summaryrefslogtreecommitdiff
path: root/changes
AgeCommit message (Collapse)Author
2016-11-07Merge remote-tracking branch 'teor/bug20484_029_v2' into maint-0.2.9Nick Mathewson
2016-11-07Count HTTP 503 as a download failure.Nick Mathewson
Because as Teor puts it: "[Resetting on 503] is exactly what we don't want when relays are busy - imagine clients doing an automatic reset every time they DoS a relay..." Fixes bug 20593.
2016-11-07Adjust download schedules per teor's #20534 recommendataionsNick Mathewson
2016-11-07Merge branch 'maint-0.2.8' into maint-0.2.9Nick Mathewson
2016-11-07Merge branch 'maint-0.2.7' into maint-0.2.8Nick Mathewson
2016-11-07Merge branch 'maint-0.2.6' into maint-0.2.7Nick Mathewson
2016-11-07Merge branch 'maint-0.2.5' into maint-0.2.6Nick Mathewson
2016-11-07Merge branch 'maint-0.2.4' into maint-0.2.5Nick Mathewson
2016-11-07Merge branch '20499_part1_029_squashed', remote-tracking branches ↵Nick Mathewson
'teor/bug20591_029' and 'teor/bug20533_029' into maint-0.2.9
2016-11-07Allow infinitely long delays in exponential-backoff downloadsNick Mathewson
It's only safe to remove the failure limit (per 20536) if we are in fact waiting a bit longer each time we try to download. Fixes bug 20534; bugfix on 0.2.9.1-alpha.
2016-11-07Update geoip and geoip6 to the November 3 2016 database.Karsten Loesing
2016-11-08When downloading certificates, check for related failuresteor
If a consensus expires while we are waiting for certificates to download, stop waiting for certificates. If we stop waiting for certificates less than a minute after we started downloading them, do not consider the certificate download failure a separate failure. Fixes bug 20533; bugfix on commit e0204f21 in 0.2.0.9-alpha.
2016-11-07Ensure relays don't make multiple connections during bootstrapteor
Relays do not deliberately launch multiple attempts, so the impact of this bug should be minimal. This fix also defends against bugs like #20499. Bugfix on 0.2.8.1-alpha.
2016-11-06Always Use EVP_aes_*_ctr() with openssl 1.1Nick Mathewson
(OpenSSL 1.1 makes EVP_CIPHER_CTX opaque, _and_ adds acceleration for counter mode on more architectures. So it won't work if we try the older approach, and it might help if we try the newer one.) Fixes bug 20588.
2016-11-06In test_tortls_classify_client_ciphers(), s/ECDH/ECDHE/Nick Mathewson
(We weren't actually using these ciphers; we were just requing that ciphers of that name existed.) Patch from rubiate. Fixes 20460
2016-11-06Do not apply 'max_failures' to random-exponential schedules.Nick Mathewson
Fixes bug 20536; bugfix on 0.2.9.1-alpha.
2016-11-06Fix get_delay() code to avoid TIME_MAX overflow, not INT_MAX.Nick Mathewson
Fixes bug 20587; bugfix on 35bbf2e4a4e8ccb in 0.2.8.1-alpha.
2016-11-06Fix warnings from lintChanges.pyNick Mathewson
2016-11-03Merge branch 'maint-0.2.8' into maint-0.2.9Nick Mathewson
2016-11-03Merge branch 'bug20551_028' into maint-0.2.8Nick Mathewson
2016-11-03Merge branch 'maint-0.2.8' into maint-0.2.9Nick Mathewson
2016-11-03Merge remote-tracking branch 'arma/bug19969_028_squashed' into maint-0.2.8Nick Mathewson
2016-11-03Merge branch 'maint-0.2.8' into maint-0.2.9Nick Mathewson
2016-11-03Work around a behavior change in openssl's BUF_MEM codeNick Mathewson
In our code to write public keys to a string, for some unfathomable reason since 253f0f160e1185c, we would allocate a memory BIO, then set the NOCLOSE flag on it, extract its memory buffer, and free it. Then a little while later we'd free the memory buffer with BUF_MEM_free(). As of openssl 1.1 this doesn't work any more, since there is now a BIO_BUF_MEM structure that wraps the BUF_MEM structure. This BIO_BUF_MEM doesn't get freed in our code. So, we had a memory leak! Is this an openssl bug? Maybe. But our code was already pretty silly. Why mess around with the NOCLOSE flag here when we can just keep the BIO object around until we don't need the buffer any more? Fixes bug 20553; bugfix on 0.0.2pre8
2016-11-03Use explicit casts to avoid warnings when building with openssl 1.1Nick Mathewson
fixes bug 20551; bugfix on 0.2.1.1-alpha
2016-11-02Check every hidden service directory's permissions when configuringteor
Previously, we would only check the last hidden service directory. Fixes #20529, bugfix on ticket 13942 commit 85bfad1 in 0.2.6.2-alpha.
2016-11-01Ask event_base_loop to finish when we add a pending streamRoger Dingledine
Fixes bug 19969; bugfix on b1d56fc58. We can fix this some more in later Tors, but for now, this is probably the right fix for us.
2016-11-01Merge remote-tracking branch 'teor/bug20472-029-v2' into maint-0.2.9Nick Mathewson
2016-11-01Merge branch 'bug20487_029' into maint-0.2.9Nick Mathewson
2016-10-31Merge branch 'bug19968_029' into maint-0.2.9Nick Mathewson
2016-10-31Actually free the worker_state_t object when we do an update with itNick Mathewson
Previously we freed the old "keys" object, but leaked the worker_state_t that we had taken it from. Fixes bug 20401; bugfix on 0.2.6.3-alpha.
2016-10-31Add a sentence to the manpage about nonanonymous=>Socksport 0.Nick Mathewson
Closes 20487.
2016-10-31Create single-onion-service directory before poisoning it, if neededNick Mathewson
(Also, refactor the code to create a hidden service directory into a separate funcion, so we don't have to duplicate it.) Fixes bug 20484; bugfix on 0.2.9.3-alpha.
2016-10-31Actually clamp the number of detected CPUs to 16.Nick Mathewson
Previously we said we did, but didn't. Fixes #19968; bugfix on 0.2.3.1-alpha.
2016-10-31In circuit_pick_extend_handshake, assume all hops support EXTEND2 and ntorteor
This simplifies the function: if we have an ntor key, use ntor/EXTEND2, otherwise, use TAP/EXTEND. Bugfix on commit 10aa913 from 19163 in 0.2.9.3-alpha.
2016-10-26Avoid tor_fragile_assert() failure with DNSPort on RESOLVED_TYPE_ERRORNick Mathewson
The tor_fragile_assert() bug has existed here since c8a5e2d588e0d91 in tor-0.2.1.7-alpha forever, but tor_fragile_assert() was mostly a no-op until 0.2.9.1-alpha. Fixes bug 19869.
2016-10-18changes file for module docsNick Mathewson
2016-10-17Fold 20384 into changelogNick Mathewson
2016-10-17Merge branch 'maint-0.2.8'Nick Mathewson
2016-10-17Merge branch 'buf_sentinel_026_v2' into maint-0.2.8Nick Mathewson
2016-10-17Add a one-word sentinel value of 0x0 at the end of each buf_t chunkNick Mathewson
This helps protect against bugs where any part of a buf_t's memory is passed to a function that expects a NUL-terminated input. It also closes TROVE-2016-10-001 (aka bug 20384).
2016-10-17Start on an 0.2.9.4-alpha changelogNick Mathewson
2016-10-17changes file for module docsNick Mathewson
2016-10-14Merge remote-tracking branch 'public/spaces_in_unix_addrs'Nick Mathewson
2016-10-14Merge branch 'bug18357_v2'Nick Mathewson
2016-10-11Merge remote-tracking branch 'yawning-schwanenlied/bug20261'Nick Mathewson
2016-10-11torrc parsing b0rks on carriage-returnpaolo.ingls@gmail.com
(Specifically, carriage return after a quoted value in a config line. Fixes bug 19167; bugfix on 0.2.0.16-alpha when we introduced support for quoted values. Unit tests, changes file, and this parenthetical by nickm.)
2016-10-11Merge remote-tracking branch 'asn/bug19223'Nick Mathewson
2016-10-10Fix non-triggerable heap corruption at do_getpass().George Kadianakis
2016-10-06Stop implying that we support openssl 1.0.0; we don't.Nick Mathewson
Closes ticket 20303. The LIBRESSL_VERSION_NUMBER check is needed because if our openssl is really libressl, it will have an openssl version number we can't really believe.
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion