Commit 440b7f0c authored by Roger Dingledine's avatar Roger Dingledine
Browse files

polish r9726-r9903


svn:r10182
parent 028f4783
...@@ -121,8 +121,8 @@ Changes in version 0.2.0.1-alpha - 2007-??-?? ...@@ -121,8 +121,8 @@ Changes in version 0.2.0.1-alpha - 2007-??-??
eventdns code. eventdns code.
o Minor bugfixes (portability): o Minor bugfixes (portability):
- Even though windows is equally happy with / and \ as path separators, - Even though Windows is equally happy with / and \ as path separators,
try to use \ consistently on windows and / consistently on unix: it try to use \ consistently on Windows and / consistently on Unix: it
makes the log messages nicer. makes the log messages nicer.
- Correctly report platform name on Windows 95 OSR2 and Windows 98 SE. - Correctly report platform name on Windows 95 OSR2 and Windows 98 SE.
...@@ -132,7 +132,7 @@ Changes in version 0.2.0.1-alpha - 2007-??-?? ...@@ -132,7 +132,7 @@ Changes in version 0.2.0.1-alpha - 2007-??-??
- When we are reporting the DirServer line we just parsed, we were - When we are reporting the DirServer line we just parsed, we were
logging the second stanza of the key fingerprint, not the first. logging the second stanza of the key fingerprint, not the first.
- When we have k non-v2 authorities in our DirServer config, - When we have k non-v2 authorities in our DirServer config,
we ignored as many as k v2 authorities while updating our we ignored the last k authorities in the list when updating our
network-statuses. network-statuses.
o Minor bugfixes (other): o Minor bugfixes (other):
...@@ -152,15 +152,10 @@ Changes in version 0.2.0.1-alpha - 2007-??-?? ...@@ -152,15 +152,10 @@ Changes in version 0.2.0.1-alpha - 2007-??-??
- Fix a typo in an error message when extendcircuit fails that - Fix a typo in an error message when extendcircuit fails that
caused us to not follow the \r\n-based delimiter protocol. Reported caused us to not follow the \r\n-based delimiter protocol. Reported
by daejees. by daejees.
- The control spec described a GUARDS event, but the code
implemented a GUARD event. Standardize on GUARD, but support people
asking for GUARDS too. Reported by daejees.
- Correct the control spec to match how the code actually responds
to 'getinfo addr-mappings/*'. Reported by daejees.
- Actually set the purpose correctly for descriptors inserted with - Actually set the purpose correctly for descriptors inserted with
purpose=controller. purpose=controller.
o Code simplifications and refactoring o Code simplifications and refactoring:
- Stop passing around circuit_t and crypt_path_t pointers that are - Stop passing around circuit_t and crypt_path_t pointers that are
implicit in other procedure arguments. implicit in other procedure arguments.
- Drop the old code to choke directory connections when the corresponding - Drop the old code to choke directory connections when the corresponding
......
...@@ -131,7 +131,7 @@ whistleblowers in firewalled corporate networks; and for people in ...@@ -131,7 +131,7 @@ whistleblowers in firewalled corporate networks; and for people in
unanticipated oppressive situations. In fact, by designing with unanticipated oppressive situations. In fact, by designing with
a variety of adversaries in mind, we can take advantage of the fact that a variety of adversaries in mind, we can take advantage of the fact that
adversaries will be in different stages of the arms race at each location, adversaries will be in different stages of the arms race at each location,
so a server blocked in one locale can still be useful in others. so an address blocked in one locale can still be useful in others.
We assume that the attackers' goals are somewhat complex. We assume that the attackers' goals are somewhat complex.
\begin{tightlist} \begin{tightlist}
...@@ -149,9 +149,9 @@ We assume that the attackers' goals are somewhat complex. ...@@ -149,9 +149,9 @@ We assume that the attackers' goals are somewhat complex.
\item Complete blocking (where nobody at all can ever download censored \item Complete blocking (where nobody at all can ever download censored
content) is not a content) is not a
goal. Attackers typically recognize that perfect censorship is not only goal. Attackers typically recognize that perfect censorship is not only
impossible, but unnecessary: if ``undesirable'' information is known only impossible, it is unnecessary: if ``undesirable'' information is known only
to a small few, further censoring efforts can be focused elsewhere. to a small few, further censoring efforts can be focused elsewhere.
\item Similarly, the censors are not attempting to shut down or block {\it \item Similarly, the censors do not attempt to shut down or block {\it
every} anti-censorship tool---merely the tools that are popular and every} anti-censorship tool---merely the tools that are popular and
effective (because these tools impede the censors' information restriction effective (because these tools impede the censors' information restriction
goals) and those tools that are highly visible (thus making the censors goals) and those tools that are highly visible (thus making the censors
...@@ -1667,8 +1667,8 @@ Many people working on this field want to publicize the existence ...@@ -1667,8 +1667,8 @@ Many people working on this field want to publicize the existence
and extent of censorship concurrently with the deployment of their and extent of censorship concurrently with the deployment of their
circumvention software. The easy reason for this two-pronged push is circumvention software. The easy reason for this two-pronged push is
to attract volunteers for running proxies in their systems; but in many to attract volunteers for running proxies in their systems; but in many
cases their main goal is not to focus on actually allowing individuals cases their main goal is not to focus on getting more users signed up,
to circumvent the firewall, but rather to educate the world about the but rather to educate the rest of the world about the
censorship. The media also tries to do its part by broadcasting the censorship. The media also tries to do its part by broadcasting the
existence of each new circumvention system. existence of each new circumvention system.
......
...@@ -289,8 +289,8 @@ $Id$ ...@@ -289,8 +289,8 @@ $Id$
1 if it is not present. Until 0.1.2.1-alpha-dev, this option was 1 if it is not present. Until 0.1.2.1-alpha-dev, this option was
not generated, even when eventdns was in use. Versions of Tor not generated, even when eventdns was in use. Versions of Tor
before 0.1.2.1-alpha-dev did not parse this option, so it should be before 0.1.2.1-alpha-dev did not parse this option, so it should be
marked "opt". With some future version, the old 'dnsworker' logic marked "opt". With 0.2.0.1-alpha, the old 'dnsworker' logic has
will be removed, rendering this option of historical interest only.] been removed, rendering this option of historical interest only.]
2.2. Nonterminals in router descriptors 2.2. Nonterminals in router descriptors
......
...@@ -465,24 +465,6 @@ $Id$ ...@@ -465,24 +465,6 @@ $Id$
[See also migration notes in section 2.2.1.] [See also migration notes in section 2.2.1.]
"eventdns" bool NL
[At most once]
Declare whether this version of Tor is using the newer enhanced
dns logic. Versions of Tor without eventdns SHOULD NOT be used for
reverse hostname lookups.
[All versions of Tor before 0.1.2.2-alpha should be assumed to have
this option set to 0 if it is not present. All Tor versions at
0.1.2.2-alpha or later should be assumed to have this option set to
1 if it is not present. Until 0.1.2.1-alpha-dev, this option was
not generated, even when eventdns was in use. Versions of Tor
before 0.1.2.1-alpha-dev did not parse this option, so it should be
marked "opt". With some future version, the old 'dnsworker' logic
will be removed, rendering this option of historical interest
only.]
"caches-extra-info" 0|1 NL "caches-extra-info" 0|1 NL
[At most once.] [At most once.]
......
...@@ -104,8 +104,7 @@ _log_prefix(char *buf, size_t buf_len, int severity) ...@@ -104,8 +104,7 @@ _log_prefix(char *buf, size_t buf_len, int severity)
t = (time_t)now.tv_sec; t = (time_t)now.tv_sec;
n = strftime(buf, buf_len, "%b %d %H:%M:%S", tor_localtime_r(&t, &tm)); n = strftime(buf, buf_len, "%b %d %H:%M:%S", tor_localtime_r(&t, &tm));
r = tor_snprintf(buf+n, buf_len-n, r = tor_snprintf(buf+n, buf_len-n, ".%.3ld [%s] ",
".%.3ld [%s] ",
(long)now.tv_usec / 1000, sev_to_string(severity)); (long)now.tv_usec / 1000, sev_to_string(severity));
if (r<0) if (r<0)
return buf_len-1; return buf_len-1;
......
...@@ -1216,11 +1216,11 @@ connection_ap_handshake_attach_chosen_circuit(edge_connection_t *conn, ...@@ -1216,11 +1216,11 @@ connection_ap_handshake_attach_chosen_circuit(edge_connection_t *conn,
consider_recording_trackhost(conn, circ); consider_recording_trackhost(conn, circ);
/* fall through */ /* fall through */
case SOCKS_COMMAND_CONNECT_DIR: case SOCKS_COMMAND_CONNECT_DIR:
if (connection_ap_handshake_send_begin(conn)<0) if (connection_ap_handshake_send_begin(conn) < 0)
return -1; return -1;
break; break;
default: default:
if (connection_ap_handshake_send_resolve(conn)<0) if (connection_ap_handshake_send_resolve(conn) < 0)
return -1; return -1;
} }
......
...@@ -899,8 +899,8 @@ options_act(or_options_t *old_options) ...@@ -899,8 +899,8 @@ options_act(or_options_t *old_options)
if (options->DirServers) { if (options->DirServers) {
for (cl = options->DirServers; cl; cl = cl->next) { for (cl = options->DirServers; cl; cl = cl->next) {
if (parse_dir_server_line(cl->value, 0)<0) { if (parse_dir_server_line(cl->value, 0)<0) {
log_err(LD_BUG, log_warn(LD_BUG,
"Previously validated DirServer line could not be added!"); "Previously validated DirServer line could not be added!");
return -1; return -1;
} }
} }
...@@ -912,15 +912,15 @@ options_act(or_options_t *old_options) ...@@ -912,15 +912,15 @@ options_act(or_options_t *old_options)
if (options->Bridges) { if (options->Bridges) {
for (cl = options->Bridges; cl; cl = cl->next) { for (cl = options->Bridges; cl; cl = cl->next) {
if (parse_bridge_line(cl->value, 0)<0) { if (parse_bridge_line(cl->value, 0)<0) {
log_err(LD_BUG, log_warn(LD_BUG,
"Previously validated Bridge line could not be added!"); "Previously validated Bridge line could not be added!");
return -1; return -1;
} }
} }
} }
if (running_tor && rend_config_services(options, 0)<0) { if (running_tor && rend_config_services(options, 0)<0) {
log_err(LD_BUG, log_warn(LD_BUG,
"Previously validated hidden services line could not be added!"); "Previously validated hidden services line could not be added!");
return -1; return -1;
} }
...@@ -931,8 +931,8 @@ options_act(or_options_t *old_options) ...@@ -931,8 +931,8 @@ options_act(or_options_t *old_options)
tor_snprintf(fn, len, "%s"PATH_SEPARATOR"cached-status", tor_snprintf(fn, len, "%s"PATH_SEPARATOR"cached-status",
options->DataDirectory); options->DataDirectory);
if (check_private_dir(fn, CPD_CREATE) != 0) { if (check_private_dir(fn, CPD_CREATE) != 0) {
log_err(LD_CONFIG, log_warn(LD_CONFIG,
"Couldn't access/create private data directory \"%s\"", fn); "Couldn't access/create private data directory \"%s\"", fn);
tor_free(fn); tor_free(fn);
return -1; return -1;
} }
...@@ -984,13 +984,13 @@ options_act(or_options_t *old_options) ...@@ -984,13 +984,13 @@ options_act(or_options_t *old_options)
/* reload keys as needed for rendezvous services. */ /* reload keys as needed for rendezvous services. */
if (rend_service_load_keys()<0) { if (rend_service_load_keys()<0) {
log_err(LD_GENERAL,"Error loading rendezvous service keys"); log_warn(LD_GENERAL,"Error loading rendezvous service keys");
return -1; return -1;
} }
/* Set up accounting */ /* Set up accounting */
if (accounting_parse_options(options, 0)<0) { if (accounting_parse_options(options, 0)<0) {
log_err(LD_CONFIG,"Error in accounting options"); log_warn(LD_CONFIG,"Error in accounting options");
return -1; return -1;
} }
if (accounting_is_enabled(options)) if (accounting_is_enabled(options))
...@@ -1013,7 +1013,7 @@ options_act(or_options_t *old_options) ...@@ -1013,7 +1013,7 @@ options_act(or_options_t *old_options)
"Worker-related options changed. Rotating workers."); "Worker-related options changed. Rotating workers.");
if (server_mode(options) && !server_mode(old_options)) { if (server_mode(options) && !server_mode(old_options)) {
if (init_keys() < 0) { if (init_keys() < 0) {
log_err(LD_BUG,"Error initializing keys; exiting"); log_warn(LD_BUG,"Error initializing keys; exiting");
return -1; return -1;
} }
ip_address_changed(0); ip_address_changed(0);
...@@ -3689,7 +3689,7 @@ normalize_data_directory(or_options_t *options) ...@@ -3689,7 +3689,7 @@ normalize_data_directory(or_options_t *options)
if (strncmp(d,"~/",2) == 0) { if (strncmp(d,"~/",2) == 0) {
char *fn = expand_filename(d); char *fn = expand_filename(d);
if (!fn) { if (!fn) {
log_err(LD_CONFIG,"Failed to expand filename \"%s\".", d); log_warn(LD_CONFIG,"Failed to expand filename \"%s\".", d);
return -1; return -1;
} }
if (!options->DataDirectory && !strcmp(fn,"/.tor")) { if (!options->DataDirectory && !strcmp(fn,"/.tor")) {
...@@ -3719,7 +3719,7 @@ validate_data_directory(or_options_t *options) ...@@ -3719,7 +3719,7 @@ validate_data_directory(or_options_t *options)
return -1; return -1;
tor_assert(options->DataDirectory); tor_assert(options->DataDirectory);
if (strlen(options->DataDirectory) > (512-128)) { if (strlen(options->DataDirectory) > (512-128)) {
log_err(LD_CONFIG, "DataDirectory is too long."); log_warn(LD_CONFIG, "DataDirectory is too long.");
return -1; return -1;
} }
return 0; return 0;
......
...@@ -29,8 +29,7 @@ static smartlist_t *redirect_exit_list = NULL; ...@@ -29,8 +29,7 @@ static smartlist_t *redirect_exit_list = NULL;
static int connection_ap_handshake_process_socks(edge_connection_t *conn); static int connection_ap_handshake_process_socks(edge_connection_t *conn);
static int connection_ap_process_natd(edge_connection_t *conn); static int connection_ap_process_natd(edge_connection_t *conn);
static int connection_exit_connect_dir(edge_connection_t *exit_conn, static int connection_exit_connect_dir(edge_connection_t *exitconn);
or_circuit_t *circ);
static int hostname_is_noconnect_address(const char *address); static int hostname_is_noconnect_address(const char *address);
/** An AP stream has failed/finished. If it hasn't already sent back /** An AP stream has failed/finished. If it hasn't already sent back
...@@ -2226,7 +2225,7 @@ connection_exit_begin_conn(cell_t *cell, circuit_t *circ) ...@@ -2226,7 +2225,7 @@ connection_exit_begin_conn(cell_t *cell, circuit_t *circ)
tor_assert(or_circ); tor_assert(or_circ);
if (or_circ->p_conn && or_circ->p_conn->_base.addr) if (or_circ->p_conn && or_circ->p_conn->_base.addr)
n_stream->_base.addr = or_circ->p_conn->_base.addr; n_stream->_base.addr = or_circ->p_conn->_base.addr;
return connection_exit_connect_dir(n_stream, or_circ); return connection_exit_connect_dir(n_stream);
} }
log_debug(LD_EXIT,"about to start the dns_resolve()."); log_debug(LD_EXIT,"about to start the dns_resolve().");
...@@ -2393,57 +2392,57 @@ connection_exit_connect(edge_connection_t *edge_conn) ...@@ -2393,57 +2392,57 @@ connection_exit_connect(edge_connection_t *edge_conn)
* bridge connection with a socketpair, create a new directory conn, and join * bridge connection with a socketpair, create a new directory conn, and join
* them together. Return 0 on success (or if there was an error we could send * them together. Return 0 on success (or if there was an error we could send
* back an end cell for). Return -(some circuit end reason) if the circuit * back an end cell for). Return -(some circuit end reason) if the circuit
* needs to be torn down. Either connects exit_conn, frees it, or marks it, * needs to be torn down. Either connects <b>exitconn<b/>, frees it,
* as appropriate. * or marks it, as appropriate.
* *
* DOCDOC no longer uses socketpair * DOCDOC no longer uses socketpair
*/ */
static int static int
connection_exit_connect_dir(edge_connection_t *exit_conn, connection_exit_connect_dir(edge_connection_t *exitconn)
or_circuit_t *circ)
{ {
dir_connection_t *dir_conn = NULL; dir_connection_t *dirconn = NULL;
or_circuit_t *circ = TO_OR_CIRCUIT(exitconn->on_circuit);
log_info(LD_EXIT, "Opening local connection for anonymized directory exit"); log_info(LD_EXIT, "Opening local connection for anonymized directory exit");
exit_conn->_base.state = EXIT_CONN_STATE_OPEN; exitconn->_base.state = EXIT_CONN_STATE_OPEN;
dir_conn = TO_DIR_CONN(connection_new(CONN_TYPE_DIR)); dirconn = TO_DIR_CONN(connection_new(CONN_TYPE_DIR));
dir_conn->_base.addr = 0x7f000001; dirconn->_base.addr = 0x7f000001;
dir_conn->_base.port = 0; dirconn->_base.port = 0;
dir_conn->_base.address = tor_strdup("Tor network"); dirconn->_base.address = tor_strdup("Tor network");
dir_conn->_base.type = CONN_TYPE_DIR; dirconn->_base.type = CONN_TYPE_DIR;
dir_conn->_base.purpose = DIR_PURPOSE_SERVER; dirconn->_base.purpose = DIR_PURPOSE_SERVER;
dir_conn->_base.state = DIR_CONN_STATE_SERVER_COMMAND_WAIT; dirconn->_base.state = DIR_CONN_STATE_SERVER_COMMAND_WAIT;
connection_link_connections(TO_CONN(dir_conn), TO_CONN(exit_conn)); connection_link_connections(TO_CONN(dir_conn), TO_CONN(exitconn));
if (connection_add(TO_CONN(exit_conn))<0) { if (connection_add(TO_CONN(exitconn))<0) {
connection_edge_end(exit_conn, END_STREAM_REASON_RESOURCELIMIT); connection_edge_end(exitconn, END_STREAM_REASON_RESOURCELIMIT);
connection_free(TO_CONN(exit_conn)); connection_free(TO_CONN(exitconn));
connection_free(TO_CONN(dir_conn)); connection_free(TO_CONN(dirconn));
return 0; return 0;
} }
exit_conn->next_stream = circ->n_streams; exitconn->next_stream = circ->n_streams;
circ->n_streams = exit_conn; circ->n_streams = exitconn;
if (connection_add(TO_CONN(dir_conn))<0) { if (connection_add(TO_CONN(dirconn))<0) {
connection_edge_end(exit_conn, END_STREAM_REASON_RESOURCELIMIT); connection_edge_end(exitconn, END_STREAM_REASON_RESOURCELIMIT);
connection_close_immediate(TO_CONN(exit_conn)); connection_close_immediate(TO_CONN(exitconn));
connection_mark_for_close(TO_CONN(exit_conn)); connection_mark_for_close(TO_CONN(exitconn));
connection_free(TO_CONN(dir_conn)); connection_free(TO_CONN(dirconn));
return 0; return 0;
} }
connection_start_reading(TO_CONN(dir_conn)); connection_start_reading(TO_CONN(dirconn));
connection_start_reading(TO_CONN(exit_conn)); connection_start_reading(TO_CONN(exitconn));
if (connection_edge_send_command(exit_conn, if (connection_edge_send_command(exitconn,
RELAY_COMMAND_CONNECTED, NULL, 0) < 0) { RELAY_COMMAND_CONNECTED, NULL, 0) < 0) {
connection_mark_for_close(TO_CONN(exit_conn)); connection_mark_for_close(TO_CONN(exitconn));
connection_mark_for_close(TO_CONN(dir_conn)); connection_mark_for_close(TO_CONN(dirconn));
return 0; return 0;
} }
......
...@@ -7,7 +7,7 @@ const char control_c_id[] = ...@@ -7,7 +7,7 @@ const char control_c_id[] =
/** /**
* \file control.c * \file control.c
* \brief Implementation for Tor's control-socket interface. * \brief Implementation for Tor's control-socket interface.
* See control-spec.txt for full details on protocol. * See doc/spec/control-spec.txt for full details on protocol.
**/ **/
#define CONTROL_PRIVATE #define CONTROL_PRIVATE
......
...@@ -647,7 +647,7 @@ directory_send_command(dir_connection_t *conn, ...@@ -647,7 +647,7 @@ directory_send_command(dir_connection_t *conn,
if (strlen(proxystring) + strlen(url) >= 4096) { if (strlen(proxystring) + strlen(url) >= 4096) {
log_warn(LD_BUG, log_warn(LD_BUG,
"Squid does not like URLs longer than 4095 bytes, this " "Squid does not like URLs longer than 4095 bytes, and this "
"one is %d bytes long: %s%s", "one is %d bytes long: %s%s",
(int)(strlen(proxystring) + strlen(url)), proxystring, url); (int)(strlen(proxystring) + strlen(url)), proxystring, url);
} }
......
...@@ -8,7 +8,7 @@ const char dns_c_id[] = ...@@ -8,7 +8,7 @@ const char dns_c_id[] =
/** /**
* \file dns.c * \file dns.c
* \brief Implements a local cache for DNS results for Tor servers. * \brief Implements a local cache for DNS results for Tor servers.
* This is implemetned as a wrapper around Adam Langley's eventdns.c code. * This is implemented as a wrapper around Adam Langley's eventdns.c code.
* (We can't just use gethostbyname() and friends because we really need to * (We can't just use gethostbyname() and friends because we really need to
* be nonblocking.) * be nonblocking.)
**/ **/
......
...@@ -515,8 +515,8 @@ conn_write_callback(int fd, short events, void *_conn) ...@@ -515,8 +515,8 @@ conn_write_callback(int fd, short events, void *_conn)
if (!conn->marked_for_close) { if (!conn->marked_for_close) {
/* this connection is broken. remove it. */ /* this connection is broken. remove it. */
log_fn(LOG_WARN,LD_BUG, log_fn(LOG_WARN,LD_BUG,
"unhandled error on write for %s connection (fd %d); removing", "unhandled error on write for %s connection (fd %d); removing",
conn_type_to_string(conn->type), conn->s); conn_type_to_string(conn->type), conn->s);
tor_fragile_assert(); tor_fragile_assert();
if (CONN_IS_EDGE(conn)) { if (CONN_IS_EDGE(conn)) {
/* otherwise we cry wolf about duplicate close */ /* otherwise we cry wolf about duplicate close */
......
...@@ -4344,7 +4344,7 @@ update_router_descriptor_cache_downloads(time_t now) ...@@ -4344,7 +4344,7 @@ update_router_descriptor_cache_downloads(time_t now)
continue; continue;
if (router_get_by_descriptor_digest(rs->descriptor_digest)) { if (router_get_by_descriptor_digest(rs->descriptor_digest)) {
log_warn(LD_BUG, log_warn(LD_BUG,
"We have a router descriptor, but need_to_mirror=1."); "We have a router descriptor, but need_to_mirror=1.");
rs->need_to_mirror = 0; rs->need_to_mirror = 0;
continue; continue;
} }
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment