summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2015-05-13tor_tls_get_buffer_sizes() will not work on openssl 1.1. Patch from yawningNick Mathewson
2015-05-13Use SSL_state() to inspect the state of SSL objects.Nick Mathewson
2015-05-13Use SSL_clear_mode where available.Nick Mathewson
2015-05-13SSL_clear_mode exists; we can use it.Nick Mathewson
2015-05-13Stop accessing 'ssl->s3->flags' when we are using openssl 1.1Nick Mathewson
This field was only needed to work with the now-long-gone (I hope, except for some horrible apples) openssl 0.9.8l; if your headers say you have openssl 1.1, you won't even need it.
2015-05-13ERR_remove_state() is deprecated since OpenSSL 1.0.0.Yawning Angel
OpenSSL 1.1.0 must be built with "enable-deprecated", and compiled with `OPENSSL_USE_DEPRECATED` for this to work, so instead, use the newer routine as appropriate.
2015-05-13Merge remote-tracking branch 'origin/maint-0.2.5' into maint-0.2.6Nick Mathewson
2015-05-13Merge branch 'bug15823_025' into maint-0.2.5Nick Mathewson
2015-05-05Fix out-of-bounds read in INTRODUCE2 client authJohn Brooks
The length of auth_data from an INTRODUCE2 cell is checked when the auth_type is recognized (1 or 2), but not for any other non-zero auth_type. Later, auth_data is assumed to have at least REND_DESC_COOKIE_LEN bytes, leading to a client-triggered out of bounds read. Fixed by checking auth_len before comparing the descriptor cookie against known clients. Fixes #15823; bugfix on 0.2.1.6-alpha.
2015-04-28Revert "Remove obsolete workaround in dirserv_thinks_router_is_hs_dir()"David Goulet
Fixes #15850, part of #15801. Change file is added by this commit. The original comment in the reverted commit is removed because right now we *need* a DirPort until #15849 is implemented so no doubt nor confusion there anymore. This reverts commit 80bed1ac96a3035f8c55ddced5528f0d7d16d386. Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-27Merge remote-tracking branch 'origin/maint-0.2.5' into maint-0.2.6Nick Mathewson
2015-04-27Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5Nick Mathewson
2015-04-27Merge remote-tracking branch 'karsten/geoip6-apr2015' into maint-0.2.4Nick Mathewson
2015-04-27Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4Nick Mathewson
2015-04-24Update geoip6 to the April 8 2015 database.Karsten Loesing
2015-04-24Update geoip to the April 8 2015 database.Karsten Loesing
2015-04-06bump version to 0.2.6.7-devNick Mathewson
2015-04-06bump version to 0.2.6.7Nick Mathewson
2015-04-06Merge remote-tracking branch 'origin/maint-0.2.5' into maint-0.2.6Nick Mathewson
2015-04-06bump 0.2.5 version to 0.2.5.12Nick Mathewson
2015-04-06Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5Nick Mathewson
2015-04-06Bump 0.2.4 version more placesNick Mathewson
2015-04-06Bump 0.2.4 versionNick Mathewson
2015-04-06Merge remote-tracking branch 'origin/maint-0.2.5' into maint-0.2.6Nick Mathewson
2015-04-06Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5Nick Mathewson
2015-04-06Changes file for bug15601Nick Mathewson
2015-04-06Handle empty/zero length encoded intro points more gracefully.Yawning Angel
In theory these should never the triggered as the only caller now validates the parameters before this routine gets called.
2015-04-06Treat empty introduction points sections as missing.Yawning Angel
Found by DonnchaC.
2015-04-06Validate the RSA key size received when parsing INTRODUCE2 cells.Yawning Angel
Fixes bug 15600; reported by skruffy
2015-04-03Decrease the amount of rend circ relaunches for hidden services.George Kadianakis
2015-04-03Merge remote-tracking branch 'origin/maint-0.2.5' into maint-0.2.6Nick Mathewson
2015-04-03Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5Nick Mathewson
2015-04-03Merge branch 'bug15515_024' into maint-0.2.4Nick Mathewson
2015-04-03... and if we do get multiple INTRODUCE1s on a circuit, kill the circuitGeorge Kadianakis
(Sending a nak would be pointless.) See ticket 15515 for discussion.
2015-04-03Block multiple introductions on the same intro circuit.George Kadianakis
2015-03-25Bump to 0.2.6.6-devNick Mathewson
2015-03-24bump to 0.2.6.6Nick Mathewson
2015-03-23Merge remote-tracking branch 'public/bug15436_025' into maint-0.2.6Nick Mathewson
2015-03-23Fix unaligned access in SipHash-2-4.Yawning Angel
The compiler is allowed to assume that a "uint64_t *" is aligned correctly, and will inline a version of memcpy that acts as such. Use "uint8_t *", so the compiler does the right thing.
2015-03-18bump to 0.2.6.5-rc.devNick Mathewson
2015-03-18bump to 0.2.6.5-rcNick Mathewson
2015-03-14Simplify the loop.Nick Mathewson
2015-03-14Add comments for new functionsNick Mathewson
2015-03-14remove a needless "if (1)" that was there for indentation; fix indentation.Nick Mathewson
2015-03-14Extract main part of main loop into a separate functionNick Mathewson
For 15176; Shadow would like this. Based on a patch by Rob Jansen, but revised to have a minimal-sized diff.
2015-03-12Merge remote-tracking branch 'public/feature15212_026' into maint-0.2.6Nick Mathewson
2015-03-12Initialize the extorport auth cookie before launching PTs.Yawning Angel
PTs expect the auth cookie to be available immedieately after launch, leading to a race condition when PTs opt to cache the extorport cookie once immediately after startup. Fixes #15240.
2015-03-12Merge remote-tracking branch 'origin/maint-0.2.5' into maint-0.2.6Nick Mathewson
("-s ours" merge to avoid taking reversion of #15064)
2015-03-12Revert "Make TransProxyType ipfw work correctly"Nick Mathewson
This reverts commit 681802817deb6fb93b95f8284856fd42f3556600. (I didn't mean to backport this, but somehow I had based my branch for #15205 on it.)
2015-03-12Merge remote-tracking branch 'origin/maint-0.2.5' into maint-0.2.6Nick Mathewson
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion