1. 07 Sep, 2020 1 commit
    • George Kadianakis's avatar
      statistics: Properly count all rendezvous cells (avoid undercounting). · 85a1e6c6
      George Kadianakis authored
      tl;dr We were not counting cells flying from the client to the service, but we
      were counting cells flying from the service to the client.
      When a rendezvous cell arrives from the client to the RP, the RP forwards it to
      the service.
      For this to happen, the cell first passes through command_process_relay_cell()
      which normally does the statistics counting. However because the `rend_circ`
      circuit was not flagged with `circuit_carries_hs_traffic_stats` in
      rend_mid_rendezvous(), the cell is not counted there.
      Then the cell goes to circuit_receive_relay_cell() which has a special code
      block based on `rend_splice` specifically for rendezvous cells, and the cell
      gets directly passed to `rend_circ` via a direct call to
      circuit_receive_relay_cell(). The cell never passes through
      command_process_relay_cell() ever again and hence is never counted by our
      rephist module.
      The fix here is to flag the `rend_circ` circuit with
      `circuit_carries_hs_traffic_stats` so that the cell is counted as soon as it
      hits command_process_relay_cell().
      Furthermore we avoid double-counting cells since the special code block of
      circuit_receive_relay_cell() makes us count rendezvous cells only as they enter
      the RP and not as they exit it.
      Fixes #40117.
  2. 30 Jan, 2020 1 commit
  3. 08 Jan, 2020 1 commit
  4. 02 Sep, 2019 1 commit
  5. 26 Aug, 2019 1 commit
  6. 08 Aug, 2019 1 commit
  7. 06 Aug, 2019 1 commit
    • David Goulet's avatar
      hs: Limit the amount of relayed INTRODUCE2 · 9f738be8
      David Goulet authored
      This commit add the hs_dos.{c|h} file that has the purpose of having the
      anti-DoS code for onion services.
      At this commit, it only has one which is a function that decides if an
      INTRODUCE2 can be sent on the given introduction service circuit (S<->IP)
      using a simple token bucket.
      The rate per second is 25 and allowed burst to 200.
      Basic defenses on #15516.
      Signed-off-by: David Goulet's avatarDavid Goulet <dgoulet@torproject.org>
  8. 16 Jan, 2019 2 commits
  9. 22 Oct, 2018 1 commit
  10. 28 Aug, 2018 1 commit
  11. 11 Jul, 2018 1 commit
  12. 05 Jul, 2018 2 commits
    • Nick Mathewson's avatar
      Fix every include path changed in the previous commit (automated) · ef486e3c
      Nick Mathewson authored
      I am very glad to have written this script.
    • Nick Mathewson's avatar
      Move literally everything out of src/or · 63b4ea22
      Nick Mathewson authored
      This commit won't build yet -- it just puts everything in a slightly
      more logical place.
      The reasoning here is that "src/core" will hold the stuff that every (or
      nearly every) tor instance will need in order to do onion routing.
      Other features (including some necessary ones) will live in
      "src/feature".  The "src/app" directory will hold the stuff needed
      to have Tor be an application you can actually run.
      This commit DOES NOT refactor the former contents of src/or into a
      logical set of acyclic libraries, or change any code at all.  That
      will have to come in the future.
      We will continue to move things around and split them in the future,
      but I hope this lays a reasonable groundwork for doing so.
  13. 01 Jul, 2018 1 commit
  14. 21 Jun, 2018 1 commit
  15. 20 Jun, 2018 2 commits
  16. 15 Jun, 2018 1 commit
  17. 30 Jan, 2018 1 commit
  18. 13 Jul, 2017 1 commit
    • Isis Lovecruft's avatar
      rephist: Remove unused crypto_pk statistics. · c59ba015
      Isis Lovecruft authored
      These statistics were largely ununsed, and kept track of statistical information
      on things like how many time we had done TLS or how many signatures we had
      verified.  This information is largely not useful, and would only be logged
      after receiving a SIGUSR1 signal (but only if the logging severity level was
      less than LOG_INFO).
       * FIXES #19871.
       * REMOVES note_crypto_pk_op(), dump_pk_op(), and pk_op_counts from
       * REMOVES every external call to these functions.
  19. 13 Apr, 2017 1 commit
    • George Kadianakis's avatar
      hs: Add service-side circuitmap API. · f02868bb
      George Kadianakis authored and Nick Mathewson's avatar Nick Mathewson committed
      Now we have separate getters and setters for service-side and relay-side. I
      took this approach over adding arguments to the already existing methods to
      have more explicit type-checking, and also because some functions would grow
      too large and dirty.
      This commit also fixes every callsite to use the new function names which
      modifies the legacy HS (v2) and the prop224 (v3) code.
      Signed-off-by: David Goulet's avatarDavid Goulet <dgoulet@torproject.org>
  20. 07 Apr, 2017 1 commit
  21. 15 Mar, 2017 1 commit
  22. 18 Jan, 2017 3 commits
  23. 14 Dec, 2016 3 commits
  24. 27 Oct, 2016 2 commits
  25. 10 May, 2016 1 commit
    • Roger Dingledine's avatar
      Stop being so strict about the payload length of "rendezvous1" cells · be0e1e9e
      Roger Dingledine authored
      We used to be locked in to the "tap" handshake length, and now we can
      handle better handshakes like "ntor".
      Resolves ticket 18998.
      I checked that relay_send_command_from_edge() behaves fine when you
      hand it a payload with length 0. Clients behave fine too, since current
      clients remain strict about the required length in the rendezvous2 cells.
      (Clients will want to become less strict once they have an alternate
      format that they're willing to receive.)
  26. 27 Feb, 2016 1 commit
  27. 26 Jan, 2016 1 commit
  28. 03 Apr, 2015 3 commits
  29. 01 Apr, 2015 1 commit
  30. 02 Jan, 2015 1 commit