| Commit message (Expand) | Author | Age |
|---|
| * | Fix the warning about LearnCircuitBuildTimeout && !CircuitBuildTimeout•••This is for bug 6304.
Add a changes file too
| Nick Mathewson | 2013-03-13 |
| * | Check whether ei is non-NULL before altering it.•••This fixes a crash bug if we fail to generate an extrainfo
descriptor.
Fixes bug 8208; bugfix on 0.2.3.16-alpha.
| Nick Mathewson | 2013-02-11 |
| * | Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3 | Nick Mathewson | 2013-02-08 |
| |\ |
|
| | * | Update to the February 2013 GeoIP database. | Karsten Loesing | 2013-02-08 |
| * | | Merge branch 'bug7889_023' into maint-0.2.3 | Nick Mathewson | 2013-01-15 |
| |\ \ |
|
| | * | | Reject create/begin/etc cells with {circ,stream}ID 0.•••Otherwise, it's possible to create streams or circuits with these
bogus IDs, leading to orphaned circuits or streams, or to ones that
can cause bandwidth DOS problems.
Fixes bug 7889; bugfix on all released Tors.
| Nick Mathewson | 2013-01-14 |
| * | | | Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3 | Nick Mathewson | 2013-01-14 |
| |\ \ \
| |/ /
|/| /
| |/ |
|
| | * | Update to the January 2013 GeoIP database. | Karsten Loesing | 2013-01-05 |
| * | | Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3 | Nick Mathewson | 2012-12-13 |
| |\| |
|
| | * | Update to the December 2012 GeoIP database. | Karsten Loesing | 2012-12-13 |
| | * | Update to the November 2012 GeoIP database. | Karsten Loesing | 2012-12-13 |
| * | | use a more logical operator•••Fix a harmless bug when opting against publishing a relay descriptor
because DisableNetwork is set.
Fixes bug 7464; bugfix on 0.2.3.9-alpha.
| Roger Dingledine | 2012-11-12 |
| * | | Add and use and unlikely-to-be-eliminated memwipe()•••Apparently some compilers like to eliminate memset() operations on
data that's about to go out-of-scope. I've gone with the safest
possible replacement, which might be a bit slow. I don't think this
is critical path in any way that will affect performance, but if it
is, we can work on that in 0.2.4.
Fixes bug 7352.
| Nick Mathewson | 2012-11-08 |
| * | | Fix a remotely triggerable assertion failure (CVE-2012-2250)•••If we completed the handshake for the v2 link protocol but wound up
negotiating the wong protocol version, we'd become so confused about
what part of the handshake we were in that we'd promptly die with an
assertion.
This is a fix for CVE-2012-2250; it's a bugfix on 0.2.3.6-alpha.
All servers running that version or later should really upgrade.
Bug and fix from "some guy from France." I tweaked his code slightly
to make it log the IP of the offending node.
| Nick Mathewson | 2012-10-23 |
| * | | Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3 | Nick Mathewson | 2012-10-23 |
| |\| |
|
| | * | Add a changes file for bug 7191. | Nick Mathewson | 2012-10-23 |
| * | | Let 0.2.3 clients exit to internal addresses if they want•••Clients now consider the ClientRejectInternalAddresses config option
when using a microdescriptor consensus stanza to decide whether
an exit relay would allow exiting to an internal address. Fixes
bug 7190; bugfix on 0.2.3.1-alpha.
| Roger Dingledine | 2012-10-23 |
| * | | Fix parse_short_policy (bug 7192.)•••Our implementation of parse_short_policy was screwed up: it would
ignore the last character of every short policy. Obviously, that's
broken.
This patch fixes the busted behavior, and adds a bunch of unit tests
to make sure the rest of that function is okay.
Fixes bug 7192; fix on 0.2.3.1-alpha.
| Nick Mathewson | 2012-10-23 |
| * | | Merge branch 'block_renegotiate_023' into maint-0.2.3 | Nick Mathewson | 2012-10-19 |
| |\ \ |
|
| | * | | Discard extraneous renegotiation attempts in the v3 link protocol•••Failure to do so left us open to a remotely triggerable assertion
failure. Fixes CVE-2012-2249; bugfix on 0.2.3.6-alpha. Reported by
"some guy from France".
| Nick Mathewson | 2012-10-17 |
| * | | | Don't serve or accept v2 HS descs over a DirPort•••(changes file tweaked by nickm)
| Robert Ransom | 2012-10-19 |
| * | | | Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3 | Nick Mathewson | 2012-10-19 |
| |\ \ \
| |/ /
|/| /
| |/ |
|
| | * | Disable TLS Session Tickets, which we were apparently getting for free•••OpenSSL 1.0.0 added an implementation of TLS session tickets, a
"feature" that let session resumption occur without server-side state
by giving clients an encrypted "ticket" that the client could present
later to get the session going again with the same keys as before.
OpenSSL was giving the keys to decrypt these tickets the lifetime of
the SSL contexts, which would have been terrible for PFS if we had
long-lived SSL contexts. Fortunately, we don't. Still, it's pretty
bad. We should also drop these, since our use of the extension stands
out with our non-use of session cacheing.
