| Age | Commit message (Collapse) | Author |
|---|
|
esoteric and discouraged hidden service options.
svn:r8648
|
|
whitespace fixes; add changelog for last commit.
svn:r8644
|
|
svn:r8640
|
|
svn:r8633
|
|
svn:r8630
|
|
svn:r8622
|
|
When eventdns is enabled, we can allow machines with thread-unsafe resolver functions to build multithreaded anyway.
svn:r8608
|
|
svn:r8606
|
|
test if there's already one in progress.
svn:r8604
|
|
Oops; document last patches in changelog
svn:r8603
|
|
svn:r8599
|
|
ChangeLog entry forr verbose_names controller shenanigans
svn:r8594
|
|
|
|
Forwardport changelog msg about v0 controller bug
svn:r8586
|
|
Make TrackExitHosts case-insensitive, and fix the behavior of .suffix TrackExitHosts items to avoid matching in the middle of an address. (Resolves an XXXX)
svn:r8579
|
|
Move is_local_IP to config.c; have it check for same-/24; make it used only for reachability (not for banwidth, because that is probably not what we want). Fixes an XXX.
svn:r8578
|
|
Improve error messages from AUTHENTICATE attempts to controller.
svn:r8574
|
|
hidden service authorities too.
- Just because your DirPort is open doesn't mean people should be
able to remotely teach you about hidden service descriptors. Now
only accept rendezvous posts if you've got HSAuthoritativeDir set.
svn:r8573
|
|
svn:r8572
|
|
Disprefer exit nodes for entry, middle positions (fixes bug 200). Also, switch to using a uint64_t to hold "total bandwidth for all nodes" under consideration; crypt_rand_int would have died at 2GB/s network capacity.
svn:r8571
|
|
Fix bug 303: reject attempts to use Tor as a one-hop proxy.
svn:r8566
|
|
svn:r8560
|
|
Resolve bug 336: When displaying circuit paths with non-named routers, use their digests, not their nicknames.
svn:r8548
|
|
Make eventdns give strings for DNS errors, not just error numbers.
svn:r8535
|
|
Omit function names from NOTICE, WARN and ERR messages unless they are in LD_BUG.
svn:r8534
|
|
Implement DESCCHANGED event to tell controller when our router descriptor changes.
svn:r8533
|
|
Reserve the nickname "Unnamed" for routers that can't pick a hostname; any
router can call itself Unnamed; directory servers will never allocate Unnamed
to any particular router; clients won't believe that any router is the
canonical Unnamed.
svn:r8529
|
|
[Needs review.] Add a BEGIN_DIR relay cell type for an easier
in-protocol way to connect to directory servers through Tor.
Previously, clients could only connect to director servers over Tor
from exit nodes, but couldn't get directory information anonymously
from a non-exit cache without getting a directory server involved.
This needs testing, and needs client-side code to actually exercise it.
svn:r8527
|
|
Make "is a v1 authority", "is a v2 authority", and "is a hidden service authority" into separate flags so we can eventually migrate more trust away from moria.
svn:r8523
|
|
Refactor entry guard status logic a lot; allow more factors [like not
having a Guard flag or being listed in ExcludeNodes] to render a guard
"unlisted" (now called "unusable"); track guard down status (now
called "unreachable") separately from is_running.
svn:r8519
|
|
doing (mainly people with private testing networks) can disable our same-/16 detection.
svn:r8504
|
|
svn:r8499
|
|
svn:r8497
|
|
svn:r8487
|
|
client asks us to resolve (not connect to) an address, and we have a
cached answer, give them the cached answer. Previously, we would give
them no answer at all.
svn:r8478
|
|
Make exitlist only output each result line once.
svn:r8466
|
|
Instead of just checking known-invalid addresses for DNS hijacking, we
now check randomly generated addresses, and if too many of them map to
the same IP, we assume that IP is the destination of a DNS hijack
attempt.
A little bird tells me that some DNS hijackers think that declining to
give an A record for RFC2606 addresses (like .invalid and .example)
makes them more standards compliant. Standardswise, this is like an
illicit brothel making sure that nobody has pulled the tags off the
mattresss, but that doesn't get us out of working around it.
svn:r8465
|
|
Specify and implement SOCKS5 interface for reverse hostname lookup.
svn:r8451
|
|
Allow resolve requests to non-exits when they are specifically requested (via resolve foo.bar.exit).
svn:r8446
|
|
Consider non-exit servers unsuitable for RESOLVE commands.
svn:r8442
|
|
Resolve bug 330: detect ISPs that want to hijack failing DNS requests and basically domain-squat the entire internet.
svn:r8440
|
|
Rename and document SearchDomains and ResolvConf options; warn if ServerDNSResolvConfFile is given but eventdns isnt enabled.
svn:r8439
|
|
Fix a bug: Remember, each call to escaped() replaces the value returned from the last call to escaped().
svn:r8438
|
|
Implement server-side reverse DNS using eventdns. Add an option to routerdescs so we can tell which servers have eventdns enabled.
svn:r8437
|
|
svn:r8434
|
|
now, we allow multiple servers with the same name in the routerlist even if that name is reserved, but we check whether names are reserved when we try to look up routers by nickname. This is a minor security fix. This makes router_add_to_routerlist O(1). This is a backport candidate.
svn:r8433
|
|
routers (on router insert): we already have a map for that. (We need to add an index field to routerinfo_t so we can figure out which point in the routerlist to replace.) Also, add a comment to routerlist.c; arma, please advise?
svn:r8432
|
|
prediction for NULL returns, and skip the malloc(0) check on platforms where malloc(0) returns a pointer.
svn:r8431
|
|
crypto_pk_cmp_keys(); speed up find_whitespace a lot (8x for me) by using a switch statement. This should speed parsing a lot of routers at once by a lot.
svn:r8430
|
|
log messages into it. no use learning that it's broken without
being able to learn what is broken too.
svn:r8245
|
