| Age | Commit message (Collapse) | Author |
|---|
|
an editor who actually edits, rather than the traditional
academic role of editors.
but in any case, it'll do. great.
svn:r10581
|
|
svn:r10580
|
|
svn:r10577
|
|
svn:r10576
|
|
svn:r10575
|
|
svn:r10574
|
|
- demand options->Bridges and options->TunnelDirConns if
options->UseBridges is set.
- after directory fetches, accept descriptors that aren't referenced by
our networkstatuses, *if* they're for a configured bridge.
- delay directory fetching until we have at least one bridge descriptor.
- learn how to build a one-hop circuit when we have neither routerinfo
nor routerstatus for our destination.
- teach directory connections how to pick a bridge as the destination
directory when doing non-anonymous fetches.
- tolerate directory commands for which the dir_port is 0.
- remember descriptors when the requested_resource was "authority",
rather than just ignoring them.
- put bridges on our entry_guards list once we have a descriptor for them.
When UseBridges is set, only pick entry guards that are bridges. Else
vice versa.
svn:r10571
|
|
Clarify what we mean by digest, for people who ignore "as signed" and who don't read section 1.3.
svn:r10568
|
|
Bridge authorities no longer write bridge descriptors to their
cached-routers file -- this gets complex because of extrainfo documents.
svn:r10545
|
|
Deprecate RedirectExits.
svn:r10526
|
|
PathlenCoinWeight-style implementation (for fingerprinting resistance).
svn:r10508
|
|
svn:r10507
|
|
svn:r10506
|
|
Man page and small tweaks for last patch.
svn:r10505
|
|
Mark fields that need to be ipv6-ified.
svn:r10503
|
|
"Who will enable this option?" section towards the top of the proposal, to
attempt to get everyone on the same page right away as far as assumptions
go.
Also, added section on "Consideration of risks for node operators" where
the additional risk of should-be-3-but-actually-2 hop users pose to node
operators is discussed. Upon consideration of this, determined that two hop
users should be made to rotate guards with some frequency on the order of
days (basically, long enough to help scan the network for active adversary
guards, and then move on).
Please re-flame if you feel these or other issues have not been adequately
addressed.
svn:r10498
|
|
Code to check signatures on consensus directories.
svn:r10492
|
|
Adapt code to parse v3 networkstatus votes so it can also parse a consensus. Make networkstatus_vote_t the catch-all type for votes and conensuses. Correct/clarify the second argument to directory-signature.
svn:r10491
|
|
Start of code to compute consensus network-status stuff from a bunch of votes. Strangely, it does not yet feel like an enormous ugly hack.
svn:r10489
|
|
svn:r10477
|
|
we had this snazzy thing called a todo file. here, nick. :)
svn:r10476
|
|
Bind ports before setuid/setgid.
svn:r10473
|
|
reliable and not rotate as much for dialup, mobile, or transient network
users, and what if users were actually notified more visibly who their guards
were and came to trust the guard nodes they have? Some effects of this are
considered.
svn:r10470
|
|
svn:r10469
|
|
First cut at code to parse and validate v3 networkstatus votes.
svn:r10461
|
|
svn:r10442
|
|
Mention that SocksPolicy applies to DNSPort.
svn:r10438
|
|
svn:r10435
|
|
svn:r10431
|
|
to read karsten's distributed-storage proposal
svn:r10430
|
|
Document DNSPort, DNSListenAddress, AutomapHostsOnResolve, AutomapHostsSuffixes, and DownloadExtraInfo in the manpage.
svn:r10426
|
|
svn:r10415
|
|
svn:r10413
|
|
Add some code to mitigate bug 393: Choose at random from multiple hidden service ports with the same virtport. This allows limited ad-hoc round-robining.
svn:r10398
|
|
svn:r10374
|
|
svn:r10350
|
|
First bare stubs of ipv6 work: commit some (untested, hence doublessly broken) implementations of inet_ntop/pton for systems that lack them.
svn:r10326
|
|
Add an AutomapHostsOnResolve option. It seems to work.
svn:r10324
|
|
Well, that was easier than I thought it would be. Tor is now a DNS proxy as well as a socks proxy. Probably some bugs remain, but since it A) has managed to resolve one address for me successfully, and B) will not affect anybody who leaves DNSPort unset, it feel like a good time to commit.
svn:r10317
|
|
Add math functions to round values to the nearest power of 2. Make mempools more careful about making sure that the size of their chunks is a little less than a power of 2, not a little more.
svn:r10304
|
|
First draft of code to generate votes. needs testing. does not yet upload or serve votes. Shares most of its code with the old generate_v2_networkstatus.
svn:r10295
|
|
Extract common code from networkstatus_getinfo_helper_single() and generate_v2_networkstatus().
svn:r10294
|
|
More v3 directory code: have authorities load certificates; have everybody store certificates to disk and load them; provide a way to configure v3 authorities.
svn:r10293
|
|
svn:r10236
|
|
Make caches-extra-info lines parseable.
svn:r10215
|
|
Note that we do not permit you to exit to port 0, no matter what. Closes bug 409.
svn:r10211
|
|
First cut at code to download extra-info docs. Also note a bad bug in directory.c (look for the string BUG BUG BUG).
svn:r10209
|
|
More work on merging stuff into dir-spec.txt
svn:r10207
|
|
svn:r10182
|
|
svn:r10169
|
