Age | Commit message (Collapse) | Author | |
---|---|---|---|
2012-10-20 | fold in the 0.2.3.23 changes entriestor-0.2.3.23-rc | Roger Dingledine | |
2012-10-20 | shift the categories around a bit | Roger Dingledine | |
2012-10-19 | bump to 0.2.3.23-rc | Roger Dingledine | |
2012-10-19 | fold in recent changes entries | Roger Dingledine | |
2012-10-19 | Merge branch 'maint-0.2.3' into release-0.2.3 | Roger Dingledine | |
2012-10-19 | Merge branch 'block_renegotiate_023' into maint-0.2.3 | Nick Mathewson | |
2012-10-19 | Merge branch 'bug7149' into maint-0.2.3 | Nick Mathewson | |
2012-10-19 | Don't serve or accept v2 HS descs over a DirPort | Robert Ransom | |
(changes file tweaked by nickm) | |||
2012-10-19 | Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3 | Nick Mathewson | |
2012-10-19 | Disable TLS Session Tickets, which we were apparently getting for free | Nick Mathewson | |
OpenSSL 1.0.0 added an implementation of TLS session tickets, a "feature" that let session resumption occur without server-side state by giving clients an encrypted "ticket" that the client could present later to get the session going again with the same keys as before. OpenSSL was giving the keys to decrypt these tickets the lifetime of the SSL contexts, which would have been terrible for PFS if we had long-lived SSL contexts. Fortunately, we don't. Still, it's pretty bad. We should also drop these, since our use of the extension stands out with our non-use of session cacheing. Found by nextgens. Bugfix on all versions of Tor when built with openssl 1.0.0 or later. Fixes bug 7139. | |||
2012-10-17 | Discard extraneous renegotiation attempts in the v3 link protocol | Nick Mathewson | |
Failure to do so left us open to a remotely triggerable assertion failure. Fixes CVE-2012-2249; bugfix on 0.2.3.6-alpha. Reported by "some guy from France". | |||
2012-10-13 | slight tweak, and also reformat | Roger Dingledine | |
2012-10-13 | Expand 0.2.3 dedication paragaph to full version of latest draft | Nick Mathewson | |
We should still make sure mlp approves it. | |||
2012-10-13 | fold in the changes files so far | Roger Dingledine | |
2012-10-13 | correct a point about logging | Roger Dingledine | |
2012-10-13 | start at an 0.2.3 release notes | Roger Dingledine | |
2012-10-13 | Merge branch 'maint-0.2.3' into release-0.2.3 | Roger Dingledine | |
2012-10-09 | Merge branch 'bug7014_023_squashed' into maint-0.2.3 | Nick Mathewson | |
2012-10-09 | Don't call fmt_addr() twice in a parameter list. | George Kadianakis | |
2012-10-04 | Merge remote-tracking branch 'arma/bug7037' into maint-0.2.3 | Nick Mathewson | |
2012-10-03 | Refuse extra create cells with reason "resource limit" | Roger Dingledine | |
In the past we had used reason "internal", which is more vague than it needs to be. Resolves bug 7037. | |||
2012-10-03 | properly free the return values of rate_limit_log() | Roger Dingledine | |
resolves bug 7022. | |||
2012-09-22 | add faravahar as our ninth v3 dir auth | Roger Dingledine | |
2012-09-19 | Clarify that hidden services are TCP only | Nick Mathewson | |
Also remove some trailing whitespace. Patch from maker; fixes bug 6024. | |||
2012-09-18 | Whitespace fixes | Nick Mathewson | |
2012-09-17 | Bug 6866: Convert pathbias asserts into log messages. | Mike Perry | |
Asserts were hit by Tor2Web mode. | |||
2012-09-14 | Use file-size-fixup code on cygwin too. | Nick Mathewson | |
We already had code on windows to fix our file sizes when we're reading a file in text mode and its size doesn't match the size from fstat. But that code was only enabled when _WIN32 was defined, and Cygwin defines __CYGWIN__ instead. Fixes bug 6844; bugfix on 0.1.2.7-alpha. | |||
2012-09-13 | Fix man page typo | Robert Ransom | |
2012-09-13 | mention the bug number in the 6827 changes file | Nick Mathewson | |
2012-09-13 | Avoid undefined behaviour when parsing HS protocol versions | Robert Ransom | |
Fixes bug 6827; bugfix on c58675ca728f12b42f65e5b8964ae695c2e0ec2d (when the v2 HS desc parser was implemented). Found by asn. | |||
2012-09-12 | Revert "6819: typo in torrc.sample.in" | Nick Mathewson | |
This reverts commit 4aff97cfc7965414ad8506ce28a296da1bc4a161. We don't actually want to be changing the torrc.sample on stable or near-stable stuff, since doing so makes pointless busywork for debian users. | |||
2012-09-12 | Merge remote-tracking branch 'public/bug6341_a_v2' into maint-0.2.3 | Nick Mathewson | |
2012-09-12 | 6819: typo in torrc.sample.in | Nick Mathewson | |
2012-09-11 | bump to 0.2.3.22-rctor-0.2.3.22-rc | Roger Dingledine | |
2012-09-11 | move 0.2.2.39 changelog forward | Roger Dingledine | |
2012-09-11 | fold in 0.2.3.22-rc changes | Roger Dingledine | |
2012-09-11 | Merge branch 'maint-0.2.3' into release-0.2.3 | Roger Dingledine | |
2012-09-11 | Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3 | Nick Mathewson | |
Conflicts: src/test/test_util.c | |||
2012-09-11 | Merge branch 'timegm_assert_v3_squashed' into maint-0.2.2 | Nick Mathewson | |
2012-09-11 | Fix assertion failure in tor_timegm. | Nick Mathewson | |
Fixes bug 6811. | |||
2012-09-10 | Avoid segfault when reading state file from ancient tor | Nick Mathewson | |
If s_values is null in rep_hist_load_bwhist_state_section, we would call smartlist_len() on it, and die. Fixes bug 6801. | |||
2012-09-05 | fold in last changes filetor-0.2.3.21-rc | Roger Dingledine | |
2012-09-05 | Merge branch 'maint-0.2.3' into release-0.2.3 | Roger Dingledine | |
2012-09-05 | Update the minimum bandwidth for a public relay | Roger Dingledine | |
The current cutoff is 30KB, but in reality a useful cutoff is probably more like 50KB or 100KB. | |||
2012-09-05 | Avoid segfault if EntryGuardPathBias precedes EntryGuard | Nick Mathewson | |
Fix for bug 6774; bugfix on 0.2.3.17-beta. | |||
2012-09-04 | one more changes file | Roger Dingledine | |
2012-09-04 | Merge branch 'maint-0.2.3' into release-0.2.3 | Roger Dingledine | |
2012-09-04 | bump to 0.2.3.21-rc | Roger Dingledine | |
2012-09-04 | fold in recent 0.2.3 changes files | Roger Dingledine | |
2012-09-04 | Merge branch 'maint-0.2.3' into release-0.2.3 | Roger Dingledine | |