Peter Palfrader [Sat, 17 Dec 2011 10:22:31 +0000 (11:22 +0100)]
test_util_spawn_background_ok: fix expectation
test_util_spawn_background_ok() hardcoded the expected value
for ENOENT to 2. This isn't portable as error numbers are
platform specific, and particularly the hurd has ENOENT at
0x40000002.
Construct expected string at runtime, using the correct value
for ENOENT (closes: #4733).
Sebastian Hahn [Mon, 12 Dec 2011 14:36:08 +0000 (15:36 +0100)]
Build with warnings and clang 3.0
--enable-gcc-warnings enables two warnings that clang doesn't support,
so the build fails. We had hoped clang 3.0 would add those, but it
didn't, so let's just always disable those warnings when building with
clang. We can still fix it later once they add support
Robert Ransom [Mon, 12 Dec 2011 19:25:55 +0000 (11:25 -0800)]
Don't crash on startup of a dormant relay
If a relay is dormant at startup, it will call init_keys before
crypto_set_tls_dh_prime. This is bad. Let's make it not so bad, because
someday it *will* happen again.
Robert Ransom [Wed, 7 Dec 2011 03:24:55 +0000 (19:24 -0800)]
Remove comment complaining that we try to attach all streams to circs
It's inefficient, but the more efficient solution (only try to attach
streams aiming for this HS) would require far more complexity for a gain
that should be tiny.
Nick Mathewson [Fri, 2 Dec 2011 21:17:52 +0000 (16:17 -0500)]
Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
src/or/connection_or.c
The conflict in src/or/connection_or.c is resolved by taking the
version in master, since e27a26d5 already fixed bug 4531 on master.
This merge just adds the changes file from 0.2.2.
Robert Ransom [Tue, 31 May 2011 14:05:40 +0000 (07:05 -0700)]
Don't allow tor2web-mode Tors to connect to non-HS addresses
The client's anonymity when accessing a non-HS address in tor2web-mode
would be easily nuked by inserting an inline image with a .onion URL, so
don't even pretend to access non-HS addresses through Tor.
Robert Ransom [Thu, 24 Nov 2011 00:58:15 +0000 (16:58 -0800)]
Add a compile-time #define to control whether Tor runs in 'tor2web mode'
The Tor2webMode torrc option is still required to run a Tor client in
'tor2web mode', but now it can't be turned on at runtime in a normal build
of Tor. (And a tor2web build of Tor can't be used as a normal Tor client,
so we don't have to worry as much about someone distributing packages with
this particular pistol accessible to normal users.)
Steven Murdoch [Wed, 30 Nov 2011 19:37:17 +0000 (19:37 +0000)]
Support NAT-PMP on Windows
- Link in libws32 and libiphlpapi, needed for libnatpmp (both in
./configure and when compiling tor-fw-helper-natpmp.c)
- Define STATICLIB under Windows, to allow tor-fw-helper-natpmp.c to link
- Don't include arpa/inet.h which isn't present in Mingw32 and doesn't
appear to be needed on either Windows or MacOS X
Nick Mathewson [Wed, 30 Nov 2011 19:02:58 +0000 (14:02 -0500)]
Tweak addressmap_rewrite a little more
This resolves a loop warning on "MapAddress *.example.com
example.com", makes the rewrite log messages correct, and fixes the
behavior of "MapAddress *.a *.b" when just given "a" as an input.
Nick Mathewson [Sat, 26 Nov 2011 01:13:55 +0000 (20:13 -0500)]
Fix an issue in my mapaddress domains code spotted by arma
MapAddress *.torproject.org torproject.org would have been interpreted
as a map from a domain to itself, and would have cleared the mapping.
Now we require not only a match of domains, but of wildcards.
Nick Mathewson [Sat, 26 Nov 2011 00:46:11 +0000 (19:46 -0500)]
Add some post-comma spaces to please arma
Incidentally, we've got 30969 lines in master with a comma
in them, of which 1995 have a comma followed by a non-newline,
non-space character. So about 93% of our commas are right,
but we have a substantial number of "crowded" lines.
Nick Mathewson [Thu, 8 Sep 2011 16:19:27 +0000 (12:19 -0400)]
Revise MapAddress manpage
make the asciidoc work; make the example more generic; tighten the
prose a little; be more specific that *.example.com matches
example.com; simplify an example.
Nick Mathewson [Thu, 8 Sep 2011 16:04:34 +0000 (12:04 -0400)]
Forbid remapping of *
It might be nice to support this someday, but for now it would fail
with an infinite remap cycle. (If I say "remap * *.foo.exit",
then example.com ->
example.com.foo.exit ->
example.com.foo.exit.foo.exit ->
example.com.foo.exit.foo.exit.foo.exit -> ...)
Nick Mathewson [Thu, 8 Sep 2011 15:54:24 +0000 (11:54 -0400)]
Refactor addressmap_match_superdomains and representation of wildcards
In this new representation for wildcarded addresses, there are no
longer any 'magic addresses': rather, "a.b c.d", "*.a.b c.d" and
"*.a.b *.c.d" are all represented by a mapping from "a.b" to "c.d". we
now distinguish them by setting bits in the addressmap_entry_t
structure, where src_wildcard is set if the source address had a
wildcard, and dst_wildcard is set if the target address had a
wildcard.
This lets the case where "*.a.b *.c.d" or "*.a.b c.d" remap the
address "a.b" get handled trivially, and lets us simplify and improve
the addressmap_match_superdomains implementation: we can now have it
run in O(parts of address) rather than O(entries in addressmap).
projects / thirdparty / tor.git / log
