| Age | Commit message (Collapse) | Author |
|---|
|
Conflicts:
src/or/circuitbuild.c
|
|
I looked for other places where we set circ->n_chan early, and found
one in circuit_handle_first_hop() right before it calls
circuit_send_next_onion_skin(). If onion_skin_create() fails there,
then n_chan will still be set when circuit_send_next_onion_skin()
returns. We should probably fix that too.
|
|
Cypherpunks found this and wrote this patch.
Fix for 12848; fix on (I think) d58d4c0d, which went into 0.0.8pre1
|
|
This makes FastFirstHopPK an AUTOBOOL; makes the default "auto"; and
makes the behavior of "auto" be "look at the consensus."
|
|
|
|
Check for consistency between the queued destroy cells and the marked
circuit IDs. Check for consistency in the count of queued destroy
cells in several ways. Check to see whether any of the marked circuit
IDs have somehow been marked longer than the channel has existed.
|
|
|
|
|
|
|
|
Conflicts:
src/or/circuitbuild.c
|
|
Use a per-channel ratelim_t to control the rate at which we report
failures for each channel.
Explain why I picked N=32.
Never return a zero circID.
Thanks to Andrea and to cypherpunks.
|
|
We were initializing cpath twice, which doesn't make sense.
|
|
|
|
|
|
|
|
Conflicts:
src/or/channel.h
|
|
Fixes a possible root cause of 11553 by only making 64 attempts at
most to pick a circuitID. Previously, we would test every possible
circuit ID until we found one or ran out.
This algorithm succeeds probabilistically. As the comment says:
This potentially causes us to give up early if our circuit ID
space is nearly full. If we have N circuit IDs in use, then we
will reject a new circuit with probability (N / max_range) ^
MAX_CIRCID_ATTEMPTS. This means that in practice, a few percent
of our circuit ID capacity will go unused.
The alternative here, though, is to do a linear search over the
whole circuit ID space every time we extend a circuit, which is
not so great either.
This makes new vs old clients distinguishable, so we should try to
batch it with other patches that do that, like 11438.
|
|
Fixes the surface behavior of #11553
|
|
Conflicts:
src/or/router.c
src/test/test_dir.c
|
|
Conflicts:
src/or/circuitbuild.c
|
|
Right now this accounts for about 1% of circuits over all, but if you
pick a guard that's running 0.2.3, it will be about 6% of the circuits
running through that guard.
Making sure that every circuit has at least one ntor link means that
we're getting plausibly good forward secrecy on every circuit.
This implements ticket 9777,
|
|
Conflicts:
src/or/or.h
|
|
This makes FastFirstHopPK an AUTOBOOL; makes the default "auto"; and
makes the behavior of "auto" be "look at the consensus."
|
|
That was the tricky part
|
|
Does not compile yet. This is the "no code changed" diff.
|
|
The old code had logic to use a shorter path length if we didn't
have enough nodes. But we don't support 2-node networks anwyay.
Fix for #9926. I'm not calling this a bugfix on any particular
version, since a 2-node network would fail to work for you for a lot
of other reasons too, and it's not clear to me when that began, or if
2-node networks would ever have worked.
|
|
(These have proved invaluable for other global accessors.)
|
|
|
|
Change the global circ_times to a static variable and use
accessor functions throughout the code, instead of
accessing it directly.
|
|
|
|
|
|
|
|
We need to subtract both the current built circuits *and* the attempted
circuits from the attempt count during scaling, since *both* have already been
counted there.
|
|
|
|
Just in case more issues remain with scaling, it would be nice to pin-point
them as such.
|
|
We didn't see this in normal usage anyway.
|
|
Should silence two path bias Bug messages seen on relays at startup.
|
|
It seems that some versions of clang that would prefer the
-Wswitch-enum compiler flag to warn about switch statements with
missing enum values, even if those switch statements have a
default.
Fixes bug 8598; bugfix on 0.2.4.10-alpha.
|
|
|
|
|
|
|
|
Now that circid_t is 4 bytes long, the default integer promotions will
leave it alone when sizeof(int) == 4, which will leave us formatting an
unsigned as an int. That's technically undefined behavior.
Fixes bug 8447 on bfffc1f0fc7616a25c32da2eb759dade4651659e. Bug not
in any released Tor.
|
|
The new name is circuit_mark_all_dirty_circs_as_unusable.
This resolves an XXX024
|
|
This should prevent crashes on further recurrence of 8065, and help
diagnose such if they occur
|
|
Conflicts:
src/or/channel.h
src/or/connection_or.c
src/or/cpuworker.c
|
|
|
|
In addition to rejecting them post-hoc, avoid picking them in the
first place. This makes us less likely to decide that we can't add
guards at all.
|
|
We shouldn't be calling choose_random_entry() for directory
conncetions; that's what choose_random_dirguard() is for.
|
|
Coverity is worried about this (CID 980653). It hasn't happened in
testing, but we might as well make sure it can't happen.
|
|
(rather than router->address)
|
