| Age | Commit message (Collapse) | Author |
|---|
|
Conflicts:
configure.in
|
|
|
|
Conflicts:
src/or/config.c
|
|
|
|
|
|
|
|
|
|
We would never actually enforce multiplicity rules when parsing
annotations, since the counts array never got entries added to it for
annotations in the token list that got added by earlier calls to
tokenize_string.
Found by piebeer.
|
|
does not block them
|
|
We decided to no longer ship expert packages for OS X because they're a
lot of trouble to keep maintained and confuse users. For those who want
a tor on OS X without Vidalia, macports is a fine option. Alternatively,
building from source is easy, too.
The polipo stuff that is still required for the Vidalia bundle build can
now be found in the torbrowser repository,
git://git.torproject.org/torbrowser.git.
|
|
|
|
|
|
We need filtering bufferevent_openssl so that we can wrap around
IOCP bufferevents on Windows. This patch adds a temporary option to
turn on filtering mode, so that we can test it out on non-IOCP
systems to make sure it hasn't got any surprising bugs.
It also fixes some allocation/teardown errors in using
bufferevent_openssl as a filter.
|
|
|
|
|
|
Instead of rejecting a value that doesn't divide into 1 second, round to
the nearest divisor of 1 second and warn.
Document that the option only controls the granularity written by Tor to a
file or console log. It does not (for example) "batch up" log messages to
affect times logged by a controller, times attached to syslog messages, or
the mtime fields on log files.
|
|
|
|
|
|
Found by Ian Goldberg and Mashael AlSabah.
Bugfix on 0.2.3.0-alpha dev.
|
|
|
|
|
|
|
|
In a2bb0bf we started using a separate client identity key. When we are
in "public server mode" (that means not a bridge) we will use the same
key. Reusing the key without doing the proper refcounting leads to a
segfault on cleanup during shutdown. Fix that.
Also introduce an assert that triggers if our refcount falls below 0.
That should never happen.
|
|
Conflicts:
src/common/tortls.c
|
|
|
|
|
|
We now require that:
- Only actual servers should ever call get_server_identity_key
- If you're being a client or bridge, the client and server keys should
differ.
- If you're being a public relay, the client and server keys
should be the same.
|
|
|
|
Bug 1859 shows that the router_get_by_nickname behavior was wrong,
and the node_get_by_nickname is right.
|
|
|
|
Some of this is already done in nodelist.
|
|
When intro->extend_info is created for an introduction point, it
only starts out with a nickname, not necessarily an identity digest.
Thus, doing router_get_by_digest isn't necessarily safe.
|
|
|
|
|
|
|
|
Conflicts:
src/or/networkstatus.c
|
|
|
|
Conflicts:
src/or/networkstatus.c
|
|
We want to fetch directory info more aggressively if we need it to
refuseunknownexits. Thus, we'll want it if our exit policy is _NOT_
reject *.
|
|
|
|
Found by rransom while working on issue #988. Bugfix on
0.2.2.17-alpha. Fixes bug 2097.
|
|
|
|
-Wpointer-sign is implied with -Wall, which we use when building with
--enable-gcc-warnings.
|
|
When configuring with --enable-gcc-warnings, we use -Wformat=2 which
automatically enables the available -Wformat switches, so adding them
again in the --enable-gcc-hardening case doesn't make sense..
|
|
We used to enable ssp-buffer-size=1 only when building with
--enable-gcc-warnings. That would result in warnings (and no
protection for small arrays) when building with
--enable-gcc-hardening without enabling warnings, too. Fixes bug
2031.
Also remove an XXX: We now allow to build with -fstack-protector
by using --enable-gcc-hardening.
|
|
There are no relay left that run version 0.2.1.3 through 0.2.1.18, so
changing this behaviour should be safe now.
|
|
Add changes file
|
|
https://trac.torproject.org/projects/tor/ticket/1859
Use router_get_by_digest() instead of router_get_by_hexdigest()
in circuit_discard_optional_exit_enclaves() and
rend_client_get_random_intro(), per Nick's comments.
Using router_get_by_digest() in rend_client_get_random_intro() will
break hidden services published by Tor versions pre 0.1.2.18 and
0.2.07-alpha as they only publish by nickname. This is acceptable
however as these versions only publish to authority tor26 and
don't work for versions in the 0.2.2.x series anyway.
|
|
|
|
|
