summaryrefslogtreecommitdiff
path: root/src/or
AgeCommit message (Collapse)Author
2013-09-05collect and log statistics about onionskins received/processedRoger Dingledine
we skip onionskins that came from non-relays, so we're less likely to run into privacy troubles. starts to implement ticket 9658.
2013-09-05Revert e443beff and solve it a different wayRoger Dingledine
Now we explicitly check for overflow. This approach seemed smarter than a cascade of "change int to unsigned int and hope nothing breaks right before the release". Nick, feel free to fix in a better way, maybe in master.
2013-09-05don't let recently_chosen_ntors overflowRoger Dingledine
with commit c6f1668d we let it grow arbitrarily large. it can still overflow, but the damage is very small now.
2013-09-04nickm wants us to prioritize tap in a currently-rare edge caseRoger Dingledine
2013-09-04Be more general in calculating expected onion queue processing timeRoger Dingledine
Now we consider the TAP cells we'll process while draining the NTor queue, and vice versa.
2013-09-04let the NumNTorsPerTAP consensus param override our queue choiceRoger Dingledine
2013-09-04do a lopsided round-robin between the onion queuesRoger Dingledine
that way tap won't starve entirely, but we'll still handle ntor requests quicker.
2013-09-04check bounds on handshake_type more thoroughlyRoger Dingledine
2013-09-04add info-level logs to help track onion queue sizesRoger Dingledine
2013-09-04refactor and give it unit testsRoger Dingledine
2013-09-04Separate cpuworker queues by handshake typeRoger Dingledine
Now we prioritize ntor create cells over tap create cells. Starts to address ticket 9574.
2013-09-04Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4Nick Mathewson
Conflicts: src/or/circuitbuild.c
2013-09-04use !cbt_disabled in place of LearnCBT to avoid needless circsNick Mathewson
This would make us do testing circuits "even when cbt is disabled by consensus, or when we're a directory authority, or when we've failed to write cbt history to our state file lately." (Roger's words.) This is a fix for 9671 and an improvement in our fix for 5049. The original misbehavior was in 0.2.2.14-alpha; the incomplete fix was in 0.2.3.17-beta.
2013-08-25Merge remote-tracking branch 'public/bug9546_023_v2' into maint-0.2.3Nick Mathewson
2013-08-25Merge remote-tracking branch 'public/bug9546_v2' into maint-0.2.4Nick Mathewson
2013-08-25Merge remote-tracking branch 'public/bug9366' into maint-0.2.4Nick Mathewson
2013-08-25Merge remote-tracking branch 'public/bug9543' into maint-0.2.4Nick Mathewson
2013-08-22Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4Nick Mathewson
2013-08-22Replace return with continue in update_consensus_networkstatus_downloadsNick Mathewson
Fix for bug 9564; bugfix on 0.2.3.14-alpha.
2013-08-21Add a 30-day maximum on user-supplied MaxCircuitDirtinessNick Mathewson
Fix for bug 9543.
2013-08-21Make bridges send AUTH_CHALLENGE cellsNick Mathewson
The spec requires them to do so, and not doing so creates a situation where they can't send-test because relays won't extend to them because of the other part of bug 9546. Fixes bug 9546; bugfix on 0.2.3.6-alpha.
2013-08-21Make bridges send AUTH_CHALLENGE cellsNick Mathewson
The spec requires them to do so, and not doing so creates a situation where they can't send-test because relays won't extend to them because of the other part of bug 9546. Fixes bug 9546; bugfix on 0.2.3.6-alpha.
2013-08-21Send NETINFO on receiving a NETINFO if we have not yet sent one.Nick Mathewson
(Backport to Tor 0.2.3) Relays previously, when initiating a connection, would only send a NETINFO after sending an AUTHENTICATE. But bridges, when receiving a connection, would never send AUTH_CHALLENGE. So relays wouldn't AUTHENTICATE, and wouldn't NETINFO, and then bridges would be surprised to be receiving CREATE cells on a non-open circuit. Fixes bug 9546.
2013-08-20Send NETINFO on receiving a NETINFO if we have not yet sent one.Nick Mathewson
Relays previously, when initiating a connection, would only send a NETINFO after sending an AUTHENTICATE. But bridges, when receiving a connection, would never send AUTH_CHALLENGE. So relays wouldn't AUTHENTICATE, and wouldn't NETINFO, and then bridges would be surprised to be receiving CREATE cells on a non-open circuit. Fixes bug 9546.
