fR \fIhost\fR[:\fIport\fR]\fP
|
||||
Tor will make all its directory requests through this host:port
|
||||
(or host:80 if port is not specified),
|
||||
|
@ -334,7 +341,7 @@ about what sites a user might have visited. (Default: 1)
|
|||
.LP
|
||||
.TP
|
||||
\fBUser \fR\fIUID\fP
|
||||
On startup, setuid to this user.
|
||||
On startup, setuid to this user and setgid to their primary group.
|
||||
.LP
|
||||
.TP
|
||||
\fBHardwareAccel \fR\fB0\fR|\fB1\fP
|
||||
|
@ -652,11 +659,14 @@ resolved. This helps trap accidental attempts to resolve URLs and so on.
|
|||
.LP
|
||||
.TP
|
||||
\fBFastFirstHopPK \fR\fB0\fR|\fB1\fR\fP
|
||||
When this option is enabled and we aren't running as a server, Tor
|
||||
skips the public key step for the first hop of creating circuits. This is
|
||||
safe since we have already used TLS to authenticate the server and to
|
||||
establish forward-secure keys. Turning this option off makes circuit
|
||||
building slower.
|
||||
When this option is disabled, Tor uses the public key step for the first
|
||||
hop of creating circuits. Skipping it is generally safe since we have
|
||||
already used TLS to authenticate the relay and to establish forward-secure
|
||||
keys. Turning this option off makes circuit building slower.
|
||||
|
||||
Note that Tor will always use the public key step for the first hop if
|
||||
it's operating as a relay, and it will never use the public key step if
|
||||
it doesn't yet know the onion key of the first hop.
|
||||
(Default: 1)
|
||||
.LP
|
||||
.TP
|
||||
|
@ -740,6 +750,19 @@ If Tor doesn't have a cached networkstatus file, it starts out using
|
|||
this one instead. Even if this file is out of date, Tor can still use
|
||||
it to learn about directory mirrors, so it doesn't need to put load on
|
||||
the authorities. (Default: None).
|
||||
.LP
|
||||
.TP
|
||||
\fBWarnPlaintextPorts\fP \fR\fIport\fR,\fIport\fR,\fI...\fP
|
||||
Tells Tor to issue a warnings whenever the user tries to make an
|
||||
anonymous connection to one of these ports. This option is designed
|
||||
to alert users to services that risk sending passwords in the clear.
|
||||
(Default: 23,109,110,143).
|
||||
.LP
|
||||
.TP
|
||||
\fBRejectPlaintextPorts\fP \fR\fIport\fR,\fIport\fR,\fI...\fP
|
||||
Like WarnPlaintextPorts, but instead of warning about risky port uses,
|
||||
Tor will instead refuse to make the connection.
|
||||
(Default: None).
|
||||
|
||||
.LP
|
||||
.TP
|
||||
|
@ -1089,6 +1112,9 @@ directory ports.
|
|||
The policies have the same form as exit policies above.
|
||||
.LP
|
||||
.TP
|
||||
|
||||
.SH DIRECTORY AUTHORITY SERVER OPTIONS
|
||||
.PP
|
||||
\fBRecommendedVersions \fR\fISTRING\fP
|
||||
STRING is a comma-separated list of Tor versions currently believed
|
||||
to be safe. The list is included in each directory, and nodes which
|
||||
|
@ -1123,6 +1149,12 @@ elements. Otherwise, if the address is not an IP address or is a private
|
|||
IP address, it will reject the router descriptor. Defaults to 0.
|
||||
.LP
|
||||
.TP
|
||||
\fBAuthDirBadDir \fR\fIAddressPattern\fR...\fP
|
||||
Authoritative directories only. A set of address patterns for servers that
|
||||
will be listed as bad directories in any network status document this authority
|
||||
publishes, if \fBAuthDirListBadDirs\fR is set.
|
||||
.LP
|
||||
.TP
|
||||
\fBAuthDirBadExit \fR\fIAddressPattern\fR...\fP
|
||||
Authoritative directories only. A set of address patterns for servers that
|
||||
will be listed as bad exits in any network status document this authority
|
||||
|
@ -1142,6 +1174,13 @@ authority publishes, or accepted as an OR address in any descriptor submitted
|
|||
for publication by this authority.
|
||||
.LP
|
||||
.TP
|
||||
\fBAuthDirListBadDirs \fR\fB0\fR|\fB1\fR\fP
|
||||
Authoritative directories only. If set to 1, this directory has
|
||||
some opinion about which nodes are unsuitable as directory caches. (Do not
|
||||
set this to 1 unless you plan to list nonfunctioning directories as bad;
|
||||
otherwise, you are effectively voting in favor of every declared directory.)
|
||||
.LP
|
||||
.TP
|
||||
\fBAuthDirListBadExits \fR\fB0\fR|\fB1\fR\fP
|
||||
Authoritative directories only. If set to 1, this directory has
|
||||
some opinion about which nodes are unsuitable as exit nodes. (Do not
|
||||
|
@ -1166,6 +1205,39 @@ will list as acceptable on a single IP address. Set this to "0" for
|
|||
\fBAuthDirMaxServersPerAuthAddr\fR \fINUM\fP
|
||||
Authoritative directories only. Like AuthDirMaxServersPerAddr, but
|
||||
applies to addresses shared with directory authorities. (Default: 5)
|
||||
.LP
|
||||
.TP
|
||||
\fBV3AuthVotingInterval\fR \fR\fIN\fR \fBminutes\fR|\fBhours\fP
|
||||
V3 authoritative directories only. Configures the server's preferred
|
||||
voting interval. Note that voting will \fIactually\fP happen at an
|
||||
interval chosen by consensus from all the authorities' preferred
|
||||
intervals. This time SHOULD divide evenly into a day. (Default: 1 hour)
|
||||
.LP
|
||||
.TP
|
||||
\fBV3AuthVoteDelay\fR \fINUM\fP
|
||||
V3 authoritative directories only. Configures the server's preferred
|
||||
delay between publishing its vote and assuming it has all the votes
|
||||
from all the other authorities. Note that the actual time used is not
|
||||
the server's preferred time, but the consensus of all preferences.
|
||||
(Default: 5 minutes.)
|
||||
.LP
|
||||
.TP
|
||||
\fBV3AuthDistDelay\fR \fINUM\fP
|
||||
V3 authoritative directories only. Configures the server's preferred
|
||||
delay between publishing its consensus and signature and assuming it
|
||||
has all the signatures from all the other authorities. Note that the
|
||||
actual time used is not the server's preferred time, but the consensus
|
||||
of all preferences. (Default: 5 minutes.)
|
||||
.LP
|
||||
.TP
|
||||
\fBV3AuthNIntervalsValid\fR \fINUM\fP
|
||||
V3 authoritative directories only. Configures the number of
|
||||
VotingIntervals for which each consensus should be valid for.
|
||||
Choosing high numbers increases network partitioning risks; choosing
|
||||
low numbers increases directory traffic. Note that the actual number
|
||||
of intervals used is not the server's preferred number, but the
|
||||
consensus of all preferences. Must be at least 2. (Default: 3.)
|
||||
|
||||
|
||||
.SH HIDDEN SERVICE OPTIONS
|
||||
.PP
|
||||
|
|
|
@ -54,6 +54,7 @@
|
|||
#include <limits.h>
|
||||
#include <errno.h>
|
||||
#include <err.h>
|
||||
#include "torint.h"
|
||||
|
||||
//#include "thread_private.h"
|
||||
|
||||
|
@ -94,9 +95,12 @@ static pthread_mutex_t gen_mutex = PTHREAD_MUTEX_INITIALIZER;
|
|||
#define _MALLOC_LOCK() {pthread_mutex_lock(&gen_mutex);}
|
||||
#define _MALLOC_UNLOCK() {pthread_mutex_unlock(&gen_mutex);}
|
||||
|
||||
#if defined(__sparc__)
|
||||
#if defined(__sparc__) || defined(__alpha__)
|
||||
#define malloc_pageshift 13U
|
||||
#endif /* __sparc__ */
|
||||
#endif
|
||||
#if defined(__ia64__)
|
||||
#define malloc_pageshift 14U
|
||||
#endif
|
||||
|
||||
#ifndef malloc_pageshift
|
||||
#define malloc_pageshift (PGSHIFT)
|
||||
|
@ -785,6 +789,13 @@ malloc_init(void)
|
|||
" Will not be able to dump malloc stats on exit");
|
||||
#endif /* MALLOC_STATS */
|
||||
|
||||
if (malloc_pagesize != getpagesize()) {
|
||||
wrterror("malloc() replacement compiled with a different "
|
||||
"page size from what we're running with. Failing.");
|
||||
errno = ENOMEM;
|
||||
return;
|
||||
}
|
||||
|
||||
/* Allocate one page for the page directory. */
|
||||
page_dir = (struct pginfo **)MMAP(malloc_pagesize);
|
||||
|
||||
|
@ -1926,11 +1937,14 @@ realloc(void *ptr, size_t size)
|
|||
return (r);
|
||||
}
|
||||
|
||||
#if defined(__i386__)||defined(__arm__)||defined(__powerpc__)
|
||||
#define SIZE_MAX 0xffffffff
|
||||
#endif
|
||||
#if defined(__x86_64__)
|
||||
#define SIZE_MAX 0xffffffffffffffff
|
||||
#ifndef SIZE_MAX
|
||||
//#if defined(__i386__)||defined(__arm__)||defined(__powerpc__)
|
||||
//#define SIZE_MAX 0xffffffff
|
||||
//#endif
|
||||
//#if defined(__x86_64__)
|
||||
//#define SIZE_MAX 0xffffffffffffffff
|
||||
//#endif
|
||||
#define SIZE_MAX SIZE_T_MAX
|
||||
#endif
|
||||
|
||||
void *
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001, Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
const char aes_c_id[] = "$Id$";
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2003, Roger Dingledine
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2003-2004, Roger Dingledine
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
const char compat_c_id[] =
|
||||
|
@ -115,12 +115,6 @@ const char compat_c_id[] =
|
|||
#include "strlcat.c"
|
||||
#endif
|
||||
|
||||
#ifndef INADDR_NONE
|
||||
/* This is used by inet_addr, but apparently Solaris doesn't define it
|
||||
* anyplace. */
|
||||
#define INADDR_NONE ((unsigned long) -1)
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_SYS_MMAN_H
|
||||
/** Implementation for tor_mmap_t: holds the regular tor_mmap_t, along
|
||||
* with extra fields needed for mmap()-based memory mapping. */
|
||||
|
@ -380,6 +374,61 @@ tor_memmem(const void *_haystack, size_t hlen,
|
|||
#endif
|
||||
}
|
||||
|
||||
/* Tables to implement ctypes-replacement TOR_IS*() functions. Each table
|
||||
* has 256 bits to look up whether a character is in some set or not. This
|
||||
* fails on non-ASCII platforms, but it is hard to find a platform whose
|
||||
* character set is not a superset of ASCII nowadays. */
|
||||
const uint32_t TOR_ISALPHA_TABLE[8] =
|
||||
{ 0, 0, 0x7fffffe, 0x7fffffe, 0, 0, 0, 0 };
|
||||
const uint32_t TOR_ISALNUM_TABLE[8] =
|
||||
{ 0, 0x3ff0000, 0x7fffffe, 0x7fffffe, 0, 0, 0, 0 };
|
||||
const uint32_t TOR_ISSPACE_TABLE[8] = { 0x3e00, 0x1, 0, 0, 0, 0, 0, 0 };
|
||||
const uint32_t TOR_ISXDIGIT_TABLE[8] =
|
||||
{ 0, 0x3ff0000, 0x7e, 0x7e, 0, 0, 0, 0 };
|
||||
const uint32_t TOR_ISDIGIT_TABLE[8] = { 0, 0x3ff0000, 0, 0, 0, 0, 0, 0 };
|
||||
const uint32_t TOR_ISPRINT_TABLE[8] =
|
||||
{ 0, 0xffffffff, 0xffffffff, 0x7fffffff, 0, 0, 0, 0x0 };
|
||||
const uint32_t TOR_ISUPPER_TABLE[8] = { 0, 0, 0x7fffffe, 0, 0, 0, 0, 0 };
|
||||
const uint32_t TOR_ISLOWER_TABLE[8] = { 0, 0, 0, 0x7fffffe, 0, 0, 0, 0 };
|
||||
/* Upper-casing and lowercasing tables to map characters to upper/lowercase
|
||||
* equivalents. */
|
||||
const char TOR_TOUPPER_TABLE[256] = {
|
||||
0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,
|
||||
16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,
|
||||
32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,
|
||||
48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,
|
||||
64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,
|
||||
80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,
|
||||
96,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,
|
||||
80,81,82,83,84,85,86,87,88,89,90,123,124,125,126,127,
|
||||
128,129,130,131,132,133,134,135,136,137,138,139,140,141,142,143,
|
||||
144,145,146,147,148,149,150,151,152,153,154,155,156,157,158,159,
|
||||
160,161,162,163,164,165,166,167,168,169,170,171,172,173,174,175,
|
||||
176,177,178,179,180,181,182,183,184,185,186,187,188,189,190,191,
|
||||
192,193,194,195,196,197,198,199,200,201,202,203,204,205,206,207,
|
||||
208,209,210,211,212,213,214,215,216,217,218,219,220,221,222,223,
|
||||
224,225,226,227,228,229,230,231,232,233,234,235,236,237,238,239,
|
||||
240,241,242,243,244,245,246,247,248,249,250,251,252,253,254,255,
|
||||
};
|
||||
const char TOR_TOLOWER_TABLE[256] = {
|
||||
0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,
|
||||
16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,
|
||||
32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,
|
||||
48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,
|
||||
64,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,
|
||||
112,113,114,115,116,117,118,119,120,121,122,91,92,93,94,95,
|
||||
96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,
|
||||
112,113,114,115,116,117,118,119,120,121,122,123,124,125,126,127,
|
||||
128,129,130,131,132,133,134,135,136,137,138,139,140,141,142,143,
|
||||
144,145,146,147,148,149,150,151,152,153,154,155,156,157,158,159,
|
||||
160,161,162,163,164,165,166,167,168,169,170,171,172,173,174,175,
|
||||
176,177,178,179,180,181,182,183,184,185,186,187,188,189,190,191,
|
||||
192,193,194,195,196,197,198,199,200,201,202,203,204,205,206,207,
|
||||
208,209,210,211,212,213,214,215,216,217,218,219,220,221,222,223,
|
||||
224,225,226,227,228,229,230,231,232,233,234,235,236,237,238,239,
|
||||
240,241,242,243,244,245,246,247,248,249,250,251,252,253,254,255,
|
||||
};
|
||||
|
||||
#ifdef MS_WINDOWS
|
||||
/** Take a filename and return a pointer to its final element. This
|
||||
* function is called on __FILE__ to fix a MSVC nit where __FILE__
|
||||
|
@ -781,7 +830,7 @@ set_max_file_descriptors(rlim_t limit, int *max_out)
|
|||
log_warn(LD_CONFIG,
|
||||
"We do not support more than %lu file descriptors "
|
||||
"on Windows. Tried to raise to %lu.",
|
||||
DEFAULT_MAX_CONNECTIONS, limit);
|
||||
(unsigned long)DEFAULT_MAX_CONNECTIONS, (unsigned long)limit);
|
||||
return -1;
|
||||
}
|
||||
limit = DEFAULT_MAX_CONNECTIONS;
|
||||
|
@ -789,7 +838,7 @@ set_max_file_descriptors(rlim_t limit, int *max_out)
|
|||
if (limit > CYGWIN_MAX_CONNECTIONS) {
|
||||
log_warn(LD_CONFIG, "We do not support more than %lu file descriptors "
|
||||
"when using Cygwin. Tried to raise to %lu.",
|
||||
CYGWIN_MAX_CONNECTIONS, limit);
|
||||
(unsigned long)CYGWIN_MAX_CONNECTIONS, (unsigned long)limit);
|
||||
return -1;
|
||||
}
|
||||
limit = CYGWIN_MAX_CONNECTIONS;
|
||||
|
@ -797,7 +846,7 @@ set_max_file_descriptors(rlim_t limit, int *max_out)
|
|||
if (limit > IPHONE_MAX_CONNECTIONS) {
|
||||
log_warn(LD_CONFIG, "We do not support more than %lu file descriptors "
|
||||
"on iPhone. Tried to raise to %lu.",
|
||||
IPHONE_MAX_CONNECTIONS, limit);
|
||||
(unsigned long)IPHONE_MAX_CONNECTIONS, (unsigned long)limit);
|
||||
return -1;
|
||||
}
|
||||
limit = IPHONE_MAX_CONNECTIONS;
|
||||
|
@ -871,62 +920,225 @@ set_max_file_descriptors(rlim_t limit, int *max_out)
|
|||
return 0;
|
||||
}
|
||||
|
||||
/** Call setuid and setgid to run as <b>user</b>:<b>group</b>. Return 0 on
|
||||
* success. On failure, log and return -1.
|
||||
/** Log details of current user and group credentials. Return 0 on
|
||||
* success. Logs and return -1 on failure.
|
||||
*/
|
||||
static int
|
||||
log_credential_status(void)
|
||||
{
|
||||
#define CREDENTIAL_LOG_LEVEL LOG_INFO
|
||||
#ifndef MS_WINDOWS
|
||||
/* Real, effective and saved UIDs */
|
||||
uid_t ruid, euid, suid;
|
||||
/* Read, effective and saved GIDs */
|
||||
gid_t rgid, egid, sgid;
|
||||
/* Supplementary groups */
|
||||
gid_t sup_gids[NGROUPS_MAX + 1];
|
||||
/* Number of supplementary groups */
|
||||
int ngids;
|
||||
|
||||
/* log UIDs */
|
||||
#ifdef HAVE_GETRESUID
|
||||
if (getresuid(&ruid, &euid, &suid) != 0 ) {
|
||||
log_warn(LD_GENERAL, "Error getting changed UIDs: %s", strerror(errno));
|
||||
return -1;
|
||||
} else {
|
||||
log_fn(CREDENTIAL_LOG_LEVEL, LD_GENERAL,
|
||||
"UID is %u (real), %u (effective), %u (saved)",
|
||||
(unsigned)ruid, (unsigned)euid, (unsigned)suid);
|
||||
}
|
||||
#else
|
||||
/* getresuid is not present on MacOS X, so we can't get the saved (E)UID */
|
||||
ruid = getuid();
|
||||
euid = geteuid();
|
||||
(void)suid;
|
||||
|
||||
log_fn(CREDENTIAL_LOG_LEVEL, LD_GENERAL,
|
||||
"UID is %u (real), %u (effective), unknown (saved)",
|
||||
(unsigned)ruid, (unsigned)euid);
|
||||
#endif
|
||||
|
||||
/* log GIDs */
|
||||
#ifdef HAVE_GETRESGID
|
||||
if (getresgid(&rgid, &egid, &sgid) != 0 ) {
|
||||
log_warn(LD_GENERAL, "Error getting changed GIDs: %s", strerror(errno));
|
||||
return -1;
|
||||
} else {
|
||||
log_fn(CREDENTIAL_LOG_LEVEL, LD_GENERAL,
|
||||
"GID is %u (real), %u (effective), %u (saved)",
|
||||
(unsigned)rgid, (unsigned)egid, (unsigned)sgid);
|
||||
}
|
||||
#else
|
||||
/* getresgid is not present on MacOS X, so we can't get the saved (E)GID */
|
||||
rgid = getgid();
|
||||
egid = getegid();
|
||||
(void)sgid;
|
||||
log_fn(CREDENTIAL_LOG_LEVEL, LD_GENERAL,
|
||||
"GID is %u (real), %u (effective), unknown (saved)",
|
||||
(unsigned)rgid, (unsigned)egid);
|
||||
#endif
|
||||
|
||||
/* log supplementary groups */
|
||||
if ((ngids = getgroups(NGROUPS_MAX + 1, sup_gids)) < 0) {
|
||||
log_warn(LD_GENERAL, "Error getting supplementary GIDs: %s",
|
||||
strerror(errno));
|
||||
return -1;
|
||||
} else {
|
||||
int i;
|
||||
char *strgid;
|
||||
char *s = NULL;
|
||||
int formatting_error = 0;
|
||||
smartlist_t *elts = smartlist_create();
|
||||
|
||||
for (i = 0; i<ngids; i++) {
|
||||
strgid = tor_malloc(11);
|
||||
if (tor_snprintf(strgid, 11, "%u", (unsigned)sup_gids[i]) == -1) {
|
||||
log_warn(LD_GENERAL, "Error printing supplementary GIDs");
|
||||
tor_free(strgid);
|
||||
formatting_error = 1;
|
||||
goto error;
|
||||
}
|
||||
smartlist_add(elts, strgid);
|
||||
}
|
||||
|
||||
s = smartlist_join_strings(elts, " ", 0, NULL);
|
||||
|
||||
log_fn(CREDENTIAL_LOG_LEVEL, LD_GENERAL, "Supplementary groups are: %s",s);
|
||||
|
||||
error:
|
||||
tor_free(s);
|
||||
SMARTLIST_FOREACH(elts, char *, cp,
|
||||
{
|
||||
tor_free(cp);
|
||||
});
|
||||
smartlist_free(elts);
|
||||
|
||||
if (formatting_error)
|
||||
return -1;
|
||||
}
|
||||
#endif
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
/** Call setuid and setgid to run as <b>user</b> and switch to their
|
||||
* primary group. Return 0 on success. On failure, log and return -1.
|
||||
*/
|
||||
int
|
||||
switch_id(const char *user, const char *group)
|
||||
switch_id(const char *user)
|
||||
{
|
||||
#ifndef MS_WINDOWS
|
||||
struct passwd *pw = NULL;
|
||||
struct group *gr = NULL;
|
||||
uid_t old_uid;
|
||||
gid_t old_gid;
|
||||
static int have_already_switched_id = 0;
|
||||
|
||||
if (user) {
|
||||
pw = getpwnam(user);
|
||||
if (pw == NULL) {
|
||||
log_warn(LD_CONFIG,"User '%s' not found.", user);
|
||||
tor_assert(user);
|
||||
|
||||
if (have_already_switched_id)
|
||||
return 0;
|
||||
|
||||
/* Log the initial credential state */
|
||||
if (log_credential_status())
|
||||
return -1;
|
||||
|
||||
log_fn(CREDENTIAL_LOG_LEVEL, LD_GENERAL, "Changing user and groups");
|
||||
|
||||
/* Get old UID/GID to check if we changed correctly */
|
||||
old_uid = getuid();
|
||||
old_gid = getgid();
|
||||
|
||||
/* Lookup the user and group information, if we have a problem, bail out. */
|
||||
pw = getpwnam(user);
|
||||
if (pw == NULL) {
|
||||
log_warn(LD_CONFIG, "Error setting configured user: %s not found", user);
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* Properly switch egid,gid,euid,uid here or bail out */
|
||||
if (setgroups(1, &pw->pw_gid)) {
|
||||
log_warn(LD_GENERAL, "Error setting groups to gid %d: \"%s\". "
|
||||
"If you set the \"User\" option, you must start Tor as root.",
|
||||
(int)pw->pw_gid, strerror(errno));
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (setegid(pw->pw_gid)) {
|
||||
log_warn(LD_GENERAL, "Error setting egid to %d: %s",
|
||||
(int)pw->pw_gid, strerror(errno));
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (setgid(pw->pw_gid)) {
|
||||
log_warn(LD_GENERAL, "Error setting gid to %d: %s",
|
||||
(int)pw->pw_gid, strerror(errno));
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (setuid(pw->pw_uid)) {
|
||||
log_warn(LD_GENERAL, "Error setting configured uid to %s (%d): %s",
|
||||
user, (int)pw->pw_uid, strerror(errno));
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (seteuid(pw->pw_uid)) {
|
||||
log_warn(LD_GENERAL, "Error setting configured euid to %s (%d): %s",
|
||||
user, (int)pw->pw_uid, strerror(errno));
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* This is how OpenBSD rolls:
|
||||
if (setgroups(1, &pw->pw_gid) || setegid(pw->pw_gid) ||
|
||||
setgid(pw->pw_gid) || setuid(pw->pw_uid) || seteuid(pw->pw_uid)) {
|
||||
setgid(pw->pw_gid) || seteuid(pw->pw_uid) || setuid(pw->pw_uid)) {
|
||||
log_warn(LD_GENERAL, "Error setting configured UID/GID: %s",
|
||||
strerror(errno));
|
||||
return -1;
|
||||
}
|
||||
*/
|
||||
|
||||
/* We've properly switched egid, gid, euid, uid, and supplementary groups if
|
||||
* we're here. */
|
||||
|
||||
#if !defined(CYGWIN) && !defined(__CYGWIN__)
|
||||
/* If we tried to drop privilege to a group/user other than root, attempt to
|
||||
* restore root (E)(U|G)ID, and abort if the operation succeeds */
|
||||
|
||||
/* Only check for privilege dropping if we were asked to be non-root */
|
||||
if (pw->pw_uid) {
|
||||
/* Try changing GID/EGID */
|
||||
if (pw->pw_gid != old_gid &&
|
||||
(setgid(old_gid) != -1 || setegid(old_gid) != -1)) {
|
||||
log_warn(LD_GENERAL, "Was able to restore group credentials even after "
|
||||
"switching GID: this means that the setgid code didn't work.");
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* Try changing UID/EUID */
|
||||
if (pw->pw_uid != old_uid &&
|
||||
(setuid(old_uid) != -1 || seteuid(old_uid) != -1)) {
|
||||
log_warn(LD_GENERAL, "Was able to restore user credentials even after "
|
||||
"switching UID: this means that the setuid code didn't work.");
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
|
||||
/* switch the group first, while we still have the privileges to do so */
|
||||
if (group) {
|
||||
gr = getgrnam(group);
|
||||
if (gr == NULL) {
|
||||
log_warn(LD_CONFIG,"Group '%s' not found.", group);
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (setgid(gr->gr_gid) != 0) {
|
||||
log_warn(LD_GENERAL,"Error setting to configured GID: %s",
|
||||
strerror(errno));
|
||||
return -1;
|
||||
}
|
||||
} else if (user) {
|
||||
if (setgid(pw->pw_gid) != 0) {
|
||||
log_warn(LD_GENERAL,"Error setting to user GID: %s", strerror(errno));
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
|
||||
/* now that the group is switched, we can switch users and lose
|
||||
privileges */
|
||||
if (user) {
|
||||
if (setuid(pw->pw_uid) != 0) {
|
||||
log_warn(LD_GENERAL,"Error setting UID: %s", strerror(errno));
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
|
||||
return 0;
|
||||
#else
|
||||
(void)user;
|
||||
(void)group;
|
||||
#endif
|
||||
|
||||
/* Check what really happened */
|
||||
if (log_credential_status()) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
have_already_switched_id = 1; /* mark success so we never try again */
|
||||
return 0;
|
||||
|
||||
#else
|
||||
(void)user;
|
||||
|
||||
log_warn(LD_CONFIG,
|
||||
"User or group specified, but switching users is not supported.");
|
||||
"User specified but switching users is unsupported on your OS.");
|
||||
return -1;
|
||||
#endif
|
||||
}
|
||||
|
||||
#ifdef HAVE_PWD_H
|
||||
|
@ -951,24 +1163,18 @@ get_user_homedir(const char *username)
|
|||
* but works on Windows and Solaris.)
|
||||
*/
|
||||
int
|
||||
tor_inet_aton(const char *c, struct in_addr* addr)
|
||||
tor_inet_aton(const char *str, struct in_addr* addr)
|
||||
{
|
||||
#ifdef HAVE_INET_ATON
|
||||
return inet_aton(c, addr);
|
||||
#else
|
||||
uint32_t r;
|
||||
tor_assert(c);
|
||||
tor_assert(addr);
|
||||
if (strcmp(c, "255.255.255.255") == 0) {
|
||||
addr->s_addr = 0xFFFFFFFFu;
|
||||
return 1;
|
||||
}
|
||||
r = inet_addr(c);
|
||||
if (r == INADDR_NONE)
|
||||
int a,b,c,d;
|
||||
char more;
|
||||
if (sscanf(str, "%d.%d.%d.%d%c", &a,&b,&c,&d,&more) != 4)
|
||||
return 0;
|
||||
addr->s_addr = r;
|
||||
if (a < 0 || a > 255) return 0;
|
||||
if (b < 0 || b > 255) return 0;
|
||||
if (c < 0 || c > 255) return 0;
|
||||
if (d < 0 || d > 255) return 0;
|
||||
addr->s_addr = htonl((a<<24) | (b<<16) | (c<<8) | d);
|
||||
return 1;
|
||||
#endif
|
||||
}
|
||||
|
||||
/** Given <b>af</b>==AF_INET and <b>src</b> a struct in_addr, or
|
||||
|
@ -1746,13 +1952,17 @@ tor_get_thread_id(void)
|
|||
struct tor_mutex_t {
|
||||
pthread_mutex_t mutex;
|
||||
};
|
||||
static pthread_mutexattr_t attr_reentrant;
|
||||
static int threads_initialized = 0;
|
||||
/** Allocate and return new lock. */
|
||||
tor_mutex_t *
|
||||
tor_mutex_new(void)
|
||||
{
|
||||
int err;
|
||||
tor_mutex_t *mutex = tor_malloc_zero(sizeof(tor_mutex_t));
|
||||
err = pthread_mutex_init(&mutex->mutex, NULL);
|
||||
if (PREDICT_UNLIKELY(!threads_initialized))
|
||||
tor_threads_init();
|
||||
err = pthread_mutex_init(&mutex->mutex, &attr_reentrant);
|
||||
if (PREDICT_UNLIKELY(err)) {
|
||||
log_err(LD_GENERAL, "Error %d creating a mutex.", err);
|
||||
tor_fragile_assert();
|
||||
|
@ -1868,6 +2078,11 @@ tor_cond_signal_all(tor_cond_t *cond)
|
|||
void
|
||||
tor_threads_init(void)
|
||||
{
|
||||
if (!threads_initialized) {
|
||||
pthread_mutexattr_init(&attr_reentrant);
|
||||
pthread_mutexattr_settype(&attr_reentrant, PTHREAD_MUTEX_RECURSIVE);
|
||||
threads_initialized = 1;
|
||||
}
|
||||
}
|
||||
#elif defined(USE_WIN32_THREADS)
|
||||
#if 0
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2003-2004, Roger Dingledinex
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
|
||||
|
@ -33,9 +33,6 @@
|
|||
#ifdef HAVE_STRING_H
|
||||
#include <string.h>
|
||||
#endif
|
||||
#ifdef HAVE_CTYPE_H
|
||||
#include <ctype.h>
|
||||
#endif
|
||||
#include <stdarg.h>
|
||||
#ifdef HAVE_SYS_RESOURCE_H
|
||||
#include <sys/resource.h>
|
||||
|
@ -122,7 +119,17 @@ extern INLINE double U64_TO_DBL(uint64_t x) {
|
|||
#define ATTR_CONST __attribute__((const))
|
||||
#define ATTR_MALLOC __attribute__((malloc))
|
||||
#define ATTR_NORETURN __attribute__((noreturn))
|
||||
#define ATTR_NONNULL(x) __attribute__((nonnull x))
|
||||
/* Alas, nonnull is not at present a good idea for us. We'd like to get
|
||||
* warnings when we pass NULL where we shouldn't (which nonnull does, albeit
|
||||
* spottily), but we don't want to tell the compiler to make optimizations
|
||||
* with the assumption that the argument can't be NULL (since this would make
|
||||
* many of our checks go away, and make our code less robust against
|
||||
* programming errors). Unfortunately, nonnull currently does both of these
|
||||
* things, and there's no good way to split them up.
|
||||
*
|
||||
* #define ATTR_NONNULL(x) __attribute__((nonnull x)) */
|
||||
#define ATTR_NONNULL(x)
|
||||
|
||||
/** Macro: Evaluates to <b>exp</b> and hints the compiler that the value
|
||||
* of <b>exp</b> will probably be true. */
|
||||
#define PREDICT_LIKELY(exp) __builtin_expect((exp), 1)
|
||||
|
@ -207,17 +214,27 @@ tor_memstr(const void *haystack, size_t hlen, const char *needle)
|
|||
return tor_memmem(haystack, hlen, needle, strlen(needle));
|
||||
}
|
||||
|
||||
#define TOR_ISALPHA(c) isalpha((int)(unsigned char)(c))
|
||||
#define TOR_ISALNUM(c) isalnum((int)(unsigned char)(c))
|
||||
#define TOR_ISSPACE(c) isspace((int)(unsigned char)(c))
|
||||
#define TOR_ISXDIGIT(c) isxdigit((int)(unsigned char)(c))
|
||||
#define TOR_ISDIGIT(c) isdigit((int)(unsigned char)(c))
|
||||
#define TOR_ISPRINT(c) isprint((int)(unsigned char)(c))
|
||||
#define TOR_ISLOWER(c) islower((int)(unsigned char)(c))
|
||||
#define TOR_ISUPPER(c) isupper((int)(unsigned char)(c))
|
||||
|
||||
#define TOR_TOLOWER(c) ((char)tolower((int)(unsigned char)(c)))
|
||||
#define TOR_TOUPPER(c) ((char)toupper((int)(unsigned char)(c)))
|
||||
/* Much of the time when we're checking ctypes, we're doing spec compliance,
|
||||
* which all assumes we're doing ASCII. */
|
||||
#define DECLARE_CTYPE_FN(name) \
|
||||
static int TOR_##name(char c); \
|
||||
extern const uint32_t TOR_##name##_TABLE[]; \
|
||||
static INLINE int TOR_##name(char c) { \
|
||||
uint8_t u = c; \
|
||||
return !!(TOR_##name##_TABLE[(u >> 5) & 7] & (1 << (u & 31))); \
|
||||
}
|
||||
DECLARE_CTYPE_FN(ISALPHA)
|
||||
DECLARE_CTYPE_FN(ISALNUM)
|
||||
DECLARE_CTYPE_FN(ISSPACE)
|
||||
DECLARE_CTYPE_FN(ISDIGIT)
|
||||
DECLARE_CTYPE_FN(ISXDIGIT)
|
||||
DECLARE_CTYPE_FN(ISPRINT)
|
||||
DECLARE_CTYPE_FN(ISLOWER)
|
||||
DECLARE_CTYPE_FN(ISUPPER)
|
||||
extern const char TOR_TOUPPER_TABLE[];
|
||||
extern const char TOR_TOLOWER_TABLE[];
|
||||
#define TOR_TOLOWER(c) (TOR_TOLOWER_TABLE[(uint8_t)c])
|
||||
#define TOR_TOUPPER(c) (TOR_TOUPPER_TABLE[(uint8_t)c])
|
||||
|
||||
#ifdef MS_WINDOWS
|
||||
#define _SHORT_FILE_ (tor_fix_source_file(__FILE__))
|
||||
|
@ -261,6 +278,10 @@ int touch_file(const char *fname);
|
|||
|
||||
/* ===== Net compatibility */
|
||||
|
||||
#if (SIZEOF_SOCKLEN_T == 0)
|
||||
typedef int socklen_t;
|
||||
#endif
|
||||
|
||||
int tor_close_socket(int s);
|
||||
int tor_open_socket(int domain, int type, int protocol);
|
||||
int tor_accept_socket(int sockfd, struct sockaddr *addr, socklen_t *len);
|
||||
|
@ -274,10 +295,6 @@ int get_n_open_sockets(void);
|
|||
#define tor_socket_recv(s, buf, len, flags) recv(s, buf, len, flags)
|
||||
#endif
|
||||
|
||||
#if (SIZEOF_SOCKLEN_T == 0)
|
||||
typedef int socklen_t;
|
||||
#endif
|
||||
|
||||
/* Define struct in6_addr on platforms that do not have it. Generally,
|
||||
* these platforms are ones without IPv6 support, but we want to have
|
||||
* a working in6_addr there anyway, so we can use it to parse IPv6
|
||||
|
@ -453,7 +470,7 @@ void set_uint32(char *cp, uint32_t v) ATTR_NONNULL((1));
|
|||
typedef unsigned long rlim_t;
|
||||
#endif
|
||||
int set_max_file_descriptors(rlim_t limit, int *max);
|
||||
int switch_id(const char *user, const char *group);
|
||||
int switch_id(const char *user);
|
||||
#ifdef HAVE_PWD_H
|
||||
char *get_user_homedir(const char *username);
|
||||
#endif
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2003-2004, Roger Dingledine
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
const char container_c_id[] =
|
||||
|
@ -20,9 +20,6 @@ const char container_c_id[] =
|
|||
#include "container.h"
|
||||
#include "crypto.h"
|
||||
|
||||
#ifdef HAVE_CTYPE_H
|
||||
#include <ctype.h>
|
||||
#endif
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <assert.h>
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2003-2004, Roger Dingledine
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
|
||||
|
@ -108,8 +108,7 @@ void *smartlist_bsearch(smartlist_t *sl, const void *key,
|
|||
ATTR_PURE;
|
||||
int smartlist_bsearch_idx(const smartlist_t *sl, const void *key,
|
||||
int (*compare)(const void *key, const void **member),
|
||||
int *found_out)
|
||||
ATTR_PURE;
|
||||
int *found_out);
|
||||
|
||||
void smartlist_pqueue_add(smartlist_t *sl,
|
||||
int (*compare)(const void *a, const void *b),
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001, Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
const char crypto_c_id[] =
|
||||
|
@ -21,6 +21,9 @@ const char crypto_c_id[] =
|
|||
#define WIN32_LEAN_AND_MEAN
|
||||
#include <windows.h>
|
||||
#include <wincrypt.h>
|
||||
/* Windows defines this; so does openssl 0.9.8h and later. We don't actually
|
||||
* use either definition. */
|
||||
#undef OCSP_RESPONSE
|
||||
#endif
|
||||
|
||||
#include <openssl/err.h>
|
||||
|
@ -628,6 +631,23 @@ crypto_pk_dup_key(crypto_pk_env_t *env)
|
|||
return env;
|
||||
}
|
||||
|
||||
/** Make a real honest-to-goodness copy of <b>env</b>, and return it. */
|
||||
crypto_pk_env_t *
|
||||
crypto_pk_copy_full(crypto_pk_env_t *env)
|
||||
{
|
||||
RSA *new_key;
|
||||
tor_assert(env);
|
||||
tor_assert(env->key);
|
||||
|
||||
if (PRIVATE_KEY_OK(env)) {
|
||||
new_key = RSAPrivateKey_dup(env->key);
|
||||
} else {
|
||||
new_key = RSAPublicKey_dup(env->key);
|
||||
}
|
||||
|
||||
return _crypto_new_pk_env_rsa(new_key);
|
||||
}
|
||||
|
||||
/** Encrypt <b>fromlen</b> bytes from <b>from</b> with the public key
|
||||
* in <b>env</b>, using the padding method <b>padding</b>. On success,
|
||||
* write the result to <b>to</b>, and return the number of bytes
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001, Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
|
||||
|
@ -88,6 +88,7 @@ int crypto_pk_check_key(crypto_pk_env_t *env);
|
|||
int crypto_pk_cmp_keys(crypto_pk_env_t *a, crypto_pk_env_t *b);
|
||||
size_t crypto_pk_keysize(crypto_pk_env_t *env);
|
||||
crypto_pk_env_t *crypto_pk_dup_key(crypto_pk_env_t *orig);
|
||||
crypto_pk_env_t *crypto_pk_copy_full(crypto_pk_env_t *orig);
|
||||
|
||||
int crypto_pk_public_encrypt(crypto_pk_env_t *env, char *to,
|
||||
const char *from, size_t fromlen, int padding);
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
/* Copyright 2002 Christopher Clark */
|
||||
/* Copyright 2005 Nick Mathewson */
|
||||
/* Copyright (c) 2002, Christopher Clark.
|
||||
* Copyright (c) 2005-2006, Nick Mathewson.
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See license at end. */
|
||||
/* $Id$ */
|
||||
|
||||
|
@ -420,6 +421,7 @@ ht_string_hash(const char *s)
|
|||
#define _HT_FOI_INSERT(field, head, elm, newent, var) \
|
||||
{ \
|
||||
newent->field.hte_hash = (elm)->field.hte_hash; \
|
||||
newent->field.hte_next = NULL; \
|
||||
*var = newent; \
|
||||
++((head)->hth_n_entries); \
|
||||
}
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001, Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
const char log_c_id[] = "$Id$";
|
||||
|
@ -255,6 +255,9 @@ logv(int severity, uint32_t domain, const char *funcname, const char *format,
|
|||
char *end_of_prefix=NULL;
|
||||
|
||||
assert(format);
|
||||
/* check that severity is sane. Overrunning the masks array leads to
|
||||
* interesting and hard to diagnose effects */
|
||||
assert(severity >= LOG_ERR && severity <= LOG_DEBUG);
|
||||
LOCK_LOGS();
|
||||
lf = logfiles;
|
||||
while (lf) {
|
||||
|
@ -698,6 +701,7 @@ switch_logs_debug(void)
|
|||
for (lf = logfiles; lf; lf=lf->next) {
|
||||
lf->min_loglevel = LOG_DEBUG;
|
||||
}
|
||||
_log_global_min_severity = get_min_log_level();
|
||||
UNLOCK_LOGS();
|
||||
}
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001, Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
/* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
#if 1
|
||||
|
@ -144,7 +144,7 @@ struct mp_chunk_t {
|
|||
};
|
||||
|
||||
/** Number of extra bytes needed beyond mem_size to allocate a chunk. */
|
||||
#define CHUNK_OVERHEAD (sizeof(mp_chunk_t)-1)
|
||||
#define CHUNK_OVERHEAD STRUCT_OFFSET(mp_chunk_t, mem[0])
|
||||
|
||||
/** Given a pointer to a mp_allocated_t, return a pointer to the memory
|
||||
* item it holds. */
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
/* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2001-2003, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
const char torgzip_c_id[] =
|
||||
|
@ -143,7 +143,16 @@ tor_gzip_compress(char **out, size_t *out_len,
|
|||
}
|
||||
done:
|
||||
*out_len = stream->total_out;
|
||||
if (stream->total_out > out_size + 4097) {
|
||||
#ifdef OPENBSD
|
||||
/* "Hey Rocky! Watch me change an unsigned field to a signed field in a
|
||||
* third-party API!"
|
||||
* "Oh, that trick will just make people do unsafe casts to the unsigned
|
||||
* type in their cross-platform code!"
|
||||
* "Don't be foolish. I'm _sure_ they'll have the good sense to make sure
|
||||
* the newly unsigned field isn't negative." */
|
||||
tor_assert(stream->total_out >= 0);
|
||||
#endif
|
||||
if (((size_t)stream->total_out) > out_size + 4097) {
|
||||
/* If we're wasting more than 4k, don't. */
|
||||
*out = tor_realloc(*out, stream->total_out + 1);
|
||||
}
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2003, Roger Dingledine
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2003, Roger Dingledine
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
|
||||
|
@ -290,6 +290,8 @@ typedef uint32_t uintptr_t;
|
|||
#define TIME_MAX ((time_t)INT_MAX)
|
||||
#elif (SIZEOF_TIME_T == SIZEOF_LONG)
|
||||
#define TIME_MAX ((time_t)LONG_MAX)
|
||||
#elif (SIZEOF_TIME_T == 8)
|
||||
#define TIME_MAX ((time_t)INT64_MAX)
|
||||
#else
|
||||
#error "Can't define (signed) TIME_MAX"
|
||||
#endif
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2003, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
const char tortls_c_id[] =
|
||||
|
@ -314,6 +314,10 @@ tor_tls_free_all(void)
|
|||
tor_tls_context_decref(global_tls_context);
|
||||
global_tls_context = NULL;
|
||||
}
|
||||
if (!HT_EMPTY(&tlsmap_root)) {
|
||||
log_warn(LD_MM, "Still have entries in the tlsmap at shutdown.");
|
||||
}
|
||||
HT_CLEAR(tlsmap, &tlsmap_root);
|
||||
}
|
||||
|
||||
/** We need to give OpenSSL a callback to verify certificates. This is
|
||||
|
@ -432,7 +436,7 @@ tor_tls_create_certificate(crypto_pk_env_t *rsa,
|
|||
* SSL3_TXT_RSA_NULL_SHA. If you do this, you won't be able to communicate
|
||||
* with any of the "real" Tors, though. */
|
||||
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x00908000l
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x00908020l
|
||||
#define CLIENT_CIPHER_LIST \
|
||||
(TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA ":" \
|
||||
TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA ":" \
|
||||
|
@ -560,6 +564,14 @@ tor_tls_context_new(crypto_pk_env_t *identity, unsigned int key_lifetime)
|
|||
SSL_CTX_set_options(result->ctx, SSL_OP_NO_SSLv2);
|
||||
#endif
|
||||
SSL_CTX_set_options(result->ctx, SSL_OP_SINGLE_DH_USE);
|
||||
/* Don't actually allow compression; it uses RAM and time, but the data
|
||||
* we transmit is all encrypted anyway. */
|
||||
result->ctx->comp_methods = NULL;
|
||||
|
||||
#ifdef SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
|
||||
SSL_CTX_set_options(result->ctx,
|
||||
SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION);
|
||||
#endif
|
||||
if (cert && !SSL_CTX_use_certificate(result->ctx,cert))
|
||||
goto error;
|
||||
X509_free(cert); /* We just added a reference to cert. */
|
||||
|
@ -622,7 +634,7 @@ tor_tls_context_new(crypto_pk_env_t *identity, unsigned int key_lifetime)
|
|||
|
||||
#ifdef V2_HANDSHAKE_SERVER
|
||||
/** Return true iff the cipher list suggested by the client for <b>ssl</b> is
|
||||
* a list that indicates that the client know how to do the v2 TLS connection
|
||||
* a list that indicates that the client knows how to do the v2 TLS connection
|
||||
* handshake. */
|
||||
static int
|
||||
tor_tls_client_is_using_v2_ciphers(const SSL *ssl, const char *address)
|
||||
|
@ -666,7 +678,7 @@ tor_tls_client_is_using_v2_ciphers(const SSL *ssl, const char *address)
|
|||
}
|
||||
s = smartlist_join_strings(elts, ":", 0, NULL);
|
||||
log_info(LD_NET, "Got a non-version-1 cipher list from %s. It is: '%s'",
|
||||
s, address);
|
||||
address, s);
|
||||
tor_free(s);
|
||||
smartlist_free(elts);
|
||||
}
|
||||
|
@ -759,6 +771,12 @@ tor_tls_new(int sock, int isServer)
|
|||
result->state = TOR_TLS_ST_HANDSHAKE;
|
||||
result->isServer = isServer;
|
||||
result->wantwrite_n = 0;
|
||||
result->last_write_count = BIO_number_written(bio);
|
||||
result->last_read_count = BIO_number_read(bio);
|
||||
if (result->last_write_count || result->last_read_count) {
|
||||
log_warn(LD_NET, "Newly created BIO has read count %lu, write count %lu",
|
||||
result->last_read_count, result->last_write_count);
|
||||
}
|
||||
#ifdef V2_HANDSHAKE_SERVER
|
||||
if (isServer) {
|
||||
SSL_set_info_callback(result->ssl, tor_tls_server_info_callback);
|
||||
|
@ -930,7 +948,7 @@ tor_tls_handshake(tor_tls_t *tls)
|
|||
tls->state = TOR_TLS_ST_OPEN;
|
||||
if (tls->isServer) {
|
||||
SSL_set_info_callback(tls->ssl, NULL);
|
||||
SSL_set_verify(tls->ssl, SSL_VERIFY_NONE, always_accept_verify_cb);
|
||||
SSL_set_verify(tls->ssl, SSL_VERIFY_PEER, always_accept_verify_cb);
|
||||
/* There doesn't seem to be a clear OpenSSL API to clear mode flags. */
|
||||
tls->ssl->mode &= ~SSL_MODE_NO_AUTO_CHAIN;
|
||||
#ifdef V2_HANDSHAKE_SERVER
|
||||
|
@ -986,8 +1004,7 @@ tor_tls_renegotiate(tor_tls_t *tls)
|
|||
if (tls->state != TOR_TLS_ST_RENEGOTIATE) {
|
||||
int r = SSL_renegotiate(tls->ssl);
|
||||
if (r <= 0) {
|
||||
return tor_tls_get_error(tls, r, CATCH_SYSCALL|CATCH_ZERO,
|
||||
"renegotiating", LOG_WARN);
|
||||
return tor_tls_get_error(tls, r, 0, "renegotiating", LOG_WARN);
|
||||
}
|
||||
tls->state = TOR_TLS_ST_RENEGOTIATE;
|
||||
}
|
||||
|
@ -996,8 +1013,7 @@ tor_tls_renegotiate(tor_tls_t *tls)
|
|||
tls->state = TOR_TLS_ST_OPEN;
|
||||
return TOR_TLS_DONE;
|
||||
} else
|
||||
return tor_tls_get_error(tls, r, CATCH_SYSCALL|CATCH_ZERO,
|
||||
"renegotiating handshake", LOG_WARN);
|
||||
return tor_tls_get_error(tls, r, 0, "renegotiating handshake", LOG_INFO);
|
||||
}
|
||||
|
||||
/** Shut down an open tls connection <b>tls</b>. When finished, returns
|
||||
|
@ -1278,18 +1294,33 @@ tor_tls_get_forced_write_size(tor_tls_t *tls)
|
|||
void
|
||||
tor_tls_get_n_raw_bytes(tor_tls_t *tls, size_t *n_read, size_t *n_written)
|
||||
{
|
||||
BIO *wbio, *tmpbio;
|
||||
unsigned long r, w;
|
||||
r = BIO_number_read(SSL_get_rbio(tls->ssl));
|
||||
w = BIO_number_written(SSL_get_wbio(tls->ssl));
|
||||
/* We want the number of bytes actually for real written. Unfortunately,
|
||||
* sometimes OpenSSL replaces the wbio on tls->ssl with a buffering bio,
|
||||
* which makes the answer turn out wrong. Let's cope with that. Note
|
||||
* that this approach will fail if we ever replace tls->ssl's BIOs with
|
||||
* buffering bios for reasons of our own. As an alternative, we could
|
||||
* save the original BIO for tls->ssl in the tor_tls_t structure, but
|
||||
* that would be tempting fate. */
|
||||
wbio = SSL_get_wbio(tls->ssl);
|
||||
if (wbio->method == BIO_f_buffer() && (tmpbio = BIO_next(wbio)) != NULL)
|
||||
wbio = tmpbio;
|
||||
w = BIO_number_written(wbio);
|
||||
|
||||
/* We are ok with letting these unsigned ints go "negative" here:
|
||||
* If we wrapped around, this should still give us the right answer, unless
|
||||
* we wrapped around by more than ULONG_MAX since the last time we called
|
||||
* this function.
|
||||
*/
|
||||
|
||||
*n_read = (size_t)(r - tls->last_read_count);
|
||||
*n_written = (size_t)(w - tls->last_write_count);
|
||||
if (*n_read > INT_MAX || *n_written > INT_MAX) {
|
||||
log_warn(LD_BUG, "Preposterously large value in tor_tls_get_n_raw_bytes. "
|
||||
"r=%lu, last_read=%lu, w=%lu, last_written=%lu",
|
||||
r, tls->last_read_count, w, tls->last_write_count);
|
||||
}
|
||||
tls->last_read_count = r;
|
||||
tls->last_write_count = w;
|
||||
}
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2003, Roger Dingledine
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2003, Roger Dingledine
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
const char util_c_id[] = "$Id$";
|
||||
|
@ -31,9 +31,6 @@ const char util_c_id[] = "$Id$";
|
|||
#include <pwd.h>
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_CTYPE_H
|
||||
#include <ctype.h>
|
||||
#endif
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
|
@ -73,8 +70,13 @@ const char util_c_id[] = "$Id$";
|
|||
#include <malloc/malloc.h>
|
||||
#endif
|
||||
#ifdef HAVE_MALLOC_H
|
||||
#ifndef OPENBSD
|
||||
/* OpenBSD has a malloc.h, but for our purposes, it only exists in order to
|
||||
* scold us for being so stupid as to autodetect its presence. To be fair,
|
||||
* they've done this since 1996, when autoconf was only 5 years old. */
|
||||
#include <malloc.h>
|
||||
#endif
|
||||
#endif
|
||||
|
||||
/* =====
|
||||
* Memory management
|
||||
|
@ -1009,7 +1011,7 @@ tor_timegm(struct tm *tm)
|
|||
hours = days*24 + tm->tm_hour;
|
||||
|
||||
minutes = hours*60 + tm->tm_min;
|
||||
ret = minutes*60 + tm->tm_sec;
|
||||
ret = ((time_t)minutes)*60 + tm->tm_sec;
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
@ -2096,7 +2098,7 @@ tor_listdir(const char *dirname)
|
|||
size_t pattern_len = strlen(dirname)+16;
|
||||
pattern = tor_malloc(pattern_len);
|
||||
tor_snprintf(pattern, pattern_len, "%s\\*", dirname);
|
||||
if (!(handle = FindFirstFile(pattern, &findData))) {
|
||||
if (INVALID_HANDLE_VALUE == (handle = FindFirstFile(pattern, &findData))) {
|
||||
tor_free(pattern);
|
||||
return NULL;
|
||||
}
|
||||
|
@ -3092,8 +3094,7 @@ finish_daemon(const char *desired_cwd)
|
|||
exit(1);
|
||||
}
|
||||
|
||||
nullfd = open("/dev/null",
|
||||
O_CREAT | O_RDWR | O_APPEND);
|
||||
nullfd = open("/dev/null", O_RDWR | O_APPEND);
|
||||
if (nullfd < 0) {
|
||||
log_err(LD_GENERAL,"/dev/null can't be opened. Exiting.");
|
||||
exit(1);
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2003-2004, Roger Dingledine
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
|
||||
|
|
|
@ -1,11 +1,13 @@
|
|||
confdir = $(sysconfdir)/tor
|
||||
tordatadir = $(datadir)/tor
|
||||
|
||||
#EXTRA_DIST = fallback-consensus
|
||||
EXTRA_DIST = geoip
|
||||
|
||||
conf_DATA = torrc.sample
|
||||
|
||||
#data_DATA = fallback-consensus
|
||||
tordata_DATA = geoip
|
||||
|
||||
# If we don't have it, fake it.
|
||||
fallback-consensus:
|
||||
touch fallback-consensus
|
||||
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -74,7 +74,8 @@ micro-revision.i: FORCE
|
|||
break; \
|
||||
else \
|
||||
loc=`svk info $$location | \
|
||||
sed -n 's/^Copied From: \(.*\), Rev\. [0-9][0-9]*/\1/p'`; \
|
||||
sed -n 's/^Copied From: \(.*\), Rev\. [0-9][0-9]*/\1/p' | \
|
||||
head -1`; \
|
||||
if test x$$loc = x; then \
|
||||
break; \
|
||||
else \
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001 Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
const char buffers_c_id[] =
|
||||
|
@ -63,12 +63,14 @@ typedef struct chunk_t {
|
|||
* more than one byte long. */
|
||||
} chunk_t;
|
||||
|
||||
#define CHUNK_HEADER_LEN STRUCT_OFFSET(chunk_t, mem[0])
|
||||
|
||||
/** Return the number of bytes needed to allocate a chunk to hold
|
||||
* <b>memlen</b> bytes. */
|
||||
#define CHUNK_ALLOC_SIZE(memlen) (sizeof(chunk_t) + (memlen) - 1)
|
||||
#define CHUNK_ALLOC_SIZE(memlen) (CHUNK_HEADER_LEN + (memlen))
|
||||
/** Return the number of usable bytes in a chunk allocated with
|
||||
* malloc(<b>memlen</b>). */
|
||||
#define CHUNK_SIZE_WITH_ALLOC(memlen) ((memlen) - sizeof(chunk_t) + 1)
|
||||
#define CHUNK_SIZE_WITH_ALLOC(memlen) ((memlen) - CHUNK_HEADER_LEN)
|
||||
|
||||
/** Return the next character in <b>chunk</b> onto which data can be appended.
|
||||
* If the chunk is full, this might be off the end of chunk->mem. */
|
||||
|
@ -635,13 +637,13 @@ read_to_buf(int s, size_t at_most, buf_t *buf, int *reached_eof)
|
|||
check();
|
||||
if (r < 0)
|
||||
return r; /* Error */
|
||||
else if ((size_t)r < readlen) { /* eof, block, or no more to read. */
|
||||
tor_assert(r+total_read < INT_MAX);
|
||||
return (int)(r + total_read);
|
||||
}
|
||||
tor_assert(total_read+r < INT_MAX);
|
||||
total_read += r;
|
||||
if ((size_t)r < readlen) { /* eof, block, or no more to read. */
|
||||
break;
|
||||
}
|
||||
}
|
||||
return r;
|
||||
return (int)total_read;
|
||||
}
|
||||
|
||||
/** As read_to_buf, but reads from a TLS connection, and returns a TLS
|
||||
|
@ -689,11 +691,12 @@ read_to_buf_tls(tor_tls_t *tls, size_t at_most, buf_t *buf)
|
|||
check();
|
||||
if (r < 0)
|
||||
return r; /* Error */
|
||||
else if ((size_t)r < readlen) /* eof, block, or no more to read. */
|
||||
return r;
|
||||
tor_assert(total_read+r < INT_MAX);
|
||||
total_read += r;
|
||||
if ((size_t)r < readlen) /* eof, block, or no more to read. */
|
||||
break;
|
||||
}
|
||||
return r;
|
||||
return (int)total_read;
|
||||
}
|
||||
|
||||
/** Helper for flush_buf(): try to write <b>sz</b> bytes from chunk
|
||||
|
@ -963,7 +966,7 @@ fetch_var_cell_from_buf(buf_t *buf, var_cell_t **out, int linkproto)
|
|||
return 1;
|
||||
result = var_cell_new(length);
|
||||
result->command = command;
|
||||
result->circ_id = ntohs(*(uint16_t*)hdr);
|
||||
result->circ_id = ntohs(get_uint16(hdr));
|
||||
|
||||
buf_remove_from_front(buf, VAR_CELL_HEADER_SIZE);
|
||||
peek_from_buf(result->payload, length, buf);
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001 Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
const char circuitbuild_c_id[] =
|
||||
|
@ -99,7 +99,7 @@ get_unique_circ_id_by_conn(or_connection_t *conn)
|
|||
return 0;
|
||||
}
|
||||
test_circ_id |= high_bit;
|
||||
} while (circuit_get_by_circid_orconn(test_circ_id, conn));
|
||||
} while (circuit_id_in_use_on_orconn(test_circ_id, conn));
|
||||
return test_circ_id;
|
||||
}
|
||||
|
||||
|
@ -412,8 +412,9 @@ circuit_n_conn_done(or_connection_t *or_conn, int status)
|
|||
smartlist_t *pending_circs;
|
||||
int err_reason = 0;
|
||||
|
||||
log_debug(LD_CIRC,"or_conn to %s, status=%d",
|
||||
or_conn->nickname ? or_conn->nickname : "NULL", status);
|
||||
log_debug(LD_CIRC,"or_conn to %s/%s, status=%d",
|
||||
or_conn->nickname ? or_conn->nickname : "NULL",
|
||||
or_conn->_base.address, status);
|
||||
|
||||
pending_circs = smartlist_create();
|
||||
circuit_get_all_pending_on_or_conn(pending_circs, or_conn);
|
||||
|
@ -540,23 +541,20 @@ inform_testing_reachability(void)
|
|||
return 1;
|
||||
}
|
||||
|
||||
/** Return true iff we should send a create_fast cell to build a circuit
|
||||
* starting at <b>router</b>. (If <b>router</b> is NULL, we don't have
|
||||
* information on the router, so assume true.) */
|
||||
/** Return true iff we should send a create_fast cell to start building a given
|
||||
* circuit */
|
||||
static INLINE int
|
||||
should_use_create_fast_for_router(routerinfo_t *router,
|
||||
origin_circuit_t *circ)
|
||||
should_use_create_fast_for_circuit(origin_circuit_t *circ)
|
||||
{
|
||||
or_options_t *options = get_options();
|
||||
tor_assert(circ->cpath);
|
||||
tor_assert(circ->cpath->extend_info);
|
||||
|
||||
if (!options->FastFirstHopPK) /* create_fast is disabled */
|
||||
return 0;
|
||||
if (router && router->platform &&
|
||||
!tor_version_as_new_as(router->platform, "0.1.0.6-rc")) {
|
||||
/* known not to work */
|
||||
return 0;
|
||||
}
|
||||
if (server_mode(options) && circ->cpath->extend_info->onion_key) {
|
||||
if (!circ->cpath->extend_info->onion_key)
|
||||
return 1; /* our hand is forced: only a create_fast will work. */
|
||||
if (!options->FastFirstHopPK)
|
||||
return 0; /* we prefer to avoid create_fast */
|
||||
if (server_mode(options)) {
|
||||
/* We're a server, and we know an onion key. We can choose.
|
||||
* Prefer to blend in. */
|
||||
return 0;
|
||||
|
@ -592,14 +590,9 @@ circuit_send_next_onion_skin(origin_circuit_t *circ)
|
|||
log_debug(LD_CIRC,"First skin; sending create cell.");
|
||||
|
||||
router = router_get_by_digest(circ->_base.n_conn->identity_digest);
|
||||
fast = should_use_create_fast_for_router(router, circ);
|
||||
if (!fast && !circ->cpath->extend_info->onion_key) {
|
||||
log_warn(LD_CIRC,
|
||||
"Can't send create_fast, but have no onion key. Failing.");
|
||||
return - END_CIRC_REASON_INTERNAL;
|
||||
}
|
||||
fast = should_use_create_fast_for_circuit(circ);
|
||||
if (!fast) {
|
||||
/* We are an OR, or we are connecting to an old Tor: we should
|
||||
/* We are an OR and we know the right onion key: we should
|
||||
* send an old slow create cell.
|
||||
*/
|
||||
cell_type = CELL_CREATE;
|
||||
|
@ -704,10 +697,13 @@ circuit_note_clock_jumped(int seconds_elapsed)
|
|||
circuit_expire_all_dirty_circs();
|
||||
}
|
||||
|
||||
/** Take the 'extend' cell, pull out addr/port plus the onion skin. Make
|
||||
* sure we're connected to the next hop, and pass it the onion skin using
|
||||
* a create cell. Return -1 if we want to warn and tear down the circuit,
|
||||
* else return 0.
|
||||
/** Take the 'extend' <b>cell</b>, pull out addr/port plus the onion
|
||||
* skin and identity digest for the next hop. If we're already connected,
|
||||
* pass the onion skin to the next hop using a create cell; otherwise
|
||||
* launch a new OR connection, and <b>circ</b> will notice when the
|
||||
* connection succeeds or fails.
|
||||
*
|
||||
* Return -1 if we want to warn and tear down the circuit, else return 0.
|
||||
*/
|
||||
int
|
||||
circuit_extend(cell_t *cell, circuit_t *circ)
|
||||
|
@ -743,6 +739,29 @@ circuit_extend(cell_t *cell, circuit_t *circ)
|
|||
|
||||
onionskin = cell->payload+RELAY_HEADER_SIZE+4+2;
|
||||
id_digest = cell->payload+RELAY_HEADER_SIZE+4+2+ONIONSKIN_CHALLENGE_LEN;
|
||||
|
||||
/* First, check if they asked us for 0000..0000. We support using
|
||||
* an empty fingerprint for the first hop (e.g. for a bridge relay),
|
||||
* but we don't want to let people send us extend cells for empty
|
||||
* fingerprints -- a) because it opens the user up to a mitm attack,
|
||||
* and b) because it lets an attacker force the relay to hold open a
|
||||
* new TLS connection for each extend request. */
|
||||
if (tor_digest_is_zero(id_digest)) {
|
||||
log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
|
||||
"Client asked me to extend without specifying an id_digest.");
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* Next, check if we're being asked to connect to the hop that the
|
||||
* extend cell came from. There isn't any reason for that, and it can
|
||||
* assist circular-path attacks. */
|
||||
if (!memcmp(id_digest, TO_OR_CIRCUIT(circ)->p_conn->identity_digest,
|
||||
DIGEST_LEN)) {
|
||||
log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
|
||||
"Client asked me to extend back to the previous hop.");
|
||||
return -1;
|
||||
}
|
||||
|
||||
n_conn = connection_or_get_by_identity_digest(id_digest);
|
||||
|
||||
/* If we don't have an open conn, or the conn we have is obsolete
|
||||
|
@ -755,8 +774,8 @@ circuit_extend(cell_t *cell, circuit_t *circ)
|
|||
char tmpbuf[INET_NTOA_BUF_LEN];
|
||||
in.s_addr = htonl(circ->n_addr);
|
||||
tor_inet_ntoa(&in,tmpbuf,sizeof(tmpbuf));
|
||||
log_info(LD_CIRC|LD_OR,"Next router (%s:%d) not connected. Connecting.",
|
||||
tmpbuf, circ->n_port);
|
||||
log_debug(LD_CIRC|LD_OR,"Next router (%s:%d) not connected. Connecting.",
|
||||
tmpbuf, circ->n_port);
|
||||
|
||||
circ->n_conn_onionskin = tor_malloc(ONIONSKIN_CHALLENGE_LEN);
|
||||
memcpy(circ->n_conn_onionskin, onionskin, ONIONSKIN_CHALLENGE_LEN);
|
||||
|
@ -1045,11 +1064,11 @@ new_route_len(uint8_t purpose, extend_info_t *exit,
|
|||
purpose != CIRCUIT_PURPOSE_S_ESTABLISH_INTRO)
|
||||
routelen++;
|
||||
|
||||
log_debug(LD_CIRC,"Chosen route length %d (%d routers available).",
|
||||
routelen, smartlist_len(routers));
|
||||
|
||||
num_acceptable_routers = count_acceptable_routers(routers);
|
||||
|
||||
log_debug(LD_CIRC,"Chosen route length %d (%d/%d routers available).",
|
||||
routelen, num_acceptable_routers, smartlist_len(routers));
|
||||
|
||||
if (num_acceptable_routers < 2) {
|
||||
log_info(LD_CIRC,
|
||||
"Not enough acceptable routers (%d). Discarding this circuit.",
|
||||
|
@ -1143,6 +1162,9 @@ ap_stream_wants_exit_attention(connection_t *conn)
|
|||
if (conn->type == CONN_TYPE_AP &&
|
||||
conn->state == AP_CONN_STATE_CIRCUIT_WAIT &&
|
||||
!conn->marked_for_close &&
|
||||
!(TO_EDGE_CONN(conn)->want_onehop) && /* ignore one-hop streams */
|
||||
!(TO_EDGE_CONN(conn)->use_begindir) && /* ignore targeted dir fetches */
|
||||
!(TO_EDGE_CONN(conn)->chosen_exit_name) && /* ignore defined streams */
|
||||
!connection_edge_is_rendezvous_stream(TO_EDGE_CONN(conn)) &&
|
||||
!circuit_stream_is_being_handled(TO_EDGE_CONN(conn), 0,
|
||||
MIN_CIRCUITS_HANDLING_STREAM))
|
||||
|
@ -1236,6 +1258,11 @@ choose_good_exit_server_general(routerlist_t *dir, int need_uptime,
|
|||
// router->nickname, i);
|
||||
}
|
||||
}); /* End looping over connections. */
|
||||
if (n_pending_connections > 0 && n_supported[i] == 0) {
|
||||
/* Leave best_support at -1 if that's where it is, so we can
|
||||
* distinguish it later. */
|
||||
continue;
|
||||
}
|
||||
if (n_supported[i] > best_support) {
|
||||
/* If this router is better than previous ones, remember its index
|
||||
* and goodness, and start counting how many routers are this good. */
|
||||
|
@ -1961,7 +1988,7 @@ log_entry_guards(int severity)
|
|||
{
|
||||
tor_snprintf(buf, sizeof(buf), "%s (%s%s)",
|
||||
e->nickname,
|
||||
e->bad_since ? "down " : "up ",
|
||||
entry_is_live(e, 0, 1, 0) ? "up " : "down ",
|
||||
e->made_contact ? "made-contact" : "never-contacted");
|
||||
smartlist_add(elements, tor_strdup(buf));
|
||||
});
|
||||
|
@ -2169,7 +2196,7 @@ entry_guards_compute_status(void)
|
|||
{
|
||||
time_t now;
|
||||
int changed = 0;
|
||||
int severity = LOG_INFO;
|
||||
int severity = LOG_DEBUG;
|
||||
or_options_t *options;
|
||||
if (! entry_guards)
|
||||
return;
|
||||
|
@ -2182,26 +2209,28 @@ entry_guards_compute_status(void)
|
|||
{
|
||||
routerinfo_t *r = router_get_by_digest(entry->identity);
|
||||
const char *reason = NULL;
|
||||
/*XXX021 log reason again. */
|
||||
if (entry_guard_set_status(entry, r, now, options, &reason))
|
||||
changed = 1;
|
||||
|
||||
if (entry->bad_since)
|
||||
tor_assert(reason);
|
||||
|
||||
log_info(LD_CIRC, "Summary: Entry '%s' is %s, %s%s, and %s.",
|
||||
entry->nickname,
|
||||
entry->unreachable_since ? "unreachable" : "reachable",
|
||||
entry->bad_since ? "unusable: " : "usable",
|
||||
entry->bad_since ? reason : "",
|
||||
entry_is_live(entry, 0, 1, 0) ? "live" : "not live");
|
||||
});
|
||||
|
||||
if (remove_dead_entry_guards())
|
||||
changed = 1;
|
||||
|
||||
severity = changed ? LOG_DEBUG : LOG_INFO;
|
||||
|
||||
if (changed) {
|
||||
log_fn(severity, LD_CIRC, " (%d/%d entry guards are usable/new)",
|
||||
num_live_entry_guards(), smartlist_len(entry_guards));
|
||||
SMARTLIST_FOREACH(entry_guards, entry_guard_t *, entry,
|
||||
log_info(LD_CIRC, "Summary: Entry '%s' is %s, %s, and %s.",
|
||||
entry->nickname,
|
||||
entry->unreachable_since ? "unreachable" : "reachable",
|
||||
entry->bad_since ? "unusable" : "usable",
|
||||
entry_is_live(entry, 0, 1, 0) ? "live" : "not live"));
|
||||
log_info(LD_CIRC, " (%d/%d entry guards are usable/new)",
|
||||
num_live_entry_guards(), smartlist_len(entry_guards));
|
||||
log_entry_guards(LOG_INFO);
|
||||
entry_guards_changed();
|
||||
}
|
||||
|
@ -2474,8 +2503,13 @@ choose_random_entry(cpath_build_state_t *state)
|
|||
* be a long time til we get it. -RD */
|
||||
r = add_an_entry_guard(NULL, 0);
|
||||
if (r) {
|
||||
smartlist_add(live_entry_guards, r);
|
||||
entry_guards_changed();
|
||||
/* XXX we start over here in case the new node we added shares
|
||||
* a family with our exit node. There's a chance that we'll just
|
||||
* load up on entry guards here, if the network we're using is
|
||||
* one big family. Perhaps we should teach add_an_entry_guard()
|
||||
* to understand nodes-to-avoid-if-possible? -RD */
|
||||
goto retry;
|
||||
}
|
||||
}
|
||||
if (!r && need_uptime) {
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Copyright 2001 Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
const char circuitlist_c_id[] =
|
||||
|
@ -661,6 +661,14 @@ circuit_get_by_circid_orconn(uint16_t circ_id, or_connection_t *conn)
|
|||
return circ;
|
||||
}
|
||||
|
||||
/** Return true iff the circuit ID <b>circ_id</b> is currently used by a
|
||||
* circuit, marked or not, on <b>conn</b>. */
|
||||
int
|
||||
circuit_id_in_use_on_orconn(uint16_t circ_id, or_connection_t *conn)
|
||||
{
|
||||
return circuit_get_by_circid_orconn_impl(circ_id, conn) != NULL;
|
||||
}
|
||||
|
||||
/** Return the circuit that a given edge connection is using. */
|
||||
circuit_t *
|
||||
circuit_get_by_edge_conn(edge_connection_t *conn)
|
||||
|
@ -814,9 +822,9 @@ circuit_find_to_cannibalize(uint8_t purpose, extend_info_t *info,
|
|||
|
||||
circuit_t *_circ;
|
||||
origin_circuit_t *best=NULL;
|
||||
int need_uptime = flags & CIRCLAUNCH_NEED_UPTIME;
|
||||
int need_capacity = flags & CIRCLAUNCH_NEED_CAPACITY;
|
||||
int internal = flags & CIRCLAUNCH_IS_INTERNAL;
|
||||
int need_uptime = (flags & CIRCLAUNCH_NEED_UPTIME) != 0;
|
||||
int need_capacity = (flags & CIRCLAUNCH_NEED_CAPACITY) != 0;
|
||||
int internal = (flags & CIRCLAUNCH_IS_INTERNAL) != 0;
|
||||
|
||||
log_debug(LD_CIRC,
|
||||
"Hunting for a circ to cannibalize: purpose %d, uptime %d, "
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001 Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
const char circuituse_c_id[] =
|
||||
|
@ -95,10 +95,19 @@ circuit_is_acceptable(circuit_t *circ, edge_connection_t *conn,
|
|||
tor_assert(conn->chosen_exit_name);
|
||||
if (build_state->chosen_exit) {
|
||||
char digest[DIGEST_LEN];
|
||||
if (hexdigest_to_digest(conn->chosen_exit_name, digest) < 0 ||
|
||||
memcmp(digest, build_state->chosen_exit->identity_digest,
|
||||
DIGEST_LEN))
|
||||
if (hexdigest_to_digest(conn->chosen_exit_name, digest) < 0)
|
||||
return 0; /* broken digest, we don't want it */
|
||||
if (memcmp(digest, build_state->chosen_exit->identity_digest,
|
||||
DIGEST_LEN))
|
||||
return 0; /* this is a circuit to somewhere else */
|
||||
if (tor_digest_is_zero(digest)) {
|
||||
/* we don't know the digest; have to compare addr:port */
|
||||
struct in_addr in;
|
||||
if (!tor_inet_aton(conn->socks_request->address, &in) ||
|
||||
build_state->chosen_exit->addr != ntohl(in.s_addr) ||
|
||||
build_state->chosen_exit->port != conn->socks_request->port)
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
} else {
|
||||
if (conn->want_onehop) {
|
||||
|
@ -210,15 +219,22 @@ circuit_expire_building(time_t now)
|
|||
{
|
||||
circuit_t *victim, *circ = global_circuitlist;
|
||||
time_t cutoff = now - get_options()->CircuitBuildTimeout;
|
||||
time_t begindir_cutoff = now - get_options()->CircuitBuildTimeout/2;
|
||||
cpath_build_state_t *build_state;
|
||||
|
||||
while (circ) {
|
||||
victim = circ;
|
||||
circ = circ->next;
|
||||
if (!CIRCUIT_IS_ORIGIN(victim) || /* didn't originate here */
|
||||
victim->timestamp_created > cutoff || /* Not old enough to expire */
|
||||
victim->marked_for_close) /* don't mess with marked circs */
|
||||
continue;
|
||||
|
||||
build_state = TO_ORIGIN_CIRCUIT(victim)->build_state;
|
||||
if (victim->timestamp_created >
|
||||
((build_state && build_state->onehop_tunnel) ?
|
||||
begindir_cutoff : cutoff))
|
||||
continue; /* it's still young, leave it alone */
|
||||
|
||||
#if 0
|
||||
/* some debug logs, to help track bugs */
|
||||
if (victim->purpose >= CIRCUIT_PURPOSE_C_INTRODUCING &&
|
||||
|
@ -456,7 +472,7 @@ circuit_predict_and_launch_new(void)
|
|||
void
|
||||
circuit_build_needed_circs(time_t now)
|
||||
{
|
||||
static long time_to_new_circuit = 0;
|
||||
static time_t time_to_new_circuit = 0;
|
||||
or_options_t *options = get_options();
|
||||
|
||||
/* launch a new circ for any pending streams that need one */
|
||||
|
@ -739,6 +755,9 @@ circuit_build_failed(origin_circuit_t *circ)
|
|||
entry_guard_register_connect_status(n_conn->identity_digest, 0,
|
||||
time(NULL));
|
||||
}
|
||||
/* if there are any one-hop streams waiting on this circuit, fail
|
||||
* them now so they can retry elsewhere. */
|
||||
connection_ap_fail_onehop(circ->_base.n_conn_id_digest, circ->build_state);
|
||||
}
|
||||
|
||||
switch (circ->_base.purpose) {
|
||||
|
@ -833,7 +852,7 @@ circuit_launch_by_extend_info(uint8_t purpose,
|
|||
int flags)
|
||||
{
|
||||
origin_circuit_t *circ;
|
||||
int onehop_tunnel = flags & CIRCLAUNCH_ONEHOP_TUNNEL;
|
||||
int onehop_tunnel = (flags & CIRCLAUNCH_ONEHOP_TUNNEL) != 0;
|
||||
|
||||
if (!onehop_tunnel && !router_have_minimum_dir_info()) {
|
||||
log_debug(LD_CIRC,"Haven't fetched enough directory info yet; canceling "
|
||||
|
@ -996,17 +1015,40 @@ circuit_get_open_circ_or_launch(edge_connection_t *conn,
|
|||
|
||||
/* Do we need to check exit policy? */
|
||||
if (check_exit_policy) {
|
||||
struct in_addr in;
|
||||
uint32_t addr = 0;
|
||||
if (tor_inet_aton(conn->socks_request->address, &in))
|
||||
addr = ntohl(in.s_addr);
|
||||
if (router_exit_policy_all_routers_reject(addr, conn->socks_request->port,
|
||||
need_uptime)) {
|
||||
log_notice(LD_APP,
|
||||
"No Tor server exists that allows exit to %s:%d. Rejecting.",
|
||||
safe_str(conn->socks_request->address),
|
||||
conn->socks_request->port);
|
||||
return -1;
|
||||
if (!conn->chosen_exit_name) {
|
||||
struct in_addr in;
|
||||
uint32_t addr = 0;
|
||||
if (tor_inet_aton(conn->socks_request->address, &in))
|
||||
addr = ntohl(in.s_addr);
|
||||
if (router_exit_policy_all_routers_reject(addr,
|
||||
conn->socks_request->port,
|
||||
need_uptime)) {
|
||||
log_notice(LD_APP,
|
||||
"No Tor server exists that allows exit to %s:%d. "
|
||||
"Rejecting.",
|
||||
safe_str(conn->socks_request->address),
|
||||
conn->socks_request->port);
|
||||
return -1;
|
||||
}
|
||||
} else {
|
||||
/* XXXX021 Duplicates checks in connection_ap_handshake_attach_circuit
|
||||
* XXXX021 Fix this, then backport it? */
|
||||
routerinfo_t *router = router_get_by_nickname(conn->chosen_exit_name, 1);
|
||||
int opt = conn->_base.chosen_exit_optional;
|
||||
if (router && !connection_ap_can_use_exit(conn, router)) {
|
||||
log_fn(opt ? LOG_INFO : LOG_WARN, LD_APP,
|
||||
"Requested exit point '%s' would refuse request. %s.",
|
||||
conn->chosen_exit_name, opt ? "Trying others" : "Closing");
|
||||
if (opt) {
|
||||
conn->_base.chosen_exit_optional = 0;
|
||||
tor_free(conn->chosen_exit_name);
|
||||
/* Try again. */
|
||||
return circuit_get_open_circ_or_launch(conn,
|
||||
desired_circuit_purpose,
|
||||
circp);
|
||||
}
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001 Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
const char command_c_id[] =
|
||||
|
@ -252,7 +252,7 @@ command_process_create_cell(cell_t *cell, or_connection_t *conn)
|
|||
return;
|
||||
}
|
||||
|
||||
if (circuit_get_by_circid_orconn(cell->circ_id, conn)) {
|
||||
if (circuit_id_in_use_on_orconn(cell->circ_id, conn)) {
|
||||
routerinfo_t *router = router_get_by_digest(conn->identity_digest);
|
||||
log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
|
||||
"Received CREATE cell (circID %d) for known circ. "
|
||||
|
@ -577,8 +577,11 @@ command_process_netinfo_cell(cell_t *cell, or_connection_t *conn)
|
|||
if (labs(apparent_skew) > NETINFO_NOTICE_SKEW &&
|
||||
router_get_by_digest(conn->identity_digest)) {
|
||||
char dbuf[64];
|
||||
/*XXXX This should check the trustedness of the other side. */
|
||||
int severity = server_mode(get_options()) ? LOG_INFO : LOG_WARN;
|
||||
int severity;
|
||||
if (router_digest_is_trusted_dir(conn->identity_digest))
|
||||
severity = LOG_WARN;
|
||||
else
|
||||
severity = LOG_INFO;
|
||||
format_time_interval(dbuf, sizeof(dbuf), apparent_skew);
|
||||
log_fn(severity, LD_GENERAL, "Received NETINFO cell with skewed time from "
|
||||
"server at %s:%d. It seems that our clock is %s by %s, or "
|
||||
|
|
138
src/or/config.c
138
src/or/config.c
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001 Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
const char config_c_id[] = \
|
||||
|
@ -198,8 +198,13 @@ static config_var_t _option_vars[] = {
|
|||
V(FetchServerDescriptors, BOOL, "1"),
|
||||
V(FetchHidServDescriptors, BOOL, "1"),
|
||||
V(FetchUselessDescriptors, BOOL, "0"),
|
||||
V(GeoIPFile, STRING, NULL),
|
||||
V(Group, STRING, NULL),
|
||||
#ifdef WIN32
|
||||
V(GeoIPFile, STRING, "<default>"),
|
||||
#else
|
||||
V(GeoIPFile, STRING,
|
||||
SHARE_DATADIR PATH_SEPARATOR "tor" PATH_SEPARATOR "geoip"),
|
||||
#endif
|
||||
OBSOLETE("Group"),
|
||||
V(HardwareAccel, BOOL, "0"),
|
||||
V(HashedControlPassword, LINELIST, NULL),
|
||||
V(HidServDirectoryV2, BOOL, "0"),
|
||||
|
@ -243,7 +248,7 @@ static config_var_t _option_vars[] = {
|
|||
V(OutboundBindAddress, STRING, NULL),
|
||||
OBSOLETE("PathlenCoinWeight"),
|
||||
V(PidFile, STRING, NULL),
|
||||
V(PreferTunneledDirConns, BOOL, "0"),
|
||||
V(PreferTunneledDirConns, BOOL, "1"),
|
||||
V(ProtocolWarnings, BOOL, "0"),
|
||||
V(PublishServerDescriptor, CSV, "1"),
|
||||
V(PublishHidServDescriptors, BOOL, "1"),
|
||||
|
@ -266,9 +271,10 @@ static config_var_t _option_vars[] = {
|
|||
V(RunTesting, BOOL, "0"),
|
||||
V(SafeLogging, BOOL, "1"),
|
||||
V(SafeSocks, BOOL, "0"),
|
||||
V(ServerDNSAllowBrokenResolvConf, BOOL, "0"),
|
||||
V(ServerDNSAllowBrokenResolvConf, BOOL, "1"),
|
||||
V(ServerDNSAllowNonRFC953Hostnames, BOOL,"0"),
|
||||
V(ServerDNSDetectHijacking, BOOL, "1"),
|
||||
V(ServerDNSRandomizeCase, BOOL, "1"),
|
||||
V(ServerDNSResolvConfFile, STRING, NULL),
|
||||
V(ServerDNSSearchDomains, BOOL, "0"),
|
||||
V(ServerDNSTestAddresses, CSV,
|
||||
|
@ -289,7 +295,7 @@ static config_var_t _option_vars[] = {
|
|||
OBSOLETE("TrafficShaping"),
|
||||
V(TransListenAddress, LINELIST, NULL),
|
||||
V(TransPort, UINT, "0"),
|
||||
V(TunnelDirConns, BOOL, "0"),
|
||||
V(TunnelDirConns, BOOL, "1"),
|
||||
V(UpdateBridgesFromAuthority, BOOL, "0"),
|
||||
V(UseBridges, BOOL, "0"),
|
||||
V(UseEntryGuards, BOOL, "1"),
|
||||
|
@ -301,6 +307,7 @@ static config_var_t _option_vars[] = {
|
|||
V(V3AuthVoteDelay, INTERVAL, "5 minutes"),
|
||||
V(V3AuthDistDelay, INTERVAL, "5 minutes"),
|
||||
V(V3AuthNIntervalsValid, UINT, "3"),
|
||||
V(V3AuthUseLegacyKey, BOOL, "0"),
|
||||
VAR("VersioningAuthoritativeDirectory",BOOL,VersioningAuthoritativeDir, "0"),
|
||||
V(VirtualAddrNetwork, STRING, "127.192.0.0/10"),
|
||||
V(WarnPlaintextPorts, CSV, "23,109,110,143"),
|
||||
|
@ -385,7 +392,6 @@ static config_var_description_t options_description[] = {
|
|||
/* { "FastFirstHopPK", "" }, */
|
||||
/* FetchServerDescriptors, FetchHidServDescriptors,
|
||||
* FetchUselessDescriptors */
|
||||
{ "Group", "On startup, setgid to this group." },
|
||||
{ "HardwareAccel", "If set, Tor tries to use hardware crypto accelerators "
|
||||
"when it can." },
|
||||
/* HashedControlPassword */
|
||||
|
@ -599,6 +605,9 @@ typedef struct {
|
|||
*(uint32_t*)STRUCT_VAR_P(cfg,fmt->magic_offset)); \
|
||||
STMT_END
|
||||
|
||||
#ifdef MS_WINDOWS
|
||||
static char *get_windows_conf_root(void);
|
||||
#endif
|
||||
static void config_line_append(config_line_t **lst,
|
||||
const char *key, const char *val);
|
||||
static void option_clear(config_format_t *fmt, or_options_t *options,
|
||||
|
@ -822,23 +831,21 @@ add_default_trusted_dir_authorities(authority_type_t type)
|
|||
{
|
||||
int i;
|
||||
const char *dirservers[] = {
|
||||
"moria1 v1 orport=9001 v3ident=5420FD8EA46BD4290F1D07A1883C9D85ECC486C4 "
|
||||
"moria1 v1 orport=9001 v3ident=E2A2AF570166665D738736D0DD58169CC61D8A8B "
|
||||
"128.31.0.34:9031 FFCB 46DB 1339 DA84 674C 70D7 CB58 6434 C437 0441",
|
||||
"moria2 v1 orport=9002 128.31.0.34:9032 "
|
||||
"719B E45D E224 B607 C537 07D0 E214 3E2D 423E 74CF",
|
||||
"tor26 v1 orport=443 v3ident=A9AC67E64B200BBF2FA26DF194AC0469E2A948C6 "
|
||||
"tor26 v1 orport=443 v3ident=14C131DFC5C6F93646BE72FA1401C02A8DF2E8B4 "
|
||||
"86.59.21.38:80 847B 1F85 0344 D787 6491 A548 92F9 0493 4E4E B85D",
|
||||
"lefkada orport=443 v3ident=0D95B91896E6089AB9A3C6CB56E724CAF898C43F "
|
||||
"140.247.60.64:80 38D4 F5FC F7B1 0232 28B8 95EA 56ED E7D5 CCDC AF32",
|
||||
"dizum 194.109.206.212:80 "
|
||||
"7EA6 EAD6 FD83 083C 538F 4403 8BBF A077 587D D755",
|
||||
"dizum orport=443 v3ident=E8A9C45EDE6D711294FADF8E7951F4DE6CA56B58 "
|
||||
"194.109.206.212:80 7EA6 EAD6 FD83 083C 538F 4403 8BBF A077 587D D755",
|
||||
"Tonga orport=443 bridge no-v2 82.94.251.206:80 "
|
||||
"4A0C CD2D DC79 9508 3D73 F5D6 6710 0C8A 5831 F16D",
|
||||
"ides orport=9090 no-v2 v3ident=27B6B5996C426270A5C95488AA5BCEB6BCC86956 "
|
||||
"216.224.124.114:9030 F397 038A DC51 3361 35E7 B80B D99C A384 4360 292B",
|
||||
"gabelmoo orport=443 no-v2 "
|
||||
"v3ident=EAA879B5C75032E462CB018630D2D0DF46EBA606 "
|
||||
"88.198.7.215:80 6833 3D07 61BC F397 A587 A0C0 B963 E4A9 E99E C4D3",
|
||||
"v3ident=81349FC1F2DBA2C2C11B45CB9706637D480AB913 "
|
||||
"80.190.246.100:80 6833 3D07 61BC F397 A587 A0C0 B963 E4A9 E99E C4D3",
|
||||
"dannenberg orport=443 no-v2 "
|
||||
"v3ident=585769C78764D58426B8B52B6651A5A71137189A "
|
||||
"213.73.91.31:80 7BE6 83E6 5D48 1413 21C5 ED92 F075 C553 64AC 7123",
|
||||
|
@ -1013,14 +1020,21 @@ options_act_reversible(or_options_t *old_options, char **msg)
|
|||
}
|
||||
}
|
||||
|
||||
#if defined(HAVE_NET_IF_H) && defined(HAVE_NET_PFVAR_H)
|
||||
/* Open /dev/pf before dropping privileges. */
|
||||
if (options->TransPort) {
|
||||
if (get_pf_socket() < 0) {
|
||||
*msg = tor_strdup("Unable to open /dev/pf for transparent proxy.");
|
||||
goto rollback;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
/* Setuid/setgid as appropriate */
|
||||
if (options->User || options->Group) {
|
||||
/* XXXX021 We should only do this the first time through, not on
|
||||
* every setconf. */
|
||||
if (switch_id(options->User, options->Group) != 0) {
|
||||
if (options->User) {
|
||||
if (switch_id(options->User) != 0) {
|
||||
/* No need to roll back, since you can't change the value. */
|
||||
*msg = tor_strdup("Problem with User or Group value. "
|
||||
"See logs for details.");
|
||||
*msg = tor_strdup("Problem with User value. See logs for details.");
|
||||
goto done;
|
||||
}
|
||||
}
|
||||
|
@ -1250,7 +1264,20 @@ options_act(or_options_t *old_options)
|
|||
if (options->GeoIPFile &&
|
||||
((!old_options || !opt_streq(old_options->GeoIPFile, options->GeoIPFile))
|
||||
|| !geoip_is_loaded())) {
|
||||
geoip_load_file(options->GeoIPFile);
|
||||
/* XXXX021 Don't use this "<default>" junk; make our filename options
|
||||
* understand prefixes somehow. -NM */
|
||||
char *actual_fname = tor_strdup(options->GeoIPFile);
|
||||
#ifdef WIN32
|
||||
if (!strcmp(actual_fname, "<default>")) {
|
||||
const char *conf_root = get_windows_conf_root();
|
||||
size_t len = strlen(conf_root)+16;
|
||||
tor_free(actual_fname);
|
||||
actual_fname = tor_malloc(len+1);
|
||||
tor_snprintf(actual_fname, len, "%s\\geoip", conf_root);
|
||||
}
|
||||
#endif
|
||||
geoip_load_file(actual_fname, options);
|
||||
tor_free(actual_fname);
|
||||
}
|
||||
/* Check if we need to parse and add the EntryNodes config option. */
|
||||
if (options->EntryNodes &&
|
||||
|
@ -1838,9 +1865,9 @@ get_assigned_option(config_format_t *fmt, or_options_t *options,
|
|||
result->value = tor_strdup("");
|
||||
break;
|
||||
case CONFIG_TYPE_OBSOLETE:
|
||||
log_warn(LD_CONFIG,
|
||||
"You asked me for the value of an obsolete config option '%s'.",
|
||||
key);
|
||||
log_fn(LOG_PROTOCOL_WARN, LD_CONFIG,
|
||||
"You asked me for the value of an obsolete config option '%s'.",
|
||||
key);
|
||||
tor_free(result->key);
|
||||
tor_free(result);
|
||||
return NULL;
|
||||
|
@ -2086,7 +2113,7 @@ print_usage(void)
|
|||
printf(
|
||||
"Copyright (c) 2001-2004, Roger Dingledine\n"
|
||||
"Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson\n"
|
||||
"Copyright (c) 2007-2008, The Tor Project, Inc.\n\n"
|
||||
"Copyright (c) 2007-2009, The Tor Project, Inc.\n\n"
|
||||
"tor -f <torrc> [args]\n"
|
||||
"See man page for options, or https://www.torproject.org/ for "
|
||||
"documentation.\n");
|
||||
|
@ -2654,6 +2681,15 @@ compute_publishserverdescriptor(or_options_t *options)
|
|||
/** Highest allowable value for RendPostPeriod. */
|
||||
#define MAX_DIR_PERIOD (MIN_ONION_KEY_LIFETIME/2)
|
||||
|
||||
/** Lowest allowable value for CircuitBuildTimeout; values too low will
|
||||
* increase network load because of failing connections being retried, and
|
||||
* might prevent users from connecting to the network at all. */
|
||||
#define MIN_CIRCUIT_BUILD_TIMEOUT 30
|
||||
|
||||
/** Lowest allowable value for MaxCircuitDirtiness; if this is too low, Tor
|
||||
* will generate too many circuits and potentially overload the network. */
|
||||
#define MIN_MAX_CIRCUIT_DIRTINESS 10
|
||||
|
||||
/** Return 0 if every setting in <b>options</b> is reasonable, and a
|
||||
* permissible transition from <b>old_options</b>. Else return -1.
|
||||
* Should have no side effects, except for normalizing the contents of
|
||||
|
@ -3057,6 +3093,18 @@ options_validate(or_options_t *old_options, or_options_t *options,
|
|||
options->RendPostPeriod = MAX_DIR_PERIOD;
|
||||
}
|
||||
|
||||
if (options->CircuitBuildTimeout < MIN_CIRCUIT_BUILD_TIMEOUT) {
|
||||
log(LOG_WARN, LD_CONFIG, "CircuitBuildTimeout option is too short; "
|
||||
"raising to %d seconds.", MIN_CIRCUIT_BUILD_TIMEOUT);
|
||||
options->CircuitBuildTimeout = MIN_CIRCUIT_BUILD_TIMEOUT;
|
||||
}
|
||||
|
||||
if (options->MaxCircuitDirtiness < MIN_MAX_CIRCUIT_DIRTINESS) {
|
||||
log(LOG_WARN, LD_CONFIG, "MaxCircuitDirtiness option is too short; "
|
||||
"raising to %d seconds.", MIN_MAX_CIRCUIT_DIRTINESS);
|
||||
options->MaxCircuitDirtiness = MIN_MAX_CIRCUIT_DIRTINESS;
|
||||
}
|
||||
|
||||
if (options->KeepalivePeriod < 1)
|
||||
REJECT("KeepalivePeriod option must be positive.");
|
||||
|
||||
|
@ -3117,6 +3165,13 @@ options_validate(or_options_t *old_options, or_options_t *options,
|
|||
if (options->BandwidthRate > options->BandwidthBurst)
|
||||
REJECT("BandwidthBurst must be at least equal to BandwidthRate.");
|
||||
|
||||
/* if they set relaybandwidth* really high but left bandwidth*
|
||||
* at the default, raise the defaults. */
|
||||
if (options->RelayBandwidthRate > options->BandwidthRate)
|
||||
options->BandwidthRate = options->RelayBandwidthRate;
|
||||
if (options->RelayBandwidthBurst > options->BandwidthBurst)
|
||||
options->BandwidthBurst = options->RelayBandwidthBurst;
|
||||
|
||||
if (accounting_parse_options(options, 1)<0)
|
||||
REJECT("Failed to parse accounting options. See logs for details.");
|
||||
|
||||
|
@ -3417,6 +3472,8 @@ options_transition_affects_descriptor(or_options_t *old_options,
|
|||
new_options->_PublishServerDescriptor ||
|
||||
old_options->BandwidthRate != new_options->BandwidthRate ||
|
||||
old_options->BandwidthBurst != new_options->BandwidthBurst ||
|
||||
old_options->MaxAdvertisedBandwidth !=
|
||||
new_options->MaxAdvertisedBandwidth ||
|
||||
!opt_streq(old_options->ContactInfo, new_options->ContactInfo) ||
|
||||
!opt_streq(old_options->MyFamily, new_options->MyFamily) ||
|
||||
!opt_streq(old_options->AccountingStart, new_options->AccountingStart) ||
|
||||
|
@ -3528,6 +3585,7 @@ options_init_from_torrc(int argc, char **argv)
|
|||
int i, retval;
|
||||
int using_default_torrc;
|
||||
int ignore_missing_torrc;
|
||||
int ignore_torrc = 0;
|
||||
static char **backup_argv;
|
||||
static int backup_argc;
|
||||
|
||||
|
@ -3590,11 +3648,12 @@ options_init_from_torrc(int argc, char **argv)
|
|||
newoptions->command = CMD_HASH_PASSWORD;
|
||||
newoptions->command_arg = tor_strdup( (i < argc-1) ? argv[i+1] : "");
|
||||
++i;
|
||||
ignore_torrc = 1;
|
||||
} else if (!strcmp(argv[i],"--verify-config")) {
|
||||
newoptions->command = CMD_VERIFY_CONFIG;
|
||||
}
|
||||
}
|
||||
if (using_default_torrc) {
|
||||
if (using_default_torrc && !ignore_torrc) {
|
||||
/* didn't find one, try CONFDIR */
|
||||
const char *dflt = get_default_conf_file();
|
||||
if (dflt && file_status(dflt) == FN_FILE) {
|
||||
|
@ -3614,16 +3673,20 @@ options_init_from_torrc(int argc, char **argv)
|
|||
#endif
|
||||
}
|
||||
}
|
||||
tor_assert(fname);
|
||||
log(LOG_DEBUG, LD_CONFIG, "Opening config file \"%s\"", fname);
|
||||
if (!ignore_torrc) {
|
||||
tor_assert(fname);
|
||||
log(LOG_DEBUG, LD_CONFIG, "Opening config file \"%s\"", fname);
|
||||
|
||||
tor_free(torrc_fname);
|
||||
torrc_fname = fname;
|
||||
tor_free(torrc_fname);
|
||||
torrc_fname = fname;
|
||||
}
|
||||
|
||||
/* get config lines, assign them */
|
||||
if (file_status(fname) != FN_FILE ||
|
||||
if (ignore_torrc) {
|
||||
cf = tor_strdup("");
|
||||
} else if (file_status(fname) != FN_FILE ||
|
||||
!(cf = read_file_to_str(fname,0,NULL))) {
|
||||
if (using_default_torrc == 1 || ignore_missing_torrc ) {
|
||||
if (using_default_torrc == 1 || ignore_missing_torrc) {
|
||||
log(LOG_NOTICE, LD_CONFIG, "Configuration file \"%s\" not present, "
|
||||
"using reasonable defaults.", fname);
|
||||
tor_free(fname); /* sets fname to NULL */
|
||||
|
@ -3633,7 +3696,8 @@ options_init_from_torrc(int argc, char **argv)
|
|||
"Unable to open configuration file \"%s\".", fname);
|
||||
goto err;
|
||||
}
|
||||
} else { /* it opened successfully. use it. */
|
||||
}
|
||||
if (cf) { /* It opened successfully. use it. */
|
||||
retval = config_get_lines(cf, &cl);
|
||||
tor_free(cf);
|
||||
if (retval < 0)
|
||||
|
@ -3824,7 +3888,8 @@ options_init_logs(or_options_t *options, int validate_only)
|
|||
}
|
||||
if (!validate_only) {
|
||||
if (add_file_log(levelMin, levelMax, smartlist_get(elts, 2)) < 0) {
|
||||
log_warn(LD_CONFIG, "Couldn't open file for 'Log %s'", opt->value);
|
||||
log_warn(LD_CONFIG, "Couldn't open file for 'Log %s': %s",
|
||||
opt->value, strerror(errno));
|
||||
ok = 0;
|
||||
}
|
||||
}
|
||||
|
@ -3836,6 +3901,9 @@ options_init_logs(or_options_t *options, int validate_only)
|
|||
ok = 0; goto cleanup;
|
||||
}
|
||||
if (!strcasecmp(smartlist_get(elts,1), "stdout")) {
|
||||
/* Starting in 0.2.1.x, we will just decline to open the log file
|
||||
* to stdout, rather than failing the whole program. But I'm leaving
|
||||
* this intact for here so we can stabilize 0.2.0.x. -RD */
|
||||
if (daemon) {
|
||||
log_warn(LD_CONFIG, "Can't log to stdout with RunAsDaemon set.");
|
||||
ok = 0; goto cleanup;
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001 Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
const char connection_c_id[] =
|
||||
|
@ -166,7 +166,8 @@ conn_state_to_string(int type, int state)
|
|||
connection_t *
|
||||
connection_new(int type, int socket_family)
|
||||
{
|
||||
static uint32_t n_connections_allocated = 1;
|
||||
static uint64_t n_connections_allocated = 1;
|
||||
|
||||
connection_t *conn;
|
||||
time_t now = time(NULL);
|
||||
size_t length;
|
||||
|
@ -200,6 +201,7 @@ connection_new(int type, int socket_family)
|
|||
conn->magic = magic;
|
||||
conn->s = -1; /* give it a default of 'not used' */
|
||||
conn->conn_array_index = -1; /* also default to 'not used' */
|
||||
conn->global_identifier = n_connections_allocated++;
|
||||
|
||||
conn->type = type;
|
||||
conn->socket_family = socket_family;
|
||||
|
@ -211,9 +213,6 @@ connection_new(int type, int socket_family)
|
|||
TO_EDGE_CONN(conn)->socks_request =
|
||||
tor_malloc_zero(sizeof(socks_request_t));
|
||||
}
|
||||
if (CONN_IS_EDGE(conn)) {
|
||||
TO_EDGE_CONN(conn)->global_identifier = n_connections_allocated++;
|
||||
}
|
||||
if (type == CONN_TYPE_OR) {
|
||||
TO_OR_CONN(conn)->timestamp_last_added_nonpadding = now;
|
||||
TO_OR_CONN(conn)->next_circ_id = crypto_rand_int(1<<15);
|
||||
|
@ -479,13 +478,20 @@ connection_about_to_close_connection(connection_t *conn)
|
|||
* failed: forget about this router, and maybe try again. */
|
||||
connection_dir_request_failed(dir_conn);
|
||||
}
|
||||
if (conn->purpose == DIR_PURPOSE_FETCH_RENDDESC)
|
||||
rend_client_desc_here(dir_conn->rend_query); /* give it a try */
|
||||
if (conn->purpose == DIR_PURPOSE_FETCH_RENDDESC) {
|
||||
/* Give it a try. However, there is no re-fetching for v0 rend
|
||||
* descriptors; if the response is empty or the descriptor is
|
||||
* unusable, close pending connections (unless a v2 request is
|
||||
* still in progress). */
|
||||
rend_client_desc_trynow(dir_conn->rend_query, 0);
|
||||
}
|
||||
/* If we were trying to fetch a v2 rend desc and did not succeed,
|
||||
* retry as needed. (If a fetch is successful, the connection state
|
||||
* is changed to DIR_PURPOSE_HAS_FETCHED_RENDDESC to mark that
|
||||
* refetching is unnecessary.) */
|
||||
if (conn->purpose == DIR_PURPOSE_FETCH_RENDDESC_V2)
|
||||
if (conn->purpose == DIR_PURPOSE_FETCH_RENDDESC_V2 &&
|
||||
dir_conn->rend_query &&
|
||||
strlen(dir_conn->rend_query) == REND_SERVICE_ID_LEN_BASE32)
|
||||
rend_client_refetch_v2_renddesc(dir_conn->rend_query);
|
||||
break;
|
||||
case CONN_TYPE_OR:
|
||||
|
@ -1576,8 +1582,16 @@ connection_buckets_decrement(connection_t *conn, time_t now,
|
|||
{
|
||||
if (!connection_is_rate_limited(conn))
|
||||
return; /* local IPs are free */
|
||||
tor_assert(num_read < INT_MAX);
|
||||
tor_assert(num_written < INT_MAX);
|
||||
if (num_written >= INT_MAX || num_read >= INT_MAX) {
|
||||
log_err(LD_BUG, "Value out of range. num_read=%lu, num_written=%lu, "
|
||||
"connection type=%s, state=%s",
|
||||
(unsigned long)num_read, (unsigned long)num_written,
|
||||
conn_type_to_string(conn->type),
|
||||
conn_state_to_string(conn->type, conn->state));
|
||||
if (num_written >= INT_MAX) num_written = 1;
|
||||
if (num_read >= INT_MAX) num_read = 1;
|
||||
tor_fragile_assert();
|
||||
}
|
||||
|
||||
if (num_read > 0)
|
||||
rep_hist_note_bytes_read(num_read, now);
|
||||
|
@ -1708,7 +1722,7 @@ connection_bucket_refill(int seconds_elapsed, time_t now)
|
|||
tor_assert(seconds_elapsed >= 0);
|
||||
|
||||
write_buckets_empty_last_second =
|
||||
global_relayed_write_bucket == 0 || global_write_bucket == 0;
|
||||
global_relayed_write_bucket <= 0 || global_write_bucket <= 0;
|
||||
|
||||
/* refill the global buckets */
|
||||
connection_bucket_refill_helper(&global_read_bucket,
|
||||
|
@ -1832,13 +1846,13 @@ loop_again:
|
|||
before = buf_datalen(conn->inbuf);
|
||||
if (connection_read_to_buf(conn, &max_to_read) < 0) {
|
||||
/* There's a read error; kill the connection.*/
|
||||
connection_close_immediate(conn); /* Don't flush; connection is dead. */
|
||||
if (CONN_IS_EDGE(conn)) {
|
||||
edge_connection_t *edge_conn = TO_EDGE_CONN(conn);
|
||||
connection_edge_end_errno(edge_conn);
|
||||
if (edge_conn->socks_request) /* broken, don't send a socks reply back */
|
||||
edge_conn->socks_request->has_finished = 1;
|
||||
}
|
||||
connection_close_immediate(conn); /* Don't flush; connection is dead. */
|
||||
connection_mark_for_close(conn);
|
||||
return -1;
|
||||
}
|
||||
|
@ -1957,14 +1971,14 @@ connection_read_to_buf(connection_t *conn, int *max_to_read)
|
|||
switch (result) {
|
||||
case TOR_TLS_CLOSE:
|
||||
case TOR_TLS_ERROR_IO:
|
||||
log_info(LD_NET,"TLS connection closed %son read. Closing. "
|
||||
log_debug(LD_NET,"TLS connection closed %son read. Closing. "
|
||||
"(Nickname %s, address %s",
|
||||
result == TOR_TLS_CLOSE ? "cleanly " : "",
|
||||
or_conn->nickname ? or_conn->nickname : "not set",
|
||||
conn->address);
|
||||
return result;
|
||||
CASE_TOR_TLS_ERROR_ANY_NONIO:
|
||||
log_info(LD_NET,"tls error [%s]. breaking (nickname %s, address %s).",
|
||||
log_debug(LD_NET,"tls error [%s]. breaking (nickname %s, address %s).",
|
||||
tor_tls_err_to_string(result),
|
||||
or_conn->nickname ? or_conn->nickname : "not set",
|
||||
conn->address);
|
||||
|
@ -2365,26 +2379,6 @@ _connection_write_to_buf_impl(const char *string, size_t len,
|
|||
}
|
||||
}
|
||||
|
||||
/** Return the conn to addr/port that has the most recent
|
||||
* timestamp_created, or NULL if no such conn exists. */
|
||||
or_connection_t *
|
||||
connection_or_exact_get_by_addr_port(uint32_t addr, uint16_t port)
|
||||
{
|
||||
or_connection_t *best=NULL;
|
||||
smartlist_t *conns = get_connection_array();
|
||||
|
||||
SMARTLIST_FOREACH(conns, connection_t *, conn,
|
||||
{
|
||||
if (conn->type == CONN_TYPE_OR &&
|
||||
conn->addr == addr &&
|
||||
conn->port == port &&
|
||||
!conn->marked_for_close &&
|
||||
(!best || best->_base.timestamp_created < conn->timestamp_created))
|
||||
best = TO_OR_CONN(conn);
|
||||
});
|
||||
return best;
|
||||
}
|
||||
|
||||
/** Return a connection with given type, address, port, and purpose;
|
||||
* or NULL if no such connection exists. */
|
||||
connection_t *
|
||||
|
@ -2408,18 +2402,14 @@ connection_get_by_type_addr_port_purpose(int type,
|
|||
/** Return the stream with id <b>id</b> if it is not already marked for
|
||||
* close.
|
||||
*/
|
||||
edge_connection_t *
|
||||
connection_get_by_global_id(uint32_t id)
|
||||
connection_t *
|
||||
connection_get_by_global_id(uint64_t id)
|
||||
{
|
||||
smartlist_t *conns = get_connection_array();
|
||||
SMARTLIST_FOREACH(conns, connection_t *, conn,
|
||||
{
|
||||
if (CONN_IS_EDGE(conn) && TO_EDGE_CONN(conn)->global_identifier == id) {
|
||||
if (!conn->marked_for_close)
|
||||
return TO_EDGE_CONN(conn);
|
||||
else
|
||||
return NULL;
|
||||
}
|
||||
if (conn->global_identifier == id)
|
||||
return conn;
|
||||
});
|
||||
return NULL;
|
||||
}
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001 Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
const char connection_edge_c_id[] =
|
||||
|
@ -14,6 +14,9 @@ const char connection_edge_c_id[] =
|
|||
|
||||
#include "or.h"
|
||||
|
||||
#ifdef HAVE_LINUX_TYPES_H
|
||||
#include <linux/types.h>
|
||||
#endif
|
||||
#ifdef HAVE_LINUX_NETFILTER_IPV4_H
|
||||
#include <linux/netfilter_ipv4.h>
|
||||
#define TRANS_NETFILTER
|
||||
|
@ -160,14 +163,14 @@ connection_edge_destroy(uint16_t circ_id, edge_connection_t *conn)
|
|||
"CircID %d: At an edge. Marking connection for close.", circ_id);
|
||||
if (conn->_base.type == CONN_TYPE_AP) {
|
||||
connection_mark_unattached_ap(conn, END_STREAM_REASON_DESTROY);
|
||||
control_event_stream_status(conn, STREAM_EVENT_CLOSED,
|
||||
END_STREAM_REASON_DESTROY);
|
||||
conn->end_reason |= END_STREAM_REASON_FLAG_ALREADY_SENT_CLOSED;
|
||||
} else {
|
||||
/* closing the circuit, nothing to send an END to */
|
||||
conn->_base.edge_has_sent_end = 1;
|
||||
conn->end_reason = END_STREAM_REASON_DESTROY;
|
||||
conn->end_reason |= END_STREAM_REASON_FLAG_ALREADY_SENT_CLOSED;
|
||||
if (conn->_base.type == CONN_TYPE_AP)
|
||||
control_event_stream_status(conn, STREAM_EVENT_CLOSED,
|
||||
END_STREAM_REASON_DESTROY);
|
||||
connection_mark_for_close(TO_CONN(conn));
|
||||
conn->_base.hold_open_until_flushed = 1;
|
||||
}
|
||||
|
@ -358,7 +361,7 @@ connection_ap_expire_beginning(void)
|
|||
|
||||
SMARTLIST_FOREACH(conns, connection_t *, c,
|
||||
{
|
||||
if (c->type != CONN_TYPE_AP)
|
||||
if (c->type != CONN_TYPE_AP || c->marked_for_close)
|
||||
continue;
|
||||
conn = TO_EDGE_CONN(c);
|
||||
/* if it's an internal linked connection, don't yell its status. */
|
||||
|
@ -457,6 +460,44 @@ connection_ap_attach_pending(void)
|
|||
});
|
||||
}
|
||||
|
||||
/** Tell any AP streams that are waiting for a onehop tunnel to
|
||||
* <b>failed_digest</b> that they are going to fail. */
|
||||
void
|
||||
connection_ap_fail_onehop(const char *failed_digest,
|
||||
cpath_build_state_t *build_state)
|
||||
{
|
||||
edge_connection_t *edge_conn;
|
||||
char digest[DIGEST_LEN];
|
||||
smartlist_t *conns = get_connection_array();
|
||||
SMARTLIST_FOREACH(conns, connection_t *, conn,
|
||||
{
|
||||
if (conn->marked_for_close ||
|
||||
conn->type != CONN_TYPE_AP ||
|
||||
conn->state != AP_CONN_STATE_CIRCUIT_WAIT)
|
||||
continue;
|
||||
edge_conn = TO_EDGE_CONN(conn);
|
||||
if (!edge_conn->want_onehop)
|
||||
continue;
|
||||
if (hexdigest_to_digest(edge_conn->chosen_exit_name, digest) < 0 ||
|
||||
memcmp(digest, failed_digest, DIGEST_LEN))
|
||||
continue;
|
||||
if (tor_digest_is_zero(digest)) {
|
||||
/* we don't know the digest; have to compare addr:port */
|
||||
struct in_addr in;
|
||||
if (!build_state || !build_state->chosen_exit ||
|
||||
!edge_conn->socks_request || !edge_conn->socks_request->address ||
|
||||
!tor_inet_aton(edge_conn->socks_request->address, &in) ||
|
||||
build_state->chosen_exit->addr != ntohl(in.s_addr) ||
|
||||
build_state->chosen_exit->port != edge_conn->socks_request->port)
|
||||
continue;
|
||||
}
|
||||
log_info(LD_APP, "Closing onehop stream to '%s/%s' because the OR conn "
|
||||
"just failed.", edge_conn->chosen_exit_name,
|
||||
edge_conn->socks_request->address);
|
||||
connection_mark_unattached_ap(edge_conn, END_STREAM_REASON_TIMEOUT);
|
||||
});
|
||||
}
|
||||
|
||||
/** A circuit failed to finish on its last hop <b>info</b>. If there
|
||||
* are any streams waiting with this exit node in mind, but they
|
||||
* don't absolutely require it, make them give up on it.
|
||||
|
@ -517,7 +558,9 @@ connection_ap_detach_retriable(edge_connection_t *conn, origin_circuit_t *circ,
|
|||
{
|
||||
control_event_stream_status(conn, STREAM_EVENT_FAILED_RETRIABLE, reason);
|
||||
conn->_base.timestamp_lastread = time(NULL);
|
||||
if (! get_options()->LeaveStreamsUnattached) {
|
||||
if (!get_options()->LeaveStreamsUnattached || conn->use_begindir) {
|
||||
/* If we're attaching streams ourself, or if this connection is
|
||||
* a tunneled directory connection, then just attach it. */
|
||||
conn->_base.state = AP_CONN_STATE_CIRCUIT_WAIT;
|
||||
circuit_detach_stream(TO_CIRCUIT(circ),conn);
|
||||
return connection_ap_handshake_attach_circuit(conn);
|
||||
|
@ -653,6 +696,8 @@ clear_trackexithost_mappings(const char *exitname)
|
|||
MAP_DEL_CURRENT(address);
|
||||
}
|
||||
} STRMAP_FOREACH_END;
|
||||
|
||||
tor_free(suffix);
|
||||
}
|
||||
|
||||
/** Remove all entries from the addressmap that were set via the
|
||||
|
@ -1316,20 +1361,30 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
|
|||
&map_expires)) {
|
||||
char *result = tor_strdup(socks->address);
|
||||
/* remember _what_ is supposed to have been resolved. */
|
||||
strlcpy(socks->address, orig_address, sizeof(socks->address));
|
||||
tor_snprintf(socks->address, sizeof(socks->address), "REVERSE[%s]",
|
||||
orig_address);
|
||||
connection_ap_handshake_socks_resolved(conn, RESOLVED_TYPE_HOSTNAME,
|
||||
strlen(result), result, -1,
|
||||
map_expires);
|
||||
connection_mark_unattached_ap(conn,
|
||||
END_STREAM_REASON_DONE |
|
||||
END_STREAM_REASON_FLAG_ALREADY_SOCKS_REPLIED);
|
||||
END_STREAM_REASON_DONE |
|
||||
END_STREAM_REASON_FLAG_ALREADY_SOCKS_REPLIED);
|
||||
return 0;
|
||||
}
|
||||
if (options->ClientDNSRejectInternalAddresses) {
|
||||
/* Don't let people try to do a reverse lookup on 10.0.0.1. */
|
||||
tor_addr_t addr;
|
||||
if (tor_addr_from_str(&addr, socks->address) >= 0 &&
|
||||
tor_addr_is_internal(&addr, 0)) {
|
||||
struct in_addr in;
|
||||
int ok;
|
||||
if (!strcasecmpend(socks->address, ".in-addr.arpa"))
|
||||
ok = !parse_inaddr_arpa_address(socks->address, &in);
|
||||
else
|
||||
ok = tor_inet_aton(socks->address, &in);
|
||||
/*XXXX021 make this a function. */
|
||||
addr.family = AF_INET;
|
||||
memcpy(&addr.addr.in_addr, &in, sizeof(struct in_addr));
|
||||
|
||||
if (ok && tor_addr_is_internal(&addr, 0)) {
|
||||
connection_ap_handshake_socks_resolved(conn, RESOLVED_TYPE_ERROR,
|
||||
0, NULL, -1, TIME_MAX);
|
||||
connection_mark_unattached_ap(conn,
|
||||
|
@ -1555,9 +1610,6 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
|
|||
rend_client_refetch_v2_renddesc(conn->rend_query);
|
||||
rend_client_refetch_renddesc(conn->rend_query);
|
||||
} else { /* r > 0 */
|
||||
/** How long after we receive a hidden service descriptor do we consider
|
||||
* it valid? */
|
||||
#define NUM_SECONDS_BEFORE_HS_REFETCH (60*15)
|
||||
if (now - entry->received < NUM_SECONDS_BEFORE_HS_REFETCH) {
|
||||
conn->_base.state = AP_CONN_STATE_CIRCUIT_WAIT;
|
||||
log_info(LD_REND, "Descriptor is here and fresh enough. Great.");
|
||||
|
@ -1582,11 +1634,11 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
|
|||
|
||||
#ifdef TRANS_PF
|
||||
static int pf_socket = -1;
|
||||
static int
|
||||
int
|
||||
get_pf_socket(void)
|
||||
{
|
||||
int pf;
|
||||
/* Ideally, this should be opened before dropping privs. */
|
||||
/* This should be opened before dropping privs. */
|
||||
if (pf_socket >= 0)
|
||||
return pf_socket;
|
||||
|
||||
|
@ -2012,7 +2064,10 @@ connection_ap_handshake_send_resolve(edge_connection_t *ap_conn)
|
|||
ap_conn->socks_request->address[len-13] = '\0';
|
||||
}
|
||||
if (tor_inet_aton(ap_conn->socks_request->address, &in) == 0) {
|
||||
connection_mark_unattached_ap(ap_conn, END_STREAM_REASON_INTERNAL);
|
||||
/* Do not mark here; every caller of
|
||||
* connection_ap_attach_{chosen_}circuit() [which calls this function
|
||||
* will also mark on a -1 return value. */
|
||||
// connection_mark_unattached_ap(ap_conn, END_STREAM_REASON_INTERNAL);
|
||||
return -1;
|
||||
}
|
||||
if (c) {
|
||||
|
@ -2041,9 +2096,11 @@ connection_ap_handshake_send_resolve(edge_connection_t *ap_conn)
|
|||
string_addr, payload_len) < 0)
|
||||
return -1; /* circuit is closed, don't continue */
|
||||
|
||||
ap_conn->_base.address = tor_strdup("(Tor_internal)");
|
||||
ap_conn->_base.state = AP_CONN_STATE_RESOLVE_WAIT;
|
||||
log_info(LD_APP,"Address sent for resolve, ap socket %d, n_circ_id %d",
|
||||
ap_conn->_base.s, circ->_base.n_circ_id);
|
||||
control_event_stream_status(ap_conn, STREAM_EVENT_NEW, 0);
|
||||
control_event_stream_status(ap_conn, STREAM_EVENT_SENT_RESOLVE, 0);
|
||||
return 0;
|
||||
}
|
||||
|
@ -2398,8 +2455,12 @@ connection_exit_begin_conn(cell_t *cell, circuit_t *circ)
|
|||
end_payload, 1, NULL);
|
||||
return 0;
|
||||
}
|
||||
if (or_circ && or_circ->p_conn && or_circ->p_conn->_base.address)
|
||||
address = tor_strdup(or_circ->p_conn->_base.address);
|
||||
/* Make sure to get the 'real' address of the previous hop: the
|
||||
* caller might want to know whether his IP address has changed, and
|
||||
* we might already have corrected _base.addr[ess] for the relay's
|
||||
* canonical IP address. */
|
||||
if (or_circ && or_circ->p_conn)
|
||||
address = tor_dup_addr(or_circ->p_conn->real_addr);
|
||||
else
|
||||
address = tor_strdup("127.0.0.1");
|
||||
port = 1; /* XXXX This value is never actually used anywhere, and there
|
||||
|
@ -2437,7 +2498,7 @@ connection_exit_begin_conn(cell_t *cell, circuit_t *circ)
|
|||
n_stream->_base.port);
|
||||
end_payload[0] = END_STREAM_REASON_EXITPOLICY;
|
||||
relay_send_command_from_edge(rh.stream_id, circ, RELAY_COMMAND_END,
|
||||
end_payload, 1, NULL);
|
||||
end_payload, 1, origin_circ->cpath->prev);
|
||||
connection_free(TO_CONN(n_stream));
|
||||
tor_free(address);
|
||||
return 0;
|
||||
|
@ -2473,8 +2534,8 @@ connection_exit_begin_conn(cell_t *cell, circuit_t *circ)
|
|||
|
||||
if (rh.command == RELAY_COMMAND_BEGIN_DIR) {
|
||||
tor_assert(or_circ);
|
||||
if (or_circ->p_conn && or_circ->p_conn->_base.addr)
|
||||
n_stream->_base.addr = or_circ->p_conn->_base.addr;
|
||||
if (or_circ->p_conn && &or_circ->p_conn->real_addr)
|
||||
n_stream->_base.addr = or_circ->p_conn->real_addr;
|
||||
return connection_exit_connect_dir(n_stream);
|
||||
}
|
||||
|
||||
|
@ -2656,9 +2717,9 @@ connection_exit_connect_dir(edge_connection_t *exitconn)
|
|||
|
||||
dirconn = TO_DIR_CONN(connection_new(CONN_TYPE_DIR, AF_INET));
|
||||
|
||||
dirconn->_base.addr = 0x7f000001;
|
||||
dirconn->_base.addr = exitconn->_base.addr;
|
||||
dirconn->_base.port = 0;
|
||||
dirconn->_base.address = tor_strdup("Tor network");
|
||||
dirconn->_base.address = tor_strdup(exitconn->_base.address);
|
||||
dirconn->_base.type = CONN_TYPE_DIR;
|
||||
dirconn->_base.purpose = DIR_PURPOSE_SERVER;
|
||||
dirconn->_base.state = DIR_CONN_STATE_SERVER_COMMAND_WAIT;
|
||||
|
@ -2726,7 +2787,10 @@ connection_ap_can_use_exit(edge_connection_t *conn, routerinfo_t *exit)
|
|||
* make sure the exit node of the existing circuit matches exactly.
|
||||
*/
|
||||
if (conn->chosen_exit_name) {
|
||||
if (router_get_by_nickname(conn->chosen_exit_name, 1) != exit) {
|
||||
routerinfo_t *chosen_exit =
|
||||
router_get_by_nickname(conn->chosen_exit_name, 1);
|
||||
if (!chosen_exit || memcmp(chosen_exit->cache_info.identity_digest,
|
||||
exit->cache_info.identity_digest, DIGEST_LEN)) {
|
||||
/* doesn't match */
|
||||
// log_debug(LD_APP,"Requested node '%s', considering node '%s'. No.",
|
||||
// conn->chosen_exit_name, exit->nickname);
|
||||
|
@ -2743,8 +2807,12 @@ connection_ap_can_use_exit(edge_connection_t *conn, routerinfo_t *exit)
|
|||
addr = ntohl(in.s_addr);
|
||||
r = compare_addr_to_addr_policy(addr, conn->socks_request->port,
|
||||
exit->exit_policy);
|
||||
if (r == ADDR_POLICY_REJECTED || r == ADDR_POLICY_PROBABLY_REJECTED)
|
||||
return 0;
|
||||
if (r == ADDR_POLICY_REJECTED)
|
||||
return 0; /* We know the address, and the exit policy rejects it. */
|
||||
if (r == ADDR_POLICY_PROBABLY_REJECTED && !conn->chosen_exit_name)
|
||||
return 0; /* We don't know the addr, but the exit policy rejects most
|
||||
* addresses with this port. Since the user didn't ask for
|
||||
* this node, err on the side of caution. */
|
||||
} else if (SOCKS_COMMAND_IS_RESOLVE(conn->socks_request->command)) {
|
||||
/* Can't support reverse lookups without eventdns. */
|
||||
if (conn->socks_request->command == SOCKS_COMMAND_RESOLVE_PTR &&
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001 Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
const char connection_or_c_id[] =
|
||||
|
@ -157,7 +157,7 @@ cell_unpack(cell_t *dest, const char *src)
|
|||
void
|
||||
var_cell_pack_header(const var_cell_t *cell, char *hdr_out)
|
||||
{
|
||||
*(uint16_t*)(hdr_out) = htons(cell->circ_id);
|
||||
set_uint16(hdr_out, htons(cell->circ_id));
|
||||
*(uint8_t*)(hdr_out+2) = cell->command;
|
||||
set_uint16(hdr_out+3, htons(cell->payload_len));
|
||||
}
|
||||
|
@ -285,13 +285,15 @@ int
|
|||
connection_or_flushed_some(or_connection_t *conn)
|
||||
{
|
||||
size_t datalen = buf_datalen(conn->_base.outbuf);
|
||||
time_t now = time(NULL);
|
||||
/* If we're under the low water mark, add cells until we're just over the
|
||||
* high water mark. */
|
||||
if (datalen < OR_CONN_LOWWATER) {
|
||||
ssize_t n = (OR_CONN_HIGHWATER - datalen + CELL_NETWORK_SIZE-1)
|
||||
/ CELL_NETWORK_SIZE;
|
||||
while (conn->active_circuits && n > 0) {
|
||||
int flushed = connection_or_flush_from_first_active_circuit(conn, 1);
|
||||
int flushed;
|
||||
flushed = connection_or_flush_from_first_active_circuit(conn, 1, now);
|
||||
n -= flushed;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
const char control_c_id[] =
|
||||
|
@ -643,16 +643,16 @@ get_circ(const char *id)
|
|||
static edge_connection_t *
|
||||
get_stream(const char *id)
|
||||
{
|
||||
uint32_t n_id;
|
||||
uint64_t n_id;
|
||||
int ok;
|
||||
edge_connection_t *conn;
|
||||
n_id = (uint32_t) tor_parse_ulong(id, 10, 0, UINT32_MAX, &ok, NULL);
|
||||
connection_t *conn;
|
||||
n_id = tor_parse_uint64(id, 10, 0, UINT64_MAX, &ok, NULL);
|
||||
if (!ok)
|
||||
return NULL;
|
||||
conn = connection_get_by_global_id(n_id);
|
||||
if (!conn || conn->_base.type != CONN_TYPE_AP)
|
||||
if (!conn || conn->type != CONN_TYPE_AP || conn->marked_for_close)
|
||||
return NULL;
|
||||
return conn;
|
||||
return TO_EDGE_CONN(conn);
|
||||
}
|
||||
|
||||
/** Helper for setconf and resetconf. Acts like setconf, except
|
||||
|
@ -1586,8 +1586,7 @@ getinfo_helper_events(control_connection_t *control_conn,
|
|||
smartlist_t *conns = get_connection_array();
|
||||
smartlist_t *status = smartlist_create();
|
||||
char buf[256];
|
||||
SMARTLIST_FOREACH(conns, connection_t *, base_conn,
|
||||
{
|
||||
SMARTLIST_FOREACH(conns, connection_t *, base_conn, {
|
||||
const char *state;
|
||||
edge_connection_t *conn;
|
||||
char *s;
|
||||
|
@ -1629,7 +1628,7 @@ getinfo_helper_events(control_connection_t *control_conn,
|
|||
slen = strlen(buf)+strlen(state)+32;
|
||||
s = tor_malloc(slen+1);
|
||||
tor_snprintf(s, slen, "%lu %s %lu %s",
|
||||
(unsigned long) conn->global_identifier,state,
|
||||
(unsigned long) conn->_base.global_identifier,state,
|
||||
origin_circ?
|
||||
(unsigned long)origin_circ->global_identifier : 0ul,
|
||||
buf);
|
||||
|
@ -2541,7 +2540,8 @@ handle_control_protocolinfo(control_connection_t *conn, uint32_t len,
|
|||
char *esc_cfile = esc_for_log(cfile);
|
||||
char *methods;
|
||||
{
|
||||
int passwd = (options->HashedControlPassword != NULL);
|
||||
int passwd = (options->HashedControlPassword != NULL ||
|
||||
options->HashedControlSessionPassword != NULL);
|
||||
smartlist_t *mlist = smartlist_create();
|
||||
if (cookies)
|
||||
smartlist_add(mlist, (char*)"COOKIE");
|
||||
|
@ -3047,6 +3047,7 @@ control_event_stream_status(edge_connection_t *conn, stream_status_event_t tp,
|
|||
circuit_t *circ;
|
||||
origin_circuit_t *origin_circ = NULL;
|
||||
char buf[256];
|
||||
const char *purpose = "";
|
||||
tor_assert(conn->socks_request);
|
||||
|
||||
if (!EVENT_IS_INTERESTING(EVENT_STREAM_STATUS))
|
||||
|
@ -3114,15 +3115,35 @@ control_event_stream_status(edge_connection_t *conn, stream_status_event_t tp,
|
|||
addrport_buf[0] = '\0';
|
||||
}
|
||||
|
||||
if (tp == STREAM_EVENT_NEW_RESOLVE) {
|
||||
purpose = " PURPOSE=DNS_REQUEST";
|
||||
} else if (tp == STREAM_EVENT_NEW) {
|
||||
if (conn->is_dns_request ||
|
||||
(conn->socks_request &&
|
||||
SOCKS_COMMAND_IS_RESOLVE(conn->socks_request->command)))
|
||||
purpose = " PURPOSE=DNS_REQUEST";
|
||||
else if (conn->use_begindir) {
|
||||
connection_t *linked = TO_CONN(conn)->linked_conn;
|
||||
int linked_dir_purpose = -1;
|
||||
if (linked && linked->type == CONN_TYPE_DIR)
|
||||
linked_dir_purpose = linked->purpose;
|
||||
if (DIR_PURPOSE_IS_UPLOAD(linked_dir_purpose))
|
||||
purpose = " PURPOSE=DIR_UPLOAD";
|
||||
else
|
||||
purpose = " PURPOSE=DIR_FETCH";
|
||||
} else
|
||||
purpose = " PURPOSE=USER";
|
||||
}
|
||||
|
||||
circ = circuit_get_by_edge_conn(conn);
|
||||
if (circ && CIRCUIT_IS_ORIGIN(circ))
|
||||
origin_circ = TO_ORIGIN_CIRCUIT(circ);
|
||||
send_control_event_extended(EVENT_STREAM_STATUS, ALL_NAMES,
|
||||
"650 STREAM %lu %s %lu %s@%s%s\r\n",
|
||||
(unsigned long)conn->global_identifier, status,
|
||||
"650 STREAM "U64_FORMAT" %s %lu %s@%s%s%s\r\n",
|
||||
U64_PRINTF_ARG(conn->_base.global_identifier), status,
|
||||
origin_circ?
|
||||
(unsigned long)origin_circ->global_identifier : 0ul,
|
||||
buf, reason_buf, addrport_buf);
|
||||
buf, reason_buf, addrport_buf, purpose);
|
||||
|
||||
/* XXX need to specify its intended exit, etc? */
|
||||
|
||||
|
@ -3275,8 +3296,7 @@ control_event_stream_bandwidth_used(void)
|
|||
smartlist_t *conns = get_connection_array();
|
||||
edge_connection_t *edge_conn;
|
||||
|
||||
SMARTLIST_FOREACH(conns, connection_t *, conn,
|
||||
{
|
||||
SMARTLIST_FOREACH(conns, connection_t *, conn, {
|
||||
if (conn->type != CONN_TYPE_AP)
|
||||
continue;
|
||||
edge_conn = TO_EDGE_CONN(conn);
|
||||
|
@ -3284,8 +3304,8 @@ control_event_stream_bandwidth_used(void)
|
|||
continue;
|
||||
|
||||
send_control_event(EVENT_STREAM_BANDWIDTH_USED, ALL_NAMES,
|
||||
"650 STREAM_BW %lu %lu %lu\r\n",
|
||||
(unsigned long)edge_conn->global_identifier,
|
||||
"650 STREAM_BW "U64_FORMAT" %lu %lu\r\n",
|
||||
U64_PRINTF_ARG(edge_conn->_base.global_identifier),
|
||||
(unsigned long)edge_conn->n_read,
|
||||
(unsigned long)edge_conn->n_written);
|
||||
|
||||
|
@ -3580,7 +3600,7 @@ control_event_status(int type, int severity, const char *format, va_list args)
|
|||
status = "STATUS_CLIENT";
|
||||
break;
|
||||
case EVENT_STATUS_SERVER:
|
||||
status = "STATUS_SEVER";
|
||||
status = "STATUS_SERVER";
|
||||
break;
|
||||
default:
|
||||
log_warn(LD_BUG, "Unrecognized status type %d", type);
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2003-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
const char cpuworker_c_id[] =
|
||||
|
@ -23,7 +23,7 @@ const char cpuworker_c_id[] =
|
|||
#define MIN_CPUWORKERS 1
|
||||
|
||||
/** The tag specifies which circuit this onionskin was from. */
|
||||
#define TAG_LEN 8
|
||||
#define TAG_LEN 10
|
||||
/** How many bytes are sent from the cpuworker back to tor? */
|
||||
#define LEN_ONION_RESPONSE \
|
||||
(1+TAG_LEN+ONIONSKIN_REPLY_LEN+CPATH_KEY_MATERIAL_LEN)
|
||||
|
@ -60,32 +60,22 @@ connection_cpu_finished_flushing(connection_t *conn)
|
|||
return 0;
|
||||
}
|
||||
|
||||
/** Pack addr,port,and circ_id; set *tag to the result. (See note on
|
||||
/** Pack global_id and circ_id; set *tag to the result. (See note on
|
||||
* cpuworker_main for wire format.) */
|
||||
static void
|
||||
tag_pack(char *tag, uint32_t addr, uint16_t port, uint16_t circ_id)
|
||||
tag_pack(char *tag, uint64_t conn_id, uint16_t circ_id)
|
||||
{
|
||||
*(uint32_t *)tag = addr;
|
||||
*(uint16_t *)(tag+4) = port;
|
||||
*(uint16_t *)(tag+6) = circ_id;
|
||||
*(uint64_t*)tag = conn_id;
|
||||
*(uint16_t*)(tag+8) = circ_id;
|
||||
}
|
||||
|
||||
/** Unpack <b>tag</b> into addr, port, and circ_id.
|
||||
*/
|
||||
static void
|
||||
tag_unpack(const char *tag, uint32_t *addr, uint16_t *port, uint16_t *circ_id)
|
||||
tag_unpack(const char *tag, uint64_t *conn_id, uint16_t *circ_id)
|
||||
{
|
||||
struct in_addr in;
|
||||
char addrbuf[INET_NTOA_BUF_LEN];
|
||||
|
||||
*addr = *(const uint32_t *)tag;
|
||||
*port = *(const uint16_t *)(tag+4);
|
||||
*circ_id = *(const uint16_t *)(tag+6);
|
||||
|
||||
in.s_addr = htonl(*addr);
|
||||
tor_inet_ntoa(&in, addrbuf, sizeof(addrbuf));
|
||||
log_debug(LD_OR,
|
||||
"onion was from %s:%d, circ_id %d.", addrbuf, *port, *circ_id);
|
||||
*conn_id = *(const uint64_t *)tag;
|
||||
*circ_id = *(const uint16_t *)(tag+8);
|
||||
}
|
||||
|
||||
/** Called when the onion key has changed and we need to spawn new
|
||||
|
@ -135,10 +125,10 @@ connection_cpu_process_inbuf(connection_t *conn)
|
|||
{
|
||||
char success;
|
||||
char buf[LEN_ONION_RESPONSE];
|
||||
uint32_t addr;
|
||||
uint16_t port;
|
||||
uint64_t conn_id;
|
||||
uint16_t circ_id;
|
||||
or_connection_t *p_conn;
|
||||
connection_t *tmp_conn;
|
||||
or_connection_t *p_conn = NULL;
|
||||
circuit_t *circ;
|
||||
|
||||
tor_assert(conn);
|
||||
|
@ -156,12 +146,13 @@ connection_cpu_process_inbuf(connection_t *conn)
|
|||
connection_fetch_from_buf(buf,LEN_ONION_RESPONSE-1,conn);
|
||||
|
||||
/* parse out the circ it was talking about */
|
||||
tag_unpack(buf, &addr, &port, &circ_id);
|
||||
tag_unpack(buf, &conn_id, &circ_id);
|
||||
circ = NULL;
|
||||
/* (Here we use connection_or_exact_get_by_addr_port rather than
|
||||
* get_by_identity_digest: we want a specific port here in
|
||||
* case there are multiple connections.) */
|
||||
p_conn = connection_or_exact_get_by_addr_port(addr,port);
|
||||
tmp_conn = connection_get_by_global_id(conn_id);
|
||||
if (tmp_conn && !tmp_conn->marked_for_close &&
|
||||
tmp_conn->type == CONN_TYPE_OR)
|
||||
p_conn = TO_OR_CONN(tmp_conn);
|
||||
|
||||
if (p_conn)
|
||||
circ = circuit_get_by_circid_orconn(circ_id, p_conn);
|
||||
|
||||
|
@ -285,7 +276,10 @@ cpuworker_main(void *data)
|
|||
reply_to_proxy, keys, CPATH_KEY_MATERIAL_LEN) < 0) {
|
||||
/* failure */
|
||||
log_debug(LD_OR,"onion_skin_server_handshake failed.");
|
||||
memset(buf,0,LEN_ONION_RESPONSE); /* send all zeros for failure */
|
||||
*buf = 0; /* indicate failure in first byte */
|
||||
memcpy(buf+1,tag,TAG_LEN);
|
||||
/* send all zeros as answer */
|
||||
memset(buf+1+TAG_LEN, 0, LEN_ONION_RESPONSE-(1+TAG_LEN));
|
||||
} else {
|
||||
/* success */
|
||||
log_debug(LD_OR,"onion_skin_server_handshake succeeded.");
|
||||
|
@ -468,7 +462,7 @@ assign_onionskin_to_cpuworker(connection_t *cpuworker,
|
|||
tor_free(onionskin);
|
||||
return -1;
|
||||
}
|
||||
tag_pack(tag, circ->p_conn->_base.addr, circ->p_conn->_base.port,
|
||||
tag_pack(tag, circ->p_conn->_base.global_identifier,
|
||||
circ->p_circ_id);
|
||||
|
||||
cpuworker->state = CPUWORKER_STATE_BUSY_ONION;
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
const char directory_c_id[] =
|
||||
|
@ -8,8 +8,10 @@ const char directory_c_id[] =
|
|||
|
||||
#include "or.h"
|
||||
#if defined(EXPORTMALLINFO) && defined(HAVE_MALLOC_H) && defined(HAVE_MALLINFO)
|
||||
#ifndef OPENBSD
|
||||
#include <malloc.h>
|
||||
#endif
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \file directory.c
|
||||
|
@ -454,7 +456,12 @@ directory_initiate_command_routerstatus(routerstatus_t *status,
|
|||
char address_buf[INET_NTOA_BUF_LEN+1];
|
||||
struct in_addr in;
|
||||
const char *address;
|
||||
if ((router = router_get_by_digest(status->identity_digest))) {
|
||||
router = router_get_by_digest(status->identity_digest);
|
||||
if (!router && anonymized_connection) {
|
||||
log_info(LD_DIR, "Not sending anonymized request to directory '%s'; we "
|
||||
"don't have its router descriptor.", status->nickname);
|
||||
return;
|
||||
} else if (router) {
|
||||
address = router->address;
|
||||
} else {
|
||||
in.s_addr = htonl(status->addr);
|
||||
|
@ -611,6 +618,32 @@ connection_dir_download_cert_failed(dir_connection_t *conn, int status)
|
|||
update_certificate_downloads(time(NULL));
|
||||
}
|
||||
|
||||
/** Evaluate the situation and decide if we should use an encrypted
|
||||
* "begindir-style" connection for this directory request.
|
||||
* 1) If or_port is 0, or it's a direct conn and or_port is firewalled
|
||||
* or we're a dir mirror, no.
|
||||
* 2) If we prefer to avoid begindir conns, and we're not fetching or
|
||||
* publishing a bridge relay descriptor, no.
|
||||
* 3) Else yes.
|
||||
*/
|
||||
static int
|
||||
directory_command_should_use_begindir(or_options_t *options, uint32_t addr,
|
||||
int or_port, uint8_t router_purpose,
|
||||
int anonymized_connection)
|
||||
{
|
||||
if (!or_port)
|
||||
return 0; /* We don't know an ORPort -- no chance. */
|
||||
if (!anonymized_connection)
|
||||
if (!fascist_firewall_allows_address_or(addr, or_port) ||
|
||||
directory_fetches_from_authorities(options) ||
|
||||
(server_mode(options) && !options->Address))
|
||||
return 0; /* We're firewalled or are acting like a relay -- also no. */
|
||||
if (!options->TunnelDirConns &&
|
||||
router_purpose != ROUTER_PURPOSE_BRIDGE)
|
||||
return 0; /* We prefer to avoid using begindir conns. Fine. */
|
||||
return 1;
|
||||
}
|
||||
|
||||
/** Helper for directory_initiate_command_routerstatus: send the
|
||||
* command to a server whose address is <b>address</b>, whose IP is
|
||||
* <b>addr</b>, whose directory port is <b>dir_port</b>, whose tor version
|
||||
|
@ -627,11 +660,9 @@ directory_initiate_command(const char *address, uint32_t addr,
|
|||
{
|
||||
dir_connection_t *conn;
|
||||
or_options_t *options = get_options();
|
||||
int use_begindir = supports_begindir && or_port &&
|
||||
(options->TunnelDirConns ||
|
||||
router_purpose == ROUTER_PURPOSE_BRIDGE) &&
|
||||
(anonymized_connection ||
|
||||
fascist_firewall_allows_address_or(addr, or_port));
|
||||
int use_begindir = supports_begindir &&
|
||||
directory_command_should_use_begindir(options, addr,
|
||||
or_port, router_purpose, anonymized_connection);
|
||||
|
||||
tor_assert(address);
|
||||
tor_assert(addr);
|
||||
|
@ -696,7 +727,7 @@ directory_initiate_command(const char *address, uint32_t addr,
|
|||
if (anonymized_connection && use_begindir)
|
||||
rep_hist_note_used_internal(time(NULL), 0, 1);
|
||||
else if (anonymized_connection && !use_begindir)
|
||||
rep_hist_note_used_port(time(NULL), conn->_base.port);
|
||||
rep_hist_note_used_port(conn->_base.port, time(NULL));
|
||||
|
||||
/* make an AP connection
|
||||
* populate it and add it at the right state
|
||||
|
@ -1511,7 +1542,8 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
|
|||
if ((r=networkstatus_set_current_consensus(body, 0))<0) {
|
||||
log_fn(r<-1?LOG_WARN:LOG_INFO, LD_DIR,
|
||||
"Unable to load consensus directory downloaded from "
|
||||
"server '%s:%d'", conn->_base.address, conn->_base.port);
|
||||
"server '%s:%d'. I'll try again soon.",
|
||||
conn->_base.address, conn->_base.port);
|
||||
tor_free(body); tor_free(headers); tor_free(reason);
|
||||
networkstatus_consensus_download_failed(0);
|
||||
return -1;
|
||||
|
@ -1781,7 +1813,7 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
|
|||
} else {
|
||||
/* success. notify pending connections about this. */
|
||||
conn->_base.purpose = DIR_PURPOSE_HAS_FETCHED_RENDDESC;
|
||||
rend_client_desc_here(conn->rend_query);
|
||||
rend_client_desc_trynow(conn->rend_query, -1);
|
||||
}
|
||||
break;
|
||||
case 404:
|
||||
|
@ -1827,7 +1859,7 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
|
|||
log_info(LD_REND, "Successfully fetched v2 rendezvous "
|
||||
"descriptor.");
|
||||
conn->_base.purpose = DIR_PURPOSE_HAS_FETCHED_RENDDESC;
|
||||
rend_client_desc_here(conn->rend_query);
|
||||
rend_client_desc_trynow(conn->rend_query, -1);
|
||||
break;
|
||||
}
|
||||
break;
|
||||
|
@ -2191,8 +2223,8 @@ directory_handle_command_get(dir_connection_t *conn, const char *headers,
|
|||
cached_dir_t *d = dirserv_get_directory();
|
||||
|
||||
if (!d) {
|
||||
log_notice(LD_DIRSERV,"Client asked for the mirrored directory, but we "
|
||||
"don't have a good one yet. Sending 503 Dir not available.");
|
||||
log_info(LD_DIRSERV,"Client asked for the mirrored directory, but we "
|
||||
"don't have a good one yet. Sending 503 Dir not available.");
|
||||
write_http_status_line(conn, 503, "Directory unavailable");
|
||||
/* try to get a new one now */
|
||||
if (!already_fetching_directory(DIR_PURPOSE_FETCH_DIR) &&
|
||||
|
@ -2209,7 +2241,7 @@ directory_handle_command_get(dir_connection_t *conn, const char *headers,
|
|||
dlen = compressed ? d->dir_z_len : d->dir_len;
|
||||
|
||||
if (global_write_bucket_low(TO_CONN(conn), dlen, 1)) {
|
||||
log_info(LD_DIRSERV,
|
||||
log_debug(LD_DIRSERV,
|
||||
"Client asked for the mirrored directory, but we've been "
|
||||
"writing too many bytes lately. Sending 503 Dir busy.");
|
||||
write_http_status_line(conn, 503, "Directory busy, try again later");
|
||||
|
@ -2314,7 +2346,7 @@ directory_handle_command_get(dir_connection_t *conn, const char *headers,
|
|||
|
||||
dlen = dirserv_estimate_data_size(dir_fps, 0, compressed);
|
||||
if (global_write_bucket_low(TO_CONN(conn), dlen, 2)) {
|
||||
log_info(LD_DIRSERV,
|
||||
log_debug(LD_DIRSERV,
|
||||
"Client asked for network status lists, but we've been "
|
||||
"writing too many bytes lately. Sending 503 Dir busy.");
|
||||
write_http_status_line(conn, 503, "Directory busy, try again later");
|
||||
|
@ -2437,7 +2469,9 @@ directory_handle_command_get(dir_connection_t *conn, const char *headers,
|
|||
}
|
||||
|
||||
if (!strcmpstart(url,"/tor/server/") ||
|
||||
!strcmpstart(url,"/tor/extra/")) {
|
||||
(!options->BridgeAuthoritativeDir &&
|
||||
!options->BridgeRelay &&
|
||||
!strcmpstart(url,"/tor/extra/"))) {
|
||||
int res;
|
||||
const char *msg;
|
||||
const char *request_type = NULL;
|
||||
|
@ -2782,7 +2816,7 @@ directory_handle_command_post(dir_connection_t *conn, const char *headers,
|
|||
* receive anything. */
|
||||
write_http_status_line(conn, 400, "Nonauthoritative directory does not "
|
||||
"accept posted server descriptors");
|
||||
return 0;
|
||||
goto done;
|
||||
}
|
||||
|
||||
if (authdir_mode_handles_descs(options, -1) &&
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
const char dirserv_c_id[] =
|
||||
|
@ -702,7 +702,8 @@ dirserv_add_descriptor(routerinfo_t *ri, const char **msg)
|
|||
return r == -1 ? 0 : -1;
|
||||
} else {
|
||||
smartlist_t *changed;
|
||||
control_event_or_authdir_new_descriptor("ACCEPTED", desc, desclen, *msg);
|
||||
if (desc)
|
||||
control_event_or_authdir_new_descriptor("ACCEPTED", desc, desclen, *msg);
|
||||
|
||||
changed = smartlist_create();
|
||||
smartlist_add(changed, ri);
|
||||
|
@ -1198,7 +1199,8 @@ directory_permits_controller_requests(or_options_t *options)
|
|||
int
|
||||
directory_too_idle_to_fetch_descriptors(or_options_t *options, time_t now)
|
||||
{
|
||||
return !options->DirPort && !options->FetchUselessDescriptors &&
|
||||
return !directory_caches_dir_info(options) &&
|
||||
!options->FetchUselessDescriptors &&
|
||||
rep_hist_circbuilding_dormant(now);
|
||||
}
|
||||
|
||||
|
@ -2285,6 +2287,13 @@ dirserv_generate_networkstatus_vote_obj(crypto_pk_env_t *private_key,
|
|||
voter->or_port = options->ORPort;
|
||||
voter->contact = tor_strdup(contact);
|
||||
memcpy(voter->signing_key_digest, signing_key_digest, DIGEST_LEN);
|
||||
if (options->V3AuthUseLegacyKey) {
|
||||
authority_cert_t *c = get_my_v3_legacy_cert();
|
||||
if (c) {
|
||||
crypto_pk_get_digest(c->identity_key, voter->legacy_id_digest);
|
||||
}
|
||||
}
|
||||
|
||||
v3_out->voters = smartlist_create();
|
||||
smartlist_add(v3_out->voters, voter);
|
||||
v3_out->cert = authority_cert_dup(cert);
|
||||
|
|
170
src/or/dirvote.c
170
src/or/dirvote.c
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
const char dirvote_c_id[] =
|
||||
|
@ -105,7 +105,7 @@ format_networkstatus_vote(crypto_pk_env_t *private_signing_key,
|
|||
tor_snprintf(status, len,
|
||||
"network-status-version 3\n"
|
||||
"vote-status vote\n"
|
||||
"consensus-methods 1 2\n"
|
||||
"consensus-methods 1 2 3\n"
|
||||
"published %s\n"
|
||||
"valid-after %s\n"
|
||||
"fresh-until %s\n"
|
||||
|
@ -125,6 +125,14 @@ format_networkstatus_vote(crypto_pk_env_t *private_signing_key,
|
|||
tor_free(flags);
|
||||
outp = status + strlen(status);
|
||||
endp = status + len;
|
||||
|
||||
if (!tor_digest_is_zero(voter->legacy_id_digest)) {
|
||||
char fpbuf[HEX_DIGEST_LEN+1];
|
||||
base16_encode(fpbuf, sizeof(fpbuf), voter->legacy_id_digest, DIGEST_LEN);
|
||||
tor_snprintf(outp, endp-outp, "legacy-dir-key %s\n", fpbuf);
|
||||
outp += strlen(outp);
|
||||
}
|
||||
|
||||
tor_assert(outp + cert->cache_info.signed_descriptor_len < endp);
|
||||
memcpy(outp, cert->cache_info.signed_descriptor_body,
|
||||
cert->cache_info.signed_descriptor_len);
|
||||
|
@ -207,6 +215,12 @@ get_voter(const networkstatus_t *vote)
|
|||
return smartlist_get(vote->voters, 0);
|
||||
}
|
||||
|
||||
typedef struct {
|
||||
networkstatus_t *v;
|
||||
const char *digest;
|
||||
int is_legacy;
|
||||
} dir_src_ent_t;
|
||||
|
||||
/** Helper for sorting networkstatus_t votes (not consensuses) by the
|
||||
* hash of their voters' identity digests. */
|
||||
static int
|
||||
|
@ -217,6 +231,19 @@ _compare_votes_by_authority_id(const void **_a, const void **_b)
|
|||
get_voter(b)->identity_digest, DIGEST_LEN);
|
||||
}
|
||||
|
||||
static int
|
||||
_compare_dir_src_ents_by_authority_id(const void **_a, const void **_b)
|
||||
{
|
||||
const dir_src_ent_t *a = *_a, *b = *_b;
|
||||
const networkstatus_voter_info_t *a_v = get_voter(a->v),
|
||||
*b_v = get_voter(b->v);
|
||||
const char *a_id, *b_id;
|
||||
a_id = a->is_legacy ? a_v->legacy_id_digest : a_v->identity_digest;
|
||||
b_id = b->is_legacy ? b_v->legacy_id_digest : b_v->identity_digest;
|
||||
|
||||
return memcmp(a_id, b_id, DIGEST_LEN);
|
||||
}
|
||||
|
||||
/** Given a sorted list of strings <b>in</b>, add every member to <b>out</b>
|
||||
* that occurs more than <b>min</b> times. */
|
||||
static void
|
||||
|
@ -416,7 +443,7 @@ compute_consensus_method(smartlist_t *votes)
|
|||
static int
|
||||
consensus_method_is_supported(int method)
|
||||
{
|
||||
return (method >= 1) && (method <= 2);
|
||||
return (method >= 1) && (method <= 3);
|
||||
}
|
||||
|
||||
/** Given a list of vote networkstatus_t in <b>votes</b>, our public
|
||||
|
@ -431,7 +458,9 @@ char *
|
|||
networkstatus_compute_consensus(smartlist_t *votes,
|
||||
int total_authorities,
|
||||
crypto_pk_env_t *identity_key,
|
||||
crypto_pk_env_t *signing_key)
|
||||
crypto_pk_env_t *signing_key,
|
||||
const char *legacy_id_key_digest,
|
||||
crypto_pk_env_t *legacy_signing_key)
|
||||
{
|
||||
smartlist_t *chunks;
|
||||
char *result = NULL;
|
||||
|
@ -581,33 +610,64 @@ networkstatus_compute_consensus(smartlist_t *votes,
|
|||
/* Sort the votes. */
|
||||
smartlist_sort(votes, _compare_votes_by_authority_id);
|
||||
/* Add the authority sections. */
|
||||
SMARTLIST_FOREACH(votes, networkstatus_t *, v,
|
||||
{
|
||||
char buf[1024];
|
||||
struct in_addr in;
|
||||
char ip[INET_NTOA_BUF_LEN];
|
||||
char fingerprint[HEX_DIGEST_LEN+1];
|
||||
char votedigest[HEX_DIGEST_LEN+1];
|
||||
networkstatus_voter_info_t *voter = get_voter(v);
|
||||
smartlist_t *dir_sources = smartlist_create();
|
||||
SMARTLIST_FOREACH(votes, networkstatus_t *, v,
|
||||
{
|
||||
dir_src_ent_t *e = tor_malloc_zero(sizeof(dir_src_ent_t));
|
||||
e->v = v;
|
||||
e->digest = get_voter(v)->identity_digest;
|
||||
e->is_legacy = 0;
|
||||
smartlist_add(dir_sources, e);
|
||||
if (consensus_method >= 3 &&
|
||||
!tor_digest_is_zero(get_voter(v)->legacy_id_digest)) {
|
||||
dir_src_ent_t *e_legacy = tor_malloc_zero(sizeof(dir_src_ent_t));
|
||||
e_legacy->v = v;
|
||||
e_legacy->digest = get_voter(v)->legacy_id_digest;
|
||||
e_legacy->is_legacy = 1;
|
||||
smartlist_add(dir_sources, e_legacy);
|
||||
}
|
||||
});
|
||||
smartlist_sort(dir_sources, _compare_dir_src_ents_by_authority_id);
|
||||
|
||||
in.s_addr = htonl(voter->addr);
|
||||
tor_inet_ntoa(&in, ip, sizeof(ip));
|
||||
base16_encode(fingerprint, sizeof(fingerprint), voter->identity_digest,
|
||||
DIGEST_LEN);
|
||||
base16_encode(votedigest, sizeof(votedigest), voter->vote_digest,
|
||||
DIGEST_LEN);
|
||||
SMARTLIST_FOREACH(dir_sources, const dir_src_ent_t *, e,
|
||||
{
|
||||
char buf[1024];
|
||||
struct in_addr in;
|
||||
char ip[INET_NTOA_BUF_LEN];
|
||||
char fingerprint[HEX_DIGEST_LEN+1];
|
||||
char votedigest[HEX_DIGEST_LEN+1];
|
||||
networkstatus_t *v = e->v;
|
||||
networkstatus_voter_info_t *voter = get_voter(v);
|
||||
|
||||
tor_snprintf(buf, sizeof(buf),
|
||||
"dir-source %s %s %s %s %d %d\n"
|
||||
"contact %s\n"
|
||||
"vote-digest %s\n",
|
||||
voter->nickname, fingerprint, voter->address, ip,
|
||||
voter->dir_port,
|
||||
voter->or_port,
|
||||
voter->contact,
|
||||
votedigest);
|
||||
smartlist_add(chunks, tor_strdup(buf));
|
||||
});
|
||||
if (e->is_legacy)
|
||||
tor_assert(consensus_method >= 2);
|
||||
|
||||
in.s_addr = htonl(voter->addr);
|
||||
tor_inet_ntoa(&in, ip, sizeof(ip));
|
||||
base16_encode(fingerprint, sizeof(fingerprint), e->digest, DIGEST_LEN);
|
||||
base16_encode(votedigest, sizeof(votedigest), voter->vote_digest,
|
||||
DIGEST_LEN);
|
||||
|
||||
tor_snprintf(buf, sizeof(buf),
|
||||
"dir-source %s%s %s %s %s %d %d\n",
|
||||
voter->nickname, e->is_legacy ? "-legacy" : "",
|
||||
fingerprint, voter->address, ip,
|
||||
voter->dir_port,
|
||||
voter->or_port);
|
||||
smartlist_add(chunks, tor_strdup(buf));
|
||||
if (! e->is_legacy) {
|
||||
tor_snprintf(buf, sizeof(buf),
|
||||
"contact %s\n"
|
||||
"vote-digest %s\n",
|
||||
voter->contact,
|
||||
votedigest);
|
||||
smartlist_add(chunks, tor_strdup(buf));
|
||||
}
|
||||
});
|
||||
SMARTLIST_FOREACH(dir_sources, dir_src_ent_t *, e, tor_free(e));
|
||||
smartlist_free(dir_sources);
|
||||
}
|
||||
|
||||
/* Add the actual router entries. */
|
||||
{
|
||||
|
@ -641,8 +701,8 @@ networkstatus_compute_consensus(smartlist_t *votes,
|
|||
n_voter_flags = tor_malloc_zero(sizeof(int) * smartlist_len(votes));
|
||||
n_flag_voters = tor_malloc_zero(sizeof(int) * smartlist_len(flags));
|
||||
flag_map = tor_malloc_zero(sizeof(int*) * smartlist_len(votes));
|
||||
named_flag = tor_malloc_zero(sizeof(int*) * smartlist_len(votes));
|
||||
unnamed_flag = tor_malloc_zero(sizeof(int*) * smartlist_len(votes));
|
||||
named_flag = tor_malloc_zero(sizeof(int) * smartlist_len(votes));
|
||||
unnamed_flag = tor_malloc_zero(sizeof(int) * smartlist_len(votes));
|
||||
for (i = 0; i < smartlist_len(votes); ++i)
|
||||
unnamed_flag[i] = named_flag[i] = -1;
|
||||
chosen_named_idx = smartlist_string_pos(flags, "Named");
|
||||
|
@ -904,6 +964,22 @@ networkstatus_compute_consensus(smartlist_t *votes,
|
|||
return NULL; /* This leaks, but it should never happen. */
|
||||
}
|
||||
smartlist_add(chunks, tor_strdup(buf));
|
||||
|
||||
if (legacy_id_key_digest && legacy_signing_key && consensus_method >= 3) {
|
||||
smartlist_add(chunks, tor_strdup("directory-signature "));
|
||||
base16_encode(fingerprint, sizeof(fingerprint),
|
||||
legacy_id_key_digest, DIGEST_LEN);
|
||||
crypto_pk_get_fingerprint(legacy_signing_key,
|
||||
signing_key_fingerprint, 0);
|
||||
tor_snprintf(buf, sizeof(buf), "%s %s\n", fingerprint,
|
||||
signing_key_fingerprint);
|
||||
if (router_append_dirobj_signature(buf, sizeof(buf), digest,
|
||||
legacy_signing_key)) {
|
||||
log_warn(LD_BUG, "Couldn't sign consensus networkstatus.");
|
||||
return NULL; /* This leaks, but it should never happen. */
|
||||
}
|
||||
smartlist_add(chunks, tor_strdup(buf));
|
||||
}
|
||||
}
|
||||
|
||||
result = smartlist_join_strings(chunks, "", 0, NULL);
|
||||
|
@ -1013,8 +1089,8 @@ networkstatus_add_detached_signatures(networkstatus_t *target,
|
|||
memcpy(target_voter->signing_key_digest, src_voter->signing_key_digest,
|
||||
DIGEST_LEN);
|
||||
target_voter->signature_len = src_voter->signature_len;
|
||||
target_voter->good_signature = 1;
|
||||
target_voter->bad_signature = 0;
|
||||
target_voter->good_signature = src_voter->good_signature;
|
||||
target_voter->bad_signature = src_voter->bad_signature;
|
||||
} else {
|
||||
log_info(LD_DIR, "Not adding signature from %s", voter_identity);
|
||||
}
|
||||
|
@ -1677,10 +1753,23 @@ dirvote_compute_consensus(void)
|
|||
SMARTLIST_FOREACH(pending_vote_list, pending_vote_t *, v,
|
||||
smartlist_add(votes, v->vote));
|
||||
|
||||
consensus_body = networkstatus_compute_consensus(
|
||||
{
|
||||
char legacy_dbuf[DIGEST_LEN];
|
||||
crypto_pk_env_t *legacy_sign=NULL;
|
||||
char *legacy_id_digest = NULL;
|
||||
if (get_options()->V3AuthUseLegacyKey) {
|
||||
authority_cert_t *cert = get_my_v3_legacy_cert();
|
||||
legacy_sign = get_my_v3_legacy_signing_key();
|
||||
if (cert) {
|
||||
crypto_pk_get_digest(cert->identity_key, legacy_dbuf);
|
||||
legacy_id_digest = legacy_dbuf;
|
||||
}
|
||||
}
|
||||
consensus_body = networkstatus_compute_consensus(
|
||||
votes, n_voters,
|
||||
my_cert->identity_key,
|
||||
get_my_v3_authority_signing_key());
|
||||
get_my_v3_authority_signing_key(), legacy_id_digest, legacy_sign);
|
||||
}
|
||||
if (!consensus_body) {
|
||||
log_warn(LD_DIR, "Couldn't generate a consensus at all!");
|
||||
goto err;
|
||||
|
@ -1783,12 +1872,17 @@ dirvote_add_signatures_to_pending_consensus(
|
|||
sigs, msg_out);
|
||||
log_info(LD_DIR,"Added %d signatures to consensus.", r);
|
||||
|
||||
if (r >= 0) {
|
||||
if (r >= 1) {
|
||||
char *new_detached =
|
||||
networkstatus_get_detached_signatures(pending_consensus);
|
||||
const char *src;
|
||||
char *dst, *dst_end;
|
||||
size_t new_consensus_len =
|
||||
size_t new_consensus_len;
|
||||
if (!new_detached) {
|
||||
*msg_out = "No signatures to add";
|
||||
goto err;
|
||||
}
|
||||
new_consensus_len =
|
||||
strlen(pending_consensus_body) + strlen(new_detached) + 1;
|
||||
pending_consensus_body = tor_realloc(pending_consensus_body,
|
||||
new_consensus_len);
|
||||
|
@ -1815,13 +1909,15 @@ dirvote_add_signatures_to_pending_consensus(
|
|||
tor_free(pending_consensus_signatures);
|
||||
pending_consensus_signatures = new_detached;
|
||||
*msg_out = "Signatures added";
|
||||
} else if (r == 0) {
|
||||
*msg_out = "Signatures ignored";
|
||||
} else {
|
||||
goto err;
|
||||
}
|
||||
|
||||
goto done;
|
||||
err:
|
||||
if (!msg_out)
|
||||
if (!*msg_out)
|
||||
*msg_out = "Unrecognized error while adding detached signatures.";
|
||||
done:
|
||||
if (sigs)
|
||||
|
|
71
src/or/dns.c
71
src/or/dns.c
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2003-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
const char dns_c_id[] =
|
||||
|
@ -33,6 +33,8 @@ const char dns_c_id[] =
|
|||
|
||||
/** Have we currently configured nameservers with eventdns? */
|
||||
static int nameservers_configured = 0;
|
||||
/** Did our most recent attempt to configure nameservers with eventdns fail? */
|
||||
static int nameserver_config_failed = 0;
|
||||
/** What was the resolv_conf fname we last used when configuring the
|
||||
* nameservers? Used to check whether we need to reconfigure. */
|
||||
static char *resolv_conf_fname = NULL;
|
||||
|
@ -196,6 +198,10 @@ dns_init(void)
|
|||
{
|
||||
init_cache_map();
|
||||
evdns_set_transaction_id_fn(dns_get_transaction_id);
|
||||
if (get_options()->ServerDNSRandomizeCase)
|
||||
evdns_set_option("randomize-case:", "1", DNS_OPTIONS_ALL);
|
||||
else
|
||||
evdns_set_option("randomize-case:", "0", DNS_OPTIONS_ALL);
|
||||
if (server_mode(get_options()))
|
||||
return configure_nameservers(1);
|
||||
return 0;
|
||||
|
@ -214,12 +220,20 @@ dns_reset(void)
|
|||
tor_free(resolv_conf_fname);
|
||||
resolv_conf_mtime = 0;
|
||||
} else {
|
||||
if (configure_nameservers(0) < 0)
|
||||
if (configure_nameservers(0) < 0) {
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
/**DOCDOC*/
|
||||
int
|
||||
has_dns_init_failed(void)
|
||||
{
|
||||
return nameserver_config_failed;
|
||||
}
|
||||
|
||||
/** Helper: Given a TTL from a DNS response, determine what TTL to give the
|
||||
* OP that asked us to resolve it. */
|
||||
uint32_t
|
||||
|
@ -481,7 +495,8 @@ send_resolved_hostname_cell(edge_connection_t *conn, const char *hostname)
|
|||
* parse it and place the address in <b>in</b> if present. Return 1 on success;
|
||||
* 0 if the address is not in in-addr.arpa format, and -1 if the address is
|
||||
* malformed. */
|
||||
static int
|
||||
/* XXXX021 move this to util.c. */
|
||||
int
|
||||
parse_inaddr_arpa_address(const char *address, struct in_addr *in)
|
||||
{
|
||||
char buf[INET_NTOA_BUF_LEN];
|
||||
|
@ -551,6 +566,7 @@ dns_resolve(edge_connection_t *exitconn)
|
|||
is_resolve = exitconn->_base.purpose == EXIT_PURPOSE_RESOLVE;
|
||||
|
||||
r = dns_resolve_impl(exitconn, is_resolve, oncirc, &hostname);
|
||||
|
||||
switch (r) {
|
||||
case 1:
|
||||
/* We got an answer without a lookup -- either the answer was
|
||||
|
@ -625,6 +641,7 @@ dns_resolve_impl(edge_connection_t *exitconn, int is_resolve,
|
|||
cached_resolve_t *resolve;
|
||||
cached_resolve_t search;
|
||||
pending_connection_t *pending_connection;
|
||||
routerinfo_t *me;
|
||||
struct in_addr in;
|
||||
time_t now = time(NULL);
|
||||
uint8_t is_reverse = 0;
|
||||
|
@ -641,6 +658,11 @@ dns_resolve_impl(edge_connection_t *exitconn, int is_resolve,
|
|||
exitconn->address_ttl = DEFAULT_DNS_TTL;
|
||||
return 1;
|
||||
}
|
||||
/* If we're a non-exit, don't even do DNS lookups. */
|
||||
if (!(me = router_get_my_routerinfo()) ||
|
||||
policy_is_reject_star(me->exit_policy)) {
|
||||
return -1;
|
||||
}
|
||||
if (address_is_invalid_destination(exitconn->_base.address, 0)) {
|
||||
log(LOG_PROTOCOL_WARN, LD_EXIT,
|
||||
"Rejecting invalid destination address %s",
|
||||
|
@ -659,9 +681,12 @@ dns_resolve_impl(edge_connection_t *exitconn, int is_resolve,
|
|||
* .in-addr.arpa address but this isn't a resolve request, kill the
|
||||
* connection.
|
||||
*/
|
||||
if ((r = parse_inaddr_arpa_address(exitconn->_base.address, NULL)) != 0) {
|
||||
if (r == 1)
|
||||
if ((r = parse_inaddr_arpa_address(exitconn->_base.address, &in)) != 0) {
|
||||
if (r == 1) {
|
||||
is_reverse = 1;
|
||||
if (is_internal_IP(ntohl(in.s_addr), 0)) /* internal address */
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (!is_reverse || !is_resolve) {
|
||||
if (!is_reverse)
|
||||
|
@ -1091,10 +1116,11 @@ evdns_err_is_transient(int err)
|
|||
}
|
||||
|
||||
/** Configure eventdns nameservers if force is true, or if the configuration
|
||||
* has changed since the last time we called this function. On Unix, this
|
||||
* reads from options->ServerDNSResolvConfFile or /etc/resolv.conf; on
|
||||
* Windows, this reads from options->ServerDNSResolvConfFile or the registry.
|
||||
* Return 0 on success or -1 on failure. */
|
||||
* has changed since the last time we called this function, or if we failed on
|
||||
* our last attempt. On Unix, this reads from /etc/resolv.conf or
|
||||
* options->ServerDNSResolvConfFile; on Windows, this reads from
|
||||
* options->ServerDNSResolvConfFile or the registry. Return 0 on success or
|
||||
* -1 on failure. */
|
||||
static int
|
||||
configure_nameservers(int force)
|
||||
{
|
||||
|
@ -1114,7 +1140,7 @@ configure_nameservers(int force)
|
|||
if (stat(conf_fname, &st)) {
|
||||
log_warn(LD_EXIT, "Unable to stat resolver configuration in '%s': %s",
|
||||
conf_fname, strerror(errno));
|
||||
return options->ServerDNSAllowBrokenResolvConf ? 0 : -1;
|
||||
goto err;
|
||||
}
|
||||
if (!force && resolv_conf_fname && !strcmp(conf_fname,resolv_conf_fname)
|
||||
&& st.st_mtime == resolv_conf_mtime) {
|
||||
|
@ -1129,11 +1155,11 @@ configure_nameservers(int force)
|
|||
if ((r = evdns_resolv_conf_parse(DNS_OPTIONS_ALL, conf_fname))) {
|
||||
log_warn(LD_EXIT, "Unable to parse '%s', or no nameservers in '%s' (%d)",
|
||||
conf_fname, conf_fname, r);
|
||||
return options->ServerDNSAllowBrokenResolvConf ? 0 : -1;
|
||||
goto err;
|
||||
}
|
||||
if (evdns_count_nameservers() == 0) {
|
||||
log_warn(LD_EXIT, "Unable to find any nameservers in '%s'.", conf_fname);
|
||||
return options->ServerDNSAllowBrokenResolvConf ? 0 : -1;
|
||||
goto err;
|
||||
}
|
||||
tor_free(resolv_conf_fname);
|
||||
resolv_conf_fname = tor_strdup(conf_fname);
|
||||
|
@ -1149,13 +1175,12 @@ configure_nameservers(int force)
|
|||
}
|
||||
if (evdns_config_windows_nameservers()) {
|
||||
log_warn(LD_EXIT,"Could not config nameservers.");
|
||||
return options->ServerDNSAllowBrokenResolvConf ? 0 : -1;
|
||||
goto err;
|
||||
}
|
||||
if (evdns_count_nameservers() == 0) {
|
||||
log_warn(LD_EXIT, "Unable to find any platform nameservers in "
|
||||
"your Windows configuration. Perhaps you should list a "
|
||||
"ServerDNSResolvConfFile file in your torrc?");
|
||||
return options->ServerDNSAllowBrokenResolvConf ? 0 : -1;
|
||||
"your Windows configuration.");
|
||||
goto err;
|
||||
}
|
||||
if (nameservers_configured)
|
||||
evdns_resume();
|
||||
|
@ -1175,7 +1200,18 @@ configure_nameservers(int force)
|
|||
dns_servers_relaunch_checks();
|
||||
|
||||
nameservers_configured = 1;
|
||||
if (nameserver_config_failed) {
|
||||
nameserver_config_failed = 0;
|
||||
mark_my_descriptor_dirty();
|
||||
}
|
||||
return 0;
|
||||
err:
|
||||
nameservers_configured = 0;
|
||||
if (! nameserver_config_failed) {
|
||||
nameserver_config_failed = 1;
|
||||
mark_my_descriptor_dirty();
|
||||
}
|
||||
return -1;
|
||||
}
|
||||
|
||||
/** For eventdns: Called when we get an answer for a request we launched.
|
||||
|
@ -1266,8 +1302,9 @@ launch_resolve(edge_connection_t *exitconn)
|
|||
if (!nameservers_configured) {
|
||||
log_warn(LD_EXIT, "(Harmless.) Nameservers not configured, but resolve "
|
||||
"launched. Configuring.");
|
||||
if (configure_nameservers(1) < 0)
|
||||
if (configure_nameservers(1) < 0) {
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
|
||||
r = parse_inaddr_arpa_address(exitconn->_base.address, &in);
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
/* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
const char dnsserv_c_id[] =
|
||||
|
|
|
@ -176,6 +176,7 @@ struct request {
|
|||
struct event timeout_event;
|
||||
|
||||
u16 trans_id; /* the transaction id */
|
||||
char timeout_event_added; /* True iff timeout_event is added. */
|
||||
char request_appended; /* true if the request pointer is data which follows this struct */
|
||||
char transmit_me; /* needs to be transmitted */
|
||||
};
|
||||
|
@ -215,6 +216,7 @@ struct nameserver {
|
|||
struct event timeout_event; /* used to keep the timeout for */
|
||||
/* when we next probe this server. */
|
||||
/* Valid if state == 0 */
|
||||
char timeout_event_added; /* True iff timeout_event is added. */
|
||||
char state; /* zero if we think that this server is down */
|
||||
char choked; /* true if we have an EAGAIN from this server's socket */
|
||||
char write_waiting; /* true if we are waiting for EV_WRITE events */
|
||||
|
@ -307,6 +309,9 @@ static int global_max_retransmits = 3; /* number of times we'll retransmit a req
|
|||
/* number of timeouts in a row before we consider this server to be down */
|
||||
static int global_max_nameserver_timeout = 3;
|
||||
|
||||
/* DOCDOC */
|
||||
static int global_randomize_case = 1;
|
||||
|
||||
/* These are the timeout values for nameservers. If we find a nameserver is down */
|
||||
/* we try to probe it at intervals as given below. Values are in seconds. */
|
||||
static const struct timeval global_nameserver_timeouts[] = {{10, 0}, {60, 0}, {300, 0}, {900, 0}, {3600, 0}};
|
||||
|
@ -354,20 +359,7 @@ error_is_eagain(int err)
|
|||
{
|
||||
return err == EAGAIN || err == WSAEWOULDBLOCK;
|
||||
}
|
||||
static int
|
||||
inet_aton(const char *c, struct in_addr *addr)
|
||||
{
|
||||
uint32_t r;
|
||||
if (strcmp(c, "255.255.255.255") == 0) {
|
||||
addr->s_addr = 0xffffffffu;
|
||||
} else {
|
||||
r = inet_addr(c);
|
||||
if (r == INADDR_NONE)
|
||||
return 0;
|
||||
addr->s_addr = r;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
#define inet_aton(c, addr) tor_inet_aton((c), (addr))
|
||||
#define CLOSE_SOCKET(x) closesocket(x)
|
||||
#else
|
||||
#define last_error(sock) (errno)
|
||||
|
@ -375,8 +367,11 @@ inet_aton(const char *c, struct in_addr *addr)
|
|||
#define CLOSE_SOCKET(x) close(x)
|
||||
#endif
|
||||
|
||||
#define ISSPACE(c) isspace((int)(unsigned char)(c))
|
||||
#define ISDIGIT(c) isdigit((int)(unsigned char)(c))
|
||||
#define ISSPACE(c) TOR_ISSPACE(c)
|
||||
#define ISDIGIT(c) TOR_ISDIGIT(c)
|
||||
#define ISALPHA(c) TOR_ISALPHA(c)
|
||||
#define TOLOWER(c) TOR_TOLOWER(c)
|
||||
#define TOUPPER(c) TOR_TOUPPER(c)
|
||||
|
||||
#ifndef NDEBUG
|
||||
static const char *
|
||||
|
@ -407,6 +402,31 @@ evdns_set_log_fn(evdns_debug_log_fn_type fn)
|
|||
#define EVDNS_LOG_CHECK
|
||||
#endif
|
||||
|
||||
#define del_timeout_event(item) \
|
||||
do { \
|
||||
if ((item)->timeout_event_added) \
|
||||
(void)event_del(&(item)->timeout_event); \
|
||||
(item)->timeout_event_added = 0; \
|
||||
} while(0)
|
||||
|
||||
|
||||
static int
|
||||
_add_timeout_event(struct event *ev, char *flagptr, struct timeval *tv)
|
||||
{
|
||||
int r = 0;
|
||||
if (!*flagptr) {
|
||||
r = event_add(ev, tv);
|
||||
if (r >= 0)
|
||||
*flagptr = 1;
|
||||
}
|
||||
return r;
|
||||
}
|
||||
|
||||
#define add_timeout_event(item, tv) \
|
||||
_add_timeout_event(&(item)->timeout_event, \
|
||||
&(item)->timeout_event_added, \
|
||||
(tv))
|
||||
|
||||
static void _evdns_log(int warn, const char *fmt, ...) EVDNS_LOG_CHECK;
|
||||
static void
|
||||
_evdns_log(int warn, const char *fmt, ...)
|
||||
|
@ -462,7 +482,7 @@ nameserver_prod_callback(int fd, short events, void *arg) {
|
|||
static void
|
||||
nameserver_probe_failed(struct nameserver *const ns) {
|
||||
const struct timeval * timeout;
|
||||
(void) evtimer_del(&ns->timeout_event);
|
||||
del_timeout_event(ns);
|
||||
CLEAR(&ns->timeout_event);
|
||||
if (ns->state == 1) {
|
||||
/* This can happen if the nameserver acts in a way which makes us mark */
|
||||
|
@ -476,7 +496,7 @@ nameserver_probe_failed(struct nameserver *const ns) {
|
|||
ns->failed_times++;
|
||||
|
||||
evtimer_set(&ns->timeout_event, nameserver_prod_callback, ns);
|
||||
if (evtimer_add(&ns->timeout_event, (struct timeval *) timeout) < 0) {
|
||||
if (add_timeout_event(ns, (struct timeval *) timeout) < 0) {
|
||||
log(EVDNS_LOG_WARN,
|
||||
"Error from libevent when adding timer event for %s",
|
||||
debug_ntoa(ns->address));
|
||||
|
@ -504,8 +524,10 @@ nameserver_failed(struct nameserver *const ns, const char *msg) {
|
|||
ns->state = 0;
|
||||
ns->failed_times = 1;
|
||||
|
||||
del_timeout_event(ns); /* in case it's added. */
|
||||
|
||||
evtimer_set(&ns->timeout_event, nameserver_prod_callback, ns);
|
||||
if (evtimer_add(&ns->timeout_event, (struct timeval *) &global_nameserver_timeouts[0]) < 0) {
|
||||
if (add_timeout_event(ns, (struct timeval *) &global_nameserver_timeouts[0]) < 0) {
|
||||
log(EVDNS_LOG_WARN,
|
||||
"Error from libevent when adding timer event for %s",
|
||||
debug_ntoa(ns->address));
|
||||
|
@ -539,7 +561,7 @@ nameserver_up(struct nameserver *const ns) {
|
|||
if (ns->state) return;
|
||||
log(EVDNS_LOG_WARN, "Nameserver %s is back up",
|
||||
debug_ntoa(ns->address));
|
||||
evtimer_del(&ns->timeout_event);
|
||||
del_timeout_event(ns);
|
||||
CLEAR(&ns->timeout_event);
|
||||
ns->state = 1;
|
||||
ns->failed_times = 0;
|
||||
|
@ -571,7 +593,7 @@ request_finished(struct request *const req, struct request **head) {
|
|||
|
||||
log(EVDNS_LOG_DEBUG, "Removing timeout for request %lx",
|
||||
(unsigned long) req);
|
||||
evtimer_del(&req->timeout_event);
|
||||
del_timeout_event(req);
|
||||
CLEAR(&req->timeout_event);
|
||||
|
||||
search_request_finished(req);
|
||||
|
@ -813,9 +835,10 @@ name_parse(u8 *packet, int length, int *idx, char *name_out, size_t name_out_len
|
|||
static int
|
||||
reply_parse(u8 *packet, int length) {
|
||||
int j = 0; /* index into packet */
|
||||
int k;
|
||||
u16 _t; /* used by the macros */
|
||||
u32 _t32; /* used by the macros */
|
||||
char tmp_name[256]; /* used by the macros */
|
||||
char tmp_name[256], cmp_name[256]; /* used by the macros */
|
||||
|
||||
u16 trans_id, questions, answers, authority, additional, datalength;
|
||||
u16 flags = 0;
|
||||
|
@ -823,6 +846,7 @@ reply_parse(u8 *packet, int length) {
|
|||
struct reply reply;
|
||||
struct request *req = NULL;
|
||||
unsigned int i;
|
||||
int name_matches = 0;
|
||||
|
||||
GET16(trans_id);
|
||||
GET16(flags);
|
||||
|
@ -848,11 +872,28 @@ reply_parse(u8 *packet, int length) {
|
|||
/* if (!answers) return; */ /* must have an answer of some form */
|
||||
|
||||
/* This macro skips a name in the DNS reply. */
|
||||
#define SKIP_NAME \
|
||||
#define GET_NAME \
|
||||
do { tmp_name[0] = '\0'; \
|
||||
if (name_parse(packet, length, &j, tmp_name, sizeof(tmp_name))<0) \
|
||||
goto err; \
|
||||
} while(0);
|
||||
#define TEST_NAME \
|
||||
do { tmp_name[0] = '\0'; \
|
||||
cmp_name[0] = '\0'; \
|
||||
k = j; \
|
||||
if (name_parse(packet, length, &j, tmp_name, sizeof(tmp_name))<0) \
|
||||
goto err; \
|
||||
if (name_parse(req->request, req->request_len, &k, cmp_name, sizeof(cmp_name))<0) \
|
||||
goto err; \
|
||||
if (global_randomize_case) { \
|
||||
if (strcmp(tmp_name, cmp_name) == 0) \
|
||||
name_matches = 1; /* we ignore mismatching names */ \
|
||||
} else { \
|
||||
if (strcasecmp(tmp_name, cmp_name) == 0) \
|
||||
name_matches = 1; \
|
||||
} \
|
||||
} while(0)
|
||||
|
||||
|
||||
reply.type = req->request_type;
|
||||
|
||||
|
@ -861,11 +902,14 @@ reply_parse(u8 *packet, int length) {
|
|||
/* the question looks like
|
||||
* <label:name><u16:type><u16:class>
|
||||
*/
|
||||
SKIP_NAME;
|
||||
TEST_NAME;
|
||||
j += 4;
|
||||
if (j >= length) goto err;
|
||||
}
|
||||
|
||||
if (!name_matches)
|
||||
goto err;
|
||||
|
||||
/* now we have the answer section which looks like
|
||||
* <label:name><u16:type><u16:class><u32:ttl><u16:len><data...>
|
||||
*/
|
||||
|
@ -875,7 +919,7 @@ reply_parse(u8 *packet, int length) {
|
|||
|
||||
/* XXX I'd be more comfortable if we actually checked the name */
|
||||
/* here. -NM */
|
||||
SKIP_NAME;
|
||||
GET_NAME;
|
||||
GET16(type);
|
||||
GET16(class);
|
||||
GET32(ttl);
|
||||
|
@ -1082,6 +1126,19 @@ evdns_set_transaction_id_fn(uint16_t (*fn)(void))
|
|||
trans_id_function = default_transaction_id_fn;
|
||||
}
|
||||
|
||||
|
||||
static void
|
||||
get_random_bytes(char *buf, size_t n)
|
||||
{
|
||||
unsigned i;
|
||||
for (i = 0; i < n; i += 2) {
|
||||
u16 tid = trans_id_function();
|
||||
buf[i] = (tid >> 8) & 0xff;
|
||||
if (i+1<n)
|
||||
buf[i+1] = tid & 0xff;
|
||||
}
|
||||
}
|
||||
|
||||
/* Try to choose a strong transaction id which isn't already in flight */
|
||||
static u16
|
||||
transaction_id_pick(void) {
|
||||
|
@ -1143,17 +1200,34 @@ nameserver_pick(void) {
|
|||
/* this is called when a namesever socket is ready for reading */
|
||||
static void
|
||||
nameserver_read(struct nameserver *ns) {
|
||||
struct sockaddr_storage ss;
|
||||
struct sockaddr *sa = (struct sockaddr *)&ss;
|
||||
struct sockaddr_in *sin;
|
||||
socklen_t addrlen = sizeof(ss);
|
||||
u8 packet[1500];
|
||||
|
||||
for (;;) {
|
||||
const int r =
|
||||
(int)recv(ns->socket, packet,(socklen_t)sizeof(packet), 0);
|
||||
(int)recvfrom(ns->socket, packet,(socklen_t)sizeof(packet), 0,
|
||||
sa, &addrlen);
|
||||
if (r < 0) {
|
||||
int err = last_error(ns->socket);
|
||||
if (error_is_eagain(err)) return;
|
||||
nameserver_failed(ns, strerror(err));
|
||||
return;
|
||||
}
|
||||
if (sa->sa_family != AF_INET) {
|
||||
log(EVDNS_LOG_WARN,
|
||||
"Address family mismatch on received DNS packet.");
|
||||
return;
|
||||
}
|
||||
sin = (struct sockaddr_in *)sa;
|
||||
if (sin->sin_addr.s_addr != ns->address) {
|
||||
log(EVDNS_LOG_WARN,
|
||||
"Address mismatch on received DNS packet. Address was %s.",
|
||||
debug_ntoa(sin->sin_addr.s_addr));
|
||||
return;
|
||||
}
|
||||
ns->timedout = 0;
|
||||
reply_parse(packet, r);
|
||||
}
|
||||
|
@ -1880,7 +1954,7 @@ evdns_request_timeout_callback(int fd, short events, void *arg) {
|
|||
nameserver_failed(req->ns, "request timed out.");
|
||||
}
|
||||
|
||||
(void) evtimer_del(&req->timeout_event);
|
||||
del_timeout_event(req);
|
||||
CLEAR(&req->timeout_event);
|
||||
if (req->tx_count >= global_max_retransmits) {
|
||||
/* this request has failed */
|
||||
|
@ -1949,8 +2023,9 @@ evdns_request_transmit(struct request *req) {
|
|||
/* transmitted; we need to check for timeout. */
|
||||
log(EVDNS_LOG_DEBUG,
|
||||
"Setting timeout for request %lx", (unsigned long) req);
|
||||
del_timeout_event(req); /* In case it's added. */
|
||||
evtimer_set(&req->timeout_event, evdns_request_timeout_callback, req);
|
||||
if (evtimer_add(&req->timeout_event, &global_timeout) < 0) {
|
||||
if (add_timeout_event(req, &global_timeout) < 0) {
|
||||
log(EVDNS_LOG_WARN,
|
||||
"Error from libevent when adding timer for request %lx",
|
||||
(unsigned long) req);
|
||||
|
@ -2044,7 +2119,7 @@ evdns_clear_nameservers_and_suspend(void)
|
|||
struct nameserver *next = server->next;
|
||||
(void) event_del(&server->event);
|
||||
CLEAR(&server->event);
|
||||
(void) evtimer_del(&server->timeout_event);
|
||||
del_timeout_event(server);
|
||||
CLEAR(&server->timeout_event);
|
||||
if (server->socket >= 0)
|
||||
CLOSE_SOCKET(server->socket);
|
||||
|
@ -2062,7 +2137,7 @@ evdns_clear_nameservers_and_suspend(void)
|
|||
req->tx_count = req->reissue_count = 0;
|
||||
req->ns = NULL;
|
||||
/* ???? What to do about searches? */
|
||||
(void) evtimer_del(&req->timeout_event);
|
||||
del_timeout_event(req);
|
||||
CLEAR(&req->timeout_event);
|
||||
req->trans_id = 0;
|
||||
req->transmit_me = 0;
|
||||
|
@ -2243,12 +2318,35 @@ request_new(int type, const char *name, int flags,
|
|||
/* the request data is alloced in a single block with the header */
|
||||
struct request *const req =
|
||||
(struct request *) malloc(sizeof(struct request) + request_max_len);
|
||||
char namebuf[256];
|
||||
int rlen;
|
||||
(void) flags;
|
||||
|
||||
if (!req) return NULL;
|
||||
|
||||
if (name_len >= sizeof(namebuf)) {
|
||||
_free(req);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
memset(req, 0, sizeof(struct request));
|
||||
|
||||
if (global_randomize_case) {
|
||||
unsigned i;
|
||||
char randbits[32];
|
||||
strlcpy(namebuf, name, sizeof(namebuf));
|
||||
get_random_bytes(randbits, (name_len+7)/8);
|
||||
for (i = 0; i < name_len; ++i) {
|
||||
if (ISALPHA(namebuf[i])) {
|
||||
if ((randbits[i >> 3] & (1<<(i%7))))
|
||||
namebuf[i] = TOLOWER(namebuf[i]);
|
||||
else
|
||||
namebuf[i] = TOUPPER(namebuf[i]);
|
||||
}
|
||||
}
|
||||
name = namebuf;
|
||||
}
|
||||
|
||||
/* request data lives just after the header */
|
||||
req->request = ((u8 *) req) + sizeof(struct request);
|
||||
/* denotes that the request data shouldn't be free()ed */
|
||||
|
@ -2690,7 +2788,13 @@ evdns_set_option(const char *option, const char *val, int flags)
|
|||
if (!(flags & DNS_OPTION_MISC)) return 0;
|
||||
log(EVDNS_LOG_DEBUG, "Setting retries to %d", retries);
|
||||
global_max_retransmits = retries;
|
||||
} else if (!strncmp(option, "randomize-case:", 15)) {
|
||||
int randcase = strtoint(val);
|
||||
if (!(flags & DNS_OPTION_MISC)) return 0;
|
||||
log(EVDNS_LOG_DEBUG, "Setting randomize_case to %d", randcase);
|
||||
global_randomize_case = randcase;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
@ -3060,7 +3164,7 @@ evdns_shutdown(int fail_requests)
|
|||
CLOSE_SOCKET(server->socket);
|
||||
(void) event_del(&server->event);
|
||||
if (server->state == 0)
|
||||
(void) event_del(&server->timeout_event);
|
||||
del_timeout_event(server);
|
||||
CLEAR(server);
|
||||
free(server);
|
||||
if (server_next == server_head)
|
||||
|
@ -3127,7 +3231,7 @@ evdns_server_callback(struct evdns_server_request *req, void *data)
|
|||
}
|
||||
}
|
||||
|
||||
r = evdns_request_respond(req, 0);
|
||||
r = evdns_server_request_respond(req, 0);
|
||||
if (r<0)
|
||||
printf("eeek, couldn't send reply.\n");
|
||||
}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
/* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
#include "orconfig.h"
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
/* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id: /tor/trunk/src/or/networkstatus.c 15493 2007-12-16T18:33:25.055570Z nickm $ */
|
||||
const char geoip_c_id[] =
|
||||
|
@ -76,6 +76,10 @@ geoip_parse_entry(const char *line)
|
|||
geoip_entries = smartlist_create();
|
||||
country_idxplus1_by_lc_code = strmap_new();
|
||||
}
|
||||
while (TOR_ISSPACE(*line))
|
||||
++line;
|
||||
if (*line == '#')
|
||||
return 0;
|
||||
if (sscanf(line,"%u,%u,%2s", &low, &high, b) == 3) {
|
||||
geoip_add_entry(low, high, b);
|
||||
return 0;
|
||||
|
@ -118,6 +122,14 @@ _geoip_compare_key_to_entry(const void *_key, const void **_member)
|
|||
return 0;
|
||||
}
|
||||
|
||||
/** Return 1 if we should collect geoip stats on bridge users, and
|
||||
* include them in our extrainfo descriptor. Else return 0. */
|
||||
int
|
||||
should_record_bridge_info(or_options_t *options)
|
||||
{
|
||||
return options->BridgeRelay && options->BridgeRecordUsageByCountry;
|
||||
}
|
||||
|
||||
/** Clear the GeoIP database and reload it from the file
|
||||
* <b>filename</b>. Return 0 on success, -1 on failure.
|
||||
*
|
||||
|
@ -129,12 +141,13 @@ _geoip_compare_key_to_entry(const void *_key, const void **_member)
|
|||
* integers, and CC is a country code.
|
||||
*/
|
||||
int
|
||||
geoip_load_file(const char *filename)
|
||||
geoip_load_file(const char *filename, or_options_t *options)
|
||||
{
|
||||
FILE *f;
|
||||
int severity = should_record_bridge_info(options) ? LOG_WARN : LOG_INFO;
|
||||
clear_geoip_db();
|
||||
if (!(f = fopen(filename, "r"))) {
|
||||
log_warn(LD_GENERAL, "Failed to open GEOIP file %s.", filename);
|
||||
log_fn(severity, LD_GENERAL, "Failed to open GEOIP file %s.", filename);
|
||||
return -1;
|
||||
}
|
||||
geoip_countries = smartlist_create();
|
||||
|
@ -235,7 +248,7 @@ geoip_note_client_seen(uint32_t addr, time_t now)
|
|||
{
|
||||
or_options_t *options = get_options();
|
||||
clientmap_entry_t lookup, *ent;
|
||||
if (!(options->BridgeRelay && options->BridgeRecordUsageByCountry))
|
||||
if (!should_record_bridge_info(options))
|
||||
return;
|
||||
lookup.ipaddr = addr;
|
||||
ent = HT_FIND(clientmap, &client_history, &lookup);
|
||||
|
@ -277,13 +290,13 @@ geoip_remove_old_clients(time_t cutoff)
|
|||
}
|
||||
|
||||
/** Do not mention any country from which fewer than this number of IPs have
|
||||
* connected. This avoids reporting information that could deanonymize
|
||||
* users. */
|
||||
#define MIN_IPS_TO_NOTE_COUNTRY 8
|
||||
* connected. This conceivably avoids reporting information that could
|
||||
* deanonymize users, though analysis is lacking. */
|
||||
#define MIN_IPS_TO_NOTE_COUNTRY 0
|
||||
/** Do not report any geoip data at all if we have fewer than this number of
|
||||
* IPs to report about. */
|
||||
#define MIN_IPS_TO_NOTE_ANYTHING 16
|
||||
/** When reporting geoip data about countries, round down to the nearest
|
||||
#define MIN_IPS_TO_NOTE_ANYTHING 0
|
||||
/** When reporting geoip data about countries, round up to the nearest
|
||||
* multiple of this value. */
|
||||
#define IP_GRANULARITY 8
|
||||
|
||||
|
@ -344,8 +357,10 @@ geoip_get_client_history(time_t now)
|
|||
++total;
|
||||
}
|
||||
/* Don't record anything if we haven't seen enough IPs. */
|
||||
#if MIN_IPS_TO_NOTE_ANYTHING > 0
|
||||
if (total < MIN_IPS_TO_NOTE_ANYTHING)
|
||||
goto done;
|
||||
#endif
|
||||
/* Make a list of c_hist_t */
|
||||
entries = smartlist_create();
|
||||
for (i = 0; i < n_countries; ++i) {
|
||||
|
@ -353,7 +368,11 @@ geoip_get_client_history(time_t now)
|
|||
const char *countrycode;
|
||||
c_hist_t *ent;
|
||||
/* Only report a country if it has a minimum number of IPs. */
|
||||
#if MIN_IPS_TO_NOTE_COUNTRY > 0
|
||||
if (c >= MIN_IPS_TO_NOTE_COUNTRY) {
|
||||
#else
|
||||
if (c > 0) {
|
||||
#endif
|
||||
/* Round up to the next multiple of IP_GRANULARITY */
|
||||
c += IP_GRANULARITY-1;
|
||||
c -= c % IP_GRANULARITY;
|
||||
|
@ -375,7 +394,9 @@ geoip_get_client_history(time_t now)
|
|||
smartlist_add(chunks, tor_strdup(buf));
|
||||
});
|
||||
result = smartlist_join_strings(chunks, ",", 0, NULL);
|
||||
#if MIN_IPS_TO_NOTE_ANYTHING > 0
|
||||
done:
|
||||
#endif
|
||||
tor_free(counts);
|
||||
if (chunks) {
|
||||
SMARTLIST_FOREACH(chunks, char *, c, tor_free(c));
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
const char hibernate_c_id[] =
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001 Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
const char main_c_id[] =
|
||||
|
@ -640,7 +640,8 @@ directory_info_has_arrived(time_t now, int from_cache)
|
|||
or_options_t *options = get_options();
|
||||
|
||||
if (!router_have_minimum_dir_info()) {
|
||||
log(LOG_NOTICE, LD_DIR,
|
||||
int quiet = directory_too_idle_to_fetch_descriptors(options, now);
|
||||
log(quiet ? LOG_INFO : LOG_NOTICE, LD_DIR,
|
||||
"I learned some more directory information, but not enough to "
|
||||
"build a circuit: %s", get_dir_info_status_string());
|
||||
update_router_descriptor_downloads(now);
|
||||
|
@ -831,6 +832,7 @@ run_scheduled_events(time_t now)
|
|||
static time_t time_to_clean_caches = 0;
|
||||
static time_t time_to_recheck_bandwidth = 0;
|
||||
static time_t time_to_check_for_expired_networkstatus = 0;
|
||||
static time_t time_to_retry_dns_init = 0;
|
||||
or_options_t *options = get_options();
|
||||
int i;
|
||||
int have_dir_info;
|
||||
|
@ -993,6 +995,14 @@ run_scheduled_events(time_t now)
|
|||
time_to_clean_caches = now + CLEAN_CACHES_INTERVAL;
|
||||
}
|
||||
|
||||
#define RETRY_DNS_INTERVAL (10*60)
|
||||
/* If we're a server and initializing dns failed, retry periodically. */
|
||||
if (time_to_retry_dns_init < now) {
|
||||
time_to_retry_dns_init = now + RETRY_DNS_INTERVAL;
|
||||
if (server_mode(options) && has_dns_init_failed())
|
||||
dns_init();
|
||||
}
|
||||
|
||||
/** How often do we check whether part of our router info has changed in a way
|
||||
* that would require an upload? */
|
||||
#define CHECK_DESCRIPTOR_INTERVAL (60)
|
||||
|
@ -1112,8 +1122,10 @@ run_scheduled_events(time_t now)
|
|||
circuit_close_all_marked();
|
||||
|
||||
/** 7. And upload service descriptors if necessary. */
|
||||
if (has_completed_circuit && !we_are_hibernating())
|
||||
if (has_completed_circuit && !we_are_hibernating()) {
|
||||
rend_consider_services_upload(now);
|
||||
rend_consider_descriptor_republication();
|
||||
}
|
||||
|
||||
/** 8. and blow away any connections that need to die. have to do this now,
|
||||
* because if we marked a conn for close and left its socket -1, then
|
||||
|
@ -1166,7 +1178,7 @@ second_elapsed_callback(int fd, short event, void *args)
|
|||
* could use libevent's timers for this rather than checking the current
|
||||
* time against a bunch of timeouts every second. */
|
||||
static struct timeval one_second;
|
||||
static long current_second = 0;
|
||||
static time_t current_second = 0;
|
||||
struct timeval now;
|
||||
size_t bytes_written;
|
||||
size_t bytes_read;
|
||||
|
@ -1374,8 +1386,13 @@ do_main_loop(void)
|
|||
|
||||
/* initialize dns resolve map, spawn workers if needed */
|
||||
if (dns_init() < 0) {
|
||||
log_err(LD_GENERAL,"Error initializing dns subsystem; exiting");
|
||||
return -1;
|
||||
if (get_options()->ServerDNSAllowBrokenResolvConf)
|
||||
log_warn(LD_GENERAL, "Couldn't set up any working nameservers. "
|
||||
"Network not up yet? Will try again soon.");
|
||||
else {
|
||||
log_err(LD_GENERAL,"Error initializing dns subsystem; exiting. To "
|
||||
"retry instead, set the ServerDNSAllowBrokenResolvConf option.");
|
||||
}
|
||||
}
|
||||
|
||||
handle_signals(1);
|
||||
|
@ -1768,8 +1785,6 @@ tor_init(int argc, char *argv[])
|
|||
/* Have the log set up with our application name. */
|
||||
tor_snprintf(buf, sizeof(buf), "Tor %s", get_version());
|
||||
log_set_application_name(buf);
|
||||
/* Initialize threading. */
|
||||
tor_threads_init();
|
||||
/* Initialize the history structures. */
|
||||
rep_hist_init();
|
||||
/* Initialize the service cache. */
|
||||
|
@ -1849,13 +1864,15 @@ tor_free_all(int postfork)
|
|||
entry_guards_free_all();
|
||||
connection_free_all();
|
||||
buf_shrink_freelists(1);
|
||||
policies_free_all();
|
||||
if (!postfork) {
|
||||
config_free_all();
|
||||
router_free_all();
|
||||
policies_free_all();
|
||||
}
|
||||
free_cell_pool();
|
||||
tor_tls_free_all();
|
||||
if (!postfork) {
|
||||
tor_tls_free_all();
|
||||
}
|
||||
/* stuff in main.c */
|
||||
smartlist_free(connection_array);
|
||||
smartlist_free(closeable_connection_lst);
|
||||
|
@ -1963,12 +1980,15 @@ int
|
|||
tor_main(int argc, char *argv[])
|
||||
{
|
||||
int result = 0;
|
||||
#ifdef USE_DMALLOC
|
||||
int r = CRYPTO_set_mem_ex_functions(_tor_malloc, _tor_realloc,
|
||||
_tor_dmalloc_free);
|
||||
log_notice(LD_CONFIG, "Set up dmalloc; returned %d", r);
|
||||
#endif
|
||||
tor_threads_init();
|
||||
init_logging();
|
||||
#ifdef USE_DMALLOC
|
||||
{
|
||||
int r = CRYPTO_set_mem_ex_functions(_tor_malloc, _tor_realloc,
|
||||
_tor_dmalloc_free);
|
||||
log_notice(LD_CONFIG, "Set up dmalloc; returned %d", r);
|
||||
}
|
||||
#endif
|
||||
#ifdef NT_SERVICE
|
||||
{
|
||||
int done = 0;
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001 Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
const char networkstatus_c_id[] =
|
||||
|
@ -211,7 +211,8 @@ router_reload_consensus_networkstatus(void)
|
|||
s = read_file_to_str(options->FallbackNetworkstatusFile,
|
||||
RFTS_IGNORE_MISSING, NULL);
|
||||
if (s) {
|
||||
if (networkstatus_set_current_consensus(s, flags)) {
|
||||
if (networkstatus_set_current_consensus(s,
|
||||
flags|NSSET_ACCEPT_OBSOLETE)) {
|
||||
log_info(LD_FS, "Couldn't load consensus networkstatus from \"%s\"",
|
||||
options->FallbackNetworkstatusFile);
|
||||
} else {
|
||||
|
@ -392,17 +393,18 @@ networkstatus_check_consensus_signature(networkstatus_t *consensus,
|
|||
{
|
||||
if (!voter->good_signature && !voter->bad_signature && voter->signature) {
|
||||
/* we can try to check the signature. */
|
||||
int is_v3_auth = trusteddirserver_get_by_v3_auth_digest(
|
||||
voter->identity_digest) != NULL;
|
||||
authority_cert_t *cert =
|
||||
authority_cert_get_by_digests(voter->identity_digest,
|
||||
voter->signing_key_digest);
|
||||
if (! cert) {
|
||||
if (!trusteddirserver_get_by_v3_auth_digest(voter->identity_digest)) {
|
||||
smartlist_add(unrecognized, voter);
|
||||
++n_unknown;
|
||||
} else {
|
||||
smartlist_add(need_certs_from, voter);
|
||||
++n_missing_key;
|
||||
}
|
||||
if (!is_v3_auth) {
|
||||
smartlist_add(unrecognized, voter);
|
||||
++n_unknown;
|
||||
continue;
|
||||
} else if (!cert) {
|
||||
smartlist_add(need_certs_from, voter);
|
||||
++n_missing_key;
|
||||
continue;
|
||||
}
|
||||
if (networkstatus_check_voter_signature(consensus, voter, cert) < 0) {
|
||||
|
@ -452,10 +454,10 @@ networkstatus_check_consensus_signature(networkstatus_t *consensus,
|
|||
});
|
||||
SMARTLIST_FOREACH(missing_authorities, trusted_dir_server_t *, ds,
|
||||
{
|
||||
log(severity, LD_DIR, "Consensus does not include configured "
|
||||
"authority '%s' at %s:%d (identity %s)",
|
||||
ds->nickname, ds->address, (int)ds->dir_port,
|
||||
hex_str(ds->v3_identity_digest, DIGEST_LEN));
|
||||
log_info(LD_DIR, "Consensus does not include configured "
|
||||
"authority '%s' at %s:%d (identity %s)",
|
||||
ds->nickname, ds->address, (int)ds->dir_port,
|
||||
hex_str(ds->v3_identity_digest, DIGEST_LEN));
|
||||
});
|
||||
log(severity, LD_DIR,
|
||||
"%d unknown, %d missing key, %d good, %d bad, %d no signature, "
|
||||
|
@ -1371,6 +1373,7 @@ networkstatus_set_current_consensus(const char *consensus, unsigned flags)
|
|||
const unsigned from_cache = flags & NSSET_FROM_CACHE;
|
||||
const unsigned was_waiting_for_certs = flags & NSSET_WAS_WAITING_FOR_CERTS;
|
||||
const unsigned dl_certs = !(flags & NSSET_DONT_DOWNLOAD_CERTS);
|
||||
const unsigned accept_obsolete = flags & NSSET_ACCEPT_OBSOLETE;
|
||||
|
||||
/* Make sure it's parseable. */
|
||||
c = networkstatus_parse_vote_from_string(consensus, NULL, 0);
|
||||
|
@ -1380,6 +1383,15 @@ networkstatus_set_current_consensus(const char *consensus, unsigned flags)
|
|||
goto done;
|
||||
}
|
||||
|
||||
if (from_cache && !accept_obsolete &&
|
||||
c->valid_until < now-OLD_ROUTER_DESC_MAX_AGE) {
|
||||
/* XXX022 when we try to make fallbackconsensus work again, we should
|
||||
* consider taking this out. Until then, believing obsolete consensuses
|
||||
* is causing more harm than good. See also bug 887. */
|
||||
log_info(LD_DIR, "Loaded an obsolete consensus. Discarding.");
|
||||
goto done;
|
||||
}
|
||||
|
||||
if (current_consensus &&
|
||||
!memcmp(c->networkstatus_digest, current_consensus->networkstatus_digest,
|
||||
DIGEST_LEN)) {
|
||||
|
@ -1403,10 +1415,8 @@ networkstatus_set_current_consensus(const char *consensus, unsigned flags)
|
|||
if (r == -1) {
|
||||
/* Okay, so it _might_ be signed enough if we get more certificates. */
|
||||
if (!was_waiting_for_certs) {
|
||||
/* XXX020 eventually downgrade this log severity, or make it so
|
||||
* users know why they're being told. */
|
||||
log_notice(LD_DIR, "Not enough certificates to check networkstatus "
|
||||
"consensus");
|
||||
log_info(LD_DIR,
|
||||
"Not enough certificates to check networkstatus consensus");
|
||||
}
|
||||
if (!current_consensus ||
|
||||
c->valid_after > current_consensus->valid_after) {
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001 Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
const char onion_c_id[] =
|
||||
|
|
74
src/or/or.h
74
src/or/or.h
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001 Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
|
||||
|
@ -328,8 +328,8 @@ typedef enum {
|
|||
/** A connection to a directory server: set after a rendezvous
|
||||
* descriptor is downloaded. */
|
||||
#define DIR_PURPOSE_HAS_FETCHED_RENDDESC 4
|
||||
/** A connection to a directory server: download one or more network-status
|
||||
* objects */
|
||||
/** A connection to a directory server: download one or more v2
|
||||
* network-status objects */
|
||||
#define DIR_PURPOSE_FETCH_NETWORKSTATUS 5
|
||||
/** A connection to a directory server: download one or more server
|
||||
* descriptors. */
|
||||
|
@ -369,6 +369,12 @@ typedef enum {
|
|||
#define DIR_PURPOSE_FETCH_RENDDESC_V2 18
|
||||
#define _DIR_PURPOSE_MAX 18
|
||||
|
||||
#define DIR_PURPOSE_IS_UPLOAD(p) \
|
||||
((p)==DIR_PURPOSE_UPLOAD_DIR || \
|
||||
(p)==DIR_PURPOSE_UPLOAD_RENDDESC || \
|
||||
(p)==DIR_PURPOSE_UPLOAD_VOTE || \
|
||||
(p)==DIR_PURPOSE_UPLOAD_SIGNATURES)
|
||||
|
||||
#define _EXIT_PURPOSE_MIN 1
|
||||
/** This exit stream wants to do an ordinary connect. */
|
||||
#define EXIT_PURPOSE_CONNECT 1
|
||||
|
@ -607,6 +613,10 @@ typedef enum {
|
|||
/** Length of a binary-encoded rendezvous service ID. */
|
||||
#define REND_SERVICE_ID_LEN 10
|
||||
|
||||
/** How long after we receive a hidden service descriptor do we consider
|
||||
* it fresh? */
|
||||
#define NUM_SECONDS_BEFORE_HS_REFETCH (60*15)
|
||||
|
||||
/** Time period for which a v2 descriptor will be valid. */
|
||||
#define REND_TIME_PERIOD_V2_DESC_VALIDITY (24*60*60)
|
||||
|
||||
|
@ -869,6 +879,9 @@ typedef struct connection_t {
|
|||
/** Another connection that's connected to this one in lieu of a socket. */
|
||||
struct connection_t *linked_conn;
|
||||
|
||||
/** Unique identifier for this connection. */
|
||||
uint64_t global_identifier;
|
||||
|
||||
/* XXXX021 move this into a subtype. */
|
||||
struct evdns_server_port *dns_server_port;
|
||||
|
||||
|
@ -976,10 +989,6 @@ typedef struct edge_connection_t {
|
|||
/** The reason why this connection is closing; passed to the controller. */
|
||||
uint16_t end_reason;
|
||||
|
||||
/** Quasi-global identifier for this connection; used for control.c */
|
||||
/* XXXX NM This can get re-used after 2**32 streams */
|
||||
uint32_t global_identifier;
|
||||
|
||||
/** Bytes read since last call to control_event_stream_bandwidth_used() */
|
||||
uint32_t n_read;
|
||||
|
||||
|
@ -994,7 +1003,7 @@ typedef struct edge_connection_t {
|
|||
* already retried several times. */
|
||||
uint8_t num_socks_retries;
|
||||
|
||||
/** True iff this connection is for a dns request only. */
|
||||
/** True iff this connection is for a dnsserv request only. */
|
||||
unsigned int is_dns_request:1;
|
||||
|
||||
/** True iff this stream must attach to a one-hop circuit (e.g. for
|
||||
|
@ -1118,7 +1127,7 @@ typedef enum {
|
|||
ADDR_POLICY_REJECT=2,
|
||||
} addr_policy_action_t;
|
||||
|
||||
/** A linked list of policy rules */
|
||||
/** A reference-counted address policy rule. */
|
||||
typedef struct addr_policy_t {
|
||||
int refcnt; /**< Reference count */
|
||||
addr_policy_action_t policy_type:2;/**< What to do when the policy matches.*/
|
||||
|
@ -1452,6 +1461,7 @@ typedef struct networkstatus_voter_info_t {
|
|||
uint16_t or_port; /**< OR port of this voter */
|
||||
char *contact; /**< Contact information for this voter. */
|
||||
char vote_digest[DIGEST_LEN]; /**< Digest of this voter's vote, as signed. */
|
||||
char legacy_id_digest[DIGEST_LEN]; /**< From vote only. DOCDOC */
|
||||
|
||||
/* Nothing from here on is signed. */
|
||||
char signing_key_digest[DIGEST_LEN]; /**< Declared digest of signing key
|
||||
|
@ -2291,6 +2301,8 @@ typedef struct {
|
|||
* the local domains. */
|
||||
int ServerDNSDetectHijacking; /**< Boolean: If true, check for DNS failure
|
||||
* hijacking. */
|
||||
int ServerDNSRandomizeCase; /**< Boolean: Use the 0x20-hack to prevent
|
||||
* DNS poisoning attacks. */
|
||||
char *ServerDNSResolvConfFile; /**< If provided, we configure our internal
|
||||
* resolver from the file here rather than from
|
||||
* /etc/resolv.conf (Unix) or the registry (Windows). */
|
||||
|
@ -2330,6 +2342,10 @@ typedef struct {
|
|||
/** The number of intervals we think a consensus should be valid. */
|
||||
int V3AuthNIntervalsValid;
|
||||
|
||||
/** Should advertise and sign consensuses with a legacy key, for key
|
||||
* migration purposes? */
|
||||
int V3AuthUseLegacyKey;
|
||||
|
||||
/** File to check for a consensus networkstatus, if we don't have one
|
||||
* cached. */
|
||||
char *FallbackNetworkstatusFile;
|
||||
|
@ -2557,6 +2573,7 @@ origin_circuit_t *origin_circuit_new(void);
|
|||
or_circuit_t *or_circuit_new(uint16_t p_circ_id, or_connection_t *p_conn);
|
||||
circuit_t *circuit_get_by_circid_orconn(uint16_t circ_id,
|
||||
or_connection_t *conn);
|
||||
int circuit_id_in_use_on_orconn(uint16_t circ_id, or_connection_t *conn);
|
||||
circuit_t *circuit_get_by_edge_conn(edge_connection_t *conn);
|
||||
void circuit_unlink_all_from_or_conn(or_connection_t *conn, int reason);
|
||||
origin_circuit_t *circuit_get_by_global_id(uint32_t id);
|
||||
|
@ -2737,9 +2754,7 @@ connection_write_to_buf_zlib(const char *string, size_t len,
|
|||
_connection_write_to_buf_impl(string, len, TO_CONN(conn), done ? -1 : 1);
|
||||
}
|
||||
|
||||
or_connection_t *connection_or_exact_get_by_addr_port(uint32_t addr,
|
||||
uint16_t port);
|
||||
edge_connection_t *connection_get_by_global_id(uint32_t id);
|
||||
connection_t *connection_get_by_global_id(uint64_t id);
|
||||
|
||||
connection_t *connection_get_by_type(int type);
|
||||
connection_t *connection_get_by_type_purpose(int type, int purpose);
|
||||
|
@ -2801,6 +2816,8 @@ int connection_edge_is_rendezvous_stream(edge_connection_t *conn);
|
|||
int connection_ap_can_use_exit(edge_connection_t *conn, routerinfo_t *exit);
|
||||
void connection_ap_expire_beginning(void);
|
||||
void connection_ap_attach_pending(void);
|
||||
void connection_ap_fail_onehop(const char *failed_digest,
|
||||
cpath_build_state_t *build_state);
|
||||
void circuit_discard_optional_exit_enclaves(extend_info_t *info);
|
||||
int connection_ap_detach_retriable(edge_connection_t *conn,
|
||||
origin_circuit_t *circ,
|
||||
|
@ -2842,6 +2859,10 @@ typedef enum hostname_type_t {
|
|||
} hostname_type_t;
|
||||
hostname_type_t parse_extended_hostname(char *address);
|
||||
|
||||
#if defined(HAVE_NET_IF_H) && defined(HAVE_NET_PFVAR_H)
|
||||
int get_pf_socket(void);
|
||||
#endif
|
||||
|
||||
/********************************* connection_or.c ***************************/
|
||||
|
||||
void connection_or_remove_from_identity_map(or_connection_t *conn);
|
||||
|
@ -3168,7 +3189,9 @@ void dirvote_free_all(void);
|
|||
char *networkstatus_compute_consensus(smartlist_t *votes,
|
||||
int total_authorities,
|
||||
crypto_pk_env_t *identity_key,
|
||||
crypto_pk_env_t *signing_key);
|
||||
crypto_pk_env_t *signing_key,
|
||||
const char *legacy_identity_key_digest,
|
||||
crypto_pk_env_t *legacy_signing_key);
|
||||
int networkstatus_add_detached_signatures(networkstatus_t *target,
|
||||
ns_detached_signatures_t *sigs,
|
||||
const char **msg_out);
|
||||
|
@ -3224,6 +3247,7 @@ format_networkstatus_vote(crypto_pk_env_t *private_key,
|
|||
/********************************* dns.c ***************************/
|
||||
|
||||
int dns_init(void);
|
||||
int has_dns_init_failed(void);
|
||||
void dns_free_all(void);
|
||||
uint32_t dns_clip_ttl(uint32_t ttl);
|
||||
int dns_reset(void);
|
||||
|
@ -3235,6 +3259,7 @@ int dns_resolve(edge_connection_t *exitconn);
|
|||
void dns_launch_correctness_checks(void);
|
||||
int dns_seems_to_be_broken(void);
|
||||
void dns_reset_correctness_checks(void);
|
||||
int parse_inaddr_arpa_address(const char *address, struct in_addr *in);
|
||||
|
||||
/********************************* dnsserv.c ************************/
|
||||
|
||||
|
@ -3253,7 +3278,8 @@ int dnsserv_launch_request(const char *name, int is_reverse);
|
|||
#ifdef GEOIP_PRIVATE
|
||||
int geoip_parse_entry(const char *line);
|
||||
#endif
|
||||
int geoip_load_file(const char *filename);
|
||||
int should_record_bridge_info(or_options_t *options);
|
||||
int geoip_load_file(const char *filename, or_options_t *options);
|
||||
int geoip_get_country_by_ip(uint32_t ipaddr);
|
||||
int geoip_get_n_countries(void);
|
||||
const char *geoip_get_country_name(int num);
|
||||
|
@ -3393,6 +3419,7 @@ networkstatus_t *networkstatus_get_reasonably_live_consensus(time_t now);
|
|||
#define NSSET_FROM_CACHE 1
|
||||
#define NSSET_WAS_WAITING_FOR_CERTS 2
|
||||
#define NSSET_DONT_DOWNLOAD_CERTS 4
|
||||
#define NSSET_ACCEPT_OBSOLETE 8
|
||||
int networkstatus_set_current_consensus(const char *consensus, unsigned flags);
|
||||
void networkstatus_note_certs_arrived(void);
|
||||
void routers_update_all_from_networkstatus(time_t now, int dir_version);
|
||||
|
@ -3541,7 +3568,7 @@ void append_cell_to_circuit_queue(circuit_t *circ, or_connection_t *orconn,
|
|||
cell_t *cell, int direction);
|
||||
void connection_or_unlink_all_active_circs(or_connection_t *conn);
|
||||
int connection_or_flush_from_first_active_circuit(or_connection_t *conn,
|
||||
int max);
|
||||
int max, time_t now);
|
||||
void assert_active_circuits_ok(or_connection_t *orconn);
|
||||
void make_circuit_inactive_on_conn(circuit_t *circ, or_connection_t *conn);
|
||||
void make_circuit_active_on_conn(circuit_t *circ, or_connection_t *conn);
|
||||
|
@ -3623,7 +3650,7 @@ int rend_client_rendezvous_acked(origin_circuit_t *circ, const char *request,
|
|||
size_t request_len);
|
||||
int rend_client_receive_rendezvous(origin_circuit_t *circ, const char *request,
|
||||
size_t request_len);
|
||||
void rend_client_desc_here(const char *query);
|
||||
void rend_client_desc_trynow(const char *query, int rend_version);
|
||||
|
||||
extend_info_t *rend_client_get_random_intro(const char *query);
|
||||
|
||||
|
@ -3655,12 +3682,19 @@ typedef struct rend_service_descriptor_t {
|
|||
/** List of the service's introduction points. Elements are removed if
|
||||
* introduction attempts fail. */
|
||||
smartlist_t *intro_nodes;
|
||||
/** Has descriptor been uploaded to all hidden service directories? */
|
||||
int all_uploads_performed;
|
||||
/** List of hidden service directories to which an upload request for
|
||||
* this descriptor could be sent. Smartlist exists only when at least one
|
||||
* of the previous upload requests failed (otherwise it's not important
|
||||
* to know which uploads succeeded and which not). */
|
||||
smartlist_t *successful_uploads;
|
||||
} rend_service_descriptor_t;
|
||||
|
||||
int rend_cmp_service_ids(const char *one, const char *two);
|
||||
|
||||
void rend_process_relay_cell(circuit_t *circ, int command, size_t length,
|
||||
const char *payload);
|
||||
void rend_process_relay_cell(circuit_t *circ, const crypt_path_t *layer_hint,
|
||||
int command, size_t length, const char *payload);
|
||||
|
||||
void rend_service_descriptor_free(rend_service_descriptor_t *desc);
|
||||
int rend_encode_service_descriptor(rend_service_descriptor_t *desc,
|
||||
|
@ -3716,6 +3750,8 @@ int rend_service_load_keys(void);
|
|||
void rend_services_init(void);
|
||||
void rend_services_introduce(void);
|
||||
void rend_consider_services_upload(time_t now);
|
||||
void rend_hsdir_routers_changed(void);
|
||||
void rend_consider_descriptor_republication(void);
|
||||
|
||||
void rend_service_intro_has_opened(origin_circuit_t *circuit);
|
||||
int rend_service_intro_established(origin_circuit_t *circuit,
|
||||
|
@ -3749,6 +3785,8 @@ crypto_pk_env_t *get_identity_key(void);
|
|||
int identity_key_is_set(void);
|
||||
authority_cert_t *get_my_v3_authority_cert(void);
|
||||
crypto_pk_env_t *get_my_v3_authority_signing_key(void);
|
||||
authority_cert_t *get_my_v3_legacy_cert(void);
|
||||
crypto_pk_env_t *get_my_v3_legacy_signing_key(void);
|
||||
void dup_onion_keys(crypto_pk_env_t **key, crypto_pk_env_t **last);
|
||||
void rotate_onion_key(void);
|
||||
crypto_pk_env_t *init_key_from_file(const char *fname, int generate,
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2008, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2009, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* $Id$ */
|
||||
const char policies_c_id[] = \
|
||||
|
@ -446,7 +446,7 @@ typedef struct policy_map_ent_t {
|
|||
addr_policy_t *policy;
|
||||
} policy_map_ent_t;
|
||||
|
||||
static HT_HEAD(policy_map, policy_map_ent_t) policy_root;
|
||||
static HT_HEAD(policy_map, policy_map_ent_t) policy_root = HT_INITIALIZER();
|
||||
|
||||
/** Return true iff a and b are equal. */
|
||||
static INLINE int
|
||||
|
@ -495,7 +495,7 @@ addr_policy_get_canonical_entry(addr_policy_t *e)
|
|||
found = tor_malloc_zero(sizeof(policy_map_ent_t));
|
||||
found->policy = tor_memdup(e, sizeof(addr_policy_t));
|
||||
found->policy->is_canonical = 1;
|
||||
found->policy->refcnt = 1;
|
||||
found->policy->refcnt = 0;
|
||||
HT_INSERT(policy_map, &policy_root, found);
|
||||
}
|
||||
|
||||
|
@ -764,6 +764,9 @@ exit_policy_is_general_exit(smartlist_t *policy)
|
|||
static const int ports[] = { 80, 443, 6667 };
|
||||
int n_allowed = 0;
|
||||
int i;
|
||||
if (!policy)
|
||||
return 0;
|
||||
|
||||
for (i = 0; i < 3; ++i) {
|
||||
SMARTLIST_FOREACH(policy, addr_policy_t *, p, {
|
||||
if (p->prt_min > ports[i] || p->prt_max < ports[i])
|
||||
|
@ -787,6 +790,8 @@ exit_policy_is_general_exit(smartlist_t *policy)
|
|||
int
|
||||
policy_is_reject_star(smartlist_t *policy)
|
||||
{
|
||||
if (!policy)
|
||||
return 1;
|
||||
SMARTLIST_FOREACH(policy, addr_policy_t *, p, {
|
||||
if (p->policy_type == ADDR_POLICY_ACCEPT)
|
||||
return 0;
|
||||
|
@ -917,5 +922,13 @@ policies_free_all(void)
|
|||
authdir_reject_policy = NULL;
|
||||
addr_policy_list_free(authdir_invalid_policy);
|
||||
authdir_invalid_policy = NULL;
|
||||
addr_policy_list_free(authdir_baddir_policy);
|
||||
authdir_baddir_policy = NULL;
|
||||
addr_policy_list_free(authdir_badexit_policy);
|
||||
authdir_badexit_policy = NULL;
|
||||
|
||||
if (!HT_EMPTY(&policy_root))
|
||||
log_warn(LD_MM, "Still had some address policies cached at shutdown.");
|
||||
HT_CLEAR(policy_map, &policy_root);
|
||||
}
|
||||
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue