aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Fix a remotely triggerable assertion failure (CVE-2012-2250)Nick Mathewson2012-10-23
| | | | | | | | | | | | | If we completed the handshake for the v2 link protocol but wound up negotiating the wong protocol version, we'd become so confused about what part of the handshake we were in that we'd promptly die with an assertion. This is a fix for CVE-2012-2250; it's a bugfix on 0.2.3.6-alpha. All servers running that version or later should really upgrade. Bug and fix from "some guy from France." I tweaked his code slightly to make it log the IP of the offending node.
* Make unit test for bug7191 work with new smartlist_new() nameNick Mathewson2012-10-23
|
* Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3Nick Mathewson2012-10-23
|\
| * Add some unit tests for smartlist_bsearch_idx() on short listsAndrea Shepard2012-10-23
| | | | | | | | | | Conflicts: src/test/test_containers.c
| * Add a changes file for bug 7191.Nick Mathewson2012-10-23
| |
| * Fix binary search on lists of 0 or 1 element.Nick Mathewson2012-10-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The implementation we added has a tendency to crash with lists of 0 or one element. That can happen if we get a consensus vote, v2 consensus, consensus, or geoip file with 0 or 1 element. There's a DOS opportunity there that authorities could exploit against one another, and which an evil v2 authority could exploit against anything downloading v2 directory information.. This fix is minimalistic: It just adds a special-case for 0- and 1-element lists. For 0.2.4 (the current alpha series) we'll want a better patch. This is bug 7191; it's a fix on 0.2.0.10-alpha.
* | Let 0.2.3 clients exit to internal addresses if they wantRoger Dingledine2012-10-23
| | | | | | | | | | | | | | Clients now consider the ClientRejectInternalAddresses config option when using a microdescriptor consensus stanza to decide whether an exit relay would allow exiting to an internal address. Fixes bug 7190; bugfix on 0.2.3.1-alpha.
* | Fix parse_short_policy (bug 7192.)Nick Mathewson2012-10-23
| | | | | | | | | | | | | | | | | | | | | | Our implementation of parse_short_policy was screwed up: it would ignore the last character of every short policy. Obviously, that's broken. This patch fixes the busted behavior, and adds a bunch of unit tests to make sure the rest of that function is okay. Fixes bug 7192; fix on 0.2.3.1-alpha.
* | add a unit test to expose bug 7192Roger Dingledine2012-10-22
| |
* | Merge branch 'block_renegotiate_023' into maint-0.2.3Nick Mathewson2012-10-19
|\ \
| * | Discard extraneous renegotiation attempts in the v3 link protocolNick Mathewson2012-10-17
| | | | | | | | | | | | | | | | | | Failure to do so left us open to a remotely triggerable assertion failure. Fixes CVE-2012-2249; bugfix on 0.2.3.6-alpha. Reported by "some guy from France".
* | | Merge branch 'bug7149' into maint-0.2.3Nick Mathewson2012-10-19
|\ \ \
| * | | Don't serve or accept v2 HS descs over a DirPortRobert Ransom2012-10-19
|/ / / | | | | | | | | | (changes file tweaked by nickm)
* | | Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3Nick Mathewson2012-10-19
|\ \ \ | |/ / |/| / | |/
| * Disable TLS Session Tickets, which we were apparently getting for freeNick Mathewson2012-10-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | OpenSSL 1.0.0 added an implementation of TLS session tickets, a "feature" that let session resumption occur without server-side state by giving clients an encrypted "ticket" that the client could present later to get the session going again with the same keys as before. OpenSSL was giving the keys to decrypt these tickets the lifetime of the SSL contexts, which would have been terrible for PFS if we had long-lived SSL contexts. Fortunately, we don't. Still, it's pretty bad. We should also drop these, since our use of the extension stands out with our non-use of session cacheing. Found by nextgens. Bugfix on all versions of Tor when built with openssl 1.0.0 or later. Fixes bug 7139.
* | Merge branch 'bug7014_023_squashed' into maint-0.2.3Nick Mathewson2012-10-09
|\ \
| * | Don't call fmt_addr() twice in a parameter list.George Kadianakis2012-10-09
|/ /
* | Merge remote-tracking branch 'arma/bug7037' into maint-0.2.3Nick Mathewson2012-10-04
|\ \
| * | Refuse extra create cells with reason "resource limit"Roger Dingledine2012-10-03
| | | | | | | | | | | | | | | In the past we had used reason "internal", which is more vague than it needs to be. Resolves bug 7037.
* | | properly free the return values of rate_limit_log()Roger Dingledine2012-10-03
|/ / | | | | | | resolves bug 7022.
* | add faravahar as our ninth v3 dir authRoger Dingledine2012-09-22
| |
* | Clarify that hidden services are TCP onlyNick Mathewson2012-09-19
| | | | | | | | | | | | Also remove some trailing whitespace. Patch from maker; fixes bug 6024.
* | Whitespace fixesNick Mathewson2012-09-18
| |
* | Bug 6866: Convert pathbias asserts into log messages.Mike Perry2012-09-17
| | | | | | | | Asserts were hit by Tor2Web mode.
* | Use file-size-fixup code on cygwin too.Nick Mathewson2012-09-14
| | | | | | | | | | | | | | | | | | We already had code on windows to fix our file sizes when we're reading a file in text mode and its size doesn't match the size from fstat. But that code was only enabled when _WIN32 was defined, and Cygwin defines __CYGWIN__ instead. Fixes bug 6844; bugfix on 0.1.2.7-alpha.
* | Fix man page typoRobert Ransom2012-09-13
| |
* | mention the bug number in the 6827 changes fileNick Mathewson2012-09-13
| |
* | Avoid undefined behaviour when parsing HS protocol versionsRobert Ransom2012-09-13
| | | | | | | | | | | | | | Fixes bug 6827; bugfix on c58675ca728f12b42f65e5b8964ae695c2e0ec2d (when the v2 HS desc parser was implemented). Found by asn.
* | Revert "6819: typo in torrc.sample.in"Nick Mathewson2012-09-12
| | | | | | | | | | | | | | | | This reverts commit 4aff97cfc7965414ad8506ce28a296da1bc4a161. We don't actually want to be changing the torrc.sample on stable or near-stable stuff, since doing so makes pointless busywork for debian users.
* | Merge remote-tracking branch 'public/bug6341_a_v2' into maint-0.2.3Nick Mathewson2012-09-12
|\ \
| * | Check ewma_enabled before doing circ-has-become-inactive checkNick Mathewson2012-07-18
| | | | | | | | | | | | | | | | | | | | | | | | This avoids a possible crash bug in flush_from_first_active_circuit. Fixes bug 6341; bugfix on 0.2.2.7-alpha. Bug reported and fixed by a pseudonymous user on IRC.
* | | 6819: typo in torrc.sample.inNick Mathewson2012-09-12
| | |
* | | Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3Nick Mathewson2012-09-11
|\ \ \ | | |/ | |/| | | | | | | Conflicts: src/test/test_util.c
| * | Merge branch 'timegm_assert_v3_squashed' into maint-0.2.2Nick Mathewson2012-09-11
| |\ \
| | * | Fix assertion failure in tor_timegm.Nick Mathewson2012-09-11
| |/ / | | | | | | | | | Fixes bug 6811.
* | | Avoid segfault when reading state file from ancient torNick Mathewson2012-09-10
| | | | | | | | | | | | | | | | | | | | | If s_values is null in rep_hist_load_bwhist_state_section, we would call smartlist_len() on it, and die. Fixes bug 6801.
* | | Update the minimum bandwidth for a public relayRoger Dingledine2012-09-05
| | | | | | | | | | | | | | | The current cutoff is 30KB, but in reality a useful cutoff is probably more like 50KB or 100KB.
* | | Avoid segfault if EntryGuardPathBias precedes EntryGuardNick Mathewson2012-09-05
| | | | | | | | | | | | Fix for bug 6774; bugfix on 0.2.3.17-beta.
* | | Merge remote-tracking branch 'arma/bug6743' into maint-0.2.3Nick Mathewson2012-09-04
|\ \ \
| * | | Make begindir_cutoff the same as general_cutoffRoger Dingledine2012-09-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Allow one-hop directory fetching circuits the full "circuit build timeout" period, rather than just half of it, before failing them and marking the relay down. This fix should help reduce cases where clients declare relays (or worse, bridges) unreachable because the TLS handshake takes a few seconds to complete. Fixes bug 6743 (one piece of bug 3443); bugfix on 0.2.2.2-alpha, where we changed the timeout from a static 30 seconds.
* | | | fix whitespace and trivial typoRoger Dingledine2012-09-03
|/ / /
* | | Merge branch 'bug6732' into maint-0.2.3Nick Mathewson2012-08-31
|\ \ \
| * | | Document consensus and microdesc filesNick Mathewson2012-08-31
| | | | | | | | | | | | | | | | Bugfix for #6732.
* | | | Quiet "Set buildtimeout to low val" warnings: make them infoNick Mathewson2012-08-27
| | | | | | | | | | | | | | | | Fix for #6251
* | | | Merge branch 'disable_pathbias_warnings_v2' into maint-0.2.3Nick Mathewson2012-08-27
|\ \ \ \
| * | | | Downgrade path-bias warning messages to INFO for now.Nick Mathewson2012-08-27
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | We've had over two months to fix them, and didn't. Now we need 0.2.3.x stable. Yes, it would be cool to get this working in 0.2.3.x, but not at the expense of delaying every other feature that _does_ work in 0.2.3.x. We can do a real fix in 0.2.4.
* | | | Merge branch 'bug6710_023' into maint-0.2.3Nick Mathewson2012-08-27
|\ \ \ \
| * | | | Fix changes file for 6710: before 0.0.8pre1, you couldn't extend toNick Mathewson2012-08-27
| | | | | | | | | | | | | | | | | | | | a router that another router wasn't already connected to.
| * | | | Disable extending to private/internal addresses by defaultNick Mathewson2012-08-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is important, since otherwise an attacker can use timing info to probe the internal network. Also, add an option (ExtendAllowPrivateAddresses) so that TestingTorNetwork won't break. Fix for bug 6710; bugfix on all released versions of Tor.
* | | | | Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3Nick Mathewson2012-08-27
|\ \ \ \ \ | |/ / / / |/| | / / | | |/ / | |/| | Conflicts: src/or/policies.c
generated by cgit v1.2.3 (git 2.25.4) at 2024-07-09 04:31:17 +0000