aboutsummaryrefslogtreecommitdiff
path: root/src
Commit message (Collapse)AuthorAge
* Merge remote-tracking branch 'public/update_ciphers_ff28'Nick Mathewson2014-04-08
|\
| * Update ciphers.inc to match ff28Nick Mathewson2014-04-08
| | | | | | | | | | | | | | | | | | | | | | | | The major changes are to re-order some ciphers, to drop the ECDH suites (note: *not* ECDHE: ECDHE is still there), to kill off some made-up stuff (like the SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA suite), to drop some of the DSS suites... *and* to enable the ECDHE+GCM ciphersuites. This change is autogenerated by get_mozilla_ciphers.py from Firefox 28 and OpenSSL 1.0.1g. Resolves ticket 11438.
| * Teach the get_mozilla_ciphers.py script to parse recent firefoxenNick Mathewson2014-04-08
| |
* | Merge remote-tracking branch 'origin/maint-0.2.4'Nick Mathewson2014-04-08
|\ \
| * | Fix a small memory leak when resolving PTR addressesNick Mathewson2014-04-07
| |/ | | | | | | | | | | Fixes bug 11437; bugfix on 0.2.4.7-alpha. Found by coverity; this is CID 1198198.
* | Merge remote-tracking branch 'public/bug11426'Nick Mathewson2014-04-08
|\ \
| * | Make csiphash use the proper endian-converter on solarisNick Mathewson2014-04-07
| | | | | | | | | | | | | | | fixes bug 11426; bugfix on 0.2.5.3-alpha, where csiphash was introduced.
* | | Merge branch 'bug2454_025_squashed'Nick Mathewson2014-04-08
|\ \ \
| * | | Check for new IP addr after circuit liveliness returnsMatthew Finkel2014-04-08
| | | | | | | | | | | | | | | | | | | | | | | | When we successfully create a usable circuit after it previously timed out for a certain amount of time, we should make sure that our public IP address hasn't changed and update our descriptor.
* | | | Move existing policy tests from test.c to new test_policy.cNick Mathewson2014-04-08
| | | |
* | | | Remove unused extern decl for a nonexistent test suiteNick Mathewson2014-04-08
| | | |
* | | | Merge branch 'bug7952_final'Nick Mathewson2014-04-08
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: src/test/include.am src/test/test.c
| * | | | Making entire exit policy available to Tor controller.rl19872014-04-08
| | | | |
* | | | | Merge remote-tracking branch 'public/bug4241'Nick Mathewson2014-04-08
|\ \ \ \ \
| * | | | | Drop MAX_REND_FAILURES to 8Nick Mathewson2014-04-02
| | | | | |
* | | | | | Merge remote-tracking branch 'public/bug9841_025'Nick Mathewson2014-04-08
|\ \ \ \ \ \
| * | | | | | Protocol_Warn when a rendezvous cookie is used twice.Nick Mathewson2014-04-04
| | | | | | |
| * | | | | | Test for circuit_set_rend_token(.,.,NULL)Nick Mathewson2014-04-04
| | | | | | |
| * | | | | | Merge remote-tracking branch 'public/bug9841_024_v2' into bug9841_025Nick Mathewson2014-04-04
| |\ \ \ \ \ \
| | * | | | | | Fix to 9841 fix: setting a token to NULL should clear itNick Mathewson2014-04-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Found by testing with chutney. The old behavior was "fail an assertion", which obviously isn't optimal. Bugfix on 8b9a2cb68b290e550695124d7ef0511225b451d5; bug not in any released version.
| * | | | | | | Tests for rend_token mapsNick Mathewson2014-02-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This gets coverage of everything except for the cases which should be impossible.
| * | | | | | | Tweak sign of rend_token params for consistencyNick Mathewson2014-02-13
| | | | | | | |
| * | | | | | | Merge remote-tracking branch 'public/bug9841_024_v2' into bug9841_025Nick Mathewson2014-02-13
| |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: src/or/circuitlist.c
| | * | | | | | Faster circuit_get_by_rend_token_and_purpose()Nick Mathewson2014-02-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | On busy servers, this function takes up something like 3-7% in different profiles, and gets invoked every time we need to participate as the midpoint in a hidden service. So maybe walking through a linked list of all the circuits here wasn't a good idea.
