| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2012-05-10 | Add changes/bug5760 | Ravi Chandra Padmala | |
| 2012-05-10 | Add missing CRLFs to AUTHCHALLENGE failure replies | Ravi Chandra Padmala | |
| Fix #5760 | |||
| 2012-05-07 | Handle out-of-range values in tor_parse_* integer functions | Nick Mathewson | |
| The underlying strtoX functions handle overflow by saturating and setting errno to ERANGE. If the min/max arguments to the tor_parse_* functions are equal to the minimum/maximum of the underlying type, then with the old approach, we wouldn't treat a too-large value as genuinely broken. Found this while looking at bug 5786; bugfix on 19da1f36 (in Tor 0.0.9), which introduced these functions. | |||
| 2012-05-07 | Update to the May 2012 GeoIP database. | Karsten Loesing | |
| 2012-04-18 | Fix a log-uninitialized-buffer bug. | Nick Mathewson | |
| Fix for 5647; bugfix on 0.2.1.5-alpha. | |||
| 2012-04-18 | rend_service_introduce(): do protocol violation check before anything else. | George Kadianakis | |
| (Cherry-picked from 6ba13e4 by nickm) | |||
| 2012-04-11 | Merge branch 'bug5593' into maint-0.2.2 | Nick Mathewson | |
| 2012-04-11 | Update to the April 2012 GeoIP database. | Karsten Loesing | |
| 2012-04-10 | Include a Host: header with any HTTP/1.1 proxy request | Nick Mathewson | |
| Bugfix on 0.2.2.1-alpha, which added the orginal HTTP proxy authentication code. Fix for bug 5593. | |||
| 2012-04-04 | Wrap long line; strlen("ides")<strlen("turtles"). | Nick Mathewson | |
| 2012-04-05 | ides has become turtles, and gotten a new IP address | Sebastian Hahn | |
| As per ticket 5569 | |||
| 2012-04-01 | put a _ before or_options_t elements that aren't configurable | Roger Dingledine | |
| it's fine with me if we change the current convention, but we should actually decide to change it if we want to. | |||
| 2012-04-01 | BridgePassword was never for debugging | Roger Dingledine | |
| It is for the not-yet-implemented bridge community design. | |||
| 2012-04-01 | Do not use strcmp() to compare an http authenticator to its expected value | Nick Mathewson | |
| This fixes a side-channel attack on the (fortunately unused!) BridgePassword option for bridge authorities. Fix for bug 5543; bugfix on 0.2.0.14-alpha. | |||
| 2012-03-26 | Safe cookie authentication gets a changes file | Nick Mathewson | |
| 2012-03-26 | Merge remote-tracking branch 'rransom-tor/safecookie-022-v3' into maint-0.2.2 | Nick Mathewson | |
| 2012-03-26 | Merge commit 'a5704b1c624c9a808f52f3a125339f00e2b9a378' into maint-0.2.2 | Nick Mathewson | |
| 2012-03-09 | Use a given name in the bug5090 message, at its holder's request. | Nick Mathewson | |
| 2012-03-09 | Never choose a bridge as an exit. Bug 5342. | Nick Mathewson | |
| 2012-03-09 | Revise "sufficient exit nodes" check to work with restrictive ExitNodes | Nick Mathewson | |
| If you set ExitNodes so that only 1 exit node is accepted, the previous patch would have made you unable to build circuits. | |||
| 2012-03-09 | Merge branch 'bug5343' into maint-0.2.2 | Nick Mathewson | |
| 2012-03-09 | Oops; credit bug5090 patch to flupzor. estebanm only found the bug. | Nick Mathewson | |
| 2012-03-09 | Correctly handle broken escape sequences in torrc values | Nick Mathewson | |
| Previously, malformatted torrc values could crash us. Patch by Esteban Manchado. Fixes bug 5090; fix on 0.2.0.16-alpha. | |||
| 2012-03-08 | Require a threshold of exit nodes before building circuits | Nick Mathewson | |
| This mitigates an attack proposed by wanoskarnet, in which all of a client's bridges collude to restrict the exit nodes that the client knows about. Fixes bug 5343. | |||
| 2012-03-08 | Fix compile warnings in openbsd malloc | Sebastian Hahn | |
| 2012-03-08 | Merge remote-tracking branch 'karsten/geoip-march2012' into maint-0.2.2 | Nick Mathewson | |
| 2012-03-08 | Update to the March 2012 GeoIP database. | Karsten Loesing | |
| 2012-02-29 | new ip address for maatuska | Roger Dingledine | |
| 2012-02-22 | Implement 'safe cookie authentication' | Robert Ransom | |
| 2012-02-22 | Add a sha256 hmac function, with tests | Nick Mathewson | |
| (cherry picked from commit fdbb9cdf746bbf0c39c34188baa8872471183ff7) | |||
| 2012-02-10 | Properly protect paths to sed, sha1sum, openssl | Sebastian Hahn | |
| in Makefile.am, we used it without quoting it, causing build failure if your openssl/sed/sha1sum happened to live in a directory with a space in it (very common on windows) | |||
| 2012-02-10 | Downgrade "missing a certificate" from notice to info | Nick Mathewson | |
| It was apparently getting mistaken for a problem, even though it was at notice. Fixes 5067; fix on 0.2.0.10-alpha. | |||
| 2012-02-10 | Use correct CVE number for CVE-2011-4576. Found by fermenthor. bug 5066 | Nick Mathewson | |
| 2012-02-09 | Merge branch 'maint-0.2.1' into maint-0.2.2 | Roger Dingledine | |
| 2012-02-09 | Revert "add a "docs" to the manual URI as listed in torrc.sample.in" | Roger Dingledine | |
| This reverts commit 55e8cae81553678ec77ce6b8fb1bf2d5e483e0aa. The conversation from irc: > weasel: i had intended to leave torrc.sample.in alone in maint-0.2.2, since i don't want to make all your stable users have to deal with a torrc change. but nickm changed it. is it in fact the case that a change in that file means a change in the deb? <weasel> it means you'll prompt every single user who ever touched their torrc <weasel> and they will be asked if they like your new version better than what they have right now <weasel> so it's not great Instead I changed the website to redirect requests for the tor-manual URL listed in maint-0.2.2's torrc.sample.in so the link will still work. | |||
| 2012-02-09 | Update to the February 2012 GeoIP database.maint-0.2.1 | Karsten Loesing | |
| 2012-02-08 | add a "docs" to the manual URI as listed in torrc.sample.in | Nick Mathewson | |
| 2012-02-02 | Update "ClientOnly" man page entry | Roger Dingledine | |
| There isn't really any point to messing with it. Resolves ticket 5005. | |||
| 2012-01-18 | Merge remote-tracking branch 'public/bug4533_part2' into maint-0.2.2 | Nick Mathewson | |
| 2012-01-18 | Documentation for GiveGuardFlagTo... option | Nick Mathewson | |
| 2012-01-18 | Fix SOCKET_OK test on win64. | Nick Mathewson | |
| Bugfix on 0.2.2.29-beta; partial fix for 4533; found by wanoskarnet | |||
| 2012-01-11 | Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 | Nick Mathewson | |
| 2012-01-11 | Fix a compilation warning for our bug4822 fix on 64-bit linux | Nick Mathewson | |
| 2012-01-09 | Fix comment about TLSv1_method() per comments by wanoskarnet | Nick Mathewson | |
| 2012-01-09 | Fix a trivial log message error in renservice.c | Nick Mathewson | |
| Fixes bug 4856; bugfix on 0.0.6 This bug was introduced in 79fc5217, back in 2004. | |||
| 2012-01-08 | when the consensus fails, list which dir auths were in or out | Roger Dingledine | |
| 2012-01-08 | nickname, not identity fingerprint, will help more | Roger Dingledine | |
| 2012-01-08 | tell me who votes are actually for, not just where they're from | Roger Dingledine | |
| 2012-01-08 | add a note from wanoskarnet | Roger Dingledine | |
| he disagrees about what the code that we decided not to use would do | |||
| 2012-01-05 | Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 | Nick Mathewson | |
 |
index : tor | |
| Transit encryption and privacy out of the box | The Tor Project |
| aboutsummaryrefslogtreecommitdiff |