| Age | Commit message (Collapse) | Author |
|---|
|
ahf/android-gp-fixes-bulk
|
|
ahf/android-gp-fixes-bulk
|
|
|
|
|
|
|
|
This exposes the new fallback behavior in hashx via a new AUTOBOOL
configuration option, available to both clients and services. The
default should be fine for nearly everyone, but it might be necessary
to enable or disable the compiler manually for diagnostic purposes.
Signed-off-by: Micah Elizabeth Scott <beth@torproject.org>
|
|
|
|
|
|
Fixes #40785
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
|
|
This adds a new "pow" module for the user-visible proof
of work support in ./configure, and this disables
src/feature/hs/hs_pow at compile-time.
Signed-off-by: Micah Elizabeth Scott <beth@torproject.org>
|
|
This change on its own doesn't use the option for anything, but
it includes support for configure and a message in 'tor --version'
Signed-off-by: Micah Elizabeth Scott <beth@torproject.org>
|
|
This adds a token bucket ratelimiter on the dequeue side
of hs_pow's priority queue. It adds config options and docs
for those options. (HiddenServicePoWQueueRate/Burst)
I'm testing this as a way to limit the overhead of circuit
creation when we're experiencing a flood of rendezvous requests.
Signed-off-by: Micah Elizabeth Scott <beth@torproject.org>
|
|
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
|
|
|
|
Part of #40704
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
|
|
These parameters will vary depending on path length, especially for onions.
|
|
This is for public network testing and for sbws. Should not otherwise be used,
hence it is an undocumented __option.
The option deliberately does not allow force-disabling congestion control, as
this is bad for queueing and fairness.
|
|
closes https://gitlab.torproject.org/tpo/core/tor/-/issues/40487
|
|
This proposal implements part of Prop335; it's based on a patch
from Neel Chauhan.
When configured to do so, authorities will assign a MiddleOnly flag
to certain relays. Any relay which an authority gives this flag
will not get Exit, V2Dir, Guard, or HSDir, and might get BadExit if
the authority votes for that one.
|
|
There is no absolute install path that an app can expect data files on
Android. Everything is expected to be a path inside of the app, and those
paths depend on the Application ID of the app. /data/local/tmp is
guaranteed to exist, but will only be usable by the 'shell' and 'root'
users, so this fallback is for debugging only.
This fixes a reproducible issue where the tor-android build harness ended
up including build paths for SHARE_DATADIR.
https://gitlab.torproject.org/tpo/core/tor/-/merge_requests/460
|
|
|
|
|
|
|
|
|
|
Conflicts:
src/test/test.c
Minor comment issue.
|
|
When seccomp sandbox is active, SAVECONF failed because it was not
able to save the backup files for torrc. This commit simplifies
the implementation of SAVECONF and sandbox by making it keep only
one backup of the configuration file.
|
|
|
|
This test makes sure that we reject "upload=" URLs with bad IP
addresses.
Also, add a warning when we can't parse the address.
|
|
|
|
- Implement overload statistics structure.
- Implement function that keeps track of overload statistics.
- Implement function that writes overload statistics to descriptor.
- Unittest for the whole logic.
|
|
|
|
(If you need to do this in an older version you can just set
DormantClientTimeout to something huge.)
Closes #40228.
|
|
This option changes the time for which a bandwidth measurement period
must have been in progress before we include it when reporting our
observed bandwidth in our descriptors. Without this option, we only
consider a time period towards our maximum if it has been running
for a full day. Obviously, that's unacceptable for testing
networks, where we'd like to get results as soon as possible.
For non-testing networks, I've put a (somewhat arbitrary) 2-hour
minimum on the option, since there are traffic analysis concerns
with immediate reporting here.
Closes #40337.
|
|
|
|
|
|
|
|
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
This is unfortunately massive but both functionalities were extremely
intertwined and it would have required us to actually change the HSv2 code in
order to be able to split this into multiple commits.
After this commit, there are still artefacts of v2 in the code but there is no
more support for service, intro point and HSDir.
The v2 support for rendezvous circuit is still available since that code is
the same for the v3 and we will leave it in so if a client is able to
rendezvous on v2 then it can still transfer traffic. Once the entire network
has moved away from v2, we can remove v2 rendezvous point support.
Related to #40266
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
Related to #40266
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
|
|
Fun bug where we thought we were using the default "false" value when an
implicit address was detected but if we had an explicit address before, the
flag was set to true and then we would only use that value.
And thus, for some configurations, implicit addresses would be flagged as
explicit and then configuring ports goes bad.
Related to #40289
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
|
|
|
|
|
|
Closes #40261
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
|
