summaryrefslogtreecommitdiff
path: root/changes
AgeCommit message (Collapse)Author
2012-06-13Implement the client side of proposal 198Nick Mathewson
This is a feature removal: we no longer fake any ciphersuite other than the not-really-standard SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA (0xfeff). This change will let servers rely on our actually supporting what we claim to support, and thereby let Tor migrate to better TLS ciphersuites. As a drawback, Tor instances that use old openssl versions and openssl builds with ciphers disabled will no longer give the "firefox" cipher list.
2012-05-15Change our ciphersuite list to match ff8Nick Mathewson
2012-03-09Use a given name in the bug5090 message, at its holder's request.Nick Mathewson
2012-03-09Never choose a bridge as an exit. Bug 5342.Nick Mathewson
2012-03-09Merge branch 'bug5343' into maint-0.2.2Nick Mathewson
2012-03-09Oops; credit bug5090 patch to flupzor. estebanm only found the bug.Nick Mathewson
2012-03-09Correctly handle broken escape sequences in torrc valuesNick Mathewson
Previously, malformatted torrc values could crash us. Patch by Esteban Manchado. Fixes bug 5090; fix on 0.2.0.16-alpha.
2012-03-08Require a threshold of exit nodes before building circuitsNick Mathewson
This mitigates an attack proposed by wanoskarnet, in which all of a client's bridges collude to restrict the exit nodes that the client knows about. Fixes bug 5343.
2012-03-08Fix compile warnings in openbsd mallocSebastian Hahn
2012-03-08Merge remote-tracking branch 'karsten/geoip-march2012' into maint-0.2.2Nick Mathewson
2012-03-08Update to the March 2012 GeoIP database.Karsten Loesing
2012-02-29new ip address for maatuskaRoger Dingledine
2012-02-10Properly protect paths to sed, sha1sum, opensslSebastian Hahn
in Makefile.am, we used it without quoting it, causing build failure if your openssl/sed/sha1sum happened to live in a directory with a space in it (very common on windows)
2012-02-10Downgrade "missing a certificate" from notice to infoNick Mathewson
It was apparently getting mistaken for a problem, even though it was at notice. Fixes 5067; fix on 0.2.0.10-alpha.
2012-02-09Merge branch 'maint-0.2.1' into maint-0.2.2Roger Dingledine
2012-02-09Revert "add a "docs" to the manual URI as listed in torrc.sample.in"Roger Dingledine
This reverts commit 55e8cae81553678ec77ce6b8fb1bf2d5e483e0aa. The conversation from irc: > weasel: i had intended to leave torrc.sample.in alone in maint-0.2.2, since i don't want to make all your stable users have to deal with a torrc change. but nickm changed it. is it in fact the case that a change in that file means a change in the deb? <weasel> it means you'll prompt every single user who ever touched their torrc <weasel> and they will be asked if they like your new version better than what they have right now <weasel> so it's not great Instead I changed the website to redirect requests for the tor-manual URL listed in maint-0.2.2's torrc.sample.in so the link will still work.
2012-02-09Update to the February 2012 GeoIP database.maint-0.2.1Karsten Loesing
2012-02-08add a "docs" to the manual URI as listed in torrc.sample.inNick Mathewson
2012-02-02Update "ClientOnly" man page entryRoger Dingledine
There isn't really any point to messing with it. Resolves ticket 5005.
2012-01-18Merge remote-tracking branch 'public/bug4533_part2' into maint-0.2.2Nick Mathewson
2012-01-18Documentation for GiveGuardFlagTo... optionNick Mathewson
2012-01-18Fix SOCKET_OK test on win64.Nick Mathewson
Bugfix on 0.2.2.29-beta; partial fix for 4533; found by wanoskarnet
2012-01-09Fix a trivial log message error in renservice.cNick Mathewson
Fixes bug 4856; bugfix on 0.0.6 This bug was introduced in 79fc5217, back in 2004.
2012-01-05Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2Nick Mathewson
2012-01-05Add a changes file for bug4822Nick Mathewson
2012-01-05Merge branch 'maint-0.2.1' into maint-0.2.2Roger Dingledine
2012-01-05add a changes file for ticket 4825Roger Dingledine
2011-12-30Fix spelling in a controlsocket log msgSebastian Hahn
Fixes bug 4803.
2011-12-28Merge remote-tracking branch 'public/bug4788' into maint-0.2.2Nick Mathewson
2011-12-28Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2Nick Mathewson
2011-12-28Bug 4786 fix: don't convert EARLY to RELAY on v1 connectionsNick Mathewson
We used to do this as a workaround for older Tors, but now it's never the correct thing to do (especially since anything that didn't understand RELAY_EARLY is now deprecated hard).
2011-12-27Authorities reject insecure Tors.Nick Mathewson
This patch should make us reject every Tor that was vulnerable to CVE-2011-0427. Additionally, it makes us reject every Tor that couldn't handle RELAY_EARLY cells, which helps with proposal 110 (#4339).
2011-12-25Provide correct timeradd/timersup replacementsSebastian Hahn
Bug caught and patch provided by Vektor. Fixes bug 4778.t
2011-12-21Do not even try to keep going on a socket with socklen==0Nick Mathewson
Back in #1240, r1eo linked to information about how this could happen with older Linux kernels in response to nmap. Bugs #4545 and #4547 are about how our approach to trying to deal with this condition was broken and stupid. Thanks to wanoskarnet for reminding us about #1240. This is a fix for the abovementioned bugs, and is a bugfix on 0.1.0.3-rc.
2011-12-16Merge remote-tracking branch 'sebastian/clang-3.0-fixes_022' into maint-0.2.2Nick Mathewson
2011-12-15Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2Nick Mathewson
2011-12-15Add a fix for the buf_pullup bug that Vektor reportedNick Mathewson
2011-12-13Build with warnings and clang 3.0Sebastian Hahn
--enable-gcc-warnings enables two warnings that clang doesn't support, so the build fails. We had hoped clang 3.0 would add those, but it didn't, so let's just always disable those warnings when building with clang. We can still fix it later once they add support
2011-12-08Merge branch 'maint-0.2.1' into maint-0.2.2Roger Dingledine
2011-12-08Update to the December 2011 GeoIP database.Karsten Loesing
2011-12-02Don't call tor_tls_set_logged_address till after checking conn->tlsNick Mathewson
Fixes bug 4531; partial backport of e27a26d5.
2011-12-02tor_accept_socket() should take tor_addr_t for listener argNick Mathewson
Fixes bug 4535; bugfix on 0.2.2.28-beta; found by "troll_un"
2011-12-02Fix bug 4530; check return val of tor_addr_lookup correctlyNick Mathewson
Fix on 0.2.1.5-alpha; reported by troll_un
2011-11-23Detect tor_addr_to_str failure in tor_dup_addr.Nick Mathewson
This avoids a possible strdup of an uninitialized buffer. Fixes 4529; fix on 0.2.1.3-alpha; reported by troll_un.
2011-11-23Merge remote-tracking branch 'public/bug4230' into maint-0.2.2Nick Mathewson
2011-11-21parameterize bw cutoffs to guarantee Fast and Guard flagsRoger Dingledine
Now it will be easier for researchers to simulate Tor networks with different values. Resolves ticket 4484.
2011-11-21Merge branch 'bug4518' into maint-0.2.2Nick Mathewson
2011-11-21Merge remote-tracking branch 'public/bug3963' into maint-0.2.2Nick Mathewson
2011-11-20Changes file for bug4521 backports.Nick Mathewson
2011-11-19Only call cull_wedged_cpuworkers once every 60 seconds.Nick Mathewson
The function is over 10 or 20% on some of Moritz's profiles, depending on how you could. Since it's checking for a multi-hour timeout, this is safe to do. Fixes bug 4518.
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion