aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2016-11-07Always increment delays by at least 1.Nick Mathewson
2016-11-07Avoid integer overflow in delay calculation.Nick Mathewson
2016-11-07Count HTTP 503 as a download failure.Nick Mathewson
Because as Teor puts it: "[Resetting on 503] is exactly what we don't want when relays are busy - imagine clients doing an automatic reset every time they DoS a relay..." Fixes bug 20593.
2016-11-07Adjust download schedules per teor's #20534 recommendataionsNick Mathewson
2016-11-07Merge branch 'maint-0.2.8' into maint-0.2.9Nick Mathewson
2016-11-07Merge branch 'maint-0.2.7' into maint-0.2.8Nick Mathewson
2016-11-07Merge branch 'maint-0.2.6' into maint-0.2.7Nick Mathewson
2016-11-07Merge branch 'maint-0.2.5' into maint-0.2.6Nick Mathewson
2016-11-07Merge branch 'maint-0.2.4' into maint-0.2.5Nick Mathewson
2016-11-07Merge branch '20499_part1_029_squashed', remote-tracking branches ↵Nick Mathewson
'teor/bug20591_029' and 'teor/bug20533_029' into maint-0.2.9
2016-11-07Allow infinitely long delays in exponential-backoff downloadsNick Mathewson
It's only safe to remove the failure limit (per 20536) if we are in fact waiting a bit longer each time we try to download. Fixes bug 20534; bugfix on 0.2.9.1-alpha.
2016-11-07Merge branch 'bug20588' into maint-0.2.9Nick Mathewson
2016-11-07Update geoip and geoip6 to the November 3 2016 database.Karsten Loesing
2016-11-08When downloading certificates, check for related failuresteor
If a consensus expires while we are waiting for certificates to download, stop waiting for certificates. If we stop waiting for certificates less than a minute after we started downloading them, do not consider the certificate download failure a separate failure. Fixes bug 20533; bugfix on commit e0204f21 in 0.2.0.9-alpha.
2016-11-07Ensure relays don't make multiple connections during bootstrapteor
Relays do not deliberately launch multiple attempts, so the impact of this bug should be minimal. This fix also defends against bugs like #20499. Bugfix on 0.2.8.1-alpha.
2016-11-06Always Use EVP_aes_*_ctr() with openssl 1.1Nick Mathewson
(OpenSSL 1.1 makes EVP_CIPHER_CTX opaque, _and_ adds acceleration for counter mode on more architectures. So it won't work if we try the older approach, and it might help if we try the newer one.) Fixes bug 20588.
2016-11-06Finish a sentence in a comment. Close 20576.Nick Mathewson
2016-11-06In test_tortls_classify_client_ciphers(), s/ECDH/ECDHE/Nick Mathewson
(We weren't actually using these ciphers; we were just requing that ciphers of that name existed.) Patch from rubiate. Fixes 20460
2016-11-06Do not apply 'max_failures' to random-exponential schedules.Nick Mathewson
Fixes bug 20536; bugfix on 0.2.9.1-alpha.
2016-11-06Change a BUG warning to be a warning, not an info.Nick Mathewson
2016-11-06Fix get_delay() code to avoid TIME_MAX overflow, not INT_MAX.Nick Mathewson
Fixes bug 20587; bugfix on 35bbf2e4a4e8ccb in 0.2.8.1-alpha.
2016-11-06Fix warnings from lintChanges.pyNick Mathewson
2016-11-03Merge branch 'maint-0.2.8' into maint-0.2.9Nick Mathewson
2016-11-03Merge branch 'bug20551_028' into maint-0.2.8Nick Mathewson
2016-11-03Merge branch 'maint-0.2.8' into maint-0.2.9Nick Mathewson
2016-11-03Merge remote-tracking branch 'arma/bug19969_028_squashed' into maint-0.2.8Nick Mathewson
2016-11-03Merge branch 'maint-0.2.8' into maint-0.2.9Nick Mathewson
2016-11-03Work around a behavior change in openssl's BUF_MEM codeNick Mathewson
In our code to write public keys to a string, for some unfathomable reason since 253f0f160e1185c, we would allocate a memory BIO, then set the NOCLOSE flag on it, extract its memory buffer, and free it. Then a little while later we'd free the memory buffer with BUF_MEM_free(). As of openssl 1.1 this doesn't work any more, since there is now a BIO_BUF_MEM structure that wraps the BUF_MEM structure. This BIO_BUF_MEM doesn't get freed in our code. So, we had a memory leak! Is this an openssl bug? Maybe. But our code was already pretty silly. Why mess around with the NOCLOSE flag here when we can just keep the BIO object around until we don't need the buffer any more? Fixes bug 20553; bugfix on 0.0.2pre8
2016-11-03Use explicit casts to avoid warnings when building with openssl 1.1Nick Mathewson
fixes bug 20551; bugfix on 0.2.1.1-alpha
2016-11-01Always call connection_ap_attach_pending() once a second.Nick Mathewson
Fixes bug 19969; bugfix on b1d56fc58. We can fix this some more in later Tors, but for now, this is probably the simplest fix possible. This is a belt-and-suspenders fix, where the earlier fix ("Ask event_base_loop to finish when we add a pending stream") aims to respond to new streams as soon as they arrive, and this one aims to make sure that we definitely respond to all of the streams.
2016-11-01Ask event_base_loop to finish when we add a pending streamRoger Dingledine
Fixes bug 19969; bugfix on b1d56fc58. We can fix this some more in later Tors, but for now, this is probably the right fix for us.
2016-11-01refactor out the tor_event_base_loopexit() callRoger Dingledine
no actual changes
2016-11-01Attempt to fix unit tests on netbsdNick Mathewson
2016-11-01Merge remote-tracking branch 'teor/bug20472-029-v2' into maint-0.2.9Nick Mathewson
2016-11-01Merge branch 'bug20487_029' into maint-0.2.9Nick Mathewson
2016-10-31Merge branch 'bug19968_029' into maint-0.2.9Nick Mathewson
2016-10-31Actually free the worker_state_t object when we do an update with itNick Mathewson
Previously we freed the old "keys" object, but leaked the worker_state_t that we had taken it from. Fixes bug 20401; bugfix on 0.2.6.3-alpha.
2016-10-31Add a sentence to the manpage about nonanonymous=>Socksport 0.Nick Mathewson
Closes 20487.
2016-10-31Actually clamp the number of detected CPUs to 16.Nick Mathewson
Previously we said we did, but didn't. Fixes #19968; bugfix on 0.2.3.1-alpha.
2016-10-31Rename routerstatus_version_supports_ntor to *_supports_extend2_cellsteor
This helps avoid the confusion that caused bug 20472. Bugfix on commit 10aa913 from #19163 in tor-0.2.9.3-alpha.
2016-10-31Refactor circuit_pick_create_handshaketeor
Make the structure of circuit_pick_create_handshake consistent with circuit_pick_extend_handshake. No behaviour change.
2016-10-31In circuit_pick_extend_handshake, assume all hops support EXTEND2 and ntorteor
This simplifies the function: if we have an ntor key, use ntor/EXTEND2, otherwise, use TAP/EXTEND. Bugfix on commit 10aa913 from 19163 in 0.2.9.3-alpha.
2016-10-26Avoid tor_fragile_assert() failure with DNSPort on RESOLVED_TYPE_ERRORNick Mathewson
The tor_fragile_assert() bug has existed here since c8a5e2d588e0d91 in tor-0.2.1.7-alpha forever, but tor_fragile_assert() was mostly a no-op until 0.2.9.1-alpha. Fixes bug 19869.
2016-10-18changes file for module docsNick Mathewson
2016-10-18Module-level docs for ext_orport and router.cNick Mathewson
2016-10-18Turn replaycache.c module doc into doxygenNick Mathewson
2016-10-18Document connection_or.c and connection.c at module levelNick Mathewson
2016-10-18Module documentation for circuitmux_ewma.cNick Mathewson
2016-10-18Turn circuitmux.c comments into module docs.Nick Mathewson
2016-10-18Module docs for channel.c and channeltls.cNick Mathewson