2013-08-10Fix an uninitialized-read when parsing v3 introduction requests.Nick Mathewson
Fortunately, later checks mean that uninitialized data can't get sent to the network by this bug. Unfortunately, reading uninitialized heap *can* (in some cases, with some allocators) cause a crash if you get unlucky and go off the end of a page. Found by asn. Bugfix on 0.2.4.1-alpha.
2013-08-05Don't allow all ORPort values to be NoAdvertiseNick Mathewson
Fix for bug #9366
2013-07-31Merge remote-tracking branch 'arma/bug9354' into maint-0.2.4Nick Mathewson
2013-07-31Fix invalid-read when a managed proxy configuration fails.George Kadianakis
2013-07-30NumDirectoryGuards now tracks NumEntryGuards by defaultRoger Dingledine
Now a user who changes only NumEntryGuards will get the behavior she expects. Fixes bug 9354; bugfix on 0.2.4.8-alpha.
2013-07-26Avoid assertion failure on unexepcted address family in DNS reply.Nick Mathewson
Fixes bug 9337; bugfix on 0.2.4.7-alpha.
2013-07-23Fix bug9309, and n_noncanonical count/continue codeNick Mathewson
When we moved channel_matches_target_addr_for_extend() into a separate function, its sense was inverted from what one might expect, and we didn't have a ! in one place where we should have. Found by skruffy.
2013-07-18Merge remote-tracking branch 'public/bug9295_023' into maint-0.2.4Nick Mathewson
2013-07-18tmpNick Mathewson
2013-07-16Re-do a cast in order to make old buggy freebsd gcc happyNick Mathewson
Fix for #9254. Bugfix on 0.2.4.14-alpha. This is not actually a bug in the Tor code.
2013-07-08Add a comment and a check for why flag indices will be <= 63Nick Mathewson
2013-07-03FIx undefined behavior in dirvote.cNick Mathewson
Fix a bug in the voting algorithm that could yield incorrect results when a non-naming authority declared too many flags. Fixes bug 9200; bugfix on 0.2.0.3-alpha. Found by coverity scan.
2013-06-29Give a warning when bufferevents are enabled.Nick Mathewson
Ticket 9147.
2013-06-24Fix bug 9122: don't allow newdefaultoptions to be NULLNick Mathewson
(This caused a crash that was reported as bug 9122, but the underlying behavior has been wrong for a while.) Fix on 0.2.3.9-alpha.
2013-06-18Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4Nick Mathewson
2013-06-18Fix some problems with the bug9002 fix.Nick Mathewson
Fixes bug 9090; bug not in any released Tor.
2013-06-18Tweak bug9063_redux patch: {n_p}_chan_cells, not {n,p}_conn_cellsNick Mathewson
2013-06-18Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4Nick Mathewson
Conflicts: src/or/config.c src/or/relay.c
2013-06-18Merge branch 'bug9063_redux_023_squashed' into maint-0.2.3Nick Mathewson
2013-06-18Implement a real OOM-killer for too-long circuit queues.Nick Mathewson
This implements "algorithm 1" from my discussion of bug #9072: on OOM, find the circuits with the longest queues, and kill them. It's also a fix for #9063 -- without the side-effects of bug #9072. The memory bounds aren't perfect here, and you need to be sure to allow some slack for the rest of Tor's usage. This isn't a perfect fix; the rest of the solutions I describe on codeable.
2013-06-16Limit hidden service descriptors to at most 10 guard nodes.Nick Mathewson
Fixes bug 9002; bugfix on 0.1.1.11-alpha (which introduced guard nodes), or on 0.0.6pre1 (which introduced hidden services).
2013-06-15Merge branch 'bug9072-023' into bug9072-024Andrea Shepard
2013-06-15Disable middle relay queue overfill detection code due to possible guard ↵Andrea Shepard
discovery attack
2013-06-14Increase the limit so leaky pipe might workNick Mathewson
2013-06-14Increase the limit so leaky pipe might workNick Mathewson
2013-06-13Don't queue more cells as a middle relay than the spec allows to be in flightAndrea Shepard
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion