diff options
-rw-r--r-- | ChangeLog | 13 | ||||
-rw-r--r-- | doc/design-paper/blocking.tex | 10 | ||||
-rw-r--r-- | doc/spec/dir-spec-v2.txt | 4 | ||||
-rw-r--r-- | doc/spec/dir-spec.txt | 18 | ||||
-rw-r--r-- | src/common/log.c | 3 | ||||
-rw-r--r-- | src/or/circuituse.c | 4 | ||||
-rw-r--r-- | src/or/config.c | 24 | ||||
-rw-r--r-- | src/or/connection_edge.c | 65 | ||||
-rw-r--r-- | src/or/control.c | 2 | ||||
-rw-r--r-- | src/or/directory.c | 2 | ||||
-rw-r--r-- | src/or/dns.c | 2 | ||||
-rw-r--r-- | src/or/main.c | 4 | ||||
-rw-r--r-- | src/or/routerlist.c | 2 |
13 files changed, 64 insertions, 89 deletions
@@ -121,8 +121,8 @@ Changes in version 0.2.0.1-alpha - 2007-??-?? eventdns code. o Minor bugfixes (portability): - - Even though windows is equally happy with / and \ as path separators, - try to use \ consistently on windows and / consistently on unix: it + - Even though Windows is equally happy with / and \ as path separators, + try to use \ consistently on Windows and / consistently on Unix: it makes the log messages nicer. - Correctly report platform name on Windows 95 OSR2 and Windows 98 SE. @@ -132,7 +132,7 @@ Changes in version 0.2.0.1-alpha - 2007-??-?? - When we are reporting the DirServer line we just parsed, we were logging the second stanza of the key fingerprint, not the first. - When we have k non-v2 authorities in our DirServer config, - we ignored as many as k v2 authorities while updating our + we ignored the last k authorities in the list when updating our network-statuses. o Minor bugfixes (other): @@ -152,15 +152,10 @@ Changes in version 0.2.0.1-alpha - 2007-??-?? - Fix a typo in an error message when extendcircuit fails that caused us to not follow the \r\n-based delimiter protocol. Reported by daejees. - - The control spec described a GUARDS event, but the code - implemented a GUARD event. Standardize on GUARD, but support people - asking for GUARDS too. Reported by daejees. - - Correct the control spec to match how the code actually responds - to 'getinfo addr-mappings/*'. Reported by daejees. - Actually set the purpose correctly for descriptors inserted with purpose=controller. - o Code simplifications and refactoring + o Code simplifications and refactoring: - Stop passing around circuit_t and crypt_path_t pointers that are implicit in other procedure arguments. - Drop the old code to choke directory connections when the corresponding diff --git a/doc/design-paper/blocking.tex b/doc/design-paper/blocking.tex index eb8cfc653a..835d090522 100644 --- a/doc/design-paper/blocking.tex +++ b/doc/design-paper/blocking.tex @@ -131,7 +131,7 @@ whistleblowers in firewalled corporate networks; and for people in unanticipated oppressive situations. In fact, by designing with a variety of adversaries in mind, we can take advantage of the fact that adversaries will be in different stages of the arms race at each location, -so a server blocked in one locale can still be useful in others. +so an address blocked in one locale can still be useful in others. We assume that the attackers' goals are somewhat complex. \begin{tightlist} @@ -149,9 +149,9 @@ We assume that the attackers' goals are somewhat complex. \item Complete blocking (where nobody at all can ever download censored content) is not a goal. Attackers typically recognize that perfect censorship is not only - impossible, but unnecessary: if ``undesirable'' information is known only + impossible, it is unnecessary: if ``undesirable'' information is known only to a small few, further censoring efforts can be focused elsewhere. -\item Similarly, the censors are not attempting to shut down or block {\it +\item Similarly, the censors do not attempt to shut down or block {\it every} anti-censorship tool---merely the tools that are popular and effective (because these tools impede the censors' information restriction goals) and those tools that are highly visible (thus making the censors @@ -1667,8 +1667,8 @@ Many people working on this field want to publicize the existence and extent of censorship concurrently with the deployment of their circumvention software. The easy reason for this two-pronged push is to attract volunteers for running proxies in their systems; but in many -cases their main goal is not to focus on