| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
|
|
Instead of rejecting a value that doesn't divide into 1 second, round to
the nearest divisor of 1 second and warn.
Document that the option only controls the granularity written by Tor to a
file or console log. It does not (for example) "batch up" log messages to
affect times logged by a controller, times attached to syslog messages, or
the mtime fields on log files.
|
|
|
|
|
|
Found by Ian Goldberg and Mashael AlSabah.
Bugfix on 0.2.3.0-alpha dev.
|
|
|
|
|
|
|
|
In a2bb0bf we started using a separate client identity key. When we are
in "public server mode" (that means not a bridge) we will use the same
key. Reusing the key without doing the proper refcounting leads to a
segfault on cleanup during shutdown. Fix that.
Also introduce an assert that triggers if our refcount falls below 0.
That should never happen.
|
|
Conflicts:
src/common/tortls.c
|
|
|
|
|
|
We now require that:
- Only actual servers should ever call get_server_identity_key
- If you're being a client or bridge, the client and server keys should
differ.
- If you're being a public relay, the client and server keys
should be the same.
|
|
|
|
Bug 1859 shows that the router_get_by_nickname behavior was wrong,
and the node_get_by_nickname is right.
|
|
|
|
Some of this is already done in nodelist.
|
|
When intro->extend_info is created for an introduction point, it
only starts out with a nickname, not necessarily an identity digest.
Thus, doing router_get_by_digest isn't necessarily safe.
|
|
|
|
|
|
|
|
Conflicts:
src/or/networkstatus.c
|
|
|
|
Conflicts:
src/or/networkstatus.c
|
|
We want to fetch directory info more aggressively if we need it to
refuseunknownexits. Thus, we'll want it if our exit policy is _NOT_
reject *.
|
|
|
|
Found by rransom while working on issue #988. Bugfix on
0.2.2.17-alpha. Fixes bug 2097.
|
|
|
|
-Wpointer-sign is implied with -Wall, which we use when building with
--enable-gcc-warnings.
|
|
When configuring with --enable-gcc-warnings, we use -Wformat=2 which
automatically enables the available -Wformat switches, so adding them
again in the --enable-gcc-hardening case doesn't make sense..
|
|
We used to enable ssp-buffer-size=1 only when building with
--enable-gcc-warnings. That would result in warnings (and no
protection for small arrays) when building with
--enable-gcc-hardening without enabling warnings, too. Fixes bug
2031.
Also remove an XXX: We now allow to build with -fstack-protector
by using --enable-gcc-hardening.
|
|
There are no relay left that run version 0.2.1.3 through 0.2.1.18, so
changing this behaviour should be safe now.
|
|
Add changes file
|
|
https://trac.torproject.org/projects/tor/ticket/1859
Use router_get_by_digest() instead of router_get_by_hexdigest()
in circuit_discard_optional_exit_enclaves() and
rend_client_get_random_intro(), per Nick's comments.
Using router_get_by_digest() in rend_client_get_random_intro() will
break hidden services published by Tor versions pre 0.1.2.18 and
0.2.07-alpha as they only publish by nickname. This is acceptable
however as these versions only publish to authority tor26 and
don't work for versions in the 0.2.2.x series anyway.
|
|
|
|
|
|
|
|
Clarify documentation, rename a local, and fix a memory leak.
|
|
|
|
|
|
The old comment was from before I tried a huge pile of crazy stuff to
make the inner loop faster. Short answer: GCC already knows how to
unroll loops pretty well. Other short answer: we should have made the
relay payload size an even multiple of 4, 8, or ideally 16.
|
|
|
|
It's okay to leave the asserts in: the code doesn't appear in profiles.
|
|
|
|
|
|
There's no reason to keep a time_t and a struct timeval to represent
the same value: highres_created.tv_sec was the same as timestamp_created.
This should save a few bytes per circuit.
|
|
We can't use the platform timercmp, because
1) some platforms don't have them
2) some that do have them only support certain relational operators
|
|
|
