[tor-commits] [obfsproxy/master] Howto instructions for using Tor with obfsproxy.
commit 7123e54eb9bdbae3fe92d2284105a2fd1e2c5a0f Author: George Kadianakis desnac...@gmail.com Date: Thu Apr 28 09:56:09 2011 -0400 Howto instructions for using Tor with obfsproxy. --- doc/tor-obfs-howto.txt | 101 1 files changed, 101 insertions(+), 0 deletions(-) diff --git a/doc/tor-obfs-howto.txt b/doc/tor-obfs-howto.txt new file mode 100644 index 000..36ad7a3 --- /dev/null +++ b/doc/tor-obfs-howto.txt @@ -0,0 +1,101 @@ +How to set up Tor with Obfsproxy + + +Preliminaries: + +This isn't the final interface--we should make it much easier. + +This is experimental code--if it breaks, you get to keep both smouldering +pieces. + + + +Ingredients: + +Client side needs: + +* a copy of obfsproxy: + git clone git://git.torproject.org/obfsproxy.git + Building it should be easy, just do ./configure make. + +* a copy of Tor that supports the Socks5Proxy option. + The git version should do the trick. + +Bridge side needs: + +* a copy of obfsproxy: + git clone git://git.torproject.org/obfsproxy.git + Building it should be easy, just do ./configure make. + +* a copy of Tor with BridgeRelay capabilities. + Quite easy to find nowadays. + +Port setup: + +Our port setup will be like this: + + 1050 1051 + +---+ ++ + | Proxy |-| Server | + | +---+ ++ | + | | ++++--+ +| Tor Client || Tor Bridge | ++++--+ +50005001 + + + +Setting up obfsproxies: + +This command will setup an obfsproxy socks client listening to the +obfs2 protocol on localhost:1050: +./obfsproxy socks obfs2 127.0.0.1:1050 + +This command will setup an obfsproxy server listening to the +obfs2 protocol on localhost:5001: +./obfsproxy server obfs2 127.0.0.1:1051 127.0.0.1:5001 + +Setting up Tor: + +Let's create .torrc_client and .torrc_bridge. +Warning: I'm only posting the relevant torrc options. + +torrc_client: +--- +SocksPort 5000 +UseBridges 1 +Bridge bridge host:1051 # This points to the bridge's obfsproxy server. + # You can change bridge host to 127.0.0.1 + # for local testing setup. +Socks5Proxy 127.0.0.1:1050 # This points to our obfsproxy client. +--- + +torrc_bridge: +--- +ORPort 5001 # Port where bridge will be listening on. +BridgeRelay 1 +ExitPolicy reject *:* +--- + +Bootstrap sequence: + +Since we are still in PoC state you have to bootstrap the Tors and the +obfsproxies with the correct sequence: + +1. Fire up server obfsproxy. +2. Fire up tor with torrc_bridge. +3. Fire up client obfsproxy. +4. Fire up tor with torrc_client. + +The End + +Now open Firefox on the client side and set it up to use a Socks +server on 127.0.0.1:5000. +Stuff should work now. + +If you were smart enough to open wireshark and sniff the traffic +before doing all the above, you would notice that the TLS handshake +was not carried out plaintext, effectively obfuscating your Tor +experience. Yes. + ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.1] Forget all rendezvous client state on SIGNAL NEWNYM
commit 440e48ddf27094e48c401c68c9014eca43b6867e
Author: Robert Ransom rransom.8...@gmail.com
Date: Wed Apr 20 02:27:58 2011 -0700
Forget all rendezvous client state on SIGNAL NEWNYM
---
changes/forget-rend-descs-on-newnym |5
src/or/main.c |2 +
src/or/or.h |2 +
src/or/rendclient.c | 37 +++
src/or/rendcommon.c | 10 +
5 files changed, 56 insertions(+), 0 deletions(-)
diff --git a/changes/forget-rend-descs-on-newnym
b/changes/forget-rend-descs-on-newnym
new file mode 100644
index 000..c086973
--- /dev/null
+++ b/changes/forget-rend-descs-on-newnym
@@ -0,0 +1,5 @@
+ o Security fixes:
+- Forget all hidden service descriptors cached as a client when
+ processing a SIGNAL NEWNYM command. Fixes bug 3000. Bugfix on
+ 0.0.6.
+
diff --git a/src/or/main.c b/src/or/main.c
index 96b7b45..e44fd49 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -785,6 +785,8 @@ signewnym_impl(time_t now)
{
circuit_expire_all_dirty_circs();
addressmap_clear_transient();
+ rend_cache_purge();
+ rend_client_cancel_descriptor_fetches();
time_of_last_signewnym = now;
signewnym_is_pending = 0;
}
diff --git a/src/or/or.h b/src/or/or.h
index 57e091e..897ad32 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -4039,6 +4039,7 @@ int rend_client_introduction_acked(origin_circuit_t *circ,
size_t request_len);
void rend_client_refetch_renddesc(const char *query);
void rend_client_refetch_v2_renddesc(const rend_data_t *rend_query);
+void rend_client_cancel_descriptor_fetches(void);
int rend_client_remove_intro_point(extend_info_t *failed_intro,
const rend_data_t *rend_query);
int rend_client_rendezvous_acked(origin_circuit_t *circ,
@@ -4137,6 +4138,7 @@ typedef struct rend_cache_entry_t {
void rend_cache_init(void);
void rend_cache_clean(void);
void rend_cache_clean_v2_descs_as_dir(void);
+void rend_cache_purge(void);
void rend_cache_free_all(void);
int rend_valid_service_id(const char *query);
int rend_cache_lookup_desc(const char *query, int version, const char **desc,
diff --git a/src/or/rendclient.c b/src/or/rendclient.c
index 51306b3..37cca14 100644
--- a/src/or/rendclient.c
+++ b/src/or/rendclient.c
@@ -557,8 +557,45 @@ rend_client_refetch_v2_renddesc(const rend_data_t
*rend_query)
return;
}
+/** Cancel all rendezvous descriptor fetches currently in progress.
+ */
+void
+rend_client_cancel_descriptor_fetches(void)
+{
+ smartlist_t *connection_array = get_connection_array();
+
+ SMARTLIST_FOREACH_BEGIN(connection_array, connection_t *, conn) {
+if (conn-type == CONN_TYPE_DIR
+(conn-purpose == DIR_PURPOSE_FETCH_RENDDESC ||
+ conn-purpose == DIR_PURPOSE_FETCH_RENDDESC_V2)) {
+ /* It's a rendezvous descriptor fetch in progress -- cancel it
+ * by marking the connection for close.
+ *
+ * Even if this connection has already reached EOF, this is
+ * enough to make sure that if the descriptor hasn't been
+ * processed yet, it won't be. See the end of
+ * connection_handle_read; connection_reached_eof (indirectly)
+ * processes whatever response the connection received. */
+
+ const rend_data_t *rd = (TO_DIR_CONN(conn))-rend_data;
+ if (!rd) {
+log_warn(LD_BUG | LD_REND,
+ Marking for close dir conn fetching rendezvous
+ descriptor for unknown service!);
+ } else {
+log_debug(LD_REND, Marking for close dir conn fetching v%d
+ rendezvous descriptor for service %s,
+ (int)(rd-rend_desc_version),
+ safe_str(rd-onion_address));
+ }
+ connection_mark_for_close(conn);
+}
+ } SMARTLIST_FOREACH_END(conn);
+}
+
/** Remove failed_intro from ent. If ent now has no intro points, or
* service is unrecognized, then launch a new renddesc fetch.
+
*
* Return -1 if error, 0 if no intro points remain or service
* unrecognized, 1 if recognized and some intro points remain.
diff --git a/src/or/rendcommon.c b/src/or/rendcommon.c
index d6f5443..ba28cca 100644
--- a/src/or/rendcommon.c
+++ b/src/or/rendcommon.c
@@ -871,6 +871,16 @@ rend_cache_clean(void)
}
}
+/** Remove ALL entries from the rendezvous service descriptor cache.
+ */
+void
+rend_cache_purge(void)
+{
+ if (rend_cache)
+strmap_free(rend_cache, _rend_cache_entry_free);
+ rend_cache = strmap_new();
+}
+
/** Remove all old v2 descriptors and those for which this hidden service
* directory is not responsible for any more. */
void
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Fix a bug introduced by purging rend_cache on NEWNYM
commit f1cf9bd74d225e90ca123eb664c1c5538eedaa03
Author: Robert Ransom rransom.8...@gmail.com
Date: Mon Apr 25 06:38:35 2011 -0700
Fix a bug introduced by purging rend_cache on NEWNYM
If the user sent a SIGNAL NEWNYM command after we fetched a rendezvous
descriptor, while we were building the introduction-point circuit, we
would give up entirely on trying to connect to the hidden service.
Original patch by rransom slightly edited to go into 0.2.1
---
src/or/rendclient.c | 25 +
1 files changed, 21 insertions(+), 4 deletions(-)
diff --git a/src/or/rendclient.c b/src/or/rendclient.c
index ca846d9..fb95efb 100644
--- a/src/or/rendclient.c
+++ b/src/or/rendclient.c
@@ -74,10 +74,27 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
if (rend_cache_lookup_entry(introcirc-rend_data-onion_address, -1,
entry) 1) {
-log_warn(LD_REND,
- query %s didn't have valid rend desc in cache. Failing.,
- escaped_safe_str(introcirc-rend_data-onion_address));
-goto perm_err;
+log_info(LD_REND,
+ query %s didn't have valid rend desc in cache.
+ Refetching descriptor.,
+ safe_str(introcirc-rend_data-onion_address));
+/* Fetch both v0 and v2 rend descriptors in parallel. Use whichever
+ * arrives first. Exception: When using client authorization, only
+ * fetch v2 descriptors.*/
+rend_client_refetch_v2_renddesc(introcirc-rend_data);
+if (introcirc-rend_data-auth_type == REND_NO_AUTH)
+ rend_client_refetch_renddesc(introcirc-rend_data-onion_address);
+{
+ connection_t *conn;
+
+ while ((conn = connection_get_by_type_state_rendquery(CONN_TYPE_AP,
+ AP_CONN_STATE_CIRCUIT_WAIT,
+ introcirc-rend_data-onion_address, -1))) {
+conn-state = AP_CONN_STATE_RENDDESC_WAIT;
+ }
+}
+
+return -1;
}
/* first 20 bytes of payload are the hash of Bob's pk */
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Allow rend_client_send_introduction to fail transiently
commit 2ad18ae7366ce4979b44fa53d0105940005489c0
Author: Robert Ransom rransom.8...@gmail.com
Date: Mon Apr 25 08:36:02 2011 -0700
Allow rend_client_send_introduction to fail transiently
i.e. without closing the AP connection.
---
changes/forget-rend-descs-on-newnym |4
src/or/circuituse.c | 18 --
src/or/rendclient.c | 20 ++--
3 files changed, 26 insertions(+), 16 deletions(-)
diff --git a/changes/forget-rend-descs-on-newnym
b/changes/forget-rend-descs-on-newnym
index c086973..ab2fd61 100644
--- a/changes/forget-rend-descs-on-newnym
+++ b/changes/forget-rend-descs-on-newnym
@@ -2,4 +2,8 @@
- Forget all hidden service descriptors cached as a client when
processing a SIGNAL NEWNYM command. Fixes bug 3000. Bugfix on
0.0.6.
+ o Code simplifications and refactoring:
+- Allow rend_client_send_introduction to fail without closing the
+ AP connection permanently.
+
diff --git a/src/or/circuituse.c b/src/or/circuituse.c
index 996c99c..247aca7 100644
--- a/src/or/circuituse.c
+++ b/src/or/circuituse.c
@@ -1560,14 +1560,20 @@
connection_ap_handshake_attach_circuit(edge_connection_t *conn)
introduction. (stream %d sec old),
introcirc-_base.n_circ_id, rendcirc-_base.n_circ_id,
conn_age);
-if (rend_client_send_introduction(introcirc, rendcirc) 0) {
+switch (rend_client_send_introduction(introcirc, rendcirc)) {
+case 0: /* success */
+ rendcirc-_base.timestamp_dirty = time(NULL);
+ introcirc-_base.timestamp_dirty = time(NULL);
+ assert_circuit_ok(TO_CIRCUIT(rendcirc));
+ assert_circuit_ok(TO_CIRCUIT(introcirc));
+ return 0;
+case -1: /* transient error */
+ return 0;
+case -2: /* permanent error */
return -1;
+default: /* oops */
+ tor_fragile_assert();
}
-rendcirc-_base.timestamp_dirty = time(NULL);
-introcirc-_base.timestamp_dirty = time(NULL);
-assert_circuit_ok(TO_CIRCUIT(rendcirc));
-assert_circuit_ok(TO_CIRCUIT(introcirc));
-return 0;
}
}
diff --git a/src/or/rendclient.c b/src/or/rendclient.c
index 37cca14..ca846d9 100644
--- a/src/or/rendclient.c
+++ b/src/or/rendclient.c
@@ -77,7 +77,7 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
log_warn(LD_REND,
query %s didn't have valid rend desc in cache. Failing.,
escaped_safe_str(introcirc-rend_data-onion_address));
-goto err;
+goto perm_err;
}
/* first 20 bytes of payload are the hash of Bob's pk */
@@ -115,13 +115,13 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
log_info(LD_REND, Internal error: could not find intro key; we
only have a v2 rend desc with %d intro points.,
num_intro_points);
-goto err;
+goto perm_err;
}
}
}
if (crypto_pk_get_digest(intro_key, payload)0) {
log_warn(LD_BUG, Internal error: couldn't hash public key.);
-goto err;
+goto perm_err;
}
/* Initialize the pending_final_cpath and start the DH handshake. */
@@ -132,11 +132,11 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
cpath-magic = CRYPT_PATH_MAGIC;
if (!(cpath-dh_handshake_state = crypto_dh_new(DH_TYPE_REND))) {
log_warn(LD_BUG, Internal error: couldn't allocate DH.);
- goto err;
+ goto perm_err;
}
if (crypto_dh_generate_public(cpath-dh_handshake_state)0) {
log_warn(LD_BUG, Internal error: couldn't generate g^x.);
- goto err;
+ goto perm_err;
}
}
@@ -186,7 +186,7 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
if (crypto_dh_get_public(cpath-dh_handshake_state, tmp+dh_offset,
DH_KEY_LEN)0) {
log_warn(LD_BUG, Internal error: couldn't extract g^x.);
-goto err;
+goto perm_err;
}
note_crypto_pk_op(REND_CLIENT);
@@ -199,7 +199,7 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
PK_PKCS1_OAEP_PADDING, 0);
if (r0) {
log_warn(LD_BUG,Internal error: hybrid pk encrypt failed.);
-goto err;
+goto perm_err;
}
payload_len = DIGEST_LEN + r;
@@ -212,17 +212,17 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
introcirc-cpath-prev)0) {
/* introcirc is already marked for close. leave rendcirc alone. */
log_warn(LD_BUG, Couldn't send INTRODUCE1 cell);
-return -1;
+return -2;
}
/* Now, we wait for an ACK or NAK on this circuit. */
introcirc-_base.purpose = CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT;
return 0;
-err:
+perm_err:
circuit_mark_for_close(TO_CIRCUIT(introcirc), END_CIRC_REASON_INTERNAL);
circuit_mark_for_close(TO_CIRCUIT(rendcirc), END_CIRC_REASON_INTERNAL);
- return
[tor-commits] [tor/master] Merge branch 'bug3k_021' into bug3k_022
commit 4b13ebd5ab4d051803e9cfde8bb965a4bf8ea90d
Merge: 0130e7c 8a36f21
Author: Sebastian Hahn sebast...@torproject.org
Date: Thu Apr 28 19:00:34 2011 +0200
Merge branch 'bug3k_021' into bug3k_022
Conflicts:
src/or/or.h
src/or/rendclient.c
changes/forget-rend-descs-on-newnym |9
src/or/circuituse.c | 19 ++---
src/or/main.c |2 +
src/or/rendclient.c | 81 +++---
src/or/rendclient.h |1 +
src/or/rendcommon.c | 10
src/or/rendcommon.h |1 +
7 files changed, 100 insertions(+), 23 deletions(-)
diff --cc src/or/rendclient.c
index 65e632f,fb95efb..97345bf
--- a/src/or/rendclient.c
+++ b/src/or/rendclient.c
@@@ -91,28 -74,67 +91,39 @@@ rend_client_send_introduction(origin_ci
if (rend_cache_lookup_entry(introcirc-rend_data-onion_address, -1,
entry) 1) {
- log_warn(LD_REND,
- query %s didn't have valid rend desc in cache. Failing.,
- escaped_safe_str_client(introcirc-rend_data-onion_address));
- goto err;
+ log_info(LD_REND,
+ query %s didn't have valid rend desc in cache.
+ Refetching descriptor.,
+ safe_str(introcirc-rend_data-onion_address));
-/* Fetch both v0 and v2 rend descriptors in parallel. Use whichever
- * arrives first. Exception: When using client authorization, only
- * fetch v2 descriptors.*/
+ rend_client_refetch_v2_renddesc(introcirc-rend_data);
-if (introcirc-rend_data-auth_type == REND_NO_AUTH)
- rend_client_refetch_renddesc(introcirc-rend_data-onion_address);
+ {
+ connection_t *conn;
+
+ while ((conn = connection_get_by_type_state_rendquery(CONN_TYPE_AP,
+AP_CONN_STATE_CIRCUIT_WAIT,
- introcirc-rend_data-onion_address, -1))) {
++ introcirc-rend_data-onion_address))) {
+ conn-state = AP_CONN_STATE_RENDDESC_WAIT;
+ }
+ }
+
+ return -1;
}
- /* first 20 bytes of payload are the hash of the intro key */
+ /* first 20 bytes of payload are the hash of Bob's pk */
- if (entry-parsed-version == 0) { /* un-versioned descriptor */
-intro_key = entry-parsed-pk;
- } else { /* versioned descriptor */
-intro_key = NULL;
-SMARTLIST_FOREACH(entry-parsed-intro_nodes, rend_intro_point_t *,
- intro, {
- if (!memcmp(introcirc-build_state-chosen_exit-identity_digest,
- intro-extend_info-identity_digest, DIGEST_LEN)) {
-intro_key = intro-intro_key;
-break;
- }
-});
-if (!intro_key) {
- /** XXX This case probably means that the intro point vanished while
- * we were building a circuit to it. In the future, we should find
- * out how that happened and whether we should kill the circuits to
- * removed intro points immediately. See task 1073. */
- int num_intro_points = smartlist_len(entry-parsed-intro_nodes);
- if (rend_cache_lookup_entry(introcirc-rend_data-onion_address,
- 0, entry) 0) {
-log_info(LD_REND, We have both a v0 and a v2 rend desc for this
- service. The v2 desc doesn't contain the introduction
- point (and key) to send an INTRODUCE1/2 cell to this
- introduction point. Assuming the introduction point
- is for v0 rend clients and using the service key
- from the v0 desc instead. (This is probably a bug,
- because we shouldn't even have both a v0 and a v2
- descriptor for the same service.));
-/* See flyspray task 1024. */
-intro_key = entry-parsed-pk;
- } else {
-log_info(LD_REND, Internal error: could not find intro key; we
- only have a v2 rend desc with %d intro points.,
- num_intro_points);
-goto perm_err;
- }
+ intro_key = NULL;
+ SMARTLIST_FOREACH(entry-parsed-intro_nodes, rend_intro_point_t *,
+intro, {
+if (!memcmp(introcirc-build_state-chosen_exit-identity_digest,
+intro-extend_info-identity_digest, DIGEST_LEN)) {
+ intro_key = intro-intro_key;
+ break;
}
+ });
+ if (!intro_key) {
- log_info(LD_REND, Our introduction point knowledge changed in
- mid-connect! Could not find intro key; we only have a
- v2 rend desc with %d intro points. Giving up.,
++log_info(LD_REND, Internal error: could not find intro key; we
++ only have a v2 rend desc with %d intro points.,
+ smartlist_len(entry-parsed-intro_nodes));
- goto err;
++goto perm_err;
}
if (crypto_pk_get_digest(intro_key, payload)0) {
log_warn(LD_BUG, Internal error: couldn't
[tor-commits] [tor/master] Merge remote-tracking branch 'origin/maint-0.2.2'
commit 32918e954fa3c2d55eb6b7695bd833197c31e09e Merge: 26456d3 2c0258b Author: Nick Mathewson ni...@torproject.org Date: Thu Apr 28 15:57:27 2011 -0400 Merge remote-tracking branch 'origin/maint-0.2.2' Conflicts: src/or/rendcommon.h changes/forget-rend-descs-on-newnym |9 src/or/circuituse.c | 19 ++--- src/or/main.c |2 + src/or/rendclient.c | 76 -- src/or/rendclient.h |1 + src/or/rendcommon.c | 10 + src/or/rendcommon.h |1 + 7 files changed, 98 insertions(+), 20 deletions(-) diff --cc src/or/rendcommon.h index 36d7e4a,44b5227..18d42b8 --- a/src/or/rendcommon.h +++ b/src/or/rendcommon.h @@@ -34,8 -34,9 +34,9 @@@ void rend_encoded_v2_service_descriptor void rend_intro_point_free(rend_intro_point_t *intro); void rend_cache_init(void); -void rend_cache_clean(void); -void rend_cache_clean_v2_descs_as_dir(void); +void rend_cache_clean(time_t now); +void rend_cache_clean_v2_descs_as_dir(time_t now); + void rend_cache_purge(void); void rend_cache_free_all(void); int rend_valid_service_id(const char *query); int rend_cache_lookup_desc(const char *query, int version, const char **desc, ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.2] Don't report empty bw-history lines in extrainfo
commit c1927d7d5f5dff5b8d7da5bd4e7a743eb06bcbb3
Author: Sebastian Hahn sebast...@torproject.org
Date: Sat Apr 16 16:01:36 2011 +0200
Don't report empty bw-history lines in extrainfo
Some tor relays would report lines like these in their extrainfo
documents:
dirreq-write-history 2011-03-14 16:46:44 (900 s)
This was confusing to some people who look at the stats. It would happen
whenever a relay first starts up, or when a relay has dirport disabled.
