aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Don't send uninitialized stack to the controller and say it's a date.Nick Mathewson2014-04-14
| | | | Fixes bug 11519, apparently bugfix on 0.2.3.11-alpha.
* Merge branch 'bug11464_023_squashed' into maint-0.2.3Nick Mathewson2014-04-14
|\
| * Tweak changes file and comment dates.Nick Mathewson2014-04-14
| |
| * Fill in the list of blacklisted signing keys.Nick Mathewson2014-04-14
| | | | | | | | | | I used a list of certificate files from arma, and a little script, both at 11464.
| * Code to blacklist authority signing keysNick Mathewson2014-04-14
|/ | | | (I need a list of actual signing keys to blacklist.)
* Fix geoip by falling back to registered countries.Karsten Loesing2014-02-25
| | | | | | | | | | | | | | | | | | | | | | | See 1d2179bc900f1646a5491b65294e78b175e70056 in master for details. """ Fall back to registered country if necessary. When extracting geoip and geoip6 files from MaxMind's GeoLite2 Country database, we only look at country->iso_code which is the two-character ISO 3166-1 country code of the country where MaxMind believes the end user is located. But if MaxMind thinks a range belongs to anonymous proxies, they don't put anything there. Hence, we omit those ranges and resolve them all to '??'. That's not what we want. What we should do is first try country->iso_code, and if there's no such key, try registered_country->iso_code which is the country in which the ISP has registered the IP address. In short: let's fill all A1 entries with what ARIN et. al think. """
* Merge remote-tracking branch 'karsten/geoip-feb2014' into maint-0.2.3Nick Mathewson2014-02-15
|\
| * Update to the February 2014 GeoIP database.Karsten Loesing2014-02-08
| |
* | Merge branch 'bug9093_023' into maint-0.2.3Nick Mathewson2013-11-15
|\ \
| * | Improved circuit queue out-of-memory handlerNick Mathewson2013-11-07
|/ / | | | | | | | | | | | | | | | | | | | | Previously, when we ran low on memory, we'd close whichever circuits had the most queued cells. Now, we close those that have the *oldest* queued cells, on the theory that those are most responsible for us running low on memory, and that those are the least likely to actually drain on their own if we wait a little longer. Based on analysis from a forthcoming paper by Jansen, Tschorsch, Johnson, and Scheuermann. Fixes bug 9093.
* | Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3Nick Mathewson2013-10-11
|\|
| * Update to the October 2013 GeoIP database.Karsten Loesing2013-10-11
| |
* | Fix unit test for format_helper_exit_statusNick Mathewson2013-10-10
| | | | | | | | | | Fix format_helper_exit_status to allow full HEX_ERRNO_SIZE answers, *and* increase the buffer length again.
* | Merge remote-tracking branch 'public/bug9928' into maint-0.2.3Nick Mathewson2013-10-10
|\ \
| * | Give credit to bug reporter for 9928Nick Mathewson2013-10-08
| | |
| * | Raise buffer size, fix checks for format_exit_helper_status.Nick Mathewson2013-10-08
| | | | | | | | | | | | | | | | | | | | | | | | This is probably not an exploitable bug, since you would need to have errno be a large negative value in the unix pluggable-transport launcher case. Still, best avoided. Fixes bug 9928; bugfix on 0.2.3.18-rc.
* | | Fix an assert when disabling ORPort with accounting disabled.Nick Mathewson2013-09-18
|/ / | | | | | | | | | | | | | | | | | | The problem was that the server_identity_key_is_set() function could return true under conditions where we don't really have an identity key -- specifically, where we used to have one, but we stopped being a server. This is a fix for 6979; bugfix on 0.2.2.18-alpha where we added that assertion to get_server_identity_key().
* | Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3Nick Mathewson2013-09-16
|\|
| * Update to the September 2013 GeoIP database.Karsten Loesing2013-09-10
| |
* | Merge branch 'bug9671_023' into maint-0.2.3Nick Mathewson2013-09-04
|\ \
| * | use !cbt_disabled in place of LearnCBT to avoid needless circsNick Mathewson2013-09-04
|/ / | | | | | | | | | | | | | | | | | | This would make us do testing circuits "even when cbt is disabled by consensus, or when we're a directory authority, or when we've failed to write cbt history to our state file lately." (Roger's words.) This is a fix for 9671 and an improvement in our fix for 5049. The original misbehavior was in 0.2.2.14-alpha; the incomplete fix was in 0.2.3.17-beta.
* | Merge remote-tracking branch 'public/bug9546_023_v2' into maint-0.2.3Nick Mathewson2013-08-25
|\ \
| * | Make bridges send AUTH_CHALLENGE cellsNick Mathewson2013-08-21
| | | | | | | | | | | | | | | | | | | | | | | | The spec requires them to do so, and not doing so creates a situation where they can't send-test because relays won't extend to them because of the other part of bug 9546. Fixes bug 9546; bugfix on 0.2.3.6-alpha.
| * | Send NETINFO on receiving a NETINFO if we have not yet sent one.Nick Mathewson2013-08-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (Backport to Tor 0.2.3) Relays previously, when initiating a connection, would only send a NETINFO after sending an AUTHENTICATE. But bridges, when receiving a connection, would never send AUTH_CHALLENGE. So relays wouldn't AUTHENTICATE, and wouldn't NETINFO, and then bridges would be surprised to be receiving CREATE cells on a non-open circuit. Fixes bug 9546.