Found by nextgens. Bugfix on all versions of Tor when built with
openssl 1.0.0 or later. Fixes bug 7139.
| Nick Mathewson | 2012-10-19 |
| * | | Don't call fmt_addr() twice in a parameter list. | George Kadianakis | 2012-10-09 |
| * | | Merge remote-tracking branch 'arma/bug7037' into maint-0.2.3 | Nick Mathewson | 2012-10-04 |
| |\ \ |
|
| | * | | Refuse extra create cells with reason "resource limit"•••In the past we had used reason "internal", which is more vague than
it needs to be. Resolves bug 7037.
| Roger Dingledine | 2012-10-03 |
| * | | | properly free the return values of rate_limit_log()•••resolves bug 7022.
| Roger Dingledine | 2012-10-03 |
| |/ / |
|
| * | | add faravahar as our ninth v3 dir auth | Roger Dingledine | 2012-09-22 |
| * | | Clarify that hidden services are TCP only•••Also remove some trailing whitespace.
Patch from maker; fixes bug 6024.
| Nick Mathewson | 2012-09-19 |
| * | | Bug 6866: Convert pathbias asserts into log messages.•••Asserts were hit by Tor2Web mode.
| Mike Perry | 2012-09-17 |
| * | | Use file-size-fixup code on cygwin too.•••We already had code on windows to fix our file sizes when we're
reading a file in text mode and its size doesn't match the size from
fstat. But that code was only enabled when _WIN32 was defined, and
Cygwin defines __CYGWIN__ instead.
Fixes bug 6844; bugfix on 0.1.2.7-alpha.
| Nick Mathewson | 2012-09-14 |
| * | | mention the bug number in the 6827 changes file | Nick Mathewson | 2012-09-13 |
| * | | Avoid undefined behaviour when parsing HS protocol versions•••Fixes bug 6827; bugfix on c58675ca728f12b42f65e5b8964ae695c2e0ec2d
(when the v2 HS desc parser was implemented).
Found by asn.
| Robert Ransom | 2012-09-13 |
| * | | Revert "6819: typo in torrc.sample.in"•••This reverts commit 4aff97cfc7965414ad8506ce28a296da1bc4a161.
We don't actually want to be changing the torrc.sample on stable or
near-stable stuff, since doing so makes pointless busywork for debian
users.
| Nick Mathewson | 2012-09-12 |
| * | | Merge remote-tracking branch 'public/bug6341_a_v2' into maint-0.2.3 | Nick Mathewson | 2012-09-12 |
| |\ \ |
|
| | * | | Check ewma_enabled before doing circ-has-become-inactive check•••This avoids a possible crash bug in flush_from_first_active_circuit.
Fixes bug 6341; bugfix on 0.2.2.7-alpha.
Bug reported and fixed by a pseudonymous user on IRC.
| Nick Mathewson | 2012-07-18 |
| * | | | 6819: typo in torrc.sample.in | Nick Mathewson | 2012-09-12 |
| * | | | Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3•••Conflicts:
src/test/test_util.c
| Nick Mathewson | 2012-09-11 |
| |\ \ \
| | |/
| |/| |
|
| | * | | Fix assertion failure in tor_timegm.•••Fixes bug 6811.
| Nick Mathewson | 2012-09-11 |
| * | | | Avoid segfault when reading state file from ancient tor•••If s_values is null in rep_hist_load_bwhist_state_section, we would
call smartlist_len() on it, and die.
Fixes bug 6801.
| Nick Mathewson | 2012-09-10 |
| * | | | Avoid segfault if EntryGuardPathBias precedes EntryGuard•••Fix for bug 6774; bugfix on 0.2.3.17-beta.
| Nick Mathewson | 2012-09-05 |
| * | | | Make begindir_cutoff the same as general_cutoff•••Allow one-hop directory fetching circuits the full "circuit build timeout"
period, rather than just half of it, before failing them and marking
the relay down. This fix should help reduce cases where clients declare
relays (or worse, bridges) unreachable because the TLS handshake takes
a few seconds to complete.
Fixes bug 6743 (one piece of bug 3443); bugfix on 0.2.2.2-alpha, where
we changed the timeout from a static 30 seconds.
| Roger Dingledine | 2012-09-01 |
| * | | | Merge branch 'bug6732' into maint-0.2.3 | Nick Mathewson | 2012-08-31 |
| |\ \ \ |
|
| | * | | | Document consensus and microdesc files•••Bugfix for #6732.
| Nick Mathewson | 2012-08-31 |
| * | | | | Quiet "Set buildtimeout to low val" warnings: make them info•••Fix for #6251
| Nick Mathewson | 2012-08-27 |
| * | | | | Downgrade path-bias warning messages to INFO for now.•••We've had over two months to fix them, and didn't. Now we need
0.2.3.x stable. Yes, it would be cool to get this working in
0.2.3.x, but not at the expense of delaying every other feature that
_does_ work in 0.2.3.x. We can do a real fix in 0.2.4.
| Nick Mathewson | 2012-08-27 |
| * | | | | Merge branch 'bug6710_023' into maint-0.2.3 | Nick Mathewson | 2012-08-27 |
| |\ \ \ \ |
|
| | * | | | | Fix changes file for 6710: before 0.0.8pre1, you couldn't extend to•••a router that another router wasn't already connected to.
| Nick Mathewson | 2012-08-27 |
| | * | | | | Disable extending to private/internal addresses by default•••This is important, since otherwise an attacker can use timing info
to probe the internal network.
Also, add an option (ExtendAllowPrivateAddresses) so that
TestingTorNetwork won't break.
Fix for bug 6710; bugfix on all released versions of Tor.
| Nick Mathewson | 2012-08-27 |
| * | | | | | Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3•••Conflicts:
src/or/policies.c
| Nick Mathewson | 2012-08-27 |
| |\ \ \ \ \
| |/ / / /
|/| | / /
| | |/ /
| |/| | |
|