Loading ChangeLog +25 −21 Original line number Diff line number Diff line Changes in version 0.1.2.7-alpha - 2007-??-?? Changes in version 0.1.2.7-alpha - 2007-02-06 o Major bugfixes (rate limiting): - Servers decline directory requests much more aggressively when they're low on bandwidth. Otherwise they end up queueing more and more directory responses, which can't be good for latency. - Fix a memory leak when sending a 503 response for a networkstatus request. - But never refuse directory requests from local addresses. - Be willing to read or write on local connections (e.g. controller connections) even when the global rate limiting buckets are empty. Loading @@ -20,15 +22,13 @@ Changes in version 0.1.2.7-alpha - 2007-??-?? existing installed services. o Major bugfixes (other): - Fix a crash bug in the presence of DNS hijacking (reported by Andrew Del Vecchio). - Previously, we would cache up to 16 old networkstatus documents indefinitely, if they came from nontrusted authorities. Now we discard them if they are more than 10 days old. - Fix a crash bug in the presence of DNS hijacking (reported by Andrew Del Vecchio). - Detect and reject malformed DNS responses containing circular pointer loops. - Fix a memory leak when sending a 503 response for a networkstatus request. - If exits are rare enough that we're not marking exits as guards, ignore exit bandwidth when we're deciding the required bandwidth to become a guard. Loading @@ -39,19 +39,9 @@ Changes in version 0.1.2.7-alpha - 2007-??-?? slowdowns in tunneled dir connections; a better solution will have to wait for 0.2.0.) o Minor bugfixes: - When computing clock skew from directory HTTP headers, consider what time it was when we finished asking for the directory, not what time it is now. o Minor bugfixes (dns): - Add some defensive programming to eventdns.c in an attempt to catch possible memory-stomping bugs. - Fix crash with "tor --list-fingerprint" (reported by seeess). - Expire socks connections if they spend too long waiting for the handshake to finish. Previously we would let them sit around for days, if the connecting application didn't close them either. - And if the socks handshake hasn't started, don't send a "DNS resolve socks failed" handshake reply; just close it. - Stop using C functions that OpenBSD's linker doesn't like. - Detect and reject DNS replies containing IPv4 or IPv6 records with an incorrect number of bytes. (Previously, we would ignore the extra bytes.) Loading @@ -59,18 +49,30 @@ Changes in version 0.1.2.7-alpha - 2007-??-?? in the correct order, and doesn't crash. - Free memory held in recently-completed DNS lookup attempts on exit. This was not a memory leak, but may have been hiding memory leaks. - Handle TTL values correctly on reverse DNS lookups. - Treat failure to parse resolv.conf as an error. o Minor bugfixes (other): - Fix crash with "tor --list-fingerprint" (reported by seeess). - When computing clock skew from directory HTTP headers, consider what time it was when we finished asking for the directory, not what time it is now. - Expire socks connections if they spend too long waiting for the handshake to finish. Previously we would let them sit around for days, if the connecting application didn't close them either. - And if the socks handshake hasn't started, don't send a "DNS resolve socks failed" handshake reply; just close it. - Stop using C functions that OpenBSD's linker doesn't like. - Don't launch requests for descriptors unless we have networkstatuses from at least half of the authorities. This delays the first download slightly under pathological circumstances, but can prevent us from downloading a bunch of descriptors we don't need. - Do not log IPs with TLS failures for incoming TLS connections. (Fixes bug 382.) - If the user asks to use invalid exit nodes, be willing to use the - If the user asks to use invalid exit nodes, be willing to use unstable ones. - Handle TTL values correctly on reverse DNS lookups. - Stop using the reserved ac_cv namespace in our configure script. - Call stat() slightly less often; use fstat() when possible. - Treat failure to parse resolv.conf as an error. - Refactor the way we handle pending circuits when an OR connection completes or fails, in an attempt to fix a rare crash bug. Loading Loading @@ -105,8 +107,10 @@ Changes in version 0.1.2.7-alpha - 2007-??-?? - Add a SOCKS_BAD_HOSTNAME client status event so controllers can learn when clients are sending malformed hostnames to Tor. - Clean up documentation for controller status events. - Add a REMAP status to stream events to note that a stream's address has changed because of a cached address or a MapAddress directive. - Add a REMAP status to stream events to note that a stream's address has changed because of a cached address or a MapAddress directive. Changes in version 0.1.2.6-alpha - 2007-01-09 o Major bugfixes: Loading src/common/crypto.c +1 −1 Original line number Diff line number Diff line Loading @@ -550,7 +550,7 @@ crypto_pk_read_public_key_from_string(crypto_pk_env_t *env, const char *src, return 0; } /** Write the private key from 'env' into the file named by 'fname', /** Write the private key from <b>env</b> into the file named by <b>fname</b>, * PEM-encoded. Return 0 on success, -1 on failure. */ int Loading src/or/circuitlist.c +3 −3 Original line number Diff line number Diff line Loading @@ -676,7 +676,7 @@ circuit_get_by_rend_query_and_purpose(const char *rend_query, uint8_t purpose) } /** Return the first circuit originating here in global_circuitlist after * <b>start</b> whose purpose is <b>purpose</b> is purpose, and where * <b>start</b> whose purpose is <b>purpose</b>, and where * <b>digest</b> (if set) matches the rend_pk_digest field. Return NULL if no * circuit is found. If <b>start</b> is NULL, begin at the start of the list. */ Loading src/or/connection_edge.c +4 −4 Original line number Diff line number Diff line Loading @@ -712,8 +712,8 @@ addressmap_rewrite(char *address, size_t maxlen) } /** If we have a cached reverse DNS entry for the address stored in the * <b>maxlen</b>-byte buffer <b>address</b> (typically, a dotted quad) with * the cached value and return 1. Otherwise return 0. */ * <b>maxlen</b>-byte buffer <b>address</b> (typically, a dotted quad) then * rewrite to the cached value and return 1. Otherwise return 0. */ static int addressmap_rewrite_reverse(char *address, size_t maxlen) { Loading Loading @@ -2021,8 +2021,8 @@ connection_ap_handshake_socks_resolved(edge_connection_t *conn, * * If <b>reply</b> is defined, then write <b>replylen</b> bytes of it to conn * and return, else reply based on <b>endreason</b> (one of * END_STREAM_REASON_*). If <b>reply</b> is undefined, <b>endreason</b> can't 0 * or REASON_DONE. Send endreason to the controller, if appropriate. * END_STREAM_REASON_*). If <b>reply</b> is undefined, <b>endreason</b> can't * be 0 or REASON_DONE. Send endreason to the controller, if appropriate. */ void connection_ap_handshake_socks_reply(edge_connection_t *conn, char *reply, Loading src/or/control.c +9 −9 Original line number Diff line number Diff line Loading @@ -635,10 +635,10 @@ send_control0_event(uint16_t event, uint32_t len, const char *body) * * If <b>which</b> & SHORT_NAMES, the event contains short-format names: send * it to controllers that haven't enabled the VERBOSE_NAMES feature. If * <b>which</b> & LONG_NAMES, the event contains long-format names: sent it * <b>which</b> & LONG_NAMES, the event contains long-format names: send it * to contollers that <em>have</em> enabled VERBOSE_NAMES. * * The EXTENDED_FORMAT and NONEXTENDED_FORMAT flags behaves similarly with * The EXTENDED_FORMAT and NONEXTENDED_FORMAT flags behave similarly with * respect to the EXTENDED_EVENTS feature. */ static void send_control1_event_string(uint16_t event, event_format_t which, Loading Loading @@ -3663,9 +3663,9 @@ control_event_my_descriptor_changed(void) return 0; } /** Helper: sents a status event where <b>type</b> is one of /** Helper: sends a status event where <b>type</b> is one of * EVENT_STATUS_{GENERAL,CLIENT,SERVER}, where <b>severity</b> is one of * LOG_{NOTICE,WARN,ERR}, and where <b>format</b> is a print-style format * LOG_{NOTICE,WARN,ERR}, and where <b>format</b> is a printf-style format * string corresponding to <b>args</b>. */ static int control_event_status(int type, int severity, const char *format, va_list args) Loading Loading @@ -3712,7 +3712,7 @@ control_event_status(int type, int severity, const char *format, va_list args) } /** Format and send an EVENT_STATUS_GENERAL event whose main text is obtained * by formatting the arguments using the printf-style <b>format</b> */ * by formatting the arguments using the printf-style <b>format</b>. */ int control_event_general_status(int severity, const char *format, ...) { Loading @@ -3728,7 +3728,7 @@ control_event_general_status(int severity, const char *format, ...) } /** Format and send an EVENT_STATUS_CLIENT event whose main text is obtained * by formatting the arguments using the printf-style <b>format</b> */ * by formatting the arguments using the printf-style <b>format</b>. */ int control_event_client_status(int severity, const char *format, ...) { Loading @@ -3744,7 +3744,7 @@ control_event_client_status(int severity, const char *format, ...) } /** Format and send an EVENT_STATUS_SERVER event whose main text is obtained * by formatting the arguments using the printf-style <b>format</b> */ * by formatting the arguments using the printf-style <b>format</b>. */ int control_event_server_status(int severity, const char *format, ...) { Loading Loading
ChangeLog +25 −21 Original line number Diff line number Diff line Changes in version 0.1.2.7-alpha - 2007-??-?? Changes in version 0.1.2.7-alpha - 2007-02-06 o Major bugfixes (rate limiting): - Servers decline directory requests much more aggressively when they're low on bandwidth. Otherwise they end up queueing more and more directory responses, which can't be good for latency. - Fix a memory leak when sending a 503 response for a networkstatus request. - But never refuse directory requests from local addresses. - Be willing to read or write on local connections (e.g. controller connections) even when the global rate limiting buckets are empty. Loading @@ -20,15 +22,13 @@ Changes in version 0.1.2.7-alpha - 2007-??-?? existing installed services. o Major bugfixes (other): - Fix a crash bug in the presence of DNS hijacking (reported by Andrew Del Vecchio). - Previously, we would cache up to 16 old networkstatus documents indefinitely, if they came from nontrusted authorities. Now we discard them if they are more than 10 days old. - Fix a crash bug in the presence of DNS hijacking (reported by Andrew Del Vecchio). - Detect and reject malformed DNS responses containing circular pointer loops. - Fix a memory leak when sending a 503 response for a networkstatus request. - If exits are rare enough that we're not marking exits as guards, ignore exit bandwidth when we're deciding the required bandwidth to become a guard. Loading @@ -39,19 +39,9 @@ Changes in version 0.1.2.7-alpha - 2007-??-?? slowdowns in tunneled dir connections; a better solution will have to wait for 0.2.0.) o Minor bugfixes: - When computing clock skew from directory HTTP headers, consider what time it was when we finished asking for the directory, not what time it is now. o Minor bugfixes (dns): - Add some defensive programming to eventdns.c in an attempt to catch possible memory-stomping bugs. - Fix crash with "tor --list-fingerprint" (reported by seeess). - Expire socks connections if they spend too long waiting for the handshake to finish. Previously we would let them sit around for days, if the connecting application didn't close them either. - And if the socks handshake hasn't started, don't send a "DNS resolve socks failed" handshake reply; just close it. - Stop using C functions that OpenBSD's linker doesn't like. - Detect and reject DNS replies containing IPv4 or IPv6 records with an incorrect number of bytes. (Previously, we would ignore the extra bytes.) Loading @@ -59,18 +49,30 @@ Changes in version 0.1.2.7-alpha - 2007-??-?? in the correct order, and doesn't crash. - Free memory held in recently-completed DNS lookup attempts on exit. This was not a memory leak, but may have been hiding memory leaks. - Handle TTL values correctly on reverse DNS lookups. - Treat failure to parse resolv.conf as an error. o Minor bugfixes (other): - Fix crash with "tor --list-fingerprint" (reported by seeess). - When computing clock skew from directory HTTP headers, consider what time it was when we finished asking for the directory, not what time it is now. - Expire socks connections if they spend too long waiting for the handshake to finish. Previously we would let them sit around for days, if the connecting application didn't close them either. - And if the socks handshake hasn't started, don't send a "DNS resolve socks failed" handshake reply; just close it. - Stop using C functions that OpenBSD's linker doesn't like. - Don't launch requests for descriptors unless we have networkstatuses from at least half of the authorities. This delays the first download slightly under pathological circumstances, but can prevent us from downloading a bunch of descriptors we don't need. - Do not log IPs with TLS failures for incoming TLS connections. (Fixes bug 382.) - If the user asks to use invalid exit nodes, be willing to use the - If the user asks to use invalid exit nodes, be willing to use unstable ones. - Handle TTL values correctly on reverse DNS lookups. - Stop using the reserved ac_cv namespace in our configure script. - Call stat() slightly less often; use fstat() when possible. - Treat failure to parse resolv.conf as an error. - Refactor the way we handle pending circuits when an OR connection completes or fails, in an attempt to fix a rare crash bug. Loading Loading @@ -105,8 +107,10 @@ Changes in version 0.1.2.7-alpha - 2007-??-?? - Add a SOCKS_BAD_HOSTNAME client status event so controllers can learn when clients are sending malformed hostnames to Tor. - Clean up documentation for controller status events. - Add a REMAP status to stream events to note that a stream's address has changed because of a cached address or a MapAddress directive. - Add a REMAP status to stream events to note that a stream's address has changed because of a cached address or a MapAddress directive. Changes in version 0.1.2.6-alpha - 2007-01-09 o Major bugfixes: Loading
src/common/crypto.c +1 −1 Original line number Diff line number Diff line Loading @@ -550,7 +550,7 @@ crypto_pk_read_public_key_from_string(crypto_pk_env_t *env, const char *src, return 0; } /** Write the private key from 'env' into the file named by 'fname', /** Write the private key from <b>env</b> into the file named by <b>fname</b>, * PEM-encoded. Return 0 on success, -1 on failure. */ int Loading
src/or/circuitlist.c +3 −3 Original line number Diff line number Diff line Loading @@ -676,7 +676,7 @@ circuit_get_by_rend_query_and_purpose(const char *rend_query, uint8_t purpose) } /** Return the first circuit originating here in global_circuitlist after * <b>start</b> whose purpose is <b>purpose</b> is purpose, and where * <b>start</b> whose purpose is <b>purpose</b>, and where * <b>digest</b> (if set) matches the rend_pk_digest field. Return NULL if no * circuit is found. If <b>start</b> is NULL, begin at the start of the list. */ Loading
src/or/connection_edge.c +4 −4 Original line number Diff line number Diff line Loading @@ -712,8 +712,8 @@ addressmap_rewrite(char *address, size_t maxlen) } /** If we have a cached reverse DNS entry for the address stored in the * <b>maxlen</b>-byte buffer <b>address</b> (typically, a dotted quad) with * the cached value and return 1. Otherwise return 0. */ * <b>maxlen</b>-byte buffer <b>address</b> (typically, a dotted quad) then * rewrite to the cached value and return 1. Otherwise return 0. */ static int addressmap_rewrite_reverse(char *address, size_t maxlen) { Loading Loading @@ -2021,8 +2021,8 @@ connection_ap_handshake_socks_resolved(edge_connection_t *conn, * * If <b>reply</b> is defined, then write <b>replylen</b> bytes of it to conn * and return, else reply based on <b>endreason</b> (one of * END_STREAM_REASON_*). If <b>reply</b> is undefined, <b>endreason</b> can't 0 * or REASON_DONE. Send endreason to the controller, if appropriate. * END_STREAM_REASON_*). If <b>reply</b> is undefined, <b>endreason</b> can't * be 0 or REASON_DONE. Send endreason to the controller, if appropriate. */ void connection_ap_handshake_socks_reply(edge_connection_t *conn, char *reply, Loading
src/or/control.c +9 −9 Original line number Diff line number Diff line Loading @@ -635,10 +635,10 @@ send_control0_event(uint16_t event, uint32_t len, const char *body) * * If <b>which</b> & SHORT_NAMES, the event contains short-format names: send * it to controllers that haven't enabled the VERBOSE_NAMES feature. If * <b>which</b> & LONG_NAMES, the event contains long-format names: sent it * <b>which</b> & LONG_NAMES, the event contains long-format names: send it * to contollers that <em>have</em> enabled VERBOSE_NAMES. * * The EXTENDED_FORMAT and NONEXTENDED_FORMAT flags behaves similarly with * The EXTENDED_FORMAT and NONEXTENDED_FORMAT flags behave similarly with * respect to the EXTENDED_EVENTS feature. */ static void send_control1_event_string(uint16_t event, event_format_t which, Loading Loading @@ -3663,9 +3663,9 @@ control_event_my_descriptor_changed(void) return 0; } /** Helper: sents a status event where <b>type</b> is one of /** Helper: sends a status event where <b>type</b> is one of * EVENT_STATUS_{GENERAL,CLIENT,SERVER}, where <b>severity</b> is one of * LOG_{NOTICE,WARN,ERR}, and where <b>format</b> is a print-style format * LOG_{NOTICE,WARN,ERR}, and where <b>format</b> is a printf-style format * string corresponding to <b>args</b>. */ static int control_event_status(int type, int severity, const char *format, va_list args) Loading Loading @@ -3712,7 +3712,7 @@ control_event_status(int type, int severity, const char *format, va_list args) } /** Format and send an EVENT_STATUS_GENERAL event whose main text is obtained * by formatting the arguments using the printf-style <b>format</b> */ * by formatting the arguments using the printf-style <b>format</b>. */ int control_event_general_status(int severity, const char *format, ...) { Loading @@ -3728,7 +3728,7 @@ control_event_general_status(int severity, const char *format, ...) } /** Format and send an EVENT_STATUS_CLIENT event whose main text is obtained * by formatting the arguments using the printf-style <b>format</b> */ * by formatting the arguments using the printf-style <b>format</b>. */ int control_event_client_status(int severity, const char *format, ...) { Loading @@ -3744,7 +3744,7 @@ control_event_client_status(int severity, const char *format, ...) } /** Format and send an EVENT_STATUS_SERVER event whose main text is obtained * by formatting the arguments using the printf-style <b>format</b> */ * by formatting the arguments using the printf-style <b>format</b>. */ int control_event_server_status(int severity, const char *format, ...) { Loading