* | | | | | | | Fix some harmless/untriggerable memory leaks found by coverityNick Mathewson2014-04-07
| | | | | | | |
* | | | | | | | Merge remote-tracking branch 'public/bug10363_024_squashed'Nick Mathewson2014-04-07
|\ \ \ \ \ \ \ \
| * | | | | | | | Another 10363 instance -- this one in the eventdns.c codeNick Mathewson2014-04-07
| | | | | | | | |
| * | | | | | | | Another 10363 instance: this one in tor_memmem fallback codeNick Mathewson2014-04-07
| | | | | | | | |
| * | | | | | | | Fix undefined behavior with pointer addition in channeltls.cNick Mathewson2014-04-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In C, it's a bad idea to do this: char *cp = array; char *end = array + array_len; /* .... */ if (cp + 3 >= end) { /* out of bounds */ } because cp+3 might be more than one off the end of the array, and you are only allowed to construct pointers to the array elements, and to an element one past the end. Instead you have to say if (cp - array + 3 >= array_len) { /* ... */ } or something like that. This patch fixes two of these: one in process_versions_cell introduced in 0.2.0.10-alpha, and one in process_certs_cell introduced in 0.2.3.6-alpha. These are both tracked under bug 10363. "bobnomnom" found and reported both. See also 10313. In our code, this is likely to be a problem as we used it only if we get a nasty allocator that makes allocations end close to (void*)-1. But it's best not to have to worry about such things at all, so let's just fix all of these we can find.
* | | | | | | | | For missing transport, say "PT_MISSING" not "NO_ROUTE"Nick Mathewson2014-04-07
| | | | | | | | |
* | | | | | | | | Forward-port bug9665 fix to work with our fix for 11069Nick Mathewson2014-04-07
| | | | | | | | |
* | | | | | | | | Fix bug9665Fábio J. Bertinatto2014-04-07
| |_|_|_|_|_|/ / |/| | | | | | |
* | | | | | | | Merge remote-tracking branch 'public/bug9650'Nick Mathewson2014-04-05
|\ \ \ \ \ \ \ \
| * | | | | | | | check outputs from get_first_listener_addrport_stringNick Mathewson2014-03-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix for 9650; bugfix for 0.2.3.16-alpha.
* | | | | | | | | Merge remote-tracking branch 'public/bug10801_024'Nick Mathewson2014-04-05
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: src/common/address.c src/or/config.c
| * | | | | | | | | Make tor_addr_port_parse handle portless IPv6 addresses correctly.Nick Mathewson2014-04-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (Not a bugfix on any Tor release; before 10801_024, it didn't handle portless addresses at all.)
| * | | | | | | | | Add a test for default/port conflicts in tor_addr_port_parseNick Mathewson2014-04-05
| | | | | | | | | |
| * | | | | | | | | Don't do a DNS lookup on a bridge line addressNick Mathewson2014-03-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes bug 10801; bugfix on 07bf274d in 0.2.0.1-alpha.
* | | | | | | | | | Fix make_socket_reusable() on windows. Bug not in any released TorNick Mathewson2014-04-02
| | | | | | | | | |
* | | | | | | | | | Merge remote-tracking branch 'public/bug10081'Nick Mathewson2014-04-02
|\ \ \ \ \ \ \ \ \ \
| * | | | | | | | | | Don't warn when setsockopt(SO_REUSEABLE) on accept()ed socket says EINVALNick Mathewson2014-03-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This should fix bug10081. I believe this bug pertains to OSX behavior, not any Tor behavior change.
* | | | | | | | | | | Unit tests for connection_edge_process_resolved_cellNick Mathewson2014-04-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Also rename a function to be more accurate (resolve->resolved)
* | | | | | | | | | | Tests for resolved_cell_parseNick Mathewson2014-04-02
| | | | | | | | | | |
* | | | | | | | | | | Look at all of a RESOLVED cell; not just the first answer.Nick Mathewson2014-04-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Also, stop accepting the old kind of RESOLVED cells with no TTL fields; they haven't been sent since 0.1.1.6-alpha. This patch won't work without the fix to #10468 -- it will break DNSPorts unless they set the proper ipv4/6 flags on entry_connection_t.
* | | | | | | | | | | Extract code to handle RESOLVED cellsNick Mathewson2014-04-01
| |_|_|_|_|_|/ / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | No other changes have been made; only code has been moved.
* | | | | | | | | | Merge remote-tracking branch 'public/bug11278'Nick Mathewson2014-04-01
|\ \ \ \ \ \ \ \ \ \
| * | | | | | | | | | Free placeholder circid/chan->circuit map entries on exitNick Mathewson2014-03-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In circuitlist_free_all, we free all the circuits, removing them from the map as we go, but we weren't actually freeing the placeholder entries that we use to indicate pending DESTROY cells. Fix for bug 11278; bugfix on the 7912 code that was merged in 0.2.5.1-alpha
* | | | | | | | | | | Merge remote-tracking branch 'public/bug10468_024'Nick Mathewson2014-04-01
|\ \ \ \ \ \ \ \ \ \ \
| * | | | | | | | | | | Respond to AAAA requests on DNSPort with AAAA automapsNick Mathewson2014-03-27
| | |_|_|_|_|_|_|_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Other DNS+IPv6 problems remain, but at least this fixes the automapping. Fixes bug 10468; bugfix on 0.2.4.7-alpha.
| * | | | | | | | | | whitespace fixNick Mathewson2014-03-27
| | |_|/ / / / / / / | |/| | | | | | | |