| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2012-09-11 | bump to 0.2.2.39tor-0.2.2.39release-0.2.2 | Roger Dingledine | |
| 2012-09-11 | fold in 0.2.2.39 changelog items | Roger Dingledine | |
| 2012-09-11 | Merge branch 'maint-0.2.2' into release-0.2.2 | Roger Dingledine | |
| 2012-09-11 | Merge branch 'timegm_assert_v3_squashed' into maint-0.2.2 | Nick Mathewson | |
| 2012-09-11 | Fix assertion failure in tor_timegm. | Nick Mathewson | |
| Fixes bug 6811. | |||
| 2012-08-27 | Merge branch 'bug6690_022' into maint-0.2.2 | Nick Mathewson | |
| 2012-08-27 | Do not assert when comparing a null address/port against a policy | Nick Mathewson | |
| This can create a remote crash opportunity for/against directory authorities. | |||
| 2012-08-22 | Remove #6480 fix from 0.2.2.38 changelog - it was not included | Peter Palfrader | |
| 2012-08-12 | give 0.2.2.38 a release blurbtor-0.2.2.38 | Roger Dingledine | |
| 2012-08-11 | bump to 0.2.2.38, declare a release date | Roger Dingledine | |
| 2012-08-05 | bump to 0.2.2.37-dev | Roger Dingledine | |
| 2012-08-05 | fold in changes entries so far | Roger Dingledine | |
| 2012-08-03 | Merge remote-tracking branch 'origin/maint-0.2.2' into release-0.2.2 | Nick Mathewson | |
| 2012-08-03 | Try to clarify impact of bug 6537 | Nick Mathewson | |
| I don't personally agree that this is likely to be easy to exploit, and some initial experimention I've done suggests that cache-miss times are just plain too fast to get useful info out of when they're mixed up with the rest of Tor's timing noise. Nevertheless, I'm leaving Robert's initial changelog entry in the git history so that he can be the voice of reason if I'm wrong. :) | |||
| 2012-08-03 | Mitigate a side-channel leak of which relays Tor chooses for a circuit | Robert Ransom | |
| Tor's and OpenSSL's current design guarantee that there are other leaks, but this one is likely to be more easily exploitable, and is easy to fix. | |||
| 2012-08-03 | Clarify security impact of bug 6530 | Nick Mathewson | |
| 2012-08-03 | Avoid possible segfault when handling networkstatus vote with bad flavor | Nick Mathewson | |
| Fix for 6530; fix on 0.2.2.6-alpha. | |||
| 2012-07-06 | Revert to the May 2012 geoip db | Roger Dingledine | |
| The June 2012 db marks too many relays as country "A1". Addresses bug 6334. | |||
| 2012-06-13 | Update to the June 2012 GeoIP database. | Karsten Loesing | |
| Manually removed range 0.116.0.0 to 0.119.255.255 which Maxmind says is assigned to AT. This is very likely a bug in their database, because 0.0.0.0/8 is a reserved range. | |||
| 2012-06-07 | remove changes for bug6094, since it wasn't released heretor-0.2.2.37 | Roger Dingledine | |
| 2012-06-07 | Merge branch 'maint-0.2.2' into release-0.2.2 | Roger Dingledine | |
| 2012-06-07 | rransom points out vasprint is probably not the function | Roger Dingledine | |
| 2012-06-07 | Send a CRLF at the end of a STATUS_* event, not in the middle of it | Robert Ransom | |
| Fixes bug 6094; bugfix on commit 3a9351b57e528b1d0bd2e72bcf78db7c91b2ff8f. | |||
| 2012-06-05 | add release notes too | Roger Dingledine | |
| 2012-06-05 | bump to 0.2.2.37 | Roger Dingledine | |
| 2012-06-05 | schedule tomorrow as the 0.2.2.37 release day | Roger Dingledine | |
| 2012-06-05 | Merge branch 'maint-0.2.2' into release-0.2.2 | Roger Dingledine | |
| 2012-06-04 | Merge remote-tracking branch 'public/bug6007_strict_squashed' into maint-0.2.2 | Nick Mathewson | |
| 2012-06-04 | Merge remote-tracking branch 'public/bug6033' into maint-0.2.2 | Nick Mathewson | |
| 2012-06-04 | Kill non-open OR connections with any data on their inbufs. | Nick Mathewson | |
| This fixes a DoS issue where a client could send so much data in 5 minutes that they exhausted the server's RAM. Fix for bug 5934 and 6007. Bugfix on 0.2.0.20-rc, which enabled the v2 handshake. | |||
| 2012-06-02 | Work around a bug in OpenSSL 1.0.1's TLS 1.1 and TLS 1.2 support | Nick Mathewson | |
