aboutsummaryrefslogtreecommitdiff
path: root/changes
Commit message (Collapse)AuthorAge
* Merge remote-tracking branch 'public/bug11970'Nick Mathewson2014-06-11
|\
| * sandbox: revamp sandbox_getaddrinfo cacheingNick Mathewson2014-05-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The old cache had problems: * It needed to be manually preloaded. (It didn't remember any address you didn't tell it to remember) * It was AF_INET only. * It looked at its cache even if the sandbox wasn't turned on. * It couldn't remember errors. * It had some memory management problems. (You can't use memcpy to copy an addrinfo safely; it has pointers in.) This patch fixes those issues, and moves to a hash table. Fixes bug 11970; bugfix on 0.2.5.1-alpha.
* | Merge remote-tracking branch 'public/not_bug8093'Nick Mathewson2014-06-11
|\ \
| * | put the right trac ticket number in changes fileNick Mathewson2014-06-04
| | |
| * | count DATA cells with stream ID 0 as delivered for SENDME purposesNick Mathewson2013-03-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | Found while investigating 8093, but probably not the cause of it, since this bug would result in us sending too few SENDMEs, not in us receiving SENDMEs unexpectedly. Bugfix on the fix for 7889, which has appeared in 0.2.4.10-alpha, but not yet in any released 0.2.3.x version.
* | | Merge remote-tracking branch 'public/more_bug8387_diagnosis'Nick Mathewson2014-06-11
|\ \ \
| * | | Improved diagnostic log for bug 8387.Nick Mathewson2014-06-10
| | | | | | | | | | | | | | | | | | | | | | | | When we find a stranded one-hop circuit, log whether it is dirty, log information about any streams on it, and log information about connections they might be linked to.
* | | | Merge remote-tracking branch 'origin/maint-0.2.4'Nick Mathewson2014-06-10
|\ \ \ \ | |/ / / |/| | |
| * | | Fix changes file for geoipNick Mathewson2014-06-10
| | | |
| * | | Update geoip6 to the June 4 2014 database.Karsten Loesing2014-06-10
| | | |
* | | | Merge remote-tracking branch 'public/bug12227_024'Nick Mathewson2014-06-10
|\ \ \ \
| * | | | Avoid illegal read off end of an array in prune_v2_cipher_listNick Mathewson2014-06-10
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This function is supposed to construct a list of all the ciphers in the "v2 link protocol cipher list" that are supported by Tor's openssl. It does this by invoking ssl23_get_cipher_by_char on each two-byte ciphersuite ID to see which ones give a match. But when ssl23_get_cipher_by_char cannot find a match for a two-byte SSL3/TLS ciphersuite ID, it checks to see whether it has a match for a three-byte SSL2 ciphersuite ID. This was causing a read off the end of the 'cipherid' array. This was probably harmless in practice, but we shouldn't be having any uninitialized reads. (Using ssl23_get_cipher_by_char in this way is a kludge, but then again the entire existence of the v2 link protocol is kind of a kludge. Once Tor 0.2.2 clients are all gone, we can drop this code entirely.) Found by starlight. Fix on 0.2.4.8-alpha. Fixes bug 12227.
* | | | Merge remote-tracking branch 'public/bug12169_relay_check'Nick Mathewson2014-06-04
|\ \ \ \
| * | | | Use uint32 !=, not tor_memneq, for relay cell integrity checkingNick Mathewson2014-06-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | tor_memeq has started to show up on profiles, and this is one of the most frequent callers of that function, appearing as it does on every cell handled for entry or exit. 59f9097d5c3dc010847c359888d31757d1c97904 introduced tor_memneq here; it went into Tor 0.2.1.31. Fixes part of 12169.
