From bf738d30808190fcd20e8bcb3e75b17f7b730105 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Sat, 23 Sep 2006 22:06:09 +0000 Subject: r6362@totoro (orig r6361): arma | 2006-04-10 05:43:30 -0400 another todo item we ought to do r6363@totoro (orig r6362): weasel | 2006-04-10 06:03:47 -0400 New upstream version r6364@totoro (orig r6363): phobos | 2006-04-10 10:12:29 -0400 Remove a dependency on dist and assume a tarball is in ".." for dist-rpm. r6365@totoro (orig r6364): weasel | 2006-04-10 15:39:26 -0400 Remove redundant includes. They are all hanled in torint.h which we already do include. r6370@totoro (orig r6369): arma | 2006-04-10 16:00:31 -0400 be willing to add our own routerinfo into the routerlist. this means authorities will include themselves in their directories and network-statuses. r6373@totoro (orig r6372): arma | 2006-04-10 16:08:12 -0400 and forward-port the man page change r6374@totoro (orig r6373): arma | 2006-04-10 16:16:46 -0400 make DirFetchPeriod and StatusFetchPeriod truly obsolete. r6376@totoro (orig r6375): arma | 2006-04-10 16:21:55 -0400 0.1.2.0-alpha-cvs! r6377@totoro (orig r6376): nickm | 2006-04-10 17:23:00 -0400 Remove DER64 functions in trunk: they will never be used again unless the directory authorities switch back to 0.0.9tooearly. r6378@totoro (orig r6377): weasel | 2006-04-10 17:29:29 -0400 Stop assuming every authority is a v1 authority r6381@totoro (orig r6380): weasel | 2006-04-10 17:37:20 -0400 [forward port] Update the list of documentation files in tor.nsi and package_nsis-weasel.sh r6382@totoro (orig r6381): arma | 2006-04-10 17:40:43 -0400 drop moria1 from the list of authorities. r6383@totoro (orig r6382): arma | 2006-04-11 10:12:04 -0400 ok, put moria1 back in, since it's v1 and thus we need to send our rendezvous descriptors to it. eventually we might make a 'v1only' tag that explains it's only for rendezvous descriptors. r6384@totoro (orig r6383): phobos | 2006-04-12 21:46:27 -0400 Temporary hacks to ensure make dist-rpm works from cvs until a better solution can be found. r6386@totoro (orig r6385): arma | 2006-04-14 16:19:33 -0400 forward-port the n_named log severity downgrade. r6388@totoro (orig r6387): arma | 2006-04-15 03:15:23 -0400 if the bottom eighth of the servers by bandwidth is really crummy, try the bottom quartile instead. r6389@totoro (orig r6388): arma | 2006-04-15 19:53:58 -0400 update spec to reflect the downgraded loglevel for naming complaints. r6390@totoro (orig r6389): arma | 2006-04-16 18:34:00 -0400 no need to escape the address for our connections -- they are always IP addresses. r6391@totoro (orig r6390): arma | 2006-04-16 18:44:08 -0400 better error checking for torify, contributed by jacob appelbaum. r6392@totoro (orig r6391): arma | 2006-04-16 18:48:41 -0400 and remove the 'debugging' flag for torify r6393@totoro (orig r6392): weasel | 2006-04-16 22:46:14 -0400 Add an XXX to torify.in - "which" is evil, quote a few variables do -h and --help add (c) and license ("Same as tor") print an error message if exec falls through r6394@totoro (orig r6393): arma | 2006-04-17 02:43:27 -0400 slightly clearer log message when you use a nickname rather than a key for an unnamed server. r6395@totoro (orig r6394): arma | 2006-04-17 02:46:20 -0400 note another bug: we complain that a router doesn't exist, because it's down so we never fetched it so it doesn't exist. r6397@totoro (orig r6396): nickm | 2006-04-17 23:07:24 -0400 forward-port: "Resolve" all XXX011 items, mostly by marking them non-011. r6399@totoro (orig r6398): nickm | 2006-04-17 23:36:28 -0400 [forward-port] Implement an option, VirtualAddrMask, to set which addresses get handed out in response to mapaddress requests. Needs testing and docs! r6401@totoro (orig r6400): nickm | 2006-04-17 23:51:18 -0400 [Forward-port ]Test and document last patch. r6402@totoro (orig r6401): nickm | 2006-04-17 23:58:42 -0400 mainline branch. Remove some more dead XXXs. r6403@totoro (orig r6402): nickm | 2006-04-18 00:57:07 -0400 require at least 2**16 assignable virtual addresses r6405@totoro (orig r6404): arma | 2006-04-18 01:03:09 -0400 class B really means /16 here r6407@totoro (orig r6406): arma | 2006-04-18 15:48:06 -0400 Raise the timeout for complaining about wedged cpuworkers. This value is high because some servers with low memory/cpu sometimes spend an hour or more swapping, and Tor starves. r6408@totoro (orig r6407): weasel | 2006-04-21 11:52:49 -0400 Add add-tor helper script to contrib r6409@totoro (orig r6408): weasel | 2006-04-21 11:57:09 -0400 Remove test values from add-tor r6410@totoro (orig r6409): nickm | 2006-04-23 17:36:52 -0400 Prioritize items for 0.1.2 r6411@totoro (orig r6410): nickm | 2006-04-23 17:40:15 -0400 And another 0.1.2 item r6412@totoro (orig r6411): arma | 2006-04-23 19:05:34 -0400 make more hibernate log messages use local time. we should audit to see what other log messages keep switching back and forth between GMT and local. r6413@totoro (orig r6412): arma | 2006-04-23 19:09:03 -0400 Regenerate our local descriptor if it's dirty and some local function asks for it. This may resolve bug 286. r6414@totoro (orig r6413): nickm | 2006-04-24 12:29:06 -0400 Add a stub of a "path-spec", containing only the helper-node emails from arma. whee. r6415@totoro (orig r6414): nickm | 2006-04-24 13:51:31 -0400 Possible partial fix for 285; needs review r6416@totoro (orig r6415): arma | 2006-04-24 17:11:56 -0400 resolve typos in add-tor contrib script r6417@totoro (orig r6416): nickm | 2006-04-25 01:42:09 -0400 Add some bullet points to write up r6418@totoro (orig r6417): nickm | 2006-04-25 01:59:31 -0400 fix a segfault in last bug-285-related commit. r6419@totoro (orig r6418): nickm | 2006-04-25 02:02:46 -0400 you wanted it spelled properly too? And me not even funded! r6420@totoro (orig r6419): arma | 2006-04-25 02:16:38 -0400 list some more items to remember in path-building r6421@totoro (orig r6420): nickm | 2006-04-25 02:20:47 -0400 Only warn about a down node once r6422@totoro (orig r6421): arma | 2006-04-25 03:00:04 -0400 petty cleanups r6423@totoro (orig r6422): arma | 2006-04-25 03:06:48 -0400 put one of the XXX's back in r6427@totoro (orig r6426): nickm | 2006-04-29 13:44:31 -0400 shorten some too-wide lines r6428@totoro (orig r6427): nickm | 2006-04-29 14:42:26 -0400 Start remembering *where* we are storing routerdescs. This will make us easier to move from a RAM-mirrors-disk model to a RAM-caches-disk model, and save maybe around 10MB on a directory server. r6429@totoro (orig r6428): nickm | 2006-04-29 14:43:05 -0400 Note some subtasks and difficulties involved with reducing RAM usage on dirservers r6431@totoro (orig r6430): arma | 2006-05-03 14:29:44 -0400 forward-port the ORPort==0 patch r6434@totoro (orig r6433): arma | 2006-05-03 14:32:15 -0400 forward-port the changelog r6438@totoro (orig r6437): phobos | 2006-05-03 20:34:51 -0400 Reworked dist-rpm in order to duplicate what dist used to do, but don't actually require dist. r6444@totoro (orig r6443): weasel | 2006-05-05 11:40:54 -0400 Merge differences between debian_version_0_1_1_18-rc-1 and debian_version_0_1_1_19-rc-1 from tor-0_1_1-patches into head r6445@totoro (orig r6444): weasel | 2006-05-05 12:58:38 -0400 Handle website/* in tor.nsi r6448@totoro (orig r6447): arma | 2006-05-08 00:28:49 -0400 stop telling people that "tor -h" will help them in any way. r6449@totoro (orig r6448): arma | 2006-05-09 05:47:47 -0400 Tor servers are also giving spurious "you're invalid" warnings. This is because we get a lot of network statuses that don't list us at all, and we conclude that they all think we're invalid. The long-term fix is to get better logic, and the short-term fix is to downgrade the log severity. r6451@totoro (orig r6450): arma | 2006-05-10 03:35:03 -0400 another piece of doing tor over udp that i am concerned about. r6452@totoro (orig r6451): arma | 2006-05-10 03:35:33 -0400 a few more tweaks to the faq. r6453@totoro (orig r6452): weasel | 2006-05-10 06:24:17 -0400 All these headers we get via torint.h r6455@totoro (orig r6454): phobos | 2006-05-16 01:48:08 -0400 Fixed //Library/Tor in Tor.loc for osx r6456@totoro (orig r6455): nickm | 2006-05-16 22:18:35 -0400 finally write some comments on tor-spec-udp.txt r6457@totoro (orig r6456): nickm | 2006-05-21 16:01:13 -0400 apply control-spec patch from Matt Edman: Circuit status only has a path when it has been extended one or more hops. r6458@totoro (orig r6457): arma | 2006-05-22 00:44:57 -0400 add a few items it would be smart todo r6459@totoro (orig r6458): arma | 2006-05-22 15:56:32 -0400 remove all the interim changelog stuff for 0.1.1.x r6460@totoro (orig r6459): arma | 2006-05-22 16:00:12 -0400 my current notes on a 0.1.1.20 changelog r6461@totoro (orig r6460): arma | 2006-05-22 16:16:18 -0400 other todo tweaks r6462@totoro (orig r6461): arma | 2006-05-22 16:26:30 -0400 shuffle the todo items some more r6464@totoro (orig r6463): nickm | 2006-05-22 19:24:06 -0400 Remove string size limit on NEWDESC messages; solve bug 291. r6466@totoro (orig r6465): arma | 2006-05-22 23:08:30 -0400 add a few more debugging lines to help mikec track down his 11 minute jump into the future. r6467@totoro (orig r6466): arma | 2006-05-22 23:27:39 -0400 two more todo items that need to be solved during the wsaenobufs quest. r6468@totoro (orig r6467): arma | 2006-05-23 00:05:45 -0400 claim a few of the todo items. i guess that means i'm hoping nick does the rest. ;) r6469@totoro (orig r6468): arma | 2006-05-23 02:20:35 -0400 continue messing with the changelog. it's getting better now. r6470@totoro (orig r6469): arma | 2006-05-23 03:03:30 -0400 document that runasdaemon has no effect on windows. r6472@totoro (orig r6471): arma | 2006-05-23 03:04:55 -0400 ignore RunAsDaemon more thoroughly when we're running on windows. r6474@totoro (orig r6473): nickm | 2006-05-23 04:23:03 -0400 Throw out this UNALIGNED_INT_ACCESS_OK nonsense. Even where it works, it is often way way slower than doing the right thing. Backport candidate. r6475@totoro (orig r6474): nickm | 2006-05-23 04:38:18 -0400 Patch from Michael Mohr to fix cross-compilation. Backport candidate. Tweaked to use sensible defaults for NULL_REP_IS_ZERO_BYTES and TIME_T_IS_SIGNED. r6476@totoro (orig r6475): nickm | 2006-05-23 04:50:39 -0400 Add cross.sh cross-compilation script from Michael Mohr. Trivial backport candidate, since adding a new script cannot possibly break anything. r6477@totoro (orig r6476): nickm | 2006-05-23 04:54:26 -0400 Mark cross-compilation as solved in TODO. r6478@totoro (orig r6477): arma | 2006-05-23 11:06:05 -0400 trim out the parts of cross.sh that don't make sense now that we've applied cross-path directly. also, now we can run cross.sh from the tarball, not just from cvs. r6479@totoro (orig r6478): arma | 2006-05-23 11:26:51 -0400 another todo item that will make goodell happy r6480@totoro (orig r6479): arma | 2006-05-23 13:00:49 -0400 final changelog for 0.1.1.20. it is done. r6487@totoro (orig r6486): weasel | 2006-05-23 14:19:36 -0400 Forward port changelog r6488@totoro (orig r6487): arma | 2006-05-23 16:15:51 -0400 fix spelling of VirtualAddrNetwork in man page (thanks tup) r6490@totoro (orig r6489): arma | 2006-05-23 20:21:55 -0400 Claim a commonname of Tor, rather than TOR, in tls handshakes. Maybe this will help us win the war of names. r6491@totoro (orig r6490): arma | 2006-05-23 20:37:38 -0400 Stop initializing the hardware accelerator engines simply because we overloaded the meaning of the argument to crypto_global_init(). r6492@totoro (orig r6491): phobos | 2006-05-24 01:01:29 -0400 Add in the key CFBundleIdentifier required by XCode 2.x and beyond. r6493@totoro (orig r6492): arma | 2006-05-24 07:13:03 -0400 make options->RedirectExit work again; resolve bug 293. r6495@totoro (orig r6494): arma | 2006-05-24 19:03:28 -0400 make cookie authentication for the controller work again, maybe. it sure doesn't now. r6497@totoro (orig r6496): arma | 2006-05-25 16:06:09 -0400 Stop being picky about what the arguments to mapaddress look like. we were refusing names that had $ in them, which people who specify $key.exit will be sad about. There are likely other examples. If people can think of reasons why we should be picky, let me know. r6500@totoro (orig r6499): phobos | 2006-05-26 09:22:20 -0400 SUSEisms to enable "make dist-rpm" functionality in SuSe r6501@totoro (orig r6500): phobos | 2006-05-26 09:32:56 -0400 Use macros in place of details. r6502@totoro (orig r6501): phobos | 2006-05-26 09:42:28 -0400 Let AC_OUTPUT know about contrib/suse/tor.sh and we only need tor.sh from contrib/suse r6503@totoro (orig r6502): arma | 2006-05-26 09:51:20 -0400 build the Makefile in contrib/suse/ too r6504@totoro (orig r6503): arma | 2006-05-26 09:51:45 -0400 resolve an unused variable r6506@totoro (orig r6505): arma | 2006-05-26 12:29:20 -0400 correct a false log message, since we actually reset all our downloading stats every hour, and sometimes more often. r6507@totoro (orig r6506): arma | 2006-05-26 12:29:33 -0400 be more verbose about testing reachability of our ORPort. r6508@totoro (orig r6507): arma | 2006-05-26 12:32:16 -0400 if we're a server and some peer has a broken tls certificate, don't shout about it unless we want to hear about protocol violations. r6509@totoro (orig r6508): arma | 2006-05-28 12:07:44 -0400 clean up a comment r6510@totoro (orig r6509): arma | 2006-05-28 12:14:26 -0400 directory authorities should be more tolerant of failed reachability tests before crying foul to the server operator. r6511@totoro (orig r6510): nickm | 2006-05-28 12:54:39 -0400 Add a basic mmap function, with a "fake-it" wrapper to do read_file_from_str instead. Based on code from Michael Mohr. r6512@totoro (orig r6511): arma | 2006-05-30 01:05:50 -0400 remove a few things from the 0.1.2 todo, and add one r6513@totoro (orig r6512): arma | 2006-05-30 01:29:03 -0400 simplify a log message r6514@totoro (orig r6513): arma | 2006-05-30 02:11:36 -0400 tentative change: if you have your dirport set, you are a directory mirror, whether or not your orport is set. r6515@totoro (orig r6514): arma | 2006-05-30 02:11:46 -0400 and clarify the spec to say this too. r6516@totoro (orig r6515): arma | 2006-05-30 02:17:28 -0400 END_CIRC_REASON_OR_IDENTITY apparently means that we were told to connect to a different OR than lives on the addr:port we connected to. we don't actually remember whether that was the case, currently. so call it END_CIRC_REASON_OR_CONN_CLOSED as a compromise. r6517@totoro (orig r6516): arma | 2006-05-30 02:19:06 -0400 stop fetching descriptors if we're not a dir mirror and we haven't tried to establish any circuits lately. r6518@totoro (orig r6517): arma | 2006-05-30 02:19:48 -0400 and get grammar right r6519@totoro (orig r6518): arma | 2006-05-30 02:23:44 -0400 connection_t kept the identity_pkey but all it did was store it and free it. perhaps we don't need it after all? r6520@totoro (orig r6519): arma | 2006-05-30 02:36:32 -0400 mark off a todo item. i'll put it back if it turns out it doesn't work. r6521@totoro (orig r6520): nickm | 2006-05-30 16:41:22 -0400 Rearrange TODO. r6522@totoro (orig r6521): arma | 2006-06-01 04:43:56 -0400 update the explanation for deprecating v0 control spec. r6523@totoro (orig r6522): arma | 2006-06-02 22:56:44 -0400 don't stop fetching server descriptors if we're a server and haven't found ourselves reachable yet. r6524@totoro (orig r6523): nickm | 2006-06-03 14:52:31 -0400 Patch based on post by Mike C to or-dev; special-case based on use of MSVC, rather than on MS_WINDOWS, so that mingw builds. r6525@totoro (orig r6524): nickm | 2006-06-03 15:49:42 -0400 Add async dns code from Adam Langley, tweaked to build on OSX. Long-term, we may want to switch to libevnet/c-ares, if they ever handle 10k fd situations properly. This one still needs work too, but at least it is small. This code is disabled by default, and not integrated with dns.c. r6526@totoro (orig r6525): nickm | 2006-06-03 16:52:24 -0400 Make dns.c use eventdns.c -- but only when you pass the --enable-eventdns argument to configure.in. This will *so* not work on Windows yet. r6527@totoro (orig r6526): nickm | 2006-06-03 17:41:14 -0400 More DNS fixes. Send meaningful TTLs back to the client when possible. Cache at the server side independently from the TTL, to prevent attackers from probing the server to see who has been asking for what hostnames. (Hi, Dan Kaminski!) Also, clean some whitespace. r6528@totoro (orig r6527): nickm | 2006-06-03 17:47:26 -0400 Oops. When we dont get a TTL, we should default to the default, not to the minimum. r6529@totoro (orig r6528): nickm | 2006-06-03 18:05:23 -0400 Make eventdns.[ch] into good C90; remove signed/unsigned comparisons. r6530@totoro (orig r6529): arma | 2006-06-04 02:16:20 -0400 punctuation and spelling r6531@totoro (orig r6530): arma | 2006-06-04 02:17:32 -0400 if we insist on printing pointer values, at least make it stop complaining on (my particular) 64 bit platform. r6533@totoro (orig r6532): nickm | 2006-06-04 18:42:13 -0400 Add a new warning to our "warn a lot" list: unused parameters. This means we have to explicitly "use" unuseds, but it can catch bugs. (It caught two coding mistakes so far.) r6534@totoro (orig r6533): nickm | 2006-06-04 19:23:53 -0400 Some eventdns.c fixes for windows correctness. More will doubtless be needed, especially around the #includes. r6535@totoro (orig r6534): nickm | 2006-06-04 20:32:31 -0400 Hm. Where did we put that ntohl the last time we were juggling it? (hoop-lah). r6536@totoro (orig r6535): nickm | 2006-06-04 21:59:12 -0400 More eventdns.c patches: use HAVE_ALLOCA_H; print IP addrs as dotted quads. r6537@totoro (orig r6536): arma | 2006-06-05 00:29:03 -0400 bandaid for bug 299. this is still a bug, since we don't initialize for hardware acceleration in certain configurations; but not critical until that is supported. r6539@totoro (orig r6538): arma | 2006-06-05 03:27:48 -0400 Note a bug that causes servers to sometimes never send the pending create cell. Nick, is this a bug? If so, is my fix right? r6540@totoro (orig r6539): arma | 2006-06-05 04:02:04 -0400 remove some unused code (i think) r6541@totoro (orig r6540): arma | 2006-06-05 04:25:02 -0400 simplify some code, since circuit_build_failed() is only called on non-open circuits. r6542@totoro (orig r6541): arma | 2006-06-05 04:58:18 -0400 bugfix: if we are making our first ever connection to any entry guard, then don't mark it down at first. we had this implemented but it was disabled due to a bug. r6544@totoro (orig r6543): arma | 2006-06-05 05:08:10 -0400 simplify code now that libevent considers all sockets pollable. what we really mean now is ">= 0", which is clearer to test for. r6545@totoro (orig r6544): arma | 2006-06-05 05:47:19 -0400 scream louder if you've got a pending circuit for a given addr/port but the intended n_conn digest is wrong. r6546@totoro (orig r6545): arma | 2006-06-05 05:51:29 -0400 whoops, add a man page entry for ProtocolWarnings r6547@totoro (orig r6546): arma | 2006-06-05 06:01:52 -0400 don't tell people that the testing circuit failed if we already consider ourselves reachable. this just confuses them. r6548@totoro (orig r6547): nickm | 2006-06-05 19:01:22 -0400 Try to log useful messages at info and debug about what we are resolving and what answers we are getting wrt eventdns. r6549@totoro (orig r6548): arma | 2006-06-05 20:04:52 -0400 ship the event*.h files too. perhaps this will make my 'make dist' produce a tarball that i can build. r6550@totoro (orig r6549): arma | 2006-06-05 20:05:39 -0400 fix typo r6551@totoro (orig r6550): arma | 2006-06-05 20:06:52 -0400 We got an obscure report of an assert error on a windows Tor server with connection_add being called with socket = -1. The only places I can see where that happen would be if our tor_socketpair succeeds but it hands back negative values for some of its file descriptors. Perhaps this will produce more useful assert errors next time. r6552@totoro (orig r6551): nickm | 2006-06-05 20:12:22 -0400 Also, add a temporary hack to make sure eventdns.c is distributd. r6553@totoro (orig r6552): arma | 2006-06-05 23:33:24 -0400 fix the bug where we sometimes would fail to send some create cells once we'd connected to a(nother) tor server. r6557@totoro (orig r6556): arma | 2006-06-06 22:57:23 -0400 looks like we missed a piece of the 0.1.1.9 paranoia code. hopefully this change is a no-op. r6558@totoro (orig r6557): arma | 2006-06-07 02:10:54 -0400 simplify the tortls api: we only support being a "server", that is, even tor clients do the same sort of handshake. this has been true for years, so it's best to get rid of the stale code. r6559@totoro (orig r6558): arma | 2006-06-07 02:21:11 -0400 and now the exciting part: there is now no such thing as doing a client-only tls, that is, one with no certs. r6560@totoro (orig r6559): arma | 2006-06-07 02:53:43 -0400 the CookieAuthentication section in our spec seems to assume we're still using the v0 control protocol. r6561@totoro (orig r6560): arma | 2006-06-07 03:11:42 -0400 make connection_or_nonopen_was_started_here() based on something less voodooey. it turns out we already do keep a flag like that