| Commit message (Expand) | Author | Age |
|---|
| * | Avoid false positives from proxy_mode()•••Previously it would erroneously return true if ListenAddr was set for
a client port, even if that port itself was 0. This would give false
positives, which were not previously harmful... but which were about
to become.
| Nick Mathewson | 2011-04-28 |
| * | Fix a log msg | Sebastian Hahn | 2011-04-26 |
| * | If we're excluded, and StrictNodes is set, do not do self-tests. | Nick Mathewson | 2011-04-26 |
| * | three more cases where maybe we want to exclude | Roger Dingledine | 2011-04-26 |
| * | Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 | Nick Mathewson | 2011-03-14 |
| |\ |
|
| | * | we're not reachable if we don't have a routerinfo yet | Roger Dingledine | 2011-03-13 |
| * | | Don't let bad DNS make exit policy and declared exit policy get out of sync•••Patch from "postman" on trac. Fixes bg 2366. Bug on 0.1.2.5-alpha.
| Nick Mathewson | 2011-02-22 |
| * | | Don't crash a bridge authority on SIGHUP if it's not in the consensus•••Fixes bug 2572.
| Robert Ransom | 2011-02-16 |
| * | | Sanity-check consensus param values•••We need to make sure that the worst thing that a weird consensus param
can do to us is to break our Tor (and only if the other Tors are
reliably broken in the same way) so that the majority of directory
authorities can't pull any attacks that are worse than the DoS that
they can trigger by simply shutting down.
One of these worse things was the cbtnummodes parameter, which could
lead to heap corruption on some systems if the value was sufficiently
large.
This commit fixes this particular issue and also introduces sanity
checking for all consensus parameters.
| Sebastian Hahn | 2011-01-15 |
| * | | Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2•••Conflicts:
src/common/test.h
src/or/test.c
| Nick Mathewson | 2011-01-03 |
| |\| |
|
| | * | Bump copyright statements to 2011 | Nick Mathewson | 2011-01-03 |
| | * | finally get rid of "clique mode" | Roger Dingledine | 2010-04-23 |
| * | | Avoid dereferencing NULL if a bridge fails to build an ei descriptor.•••Reported by an anonymous commenter on Trac.
| Robert Ransom | 2010-11-24 |
| | | | |
| | \ | |
| *-. \ | Merge branch 'fix2183', remote branch 'rransom/fix2195-v2' into maint-0.2.2 | Nick Mathewson | 2010-11-19 |
| |\ \ \ |
|
| | | * | | Fix logic error in router_dump_router_to_string.•••Spotted by Nick Mathewson.
| Robert Ransom | 2010-11-19 |
| | | * | | Generate a router descriptor even if generating an extra-info descriptor fails.•••Fixes bug #2195.
| Robert Ransom | 2010-11-17 |
| | | * | | Do not emit an extra-info-digest descriptor line if the digest is zero. | Robert Ransom | 2010-11-17 |
| | * | | | Add comments to some of the bug2183 fix code | Nick Mathewson | 2010-11-19 |
| | * | | | Tweak the bugfix for 2183 a bit more. | Karsten Loesing | 2010-11-17 |
| | * | | | Don't use log_err for non-criticial warnings. | Karsten Loesing | 2010-11-15 |
| | * | | | Try harder not to exceed the 50 KB extra-info descriptor limit.•••Our checks that we don't exceed the 50 KB size limit of extra-info
descriptors apparently failed. This patch fixes these checks and reserves
another 250 bytes for appending the signature. Fixes bug 2183.
| Karsten Loesing | 2010-11-15 |
| | |/ / |
|
| * / / | Change Natd into NATD in our options.•••Breaking this out of the last commit because this might be more
controversial.
| Sebastian Hahn | 2010-11-10 |
| |/ / |
|
| * | | Properly refcount client_identity_key•••In a2bb0bf we started using a separate client identity key. When we are
in "public server mode" (that means not a bridge) we will use the same
key. Reusing the key without doing the proper refcounting leads to a
segfault on cleanup during shutdown. Fix that.
Also introduce an assert that triggers if our refcount falls below 0.
That should never happen.
| Sebastian Hahn | 2010-10-26 |
| * | | Fix a whitespace error | Nick Mathewson | 2010-10-21 |
| * | | Add some asserts to get_{tlsclient|server}_identity_key•••We now require that:
- Only actual servers should ever call get_server_identity_key
- If you're being a client or bridge, the client and server keys should
differ.
- If you're being a public relay, the client and server keys
should be the same.
| Nick Mathewson | 2010-10-21 |
| * | | Rename get_client_identity_key to get_tlsclient_identity_key | Nick Mathewson | 2010-10-21 |
| * | | Maintain separate server and client identity keys when appropriate.•••Fixes a bug described in ticket #988.
| Robert Ransom | 2010-10-04 |
| * | | Maintain separate server and client TLS contexts.•••Fixes bug #988.
| Robert Ransom | 2010-10-04 |
| * | | Refactor tor_tls_context_new:•••* Make tor_tls_context_new internal to tortls.c, and return the new
tor_tls_context_t from it.
* Add a public tor_tls_context_init wrapper function to replace it.
| Robert Ransom | 2010-10-04 |
| * | | Add public_server_mode function. | Robert Ransom | 2010-10-04 |
| * | | fix comment | Roger Dingledine | 2010-10-01 |
| * | | log when we guess our ip address, not just when we fail | Roger Dingledine | 2010-10-01 |
| * | | changelog entry for bug1751 | Roger Dingledine | 2010-09-27 |
| * | | Change bug1751 enabling code based on comments from arma | Nick Mathewson | 2010-09-27 |
| * | | First cut of code to enable RefuseUnknownExits•••The RefuseUnknownExits config option is now a tristate, with "1"
meaning "enable it no matter what the consensus says", "0" meaning
"disable it no matter what the consensus says", and "auto" meaning "do
what the consensus says". If the consensus is silent, we enable
RefuseUnknownExits.
This patch also changes the dirserv logic so that refuseunknownexits
won't make us cache unless we're an exit.
| Nick Mathewson | 2010-09-21 |
| * | | Create routerparse.h | Sebastian Hahn | 2010-07-27 |
| * | | Create rephist.h | Sebastian Hahn | 2010-07-27 |
| * | | Create relay.h | Sebastian Hahn | 2010-07-27 |
| * | | Create policies.h | Sebastian Hahn | 2010-07-27 |
| * | | Create main.h | Sebastian Hahn | 2010-07-27 |
| * | | Create hibernate.h | Sebastian Hahn | 2010-07-27 |
| * | | Create dns.h | Sebastian Hahn | 2010-07-27 |
| * | | Create dirserv.h | Sebastian Hahn | 2010-07-27 |
| * | | Create directory.h | Sebastian Hahn | 2010-07-27 |
| * | | Create control.h | Sebastian Hahn | 2010-07-27 |
| * | | Create connection.h | Sebastian Hahn | 2010-07-27 |
| * | | Create config.h | Sebastian Hahn | 2010-07-27 |
| * | | Create circuituse.h | Sebastian Hahn | 2010-07-27 |
| * | | Create circuitlist.h | Sebastian Hahn | 2010-07-27 |
| * | | Create routerlist.h | Sebastian Hahn | 2010-07-27 |