| Commit message (Expand) | Author | Age |
|---|
| ... | |
| | * | Proper NULL checking in circuit_list_path_impl()•••Another dereference-then-NULL-check sequence. No reports of this bug
triggered in the wild. Fixes bugreport 1256.
Thanks to ekir for discovering and reporting this bug.
| Sebastian Hahn | 2010-02-26 |
| | * | Proper NULL checking for hsdesc publication•••Fix a dereference-then-NULL-check sequence. This bug wasn't triggered
in the wild, but we should fix it anyways in case it ever happens.
Also make sure users get a note about this being a bug when they
see it in their log.
Thanks to ekir for discovering and reporting this bug.
| Sebastian Hahn | 2010-02-26 |
| | * | Zero a cipher completely before freeing it•••We used to only zero the first ptrsize bytes of the cipher. Since
cipher is large enough, we didn't zero too many bytes. Discovered
and fixed by ekir. Fixes bug 1254.
| Sebastian Hahn | 2010-02-26 |
| * | | Merge remote branch 'mikeperry/consensus-bw-weights5-merge'•••Conflicts:
ChangeLog
| Nick Mathewson | 2010-02-25 |
| |\ \ |
|
| | * | | Add a changelog entry for the bandwidth weightings. | Mike Perry | 2010-02-22 |
| * | | | Merge remote branch 'sebastian/manpage' | Nick Mathewson | 2010-02-25 |
| |\ \ \ |
|
| | * | | | Restrict PerConnBWRate|Burst to INT32_MAX, update manpage•••All other bandwidthrate settings are restricted to INT32_MAX, but
this check was forgotten for PerConnBWRate and PerConnBWBurst. Also
update the manpage to reflect the fact that specifying a bandwidth
in terabytes does not make sense, because that value will be too
large.
| Sebastian Hahn | 2010-02-25 |
| * | | | | Update a section of the exit notice file, give it a changelog. | Sebastian Hahn | 2010-02-23 |
| |/ / / |
|
| * | | | Proper NULL checking for hsdesc publication•••Fix a dereference-then-NULL-check sequence. This bug wasn't triggered
in the wild, but we should fix it anyways in case it ever happens.
Also make sure users get a note about this being a bug when they
see it in their log.
Thanks to ekir for discovering and reporting this bug.
| Sebastian Hahn | 2010-02-23 |
| * | | | Fix another coverity-spotted memleak | Sebastian Hahn | 2010-02-23 |
| |/ / |
|
| * | | elevate a changelog entry, and get my mailto out of the man page | Roger Dingledine | 2010-02-22 |
| * | | Merge remote branch 'sebastian/bug1254' | Nick Mathewson | 2010-02-22 |
| |\ \ |
|
| | * | | Zero a cipher completely before freeing it•••We used to only zero the first ptrsize bytes of the cipher. Since
cipher is large enough, we didn't zero too many bytes. Discovered
and fixed by ekir. Fixes bug 1254.
| Sebastian Hahn | 2010-02-22 |
| * | | | Expand homedirs in paths passed to tor-checkkey•••This is so that coverity stops complaining about using a user-supplied
string with the open() syscall. Let's see if it works.
| Sebastian Hahn | 2010-02-22 |
| |/ / |
|
| * | | network-status-version must come first in a vote/consensus•••Spec conformance issue: The code didn't force the network-status-version
token to be the first token in a v3 vote or consensus.
Problem discovered by Parakeep.
| Sebastian Hahn | 2010-02-22 |
| * | | Merge branch 'maint-0.2.1' into new•••Conflicts:
ChangeLog
configure.in
contrib/tor-mingw.nsi.in
src/win32/orconfig.h
| Roger Dingledine | 2010-02-22 |
| |\| |
|
| | * | bump to 0.2.1.24 | Roger Dingledine | 2010-02-21 |
| * | | prepare for 0.2.2.9-alpha | Roger Dingledine | 2010-02-22 |
| * | | Merge remote branch 'public/cbt-status'•••Conflicts:
ChangeLog
| Nick Mathewson | 2010-02-20 |
| |\ \ |
|
| | * | | Future-proof the control protocol by ignoring unrecognized keyword args | Nick Mathewson | 2010-02-18 |
| | * | | Make more arguments in control.c properly case-insensitive. | Nick Mathewson | 2010-02-18 |
| | * | | Add changelog entry for CBT testing work. | Mike Perry | 2010-02-18 |
| * | | | Merge remote branch 'sebastian/bug1143' | Nick Mathewson | 2010-02-19 |
| |\ \ \
| |/ /
|/| | |
|
| | * | | Make the DNSPort option work with libevent 2.x•••We need to use evdns_add_server_port_with_base() when configuring
our DNS listener, because libevent segfaults otherwise. Add a macro
in compat_libevent.h to pick the correct implementation depending
on the libevent version.
Fixes bug 1143, found by SwissTorExit
| Sebastian Hahn | 2010-02-19 |
| * | | | Merge remote branch 'origin/maint-0.2.1'•••Conflicts:
ChangeLog
configure.in
contrib/tor-mingw.nsi.in
src/win32/orconfig.h
| Nick Mathewson | 2010-02-18 |
| |\ \ \
| |/ /
|/| /
| |/ |
|
| | * | Add changelog for latest openssl fix | Nick Mathewson | 2010-02-18 |
| | * | give it a blurb, update the date | Roger Dingledine | 2010-02-13 |
| | * | new dannenberg address; make moria2's demise official. | Roger Dingledine | 2010-02-12 |
| | * | prepare for 0.2.1.23 | Roger Dingledine | 2010-02-12 |
| * | | Merge commit 'sebastian/oldstuff'•••Conflicts:
ChangeLog
| Roger Dingledine | 2010-02-16 |
| |\ \ |
|
| | * | | Remove legacy files from main source distribution•••The AUTHORS file was pretty outdated. Its contents moved onto the
people page. Design paper and roadmaps moved to the projects
directory in svn.
| Sebastian Hahn | 2010-02-16 |
| * | | | Remove the --enable-iphone option as needless.•••On or-talk, Marco Bonetti reports that recent iPhone SDKs build
Tor fine without it.
| Nick Mathewson | 2010-02-12 |
| |/ / |
|
| * | | Add changelog for memcpy bug, with credit for "memcpyfail" | Nick Mathewson | 2010-02-09 |
| * | | Merge remote branch 'origin/maint-0.2.1' | Nick Mathewson | 2010-02-09 |
| |\| |
|
| | * | Don't use gethostbyname() in resolve_my_address()•••Tor has tor_lookup_hostname(), which prefers ipv4 addresses automatically.
Bug 1244 occured because gethostbyname() returned an ipv6 address, which
Tor cannot handle currently. Fixes bug 1244; bugfix on 0.0.2pre25.
Reported by Mike Mestnik.
| Sebastian Hahn | 2010-02-08 |
| * | | Don't spam controllers with TOO_MANY_CONNECTIONS events•••We implemented ratelimiting for warnings going into the logfile, but didn't
rate-limit controller events. Now both log warnings and controller events
are rate-limited.
| Sebastian Hahn | 2010-02-08 |
| * | | Merge commit 'origin/maint-0.2.1' | Nick Mathewson | 2010-02-07 |
| |\| |
|
| | * | lookup_last_hid_serv_request() could overflow and leak memory•••The problem was that we didn't allocate enough memory on 32-bit
platforms with 64-bit time_t. The memory leak occured every time
we fetched a hidden service descriptor we've fetched before.
| Sebastian Hahn | 2010-02-07 |
| * | | When we've disabled .exit hostnames, actually reject them.•••Previously we were treating them as decent hostnames and sending them
to the exit, which is completely wrong.
| Nick Mathewson | 2010-02-03 |
| * | | Don't assign Exit flag incorrectly•••exit_policy_is_general_exit() assumed that there are no redundancies
in the passed policy, in the sense that we actively combine entries
in the policy to really get rid of any redundancy. Since we cannot
do that without massively rewriting the policy lines the relay
operators set, fix exit_policy_is_general_exit().
Fixes bug 1238, discovered by Martin Kowalczyk.
| Sebastian Hahn | 2010-02-03 |
| * | | Add a changelog entry for fixing bug 1237.•••We don't have such an entry for 0.2.1.x, since bug 1237 never made it
into a released version of 0.2.1.x.
| Nick Mathewson | 2010-02-02 |
| * | | Merge commit 'origin/maint-0.2.1'•••Conflicts:
src/common/tortls.c
| Nick Mathewson | 2010-01-29 |
| |\| |
|
| | * | Decide whether to use SSL flags based on runtime OpenSSL version.•••We need to do this because Apple doesn't update its dev-tools headers
when it updates its libraries in a security patch. On the bright
side, this might get us out of shipping a statically linked OpenSSL on
OSX.
May fix bug 1225.
[backported]
| Nick Mathewson | 2010-01-29 |
| * | | Decide whether to use SSL flags based on runtime OpenSSL version.•••We need to do this because Apple doesn't update its dev-tools headers
when it updates its libraries in a security patch. On the bright
side, this might get us out of shipping a statically linked OpenSSL on
OSX.
May fix bug 1225.
| Nick Mathewson | 2010-01-29 |
| * | | Stop shipping the design paper in the tarballs | Sebastian Hahn | 2010-01-27 |
| * | | Fix ChangeLog entry for asciidoc branch. | Nick Mathewson | 2010-01-27 |
| * | | Stop putting parts of the website into tarballs.•••The website wasn't used by our packages, and most users will not know how
to open html.en files anyways.
| Sebastian Hahn | 2010-01-27 |
| * | | 0.2.2.8-alpha is coming out today sometime | Roger Dingledine | 2010-01-26 |
| * | | Fix a memory corruption bug while collecting bridge stats•••We accidentally freed the internal buffer for bridge stats when we
were writing the bridge stats file or honoring a control port
request for said data. Change the interfaces for
geoip_get_bridge_stats* to prevent these problems, and remove the
offending free/add a tor_strdup.
Fixes bug 1208.
| Karsten Loesing | 2010-01-26 |
| * | | make the 0.2.2.7-alpha changelog actually complete.•••weasel makes a good point.
| Roger Dingledine | 2010-01-20 |