around. r6562@totoro (orig r6561): arma | 2006-06-07 04:42:24 -0400 put a bandaid in place so servers will have an easier time believing that they're reachable. this may help resolve the servers-on-dynamic-ip-addresses problem. r6564@totoro (orig r6563): arma | 2006-06-07 05:18:53 -0400 re-enable per-connection rate limiting. get rid of the "OP bandwidth" concept. lay groundwork for "bandwidth classes" -- separate global buckets that apply depending on what sort of conn it is. r6566@totoro (orig r6565): arma | 2006-06-08 05:20:58 -0400 ah, that explains why we weren't going dormant with respect to descriptor fetches. maybe now it will work. r6567@totoro (orig r6566): arma | 2006-06-08 05:35:20 -0400 remove a bit more obsolete code r6569@totoro (orig r6568): arma | 2006-06-08 18:36:13 -0400 ok, ok, maybe *this* time my rep_hist_circbuilding_dormant() will work. r6570@totoro (orig r6569): arma | 2006-06-08 22:20:42 -0400 try a better string at the top of torrc's autogenerated torrc. r6571@totoro (orig r6570): arma | 2006-06-08 22:45:39 -0400 fix a bootstrapping check we ignored that prevents us from running with only one dir authority. r6572@totoro (orig r6571): arma | 2006-06-09 02:35:45 -0400 Bandaid for a seg fault i just got in 0.1.1.20. More generally, i reopened bug 222. Whee. r6574@totoro (orig r6573): arma | 2006-06-09 02:52:49 -0400 and forward-port too. r6576@totoro (orig r6575): arma | 2006-06-09 05:02:32 -0400 when only one router is labelled as a guard, and we've already picked him, we would cycle endlessly picking him again, being unhappy about it, and so forth. now we specifically exclude guards when picking a new guard. r6577@totoro (orig r6576): arma | 2006-06-09 05:07:59 -0400 actually, don't fix it that far. we should still do some error checking. r6579@totoro (orig r6578): nickm | 2006-06-09 11:57:58 -0400 Override our notion of printability for esc_for_log. 127 and up are never printable. Take that, locales. r6580@totoro (orig r6579): nickm | 2006-06-09 13:07:22 -0400 Another escape() fix, for picky sprintfs. r6582@totoro (orig r6581): arma | 2006-06-09 20:26:39 -0400 Add a new config option TestVia, that lets you specify preferred middle hops to use for testing circuits. Perhaps this will let me debug the reachability problem better. r6583@totoro (orig r6582): arma | 2006-06-09 20:30:49 -0400 clean up formatting in the man page r6584@totoro (orig r6583): arma | 2006-06-09 20:32:14 -0400 add TestVia to the man page r6586@totoro (orig r6585): arma | 2006-06-09 20:57:12 -0400 take out the reachability bandaid in 0.1.2.x as well. maybe we will actually be able to fix it, instead. r6596@totoro (orig r6595): phobos | 2006-06-10 01:37:17 -0400 Remove echo -n to make start script slightly more readable on boot. r6600@totoro (orig r6599): arma | 2006-06-10 21:41:30 -0400 interim changelog for 0.1.2.1-alpha r6601@totoro (orig r6600): arma | 2006-06-10 21:42:21 -0400 forward-port the 0.1.1.21 changelog. r6604@totoro (orig r6603): weasel | 2006-06-11 20:49:07 -0400 Forward port changelog r6605@totoro (orig r6604): arma | 2006-06-12 02:03:15 -0400 allow people to start their tor with runasdaemon set but with no logs set at all. r6606@totoro (orig r6605): arma | 2006-06-12 06:44:00 -0400 typo, whitespace, and a clarification r6607@totoro (orig r6606): arma | 2006-06-12 07:59:19 -0400 Finally solve the "closing wedged cpuworkers" bug. Woo. This happened when we got two create cells in a row from the same TLS connection. It would hand one to the cpuworker, and then immediately handle the second one -- after it had registered that the first one was busy, but before it had updated the timestamp that we use to decide how *long* it's been busy. r6609@totoro (orig r6608): weasel | 2006-06-12 18:03:25 -0400 Make the Exit tag in status documents actually work in head too r6610@totoro (orig r6609): arma | 2006-06-12 22:48:06 -0400 reintroduce the logic to exit_policy_is_general_exit() to count how many ports are allowd. require two ports open, not just one. r6611@totoro (orig r6610): arma | 2006-06-13 01:36:35 -0400 Fix the bug that was causing servers to not find themselves reachable if they changed IP addresses. This happened because middle servers knew the old descriptor, and kept swapping the addr/port we asked for with the one they thought was right. So the create cell never got sent, because it was asking for a different addr/port than we believed we had connected to. r6614@totoro (orig r6613): arma | 2006-06-13 01:50:24 -0400 harmless typo r6615@totoro (orig r6614): arma | 2006-06-13 01:51:28 -0400 Defense in depth: fix the reachability bug a second way too. Now if we establish a connection with the right digest, regardless of what the addr/port is, and we have pending create cells, use it. r6616@totoro (orig r6615): arma | 2006-06-13 05:16:09 -0400 export the default exit policy via the control port, so controllers don't need to guess what it is / will be later. r6617@totoro (orig r6616): arma | 2006-06-13 06:25:22 -0400 first cut at a workaround for the reachability bug: explicitly find a server running the right version, if we can, and ask for that one. r6618@totoro (orig r6617): arma | 2006-06-13 06:48:26 -0400 bugfix in exit_policy_is_general_exit() that weasel found. this time for sure! r6619@totoro (orig r6618): arma | 2006-06-13 07:11:19 -0400 now we can tell dirserv_dump_directory_to_string() whether we want it to include down/invalid descriptors or not. r6620@totoro (orig r6619): arma | 2006-06-13 08:05:59 -0400 be more lax about recognizing valid hexdigests. r6621@totoro (orig r6620): arma | 2006-06-13 08:57:19 -0400 back off and add the $ at the beginning of the preferrednodes list we generate. r6622@totoro (orig r6621): nickm | 2006-06-13 17:49:56 -0400 eventdns: Apply a couple of patches from AGL; start working on windows compat; note some TODOs. r6623@totoro (orig r6622): arma | 2006-06-14 07:06:43 -0400 bugfix: discourage picking directory authorities as our TestVia hops, even if they're running the right versions, since we probably already have a connection established to them. r6624@totoro (orig r6623): arma | 2006-06-14 18:28:16 -0400 upgrade the severity of the 'clock jump' warn, and ask people to report if it occurs. r6625@totoro (orig r6624): arma | 2006-06-14 19:21:22 -0400 start checking for limits.h too. we should resume compiling on irix64 and other weird platforms now. r6626@totoro (orig r6625): arma | 2006-06-15 05:03:15 -0400 lower the number of seconds before we yell about clock jump. and make the yelling only happen if you're a server. r6627@totoro (orig r6626): arma | 2006-06-15 18:32:00 -0400 fix recommended url in torrc.sample for server sign-up r6628@totoro (orig r6627): weasel | 2006-06-15 18:52:56 -0400 Add a /tor/dir-all-weaselhack directory resource so I do not have to update my scripts r6629@totoro (orig r6628): arma | 2006-06-15 18:59:07 -0400 fix spacing r6630@totoro (orig r6629): weasel | 2006-06-15 19:14:01 -0400 And a minor bugfix to the weaselhack r6631@totoro (orig r6630): weasel | 2006-06-15 19:20:50 -0400 Forward port 07_log_to_file_by_default.dpatch r6632@totoro (orig r6631): arma | 2006-06-15 20:04:46 -0400 clean up man page. expand on contactinfo a bit. r6633@totoro (orig r6632): weasel | 2006-06-15 22:04:04 -0400 Fix configure.in to not produce broken configure files with more recent versions of autoconf. Thanks to Clint for his auto* voodoo. r6634@totoro (orig r6633): nickm | 2006-06-16 11:40:57 -0400 Clarify mmap and memory-use hacks. r6635@totoro (orig r6634): nickm | 2006-06-18 03:21:35 -0400 Add smartlist_reverse and smartlist_pop_last. r6636@totoro (orig r6635): nickm | 2006-06-18 03:22:36 -0400 Add a memdup function to util r6637@totoro (orig r6636): nickm | 2006-06-18 03:24:29 -0400 Add some incremental encryption wrappers to torgzip code r6638@totoro (orig r6637): nickm | 2006-06-18 03:27:47 -0400 Part of incremental encryption logic for buffers: there is a subtle yucky point documented in a comment. r6639@totoro (orig r6638): nickm | 2006-06-18 03:32:31 -0400 perhaps the reason I rail against cut-and-paste programming so vehemently is that I am so bad at it. r6640@totoro (orig r6639): nickm | 2006-06-18 03:35:10 -0400 Add tests for several of the more recently committed functions. r6641@totoro (orig r6640): nickm | 2006-06-18 03:37:21 -0400 remove non-germane comment r6642@totoro (orig r6641): nickm | 2006-06-18 03:38:55 -0400 Instead of adding servers and v1 directories to buffers en masse, directory servers add them on the fly as their outbufs are depleted. This will save ram on busy dirservers. r6643@totoro (orig r6642): nickm | 2006-06-18 03:55:04 -0400 Oops. conn->requested_resource is client only. r6644@totoro (orig r6643): nickm | 2006-06-18 03:57:47 -0400 add coverage for a default case r6645@totoro (orig r6644): nickm | 2006-06-18 04:07:16 -0400 Fix a couple of bugs in last patch. r6646@totoro (orig r6645): nickm | 2006-06-18 04:13:45 -0400 That dir_refresh_src fix will only work if I enable it. r6647@totoro (orig r6646): nickm | 2006-06-18 04:16:05 -0400 And actually check the url when it exists. that might work better. r6648@totoro (orig r6647): nickm | 2006-06-18 04:19:35 -0400 Stop trying to refresh when we are out of data. r6649@totoro (orig r6648): nickm | 2006-06-18 04:21:27 -0400 make zlib buffer function set buf_highwater properly r6650@totoro (orig r6649): nickm | 2006-06-18 04:44:34 -0400 Temporarily disable sentinels on buffers r6651@totoro (orig r6650): nickm | 2006-06-18 04:46:55 -0400 write_to_buf != connection_write_to_buf. Also, add a connection_write_to_buf_zlib wrapper that sucks. r6652@totoro (orig r6651): nickm | 2006-06-18 04:53:09 -0400 Make connection_write_to_buf_zlib set outbuf_flushlen right. r6653@totoro (orig r6652): nickm | 2006-06-18 05:03:48 -0400 Another _zlib fix. r6654@totoro (orig r6653): nickm | 2006-06-18 11:53:54 -0400 Re-enable buffer RAM guard values. r6655@totoro (orig r6654): nickm | 2006-06-18 12:05:54 -0400 Backport candidate: implement the "is this uptime change cosmetic" test properly. r6657@totoro (orig r6656): nickm | 2006-06-18 12:20:38 -0400 another write_to_buf_zlib fix. r6658@totoro (orig r6657): nickm | 2006-06-18 12:39:26 -0400 Ah. That seems to work. r6659@totoro (orig r6658): nickm | 2006-06-18 16:39:46 -0400 Resolve control flow warning. r6660@totoro (orig r6659): nickm | 2006-06-18 16:58:27 -0400 Become capable of noticing that we are done sending a directory. r6661@totoro (orig r6660): arma | 2006-06-18 17:07:45 -0400 correct a function comment in compute_preferred_testing_list() r6663@totoro (orig r6662): nickm | 2006-06-18 17:15:01 -0400 Fix an assert that still isnt the assert we are hunting. r6664@totoro (orig r6663): nickm | 2006-06-18 17:30:03 -0400 Fix a tricky crash: making the_directory heap-allocated (so we could refcount it and have multiple instances as neeeded) means that calls to dirserv_regenerate_directory could invalidate the auth_dir value passed to dirserv_pick_cached_dir_obj. Big fun. r6665@totoro (orig r6664): nickm | 2006-06-19 20:48:23 -0400 Start spooling v2 networkstatus docs as well. r6666@totoro (orig r6665): phobos | 2006-06-20 00:16:46 -0400 First crack at version checking for OSX installer. r6667@totoro (orig r6666): phobos | 2006-06-20 00:18:47 -0400 Minor fix to pre-instllation version check for OSX r6668@totoro (orig r6667): nickm | 2006-06-20 02:27:13 -0400 Ah. We need a new zlib_state for each networkstatus we spool out. r6669@totoro (orig r6668): arma | 2006-06-20 09:14:07 -0400 add a note for nick to fix r6670@totoro (orig r6669): nickm | 2006-06-20 12:48:32 -0400 Fishy, but harmless. r6671@totoro (orig r6670): nickm | 2006-06-20 19:06:52 -0400 Fix bug in networkstatus spooling: spool more than the first networkstatus. r6672@totoro (orig r6671): weasel | 2006-06-20 19:11:15 -0400 ooh, that log shouldn't be there. can you take it out? r6673@totoro (orig r6672): phobos | 2006-06-20 22:27:18 -0400 Remove the osx version requirements on install due to a messy Installer situation between pre-panther, tiger and beyond, and metapackages. r6674@totoro (orig r6673): nickm | 2006-06-21 00:57:12 -0400 When requesting or serving resources via fingerprint/digest, request and respond in-order, removing duplicates. r6675@totoro (orig r6674): weasel | 2006-06-21 18:13:03 -0400 Fix 07_log_to_file_by_default in debian head r6676@totoro (orig r6675): nickm | 2006-06-22 03:01:54 -0400 Next batch of memory miserdom: mmap cached-routers file. This is sure to break somewhere. r6677@totoro (orig r6676): nickm | 2006-06-22 03:10:37 -0400 #if out test that was failing because of an extra newline. r6678@totoro (orig r6677): nickm | 2006-06-22 03:19:28 -0400 Set offset properly when parsing cache. r6679@totoro (orig r6678): nickm | 2006-06-22 03:25:15 -0400 Fix a bunch of spaces. r6680@totoro (orig r6679): nickm | 2006-06-22 03:29:14 -0400 Ooh, that could have been bad. Sort digests as digests, not strings. r6681@totoro (orig r6680): nickm | 2006-06-22 03:34:04 -0400 Make some more verbose gcc warnings go away. r6682@totoro (orig r6681): nickm | 2006-06-22 03:49:41 -0400 Mark some more TODO items done. r6683@totoro (orig r6682): nickm | 2006-06-23 22:06:52 -0400 Apparently, zlib sometimes reports Z_BUF_ERROR on input exhaustion as well as on running out of output space. This could well fix the assert bug reported by weasel and arma. r6684@totoro (orig r6683): nickm | 2006-06-23 22:10:21 -0400 Turn a while into a do/while; save a redundant test r6685@totoro (orig r6684): arma | 2006-06-24 00:57:59 -0400 refuse to write an iso_time which we can't parse, when dumping bandwidth state. this fixes the particular incident in bug 308, but the general issue remains. r6686@totoro (orig r6685): phobos | 2006-06-25 00:02:43 -0400 Create binary osx un-installer, update perms on install so anyone can run the uninstaller. r6689@totoro (orig r6688): phobos | 2006-06-25 00:07:24 -0400 Fix the messed up commit. r6690@totoro (orig r6689): phobos | 2006-06-25 00:08:21 -0400 And, commit it correctly. r6693@totoro (orig r6692): arma | 2006-06-27 07:23:10 -0400 specify the dir spec better (suggested by lexi) r6694@totoro (orig r6693): nickm | 2006-06-27 11:52:51 -0400 Likely fix for bug 309: when we calculate offsets after rebuilding the descriptor cache, do not reset the offset pointer half-way through. r6695@totoro (orig r6694): nickm | 2006-06-28 04:54:32 -0400 Actually enable mmap. That should improve matters. r6696@totoro (orig r6695): nickm | 2006-06-28 04:55:53 -0400 Make sure that our calculated offsets for routers is correct; again. This time bug 309 may be gone gone gone. r6697@totoro (orig r6696): nickm | 2006-06-28 04:57:41 -0400 Aaand re-disable the bogus test in get_body() r6698@totoro (orig r6697): nickm | 2006-06-28 07:03:34 -0400 Add a check to try to make cache rebuild fail fast if it is going to fail r6699@totoro (orig r6698): nickm | 2006-06-28 11:36:28 -0400 Fix another idiot bug causing symptom 309. Why cant I program? r6700@totoro (orig r6699): arma | 2006-06-28 11:39:02 -0400 tab-man strikes again r6701@totoro (orig r6700): nickm | 2006-06-29 07:04:42 -0400 complete_only == !allow_partial. This enables useful use of partial desc downloads. Backport candidate r6702@totoro (orig r6701): nickm | 2006-06-29 07:17:36 -0400 Harmless: Z_OK is not an acceptable answer to Z_FINISH. r6703@totoro (orig r6702): nickm | 2006-06-29 07:19:52 -0400 Apparent 311 fix: apparently passing Z_FINISH an empty string is problematic. r6704@totoro (orig r6703): arma | 2006-06-29 09:10:08 -0400 remove the word 'middleman' from the sample torrc r6705@totoro (orig r6704): arma | 2006-06-29 09:11:23 -0400 also remove word 'middleman' from a log notice r6706@totoro (orig r6705): nickm | 2006-06-30 06:50:43 -0400 Unify HTTP response code into one place so it is easier to add headers. Add an X-You-Are header, which we should probably rename. NOTE that we should not use this field for things where it matters if dirs lie. r6707@totoro (orig r6706): nickm | 2006-06-30 06:52:12 -0400 Add a .cvsignore file for contrib/suse/ r6708@totoro (orig r6707): nickm | 2006-07-01 17:51:21 -0400 Oops. Headers work better when named right. r6710@totoro (orig r6709): arma | 2006-07-03 23:19:59 -0400 minor fixes r6711@totoro (orig r6710): arma | 2006-07-03 23:25:07 -0400 minor fixes r6712@totoro (orig r6711): arma | 2006-07-03 23:27:09 -0400 No longer permit create cells to have the wrong circ_id_type. No running Tors should still have this bug. r6713@totoro (orig r6712): arma | 2006-07-03 23:31:27 -0400 Get rid of the router_retry_connections notion. Now routers no longer try to rebuild long-term connections to directory authorities, and directory authorities no longer try to rebuild long-term connections to all servers. We still don't hang up connections in these two cases though -- we need to look at it more carefully to avoid flapping, and we likely need to wait til 0.1.1.x is obsolete. r6714@totoro (orig r6713): arma | 2006-07-03 23:33:17 -0400 touch up the TODO and HACKING files r6715@totoro (orig r6714): arma | 2006-07-03 23:39:01 -0400 mention in the tor dmg instructions that you may need to remove your old shared library libevent, lest your linker get confused. r6716@totoro (orig r6715): arma | 2006-07-03 23:40:45 -0400 a first attempt at specifying HELLO cells. plus general cleanup on tor-spec. r6717@totoro (orig r6716): arma | 2006-07-04 11:51:59 -0400 if we're the server-side of the tls and there are problems, don't yell as loudly. r6718@totoro (orig r6717): arma | 2006-07-04 11:52:22 -0400 fix a misleading function comment r6720@totoro (orig r6719): arma | 2006-07-04 12:07:49 -0400 name the HELLO version the "link version" r6721@totoro (orig r6720): arma | 2006-07-04 12:11:35 -0400 ok, i'm not allowed to say that there. oh well. r6723@totoro (orig r6722): arma | 2006-07-04 14:18:08 -0400 Make the X-You-Are header more accurate when there's a proxy in the middle. r6727@totoro (orig r6726): arma | 2006-07-04 16:25:17 -0400 oops, we were ignoring options->ExcludeNodes when picking entry guards. it is still the case that we ignore it with respect to entry guards that we've already picked. r6728@totoro (orig r6727): arma | 2006-07-05 14:19:42 -0400 actually, that excludenodes fix was redundant. take it out. r6729@totoro (orig r6728): nickm | 2006-07-05 17:28:37 -0400 Add plausile logging support to eventdns; stop putting stuff onto stdout. r6730@totoro (orig r6729): nickm | 2006-07-05 17:33:46 -0400 Spelling fix. r6731@totoro (orig r6730): nickm | 2006-07-05 17:42:18 -0400 Clean up eventdns messages. r6734@totoro (orig r6733): arma | 2006-07-05 22:44:07 -0400 when an exit node gets a malformed begin cell, don't complain to the node operator, since he can't do anything about it. r6735@totoro (orig r6734): arma | 2006-07-05 22:45:46 -0400 whitespace/tab fixes r6736@totoro (orig r6735): arma | 2006-07-05 23:05:01 -0400 rename X-You-Are to something slightly better. r6737@totoro (orig r6736): phobos | 2006-07-06 11:51:07 -0400 Update osx binary un-installer naming, remove invalid osx binary un-installer app r6739@totoro (orig r6738): arma | 2006-07-06 12:19:00 -0400 forward-port the 0.1.1.22 changelog, minus the line about the osx uninstaller. r6740@totoro (orig r6739): phobos | 2006-07-06 12:28:19 -0400 Remove osx binary uninstaller changes. Tiger and Panther won't play nice in the same way. r6742@totoro (orig r6741): phobos | 2006-07-06 20:54:39 -0400 Binary OSX un-installer tarball r6743@totoro (orig r6742): phobos | 2006-07-06 20:55:12 -0400 Updated OSX binary un-installer for testing. r6744@totoro (orig r6743): nickm | 2006-07-07 13:31:56 -0400 eventdns: check for malloc() failures. r6745@totoro (orig r6744): nickm | 2006-07-07 13:33:30 -0400 When using eventdns: suppress logging of addresses when SafeLogging is active, and make set of nameservers configurable from torrc. r6746@totoro (orig r6745): nickm | 2006-07-07 15:08:44 -0400 Spellcheck and remove spurious include in eventdns.c r6747@totoro (orig r6746): arma | 2006-07-08 13:38:46 -0400 Fix a crash if you enable FascistFirewall but not FirewallPorts. Reported by Frediano Ziglio. r6749@totoro (orig r6748): nickm | 2006-07-09 18:28:12 -0400 First part of making mmap-based stuff work on win32: save descriptors as "binary" (no LF->CRLF tanslation) so that we can mmap them properly later. Patch from Frediano Ziglio. r6750@totoro (orig r6749): nickm | 2006-07-09 18:29:12 -0400 Make compilation work on old MSVCs without GetVertsionEx magic. Patch from Frediano Ziglio. r6751@totoro (orig r6750): nickm | 2006-07-09 18:33:21 -0400 Fix project file for MSVC6 (!). Patch from Frediano Ziglio. r6752@totoro (orig r6751): nickm | 2006-07-10 14:38:57 -0400 Add a const; fix a (probably harmless) bug when storing a resolve we forgot we asked for. r6753@totoro (orig r6752): nickm | 2006-07-10 23:33:16 -0400 OR_CONN_EVENT_NEW: we should probably handle that , should we not? Especially since 23:26 < phobos> nickm: grep -c "Unrecognized status code 4" tor.log r6754@totoro (orig r6753): phobos | 2006-07-11 00:27:12 -0400 First crack at launchd plist for Tor r6755@totoro (orig r6754): phobos | 2006-07-11 00:37:05 -0400 Add in start parameters. Perhaps we should ship these set correct in the default torrc. r6756@totoro (orig r6755): phobos | 2006-07-11 16:51:06 -0400 Move cmd line parameters into the config file, remove chroot, and satisfy the requirement of a ProgramArgument array r6757@totoro (orig r6756): nickm | 2006-07-11 16:51:58 -0400 Add some debugging asserts to dns.c; these are too expensive to leave in permanently. r6758@totoro (orig r6757): phobos | 2006-07-12 18:09:21 -0400 Update config to redirect output to the tor log file for now. r6759@totoro (orig r6758): arma | 2006-07-13 23:14:02 -0400 Avoid an integer underflow when the dir authority decides whether a router is stable: we might wrongly label it stable, and compute a slightly wrong median stability, when a descriptor is published later than now. Inspired by Matt's Vidalia checkin: http://trac.vidalia-project.net/changeset/1074 r6761@totoro (orig r6760): arma | 2006-07-15 01:49:57 -0400 minor tweak on the dir spec r6762@totoro (orig r6761): arma | 2006-07-15 01:50:22 -0400 mention the existence of dir-spec in tor-spec, and note that we need to update it. r6763@totoro (orig r6762): arma | 2006-07-15 01:53:41 -0400 add a whole lot more work to the todo. r6764@totoro (orig r6763): arma | 2006-07-15 15:21:30 -0400 stick to nick's nul/null convention r6765@totoro (orig r6764): arma | 2006-07-15 16:26:05 -0400 parameterize the loudness of resolve_my_address(), and call things IP addresses, not IPs. r6766@totoro (orig r6765): arma | 2006-07-16 01:57:11 -0400 whitespace/etc cleanups r6767@totoro (orig r6766): phobos | 2006-07-16 09:58:10 -0400 Change the way Tor starts on OSX 10.4 vs pre-10.4. 