aboutsummaryrefslogtreecommitdiff
path: root/changes
AgeCommit message (Collapse)Author
2014-08-21Check for duplicate arguments to tor-gencertNick Mathewson
Found by coverity, which noticed that if you said tor-gencert -i identity1 -i identity2 we would leak "identity1". [CID 1198201, 1198202, 1198203]
2014-08-20Merge branch 'bug12205_take2_squashed'Nick Mathewson
2014-08-20Rewriting entry_is_time_to_retry() using table approach.rl1987
2014-08-20Merge branch 'bug10116_squashed'Nick Mathewson
2014-08-20Don't allocate an extra smartlist in the OOM handlerNick Mathewson
Fixes issue 10116
2014-08-20Allow named pipes for our log files.Nick Mathewson
Closes ticket 12061. Based on a patch from "carlo von lynX" on tor-dev at https://lists.torproject.org/pipermail/tor-dev/2014-April/006705.html
2014-08-20Merge remote-tracking branch 'public/bug11787'Nick Mathewson
2014-08-20Changes file for bug 11787Nick Mathewson
2014-08-20Merge remote-tracking branch 'public/bug12908_025'Nick Mathewson
2014-08-20Warn if Tor is a relay and a HSSathyanarayanan Gunasekaran
Closes 12908; see #8742
2014-08-20Merge remote-tracking branch 'public/bug12728_024'Nick Mathewson
2014-08-20Merge remote-tracking branch 'public/bug12700_024'Nick Mathewson
2014-08-18Fix relay_command_to_string(); solve 12700.Nick Mathewson
Two bugs here: 1) We didn't add EXTEND2/EXTENDED2 to relay_command_to_string(). 2) relay_command_to_string() didn't log the value of unrecognized commands. Both fixed here.
2014-08-15Merge remote-tracking branch 'origin/maint-0.2.5'Nick Mathewson
2014-08-15Missing changes file for 3f683aadcd03c311c1Nick Mathewson
Looks like I forgot to commit this.
2014-08-15Restore functionality for CookieAuthFileGroupReadable.Nick Mathewson
When we merged the cookieauthfile creation logic in 33c3e60a37, we accidentally took out this feature. Fixes bug 12864, bugfix on 0.2.5.1-alpha. Also adds an ExtORPortCookieAuthFileGroupReadable, since there's no reason not to.
2014-08-13Merge remote-tracking branch 'origin/maint-0.2.5'Nick Mathewson
2014-08-13Merge remote-tracking branch 'public/bug12848_024' into maint-0.2.5Nick Mathewson
Conflicts: src/or/circuitbuild.c
2014-08-13Merge remote-tracking branch 'origin/maint-0.2.5'Nick Mathewson
2014-08-13Apply an MSVC compilation fix from Gisle VanemNick Mathewson
This fixes a double-define introduced in 28538069b2f1909a7600ec6d
2014-08-13Merge remote-tracking branch 'public/use_calloc'Nick Mathewson
2014-08-13Merge remote-tracking branch 'origin/maint-0.2.5'Nick Mathewson
2014-08-13Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5Nick Mathewson
2014-08-13Merge remote-tracking branch 'karsten/geoip6-aug2014' into maint-0.2.4Nick Mathewson
2014-08-13Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4Nick Mathewson
2014-08-13Add changes file for bug12855Nick Mathewson
2014-08-13Update geoip6 to the August 7 2014 database.Karsten Loesing
2014-08-13Update geoip to the August 7 2014 database.Karsten Loesing
2014-08-12Don't send DESTROY to circID 0 when circuit_deliver_create_cell failsNick Mathewson
Cypherpunks found this and wrote this patch. Fix for 12848; fix on (I think) d58d4c0d, which went into 0.0.8pre1
2014-08-09Fix some URLs in the READMENick Mathewson
patch from mttp; fixes 12830
2014-08-08Merge remote-tracking branch 'origin/maint-0.2.5'Nick Mathewson
2014-08-06Build circuits more readily when DisableNetwork goes to 0Roger Dingledine
When Tor starts with DisabledNetwork set, it would correctly conclude that it shouldn't try making circuits, but it would mistakenly cache this conclusion and continue believing it even when DisableNetwork is set to 0. Fixes the bug introduced by the fix for bug 11200; bugfix on 0.2.5.4-alpha.
2014-08-05Correctly remove extraneous space in router family linesNick Mathewson
Fixes bug 12728; bugfix on 0.2.1.7-alpha when the SPLIT_IGNORE_SPACE option was added.
2014-07-30Merge remote-tracking branch 'origin/maint-0.2.5'Nick Mathewson
2014-07-30Merge remote-tracking branch 'intrigeri/bug12731-systemd-no-run-as-daemon' ↵Nick Mathewson
into maint-0.2.5 Conflicts: contrib/dist/tor.service.in
2014-07-30Merge remote-tracking branch 'intrigeri/bug12730-systemd-verify-config' into ↵Nick Mathewson
maint-0.2.5
2014-07-30Verify configuration file via ExecStartPre in the systemd unit file (#12730).intrigeri
2014-07-30Explicitly disable RunAsDaemon in the systemd unit file (#12731).intrigeri
Our current systemd unit uses "Type = simple", so systemd does not expect tor to fork. If the user has "RunAsDaemon 1" in their torrc, then things won't work as expected. This is e.g. the case on Debian (and derivatives), since there we pass "--defaults-torrc /usr/share/tor/tor-service-defaults-torrc" (that contains "RunAsDaemon 1") by default. The only solution I could find is to explicitly pass "--RunAsDaemon 0" when starting tor from the systemd unit file, which this commit does.
2014-07-28Merge branch 'maint-0.2.5'Roger Dingledine
2014-07-28Merge branch 'maint-0.2.4' into maint-0.2.5Roger Dingledine
2014-07-28Warn and drop the circuit if we receive an inbound 'relay early' cellRoger Dingledine
Those used to be normal to receive on hidden service circuits due to bug 1038, but the buggy Tor versions are long gone from the network so we can afford to resume watching for them. Resolves the rest of bug 1038; bugfix on 0.2.1.19.
2014-07-27add a changes file for bug 12718Roger Dingledine
2014-07-25get rid of already-merged prop221 changes fileRoger Dingledine
2014-07-25Merge branch 'maint-0.2.4' into maint-0.2.5Roger Dingledine
Conflicts: src/or/or.h
2014-07-25Implement proposal 221: Stop sending CREATE_FASTNick Mathewson
This makes FastFirstHopPK an AUTOBOOL; makes the default "auto"; and makes the behavior of "auto" be "look at the consensus."
2014-07-24get rid of already-merged bug12227 changes fileRoger Dingledine
2014-07-24Merge branch 'maint-0.2.4' into maint-0.2.5Roger Dingledine
2014-07-24Avoid illegal read off end of an array in prune_v2_cipher_listNick Mathewson
This function is supposed to construct a list of all the ciphers in the "v2 link protocol cipher list" that are supported by Tor's openssl. It does this by invoking ssl23_get_cipher_by_char on each two-byte ciphersuite ID to see which ones give a match. But when ssl23_get_cipher_by_char cannot find a match for a two-byte SSL3/TLS ciphersuite ID, it checks to see whether it has a match for a three-byte SSL2 ciphersuite ID. This was causing a read off the end of the 'cipherid' array. This was probably harmless in practice, but we shouldn't be having any uninitialized reads. (Using ssl23_get_cipher_by_char in this way is a kludge, but then again the entire existence of the v2 link protocol is kind of a kludge. Once Tor 0.2.2 clients are all gone, we can drop this code entirely.) Found by starlight. Fix on 0.2.4.8-alpha. Fixes bug 12227.
2014-07-24Merge branch 'maint-0.2.5'Roger Dingledine
2014-07-24Raise guard threshold to top 25% or 2000 kilounitsRoger Dingledine
Authorities now assign the Guard flag to the fastest 25% of the network (it used to be the fastest 50%). Also raise the consensus weight that guarantees the Guard flag from 250 to 2000. For the current network, this results in about 1100 guards, down from 2500. This step paves the way for moving the number of entry guards down to 1 (proposal 236) while still providing reasonable expected performance for most users. Implements ticket 12690.
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion