| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
| |
clang 3.4 introduced a new by-default warning about unused static
functions, which we triggered heavily for the hashtable and map function
generating macros. We can use __attribute__ ((unused)) (thanks nickm for
the suggestion :-) ) to silence these warnings.
|
| |
|
|
| |
sed -i 's/BN_free/BN_clear_free/g'
|
| |
|
|
|
|
|
|
|
|
|
| |
This fixes bug 10402, where the rdrand engine would use the rdrand
instruction, not as an additional entropy source, but as a replacement
for the entire userspace PRNG. That's obviously stupid: even if you
don't think that RDRAND is a likely security risk, the right response
to an alleged new alleged entropy source is never to throw away all
previously used entropy sources.
Thanks to coderman and rl1987 for diagnosing and tracking this down.
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
src/or/or.h
src/or/relay.c
Conflicts were simple to resolve. More fixes were needed for
compilation, including: reinstating the tv_to_msec function, and renaming
*_conn_cells to *_chan_cells.
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
According to the manpage, bridges use P256 for conformity and relays
use P224 for speed. But skruffy points out that we've gotten it
backwards in the code.
In this patch, we make the default P256 for everybody.
Fixes bug 9780; bugfix on 0.2.4.8-alpha.
|
| |\ \ \ |
|
| | |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
To fix #6033, we disabled TLS 1.1 and 1.2. Eventually, OpenSSL fixed
the bug behind #6033.
I've considered alternate implementations that do more testing to see
if there's secretly an OpenSSL 1.0.1c or something that secretly has a
backport of the OpenSSL 1.0.1e fix, and decided against it on the
grounds of complexity.
|
| |\ \ \
| | |/
| |/| |
|
| | | |
| | |
| | |
| | |
| | | |
Fix format_helper_exit_status to allow full HEX_ERRNO_SIZE answers,
*and* increase the buffer length again.
|
| |\| | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This is probably not an exploitable bug, since you would need to have
errno be a large negative value in the unix pluggable-transport launcher
case. Still, best avoided.
Fixes bug 9928; bugfix on 0.2.3.18-rc.
|
| | |/
|/|
| |
| |
| | |
Patch from "hantwister" on trac. Fixes bug #9904; bugfix on
0.2.3.11-alpha.
|
| | |
| |
| |
| |
| | |
Fix for bug 9400, spotted by coverity. Bug introduced in revision 2cb4f7a4
(subversion revision r389).
|
| | | |
|
| |\|
| |
| |
| |
| |
| | |
Conflicts:
src/or/config.c
src/or/relay.c
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This implements "algorithm 1" from my discussion of bug #9072: on OOM,
find the circuits with the longest queues, and kill them. It's also a
fix for #9063 -- without the side-effects of bug #9072.
The memory bounds aren't perfect here, and you need to be sure to
allow some slack for the rest of Tor's usage.
This isn't a perfect fix; the rest of the solutions I describe on
codeable.
|
| | | |
|
| | |
| |
| |
| |
| | |
This fixes bug 9047 (and some parts of 9031, 8922, 8883 that weren't
fixed in 8822). Bugfix on 0.2.2.6-alpha.
|
| | |
| |
| |
| |
| |
| |
| | |
This reverts commit 884a0e269c382f9e927d8c8b1ef4ef9d2d48379d.
I'm reverting this because it doesn't actually make the problem go
away. It appears that instead we need to do unmap-then-replace.
|
| |\ \ |
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
A comment by rransom on #8795 taken together with a comment by doorss
recorded on #2077 suggest that *every* attempt to replace the md cache
will fail on Vista/Win7 if we don't have the FILE_SHARE_DELETE flag
passed to CreateFile, and if we try to replace the file ourselves
before unmapping it. I'm adding the FILE_SHARE_DELETE, since that's
this simplest fix. Broken indexers (the favored #2077 hypothesis)
could still cause trouble here, but at least this patch should make us
stop stepping on our own feet.
Likely fix for #2077 and its numerous duplicates. Bugfix on
0.2.2.6-alpha, which first had a microdescriptor cache that would get
replaced before remapping it.
|
| | | |
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | | |
Conflicts:
src/or/dirserv.c
src/or/dirserv.h
src/test/test_dir.c
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Now we can compute the hash and signature of a dirobj before
concatenating the smartlist, and we don't need to play silly games
with sigbuf and realloc any more.
|
| |\ \ \ |
|
| | | | |
| | | |
| | | |
| | | | |
Fixes bug 8037; bugfix on 0.2.0.1-alpha; reported by cypherpunks.
|
| |\ \ \ \ |
|
| | | | | | |
|
| | | | | | |
|
| |\ \ \ \ \
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Conflicts:
doc/tor.1.txt
src/or/circuitbuild.c
src/or/config.c
src/or/or.h
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Fixes 8240.
(Don't actually increase the default guard lifetime. It seems likely to
break too many things if done precipitiously.)
|
| |\ \ \ \ \ \ |
|
| | | |_|_|/ /
| |/| | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Without this patch, there's no way to know what went wrong when we
fail to parse a torrc line entirely (that is, we can't turn it into
a K,V pair.) This patch introduces a new function that yields an
error message on failure, so we can at least tell the user what to
look for in their nonfunctional torrc.
(Actually, it's the same function as before with a new name:
parse_config_line_from_str is now a wrapper macro that the unit
tests use.)
Fixes bug 7950; fix on 0.2.0.16-alpha (58de695f9062576f) which first
introduced the possibility of a torrc value not parsing correctly.
|
| |\ \ \ \ \ \ |
|
| | |/ / / / /
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
There are two ways to use sysconf to ask about the number of
CPUs. When we're on a VM, we would sometimes get it wrong by asking
for the number of total CPUs (say, 64) when we should have been asking
for the number of CPUs online (say, 1 or 2).
Fix for bug 8002.
|
| | | | | | | |
|
| |\ \ \ \ \ \ |
|
| | | |_|/ / /
| |/| | | |
| | | | | |
| | | | | | |
Fixes ticket 6673.
|
| |\ \ \ \ \ \
| | |_|_|_|/
| |/| | | |
| | | | | |
| | | | | | |
Conflicts:
src/test/test_addr.c
|
| | | |_|/ /
| |/| | |
| | | | |
| | | | | |
Fixes bug 8377; bugfix on 0.2.1.3-alpha.
|
| | | | | |
| | | | |
| | | | |
| | | | | |
(Based on a patch from flupzor; bug #8206)
|
| |\ \ \ \ \
| |_|/ / /
|/| | | | |
|
| | | | | | |
|
| | | | | | |
|
| | | |/ /
| |/| | |
|
| |/ / /
| | |
| | |
| | |
| | | |
also, snap the start time and end time to a day boundary, since most
certs in the wild seem to do this.
|
| | | |
| | |
| | |
| | | |
Fixes bug 8209; bugfix on 0.2.3.1-alpha.
|
| |\ \ \ |
|