| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
Fixes bug 26158; bugfix on 0.3.0.1-alpha.
|
|
Changing the name of this function should help keep us from misusing
it when node_has_preferred_descriptor() would be more appropriate.
|
|
In order to fix 25691 and 25692, we need to pass the "direct_conn"
flag to more places -- particularly when choosing single-hop
tunnels. The right way to do this involves having a couple more
functions accept router_crn_flags_t, rather than a big list of
boolean arguments.
This commit also makes sure that choose_good_exit_server_general()
honors the direct_conn flag, to fix 25691 and 25692.
|
|
This patch adds a new node_has_preferred_descriptor() function, and
replaces most users of node_has_descriptor() with it. That's an
important change, since as of d1874b433953f64 (our fix for #25213),
we are willing to say that a node has _some_ descriptor, but not the
_right_ descriptor for a particular use case.
Part of a fix for 25691 and 25692.
|
|
In d1874b433953f64, we adjusted this check so that we insist on
using routerinfos for bridges. That's almost correct... but if we
have a bridge that is also a regular relay, then we should use
insist on its routerinfo when connecting to it as a bridge
(directly), and be willing to use its microdescriptor when
connecting to it elsewhere in our circuits.
This bug is a likely cause of some (all?) of the (exit_ei == NULL)
failures we've been seeing.
Fixes bug 25691; bugfix on 0.3.3.4-alpha
|
|
This update is needed to make it consistent with the behavior of
node_awaiting_ipv6(), which doesn't believe in the addresses from
routerinfos unless it actually plans to use those routerinfos.
Fixes bug 25213; bugfix on b66b62fb7525cac1e1 in 0.3.3.1-alpha,
which tightened up the definition of node_awaiting_ipv6().
|
|
|
|
|
|
This removes the code that tracks the extend attemps a client makes. We don't
use it and it was only used to provide statistics on a SIGUSR1 from the
rephist dump stats function.
Part of #25163
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
|
|
Prebuilt circs are 4 hops, since only server side HSDIR and intro circs
are 3 hops, and it is OK if those sometimes take longer to build.
|
|
This lets us control their path len and usage.
|
|
Block circuit canibalization when HSRendezvousMiddleNodes is active.
Also make it apply to all HS circuits, not just rends.
|
|
|
|
|
|
This covers addressmap.h (no change needed) through confparse.h
|
|
These tests primarily test the relaxed and measured behavior of
circuitstats.c, to make sure we did not break it with #23100 or #23114.
|
|
This change causes us to count anything once it reaches 3 hops (but not
after).
|
|
This was never set thus never could have been used. Get rid of it to simplify
the code.
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
|
|
|
|
|
|
The is_first_hop field should have been called used_create_fast,
but everywhere that we wanted to check it, we should have been
checking channel_is_client() instead.
|
|
|
|
|
|
Bug not in any version of tor.
Found with clang's scan-build.
|
|
Before, this function meant "can we connect to this node and
authenticate it using its ed25519 key?" Now it can additionally
mean, "when somebody else connects to this node, do we expect that
they can authenticate using the node's ed25519 key"?
This change lets us future-proof our link authentication a bit.
Closes ticket 20895. No backport needed, since ed25519 link
authentication support has not been in any LTS release yet, and
existing releases with it should be obsolete before any releases
without support for linkauth=3 are released.
|
|
|
|
Version 3 hidden service needs rendezvous point that have the protocol version
HSRend >= 2 else the rendezvous cells are rejected.
Fixes #23361
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
|
|
We once used $X=N to mean "A relay with RSA ID digest X with the
Named flag and the nickname N." But authorities no longer assign
the Named flag.
|
|
|
|
|
|
We used to allow state==NULL here, but we no longer do.
Fixes bug 22779.
|
|
|
|
|
|
|
|
- Move some crypto structures so that they are visible by tests.
- Introduce a func to count number of hops in cpath which will be used
by the tests.
- Mark a function as mockable.
|
|
circuit_init_cpath_crypto() is responsible for creating the cpath of legacy
SHA1/AES128 circuits currently. We want to use it for prop224 circuits, so we
refactor it to create circuits with SHA3-256 and AES256 as well.
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
it isn't (anymore) for when you think you can get away with saving some
crypto operations.
|
|
|
|
|
|
This is a whitespace change only.
|
|
This commit is designed to have a very small diff. Therefore,
the indentation is wrong. The next commit will fix that.
|
|
|
|
The old "No specified non-excluded exit routers seem to be running"
message was somewhat confusing.
Fix for 7890.
|
|
|
|
Deprecated in 0.2.9.2-alpha, this commits changes it as OBSOLETE() and cleans
up the code associated with it.
Partially fixes #22060
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
