| Age | Commit message (Collapse) | Author |
|---|
|
Oops. We had been telling people to use --with-ssl-dir, which had not worked since 0.2.0.1-alpha: --with-openssl-dir was the one that worked. Make them both work, document --with-openssl-dir, and mark --with-ssl-dir as obsolete. Found by "Dave".
svn:r16625
|
|
Make dns resolver code more robust: handle nameservers with IPv6 addresses, make sure names in replies match requested names, make sure origin address of reply matches the address we asked.
svn:r16621
|
|
a digest of all zeroes, or asks to extend back to the relay that
sent the extend cell, tear down the circuit. Ideas suggested
by rovv.
svn:r16605
|
|
connection_t. When procession onionskins, look up the connection by this field rather than by addr:port. This will keep us from dropping onionskins. How many dropped circuits are dropped because of this bug?
svn:r16558
|
|
svn:r16480
|
|
authorization data. Tweaked a bit: see comments on or-dev.
svn:r16475
|
|
Add a missing safe_str for a debug_log_message. Fix the bad part of bug 674.
svn:r16462
|
|
linux/netfilter_ipv4.h header properly, since we needed to have in_addr and in6_addr and __u32 defined before trying to include it. Fix that.
svn:r16460
|
|
Patch from Christopher Davis: open /dev/pf before dropping privileges. Fixes bug 782. Backport candidate.
svn:r16450
|
|
Fix bug 794: recover 3 bytes wasted per memory chunk. Fix from rovv.
svn:r16447
|
|
svn:r16440
|
|
Initial conversion of uint32_t addr to tor_addr_t addr in connection_t and related types. Most of the Tor wire formats using these new types are in, but the code to generate and use it is not. This is a big patch. Let me know what it breaks for you.
svn:r16435
|
|
a bug that was fixed in Tor 0.1.1.21.
svn:r16409
|
|
svn:r16408
|
|
svn:r16407
|
|
picked introduction point becomes obsolete. In that case, don't stick to using that introduction point, but simply give up on it. Reverts some part of r15825.
svn:r16404
|
|
svn:r16376
|
|
connection is already established. In that case the circuit should not need to memorize extend info for that relay. circuitbuild.c:389 contains a similar assertion.
svn:r16375
|
|
svn:r16369
|
|
struct is _not_ sizeof(st)-1; compilers add alignment. Problem spotted by rovv. Backport candidate.
svn:r16302
|
|
Move n_addr, n_port, and n_conn_id_digest fields of circuit_t into a separately allocated extend_info_t. Saves 22 bytes per connected circuit_t on 32-bit platforms, and makes me more comfortable with using tor_addr_t in place of uint32_t n_addr.
svn:r16257
|
|
Implement most of proposal 110.
svn:r16156
|
|
Patch from Christian Wilms: remove (HiddenService|Rend)(Exclude)?Nodes options. They never worked properly, and nobody seems to be using them. Resolves bug 754.
svn:r16144
|
|
In connection_edge_destroy, send a stream status control event when we have an AP connection. Previously, we would send an event when the connection was AP and non-AP at the same time. This didn't work so well. Patch from Anonymous Remailer (Austria). Backport candidate.
svn:r16143
|
|
Never allow a circuit to be created with the same circid as a circuit that has been marked for close. May be a fix for bug 779. Needs testing. Backport candidate.
svn:r16136
|
|
Add new ExcludeExitNodes option. Also add a new routerset type to handle Exclude[Exit]Nodes. It is optimized for O(1) membership tests, so as to make choosing a random router run in O(N_routers) time instead of in O(N_routers*N_Excluded_Routers).
svn:r16061
|
|
0.1.1.15-rc; they simply do not work any more. Also add comment about how or_is_obsolete is a terrible field name.
svn:r15982
|
|
svn:r15954
|
|
to just our our entry guards for the test circuits. Otherwise we
tend to have multiple test circuits going through a single entry
guard, which makes our bandwidth test less accurate. Fixes part
of bug 654; patch contributed by Josh Albrecht.
(Actually, modify Josh's patch to avoid doing that when you're
a bridge relay, since it would leak more than we want to leak.)
svn:r15850
|
|
candidate that was not included in the last published rendezvous descriptor, don't reschedule publication of the next descriptor.
svn:r15825
|
|
Fix for session-related bug found by Geoff Goodell. backport candidate, once tested.
svn:r15821
|
|
do something so foolish it can be detected without dataflow analysis, but it also eliminates some of our error checking code. Suggested by Peter Gutmann.
svn:r15803
|
|
svn:r15793
|
|
svn:r15784
|
|
svn:r15782
|
|
versions.
svn:r15726
|
|
svn:r15700
|
|
rendezvous2 or rendezvous_established call. This is a bit brute-foce, but it is better than we had before, and might not even show up on profiles. Backport candidate, once tested.
svn:r15699
|
|
Fix for bug 742: do not use O_CREAT on 2-option version of open(). Especially do not use it on /dev/null. Fix from Michael Scherer. Bugfix on 0.0.2pre19 (wow).
svn:r15626
|
|
svn:r15535
|
|
fix for bug 704; found by sjmurdoch. Windows and recent openssl both want to define OCSP_RESPONSE; do not let them.
svn:r15533
|
|
reason is NO_ROUTE (that is, our network is down).
svn:r15443
|
|
svn:r15442
|
|
logs as "_tor:_tor" rather than the default, which is generally
"root:wheel". Fixes bug 676, reported by Serge Koksharov.
Andrew, you should check if this breaks the rpm building (or if
it makes it work better)
svn:r15404
|
|
svn:r15384
|
|
sometime today. get your fixes in soon. :)
svn:r15371
|
|
pending on it for too long, we were telling our bootstrap status
events "REASON=NONE". Now tell them "REASON=TIMEOUT".
svn:r15369
|
|
as soon as you run out of working bridges, rather than waiting
for ten failures -- which will never happen if you have less than
ten bridges.
svn:r15368
|
|
If you have more than one bridge but don't know their keys,
you would only learn a request for the descriptor of the first one
on your list. (Tor considered launching requests for the others, but
found that it already had a connection on the way for $0000...0000
so it didn't open another.)
If you have more than one bridge but don't know their keys, and the
connection to one of the bridges failed, you would cancel all
pending bridge connections. (After all, they all have the same
digest.)
svn:r15366
|
|
problems just because they do a lot of reachability testing and
some of the connection attempts fail.
svn:r15348
|
