| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
Without this check, we potentially look up to 3 characters before
the start of a malloc'd segment, which could provoke a crash under
certain (weird afaik) circumstances.
Fixes 17404; bugfix on 0.2.6.3-alpha.
|
|
|
|
|
|
Patch from jamestk; fix on 0.2.5.1-alpha. Fixes 17347.
|
|
|
|
Patch from jamestk; fix on 0.2.5.1-alpha. Fixes 17347.
|
|
|
|
Conflicts:
src/test/include.am
src/test/log_test_helpers.c
src/test/log_test_helpers.h
|
|
|
|
|
|
Now that x509_get_not{Before,After} are functions in OpenSSL 1.1
(not yet releasesd), we need to define a variant that takes a const
pointer to X509 and returns a const pointer to ASN1_time.
Part of 17237. I'm not convinced this is an openssl bug or a tor
bug. It might be just one of those things.
|
|
OpenSSL.
|
|
|
|
Fixes ticket #16563
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
When logging to syslog, allow a tag to be added to the syslog identity
("Tor"), i.e. the string prepended to every log message. The tag can be
configured by setting SyslogIdentityTag and defaults to none. Setting
it to "foo" will cause logs to be tagged as "Tor-foo". Closes: #17194.
|
|
Ensure that either a valid address is returned in address pointers,
or that the address data is zeroed on error.
Ensure that free_interface_address6_list handles NULL lists.
Add unit tests for get_interface_address* failure cases.
Fixes bug #17173.
Patch by fk/teor, not in any released version of tor.
|
|
... that was removed by 31eb486c46 which first appeared in
0.2.7.3-rc.
If tor is running in a ElectroBSD (or FreeBSD) jail it can't
get any IP addresses that aren't assigned to the jail by
looking at the interfaces and (by design) the
get_interface_address6_via_udp_socket_hack() fallback doesn't
work either.
The missing return code check resulted in tor_addr_is_internal()
complaining about a "non-IP address of type 49", due to reading
uninitialised memory.
Fixes #17173.
|
|
|
|
src/test/test_policy.c:
Merged calls to policies_parse_exit_policy by adding additional arguments.
fixup to remaining instance of ~EXIT_POLICY_IPV6_ENABLED.
Compacting logic test now produces previous list length of 4, corrected this.
src/config/torrc.sample.in:
src/config/torrc.minimal.in-staging:
Merged torrc modification dates in favour of latest.
|
|
ExitPolicyRejectPrivate now rejects more local addresses by default:
* the relay's published IPv6 address (if any), and
* any publicly routable IPv4 or IPv6 addresses on any local interfaces.
This resolves a security issue for IPv6 Exits and multihomed Exits that
trust connections originating from localhost.
Resolves ticket 17027. Patch by "teor".
Patch on 42b8fb5a1523 (11 Nov 2007), released in 0.2.0.11-alpha.
|
|
the free call by mistake works on something that is allocated
|
|
|
|
|
|
In previous versions of Tor, ExitPolicy accept6/reject6 * produced
policy entries for IPv4 and IPv6 wildcard addresses.
To reduce operator confusion, change accept6/reject6 * to only produce
an IPv6 wildcard address.
Resolves bug #16069.
Patch on 2eb7eafc9d78 and a96c0affcb4c (25 Oct 2012),
released in 0.2.4.7-alpha.
|
|
When parsing torrc ExitPolicies, we now warn if:
* an IPv4 address is used on an accept6 or reject6 line. The line is
ignored, but the rest of the policy items in the list are used.
(accept/reject continue to allow both IPv4 and IPv6 addresses in torrcs.)
* a "private" address alias is used on an accept6 or reject6 line.
The line filters both IPv4 and IPv6 private addresses, disregarding
the 6 in accept6/reject6.
When parsing torrc ExitPolicies, we now issue an info-level message:
* when expanding an accept/reject * line to include both IPv4 and IPv6
wildcard addresses.
In each instance, usage advice is provided to avoid the message.
Partial fix for ticket 16069. Patch by "teor".
Patch on 2eb7eafc9d78 and a96c0affcb4c (25 Oct 2012),
released in 0.2.4.7-alpha.
|
|
Add get_interface_address[6]_list by refactoring
get_interface_address6. Add unit tests for new and existing functions.
Preparation for ticket 17027. Patch by "teor".
Patch on 42b8fb5a1523 (11 Nov 2007), released in 0.2.0.11-alpha.
|
|
Fix incomplete and incorrect comments.
Comment changes only.
|
|
(which isn't correct.)
Fixes bug 17047; bugfix on 0.2.7.2-alpha, introduced by the merge in
0030765e04d8dfe3dfaf8124b01a4d578b7d8ceb, apparently.
|
|
Helps catch bugs with our smartlist usage and shouldn't be too
expensive. If it shows up in profiles we can re-investigate.
|
|
(These inputs are possible when Shadow starts the world at time_t 0,
and breaks our assumption that Tor didn't exist in the 1970s.)
Fixes regression introduced in 241e6b09. Fixes #16980.
|
|
|
|
This includes a small refactoring to use a new enum (workqueue_reply_t)
for the return values instead of just ints.
|
|
|
|
|
