teor authored 8 years ago and Nick Mathewson committed 8 years ago

Instead, refuse to start tor if any hidden service key has been used in
a different hidden service anonymity mode.

Fixes bug 20638; bugfix on 17178 in 0.2.9.3-alpha; reported by ahf.

The original single onion service poisoning code checked poisoning state
in options_validate, and poisoned in options_act. This was problematic,
because the global array of hidden services had not been populated in
options_validate (and there were ordrering issues with hidden service
directory creation).

This patch fixes this issue in rend_service_check_dir_and_add, which:
* creates the directory, or checks permissions on an existing directory, then
* checks the poisoning state of the directory, then
* poisons the directory.

When validating, only the permissions checks and the poisoning state checks
are perfomed (the directory is not modified).

teor authored 8 years ago and Nick Mathewson committed 8 years ago

Add extra logging and extra validity checks for hidden services.

Make the function flatter, and prepare for #20559.

No behaviour change.

Put that code in rend_service_check_dir_and_add.

No behaviour change.

This is a defence in depth measure against similar bugs to 20529.

(We only create HS directories if we are acting on the config.)

Log a BUG warning if the directories aren't present immediately before they
are used, then fail.

For relays that don't know their own address, avoid attempting
a local hostname resolve for each descriptor we download. Also cut
down on the number of "Success: chose address 'x.x.x.x'" log lines.

Fixes bugs 20423 and 20610; bugfix on 0.2.8.1-alpha.

no change in behavior except fewer log entries in the case where we use
a cached result.

Fix typos:
    * extra '('
    * use assert_log_predicate (without 3 or 4 at the end)

Tidy whitespace.
Wrap long lines.

Single onion services and Tor2web deliberately create long-term one-hop
circuits to their intro and rend points, respectively.

These log messages are intended to diagnose issue 8387, which relates to
circuits hanging around forever for no reason.

Fixes bug 20613; bugfix on 0.2.9.1-alpha. Reported by "pastly".

Queue a corresponding change for torrc.minimal.in.

Closes ticket 20085.

Refactoring, no behaviour change.

It's not okay to use the same varargs list twice, and apparently
some windows build environments produce code here that would leave
tor_asprintf() broken. Fix for bug 20560; bugfix on 0.2.2.11-alpha
when tor_asprintf() was introduced.

Lower exponents mean that delays do not vary as much. This helps test
networks bootstrap consistently.

Bugfix on 20499.

(Three _is_ a good number for anonymity!)

Because as Teor puts it: "[Resetting on 503] is exactly what we
don't want when relays are busy - imagine clients doing an automatic
reset every time they DoS a relay..."

Fixes bug 20593.