aboutsummaryrefslogtreecommitdiff
path: root/src/common
Commit message (Expand)AuthorAge
* Explain CURVE25519_ENABLED: closes 9774Nick Mathewson2014-02-07
* Some anti-forensics paranoia...•••sed -i 's/BN_free/BN_clear_free/g' Florent Daigniere2014-02-03
* Add a sandbox rule to allow IP_TRANSPARENTNick Mathewson2014-02-02
* whitespace fixesNick Mathewson2014-01-17
* Fix some seccomp2 issues•••Fix for #10563. This is a compatibility issue with libseccomp-2.1. I guess you could call it a bugfix on 0.2.5.1? Nick Mathewson2014-01-06
* Merge remote-tracking branch 'origin/maint-0.2.4'•••Conflicts: src/common/crypto.c Nick Mathewson2013-12-18
|\
| * Never allow OpenSSL engines to replace the RAND_SSLeay method•••This fixes bug 10402, where the rdrand engine would use the rdrand instruction, not as an additional entropy source, but as a replacement for the entire userspace PRNG. That's obviously stupid: even if you don't think that RDRAND is a likely security risk, the right response to an alleged new alleged entropy source is never to throw away all previously used entropy sources. Thanks to coderman and rl1987 for diagnosing and tracking this down. Nick Mathewson2013-12-18
* | Set CREATE_NO_WINDOW in tor_spawn_background.•••This flag prevents the creation of a console window popup on Windows. We need it for pluggable transport executables--otherwise you get blank console windows when you launch the 3.x browser bundle with transports enabled. http://msdn.microsoft.com/en-us/library/ms684863.aspx#CREATE_NO_WINDOW The browser bundles that used Vidalia used to set this flag when launching tor itself; it was apparently inherited by the pluggable transports launched by tor. In the 3.x bundles, tor is launched by some JavaScript code, which doesn't have the ability to set CREATE_NO_WINDOW. tor itself is now being compiled with the -mwindows option, so that it is a GUI application, not a console application, and doesn't show a console window in any case. This workaround doesn't work for pluggable transports, because they need to be able to write control messages to stdout. https://trac.torproject.org/projects/tor/ticket/9444#comment:30 David Fifield2013-12-05
* | Restore prop198 behavior from 4677 patch•••The previous commit from piet would have backed out some of proposal 198 and made servers built without the V2 handshake not use the unrestricted cipher list from prop198. Bug not in any released Tor. Nick Mathewson2013-11-25
* | Restore ability to build with V2_HANDSHAKE_SERVER•••Fixes bug 4677; bugfix on 0.2.3.2-alpha. Fix by "piet". Nick Mathewson2013-11-25
* | Avoid warning about impossible check for flags & 0•••Fixes CID 743381 Nick Mathewson2013-11-22
* | Handle unlikely negative time in tor_log_err_sigsafe•••Coverity wants this; CID 1130990. Nick Mathewson2013-11-22
* | Add a _GNU_SOURCE definition to backtrace.c to fix compilationNick Mathewson2013-11-18
* | Whoops -- add missing defined().Nick Mathewson2013-11-18
* | Make header includes match declarations in pc_from_ucontext.m4•••With any luck, this will clean up errors where we detect that REG_{EIP,RIP} is present in autoconf, but when we go to include it, it isn't there. Nick Mathewson2013-11-18
* | Fix compilation under openssl 0.9.8•••It's not nice to talk about NID_aes_{128,256}_{ctr,gcm} when they don't exist. Fix on 84458b79a78ea7e26820bf0; bug not in any released Tor. Nick Mathewson2013-11-18
* | Fix whitespaceNick Mathewson2013-11-18
* | Log more OpenSSL engine statuses at startup.•••Fixes ticket 10043; patch from Joshua Datko. Nick Mathewson2013-11-18
* | Merge branch 'backtrace_squashed'•••Conflicts: src/common/sandbox.c src/common/sandbox.h src/common/util.c src/or/main.c src/test/include.am src/test/test.c Nick Mathewson2013-11-18
|\ \
| * | Refactor format_*_number_sigsafe to have a common implementationNick Mathewson2013-11-18
| * | Reseolve DOCDOC and XXXXs in backtrace.cNick Mathewson2013-11-18
| * | Make backtrace handler handle signals correctly.•••This meant moving a fair bit of code around, and writing a signal cleanup function. Still pretty nice from what I can tell, though. Nick Mathewson2013-11-18
| * | Improve new assertion message logging•••Don't report that a failure happened in the assertion_failed function just because we logged it from there. Nick Mathewson2013-11-18
| * | Add a sighandler-safe logging mechanism•••We had accidentially grown two fake ones: one for backtrace.c, and one for sandbox.c. Let's do this properly instead. Now, when we configure logs, we keep track of fds that should get told about bad stuff happening from signal handlers. There's another entry point for these that avoids using non-signal-handler-safe functions. Nick Mathewson2013-11-18
| * | Basic backtrace ability•••On platforms with the backtrace/backtrace_symbols_fd interface, Tor can now dump stack traces on assertion failure. By default, I log them to DataDir/stack_dump and to stderr. Nick Mathewson2013-11-18
| * | Refactor the assertion-failure code into a functionNick Mathewson2013-07-19
| * | Add a signal-safe decimal formatting functionNick Mathewson2013-07-19
* | | Merge remote-tracking branch 'origin/maint-0.2.4'•••Conflicts: src/or/relay.c Conflict changes were easy; compilation fixes required were using using TOR_SIMPLEQ_FIRST to get head of cell queue. Nick Mathewson2013-11-15
|\ \ \ | | |/ | |/|
| * | Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4•••Conflicts: src/or/or.h src/or/relay.c Conflicts were simple to resolve. More fixes were needed for compilation, including: reinstating the tv_to_msec function, and renaming *_conn_cells to *_chan_cells. Nick Mathewson2013-11-15
| |\ \
* | | | Merge remote-tracking branch 'origin/maint-0.2.4'Nick Mathewson2013-10-31
|\| | |
| * | | Merge remote-tracking branch 'public/bug9780_024_v2' into maint-0.2.4Nick Mathewson2013-10-31
| |\ \ \
| | * | | Switch ECDHE group default logic for bridge/relay TLS•••According to the manpage, bridges use P256 for conformity and relays use P224 for speed. But skruffy points out that we've gotten it backwards in the code. In this patch, we make the default P256 for everybody. Fixes bug 9780; bugfix on 0.2.4.8-alpha. Nick Mathewson2013-10-08
| * | | | Merge remote-tracking branch 'public/bug6055_v2_024' into maint-0.2.4Nick Mathewson2013-10-31
| |\ \ \ \
* | \ \ \ \ Merge branch 'bug1376'Nick Mathewson2013-10-11
|\ \ \ \ \ \
| * | | | | | Fix some whitespace; tighten the tests.Nick Mathewson2013-10-11
| * | | | | | Added test for new write_chunks_to_file behaviour in #1376.Kevin Butler2013-09-04
| * | | | | | Added no_tempfile parameter to write_chunks_to_file to do non-atomic writes. ...Kevin Butler2013-09-01
* | | | | | | Merge remote-tracking branch 'origin/maint-0.2.4'Nick Mathewson2013-10-10
|\ \ \ \ \ \ \ | | |/ / / / / | |/| | | | |
| * | | | | | Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4Nick Mathewson2013-10-10
| |\ \ \ \ \ \ | | | |_|_|/ / | | |/| | | |
| | * | | | | Fix unit test for format_helper_exit_status•••Fix format_helper_exit_status to allow full HEX_ERRNO_SIZE answers, *and* increase the buffer length again. Nick Mathewson2013-10-10
* | | | | | | Merge remote-tracking branch 'origin/maint-0.2.4'Nick Mathewson2013-10-10
|\| | | | | |
| * | | | | | Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4Nick Mathewson2013-10-10
| |\| | | | |
| | * | | | | Raise buffer size, fix checks for format_exit_helper_status.•••This is probably not an exploitable bug, since you would need to have errno be a large negative value in the unix pluggable-transport launcher case. Still, best avoided. Fixes bug 9928; bugfix on 0.2.3.18-rc. Nick Mathewson2013-10-08
* | | | | | | Merge remote-tracking branch 'origin/maint-0.2.4'Nick Mathewson2013-10-08
|\| | | | | |
| * | | | | | When examining interfaces to find an address, discard non-up ones.•••Patch from "hantwister" on trac. Fixes bug #9904; bugfix on 0.2.3.11-alpha. Nick Mathewson2013-10-08
| | |_|_|/ / | |/| | | |
* | | | | | Merge remote-tracking branch 'public/bug6055_v2_024'Nick Mathewson2013-09-25
|\ \ \ \ \ \ | | |_|_|/ / | |/| | | |
| * | | | | Re-enable TLS 1.[12] when building with OpenSSL >= 1.0.1e•••To fix #6033, we disabled TLS 1.1 and 1.2. Eventually, OpenSSL fixed the bug behind #6033. I've considered alternate implementations that do more testing to see if there's secretly an OpenSSL 1.0.1c or something that secretly has a backport of the OpenSSL 1.0.1e fix, and decided against it on the grounds of complexity. Nick Mathewson2013-09-25
| |/ / / /
* | | | | Fix a memory leak on getaddrinfo in sandbox. Found by coverityNick Mathewson2013-09-16
* | | | | Clean up malloc issues in sandbox.c•••tor_malloc returns void *; in C, it is not necessary to cast a void* to another pointer type before assigning it. tor_malloc fails with an error rather than returning NULL; it's not necessary to check its output. (In one case, doing so annoyed Coverity.) Nick Mathewson2013-09-16
* | | | | Merge remote-tracking branch 'Ryman/bug6384'•••Conflicts: src/or/config.c src/or/main.c Nick Mathewson2013-09-13
|\ \ \ \ \