Age | Commit message (Collapse) | Author |
|
This patch renames the enumeration value in `outbound_addr_t` from
`OUTBOUND_ADDR_EXIT_AND_OR` to `OUTBOUND_ADDR_ANY` since with the
arrival of `OUTBOUND_ADDR_PT` it no longer makes sense to call the
fallback value for "Exit and OR". Instead we rename it to "any".
See: https://bugs.torproject.org/5304
|
|
|
|
Opening a new listener connection can fail in many ways like a bind()
permission denied on a low port for instance.
And thus, we should expect to handle an error when creating a new one instead
of assert() on it.
To hit the removed assert:
ORPort 80
KeepBindCapabilities 0
Start tor. Then edit torrc:
ORPort <some-IP>:80
HUP tor and the assert is hit.
Fixes #40073
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
|
|
|
|
|
|
|
|
Closes #29113
|
|
We used to have a single boolean, "FascistFirewall". Ages ago, in
tickets #17840 and #9067, we added an improved "ReachableAddresses"
mechanism. It's time to rename related identifiers in the code for
consistency. This closes #18106.
This is an automated commit, generated by this command:
./scripts/maint/rename_c_identifier.py \
fascist_firewall_allows_address reachable_addr_allows \
fascist_firewall_use_ipv6 reachable_addr_use_ipv6 \
fascist_firewall_prefer_ipv6_impl reachable_addr_prefer_ipv6_impl \
fascist_firewall_prefer_ipv6_orport reachable_addr_prefer_ipv6_orport \
fascist_firewall_prefer_ipv6_dirport reachable_addr_prefer_ipv6_dirport \
fascist_firewall_allows_address_addr reachable_addr_allows_addr \
fascist_firewall_allows_address_ap reachable_addr_allows_ap \
fascist_firewall_allows_base reachable_addr_allows_base \
fascist_firewall_allows_ri_impl reachable_addr_allows_ri_impl \
fascist_firewall_allows_rs_impl reachable_addr_allows_rs_impl \
fascist_firewall_allows_rs reachable_addr_allows_rs \
fascist_firewall_allows_md_impl reachable_addr_allows_md_impl \
fascist_firewall_allows_node reachable_addr_allows_node \
fascist_firewall_allows_dir_server reachable_addr_allows_dir_server \
fascist_firewall_choose_address_impl reachable_addr_choose_impl \
fascist_firewall_choose_address reachable_addr_choose \
fascist_firewall_choose_address_base reachable_addr_choose_base \
fascist_firewall_choose_address_rs reachable_addr_choose_from_rs \
fascist_firewall_choose_address_ls reachable_addr_choose_from_ls \
fascist_firewall_choose_address_node reachable_addr_choose_from_node \
fascist_firewall_choose_address_dir_server reachable_addr_choose_from_dir_server
|
|
This is a defense-in-depth fix; closes 6198.
|
|
|
|
|
|
|
|
This was once used for rate-limiting, but now it's only for
accounting. It hasn't served a useful purpose in a long time.
Closes ticket 33097.
|
|
Without this fix, if an PT forgets to send a USERADDR command, that
results in a connection getting treated as local for the purposes of
rate-limiting.
If the PT _does_ use USERADDR, we still believe it.
Closes ticket 33747.
|
|
These now (or_port and dir_port) now have "find" names, since they
look at the portcfg first, then at the actual ports from the
listeners.
This is an automated commit, generated by this command:
./scripts/maint/rename_c_identifier.py \
router_get_advertised_or_port routerconf_find_or_port \
router_get_advertised_ipv6_or_ap routerconf_find_ipv6_or_ap \
router_has_advertised_ipv6_orport routerconf_has_ipv6_orport \
router_get_advertised_dir_port routerconf_find_dir_port
|
|
|
|
Instead of replacing connection_t.{addr,port} with a canonical
orport, and tracking the truth in real_addr, we now leave
connection_t.addr alone, and put the canonical address in
canonical_orport.
Closes #40042
Closes #33898
|
|
This is an automated commit made with a python script.
After running the automated script, I had to hand-revert the cases where it
made the conversion functions call themselves.
Additionally, I had to edit a variable declaration in control_bootstrap.c so
that the result of a const cast could be put in a const field.
|
|
These names are analogous to the CONST_TO_*_CIRC() functions we have
for circuits.
Part of #40046.
|
|
Preliminary work for #40046.
|
|
Only log the 'real_addr' when it is set to something.
Only log the ID when it is set.
When scrubbing the address, don't include a canonical address.
(There should never be a canonical address for a connection with no
ID set.)
|
|
|
|
|
|
|
|
These will let us refactor away a lot of code that currently uses
"addr" and "address" for logging purposes.
|
|
|
|
This is an automated commit, generated by this command:
./scripts/maint/rename_c_identifier.py \
rep_hist_conn_stats_init conn_stats_init \
rep_hist_note_or_conn_bytes conn_stats_note_or_conn_bytes \
rep_hist_reset_conn_stats conn_stats_reset \
rep_hist_format_conn_stats conn_stats_format \
rep_hist_conn_stats_write conn_stats_save \
rep_hist_conn_stats_term conn_stats_terminate \
bidi_map_free_all conn_stats_free_all
|
|
|
|
|
|
This is an automated commit, generated by this command:
./scripts/maint/rename_c_identifier.py \
rep_hist_note_bytes_read bwhist_note_bytes_read \
rep_hist_note_bytes_written bwhist_note_bytes_written \
rep_hist_note_dir_bytes_read bwhist_note_dir_bytes_read \
rep_hist_note_dir_bytes_written bwhist_note_dir_bytes_written \
rep_hist_get_bandwidth_lines bwhist_get_bandwidth_lines \
rep_hist_update_state bwhist_update_state \
rep_hist_load_state bwhist_load_state \
rep_hist_bandwidth_assess bwhist_bandwidth_assess
|
|
These are logically independent from the rest of rephist, and make
more sense in isolation. The next patch will rename them too.
|
|
|
|
Previously, we would only update this field when the error happened
during a read.
This will improves our reporting for our bootstrap status, and help
to address #32622. The problem is not completely solved by this
patch, however: too many errors are still lumped into "MISC".
|
|
Series of things done in this commit:
1. Rename the functions to better reflect the namespace of the file.
2. Make both reset and get function to operate on the last_resolved_addrs
cache that is per family.
3. Make the get function to take a tor_addr_t.
4. Change all callsite to use the new convention.
Part of #33233
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
Part of #33233
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
Move a series of function from config.c into that new file which is related to
address resolving.
Part of #33789
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
If the buf_t's length could potentially become greater than INT_MAX - 1,
it sets off an IF_BUG_ONCE in buf_read_from_tls().
All of the rest of the buffers.c code has similar BUG/asserts for this
invariant.
|
|
Move the relay-only circuit building functions into a new file.
Part of 33633.
|
|
Stop forcing all non-SOCKSPorts to prefer IPv6 exit connections.
Instead, prefer IPv6 connections by default, but allow users to change
their configs using the "NoPreferIPv6" port flag.
Fixes bug 33608; bugfix on 0.4.3.1-alpha.
|
|
|
|
It hasn't been used since 2009.
|
|
Some connections aren't counted for statistics or accounting,
because they have been specifically configured by the user to
local addresses.
Comment-only change.
Closes 33201.
|