Change this so that lines without actual bw entries are omitted.
Implements ticket 2497.
---
changes/ticket2497 |4
src/or/rephist.c | 14 --
2 files changed, 16 insertions(+), 2 deletions(-)
diff --git a/changes/ticket2497 b/changes/ticket2497
new file mode 100644
index 000..5117141
--- /dev/null
+++ b/changes/ticket2497
@@ -0,0 +1,4 @@
+ o Minor features:
+- Ensure that no empty [dirreq-](read|write)-history lines are added
+ to an extrainfo document. Implements ticket 2497.
+
diff --git a/src/or/rephist.c b/src/or/rephist.c
index 9b7eefe..b55797a 100644
--- a/src/or/rephist.c
+++ b/src/or/rephist.c
@@ -1524,10 +1524,15 @@ rep_hist_get_bandwidth_lines(void)
size_t len;
/* opt [dirreq-](read|write)-history -mm-dd HH:MM:SS (n s) n,n,n... */
- len = (67+21*NUM_TOTALS)*4;
+/* The n,n,n part above. Largest representation of a uint64_t is 20 chars
+ * long, plus the comma. */
+#define MAX_HIST_VALUE_LEN 21*NUM_TOTALS
+ len = (67+MAX_HIST_VALUE_LEN)*4;
buf = tor_malloc_zero(len);
cp = buf;
for (r=0;r4;++r) {
+char tmp[MAX_HIST_VALUE_LEN];
+size_t slen;
switch (r) {
case 0:
b = write_array;
@@ -1547,11 +1552,16 @@ rep_hist_get_bandwidth_lines(void)
break;
}
tor_assert(b);
+slen = rep_hist_fill_bandwidth_history(tmp, MAX_HIST_VALUE_LEN, b);
+/* If we don't have anything to write, skip to the next entry. */
+if (slen == 0)
+ continue;
format_iso_time(t, b-next_period-NUM_SECS_BW_SUM_INTERVAL);
tor_snprintf(cp, len-(cp-buf), %s %s (%d s) ,
desc, t, NUM_SECS_BW_SUM_INTERVAL);
cp += strlen(cp);
-cp += rep_hist_fill_bandwidth_history(cp, len-(cp-buf), b);
+strlcat(cp, tmp, len-(cp-buf));
+cp += slen;
strlcat(cp, \n, len-(cp-buf));
++cp;
}
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.2] Merge remote-tracking branch 'sebastian/bug2497' into maint-0.2.2
commit 3055acbdbe914c31ca4825ed60b4cce6676bd61e Merge: 2c0258b c1927d7 Author: Nick Mathewson ni...@torproject.org Date: Thu Apr 28 16:05:34 2011 -0400 Merge remote-tracking branch 'sebastian/bug2497' into maint-0.2.2 changes/ticket2497 |4 src/or/rephist.c | 14 -- 2 files changed, 16 insertions(+), 2 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Don't report empty bw-history lines in extrainfo
commit c1927d7d5f5dff5b8d7da5bd4e7a743eb06bcbb3
Author: Sebastian Hahn sebast...@torproject.org
Date: Sat Apr 16 16:01:36 2011 +0200
Don't report empty bw-history lines in extrainfo
Some tor relays would report lines like these in their extrainfo
documents:
dirreq-write-history 2011-03-14 16:46:44 (900 s)
This was confusing to some people who look at the stats. It would happen
whenever a relay first starts up, or when a relay has dirport disabled.
Change this so that lines without actual bw entries are omitted.
Implements ticket 2497.
---
changes/ticket2497 |4
src/or/rephist.c | 14 --
2 files changed, 16 insertions(+), 2 deletions(-)
diff --git a/changes/ticket2497 b/changes/ticket2497
new file mode 100644
index 000..5117141
--- /dev/null
+++ b/changes/ticket2497
@@ -0,0 +1,4 @@
+ o Minor features:
+- Ensure that no empty [dirreq-](read|write)-history lines are added
+ to an extrainfo document. Implements ticket 2497.
+
diff --git a/src/or/rephist.c b/src/or/rephist.c
index 9b7eefe..b55797a 100644
--- a/src/or/rephist.c
+++ b/src/or/rephist.c
@@ -1524,10 +1524,15 @@ rep_hist_get_bandwidth_lines(void)
size_t len;
/* opt [dirreq-](read|write)-history -mm-dd HH:MM:SS (n s) n,n,n... */
- len = (67+21*NUM_TOTALS)*4;
+/* The n,n,n part above. Largest representation of a uint64_t is 20 chars
+ * long, plus the comma. */
+#define MAX_HIST_VALUE_LEN 21*NUM_TOTALS
+ len = (67+MAX_HIST_VALUE_LEN)*4;
buf = tor_malloc_zero(len);
cp = buf;
for (r=0;r4;++r) {
+char tmp[MAX_HIST_VALUE_LEN];
+size_t slen;
switch (r) {
case 0:
b = write_array;
@@ -1547,11 +1552,16 @@ rep_hist_get_bandwidth_lines(void)
break;
}
tor_assert(b);
+slen = rep_hist_fill_bandwidth_history(tmp, MAX_HIST_VALUE_LEN, b);
+/* If we don't have anything to write, skip to the next entry. */
+if (slen == 0)
+ continue;
format_iso_time(t, b-next_period-NUM_SECS_BW_SUM_INTERVAL);
tor_snprintf(cp, len-(cp-buf), %s %s (%d s) ,
desc, t, NUM_SECS_BW_SUM_INTERVAL);
cp += strlen(cp);
-cp += rep_hist_fill_bandwidth_history(cp, len-(cp-buf), b);
+strlcat(cp, tmp, len-(cp-buf));
+cp += slen;
strlcat(cp, \n, len-(cp-buf));
++cp;
}
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge remote-tracking branch 'sebastian/bug2497' into maint-0.2.2
commit 3055acbdbe914c31ca4825ed60b4cce6676bd61e Merge: 2c0258b c1927d7 Author: Nick Mathewson ni...@torproject.org Date: Thu Apr 28 16:05:34 2011 -0400 Merge remote-tracking branch 'sebastian/bug2497' into maint-0.2.2 changes/ticket2497 |4 src/or/rephist.c | 14 -- 2 files changed, 16 insertions(+), 2 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.2] Correct the logic from f14754fbd for tor_gmtime_r
commit 2dc9546eef6d748245d90b288f28ace1aa9b6f14
Author: John Brooks spec...@dereferenced.net
Date: Mon Jan 3 21:36:09 2011 -0700
Correct the logic from f14754fbd for tor_gmtime_r
---
src/common/compat.c |8 +---
1 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/src/common/compat.c b/src/common/compat.c
index 9b7c0b7..3644bd9 100644
--- a/src/common/compat.c
+++ b/src/common/compat.c
@@ -2112,7 +2112,7 @@ tor_localtime_r(const time_t *timep, struct tm *result)
* Convert *btimep/b to a struct tm in UTC, and store the value in
* *bresult/b. Return the result on success, or NULL on failure.
*/
-#ifndef HAVE_GMTIME_R
+#ifdef HAVE_GMTIME_R
struct tm *
tor_gmtime_r(const time_t *timep, struct tm *result)
{
@@ -2130,7 +2130,8 @@ tor_gmtime_r(const time_t *timep, struct tm *result)
tor_assert(result);
tor_mutex_acquire(m);
r = gmtime(timep);
- memcpy(result, r, sizeof(struct tm));
+ if (r)
+memcpy(result, r, sizeof(struct tm));
tor_mutex_release(m);
return correct_tm(0, timep, result, r);
}
@@ -2141,7 +2142,8 @@ tor_gmtime_r(const time_t *timep, struct tm *result)
struct tm *r;
tor_assert(result);
r = gmtime(timep);
- memcpy(result, r, sizeof(struct tm));
+ if (r)
+memcpy(result, r, sizeof(struct tm));
return correct_tm(0, timep, result, r);
}
#endif
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.2] Detect and handle NULL returns from (gm/local)time_r
commit 51e551d3837990b7c4491253a88bedd2513fe1de
Author: Nick Mathewson ni...@torproject.org
Date: Tue Dec 7 14:37:50 2010 -0500
Detect and handle NULL returns from (gm/local)time_r
These functions can return NULL for otherwise-valid values of
time_t. Notably, the glibc gmtime manpage says it can return NULL
if the year if greater than INT_MAX, and the windows MSDN gmtime
page says it can return NULL for negative time_t values.
Also, our formatting code is not guaranteed to correctly handle
years after CE.
This patch tries to correct this by detecting NULL values from
gmtime/localtime_r, and trying to clip them to a reasonable end of
the scale. If they are in the middle of the scale, we call it a
downright error.
Arguably, it's a bug to get out-of-bounds dates like this to begin
with. But we've had bugs of this kind in the past, and warning when
we see a bug is much kinder than doing a NULL-pointer dereference.
Boboper found this one too.
---
changes/gmtime_null |6 +++
src/common/compat.c | 104 +--
src/common/compat.h |9
3 files changed, 98 insertions(+), 21 deletions(-)
diff --git a/changes/gmtime_null b/changes/gmtime_null
new file mode 100644
index 000..16a2540
--- /dev/null
+++ b/changes/gmtime_null
@@ -0,0 +1,6 @@
+ o Minor bugfixes
+- On some platforms, gmtime and localtime can return NULL under
+ certain circumstances even for well-defined values of time_t.
+ Try to detect and make up for this deficiency. Possible fix for
+ bug 2077. Bugfix on all versions of Tor. Found by boboper.
+
diff --git a/src/common/compat.c b/src/common/compat.c
index 27489e5..9b7c0b7 100644
--- a/src/common/compat.c
+++ b/src/common/compat.c
@@ -1996,14 +1996,88 @@ tor_gettimeofday(struct timeval *timeval)
#define TIME_FNS_NEED_LOCKS
#endif
+static struct tm *
+correct_tm(int islocal, const time_t *timep, struct tm *resultbuf,
+ struct tm *r)
+{
+ const char *outcome;
+
+ if (PREDICT_LIKELY(r)) {
+if (r-tm_year 8099) { /* We can't strftime dates after CE. */
+ r-tm_year = 8099;
+ r-tm_mon = 11;
+ r-tm_mday = 31;
+ r-tm_yday = 365;
+ r-tm_hour = 23;
+ r-tm_min = 59;
+ r-tm_sec = 59;
+}
+return r;
+ }
+
+ /* If we get here, gmtime or localtime returned NULL. It might have done
+ * this because of overrun or underrun, or it might have done it because of
+ * some other weird issue. */
+ if (timep) {
+if (*timep 0) {
+ r = resultbuf;
+ r-tm_year = 70; /* 1970 CE */
+ r-tm_mon = 0;
+ r-tm_mday = 1;
+ r-tm_yday = 1;
+ r-tm_hour = 0;
+ r-tm_min = 0 ;
+ r-tm_sec = 0;
+ outcome = Rounding up to 1970;
+ goto done;
+} else if (*timep = INT32_MAX) {
+ /* Rounding down to INT32_MAX isn't so great, but keep in mind that we
+ * only do it if gmtime/localtime tells us NULL. */
+ r = resultbuf;
+ r-tm_year = 137; /* 2037 CE */
+ r-tm_mon = 11;
+ r-tm_mday = 31;
+ r-tm_yday = 365;
+ r-tm_hour = 23;
+ r-tm_min = 59;
+ r-tm_sec = 59;
+ outcome = Rounding down to 2037;
+ goto done;
+}
+ }
+
+ /* If we get here, then gmtime/localtime failed without getting an extreme
+ * value for *timep */
+
+ tor_fragile_assert();
+ r = resultbuf;
+ memset(resultbuf, 0, sizeof(struct tm));
+ outcome=can't recover;
+ done:
+ log_warn(LD_BUG, %s(I64_FORMAT) failed with error %s: %s,
+ islocal?localtime:gmtime,
+ timep?I64_PRINTF_ARG(*timep):0,
+ strerror(errno),
+ outcome);
+ return r;
+}
+
+
/** @{ */
/** As localtime_r, but defined for platforms that don't have it:
*
* Convert *btimep/b to a struct tm in local time, and store the value in
* *bresult/b. Return the result on success, or NULL on failure.
*/
-#ifndef HAVE_LOCALTIME_R
-#ifdef TIME_FNS_NEED_LOCKS
+#ifdef HAVE_LOCALTIME_R
+struct tm *
+tor_localtime_r(const time_t *timep, struct tm *result)
+{
+ struct tm *r;
+ r = localtime_r(timep, result);
+ return correct_tm(1, timep, result, r);
+}
+#elif defined(TIME_FNS_NEED_LOCKS)
struct tm *
tor_localtime_r(const time_t *timep, struct tm *result)
{
@@ -2013,9 +2087,10 @@ tor_localtime_r(const time_t *timep, struct tm *result)
tor_assert(result);
tor_mutex_acquire(m);
r = localtime(timep);
- memcpy(result, r, sizeof(struct tm));
+ if (r)
+memcpy(result, r, sizeof(struct tm));
tor_mutex_release(m);
- return result;
+ return correct_tm(1, timep, result, r);
}
#else
struct tm *
@@ -2024,11 +2099,11 @@ tor_localtime_r(const time_t *timep, struct tm *result)
struct tm *r;
tor_assert(result);
r = localtime(timep);
- memcpy(result, r, sizeof(struct tm));
- return result;
+ if (r)
+memcpy(result, r, sizeof(struct tm));
+ return correct_tm(1, timep, result, r);
}
#endif
-#endif
[tor-commits] [tor/master] Correct the logic from f14754fbd for tor_gmtime_r
commit 2dc9546eef6d748245d90b288f28ace1aa9b6f14
Author: John Brooks spec...@dereferenced.net
Date: Mon Jan 3 21:36:09 2011 -0700
Correct the logic from f14754fbd for tor_gmtime_r
---
src/common/compat.c |8 +---
1 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/src/common/compat.c b/src/common/compat.c
index 9b7c0b7..3644bd9 100644
--- a/src/common/compat.c
+++ b/src/common/compat.c
@@ -2112,7 +2112,7 @@ tor_localtime_r(const time_t *timep, struct tm *result)
* Convert *btimep/b to a struct tm in UTC, and store the value in
* *bresult/b. Return the result on success, or NULL on failure.
*/
-#ifndef HAVE_GMTIME_R
+#ifdef HAVE_GMTIME_R
struct tm *
tor_gmtime_r(const time_t *timep, struct tm *result)
{
@@ -2130,7 +2130,8 @@ tor_gmtime_r(const time_t *timep, struct tm *result)
tor_assert(result);
tor_mutex_acquire(m);
r = gmtime(timep);
- memcpy(result, r, sizeof(struct tm));
+ if (r)
+memcpy(result, r, sizeof(struct tm));
tor_mutex_release(m);
return correct_tm(0, timep, result, r);
}
@@ -2141,7 +2142,8 @@ tor_gmtime_r(const time_t *timep, struct tm *result)
struct tm *r;
tor_assert(result);
r = gmtime(timep);
- memcpy(result, r, sizeof(struct tm));
+ if (r)
+memcpy(result, r, sizeof(struct tm));
return correct_tm(0, timep, result, r);
}
#endif
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.2] Don't allow v0 HS auths to act as clients
commit df5c7fedbd938c5d4634eadcf53693e07d2c8182
Author: Robert Ransom rransom.8...@gmail.com
Date: Wed Apr 20 15:20:10 2011 -0700
Don't allow v0 HS auths to act as clients
A v0 HS authority stores v0 HS descriptors in the same descriptor
cache that its HS client functionality uses. Thus, if the HS
authority operator clears its client HS descriptor cache, ALL v0
HS descriptors will be lost. That would be bad.
---
changes/forget-rend-descs-on-newnym |3 +++
src/or/config.c |4
2 files changed, 7 insertions(+), 0 deletions(-)
diff --git a/changes/forget-rend-descs-on-newnym
b/changes/forget-rend-descs-on-newnym
index ab2fd61..f8758c2 100644
--- a/changes/forget-rend-descs-on-newnym
+++ b/changes/forget-rend-descs-on-newnym
@@ -2,6 +2,9 @@
- Forget all hidden service descriptors cached as a client when
processing a SIGNAL NEWNYM command. Fixes bug 3000. Bugfix on
0.0.6.
+ o Minor bugfixes:
+- Don't allow v0 hidden service authorities to act as clients.
+ Required by fix for bug 3000.
o Code simplifications and refactoring:
- Allow rend_client_send_introduction to fail without closing the
AP connection permanently.
diff --git a/src/or/config.c b/src/or/config.c
index f003e4d..9384b3a 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -3078,6 +3078,10 @@ options_validate(or_options_t *old_options, or_options_t
*options,
REJECT(FetchDirInfoExtraEarly requires that you also set
FetchDirInfoEarly);
+ if (options-HSAuthoritativeDir proxy_mode(options))
+REJECT(Running as authoritative v0 HS directory, but also configured
+ as a client.);
+
if (options-ConnLimit = 0) {
tor_asprintf(msg,
ConnLimit must be greater than 0, but was set to %d,
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.2] Avoid false positives from proxy_mode()
commit 6dfc0d530113e055d91b68969c81595ddc749f07
Author: Nick Mathewson ni...@torproject.org
Date: Thu Apr 28 17:45:41 2011 -0400
Avoid false positives from proxy_mode()
Previously it would erroneously return true if ListenAddr was set for
a client port, even if that port itself was 0. This would give false
positives, which were not previously harmful... but which were about
to become.
---
src/or/router.c |8
1 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/or/router.c b/src/or/router.c
index 0ef4728..65afd49 100644
--- a/src/or/router.c
+++ b/src/or/router.c
@@ -1107,10 +1107,10 @@ set_server_advertised(int s)
int
proxy_mode(or_options_t *options)
{
- return (options-SocksPort != 0 || options-SocksListenAddress ||
- options-TransPort != 0 || options-TransListenAddress ||
- options-NATDPort != 0 || options-NATDListenAddress ||
- options-DNSPort != 0 || options-DNSListenAddress);
+ return (options-SocksPort != 0 ||
+ options-TransPort != 0 ||
+ options-NATDPort != 0 ||
+ options-DNSPort != 0);
}
/** Decide if we're a publishable server. We are a publishable server if:
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.2] Ignore SIGNAL NEWNYM on relay-only Tor instances
commit ddd1b7be2dce0845e6c08dcb5404ae65940b9edb
Author: Robert Ransom rransom.8...@gmail.com
Date: Wed Apr 20 17:01:41 2011 -0700
Ignore SIGNAL NEWNYM on relay-only Tor instances
---
changes/forget-rend-descs-on-newnym |2 ++
src/or/main.c |7 +++
2 files changed, 9 insertions(+), 0 deletions(-)
diff --git a/changes/forget-rend-descs-on-newnym
b/changes/forget-rend-descs-on-newnym
index f8758c2..0ea09e0 100644
--- a/changes/forget-rend-descs-on-newnym
+++ b/changes/forget-rend-descs-on-newnym
@@ -5,6 +5,8 @@
o Minor bugfixes:
- Don't allow v0 hidden service authorities to act as clients.
Required by fix for bug 3000.
+- Ignore SIGNAL NEWNYM commands on relay-only Tor instances.
+ Required by fix for bug 3000.
o Code simplifications and refactoring:
- Allow rend_client_send_introduction to fail without closing the
AP connection permanently.
diff --git a/src/or/main.c b/src/or/main.c
index 3bf2169..a26be39 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -842,6 +842,13 @@ run_connection_housekeeping(int i, time_t now)
static void
signewnym_impl(time_t now)
{
+ or_options_t *options = get_options();
+ if (!proxy_mode(options)) {
+log_info(LD_CONTROL, Ignoring SIGNAL NEWNYM because client functionality
+ is disabled.);
+return;
+ }
+
circuit_expire_all_dirty_circs();
addressmap_clear_transient();
rend_cache_purge();
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.2] Merge branch 'bug3000-022-part2-squashed' into maint-0.2.2
commit 30003e43180561eb92f4146d3bf2a5f74523cda6 Merge: 2dc9546 6dfc0d5 Author: Nick Mathewson ni...@torproject.org Date: Thu Apr 28 18:13:17 2011 -0400 Merge branch 'bug3000-022-part2-squashed' into maint-0.2.2 changes/forget-rend-descs-on-newnym | 12 src/or/config.c |4 ++ src/or/main.c |7 +++ src/or/rendclient.c | 103 +-- src/or/router.c |8 ++-- 5 files changed, 90 insertions(+), 44 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.2] Fix bug 1930
commit b8708b5bd30f5ef6dd34f7199a5588627486bcd2
Author: Robert Ransom rransom.8...@gmail.com
Date: Tue Apr 26 02:21:25 2011 -0700
Fix bug 1930
---
changes/forget-rend-descs-on-newnym |7 +++
src/or/rendclient.c | 103 +--
2 files changed, 70 insertions(+), 40 deletions(-)
diff --git a/changes/forget-rend-descs-on-newnym
b/changes/forget-rend-descs-on-newnym
index 0ea09e0..da7afbe 100644
--- a/changes/forget-rend-descs-on-newnym
+++ b/changes/forget-rend-descs-on-newnym
@@ -2,6 +2,13 @@
- Forget all hidden service descriptors cached as a client when
processing a SIGNAL NEWNYM command. Fixes bug 3000. Bugfix on
0.0.6.
+ o Major bugfixes:
+- When we find that we have extended a hidden service's introduction
+ circuit to a relay which isn't listed as an introduction point in
+ the HS descriptor we currently have for the service, we now retry
+ one of the introduction points in the current HS descriptor.
+ Previously we would just give up. Bugfix on 0.2.0.10-alpha; fixes
+ bugs 1024 and 1930.
o Minor bugfixes:
- Don't allow v0 hidden service authorities to act as clients.
Required by fix for bug 3000.
diff --git a/src/or/rendclient.c b/src/or/rendclient.c
index 8803875..8d024d8 100644
--- a/src/or/rendclient.c
+++ b/src/or/rendclient.c
@@ -66,6 +66,50 @@ rend_client_send_establish_rendezvous(origin_circuit_t *circ)
return 0;
}
+/** Extend the introduction circuit bcirc/b to another valid
+ * introduction point for the hidden service it is trying to connect
+ * to, or mark it and launch a new circuit if we can't extend it.
+ * Return 0 on success. Return -1 and mark the introduction
+ * circuit on failure.
+ *
+ * On failure, the caller is responsible for marking the associated
+ * rendezvous circuit for close. */
+static int
+rend_client_reextend_intro_circuit(origin_circuit_t *circ)
+{
+ extend_info_t *extend_info;
+ int result;
+ extend_info = rend_client_get_random_intro(circ-rend_data);
+ if (!extend_info) {
+log_warn(LD_REND,
+ No usable introduction points left for %s. Closing.,
+ safe_str_client(circ-rend_data-onion_address));
+circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_INTERNAL);
+return -1;
+ }
+ if (circ-remaining_relay_early_cells) {
+log_info(LD_REND,
+ Re-extending circ %d, this time to %s.,
+ circ-_base.n_circ_id, extend_info-nickname);
+result = circuit_extend_to_new_exit(circ, extend_info);
+ } else {
+log_info(LD_REND,
+ Building a new introduction circuit, this time to %s.,
+ extend_info-nickname);
+circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_FINISHED);
+if (!circuit_launch_by_extend_info(CIRCUIT_PURPOSE_C_INTRODUCING,
+ extend_info,
+ CIRCLAUNCH_IS_INTERNAL)) {
+ log_warn(LD_REND, Building introduction circuit failed.);
+ result = -1;
+} else {
+ result = 0;
+}
+ }
+ extend_info_free(extend_info);
+ return result;
+}
+
/** Called when we're trying to connect an ap conn; sends an INTRODUCE1 cell
* down introcirc if possible.
*/
@@ -120,11 +164,18 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
}
});
if (!intro_key) {
-log_info(LD_REND, Our introduction point knowledge changed in
- mid-connect! Could not find intro key; we only have a
- v2 rend desc with %d intro points. Giving up.,
+log_info(LD_REND, Could not find intro key for %s at %s; we
+ have a v2 rend desc with %d intro points.
+ Trying a different intro point...,
+ safe_str_client(introcirc-rend_data-onion_address),
+ introcirc-build_state-chosen_exit-nickname,
smartlist_len(entry-parsed-intro_nodes));
-goto perm_err;
+
+if (rend_client_reextend_intro_circuit(introcirc)) {
+ goto perm_err;
+} else {
+ return -1;
+}
}
if (crypto_pk_get_digest(intro_key, payload)0) {
log_warn(LD_BUG, Internal error: couldn't hash public key.);
@@ -227,7 +278,8 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
return 0;
perm_err:
- circuit_mark_for_close(TO_CIRCUIT(introcirc), END_CIRC_REASON_INTERNAL);
+ if (!introcirc-_base.marked_for_close)
+circuit_mark_for_close(TO_CIRCUIT(introcirc), END_CIRC_REASON_INTERNAL);
circuit_mark_for_close(TO_CIRCUIT(rendcirc), END_CIRC_REASON_INTERNAL);
return -2;
}
@@ -290,45 +342,16 @@ rend_client_introduction_acked(origin_circuit_t *circ,
* points. If any remain, extend to a new one and try again.
* If none remain, refetch the service descriptor.
*/
+log_info(LD_REND, Got nack for %s from %s...,
+ safe_str_client(circ-rend_data-onion_address),
+ circ-build_state-chosen_exit-nickname);
if
[tor-commits] [tor/master] Don't allow v0 HS auths to act as clients
commit df5c7fedbd938c5d4634eadcf53693e07d2c8182
Author: Robert Ransom rransom.8...@gmail.com
Date: Wed Apr 20 15:20:10 2011 -0700
Don't allow v0 HS auths to act as clients
A v0 HS authority stores v0 HS descriptors in the same descriptor
cache that its HS client functionality uses. Thus, if the HS
authority operator clears its client HS descriptor cache, ALL v0
HS descriptors will be lost. That would be bad.
---
changes/forget-rend-descs-on-newnym |3 +++
src/or/config.c |4
2 files changed, 7 insertions(+), 0 deletions(-)
diff --git a/changes/forget-rend-descs-on-newnym
b/changes/forget-rend-descs-on-newnym
index ab2fd61..f8758c2 100644
--- a/changes/forget-rend-descs-on-newnym
+++ b/changes/forget-rend-descs-on-newnym
@@ -2,6 +2,9 @@
- Forget all hidden service descriptors cached as a client when
processing a SIGNAL NEWNYM command. Fixes bug 3000. Bugfix on
0.0.6.
+ o Minor bugfixes:
+- Don't allow v0 hidden service authorities to act as clients.
+ Required by fix for bug 3000.
o Code simplifications and refactoring:
- Allow rend_client_send_introduction to fail without closing the
AP connection permanently.
diff --git a/src/or/config.c b/src/or/config.c
index f003e4d..9384b3a 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -3078,6 +3078,10 @@ options_validate(or_options_t *old_options, or_options_t
*options,
REJECT(FetchDirInfoExtraEarly requires that you also set
FetchDirInfoEarly);
+ if (options-HSAuthoritativeDir proxy_mode(options))
+REJECT(Running as authoritative v0 HS directory, but also configured
+ as a client.);
+
if (options-ConnLimit = 0) {
tor_asprintf(msg,
ConnLimit must be greater than 0, but was set to %d,
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Ignore SIGNAL NEWNYM on relay-only Tor instances
commit ddd1b7be2dce0845e6c08dcb5404ae65940b9edb
Author: Robert Ransom rransom.8...@gmail.com
Date: Wed Apr 20 17:01:41 2011 -0700
Ignore SIGNAL NEWNYM on relay-only Tor instances
---
changes/forget-rend-descs-on-newnym |2 ++
src/or/main.c |7 +++
2 files changed, 9 insertions(+), 0 deletions(-)
diff --git a/changes/forget-rend-descs-on-newnym
b/changes/forget-rend-descs-on-newnym
index f8758c2..0ea09e0 100644
--- a/changes/forget-rend-descs-on-newnym
+++ b/changes/forget-rend-descs-on-newnym
@@ -5,6 +5,8 @@
o Minor bugfixes:
- Don't allow v0 hidden service authorities to act as clients.
Required by fix for bug 3000.
+- Ignore SIGNAL NEWNYM commands on relay-only Tor instances.
+ Required by fix for bug 3000.
o Code simplifications and refactoring:
- Allow rend_client_send_introduction to fail without closing the
AP connection permanently.
diff --git a/src/or/main.c b/src/or/main.c
index 3bf2169..a26be39 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -842,6 +842,13 @@ run_connection_housekeeping(int i, time_t now)
static void
signewnym_impl(time_t now)
{
+ or_options_t *options = get_options();
+ if (!proxy_mode(options)) {
+log_info(LD_CONTROL, Ignoring SIGNAL NEWNYM because client functionality
+ is disabled.);
+return;
+ }
+
circuit_expire_all_dirty_circs();
addressmap_clear_transient();
rend_cache_purge();
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Avoid false positives from proxy_mode()
commit 6dfc0d530113e055d91b68969c81595ddc749f07
Author: Nick Mathewson ni...@torproject.org
Date: Thu Apr 28 17:45:41 2011 -0400
Avoid false positives from proxy_mode()
Previously it would erroneously return true if ListenAddr was set for
a client port, even if that port itself was 0. This would give false
positives, which were not previously harmful... but which were about
to become.
---
src/or/router.c |8
1 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/or/router.c b/src/or/router.c
index 0ef4728..65afd49 100644
--- a/src/or/router.c
+++ b/src/or/router.c
@@ -1107,10 +1107,10 @@ set_server_advertised(int s)
int
proxy_mode(or_options_t *options)
{
- return (options-SocksPort != 0 || options-SocksListenAddress ||
- options-TransPort != 0 || options-TransListenAddress ||
- options-NATDPort != 0 || options-NATDListenAddress ||
- options-DNSPort != 0 || options-DNSListenAddress);
+ return (options-SocksPort != 0 ||
+ options-TransPort != 0 ||
+ options-NATDPort != 0 ||
+ options-DNSPort != 0);
}
/** Decide if we're a publishable server. We are a publishable server if:
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Fix bug 1930
commit b8708b5bd30f5ef6dd34f7199a5588627486bcd2
Author: Robert Ransom rransom.8...@gmail.com
Date: Tue Apr 26 02:21:25 2011 -0700
Fix bug 1930
---
changes/forget-rend-descs-on-newnym |7 +++
src/or/rendclient.c | 103 +--
2 files changed, 70 insertions(+), 40 deletions(-)
diff --git a/changes/forget-rend-descs-on-newnym
b/changes/forget-rend-descs-on-newnym
index 0ea09e0..da7afbe 100644
--- a/changes/forget-rend-descs-on-newnym
+++ b/changes/forget-rend-descs-on-newnym
@@ -2,6 +2,13 @@
- Forget all hidden service descriptors cached as a client when
processing a SIGNAL NEWNYM command. Fixes bug 3000. Bugfix on
0.0.6.
+ o Major bugfixes:
+- When we find that we have extended a hidden service's introduction
+ circuit to a relay which isn't listed as an introduction point in
+ the HS descriptor we currently have for the service, we now retry
+ one of the introduction points in the current HS descriptor.
+ Previously we would just give up. Bugfix on 0.2.0.10-alpha; fixes
+ bugs 1024 and 1930.
o Minor bugfixes:
- Don't allow v0 hidden service authorities to act as clients.
Required by fix for bug 3000.
diff --git a/src/or/rendclient.c b/src/or/rendclient.c
index 8803875..8d024d8 100644
--- a/src/or/rendclient.c
+++ b/src/or/rendclient.c
@@ -66,6 +66,50 @@ rend_client_send_establish_rendezvous(origin_circuit_t *circ)
return 0;
}
+/** Extend the introduction circuit bcirc/b to another valid
+ * introduction point for the hidden service it is trying to connect
+ * to, or mark it and launch a new circuit if we can't extend it.
+ * Return 0 on success. Return -1 and mark the introduction
+ * circuit on failure.
+ *
+ * On failure, the caller is responsible for marking the associated
+ * rendezvous circuit for close. */
+static int
+rend_client_reextend_intro_circuit(origin_circuit_t *circ)
+{
+ extend_info_t *extend_info;
+ int result;
+ extend_info = rend_client_get_random_intro(circ-rend_data);
+ if (!extend_info) {
+log_warn(LD_REND,
+ No usable introduction points left for %s. Closing.,
+ safe_str_client(circ-rend_data-onion_address));
+circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_INTERNAL);
+return -1;
+ }
+ if (circ-remaining_relay_early_cells) {
+log_info(LD_REND,
+ Re-extending circ %d, this time to %s.,
+ circ-_base.n_circ_id, extend_info-nickname);
+result = circuit_extend_to_new_exit(circ, extend_info);
+ } else {
+log_info(LD_REND,
+ Building a new introduction circuit, this time to %s.,
+ extend_info-nickname);
+circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_FINISHED);
+if (!circuit_launch_by_extend_info(CIRCUIT_PURPOSE_C_INTRODUCING,
+ extend_info,
+ CIRCLAUNCH_IS_INTERNAL)) {
+ log_warn(LD_REND, Building introduction circuit failed.);
+ result = -1;
+} else {
+ result = 0;
+}
+ }
+ extend_info_free(extend_info);
+ return result;
+}
+
/** Called when we're trying to connect an ap conn; sends an INTRODUCE1 cell
* down introcirc if possible.
*/
@@ -120,11 +164,18 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
}
});
if (!intro_key) {
-log_info(LD_REND, Our introduction point knowledge changed in
- mid-connect! Could not find intro key; we only have a
- v2 rend desc with %d intro points. Giving up.,
+log_info(LD_REND, Could not find intro key for %s at %s; we
+ have a v2 rend desc with %d intro points.
+ Trying a different intro point...,
+ safe_str_client(introcirc-rend_data-onion_address),
+ introcirc-build_state-chosen_exit-nickname,
smartlist_len(entry-parsed-intro_nodes));
-goto perm_err;
+
+if (rend_client_reextend_intro_circuit(introcirc)) {
+ goto perm_err;
+} else {
+ return -1;
+}
}
if (crypto_pk_get_digest(intro_key, payload)0) {
log_warn(LD_BUG, Internal error: couldn't hash public key.);
@@ -227,7 +278,8 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
return 0;
perm_err:
- circuit_mark_for_close(TO_CIRCUIT(introcirc), END_CIRC_REASON_INTERNAL);
+ if (!introcirc-_base.marked_for_close)
+circuit_mark_for_close(TO_CIRCUIT(introcirc), END_CIRC_REASON_INTERNAL);
circuit_mark_for_close(TO_CIRCUIT(rendcirc), END_CIRC_REASON_INTERNAL);
return -2;
}
@@ -290,45 +342,16 @@ rend_client_introduction_acked(origin_circuit_t *circ,
* points. If any remain, extend to a new one and try again.
* If none remain, refetch the service descriptor.
*/
+log_info(LD_REND, Got nack for %s from %s...,
+ safe_str_client(circ-rend_data-onion_address),
+ circ-build_state-chosen_exit-nickname);
if
[tor-commits] [tor/master] Merge branch 'bug3000-022-part2-squashed' into maint-0.2.2
commit 30003e43180561eb92f4146d3bf2a5f74523cda6 Merge: 2dc9546 6dfc0d5 Author: Nick Mathewson ni...@torproject.org Date: Thu Apr 28 18:13:17 2011 -0400 Merge branch 'bug3000-022-part2-squashed' into maint-0.2.2 changes/forget-rend-descs-on-newnym | 12 src/or/config.c |4 ++ src/or/main.c |7 +++ src/or/rendclient.c | 103 +-- src/or/router.c |8 ++-- 5 files changed, 90 insertions(+), 44 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.2] fix a function comment
commit 710227a77f3d47fec78497b0fabce13b4e3ce728
Author: Roger Dingledine a...@torproject.org
Date: Thu Apr 28 19:19:04 2011 -0400
fix a function comment
---
src/or/circuitbuild.c |3 +--
1 files changed, 1 insertions(+), 2 deletions(-)
diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c
index 90572d5..fe94264 100644
--- a/src/or/circuitbuild.c
+++ b/src/or/circuitbuild.c
@@ -4584,8 +4584,7 @@ find_bridge_by_digest(const char *digest)
return NULL;
}
-/** We need to ask bbridge/b for its server descriptor. baddress/b
- * is a helpful string describing this bridge. */
+/** We need to ask bbridge/b for its server descriptor. */
static void
launch_direct_bridge_descriptor_fetch(bridge_info_t *bridge)
{
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.2] Merge remote-tracking branch 'sebastian/bug3020' into maint-0.2.2
commit c12289792507c8dd51c2a947f7c910c70df4dd3d Merge: 710227a 525d270 Author: Nick Mathewson ni...@torproject.org Date: Thu Apr 28 20:03:57 2011 -0400 Merge remote-tracking branch 'sebastian/bug3020' into maint-0.2.2 changes/bug3020|7 +++ src/or/hibernate.c |3 ++- 2 files changed, 9 insertions(+), 1 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.2] Correctly check elapsed time in last hibernation period
commit 525d2700dd8b6c794a69ea0be63864baeff27617
Author: Sebastian Hahn sebast...@torproject.org
Date: Fri Apr 29 01:18:32 2011 +0200
Correctly check elapsed time in last hibernation period
Fix bug 3020.
---
changes/bug3020|7 +++
src/or/hibernate.c |3 ++-
2 files changed, 9 insertions(+), 1 deletions(-)
diff --git a/changes/bug3020 b/changes/bug3020
new file mode 100644
index 000..b987161
--- /dev/null
+++ b/changes/bug3020
@@ -0,0 +1,7 @@
+ o Minor bugfixes:
+- When checking whether a hibernation period has fully elapsed, use
+ the amount of seconds we expect for that period instead of using
+ the new period that just started. This would cause an issue because
+ February is a really short month. Bugfix on 0.2.2.17-alpha;
+ fixes bug 3020.
