| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
The main.c code is responsible for initialization and shutdown;
the mainloop.c code is responsible for running the main loop of Tor.
Splitting the "generic event loop" part of mainloop.c from the
event-loop-specific part is not done as part of this patch.
|
|
Remove support for Tor2web in the code and build system. At this commit, tor
doesn't have Tor2web support anymore.
Ref: https://lists.torproject.org/pipermail/tor-dev/2018-July/013295.html
Close #26367
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
I am very glad to have written this script.
|
|
|
|
|
|
or.h should really include only the minimum of stuff from or/*,
common/*, and lib/*.
|
|
|
|
|
|
|
|
|
|
Found by asan on travis :/
|
|
|
|
|
|
|
|
|
|
|
|
The relay variable is always allocated, but might not be freed before we
return from this function.
See: Coverity CID 1437431
|
|
You have no idea how glad I am that this is automated.
|
|
|
|
|
|
Since packed_cell and destroy_cell exist only to be queued, they go
in the same headers as the queues.
|
|
|
|
|
|
|
|
Doing this lets us remove the event2/event.h header from a few more
modules, particularly in the tests.
Part of work on 23750.
|
|
|
|
|
|
Using absolute_msec requires a 64-bit division operation every time
we calculate it, which gets expensive on 32-bit architectures.
Instead, just use the lazy "monotime_coarse_get()" operation, and
don't convert to milliseconds until we absolutely must.
In this case, it seemed fine to use a full monotime_coarse_t rather
than a truncated "stamp" as we did to solve this problem for the
timerstamps in buf_t and packed_cell_t: There are vastly more cells
and buffer chunks than there are channels, and using 16 bytes per
channel in the worst case is not a big deal.
There are still more millisecond operations here than strictly
necessary; let's see any divisions show up in profiles.
|
|
|
|
When the directory information changes, callback to the HS client subsystem so
it can check if any pending SOCKS connections are waiting for a descriptor. If
yes, attempt a refetch for those.
Fixes #23762
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This is a side-effect of being single-threaded. The worst cases of this are
actually Bug #16585.
|
|
This doesn't apply to currently active connections.. yet...
|
|
A for-loop in test_channelpadding_timers() would never run because it
was trying to increment a counter up to CHANNELS_TO_TEST/3 after an
earlier block already incremented it to CHANNELS_TO_TEST/2.
Fixes #22221, CID 1405983.
|
|
Patch from rubiate; fixes bug 22219. Remember, we don't support
libevent1 any more.
|
|
This is necessary to avoid crashes and test failures on kevent-based
systems.
Fixes bug 22209; bug not in any released Tor.
|
|
|
|
This fixes a warning from jenkins.
|
|
|
|
asan was finding an alignment issue with a cast, so set the field in the
trunnel struct and then encode it instead. Also, enable log capture and
verification.
|
|
Checking all of these parameter lists for every single connection every second
seems like it could be an expensive waste.
Updating globally cached versions when there is a new consensus will still
allow us to apply consensus parameter updates to all existing connections
immediately.
|
|
This unifies CircuitIdleTimeout and PredictedCircsRelevanceTime into a single
option, and randomizes it.
It also gives us control over the default value as well as relay-to-relay
connection lifespan through the consensus.
Conflicts:
src/or/circuituse.c
src/or/config.c
src/or/main.c
src/test/testing_common.c
|
|
This defense will cause Cisco, Juniper, Fortinet, and other routers operating
in the default configuration to collapse netflow records that would normally
be split due to the 15 second flow idle timeout.
Collapsing these records should greatly reduce the utility of default netflow
data for correlation attacks, since all client-side records should become 30
minute chunks of total bytes sent/received, rather than creating multiple
separate records for every webpage load/ssh command interaction/XMPP chat/whatever
else happens to be inactive for more than 15 seconds.
The defense adds consensus parameters to govern the range of timeout values
for sending padding packets, as well as for keeping connections open.
The defense only sends padding when connections are otherwise inactive, and it
does not pad connections used solely for directory traffic at all. By default
it also doesn't pad inter-relay connections.
Statistics on the total padding in the last 24 hours are exported to the
extra-info descriptors.
|