10.4 Tor now uses launchd for current and forward compatibility. r6768@totoro (orig r6767): phobos | 2006-07-16 14:18:40 -0400 Remove a merged if-then from line 85 r6769@totoro (orig r6768): nickm | 2006-07-16 20:39:05 -0400 MSVC6 is apparently terrified of unnatural cross-breeding between uint64_t and double, and needs more persuasion than usual to cast one to the other. Issue identified by Frediano Ziglio; patch revised for minimal impact on non-MSVC6 compilers. r6770@totoro (orig r6769): phobos | 2006-07-16 23:57:21 -0400 Added net.freehaven.tor.plist to AC_OUTPUT r6771@totoro (orig r6770): phobos | 2006-07-17 00:31:22 -0400 Minor fixed for launchd xml plist r6772@totoro (orig r6771): arma | 2006-07-17 01:12:54 -0400 nick suggests that the hello cell should have both server IP and client IP. he's right. r6773@totoro (orig r6772): arma | 2006-07-17 02:20:09 -0400 fix wordo r6774@totoro (orig r6773): arma | 2006-07-17 02:26:19 -0400 we are constrained more than we realized, on what g^x values we can accept or refuse. r6775@totoro (orig r6774): arma | 2006-07-17 02:35:06 -0400 Allow servers with no hostname or IP address to learn their IP address by asking the directory authorities. This code only kicks in when you would normally have exited with a "no address" error. This design is flawed, though, since the X-Your-Address-Is header is not authenticated, and doing it this way introduces too many new attacks. The right answer is to give IP address hints inside the HELLO cell; much of this code can be reused when we switch. r6776@totoro (orig r6775): arma | 2006-07-17 02:54:28 -0400 fix some more places where we shouldn't crash if we can't build our own descriptor yet. r6778@totoro (orig r6777): arma | 2006-07-17 02:59:56 -0400 and don't try to build the descriptor every second, if it's dirty but we don't have a known address. r6779@totoro (orig r6778): arma | 2006-07-17 04:11:27 -0400 huge bugfix: we weren't ever writing an http header when sending out network statuses! so clients were downloading the whole thing, and then discarding them because they're malformed. r6780@totoro (orig r6779): arma | 2006-07-17 04:17:51 -0400 Make a louder statement the first time we learn a guessed IP address. r6781@totoro (orig r6780): arma | 2006-07-17 15:33:54 -0400 parameterize the loudness of log_addr_has_changed(), since it's the only place where we inform the user of a new IP address, if we're guessing it from external sources. r6782@totoro (orig r6781): arma | 2006-07-17 15:42:22 -0400 shuffle todo items r6783@totoro (orig r6782): arma | 2006-07-17 20:01:12 -0400 pick a log domain; resolve an xxxx r6784@totoro (orig r6783): arma | 2006-07-17 20:59:46 -0400 If we are using an exit enclave and we can't connect, e.g. because its webserver is misconfigured to not listen on localhost, then back off and try connecting from somewhere else before we fail. r6785@totoro (orig r6784): nickm | 2006-07-17 22:01:32 -0400 Hm. We probably should define INT64_MAX if we really want it. (Especially since we only want it on one platform, where, coincidentally, it is not defined.) r6786@totoro (orig r6785): nickm | 2006-07-17 22:24:01 -0400 Oh. And apparently, msvc6 doesnt think very much of doing u64-and-double arithmetic either. r6787@totoro (orig r6786): arma | 2006-07-17 23:06:12 -0400 Start publishing one minute or so after we find our ORPort to be reachable. This will help reduce the number of descriptors we have for ourselves floating around, since it's quite likely other things (e.g. DirPort) will change during that minute too. r6788@totoro (orig r6787): arma | 2006-07-17 23:06:55 -0400 when we find our dirport to be reachable, mark our descriptor dirty so we'll tell the world. (fixes bug 306 reported by pnx) r6789@totoro (orig r6788): phobos | 2006-07-18 00:37:43 -0400 Add the output of OSX arch into the package name in preparation for ppc vs x86 packages. r6790@totoro (orig r6789): phobos | 2006-07-18 00:40:02 -0400 Load and start tor in launchd at end of installation r6791@totoro (orig r6790): arma | 2006-07-18 00:42:32 -0400 Define a schedule for how long to wait between retrying application connections. Rather than waiting a fixed amount of time between each retry, we wait only 5 seconds for the first, 10 seconds for the second, and 15 seconds for each retry after that. Hopefully this will improve the expected experience. Addresses bug 297. r6792@totoro (orig r6791): arma | 2006-07-18 00:48:59 -0400 don't squeal if the first few retries fail. r6793@totoro (orig r6792): nickm | 2006-07-20 12:47:35 -0400 Fork off v0 of the protocol spec; we are going to add versioning soon so we can make backward-incompatible changes without breaking the whole network. Also, fork the v0 directory protocol into its own document, and turn dir-spec.txt into the present tense. r6794@totoro (orig r6793): nickm | 2006-07-20 12:48:02 -0400 Add a few more paragraphs to path-spec.txt r6795@totoro (orig r6794): nickm | 2006-07-20 13:35:54 -0400 Document HELLO cells and proposed connection protocol versioning scheme. NOTE: This will not work as documented; see notes. r6796@totoro (orig r6795): arma | 2006-07-20 19:33:11 -0400 tweak r6797@totoro (orig r6796): arma | 2006-07-20 19:45:26 -0400 tweak r6798@totoro (orig r6797): phobos | 2006-07-21 00:30:19 -0400 Grammar fixes for clarity. r6799@totoro (orig r6798): arma | 2006-07-21 03:06:18 -0400 an entry guard that is "unlisted", as well as not known to be "down", is not therefore "up". r6800@totoro (orig r6799): arma | 2006-07-21 03:53:21 -0400 tweak r6801@totoro (orig r6800): arma | 2006-07-21 03:55:35 -0400 bugfix: if you find yourself reachable, then don't ever make any client requests (so you stop predicting circuits), then hup, then later your IP changes, you won't think circuits are working so you won't try to test reachability, so you won't publish. r6803@totoro (orig r6802): nickm | 2006-07-21 10:53:23 -0400 Another MSVC6 fix. Grnk. r6804@totoro (orig r6803): nickm | 2006-07-21 18:02:58 -0400 These asserts will either cause spurious crashes or help debug the pend->conn->s == -1 issue. r6805@totoro (orig r6804): arma | 2006-07-22 01:29:31 -0400 more bulletproof reachability testing r6806@totoro (orig r6805): arma | 2006-07-22 03:15:34 -0400 i lied, that won't work at all. maybe this will. r6807@totoro (orig r6806): arma | 2006-07-22 03:19:11 -0400 think harder about my logic r6809@totoro (orig r6808): arma | 2006-07-23 01:18:29 -0400 whitespace and docs r6810@totoro (orig r6809): arma | 2006-07-23 01:19:31 -0400 more todo items r6811@totoro (orig r6810): nickm | 2006-07-23 01:32:35 -0400 Add a mem_is_zero function (I think we will need this) and a STRUCT_OFFSET macro (we already need this). r6812@totoro (orig r6811): nickm | 2006-07-23 01:33:10 -0400 Remove STRUCT_OFFSET from config.c r6813@totoro (orig r6812): nickm | 2006-07-23 01:39:37 -0400 Add (void) lines for unused parameters in eventdns.c r6814@totoro (orig r6813): nickm | 2006-07-23 01:40:24 -0400 Delete trailing whitespace in eventdns.c r6815@totoro (orig r6814): arma | 2006-07-23 01:52:27 -0400 use tor_mem_is_zero() in more places. r6816@totoro (orig r6815): arma | 2006-07-23 02:41:02 -0400 rewrite conn->address for GET commands as well as POST commands. r6817@totoro (orig r6816): nickm | 2006-07-23 03:19:49 -0400 Whitespace fix r6818@totoro (orig r6817): nickm | 2006-07-23 03:37:35 -0400 Don't tell anybody, but we're going OO here. This patch splits circuit_t into origin_circuit_t and or_circuit_t. I fixed some segaults; there may be more. We still need to move more rendezvous stuff into subtypes. This is a trial run for splitting up connection_t; if the approach is insane, please say so soon so we can do something smarter. Also, this discards the old HALF_OPEN code, which nobody seems to want. r6819@totoro (orig r6818): nickm | 2006-07-23 04:13:45 -0400 Fix another segfault in assert_circuit_ok. r6820@totoro (orig r6819): arma | 2006-07-23 07:50:03 -0400 publish a new descriptor after we hup. this is important if our config has changed such that we'll want to start advertising our dirport now, etc. r6821@totoro (orig r6820): phobos | 2006-07-23 08:52:06 -0400 These settings are required for those using launchd in OSX 10.4. This is a crude but functional way to insert them for now. r6822@totoro (orig r6821): weasel | 2006-07-23 23:24:25 -0400 Previously our defaults for DataDirectory, PidFile, RunAsDaemon, and Log differed from upstreams. Now Tor behaves just like before (with our own DataDirectory and all) only when run as the debian-tor user. If invoked as any other user, Tor will behave just like the pristine upstream version. r6823@totoro (orig r6822): weasel | 2006-07-23 23:38:26 -0400 Tell users about the init script when they try to run Tor as root. Should we also do this when they try to run their Tor as any other (non root, non debian-tor) user? - add 11_tor_as_root_more_helpful r6892@totoro (orig r6891): weasel | 2006-07-24 21:00:48 -0400 Remove .cvsignore files from trunk r6894@totoro (orig r6893): nickm | 2006-07-24 21:13:04 -0400 Add an item to the TODO. r6899@totoro (orig r6898): nickm | 2006-07-25 00:34:14 -0400 Remove code to special-case "-cvs" ending, since it has not actually mattered since 0.0.9. Perhaps we can special-case even more... r6900@totoro (orig r6899): nickm | 2006-07-25 18:26:42 -0400 Add libor.a and libor-crypto.a to svn:ignore r6901@totoro (orig r6900): nickm | 2006-07-25 18:30:50 -0400 Allow wide lines if they have svn id tags in them. (This matters for svk: those tags can be *big*.) r6902@totoro (orig r6901): nickm | 2006-07-25 18:33:57 -0400 Apply checkSpace.pl to checkSpace.pl. r6903@totoro (orig r6902): nickm | 2006-07-25 18:51:51 -0400 Clarify a TODO, and test tweaked commit-email.pl script. r6904@totoro (orig r6903): nickm | 2006-07-26 15:05:34 -0400 r6902@Kushana: nickm | 2006-07-25 17:30:27 -0400 Move rend_query to origin_circuit_t where it belongs; save another 17 bytes per OR circuit. r6905@totoro (orig r6904): nickm | 2006-07-26 15:05:41 -0400 r6903@Kushana: nickm | 2006-07-25 18:22:48 -0400 No circuit can be both an intro point and a rend point, so we can merge both the cookie and the pk digest into one "rend_token" field for or circuits. This saves another 20 bytes per or circuit. r6906@totoro (orig r6905): nickm | 2006-07-26 15:07:23 -0400 r6907@Kushana: nickm | 2006-07-25 19:03:43 -0400 Realign circuit structs to avoid wasted space. r6907@totoro (orig r6906): nickm | 2006-07-26 15:07:26 -0400 r6908@Kushana: nickm | 2006-07-26 12:38:52 -0400 Refactor connection_t into edge, or, dir, control, and base subtypes. This might save some RAM on busy exit servers, but really matters most in terms of correctness. r6908@totoro (orig r6907): nickm | 2006-07-26 15:07:37 -0400 r6909@Kushana: nickm | 2006-07-26 13:05:58 -0400 Clean up wide lines from last patch. r6909@totoro (orig r6908): nickm | 2006-07-26 15:29:30 -0400 r6918@Kushana: nickm | 2006-07-26 15:22:28 -0400 Fix compilation for eventdns dns.c with split structs. r6910@totoro (orig r6909): nickm | 2006-07-26 15:39:47 -0400 r6920@Kushana: nickm | 2006-07-26 15:39:40 -0400 Mark some TODO items done r6911@totoro (orig r6910): phobos | 2006-07-26 17:50:27 -0400 Set Soft & Hard resource limits to appease launchd. r6912@totoro (orig r6911): phobos | 2006-07-26 19:52:59 -0400 OSX pre-install script to clean up Tor and force a fresh install, but save the server keys if they exist. r6913@totoro (orig r6912): phobos | 2006-07-26 20:19:36 -0400 Be better at finding the Tor install path, backup all of Tor just in case, then blow Tor away r6914@totoro (orig r6913): phobos | 2006-07-26 21:20:02 -0400 Backup only what is needed, write the file we created to a temp file for TorPostFlight to restore the data and remove the temp files r6915@totoro (orig r6914): phobos | 2006-07-26 23:02:47 -0400 The whole process works from preflight to postflight creating a clean Tor install with proper config file edits r6916@totoro (orig r6915): phobos | 2006-07-26 23:10:23 -0400 OSX gets confused when you have two ways to start the same program. r6917@totoro (orig r6916): phobos | 2006-07-26 23:17:50 -0400 Oops, forgot the all important 'r' r6919@totoro (orig r6918): nickm | 2006-07-27 00:10:51 -0400 Fix comments that implied that only dir connections had a purpose field, and the code that believed in those comments. r6920@totoro (orig r6919): nickm | 2006-07-27 01:03:57 -0400 r6922@Kushana: nickm | 2006-07-26 16:32:24 -0400 Rename some fields, compress a bitfield, and document some structs and fields r6923@totoro (orig r6922): nickm | 2006-07-27 13:16:10 -0400 Add more asserts in dns_found_answer. This may confirm my theory that dns_purge_resolve is the culprit. r6924@totoro (orig r6923): phobos | 2006-07-27 13:19:32 -0400 Far better test and handling of existing torrc r6925@totoro (orig r6924): nickm | 2006-07-27 13:37:37 -0400 Get better numbers out of HT_REP_OK r6926@totoro (orig r6925): nickm | 2006-07-27 14:35:25 -0400 Fix a bug in HT_REMOVE. r6927@totoro (orig r6926): nickm | 2006-07-27 14:35:56 -0400 More asserts in dns.c r6928@totoro (orig r6927): arma | 2006-07-27 15:35:11 -0400 resolve typo r6929@totoro (orig r6928): phobos | 2006-07-27 16:03:09 -0400 fi, fy fo fum, if-then- doesn't work without one r6930@totoro (orig r6929): phobos | 2006-07-27 16:24:53 -0400 Forget leopard. r6933@totoro (orig r6932): phobos | 2006-07-28 09:52:36 -0400 So long, farewell, auf Wiedersehen, adieu, launchd r6934@totoro (orig r6933): nickm | 2006-07-28 11:11:11 -0400 r6948@Kushana: nickm | 2006-07-28 10:10:35 -0400 Identify some likely target fields for lowering; lower global_identifier (since we only use it for AP streams and origin circs). r6935@totoro (orig r6934): nickm | 2006-07-28 11:11:20 -0400 r6949@Kushana: nickm | 2006-07-28 10:17:38 -0400 Shave another 8 bytes from connection_t: turn inbuf_reached_eof into a bit, and lower timestamp_lastempty to or_connection_t r6936@totoro (orig r6935): nickm | 2006-07-28 11:11:28 -0400 r6950@Kushana: nickm | 2006-07-28 10:32:08 -0400 Document split fields better. Now, I think we can take a break from type splitting for a bit. r6937@totoro (orig r6936): phobos | 2006-07-29 23:32:54 -0400 Remove the launchd plist file. r6938@totoro (orig r6937): arma | 2006-07-29 23:34:44 -0400 a bit more debugging for phobos r6939@totoro (orig r6938): phobos | 2006-07-29 23:53:18 -0400 Remove the last vestiges of launchd plist. r6940@totoro (orig r6939): arma | 2006-07-30 00:32:58 -0400 defense in depth r6945@totoro (orig r6944): arma | 2006-07-30 00:45:59 -0400 forward-port the website hack. note that with svn, our build system seems to build in-place, so the website/ and img/ directories actually get created in my sandbox. poo. r6946@totoro (orig r6945): arma | 2006-07-30 00:54:13 -0400 fix assert found by DreadWingKnight: now that rendezvous streams are attached to p_streams, the p_streams list can consist of both AP and EXIT conns. r6947@totoro (orig r6946): arma | 2006-07-30 01:36:17 -0400 forward-port the 0.1.1.23 changelog. r6953@totoro (orig r6952): nickm | 2006-07-31 13:59:11 -0400 r6952@Kushana: nickm | 2006-07-28 11:09:37 -0400 Add completely untested find-my-nameservers code for win32. r6954@totoro (orig r6953): nickm | 2006-07-31 13:59:37 -0400 r6958@Kushana: nickm | 2006-07-29 18:54:15 -0400 Looks like we might need a priority queue. r6955@totoro (orig r6954): nickm | 2006-07-31 14:00:18 -0400 r6959@Kushana: nickm | 2006-07-29 22:33:18 -0400 start restructuring dns to use priority queues for expiring entries. r6956@totoro (orig r6955): nickm | 2006-07-31 14:00:47 -0400 r6957@totoro (orig r6956): nickm | 2006-07-31 14:01:18 -0400 r6977@Kushana: nickm | 2006-07-31 13:01:28 -0400 Solve timing-out pending connections. Add pending resolves to expiry queue; when we find an answer, change the pending resolve to "done" and stick the actual answer in the expiry queue as a new entry. This uses a little more memory, but makes the code simpler than other solutions. r6958@totoro (orig r6957): nickm | 2006-07-31 14:01:22 -0400 r6978@Kushana: nickm | 2006-07-31 13:16:14 -0400 Add isupper and islower wrappers to compat.h r6959@totoro (orig r6958): nickm | 2006-07-31 14:01:27 -0400 r6979@Kushana: nickm | 2006-07-31 13:16:58 -0400 Add assert_ok functions for strmap and digestmap; use them in unit test code. r6960@totoro (orig r6959): nickm | 2006-07-31 14:01:37 -0400 r6980@Kushana: nickm | 2006-07-31 13:18:22 -0400 Add a utility function to verify that a string has been through strlower. r6961@totoro (orig r6960): nickm | 2006-07-31 14:01:45 -0400 r6981@Kushana: nickm | 2006-07-31 13:23:26 -0400 More asserts for cache correctness. r6962@totoro (orig r6961): nickm | 2006-07-31 14:01:49 -0400 r6982@Kushana: nickm | 2006-07-31 13:47:19 -0400 documentation and naming tweaks in dns.c r6963@totoro (orig r6962): nickm | 2006-07-31 16:19:58 -0400 r6993@Kushana: nickm | 2006-07-31 16:19:21 -0400 Interesting how much a ! can change the behavior of an assert. r6964@totoro (orig r6963): arma | 2006-07-31 16:25:57 -0400 more compile options mean more codepaths r6965@totoro (orig r6964): arma | 2006-08-01 00:08:15 -0400 man, our sample torrc sucked. r6966@totoro (orig r6965): arma | 2006-08-02 01:17:22 -0400 explain that the exitlist isn't perfect, because some tor exit nodes don't exit on their advertised address. r6969@totoro (orig r6968): weasel | 2006-08-02 21:50:10 -0400 r8207@galaxy: weasel | 2006-08-03 03:22:17 +0200 Merge in local revisions 7944, 8205, and 8206: Forward port 0.1.1.x changelog to trunk r6970@totoro (orig r6969): arma | 2006-08-03 00:22:25 -0400 fix a seg fault on exit for clients; and fix a comment. r6971@totoro (orig r6970): arma | 2006-08-03 00:23:45 -0400 turn future seg faults into asserts r6972@totoro (orig r6971): nickm | 2006-08-03 03:46:25 -0400 Patch from Frediano Ziglio: Windows compilation fixes on eventdns.c. r6973@totoro (orig r6972): nickm | 2006-08-04 14:23:56 -0400 r6995@Kushana: nickm | 2006-07-31 13:30:42 -0700 Avoid segfault if we exit before we get our first dns answer. r6974@totoro (orig r6973): nickm | 2006-08-04 14:24:13 -0400 r6975@totoro (orig r6974): nickm | 2006-08-04 14:24:25 -0400 r7007@Kushana: nickm | 2006-08-03 09:58:30 -0700 Export and use eventdns_config_windows_nameservers(); clean up some comments and log messages. r6976@totoro (orig r6975): nickm | 2006-08-04 14:24:41 -0400 r7008@Kushana: nickm | 2006-08-03 10:03:39 -0700 Oops. We shouldnt initialize eventdns when we are not being a server and not resolving anything. r6977@totoro (orig r6976): nickm | 2006-08-04 14:26:13 -0400 r7009@Kushana: nickm | 2006-08-03 10:44:58 -0700 Add functions to eventdns to allow detecting whether we have any nameservers configured, and to change the list of nameservers after initial configuration. r6978@totoro (orig r6977): nickm | 2006-08-04 14:26:40 -0400 r7010@Kushana: nickm | 2006-08-03 10:47:36 -0700 Enable log message format checking in eventdns.c when __GNUC__ is defined. r6979@totoro (orig r6978): nickm | 2006-08-04 14:27:10 -0400 r7011@Kushana: nickm | 2006-08-03 13:26:34 -0700 eventdns: Document functions added to API; make suspended requests go to the front of the queue; check (or explicitly ignore) return values on libevent functions. r6980@totoro (orig r6979): nickm | 2006-08-04 14:31:13 -0400 r6981@totoro (orig r6980): nickm | 2006-08-04 14:32:43 -0400 r7012@Kushana: nickm | 2006-08-03 19:21:25 -0700 Add an "mmap handle" type to encapsulate bookkeeping elements of mmap issues; add prelim win32 impl r6982@totoro (orig r6981): nickm | 2006-08-04 15:03:40 -0400 r7025@Kushana: nickm | 2006-08-04 12:03:22 -0700 Finish (I hope) windows mmap impl. r6983@totoro (orig r6982): arma | 2006-08-04 16:30:45 -0400 make svn trunk link again. nick can fix this if it's wrong. r6985@totoro (orig r6984): arma | 2006-08-04 23:08:56 -0400 a potential fix on the HELLO protocol design r6986@totoro (orig r6985): nickm | 2006-08-05 13:52:51 -0400 r7027@Kushana: nickm | 2006-08-04 13:06:48 -0700 Oops. Fix downcast macro. r6987@totoro (orig r6986): nickm | 2006-08-05 13:53:08 -0400 r7028@Kushana: nickm | 2006-08-04 13:10:16 -0700 Make data and size fields visible in tor_mmap_t; hide win magic differently. r6988@totoro (orig r6987): nickm | 2006-08-05 13:53:21 -0400 r7029@Kushana: nickm | 2006-08-04 14:08:41 -0700 Remove now-spurious size and data arguments from tor_mmap_file r6989@totoro (orig r6988): nickm | 2006-08-05 13:53:32 -0400 r7030@Kushana: nickm | 2006-08-04 14:46:52 -0700 Close an fd leak on failed mmap() r6990@totoro (orig r6989): phobos | 2006-08-07 21:42:52 -0400 Update preflight to save Privoxy configs as well r6991@totoro (orig r6990): arma | 2006-08-08 02:21:52 -0400 three more todo items r6992@totoro (orig r6991): arma | 2006-08-08 18:56:26 -0400 change the dir-spec to say that it's version 2 of the dir spec, and move the v0 file to v1. r6996@totoro (orig r6995): nickm | 2006-08-08 20:58:27 -0400 Say more about reverse DNS r6999@totoro (orig r6996): nickm | 2006-08-09 02:41:29 -0400 r7056@Kushana: nickm | 2006-08-08 23:40:53 -0700 Add a comment about v0 fallback approach. Why did we dislike discriminating on X.509 certs again? r7000@totoro (orig r6997): nickm | 2006-08-09 02:54:02 -0400 r7058@Kushana: nickm | 2006-08-08 23:53:46 -0700 Clarify point about certs. We have been over this before, but it seems simpler than what we are considering now. r7001@totoro (orig r6998): nickm | 2006-08-09 04:23:27 -0400 r7285@Kushana: nickm | 2006-08-09 01:23:11 -0700 Claim a TODO item (and test commit signing.) r7002@totoro (orig r6999): nickm | 2006-08-09 04:30:11 -0400 r7286@Kushana: nickm | 2006-08-09 01:28:27 -0700 Claim another TODO item (and test commit signing.) r7003@totoro (orig r7000): weasel | 2006-08-09 06:25:01 -0400 r8245@danube: weasel | 2006-08-09 12:24:00 +0200 Add a few comments so I find the rationale for the autoconf --build/--host split in the future when I need it again r7006@totoro (orig r7001): nickm | 2006-08-09 17:42:38 -0400 r7005@totoro: nickm | 2006-08-09 17:42:18 -0400 Begin committing violence against the spec; add some TODO items at the top. Arma, if you disagree, better say so. r7228@totoro (orig r7002): phobos | 2006-08-09 22:06:35 -0400 Update for universal binaries for OSX. r7229@totoro (orig r7003): nickm | 2006-08-10 03:39:47 -0400 Recommend libevent 1.1b for kqueue and win32 methods; deprecate libevent 1.0b harder; make libevent recommendation system saner. r7230@totoro (orig r7004): nickm | 2006-08-10 04:00:13 -0400 Experimentally re-enable kqueue on OSX when using libevent 1.1b or later. Log when we are doing this, so we can diagnose it when it fails. r7231@totoro (orig r7005): arma | 2006-08-10 04:00:54 -0400 a way to make tor more stable in crummy situations r7232@totoro (orig r7006): arma | 2006-08-10 04:13:41 -0400 initial skeleton for issues to resolve re: blocking resistance. r7233@totoro (orig r7007): nickm | 2006-08-10 05:01:37 -0400 r7299@Kushana: nickm | 2006-08-10 01:08:58 -0700 Patch from Tup to add support for transparent AP connections: this basically bundles the functionality of trans-proxy-tor into the tor mainline. Now hosts with compliant pf/netfilter implementations can redirect TCP connections straight to Tor without diverting through SOCKS. r7234@totoro (orig r7008): nickm | 2006-08-10 05:01:46 -0400 r7300@Kushana: nickm | 2006-08-10 01:36:40 -0700 Distinguish netfilter vs pf at configure time based on headers, not on OS. r7235@totoro (orig r7009): nickm | 2006-08-10 05:01:54 -0400 r7301@Kushana: nickm | 2006-08-10 01:41:27 -0700 Only open /dev/pf once. r7236@totoro (orig r7010): nickm | 2006-08-10 05:02:02 -0400 r7302@Kushana: nickm | 2006-08-10 01:48:44 -0700 Warn about open TransListenAddress values. r7237@totoro (orig r7011): nickm | 2006-08-10 05:02:12 -0400 r7303@Kushana: nickm | 2006-08-10 01:52:19 -0700 whitespace fixes r7238@totoro (orig r7012): nickm | 2006-08-10 05:02:26 -0400 r7304@Kushana: nickm | 2006-08-10 01:58:05 -0700 Fix verbose compilation errors; make sure transparent proxy fails when no method is configured. r7240@totoro (orig r7013): nickm | 2006-08-10 05:14:57 -0400 r7313@Kushana: nickm | 2006-08-10 02:13:35 -0700 Add missing .h to header file name. My bad. r7243@totoro (orig r7015): nickm | 2006-08-10 05:30:25 -0400 r7315@Kushana: nickm | 2006-08-10 02:30:13 -0700 add missing "test" and missing include. r7248@totoro (orig r7018): nickm | 2006-08-10 15:56:10 -0400 Fix crash in first-time option validation. Oops. r7249@totoro (orig r7019): nickm | 2006-08-11 03:09:09 -0400 r7323@Kushana: nickm | 2006-08-10 22:04:57 -0700 Add sys/socket.h prereq for net/if.h and net/pfvar.h r7250@totoro (orig r7020): nickm | 2006-08-11 03:09:17 -0400 r7324@Kushana: nickm | 2006-08-10 23:23:15 -0700 Add more warnings to the list of those we tolerate. Start using GCC attributes more, for better error checking and better code generation. r7251@totoro (orig r7021): nickm | 2006-08-11 03:09:28 -0400 r7325@Kushana: nickm | 2006-08-10 23:37:31 -0700 Use gcc offsetof where available. r7252@totoro (orig r7022): nickm | 2006-08-11 03:09:35 -0400 r7326@Kushana: nickm | 2006-08-10 23:50:49 -0700 And another GCC change: predict that tor_frees() are usually real frees, and tor_asserts() usually wont happen. Other test should wait till -fprofile-arcs r7253@totoro (orig r7023): nickm | 2006-08-11 03:09:45 -0400 r7327@Kushana: nickm | 2006-08-11 00:00:36 -0700 Fix a pedantic warning r7254@totoro (orig r7024): nickm | 2006-08-11 03:09:52 -0400 r7328@Kushana: nickm | 2006-08-11 00:04:26 -0700 remove an assert that can never be false (an array in a non-null struct cannot be null). r7255@totoro (orig r7025): nickm | 2006-08-11 03:17:16 -0400 r7335@Kushana: nickm | 2006-08-11 00:13:03 -0700 fix wide lines r7256@totoro (orig r7026): arma | 2006-08-11 03:31:16 -0400 fix typo, add explanatory comment r7257@totoro (orig r7027): arma | 2006-08-11 03:41:21 -0400 fix funny-looking assignment that crashes unit tests r7258@totoro (orig r7028): nickm | 2006-08-11 03:42:11 -0400 r7337@Kushana: nickm | 2006-08-11 00:42:04 -0700 Only use __builtin_offsetof with gcc 4 or later r7259@totoro (orig r7029): nickm | 2006-08-11 03:51:34 -0400 r7341@Kushana: nickm | 2006-08-11 00:51:05 -0700 Amazing how much difference adding a ! to all your asserts can make. r7260@totoro (orig r7030): nickm | 2006-08-11 03:51:42 -0400 r7342@Kushana: nickm | 2006-08-11 00:51:25 -0700 Remove braindeadism. r7262@totoro (orig r7032): arma | 2006-08-11 20:30:07 -0400 more todo items r7263@totoro (orig r7033): arma | 2006-08-11 20:38:38 -0400 mark out the two biggest bugs r7264@totoro (orig r7034): arma | 2006-08-12 03:44:13 -0400 two more thoughts to consider for blocking resistance r7266@totoro (orig r7036): weasel | 2006-08-12 19:26:54 -0400 r8290@danube: weasel | 2006-08-13 01:26:01 +0200 Merge local r8289 into trunk: Update debian/copyright r7267@totoro (orig r7037): phobos | 2006-08-12 20:13:55 -0400 Updated details on how to check for universal binary. r7269@totoro (orig r7039): phobos | 2006-08-12 20:29:56 -0400 Apparently not everyone wants to build Universal binaries. Return valid Archictecture detection for inclusion into final dmg naming. r7272@totoro (orig r7042): arma | 2006-08-13 19:38:30 -0400 simplify the connection_write_to_buf_zlib() wrapper. r7273@totoro (orig r7043): arma | 2006-08-13 20:28:44 -0400 note three more bugs we should resolve r7274@totoro (orig r7044): arma | 2006-08-14 01:53:57 -0400 save 3-7 bytes per edge connection r7275@totoro (orig r7045): nickm | 2006-08-14 02:03:26 -0400 r7369@Kushana: nickm | 2006-08-14 02:03:10 -0400 Shortening fields is only one part of making structs shorter. You must also consider alignment padding. Whee. r7276@totoro (orig r7046): arma | 2006-08-14 02:27:39 -0400 two more todo's, plus a cleanup r7277@totoro (orig r7047): arma | 2006-08-14 02:29:40 -0400 this is what i really meant r7278@totoro (orig r7048): arma | 2006-08-14 03:08:29 -0400 simplify compare_cached_resolves_by_expiry() to make it match the idioms of other compare functions. hopefully i didn't break it? r7279@totoro (orig r7049): arma | 2006-08-14 04:55:41 -0400 fix typos and stuff r7280@totoro (orig r7050): arma | 2006-08-14 05:03:16 -0400 clarify that some old versions used an organizationName of "Tor", and others used "TOR". We should avoid both now. r7281@totoro (orig r7051): arma | 2006-08-14 05:04:27 -0400 rename HELLO cells to VERSIONS cells. r7282@totoro (orig r7052): arma | 2006-08-14 05:44:54 -0400 note a compile warning that we should investigate one day. r7283@totoro (orig r7053): arma | 2006-08-14 06:00:15 -0400 avoid complaining about our SOCKS proxy proxy. r7284@totoro (orig r7054): arma | 2006-08-14 06:16:42 -0400 checkpoint in-progress changelog notes r7287@totoro (orig r7057): nickm | 2006-08-14 16:16:21 -0400 r7383@Kushana: nickm | 2006-08-14 16:16:03 -0400 Stop walking entire dns cache for every request, now that we found our hash table bug. r7288@totoro (orig r7058): nickm | 2006-08-14 17:44:29 -0400 r7045@Kushana: nickm | 2006-08-05 13:56:44 -0400 mess with the TODO a little. r7289@totoro (orig r7059): nickm | 2006-08-14 17:44:34 -0400 r7046@Kushana: nickm | 2006-08-05 13:57:04 -0400 Make it possible for dns_init() to fail; note failure of eventdns configuratoin. r7290@totoro (orig r7060): nickm | 2006-08-14 17:44:39 -0400 r7291@totoro (orig r7061): nickm | 2006-08-14 17:44:45 -0400 r7386@Kushana: nickm | 2006-08-14 17:43:44 -0400 Patch from Adam Langley. * I meant getaddrinfo_a, not getaddrinfo_r - fixed * Added more checks to the parsing code. * It seems you switched an alloca to a malloc, but didn't add any frees r7292@totoro (orig r7062): nickm | 2006-08-14 23:54:09 -0400 r7392@Kushana: nickm | 2006-08-14 23:50:32 -0400 Only do the expensive version of router_have_minimum_dir_info() when the dir info has changed. Backport candidate, since oprofile suggests that this function and ones it calls account for 25-35% of oprofile samples. r7293@totoro (orig r7063): nickm | 2006-08-14 23:54:13 -0400 r7393@Kushana: nickm | 2006-08-14 23:51:07 -0400 remove extraneous #endif r7305@totoro (orig r7064): nickm | 2006-08-15 00:50:17 -0400 r7397@Kushana: nickm | 2006-08-15 00:46:18 -0400 Fix eventdns version of dns.c. Man, we need to get rid of this eventdns/dnsworker split. r7306@totoro (orig r7065): nickm | 2006-08-15 00:50:33 -0400 r7398@Kushana: nickm | 2006-08-15 00:49:50 -0400 Add missing backslash r7308@totoro (orig r7067): arma | 2006-08-15 22:18:55 -0400 dns.c:173: warning: control reaches end of non-void function r7309@totoro (orig r7068): arma | 2006-08-15 23:44:13 -0400 automatically avoid picking more than one node from the same /16 network when constructing a circuit. r7310@totoro (orig r7069): nickm | 2006-08-16 14:47:19 -0400 r7404@Kushana: nickm | 2006-08-16 09:32:19 -0400 Pass hints to getaddrinfo; fix bug 280 (?) r7311@totoro (orig r7070): nickm | 2006-08-16 14:47:24 -0400 r7405@Kushana: nickm | 2006-08-16 14:38:46 -0400 Implement reverse DNS lookup in eventdns: add new entry point; rename old entry point; revise TODO a little; add facility for parsing dns names. r7313@totoro (orig r7072): nickm | 2006-08-17 19:00:32 -0400 r7411@Kushana: nickm | 2006-08-17 19:00:25 -0400 patch suggested by Karsten Loesing: respond to SIGNAL command before we execute the signal, in case the signal shuts us down. r7314@totoro (orig r7073): arma | 2006-08-18 13:46:14 -0400 clean up AllowInvalidNodes man page entry. r7315@totoro (orig r7074): arma | 2006-08-18 14:19:35 -0400 fix typo pointed out by paul r8455@totoro (orig r8214): nickm | 2006-08-22 02:10:53 -0400 r8556@Kushana: nickm | 2006-08-22 01:22:46 -0400 Enable eventdns by default on platforms where we autoconf. This should be everything but windows. r8456@totoro (orig r8215): nickm | 2006-08-22 02:10:58 -0400 r8557@Kushana: nickm | 2006-08-22 02:10:12 -0400 dns-related TODO changes. r8462@totoro (orig r8221): arma | 2006-08-23 19:45:03 -0400 tor --verify-config now exits with -1(255) or 0 depending on whether the config options are bad or good. r8463@totoro (orig r8222): arma | 2006-08-23 20:54:18 -0400 clean up logging conventions in do_list_fingerprint() r8464@totoro (orig r8223): arma | 2006-08-24 00:51:55 -0400 make our socks5 handling more robust to broken socks clients: throw out everything waiting on the buffer in between socks handshake phases, since they can't possibly (so the theory goes) have predicted what we plan to respond to them. r8465@totoro (orig r8224): nickm | 2006-08-25 17:01:56 -0400 r8572@Kushana: nickm | 2006-08-25 16:35:49 -0400 Fix for bug 308: When we have a state file we cannot parse, tell the user, and move it aside. r8466@totoro (orig r8225): nickm | 2006-08-25 17:02:01 -0400 r8573@Kushana: nickm | 2006-08-25 16:55:19 -0400 Resolve bug 321 when using dnsworkers: append a period to every address we resolve at the exit node, so that we do not accidentally pick up local addresses, and so that failing searches are retried in the resolver search domains. (This is already solved for eventdns.) r8467@totoro (orig r8226): nickm | 2006-08-25 17:16:22 -0400 r8576@Kushana: nickm | 2006-08-25 17:16:01 -0400 Fix bug 314: Instead of checking address_in_virtualrange, check addressmap_have_mapping(). This should be more accurate. [Rename to addressmap_have_mapping() from addressmap_already_mapped().] r8468@totoro (orig r8227): arma | 2006-08-26 00:48:50 -0400 fix a log level -- err is for things that kill tor, warn is for things that tor can recover from. also, avoid situations where people who don't read their logs accumulate ten thousand useless files in their datadir. r8469@totoro (orig r8228): arma | 2006-08-26 00:52:22 -0400 more todo items when we avoid putting /16 servers into the same circuit r8470@totoro (orig r8229): arma | 2006-08-26 02:51:02 -0400 remove some more vestiges of cvs r8471@totoro (orig r8230): arma | 2006-08-26 02:56:16 -0400 complete an item, abandon an item, defer an item. r8472@totoro (orig r8231): arma | 2006-08-26 02:57:48 -0400 remove more completed items r8473@totoro (orig r8232): arma | 2006-08-26 03:13:54 -0400 make a 'real soon now' section of the todo, to point out what's more urgent r8474@totoro (orig r8233): arma | 2006-08-26 21:33:35 -0400 fix typo r8475@totoro (orig r8234): arma | 2006-08-26 21:41:08 -0400 i'm guessing nick meant to check the return value of dns_init. and revise some log severities to match the convention. r8476@totoro (orig r8235): arma | 2006-08-26 22:07:54 -0400 stop three memory leaks. nick, fix these if i'm wrong. r8477@totoro (orig r8236): arma | 2006-08-26 22:12:12 -0400 stop a big memory leak: we were leaking the whole contents of cached-routers.new every time we read it. r8478@totoro (orig r8237): arma | 2006-08-27 02:49:33 -0400 typo and whitespace r8479@totoro (orig r8238): arma | 2006-08-27 02:49:51 -0400 a usability improvement i just thought of r8480@totoro (orig r8239): arma | 2006-08-27 02:51:19 -0400 0.1.2.1-alpha will break blossom exit node functionality; put that on the todo list. r8481@totoro (orig r8240): arma | 2006-08-27 02:55:48 -0400 clean up the 0.1.2.1-alpha changelog r8482@totoro (orig r8241): arma | 2006-08-27 02:58:30 -0400 comment out an unused variable; nick, feel free to excise it further. r8483@totoro (orig r8242): arma | 2006-08-27 03:02:41 -0400 bump the doxyfile version number, since i made a doxygen ref man last week. r8484@totoro (orig r8243): arma | 2006-08-27 03:03:05 -0400 fix typo r8485@totoro (orig r8244): arma | 2006-08-27 03:03:17 -0400 bump to 0.1.2.1-alpha (does it work?) r8486@totoro (orig r8245): arma | 2006-08-27 03:26:00 -0400 turn eventdns off by default until we can get some more useful log messages into it. no use learning that it's broken without being able to learn what is broken too. r8488@totoro (orig r8247): phobos | 2006-08-27 20:40:11 -0400 Update rpms to require libevent 1.1b. r8490@totoro (orig r8249): phobos | 2006-08-27 21:06:44 -0400 Remove architecture from builds. The official builds are universal binaries. r8491@totoro (orig r8250): phobos | 2006-08-27 22:20:35 -0400 Replace nickm as packager of rpms. r8492@totoro (orig r8251): arma | 2006-08-27 23:01:07 -0400 bump trunk to 0.1.2.1-alpha-dev r8493@totoro (orig r8252): nickm | 2006-08-27 23:15:38 -0400 r8605@Kushana: nickm | 2006-08-27 14:01:11 -0400 divide eventdns log messages into warn and info messages. r8494@totoro (orig r8253): nickm | 2006-08-27 23:15:47 -0400 r8606@Kushana: nickm | 2006-08-27 14:04:19 -0400 Now that 0.1.2.1-alpha is out, make eventdns on-by-default again. (Hoop-lah.) r8495@totoro (orig r8254): nickm | 2006-08-27 23:15:50 -0400 r8607@Kushana: nickm | 2006-08-27 15:45:42 -0400 Change configuration strategy for eventdns. Instead of elaborate option set, just allow the user to specify another resolv.conf to use. r8496@totoro (orig r8255): nickm | 2006-08-27 23:15:55 -0400 r8608@Kushana: nickm | 2006-08-27 16:57:47 -0400 Make it possible to change nameserver options while Tor is running. r8497@totoro (orig r8256): nickm | 2006-08-27 23:16:02 -0400 r8609@Kushana: nickm | 2006-08-27 17:24:27 -0400 Add some doxygen, concentrated in dns.c r8499@totoro (orig r8258): nickm | 2006-08-27 23:29:51 -0400 Kill some SVK branches that I am done with. r8500@totoro (orig r8259): nickm | 2006-08-27 23:46:21 -0400 r8626@Kushana: nickm | 2006-08-27 23:45:46 -0400 Aw, crap. Non-gcc bug. We need regular windows builds. r8511@totoro (orig r8270): arma | 2006-08-28 04:24:36 -0400 put some symbols on the eventdns logging. leave the haphazard formatting alone. r8512@totoro (orig r8271): arma | 2006-08-28 14:51:36 -0400 fix bug found by Adam J. Richter: directory clients shouldn't hang up five minutes after they begin. but directory servers should still hang up after 5 minutes of failing to deliver any bytes. r8513@totoro (orig r8272): arma | 2006-08-28 15:00:17 -0400 an even better check -- now servers hang up if they can't write for a while, and clients hang up if they can't read for a while. r8514@totoro (orig r8273): arma | 2006-08-28 15:02:57 -0400 and make the comment better, while i'm at it r8518@totoro (orig r8277): nickm | 2006-08-28 16:42:14 -0400 r8652@Kushana: nickm | 2006-08-28 16:41:44 -0400 Resolve bug 324: strdup the right variable. r8519@totoro (orig r8278): nickm | 2006-08-28 16:50:47 -0400 r8654@Kushana: nickm | 2006-08-28 16:50:36 -0400 I bet real programmers even have programs that compile. r8521@totoro (orig r8280): nickm | 2006-08-29 00:22:51 -0400 r8657@Kushana: nickm | 2006-08-29 00:22:31 -0400 Mark an item complete; test new commit-email.pl script. r8539@totoro (orig r8298): weasel | 2006-08-29 16:43:52 -0400 r9565@galaxy: weasel | 2006-08-29 22:20:38 +0200 Do not reload or start when our config is known to be broken r8540@totoro (orig r8299): weasel | 2006-08-29 16:43:59 -0400 r9566@galaxy: weasel | 2006-08-29 22:32:26 +0200 Unnest all those nested if blocks r8541@totoro (orig r8300): weasel | 2006-08-29 16:44:05 -0400 r9567@galaxy: weasel | 2006-08-29 22:32:46 +0200 Prepare 0.1.2.1-alpha-1 r8542@totoro (orig r8301): weasel | 2006-08-29 16:44:11 -0400 r9568@galaxy: weasel | 2006-08-29 22:34:36 +0200 Upload target is experimental, not unstable r8543@totoro (orig r8302): weasel | 2006-08-29 16:44:17 -0400 r9569@galaxy: weasel | 2006-08-29 22:38:54 +0200 Change Standards-Version to 3.7.2. No changes required. r8544@totoro (orig r8303): nickm | 2006-08-29 17:59:20 -0400 r8682@Kushana: nickm | 2006-08-29 17:58:59 -0400 Fix compilation on GCC2 by disabling fun attributes unless __GNUC_MAJOR__ >= 3. r8548@totoro (orig r8307): nickm | 2006-08-30 19:34:49 -0400 r8686@Kushana: nickm | 2006-08-30 18:01:35 -0400 Remove bogus whitespace r8549@totoro (orig r8308): nickm | 2006-08-30 19:34:56 -0400 r8687@Kushana: nickm | 2006-08-30 19:33:28 -0400 Apply patch from Adam Langley: fix assert() in eventdns.c. [Fuzzing, apparently, is cool.] r8550@totoro (orig r8309): nickm | 2006-08-31 13:39:47 -0400 r8691@Kushana: nickm | 2006-08-31 13:30:46 -0400 Fix bug 327 (part 1): Use correct macro to test for GCC 3 or later. r8551@totoro (orig r8310): nickm | 2006-08-31 13:39:51 -0400 r8692@Kushana: nickm | 2006-08-31 13:38:07 -0400 Fix bug 327 (part 2): Cast char to unsigned char before passing to toupper/tolower. (Follow the same idiom as with isupper and friends, in case we run into the same problem on SGI or whereever it was.) r8552@totoro (orig r8311): nickm | 2006-08-31 14:46:46 -0400 r8695@Kushana: nickm | 2006-08-31 14:35:36 -0400 Fix two corner cases in router_dir_info_changed(). This should have no observable effect. r8553@totoro (orig r8312): nickm | 2006-08-31 14:47:54 -0400 r8696@Kushana: nickm | 2006-08-31 14:43:44 -0400 Try to appease some warnings with newer gccs that believe that ignoring a return value is okay, but casting a return value and then ignoring it is a sign