| Age | Commit message (Collapse) | Author |
|---|
|
Rename to *_orport for consistency with node_*.
|
|
This keeps the IP address and TCP for a given OR port together,
reducing the risk of using an address for one address family with a
port of another.
Make node_get_addr() a wrapper function for compatibility.
|
|
|
|
This is not as conservative as we could do it, f.ex. by looking at the
connection and only do this for connections to bridges. A non-bridge
should never have anything else than its primary IPv4 address set
though, so I think this is safe.
|
|
ipv6_preferred.
Don't touch the string representation in routerinfo_t->address.
Also, set or clear the routerinfo_t->ipv6_preferred flag based on the
address family of the bridge.
|
|
This should be safe to do for all uses of get_configured_bridge_by_routerinfo().
|
|
|
|
Comments below focus on changes, see diff for added code.
New type tor_addr_port_t holding an IP address and a TCP/UDP port.
New flag in routerinfo_t, ipv6_preferred. This should go in the
node_t instead but not now.
Replace node_get_addr() with
- node_get_prim_addr() for primary address, i.e. IPv4 for now
- node_get_pref_addr() for preferred address, IPv4 or IPv6.
Rename node_get_addr_ipv4h() node_get_prim_addr_ipv4h() for
consistency. The primary address will not allways be an IPv4 address.
Same for node_get_orport() -> node_get_prim_orport().
Rewrite node_is_a_configured_bridge() to take all OR ports into account.
Extend argument list to extend_info_from_node and
extend_info_from_router with a flag indicating if we want to use the
routers primary address or the preferred address. Use the preferred
address in as few situtations as possible for allowing clients to
connect to bridges over IPv6.
|
|
get_first_advertised_port_by_type_af().
|
|
|
|
This is deliberately more restrictive than we'd want to be.
Needs testing!
|
|
This lets a routerinfo_t have a single IPv6 or-address, and adds
support for formatting and parsing those lines.
|
|
This code handles the new ORPort options, and incidentally makes all
remaining port types use the new port configuration systems.
There are some rough edges! It doesn't do well in the case where your
Address says one thing but you say to Advertise another ORPort. It
doesn't handle AllAddrs. It doesn't actually advertise anything besides
the first listed advertised IPv4 ORPort and DirPort. It doesn't do
port forwarding to them either.
It's not tested either, it needs more documentation, and it probably
forgets to put the milk back in the refrigerator.
|
|
Conflicts:
src/or/rendservice.c
|
|
|
|
|
|
Bugfix on commit 230422b955e1708f27f42cdd25e8b21a33fdd3dd, not yet in any
release; fixes bug #4605.
|
|
Bugfix on commit 230422b955e1708f27f42cdd25e8b21a33fdd3dd, not yet in any
release. Fixes bug #4604; reported by koolfy.
|
|
|
|
This way, we can't miss a renegotiation attempt in a v2 handshake,
or miss excess renegotiation attempts. Partial fix for bug 4587.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This avoids a dangling pointer issue in the 3412 code, and should
fix bug 4599.
|
|
|
|
|
|
Some controllers want this so they can mess with Tor's configuration
for a while via the control port before actually letting Tor out of
the house.
We do this with a new DisableNetwork option, that prevents Tor from
making any outbound connections or binding any non-control
listeners. Additionally, it shuts down the same functionality as
shuts down when we are hibernating, plus the code that launches
directory downloads.
To make sure I didn't miss anything, I added a clause straight to
connection_connect, so that we won't even try to open an outbound
socket when the network is disabled. In my testing, I made this an
assert, but since I probably missed something, I've turned it into a
BUG warning for testing.
|
|
This will mainly help distributors by giving a way to set system or package
defaults that a user can override, and that a later package can replace.
No promises about the particular future location or semantics for this:
we will probably want to tweak it some before 0.2.3.x-rc
The file is searched for in CONFDIR/torrc-defaults , which can be
overridden with the "--defaults-torrc" option on the command line.
|
|
This will be important for getting stuff to work right across zones.
|
|
This starts an effort to refactor torrc handling code to make it easier
to live with. It makes it possible to override exit policies from the
command line, and possible to override (rather than append to) socksport
lists from the command line.
It'll be necessary to make a "base" torrc implementation work at all.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Partial fix for bug 4587; reported by "frosty_un".
|
|
|
|
Instead of using time(NULL) in our certificate serial numbers, use
eight random bytes as suggested in proposal 179.
|
|
Instead of only writing the dynamic DH prime modulus to a file, write
the whole DH parameters set for forward compatibility. At the moment
we only accept '2' as the group generator.
The DH parameters gets stored in base64-ed DER format to the
'dynamic_dh_params' file.
|
|
Introduce write_bytes_to_new_file(), a function which writes bytes to
a file only if that file did not exist.
|
|
|
|
|
|
|
|
|
|
|
|
This version avoids the timeout system entirely, gives a nicer
interface, and lets us manage allocation explicitly.
|
