| Age | Commit message (Collapse) | Author |
|---|
|
Routers now use TAP and ntor onion keys to sign their identity keys,
and put these signatures in their descriptors. That allows other
parties to be confident that the onion keys are indeed controlled by
the router that generated the descriptor.
|
|
Now that we have ed25519 keys, we can sign descriptors with them
and check those signatures as documented in proposal 220.
|
|
For prop220, we have a new ed25519 certificate type. This patch
implements the code to create, parse, and validate those, along with
code for routers to maintain their own sets of certificates and
keys. (Some parts of master identity key encryption are done, but
the implementation of that isn't finished)
|
|
|
|
Conflicts:
src/or/dirvote.h
src/test/include.am
src/test/test_entrynodes.c
|
|
Also introduce the UseGuardFraction torrc option which decides whether
clients should use guardfraction information found in the consensus.
|
|
Parse the file just before voting and apply its information to the
provided vote_routerstatus_t. This follows the same logic as when
dirauths parse bwauth files.
|
|
|
|
Conflicts:
src/or/circuituse.c
src/test/include.am
src/test/test_entrynodes.c
|
|
These were suggested by dgoulet, thanks!
|
|
Also raise those minima from 20 to 75 and 50 respectively.
Closes ticket 13822.
|
|
Conflicts:
src/test/test_dir.c
|
|
Also, revise bug12585 changes file to mention new syntax
|
|
|
|
Conflicts:
src/or/directory.c
src/or/routerlist.c
src/or/routerlist.h
src/test/include.am
src/test/test.c
|
|
|
|
(Patch from arma, commit message from nick.)
Closes #14222.
|
|
Conflicts:
src/or/connection.c
src/or/or.h
src/or/relay.c
|
|
Also rename some options for uniformity, and apply this script:
@@
entry_connection_t *conn;
@@
conn->
+entry_cfg.
\(
isolation_flags
\|
session_group
\|
socks_prefer_no_auth
\|
ipv4_traffic
\|
ipv6_traffic
\|
prefer_ipv6
\|
cache_ipv4_answers
\|
cache_ipv6_answers
\|
use_cached_ipv4_answers
\|
use_cached_ipv6_answers
\|
prefer_ipv6_virtaddr
\)
|
|
Also, revise the code using these options with this cocci script:
@@
listener_connection_t *conn;
@@
conn->
+entry_cfg.
\(
isolation_flags
\|
session_group
\|
socks_prefer_no_auth
\|
ipv4_traffic
\|
ipv6_traffic
\|
prefer_ipv6
\|
cache_ipv4_answers
\|
cache_ipv6_answers
\|
use_cached_ipv4_answers
\|
use_cached_ipv6_answers
\|
prefer_ipv6_virtaddr
\)
|
|
Also, apply this cocci script to transform accesses. (Plus manual
migration for accesses inside smartlist_foreach loops.)
@@
port_cfg_t *cfgx;
@@
cfgx->
+server_cfg.
\(
no_advertise
\|
no_listen
\|
all_addrs
\|
bind_ipv4_only
\|
bind_ipv6_only
\)
@@
port_cfg_t *cfgx;
@@
cfgx->
+entry_cfg.
\(
isolation_flags
\|
session_group
\|
socks_prefer_no_auth
\|
ipv4_traffic
\|
ipv6_traffic
\|
prefer_ipv6
\|
cache_ipv4_answers
\|
cache_ipv6_answers
\|
use_cached_ipv4_answers
\|
use_cached_ipv6_answers
\|
prefer_ipv6_virtaddr
\)
|
|
The solution I took is to not free a circuit with a pending
uncancellable work item, but rather to set its magic number to a
sentinel value. When we get a work item, we check whether the circuit
has that magic sentinel, and if so, we free it rather than processing
the reply.
|
|
|
|
|
|
Conflicts:
src/or/relay.c
|
|
|
|
This implementation includes tests and a little documentation.
|
|
TestingDirAuthVoteHSDir ensures that authorities vote the HSDir flag
for the listed relays regardless of uptime or ORPort connectivity.
Respects the value of VoteOnHidServDirectoriesV2.
Partial fix for bug 14067.
|
|
Signed-off-by: Andrea Shepard <andrea@torproject.org>
|
|
Conflicts:
src/or/or.h
|
|
If we're not a relay, we ignore it.
If it's set to 1, we obey ExitPolicy.
If it's set to 0, we force ExitPolicy to 'reject *:*'
And if it's set to auto, then we warn the user if they're running an
exit, and tell them how they can stop running an exit if they didn't
mean to do that.
Fixes ticket 10067
|
|
|
|
|
|
This happened because we changed AutomapHostsSuffixes to replace "."
with "", since a suffix of "" means "match everything." But our
option handling code for CSV options likes to remove empty entries
when it re-parses stuff.
Instead, let "." remain ".", and treat it specially when we're
checking for a match.
Fixes bug 12509; bugfix on 0.2.0.1-alpha.
|
|
|
|
The two statistics are:
1. number of RELAY cells observed on successfully established
rendezvous circuits; and
2. number of .onion addresses observed as hidden-service
directory.
Both statistics are accumulated over 24 hours, obfuscated by rounding
up to the next multiple of a given number and adding random noise,
and written to local file stats/hidserv-stats.
Notably, no statistics will be gathered on clients or services, but
only on relays.
|
|
1) Set them to the values that (according to Rob) avoided performance
regressions. This means that the scheduler won't get much exercise
until we implement KIST or something like it.
2) Rename the options to end with a __, since I think they might be
going away, and nobody should mess with them.
3) Use the correct types for the option variables. MEMUNIT needs to be a
uint64_t; UINT needs to be (I know, I know!) an int.
4) Validate the values in options_validate(); do the switch in
options_act(). This way, setting the option to an invalid value on
a running Tor will get backed out.
|
|
Conflicts:
src/or/or.h
src/test/Makefile.nmake
|
|
Conflicts:
src/or/or.h
|
|
|
|
|
|
This has been already disabled in the directory consensus for a while;
it didn't seem to break anything.
Finally closes #7803.
|
|
We add a compression level argument to tor_zlib_new, and use it to
determine how much memory to allocate for the zlib object. We use the
existing level by default, but shift to smaller levels for small
requests when we have been over 3/4 of our memory usage in the past
half-hour.
Closes ticket 11791.
|
|
|
|
|
|
|
|
|
|
When closing parallel introduction points, the given reason (timeout)
was actually changed to "no reason" thus when the circuit purpose was
CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT, we were reporting an introduction
point failure and flagging it "unreachable". After three times, that
intro point gets removed from the rend cache object.
In the case of CIRCUIT_PURPOSE_C_INTRODUCING, the intro point was
flagged has "timed out" and thus not used until the connection to the HS
is closed where that flag gets reset.
This commit adds an internal circuit reason called
END_CIRC_REASON_IP_NOW_REDUNDANT which tells the closing circuit
mechanism to not report any intro point failure.
This has been observed while opening hundreds of connections to an HS on
different circuit for each connection. This fix makes this use case to
work like a charm.
Fixes #13698.
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
|
|
Conflicts:
src/or/config.c
|
|
We were only using it when smartlist_choose_node_by_bandwidth_weights
failed. But that function could only fail in the presence of
buggy/ancient authorities or in the absence of a consensus. Either
way, it's better to use sensible defaults and a nicer algorithm.
|