of madness. r8556@totoro (orig r8315): phobos | 2006-08-31 19:52:41 -0400 Remove old TODO that I can't remember the details of it. r8557@totoro (orig r8316): nickm | 2006-09-02 01:33:11 -0400 r8704@Kushana: nickm | 2006-09-02 01:32:34 -0400 correct includes for net/if.h and net/pfvar.h on openbsd (from Tup) r8558@totoro (orig r8317): arma | 2006-09-02 19:26:42 -0400 Tor is more than code these days. r8559@totoro (orig r8318): nickm | 2006-09-02 22:13:52 -0400 r8708@Kushana: nickm | 2006-09-02 20:34:15 -0400 Fix warnings reported by weasel when compiling Tor on Debian woody. r8560@totoro (orig r8319): nickm | 2006-09-02 22:13:56 -0400 r8709@Kushana: nickm | 2006-09-02 20:59:54 -0400 Remove unused autoconf checks. r8561@totoro (orig r8320): weasel | 2006-09-03 16:19:35 -0400 r9648@danube: weasel | 2006-09-03 19:54:42 +0200 Document minor update of debian/copyright by arma in debian changelog r8562@totoro (orig r8321): arma | 2006-09-05 10:30:06 -0400 patch from tup r8563@totoro (orig r8322): chiussi | 2006-09-05 21:49:55 -0400 - made configure check if we are building for win32 - made configure link to required system dll's if building for win32 - added diffs for libevent 1.1b - forced user to turn off eventdns if win32 is set - cleaned up tor_mmap_file()_win32 (not sure if it's stable) - cleaned up some warnings and typos r8564@totoro (orig r8323): chiussi | 2006-09-05 21:58:55 -0400 - removed windows line endings r8565@totoro (orig r8324): weasel | 2006-09-05 22:08:52 -0400 r9665@danube: weasel | 2006-09-06 04:08:12 +0200 Remove svn:executable properties from all files in Win32Build r8566@totoro (orig r8325): nickm | 2006-09-06 04:42:12 -0400 r8723@Kushana: nickm | 2006-09-06 04:24:54 -0400 Clean up configure.in spaces, and make it work on Mac OS X again (for me). r8567@totoro (orig r8326): nickm | 2006-09-06 04:42:16 -0400 r8724@Kushana: nickm | 2006-09-06 04:32:28 -0400 Fix spaces; restore support for mapping files over 4GB on win32 (?) r8568@totoro (orig r8327): nickm | 2006-09-06 04:42:20 -0400 r8725@Kushana: nickm | 2006-09-06 04:39:29 -0400 spawn_func fixes: have cpuworker_main and dnsworker_main confirm to the right interfaces [casting func to void* is icky]. Also, make pthread_create() build without warnings. r8569@totoro (orig r8328): nickm | 2006-09-06 16:22:05 -0400 r8729@Kushana: nickm | 2006-09-06 16:20:40 -0400 Fix dns_cancel_pending_resolve() to realize pending resolves have expiry times, and should not be freed except when they fall off the pqueue. r8570@totoro (orig r8329): nickm | 2006-09-06 16:33:28 -0400 r8731@Kushana: nickm | 2006-09-06 16:33:19 -0400 Try to fix eventdns.c build on windows. r8571@totoro (orig r8330): nickm | 2006-09-06 17:35:30 -0400 r8733@Kushana: nickm | 2006-09-06 17:35:22 -0400 Add some missing defines to eventdns.c for windows. r8572@totoro (orig r8331): arma | 2006-09-06 20:30:29 -0400 new config option AvoidDiskWrites for people running tors on usb keys and other media that degrades when you write. not implemented yet, so just a reminder. r8573@totoro (orig r8332): chiussi | 2006-09-06 20:51:20 -0400 - fixed up typos in eventdns.c - configure lets user build with eventdns on win32 r8574@totoro (orig r8333): chiussi | 2006-09-06 20:54:28 -0400 rm'ed a tab (sorry) r8575@totoro (orig r8334): arma | 2006-09-06 21:00:37 -0400 prefer calling it a client rather than an OP r8576@totoro (orig r8335): arma | 2006-09-06 21:01:11 -0400 flesh out TODO re: AvoidDiskWrites r8577@totoro (orig r8336): arma | 2006-09-06 21:02:23 -0400 clean up and correct the spec r8578@totoro (orig r8337): arma | 2006-09-06 21:22:55 -0400 another controller event we left out r8579@totoro (orig r8338): arma | 2006-09-06 21:23:15 -0400 clean up some comments r8580@totoro (orig r8339): arma | 2006-09-06 23:26:17 -0400 help the rpm spec file recognize development versions now that they're not called foo-cvs r8581@totoro (orig r8340): arma | 2006-09-06 23:40:23 -0400 packages now start including svn website docs (oops) r8583@totoro (orig r8342): chiussi | 2006-09-06 23:53:14 -0400 - added some debugging lines to load_nameservers_from_registry() r8584@totoro (orig r8343): chiussi | 2006-09-06 23:58:46 -0400 - got rid of tabs (i think) r8585@totoro (orig r8344): chiussi | 2006-09-07 00:02:52 -0400 - got rid of tabs r8586@totoro (orig r8345): chiussi | 2006-09-07 02:34:20 -0400 fixed win32 eventdns snafu r8587@totoro (orig r8346): chiussi | 2006-09-07 02:36:22 -0400 undid whitespace changes to dns.c r8588@totoro (orig r8347): nickm | 2006-09-07 12:24:19 -0400 r8753@Kushana: nickm | 2006-09-07 12:23:25 -0400 Make eventdns spacing consistant r8589@totoro (orig r8348): nickm | 2006-09-07 12:32:06 -0400 r8755@Kushana: nickm | 2006-09-07 12:31:57 -0400 Tabify eventdns r8590@totoro (orig r8349): nickm | 2006-09-07 15:00:51 -0400 r8757@Kushana: nickm | 2006-09-07 13:07:46 -0400 Fix more compile warnings on Woody. r8591@totoro (orig r8350): chiussi | 2006-09-08 05:02:14 -0400 fixed typo in eventdns.c r8592@totoro (orig r8351): chiussi | 2006-09-08 05:05:07 -0400 another typo r8593@totoro (orig r8352): weasel | 2006-09-08 12:12:15 -0400 r9695@danube: weasel | 2006-09-08 18:11:53 +0200 Make tor build with -O0 r8594@totoro (orig r8353): arma | 2006-09-08 16:48:43 -0400 possibly make tor build and run on cygwin again. r8595@totoro (orig r8354): arma | 2006-09-08 23:18:39 -0400 add a "getinfo address" controller command. r8596@totoro (orig r8355): arma | 2006-09-08 23:38:03 -0400 fix encoding in "getinfo addr-mappings" response. fix error code when "getinfo dir/status/" fails. r8597@totoro (orig r8356): nickm | 2006-09-08 23:46:52 -0400 r8766@Kushana: nickm | 2006-09-08 23:46:12 -0400 Remove some completed items from TODO; defer a bunch of stuff from 0.1.2.x (which we want to have an RC for by the end of October) r8598@totoro (orig r8357): arma | 2006-09-09 15:16:07 -0400 fix typo, add log message r8599@totoro (orig r8358): arma | 2006-09-09 15:20:27 -0400 parameterize the loudness of get_interface_address() r8600@totoro (orig r8359): arma | 2006-09-09 15:36:51 -0400 start remembering X-Your-Address-Is hints even if you're a client, so you can become a server more smoothly. r8602@totoro (orig r8361): phobos | 2006-09-10 23:46:00 -0400 First attempt to document the process to build Win32 executables with mingw. Relies upon magic to actually work right now. r8611@totoro (orig r8370): nickm | 2006-09-11 22:50:14 -0400 r8776@Kushana: nickm | 2006-09-11 22:49:53 -0400 Avoid crash when telling controller stream-status and a stream is detached. Fixes bug 334. Backport candidate. r8612@totoro (orig r8371): phobos | 2006-09-11 22:58:33 -0400 Updates to win32-mingw. libevent1.1b builds. openssl doesn't. r8614@totoro (orig r8373): nickm | 2006-09-12 14:05:54 -0400 r8785@Kushana: nickm | 2006-09-12 14:05:46 -0400 Add non-dist utility for weasel r8615@totoro (orig r8374): weasel | 2006-09-12 14:11:19 -0400 r9734@danube: weasel | 2006-09-12 20:11:02 +0200 Set svn:keywords r8616@totoro (orig r8375): arma | 2006-09-12 14:31:03 -0400 avoid getting mail from ilja in 2008 about this. r8617@totoro (orig r8376): nickm | 2006-09-12 15:00:55 -0400 r8791@Kushana: nickm | 2006-09-12 15:00:48 -0400 As long as we are being pedantic, we may as well be extra-pedantic. r8624@totoro (orig r8383): nickm | 2006-09-13 13:34:59 -0400 r8795@Kushana: nickm | 2006-09-13 13:34:54 -0400 Try to split off the mingw portions of the libevent diff so we can send them to niels separately. Adding two patches: one that applies against 1.1b; one that applies against the libevent svn trunk. r8625@totoro (orig r8384): arma | 2006-09-13 18:24:05 -0400 two todo items we'll need for the blocking-resistance scheme r8626@totoro (orig r8385): arma | 2006-09-13 18:24:43 -0400 continue fleshing out the blocking-resistance design doc r8627@totoro (orig r8386): weasel | 2006-09-14 00:53:23 -0400 r9736@danube: weasel | 2006-09-14 05:53:06 +0200 Refactor dirserv_parse_fingerprint_file(fname) into dirserv_load_fingerprint_file(): There is not need to put together the path to the approved-routers file in more than one place. r8628@totoro (orig r8387): weasel | 2006-09-14 00:53:42 -0400 r9749@danube: weasel | 2006-09-14 06:53:12 +0200 Do not graciously increase the size to be mmaped if the current size already is at a page_size boundary. This is important since if a file has a size of zero and we mmap() it with length > 0, then accessing the mmaped memory area causes a bus error. However, if we pass a length of 0 to mmap() it will return with -1 and things work from there. r8629@totoro (orig r8388): nickm | 2006-09-14 01:00:02 -0400 r8808@senior-two-eighty: nickm | 2006-09-14 00:59:54 -0400 House style for no-args functions is old-style C, not C++ r8630@totoro (orig r8389): weasel | 2006-09-14 01:07:26 -0400 r9752@danube: weasel | 2006-09-14 07:06:49 +0200 Fix some dead code that is on occasion useful r8631@totoro (orig r8390): weasel | 2006-09-14 01:07:34 -0400 r9753@danube: weasel | 2006-09-14 07:07:02 +0200 Remove duplicates from MyFamily r8632@totoro (orig r8391): weasel | 2006-09-14 01:17:02 -0400 r9758@danube: weasel | 2006-09-14 07:10:12 +0200 Add a comment r8633@totoro (orig r8392): weasel | 2006-09-14 01:17:12 -0400 r9759@danube: weasel | 2006-09-14 07:14:37 +0200 Add smartlist_uniq() to TODO list r8634@totoro (orig r8393): arma | 2006-09-14 01:49:03 -0400 we should add a preamble to tor-design saying it's out of date. r8636@totoro (orig r8395): nickm | 2006-09-14 18:34:57 -0400 r8817@Kushana: nickm | 2006-09-14 18:31:29 -0400 Patch from steve hildrey: Generate network status correctly on non-versioning dirservers r8637@totoro (orig r8396): nickm | 2006-09-15 00:27:58 -0400 r8819@Kushana: nickm | 2006-09-15 00:27:45 -0400 Implement a smartlist_uniq() that will with luck not end the world. r8638@totoro (orig r8397): weasel | 2006-09-15 00:29:36 -0400 r9767@danube: weasel | 2006-09-15 06:27:48 +0200 Minor documentation fix r8639@totoro (orig r8398): weasel | 2006-09-15 01:20:16 -0400 r9770@danube: weasel | 2006-09-15 07:20:05 +0200 router_set_networkstatus() gets a list of status documents we asked for from connection_dir_client_reached_eof(). However, as a cache we (sometimes?) just ask for "all". router_set_networkstatus() would freak out over that, meaning it would log a warning and drop the status document instead of caching it as it is supposed to. Now we let router_set_networkstatus() know if the data comes from an all-request so it can do the right thing. r8640@totoro (orig r8399): arma | 2006-09-15 01:30:25 -0400 Send out a burst of long-range drop cells after we've established that we're reachable. Spread them over 4 circuits, so hopefully a few will be fast. This exercises our bandwidth and bootstraps us quicker. r8641@totoro (orig r8400): arma | 2006-09-15 01:53:00 -0400 make my bandwidth exercises actually happen r8642@totoro (orig r8401): arma | 2006-09-15 02:06:09 -0400 two todo items r8643@totoro (orig r8402): arma | 2006-09-15 14:03:53 -0400 avoid thrashing the bandwidth exercise when we change IPs a lot. (we avoid simply by not doing any new tests when we change IPs -- it looks like we retain our previous bandwidth estimates, so there's no need to do new exercise. though in some cases new exercises may still be useful. one day we'll do something smarter.) r8644@totoro (orig r8403): arma | 2006-09-15 14:07:11 -0400 actually, do the bandwidth test anyway, if you've been up at least 6 hours at your previous address. r8645@totoro (orig r8404): nickm | 2006-09-15 16:19:55 -0400 r8821@Kushana: nickm | 2006-09-15 16:19:16 -0400 Clean up libevent difmingw f problems noticed by mikec. r8647@totoro (orig r8406): phobos | 2006-09-16 15:54:03 -0400 Re-create symlinks through cp. r8648@totoro (orig r8407): arma | 2006-09-17 02:18:06 -0400 build testing circuits more rapidly. this has a failure mode where if circuits fail quickly, we'll fail a lot of them very quickly and not retry for a while. so be it. r8649@totoro (orig r8408): arma | 2006-09-17 13:57:56 -0400 a few more todo changes r8650@totoro (orig r8409): nickm | 2006-09-17 15:58:24 -0400 r8837@Kushana: nickm | 2006-09-17 15:58:04 -0400 More TODO work; tenatively mark assignments. r8651@totoro (orig r8410): nickm | 2006-09-17 16:12:10 -0400 r8839@Kushana: nickm | 2006-09-17 16:11:59 -0400 Add some client performance XXXXs; try to move some common case tests higher on their decision trees. r8652@totoro (orig r8411): nickm | 2006-09-17 16:20:23 -0400 r8841@Kushana: nickm | 2006-09-17 16:20:16 -0400 Move more todo items around r8653@totoro (orig r8412): arma | 2006-09-18 00:24:41 -0400 Fix two bugs: first, "extendcircuit" would crash if you gave it a purpose. Second, if you give an unknown purpose, it would say: 552 Unknown purpose "purpose=foo" Now it just says 552 Unknown purpose "foo" r8656@totoro (orig r8415): arma | 2006-09-18 00:59:15 -0400 good god, that was a bad idea. i've built 500 circuits in the past 5 minutes, trying to establish reachability of my unreachable server. r8657@totoro (orig r8416): phobos | 2006-09-18 01:35:08 -0400 Fix a mis-spelled Privoxy. r8668@totoro (orig r8427): nickm | 2006-09-19 16:41:31 -0400 Merge in some bsockets calls, all wrapped inside #if defined(USE_BSOCKETS) r8669@totoro (orig r8428): nickm | 2006-09-19 16:45:20 -0400 Fix a bogus free() in eventdns.c. Bug reported by xiando. r8670@totoro (orig r8429): arma | 2006-09-19 17:37:03 -0400 eventdns patch from Adam Langley r8671@totoro (orig r8430): nickm | 2006-09-19 18:20:09 -0400 Switch routerlist.c to using memcmp on digests rather than crypto_pk_cmp_keys(); speed up find_whitespace a lot (8x for me) by using a switch statement. This should speed parsing a lot of routers at once by a lot. r8672@totoro (orig r8431): nickm | 2006-09-19 18:36:48 -0400 Malloc and friends are critical-path: Thus, add an it-wont-happen branch prediction for NULL returns, and skip the malloc(0) check on platforms where malloc(0) returns a pointer. r8673@totoro (orig r8432): nickm | 2006-09-19 19:18:30 -0400 Stop searching routerlist for routers with the same identity as other routers (on router insert): we already have a map for that. (We need to add an index field to routerinfo_t so we can figure out which point in the routerlist to replace.) Also, add a comment to routerlist.c; arma, please advise? r8674@totoro (orig r8433): nickm | 2006-09-19 19:48:14 -0400 NEEDS REVIEW. Act on previous comment, and handle named servers differently: now, we allow multiple servers with the same name in the routerlist even if that name is reserved, but we check whether names are reserved when we try to look up routers by nickname. This is a minor security fix. This makes router_add_to_routerlist O(1). This is a backport candidate. r8675@totoro (orig r8434): nickm | 2006-09-19 19:55:35 -0400 Speed up eat_whitespace by a lot. r8678@totoro (orig r8437): nickm | 2006-09-21 17:48:06 -0400 r8872@Kushana: nickm | 2006-09-21 14:00:20 -0400 Implement server-side reverse DNS using eventdns. Add an option to routerdescs so we can tell which servers have eventdns enabled. r8679@totoro (orig r8438): nickm | 2006-09-21 17:48:11 -0400 r8873@Kushana: nickm | 2006-09-21 14:38:22 -0400 Fix a bug: Remember, each call to escaped() replaces the value returned from the last call to escaped(). r8680@totoro (orig r8439): nickm | 2006-09-21 17:48:16 -0400 r8874@Kushana: nickm | 2006-09-21 15:22:27 -0400 Rename and document SearchDomains and ResolvConf options; warn if ServerDNSResolvConfFile is given but eventdns isnt enabled. r8681@totoro (orig r8440): nickm | 2006-09-21 17:48:22 -0400 r8875@Kushana: nickm | 2006-09-21 16:46:28 -0400 Resolve bug 330: detect ISPs that want to hijack failing DNS requests and basically domain-squat the entire internet. r8682@totoro (orig r8441): nickm | 2006-09-21 17:48:37 -0400 r8876@Kushana: nickm | 2006-09-21 16:58:46 -0400 Trivial cleanup: !!x is a weird way to spell x != NULL. r8683@totoro (orig r8442): nickm | 2006-09-21 17:48:42 -0400 r8877@Kushana: nickm | 2006-09-21 17:12:33 -0400 Consider non-exit servers unsuitable for RESOLVE commands. r8684@totoro (orig r8443): nickm | 2006-09-21 17:48:55 -0400 r8878@Kushana: nickm | 2006-09-21 17:15:47 -0400 Trivial whitespace cleanups. r8685@totoro (orig r8444): nickm | 2006-09-21 17:49:03 -0400 r8879@Kushana: nickm | 2006-09-21 17:20:31 -0400 Oops from earlier patch; add "opt eventdns" to unittests, fix bug in routerdesc generation. r8686@totoro (orig r8445): nickm | 2006-09-21 17:49:15 -0400 r8880@Kushana: nickm | 2006-09-21 17:26:02 -0400 Trivial patch to appease warn-happy gcc: mark unused parameter r8687@totoro (orig r8446): nickm | 2006-09-21 17:49:36 -0400 r8881@Kushana: nickm | 2006-09-21 17:27:59 -0400 Allow resolve requests to non-exits when they are specifically requested (via resolve foo.bar.exit). r8688@totoro (orig r8447): nickm | 2006-09-21 18:24:45 -0400 Fix bug in r8440: base32 uses 5 bytes per char, not 4. r8689@totoro (orig r8448): nickm | 2006-09-21 18:57:07 -0400 Fix stupid C mistake. Glad I caught that one fast. r8690@totoro (orig r8449): nickm | 2006-09-21 20:10:26 -0400 Fix a couple of server-side reverse dns bugs r8691@totoro (orig r8450): arma | 2006-09-21 20:24:27 -0400 remove some loud log messages r8692@totoro (orig r8451): nickm | 2006-09-21 20:43:55 -0400 r8894@Kushana: nickm | 2006-09-21 18:30:42 -0400 Specify and implement SOCKS5 interface for reverse hostname lookup. r8693@totoro (orig r8452): nickm | 2006-09-21 20:44:07 -0400 r8895@Kushana: nickm | 2006-09-21 20:05:11 -0400 Debug client-side reverse dns code. r8694@totoro (orig r8453): nickm | 2006-09-21 20:44:21 -0400 r8695@totoro (orig r8454): nickm | 2006-09-21 20:45:08 -0400 r8901@Kushana: nickm | 2006-09-21 20:43:48 -0400 I tracked a bug in server-side reverse DNS to something concerning the caching code. Ive disabled server-side cacheing for reverse DNS answers for now, and I am noting the bug in the TODO. r8696@totoro (orig r8455): phobos | 2006-09-21 21:15:07 -0400 Removed verbose patch output. r8697@totoro (orig r8456): nickm | 2006-09-21 21:23:28 -0400 r8906@Kushana: nickm | 2006-09-21 21:23:22 -0400 Revise patch for libevent 1.1b to handle the "wait, I *do* have a gettimeofday()" case. r8698@totoro (orig r8457): phobos | 2006-09-22 11:08:05 -0400 Finally, valid tor.exe directions from scratch with mingw. r8699@totoro (orig r8458): phobos | 2006-09-22 11:37:52 -0400 One last change to openssl to get it to compile in mingw. r8702@totoro (orig r8461): arma | 2006-09-22 15:29:26 -0400 remove 8888 as a long lived port. i can't remember why it's on the list. r8703@totoro (orig r8462): nickm | 2006-09-22 16:18:58 -0400 r8843@Kushana: nickm | 2006-09-17 16:57:20 -0400 A couple of last minor TODO cleanup items r8704@totoro (orig r8463): nickm | 2006-09-22 16:19:34 -0400 r8912@Kushana: nickm | 2006-09-22 16:18:51 -0400 Write more of path-spec.txt r8705@totoro (orig r8464): nickm | 2006-09-22 16:20:21 -0400 r8909@Kushana: nickm | 2006-09-22 00:38:13 -0400 Consider changes to has_old_dnsworkers as noncosmetic r8706@totoro (orig r8465): nickm | 2006-09-22 16:20:26 -0400 r8910@Kushana: nickm | 2006-09-22 12:14:05 -0400 Instead of just checking known-invalid addresses for DNS hijacking, we now check randomly generated addresses, and if too many of them map to the same IP, we assume that IP is the destination of a DNS hijack attempt. A little bird tells me that some DNS hijackers think that declining to give an A record for RFC2606 addresses (like .invalid and .example) makes them more standards compliant. Standardswise, this is like an illicit brothel making sure that nobody has pulled the tags off the mattresss, but that doesn't get us out of working around it. r8707@totoro (orig r8466): nickm | 2006-09-22 16:20:35 -0400 r8911@Kushana: nickm | 2006-09-22 12:24:52 -0400 Make exitlist only output each result line once. r8708@totoro (orig r8467): phobos | 2006-09-22 22:18:18 -0400 Special mingw package_nsis and nsi scripts. r8713@totoro (orig r8472): phobos | 2006-09-23 15:17:08 -0400 Changes to doc as a result of creating a MinGW tor.exe on a bare system. Add two TODO items relating to MinGW instructions. svn:r8473 --- src/or/eventdns.c | 2292 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 2292 insertions(+) create mode 100644 src/or/eventdns.c (limited to 'src/or/eventdns.c') diff --git a/src/or/eventdns.c b/src/or/eventdns.c new file mode 100644 index 0000000000..b9c60f0dbe --- /dev/null +++ b/src/or/eventdns.c @@ -0,0 +1,2292 @@ +/* $Id$ */ + +/* The original version of this module was written by Adam Langley; for + * a history of modifications, check out the subversion logs. + * + * When editing this module, try to keep it re-mergeable by Adam. Don't + * reformat the whitespace, add Tor dependencies, or so on. + * + * TODO: + * - Support AAAA records + * - Have a way to query for AAAA and A records simultaneously. + * - Improve request API. + * - (Can we suppress cnames? Should we?) + * - Replace all externally visible magic numbers with #defined constants. + * - Write documentation for APIs of all external functions. + */ + +/* Async DNS Library + * Adam Langley + * Public Domain code + * + * This software is Public Domain. To view a copy of the public domain dedication, + * visit http://creativecommons.org/licenses/publicdomain/ or send a letter to + * Creative Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA. + * + * I ask and expect, but do not require, that all derivative works contain an + * attribution similar to: + * Parts developed by Adam Langley + * + * You may wish to replace the word "Parts" with something else depending on + * the amount of original code. + * + * (Derivative works does not include programs which link against, run or include + * the source verbatim in their source distributions) + * + * Version: 0.1b + * + * + * Welcome, gentle reader + * + * Async DNS lookups are really a whole lot harder than they should be, + * mostly stemming from the fact that the libc resolver has never been + * very good at them. Before you use this library you should see if libc + * can do the job for you with the modern async call getaddrinfo_a + * (see http://www.imperialviolet.org/page25.html#e498). Otherwise, + * please continue. + * + * This code is based on libevent and you must call event_init before + * any of the APIs in this file. You must also seed the OpenSSL random + * source if you are using OpenSSL for ids (see below). + * + * This library is designed to be included and shipped with your source + * code. You statically link with it. You should also test for the + * existence of strtok_r and define HAVE_STRTOK_R if you have it. + * + * The DNS protocol requires a good source of id numbers and these + * numbers should be unpredictable for spoofing reasons. There are + * three methods for generating them here and you must define exactly + * one of them. In increasing order of preference: + * + * DNS_USE_GETTIMEOFDAY_FOR_ID: + * Using the bottom 16 bits of the usec result from gettimeofday. This + * is a pretty poor solution but should work anywhere. + * DNS_USE_CPU_CLOCK_FOR_ID: + * Using the bottom 16 bits of the nsec result from the CPU's time + * counter. This is better, but may not work everywhere. Requires + * POSIX realtime support and you'll need to link against -lrt on + * glibc systems at least. + * DNS_USE_OPENSSL_FOR_ID: + * Uses the OpenSSL RAND_bytes call to generate the data. You must + * have seeded the pool before making any calls to this library. + * + * The library keeps track of the state of nameservers and will avoid + * them when they go down. Otherwise it will round robin between them. + * + * Quick start guide: + * #include "eventdns.h" + * void callback(int result, char type, int count, int ttl, + * void *addresses, void *arg); + * eventdns_resolv_conf_parse(DNS_OPTIONS_ALL, "/etc/resolv.conf"); + * eventdns_resolve("www.hostname.com", 0, callback, NULL); + * + * When the lookup is complete the callback function is called. The + * first argument will be one of the DNS_ERR_* defines in eventdns.h. + * Hopefully it will be DNS_ERR_NONE, in which case type will be + * DNS_IPv4_A, count will be the number of IP addresses, ttl is the time + * which the data can be cached for (in seconds), addresses will point + * to an array of uint32_t's and arg will be whatever you passed to + * eventdns_resolve. + * + * Searching: + * + * In order for this library to be a good replacement for glibc's resolver it + * supports searching. This involves setting a list of default domains, in + * which names will be queried for. The number of dots in the query name + * determines the order in which this list is used. + * + * Searching appears to be a single lookup from the point of view of the API, + * although many DNS queries may be generated from a single call to + * eventdns_resolve. Searching can also drastically slow down the resolution + * of names. + * + * To disable searching: + * 1. Never set it up. If you never call eventdns_resolv_conf_parse or + * eventdns_search_add then no searching will occur. + * + * 2. If you do call eventdns_resolv_conf_parse then don't pass + * DNS_OPTION_SEARCH (or DNS_OPTIONS_ALL, which implies it). + * + * 3. When calling eventdns_resolve, pass the DNS_QUERY_NO_SEARCH flag. + * + * The order of searches depends on the number of dots in the name. If the + * number is greater than the ndots setting then the names is first tried + * globally. Otherwise each search domain is appended in turn. + * + * The ndots setting can either be set from a resolv.conf, or by calling + * eventdns_search_ndots_set. + * + * For example, with ndots set to 1 (the default) and a search domain list of + * ["myhome.net"]: + * Query: www + * Order: www.myhome.net, www. + * + * Query: www.abc + * Order: www.abc., www.abc.myhome.net + * + * API reference: + * + * int eventdns_nameserver_add(unsigned long int address) + * Add a nameserver. The address should be an IP address in + * network byte order. The type of address is chosen so that + * it matches in_addr.s_addr. + * Returns non-zero on error. + * + * int eventdns_nameserver_ip_add(const char *ip_as_string) + * This wraps the above function by parsing a string as an IP + * address and adds it as a nameserver. + * Returns non-zero on error + * + * int eventdns_resolve(const char *name, int flags, + * eventdns_callback_type callback, + * void *ptr) + * Resolve a name. The name parameter should be a DNS name. + * The flags parameter should be 0, or DNS_QUERY_NO_SEARCH + * which disables searching for this query. (see defn of + * searching above). + * + * The callback argument is a function which is called when + * this query completes and ptr is an argument which is passed + * to that callback function. + * + * Returns non-zero on error + * + * void eventdns_search_clear() + * Clears the list of search domains + * + * void eventdns_search_add(const char *domain) + * Add a domain to the list of search domains + * + * void eventdns_search_ndots_set(int ndots) + * Set the number of dots which, when found in a name, causes + * the first query to be without any search domain. + * + * int eventdns_count_nameservers(void) + * Return the number of configured nameservers (not necessarily the + * number of running nameservers). This is useful for double-checking + * whether our calls to the various nameserver configuration functions + * have been successful. + * + * int eventdns_clear_nameservers_and_suspend(void) + * Remove all currently configured nameservers, and suspend all pending + * resolves. Resolves will not necessarily be re-attempted until + * eventdns_resume() is called. + * + * int eventdns_resume(void) + * Re-attempt resolves left in limbo after an earlier call to + * eventdns_clear_nameservers_and_suspend(). + * + * int eventdns_config_windows_nameservers(void) + * Attempt to configure a set of nameservers based on platform settings on + * a win32 host. Preferentially tries to use GetNetworkParams; if that fails, + * looks in the registry. Returns 0 on success, nonzero on failure. + * + * int eventdns_resolv_conf_parse(int flags, const char *filename) + * Parse a resolv.conf like file from the given filename. + * + * See the man page for resolv.conf for the format of this file. + * The flags argument determines what information is parsed from + * this file: + * DNS_OPTION_SEARCH - domain, search and ndots options + * DNS_OPTION_NAMESERVERS - nameserver lines + * DNS_OPTION_MISC - timeout and attempts options + * DNS_OPTIONS_ALL - all of the above + * The following directives are not parsed from the file: + * sortlist, rotate, no-check-names, inet6, debug + * + * Returns non-zero on error: + * 0 no errors + * 1 failed to open file + * 2 failed to stat file + * 3 file too large + * 4 out of memory + * 5 short read from file + * + * Internals: + * + * Requests are kept in two queues. The first is the inflight queue. In + * this queue requests have an allocated transaction id and nameserver. + * They will soon be transmitted if they haven't already been. + * + * The second is the waiting queue. The size of the inflight ring is + * limited and all other requests wait in waiting queue for space. This + * bounds the number of concurrent requests so that we don't flood the + * nameserver. Several algorithms require a full walk of the inflight + * queue and so bounding its size keeps thing going nicely under huge + * (many thousands of requests) loads. + * + * If a nameserver loses too many requests it is considered down and we + * try not to use it. After a while we send a probe to that nameserver + * (a lookup for google.com) and, if it replies, we consider it working + * again. If the nameserver fails a probe we wait longer to try again + * with the next probe. + */ + +#include "eventdns.h" +#include "eventdns_tor.h" +//#define NDEBUG + +#ifndef DNS_USE_CPU_CLOCK_FOR_ID +#ifndef DNS_USE_GETTIMEOFDAY_FOR_ID +#ifndef DNS_USE_OPENSSL_FOR_ID +#error Must configure at least one id generation method. +#error Please see the documentation. +#endif +#endif +#endif + +// #define _POSIX_C_SOURCE 200507 +#define _GNU_SOURCE + +#ifdef DNS_USE_CPU_CLOCK_FOR_ID +#ifdef DNS_USE_OPENSSL_FOR_ID +#error Multiple id options selected +#endif +#ifdef DNS_USE_GETTIMEOFDAY_FOR_ID +#error Multiple id options selected +#endif +#include +#endif + +#ifdef DNS_USE_OPENSSL_FOR_ID +#ifdef DNS_USE_GETTIMEOFDAY_FOR_ID +#error Multiple id options selected +#endif +#include +#endif + +#define _FORTIFY_SOURCE 3 + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#ifdef WIN32 +#include +#include +#include +#else +#include +#include +#include +#endif + +#define EVENTDNS_LOG_DEBUG 0 +#define EVENTDNS_LOG_WARN 1 + +#ifndef HOST_NAME_MAX +#define HOST_NAME_MAX 255 +#endif + +#ifndef NDEBUG +#include +#endif + +#undef MIN +#define MIN(a,b) ((a)<(b)?(a):(b)) + +#if 0 +#ifdef __USE_ISOC99B +// libevent doesn't work without this +typedef uint8_t u_char; +typedef unsigned int uint; +#endif +#endif +#include + +#define u64 uint64_t +#define u32 uint32_t +#define u16 uint16_t +#define u8 uint8_t + +#include "eventdns.h" + +#define MAX_ADDRS 4 // maximum number of addresses from a single packet +// which we bother recording + +#define TYPE_A 1 +#define TYPE_CNAME 5 +#define TYPE_PTR 12 +#define TYPE_AAAA 28 + +#define CLASS_INET 1 + +struct request { + u8 *request; // the dns packet data + unsigned int request_len; + u8 reissue_count; + u8 tx_count; // the number of times that this packet has been sent + u8 request_type; // TYPE_PTR or TYPE_A + void *user_pointer; // the pointer given to us for this request + eventdns_callback_type user_callback; + struct nameserver *ns; // the server which we last sent it + + // elements used by the searching code + int search_index; + struct search_state *search_state; + char *search_origname; // needs to be free()ed + int search_flags; + + // these objects are kept in a circular list + struct request *next, *prev; + + struct event timeout_event; + + u16 trans_id; // the transaction id + char request_appended; // true if the request pointer is data which follows this struct + char transmit_me; // needs to be transmitted +}; + +struct reply { + u8 type; + u8 have_answer; + union { + struct { + u32 addrcount; + u32 addresses[MAX_ADDRS]; + } a; + struct { + char name[HOST_NAME_MAX]; + } ptr; + } data; +}; + +struct nameserver { + int socket; // a connected UDP socket + u32 address; + int failed_times; // number of times which we have given this server a chance + int timedout; // number of times in a row a request has timed out + struct event event; + // these objects are kept in a circular list + struct nameserver *next, *prev; + struct event timeout_event; // used to keep the timeout for + // when we next probe this server. + // Valid if state == 0 + char state; // zero if we think that this server is down + char choaked; // true if we have an EAGAIN from this server's socket + char write_waiting; // true if we are waiting for EV_WRITE events +}; + +static struct request *req_head = NULL, *req_waiting_head = NULL; +static struct nameserver *server_head = NULL; + +// The number of good nameservers that we have +static int global_good_nameservers = 0; + +// inflight requests are contained in the req_head list +// and are actually going out across the network +static int global_requests_inflight = 0; +// requests which aren't inflight are in the waiting list +// and are counted here +static int global_requests_waiting = 0; + +static int global_max_requests_inflight = 64; + +static struct timeval global_timeout = {3, 0}; // 3 seconds +static u8 global_max_reissues = 1; // a reissue occurs when we get some errors from the server +static u8 global_max_retransmits = 3; // number of times we'll retransmit a request which timed out +// number of timeouts in a row before we consider this server to be down +static int global_max_nameserver_timeout = 3; + +// These are the timeout values for nameservers. If we find a nameserver is down +// we try to probe it at intervals as given below. Values are in seconds. +static const struct timeval global_nameserver_timeouts[] = {{10, 0}, {60, 0}, {300, 0}, {900, 0}, {3600, 0}}; +static const int global_nameserver_timeouts_length = sizeof(global_nameserver_timeouts)/sizeof(struct timeval); + +const char *const eventdns_error_strings[] = {"no error", "The name server was unable to interpret the query", "The name server suffered an internal error", "The requested domain name does not exist", "The name server refused to reply to the request"}; + +static struct nameserver *nameserver_pick(void); +static void eventdns_request_insert(struct request *req, struct request **head); +static void nameserver_ready_callback(int fd, short events, void *arg); +static int eventdns_transmit(void); +static int eventdns_request_transmit(struct request *req); +static void nameserver_send_probe(struct nameserver *const ns); +static void search_request_finished(struct request *const); +static int search_try_next(struct request *const req); +static int search_request_new(int type, const char *const name, int flags, eventdns_callback_type user_callback, void *user_arg); +static void eventdns_requests_pump_waiting_queue(void); +static u16 transaction_id_pick(void); +static struct request *request_new(int type, const char *name, int flags, eventdns_callback_type, void *ptr); +static void request_submit(struct request *req); + +#ifdef MS_WINDOWS +static int +last_error(int sock) { + int optval, optvallen=sizeof(optval); + int err = WSAGetLastError(); + if (err == WSAEWOULDBLOCK && sock >= 0) { + if (getsockopt(sock, SOL_SOCKET, SO_ERROR, (void*)&optval, + &optvallen)) + return err; + if (optval) + return optval; + } + return err; + +} +static int +error_is_eagain(int err) { + return err == EAGAIN || err == WSAEWOULDBLOCK; +} +static int +inet_aton(const char *c, struct in_addr *addr) { + uint32_t r; + if (strcmp(c, "255.255.255.255") == 0) { + addr->s_addr = 0xffffffffu; + } else { + r = inet_addr(c); + if (r == INADDR_NONE) + return 0; + addr->s_addr = r; + } + return 1; +} +#define CLOSE_SOCKET(x) closesocket(x) +#else +#define last_error(sock) (errno) +#define error_is_eagain(err) ((err) == EAGAIN) +#define CLOSE_SOCKET(x) close(x) +#endif + +#define ISSPACE(c) isspace((int)(unsigned char)(c)) +#define ISDIGIT(c) isdigit((int)(unsigned char)(c)) + +#ifndef NDEBUG +static const char * +debug_ntoa(u32 address) { + static char buf[32]; + u32 a = ntohl(address); + sprintf(buf, "%d.%d.%d.%d", + (int)(u8)((a>>24)&0xff), + (int)(u8)((a>>16)&0xff), + (int)(u8)((a>>8 )&0xff), + (int)(u8)((a )&0xff)); + return buf; +} +#endif + +static eventdns_debug_log_fn_type eventdns_log_fn = NULL; + +void +eventdns_set_log_fn(eventdns_debug_log_fn_type fn) { + eventdns_log_fn = fn; +} + +#ifdef __GNUC__ +#define EVENTDNS_LOG_CHECK __attribute__ ((format(printf, 2, 3))) +#else +#define EVENTDNS_LOG_CHECK +#endif + +static void _eventdns_log(int warn, const char *fmt, ...) EVENTDNS_LOG_CHECK; +static void +_eventdns_log(int warn, const char *fmt, ...) { + va_list args; + static char buf[512]; + if (!eventdns_log_fn) + return; + va_start(args,fmt); +#ifdef MS_WINDOWS + _vsnprintf(buf, sizeof(buf), fmt, args); +#else + vsnprintf(buf, sizeof(buf), fmt, args); +#endif + buf[sizeof(buf)-1] = '\0'; + eventdns_log_fn(warn, buf); + va_end(args); +} + +#define log _eventdns_log + +// This walks the list of inflight requests to find the +// one with a matching transaction id. Returns NULL on +// failure +static struct request * +request_find_from_trans_id(u16 trans_id) { + struct request *req = req_head, *const started_at = req_head; + + if (req) { + do { + if (req->trans_id == trans_id) return req; + req = req->next; + } while (req != started_at); + } + + return NULL; +} + +// a libevent callback function which is called when a nameserver +// has gone down and we want to test if it has came back to life yet +static void +nameserver_prod_callback(int fd, short events, void *arg) { + struct nameserver *const ns = (struct nameserver *) arg; + (void)fd; + (void)events; + + nameserver_send_probe(ns); +} + +// a libevent callback which is called when a nameserver probe (to see if +// it has come back to life) times out. We increment the count of failed_times +// and wait longer to send the next probe packet. +static void +nameserver_probe_failed(struct nameserver *const ns) { + const struct timeval * timeout; + (void) evtimer_del(&ns->timeout_event); + if (ns->state == 1) { + // This can happen if the nameserver acts in a way which makes us mark + // it as bad and then starts sending good replies. + return; + } + + timeout = + &global_nameserver_timeouts[MIN(ns->failed_times, + global_nameserver_timeouts_length - 1)]; + ns->failed_times++; + + evtimer_set(&ns->timeout_event, nameserver_prod_callback, ns); + if (evtimer_add(&ns->timeout_event, (struct timeval *) timeout) < 0) { + log(EVENTDNS_LOG_WARN, + "Error from libevent when adding timer event for %s", + debug_ntoa(ns->address)); + // ???? Do more? + } +} + +// called when a nameserver has been deemed to have failed. For example, too +// many packets have timed out etc +static void +nameserver_failed(struct nameserver *const ns, const char *msg) { + struct request *req, *started_at; + // if this nameserver has already been marked as failed + // then don't do anything + if (!ns->state) return; + + log(EVENTDNS_LOG_WARN, "Nameserver %s has failed: %s", + debug_ntoa(ns->address), msg); + global_good_nameservers--; + assert(global_good_nameservers >= 0); + if (global_good_nameservers == 0) { + log(EVENTDNS_LOG_WARN, "All nameservers have failed"); + } + + ns->state = 0; + ns->failed_times = 1; + + evtimer_set(&ns->timeout_event, nameserver_prod_callback, ns); + if (evtimer_add(&ns->timeout_event, (struct timeval *) &global_nameserver_timeouts[0]) < 0) { + log(EVENTDNS_LOG_WARN, + "Error from libevent when adding timer event for %s", + debug_ntoa(ns->address)); + // ???? Do more? + } + + // walk the list of inflight requests to see if any can be reassigned to + // a different server. Requests in the waiting queue don't have a + // nameserver assigned yet + + // if we don't have *any* good nameservers then there's no point + // trying to reassign requests to one + if (!global_good_nameservers) return; + + req = req_head; + started_at = req_head; + if (req) { + do { + if (req->tx_count == 0 && req->ns == ns) { + // still waiting to go out, can be moved + // to another server + req->ns = nameserver_pick(); + } + req = req->next; + } while (req != started_at); + } +} + +static void +nameserver_up(struct nameserver *const ns) { + if (ns->state) return; + log(EVENTDNS_LOG_WARN, "Nameserver %s is back up", + debug_ntoa(ns->address)); + evtimer_del(&ns->timeout_event); + ns->state = 1; + ns->failed_times = 0; + global_good_nameservers++; +} + +static void +request_trans_id_set(struct request *const req, const u16 trans_id) { + req->trans_id = trans_id; + *((u16 *) req->request) = htons(trans_id); +} + +// Called to remove a request from a list and dealloc it. +// head is a pointer to the head of the list it should be +// removed from or NULL if the request isn't in a list. +static void +request_finished(struct request *const req, struct request **head) { + if (head) { + if (req->next == req) { + // only item in the list + *head = NULL; + } else { + req->next->prev = req->prev; + req->prev->next = req->next; + if (*head == req) *head = req->next; + } + } + + log(EVENTDNS_LOG_DEBUG, "Removing timeout for request %lx", + (unsigned long) req); + evtimer_del(&req->timeout_event); + + search_request_finished(req); + global_requests_inflight--; + + if (!req->request_appended) { + // need to free the request data on it's own + free(req->request); + } else { + // the request data is appended onto the header + // so everything gets free()ed when we: + } + + free(req); + + eventdns_requests_pump_waiting_queue(); +} + +// This is called when a server returns a funny error code. +// We try the request again with another server. +// +// return: +// 0 ok +// 1 failed/reissue is pointless +static int +request_reissue(struct request *req) { + const struct nameserver *const last_ns = req->ns; + // the last nameserver should have been marked as failing + // by the caller of this function, therefore pick will try + // not to return it + req->ns = nameserver_pick(); + if (req->ns == last_ns) { + // ... but pick did return it + // not a lot of point in trying again with the + // same server + return 1; + } + + req->reissue_count++; + req->tx_count = 0; + req->transmit_me = 1; + + return 0; +} + +// this function looks for space on the inflight queue and promotes +// requests from the waiting queue if it can. +static void +eventdns_requests_pump_waiting_queue(void) { + while (global_requests_inflight < global_max_requests_inflight && + global_requests_waiting) { + struct request *req; + // move a request from the waiting queue to the inflight queue + assert(req_waiting_head); + if (req_waiting_head->next == req_waiting_head) { + // only one item in the queue + req = req_waiting_head; + req_waiting_head = NULL; + } else { + req = req_waiting_head; + req->next->prev = req->prev; + req->prev->next = req->next; + req_waiting_head = req->next; + } + + global_requests_waiting--; + global_requests_inflight++; + + req->ns = nameserver_pick(); + request_trans_id_set(req, transaction_id_pick()); + + eventdns_request_insert(req, &req_head); + eventdns_request_transmit(req); + eventdns_transmit(); + } +} + +static void +reply_callback(struct request *const req, u32 ttl, u32 err, struct reply *reply) { + switch (req->request_type) { + case TYPE_A: + if (reply) + req->user_callback(DNS_ERR_NONE, DNS_IPv4_A, + reply->data.a.addrcount, ttl, + reply->data.a.addresses, + req->user_pointer); + else + req->user_callback(err, 0, 0, 0, NULL, req->user_pointer); + return; + case TYPE_PTR: + if (reply) { + char *name = reply->data.ptr.name; + req->user_callback(DNS_ERR_NONE, DNS_PTR, 1, ttl, + &name, req->user_pointer); + } else { + req->user_callback(err, 0, 0, 0, NULL, + req->user_pointer); + } + return; + } + assert(0); +} + +// this processes a parsed reply packet +static void +reply_handle(struct request *const req, + u16 flags, u32 ttl, struct reply *reply) { + int error; + static const int error_codes[] = {DNS_ERR_FORMAT, DNS_ERR_SERVERFAILED, DNS_ERR_NOTEXIST, DNS_ERR_NOTIMPL, DNS_ERR_REFUSED}; + + if (flags & 0x020f || !reply || !reply->have_answer) { + // there was an error + if (flags & 0x0200) { + error = DNS_ERR_TRUNCATED; + } else { + u16 error_code = (flags & 0x000f) - 1; + if (error_code > 4) { + error = DNS_ERR_UNKNOWN; + } else { + error = error_codes[error_code]; + } + } + + switch(error) { + case DNS_ERR_SERVERFAILED: + case DNS_ERR_NOTIMPL: + case DNS_ERR_REFUSED: + // we regard these errors as marking a bad nameserver + if (req->reissue_count < global_max_reissues) { + char msg[64]; + snprintf(msg, sizeof(msg), "Bad response %d", + error); + nameserver_failed(req->ns, msg); + if (!request_reissue(req)) return; + } + break; + default: + // we got a good reply from the nameserver + nameserver_up(req->ns); + } + + if (req->search_state && req->request_type != TYPE_PTR) { + // if we have a list of domains to search in, try the next one + if (!search_try_next(req)) { + // a new request was issued so this request is finished and + // the user callback will be made when that request (or a + // child of it) finishes. + request_finished(req, &req_head); + return; + } + } + + // all else failed. Pass the failure up + reply_callback(req, 0, error, NULL); + request_finished(req, &req_head); + } else { + // all ok, tell the user + reply_callback(req, ttl, 0, reply); + nameserver_up(req->ns); + request_finished(req, &req_head); + } +} + +static inline int +name_parse(u8 *packet, int length, int *idx, char *name_out, int name_out_len) { + int name_end = -1; + int j = *idx; +#define GET32(x) do { if (j + 4 > length) return -1; memcpy(&_t32, packet + j, 4); j += 4; x = ntohl(_t32); } while(0); +#define GET16(x) do { if (j + 2 > length) return -1; memcpy(&_t, packet + j, 2); j += 2; x = ntohs(_t); } while(0); +#define GET8(x) do { if (j >= length) return -1; x = packet[j++]; } while(0); + + char *cp = name_out; + const char *const end = name_out + name_out_len; + + // Normally, names are a series of length prefixed strings terminated + // with a length of 0 (the lengths are u8's < 63). + // However, the length can start with a pair of 1 bits and that + // means that the next 14 bits are a pointer within the current + // packet. + + for(;;) { + u8 label_len; + if (j >= length) return -1; + GET8(label_len); + if (!label_len) break; + if (label_len & 0xc0) { + u8 ptr_low; + GET8(ptr_low); + if (name_end < 0) name_end = j; + j = (((int)label_len & 0x3f) << 8) + ptr_low; + if (j < 0 || j >= length) return -1; + continue; + } + if (label_len > 63) return -1; + if (cp != name_out) { + if (cp + 1 >= end) return -1; + *cp++ = '.'; + } + if (cp + label_len >= end) return -1; + memcpy(cp, packet + j, label_len); + cp += label_len; + j += label_len; + } + if (cp >= end) return -1; + *cp = '\0'; + if (name_end < 0) + *idx = j; + else + *idx = name_end; + return 0; +} + +// parses a raw packet from the wire +static int +reply_parse(u8 *packet, int length) { + int j = 0; // index into packet + u16 _t; // used by the macros + u32 _t32; // used by the macros + char tmp_name[256]; // used by the macros + + u16 trans_id, flags, questions, answers, authority, additional, datalength; + u32 ttl, ttl_r = 0xffffffff; + struct reply reply; + struct request *req; + unsigned int i; + + GET16(trans_id); + GET16(flags); + GET16(questions); + GET16(answers); + GET16(authority); + GET16(additional); + + req = request_find_from_trans_id(trans_id); + if (!req) return -1; + // XXXX should the other return points also call reply_handle? -NM + // log("reqparse: trans was %d\n", (int)trans_id); + + memset(&reply, 0, sizeof(reply)); + + if (!(flags & 0x8000)) return -1; // must be an answer + if (flags & 0x020f) { + // there was an error + reply_handle(req, flags, 0, NULL); + return -1; + } + // if (!answers) return; // must have an answer of some form + + // This macro skips a name in the DNS reply. +#define SKIP_NAME \ + do { tmp_name[0] = '\0'; \ + if (name_parse(packet, length, &j, tmp_name, sizeof(tmp_name))<0) \ + return -1; \ + } while(0); + + reply.type = req->request_type; + + // skip over each question in the reply + for (i = 0; i < questions; ++i) { + // the question looks like + // + SKIP_NAME; + j += 4; + if (j >= length) return -1; + } + + // now we have the answer section which looks like + // + for (i = 0; i < answers; ++i) { + u16 type, class; + //int pre = j; + + // XXX I'd be more comfortable if we actually checked the name + // here. -NM + SKIP_NAME; + GET16(type); + GET16(class); + GET32(ttl); + GET16(datalength); + + // log("@%d, Name %s, type %d, class %d, j=%d", pre, tmp_name, (int)type, (int)class, j); + + if (type == TYPE_A && class == CLASS_INET) { + int addrcount, addrtocopy; + if (req->request_type != TYPE_A) { + j += datalength; continue; + } + // XXXX do something sane with malformed A answers. + addrcount = datalength >> 2; // each IP address is 4 bytes + addrtocopy = MIN(MAX_ADDRS - reply.data.a.addrcount, (unsigned)addrcount); + ttl_r = MIN(ttl_r, ttl); + // we only bother with the first four addresses. + if (j + 4*addrtocopy > length) return -1; + memcpy(&reply.data.a.addresses[reply.data.a.addrcount], + packet + j, 4*addrtocopy); + j += 4*addrtocopy; + reply.data.a.addrcount += addrtocopy; + reply.have_answer = 1; + if (reply.data.a.addrcount == MAX_ADDRS) break; + } else if (type == TYPE_PTR && class == CLASS_INET) { + if (req->request_type != TYPE_PTR) { + j += datalength; continue; + } + if (name_parse(packet, length, &j, reply.data.ptr.name, + sizeof(reply.data.ptr.name))<0) + return -1; + reply.have_answer = 1; + break; + } else if (type == TYPE_AAAA && class == CLASS_INET) { + if (req->request_type != TYPE_AAAA) { + j += datalength; continue; + } + // XXXX Implement me. -NM + j += datalength; + } else { + // skip over any other type of resource + j += datalength; + } + } + + reply_handle(req, flags, ttl_r, &reply); + return 0; +#undef SKIP_NAME +#undef GET32 +#undef GET16 +#undef GET8 +} + +// Try to choose a strong transaction id which isn't already in flight +static u16 +transaction_id_pick(void) { + for (;;) { + const struct request *req = req_head, *started_at; +#ifdef DNS_USE_CPU_CLOCK_FOR_ID + struct timespec ts; + const u16 trans_id = ts.tv_nsec & 0xffff; + if (clock_gettime(CLOCK_PROCESS_CPUTIME_ID, &ts)) abort(); +#endif + +#ifdef DNS_USE_GETTIMEOFDAY_FOR_ID + struct timeval tv; + const u16 trans_id = tv.tv_usec & 0xffff; + gettimeofday(&tv, NULL); +#endif + +#ifdef DNS_USE_OPENSSL_FOR_ID + u16 trans_id; + if (RAND_pseudo_bytes((u8 *) &trans_id, 2) == -1) { + /* // in the case that the RAND call fails we back + // down to using gettimeofday. + struct timeval tv; + gettimeofday(&tv, NULL); + trans_id = tv.tv_usec & 0xffff; */ + abort(); + } +#endif + + if (trans_id == 0xffff) continue; + // now check to see if that id is already inflight + req = started_at = req_head; + if (req) { + do { + if (req->trans_id == trans_id) break; + req = req->next; + } while (req != started_at); + } + // we didn't find it, so this is a good id + if (req == started_at) return trans_id; + } +} + +// choose a namesever to use. This function will try to ignore +// nameservers which we think are down and load balance across the rest +// by updating the server_head global each time. +static struct nameserver * +nameserver_pick(void) { + struct nameserver *started_at = server_head, *picked; + if (!server_head) return NULL; + + // if we don't have any good nameservers then there's no + // point in trying to find one. + if (!global_good_nameservers) { + server_head = server_head->next; + return server_head; + } + + // remember that nameservers are in a circular list + for (;;) { + if (server_head->state) { + // we think this server is currently good + picked = server_head; + server_head = server_head->next; + return picked; + } + + server_head = server_head->next; + if (server_head == started_at) { + // all the nameservers seem to be down + // so we just return this one and hope for the + // best + assert(global_good_nameservers == 0); + picked = server_head; + server_head = server_head->next; + return picked; + } + } +} + +// this is called when a namesever socket is ready for reading +static void +nameserver_read(struct nameserver *ns) { + u8 packet[1500]; + + for (;;) { + const int r = recv(ns->socket, packet, sizeof(packet), 0); + if (r < 0) { + int err = last_error(ns->socket); + if (error_is_eagain(err)) return; + nameserver_failed(ns, strerror(err)); + return; + } + reply_parse(packet, r); + } +} + +// set if we are waiting for the ability to write to this server. +// if waiting is true then we ask libevent for EV_WRITE events, otherwise +// we stop these events. +static void +nameserver_write_waiting(struct nameserver *ns, char waiting) { + if (ns->write_waiting == waiting) return; + + ns->write_waiting = waiting; + (void) event_del(&ns->event); + event_set(&ns->event, ns->socket, EV_READ | (waiting ? EV_WRITE : 0) | EV_PERSIST, + nameserver_ready_callback, ns); + if (event_add(&ns->event, NULL) < 0) { + log(EVENTDNS_LOG_WARN, "Error from libevent when adding event for %s", + debug_ntoa(ns->address)); + // ???? Do more? + } +} + +// a callback function. Called by libevent when the kernel says that +// a nameserver socket is ready for writing or reading +static void +nameserver_ready_callback(int fd, short events, void *arg) { + struct nameserver *ns = (struct nameserver *) arg; + (void)fd; + + if (events & EV_WRITE) { + ns->choaked = 0; + if (!eventdns_transmit()) { + nameserver_write_waiting(ns, 0); + } + } + if (events & EV_READ) { + nameserver_read(ns); + } +} + +// Converts a string to a length-prefixed set of DNS labels. +// @buf must be strlen(name)+2 or longer. name and buf must +// not overlap. name_len should be the length of name +// +// Input: abc.def +// Output: <3>abc<3>def<0> +// +// Returns the length of the data. negative on error +// -1 label was > 63 bytes +// -2 name was > 255 bytes +static int +dnsname_to_labels(u8 *const buf, const char *name, const int name_len) { + const char *end = name + name_len; + int j = 0; // current offset into buf + + if (name_len > 255) return -2; + + for (;;) { + const char *const start = name; + name = strchr(name, '.'); + if (!name) { + const unsigned int label_len = end - start; + if (label_len > 63) return -1; + buf[j++] = label_len; + + memcpy(buf + j, start, end - start); + j += end - start; + break; + } else { + // append length of the label. + const unsigned int label_len = name - start; + if (label_len > 63) return -1; + buf[j++] = label_len; + + memcpy(buf + j, start, name - start); + j += name - start; + // hop over the '.' + name++; + } + } + + // the labels must be terminated by a 0. + // It's possible that the name ended in a . + // in which case the zero is already there + if (!j || buf[j-1]) buf[j++] = 0; + return j; +} + +// Finds the length of a dns request for a DNS name of the given +// length. The actual request may be smaller than the value returned +// here +static int +eventdns_request_len(const int name_len) { + return 96 + // length of the DNS standard header + name_len + 2 + + 4; // space for the resource type +} + +// build a dns request packet into buf. buf should be at least as long +// as eventdns_request_len told you it should be. +// +// Returns the amount of space used. Negative on error. +static int +eventdns_request_data_build(const char *const name, const int name_len, const u16 trans_id, + const u16 type, const u16 class, + u8 *const buf) { + int j = 0; // current offset into buf + u16 _t; // used by the macros + u8 *labels; + int labels_len; + +#define APPEND16(x) do { _t = htons(x); memcpy(buf + j, &_t, 2); j += 2; } while(0); + APPEND16(trans_id); + APPEND16(0x0100); // standard query, recusion needed + APPEND16(1); // one question + APPEND16(0); // no answers + APPEND16(0); // no authority + APPEND16(0); // no additional + + labels = (u8 *) malloc(name_len + 2); + if (!labels) return -1; + labels_len = dnsname_to_labels(labels, name, name_len); + if (labels_len < 0) { + free(labels); + return labels_len; + } + memcpy(buf + j, labels, labels_len); + j += labels_len; + free(labels); + + APPEND16(type); + APPEND16(class); +#undef APPEND16 + + return j; +} + +// this is a libevent callback function which is called when a request +// has timed out. +static void +eventdns_request_timeout_callback(int fd, short events, void *arg) { + struct request *const req = (struct request *) arg; + (void) fd; + (void) events; + + log(EVENTDNS_LOG_DEBUG, "Request %lx timed out", (unsigned long) arg); + + req->ns->timedout++; + if (req->ns->timedout > global_max_nameserver_timeout) { + nameserver_failed(req->ns, "request timed out."); + } + + (void) evtimer_del(&req->timeout_event); + if (req->tx_count >= global_max_retransmits) { + // this request has failed + reply_callback(req, 0, DNS_ERR_TIMEOUT, NULL); + request_finished(req, &req_head); + } else { + // retransmit it + eventdns_request_transmit(req); + } +} + +// try to send a request to a given server. +// +// return: +// 0 ok +// 1 temporary failure +// 2 other failure +static int +eventdns_request_transmit_to(struct request *req, struct nameserver *server) { + const int r = send(server->socket, req->request, req->request_len, 0); + if (r < 0) { + int err = last_error(server->socket); + if (error_is_eagain(err)) return 1; + nameserver_failed(req->ns, strerror(err)); + return 2; + } else if (r != (int)req->request_len) { + return 1; // short write + } else { + return 0; + } +} + +// try to send a request, updating the fields of the request +// as needed +// +// return: +// 0 ok +// 1 failed +static int +eventdns_request_transmit(struct request *req) { + int retcode = 0, r; + + // if we fail to send this packet then this flag marks it + // for eventdns_transmit + req->transmit_me = 1; + if (req->trans_id == 0xffff) abort(); + + if (req->ns->choaked) { + // don't bother trying to write to a socket + // which we have had EAGAIN from + return 1; + } + + r = eventdns_request_transmit_to(req, req->ns); + switch (r) { + case 1: + // temp failure + req->ns->choaked = 1; + nameserver_write_waiting(req->ns, 1); + return 1; + case 2: + // failed in some other way + retcode = 1; + // fall through + default: + // all ok + log(EVENTDNS_LOG_DEBUG, + "Setting timeout for request %lx", (unsigned long) req); + evtimer_set(&req->timeout_event, eventdns_request_timeout_callback, req); + if (evtimer_add(&req->timeout_event, &global_timeout) < 0) { + log(EVENTDNS_LOG_WARN, + "Error from libevent when adding timer for " + "request %lx", (unsigned long) req); + // ???? Do more? + } + req->tx_count++; + req->transmit_me = 0; + return retcode; + } +} + +static void +nameserver_probe_callback(int result, char type, int count, int ttl, void *addresses, void *arg) { + struct nameserver *const ns = (struct nameserver *) arg; + (void) type; + (void) count; + (void) ttl; + (void) addresses; + + if (result == DNS_ERR_NONE || result == DNS_ERR_NOTEXIST) { + // this is a good reply + nameserver_up(ns); + } else nameserver_probe_failed(ns); +} + +static void +nameserver_send_probe(struct nameserver *const ns) { + struct request *req; + // here we need to send a probe to a given nameserver + // in the hope that it is up now. + + log(EVENTDNS_LOG_DEBUG, "Sending probe to %s", debug_ntoa(ns->address)); + req = request_new(TYPE_A, "www.google.com", DNS_QUERY_NO_SEARCH, nameserver_probe_callback, ns); + if (!req) return; + // we force this into the inflight queue no matter what + request_trans_id_set(req, transaction_id_pick()); + req->ns = ns; + request_submit(req); +} + +// returns: +// 0 didn't try to transmit anything +// 1 tried to transmit something +static int +eventdns_transmit(void) { + char did_try_to_transmit = 0; + + if (req_head) { + struct request *const started_at = req_head, *req = req_head; + // first transmit all the requests which are currently waiting + do { + if (req->transmit_me) { + did_try_to_transmit = 1; + eventdns_request_transmit(req); + } + + req = req->next; + } while (req != started_at); + } + + return did_try_to_transmit; +} + +// exported function +int +eventdns_count_nameservers(void) { + const struct nameserver *server = server_head; + int n = 0; + if (!server) + return 0; + do { + ++n; + server = server->next; + } while (server != server_head); + return n; +} + +// exported function +int +eventdns_clear_nameservers_and_suspend(void) { + struct nameserver *server = server_head, *started_at = server_head; + struct request *req = req_head, *req_started_at = req_head; + + if (!server) + return 0; + while (1) { + struct nameserver *next = server->next; + (void) event_del(&server->event); + (void) evtimer_del(&server->timeout_event); + if (server->socket >= 0) + CLOSE_SOCKET(server->socket); + free(server); + if (next == started_at) + break; + server = next; + } + server_head = NULL; + global_good_nameservers = 0; + + while (req) { + struct request *next = req->next; + req->tx_count = req->reissue_count = 0; + req->ns = NULL; + // ???? What to do about searches? + (void) evtimer_del(&req->timeout_event); + req->trans_id = 0; + req->transmit_me = 0; + + global_requests_waiting++; + eventdns_request_insert(req, &req_waiting_head); + /* We want to insert these suspended elements at the front of + * the waiting queue, since they were pending before any of + * the waiting entries were added. This is a circular list, + * so we can just shift the start back by one.*/ + req_waiting_head = req_waiting_head->prev; + + if (next == req_started_at) + break; + req = next; + } + req_head = NULL; + global_requests_inflight = 0; + + return 0; +} + +// exported function +int +eventdns_resume(void) { + eventdns_requests_pump_waiting_queue(); + return 0; +} + +// exported function +int +eventdns_nameserver_add(unsigned long int address) { + // first check to see if we already have this nameserver + + const struct nameserver *server = server_head, *const started_at = server_head; + struct nameserver *ns; + struct sockaddr_in sin; + int err = 0; + if (server) { + do { + if (server->address == address) return 3; + server = server->next; + } while (server != started_at); + } + + ns = (struct nameserver *) malloc(sizeof(struct nameserver)); + if (!ns) return -1; + + memset(ns, 0, sizeof(struct nameserver)); + + ns->socket = socket(PF_INET, SOCK_DGRAM, 0); + if (ns->socket < 0) { err = 1; goto out1; } +#ifdef MS_WINDOWS + { + u_long nonblocking = 1; + ioctlsocket(ns->socket, FIONBIO, &nonblocking); + } +#else + fcntl(ns->socket, F_SETFL, O_NONBLOCK); +#endif + sin.sin_addr.s_addr = address; + sin.sin_port = htons(53); + sin.sin_family = AF_INET; + if (connect(ns->socket, (struct sockaddr *) &sin, sizeof(sin)) != 0) { + err = 2; + goto out2; + } + + ns->address = address; + ns->state = 1; + event_set(&ns->event, ns->socket, EV_READ | EV_PERSIST, nameserver_ready_callback, ns); + if (event_add(&ns->event, NULL) < 0) { + err = 2; + goto out2; + } + + log(EVENTDNS_LOG_DEBUG, "Added nameserver %s", debug_ntoa(address)); + + // insert this nameserver into the list of them + if (!server_head) { + ns->next = ns->prev = ns; + server_head = ns; + } else { + ns->next = server_head->next; + ns->prev = server_head; + server_head->next = ns; + if (server_head->prev == server_head) { + server_head->prev = ns; + } + } + + global_good_nameservers++; + + return 0; + + out2: + CLOSE_SOCKET(ns->socket); + out1: + free(ns); + log(EVENTDNS_LOG_WARN, "Unable to add nameserver %s: error %d", + debug_ntoa(address), err); + return err; +} + +// exported function +int +eventdns_nameserver_ip_add(const char *ip_as_string) { + struct in_addr ina; + if (!inet_aton(ip_as_string, &ina)) return 4; + return eventdns_nameserver_add(ina.s_addr); +} + +// insert into the tail of the queue +static void +eventdns_request_insert(struct request *req, struct request **head) { + if (!*head) { + *head = req; + req->next = req->prev = req; + return; + } + + req->prev = (*head)->prev; + req->prev->next = req; + req->next = *head; + (*head)->prev = req; +} + +static int +string_num_dots(const char *s) { + int count = 0; + while ((s = strchr(s, '.'))) { + s++; + count++; + } + return count; +} + +static struct request * +request_new(int type, const char *name, int flags, eventdns_callback_type callback, void *user_ptr) { + const char issuing_now = (global_requests_inflight < global_max_requests_inflight) ? 1 : 0; + + const int name_len = strlen(name); + const int request_max_len = eventdns_request_len(name_len); + const u16 trans_id = issuing_now ? transaction_id_pick() : 0xffff; + // the request data is alloced in a single block with the header + struct request *const req = (struct request *) malloc(sizeof(struct request) + request_max_len); + int rlen; + (void) flags; + + if (!req) return NULL; + memset(req, 0, sizeof(struct request)); + + // request data lives just after the header + req->request = ((u8 *) req) + sizeof(struct request); + req->request_appended = 1; // denotes that the request data shouldn't be free()ed + rlen = eventdns_request_data_build(name, name_len, trans_id, type, CLASS_INET, req->request); + if (rlen < 0) goto err1; + req->request_len = rlen; + req->trans_id = trans_id; + req->tx_count = 0; + req->request_type = type; + req->user_pointer = user_ptr; + req->user_callback = callback; + req->ns = issuing_now ? nameserver_pick() : NULL; + req->next = req->prev = NULL; + + return req; + err1: + free(req); + return NULL; +} + +static void +request_submit(struct request *const req) { + if (req->ns) { + // if it has a nameserver assigned then this is going + // straight into the inflight queue + eventdns_request_insert(req, &req_head); + global_requests_inflight++; + eventdns_request_transmit(req); + } else { + eventdns_request_insert(req, &req_waiting_head); + global_requests_waiting++; + } +} + +// exported function +int eventdns_resolve_ipv4(const char *name, int flags, eventdns_callback_type callback, void *ptr) { + log(EVENTDNS_LOG_DEBUG, "Resolve requested for %s", name); + if (flags & DNS_QUERY_NO_SEARCH) { + struct request *const req = request_new(TYPE_A, name, flags, callback, ptr); + if (!req) return 1; + request_submit(req); + return 0; + } else { + return search_request_new(TYPE_A, name, flags, callback, ptr); + } +} + +int eventdns_resolve_reverse(struct in_addr *in, int flags, eventdns_callback_type callback, void *ptr) { + char buf[32]; + struct request *req; + u32 a; + assert(in); + a = ntohl(in->s_addr); + sprintf(buf, "%d.%d.%d.%d.in-addr.arpa", + (int)(u8)((a )&0xff), + (int)(u8)((a>>8 )&0xff), + (int)(u8)((a>>16)&0xff), + (int)(u8)((a>>24)&0xff)); + log(EVENTDNS_LOG_DEBUG, "Resolve requested for %s (reverse)", buf); + req = request_new(TYPE_PTR, buf, flags, callback, ptr); + if (!req) return 1; + request_submit(req); + return 0; +} + +///////////////////////////////////////////////////////////////////// +// Search support +// +// the libc resolver has support for searching a number of domains +// to find a name. If nothing else then it takes the single domain +// from the gethostname() call. +// +// It can also be configured via the domain and search options in a +// resolv.conf. +// +// The ndots option controls how many dots it takes for the resolver +// to decide that a name is non-local and so try a raw lookup first. + +struct search_domain { + int len; + struct search_domain *next; + // the text string is appended to this structure +}; + +struct search_state { + int refcount; + int ndots; + int num_domains; + struct search_domain *head; +}; + +static struct search_state *global_search_state = NULL; + +static void +search_state_decref(struct search_state *const state) { + if (!state) return; + state->refcount--; + if (!state->refcount) { + struct search_domain *next, *dom; + for (dom = state->head; dom; dom = next) { + next = dom->next; + free(dom); + } + free(state); + } +} + +static struct search_state * +search_state_new(void) { + struct search_state *state = (struct search_state *) malloc(sizeof(struct search_state)); + if (!state) return NULL; + memset(state, 0, sizeof(struct search_state)); + state->refcount = 1; + state->ndots = 1; + + return state; +} + +static void +search_postfix_clear(void) { + search_state_decref(global_search_state); + + global_search_state = search_state_new(); +} + +// exported function +void +eventdns_search_clear(void) { + search_postfix_clear(); +} + +static void +search_postfix_add(const char *domain) { + int domain_len; + struct search_domain *sdomain; + while (domain[0] == '.') domain++; + domain_len = strlen(domain); + + if (!global_search_state) global_search_state = search_state_new(); + if (!global_search_state) return; + global_search_state->num_domains++; + + sdomain = (struct search_domain *) malloc(sizeof(struct search_domain) + domain_len); + if (!sdomain) return; + memcpy( ((u8 *) sdomain) + sizeof(struct search_domain), domain, domain_len); + sdomain->next = global_search_state->head; + sdomain->len = domain_len; + + global_search_state->head = sdomain; +} + +// reverse the order of members in the postfix list. This is needed because, +// when parsing resolv.conf we push elements in the wrong order +static void +search_reverse(void) { + struct search_domain *cur, *prev = NULL, *next; + cur = global_search_state->head; + while (cur) { + next = cur->next; + cur->next = prev; + prev = cur; + cur = next; + } + + global_search_state->head = prev; +} + +// exported function +void +eventdns_search_add(const char *domain) { + search_postfix_add(domain); +} + +// exported function +void +eventdns_search_ndots_set(const int ndots) { + if (!global_search_state) global_search_state = search_state_new(); + if (!global_search_state) return; + global_search_state->ndots = ndots; +} + +static void +search_set_from_hostname(void) { + char hostname[HOST_NAME_MAX + 1], *domainname; + + search_postfix_clear(); + if (gethostname(hostname, sizeof(hostname))) return; + domainname = strchr(hostname, '.'); + if (!domainname) return; + search_postfix_add(domainname); +} + +// warning: returns malloced string +static char * +search_make_new(const struct search_state *const state, int n, const char *const base_name) { + const int base_len = strlen(base_name); + const char need_to_append_dot = base_name[base_len - 1] == '.' ? 0 : 1; + struct search_domain *dom; + + for (dom = state->head; dom; dom = dom->next) { + if (!n--) { + // this is the postfix we want + // the actual postfix string is kept at the end of the structure + const u8 *const postfix = ((u8 *) dom) + sizeof(struct search_domain); + const int postfix_len = dom->len; + char *const newname = (char *) malloc(base_len + need_to_append_dot + postfix_len + 1); + if (!newname) return NULL; + memcpy(newname, base_name, base_len); + if (need_to_append_dot) newname[base_len] = '.'; + memcpy(newname + base_len + need_to_append_dot, postfix, postfix_len); + newname[base_len + need_to_append_dot + postfix_len] = 0; + return newname; + } + } + + // we ran off the end of the list and still didn't find the requested string + abort(); +} + +static int +search_request_new(int type, const char *const name, int flags, eventdns_callback_type user_callback, void *user_arg) { + assert(type == TYPE_A); + if ( ((flags & DNS_QUERY_NO_SEARCH) == 0) && + global_search_state && + global_search_state->num_domains) { + // we have some domains to search + struct request *req; + if (string_num_dots(name) >= global_search_state->ndots) { + req = request_new(type, name, flags, user_callback, user_arg); + if (!req) return 1; + req->search_index = -1; + } else { + char *const new_name = search_make_new(global_search_state, 0, name); + if (!new_name) return 1; + req = request_new(type, new_name, flags, user_callback, user_arg); + free(new_name); + if (!req) return 1; + req->search_index = 0; + } + req->search_origname = strdup(name); + req->search_state = global_search_state; + req->search_flags = flags; + global_search_state->refcount++; + request_submit(req); + return 0; + } else { + struct request *const req = request_new(type, name, flags, user_callback, user_arg); + if (!req) return 1; + request_submit(req); + return 0; + } +} + +// this is called when a request has failed to find a name. We need to check +// if it is part of a search and, if so, try the next name in the list +// returns: +// 0 another request has been submitted +// 1 no more requests needed +static int +search_try_next(struct request *const req) { + if (req->search_state) { + // it is part of a search + char *new_name; + struct request *newreq; + req->search_index++; + if (req->search_index >= req->search_state->num_domains) { + // no more postfixes to try, however we may need to try + // this name without a postfix + if (string_num_dots(req->search_origname) < req->search_state->ndots) { + // yep, we need to try it raw + struct request *const newreq = request_new(req->request_type, req->search_origname, req->search_flags, req->user_callback, req->user_pointer); + log(EVENTDNS_LOG_DEBUG, "Search: trying raw query %s", req->search_origname); + if (newreq) { + request_submit(newreq); + return 0; + } + } + return 1; + } + + new_name = search_make_new(req->search_state, req->search_index, req->search_origname); + if (!new_name) return 1; + log(EVENTDNS_LOG_DEBUG, "Search: now trying %s (%d)", new_name, req->search_index); + newreq = request_new(req->request_type, new_name, req->search_flags, req->user_callback, req->user_pointer); + free(new_name); + if (!newreq) return 1; + newreq->search_origname = req->search_origname; + req->search_origname = NULL; + newreq->search_state = req->search_state; + newreq->search_flags = req->search_flags; + newreq->search_index = req->search_index; + newreq->search_state->refcount++; + request_submit(newreq); + return 0; + } + return 1; +} + +static void +search_request_finished(struct request *const req) { + if (req->search_state) { + search_state_decref(req->search_state); + req->search_state = NULL; + } + if (req->search_origname) { + free(req->search_origname); + req->search_origname = NULL; + } +} + +///////////////////////////////////////////////////////////////////// +// Parsing resolv.conf files + +static void +eventdns_resolv_set_defaults(int flags) { + // if the file isn't found then we assume a local resolver + if (flags & DNS_OPTION_SEARCH) search_set_from_hostname(); + if (flags & DNS_OPTION_NAMESERVERS) eventdns_nameserver_ip_add("127.0.0.1"); +} + +#ifndef HAVE_STRTOK_R +static char * +strtok_r(char *s, const char *delim, char **state) { + return strtok(s, delim); +} +#endif + +// helper version of atoi which returns -1 on error +static int +strtoint(const char *const str) { + char *endptr; + const int r = strtol(str, &endptr, 10); + if (*endptr) return -1; + return r; +} + +static void +resolv_conf_parse_line(char *const start, int flags) { + char *strtok_state; + static const char *const delims = " \t"; +#define NEXT_TOKEN strtok_r(NULL, delims, &strtok_state) + + char *const first_token = strtok_r(start, delims, &strtok_state); + if (!first_token) return; + + if (!strcmp(first_token, "nameserver")) { + const char *const nameserver = NEXT_TOKEN; + struct in_addr ina; + + if (inet_aton(nameserver, &ina)) { + // address is valid + eventdns_nameserver_add(ina.s_addr); + } + } else if (!strcmp(first_token, "domain") && (flags & DNS_OPTION_SEARCH)) { + const char *const domain = NEXT_TOKEN; + if (domain) { + search_postfix_clear(); + search_postfix_add(domain); + } + } else if (!strcmp(first_token, "search") && (flags & DNS_OPTION_SEARCH)) { + const char *domain; + search_postfix_clear(); + + while ((domain = NEXT_TOKEN)) { + search_postfix_add(domain); + } + search_reverse(); + } else if (!strcmp(first_token, "options")) { + const char *option; + + while ((option = NEXT_TOKEN)) { + if (!strncmp(option, "ndots:", 6)) { + const int ndots = strtoint(&option[6]); + if (ndots == -1) continue; + if (!(flags & DNS_OPTION_SEARCH)) continue; + log(EVENTDNS_LOG_DEBUG,"Setting ndots to %d", ndots); + if (!global_search_state) global_search_state = search_state_new(); + if (!global_search_state) return; + global_search_state->ndots = ndots; + } else if (!strncmp(option, "timeout:", 8)) { + const int timeout = strtoint(&option[8]); + if (timeout == -1) continue; + if (!(flags & DNS_OPTION_MISC)) continue; + log(EVENTDNS_LOG_DEBUG,"Setting timeout to %d", timeout); + global_timeout.tv_sec = timeout; + } else if (!strncmp(option, "attempts:", 9)) { + int retries = strtoint(&option[9]); + if (retries == -1) continue; + if (retries > 255) retries = 255; + if (!(flags & DNS_OPTION_MISC)) continue; + log(EVENTDNS_LOG_DEBUG,"Setting retries to %d", retries); + global_max_retransmits = retries; + } + } + } +#undef NEXT_TOKEN +} + +// exported function +// returns: +// 0 no errors +// 1 failed to open file +// 2 failed to stat file +// 3 file too large +// 4 out of memory +// 5 short read from file +int +eventdns_resolv_conf_parse(int flags, const char *const filename) { + struct stat st; + int fd; + u8 *resolv; + char *start; + int err = 0; + + log(EVENTDNS_LOG_DEBUG,"Parsing resolve.conf file %s", filename); + + fd = open(filename, O_RDONLY); + if (fd < 0) { + eventdns_resolv_set_defaults(flags); + return 0; + } + + if (fstat(fd, &st)) { err = 2; goto out1; } + if (!st.st_size) { + eventdns_resolv_set_defaults(flags); + err = 0; + goto out1; + } + if (st.st_size > 65535) { err = 3; goto out1; } // no resolv.conf should be any bigger + + resolv = (u8 *) malloc(st.st_size + 1); + if (!resolv) { err = 4; goto out1; } + + if (read(fd, resolv, st.st_size) != st.st_size) { err = 5; goto out2; } + resolv[st.st_size] = 0; // we malloced an extra byte + + start = (char *) resolv; + for (;;) { + char *const newline = strchr(start, '\n'); + if (!newline) { + resolv_conf_parse_line(start, flags); + break; + } else { + *newline = 0; + resolv_conf_parse_line(start, flags); + start = newline + 1; + } + } + + if (!server_head && (flags & DNS_OPTION_NAMESERVERS)) { + // no nameservers were configured. + eventdns_nameserver_ip_add("127.0.0.1"); + } + if (flags & DNS_OPTION_SEARCH && (!global_search_state || global_search_state->num_domains == 0)) { + search_set_from_hostname(); + } + +out2: + free(resolv); +out1: + close(fd); + return err; +} + +#ifdef MS_WINDOWS +// Add multiple nameservers from a space-or-comma-separated list. +static int +eventdns_nameserver_ip_add_line(const char *ips) { + const char *addr; + char *buf; + int r; + while (*ips) { + while (ISSPACE(*ips) || *ips == ',' || *ips == '\t') + ++ips; + addr = ips; + while (ISDIGIT(*ips) || *ips == '.') + ++ips; + buf = malloc(ips-addr+1); + if (!buf) return 4; + memcpy(buf, addr, ips-addr); + buf[ips-addr] = '\0'; + r = eventdns_nameserver_ip_add(buf); + free(buf); + if (r) return r; + } + return 0; +} + +typedef DWORD(WINAPI *GetNetworkParams_fn_t)(FIXED_INFO *, DWORD*); + +// Use the windows GetNetworkParams interface in iphlpapi.dll to +// figure out what our nameservers are. +static int +load_nameservers_with_getnetworkparams(void) { + // Based on MSDN examples and inspection of c-ares code. + FIXED_INFO *fixed; + HMODULE handle = 0; + ULONG size = sizeof(FIXED_INFO); + void *buf = NULL; + int status = 0, r, added_any; + IP_ADDR_STRING *ns; + GetNetworkParams_fn_t fn; + + if (!(handle = LoadLibrary("iphlpapi.dll"))) { + log(EVENTDNS_LOG_WARN,"Could not open iphlpapi.dll"); + //right now status = 0, doesn't that mean "good" - mikec + status = -1; + goto done; + } + + if (!(fn = + (GetNetworkParams_fn_t) + GetProcAddress(handle, "GetNetworkParams"))) { + log(EVENTDNS_LOG_WARN,"Could not get address of function."); + //same as above + status = -1; + goto done; + } + + buf = malloc(size); + if (!buf) { + status = 4; + goto done; + } + fixed = buf; + r = fn(fixed, &size); + if (r != ERROR_SUCCESS && r != ERROR_BUFFER_OVERFLOW) { + status = -1; + goto done; + } + if (r != ERROR_SUCCESS) { + free(buf); + buf = malloc(size); + if (!buf) { status = 4; goto done; } + fixed = buf; + r = fn(fixed, &size); + if (r != ERROR_SUCCESS) { + log(EVENTDNS_LOG_DEBUG,"fn() failed."); + status = -1; + goto done; + } + } + + assert(fixed); + added_any = 0; + ns = &(fixed->DnsServerList); + while (ns) { + r = eventdns_nameserver_ip_add_line(ns->IpAddress.String); + if (r) { + log(EVENTDNS_LOG_DEBUG,"Could not add nameserver %s to list,error: %d", + (ns->IpAddress.String),(int)GetLastError()); + status = r; + goto done; + } else { + log(EVENTDNS_LOG_DEBUG,"Succesfully added %s as nameserver",ns->IpAddress.String); + } + + added_any++; + ns = ns->Next; + } + + if (!added_any) { + //should we ever get here? - mikec + log(EVENTDNS_LOG_DEBUG,"No name servers added."); + status = -1; + } + + done: + if (buf) + free(buf); + if (handle) + FreeLibrary(handle); + return status; +} + +static int +config_nameserver_from_reg_key(HKEY key, const char *subkey) { + char *buf; + DWORD bufsz = 0, type = 0; + int status = 0; + + if (RegQueryValueEx(key, subkey, 0, &type, NULL, &bufsz) + != ERROR_MORE_DATA) + return -1; + if (!(buf = malloc(bufsz))) + return -1; + + if (RegQueryValueEx(key, subkey, 0, &type, (LPBYTE)buf, &bufsz) + == ERROR_SUCCESS && bufsz > 1) { + status = eventdns_nameserver_ip_add_line(buf); + } + + free(buf); + return status; +} + +#define SERVICES_KEY "System\\CurrentControlSet\\Services\\" + +#define WIN_NS_9X_KEY SERVICES_KEY "VxD\\MSTCP" +#define WIN_NS_NT_KEY SERVICES_KEY "Tcpip\\Parameters" + +static int +load_nameservers_from_registry(void) { + int found = 0; + int r; +#define TRY(k, name) \ + if (!found && config_nameserver_from_reg_key(k,name) == 0) { \ + log(EVENTDNS_LOG_DEBUG,"Found nameservers in %s/%s",#k,name); \ + found = 1; \ + } else { \ + if (!found) \ + log(EVENTDNS_LOG_DEBUG,"Didn't find nameservers in %s/%s", \ + #k,#name); \ + } + + if (((int)GetVersion()) > 0) { /* NT */ + HKEY nt_key = 0, interfaces_key = 0; + + if (RegOpenKeyEx(HKEY_LOCAL_MACHINE, WIN_NS_NT_KEY, 0, + KEY_READ, &nt_key) != ERROR_SUCCESS) { + log(EVENTDNS_LOG_DEBUG,"Couldn't open nt key, %d",(int)GetLastError()); + return -1; + } + + r = RegOpenKeyEx(nt_key, "Interfaces", 0, + KEY_QUERY_VALUE|KEY_ENUMERATE_SUB_KEYS, + &interfaces_key); + + if (r != ERROR_SUCCESS ) { + log(EVENTDNS_LOG_DEBUG,"Couldn't open interfaces key, %d",(int)GetLastError()); + return -1; + } + + TRY(nt_key, "NameServer"); + TRY(nt_key, "DhcpNameServer"); + TRY(interfaces_key, "NameServer"); + TRY(interfaces_key, "DhcpNameServer"); + RegCloseKey(interfaces_key); + RegCloseKey(nt_key); + } else { + HKEY win_key = 0; + if (RegOpenKeyEx(HKEY_LOCAL_MACHINE, WIN_NS_9X_KEY, 0, + KEY_READ, &win_key) != ERROR_SUCCESS) { + log(EVENTDNS_LOG_DEBUG,"Couldn't open registry key, %d",(int)GetLastError()); + return -1; + + } + TRY(win_key, "NameServer"); + RegCloseKey(win_key); + } + + if (found == 0) { + log(EVENTDNS_LOG_WARN,"Didn't find any nameservers."); + } + + return found ? 0 : -1; +#undef TRY +} + +int +eventdns_config_windows_nameservers(void) { + if (load_nameservers_with_getnetworkparams() == 0) { + return 0; + } + + return load_nameservers_from_registry(); +} +#endif + +#ifdef EVENTDNS_MAIN +void +main_callback(int result, char type, int count, int ttl, + void *addrs, void *orig) { + char *n = (char*)orig; + int i; + for (i = 0; i < count; ++i) { + if (type == DNS_IPv4_A) { + printf("%s: %s\n", n, debug_ntoa(((u32*)addrs)[i])); + } else if (type == DNS_PTR) { + printf("%s: %s\n", n, ((char**)addrs)[i]); + } + } + if (!count) { + printf("%s: No answer (%d)\n", n, result); + } + fflush(stdout); +} + +void +logfn(const char *msg) { + fprintf(stderr, "%s\n", msg); +} +int +main(int c, char **v) { + int idx; + int reverse = 0, verbose = 1; + if (c<2) { + fprintf(stderr, "syntax: %s [-x] [-v] hostname\n", v[0]); + return 1; + } + idx = 1; + while (idx < c && v[idx][0] == '-') { + if (!strcmp(v[idx], "-x")) + reverse = 1; + else if (!strcmp(v[idx], "-v")) + verbose = 1; + else + fprintf(stderr, "Unknown option %s\n", v[idx]); + ++idx; + } + event_init(); + if (verbose) + eventdns_set_log_fn(logfn); + eventdns_resolv_conf_parse(DNS_OPTION_NAMESERVERS, "/etc/resolv.conf"); + for (; idx < c; ++idx) { + if (reverse) { + struct in_addr addr; + if (!inet_aton(v[idx], &addr)) { + fprintf(stderr, "Skipping non-IP %s\n", v[idx]); + continue; + } + fprintf(stderr, "resolving %s...\n",v[idx]); + eventdns_resolve_reverse(&addr, 0, main_callback, v[idx]); + } else { + fprintf(stderr, "resolving (fwd) %s...\n",v[idx]); + eventdns_resolve_ipv4(v[idx], 0, main_callback, v[idx]); + } + } + fflush(stdout); + event_dispatch(); + return 0; +} + +#endif + +// Local Variables: +// tab-width: 4 +// c-basic-offset: 4 +// indent-tabs-mode: t +// End: + -- cgit v1.2.3-54-g00ecf