summaryrefslogtreecommitdiff
path: root/changes
AgeCommit message (Collapse)Author
2017-06-09Merge branch 'maint-0.3.0'Nick Mathewson
2017-06-09Merge branch 'maint-0.2.9' into maint-0.3.0Nick Mathewson
2017-06-09Merge branch 'maint-0.2.8' into maint-0.2.9Nick Mathewson
2017-06-09Merge branch 'maint-0.2.7-redux' into maint-0.2.8Nick Mathewson
2017-06-09Merge branch 'maint-0.2.6' into maint-0.2.7-reduxNick Mathewson
2017-06-09Merge branch 'maint-0.2.5' into maint-0.2.6Nick Mathewson
2017-06-09Merge branch 'maint-0.2.4' into maint-0.2.5Nick Mathewson
2017-06-09Update geoip and geoip6 to the June 8 2017 database.Karsten Loesing
2017-06-08Fold TROVE-2017-00[45] into changelogNick Mathewson
2017-06-08bump to 0.3.0.8Nick Mathewson
2017-06-08Merge branch 'maint-0.2.7-redux' into maint-0.2.8Nick Mathewson
2017-06-08Merge branch 'maint-0.2.6' into maint-0.2.7-reduxNick Mathewson
2017-06-08Merge branch 'maint-0.2.5' into maint-0.2.6Nick Mathewson
2017-06-08Merge branch 'maint-0.2.4' into maint-0.2.5Nick Mathewson
2017-06-08Merge branch 'maint-0.2.8' into maint-0.2.9Nick Mathewson
2017-06-08Merge branch 'maint-0.2.9' into maint-0.3.0Nick Mathewson
2017-06-08Merge branch 'maint-0.3.0'Nick Mathewson
2017-06-08TROVE-2017-005: Fix assertion failure in connection_edge_process_relay_cellDavid Goulet
On an hidden service rendezvous circuit, a BEGIN_DIR could be sent (maliciously) which would trigger a tor_assert() because connection_edge_process_relay_cell() thought that the circuit is an or_circuit_t but is an origin circuit in reality. Fixes #22494 Reported-by: Roger Dingledine <arma@torproject.org> Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-06-08Another changes fix.Nick Mathewson
2017-06-08Merge branch 'maint-0.3.0'Nick Mathewson
2017-06-08tweak changes file.Nick Mathewson
2017-06-08TROVE-2017-004: Fix assertion failure in relay_send_end_cell_from_edge_David Goulet
This fixes an assertion failure in relay_send_end_cell_from_edge_() when an origin circuit and a cpath_layer = NULL were passed. A service rendezvous circuit could do such a thing when a malformed BEGIN cell is received but shouldn't in the first place because the service needs to send an END cell on the circuit for which it can not do without a cpath_layer. Fixes #22493 Reported-by: Roger Dingledine <arma@torproject.org> Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-06-07Start on a changelog for 0.3.1.3-alphaNick Mathewson
2017-06-05Merge branch 'maint-0.3.0'Nick Mathewson
2017-06-05Merge branch 'bug22460_030_01' into maint-0.3.0Nick Mathewson
2017-06-05Merge branch 'maint-0.2.9' into maint-0.3.0Nick Mathewson
2017-06-05Merge branch 'bug22460_case2_029_01_squashed' into maint-0.2.9Nick Mathewson
2017-06-05Changes file for the x509 link certificate case of bug22460Nick Mathewson
2017-06-05Merge branch 'maint-0.3.0'Nick Mathewson
2017-06-05Merge branch 'maint-0.2.9' into maint-0.3.0Nick Mathewson
2017-06-05Merge branch 'maint-0.2.8' into maint-0.2.9Nick Mathewson
2017-06-05Merge branch 'maint-0.2.7-redux' into maint-0.2.8Nick Mathewson
2017-06-05Merge branch 'maint-0.2.6' into maint-0.2.7-reduxNick Mathewson
2017-06-05Merge branch 'maint-0.2.5' into maint-0.2.6Nick Mathewson
2017-06-05Merge branch 'maint-0.2.4' into maint-0.2.5Nick Mathewson
2017-06-05Fix undefined behavior in geoip_parse_entry().Nick Mathewson
Fixes bug 22490; bugfix on 6a241ff3ffe7dc1 in 0.2.4.6-alpha. Found by teor using clang-5.0's AddressSanitizer stack-use-after-scope.
2017-06-05Merge branch 'bug22466_diagnostic_030'Nick Mathewson
2017-06-05Merge branch 'maint-0.3.0'Nick Mathewson
2017-06-01Regenerate RSA->ed25519 identity crosscertificate as neededNick Mathewson
2017-06-01Use tor_assert_nonfatal() to try to detect #22466Nick Mathewson
2017-06-01Fix ed25519 link certificate race on tls context rotationNick Mathewson
Whenever we rotate our TLS context, we change our Ed25519 Signing->Link certificate. But if we've already started a TLS connection, then we've already sent the old X509 link certificate, so the new Ed25519 Signing->Link certificate won't match it. To fix this, we now store a copy of the Signing->Link certificate when we initialize the handshake state, and send that certificate as part of our CERTS cell. Fixes one case of bug22460; bugfix on 0.3.0.1-alpha.
2017-05-31Bugfix: Regenerate more certificates when appropriateNick Mathewson
Previously we could sometimes change our signing key, but not regenerate the certificates (signing->link and signing->auth) that were signed with it. Also, we would regularly replace our TLS x.509 link certificate (by rotating our TLS context) but not replace our signing->link ed25519 certificate. In both cases, the resulting inconsistency would make other relays reject our link handshakes. Fixes two cases of bug 22460; bugfix on 0.3.0.1-alpha.
2017-05-30Update the torify.1 manpageNick Mathewson
I went into this to fix 6892 and say "we don't do anything for circuit isolation." But instead I did a fair amount of text-removal to stop implying that torify does anything more than call torsocks.
2017-05-30Merge remote-tracking branch 'argonblue/bug22413'Nick Mathewson
2017-05-30Check for libzstd >= 1.1Taylor Yu
The consensus compression code depends on a streaming compression API that is new in libzstd-1.1. Fixes #22413.
2017-05-30hs: Correctly validate v3 descriptor encrypted lengthDavid Goulet
The encrypted_data_length_is_valid() function wasn't validating correctly the length of the encrypted data of a v3 descriptor. The side effect of this is that an HSDir was rejecting the descriptor and ultimately not storing it. Fixes #22447 Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-05-30Merge remote-tracking branch 'public/bug6298'Nick Mathewson
2017-05-30Merge remote-tracking branch 'teor/bug22424'Nick Mathewson
2017-05-30changes file for 22417Nick Mathewson
2017-05-30changes file for 22446Nick Mathewson
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion