aboutsummaryrefslogtreecommitdiff
path: root/src/or/microdesc.c
AgeCommit message (Collapse)Author
2017-11-17Introduce cache for outdated microdesc dirservers.George Kadianakis
We gonna use this cache to avoid dirservers without outdated md info.
2017-03-28Merge branch 'spooling_squashed'Nick Mathewson
2017-03-28Refactor the directory spool implementationNick Mathewson
The old implementation had duplicated code in a bunch of places, and it interspersed spool-management with resource management. The new implementation should make it easier to add new resource types and maintain the spooling code. Closing ticket 21651.
2017-03-15Run the copyright update script.Nick Mathewson
2016-10-02simplify we_use_microdescriptors_for_circuits()Roger Dingledine
2016-10-02Bridges and relays now use microdescriptorsRoger Dingledine
(like clients do) rather than old-style router descriptors. Now bridges will blend in with clients in terms of the circuits they build. Fixes bug 6769; bugfix on 0.2.3.2-alpha.
2016-10-01Bridge-using clients now use their cached microdesc consensusRoger Dingledine
Clients that use bridges were ignoring their cached microdesc-flavor consensus files, because they only thought they should use the microdesc flavor once they had a known-working bridge that could offer microdescs, and at first boot no bridges are known-working. This bug caused bridge-using clients to download a new microdesc consensus on each startup. Fixes bug 20269; bugfix on 0.2.3.12-alpha.
2016-08-16Prevents negative number of written bytes on error message.Daniel Pinto
Fixes #17758.
2016-06-11Merge branch 'bug19180_easy_squashed'Nick Mathewson
2016-06-11Add the -Wextra-semi warning from clang, and fix the cases where it triggersNick Mathewson
2016-05-30Replace nearly all XXX0vv comments with smarter onesNick Mathewson
So, back long ago, XXX012 meant, "before Tor 0.1.2 is released, we had better revisit this comment and fix it!" But we have a huge pile of such comments accumulated for a large number of released versions! Not cool. So, here's what I tried to do: * 0.2.9 and 0.2.8 are retained, since those are not yet released. * XXX+ or XXX++ or XXX++++ or whatever means, "This one looks quite important!" * The others, after one-by-one examination, are downgraded to plain old XXX. Which doesn't mean they aren't a problem -- just that they cannot possibly be a release-blocking problem.
2016-05-19Add unit tests for networkstatus_consensus_is_bootstrappingteor (Tim Wilson-Brown)
2016-03-26Fix all doxygen warnings (other than missing docs)Nick Mathewson
2016-02-27Update the copyright year.Nick Mathewson
2016-02-27Make sure that every module in src/or has a brief description.Nick Mathewson
2016-02-22fix two typos in commentsRoger Dingledine
2015-12-15Replace usage of INLINE with inlinecypherpunks
This patch was generated using; sed -i -e "s/\bINLINE\b/inline/" src/*/*.[ch] src/*/*/*.[ch]
2015-08-17Fix a stupid memory leak I introduced in 8afbc154. Bug not in any released Tor.Nick Mathewson
2015-08-10Remove a 9-function strongly connected component of tor's callgraph.Nick Mathewson
microdesc_free_() called get_microdesc_cache(), which had the fun side-effect of potentially reloading the whole cache from disk. Replace it with a variant that doesn't.
2015-05-28Include ed25519 keys in microdescriptors.Nick Mathewson
2015-01-02Bump copyright dates to 2015, in case someday this matters.Nick Mathewson
2014-10-31Use digest256map for computing microdescriptor downloadsNick Mathewson
2014-10-28Add another year to our copyright dates.Nick Mathewson
Because in 95 years, we or our successors will surely care about enforcing the BSD license terms on this code. Right?
2014-10-13Use symbolic constants for statuses in microdescs_add_to_cache.Nick Mathewson
Suggested by Andrea in her review of 11243.
2014-10-13Treat unparseable (micro)descriptors and extrainfos as undownloadableNick Mathewson
One pain point in evolving the Tor design and implementing has been adding code that makes clients reject directory documents that they previously would have accepted, if those descriptors actually exist. When this happened, the clients would get the document, reject it, and then decide to try downloading it again, ad infinitum. This problem becomes particularly obnoxious with authorities, since if some authorities accept a descriptor that others don't, the ones that don't accept it would go crazy trying to re-fetch it over and over. (See for example ticket #9286.) This patch tries to solve this problem by tracking, if a descriptor isn't parseable, what its digest was, and whether it is invalid because of some flaw that applies to the portion containing the digest. (This excludes RSA signature problems: RSA signatures aren't included in the digest. This means that a directory authority can still put another directory authority into a loop by mentioning a descriptor, and then serving that descriptor with an invalid RSA signatures. But that would also make the misbehaving directory authority get DoSed by the server it's attacking, so it's not much of an issue.) We already have a mechanism to mark something undownloadable with downloadstatus_mark_impossible(); we use that here for microdescriptors, extrainfos, and router descriptors. Unit tests to follow in another patch. Closes ticket #11243.
2014-09-03Fix a couple of small memory leaks on failure cases.Nick Mathewson
[CID 1234702, 1234703]
2014-09-02Another clang analyzer complaint wrt HT_GENERATENick Mathewson
We're calling mallocfn() and reallocfn() in the HT_GENERATE macro with the result of a product. But that makes any sane analyzer worry about overflow. This patch keeps HT_GENERATE having its old semantics, since we aren't the only project using ht.h. Instead, define a HT_GENERATE2 that takes a reallocarrayfn.
2014-05-06Check HT_REP_IS_BAD_() when giving a bug-7164 warning.Nick Mathewson
This may let us know if we're hitting 7164 because of an hte_hash-corruption situation proposed by "cypherpunks" in bug 11737.
2014-03-31Merge branch 'bug8787_squashed'Nick Mathewson
2014-03-31NULL out all mappings after tor_munmap_file()Nick Mathewson
2014-03-31Always check returns from tor_munmap_file() in microdesc.cAndrea Shepard
2014-03-31Fix a clang compilation warningNick Mathewson
Subtracting two time_t values was yielding something that maybe can't be fit in an int. Bugfix on 0389d4aa; bug not in any released Tor.
2014-03-27Merge branch 'bug7164_diagnose_harder_v2'Nick Mathewson
2014-03-27More logs to try to diagnose bug 7164Nick Mathewson
This time, check in microdesc_cache_clean() to see what could be going wrong with an attempt to clean a microdesc that's held by a node.
2014-03-10Don't do directory fetches before all PTs have been configured.George Kadianakis
2014-02-12Siphash-2-4 is now our hash in nearly all cases.Nick Mathewson
I've made an exception for cases where I'm sure that users can't influence the inputs. This is likely to cause a slowdown somewhere, but it's safer to siphash everything and *then* look for cases to optimize. This patch doesn't actually get us any _benefit_ from siphash yet, since we don't really randomize the key at any point.
2013-12-17Merge remote-tracking branch 'origin/maint-0.2.4'Nick Mathewson
2013-12-17Merge branch 'bug10423' into maint-0.2.4Nick Mathewson
2013-12-17Merge remote-tracking branch 'origin/maint-0.2.4'Nick Mathewson
Conflicts: src/or/microdesc.c Conflict because one change was on line adjacent to line where 01206893 got fixed.
2013-12-17Merge remote-tracking branch 'public/bug10409_023' into maint-0.2.4Nick Mathewson
2013-12-17Avoid double-free on failure to dump_descriptor() a cached mdNick Mathewson
This is a fix for 10423, which was introducd in caa0d15c in 0.2.4.13-alpha. Spotted by bobnomnom.
2013-12-16Avoid free()ing from an mmap on corrupted microdesc cacheNick Mathewson
The 'body' field of a microdesc_t holds a strdup()'d value if the microdesc's saved_location field is SAVED_IN_JOURNAL or SAVED_NOWHERE, and holds a pointer to the middle of an mmap if the microdesc is SAVED_IN_CACHE. But we weren't setting that field until a while after we parsed the microdescriptor, which left an interval where microdesc_free() would try to free() the middle of the mmap(). This patch also includes a regression test. This is a fix for #10409; bugfix on 0.2.2.6-alpha.
2013-11-22Only update view of micrdescriptor pos if pos is fetchable.Nick Mathewson
It's conceivable (but probably impossible given our code) that lseek could return -1 on an error; when that happens, we don't want off to become -1. Fixes CID 1035124.
2013-09-05Merge remote-tracking branch 'public/bug9645'Nick Mathewson
2013-09-03Fix bug 9645: don't forget an md just because we can't save it.Nick Mathewson
2013-06-13Merge remote-tracking branch 'origin/maint-0.2.4'Nick Mathewson
2013-06-13If we write the annotation but not the microdescriptor, rewind.Nick Mathewson
This fixes bug 9047 (and some parts of 9031, 8922, 8883 that weren't fixed in 8822). Bugfix on 0.2.2.6-alpha.
2013-06-13Merge remote-tracking branch 'origin/maint-0.2.4'Nick Mathewson
2013-06-12Make all consumers of microdesc_t.body tolerate NULLNick Mathewson
This is another fix to try to mitigate recurrences of 8031/8822.
2013-06-12Unmap the microdescriptor cache before replacing it.Nick Mathewson
This is a reprise of the fix in bdff7e3299d78; 6905c1f6 reintroduced that bug. Briefly: windows doesn't seem to like deleting a mapped file. I tried adding the PROT_SHARED_DELETE flag to the createfile all, but that didn't actually fix this issue. Fortunately, the unit test I added in 4f4fc63fea0589a4fa03f3859dc27860cdde75af should prevent us from making this particular screw-up again. This patch also tries to limit the crash potential of a failure to write by a little bit, although it could do a better job of retaining microdescriptor bodies. Fix for bug 8822, bugfix on 0.2.4.12-alpha.