actually allowing individuals -to circumvent the firewall, but rather to educate the world about the +cases their main goal is not to focus on getting more users signed up, +but rather to educate the rest of the world about the censorship. The media also tries to do its part by broadcasting the existence of each new circumvention system. diff --git a/doc/spec/dir-spec-v2.txt b/doc/spec/dir-spec-v2.txt index f593999d9e..712be9e7fc 100644 --- a/doc/spec/dir-spec-v2.txt +++ b/doc/spec/dir-spec-v2.txt @@ -289,8 +289,8 @@ $Id$ 1 if it is not present. Until 0.1.2.1-alpha-dev, this option was not generated, even when eventdns was in use. Versions of Tor before 0.1.2.1-alpha-dev did not parse this option, so it should be - marked "opt". With some future version, the old 'dnsworker' logic - will be removed, rendering this option of historical interest only.] + marked "opt". With 0.2.0.1-alpha, the old 'dnsworker' logic has + been removed, rendering this option of historical interest only.] 2.2. Nonterminals in router descriptors diff --git a/doc/spec/dir-spec.txt b/doc/spec/dir-spec.txt index fffd431f79..5ccd1603f6 100644 --- a/doc/spec/dir-spec.txt +++ b/doc/spec/dir-spec.txt @@ -465,24 +465,6 @@ $Id$ [See also migration notes in section 2.2.1.] - "eventdns" bool NL - - [At most once] - - Declare whether this version of Tor is using the newer enhanced - dns logic. Versions of Tor without eventdns SHOULD NOT be used for - reverse hostname lookups. - - [All versions of Tor before 0.1.2.2-alpha should be assumed to have - this option set to 0 if it is not present. All Tor versions at - 0.1.2.2-alpha or later should be assumed to have this option set to - 1 if it is not present. Until 0.1.2.1-alpha-dev, this option was - not generated, even when eventdns was in use. Versions of Tor - before 0.1.2.1-alpha-dev did not parse this option, so it should be - marked "opt". With some future version, the old 'dnsworker' logic - will be removed, rendering this option of historical interest - only.] - "caches-extra-info" 0|1 NL [At most once.] diff --git a/src/common/log.c b/src/common/log.c index cb9f0fc7fb..650e17b102 100644 --- a/src/common/log.c +++ b/src/common/log.c @@ -104,8 +104,7 @@ _log_prefix(char *buf, size_t buf_len, int severity) t = (time_t)now.tv_sec; n = strftime(buf, buf_len, "%b %d %H:%M:%S", tor_localtime_r(&t, &tm)); - r = tor_snprintf(buf+n, buf_len-n, - ".%.3ld [%s] ", + r = tor_snprintf(buf+n, buf_len-n, ".%.3ld [%s] ", (long)now.tv_usec / 1000, sev_to_string(severity)); if (r<0) return buf_len-1; diff --git a/src/or/circuituse.c b/src/or/circuituse.c index 330f782eff..9c4867f09b 100644 --- a/src/or/circuituse.c +++ b/src/or/circuituse.c @@ -1216,11 +1216,11 @@ connection_ap_handshake_attach_chosen_circuit(edge_connection_t *conn, consider_recording_trackhost(conn, circ); /* fall through */ case SOCKS_COMMAND_CONNECT_DIR: - if (connection_ap_handshake_send_begin(conn)<0) + if (connection_ap_handshake_send_begin(conn) < 0) return -1; break; default: - if (connection_ap_handshake_send_resolve(conn)<0) + if (connection_ap_handshake_send_resolve(conn) < 0) return -1; } diff --git a/src/or/config.c b/src/or/config.c index a0385bb324..71f18f314a 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -899,8 +899,8 @@ options_act(or_options_t *old_options) if (options->DirServers) { for (cl = options->DirServers; cl; cl = cl->next) { if (parse_dir_server_line(cl->value, 0)<0) { - log_err(LD_BUG, - "Previously validated DirServer line could not be added!"); + log_warn(LD_BUG, + "Previously validated DirServer line could not be added!"); return -1; } } @@ -912,15 +912,15 @@ options_act(or_options_t *old_options) if (options->Bridges) { for (cl = options->Bridges; cl; cl = cl->next) { if (parse_bridge_line(cl->value, 0)<0) { - log_err(LD_BUG, - "Previously validated Bridge line could not be added!"); + log_warn(LD_BUG, + "Previously validated Bridge line could not be added!"); return -1; } } } if (running_tor && rend_config_services(options, 0)<0) { - log_err(LD_BUG, + log_warn(LD_BUG, "Previously validated hidden services line could not be added!"); return -1; } @@ -931,8 +931,8 @@ options_act(or_options_t *old_options) tor_snprintf(fn, len, "%s"PATH_SEPARATOR"cached-status", options->DataDirectory); if (check_private_dir(fn, CPD_CREATE) != 0) { - log_err(LD_CONFIG, - "Couldn't access/create private data directory \"%s\"", fn); + log_warn(LD_CONFIG, + "Couldn't access/create private data directory \"%s\"", fn); tor_free(fn); return -1; } @@ -984,13 +984,13 @@ options_act(or_options_t *old_options) /* reload keys as needed for rendezvous services. */ if (rend_service_load_keys()<0) { - log_err(LD_GENERAL,"Error loading rendezvous service keys"); + log_warn(LD_GENERAL,"Error loading rendezvous service keys"); return -1; } /* Set up accounting */ if (accounting_parse_options(options, 0)<0) { - log_err(LD_CONFIG,"Error in accounting options"); + log_warn(LD_CONFIG,"Error in accounting options"); return -1; } if (accounting_is_enabled(options)) @@ -1013,7 +1013,7 @@ options_act(or_options_t *old_options) "Worker-related options changed. Rotating workers."); if (server_mode(options) && !server_mode(old_options)) { if (init_keys() < 0) { - log_err(LD_BUG,"Error initializing keys; exiting"); + log_warn(LD_BUG,"Error initializing keys; exiting"); return -1; } ip_address_changed(0); @@ -3689,7 +3689,7 @@ normalize_data_directory(or_options_t *options) if (strncmp(d,"~/",2) == 0) { char *fn = expand_filename(d); if (!fn) { - log_err(LD_CONFIG,"Failed to expand filename \"%s\".", d); + log_warn(LD_CONFIG,"Failed to expand filename \"%s\".", d); return -1; } if (!options->DataDirectory && !strcmp(fn,"/.tor")) { @@ -3719,7 +3719,7 @@ validate_data_directory(or_options_t *options) return -1; tor_assert(options->DataDirectory); if (strlen(options->DataDirectory) > (512-128)) { - log_err(LD_CONFIG, "DataDirectory is too long."); + log_warn(LD_CONFIG, "DataDirectory is too long."); return -1; } return 0; diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c index 913a9eecf1..f9b2ee52bf 100644 --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@ -29,8 +29,7 @@ static smartlist_t *redirect_exit_list = NULL; static int connection_ap_handshake_process_socks(edge_connection_t *conn); static int connection_ap_process_natd(edge_connection_t *conn); -static int connection_exit_connect_dir(edge_connection_t *exit_conn, - or_circuit_t *circ); +static int connection_exit_connect_dir(edge_connection_t *exitconn); static int hostname_is_noconnect_address(const char *address); /** An AP stream has failed/finished. If it hasn't already sent back @@ -2226,7 +2225,7 @@ connection_exit_begin_conn(cell_t *cell, circuit_t *circ) tor_assert(or_circ); if (or_circ->p_conn && or_circ->p_conn->_base.addr) n_stream->_base.addr = or_circ->p_conn->_base.addr; - return connection_exit_connect_dir(n_stream, or_circ); + return connection_exit_connect_dir(n_stream); } log_debug(LD_EXIT,"about to start the dns_resolve()."); @@ -2393,57 +2392,57 @@ connection_exit_connect(edge_connection_t *edge_conn) * bridge connection with a socketpair, create a new directory conn, and join * them together. Return 0 on success (or if there was an error we could send * back an end cell for). Return -(some circuit end reason) if the circuit - * needs to be torn down. Either connects exit_conn, frees it, or marks it, - * as appropriate. + * needs to be torn down. Either connects <b>exitconn<b/>, frees it, + * or marks it, as appropriate. * * DOCDOC no longer uses socketpair */ static int -connection_exit_connect_dir(edge_connection_t *exit_conn, - or_circuit_t *circ) +connection_exit_connect_dir(edge_connection_t *exitconn) { - dir_connection_t *dir_conn = NULL; + dir_connection_t *dirconn = NULL; + or_circuit_t *circ = TO_OR_CIRCUIT(exitconn->on_circuit); log_info(LD_EXIT, "Opening local connection for anonymized directory exit"); - exit_conn->_base.state = EXIT_CONN_STATE_OPEN; + exitconn->_base.state = EXIT_CONN_STATE_OPEN; - dir_conn = TO_DIR_CONN(connection_new(CONN_TYPE_DIR)); + dirconn = TO_DIR_CONN(connection_new(CONN_TYPE_DIR)); - dir_conn->_base.addr = 0x7f000001; - dir_conn->_base.port = 0; - dir_conn->_base.address = tor_strdup("Tor network"); - dir_conn->_base.type = CONN_TYPE_DIR; - dir_conn->_base.purpose = DIR_PURPOSE_SERVER; - dir_conn->_base.state = DIR_CONN_STATE_SERVER_COMMAND_WAIT; + dirconn->_base.addr = 0x7f000001; + dirconn->_base.port = 0; + dirconn->_base.address = tor_strdup("Tor network"); + dirconn->_base.type = CONN_TYPE_DIR; + dirconn->_base.purpose = DIR_PURPOSE_SERVER; + dirconn->_base.state = DIR_CONN_STATE_SERVER_COMMAND_WAIT; - connection_link_connections(TO_CONN(dir_conn), TO_CONN(exit_conn)); + connection_link_connections(TO_CONN(dir_conn), TO_CONN(exitconn)); - if (connection_add(TO_CONN(exit_conn))<0) { - connection_edge_end(exit_conn, END_STREAM_REASON_RESOURCELIMIT); - connection_free(TO_CONN(exit_conn)); - connection_free(TO_CONN(dir_conn)); + if (connection_add(TO_CONN(exitconn))<0) { + connection_edge_end(exitconn, END_STREAM_REASON_RESOURCELIMIT); + connection_free(TO_CONN(exitconn)); + connection_free(TO_CONN(dirconn)); return 0; } - exit_conn->next_stream = circ->n_streams; - circ->n_streams = exit_conn; + exitconn->next_stream = circ->n_streams; + circ->n_streams = exitconn; - if (connection_add(TO_CONN(dir_conn))<0) { - connection_edge_end(exit_conn, END_STREAM_REASON_RESOURCELIMIT); - connection_close_immediate(TO_CONN(exit_conn)); - connection_mark_for_close(TO_CONN(exit_conn)); - connection_free(TO_CONN(dir_conn)); + if (connection_add(TO_CONN(dirconn))<0) { + connection_edge_end(exitconn, END_STREAM_REASON_RESOURCELIMIT); + connection_close_immediate(TO_CONN(exitconn)); + connection_mark_for_close(TO_CONN(exitconn)); + connection_free(TO_CONN(dirconn)); return 0; } - connection_start_reading(TO_CONN(dir_conn)); - connection_start_reading(TO_CONN(exit_conn)); + connection_start_reading(TO_CONN(dirconn)); + connection_start_reading(TO_CONN(exitconn)); - if (connection_edge_send_command(exit_conn, + if (connection_edge_send_command(exitconn, RELAY_COMMAND_CONNECTED, NULL, 0) < 0) { - connection_mark_for_close(TO_CONN(exit_conn)); - connection_mark_for_close(TO_CONN(dir_conn)); + connection_mark_for_close(TO_CONN(exitconn)); + connection_mark_for_close(TO_CONN(dirconn)); return 0; } diff --git a/src/or/control.c b/src/or/control.c index 4288d56588..355bad6e2c 100644 --- a/src/or/control.c +++ b/src/or/control.c @@ -7,7 +7,7 @@ const char control_c_id[] = /** * \file control.c * \brief Implementation for Tor's control-socket interface. - * See control-spec.txt for full details on protocol. + * See doc/spec/control-spec.txt for full details on protocol. **/ #define CONTROL_PRIVATE diff --git a/src/or/directory.c b/src/or/directory.c index e03506a4f4..be71678c7f 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -647,7 +647,7 @@ directory_send_command(dir_connection_t *conn, if (strlen(proxystring) + strlen(url) >= 4096) { log_warn(LD_BUG, - "Squid does not like URLs longer than 4095 bytes, this " + "Squid does not like URLs longer than 4095 bytes, and this " "one is %d bytes long: %s%s", (int)(strlen(proxystring) + strlen(url)), proxystring, url); } diff --git a/src/or/dns.c b/src/or/dns.c index c6bb4703ce..665e0820b7 100644 --- a/src/or/dns.c +++ b/src/or/dns.c @@ -8,7 +8,7 @@ const char dns_c_id[] = /** * \file dns.c * \brief Implements a local cache for DNS results for Tor servers. - * This is implemetned as a wrapper around Adam Langley's eventdns.c code. + * This is implemented as a wrapper around Adam Langley's eventdns.c code. * (We can't just use gethostbyname() and friends because we really need to * be nonblocking.) **/ diff --git a/src/or/main.c b/src/or/main.c index 14ca11d068..41156faac1 100644 --- a/src/or/main.c +++ b/src/or/main.c @@ -515,8 +515,8 @@ conn_write_callback(int fd, short events, void *_conn) if (!conn->marked_for_close) { /* this connection is broken. remove it. */ log_fn(LOG_WARN,LD_BUG, - "unhandled error on write for %s connection (fd %d); removing", - conn_type_to_string(conn->type), conn->s); + "unhandled error on write for %s connection (fd %d); removing", + conn_type_to_string(conn->type), conn->s); tor_fragile_assert(); if (CONN_IS_EDGE(conn)) { /* otherwise we cry wolf about duplicate close */ diff --git a/src/or/routerlist.c b/src/or/routerlist.c index 12161779d9..d14db33a8a 100644 --- a/src/or/routerlist.c +++ b/src/or/routerlist.c @@ -4344,7 +4344,7 @@ update_router_descriptor_cache_downloads(time_t now) continue; if (router_get_by_descriptor_digest(rs->descriptor_digest)) { log_warn(LD_BUG, - "We have a router descriptor, but need_to_mirror=1."); + "We have a router descriptor, but need_to_mirror=1."); rs->need_to_mirror = 0; continue; } |