* | | Merge remote-tracking branch 'public/bug9564' into maint-0.2.3Nick Mathewson2013-08-22
|\ \ \ | |/ / |/| |
| * | Replace return with continue in update_consensus_networkstatus_downloadsNick Mathewson2013-08-22
|/ / | | | | | | Fix for bug 9564; bugfix on 0.2.3.14-alpha.
* | Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3Nick Mathewson2013-08-12
|\|
| * Update to the August 2013 GeoIP database.Karsten Loesing2013-08-12
| |
* | Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3Nick Mathewson2013-07-08
|\|
| * Update to the July 2013 GeoIP database.Karsten Loesing2013-07-08
| |
* | Fix some problems with the bug9002 fix.Nick Mathewson2013-06-18
| | | | | | | | Fixes bug 9090; bug not in any released Tor.
* | Merge branch 'bug9063_redux_023_squashed' into maint-0.2.3Nick Mathewson2013-06-18
|\ \
| * | Implement a real OOM-killer for too-long circuit queues.Nick Mathewson2013-06-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This implements "algorithm 1" from my discussion of bug #9072: on OOM, find the circuits with the longest queues, and kill them. It's also a fix for #9063 -- without the side-effects of bug #9072. The memory bounds aren't perfect here, and you need to be sure to allow some slack for the rest of Tor's usage. This isn't a perfect fix; the rest of the solutions I describe on codeable.
* | | Limit hidden service descriptors to at most 10 guard nodes.Nick Mathewson2013-06-16
|/ / | | | | | | | | Fixes bug 9002; bugfix on 0.1.1.11-alpha (which introduced guard nodes), or on 0.0.6pre1 (which introduced hidden services).
* | Disable middle relay queue overfill detection code due to possible guard ↵Andrea Shepard2013-06-15
| | | | | | | | discovery attack
* | Merge branch 'circuit_queue_cap-0.2.3-squashed' into maint-0.2.3Nick Mathewson2013-06-14
|\ \
| * | Increase the limit so leaky pipe might workNick Mathewson2013-06-14
| | |
| * | Don't queue more cells as a middle relay than the spec allows to be in flightAndrea Shepard2013-06-13
|/ /
* | Merge branch 'bug9017' into maint-0.2.3Nick Mathewson2013-06-10
|\ \
| * | Fix (Open?)BSD fast-connect bug with optimistic data.Nick Mathewson2013-06-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There's an assertion failure that can occur if a connection has optimistic data waiting, and then the connect() call returns 0 on the first attempt (rather than -1 and EINPROGRESS). That latter behavior from connect() appears to be an (Open?)BSDism when dealing with remote addresses in some cases. (At least, I've only seen it reported with the BSDs under libevent, even when the address was 127.0.0.1. And we've only seen this problem in Tor with OpenBSD.) Fixes bug 9017; bugfix on 0.2.3.1-alpha, which first introduced optimistic data. (Although you could also argue that the commented-out connection_start_writing in 155c9b80 back in 2002 is the real source of the issue.)
* | | Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3Nick Mathewson2013-06-05
|\ \ \ | | |/ | |/|
| * | Update to the June 2013 GeoIP database.Karsten Loesing2013-06-05
| | |
* | | Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3Nick Mathewson2013-05-20
|\| | | |/ |/|
| * Update to the May 2013 GeoIP database.Karsten Loesing2013-05-13
| |
* | Merge branch 'bug8844_v2' into maint-0.2.3Nick Mathewson2013-05-09
|\ \
| * | Don't run off the end of the array-of-freelistsNick Mathewson2013-05-09
|/ / | | | | | | | | | | | | | | | | | | | | | | | | This is a fix for bug 8844, where eugenis correctly notes that there's a sentinel value at the end of the list-of-freelists that's never actually checked. It's a bug since the first version of the chunked buffer code back in 0.2.0.16-alpha. This would probably be a crash bug if it ever happens, but nobody's ever reported something like this, so I'm unsure whether it can occur. It would require write_to_buf, write_to_buf_zlib, read_to_buf, or read_to_buf_tls to get an input size of more than 32K. Still, it's a good idea to fix this kind of thing!
* | Avoid busy-looping on WANTREAD within connection_handle_writeNick Mathewson2013-04-12
| | | | | | | | | | Fix for bug 5650. Also, if we get a WANTREAD while reading while writing, make sure we're reading.
* | Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3Nick Mathewson2013-04-08
|\|
| * Update to the April 2013 GeoIP database.Karsten Loesing2013-04-08
| |
* | Merge remote-tracking branch 'public/bug8377' into maint-0.2.3Nick Mathewson2013-03-18
|\ \