aboutsummaryrefslogtreecommitdiff
path: root/src
Commit message (Collapse)AuthorAge
* Add an SLIST_ENTRY definition back on non-win32Nick Mathewson2012-11-03
| | | | | | Otherwise we break openbsd headers. Fixes bug 7293; bug not on any released Tor.
* Avoid c99 designated initializers in circuitmux_ewma.cNick Mathewson2012-11-02
| | | | | | | | | | | | | We still want to build on compilers w/o c99 support, such as (notoriously, shamefully) MSVC. So I'm commenting out the designated initializers in circuitmux_ewma.c. The alternative would have been to use some kind of macros to use designated initializers only when they're supported, but that's error-prone, and can lead to code having different meanings under different compilers. Bug 7286; fix on 0.2.4.4-alpha; spotted by Gisle Vanem.
* Rename SLIST_ENTRY to TOR_SLIST_ENTRY to fix windows compilationNick Mathewson2012-11-01
| | | | | | Apparently winnt.h defines a different SLIST_ENTRY of its own. Bug not in any version of Tor.
* Fix whitespaceNick Mathewson2012-10-31
|
* Add a copy of the queue(3) manpage to the git repository.Nick Mathewson2012-10-30
| | | | See 7105
* Merge branch 'bsd_queue' of ssh://git-rw.torproject.org/nickm/torAndrea Shepard2012-10-30
|\
| * Try refactoring channel list to use HT_ and LIST_ stuff directlyNick Mathewson2012-10-12
| |
| * Use SIMPLEQ, not smartlist_t, for channel cell queues.Nick Mathewson2012-10-12
| | | | | | | | This lets us use fewer memory allocations, and avoid O(n^2) iterations
| * Add a copy of OpenBSD's sys/queue.h as tor_queue.hNick Mathewson2012-10-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There are as many divergent implementations of sys/queue.h as there are operating systems shipping it, it would seem. They have some code in common, but have drifted apart, and have added other stuff named differently. So I'm taking a relatively sane one, and hoping for the best. I'm taking OpenBSD's in particular because of the lack of external dependencies, the presence of a CIRCLEQ (we could use one of those in places), and the liberal licensing terms. I'm naming the file tor_queue.h, since historically we've run into trouble having headers with the same names as system headers (log.h, for example.)
* | Fix undefined reference to libm functions linking tor-fw-helperAnthony G. Basile2012-10-28
| | | | | | | | | | | | | | | | | | | | | | When configuring tor without upnp support, ie ./configure --disable-upnp, tor-fw-helper fails to link with undefined references to `ceil' and `log'. This if fixed by linking to libm. X-Gentoo-Bug: 435040 X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=435040 Reported-by: Alexandre <alexandre.cortes@outlook.com> Signed-off-by: Anthony G. Basile <blueness@gentoo.org>
* | Merge remote-tracking branch 'asn/bug6832'Nick Mathewson2012-10-27
|\ \
| * | Add a unit test for the old crash input of tor_timegm().George Kadianakis2012-09-13
| | |
* | | bump to 0.2.4.5-alpha-devRoger Dingledine2012-10-26
| | |
* | | touch-upsRoger Dingledine2012-10-26
| | |
* | | Bump the version number to 0.2.4.5-alphaNick Mathewson2012-10-25
| | | | | | | | | | | | (For real this time. It turns out that 4 and 5 are different numbers.)
* | | Bump version to 0.2.4.5-alphaNick Mathewson2012-10-25
| | |
* | | Merge branch 'link_negotiation_assert_024'Nick Mathewson2012-10-25
|\ \ \
| * | | Fix a remotely triggerable assertion failure (CVE-2012-2250)Nick Mathewson2012-10-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If we completed the handshake for the v2 link protocol but wound up negotiating the wong protocol version, we'd become so confused about what part of the handshake we were in that we'd promptly die with an assertion. This is a fix for CVE-2012-2250; it's a bugfix on 0.2.3.6-alpha. All servers running that version or later should really upgrade. Bug and fix from "some guy from France." I tweaked his code slightly to make it log the IP of the offending node, and to forward-port it to 0.2.4.
* | | | Change changes file and comment for 7189, for making it 0.2.4-only for nowNick Mathewson2012-10-24
| | | |
* | | | Merge remote-tracking branch 'public/bug7189_tentative'Nick Mathewson2012-10-24
|\ \ \ \ | |/ / / |/| | |
| * | | Only disable TLS tickets when being/acting as a server.Nick Mathewson2012-10-24
| | | | | | | | | | | | | | | | Fix for bug 7189.
| * | | Make unit test for bug7191 work with new smartlist_new() nameNick Mathewson2012-10-23
| | | |
| * | | Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3Nick Mathewson2012-10-23
| |\ \ \
| | * | | Add some unit tests for smartlist_bsearch_idx() on short listsAndrea Shepard2012-10-23
| | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: src/test/test_containers.c
| | * | | Fix binary search on lists of 0 or 1 element.Nick Mathewson2012-10-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The implementation we added has a tendency to crash with lists of 0 or one element. That can happen if we get a consensus vote, v2 consensus, consensus, or geoip file with 0 or 1 element. There's a DOS opportunity there that authorities could exploit against one another, and which an evil v2 authority could exploit against anything downloading v2 directory information.. This fix is minimalistic: It just adds a special-case for 0- and 1-element lists. For 0.2.4 (the current alpha series) we'll want a better patch. This is bug 7191; it's a fix on 0.2.0.10-alpha.
* | | | | Merge remote-tracking branch 'andrea/bug7191_v2'Nick Mathewson2012-10-23
|\ \ \ \ \
| * | | | | Add some unit tests for smartlist_bsearch_idx() on short listsAndrea Shepard2012-10-23
| | | | | |
| * | | | | Rewrite smartlist_bsearch_idx() to not be broken for lists of length zero or ↵Andrea Shepard2012-10-23
| | | | | | | | | | | | | | | | | | | | | | | | one (fixes bug 7191)
* | | | | | Merge branch 'maint-0.2.3'Roger Dingledine2012-10-23
|\ \ \ \ \ \ | | |/ / / / | |/| | | |
| * | | | | Let 0.2.3 clients exit to internal addresses if they wantRoger Dingledine2012-10-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Clients now consider the ClientRejectInternalAddresses config option when using a microdescriptor consensus stanza to decide whether an exit relay would allow exiting to an internal address. Fixes bug 7190; bugfix on 0.2.3.1-alpha.
* | | | | | fix typoRoger Dingledine2012-10-23
| | | | | |
* | | | | | Merge remote-tracking branch 'origin/maint-0.2.3'Nick Mathewson2012-10-23
|\| | | | | | |/ / / / |/| | | |
| * | | | Fix parse_short_policy (bug 7192.)Nick Mathewson2012-10-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Our implementation of parse_short_policy was screwed up: it would ignore the last character of every short policy. Obviously, that's broken. This patch fixes the busted behavior, and adds a bunch of unit tests to make sure the rest of that function is okay. Fixes bug 7192; fix on 0.2.3.1-alpha.
| * | | | add a unit test to expose bug 7192Roger Dingledine2012-10-22
| | | | |
| * | | | Merge branch 'block_renegotiate_023' into maint-0.2.3Nick Mathewson2012-10-19
| |\ \ \ \
| | * | | | Discard extraneous renegotiation attempts in the v3 link protocolNick Mathewson2012-10-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Failure to do so left us open to a remotely triggerable assertion failure. Fixes CVE-2012-2249; bugfix on 0.2.3.6-alpha. Reported by "some guy from France".
* | | | | | Fix more madness from the split_circuitbuild mergeNick Mathewson2012-10-22
| | | | | |
* | | | | | Kill extraneous x from 907db008ab0007f0a02Nick Mathewson2012-10-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Looks like clang doesn't complain about this kind of thing. Spotted by Andrea. Bug not in any released version.
* | | | | | Merge branch 'split_circuitbuild'Nick Mathewson2012-10-22
|\ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: src/or/circuitbuild.c There was a huge-looking conflict in circuitbuild.c, but the only change that had been made to circuitbuild.c since I forked off the split_circuitbuild branch was 17442560c44e8093f9a. So I took the split_circuitbuild version of the conflicting part, and manually re-applied the change from 17442560c44e8093f9a..
| * | | | | | Move the circuit build timeout code into its own file.Nick Mathewson2012-10-15
| | | | | | |
| * | | | | | Split code for entry guards and bridges into a new module.Nick Mathewson2012-10-15
| | | | | | |
* | | | | | | bump to 0.2.4.4-alpha-devRoger Dingledine2012-10-21
| | | | | | |
* | | | | | | bump to 0.2.4.4-alphaRoger Dingledine2012-10-20
| | | | | | |
* | | | | | | Merge branch 'block_renegotiate_024'Nick Mathewson2012-10-19
|\ \ \ \ \ \ \
| * | | | | | | Discard extraneous renegotiation attempts in the v3 link protocolNick Mathewson2012-10-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Failure to do so left us open to a remotely triggerable assertion failure. Fixes CVE-2012-2249; bugfix on 0.2.3.6-alpha. Reported by "some guy from France". This patch is a forward-port to 0.2.4, to work with the new channel logic.
* | | | | | | | Merge remote-tracking branch 'origin/maint-0.2.3'Nick Mathewson2012-10-19
|\ \ \ \ \ \ \ \ | | |_|/ / / / / | |/| | | | | |
| * | | | | | | Don't serve or accept v2 HS descs over a DirPortRobert Ransom2012-10-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (changes file tweaked by nickm)
* | | | | | | | Merge remote-tracking branch 'origin/maint-0.2.3'Nick Mathewson2012-10-19
|\| | | | | | |
| * | | | | | | Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3Nick Mathewson2012-10-19
| |\ \ \ \ \ \ \ | | |_|_|/ / / / | |/| | | / / / | | | |_|/ / / | | |/| | | |
| | * | | | | Disable TLS Session Tickets, which we were apparently getting for freeNick Mathewson2012-10-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | OpenSSL 1.0.0 added an implementation of TLS session tickets, a "feature" that let session resumption occur without server-side state by giving clients an encrypted "ticket" that the client could present later to get the session going again with the same keys as before. OpenSSL was giving the keys to decrypt these tickets the lifetime of the SSL contexts, which would have been terrible for PFS if we had long-lived SSL contexts. Fortunately, we don't. Still, it's pretty bad. We should also drop these, since our use of the extension stands out with our non-use of session cacheing. Found by nextgens. Bugfix on all versions of Tor when built with openssl 1.0.0 or later. Fixes bug 7139.