Merge remote branch 'origin/maint-0.2.2'

Conflicts:
	configure.in
	contrib/tor-mingw.nsi.in
	src/win32/orconfig.h

6 files changed, 35 insertions, 21 deletions

diff --git a/ChangeLog b/ChangeLog
index 0bdecd0a84..b87449ab69 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,32 @@
+Changes in version 0.2.2.19-alpha - 2010-11-22
+  Yet another OpenSSL security patch broke its compatibility with Tor:
+  Tor 0.2.2.19-alpha makes relays work with OpenSSL 0.9.8p and 1.0.0.b.
+
+  o Major bugfixes:
+    - Resolve an incompatibility with OpenSSL 0.9.8p and OpenSSL 1.0.0b:
+      No longer set the tlsext_host_name extension on server SSL objects;
+      but continue to set it on client SSL objects. Our goal in setting
+      it was to imitate a browser, not a vhosting server. Fixes bug 2204;
+      bugfix on 0.2.1.1-alpha.
+
+  o Minor bugfixes:
+    - Try harder not to exceed the maximum length of 50 KB when writing
+      statistics to extra-info descriptors. This bug was triggered by very
+      fast relays reporting exit-port, entry, and dirreq statistics.
+      Reported by Olaf Selke. Bugfix on 0.2.2.1-alpha. Fixes bug 2183.
+    - Publish a router descriptor even if generating an extra-info
+      descriptor fails. Previously we would not publish a router
+      descriptor without an extra-info descriptor; this can cause fast
+      exit relays collecting exit-port statistics to drop from the
+      consensus. Bugfix on 0.1.2.9-rc; fixes bug 2195.
+
+
 Changes in version 0.2.2.18-alpha - 2010-11-16
+  Tor 0.2.2.18-alpha fixes several crash bugs that have been nagging
+  us lately, makes unpublished bridge relays able to detect their IP
+  address, and fixes a wide variety of other bugs to get us much closer
+  to a stable release.
+
   o Major bugfixes:
     - Do even more to reject (and not just ignore) annotations on
       router descriptors received anywhere but from the cache. Previously
diff --git a/changes/bug2183 b/changes/bug2183
deleted file mode 100644
index 01a8d76aca..0000000000
--- a/changes/bug2183
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Minor bugfixes:
-    - Try harder not to exceed the maximum length of 50 KB when writing
-      statistics to extra-info descriptors. This bug was triggered by very
-      fast relays reporting exit-port, entry, and dirreq statistics.
-      Reported by Olaf Selke. Bugfix on 0.2.2.1-alpha. Fixes bug 2183.
-
diff --git a/changes/bug2195 b/changes/bug2195
deleted file mode 100644
index 1724fd0e21..0000000000
--- a/changes/bug2195
+++ /dev/null
@@ -1,7 +0,0 @@
-  o Minor bugfixes
-    - Publish a router descriptor even if generating an extra-info
-      descriptor fails.  Previously we would not publish a router
-      descriptor without an extra-info descriptor; this can cause fast
-      exit relays collecting exit-port statistics to drop from the
-      consensus.  Bugfix on 0.1.2.9-rc; fixes bug 2195.
-
diff --git a/changes/fix2195-fix b/changes/fix2195-fix
new file mode 100644
index 0000000000..9f03c2465e
--- /dev/null
+++ b/changes/fix2195-fix
@@ -0,0 +1,6 @@
+  o Minor bugfixes:
+    - Do not dereference NULL if a bridge fails to build its
+      extra-info descriptor. Previously, we would have dereferenced
+      NULL. Found by an anonymous commenter on Trac. Bugfix on
+      0.2.2.19-alpha.
+
diff --git a/changes/fix2204 b/changes/fix2204
deleted file mode 100644
index fb2771a7fa..0000000000
--- a/changes/fix2204
+++ /dev/null
@@ -1,7 +0,0 @@
-  o Major bugfixes
-    - Do not set the tlsext_host_name extension on server SSL objects;
-      only on client SSL objects.  We set it to immitate a browser, not a
-      vhosting server. This resolves an incompatibility with openssl 0.9.8p
-      and openssl 1.0.0b.  Fixes bug 2204; bugfix on 0.2.1.1-alpha.
-
-
diff --git a/src/or/router.c b/src/or/router.c
index 5fbc9be342..1f3967d3d5 100644
--- a/src/or/router.c
+++ b/src/or/router.c
@@ -1524,7 +1524,7 @@ router_rebuild_descriptor(int force)
   /* Let bridges serve their own descriptors unencrypted, so they can
    * pass reachability testing. (If they want to be harder to notice,
    * they can always leave the DirPort off). */
-  if (!options->BridgeRelay)
+  if (ei && !options->BridgeRelay)
     ei->cache_info.send_unencrypted = 1;
 
   router_get_router_hash(ri->cache_info.signed_descriptor_body,