Age | Commit message (Collapse) | Author | |
---|---|---|---|
2024-01-30 | Merge branch 'maint-0.4.8' | David Goulet | |
2024-01-30 | bwauth: Allow "node_id" KeyValue without "$" | juga | |
Allow "node_id" KeyValue without the dollar sign at the start of the hexdigit in the BandwidthFiles, in order to easier database queries combining Tor documents in which the relays fingerprint doesn't include it. Bugfix on all supported versions of Tor. Closes #40891 | |||
2024-01-30 | metrics: Add new relay metrics to MetricsPort | David Goulet | |
This commit adds the total number of DROP cell seen, the total number of DESTROY cell received and the total number of protocol violation that lead to a circuit close. Closes #40816 Signed-off-by: David Goulet <dgoulet@torproject.org> | |||
2024-01-09 | Merge branch 'maint-0.4.8' | David Goulet | |
2024-01-09 | add release note and changelog entry for #40819 | trinity-1686a | |
2023-12-11 | Merge branch 'fix-python-escs' into 'main' | Alexander Færøy | |
Use raw strings for regexs containing escapes See merge request tpo/core/tor!790 | |||
2023-12-10 | dirauth: Reject 0.4.7.x series at the authority level | nonameformee | |
2023-12-09 | Use raw strings for regexs containing escapes | Alex Xu (Hello71) | |
In Python 3.12, these invalid escape sequences emit SyntaxWarnings, and will emit SyntaxErrors in a future release. Found using: grep '[^r]["'\''].*\\[^rn\\x0t"]' $(grep -rl '^#!.*python') | |||
2023-12-08 | Merge branch 'maint-0.4.8' | David Goulet | |
2023-12-08 | version: Bump version to 0.4.8.10-dev | Tor CI Release | |
2023-12-08 | Merge branch 'maint-0.4.8' | David Goulet | |
2023-12-08 | version: Bump version to 0.4.8.10 | Tor CI Release | |
2023-12-08 | Merge branch 'maint-0.4.8' | David Goulet | |
2023-12-08 | fallbackdir: Update list generated on December 08, 2023 | Tor CI Release | |
2023-12-08 | Update geoip files to match ipfire location db, 2023/12/08. | Tor CI Release | |
2023-12-08 | Merge branch 'maint-0.4.8' | David Goulet | |
2023-12-08 | Merge remote-tracking branch 'mikeperry-private/bug40897' into maint-0.4.8 | David Goulet | |
2023-12-07 | Merge branch 'maint-0.4.8' | Alexander Færøy | |
2023-12-07 | Merge remote-tracking branch 'origin/merge-requests/776' into maint-0.4.8 | Alexander Færøy | |
2023-12-07 | Bug 40897: Changes file | Mike Perry | |
2023-12-07 | Bug 40897 Bug Bounty: Double the number of max conflux circs | Mike Perry | |
We strongly suspect that bug 40897 was caused by a custom Tor client that tried to use more than the default number of conflux circuits, for either performance or traffic analysis defense gains, or both. This entity hit a safety check on the exit side, which caused a UAF. Our "belt and suspenders" snapped off, and hit us in the face... again... Since there are good reasons to try more than 2 conflux legs, and research has found some traffic analysis benefits with as many as 5, we're going to raise and parameterize this limit as a form of bug bounty for finding this UAF, so that this entity can try out a little more confluxing. This should also make it easier for researchers to try things like gathering traces with larger amounts of confluxing than normal, to measure real-world traffic analysis impacts of conflux. Shine on, you yoloing anonymous diamond. Let us know if you find out anything interesting! | |||
2023-12-07 | Bug 40897: Add more checks to free paths | Mike Perry | |
Similar double-frees would be caught earlier by these, so long as the pointers remain nulled out. | |||
2023-12-07 | Bug 40897: Move safety check to proper location and give it error handling. | Mike Perry | |
2023-12-06 | update changes file with correct introduced version | trinity-1686a | |
2023-11-22 | Merge branch 'fix-bridge-exit-warn' into 'main' | David Goulet | |
Fix bridge exit warn Closes #40884 See merge request tpo/core/tor!783 | |||
2023-11-22 | Merge branch 'did-sanity-memmem' into 'main' | David Goulet | |
add sanity check in tor_memmem Closes #40854 See merge request tpo/core/tor!785 | |||
2023-11-21 | add changes entry | trinity-1686a | |
2023-11-21 | Merge branch 'eol-config-no-spurious-warn' into 'main' | Alexander Færøy | |
don't warn for empty RecommendedServerVersion Closes #40888 See merge request tpo/core/tor!787 | |||
2023-11-21 | bwauth: Allow "node_id" KeyValue without "$" | juga | |
Allow "node_id" KeyValue without the dollar sign at the start of the hexdigit in the BandwidthFiles, in order to easier database queries combining Tor documents in which the relays fingerprint doesn't include it. Bugfix on all supported versions of Tor. Closes #40891 | |||
2023-11-21 | add changes file for sanity check on memmem | trinity-1686a | |
2023-11-20 | Merge branch 'new-changelogs' into 'main' | David Goulet | |
forward-port the 0.4.8.x change stanzas See merge request tpo/core/tor!784 | |||
2023-11-16 | don't warn for empty RecommendedServerVersion | trinity-1686a | |
2023-11-15 | add sanity check in tor_memmem | trinity-1686a | |
it's believed most libc already have those, but just in case, it can't hurt | |||
2023-11-12 | fix small typo and missing period while i'm here | Roger Dingledine | |
2023-11-12 | forward-port the 0.4.8.x change stanzas | Roger Dingledine | |
somehow our release process is not moving these into git main | |||
2023-11-12 | don't warn when ExitRelay is set to 0 | trinity-1686a | |
2023-11-09 | Merge branch 'maint-0.4.8' | David Goulet | |
2023-11-09 | version: Bump version to 0.4.8.9-dev | Tor CI Release | |
2023-11-09 | Merge branch 'maint-0.4.8' | David Goulet | |
2023-11-09 | version: Bump version to 0.4.8.9 | Tor CI Release | |
2023-11-09 | Merge branch 'maint-0.4.8' | David Goulet | |
2023-11-09 | fallbackdir: Update list generated on November 09, 2023 | Tor CI Release | |
2023-11-09 | Update geoip files to match ipfire location db, 2023/11/09. | Tor CI Release | |
2023-11-09 | Merge branch 'maint-0.4.8' | David Goulet | |
2023-11-09 | Merge branch 'ticket40883_048_01' into maint-0.4.8 | David Goulet | |
2023-11-09 | Merge branch 'maint-0.4.8' | David Goulet | |
2023-11-09 | Merge branch 'tor-gitlab/mr/778' into maint-0.4.8 | David Goulet | |
2023-11-09 | Merge branch 'fix-man-typos' into 'main' | David Goulet | |
fix man page typos See merge request tpo/core/tor!781 | |||
2023-11-08 | hs: Always check if the hs_ident is available when processing a cell | David Goulet | |
Signed-off-by: David Goulet <dgoulet@torproject.org> | |||
2023-11-07 | hs: Fix assert in hs_metrics_update_by_ident() | David Goulet | |
The hs_metrics_failed_rdv() macro could pass a NULL value for the identity key when a building circuit would end up in a failure path *before* the "hs_ident" was able to be set which leading to this assert. This was introduced in 0.4.8.1-alpha with the addition of rendezvous circuit failure metrics for the MetricsPort. This fixes TROVE-2023-006 for which its severity is considered high. Signed-off-by: David Goulet <dgoulet@torproject.org> |