| Commit message (Collapse) | Author | Age |
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
To fix #6033, we disabled TLS 1.1 and 1.2. Eventually, OpenSSL fixed
the bug behind #6033.
I've considered alternate implementations that do more testing to see
if there's secretly an OpenSSL 1.0.1c or something that secretly has a
backport of the OpenSSL 1.0.1e fix, and decided against it on the
grounds of complexity.
|
|\| |
|
| | |
|
| |
| |
| |
| | |
Makes mingw64 a bit happier.
|
|\| |
|
| | |
|
|\| |
|
| |
| |
| |
| |
| |
| | |
This avoids skew warnings as authorities test reachability.
Fix 9798; fix not on any released Tor.
|
|\| |
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
this was causing directory authorities to send a time of 0 on all
connections they generated themselves, which means everybody reachability
test caused a time skew warning in the log for that relay.
(i didn't just revert, because the changes file has been modified by
other later commits.)
|
|\| |
|
| |\ |
|
| | | |
|
| | |
| | |
| | |
| | |
| | | |
Implements part of proposal 222. We can do this safely, since
REND_CACHE_MAX_SKEW is 24 hours.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This isn't actually much of an issue, since only relays send
AUTHENTICATE cells, but while we're removing timestamps, we might as
well do this too.
Part of proposal 222. I didn't take the approach in the proposal of
using a time-based HMAC, since that was a bad-prng-mitigation hack
from SSL3, and in real life, if you don't have a good RNG, you're
hopeless as a Tor server.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
For now, round down to the nearest 10 minutes. Later, eliminate entirely by
setting a consensus parameter.
(This rounding is safe because, in 0.2.2, where the timestamp mattered,
REND_REPLAY_TIME_INTERVAL was a nice generous 60 minutes.)
|
| |/
| |
| |
| | |
Implements part of proposal 222.
|
| | |
|
| |
| |
| |
| |
| |
| |
| | |
a9910d89 added trickery to make us work with interned strings and
seccomp; it requires libevent 2.
Fix for 9785; bug not in any released tor.
|
|\ \ |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Fall back to SOMAXCONN if INT_MAX doesn't work.
We'd like to do this because the actual maximum is overrideable by the
kernel, and the value in the header file might not be right at all.
All implementations I can find out about claim that this is supported.
Fix for 9716; bugfix on every Tor.
|
| | |
| | |
| | |
| | |
| | | |
I broke this when I added separate test-mode support by having
the benchmarks get built with TEST_CFLAGS.
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
tor_malloc returns void *; in C, it is not necessary to cast a
void* to another pointer type before assigning it.
tor_malloc fails with an error rather than returning NULL; it's not
necessary to check its output. (In one case, doing so annoyed Coverity.)
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Whenever we had an non-option commandline arguments *and*
option-bearing commandline arguments on the commandline, we would save
only the latter across invocations of options_init_from_torrc, but
take their existence as license not to re-parse the former. Yuck!
Incidentally, this fix lets us throw away the backup_arg[gv] logic.
Fix for bug 9746; bugfix on d98dfb3746790448b0dcff2aa9a00e5e2602688a,
not in any released Tor. Found by Damian. Thanks, Damian!
|
|\ \ \ |
|
| | | | |
|
|\ \ \ \
| | |_|/
| |/| | |
|
| |\ \ \ |
|
| | |\ \ \ |
|
| | | | | | |
|
| | | | | | |
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Bugfix on 1293835440dd4debf6fbfc66e755d9b9384aa362, which implemented
6752: Not in any released tor.
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Conflicts:
src/or/config.c
src/or/main.c
|
| | | | | | | |
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
of libevent, openssl and zlib. Partially implements #6384.
|
| | | | | | | |
|
|\ \ \ \ \ \ \ |
|
| | | | | | | | |
|
| | | | | | | | |
|
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
This just goes to show: never cast a function pointer. Found while
testing new command line parse logic.
Bugfix on 1293835440dd4debf6fbfc66e755d9b9384aa362, which implemented
6752: Not in any released tor.
|
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
And have these various commandline options imply "hush", not "quiet",
since we like to see warnings.
|
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
(incomplete)
|
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Fixes bug 9573.
Bugfix on 59453ac6e in 0.0.9pre5, which fixed a crash in a silly way.
|
| | | | | | | | |
|
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
These were previously allowed only in the initial position:
--help, -h , --version, --digests, --list-torrc-options
|
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Fix for bug 9578.
|
| |/ / / / / / |
|
|\ \ \ \ \ \ \
| |_|_|_|_|/ /
|/| | | | | |
| | | | | | |
| | | | | | | |
Conflicts:
src/common/sandbox.c
|