Nick Mathewson [Sun, 28 Oct 2007 23:44:53 +0000 (23:44 +0000)]
r16246@catbus: nickm | 2007-10-28 19:34:58 -0400
Implement a FallbackNetworkstatusFile (default to $prefix/share/tor/fallback-consensus) to that we know about lots of directory servers and routers when we start up the first time.
Nick Mathewson [Sun, 28 Oct 2007 20:30:21 +0000 (20:30 +0000)]
r16242@catbus: nickm | 2007-10-28 16:28:13 -0400
Implement if-modified-since for consensus networkstatuses so that we do not download duplicates needlessly.
Roger Dingledine [Sun, 28 Oct 2007 08:16:19 +0000 (08:16 +0000)]
Separate "SOCKS_COMMAND_CONNECT_DIR" into two flags in
edge_connection_t: want_onehop if it must attach to a circuit with
only one hop (e.g. for the current tunnelled connections that use
begin_dir), and use_begindir if we mean to use a BEGIN_DIR relay
command to establish the stream rather than the normal BEGIN. Now
we can make anonymized begin_dir connections for (e.g.) more secure
hidden service posting and fetching.
Nick Mathewson [Fri, 26 Oct 2007 22:50:40 +0000 (22:50 +0000)]
r16194@catbus: nickm | 2007-10-26 18:37:02 -0400
Keep circuitless TLS connections open for 1.5 x MaxCircuitDirtiness: this ensures that we don't thrash closing and repoening connections to our guards.
Nick Mathewson [Thu, 25 Oct 2007 03:41:30 +0000 (03:41 +0000)]
r16136@catbus: nickm | 2007-10-24 23:40:15 -0400
Proposal 103 is closed too: it has been implemented and merged into dir-spec. Proposal 111 is "finished": it has been implemented, but still needs to be merged into the spec.
Nick Mathewson [Wed, 24 Oct 2007 19:53:11 +0000 (19:53 +0000)]
r16112@catbus: nickm | 2007-10-24 15:52:03 -0400
Fix logic for downloading consensuses: make getting an duplicate or not-currently-valid consensus count as a failure. Make running out of time to get certificates count as a failure. Delay while fetching certificates.
Nick Mathewson [Wed, 24 Oct 2007 19:53:08 +0000 (19:53 +0000)]
r16111@catbus: nickm | 2007-10-24 15:03:57 -0400
Allow multiple download schedules to exist. At the moment, we use one for consensus, and the other one for everything else.
Nick Mathewson [Wed, 24 Oct 2007 18:42:16 +0000 (18:42 +0000)]
r16108@catbus: nickm | 2007-10-24 14:41:12 -0400
Refactor the arguments for router_pick_{directory_|trusteddir}server[_impl] so that they all take the same flags, and so that their flags have names. Fix their documentation too.
Nick Mathewson [Wed, 24 Oct 2007 15:45:45 +0000 (15:45 +0000)]
r16101@catbus: nickm | 2007-10-24 11:44:40 -0400
Detect mmap failures from empty descriptor files, and only warn if the file was not supposed to be empty. Fixes bug 533
Roger Dingledine [Wed, 24 Oct 2007 03:34:03 +0000 (03:34 +0000)]
Authorities no longer send back "400 you're unreachable please fix
it" errors to Tor servers that aren't online all the time. We're
supposed to tolerate these servers now.
Roger Dingledine [Tue, 23 Oct 2007 15:44:13 +0000 (15:44 +0000)]
Don't complain that "your server has not managed to confirm that its
ports are reachable" if we haven't been able to build any circuits
yet. Bug found by spending four hours without a v3 consensus.
Roger Dingledine [Tue, 23 Oct 2007 06:38:16 +0000 (06:38 +0000)]
When there's no concensus, we were forming a vote every 30
minutes, but writing the "valid-after" line in our vote based
on our configured V3AuthVotingInterval: so unless the intervals
matched up, we immediately rejected our own vote because it didn't
start at the voting interval that caused us to construct a vote.
This caused log entries like:
Oct 23 01:16:16.303 [notice] Choosing expected valid-after time
as 2007-10-23 05:30:00: consensus_set=0, interval=1800
...
Oct 23 01:20:01.203 [notice] Choosing valid-after time in vote as
2007-10-23 06:00:00: consensus_set=0, interval=3600
Oct 23 01:20:01.290 [warn] Rejecting vote with valid-after time of
2007-10-23 06:00:00; we were expecting 2007-10-23 05:30:00
Oct 23 01:20:01.291 [warn] Couldn't store my own vote! (I told
myself, 'Bad valid-after time'.)
Nick, you should look at this, as it's your design. :)
Nick Mathewson [Tue, 23 Oct 2007 00:23:33 +0000 (00:23 +0000)]
r16054@catbus: nickm | 2007-10-22 20:22:13 -0400
Make authorities start accepting (and advertising their acceptance of) consensus method 2. If all goes well, we'll have a working Unnamed flag. Otherwise, we'll have a fun backtrace.
Nick Mathewson [Tue, 23 Oct 2007 00:23:32 +0000 (00:23 +0000)]
r16053@catbus: nickm | 2007-10-22 20:20:23 -0400
Note that consensus-method is not a means for making backward-incompatible format changes. Because any point that confuses Roger will *definitely* confuse many non-Roger readers of dir-spec.txt ;)
Nick Mathewson [Mon, 22 Oct 2007 17:31:26 +0000 (17:31 +0000)]
r16042@catbus: nickm | 2007-10-22 13:30:49 -0400
Move functions into and out of dirvote.c so that it contains all the v3 authority functionality, and no non-authority functionality.
Nick Mathewson [Mon, 22 Oct 2007 16:32:04 +0000 (16:32 +0000)]
r16032@catbus: nickm | 2007-10-22 11:56:53 -0400
When our directory status or our v3 authority status changes, reschedule operations as appropriate. (Fixes some xxxx020 items)
Nick Mathewson [Mon, 22 Oct 2007 16:32:01 +0000 (16:32 +0000)]
r16031@catbus: nickm | 2007-10-22 11:45:00 -0400
Remove an unused and unneeded layer of abstraction: we only have one store for routers. (I had thought we might need a second one for annotated routers, but that's silly.
Nick Mathewson [Mon, 22 Oct 2007 00:44:42 +0000 (00:44 +0000)]
r16016@catbus: nickm | 2007-10-21 20:44:19 -0400
Check a platform assumption we have made without checking for too long: "Characters are represented in ascii."
Nick Mathewson [Mon, 22 Oct 2007 00:26:02 +0000 (00:26 +0000)]
r15997@catbus: nickm | 2007-10-21 20:25:40 -0400
New code (disabled for now) to use the SSL context's cert store instead of using its "extra chain cert" list to get our identity certificate sent. This is a little close to what OpenSSL expects people to do, and it has the advantage that we should be able to keep the id cert from being sent by setting the NO_CHAIN_CERT bit. I have tried turning new code on, and it seemed to work fine.
projects / thirdparty / tor.git / log
