1. 14 Jun, 2011 2 commits
    • Nick Mathewson's avatar
      Make the get_options() return const · 47c8433a
      Nick Mathewson authored
      This lets us make a lot of other stuff const, allows the compiler to
      generate (slightly) better code, and will make me get slightly fewer
      patches from folks who stick mutable stuff into or_options_t.
      
      const: because not every input is an output!
      47c8433a
    • Jérémy Bobbio's avatar
      Make ControlSocketsGroupWritable work with User. · 54d7d31c
      Jérémy Bobbio authored and Nick Mathewson's avatar Nick Mathewson committed
      Original message from bug3393:
      
      check_private_dir() to ensure that ControlSocketsGroupWritable is
      safe to use. Unfortunately, check_private_dir() only checks against
      the currently running user… which can be root until privileges are
      dropped to the user and group configured by the User config option.
      
      The attached patch fixes the issue by adding a new effective_user
      argument to check_private_dir() and updating the callers. It might
      not be the best way to fix the issue, but it did in my tests.
      
      (Code by lunar; changelog by nickm)
      54d7d31c
  2. 03 Jun, 2011 1 commit
  3. 02 Jun, 2011 1 commit
    • Nick Mathewson's avatar
      Add an "auto" option to UseBridges · 507c1257
      Nick Mathewson authored
      UseBridges 1 now means "connect only to bridges; if you know no
      bridges, don't make connections."  UseBridges auto means "Use bridges
      if they are known, and we have no EntryNodes set, and we aren't a
      server."  UseBridges 0 means "don't use bridges."
      507c1257
  4. 31 May, 2011 1 commit
    • Roger Dingledine's avatar
      stop asserting at boot · 56771f39
      Roger Dingledine authored
      The patch for 3228 made us try to run init_keys() before we had loaded
      our state file, resulting in an assert inside init_keys. We had moved
      it too early in the function.
      
      Now it's later in the function, but still above the accounting calls.
      56771f39
  5. 30 May, 2011 2 commits
  6. 21 May, 2011 1 commit
    • Sebastian Hahn's avatar
      Don't recreate descriptor on sighup · 3ff7925a
      Sebastian Hahn authored and Roger Dingledine's avatar Roger Dingledine committed
      We used to regenerate our descriptor whenever we'd get a sighup. This
      was caused by a bug in options_transition_affects_workers() that would
      return true even if the options were exactly the same. Down the call
      path we'd call init_keys(), which made us make a new descriptor which
      the authorities would reject, and the node would subsequently fall out
      of the consensus.
      
      This patch fixes only the first part of this bug:
      options_transition_affects_workers() behaves correctly now. The second
      part still wants a fix.
      3ff7925a
  7. 20 May, 2011 3 commits
  8. 18 May, 2011 1 commit
  9. 16 May, 2011 5 commits
    • Michael Yakubovich's avatar
      Fix bug2752 : 48-char HTTPProxyAuthenticator limitation · a3707a10
      Michael Yakubovich authored
      Bumped the char maximum to 512 for HTTPProxyAuthenticator &
      HTTPSProxyAuthenticator. Now stripping all '\n' after base64
      encoding in alloc_http_authenticator.
      a3707a10
    • Sebastian Hahn's avatar
      Clean up the 2972 implementation a little · 41982612
      Sebastian Hahn authored and Nick Mathewson's avatar Nick Mathewson committed
      41982612
    • Jérémy Bobbio's avatar
      Add UnixSocketsGroupWritable config flag · d41ac64a
      Jérémy Bobbio authored and Nick Mathewson's avatar Nick Mathewson committed
      When running a system-wide instance of Tor on Unix-like systems, having
      a ControlSocket is a quite handy mechanism to access Tor control
      channel.  But it would be easier if access to the Unix domain socket can
      be granted by making control users members of the group running the Tor
      process.
      
      This change introduces a UnixSocketsGroupWritable option, which will
      create Unix domain sockets (and thus ControlSocket) 'g+rw'. This allows
      ControlSocket to offer same access control measures than
      ControlPort+CookieAuthFileGroupReadable.
      
      See <http://bugs.debian.org/552556> for more details.
      d41ac64a
    • Nick Mathewson's avatar
      Preserve bridge download status across SETCONF, HUP · 2b9c5ee3
      Nick Mathewson authored
      This code changes it so that we don't remove bridges immediately when
      we start re-parsing our configuration.  Instead, we mark them all, and
      remove all the marked ones after re-parsing our bridge lines.  As we
      add a bridge, we see if it's already in the list.  If so, we just
      unmark it.
      
      This new behavior will lose the property we used to have that bridges
      were in bridge_list in the same order in which they appeared in the
      torrc.  I took a quick look through the code, and I'm pretty sure we
      didn't actually depend on that anywhere.
      
      This is for bug 3019; it's a fix on 0.2.0.3-alpha.
      2b9c5ee3
    • Nick Mathewson's avatar
      Fixup whitespace issues from 3122 commit · bc44393e
      Nick Mathewson authored
      bc44393e
  10. 13 May, 2011 7 commits
  11. 12 May, 2011 1 commit
  12. 06 May, 2011 4 commits
  13. 29 Apr, 2011 4 commits
  14. 28 Apr, 2011 1 commit
    • Robert Ransom's avatar
      Don't allow v0 HS auths to act as clients · df5c7fed
      Robert Ransom authored and Nick Mathewson's avatar Nick Mathewson committed
      A v0 HS authority stores v0 HS descriptors in the same descriptor
      cache that its HS client functionality uses.  Thus, if the HS
      authority operator clears its client HS descriptor cache, ALL v0
      HS descriptors will be lost.  That would be bad.
      df5c7fed
  15. 27 Apr, 2011 4 commits
  16. 26 Apr, 2011 1 commit
  17. 22 Apr, 2011 1 commit