* | | | | Merge remote-tracking branch 'andrea/bug10616'Nick Mathewson2014-06-04
|\ \ \ \ \
| * | | | | Add changes file for bug10616Andrea Shepard2014-06-03
| |/ / / /
* | | | | Merge remote-tracking branch 'public/bug12195'Nick Mathewson2014-06-04
|\ \ \ \ \
| * | | | | Fix ancient code that only checked circ_id, not circ_id and chanNick Mathewson2014-06-03
| | |/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This code mis-handled the case where a circuit got the same circuit ID in both directions. I found three instances of it in the codebase, by grepping for [pn]_circ_id. Because of the issue in command_process_relay_cell(), this would have made roughly one circuit in a million completely nonfunctional. Fixes bug 12195.
* | | | | fix #10405's changes fileRoger Dingledine2014-06-02
| | | | |
* | | | | Don't try to fetch bridge descriptors when DisableNetwork is setNick Mathewson2014-06-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Patch from Roger; changes file by me. Fixes 10405; bugfix on 0.2.3.9-alpha, where DisableNetwork was introduced.
* | | | | Merge remote-tracking branch 'public/bug12170_024_v2'Nick Mathewson2014-06-02
|\ \ \ \ \ | |_|/ / / |/| | | |
| * | | | Avoid needless router_dir_info_has_changed from router_set_statusNick Mathewson2014-06-02
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | On some profiles of Andrea's from #11332, I found that a great deal of time can still be attributed to functions called from update_router_have_minimum_dir_info(). This is making our digestmap, tor_memeq, and siphash functions take a much bigger portion of runtime than they really should. If we're calling update_router_have_minimum_dir_info() too often, that's because we're calling router_dir_info_changed() too often. And it looks like most of the callers of router_dir_info_changed() are coming as tail-calls from router_set_status() as invoked by channel_do_open_actions(). But we don't need to call router_dir_info_changed() so much! (I'm not quite sure we need to call it from here at all, but...) Surely we don't need to call it from router_set_status when the router's status has not actually changed. This patch makes us call router_dir_info_changed() from router_set_status only when we are changing the router's status. Fix for bug 12170. This is leftover from our fix back in 273ee3e81 in 0.1.2.1-alpha, where we started caching the value of update_router_have_minimum_dir_info().
* | | | Start on the 0.2.5.5-alpha changelog.Nick Mathewson2014-05-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I've copied the entries from changes/, labeled the ones that also appeared in 0.2.4.22, sorted them lightly with a python script (added to maint), and combined sections with the same name. I didn't combine sections without a description (e.g. "Minor bugfixes:"), since we'll probably add a description to those.
* | | | sandbox: allow enough setsockopt to make ConstrainedSockets workNick Mathewson2014-05-29
| | | | | | | | | | | | | | | | fixes bug 12139; bugfix on 0.2.5.1-alpha
* | | | sandbox: permit listen(2)Nick Mathewson2014-05-27
| | | | | | | | | | | | | | | | Fix for 12115; bugfix on 0.2.5.1-alpha
* | | | Make sandbox.c compile on armNick Mathewson2014-05-27
| | | | | | | | | | | | | | | | | | | | This is a minimal set of changes for compilation; I need a more recent kernel to test this stuff.
* | | | Merge branch 'bug11965_v2'Nick Mathewson2014-05-23
|\ \ \ \
| * | | | Postpone fetches based on should_delay_dir_fetch(), not DisableNetworkNick Mathewson2014-05-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Without this fix, when running with bridges, we would try fetching directory info far too early, and have up to a 60 second delay if we started with bridge descriptors available. Fixes bug 11965. Fix on 0.2.3.6-alpha, arma thinks.
* | | | | sandbox: allow reading of hidden service configuration files.Nick Mathewson2014-05-22
| | | | | | | | | | | | | | | | | | | | fixes part of 12064
* | | | | changes file for 12064_part1Nick Mathewson2014-05-22
| | | | |
* | | | | Documentation fix: DataDir/status/* -> DataDir/stats/*Nick Mathewson2014-05-22
| |_|_|/ |/| | | | | | | | | | | Our documentation had the name of this directory wrong.
* | | | Merge remote-tracking branch 'andrea/bug11476'Nick Mathewson2014-05-22
|\ \ \ \ | |/ / / |/| | |
| * | | Add changes file for bug11476Andrea Shepard2014-05-16
| | | |
* | | | sandbox: permit gettid, sched_getaffinityNick Mathewson2014-05-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | These are needed under some circumstances if we are running with expensive-hardening and sandbox at the same time. fixes 11477, bugfix on 0.2.5.4-alpha (where we introduced expensive-hardening)
* | | | sandbox: support logfile rotationNick Mathewson2014-05-20
| | | | | | | | | | | | | | | | Fixes bug 12032; bugfix on 0.2.5.1-alpha
* | | | sandbox: tolerate reloading with DirPortFrontPage setNick Mathewson2014-05-20
| | | | | | | | | | | | | | | | | | | | | | | | Also, don't tolerate changing DirPortFrontPage. Fixes bug 12028; bugfix on 0.2.5.1-alpha.
* | | | sandbox: Disallow options which would make us call exec()Nick Mathewson2014-05-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | None of the things we might exec() can possibly run under the sanbox, so rather than crash later, we have to refuse to accept the configuration nice and early. The longer-term solution is to have an exec() helper, but wow is that risky. fixes 12043; bugfix on 0.2.5.1-alpha
* | | | sandbox: Permit access to stats/dirreq-statsNick Mathewson2014-05-20
| | | | | | | | | | | | | | | | | | | | | | | | This prevents a crash when rotating logs with dirreq-stats enabled fixes 12035; bugfix on 0.2.5.1-alpha.
* | | | Sandbox: allow access to stats/bridge-statsNick Mathewson2014-05-20
| | | | | | | | | | | | | | | | Fix for 12041; bugfix on 0.2.5.1-alpha.
* | | | Merge remote-tracking branch 'public/bug11469_024'Nick Mathewson2014-05-15
|\ \ \ \
| * | | | Use DirPort for uploading descriptors.Nick Mathewson2014-05-14
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When we converted the horrible set of options that previously controlled "use ORPort or DirPort? Anonymously or Non-anonymouly?" to a single 'indirection' argument, we missed directory_post_to_dirservers. The problematic code was introduced in 5cbeb6080, which went into 0.2.4.3-alpha. This is a fix for bug 11469.
| * | | Merge commit 'bb9b4c37f8e7f5cf78918f382e90d8b11ff42551' into maint-0.2.4Nick Mathewson2014-05-07
| |\ \ \
| * \ \ \ Merge remote-tracking branch 'public/ticket11528_024' into maint-0.2.4Nick Mathewson2014-05-07
| |\ \ \ \
| * \ \ \ \ Merge remote-tracking branch 'public/bug11513_024' into maint-0.2.4Nick Mathewson2014-05-07
| |\ \ \ \ \
| * \ \ \ \ \ Merge remote-tracking branch 'public/update_ciphers_ff28' into maint-0.2.4Nick Mathewson2014-05-07
| |\ \ \ \ \ \
| * \ \ \ \ \ \ Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4Nick Mathewson2014-05-01
| |\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: src/or/microdesc.c
| | * | | | | | | Downgrade bug 7164 warning to INFONick Mathewson2014-05-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The 0.2.5.x warning is the one that might help us track this down; the warnings in stable are just annoying users over and over and over.
* | | | | | | | | Use tor_getpw{nam,uid} wrappers to fix bug 11946Nick Mathewson2014-05-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When running with User set, we frequently try to look up our information in the user database (e.g., /etc/passwd). The seccomp2 sandbox setup doesn't let us open /etc/passwd, and probably shouldn't. To fix this, we have a pair of wrappers for getpwnam and getpwuid. When a real call to getpwnam or getpwuid fails, they fall back to a cached value, if the uid/gid matches. (Granting access to /etc/passwd isn't possible with the way we handle opening files through the sandbox. It's not desirable either.)
* | | | | | | | | Merge branch 'bug9781_v2'Nick Mathewson2014-05-12
|\ \ \ \ \ \ \ \ \
| * | | | | | | | | Log an error reply from tor-fw-helper correctly.Nick Mathewson2014-05-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix for bug 9781; bugfix on cd05f35d2cdf50 in 0.2.4.2-alpha.