Age | Commit message (Collapse) | Author | |
---|---|---|---|
2011-02-23 | a blurb for 0.2.1.30tor-0.2.1.30 | Roger Dingledine | |
2011-02-22 | bump to 0.2.1.30 | Roger Dingledine | |
2011-02-22 | fold in last two changes files | Roger Dingledine | |
2011-02-22 | Merge branch 'maint-0.2.1' into release-0.2.1 | Roger Dingledine | |
2011-02-22 | Remove doc/spec/Makefile.in from list of generated files | Nick Mathewson | |
2011-02-22 | Merge remote branch 'public/bug1859_021' into maint-0.2.1 | Nick Mathewson | |
2011-02-22 | Merge remote branch 'public/bug2402_nothing' into maint-0.2.1 | Nick Mathewson | |
2011-02-22 | fold in more changes files | Roger Dingledine | |
2011-02-22 | Merge branch 'maint-0.2.1' into release-0.2.1 | Roger Dingledine | |
2011-02-22 | changes file for removing torspec from the tarball | Roger Dingledine | |
2011-02-22 | prefer https urls | Roger Dingledine | |
2011-02-21 | Remove specs from 0.2.1 branch: they have moved to a new repository. | Nick Mathewson | |
2011-02-11 | Merge branch 'maint-0.2.1' into release-0.2.1 | Roger Dingledine | |
2011-02-11 | fold in changes files so far | Roger Dingledine | |
2011-02-11 | Merge branch 'maint-0.2.1' into release-0.2.1 | Roger Dingledine | |
2011-02-10 | fix the other half of bug 1074 | Roger Dingledine | |
2011-02-10 | Make the DH parameter we use for TLS match the one from Apache's mod_ssl | Nick Mathewson | |
Our regular DH parameters that we use for circuit and rendezvous crypto are unchanged. This is yet another small step on the path of protocol fingerprinting resistance. (Backport from 0.2.2's 5ed73e3807d90dd0a3) | |||
2011-02-09 | Update documentation for PublishServerDescriptor | Robert Ransom | |
2011-02-09 | Ignore and warn about "PublishServerDescriptor hidserv" | Robert Ransom | |
Fixes #2408. | |||
2011-02-07 | move the clause above the "if bw is too low" check | Roger Dingledine | |
2011-02-07 | dtrt when only relaybandwidthburst is set | Roger Dingledine | |
fixes bug 2470 | |||
2011-02-07 | Update to the February 1 2011 Maxmind GeoLite Country database. | Karsten Loesing | |
2011-01-26 | fix the links in the exit-list notice we give out to users. | Andrew Lewman | |
2011-01-26 | Backport current tor-exit-notice to 0.2.1 | Nick Mathewson | |
2011-01-25 | Simplest fix to bug2402: do not include SVN versions | Nick Mathewson | |
When we stopped using svn, 0.2.1.x lost the ability to notice its svn revision and report it in the version number. However, it kept looking at the micro-revision.i file... so if you switched to master, built tor, then switched to 0.2.1.x, you'd get a micro-revision.i file from master reported as an SVN tag. This patch takes out the "include the svn tag" logic entirely. Bugfix on 0.2.1.15-rc; fixes bug 2402. | |||
2011-01-20 | Merge remote branch 'rransom/policy_summarize-assert' into maint-0.2.1 | Nick Mathewson | |
2011-01-20 | Fix bounds-checking in policy_summarize | Robert Ransom | |
Found by piebeer. | |||
2011-01-19 | Oops; actually add the code to the last patch. :/ | Nick Mathewson | |
2011-01-19 | Fix two more SIZE_T_CEILING issues | Nick Mathewson | |
This patch imposes (very long) limits on the length of a line in a directory document, and on the length of a certificate. I don't think it should actually be possible to overrun these remotely, since we already impose a maximum size on any directory object we're downloading, but a little defensive programming never hurt anybody. Roger emailed me that doorss reported these on IRC, but nobody seems to have put them on the bugtracker. | |||
2011-01-18 | Merge branch 'maint-0.2.1' into release-0.2.1 | Roger Dingledine | |
2011-01-18 | be the winner, rewrite history | Roger Dingledine | |
2011-01-15 | Merge branch 'maint-0.2.1' into release-0.2.1tor-0.2.1.29 | Roger Dingledine | |
2011-01-15 | 0.2.1.29 changelog and blurb | Roger Dingledine | |
2011-01-15 | final changelog cleanup. it'll do. | Roger Dingledine | |
2011-01-15 | amend changelog for fixing --enable-openbsd-malloc | Roger Dingledine | |
2011-01-15 | clean up changelog more, add blurb | Roger Dingledine | |
2011-01-15 | start cleaning up 0.2.1.29 changelog | Roger Dingledine | |
2011-01-15 | bump to 0.2.1.29 | Roger Dingledine | |
2011-01-15 | Merge branch 'maint-0.2.1' into release-0.2.1 | Roger Dingledine | |
2011-01-15 | Fix a couple of non-cleared key issues in hidden services | Nick Mathewson | |
we need to do more hunting, but this fixes the ones mentioned in 2385. | |||
2011-01-15 | Zero out some more key data before freeing it | Nick Mathewson | |
Found by cypherpunks; fixes bug 2384. | |||
2011-01-15 | Merge branch 'bug2352_obsize' into maint-0.2.1 | Nick Mathewson | |
2011-01-15 | Add missing check for hostname answer_len in dnsserv size | Nick Mathewson | |
This is checked elsewhere too, but let's be RFC-conformant. | |||
2011-01-15 | Merge branch 'bug2332_part2' into maint-0.2.1 | Nick Mathewson | |
2011-01-15 | Merge branch 'bug2324_uncompress' into maint-0.2.1 | Nick Mathewson | |
2011-01-15 | clean up message; explain a magic number in a comment | Nick Mathewson | |
2011-01-15 | make the description of tolen_asserts more dire | Nick Mathewson | |
We have a CVE # for this bug. | |||
2011-01-15 | Fix a heap overflow found by debuger, and make it harder to make that ↵ | Nick Mathewson | |
mistake again Our public key functions assumed that they were always writing into a large enough buffer. In one case, they weren't. (Incorporates fixes from sebastian) | |||
2011-01-15 | Always nul-terminate the result passed to evdns_server_add_ptr_reply | Nick Mathewson | |
In dnsserv_resolved(), we carefully made a nul-terminated copy of the answer in a PTR RESOLVED cell... then never used that nul-terminated copy. Ouch. Surprisingly this one isn't as huge a security problem as it could be. The only place where the input to dnsserv_resolved wasn't necessarily nul-terminated was when it was called indirectly from relay.c with the contents of a relay cell's payload. If the end of the payload was filled with junk, eventdns.c would take the strdup() of the name [This part is bad; we might crash there if the cell is in a bad part of the stack or the heap] and get a name of at least length 495[*]. eventdns.c then rejects any name of length over 255, so the bogus data would be neither transmitted nor altered. [*] If the name was less than 495 bytes long, the client wouldn't actually be reading off the end of the cell. Nonetheless this is a reasonably annoying bug. Better fix it. Found while looking at bug 2332, reported by doorss. Bugfix on 0.2.0.1-alpha. | |||
2011-01-15 | catch another overlong malloc possibility. found by cypherpunks | Nick Mathewson | |