| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
This is the major part of the implementation for trac issue 3076.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Fixes bug 2379
|
|
|
|
|
|
|
|
Clients and relays haven't used them since early 0.2.0.x. The only
remaining use by authorities learning about new relays ahead of scedule;
see proposal 147 for what we intend to do about that.
We're leaving in an option (FetchV2Networkstatus) to manually fetch v2
networkstatuses, because apparently dnsel and maybe bwauth want them.
This fixes bug 3022.
|
|
|
|
This is a squashed version of my former desired_nodes_behavior branch
that we used to specify the intended results wrt bug 1090.
|
|
|
|
|
|
|
|
|
|
|
|
We should really require a modern asiidoc: backporting stuff to 8.2 is
a timesink.
|
|
|
|
|
|
|
|
Conflicts:
doc/Makefile.am
doc/spec/Makefile.am
doc/spec/address-spec.txt
doc/spec/bridges-spec.txt
doc/spec/control-spec-v0.txt
doc/spec/control-spec.txt
doc/spec/dir-spec-v1.txt
doc/spec/dir-spec-v2.txt
doc/spec/dir-spec.txt
doc/spec/path-spec.txt
doc/spec/proposals/000-index.txt
doc/spec/proposals/001-process.txt
doc/spec/proposals/098-todo.txt
doc/spec/proposals/099-misc.txt
doc/spec/proposals/100-tor-spec-udp.txt
doc/spec/proposals/101-dir-voting.txt
doc/spec/proposals/102-drop-opt.txt
doc/spec/proposals/103-multilevel-keys.txt
doc/spec/proposals/104-short-descriptors.txt
doc/spec/proposals/105-handshake-revision.txt
doc/spec/proposals/106-less-tls-constraint.txt
doc/spec/proposals/107-uptime-sanity-checking.txt
doc/spec/proposals/108-mtbf-based-stability.txt
doc/spec/proposals/109-no-sharing-ips.txt
doc/spec/proposals/110-avoid-infinite-circuits.txt
doc/spec/proposals/111-local-traffic-priority.txt
doc/spec/proposals/112-bring-back-pathlencoinweight.txt
doc/spec/proposals/113-fast-authority-interface.txt
doc/spec/proposals/114-distributed-storage.txt
doc/spec/proposals/115-two-hop-paths.txt
doc/spec/proposals/116-two-hop-paths-from-guard.txt
doc/spec/proposals/117-ipv6-exits.txt
doc/spec/proposals/118-multiple-orports.txt
doc/spec/proposals/119-controlport-auth.txt
doc/spec/proposals/120-shutdown-descriptors.txt
doc/spec/proposals/121-hidden-service-authentication.txt
doc/spec/proposals/122-unnamed-flag.txt
doc/spec/proposals/123-autonaming.txt
doc/spec/proposals/124-tls-certificates.txt
doc/spec/proposals/125-bridges.txt
doc/spec/proposals/126-geoip-reporting.txt
doc/spec/proposals/127-dirport-mirrors-downloads.txt
doc/spec/proposals/128-bridge-families.txt
doc/spec/proposals/129-reject-plaintext-ports.txt
doc/spec/proposals/130-v2-conn-protocol.txt
doc/spec/proposals/131-verify-tor-usage.txt
doc/spec/proposals/132-browser-check-tor-service.txt
doc/spec/proposals/134-robust-voting.txt
doc/spec/proposals/135-private-tor-networks.txt
doc/spec/proposals/137-bootstrap-phases.txt
doc/spec/proposals/138-remove-down-routers-from-consensus.txt
doc/spec/proposals/140-consensus-diffs.txt
doc/spec/proposals/141-jit-sd-downloads.txt
doc/spec/proposals/142-combine-intro-and-rend-points.txt
doc/spec/proposals/143-distributed-storage-improvements.txt
doc/spec/proposals/145-newguard-flag.txt
doc/spec/proposals/146-long-term-stability.txt
doc/spec/proposals/147-prevoting-opinions.txt
doc/spec/proposals/148-uniform-client-end-reason.txt
doc/spec/proposals/149-using-netinfo-data.txt
doc/spec/proposals/150-exclude-exit-nodes.txt
doc/spec/proposals/151-path-selection-improvements.txt
doc/spec/proposals/152-single-hop-circuits.txt
doc/spec/proposals/153-automatic-software-update-protocol.txt
doc/spec/proposals/154-automatic-updates.txt
doc/spec/proposals/155-four-hidden-service-improvements.txt
doc/spec/proposals/156-tracking-blocked-ports.txt
doc/spec/proposals/157-specific-cert-download.txt
doc/spec/proposals/158-microdescriptors.txt
doc/spec/proposals/159-exit-scanning.txt
doc/spec/proposals/ideas/xxx-hide-platform.txt
doc/spec/proposals/ideas/xxx-port-knocking.txt
doc/spec/proposals/ideas/xxx-separate-streams-by-port.txt
doc/spec/proposals/ideas/xxx-what-uses-sha1.txt
doc/spec/proposals/reindex.py
doc/spec/rend-spec.txt
doc/spec/socks-extensions.txt
doc/spec/tor-spec.txt
doc/spec/version-spec.txt
|
|
|
|
|
|
Fixes bug 2089.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
We detect and reject said attempts if there is no chosen exit node or
circuit: connecting to a private addr via a randomly chosen exit node
will usually fail (if all exits reject private addresses), is always
ill-defined (you're not asking for any particular host or service),
and usually an error (you've configured all requests to go over Tor
when you really wanted to configure all _remote_ requests to go over
Tor).
This can also help detect forwarding loop requests.
Found as part of bug2279.
|
|
|
|
|
|
Previously if you wanted to say "All messages except network
messages", you needed to say "[*,~net]" and if you said "[~net]" by
mistake, you would get no messages at all. Now, if you say "[~net]",
you get everything except networking messages.
|
|
Fixes issue 2215.
|
|
|
|
|
|
We need to make sure that the worst thing that a weird consensus param
can do to us is to break our Tor (and only if the other Tors are
reliably broken in the same way) so that the majority of directory
authorities can't pull any attacks that are worse than the DoS that
they can trigger by simply shutting down.
One of these worse things was the cbtnummodes parameter, which could
lead to heap corruption on some systems if the value was sufficiently
large.
This commit fixes this particular issue and also introduces sanity
checking for all consensus parameters.
|
|
|
|
0.1.2.2-alpha through 0.2.2.1-alpha with feature VERBOSE_NAMES turned off.
|
|
The spec stated that support for the helper-nodes command would be removed
in 0.1.3.x, however support for this command is still in Tor. Updated the spec
to reflect this and added a node that the command is deprecated.
|
