| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2011-01-15 | final changelog cleanup. it'll do. | Roger Dingledine | |
| 2011-01-15 | amend changelog for fixing --enable-openbsd-malloc | Roger Dingledine | |
| 2011-01-15 | clean up changelog more, add blurb | Roger Dingledine | |
| 2011-01-15 | start cleaning up 0.2.1.29 changelog | Roger Dingledine | |
| 2010-12-16 | add blurb, change release datetor-0.2.1.28 | Roger Dingledine | |
| 2010-12-16 | fold in changelog entry | Roger Dingledine | |
| 2010-12-16 | merge changes files | Roger Dingledine | |
| 2010-11-23 | integrate the changelog entrytor-0.2.1.27 | Roger Dingledine | |
| 2010-11-23 | fold in changelog | Roger Dingledine | |
| 2010-11-22 | fold in geoip changes commit | Roger Dingledine | |
| 2010-11-22 | add blurbs to recent releases | Roger Dingledine | |
| 2010-11-21 | fold in the pending changes | Roger Dingledine | |
| 2010-04-30 | bump to 0.2.1.26, and pick a release datetor-0.2.1.26 | Roger Dingledine | |
| 2010-04-30 | fold in the changelog entries | Roger Dingledine | |
| 2010-03-16 | give us a blurb; add stanza to the releasenotestor-0.2.1.25 | Roger Dingledine | |
| 2010-03-15 | bump to 0.2.1.25 | Roger Dingledine | |
| it's perfect, let's ship it | |||
| 2010-03-06 | clean up the 0.2.1.25 changelog | Roger Dingledine | |
| 2010-03-04 | Apply Roger's bug 1269 fix. | Nick Mathewson | |
| From http://archives.seul.org/tor/relays/Mar-2010/msg00006.html : As I understand it, the bug should show up on relays that don't set Address to an IP address (so they need to resolve their Address line or their hostname to guess their IP address), and their hostname or Address line fails to resolve -- at that point they'll pick a random 4 bytes out of memory and call that their address. At the same time, relays that *do* successfully resolve their address will ignore the result, and only come up with a useful address if their interface address happens to be a public IP address. | |||
| 2010-02-27 | Properly handle non-terminated strings | Sebastian Hahn | |
| Treat strings returned from signed_descriptor_get_body_impl() as not NUL-terminated. Since the length of the strings is available, this is not a big problem. Discovered by rieo. | |||
| 2010-02-26 | Proper NULL checking in circuit_list_path_impl() | Sebastian Hahn | |
| Another dereference-then-NULL-check sequence. No reports of this bug triggered in the wild. Fixes bugreport 1256. Thanks to ekir for discovering and reporting this bug. | |||
| 2010-02-26 | Proper NULL checking for hsdesc publication | Sebastian Hahn | |
| Fix a dereference-then-NULL-check sequence. This bug wasn't triggered in the wild, but we should fix it anyways in case it ever happens. Also make sure users get a note about this being a bug when they see it in their log. Thanks to ekir for discovering and reporting this bug. | |||
| 2010-02-26 | Zero a cipher completely before freeing it | Sebastian Hahn | |
| We used to only zero the first ptrsize bytes of the cipher. Since cipher is large enough, we didn't zero too many bytes. Discovered and fixed by ekir. Fixes bug 1254. | |||
| 2010-02-21 | bump to 0.2.1.24 | Roger Dingledine | |
| 2010-02-18 | Add changelog for latest openssl fix | Nick Mathewson | |
| 2010-02-13 | give it a blurb, update the datetor-0.2.1.23 | Roger Dingledine | |
| 2010-02-12 | new dannenberg address; make moria2's demise official. | Roger Dingledine | |
| 2010-02-12 | prepare for 0.2.1.23 | Roger Dingledine | |
| 2010-02-08 | Don't use gethostbyname() in resolve_my_address() | Sebastian Hahn | |
| Tor has tor_lookup_hostname(), which prefers ipv4 addresses automatically. Bug 1244 occured because gethostbyname() returned an ipv6 address, which Tor cannot handle currently. Fixes bug 1244; bugfix on 0.0.2pre25. Reported by Mike Mestnik. | |||
| 2010-02-07 | lookup_last_hid_serv_request() could overflow and leak memory | Sebastian Hahn | |
| The problem was that we didn't allocate enough memory on 32-bit platforms with 64-bit time_t. The memory leak occured every time we fetched a hidden service descriptor we've fetched before. | |||
| 2010-01-29 | Decide whether to use SSL flags based on runtime OpenSSL version. | Nick Mathewson | |
| We need to do this because Apple doesn't update its dev-tools headers when it updates its libraries in a security patch. On the bright side, this might get us out of shipping a statically linked OpenSSL on OSX. May fix bug 1225. [backported] | |||
| 2010-01-19 | spread guard rotation out throughout the month | Roger Dingledine | |
| 2010-01-19 | weight guard choice by bandwidth; discard old guards | Roger Dingledine | |
| 2010-01-19 | bump to 0.2.1.22, and give it a changelogtor-0.2.1.22 | Roger Dingledine | |
| 2010-01-19 | rotate keys for moria1 and gabelmoo | Roger Dingledine | |
| 2010-01-17 | stop bridge authorities from leaking their bridge list | Roger Dingledine | |
| 2009-12-21 | bump to 0.2.1.21 so we can releasetor-0.2.1.21 | Roger Dingledine | |
| 2009-12-15 | Fix bug 1173: remove an assert(unsigned >= 0). | Nick Mathewson | |
| 2009-11-23 | fix race condition that can cause crashes at client or exit relay | Roger Dingledine | |
| Avoid crashing if the client is trying to upload many bytes and the circuit gets torn down at the same time, or if the flip side happens on the exit relay. Bugfix on 0.2.0.1-alpha; fixes bug 1150. | |||
| 2009-11-17 | add the 0.2.1.20 changelog blurb, plus update the releasenotes | Roger Dingledine | |
| 2009-11-05 | Make Tor work with OpenSSL 0.9.8l | Nick Mathewson | |
| To fix a major security problem related to incorrect use of SSL/TLS renegotiation, OpenSSL has turned off renegotiation by default. We are not affected by this security problem, however, since we do renegotiation right. (Specifically, we never treat a renegotiated credential as authenticating previous communication.) Nevertheless, OpenSSL's new behavior requires us to explicitly turn renegotiation back on in order to get our protocol working again. Amusingly, this is not so simple as "set the flag when you create the SSL object" , since calling connect or accept seems to clear the flags. For belt-and-suspenders purposes, we clear the flag once the Tor handshake is done. There's no way to exploit a second handshake either, but we might as well not allow it. | |||
| 2009-10-26 | Add changelog to describe coverity fixes for 0.2.1.21 | Nick Mathewson | |
| 2009-10-26 | Only send the if_modified_since header for a v3 consensus. | Nick Mathewson | |
| Spotted by xmux; bugfix on 0.2.0.10-alpha. (Bug introduced by 20b10859) | |||
| 2009-10-15 | bump to 0.2.1.20tor-0.2.1.20 | Roger Dingledine | |
| 2009-10-15 | Move moria1 and Tonga to alternate IP addresses. | Roger Dingledine | |
| 2009-10-14 | read the "circwindow" parameter from the consensus | Roger Dingledine | |
| backport of c43859c5c12361fad505 backport of 0d13e0ed145f4c1b5bd1 | |||
| 2009-09-20 | Revert "Teach connection_ap_can_use_exit about Exclude*Nodes" | Roger Dingledine | |
| This reverts commit dc3229313b6d2aaff437c6fc7fa55ead4409e93d. We're going to do this more thoroughly in 0.2.2.x, and not in maint-0.2.1. | |||
| 2009-09-17 | Work around a memory leak in openssl 0.9.8g (and maybe others) | Nick Mathewson | |
| 2009-09-16 | Merge commit 'karsten/fix-1073' into maint-0.2.1 | Nick Mathewson | |
| 2009-09-16 | Teach connection_ap_can_use_exit about Exclude*Nodes | Sebastian Hahn | |
| To further attempt to fix bug 1090, make sure connection_ap_can_use_exit always returns 0 when the chosen exit router is excluded. This should fix bug1090. | |||
| 2009-09-15 | Merge commit 'sebastian/memleak' into maint-0.2.1 | Nick Mathewson | |
 |
index : tor | |
| Transit encryption and privacy out of the box | The Tor Project |
| summaryrefslogtreecommitdiff |