| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
| |
We were freeing these on exit, but when we added the dl_status_map
field to them in fddb814f, we forgot to arrange for it to be freed.
I've moved the cert_list_free() code into its own function, and added
an appropriate dsmap_free() call.
Fixes bug 9644; bugfix on 0.2.4.13-alpha.
|
| | |
|
| |\ |
|
| | |\ |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
we skip onionskins that came from non-relays, so we're less likely to
run into privacy troubles.
starts to implement ticket 9658.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Now we explicitly check for overflow.
This approach seemed smarter than a cascade of "change int to unsigned
int and hope nothing breaks right before the release".
Nick, feel free to fix in a better way, maybe in master.
|
| | | |
| | |
| | |
| | |
| | |
| | | |
with commit c6f1668d we let it grow arbitrarily large.
it can still overflow, but the damage is very small now.
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | | |
Now we consider the TAP cells we'll process while draining the NTor
queue, and vice versa.
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | | |
that way tap won't starve entirely, but we'll still handle ntor requests
quicker.
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Now we prioritize ntor create cells over tap create cells.
Starts to address ticket 9574.
|
| |\| |
| | |
| | |
| | |
| | | |
Conflicts:
src/or/circuitbuild.c
|
| | |\ \ |
|
| | |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This would make us do testing circuits "even when cbt is disabled by
consensus, or when we're a directory authority, or when we've failed
to write cbt history to our state file lately." (Roger's words.)
This is a fix for 9671 and an improvement in our fix for 5049.
The original misbehavior was in 0.2.2.14-alpha; the incomplete
fix was in 0.2.3.17-beta.
|
| |\ \ \ |
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
Fix for bug 9400, spotted by coverity. Bug introduced in revision 2cb4f7a4
(subversion revision r389).
|
| | | | | |
|
| |\ \ \ \
| | |/ /
| |/| |
| | | |
| | | | |
(Using "ours" strategy to avoid taking 9546 fix in 0.2.3; we just
merged our own into 0.2.4)
|
| | |\ \ \ |
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
The spec requires them to do so, and not doing so creates a situation
where they can't send-test because relays won't extend to them because
of the other part of bug 9546.
Fixes bug 9546; bugfix on 0.2.3.6-alpha.
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
(Backport to Tor 0.2.3)
Relays previously, when initiating a connection, would only send a
NETINFO after sending an AUTHENTICATE. But bridges, when receiving a
connection, would never send AUTH_CHALLENGE. So relays wouldn't
AUTHENTICATE, and wouldn't NETINFO, and then bridges would be
surprised to be receiving CREATE cells on a non-open circuit.
Fixes bug 9546.
|
| |\ \ \ \ \ |
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
The spec requires them to do so, and not doing so creates a situation
where they can't send-test because relays won't extend to them because
of the other part of bug 9546.
Fixes bug 9546; bugfix on 0.2.3.6-alpha.
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Relays previously, when initiating a connection, would only send a
NETINFO after sending an AUTHENTICATE. But bridges, when receiving a
connection, would never send AUTH_CHALLENGE. So relays wouldn't
AUTHENTICATE, and wouldn't NETINFO, and then bridges would be
surprised to be receiving CREATE cells on a non-open circuit.
Fixes bug 9546.
|
| |\ \ \ \ \ \ |
|
| | | |_|_|/ /
| |/| | | |
| | | | | |
| | | | | | |
Fix for bug #9366
|
| |\ \ \ \ \ \ |
|
| | | |/ / / /
| |/| | | |
| | | | | |
| | | | | | |
Fix for bug 9543.
|
| |\ \ \ \ \ \
| |/ / / / /
|/| | / / /
| | |/ / /
| |/| | | |
|
| | |\ \ \ \
| | |_|/ /
| |/| | | |
|
| | |/ / /
| | | |
| | | |
| | | | |
Fix for bug 9564; bugfix on 0.2.3.14-alpha.
|
| | | | | |
|
| |\| | | |
|
| | |\ \ \
| | | |/
| | |/| |
|
| | | | | |
|
| | |_|/
|/| |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Fortunately, later checks mean that uninitialized data can't get sent
to the network by this bug. Unfortunately, reading uninitialized heap
*can* (in some cases, with some allocators) cause a crash if you get
unlucky and go off the end of a page.
Found by asn. Bugfix on 0.2.4.1-alpha.
|
| |\ \ \ |
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
Now a user who changes only NumEntryGuards will get the behavior she
expects. Fixes bug 9354; bugfix on 0.2.4.8-alpha.
|
| |/ / / |
|
| |\ \ \ |
|
| |/ / /
| | |
| | |
| | | |
Fixes bug 9337; bugfix on 0.2.4.7-alpha.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When we moved channel_matches_target_addr_for_extend() into a separate
function, its sense was inverted from what one might expect, and we
didn't have a ! in one place where we should have.
Found by skruffy.
|
| | | | |
|
| |\ \ \ |
|