Age | Commit message (Collapse) | Author | |
---|---|---|---|
2012-11-19 | bump to 0.2.3.25tor-0.2.3.25 | Roger Dingledine | |
2012-11-19 | fold in changes entries. finish the 0.2.3 blurb. | Roger Dingledine | |
2012-11-19 | Merge branch 'maint-0.2.3' into release-0.2.3 | Roger Dingledine | |
2012-11-12 | use a more logical operator | Roger Dingledine | |
Fix a harmless bug when opting against publishing a relay descriptor because DisableNetwork is set. Fixes bug 7464; bugfix on 0.2.3.9-alpha. | |||
2012-11-08 | Turn a memwipe in tor_process_handle_destroy() back to memset | Nick Mathewson | |
It broke linking on tor-resolve.c, and it's not actually sanitizing anything sensitive. Fix for bug 7420; bug not on ony released Tor. | |||
2012-11-08 | Merge branch 'bug7352_023_rebased' into maint-0.2.3 | Nick Mathewson | |
2012-11-08 | Add and use and unlikely-to-be-eliminated memwipe() | Nick Mathewson | |
Apparently some compilers like to eliminate memset() operations on data that's about to go out-of-scope. I've gone with the safest possible replacement, which might be a bit slow. I don't think this is critical path in any way that will affect performance, but if it is, we can work on that in 0.2.4. Fixes bug 7352. | |||
2012-10-25 | last clarification for the changelogtor-0.2.3.24-rc | Roger Dingledine | |
2012-10-25 | update the release notes too | Roger Dingledine | |
2012-10-25 | Remove folded-in changes file | Nick Mathewson | |
2012-10-25 | Bump version to 0.2.3.24-rc. | Nick Mathewson | |
2012-10-25 | Draft blurb for 0.2.3.24-rc; guess a release date | Nick Mathewson | |
2012-10-25 | Merge branch 'link_negotiation_assert_023' into release-0.2.3 | Nick Mathewson | |
2012-10-23 | Fix a remotely triggerable assertion failure (CVE-2012-2250) | Nick Mathewson | |
If we completed the handshake for the v2 link protocol but wound up negotiating the wong protocol version, we'd become so confused about what part of the handshake we were in that we'd promptly die with an assertion. This is a fix for CVE-2012-2250; it's a bugfix on 0.2.3.6-alpha. All servers running that version or later should really upgrade. Bug and fix from "some guy from France." I tweaked his code slightly to make it log the IP of the offending node. | |||
2012-10-23 | prep for next rc | Roger Dingledine | |
2012-10-23 | Merge branch 'maint-0.2.3' into release-0.2.3 | Roger Dingledine | |
2012-10-23 | Make unit test for bug7191 work with new smartlist_new() name | Nick Mathewson | |
2012-10-23 | Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3 | Nick Mathewson | |
2012-10-23 | Add some unit tests for smartlist_bsearch_idx() on short lists | Andrea Shepard | |
Conflicts: src/test/test_containers.c | |||
2012-10-23 | Add a changes file for bug 7191. | Nick Mathewson | |
2012-10-23 | Fix binary search on lists of 0 or 1 element. | Nick Mathewson | |
The implementation we added has a tendency to crash with lists of 0 or one element. That can happen if we get a consensus vote, v2 consensus, consensus, or geoip file with 0 or 1 element. There's a DOS opportunity there that authorities could exploit against one another, and which an evil v2 authority could exploit against anything downloading v2 directory information.. This fix is minimalistic: It just adds a special-case for 0- and 1-element lists. For 0.2.4 (the current alpha series) we'll want a better patch. This is bug 7191; it's a fix on 0.2.0.10-alpha. | |||
2012-10-23 | Merge branch 'maint-0.2.3' into release-0.2.3 | Roger Dingledine | |
2012-10-23 | Let 0.2.3 clients exit to internal addresses if they want | Roger Dingledine | |
Clients now consider the ClientRejectInternalAddresses config option when using a microdescriptor consensus stanza to decide whether an exit relay would allow exiting to an internal address. Fixes bug 7190; bugfix on 0.2.3.1-alpha. | |||
2012-10-23 | Fix parse_short_policy (bug 7192.) | Nick Mathewson | |
Our implementation of parse_short_policy was screwed up: it would ignore the last character of every short policy. Obviously, that's broken. This patch fixes the busted behavior, and adds a bunch of unit tests to make sure the rest of that function is okay. Fixes bug 7192; fix on 0.2.3.1-alpha. | |||
2012-10-22 | add a unit test to expose bug 7192 | Roger Dingledine | |
2012-10-20 | fold in the 0.2.3.23 changes entriestor-0.2.3.23-rc | Roger Dingledine | |
2012-10-20 | shift the categories around a bit | Roger Dingledine | |
2012-10-19 | bump to 0.2.3.23-rc | Roger Dingledine | |
2012-10-19 | fold in recent changes entries | Roger Dingledine | |
2012-10-19 | Merge branch 'maint-0.2.3' into release-0.2.3 | Roger Dingledine | |
2012-10-19 | Merge branch 'block_renegotiate_023' into maint-0.2.3 | Nick Mathewson | |
2012-10-19 | Merge branch 'bug7149' into maint-0.2.3 | Nick Mathewson | |
2012-10-19 | Don't serve or accept v2 HS descs over a DirPort | Robert Ransom | |
(changes file tweaked by nickm) | |||
2012-10-19 | Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3 | Nick Mathewson | |
2012-10-19 | Disable TLS Session Tickets, which we were apparently getting for free | Nick Mathewson | |
OpenSSL 1.0.0 added an implementation of TLS session tickets, a "feature" that let session resumption occur without server-side state by giving clients an encrypted "ticket" that the client could present later to get the session going again with the same keys as before. OpenSSL was giving the keys to decrypt these tickets the lifetime of the SSL contexts, which would have been terrible for PFS if we had long-lived SSL contexts. Fortunately, we don't. Still, it's pretty bad. We should also drop these, since our use of the extension stands out with our non-use of session cacheing. Found by nextgens. Bugfix on all versions of Tor when built with openssl 1.0.0 or later. Fixes bug 7139. | |||
2012-10-17 | Discard extraneous renegotiation attempts in the v3 link protocol | Nick Mathewson | |
Failure to do so left us open to a remotely triggerable assertion failure. Fixes CVE-2012-2249; bugfix on 0.2.3.6-alpha. Reported by "some guy from France". | |||
2012-10-13 | slight tweak, and also reformat | Roger Dingledine | |
2012-10-13 | Expand 0.2.3 dedication paragaph to full version of latest draft | Nick Mathewson | |
We should still make sure mlp approves it. | |||
2012-10-13 | fold in the changes files so far | Roger Dingledine | |
2012-10-13 | correct a point about logging | Roger Dingledine | |
2012-10-13 | start at an 0.2.3 release notes | Roger Dingledine | |
2012-10-13 | Merge branch 'maint-0.2.3' into release-0.2.3 | Roger Dingledine | |
2012-10-09 | Merge branch 'bug7014_023_squashed' into maint-0.2.3 | Nick Mathewson | |
2012-10-09 | Don't call fmt_addr() twice in a parameter list. | George Kadianakis | |
2012-10-04 | Merge remote-tracking branch 'arma/bug7037' into maint-0.2.3 | Nick Mathewson | |
2012-10-03 | Refuse extra create cells with reason "resource limit" | Roger Dingledine | |
In the past we had used reason "internal", which is more vague than it needs to be. Resolves bug 7037. | |||
2012-10-03 | properly free the return values of rate_limit_log() | Roger Dingledine | |
resolves bug 7022. | |||
2012-09-22 | add faravahar as our ninth v3 dir auth | Roger Dingledine | |
2012-09-19 | Clarify that hidden services are TCP only | Nick Mathewson | |
Also remove some trailing whitespace. Patch from maker; fixes bug 6024. | |||
2012-09-18 | Whitespace fixes | Nick Mathewson | |