| Age | Commit message (Collapse) | Author |
|---|
|
svn:r18298
|
|
attempts to nonexistent hidden service port.
svn:r17868
|
|
for reverse dns resolve, not FAILED.
svn:r16986
|
|
When we get an A.B.exit:P address, and B would reject most connections to P, but we do not know whether it would allow A, then allow the connection to procede. Bugfix, amusingly, on 0.0.9rc5.
svn:r16945
|
|
and some almost inevitable.
svn:r16781
|
|
svn:r16730
|
|
svn:r16726
|
|
linux/netfilter_ipv4.h header properly, since we needed to have in_addr and in6_addr and __u32 defined before trying to include it. Fix that.
svn:r16461
|
|
svn:r15578
|
|
svn:r15435
|
|
connections, regardless of setting for leavestreamsunattached.
svn:r14752
|
|
Backport: Apply patch from mwenge to fix bug 646: makes stream events for dns requests get generated more consistently.
svn:r14414
|
|
svn:r14311
|
|
svn:r14167
|
|
Backport: Fix the other lingering part of bug 617: make ClientDNSRejectInternalAddresses actually work.
svn:r14108
|
|
{in 0.2.0} Part of fix for bug 617: do not mark-for-close on invalid .in-addr.arpa DNSPort request, since it would be a duplicate mark.
svn:r14067
|
|
More 64-to-32 fixes. Partial backport candidate. still not done.
svn:r13680
|
|
svn:r13663
|
|
Do the last part of arma's fix for bug 437: Track the origin of every addrmap, and use this info so we can remove all the trackhostexits-originated mappings for a given exit.
svn:r13660
|
|
five circuit attempts fail for a given stream. part of the fix
for bug 437. still an XXX020rc remaining.
svn:r13648
|
|
Resolve all DOCDOC issues, and document some other undocumented code, and fix a changelog entry.
svn:r13638
|
|
would stop building circuits and start refusing connections after
24 hours, since we false believed that Tor was dormant. Reported
by nwf; bugfix on 0.1.2.x.
svn:r13583
|
|
Fix all but 2 DOCDOC items; defer many XXX020s (particularly those where fixing them would fix no bugs at the risk of introducing some bugs).
svn:r13529
|
|
Re-tune mempool parametes based on testing on peacetime: use smaller chuncks, free them a little more aggressively, and try very hard to concentrate allocations on fuller chunks. Also, lots of new documentation.
svn:r13484
|
|
Add a bunch more code documentation; change the interface of fetch_var_cell_from_buf() so it takes the current link protocol into account and can't get confused by weird command bytes on v1 connections.
svn:r13430
|
|
svn:r13412
|
|
Tor can warn and/or refuse connections to ports commonly used with
vulnerable-plaintext protocols.
We still need to figure out some good defaults for them.
svn:r13198
|
|
svn:r13190
|
|
Fixes to more anonymously-reported typos and logic errors.
svn:r13136
|
|
svn:r12786
|
|
on but your ORPort is off.
Add a new config option BridgeRelay that specifies you want to
be a bridge relay. Right now the only difference is that it makes
you answer begin_dir requests, and it makes you cache dir info,
even if your DirPort isn't on.
Refactor directory_caches_dir_info() into some more functions.
svn:r12668
|
|
svn:r12657
|
|
svn:r12621
|
|
svn:r12607
|
|
Clients download and cache new hidden descriptor format.
svn:r12302
|
|
edge_connection_t: want_onehop if it must attach to a circuit with
only one hop (e.g. for the current tunnelled connections that use
begin_dir), and use_begindir if we mean to use a BEGIN_DIR relay
command to establish the stream rather than the normal BEGIN. Now
we can make anonymized begin_dir connections for (e.g.) more secure
hidden service posting and fetching.
svn:r12244
|
|
Turn all "Is DirPort nonzero? Because if it is, we must be a directory" logic into calls to dirserver_mode().
svn:r11817
|
|
Make some functions static; remove some dead code.
svn:r11750
|
|
svn:r11658
|
|
them anyway, and the code has probably rotted by now. Based on
patch from Karsten Loesing.
svn:r11496
|
|
Make controllers accept LF as well as CRLF. Update spec to reflect this. Remove now-dead code. Make controller warning about v0 protocol more accurate.
svn:r11299
|
|
Add a new ClientDNSRejectInternalAddresses option (default: on) to refuse to believe that any address can map to or from an internal address. This blocks some kinds of potential browser-based attacks, especially on hosts using DNSPort. Also clarify behavior in some comments. Backport candiate?
svn:r11287
|
|
Fix a bug caught by Kate: when we switched from masks to bits in 0.2.0.3-alpha, we added a spurious ! that made us never believe that any address fell inside a virtual address range. While we're at it, save a trip around the loop in the common case.
svn:r11129
|
|
svn:r11074
|
|
More documentation
svn:r10992
|
|
Fix bug 472: do not use spaces in pseudo-address for local link cons.
svn:r10979
|
|
ADDRMAP events should never have specified local time. Extend them to have the proper gmt time, and make GETINFO address-mappings always do the right thing (since it is new in this version).
svn:r10930
|
|
Another patch from croup: drop support for address masks that do not correspond to bit prefixes. Nobody has used this for a while, and we have given warnings for a long time.
svn:r10881
|
|
Patch from tup: new address-mappings/ GETINFO that includes expiry times.
svn:r10844
|
|
Get the RESOLVE controller code working.
svn:r10781
|
