| Commit message (Collapse) | Author | Age |
|---|
| ... | |
| |\ \ \ \ \ |
|
| | | | | | | |
|
| | | | | | | |
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | | |
Implements proposal 207; ticket 6526.
|
| | | | | | | |
|
| | | | | | | |
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
This implements the server-side of proposal 198 by detecting when
clients lack the magic list of ciphersuites that indicates that
they're lying faking some ciphers they don't really have. When
clients lack this list, we can choose any cipher that we'd actually
like. The newly allowed ciphersuites are, currently, "All ECDHE-RSA
ciphers that openssl supports, except for ECDHE-RSA-RC4".
The code to detect the cipher list relies on on (ab)use of
SSL_set_session_secret_cb.
|
| | | | | | | |
|
| | |_|_|_|/
|/| | | |
| | | | |
| | | | | |
This is an attempt to diagnose the severity of bug 7743.
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This is good enough to give P_success >= 999,999,999/1,000,000,000 so
long as the address space is less than 97.95 full. It'd be ridiculous
for that to happen for IPv6, and usome reasonable assumptions, it
would also be pretty silly for IPv4.
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| |\ \ \ \ \ |
|
| | | | | | | |
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
This replaces the old FallbackConsensus notion, and should provide a
way -- assuming we pick reasonable nodes! -- to give clients
suggestions of placs to go to get their first consensus.
|
| | | |/ / /
| |/| | | |
|
| | |/ / /
|/| | | |
|
| |\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | | |
Conflicts:
src/or/dns.c
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This is part of what's needed to build without warnings on mingw64:
it was warning about the cast from void* to long that happened in
the places we were using test_{n,}eq on pointers.
The alternative here would have been to broaden tt_int_op to accept
a long long or an intptr_t, but that's less correct (since pointers
aren't integers), and would hurt the portability of tinytest a
little.
Fixes part of 7260.
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Patch from yayooo for bug 7260, forward-ported to 0.2.4.
|
| |\ \ \ \ \ |
|
| | | | | | | |
|
| | | | | | | |
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | | |
Fixes #6266.
|
| |\ \ \ \ \ \ |
|
| | | |_|/ / /
| |/| | | |
| | | | | |
| | | | | | |
Fix for bug 7306. Bugfix on 0.2.2.17-alpha.
|
| |\ \ \ \ \ \ |
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Fixes bug 6887. There are opportunities to remove more functions if
authorities can stop serving dummy v1 directory documents
|
| | |/ / / / /
|/| | | | |
| | | | | |
| | | | | |
| | | | | | |
Also, add a hack Roger suggested where we're more patient if no circuits are
opened yet.
|
| |\ \ \ \ \ \
| |_|/ / / /
|/| | | | | |
|
| | | | | | | |
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
"error=Unable to launch resolve request" is not a nice thing to tell
the controller. Bugfix on 0.2.0.19-alpha (c11c48fc).
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Fix for #6113.
Note that the RFC1123 times we generate still all say 'GMT'. I'm
going to suggest this is not worth changing.
|
| | | | | | | |
|
| | | | | | | |
|
| |\ \ \ \ \ \ |
|
| | | | | | | | |
|
| |\ \ \ \ \ \ \ |
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
That's not where I'd want to put a $, but apparently the other
foo/id/<identity> things allow it, as does an arguably valid
interpretation of control-spec.txt. So let's be consistent.
Fix for a piece of bug 7059.
|
| | |/ / / / / /
|/| | | | | |
| | | | | | |
| | | | | | | |
Fixes a bug (with no ticket) on 0.2.4.6-alpha.
|
| | | | | | | | |
|
| |\ \ \ \ \ \ \
| | |_|_|_|/ /
| |/| | | | | |
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Fix a harmless bug when opting against publishing a relay descriptor
because DisableNetwork is set.
Fixes bug 7464; bugfix on 0.2.3.9-alpha.
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
This is the simplest possible workaround: make it safe to call
circuit_cell_queue_clear() on a non-attached circuit, and make it
safe-but-a-LD_BUG-warning to call update_circuit_on_cmux() on a
non-attached circuit.
LocalWords: unstage src Untracked
|
| |\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | |
| | | | | | | | |
ssh://git-rw.torproject.org/user/andrea/tor
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
or_connection_t checking
|
| | | | | | | | | |
|
| |\ \ \ \ \ \ \ \
| |/ / / / / / /
|/| / / / / / /
| |/ / / / / /
| | | | | | |
| | | | | | | |
Conflicts:
src/common/crypto.c
src/or/rendservice.c
|