| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
(Using an -s ours merge for Not taking the CVE-2012-2250 fix from
maint-0.2.3; it would conflict.)
|
|
The items from 0.2.3.x are copy-and-pastd from current release-0.2.3
changelog; the others are folded in from changes/*.
|
|
|
|
|
|
Fix for bug 7189.
|
|
It seems as if our new build system broke gcov for me. I've tried to
fix doc/HACKING to describe what I needed to do in order to make it
work again.
|
|
If we completed the handshake for the v2 link protocol but wound up
negotiating the wong protocol version, we'd become so confused about
what part of the handshake we were in that we'd promptly die with an
assertion.
This is a fix for CVE-2012-2250; it's a bugfix on 0.2.3.6-alpha.
All servers running that version or later should really upgrade.
Bug and fix from "some guy from France." I tweaked his code slightly
to make it log the IP of the offending node, and to forward-port it to
0.2.4.
|
|
If we completed the handshake for the v2 link protocol but wound up
negotiating the wong protocol version, we'd become so confused about
what part of the handshake we were in that we'd promptly die with an
assertion.
This is a fix for CVE-2012-2250; it's a bugfix on 0.2.3.6-alpha.
All servers running that version or later should really upgrade.
Bug and fix from "some guy from France." I tweaked his code slightly
to make it log the IP of the offending node.
|
|
|
|
|
|
This is an "ours" merge; we want a separate fix for this bug (bug7191)
in master. Rather than catching the two failing cases, we need to make
them not fail.
|
|
|
|
|
|
Conflicts:
src/test/test_containers.c
|
|
|
|
The implementation we added has a tendency to crash with lists of 0 or
one element. That can happen if we get a consensus vote, v2
consensus, consensus, or geoip file with 0 or 1 element. There's a
DOS opportunity there that authorities could exploit against one
another, and which an evil v2 authority could exploit against anything
downloading v2 directory information..
This fix is minimalistic: It just adds a special-case for 0- and
1-element lists. For 0.2.4 (the current alpha series) we'll want a
better patch.
This is bug 7191; it's a fix on 0.2.0.10-alpha.
|
|
|
|
one (fixes bug 7191)
|
|
|
|
the entry.
|
|
|
|
Clients now consider the ClientRejectInternalAddresses config option
when using a microdescriptor consensus stanza to decide whether
an exit relay would allow exiting to an internal address. Fixes
bug 7190; bugfix on 0.2.3.1-alpha.
|
|
|
|
|
|
Our implementation of parse_short_policy was screwed up: it would
ignore the last character of every short policy. Obviously, that's
broken.
This patch fixes the busted behavior, and adds a bunch of unit tests
to make sure the rest of that function is okay.
Fixes bug 7192; fix on 0.2.3.1-alpha.
|
|
|
|
|
|
Looks like clang doesn't complain about this kind of thing.
Spotted by Andrea. Bug not in any released version.
|
|
Conflicts:
src/or/circuitbuild.c
There was a huge-looking conflict in circuitbuild.c, but the only
change that had been made to circuitbuild.c since I forked off the
split_circuitbuild branch was 17442560c44e8093f9a. So I took the
split_circuitbuild version of the conflicting part, and manually
re-applied the change from 17442560c44e8093f9a..
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This is an "ours" commit ; I'm merging a separate version of the
block-renegotiate patch into 0.2.4.
|
|
|
|
|
|
|
|
(changes file tweaked by nickm)
|
|
|
|
|
|
OpenSSL 1.0.0 added an implementation of TLS session tickets, a
"feature" that let session resumption occur without server-side state
by giving clients an encrypted "ticket" that the client could present
later to get the session going again with the same keys as before.
OpenSSL was giving the keys to decrypt these tickets the lifetime of
the SSL contexts, which would have been terrible for PFS if we had
long-lived SSL contexts. Fortunately, we don't. Still, it's pretty
bad. We should also drop these, since our use of the extension stands
out with our non-use of session cacheing.
Found by nextgens. Bugfix on all versions of Tor when built with
openssl 1.0.0 or later. Fixes bug 7139.
|
|
channel_tls_handle_incoming(); fixes get_remote_addr problem with incoming connections for bug 7112
|
|
Failure to do so left us open to a remotely triggerable assertion
failure. Fixes CVE-2012-2249; bugfix on 0.2.3.6-alpha. Reported by
"some guy from France".
This patch is a forward-port to 0.2.4, to work with the new channel
logic.
|
|
Failure to do so left us open to a remotely triggerable assertion
failure. Fixes CVE-2012-2249; bugfix on 0.2.3.6-alpha. Reported by
"some guy from France".
|
|
We were calling channel_get_actual_remote_descr() before we used the
output of a previous channel_get_canonical_remote_descr(), thus
invalidating its output.
|
