aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Disable logging to control port connections in buf_shrink_freelists.Robert Ransom2010-11-12
| | | | | If buf_shrink_freelists calls log_warn for some reason, we don't want the log call itself to throw buf_shrink_freelists further off the rails.
* Move the original log_info call out of the core of buf_shrink_freelists.Robert Ransom2010-11-12
| | | | | | | | Sending a log message to a control port can cause Tor to allocate a buffer, thereby changing the length of the freelist behind buf_shrink_freelists's back, thereby causing an assertion to fail. Fixes bug #1125.
* let unpublished bridges learn their ip address tooRoger Dingledine2010-11-11
|
* Enforce multiplicity rules when parsing annotations.Nick Mathewson2010-11-10
| | | | | | | | | We would never actually enforce multiplicity rules when parsing annotations, since the counts array never got entries added to it for annotations in the token list that got added by earlier calls to tokenize_string. Found by piebeer.
* Fix a bug where seting allow_annotations==0 only ignores annotations, but ↵Nick Mathewson2010-11-10
| | | | does not block them
* Update to the October 1 2010 Maxmind GeoLite Country database.Karsten Loesing2010-10-04
|
* actually retry bridges when your network goes awayRoger Dingledine2010-09-28
|
* Merge remote branch 'karsten/geoip-sep2010' into maint-0.2.1Nick Mathewson2010-09-08
|\
| * Update to the September 1 2010 Maxmind GeoLite Country database.Karsten Loesing2010-09-08
| |
* | Remove a needless keep_open_until_flushedNick Mathewson2010-09-08
| |
* | Close a non-open OR connection *only* after KeepalivePeriod.Nick Mathewson2010-09-03
|/ | | | | | | | | | | | | | | | | | | | When we introduced the code to close non-open OR connections after KeepalivePeriod had passed, we replaced some code that said if (!connection_is_open(conn)) { /* let it keep handshaking forever */ } else if (do other tests here) { ... with new code that said if (!connection_is_open(conn) && past_keepalive) { /* let it keep handshaking forever */ } else if (do other tests here) { ... This was a mistake, since it made all the other tests start applying to non-open connections, thus causing bug 1840, where non-open connections get closed way early. Fixes bug 1840. Bugfix on 0.2.1.26 (commit 67b38d50).
* Use -Wno-system-headers on openbsd to resolve 2nd case of bug1848Nick Mathewson2010-08-26
|
* Backport END_STREAM_REASON_NOROUTE for client use.Sebastian Hahn2010-08-18
| | | | (Partial backport of 150ed553dfce9, 161b275028e90, and 4c948ffd6.)
* Merge branch 'bug1141_v3' into maint-0.2.1Nick Mathewson2010-08-17
|\
| * Scale CONSENSUS_MIN_SECONDS_BEFORE_CACHING by voting intervalNick Mathewson2010-08-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | If the voting interval was short enough, the two-minutes delay of CONSENSUS_MIN_SECONDS_BEFORE_CACHING would confuse bridges to the point where they would assert before downloading a consensus. It it was even shorter (<4 minutes, I think), caches would assert too. This patch fixes that by having replacing the two-minutes value with MIN(2 minutes, interval/16). Bugfix for 1141; the cache bug could occur since 0.2.0.8-alpha, so I'm calling this a bugfix on that. Robert Hogan diagnosed this. Done as a patch against maint-0.2.1, since it makes it hard to run some kinds of testing networks.
* | Remove the debian directory from the main git repositoryNick Mathewson2010-08-04
| | | | | | | | | | | | | | | | | | | | | | | | Once upon a time it made sense to keep all the Debian files in the main Tor distribution, since repeatedly merging them back in was hard. Now that we're on git, that's no longer so. Peter's debian repository at debian/tor.git on our git server has the most recent version of the tor-on-debian packaging stuff, and the versions in our own repository have gotten out of date. Resolves bug #1735.
* | Update to the August 1 2010 Maxmind GeoLite Country database.Karsten Loesing2010-08-03
|/
* remove old changes that were folded into 0.2.1.26Roger Dingledine2010-06-13
|
* Add maatuska as eighth v3 directory authority.Karsten Loesing2010-06-11
|
* add changes file for geoip db updateNick Mathewson2010-06-07
|
* Update to June 1 2010 Maxmind GeoLite Country database.Karsten Loesing2010-06-07
|
* move to maxmind geoip dbRoger Dingledine2010-05-06
|
* release notes entry for 0.2.1.26Roger Dingledine2010-05-05
|
* windows packaging cleanups from phobosRoger Dingledine2010-04-23
|
* close idle tls conns earlyRoger Dingledine2010-04-23
|
* finally get rid of "clique mode"Roger Dingledine2010-04-23
|
* close idle dir-fetch circs earlyRoger Dingledine2010-04-23
|
* Fix renegotiation on OpenSSL versions that backport RFC5746.Nick Mathewson2010-04-13
| | | | | | | | | | | | | | | | | | | | | Our code assumed that any version of OpenSSL before 0.9.8l could not possibly require SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION. This is so... except that many vendors have backported the flag from later versions of openssl when they backported the RFC5476 renegotiation feature. The new behavior is particularly annoying to detect. Previously, leaving SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION unset meant that clients would fail to renegotiate. People noticed that one fast! Now, OpenSSL's RFC5476 support means that clients will happily talk to any servers there are, but servers won't accept renegotiation requests from unpatched clients unless SSL_OP_ALLOW_etc is set. More fun: servers send back a "no renegotiation for you!" error, which unpatched clients respond to by stalling, and generally producing no useful error message. This might not be _the_ cause of bug 1346, but it is quite likely _a_ cause for bug 1346.
* testsuite: Prevent the main thread from starving the worker threadsPeter Palfrader2010-04-12
|
* testsuite: Only free the main mutex when and if all the worker threads are donePeter Palfrader2010-04-12
|
* fetch relay descriptors from v3 authoritiesRoger Dingledine2010-04-03
|
* give us a blurb; add stanza to the releasenotesRoger Dingledine2010-03-16
|
* bump to 0.2.1.25Roger Dingledine2010-03-15
| | | | it's perfect, let's ship it
* clean up the 0.2.1.25 changelogRoger Dingledine2010-03-06
|
* Apply Roger's bug 1269 fix.Nick Mathewson2010-03-04
| | | | | | | | | | | | | From http://archives.seul.org/tor/relays/Mar-2010/msg00006.html : As I understand it, the bug should show up on relays that don't set Address to an IP address (so they need to resolve their Address line or their hostname to guess their IP address), and their hostname or Address line fails to resolve -- at that point they'll pick a random 4 bytes out of memory and call that their address. At the same time, relays that *do* successfully resolve their address will ignore the result, and only come up with a useful address if their interface address happens to be a public IP address.
* Backport fix for time-goes-forward test. Fix bug 1267Nick Mathewson2010-03-02
|
* Update Tor Project copyright yearsNick Mathewson2010-02-27
|
* Properly handle non-terminated stringsSebastian Hahn2010-02-27
| | | | | | | | Treat strings returned from signed_descriptor_get_body_impl() as not NUL-terminated. Since the length of the strings is available, this is not a big problem. Discovered by rieo.
* Proper NULL checking in circuit_list_path_impl()Sebastian Hahn2010-02-26
| | | | | | | Another dereference-then-NULL-check sequence. No reports of this bug triggered in the wild. Fixes bugreport 1256. Thanks to ekir for discovering and reporting this bug.
* Proper NULL checking for hsdesc publicationSebastian Hahn2010-02-26
| | | | | | | | | Fix a dereference-then-NULL-check sequence. This bug wasn't triggered in the wild, but we should fix it anyways in case it ever happens. Also make sure users get a note about this being a bug when they see it in their log. Thanks to ekir for discovering and reporting this bug.
* Zero a cipher completely before freeing itSebastian Hahn2010-02-26
| | | | | | We used to only zero the first ptrsize bytes of the cipher. Since cipher is large enough, we didn't zero too many bytes. Discovered and fixed by ekir. Fixes bug 1254.
* put 0.2.1.24 in release notes tooRoger Dingledine2010-02-21
|
* bump to 0.2.1.24Roger Dingledine2010-02-21
|
* Bump version to 0.2.1.23-devNick Mathewson2010-02-18
|
* Add changelog for latest openssl fixNick Mathewson2010-02-18
|
* Fix compileSebastian Hahn2010-02-18
|
* Even more conservative option-setting for SSL renegotiation.Nick Mathewson2010-02-17
| | | | | | This time, set the SSL3_FLAGS_ALLOW_UNSAFE_RENEGOTIATION flag on every version before OpenSSL 0.9.8l. I can confirm that the option value (0x0010) wasn't reused until OpenSSL 1.0.0beta3.
* give it a blurb, update the dateRoger Dingledine2010-02-13
|
* new dannenberg address; make moria2's demise official.Roger Dingledine2010-02-12
|
* prepare for 0.2.1.23Roger Dingledine2010-02-12
|