tor - Transit encryption and privacy out of the box

Age	Commit message (Collapse)	Author
2017-09-12	Merge branch 'maint-0.2.9' into maint-0.3.0	Nick Mathewson

2017-09-12	One more implicit fallthrough warning to fix on GCC 7	Nick Mathewson

2017-09-11	Merge branch 'maint-0.2.9' into maint-0.3.0	Nick Mathewson

2017-09-11	Fix mixed-sign comparison warning in fix for 22797.	Nick Mathewson

2017-09-11	Merge branch 'teor-bug22797-025' into maint-0.2.9	Nick Mathewson

2017-07-27	Merge branch 'maint-0.2.9' into maint-0.3.0	Nick Mathewson

2017-07-27	Merge remote-tracking branch 'public/bug20247_029' into maint-0.2.9	Nick Mathewson

2017-07-26	Merge branch 'maint-0.2.9' into maint-0.3.0	Nick Mathewson

2017-07-26	Fix build warnings from Coverity related to our BUG macro	Nick Mathewson
	In the Linux kernel, the BUG() macro causes an instant panic. Our BUG() macro is different, however: it generates a nonfatal assertion failure, and is usable as an expression. Additionally, this patch tells util_bug.h to make all assertion failures into fatal conditions when we're building with a static analysis tool, so that the analysis tool can look for instances where they're reachable. Fixes bug 23030.
2017-07-26	Merge branch 'maint-0.2.9' into maint-0.3.0	Nick Mathewson

2017-07-26	Suppress clang4-specific -Wdouble-promotion warnings	Nick Mathewson
	Wow, it sure seems like some compilers can't implement isnan() and friends in a way that pleases themselves! Fixes bug 22915. Bug trigged by 0.2.8.1-alpha and later; caused by clang 4.
2017-07-05	Merge branch 'maint-0.2.9' into maint-0.3.0	Nick Mathewson

2017-07-05	Only disable -Wfloat-conversion on mingw when it exists.	Nick Mathewson
	The 22081 fix disabled -Wfloat-conversion, but -Wfloat-conversion didn't exist in every relevant mingw; it was added in GCC 4.9.x some time, if the documentation can be trusted. Bug not in any released version of tor.
2017-07-05	Merge branch 'maint-0.2.9' into maint-0.3.0	Nick Mathewson

2017-07-05	Merge branch 'maint-0.2.8' into maint-0.2.9	Nick Mathewson

2017-07-05	Merge branch 'maint-0.2.7-redux' into maint-0.2.8	Nick Mathewson

2017-07-05	Merge branch 'maint-0.2.6' into maint-0.2.7-redux	Nick Mathewson

2017-07-05	Merge branch 'maint-0.2.5' into maint-0.2.6	Nick Mathewson

2017-07-05	Merge branch 'maint-0.2.4' into maint-0.2.5	Nick Mathewson

2017-07-05	Allow setsockopt(IPV6_V6ONLY) in sandbox.	Nick Mathewson
	Fixes bug 20247. We started setting V6ONLY in 0.2.3.13-alpha and added the sandbox on 0.2.5.1-alpha.
2017-07-05	Merge branch 'maint-0.2.9' into maint-0.3.0	Nick Mathewson

2017-07-05	Merge branch 'bug22801_028' into maint-0.2.9	Nick Mathewson

2017-07-05	Always allow extra file descriptors when setting the connection maximum	teor
	When setting the maximum number of connections allowed by the OS, always allow some extra file descriptors for other files. Fixes bug 22797; bugfix on 0.2.0.10-alpha.
2017-07-03	Fix assertion failure related to openbsd strtol().	Nick Mathewson
	Fixes bug 22789; bugfix on 0.2.3.8-alpha.
2017-07-03	Fix -Wfloat-conversion C warnings on mingw in clamp_double_to_int64.	Nick Mathewson
	We just have to suppress these warnings: Mingw's math.h uses gcc's __builtin_choose_expr() facility to declare isnan, isfinite, and signbit. But as implemented in at least some versions of gcc, __builtin_choose_expr() can generate type warnings even from branches that are not taken. Fixes bug 22801; bugfix on 0.2.8.1-alpha.
2017-06-19	Merge branch 'maint-0.2.9' into maint-0.3.0	Nick Mathewson

2017-06-16	Permit the fchmod system call.	Nick Mathewson
	Fixes bug 22516; bugfix on 0.2.5.4-alpha.
2017-06-05	Merge branch 'maint-0.2.9' into maint-0.3.0	Nick Mathewson

2017-06-05	Improve documentation on get_{peer,own}_certificate()	Nick Mathewson
	Make it clear that we're returning a newly allocated copy.
2017-06-05	Test prerequisites: function to dup a cert, make get_own_cert mockable.	Nick Mathewson

2017-06-05	On v3 link handshake, send the correct link certificate	Nick Mathewson
	Previously we'd send the _current_ link certificate, which would cause a handshaking failure when the TLS context rotated.
2017-05-08	Merge branch 'maint-0.2.9' into maint-0.3.0	Nick Mathewson

2017-04-26	Add getpid() to the seccomp2 sandbox.	Nick Mathewson
	We hadn't needed this before, because most getpid() callers on Linux were looking at the vDSO version of getpid(). I don't know why at least one version of OpenSSL seems to be ignoring the vDSO, but this change should fix it. Fixes bug 21943; bugfix on 0.2.5.1-alpha when the sandbox was introduced.
2017-04-07	Merge remote-tracking branch 'public/bug21894_029' into maint-0.3.0	Nick Mathewson

2017-04-07	Never read off the end of a buffer in base32_encode()	Nick Mathewson
	When we "fixed" #18280 in 4e4a7d2b0c199227252a742541461ec4cc35d358 in 0291 it appears that we introduced a bug: The base32_encode function can read off the end of the input buffer, if the input buffer size modulo 5 is not equal to 0 or 3. This is not completely horrible, for two reasons: * The extra bits that are read are never actually used: so this is only a crash when asan is enabled, in the worst case. Not a data leak. * The input sizes passed to base32_encode are only ever multiples of 5. They are all either DIGEST_LEN (20), REND_SERVICE_ID_LEN (10), sizeof(rand_bytes) in addressmap.c (10), or an input in crypto.c that is forced to a multiple of 5. So this bug can't actually trigger in today's Tor. Closes bug 21894; bugfix on 0.2.9.1-alpha.
2017-02-27	Merge branch 'bug21420_029_squashed' into maint-0.3.0	Nick Mathewson

2017-02-27	Revise the logic for picking the start time for link certs	Nick Mathewson
	Since 0.2.4.11-alpha (in 0196647970a91d) we've tried to randomize the start time to up to some time in the past. But unfortunately we allowed the start time to be in the future as well, which isn't really legit. The new behavior lets the start time be be up to MAX(cert_lifetime-2days, 0) in the past, but never in the future. Fixes bug 21420; bugfix on 0.2.4.11-alpha.
2017-02-14	Merge branch 'bug20894_029_v3'	Nick Mathewson

2017-02-14	Don't atoi off the end of a buffer chunk.	Nick Mathewson
	Fixes bug 20894; bugfix on 0.2.0.16-alpha. We already applied a workaround for this as 20834, so no need to freak out (unless you didn't apply 20384 yet).
2017-02-07	Merge branch 'maint-0.2.6' into maint-0.2.7-redux	Nick Mathewson
	maint-0.2.7-redux is an attempt to try to re-create a plausible maint-0.2.7 branch. I've started from the tor-0.2.7.6, and then I merged maint-0.2.6 into the branch. This has produced 2 conflicts: one related to the rendcommon->rendcache move, and one to the authority refactoring.
2017-02-07	Merge branch 'maint-0.2.5' into maint-0.2.6	Nick Mathewson

2017-02-07	Merge branch 'maint-0.2.4' into maint-0.2.5	Nick Mathewson

2017-02-07	Merge remote-tracking branch 'public/bug19152_024_v2' into maint-0.2.4	Nick Mathewson

2017-02-07	Merge branch 'maint-0.2.5' into maint-0.2.6	Nick Mathewson

2017-02-07	Merge branch 'maint-0.2.4' into maint-0.2.5	Nick Mathewson

2017-02-07	Merge remote-tracking branch 'public/bug17404_024' into maint-0.2.4	Nick Mathewson

2017-02-07	Merge branch 'maint-0.2.4' into maint-0.2.5	Nick Mathewson

2017-02-07	Refine the memwipe() arguments check for 18089 a little more.	Nick Mathewson
	We still silently ignore memwipe(NULL, ch, 0); and memwipe(ptr, ch, 0); /* for ptr != NULL */ But we now assert on: memwipe(NULL, ch, 30);
2017-02-07	Make memwipe() do nothing when passed a NULL pointer or zero size	teor (Tim Wilson-Brown)
	Check size argument to memwipe() for underflow. Closes bug #18089. Reported by "gk", patch by "teor". Bugfix on 0.2.3.25 and 0.2.4.6-alpha (#7352), commit 49dd5ef3 on 7 Nov 2012.
2017-02-03	Use the standard OpenBSD preprocessor definition	cypherpunks