| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2012-01-11 | Merge remote-tracking branch 'origin/maint-0.2.2' | Nick Mathewson | |
| 2012-01-11 | Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 | Nick Mathewson | |
| 2012-01-11 | Fix a compilation warning for our bug4822 fix on 64-bit linux | Nick Mathewson | |
| 2012-01-10 | Merge remote-tracking branch 'public/bug4650_nm_squashed' | Nick Mathewson | |
| 2012-01-10 | whitespace and warning fixes for bug4746 | Nick Mathewson | |
| 2012-01-10 | Merge remote-tracking branch 'asn-mytor/bug4746' | Nick Mathewson | |
| 2012-01-10 | Add missing documentation for counter-mode checks | Nick Mathewson | |
| 2012-01-10 | Clean up indentation in aes.c | Nick Mathewson | |
| 2012-01-10 | Test for broken counter-mode at runtime | Nick Mathewson | |
| To solve bug 4779, we want to avoid OpenSSL 1.0.0's counter mode. But Fedora (and maybe others) lie about the actual OpenSSL version, so we can't trust the header to tell us if it's safe. Instead, let's do a run-time test to see whether it's safe, and if not, use our built-in version. fermenthor contributed a pretty essential fixup to this patch. Thanks! | |||
| 2012-01-10 | We no longer need to detect openssl without RAND_poll() | Nick Mathewson | |
| We require openssl 0.9.7 or later, and RAND_poll() was first added in openssl 0.9.6. | |||
| 2012-01-10 | Add macros to construct openssl version numbers | Nick Mathewson | |
| It's a pain to convert 0x0090813f to and from 0.9.8s-release on the fly, so these macros should help. | |||
| 2012-01-10 | Make sure MAX_DNS_LABEL_SIZE is defined | Sebastian Hahn | |
| MAX_DNS_LABEL_SIZE was only defined for old versions of openssl, which broke the build. Spotted by xiando. Fixes bug 4413; not in any released version. | |||
| 2012-01-09 | Tweaks for bug4413 fix | Nick Mathewson | |
| The thing that's limited to 63 bytes is a "label", not a hostname. Docment input constraints and behavior on bogus inputs. Generally it's better to check for overflow-like conditions before than after. In this case, it's not a true overflow, so we're okay, but let's be consistent. pedantic less->fewer in the documentation | |||
| 2012-01-09 | Remove (untriggerable) overflow in crypto_random_hostname() | Stephen Palmateer | |
| Fixes bug 4413; bugfix on xxxx. Hostname components cannot be larger than 63 characters. This simple check makes certain randlen cannot overflow rand_bytes_len. | |||
| 2012-01-09 | Merge remote-tracking branch 'origin/maint-0.2.2' | Nick Mathewson | |
| 2012-01-09 | Fix comment about TLSv1_method() per comments by wanoskarnet | Nick Mathewson | |
| 2012-01-08 | Merge branch 'maint-0.2.2' | Roger Dingledine | |
| 2012-01-08 | add a note from wanoskarnet | Roger Dingledine | |
| he disagrees about what the code that we decided not to use would do | |||
| 2012-01-06 | Change to use SSL_state_string_long() instead of homebrew ↵ | Emile Snyder | |
| ssl_state_to_string() function. | |||
| 2012-01-05 | Merge remote-tracking branch 'origin/maint-0.2.2' | Nick Mathewson | |
| 2012-01-05 | Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 | Nick Mathewson | |
| 2012-01-05 | Log at info level when disabling SSLv3 | Robert Ransom | |
| 2012-01-05 | Disable SSLv3 when using a not-up-to-date openssl | Nick Mathewson | |
| This is to address bug 4822, and CVE-2011-4576. | |||
| 2012-01-05 | note some dead code. if i'm right, should this be removed? | Roger Dingledine | |
| 2012-01-04 | Disallow disabling DisableDebuggerAttachment on runnning Tor | Sebastian Hahn | |
| Also, have tor_disable_debugger_attach() return a tristate of success/failure/don't-know-how , and only log appropriately. | |||
| 2011-12-30 | Fix a check-spaces violation in compat.c | Sebastian Hahn | |
| Also fix a comment typo | |||
| 2011-12-28 | Add interface enumeration based on SIOCGIFCONF for older unixes | Nick Mathewson | |
| 2011-12-28 | Multicast addresses, if any were configured, would not be good if addrs | Nick Mathewson | |
| 2011-12-28 | Use getifaddrs, not connect+getsockname, to find our address | Nick Mathewson | |
| This resolves bug1827, and lets us avoid freaking people out. Later, we can use it to get a complete list of our interfaces. | |||
| 2011-12-27 | Require openssl 1.0.0a for using openssl's ctr-mode implementation | Nick Mathewson | |
| Previously we required 1.0.0, but there was a bug in the 1.0.0 counter mode. Found by Pascal. Fixes bug 4779. A more elegant solution would be good here if somebody has time to code one. | |||
| 2011-12-26 | Merge remote-tracking branch 'origin/maint-0.2.2' | Nick Mathewson | |
| 2011-12-25 | Provide correct timeradd/timersup replacements | Sebastian Hahn | |
| Bug caught and patch provided by Vektor. Fixes bug 4778.t | |||
| 2011-12-22 | Prepend cwd for relative config file paths. | Kamran Riaz Khan | |
| Modifies filenames which do not start with '/' or '.' on non-Windows platforms; uses _fullpath on Windows. | |||
| 2011-12-19 | Add an informative header on the 'keys/dynamic_dh_params' file. | George Kadianakis | |
| 2011-12-12 | Don't crash on startup of a dormant relay | Robert Ransom | |
| If a relay is dormant at startup, it will call init_keys before crypto_set_tls_dh_prime. This is bad. Let's make it not so bad, because someday it *will* happen again. | |||
| 2011-12-08 | Some more check-spaces stuff | Sebastian Hahn | |
| This re-applies a check-spaces fix that was part of 7920ea55b8d994268d2b07f27316b0f34d8f27e5 and got reverted along with the rest of that commit in df1f72329acf5f555618a5309f2621e584c0d763. | |||
| 2011-12-08 | indent; add comment | Nick Mathewson | |
| This re-applies 40a87c4c08be0cdd87a3df283f285b3c2a0c8445 which got accidentally reverted in 75134c6c86e54c10fd9e11c4345aadcdabc0f8fb. Thanks asn for spotting this. | |||
| 2011-12-08 | appease check-spaces | Sebastian Hahn | |
| This re-applies f77f9bddb8bf0dd6e9c3e0d94269aa23f459a272 which got accidentally reverted in 53f535aeb863204470379b2da4631770fa10b13f. Thanks asn for spotting this. | |||
| 2011-12-06 | Revert "Refactor the SSL_set_info_callback() callbacks." | Nick Mathewson | |
| This reverts commit 69a821ea1c9357acdd5aa1c9e23fd030b01cb5a9. | |||
| 2011-12-06 | Revert "Detect renegotiation when it actually happens." | Nick Mathewson | |
| This reverts commit 4fd79f9def28996552b5739792f428c2514de1f6. | |||
| 2011-12-06 | Revert "Detect and deny excess renegotiations attempts." | Nick Mathewson | |
| This reverts commit ecd239e3b577705e0669d47293a2e755cf93cec0. | |||
| 2011-12-06 | Revert "Get rid of tor_tls_block_renegotiation()." | Nick Mathewson | |
| This reverts commit 340809dd224b244675496e301d3ba154a6fe68d0. | |||
| 2011-12-06 | Revert "Also handle needless renegotiations in SSL_write()." | Nick Mathewson | |
| This reverts commit e2b3527106e0747f652e2f28fa087d9874e0e2ce. | |||
| 2011-12-06 | Revert "Fix issues pointed out by nickm." | Nick Mathewson | |
| This reverts commit e097bffaed72af6b19f7293722021196bb94de1e. | |||
| 2011-12-06 | Revert "Use callback-driven approach to block renegotiations." | Nick Mathewson | |
| This reverts commit 406ae1ba5ad529a4d0e710229dab6ed645d42b50. | |||
| 2011-12-06 | Revert "appease check-spaces" | Nick Mathewson | |
| This reverts commit f77f9bddb8bf0dd6e9c3e0d94269aa23f459a272. | |||
| 2011-12-06 | Revert "Refactor tor_event_base_once to do what we actually want" | Nick Mathewson | |
| This reverts commit 7920ea55b8d994268d2b07f27316b0f34d8f27e5. | |||
| 2011-12-06 | Revert "Fix some wide lines in tortls.c" | Nick Mathewson | |
| This reverts commit e8dde3aabd3e1292d381eb4269c6457548dca6b9. | |||
| 2011-12-06 | Revert "use event_free() wrapper; fix bug 4582" | Nick Mathewson | |
| This reverts commit 9a88c0cd32df53116a6bbb6b961650943755061c. | |||
| 2011-12-06 | Revert "Don't schedule excess_renegotiations_callback unless it's set" | Nick Mathewson | |
| This reverts commit 617617e21a2d30a86cea9c8f7043333078f2e8f8. | |||
 |
index : tor | |
| Transit encryption and privacy out of the box | The Tor Project |
| summaryrefslogtreecommitdiff |