summaryrefslogtreecommitdiff
path: root/changes
AgeCommit message (Collapse)Author
2018-03-01Forbid "-0" as a protocol version.Nick Mathewson
Fixes part of 24249; bugfix on 0.2.9.4-alpha.
2018-03-01Add another NULL-pointer fix for protover.c.Nick Mathewson
This one can only be exploited if you can generate a correctly signed consensus, so it's not as bad as 25074. Fixes bug 25251; also tracked as TROVE-2018-004.
2018-03-01Correctly handle NULL returns from parse_protocol_list when voting.Nick Mathewson
In some cases we had checked for it, but in others we had not. One of these cases could have been used to remotely cause denial-of-service against directory authorities while they attempted to vote. Fixes TROVE-2018-001.
2018-02-16Merge remote-tracking branch 'dgoulet/ticket24902_029_05' into maint-0.2.9Nick Mathewson
2018-02-16stop calling channel_mark_client in response to a create_fastRoger Dingledine
since all it does is produce false positives this commit should get merged into 0.2.9 and 0.3.0 *and* 0.3.1, even though the code in the previous commit is already present in 0.3.1. sorry for the mess.
2018-02-16backport to make channel_is_client() accurateRoger Dingledine
This commit takes a piece of commit af8cadf3a9 and a piece of commit 46fe353f25, with the goal of making channel_is_client() be based on what sort of connection handshake the other side used, rather than seeing whether the other side ever sent a create_fast cell to us.
2018-02-13fix make check-changesTaylor Yu
2018-02-13Make check-changes happyDavid Goulet
Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-02-13Merge remote-tracking branch 'dgoulet/bug25223_029_01' into ticket24902_029_05David Goulet
2018-02-13dos: Add extra safety asserts in cc_stats_refill_bucket()David Goulet
Never allow the function to set a bucket value above the allowed circuit burst. Closes #25202 Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-02-13dos: Don't set consensus param if we aren't a public relayDavid Goulet
We had this safeguard around dos_init() but not when the consensus changes which can modify consensus parameters and possibly enable the DoS mitigation even if tor wasn't a public relay. Fixes #25223 Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-02-13dirserv: Improve returned message when relay is rejectedDavid Goulet
Explicitly inform the operator of the rejected relay to set a valid email address in the ContactInfo field and contact bad-relays@ mailing list. Fixes #25170 Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-02-12Merge branch 'bug23318-redux_029' into maint-0.2.9Nick Mathewson
2018-02-11Merge remote-tracking branch 'public/bug24198_029' into maint-0.2.9Nick Mathewson
2018-02-11Merge branch 'ticket24315_029' into maint-0.2.9Nick Mathewson
2018-02-11Merge remote-tracking branch 'public/bug21074_029' into maint-0.2.9Nick Mathewson
2018-02-10Merge branch 'bug24978_029_enable' into maint-0.2.9Nick Mathewson
2018-02-08Merge branch 'maint-0.2.5' into maint-0.2.9Nick Mathewson
2018-02-08Update geoip and geoip6 to the February 7 2018 database.Karsten Loesing
2018-02-02Merge branch 'ticket25122_029_02' into ticket24902_029_05David Goulet
2018-02-02geoip: Hook the client history cache into the OOM handlerDavid Goulet
If the cache is using 20% of our maximum allowed memory, clean 10% of it. Same behavior as the HS descriptor cache. Closes #25122 Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-01-31channel_tls_get_remote_addr_method now returns real_addr.Fernando Fernandez Mancera
The accurate address of a connection is real_addr, not the addr member. channel_tls_get_remote_addr_method() now returns real_addr instead. Fixes #24952; bugfix on 707c1e2 in 0.2.4.11-alpha. Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
2018-01-30dos: Add changes file for ticket 24902David Goulet
Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-01-23Make Tor support TLS1.3 ciphers with OpenSSL 1.1.1Nick Mathewson
Without this patch, not only will TLS1.3 not work with Tor, but OpenSSL 1.1.1 with TLS1.3 enabled won't build any connections at all: It requires that either TLS1.3 be disabled, or some TLS1.3 ciphersuites be listed. Closes ticket 24978.
