summaryrefslogtreecommitdiff
path: root/changes
AgeCommit message (Collapse)Author
2015-10-09Merge remote-tracking branch 'origin/maint-0.2.7'Nick Mathewson
2015-10-09Merge remote-tracking branch 'origin/maint-0.2.6' into maint-0.2.7Nick Mathewson
2015-10-09Merge remote-tracking branch 'origin/maint-0.2.5' into maint-0.2.6Nick Mathewson
2015-10-09Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5Nick Mathewson
2015-10-09Update geoip and geoip6 to the October 9 2015 database.Karsten Loesing
2015-10-07Merge remote-tracking branch 'origin/maint-0.2.7'Nick Mathewson
2015-10-07Make get_ifaddrs tests more tolerant of unusual network configsteor (Tim Wilson-Brown)
* Don't assume that every test box has an IPv4 address * Don't assume that every test box has a non-local address Resolves issue #17255 released in unit tests in 0.2.7.3-rc.
2015-10-07changes file for 17078Nick Mathewson
2015-10-06changes file for #16563Nick Mathewson
2015-10-06Merge remote-tracking branch 'origin/maint-0.2.7'Nick Mathewson
2015-10-06Work around openssl declaring x509_get_not{Before,After} as functionsNick Mathewson
Now that x509_get_not{Before,After} are functions in OpenSSL 1.1 (not yet releasesd), we need to define a variant that takes a const pointer to X509 and returns a const pointer to ASN1_time. Part of 17237. I'm not convinced this is an openssl bug or a tor bug. It might be just one of those things.
2015-10-06Fix 17251: avoid integer overflow in test_crypto_slowNick Mathewson
2015-10-02Fix warnings.Nick Mathewson
2015-10-02changes file for 17082Nick Mathewson
2015-10-02Merge remote-tracking branch 'teor/warn-when-time-goes-backwards'Nick Mathewson
2015-10-02Merge remote-tracking branch 'teor/routerset-parse-IPv6-literals'Nick Mathewson
(Minor conflicts)
2015-10-02Merge remote-tracking branch 'donncha/feature14846_4'Nick Mathewson
2015-10-02Merge remote-tracking branch 'sebastian/bug17026'Nick Mathewson
2015-10-02Clean up compat_libevent testsNick Mathewson
2015-09-30Add SyslogIdentityTagPeter Palfrader
When logging to syslog, allow a tag to be added to the syslog identity ("Tor"), i.e. the string prepended to every log message. The tag can be configured by setting SyslogIdentityTag and defaults to none. Setting it to "foo" will cause logs to be tagged as "Tor-foo". Closes: #17194.
2015-09-30Warn when the system clock is set back in timeteor (Tim Wilson-Brown)
Warn when the state file was last written in the future. Tor doesn't know that consensuses have expired if the clock is in the past. Patch by "teor". Implements ticket #17188.
2015-09-29Socks->SOCKS in torrcs. Fixes 15609Nick Mathewson
2015-09-29Add checks and unit tests for get_interface_address* failureteor (Tim Wilson-Brown)
Ensure that either a valid address is returned in address pointers, or that the address data is zeroed on error. Ensure that free_interface_address6_list handles NULL lists. Add unit tests for get_interface_address* failure cases. Fixes bug #17173. Patch by fk/teor, not in any released version of tor.
2015-09-29Changes file for bug17154Nick Mathewson
2015-09-29Add changes file for bug17151Nick Mathewson
2015-09-24fold 17148 into changelogNick Mathewson
2015-09-24Stop trying to generate test scripts via autoconf substitution.Nick Mathewson
Use environment variables instead. This repairs 'make distcheck', which was running into trouble when it tried to chmod the generated scripts. Fixes 17148.
2015-09-24fold 17135 into changelogNick Mathewson
2015-09-24Merge branch 'underpinning_squashed'Nick Mathewson
2015-09-24changes file and manpage entry for AuthDirPinKeysNick Mathewson
2015-09-24Fold new entries into changelogNick Mathewson
2015-09-24Merge remote-tracking branch 'origin/maint-0.2.6'Nick Mathewson
2015-09-24Merge remote-tracking branch 'origin/maint-0.2.5' into maint-0.2.6Nick Mathewson
2015-09-24Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5Nick Mathewson
2015-09-24Update geoip and geoip6 to the September 3 2015 database.Karsten Loesing
2015-09-22Merge branch 'feature16769_squashed'Nick Mathewson
2015-09-22Remove --master-key form the changes fileNick Mathewson
2015-09-22Add a --master-key optionNick Mathewson
This lets the user override the default location for the master key when used with --keygen Part of 16769.
2015-09-22Add a new --newpass option to add or remove secret key passphrases.Nick Mathewson
2015-09-22Merge branch 'feature16944_v2'Nick Mathewson
2015-09-22Merge branch 'bug17109_v2_squashed'Nick Mathewson
2015-09-22Check that openssl has ECC support during configureSebastian Hahn
This allows builds on machines with a crippled openssl to fail early during configure. Bugfix on 0.2.7.1-alpha, which introduced the requirement for ECC support. Fixes bug 17109.
2015-09-22Update docs with advice for separate IPv4 and IPv6 exit policiesteor (Tim Wilson-Brown)
Advise users how to configure separate IPv4 and IPv6 exit policies in the manpage and sample torrcs. Related to fixes in ticket #16069 and #17027. Patch by "teor". Patch on 2eb7eafc9d78 and a96c0affcb4c (25 Oct 2012), released in 0.2.4.7-alpha.
2015-09-21fold new entries into changelog for 0.2.7.3Nick Mathewson
2015-09-16Merge remote-tracking branch 'public/bug17047'Nick Mathewson
2015-09-16Merge branch 'bug17027-reject-private-all-interfaces-v2' into bug16069-bug17027teor (Tim Wilson-Brown)
src/test/test_policy.c: Merged calls to policies_parse_exit_policy by adding additional arguments. fixup to remaining instance of ~EXIT_POLICY_IPV6_ENABLED. Compacting logic test now produces previous list length of 4, corrected this. src/config/torrc.sample.in: src/config/torrc.minimal.in-staging: Merged torrc modification dates in favour of latest.
2015-09-16ExitPolicyRejectPrivate rejects local IPv6 address and interface addressesteor (Tim Wilson-Brown)
ExitPolicyRejectPrivate now rejects more local addresses by default: * the relay's published IPv6 address (if any), and * any publicly routable IPv4 or IPv6 addresses on any local interfaces. This resolves a security issue for IPv6 Exits and multihomed Exits that trust connections originating from localhost. Resolves ticket 17027. Patch by "teor". Patch on 42b8fb5a1523 (11 Nov 2007), released in 0.2.0.11-alpha.
2015-09-16ExitPolicy accept6/reject6 produces IPv6 wildcard addresses onlyteor (Tim Wilson-Brown)
In previous versions of Tor, ExitPolicy accept6/reject6 * produced policy entries for IPv4 and IPv6 wildcard addresses. To reduce operator confusion, change accept6/reject6 * to only produce an IPv6 wildcard address. Resolves bug #16069. Patch on 2eb7eafc9d78 and a96c0affcb4c (25 Oct 2012), released in 0.2.4.7-alpha.
2015-09-16Warn about redundant torrc ExitPolicy lines due to accept/reject *:*teor (Tim Wilson-Brown)
Tor now warns when ExitPolicy lines occur after accept/reject *:* or variants. These lines are redundant, and were always ignored. Partial fix for ticket 16069. Patch by "teor". Patch on 2eb7eafc9d78 and a96c0affcb4c (25 Oct 2012), released in 0.2.4.7-alpha.
2015-09-16Ignore accept6/reject6 IPv4, warn about unexpected rule outcomesteor (Tim Wilson-Brown)
When parsing torrc ExitPolicies, we now warn if: * an IPv4 address is used on an accept6 or reject6 line. The line is ignored, but the rest of the policy items in the list are used. (accept/reject continue to allow both IPv4 and IPv6 addresses in torrcs.) * a "private" address alias is used on an accept6 or reject6 line. The line filters both IPv4 and IPv6 private addresses, disregarding the 6 in accept6/reject6. When parsing torrc ExitPolicies, we now issue an info-level message: * when expanding an accept/reject * line to include both IPv4 and IPv6 wildcard addresses. In each instance, usage advice is provided to avoid the message. Partial fix for ticket 16069. Patch by "teor". Patch on 2eb7eafc9d78 and a96c0affcb4c (25 Oct 2012), released in 0.2.4.7-alpha.