Dan Rosenberg authored 13 years ago and Sebastian Hahn committed 13 years ago

Fixes bug 4410.

anybody who's reading it to decide whether to use it should not be
using it.

Robert Ransom authored 13 years ago and Sebastian Hahn committed 13 years ago

Fix suggested by Nick Mathewson.

Nick Mathewson authored 13 years ago and Roger Dingledine committed 13 years ago

It used to mean "Force": it would tell tor-resolve to ask tor to
resolve an address even if it ended with .onion.  But when
AutomapHostsOnResolve was added, automatically refusing to resolve
.onion hosts stopped making sense.  So in 0.2.1.16-rc (commit
298dc95d), we made tor-resolve happy to resolve anything.

The -F option stayed in, though, even though it didn't do anything.
Oddly, it never got documented.

Found while fixing GCC 4.6 "set, unused variable" warnings.

Roger Dingledine authored 13 years ago and Sebastian Hahn committed 13 years ago

The patch for 3228 made us try to run init_keys() before we had loaded
our state file, resulting in an assert inside init_keys. We had moved
it too early in the function.

Now it's later in the function, but still above the accounting calls.

Nick Mathewson authored 13 years ago and Sebastian Hahn committed 13 years ago

Previously we did this nearer to the end (in the old_options &&
transition_affects_workers() block).  But other stuff cares about
keys being consistent with options... particularly anything which
tries to access a key, which can die in assert_identity_keys_ok().

Fixes bug 3228; bugfix on 0.2.2.18-alpha.

Conflicts:

	src/or/config.c

Robert Ransom authored 14 years ago and Sebastian Hahn committed 13 years ago

Fixes bug 2572.

When we added support for separate client tls certs on bridges in
a2bb0bfd we forgot to correctly initialize this when changing
from relay to bridge or vice versa while Tor is running. Fix that
by always initializing keys when the state changes.

Fixes bug 2433.

Conflicts:

	src/or/config.c

Nick Mathewson authored 14 years ago and Sebastian Hahn committed 13 years ago

We use a hash of the identity key to seed a prng to tell when an
accounting period should end.  But thanks to the bug998 changes,
clients no longer have server-identity keys to use as a long-term seed
in accounting calculations.  In any case, their identity keys (as used
in TLS) were never never fixed.  So we can just set the wakeup time
from a random seed instead there.  Still open is whether everybody
should be random.

This patch fixes bug 2235, which was introduced in 0.2.2.18-alpha.

Diagnosed with help from boboper on irc.

In a2bb0bfd we started using a separate client identity key. When we are
in "public server mode" (that means not a bridge) we will use the same
key. Reusing the key without doing the proper refcounting leads to a
segfault on cleanup during shutdown. Fix that.

Also introduce an assert that triggers if our refcount falls below 0.
That should never happen.

Nick Mathewson authored 14 years ago and Sebastian Hahn committed 13 years ago

We now require that:
  - Only actual servers should ever call get_server_identity_key
  - If you're being a client or bridge, the client and server keys should
    differ.
  - If you're being a public relay, the client and server keys
    should be the same.

Robert Ransom authored 14 years ago and Sebastian Hahn committed 13 years ago

Fixes a bug described in ticket #988.

Conflicts:

	src/or/main.c
	src/or/router.c

Robert Ransom authored 14 years ago and Sebastian Hahn committed 13 years ago

Fixes bug #988.

Conflicts:

	src/or/main.c
	src/or/router.c