2018-01-19hs: Use hs_service_max_rdv_failures consensus param, defaulting to 2Roger Dingledine
2018-01-19MAX_REND_FAILURES is 1, but we would try three timesRoger Dingledine
Fix an "off by 2" error in counting rendezvous failures on the onion service side. While we thought we would stop the rendezvous attempt after one failed circuit, we were actually making three circuit attempts before giving up. Fixes bug 24895; bugfix on 0.0.6.
2018-01-08Add changes file for new fallback directory list.Nick Mathewson
2018-01-08Merge branch 'maint-0.2.5' into maint-0.2.9Nick Mathewson
2018-01-08Update geoip and geoip6 to the January 5 2018 database.Karsten Loesing
2018-01-05Merge branch 'teor_ticket24681_028' into maint-0.2.9Nick Mathewson
2018-01-04Don't treat a setrlimit failure as fatal.Nick Mathewson
Fixes bug 21074; bugfix on 4689243242e2e12 in 0.0.9rc5 when we started doing setrlimit() in the first place.
2018-01-03Merge branch 'bug24633_029' into maint-0.2.9Nick Mathewson
2018-01-02Merge remote-tracking branch 'teor/bug24736_028' into maint-0.2.9Nick Mathewson
2017-12-25Clear the address when we can't choose a reachable addressteor
When the fascist_firewall_choose_address_ functions don't find a reachable address, set the returned address to the null address and port. This is a precautionary measure, because some callers do not check the return value. Fixes bug 24736; bugfix on 0.2.8.2-alpha.
2017-12-23Make the default DirAuthorityFallbackRate 0.1teor
This makes clients on the public tor network prefer to bootstrap off fallback directory mirrors. This is a follow-up to 24679, which removed weights from the default fallbacks. Implements ticket 24681.
2017-12-21Merge branch 'maint-0.2.8' into maint-0.2.9Nick Mathewson
2017-12-21Merge branch 'maint-0.2.5' into maint-0.2.8maint-0.2.8Nick Mathewson
2017-12-21Merge branch 'bug24666_squashed_025' into maint-0.2.5Nick Mathewson
2017-12-21Move destroy cells into a separate queue type of their own, to save RAMNick Mathewson
We've been seeing problems with destroy cells queues taking up a huge amount of RAM. We can mitigate this, since while a full packed destroy cell takes 514 bytes, we only need 5 bytes to remember a circuit ID and a reason. Fixes bug 24666. Bugfix on 0.2.5.1-alpha, when destroy cell queues were introduced.
2017-12-20Merge branch 'maint-0.2.8' into maint-0.2.9Nick Mathewson
2017-12-20Merge branch 'maint-0.2.5' into maint-0.2.8Nick Mathewson
2017-12-20Update geoip and geoip6 to the December 6 2017 database.Karsten Loesing
2017-12-20Fix the clz32 and clz64 settings on MSVC.Nick Mathewson
Fixes bug 24633; bugfix on 0.2.9.1-alpha.
2017-12-11Merge branch 'maint-0.2.8' into maint-0.2.9Nick Mathewson
2017-12-11Merge branch 'maint-0.2.5' into maint-0.2.8Nick Mathewson
2017-12-11Merge branch 'bug24167_025' into maint-0.2.5Nick Mathewson
2017-12-11Merge branch 'maint-0.2.8' into maint-0.2.9Nick Mathewson
2017-12-11Merge branch 'maint-0.2.5' into maint-0.2.8Nick Mathewson
2017-12-11Merge remote-tracking branch 'public/ticket23856_025_01' into maint-0.2.5Nick Mathewson
2017-12-11Merge remote-tracking branch 'public/bug23985_029' into maint-0.2.9Nick Mathewson
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion