| Age | Commit message (Collapse) | Author |
|---|
|
One is a probably-impossible leak if we fail to sign a consensus;
another occurs when we can't look up the user we're trying to chown
our sockets to.
|
|
Coverity is worried about this (CID 980653). It hasn't happened in
testing, but we might as well make sure it can't happen.
|
|
When we compute the estimated microseconds we need to handle our
pending onionskins, we could (in principle) overflow a uint32_t if
we ever had 4 million pending onionskins before we had any data
about how onionskins take. Nevertheless, let's compute it properly.
Fixes bug 8210; bugfix on 0.2.4.10. Found by coverity; this is CID
980651.
|
|
|
|
|
|
This one occurs when changing configuration options. Found by
coverity.
|
|
|
|
This fixes a crash bug if we fail to generate an extrainfo
descriptor.
Fixes bug 8208; bugfix on 0.2.3.16-alpha.
|
|
Coverity is worried that we're checking entry_conn in some cases,
but not in the case where we set entry_conn->pending_optimistic_data.
This commit should calm it down (CID 718623).
|
|
Fixes CID 980650; bugfix on 0.2.4.10-alpha.
|
|
|
|
|
|
It returns the method by which we decided our public IP address
(explicitly configured, resolved from explicit hostname, guessed from
interfaces, learned by gethostname).
Now we can provide more helpful log messages when a relay guesses its IP
address incorrectly (e.g. due to unexpected lines in /etc/hosts). Resolves
ticket 2267.
While we're at it, stop sending a stray "(null)" in some cases for the
server status "EXTERNAL_ADDRESS" controller event. Resolves bug 8200.
|
|
|
|
|
|
To avoid surprises, good coding practice suggests parenthesizing every
macro definition -- or at the very least, all those involving an
expression.
|
|
This check isn't necessary (see comment on #7801), but it took at
least two smart people a little while to see why it wasn't necessary,
so let's have it in to make the code more readable.
|
|
|
|
We need a weak RNG in a couple of places where the strong RNG is
both needless and too slow. We had been using the weak RNG from our
platform's libc implementation, but that was problematic (because
many platforms have exceptionally horrible weak RNGs -- like, ones
that only return values between 0 and SHORT_MAX) and because we were
using it in a way that was wrong for LCG-based weak RNGs. (We were
counting on the low bits of the LCG output to be as random as the
high ones, which isn't true.)
This patch adds a separate type for a weak RNG, adds an LCG
implementation for it, and uses that exclusively where we had been
using the platform weak RNG.
|
|
|
|
|
|
|
|
Conflicts:
src/or/connection.c
|
|
Conflicts:
src/common/util.c
|
|
|
|
|
|
|
|
|
|
|
|
I think we want both sets of messages to appear independently to help us know
what needs tuning.
|
|
I noticed bad wifi networks can have low use success rates.
|
|
Implements ticket 8151.
|
|
|
|
|
|
Authorities don't set is_possible_guard on node_t, so they were
never deciding that they could build enough paths. This is a quick
and dirty fix.
Bug not in any released version of Tor
|
|
|
|
These seem to have gotten conflicted out of existence while mike was
working on path bias stuff.
Thanks to sysrqb for collecting these in a handy patch.
|
|
It appears that the code for 7291 gave an unused-value warning when
built with --disable-curve25519.
|
|
This prevents bug 8147, where such nodes would accrue points towards
Guard, Fast, HSDir, and so on.
Fixes bug 8147.
|
|
Another bug 8145 fix.
|
|
Fix for 8145.
|
|
|
|
Fixes bug 8146.
|
|
|
|
|
|
|
|
When we first implemented TLS, we assumed in conneciton_handle_write
that a TOR_TLS_WANT_WRITE from flush_buf_tls meant that nothing had
been written. But when we moved our buffers to a ring buffer
implementation back in 0.1.0.5-rc (!), we broke that invariant: it's
possible that some bytes have been written but nothing.
That's bad. It means that if we do a sequence of TLS writes that ends
with a WANTWRITE, we don't notice that we flushed any bytes, and we
don't (I think) decrement buckets.
Fixes bug 7708; bugfix on 0.1.0.5-rc
|
|
|
|
|
|
This informational counter is probably now redundant, but might as well keep
it consistent I guess.
|
