| Age | Commit message (Collapse) | Author |
|---|
|
|
|
(Ticket 24378; proposal 290.)
|
|
(Remove support for running without this method.)
|
|
Also remove client detection for pre-EXCLUDING_INVALID_NODES
consensuses, and a test for that detection.
|
|
This also lets us remove the old rsa-based routerstatus collator.
|
|
Also remove a rest for pre-19 microdesc versions.
|
|
|
|
Also remove a unit test for pre-MIN_METHOD_FOR_NTOR_KEY consensuses.
|
|
Also, in networkstatus.c, remove client code for recognizing pre-
MIN_METHOD_FOR_A_LINES consensuses, and corresponding unit tests in
test_dir.c.
|
|
Consensus method 25 is the oldest one supported by any stable
version of 0.2.9, which is our current most-recent LTS. Thus, by
proposal 290, they should be removed.
This commit does not actually remove the code to implement these
methods: it only makes it so authorities will no longer support
them. I'll remove the backend code for them in later commits.
|
|
|
|
Suggested by teor during code review for 25691.
|
|
It tried to pick nodes for which only routerinfo_t items are set,
but without setting UseMicroDescriptors to 0. This won't work any
more, now that we're strict about using the right descriptor types
due to 25691/25692/25213.
|
|
Changing the name of this function should help keep us from misusing
it when node_has_preferred_descriptor() would be more appropriate.
|
|
|
|
In order to fix 25691 and 25692, we need to pass the "direct_conn"
flag to more places -- particularly when choosing single-hop
tunnels. The right way to do this involves having a couple more
functions accept router_crn_flags_t, rather than a big list of
boolean arguments.
This commit also makes sure that choose_good_exit_server_general()
honors the direct_conn flag, to fix 25691 and 25692.
|
|
In router_add_running_nodes_to_smartlist(), we had an inline
implementation of the logic from node_has_descriptor(), which should
be changed to node_has_preferred_descriptor().
|
|
This patch adds a new node_has_preferred_descriptor() function, and
replaces most users of node_has_descriptor() with it. That's an
important change, since as of d1874b433953f64 (our fix for #25213),
we are willing to say that a node has _some_ descriptor, but not the
_right_ descriptor for a particular use case.
Part of a fix for 25691 and 25692.
|
|
|
|
Patch from CTassisF.
|
|
sizeof(ret) is the size of the pointer, not the size of what it
points to. Fortunately, we already have a function to compare
tor_addr_port_t values for equality.
Bugfix on c2c5b13e5d8a77e; bug not in any released Tor. Found by
clang's scan-build.
|
|
Fixes a bug found by scan-build; bugfix on c2fa743806acc. Bug not in
any released Tor.
|
|
For whatever reason, clang's scan-build isn't sure that this
function actually initializes its output.
|
|
Found by clang's scan-build too. Bug not in any released Tor.
|
|
|
|
Typecasts bind more tightly than division, so we need to do the
division first.
|
|
|
|
|
|
|
|
|
|
|
|
We recently merged a circuit cell queue size safeguard. This commit adds the
number of killed circuits that have reached the limit to the DoS heartbeat. It
now looks like this:
[notice] DoS mitigation since startup: 0 circuits killed with too many
cells. 0 circuits rejected, 0 marked addresses. 0 connections closed. 0
single hop clients refused.
Second thing that this patch does. It makes tor always print the DoS
mitigation heartbeat line (for a relay) even though no DoS mitigation have
been enabled. The reason is because we now kill circuits that have too many
cells regardless on if it is enabled or not but also it will give the operator
a chance to learn what is enabled with the heartbeat instead of suddenly
appearing when it is enabled by let say the consensus.
Fixes #25824
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
|
|
Unfortunately, the units passed to
monotime_coarse_stamp_units_to_approx_msec() was always 0 due to a type
conversion.
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
Closes ticket 25818.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This commit introduces the consensus parameter "circ_max_cell_queue_size"
which controls the maximum number of cells a circuit queue should have.
The default value is currently 50000 cells which is above what should be
expected but keeps us a margin of error for padding cells.
Related to this is #9072. Back in 0.2.4.14-alpha, we've removed that limit due
to a Guard discovery attack. Ticket #25226 details why we are putting back the
limit due to the memory pressure issue on relays.
Fixes #25226
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
We removed this file, but didn't take it out of EXTRA_DIST -- thus
breaking "make dist".
|
|
"ours" to avoid version bump.
|
|
|
|
|
|
|
|
|
|
|
