| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2012-12-25 | Fix compilation warning: must not format u64 as long. | Nick Mathewson | |
| 2012-12-25 | Fix whitespace | Nick Mathewson | |
| 2012-12-25 | Merge remote-tracking branch 'mikeperry/209-path-bias-changes' | Nick Mathewson | |
| 2012-12-25 | Merge branch 'directory_guards_rebased' | Nick Mathewson | |
| 2012-12-25 | Add documentation for directory guard options | Nick Mathewson | |
| 2012-12-25 | Add configuration options for directory guards | Nick Mathewson | |
| In addition to all the other ways to make directory gurads not go, you can now set UseEntryGuardsAsDirGuards to 0. | |||
| 2012-12-25 | Directory guard implementation. | Nick Mathewson | |
| Implements proposal 207; ticket 6526. | |||
| 2012-12-25 | Remember which of our guards are directory caches | Nick Mathewson | |
| 2012-12-25 | Split choosing a regular directory into its own fn | Nick Mathewson | |
| 2012-12-25 | One last fix for a warning on non-EC systems | Nick Mathewson | |
| 2012-12-25 | Merge branch 'tls_ecdhe_rebased_v2' | Nick Mathewson | |
| 2012-12-25 | Be more noncomittal about performance improvement of uint128 backend. | Nick Mathewson | |
| 2012-12-25 | Make ECDHE group configurable: 224 for public, 256 for bridges (default) | Nick Mathewson | |
| 2012-12-25 | Inform the user if they're passing up a 10x ECDH speedup. | Nick Mathewson | |
| 2012-12-25 | Add benchmark for DH handshake and ECDH-P-224/56 handshake | Nick Mathewson | |
| 2012-12-25 | Let servers choose better ciphersuites when clients support them | Nick Mathewson | |
| This implements the server-side of proposal 198 by detecting when clients lack the magic list of ciphersuites that indicates that they're lying faking some ciphers they don't really have. When clients lack this list, we can choose any cipher that we'd actually like. The newly allowed ciphersuites are, currently, "All ECDHE-RSA ciphers that openssl supports, except for ECDHE-RSA-RC4". The code to detect the cipher list relies on on (ab)use of SSL_set_session_secret_cb. | |||
| 2012-12-25 | Remove the address argument from client cipher classification fns | Nick Mathewson | |
| 2012-12-25 | Cache the type of client cipher list we have in the tor_tls_t | Nick Mathewson | |
| We already use this classification for deciding whether (as a server) to do a v2/v3 handshake, and we're about to start using it for deciding whether we can use good ciphersuites too. | |||
| 2012-12-25 | prop198: Detect the list of ciphersuites we used to lie about having | Nick Mathewson | |
| This is less easy than you might think; we can't just look at the client ciphers list, since openssl doesn't remember client ciphers if it doesn't know about them. So we have to keep a list of the "v2" ciphers, with the ones we don't know about removed. | |||
| 2012-12-25 | Configure SSL context to know about using P-256 for ECDHE. | Nick Mathewson | |
| 2012-12-25 | bump to 0.2.4.7-alpha-dev | Roger Dingledine | |
| 2012-12-24 | add a blurb for 0.2.4.7-alpha tootor-0.2.4.7-alpha | Roger Dingledine | |
| 2012-12-24 | bump to 0.2.4.7-alpha | Roger Dingledine | |
| 2012-12-24 | fold in changes files so far | Roger Dingledine | |
| 2012-12-18 | When there are no dir_server_ts to choose, don't crash | Nick Mathewson | |
| It's important not to call choose_array_element_by_weight and then pass its return value unchecked to smartlist_get : it is allowed to return -1. Fixes bug 7756; bugfix on 4e3d07a6 (not in any released Tor) | |||
| 2012-12-18 | Nick's Code review #3 part 2. | Mike Perry | |
| 2012-12-18 | Changes from Nick's code review 'part 1' | Mike Perry | |
| I think this is actually his third code review of this branch so far. | |||
| 2012-12-18 | Add packaged cell fullness to the heartbeat message. | Nick Mathewson | |
| This is an attempt to diagnose the severity of bug 7743. | |||
| 2012-12-17 | Remove the obsolete doc/TODO.* files | Nick Mathewson | |
| Closes bug #7730. | |||
| 2012-12-17 | Merge branch 'ticket7570_7571' | Nick Mathewson | |
| Conflicts: src/or/routerlist.c | |||
| 2012-12-17 | Drop the maximum attempts to get a virtual address to 1000. | Nick Mathewson | |
| This is good enough to give P_success >= 999,999,999/1,000,000,000 so long as the address space is less than 97.95 full. It'd be ridiculous for that to happen for IPv6, and usome reasonable assumptions, it would also be pretty silly for IPv4. | |||
| 2012-12-17 | Describe IPv6 automap changes | Nick Mathewson | |
| 2012-12-17 | Document PreferIPv6Automap in the manpage | Nick Mathewson | |
| 2012-12-17 | Add missing doxygen for DNS and automap code | Nick Mathewson | |
| 2012-12-17 | Per-listener option to prefer IPv6 automaps when possible. | Nick Mathewson | |
| 2012-12-17 | Build and test most of the machinery needed for IPv6 virtualaddrmaps | Nick Mathewson | |
| With an IPv6 virtual address map, we can basically hand out a new IPv6 address for _every_ address we connect to. That'll be cool, and will let us maybe get around prop205 issues. This uses some fancy logic to try to make the code paths in the ipv4 and the ipv6 case as close as possible, and moves to randomly generated addresses so we don't need to maintain those stupid counters that will collide if Tor restarts but apps don't. Also has some XXXX items to fix to make this useful. More design needed. | |||
| 2012-12-17 | Refactor the code to check if an address is matched by automapsuffixes | Nick Mathewson | |
| 2012-12-17 | Fix another uninitialized var warning from GCC | Nick Mathewson | |
| 2012-12-17 | Fixed an unused-variable warning | Nick Mathewson | |
| 2012-12-17 | Don't use the cache when changing an IP address because of an exit policy | Nick Mathewson | |
| 2012-12-17 | changes entry for disabling cache usage by default | Nick Mathewson | |
| 2012-12-17 | Turn off by-default use of client-side DNS cacheing. | Nick Mathewson | |
| 2012-12-17 | Refactor port_cfg_t creation into a port_cfg_new() function | Nick Mathewson | |
| This function gives us a single place to set reasonable default flags for port_cfg_t entries, to avoid bugs like the one where we weren't setting ipv4_traffic_ok to 1 on SocksPorts initialized in an older way. | |||
| 2012-12-17 | Changes file for new DNS caching options | Nick Mathewson | |
| 2012-12-17 | Add documentation for the client-side DNS cache options | Nick Mathewson | |
| 2012-12-17 | Implement option to turn off DNS cache modification by a client port | Nick Mathewson | |
| (This is part 3 of making DNS cache use enabled/disabled on a per-client port basis. This implements the UseCacheIPv[46]DNS options) | |||
| 2012-12-17 | Implement option to turn off DNS cache use on a client port | Nick Mathewson | |
| (This is part 2 of making DNS cache use enabled/disabled on a per-client port basis. This implements the CacheIPv[46]DNS options, but not the UseCachedIPv[46] ones.) | |||
| 2012-12-17 | Oops: make the check for not adding ip->ip DNS maps correct | Nick Mathewson | |
| 2012-12-17 | Add options to turn DNS cache use on or off per client port. | Nick Mathewson | |
| (This is part 1 of making DNS cache use enabled/disabled on a per-client port basis. These options are shuffled around correctly, but don't do anything yet.) | |||
| 2012-12-17 | Oops; make DNSPort configuration take address family options | Nick Mathewson | |
 |
index : tor | |
| Transit encryption and privacy out of the box | The Tor Project |
| summaryrefslogtreecommitdiff |