+
diff --git a/src/or/hibernate.c b/src/or/hibernate.c
index 1878d5d..aebce4c 100644
--- a/src/or/hibernate.c
+++ b/src/or/hibernate.c
@@ -378,7 +378,8 @@ configure_accounting(time_t now)
/* We are in the interval we thought we were in. Do nothing.*/
interval_end_time = start_of_accounting_period_after(interval_start_time);
} else {
-long duration = length_of_accounting_period_containing(now);
+long duration =
+ length_of_accounting_period_containing(interval_start_time);
double delta = ((double)(s_now - interval_start_time)) / duration;
if (-0.50 = delta delta = 0.50) {
/* The start of the period is now a little later or earlier than we
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Correctly check elapsed time in last hibernation period
commit 525d2700dd8b6c794a69ea0be63864baeff27617
Author: Sebastian Hahn sebast...@torproject.org
Date: Fri Apr 29 01:18:32 2011 +0200
Correctly check elapsed time in last hibernation period
Fix bug 3020.
---
changes/bug3020|7 +++
src/or/hibernate.c |3 ++-
2 files changed, 9 insertions(+), 1 deletions(-)
diff --git a/changes/bug3020 b/changes/bug3020
new file mode 100644
index 000..b987161
--- /dev/null
+++ b/changes/bug3020
@@ -0,0 +1,7 @@
+ o Minor bugfixes:
+- When checking whether a hibernation period has fully elapsed, use
+ the amount of seconds we expect for that period instead of using
+ the new period that just started. This would cause an issue because
+ February is a really short month. Bugfix on 0.2.2.17-alpha;
+ fixes bug 3020.
+
diff --git a/src/or/hibernate.c b/src/or/hibernate.c
index 1878d5d..aebce4c 100644
--- a/src/or/hibernate.c
+++ b/src/or/hibernate.c
@@ -378,7 +378,8 @@ configure_accounting(time_t now)
/* We are in the interval we thought we were in. Do nothing.*/
interval_end_time = start_of_accounting_period_after(interval_start_time);
} else {
-long duration = length_of_accounting_period_containing(now);
+long duration =
+ length_of_accounting_period_containing(interval_start_time);
double delta = ((double)(s_now - interval_start_time)) / duration;
if (-0.50 = delta delta = 0.50) {
/* The start of the period is now a little later or earlier than we
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] fix a function comment
commit 710227a77f3d47fec78497b0fabce13b4e3ce728
Author: Roger Dingledine a...@torproject.org
Date: Thu Apr 28 19:19:04 2011 -0400
fix a function comment
---
src/or/circuitbuild.c |3 +--
1 files changed, 1 insertions(+), 2 deletions(-)
diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c
index 90572d5..fe94264 100644
--- a/src/or/circuitbuild.c
+++ b/src/or/circuitbuild.c
@@ -4584,8 +4584,7 @@ find_bridge_by_digest(const char *digest)
return NULL;
}
-/** We need to ask bbridge/b for its server descriptor. baddress/b
- * is a helpful string describing this bridge. */
+/** We need to ask bbridge/b for its server descriptor. */
static void
launch_direct_bridge_descriptor_fetch(bridge_info_t *bridge)
{
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge remote-tracking branch 'origin/maint-0.2.2'
commit bb8689b86480d81aa150d5f27fa830afc4de4077 Merge: f38ecd5 c122897 Author: Nick Mathewson ni...@torproject.org Date: Thu Apr 28 20:05:48 2011 -0400 Merge remote-tracking branch 'origin/maint-0.2.2' changes/bug3020 |7 +++ src/or/circuitbuild.c |3 +-- src/or/hibernate.c|3 ++- 3 files changed, 10 insertions(+), 3 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.2] Revert If we are not using BEGIN_DIR cells, don't attempt to contact hidden service directories with non-open dir port.
commit a6cc15e2aedfc370fc0328edd375a869338ee4f1
Author: Robert Ransom rransom.8...@gmail.com
Date: Sat Mar 12 07:17:26 2011 -0800
Revert If we are not using BEGIN_DIR cells, don't attempt to contact
hidden service directories with non-open dir port.
This reverts commit 9a7098487b2c25f36112b3521758f42621dcd6af.
Conflicts:
ChangeLog (left unchanged by this commit)
---
src/or/routerlist.c | 10 ++
1 files changed, 2 insertions(+), 8 deletions(-)
diff --git a/src/or/routerlist.c b/src/or/routerlist.c
index fb8fb88..5e9c82a 100644
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
@@ -5335,7 +5335,6 @@ hid_serv_get_responsible_directories(smartlist_t
*responsible_dirs,
{
int start, found, n_added = 0, i;
networkstatus_t *c = networkstatus_get_latest_consensus();
- int use_begindir = get_options()-TunnelDirConns;
if (!c || !smartlist_len(c-routerstatus_list)) {
log_warn(LD_REND, We don't have a consensus, so we can't perform v2
rendezvous operations.);
@@ -5348,14 +5347,9 @@ hid_serv_get_responsible_directories(smartlist_t
*responsible_dirs,
do {
routerstatus_t *r = smartlist_get(c-routerstatus_list, i);
if (r-is_hs_dir) {
- if (r-dir_port || use_begindir)
-smartlist_add(responsible_dirs, r);
- else
-log_info(LD_REND, Not adding router '%s' to list of responsible
- hidden service directories, because we have no way of
- reaching it., r-nickname);
+ smartlist_add(responsible_dirs, r);
if (++n_added == REND_NUMBER_OF_CONSECUTIVE_REPLICAS)
-break;
+return 0;
}
if (++i == smartlist_len(c-routerstatus_list))
i = 0;
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.2] Add an XXX to the DA code regarding bug 2722
commit 134da2fbcf865418863bda8d4c479a20f6f6651d Author: Robert Ransom rransom.8...@gmail.com Date: Mon Apr 18 12:00:48 2011 -0700 Add an XXX to the DA code regarding bug 2722 --- src/or/dirserv.c |2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diff --git a/src/or/dirserv.c b/src/or/dirserv.c index f65f258..525524c 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -1811,6 +1811,8 @@ dirserv_thinks_router_is_hs_dir(routerinfo_t *router, time_t now) * bug 1693. In the future, once relays set wants_to_be_hs_dir * correctly, we can revert to only checking dir_port if router's * version is too old. */ + /* XXX Unfortunately, we need to keep checking dir_port until all + * *clients* suffering from bug 2722 are obsolete. */ return (router-wants_to_be_hs_dir router-dir_port uptime get_options()-MinUptimeHidServDirectoryV2 router-is_running); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.2] Merge remote-tracking branches 'rransom/bug2722' and 'rransom/bug2722b' into maint-0.2.2
commit 6b9aadd557de171f0de7b700ba427a9a37a545fa
Merge: c122897 eb50e3d 134da2f
Author: Nick Mathewson ni...@torproject.org
Date: Thu Apr 28 20:36:38 2011 -0400
Merge remote-tracking branches 'rransom/bug2722' and 'rransom/bug2722b'
into maint-0.2.2
changes/bug2722 | 11 +++
src/or/dirserv.c|2 ++
src/or/routerlist.c | 10 ++
3 files changed, 15 insertions(+), 8 deletions(-)
diff --cc src/or/routerlist.c
index d9f099b,5e9c82a,4deff53..f567ccd
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
-506,36 -463,37 -506,36 +506,36
authority_certs_fetch_missing(networkst
!digestmap_get(pending, voter-identity_digest)) {
log_notice(LD_DIR, We're missing a certificate from authority
with signing key %s: launching request.,
- hex_str(voter-signing_key_digest, DIGEST_LEN));
- smartlist_add(missing_digests, voter-identity_digest);
+ hex_str(sig-signing_key_digest, DIGEST_LEN));
+ smartlist_add(missing_digests, sig-identity_digest);
}
- });
+ } SMARTLIST_FOREACH_END(sig);
+ } SMARTLIST_FOREACH_END(voter);
}
- SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ds,
- {
- int found = 0;
- if (!(ds-type V3_AUTHORITY))
- continue;
- if (smartlist_digest_isin(missing_digests, ds-v3_identity_digest))
- continue;
- cl = get_cert_list(ds-v3_identity_digest);
- SMARTLIST_FOREACH(cl-certs, authority_cert_t *, cert,
- {
- if (!ftime_definitely_after(now, cert-expires)) {
- /* It's not expired, and we weren't looking for something to
- * verify a consensus with. Call it done. */
- download_status_reset(cl-dl_status);
- found = 1;
- break;
- }
- });
- if (!found
- download_status_is_ready(cl-dl_status, now,MAX_CERT_DL_FAILURES)
- !digestmap_get(pending, ds-v3_identity_digest)) {
- log_notice(LD_DIR, No current certificate known for authority %s;
-launching request., ds-nickname);
- smartlist_add(missing_digests, ds-v3_identity_digest);
+ SMARTLIST_FOREACH_BEGIN(trusted_dir_servers, trusted_dir_server_t *, ds) {
+ int found = 0;
+ if (!(ds-type V3_AUTHORITY))
+ continue;
+ if (smartlist_digest_isin(missing_digests, ds-v3_identity_digest))
+ continue;
+ cl = get_cert_list(ds-v3_identity_digest);
+ SMARTLIST_FOREACH(cl-certs, authority_cert_t *, cert, {
+ if (now cert-expires) {
+ /* It's not expired, and we weren't looking for something to
+ * verify a consensus with. Call it done. */
+ download_status_reset(cl-dl_status);
+ found = 1;
+ break;
}
});
+ if (!found
+ download_status_is_ready(cl-dl_status, now,MAX_CERT_DL_FAILURES)
+ !digestmap_get(pending, ds-v3_identity_digest)) {
- log_notice(LD_DIR, No current certificate known for authority %s;
- launching request., ds-nickname);
++ log_info(LD_DIR, No current certificate known for authority %s;
++ launching request., ds-nickname);
+ smartlist_add(missing_digests, ds-v3_identity_digest);
+ }
+ } SMARTLIST_FOREACH_END(ds);
if (!smartlist_len(missing_digests)) {
goto done;
-5594,14 -5192,9 -5550,13 +5594,14
routerset_get_all_routers(smartlist_t *
}
}
- /** Add to btarget/b every routerinfo_t from bsource/b that is in
- * binclude/b, but not excluded in a more specific fashion by
- * bexclude/b. If brunning_only/b, only include running routers.
++#if 0
+ /** Add to btarget/b every routerinfo_t from bsource/b except:
+ *
+ * 1) Don't add it if binclude/b is non-empty and the relay isn't in
+ * binclude/b; and
+ * 2) Don't add it if bexclude/b is non-empty and the relay is
+ * excluded in a more specific fashion by bexclude/b.
+ * 3) If brunning_only/b, don't add non-running routers.
*/
void
routersets_get_disjunction(smartlist_t *target,
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.2] Clarify comment to say which version fixed 2722
commit 5693fedb60ee19048d45ed892edb07925b52678b Author: Nick Mathewson ni...@torproject.org Date: Thu Apr 28 20:38:15 2011 -0400 Clarify comment to say which version fixed 2722 --- src/or/dirserv.c |3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diff --git a/src/or/dirserv.c b/src/or/dirserv.c index 525524c..c8dda66 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -1812,7 +1812,8 @@ dirserv_thinks_router_is_hs_dir(routerinfo_t *router, time_t now) * correctly, we can revert to only checking dir_port if router's * version is too old. */ /* XXX Unfortunately, we need to keep checking dir_port until all - * *clients* suffering from bug 2722 are obsolete. */ + * *clients* suffering from bug 2722 are obsolete. The first version + * to fix the bug was 0.2.2.25-alpha. */ return (router-wants_to_be_hs_dir router-dir_port uptime get_options()-MinUptimeHidServDirectoryV2 router-is_running); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Revert If we are not using BEGIN_DIR cells, don't attempt to contact hidden service directories with non-open dir port.
commit a6cc15e2aedfc370fc0328edd375a869338ee4f1
Author: Robert Ransom rransom.8...@gmail.com
Date: Sat Mar 12 07:17:26 2011 -0800
Revert If we are not using BEGIN_DIR cells, don't attempt to contact
hidden service directories with non-open dir port.
This reverts commit 9a7098487b2c25f36112b3521758f42621dcd6af.
Conflicts:
ChangeLog (left unchanged by this commit)
---
src/or/routerlist.c | 10 ++
1 files changed, 2 insertions(+), 8 deletions(-)
diff --git a/src/or/routerlist.c b/src/or/routerlist.c
index fb8fb88..5e9c82a 100644
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
@@ -5335,7 +5335,6 @@ hid_serv_get_responsible_directories(smartlist_t
*responsible_dirs,
{
int start, found, n_added = 0, i;
networkstatus_t *c = networkstatus_get_latest_consensus();
- int use_begindir = get_options()-TunnelDirConns;
if (!c || !smartlist_len(c-routerstatus_list)) {
log_warn(LD_REND, We don't have a consensus, so we can't perform v2
rendezvous operations.);
@@ -5348,14 +5347,9 @@ hid_serv_get_responsible_directories(smartlist_t
*responsible_dirs,
do {
routerstatus_t *r = smartlist_get(c-routerstatus_list, i);
if (r-is_hs_dir) {
- if (r-dir_port || use_begindir)
-smartlist_add(responsible_dirs, r);
- else
-log_info(LD_REND, Not adding router '%s' to list of responsible
- hidden service directories, because we have no way of
- reaching it., r-nickname);
+ smartlist_add(responsible_dirs, r);
if (++n_added == REND_NUMBER_OF_CONSECUTIVE_REPLICAS)
-break;
+return 0;
}
if (++i == smartlist_len(c-routerstatus_list))
i = 0;
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Add an XXX to the DA code regarding bug 2722
commit 134da2fbcf865418863bda8d4c479a20f6f6651d Author: Robert Ransom rransom.8...@gmail.com Date: Mon Apr 18 12:00:48 2011 -0700 Add an XXX to the DA code regarding bug 2722 --- src/or/dirserv.c |2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diff --git a/src/or/dirserv.c b/src/or/dirserv.c index f65f258..525524c 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -1811,6 +1811,8 @@ dirserv_thinks_router_is_hs_dir(routerinfo_t *router, time_t now) * bug 1693. In the future, once relays set wants_to_be_hs_dir * correctly, we can revert to only checking dir_port if router's * version is too old. */ + /* XXX Unfortunately, we need to keep checking dir_port until all + * *clients* suffering from bug 2722 are obsolete. */ return (router-wants_to_be_hs_dir router-dir_port uptime get_options()-MinUptimeHidServDirectoryV2 router-is_running); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge remote-tracking branch 'origin/maint-0.2.2'
commit 9d67d16c6a99c662f0fe81068f66de471b39a616 Merge: bb8689b 5693fed Author: Nick Mathewson ni...@torproject.org Date: Thu Apr 28 20:38:50 2011 -0400 Merge remote-tracking branch 'origin/maint-0.2.2' changes/bug2722 | 11 +++ src/or/dirserv.c|3 +++ src/or/routerlist.c | 10 ++ 3 files changed, 16 insertions(+), 8 deletions(-) diff --cc src/or/dirserv.c index 759b1cf,c8dda66..bbd25da --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@@ -1839,9 -1811,12 +1839,12 @@@ dirserv_thinks_router_is_hs_dir(const r * bug 1693. In the future, once relays set wants_to_be_hs_dir * correctly, we can revert to only checking dir_port if router's * version is too old. */ + /* XXX Unfortunately, we need to keep checking dir_port until all +* *clients* suffering from bug 2722 are obsolete. The first version +* to fix the bug was 0.2.2.25-alpha. */ return (router-wants_to_be_hs_dir router-dir_port uptime get_options()-MinUptimeHidServDirectoryV2 - router-is_running); + node-is_running); } /** Look through the routerlist, the Mean Time Between Failure history, and ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.2] stop putting wacky values into state-lastwritten
commit df3cf881d1d217b6ff3757bf95f8c2784584fec8
Author: Roger Dingledine a...@torproject.org
Date: Thu Apr 28 20:40:15 2011 -0400
stop putting wacky values into state-lastwritten
---
changes/bug3039 |5 +
src/or/circuitbuild.c |2 +-
src/or/config.c | 20 +---
src/or/config.h |1 +
4 files changed, 24 insertions(+), 4 deletions(-)
diff --git a/changes/bug3039 b/changes/bug3039
new file mode 100644
index 000..7347ee3
--- /dev/null
+++ b/changes/bug3039
@@ -0,0 +1,5 @@
+ o Minor bugfixes:
+- Write the current time into the LastWritten line in our state file,
+ rather than the time from the previous write attempt. Also, stop
+ trying to use a time of -1 in our log statements. Fixes bug 3039;
+ bugfix on 0.2.2.14-alpha.
diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c
index fe94264..85765e3 100644
--- a/src/or/circuitbuild.c
+++ b/src/or/circuitbuild.c
@@ -119,7 +119,7 @@ circuit_build_times_disabled(void)
0, 0, 1);
int config_disabled = !get_options()-LearnCircuitBuildTimeout;
int dirauth_disabled = get_options()-AuthoritativeDir;
-int state_disabled = (get_or_state()-LastWritten == -1);
+int state_disabled = did_last_state_file_write_fail() ? 1 : 0;
if (consensus_disabled || config_disabled || dirauth_disabled ||
state_disabled) {
diff --git a/src/or/config.c b/src/or/config.c
index 9384b3a..7534cc7 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -5119,6 +5119,18 @@ or_state_load(void)
return r;
}
+/** Did the last time we tried to write the state file fail? If so, we
+ * should consider disabling such features as preemptive circuit generation
+ * to compute circuit-build-time. */
+static int last_state_file_write_failed = 0;
+
+/** Return whether the state file failed to write last time we tried. */
+int
+did_last_state_file_write_fail(void)
+{
+ return last_state_file_write_failed;
+}
+
/** If writing the state to disk fails, try again after this many seconds. */
#define STATE_WRITE_RETRY_INTERVAL 3600
@@ -5143,11 +5155,13 @@ or_state_save(time_t now)
if (accounting_is_enabled(get_options()))
accounting_run_housekeeping(now);
+ global_state-LastWritten = now;
+
tor_free(global_state-TorVersion);
tor_asprintf(global_state-TorVersion, Tor %s, get_version());
state = config_dump(state_format, global_state, 1, 0);
- format_local_iso_time(tbuf, time(NULL));
+ format_local_iso_time(tbuf, now);
tor_asprintf(contents,
# Tor state file last generated on %s local time\n
# Other times below are in GMT\n
@@ -5158,7 +5172,7 @@ or_state_save(time_t now)
if (write_str_to_file(fname, contents, 0)0) {
log_warn(LD_FS, Unable to write state to file \%s\;
will try again later, fname);
-global_state-LastWritten = -1;
+last_state_file_write_failed = 1;
tor_free(fname);
tor_free(contents);
/* Try again after STATE_WRITE_RETRY_INTERVAL (or sooner, if the state
@@ -5167,7 +5181,7 @@ or_state_save(time_t now)
return -1;
}
- global_state-LastWritten = time(NULL);
+ last_state_file_write_failed = 0;
log_info(LD_GENERAL, Saved state to \%s\, fname);
tor_free(fname);
tor_free(contents);
diff --git a/src/or/config.h b/src/or/config.h
index defda35..78a67dd 100644
--- a/src/or/config.h
+++ b/src/or/config.h
@@ -58,6 +58,7 @@ char *options_get_datadir_fname2_suffix(or_options_t *options,
get_datadir_fname2_suffix((sub1), NULL, (suffix))
or_state_t *get_or_state(void);
+int did_last_state_file_write_fail(void);
int or_state_save(time_t now);
int options_need_geoip_info(or_options_t *options, const char **reason_out);
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.2] Merge remote-tracking branch 'arma/bug3039' into maint-0.2.2
commit 4010427b519c3727351905bbe5a75e85a055dd58 Merge: 5693fed df3cf88 Author: Nick Mathewson ni...@torproject.org Date: Thu Apr 28 20:53:44 2011 -0400 Merge remote-tracking branch 'arma/bug3039' into maint-0.2.2 changes/bug3039 |5 + src/or/circuitbuild.c |2 +- src/or/config.c | 20 +--- src/or/config.h |1 + 4 files changed, 24 insertions(+), 4 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge remote-tracking branch 'arma/bug3039' into maint-0.2.2
commit 4010427b519c3727351905bbe5a75e85a055dd58 Merge: 5693fed df3cf88 Author: Nick Mathewson ni...@torproject.org Date: Thu Apr 28 20:53:44 2011 -0400 Merge remote-tracking branch 'arma/bug3039' into maint-0.2.2 changes/bug3039 |5 + src/or/circuitbuild.c |2 +- src/or/config.c | 20 +--- src/or/config.h |1 + 4 files changed, 24 insertions(+), 4 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge remote-tracking branch 'origin/maint-0.2.2'
commit b0a7e0d6ca45bef3c5836d9082dcc9461cee6c9c Merge: 9d67d16 4010427 Author: Nick Mathewson ni...@torproject.org Date: Thu Apr 28 20:55:03 2011 -0400 Merge remote-tracking branch 'origin/maint-0.2.2' changes/bug3039 |5 + src/or/circuitbuild.c |2 +- src/or/config.c | 20 +--- src/or/config.h |1 + 4 files changed, 24 insertions(+), 4 deletions(-) diff --cc src/or/config.h index 7f0a3d1,78a67dd..49f7e25 --- a/src/or/config.h +++ b/src/or/config.h @@@ -57,9 -57,8 +57,10 @@@ char *options_get_datadir_fname2_suffix #define get_datadir_fname_suffix(sub1, suffix) \ get_datadir_fname2_suffix((sub1), NULL, (suffix)) +int get_num_cpus(const or_options_t *options); + or_state_t *get_or_state(void); + int did_last_state_file_write_fail(void); int or_state_save(time_t now); int options_need_geoip_info(or_options_t *options, const char **reason_out); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.2] Merge remote-tracking branch 'arma/bug3012' into maint-0.2.2
commit f0d9e2d6507adcc069b38cd9e0aaf6702f576314 Merge: 4010427 66de6f7 Author: Nick Mathewson ni...@torproject.org Date: Thu Apr 28 21:15:14 2011 -0400 Merge remote-tracking branch 'arma/bug3012' into maint-0.2.2 changes/bug3012 |5 + src/or/config.c | 11 ++- 2 files changed, 15 insertions(+), 1 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.2] relays checkpoint their state file twice a day
commit 66de6f7eb8e2948f6c3849dbca20c7b31969b5b7 Author: Roger Dingledine a...@torproject.org Date: Thu Apr 28 21:06:25 2011 -0400 relays checkpoint their state file twice a day --- changes/bug3012 |5 + src/or/config.c | 11 ++- 2 files changed, 15 insertions(+), 1 deletions(-) diff --git a/changes/bug3012 b/changes/bug3012 new file mode 100644 index 000..dfde5fa --- /dev/null +++ b/changes/bug3012 @@ -0,0 +1,5 @@ + o Minor features: +- Relays can go for weeks without writing out their state file. A + relay that crashes would lose its bandwidth history (including + capacity estimate), client country statistics, and so on. Now relays + checkpoint the file at least every 12 hours. Addresses bug 3012. diff --git a/src/or/config.c b/src/or/config.c index 9384b3a..dc24140 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -5122,6 +5122,11 @@ or_state_load(void) /** If writing the state to disk fails, try again after this many seconds. */ #define STATE_WRITE_RETRY_INTERVAL 3600 +/** If we're a relay, how often should we checkpoint our state file even + * if nothing else dirties it? This will checkpoint ongoing stats like + * bandwidth used, per-country user stats, etc. */ +#define STATE_RELAY_CHECKPOINT_INTERVAL (12*60*60) + /** Write the persistent state to disk. Return 0 for success, 0 on failure. */ int or_state_save(time_t now) @@ -5172,7 +5177,11 @@ or_state_save(time_t now) tor_free(fname); tor_free(contents); - global_state-next_write = TIME_MAX; + if (server_mode(get_options())) +global_state-next_write = now + STATE_RELAY_CHECKPOINT_INTERVAL; + else +global_state-next_write = TIME_MAX; + return 0; } ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.2] Add changes file for previous commit
commit eb50e3d6bf6eb9880f92050cb0db849394bd6cb0 Author: Robert Ransom rransom.8...@gmail.com Date: Sat Mar 12 07:29:04 2011 -0800 Add changes file for previous commit --- changes/bug2722 | 11 +++ 1 files changed, 11 insertions(+), 0 deletions(-) diff --git a/changes/bug2722 b/changes/bug2722 new file mode 100644 index 000..ed132fc --- /dev/null +++ b/changes/bug2722 @@ -0,0 +1,11 @@ + o Minor bugfixes +- Ignore the TunnelDirConns option when determining which HSDir + relays are responsible for a hidden service descriptor ID. + Currently, clients and hidden services with TunnelDirConns off + will skip over HSDir relays which do not advertise a DirPort + when making a list of HSDirs responsible for a descriptor ID, + even though they would never try to use a HSDir's DirPort to + upload or fetch a hidden service descriptor. Fixes bug 2722; + bugfix on 0.2.1.6-alpha. + + ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.2] Don't report empty bw-history lines in extrainfo
commit c1927d7d5f5dff5b8d7da5bd4e7a743eb06bcbb3
Author: Sebastian Hahn sebast...@torproject.org
Date: Sat Apr 16 16:01:36 2011 +0200
Don't report empty bw-history lines in extrainfo
Some tor relays would report lines like these in their extrainfo
documents:
dirreq-write-history 2011-03-14 16:46:44 (900 s)
This was confusing to some people who look at the stats. It would happen
whenever a relay first starts up, or when a relay has dirport disabled.
Change this so that lines without actual bw entries are omitted.
Implements ticket 2497.
---
changes/ticket2497 |4
src/or/rephist.c | 14 --
2 files changed, 16 insertions(+), 2 deletions(-)
diff --git a/changes/ticket2497 b/changes/ticket2497
new file mode 100644
index 000..5117141
--- /dev/null
+++ b/changes/ticket2497
@@ -0,0 +1,4 @@
+ o Minor features:
+- Ensure that no empty [dirreq-](read|write)-history lines are added
+ to an extrainfo document. Implements ticket 2497.
+
diff --git a/src/or/rephist.c b/src/or/rephist.c
index 9b7eefe..b55797a 100644
--- a/src/or/rephist.c
+++ b/src/or/rephist.c
@@ -1524,10 +1524,15 @@ rep_hist_get_bandwidth_lines(void)
size_t len;
/* opt [dirreq-](read|write)-history -mm-dd HH:MM:SS (n s) n,n,n... */
- len = (67+21*NUM_TOTALS)*4;
+/* The n,n,n part above. Largest representation of a uint64_t is 20 chars
+ * long, plus the comma. */
+#define MAX_HIST_VALUE_LEN 21*NUM_TOTALS
+ len = (67+MAX_HIST_VALUE_LEN)*4;
buf = tor_malloc_zero(len);
cp = buf;
for (r=0;r4;++r) {
+char tmp[MAX_HIST_VALUE_LEN];
+size_t slen;
switch (r) {
case 0:
b = write_array;
@@ -1547,11 +1552,16 @@ rep_hist_get_bandwidth_lines(void)
break;
}
tor_assert(b);
+slen = rep_hist_fill_bandwidth_history(tmp, MAX_HIST_VALUE_LEN, b);
+/* If we don't have anything to write, skip to the next entry. */
+if (slen == 0)
+ continue;
format_iso_time(t, b-next_period-NUM_SECS_BW_SUM_INTERVAL);
tor_snprintf(cp, len-(cp-buf), %s %s (%d s) ,
desc, t, NUM_SECS_BW_SUM_INTERVAL);
cp += strlen(cp);
-cp += rep_hist_fill_bandwidth_history(cp, len-(cp-buf), b);
+strlcat(cp, tmp, len-(cp-buf));
+cp += slen;
strlcat(cp, \n, len-(cp-buf));
++cp;
}
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.2] Add an XXX to the DA code regarding bug 2722
commit 134da2fbcf865418863bda8d4c479a20f6f6651d Author: Robert Ransom rransom.8...@gmail.com Date: Mon Apr 18 12:00:48 2011 -0700 Add an XXX to the DA code regarding bug 2722 --- src/or/dirserv.c |2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diff --git a/src/or/dirserv.c b/src/or/dirserv.c index f65f258..525524c 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -1811,6 +1811,8 @@ dirserv_thinks_router_is_hs_dir(routerinfo_t *router, time_t now) * bug 1693. In the future, once relays set wants_to_be_hs_dir * correctly, we can revert to only checking dir_port if router's * version is too old. */ + /* XXX Unfortunately, we need to keep checking dir_port until all + * *clients* suffering from bug 2722 are obsolete. */ return (router-wants_to_be_hs_dir router-dir_port uptime get_options()-MinUptimeHidServDirectoryV2 router-is_running); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.2] Make SIZE_T_CEILING unsigned; add a signed SSIZE_T_CEILING
commit 43ffd023e9267927539dc9c12bee86199cd1c800 Author: Nick Mathewson ni...@torproject.org Date: Tue Apr 26 13:00:46 2011 -0400 Make SIZE_T_CEILING unsigned; add a signed SSIZE_T_CEILING None of the comparisons were _broken_ previously, but avoiding signed/unsigned comparisons makes everybody happier. Fixes bug2475. --- changes/bug2475 |5 + src/common/crypto.c |2 +- src/common/torint.h |4 +++- 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/changes/bug2475 b/changes/bug2475 new file mode 100644 index 000..d6f0595 --- /dev/null +++ b/changes/bug2475 @@ -0,0 +1,5 @@ + o Minor bugfixes: +- Avoid signed/unsigned comparisons by making SIZE_T_CEILING unsigned. + (None of the cases where we did this before were wrong, but by making + this change we can avoid warnings.) Fixes bug2475; bugfix on + Tor 0.2.1.28. diff --git a/src/common/crypto.c b/src/common/crypto.c index 48c8dea..838347e 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -452,7 +452,7 @@ crypto_pk_read_private_key_from_string(crypto_pk_env_t *env, tor_assert(env); tor_assert(s); - tor_assert(len INT_MAX len SIZE_T_CEILING); + tor_assert(len INT_MAX len SSIZE_T_CEILING); /* Create a read-only memory BIO, backed by the string 's' */ b = BIO_new_mem_buf((char*)s, (int)len); diff --git a/src/common/torint.h b/src/common/torint.h index 2a9fba6..d489684 100644 --- a/src/common/torint.h +++ b/src/common/torint.h @@ -330,8 +330,10 @@ typedef uint32_t uintptr_t; #endif #endif +/* Any ssize_t larger than this amount is likely to be an underflow. */ +#define SSIZE_T_CEILING ((ssize_t)(SSIZE_T_MAX-16)) /* Any size_t larger than this amount is likely to be an underflow. */ -#define SIZE_T_CEILING (SSIZE_T_MAX-16) +#define SIZE_T_CEILING ((size_t)(SSIZE_T_MAX-16)) #endif /* __TORINT_H */ ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.2] Fix clear_trackhostexits_mapping() to actually work as advertised
commit 34510f9278675e6e041503e425ca19a1fa0f3616
Author: Nick Mathewson ni...@torproject.org
Date: Wed Apr 27 17:21:41 2011 -0400
Fix clear_trackhostexits_mapping() to actually work as advertised
Previously, it would remove every trackhostexits-derived mapping
*from* xyz.exitname.exit; it was supposed to remove every
trackhostexits-derived mapping *to* xyz.exitname.exit.
Bugfix on 0.2.0.20-rc: fixes an XXX020 added while staring at bug-1090
issues.
---
changes/clear_trackexithost |5 +
src/or/connection_edge.c|4 ++--
2 files changed, 7 insertions(+), 2 deletions(-)
diff --git a/changes/clear_trackexithost b/changes/clear_trackexithost
new file mode 100644
index 000..701d369
--- /dev/null
+++ b/changes/clear_trackexithost
@@ -0,0 +1,5 @@
+ o Minor bugfixes:
+- Fix a bug in the code where we could keep trying to use a
+ TrackHostExits-based mapping after we failed to reach the intended
+ destination node. Bugfix on 0.2.0.20-rc.
+
diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c
index 082cd5f..2c1196c 100644
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -799,8 +799,8 @@ clear_trackexithost_mappings(const char *exitname)
tor_strlower(suffix);
STRMAP_FOREACH_MODIFY(addressmap, address, addressmap_entry_t *, ent) {
-/* 022 HEY! Shouldn't this look at ent-new_address? */
-if (ent-source == ADDRMAPSRC_TRACKEXIT !strcmpend(address, suffix)) {
+if (ent-source == ADDRMAPSRC_TRACKEXIT
+!strcmpend(ent-new_address, suffix)) {
addressmap_ent_remove(address, ent);
MAP_DEL_CURRENT(address);
}
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.2] I guess that had a bug number: add it to the changes file.
commit 7f85509a59b88173ac6060cd5925e28415f016b4 Author: Nick Mathewson ni...@torproject.org Date: Wed Apr 27 17:26:28 2011 -0400 I guess that had a bug number: add it to the changes file. --- changes/clear_trackexithost |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/changes/clear_trackexithost b/changes/clear_trackexithost index 701d369..b9ac6fe 100644 --- a/changes/clear_trackexithost +++ b/changes/clear_trackexithost @@ -1,5 +1,5 @@ o Minor bugfixes: - Fix a bug in the code where we could keep trying to use a TrackHostExits-based mapping after we failed to reach the intended - destination node. Bugfix on 0.2.0.20-rc. + destination node. Fixes bug 2999. Bugfix on 0.2.0.20-rc. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.2] Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
commit 0130e7c9d2842ad58e1b84829aeab16a2efba3bb Merge: 7f85509 43ffd02 Author: Nick Mathewson ni...@torproject.org Date: Wed Apr 27 22:14:28 2011 -0400 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 Conflicts: src/common/torint.h changes/bug2475 |5 + src/common/crypto.c |2 +- src/common/torint.h |4 +++- 3 files changed, 9 insertions(+), 2 deletions(-) diff --cc src/common/torint.h index f5bebf8,d489684..0b5c29a --- a/src/common/torint.h +++ b/src/common/torint.h @@@ -329,8 -330,10 +329,10 @@@ typedef uint32_t uintptr_t #endif #endif -/* Any ssize_t larger than this amount is likely to be an underflow. */ ++/** Any ssize_t larger than this amount is likely to be an underflow. */ + #define SSIZE_T_CEILING ((ssize_t)(SSIZE_T_MAX-16)) -/* Any size_t larger than this amount is likely to be an underflow. */ +/** Any size_t larger than this amount is likely to be an underflow. */ - #define SIZE_T_CEILING (SSIZE_T_MAX-16) + #define SIZE_T_CEILING ((size_t)(SSIZE_T_MAX-16)) #endif /* __TORINT_H */ ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.2] Forget all rendezvous client state on SIGNAL NEWNYM
commit 440e48ddf27094e48c401c68c9014eca43b6867e
Author: Robert Ransom rransom.8...@gmail.com
Date: Wed Apr 20 02:27:58 2011 -0700
Forget all rendezvous client state on SIGNAL NEWNYM
---
changes/forget-rend-descs-on-newnym |5
src/or/main.c |2 +
src/or/or.h |2 +
src/or/rendclient.c | 37 +++
src/or/rendcommon.c | 10 +
5 files changed, 56 insertions(+), 0 deletions(-)
diff --git a/changes/forget-rend-descs-on-newnym
b/changes/forget-rend-descs-on-newnym
new file mode 100644
index 000..c086973
--- /dev/null
+++ b/changes/forget-rend-descs-on-newnym
@@ -0,0 +1,5 @@
+ o Security fixes:
+- Forget all hidden service descriptors cached as a client when
+ processing a SIGNAL NEWNYM command. Fixes bug 3000. Bugfix on
+ 0.0.6.
+
diff --git a/src/or/main.c b/src/or/main.c
index 96b7b45..e44fd49 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -785,6 +785,8 @@ signewnym_impl(time_t now)
{
circuit_expire_all_dirty_circs();
addressmap_clear_transient();
+ rend_cache_purge();
+ rend_client_cancel_descriptor_fetches();
time_of_last_signewnym = now;
signewnym_is_pending = 0;
}
diff --git a/src/or/or.h b/src/or/or.h
index 57e091e..897ad32 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -4039,6 +4039,7 @@ int rend_client_introduction_acked(origin_circuit_t *circ,
size_t request_len);
void rend_client_refetch_renddesc(const char *query);
void rend_client_refetch_v2_renddesc(const rend_data_t *rend_query);
+void rend_client_cancel_descriptor_fetches(void);
int rend_client_remove_intro_point(extend_info_t *failed_intro,
const rend_data_t *rend_query);
int rend_client_rendezvous_acked(origin_circuit_t *circ,
@@ -4137,6 +4138,7 @@ typedef struct rend_cache_entry_t {
void rend_cache_init(void);
void rend_cache_clean(void);
void rend_cache_clean_v2_descs_as_dir(void);
+void rend_cache_purge(void);
void rend_cache_free_all(void);
int rend_valid_service_id(const char *query);
int rend_cache_lookup_desc(const char *query, int version, const char **desc,
diff --git a/src/or/rendclient.c b/src/or/rendclient.c
index 51306b3..37cca14 100644
--- a/src/or/rendclient.c
+++ b/src/or/rendclient.c
@@ -557,8 +557,45 @@ rend_client_refetch_v2_renddesc(const rend_data_t
*rend_query)
return;
}
+/** Cancel all rendezvous descriptor fetches currently in progress.
+ */
+void
+rend_client_cancel_descriptor_fetches(void)
+{
+ smartlist_t *connection_array = get_connection_array();
+
+ SMARTLIST_FOREACH_BEGIN(connection_array, connection_t *, conn) {
+if (conn-type == CONN_TYPE_DIR
+(conn-purpose == DIR_PURPOSE_FETCH_RENDDESC ||
+ conn-purpose == DIR_PURPOSE_FETCH_RENDDESC_V2)) {
+ /* It's a rendezvous descriptor fetch in progress -- cancel it
+ * by marking the connection for close.
+ *
+ * Even if this connection has already reached EOF, this is
+ * enough to make sure that if the descriptor hasn't been
+ * processed yet, it won't be. See the end of
+ * connection_handle_read; connection_reached_eof (indirectly)
+ * processes whatever response the connection received. */
+
+ const rend_data_t *rd = (TO_DIR_CONN(conn))-rend_data;
+ if (!rd) {
+log_warn(LD_BUG | LD_REND,
+ Marking for close dir conn fetching rendezvous
+ descriptor for unknown service!);
+ } else {
+log_debug(LD_REND, Marking for close dir conn fetching v%d
+ rendezvous descriptor for service %s,
+ (int)(rd-rend_desc_version),
+ safe_str(rd-onion_address));
+ }
+ connection_mark_for_close(conn);
+}
+ } SMARTLIST_FOREACH_END(conn);
+}
+
/** Remove failed_intro from ent. If ent now has no intro points, or
* service is unrecognized, then launch a new renddesc fetch.
+
*
* Return -1 if error, 0 if no intro points remain or service
* unrecognized, 1 if recognized and some intro points remain.
diff --git a/src/or/rendcommon.c b/src/or/rendcommon.c
index d6f5443..ba28cca 100644
--- a/src/or/rendcommon.c
+++ b/src/or/rendcommon.c
@@ -871,6 +871,16 @@ rend_cache_clean(void)
}
}
+/** Remove ALL entries from the rendezvous service descriptor cache.
+ */
+void
+rend_cache_purge(void)
+{
+ if (rend_cache)
+strmap_free(rend_cache, _rend_cache_entry_free);
+ rend_cache = strmap_new();
+}
+
/** Remove all old v2 descriptors and those for which this hidden service
* directory is not responsible for any more. */
void
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.2] Fix a bug introduced by purging rend_cache on NEWNYM
commit f1cf9bd74d225e90ca123eb664c1c5538eedaa03
Author: Robert Ransom rransom.8...@gmail.com
Date: Mon Apr 25 06:38:35 2011 -0700
Fix a bug introduced by purging rend_cache on NEWNYM
If the user sent a SIGNAL NEWNYM command after we fetched a rendezvous
descriptor, while we were building the introduction-point circuit, we
would give up entirely on trying to connect to the hidden service.
Original patch by rransom slightly edited to go into 0.2.1
---
src/or/rendclient.c | 25 +
1 files changed, 21 insertions(+), 4 deletions(-)
diff --git a/src/or/rendclient.c b/src/or/rendclient.c
index ca846d9..fb95efb 100644
--- a/src/or/rendclient.c
+++ b/src/or/rendclient.c
@@ -74,10 +74,27 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
if (rend_cache_lookup_entry(introcirc-rend_data-onion_address, -1,
entry) 1) {
-log_warn(LD_REND,
- query %s didn't have valid rend desc in cache. Failing.,
- escaped_safe_str(introcirc-rend_data-onion_address));
-goto perm_err;
+log_info(LD_REND,
+ query %s didn't have valid rend desc in cache.
+ Refetching descriptor.,
+ safe_str(introcirc-rend_data-onion_address));
+/* Fetch both v0 and v2 rend descriptors in parallel. Use whichever
+ * arrives first. Exception: When using client authorization, only
+ * fetch v2 descriptors.*/
+rend_client_refetch_v2_renddesc(introcirc-rend_data);
+if (introcirc-rend_data-auth_type == REND_NO_AUTH)
+ rend_client_refetch_renddesc(introcirc-rend_data-onion_address);
+{
+ connection_t *conn;
+
+ while ((conn = connection_get_by_type_state_rendquery(CONN_TYPE_AP,
+ AP_CONN_STATE_CIRCUIT_WAIT,
+ introcirc-rend_data-onion_address, -1))) {
+conn-state = AP_CONN_STATE_RENDDESC_WAIT;
+ }
+}
+
+return -1;
}
/* first 20 bytes of payload are the hash of Bob's pk */
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.2] Merge remote-tracking branch 'sebastian/bug2497' into maint-0.2.2
commit 3055acbdbe914c31ca4825ed60b4cce6676bd61e Merge: 2c0258b c1927d7 Author: Nick Mathewson ni...@torproject.org Date: Thu Apr 28 16:05:34 2011 -0400 Merge remote-tracking branch 'sebastian/bug2497' into maint-0.2.2 changes/ticket2497 |4 src/or/rephist.c | 14 -- 2 files changed, 16 insertions(+), 2 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.2] Fix a failure case of connection_ap_handshake_attach_circuit()
commit 8a36f2125137dc31a0771a8eeac0f2bb8c1343d0 Author: Sebastian Hahn sebast...@torproject.org Date: Thu Apr 28 01:48:25 2011 +0200 Fix a failure case of connection_ap_handshake_attach_circuit() tor_fragile_assert() might be a no-op, so we have to return something here to indicate failure to the caller. --- src/or/circuituse.c |1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/src/or/circuituse.c b/src/or/circuituse.c index 247aca7..6a9c397 100644 --- a/src/or/circuituse.c +++ b/src/or/circuituse.c @@ -1573,6 +1573,7 @@ connection_ap_handshake_attach_circuit(edge_connection_t *conn) return -1; default: /* oops */ tor_fragile_assert(); + return -1; } } } ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.2] Allow rend_client_send_introduction to fail transiently
commit 2ad18ae7366ce4979b44fa53d0105940005489c0
Author: Robert Ransom rransom.8...@gmail.com
Date: Mon Apr 25 08:36:02 2011 -0700
Allow rend_client_send_introduction to fail transiently
i.e. without closing the AP connection.
---
changes/forget-rend-descs-on-newnym |4
src/or/circuituse.c | 18 --
src/or/rendclient.c | 20 ++--
3 files changed, 26 insertions(+), 16 deletions(-)
diff --git a/changes/forget-rend-descs-on-newnym
b/changes/forget-rend-descs-on-newnym
index c086973..ab2fd61 100644
--- a/changes/forget-rend-descs-on-newnym
+++ b/changes/forget-rend-descs-on-newnym
@@ -2,4 +2,8 @@
- Forget all hidden service descriptors cached as a client when
processing a SIGNAL NEWNYM command. Fixes bug 3000. Bugfix on
0.0.6.
+ o Code simplifications and refactoring:
+- Allow rend_client_send_introduction to fail without closing the
+ AP connection permanently.
+
diff --git a/src/or/circuituse.c b/src/or/circuituse.c
index 996c99c..247aca7 100644
--- a/src/or/circuituse.c
+++ b/src/or/circuituse.c
@@ -1560,14 +1560,20 @@
connection_ap_handshake_attach_circuit(edge_connection_t *conn)
introduction. (stream %d sec old),
introcirc-_base.n_circ_id, rendcirc-_base.n_circ_id,
conn_age);
-if (rend_client_send_introduction(introcirc, rendcirc) 0) {
+switch (rend_client_send_introduction(introcirc, rendcirc)) {
+case 0: /* success */
+ rendcirc-_base.timestamp_dirty = time(NULL);
+ introcirc-_base.timestamp_dirty = time(NULL);
+ assert_circuit_ok(TO_CIRCUIT(rendcirc));
+ assert_circuit_ok(TO_CIRCUIT(introcirc));
+ return 0;
+case -1: /* transient error */
+ return 0;
+case -2: /* permanent error */
return -1;
+default: /* oops */
+ tor_fragile_assert();
}
-rendcirc-_base.timestamp_dirty = time(NULL);
-introcirc-_base.timestamp_dirty = time(NULL);
-assert_circuit_ok(TO_CIRCUIT(rendcirc));
-assert_circuit_ok(TO_CIRCUIT(introcirc));
-return 0;
}
}
diff --git a/src/or/rendclient.c b/src/or/rendclient.c
index 37cca14..ca846d9 100644
--- a/src/or/rendclient.c
+++ b/src/or/rendclient.c
@@ -77,7 +77,7 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
log_warn(LD_REND,
query %s didn't have valid rend desc in cache. Failing.,
escaped_safe_str(introcirc-rend_data-onion_address));
-goto err;
+goto perm_err;
}
/* first 20 bytes of payload are the hash of Bob's pk */
@@ -115,13 +115,13 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
log_info(LD_REND, Internal error: could not find intro key; we
only have a v2 rend desc with %d intro points.,
num_intro_points);
-goto err;
+goto perm_err;
}
}
}
if (crypto_pk_get_digest(intro_key, payload)0) {
log_warn(LD_BUG, Internal error: couldn't hash public key.);
-goto err;
+goto perm_err;
}
/* Initialize the pending_final_cpath and start the DH handshake. */
@@ -132,11 +132,11 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
cpath-magic = CRYPT_PATH_MAGIC;
if (!(cpath-dh_handshake_state = crypto_dh_new(DH_TYPE_REND))) {
log_warn(LD_BUG, Internal error: couldn't allocate DH.);
- goto err;
+ goto perm_err;
}
if (crypto_dh_generate_public(cpath-dh_handshake_state)0) {
log_warn(LD_BUG, Internal error: couldn't generate g^x.);
- goto err;
+ goto perm_err;
}
}
@@ -186,7 +186,7 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
if (crypto_dh_get_public(cpath-dh_handshake_state, tmp+dh_offset,
DH_KEY_LEN)0) {
log_warn(LD_BUG, Internal error: couldn't extract g^x.);
-goto err;
+goto perm_err;
}
note_crypto_pk_op(REND_CLIENT);
@@ -199,7 +199,7 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
PK_PKCS1_OAEP_PADDING, 0);
if (r0) {
log_warn(LD_BUG,Internal error: hybrid pk encrypt failed.);
-goto err;
+goto perm_err;
}
payload_len = DIGEST_LEN + r;
@@ -212,17 +212,17 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
introcirc-cpath-prev)0) {
/* introcirc is already marked for close. leave rendcirc alone. */
log_warn(LD_BUG, Couldn't send INTRODUCE1 cell);
-return -1;
+return -2;
}
/* Now, we wait for an ACK or NAK on this circuit. */
introcirc-_base.purpose = CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT;
return 0;
-err:
+perm_err:
circuit_mark_for_close(TO_CIRCUIT(introcirc), END_CIRC_REASON_INTERNAL);
circuit_mark_for_close(TO_CIRCUIT(rendcirc), END_CIRC_REASON_INTERNAL);
- return
[tor-commits] [tor/release-0.2.2] Clean up merge of bug3k_021
commit 2c0258b69a232a7b11ecc999bee74dac1c1b1495
Author: Robert Ransom rransom.8...@gmail.com
Date: Thu Apr 28 10:37:35 2011 -0700
Clean up merge of bug3k_021
---
src/or/rendclient.c |7 ---
1 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/src/or/rendclient.c b/src/or/rendclient.c
index 97345bf..8803875 100644
--- a/src/or/rendclient.c
+++ b/src/or/rendclient.c
@@ -94,7 +94,7 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
log_info(LD_REND,
query %s didn't have valid rend desc in cache.
Refetching descriptor.,
- safe_str(introcirc-rend_data-onion_address));
+ safe_str_client(introcirc-rend_data-onion_address));
rend_client_refetch_v2_renddesc(introcirc-rend_data);
{
connection_t *conn;
@@ -120,8 +120,9 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
}
});
if (!intro_key) {
-log_info(LD_REND, Internal error: could not find intro key; we
- only have a v2 rend desc with %d intro points.,
+log_info(LD_REND, Our introduction point knowledge changed in
+ mid-connect! Could not find intro key; we only have a
+ v2 rend desc with %d intro points. Giving up.,
smartlist_len(entry-parsed-intro_nodes));
goto perm_err;
}
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.2] Merge branch 'bug3k_021' into bug3k_022
commit 4b13ebd5ab4d051803e9cfde8bb965a4bf8ea90d
Merge: 0130e7c 8a36f21
Author: Sebastian Hahn sebast...@torproject.org
Date: Thu Apr 28 19:00:34 2011 +0200
Merge branch 'bug3k_021' into bug3k_022
Conflicts:
src/or/or.h
src/or/rendclient.c
changes/forget-rend-descs-on-newnym |9
src/or/circuituse.c | 19 ++---
src/or/main.c |2 +
src/or/rendclient.c | 81 +++---
src/or/rendclient.h |1 +
src/or/rendcommon.c | 10
src/or/rendcommon.h |1 +
7 files changed, 100 insertions(+), 23 deletions(-)
diff --cc src/or/rendclient.c
index 65e632f,fb95efb..97345bf
--- a/src/or/rendclient.c
+++ b/src/or/rendclient.c
@@@ -91,28 -74,67 +91,39 @@@ rend_client_send_introduction(origin_ci
if (rend_cache_lookup_entry(introcirc-rend_data-onion_address, -1,
entry) 1) {
- log_warn(LD_REND,
- query %s didn't have valid rend desc in cache. Failing.,
- escaped_safe_str_client(introcirc-rend_data-onion_address));
- goto err;
+ log_info(LD_REND,
+ query %s didn't have valid rend desc in cache.
+ Refetching descriptor.,
+ safe_str(introcirc-rend_data-onion_address));
-/* Fetch both v0 and v2 rend descriptors in parallel. Use whichever
- * arrives first. Exception: When using client authorization, only
- * fetch v2 descriptors.*/
+ rend_client_refetch_v2_renddesc(introcirc-rend_data);
-if (introcirc-rend_data-auth_type == REND_NO_AUTH)
- rend_client_refetch_renddesc(introcirc-rend_data-onion_address);
+ {
+ connection_t *conn;
+
+ while ((conn = connection_get_by_type_state_rendquery(CONN_TYPE_AP,
+AP_CONN_STATE_CIRCUIT_WAIT,
- introcirc-rend_data-onion_address, -1))) {
++ introcirc-rend_data-onion_address))) {
+ conn-state = AP_CONN_STATE_RENDDESC_WAIT;
+ }
+ }
+
+ return -1;
}
- /* first 20 bytes of payload are the hash of the intro key */
+ /* first 20 bytes of payload are the hash of Bob's pk */
- if (entry-parsed-version == 0) { /* un-versioned descriptor */
-intro_key = entry-parsed-pk;
- } else { /* versioned descriptor */
-intro_key = NULL;
-SMARTLIST_FOREACH(entry-parsed-intro_nodes, rend_intro_point_t *,
- intro, {
- if (!memcmp(introcirc-build_state-chosen_exit-identity_digest,
- intro-extend_info-identity_digest, DIGEST_LEN)) {
-intro_key = intro-intro_key;
-break;
- }
-});
-if (!intro_key) {
- /** XXX This case probably means that the intro point vanished while
- * we were building a circuit to it. In the future, we should find
- * out how that happened and whether we should kill the circuits to
- * removed intro points immediately. See task 1073. */
- int num_intro_points = smartlist_len(entry-parsed-intro_nodes);
- if (rend_cache_lookup_entry(introcirc-rend_data-onion_address,
- 0, entry) 0) {
-log_info(LD_REND, We have both a v0 and a v2 rend desc for this
- service. The v2 desc doesn't contain the introduction
- point (and key) to send an INTRODUCE1/2 cell to this
- introduction point. Assuming the introduction point
- is for v0 rend clients and using the service key
- from the v0 desc instead. (This is probably a bug,
- because we shouldn't even have both a v0 and a v2
- descriptor for the same service.));
-/* See flyspray task 1024. */
-intro_key = entry-parsed-pk;
- } else {
-log_info(LD_REND, Internal error: could not find intro key; we
- only have a v2 rend desc with %d intro points.,
- num_intro_points);
-goto perm_err;
- }
+ intro_key = NULL;
+ SMARTLIST_FOREACH(entry-parsed-intro_nodes, rend_intro_point_t *,
+intro, {
+if (!memcmp(introcirc-build_state-chosen_exit-identity_digest,
+intro-extend_info-identity_digest, DIGEST_LEN)) {
+ intro_key = intro-intro_key;
+ break;
}
+ });
+ if (!intro_key) {
- log_info(LD_REND, Our introduction point knowledge changed in
- mid-connect! Could not find intro key; we only have a
- v2 rend desc with %d intro points. Giving up.,
++log_info(LD_REND, Internal error: could not find intro key; we
++ only have a v2 rend desc with %d intro points.,
+ smartlist_len(entry-parsed-intro_nodes));
- goto err;
++goto perm_err;
}
if (crypto_pk_get_digest(intro_key, payload)0) {
log_warn(LD_BUG, Internal error: couldn't
[tor-commits] [tor/release-0.2.2] Don't allow v0 HS auths to act as clients
commit df5c7fedbd938c5d4634eadcf53693e07d2c8182
Author: Robert Ransom rransom.8...@gmail.com
Date: Wed Apr 20 15:20:10 2011 -0700
Don't allow v0 HS auths to act as clients
A v0 HS authority stores v0 HS descriptors in the same descriptor
cache that its HS client functionality uses. Thus, if the HS
authority operator clears its client HS descriptor cache, ALL v0
HS descriptors will be lost. That would be bad.
---
changes/forget-rend-descs-on-newnym |3 +++
src/or/config.c |4
2 files changed, 7 insertions(+), 0 deletions(-)
diff --git a/changes/forget-rend-descs-on-newnym
b/changes/forget-rend-descs-on-newnym
index ab2fd61..f8758c2 100644
--- a/changes/forget-rend-descs-on-newnym
+++ b/changes/forget-rend-descs-on-newnym
@@ -2,6 +2,9 @@
- Forget all hidden service descriptors cached as a client when
processing a SIGNAL NEWNYM command. Fixes bug 3000. Bugfix on
0.0.6.
+ o Minor bugfixes:
+- Don't allow v0 hidden service authorities to act as clients.
+ Required by fix for bug 3000.
o Code simplifications and refactoring:
- Allow rend_client_send_introduction to fail without closing the
AP connection permanently.
diff --git a/src/or/config.c b/src/or/config.c
index f003e4d..9384b3a 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -3078,6 +3078,10 @@ options_validate(or_options_t *old_options, or_options_t
*options,
REJECT(FetchDirInfoExtraEarly requires that you also set
FetchDirInfoEarly);
+ if (options-HSAuthoritativeDir proxy_mode(options))
+REJECT(Running as authoritative v0 HS directory, but also configured
+ as a client.);
+
if (options-ConnLimit = 0) {
tor_asprintf(msg,
ConnLimit must be greater than 0, but was set to %d,
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.2] Avoid false positives from proxy_mode()
commit 6dfc0d530113e055d91b68969c81595ddc749f07
Author: Nick Mathewson ni...@torproject.org
Date: Thu Apr 28 17:45:41 2011 -0400
Avoid false positives from proxy_mode()
Previously it would erroneously return true if ListenAddr was set for
a client port, even if that port itself was 0. This would give false
positives, which were not previously harmful... but which were about
to become.
---
src/or/router.c |8
1 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/or/router.c b/src/or/router.c
index 0ef4728..65afd49 100644
--- a/src/or/router.c
+++ b/src/or/router.c
@@ -1107,10 +1107,10 @@ set_server_advertised(int s)
int
proxy_mode(or_options_t *options)
{
- return (options-SocksPort != 0 || options-SocksListenAddress ||
- options-TransPort != 0 || options-TransListenAddress ||
- options-NATDPort != 0 || options-NATDListenAddress ||
- options-DNSPort != 0 || options-DNSListenAddress);
+ return (options-SocksPort != 0 ||
+ options-TransPort != 0 ||
+ options-NATDPort != 0 ||
+ options-DNSPort != 0);
}
/** Decide if we're a publishable server. We are a publishable server if:
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.2] Fix bug 1930
commit b8708b5bd30f5ef6dd34f7199a5588627486bcd2
Author: Robert Ransom rransom.8...@gmail.com
Date: Tue Apr 26 02:21:25 2011 -0700
Fix bug 1930
---
changes/forget-rend-descs-on-newnym |7 +++
src/or/rendclient.c | 103 +--
2 files changed, 70 insertions(+), 40 deletions(-)
diff --git a/changes/forget-rend-descs-on-newnym
b/changes/forget-rend-descs-on-newnym
index 0ea09e0..da7afbe 100644
--- a/changes/forget-rend-descs-on-newnym
+++ b/changes/forget-rend-descs-on-newnym
@@ -2,6 +2,13 @@
- Forget all hidden service descriptors cached as a client when
processing a SIGNAL NEWNYM command. Fixes bug 3000. Bugfix on
0.0.6.
+ o Major bugfixes:
+- When we find that we have extended a hidden service's introduction
+ circuit to a relay which isn't listed as an introduction point in
+ the HS descriptor we currently have for the service, we now retry
+ one of the introduction points in the current HS descriptor.
+ Previously we would just give up. Bugfix on 0.2.0.10-alpha; fixes
+ bugs 1024 and 1930.
o Minor bugfixes:
- Don't allow v0 hidden service authorities to act as clients.
Required by fix for bug 3000.
diff --git a/src/or/rendclient.c b/src/or/rendclient.c
index 8803875..8d024d8 100644
--- a/src/or/rendclient.c
+++ b/src/or/rendclient.c
@@ -66,6 +66,50 @@ rend_client_send_establish_rendezvous(origin_circuit_t *circ)
return 0;
}
+/** Extend the introduction circuit bcirc/b to another valid
+ * introduction point for the hidden service it is trying to connect
+ * to, or mark it and launch a new circuit if we can't extend it.
+ * Return 0 on success. Return -1 and mark the introduction
+ * circuit on failure.
+ *
+ * On failure, the caller is responsible for marking the associated
+ * rendezvous circuit for close. */
+static int
+rend_client_reextend_intro_circuit(origin_circuit_t *circ)
+{
+ extend_info_t *extend_info;
+ int result;
+ extend_info = rend_client_get_random_intro(circ-rend_data);
+ if (!extend_info) {
+log_warn(LD_REND,
+ No usable introduction points left for %s. Closing.,
+ safe_str_client(circ-rend_data-onion_address));
+circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_INTERNAL);
+return -1;
+ }
+ if (circ-remaining_relay_early_cells) {
+log_info(LD_REND,
+ Re-extending circ %d, this time to %s.,
+ circ-_base.n_circ_id, extend_info-nickname);
+result = circuit_extend_to_new_exit(circ, extend_info);
+ } else {
+log_info(LD_REND,
+ Building a new introduction circuit, this time to %s.,
+ extend_info-nickname);
+circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_FINISHED);
+if (!circuit_launch_by_extend_info(CIRCUIT_PURPOSE_C_INTRODUCING,
+ extend_info,
+ CIRCLAUNCH_IS_INTERNAL)) {
+ log_warn(LD_REND, Building introduction circuit failed.);
+ result = -1;
+} else {
+ result = 0;
+}
+ }
+ extend_info_free(extend_info);
+ return result;
+}
+
/** Called when we're trying to connect an ap conn; sends an INTRODUCE1 cell
* down introcirc if possible.
*/
@@ -120,11 +164,18 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
}
});
if (!intro_key) {
-log_info(LD_REND, Our introduction point knowledge changed in
- mid-connect! Could not find intro key; we only have a
- v2 rend desc with %d intro points. Giving up.,
+log_info(LD_REND, Could not find intro key for %s at %s; we
+ have a v2 rend desc with %d intro points.
+ Trying a different intro point...,
+ safe_str_client(introcirc-rend_data-onion_address),
+ introcirc-build_state-chosen_exit-nickname,
smartlist_len(entry-parsed-intro_nodes));
-goto perm_err;
+
+if (rend_client_reextend_intro_circuit(introcirc)) {
+ goto perm_err;
+} else {
+ return -1;
+}
}
if (crypto_pk_get_digest(intro_key, payload)0) {
log_warn(LD_BUG, Internal error: couldn't hash public key.);
@@ -227,7 +278,8 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
return 0;
perm_err:
- circuit_mark_for_close(TO_CIRCUIT(introcirc), END_CIRC_REASON_INTERNAL);
+ if (!introcirc-_base.marked_for_close)
+circuit_mark_for_close(TO_CIRCUIT(introcirc), END_CIRC_REASON_INTERNAL);
circuit_mark_for_close(TO_CIRCUIT(rendcirc), END_CIRC_REASON_INTERNAL);
return -2;
}
@@ -290,45 +342,16 @@ rend_client_introduction_acked(origin_circuit_t *circ,
* points. If any remain, extend to a new one and try again.
* If none remain, refetch the service descriptor.
*/
+log_info(LD_REND, Got nack for %s from %s...,
+ safe_str_client(circ-rend_data-onion_address),
+ circ-build_state-chosen_exit-nickname);
if
[tor-commits] [tor/release-0.2.2] Correct the logic from f14754fbd for tor_gmtime_r
commit 2dc9546eef6d748245d90b288f28ace1aa9b6f14
Author: John Brooks spec...@dereferenced.net
Date: Mon Jan 3 21:36:09 2011 -0700
Correct the logic from f14754fbd for tor_gmtime_r
---
src/common/compat.c |8 +---
1 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/src/common/compat.c b/src/common/compat.c
index 9b7c0b7..3644bd9 100644
--- a/src/common/compat.c
+++ b/src/common/compat.c
@@ -2112,7 +2112,7 @@ tor_localtime_r(const time_t *timep, struct tm *result)
* Convert *btimep/b to a struct tm in UTC, and store the value in
* *bresult/b. Return the result on success, or NULL on failure.
*/
-#ifndef HAVE_GMTIME_R
+#ifdef HAVE_GMTIME_R
struct tm *
tor_gmtime_r(const time_t *timep, struct tm *result)
{
@@ -2130,7 +2130,8 @@ tor_gmtime_r(const time_t *timep, struct tm *result)
tor_assert(result);
tor_mutex_acquire(m);
r = gmtime(timep);
- memcpy(result, r, sizeof(struct tm));
+ if (r)
+memcpy(result, r, sizeof(struct tm));
tor_mutex_release(m);
return correct_tm(0, timep, result, r);
}
@@ -2141,7 +2142,8 @@ tor_gmtime_r(const time_t *timep, struct tm *result)
struct tm *r;
tor_assert(result);
r = gmtime(timep);
- memcpy(result, r, sizeof(struct tm));
+ if (r)
+memcpy(result, r, sizeof(struct tm));
return correct_tm(0, timep, result, r);
}
#endif
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.2] Ignore SIGNAL NEWNYM on relay-only Tor instances
commit ddd1b7be2dce0845e6c08dcb5404ae65940b9edb
Author: Robert Ransom rransom.8...@gmail.com
Date: Wed Apr 20 17:01:41 2011 -0700
Ignore SIGNAL NEWNYM on relay-only Tor instances
---
changes/forget-rend-descs-on-newnym |2 ++
src/or/main.c |7 +++
2 files changed, 9 insertions(+), 0 deletions(-)
diff --git a/changes/forget-rend-descs-on-newnym
b/changes/forget-rend-descs-on-newnym
index f8758c2..0ea09e0 100644
--- a/changes/forget-rend-descs-on-newnym
+++ b/changes/forget-rend-descs-on-newnym
@@ -5,6 +5,8 @@
o Minor bugfixes:
- Don't allow v0 hidden service authorities to act as clients.
Required by fix for bug 3000.
+- Ignore SIGNAL NEWNYM commands on relay-only Tor instances.
+ Required by fix for bug 3000.
o Code simplifications and refactoring:
- Allow rend_client_send_introduction to fail without closing the
AP connection permanently.
diff --git a/src/or/main.c b/src/or/main.c
index 3bf2169..a26be39 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -842,6 +842,13 @@ run_connection_housekeeping(int i, time_t now)
static void
signewnym_impl(time_t now)
{
+ or_options_t *options = get_options();
+ if (!proxy_mode(options)) {
+log_info(LD_CONTROL, Ignoring SIGNAL NEWNYM because client functionality
+ is disabled.);
+return;
+ }
+
circuit_expire_all_dirty_circs();
addressmap_clear_transient();
rend_cache_purge();
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.2] Correctly check elapsed time in last hibernation period
commit 525d2700dd8b6c794a69ea0be63864baeff27617
Author: Sebastian Hahn sebast...@torproject.org
Date: Fri Apr 29 01:18:32 2011 +0200
Correctly check elapsed time in last hibernation period
Fix bug 3020.
---
changes/bug3020|7 +++
src/or/hibernate.c |3 ++-
2 files changed, 9 insertions(+), 1 deletions(-)
diff --git a/changes/bug3020 b/changes/bug3020
new file mode 100644
index 000..b987161
--- /dev/null
+++ b/changes/bug3020
@@ -0,0 +1,7 @@
+ o Minor bugfixes:
+- When checking whether a hibernation period has fully elapsed, use
+ the amount of seconds we expect for that period instead of using
+ the new period that just started. This would cause an issue because
+ February is a really short month. Bugfix on 0.2.2.17-alpha;
+ fixes bug 3020.
+
diff --git a/src/or/hibernate.c b/src/or/hibernate.c
index 1878d5d..aebce4c 100644
--- a/src/or/hibernate.c
+++ b/src/or/hibernate.c
@@ -378,7 +378,8 @@ configure_accounting(time_t now)
/* We are in the interval we thought we were in. Do nothing.*/
interval_end_time = start_of_accounting_period_after(interval_start_time);
} else {
-long duration = length_of_accounting_period_containing(now);
+long duration =
+ length_of_accounting_period_containing(interval_start_time);
double delta = ((double)(s_now - interval_start_time)) / duration;
if (-0.50 = delta delta = 0.50) {
/* The start of the period is now a little later or earlier than we
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.2] Merge remote-tracking branches 'rransom/bug2722' and 'rransom/bug2722b' into maint-0.2.2
commit 6b9aadd557de171f0de7b700ba427a9a37a545fa
Merge: c122897 eb50e3d 134da2f
Author: Nick Mathewson ni...@torproject.org
Date: Thu Apr 28 20:36:38 2011 -0400
Merge remote-tracking branches 'rransom/bug2722' and 'rransom/bug2722b'
into maint-0.2.2
changes/bug2722 | 11 +++
src/or/dirserv.c|2 ++
src/or/routerlist.c | 10 ++
3 files changed, 15 insertions(+), 8 deletions(-)
diff --cc src/or/routerlist.c
index d9f099b,5e9c82a,4deff53..f567ccd
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
-506,36 -463,37 -506,36 +506,36
authority_certs_fetch_missing(networkst
!digestmap_get(pending, voter-identity_digest)) {
log_notice(LD_DIR, We're missing a certificate from authority
with signing key %s: launching request.,
- hex_str(voter-signing_key_digest, DIGEST_LEN));
- smartlist_add(missing_digests, voter-identity_digest);
+ hex_str(sig-signing_key_digest, DIGEST_LEN));
+ smartlist_add(missing_digests, sig-identity_digest);
}
- });
+ } SMARTLIST_FOREACH_END(sig);
+ } SMARTLIST_FOREACH_END(voter);
}
- SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ds,
- {
- int found = 0;
- if (!(ds-type V3_AUTHORITY))
- continue;
- if (smartlist_digest_isin(missing_digests, ds-v3_identity_digest))
- continue;
- cl = get_cert_list(ds-v3_identity_digest);
- SMARTLIST_FOREACH(cl-certs, authority_cert_t *, cert,
- {
- if (!ftime_definitely_after(now, cert-expires)) {
- /* It's not expired, and we weren't looking for something to
- * verify a consensus with. Call it done. */
- download_status_reset(cl-dl_status);
- found = 1;
- break;
- }
- });
- if (!found
- download_status_is_ready(cl-dl_status, now,MAX_CERT_DL_FAILURES)
- !digestmap_get(pending, ds-v3_identity_digest)) {
- log_notice(LD_DIR, No current certificate known for authority %s;
-launching request., ds-nickname);
- smartlist_add(missing_digests, ds-v3_identity_digest);
+ SMARTLIST_FOREACH_BEGIN(trusted_dir_servers, trusted_dir_server_t *, ds) {
+ int found = 0;
+ if (!(ds-type V3_AUTHORITY))
+ continue;
+ if (smartlist_digest_isin(missing_digests, ds-v3_identity_digest))
+ continue;
+ cl = get_cert_list(ds-v3_identity_digest);
+ SMARTLIST_FOREACH(cl-certs, authority_cert_t *, cert, {
+ if (now cert-expires) {
+ /* It's not expired, and we weren't looking for something to
+ * verify a consensus with. Call it done. */
+ download_status_reset(cl-dl_status);
+ found = 1;
+ break;
}
});
+ if (!found
+ download_status_is_ready(cl-dl_status, now,MAX_CERT_DL_FAILURES)
+ !digestmap_get(pending, ds-v3_identity_digest)) {
- log_notice(LD_DIR, No current certificate known for authority %s;
- launching request., ds-nickname);
++ log_info(LD_DIR, No current certificate known for authority %s;
++ launching request., ds-nickname);
+ smartlist_add(missing_digests, ds-v3_identity_digest);
+ }
+ } SMARTLIST_FOREACH_END(ds);
if (!smartlist_len(missing_digests)) {
goto done;
-5594,14 -5192,9 -5550,13 +5594,14
routerset_get_all_routers(smartlist_t *
}
}
- /** Add to btarget/b every routerinfo_t from bsource/b that is in
- * binclude/b, but not excluded in a more specific fashion by
- * bexclude/b. If brunning_only/b, only include running routers.
++#if 0
+ /** Add to btarget/b every routerinfo_t from bsource/b except:
+ *
+ * 1) Don't add it if binclude/b is non-empty and the relay isn't in
+ * binclude/b; and
+ * 2) Don't add it if bexclude/b is non-empty and the relay is
+ * excluded in a more specific fashion by bexclude/b.
+ * 3) If brunning_only/b, don't add non-running routers.
*/
void
routersets_get_disjunction(smartlist_t *target,
___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.2] Merge remote-tracking branch 'origin/maint-0.2.2' into release-0.2.2
commit 68a169ec55f4d1e1b5b9e4f396267681ee3c4ba5 Merge: 79d55f6 f0d9e2d Author: Nick Mathewson ni...@torproject.org Date: Thu Apr 28 22:08:53 2011 -0400 Merge remote-tracking branch 'origin/maint-0.2.2' into release-0.2.2 changes/bug2475 |5 + changes/bug2722 | 11 ++ changes/bug3012 |5 + changes/bug3020 |7 ++ changes/bug3039 |5 + changes/clear_trackexithost |5 + changes/forget-rend-descs-on-newnym | 21 changes/gmtime_null |6 + changes/ticket2497 |4 + src/common/compat.c | 112 +++--- src/common/compat.h |9 -- src/common/crypto.c |2 +- src/common/torint.h |4 +- src/or/circuitbuild.c |5 +- src/or/circuituse.c | 19 +++- src/or/config.c | 35 ++- src/or/config.h |1 + src/or/connection_edge.c|4 +- src/or/dirserv.c|3 + src/or/hibernate.c |3 +- src/or/main.c |9 ++ src/or/rendclient.c | 177 --- src/or/rendclient.h |1 + src/or/rendcommon.c | 10 ++ src/or/rendcommon.h |1 + src/or/rephist.c| 14 +++- src/or/router.c |8 +- src/or/routerlist.c | 10 +-- 28 files changed, 387 insertions(+), 109 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.2] Merge branch 'bug3000-022-part2-squashed' into maint-0.2.2
commit 30003e43180561eb92f4146d3bf2a5f74523cda6 Merge: 2dc9546 6dfc0d5 Author: Nick Mathewson ni...@torproject.org Date: Thu Apr 28 18:13:17 2011 -0400 Merge branch 'bug3000-022-part2-squashed' into maint-0.2.2 changes/forget-rend-descs-on-newnym | 12 src/or/config.c |4 ++ src/or/main.c |7 +++ src/or/rendclient.c | 103 +-- src/or/router.c |8 ++-- 5 files changed, 90 insertions(+), 44 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.2] relays checkpoint their state file twice a day
commit 66de6f7eb8e2948f6c3849dbca20c7b31969b5b7 Author: Roger Dingledine a...@torproject.org Date: Thu Apr 28 21:06:25 2011 -0400 relays checkpoint their state file twice a day --- changes/bug3012 |5 + src/or/config.c | 11 ++- 2 files changed, 15 insertions(+), 1 deletions(-) diff --git a/changes/bug3012 b/changes/bug3012 new file mode 100644 index 000..dfde5fa --- /dev/null +++ b/changes/bug3012 @@ -0,0 +1,5 @@ + o Minor features: +- Relays can go for weeks without writing out their state file. A + relay that crashes would lose its bandwidth history (including + capacity estimate), client country statistics, and so on. Now relays + checkpoint the file at least every 12 hours. Addresses bug 3012. diff --git a/src/or/config.c b/src/or/config.c index 9384b3a..dc24140 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -5122,6 +5122,11 @@ or_state_load(void) /** If writing the state to disk fails, try again after this many seconds. */ #define STATE_WRITE_RETRY_INTERVAL 3600 +/** If we're a relay, how often should we checkpoint our state file even + * if nothing else dirties it? This will checkpoint ongoing stats like + * bandwidth used, per-country user stats, etc. */ +#define STATE_RELAY_CHECKPOINT_INTERVAL (12*60*60) + /** Write the persistent state to disk. Return 0 for success, 0 on failure. */ int or_state_save(time_t now) @@ -5172,7 +5177,11 @@ or_state_save(time_t now) tor_free(fname); tor_free(contents); - global_state-next_write = TIME_MAX; + if (server_mode(get_options())) +global_state-next_write = now + STATE_RELAY_CHECKPOINT_INTERVAL; + else +global_state-next_write = TIME_MAX; + return 0; } ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.2] Merge remote-tracking branch 'sebastian/bug3020' into maint-0.2.2
commit c12289792507c8dd51c2a947f7c910c70df4dd3d Merge: 710227a 525d270 Author: Nick Mathewson ni...@torproject.org Date: Thu Apr 28 20:03:57 2011 -0400 Merge remote-tracking branch 'sebastian/bug3020' into maint-0.2.2 changes/bug3020|7 +++ src/or/hibernate.c |3 ++- 2 files changed, 9 insertions(+), 1 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.2] Clarify comment to say which version fixed 2722
commit 5693fedb60ee19048d45ed892edb07925b52678b Author: Nick Mathewson ni...@torproject.org Date: Thu Apr 28 20:38:15 2011 -0400 Clarify comment to say which version fixed 2722 --- src/or/dirserv.c |3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diff --git a/src/or/dirserv.c b/src/or/dirserv.c index 525524c..c8dda66 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -1812,7 +1812,8 @@ dirserv_thinks_router_is_hs_dir(routerinfo_t *router, time_t now) * correctly, we can revert to only checking dir_port if router's * version is too old. */ /* XXX Unfortunately, we need to keep checking dir_port until all - * *clients* suffering from bug 2722 are obsolete. */ + * *clients* suffering from bug 2722 are obsolete. The first version + * to fix the bug was 0.2.2.25-alpha. */ return (router-wants_to_be_hs_dir router-dir_port uptime get_options()-MinUptimeHidServDirectoryV2 router-is_running); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.2] Merge remote-tracking branch 'arma/bug3039' into maint-0.2.2
commit 4010427b519c3727351905bbe5a75e85a055dd58 Merge: 5693fed df3cf88 Author: Nick Mathewson ni...@torproject.org Date: Thu Apr 28 20:53:44 2011 -0400 Merge remote-tracking branch 'arma/bug3039' into maint-0.2.2 changes/bug3039 |5 + src/or/circuitbuild.c |2 +- src/or/config.c | 20 +--- src/or/config.h |1 + 4 files changed, 24 insertions(+), 4 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.2] Merge changes files into 0.2.2.25 changelog
commit 540c6f12cdbad84667e0def720d985f1cd8680ec Author: Nick Mathewson ni...@torproject.org Date: Thu Apr 28 22:53:43 2011 -0400 Merge changes files into 0.2.2.25 changelog --- ChangeLog | 46 -- changes/bug2475 |5 changes/bug2722 | 11 changes/bug3012 |5 changes/bug3020 |7 - changes/bug3039 |5 changes/clear_trackexithost |5 changes/forget-rend-descs-on-newnym | 21 changes/gmtime_null |6 changes/ticket2497 |4 --- 10 files changed, 43 insertions(+), 72 deletions(-) diff --git a/ChangeLog b/ChangeLog index 5f73d3b..4571fc5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -4,6 +4,17 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 file, don't wrongly inflate that value by a factor of 10 anymore. Also, resume reading bandwidth history from the state file correctly. Fixes bug 2704; bugfix on tor-0.2.2.23-alpha. +- When we find that we have extended a hidden service's introduction + circuit to a relay not listed as an introduction point in the HS + descriptor we currently have, retry an introduction point from the + current descriptor. Previously we would just give up. Fixes bugs + 1024 and 1930; bugfix on 0.2.0.10-alpha. +- Clients now stop trying to use an exit node associated with a given + destination by TrackHostExits if they fail to reach that exit node. + Fixes bug 2999. Bugfix on 0.2.0.20-rc. +- Fix crash bug on platforms where gmtime and localtime can return + NULL. Fixes part of bug 2077. Bugfix on all versions of Tor. Found + by boboper. o Security and stability fixes: - Don't double-free a parsable, but invalid, microdescriptor, even @@ -19,6 +30,9 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 Unnamed nickname. Fixes bug 2979, reported by tagnaq. - Fix an uncommon assertion failure when running with DNSPort under heavy load. Fixes bug 2933; bugfix on 2.0.1-alpha. +- Avoid linkability based on cached hidden service descriptors: forget + all hidden service descriptors cached as a client when processing a + SIGNAL NEWNYM command. Fixes bug 3000; bugfix on 0.0.6. o Major features: - Export GeoIP information on bridge usage to controller even if @@ -87,6 +101,12 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 - Improve log messages related to excluded nodes. o Minor bugfixes: +- Fix a spurious warning when moving from a short month to a long month + on relays with month-based BandwidthAccounting. Bugfix on + 0.2.2.17-alpha; fixes bug 3020. +- When a client finds that an origin circuit has run out of 16-bit + stream IDs, we now mark it as unusable for new streams. Previously, + we would try to close the entire circuit. Bugfix on 0.0.6. - Added a forgotten cast that caused a compile warning on OS X 10.6. Bugfix on 0.2.2.24-alpha. - Be more careful about reporting the correct error from a failed @@ -96,12 +116,14 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 - Correctly handle an impossible overflow cases in connection byte counting, where we write or read more than 4GB on an edge connection in a single second. Bugfix on 0.1.2.8-beta. -- When a client finds that an origin circuit has run out of 16-bit - stream IDs, we now mark it as unusable for new streams. Previously, - we would try to close the entire circuit. Bugfix on 0.0.6. - Correct the warning displayed when a rendezvous descriptor exceeds the maximum size. Fixes bug 2750; bugfix on 0.2.1.5-alpha. Found by John Brooks. +- Clients and hidden services now use HSDir-flagged relays for hidden + service descriptor downloads and uploads even if the relays have no + DirPort set and the client has disabled TunnelDirConns. This will + eventually allow us to give the HSDir flag to relays with no + DirPort. Fixes bug 2722; bugfix on 0.2.1.6-alpha. - Downgrade no current certificates known for authority message from Notice to Info. Fixes bug 2899; bugfix on 0.2.0.10-alpha. - Make the SIGNAL DUMP control-port command work on FreeBSD. Fixes @@ -110,15 +132,29 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 multiple HS descriptors are published to an HSDir relay in a single POST operation. Fixes bug 2948; bugfix on 0.2.1.5-alpha. Found by hsdir. +- Write the current time into the LastWritten line in our state file, + rather than the time from the previous write attempt. Also, stop + trying to use a time of -1 in our log statements. Fixes bug 3039; + bugfix on 0.2.2.14-alpha. - Be more consistent in our treatment of file system paths. ~ should
[tor-commits] [tor/release-0.2.2] Edit the changelog a little more
commit d760e91d1d8ef9f50ec09d53d05c4e2d4d36f3c7 Author: Nick Mathewson ni...@torproject.org Date: Thu Apr 28 23:02:39 2011 -0400 Edit the changelog a little more --- ChangeLog | 14 +++--- 1 files changed, 7 insertions(+), 7 deletions(-) diff --git a/ChangeLog b/ChangeLog index 4571fc5..fe2c7e3 100644 --- a/ChangeLog +++ b/ChangeLog @@ -21,15 +21,15 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 if it is followed in the blob we're parsing by an unparsable microdescriptor. Fixes an issue reported in a comment on bug 2954. Bugfix on 0.2.2.6-alpha; fix by cypherpunks. -- If the Nickname configuration option isn't given, Tor would pick - a nickname based on the local hostname as the nickname for a relay. +- If the Nickname configuration option isn't given, Tor would pick a + nickname based on the local hostname as the nickname for a relay. Because nicknames are not very important in today's Tor and the Unnamed nickname has been implemented, this is now problematic - behavior: It leaks information about the hostname without being - useful at all. Bugfix on 0.1.2.2-alpha, which introduced the - Unnamed nickname. Fixes bug 2979, reported by tagnaq. + behavior: It leaks information about the hostname without being useful + at all. Fixes bug 2979; bugfix on 0.1.2.2-alpha, which introduced the + Unnamed nickname. Reported by tagnaq. - Fix an uncommon assertion failure when running with DNSPort under - heavy load. Fixes bug 2933; bugfix on 2.0.1-alpha. + heavy load. Fixes bug 2933; bugfix on 0.2.0.1-alpha. - Avoid linkability based on cached hidden service descriptors: forget all hidden service descriptors cached as a client when processing a SIGNAL NEWNYM command. Fixes bug 3000; bugfix on 0.0.6. @@ -41,7 +41,7 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 contributions to the network. o Major features and bugfixes (node selection): -- Revise and unify the meaning of the ExitNodes, EntryNodes, +- Revise and reconcile the meaning of the ExitNodes, EntryNodes, ExcludeEntryNodes, ExcludeExitNodes, ExcludeNodes, and StrictNodes options. Previously, we had been ambiguous in describing what counted as an exit node, and what operations exactly StrictNodes ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.2] Edit the changelog a little more, based on notes from arma
commit 7afa8a30da206b04c63174735227606336f9671c Author: Nick Mathewson ni...@torproject.org Date: Thu Apr 28 23:12:48 2011 -0400 Edit the changelog a little more, based on notes from arma --- ChangeLog | 30 +++--- 1 files changed, 15 insertions(+), 15 deletions(-) diff --git a/ChangeLog b/ChangeLog index fe2c7e3..cba40eb 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,14 +1,14 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 o Major bugfixes: -- When writing our maximum bw for the current interval to the state - file, don't wrongly inflate that value by a factor of 10 anymore. +- Relays were publishing grossly inflated bandwidth values because they + were writing their state files wrong--now they write the correct value. Also, resume reading bandwidth history from the state file correctly. - Fixes bug 2704; bugfix on tor-0.2.2.23-alpha. -- When we find that we have extended a hidden service's introduction - circuit to a relay not listed as an introduction point in the HS - descriptor we currently have, retry an introduction point from the - current descriptor. Previously we would just give up. Fixes bugs - 1024 and 1930; bugfix on 0.2.0.10-alpha. + Fixes bug 2704; bugfix on 0.2.2.23-alpha. +- Improve hidden service robustness: When we find that we have extended + a hidden service's introduction circuit to a relay not listed as an + introduction point in the HS descriptor we currently have, retry an + introduction point from the current descriptor. Previously we would + just give up. Fixes bugs 1024 and 1930; bugfix on 0.2.0.10-alpha. - Clients now stop trying to use an exit node associated with a given destination by TrackHostExits if they fail to reach that exit node. Fixes bug 2999. Bugfix on 0.2.0.20-rc. @@ -19,7 +19,7 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 o Security and stability fixes: - Don't double-free a parsable, but invalid, microdescriptor, even if it is followed in the blob we're parsing by an unparsable - microdescriptor. Fixes an issue reported in a comment on bug 2954. + microdescriptor. Fixes an issue reported in a comment on bug 2954. Bugfix on 0.2.2.6-alpha; fix by cypherpunks. - If the Nickname configuration option isn't given, Tor would pick a nickname based on the local hostname as the nickname for a relay. @@ -35,7 +35,7 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 SIGNAL NEWNYM command. Fixes bug 3000; bugfix on 0.0.6. o Major features: -- Export GeoIP information on bridge usage to controller even if +- Export GeoIP information on bridge usage to controllers even if we have not yet been running for 24 hours. Now Vidalia bridge operators can get more accurate and immediate feedback about their contributions to the network. @@ -102,12 +102,12 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 o Minor bugfixes: - Fix a spurious warning when moving from a short month to a long month - on relays with month-based BandwidthAccounting. Bugfix on + on relays with month-based BandwidthAccounting. Bugfix on 0.2.2.17-alpha; fixes bug 3020. - When a client finds that an origin circuit has run out of 16-bit stream IDs, we now mark it as unusable for new streams. Previously, we would try to close the entire circuit. Bugfix on 0.0.6. -- Added a forgotten cast that caused a compile warning on OS X 10.6. +- Add a forgotten cast that caused a compile warning on OS X 10.6. Bugfix on 0.2.2.24-alpha. - Be more careful about reporting the correct error from a failed connect() system call. Under some circumstances, it was possible to @@ -157,7 +157,7 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 to an extrainfo document. Implements ticket 2497. o Code simplification and refactoring: -- Removed workaround code to handle directory responses from +- Remove workaround code to handle directory responses from servers that had bug 539 (they would send HTTP status 503 responses _and_ send a body too). Since only server versions before 0.2.0.16-alpha/0.1.2.19 were affected, there is no longer reason @@ -169,8 +169,8 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 values. This is still something we might want to do someday, but if we do, we'll want to do it differently. - Avoid signed/unsigned comparisons by making SIZE_T_CEILING unsigned. - (None of the cases where we did this before were wrong, but by making - this change we avoid warnings.) Fixes bug 2475; bugfix on + None of the cases where we did this before were wrong, but by making + this change we avoid warnings. Fixes bug 2475; bugfix on 0.2.1.28. - Use GetTempDir to find the proper temporary directory location on Windows when generating
[tor-commits] [tor/release-0.2.2] Re-wrap changelog section for 0.2.2.25-alpha
commit 95dceffe1bdbf0c249a2ab079ef31a114b152d49 Author: Nick Mathewson ni...@torproject.org Date: Thu Apr 28 23:17:43 2011 -0400 Re-wrap changelog section for 0.2.2.25-alpha --- ChangeLog | 151 ++--- 1 files changed, 74 insertions(+), 77 deletions(-) diff --git a/ChangeLog b/ChangeLog index cba40eb..8258735 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,14 +1,15 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 o Major bugfixes: -- Relays were publishing grossly inflated bandwidth values because they - were writing their state files wrong--now they write the correct value. - Also, resume reading bandwidth history from the state file correctly. - Fixes bug 2704; bugfix on 0.2.2.23-alpha. -- Improve hidden service robustness: When we find that we have extended - a hidden service's introduction circuit to a relay not listed as an - introduction point in the HS descriptor we currently have, retry an - introduction point from the current descriptor. Previously we would - just give up. Fixes bugs 1024 and 1930; bugfix on 0.2.0.10-alpha. +- Relays were publishing grossly inflated bandwidth values because + they were writing their state files wrong--now they write the + correct value. Also, resume reading bandwidth history from the + state file correctly. Fixes bug 2704; bugfix on 0.2.2.23-alpha. +- Improve hidden service robustness: When we find that we have + extended a hidden service's introduction circuit to a relay not + listed as an introduction point in the HS descriptor we currently + have, retry with an introduction point from the current + descriptor. Previously we would just give up. Fixes bugs 1024 and + 1930; bugfix on 0.2.0.10-alpha. - Clients now stop trying to use an exit node associated with a given destination by TrackHostExits if they fail to reach that exit node. Fixes bug 2999. Bugfix on 0.2.0.20-rc. @@ -17,17 +18,17 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 by boboper. o Security and stability fixes: -- Don't double-free a parsable, but invalid, microdescriptor, even - if it is followed in the blob we're parsing by an unparsable +- Don't double-free a parsable, but invalid, microdescriptor, even if + it is followed in the blob we're parsing by an unparsable microdescriptor. Fixes an issue reported in a comment on bug 2954. Bugfix on 0.2.2.6-alpha; fix by cypherpunks. - If the Nickname configuration option isn't given, Tor would pick a nickname based on the local hostname as the nickname for a relay. Because nicknames are not very important in today's Tor and the Unnamed nickname has been implemented, this is now problematic - behavior: It leaks information about the hostname without being useful - at all. Fixes bug 2979; bugfix on 0.1.2.2-alpha, which introduced the - Unnamed nickname. Reported by tagnaq. + behavior: It leaks information about the hostname without being + useful at all. Fixes bug 2979; bugfix on 0.1.2.2-alpha, which + introduced the Unnamed nickname. Reported by tagnaq. - Fix an uncommon assertion failure when running with DNSPort under heavy load. Fixes bug 2933; bugfix on 0.2.0.1-alpha. - Avoid linkability based on cached hidden service descriptors: forget @@ -35,9 +36,9 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 SIGNAL NEWNYM command. Fixes bug 3000; bugfix on 0.0.6. o Major features: -- Export GeoIP information on bridge usage to controllers even if - we have not yet been running for 24 hours. Now Vidalia bridge - operators can get more accurate and immediate feedback about their +- Export GeoIP information on bridge usage to controllers even if we + have not yet been running for 24 hours. Now Vidalia bridge operators + can get more accurate and immediate feedback about their contributions to the network. o Major features and bugfixes (node selection): @@ -45,64 +46,62 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 ExcludeEntryNodes, ExcludeExitNodes, ExcludeNodes, and StrictNodes options. Previously, we had been ambiguous in describing what counted as an exit node, and what operations exactly StrictNodes - 0 would permit. This created confusion when people saw nodes - built through unexpected circuits, and made it hard to tell real - bugs from surprises. Now the intended behavior is: -. Exit, in the context of ExitNodes and ExcludeExitNodes, - means a node that delivers user traffic outside the Tor network. -. Entry, in the context of EntryNodes, means a node used as - the first hop of a multihop circuit. It doesn't include direct + 0 would permit. This created confusion when people saw nodes built + through unexpected circuits,
[tor-commits] [tor/release-0.2.2] Add a blurb; fix some double-spaces in the changelog
commit c2ce18fae1f5472d70697504e4ff9219cb123ed9 Author: Nick Mathewson ni...@torproject.org Date: Thu Apr 28 23:30:34 2011 -0400 Add a blurb; fix some double-spaces in the changelog --- ChangeLog | 26 ++ 1 files changed, 18 insertions(+), 8 deletions(-) diff --git a/ChangeLog b/ChangeLog index 8258735..83f95cb 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,9 +1,19 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 + Tor 0.2.2.25-alpha fixes many bugs: hidden service clients are more + robust, routers no longer overreport their bandwidth, Win7 should crash + a little less, and NEWNYM (as used by Vidalia's new identity button) + now prevents hidden service-related activity from being linkable. It + provides more information to Vidalia so you can see if your bridge is + working. Also, 0.2.2.25-alpha revamps the Entry/Exit/ExcludeNodes and + StrictNodes configuration options to make them more reliable, more + understandable, and more regularly applied. If you use those options, + please see the revised documentation for them in the manual page. + o Major bugfixes: - Relays were publishing grossly inflated bandwidth values because they were writing their state files wrong--now they write the - correct value. Also, resume reading bandwidth history from the - state file correctly. Fixes bug 2704; bugfix on 0.2.2.23-alpha. + correct value. Also, resume reading bandwidth history from the + state file correctly. Fixes bug 2704; bugfix on 0.2.2.23-alpha. - Improve hidden service robustness: When we find that we have extended a hidden service's introduction circuit to a relay not listed as an introduction point in the HS descriptor we currently @@ -14,8 +24,8 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 destination by TrackHostExits if they fail to reach that exit node. Fixes bug 2999. Bugfix on 0.2.0.20-rc. - Fix crash bug on platforms where gmtime and localtime can return - NULL. Fixes part of bug 2077. Bugfix on all versions of Tor. Found - by boboper. + NULL. Windows 7 users were running into this one. Fixes part of bug + 2077. Bugfix on all versions of Tor. Found by boboper. o Security and stability fixes: - Don't double-free a parsable, but invalid, microdescriptor, even if @@ -75,7 +85,7 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 - We don't use bridges listed in ExcludeNodes. - When StrictNodes is 1: . We now apply ExcludeNodes to hidden service introduction points - and to rendezvous points selected by hidden service users. This + and to rendezvous points selected by hidden service users. This can make your hidden service less reliable: use it with caution! . If we have used ExcludeNodes on ourself, do not try relay reachability self-tests. @@ -85,7 +95,7 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 - Remove a misfeature that caused us to ignore the Fast/Stable flags when ExitNodes is set. Bugfix on 0.2.2.7-alpha. - When the set of permitted nodes changes, we now remove any mappings - introduced via TrackExitHosts to now-excluded nodes. Bugfix on + introduced via TrackExitHosts to now-excluded nodes. Bugfix on 0.1.0.1-rc. - We never cannibalize a circuit that had excluded nodes on it, even if StrictNodes is 0. Bugfix on 0.1.0.1-rc. @@ -129,7 +139,7 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 2917. Bugfix on 0.1.1.1-alpha. - Only limit the lengths of single HS descriptors, even when multiple HS descriptors are published to an HSDir relay in a single POST - operation. Fixes bug 2948; bugfix on 0.2.1.5-alpha. Found by hsdir. + operation. Fixes bug 2948; bugfix on 0.2.1.5-alpha. Found by hsdir. - Write the current time into the LastWritten line in our state file, rather than the time from the previous write attempt. Also, stop trying to use a time of -1 in our log statements. Fixes bug 3039; @@ -149,7 +159,7 @@ Changes in version 0.2.2.25-alpha - 2011-04-28 clients are already deprecated because of security bugs. - Don't allow v0 hidden service authorities to act as clients. Required by fix for bug 3000. -- Ignore SIGNAL NEWNYM commands on relay-only Tor instances. Required +- Ignore SIGNAL NEWNYM commands on relay-only Tor instances. Required by fix for bug 3000. - Ensure that no empty [dirreq-](read|write)-history lines are added to an extrainfo document. Implements ticket 2497. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.2] Actually, let's sleep on 0.2.2.25-alpha and put it out in the morning
commit d715984a04ed943d50da92478b33cb337342e9d1 Author: Nick Mathewson ni...@torproject.org Date: Thu Apr 28 23:32:38 2011 -0400 Actually, let's sleep on 0.2.2.25-alpha and put it out in the morning (Bump release date) --- ChangeLog |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/ChangeLog b/ChangeLog index 83f95cb..7e95671 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,4 @@ -Changes in version 0.2.2.25-alpha - 2011-04-28 +Changes in version 0.2.2.25-alpha - 2011-04-29 Tor 0.2.2.25-alpha fixes many bugs: hidden service clients are more robust, routers no longer overreport their bandwidth, Win7 should crash a little less, and NEWNYM (as used by Vidalia's new identity button) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.2] Update hacking file with terse notes on formatting changelog
commit 676190e895a94978fbda82527f7ba2dbf8ccda80 Author: Nick Mathewson ni...@torproject.org Date: Thu Apr 28 23:44:48 2011 -0400 Update hacking file with terse notes on formatting changelog --- doc/HACKING | 33 + 1 files changed, 33 insertions(+), 0 deletions(-) diff --git a/doc/HACKING b/doc/HACKING index b612953..6407ff2 100644 --- a/doc/HACKING +++ b/doc/HACKING @@ -414,10 +414,43 @@ Here are the steps Roger takes when putting out a new Tor release: and as a directory authority. See if it has any obvious bugs, and resolve those. +1.5) As applicable, merge the maint-X branch into the release-X branch. + 2) Gather the changes/* files into a changelog entry, rewriting many of them and reordering to focus on what users and funders would find interesting and understandable. + 2.1) Make sure that everything that wants a bug number has one. + 2.2) Concatenate them. + 2.3) Sort them by section. Within each section, try to make the + first entry or two and the last entry most interesting: they're + the ones that skimmers tend to read. + + 2.4) Clean them up + + Standard idioms: + Fixes bug ; Bugfix on 0.3.3.3-alpha. + + One period after a space. + + Make stuff very terse + + Describe the user-visible problem right away + + Mention relevant config options by name. If they're rare or unusual, + remind people what they're for + + Avoid starting lines with open-paren + + Present and imperative tense: not past. + + 2.5) Merge them in. + + 2.6) Clean everything one last time. + + 2.7) Run it through fmt to make it pretty. + + 3) Compose a short release blurb to highlight the user-facing changes. Insert said release blurb into the ChangeLog stanza. If it's a stable release, add it to the ReleaseNotes file too. If we're adding ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.2] add another heuristic for changes stanzas
commit 93b0183d3cae436732b48d36aa9b54964854a0a4 Author: Roger Dingledine a...@torproject.org Date: Fri Apr 29 01:35:21 2011 -0400 add another heuristic for changes stanzas --- doc/HACKING |4 1 files changed, 4 insertions(+), 0 deletions(-) diff --git a/doc/HACKING b/doc/HACKING index 6407ff2..6336232 100644 --- a/doc/HACKING +++ b/doc/HACKING @@ -444,6 +444,10 @@ interesting and understandable. Present and imperative tense: not past. + If a given changes stanza showed up in a different release (e.g. + maint-0.2.1), be sure to make the stanzas identical (so people can + distinguish if these are the same change). + 2.5) Merge them in. 2.6) Clean everything one last time. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