| It appears that when OpenSSL negotiates a 1.1 or 1.2 connection, and it decides to renegotiate, the client will send a record with version "1.0" rather than with the current TLS version. This would cause the connection to fail whenever both sides had OpenSSL 1.0.1, and the v2 Tor handshake was in use. As a workaround, disable TLS 1.1 and TLS 1.2. When a later version of OpenSSL is released, we can make this conditional on running a fixed version of OpenSSL. Alternatively, we could disable TLS 1.1 and TLS 1.2 only on the client side. But doing it this way for now means that we not only fix TLS with patched clients; we also fix TLS when the server has this patch and the client does not. That could be important to keep the network running well. Fixes bug 6033. | |||
| 2012-05-31 | add changes file for bug 5283 | Roger Dingledine | |
| I called it a bugfix on 0.2.0.10-alpha, since git commit e5885deab is where we introduced anonymized begin_dir connections. | |||
| 2012-05-31 | Make all begindir or one-hop circuits internal | Nick Mathewson | |
| This solves bug 5283, where client traffic could get sent over the same circuit as an anonymized connection to a directory, even if that circuit used an exit node unsuitable for clients. By marking the directory connection as needs_internal, we ensure that the (non-internal!) client-traffic connection won't be sent over the same circuit. | |||
| 2012-05-30 | Fix more clang format-nonliteral warnings (bug 5969) | Nick Mathewson | |
| 2012-05-30 | Add __attribute__(format)s for our varargs printf/scanf wrappers | Nick Mathewson | |
| It turns out that if you set the third argument of __attribute__(format) to 0, GCC and Clang will check the format argument without expecting to find variadic arguments. This is the correct behavior for vsnprintf, vasprintf, and vscanf. I'm hoping this will fix bug 5969 (a clang warning) by telling clang that the format argument to tor_vasprintf is indeed a format string. | |||
| 2012-05-24 | touch-up the changelogstor-0.2.2.36 | Roger Dingledine | |
| 2012-05-18 | fold in further changes files | Roger Dingledine | |
| 2012-05-18 | Merge branch 'maint-0.2.2' into release-0.2.2 | Roger Dingledine | |
| 2012-05-16 | Make the succeeding parse_http_time tests more obviously right | Nick Mathewson | |
| (When the correct answer is given in terms of seconds since the epoch, it's hard to be sure that it really is the right answer just by reading the code.) | |||
| 2012-05-16 | Merge branch 'bug5346_squashed' into maint-0.2.2 | Nick Mathewson | |
| 2012-05-16 | Fix month check in parse_http_time, add test | Sebastian Hahn | |
| 2012-05-16 | Remove more dubiosity in struct tm handling. related to bug5346 | Nick Mathewson | |
| 2012-05-16 | changes file for branch bug5346 | Nick Mathewson | |
| 2012-05-16 | Reject an additional type of bad date in parse_http_time | Nick Mathewson | |
| 2012-05-16 | Fix parse_http_time and add tests | Esteban Manchado Velázquez | |
| * It seems parse_http_time wasn't parsing correctly any date with commas (RFCs 1123 and 850). Fix that. * It seems parse_http_time was reporting the wrong month (they start at 0, not 1). Fix that. * Add some tests for parse_http_time, covering all three formats. | |||
| 2012-05-16 | Correct the bulletproofing of routerlist_insert() | Nick Mathewson | |
| The original code updated some variables, but forgot to remove a replaced old-routerdesc from rl->old_routers. Related to bug 1776. | |||
| 2012-05-15 | Clarify MaxCircuitDirtiness behavior with hidden services. Bug 5259. | Nick Mathewson | |
| 2012-05-15 | Merge branch 'bug5796_022_squashed' into maint-0.2.2 | Nick Mathewson | |
| 2012-05-15 | Fix a crash bug on SETCIRCUITPURPOSE. | Nick Mathewson | |
| 2012-05-15 | Merge remote-tracking branch 'karsten/geoip-may2012' into maint-0.2.2 | Nick Mathewson | |
 |
index : tor | |
| Transit encryption and privacy out of the box | The Tor Project |
| aboutsummaryrefslogtreecommitdiff |