Age | Commit message (Collapse) | Author |
|
Implements proposal 214.
Needs testing.
|
|
|
|
|
|
Instead of warning about low ports that are advertised, we should have
been warning about low ports that we're listening on. Bug 7285, fix
on 0.2.3.9-alpha.
|
|
|
|
|
|
(How many "load a file" functions do you typically see where the
function frees the filename argument?)
|
|
Conflicts:
src/or/geoip.c
|
|
|
|
We still want to build on compilers w/o c99 support, such as
(notoriously, shamefully) MSVC.
So I'm commenting out the designated initializers in
circuitmux_ewma.c. The alternative would have been to use some kind
of macros to use designated initializers only when they're
supported, but that's error-prone, and can lead to code having
different meanings under different compilers.
Bug 7286; fix on 0.2.4.4-alpha; spotted by Gisle Vanem.
|
|
|
|
|
|
|
|
|
|
|
|
If we completed the handshake for the v2 link protocol but wound up
negotiating the wong protocol version, we'd become so confused about
what part of the handshake we were in that we'd promptly die with an
assertion.
This is a fix for CVE-2012-2250; it's a bugfix on 0.2.3.6-alpha.
All servers running that version or later should really upgrade.
Bug and fix from "some guy from France." I tweaked his code slightly
to make it log the IP of the offending node, and to forward-port it to
0.2.4.
|
|
|
|
Clients now consider the ClientRejectInternalAddresses config option
when using a microdescriptor consensus stanza to decide whether
an exit relay would allow exiting to an internal address. Fixes
bug 7190; bugfix on 0.2.3.1-alpha.
|
|
|
|
|
|
Our implementation of parse_short_policy was screwed up: it would
ignore the last character of every short policy. Obviously, that's
broken.
This patch fixes the busted behavior, and adds a bunch of unit tests
to make sure the rest of that function is okay.
Fixes bug 7192; fix on 0.2.3.1-alpha.
|
|
|
|
|
|
Looks like clang doesn't complain about this kind of thing.
Spotted by Andrea. Bug not in any released version.
|
|
Conflicts:
src/or/circuitbuild.c
There was a huge-looking conflict in circuitbuild.c, but the only
change that had been made to circuitbuild.c since I forked off the
split_circuitbuild branch was 17442560c44e8093f9a. So I took the
split_circuitbuild version of the conflicting part, and manually
re-applied the change from 17442560c44e8093f9a..
|
|
|
|
|
|
|
|
|
|
|
|
Also add IPv6 geoip file digest to extra info.
Also also, add support for IPv6 addresses in control command
"ip-to-country".
|
|
|
|
|
|
|
|
(changes file tweaked by nickm)
|
|
channel_tls_handle_incoming(); fixes get_remote_addr problem with incoming connections for bug 7112
|
|
Failure to do so left us open to a remotely triggerable assertion
failure. Fixes CVE-2012-2249; bugfix on 0.2.3.6-alpha. Reported by
"some guy from France".
This patch is a forward-port to 0.2.4, to work with the new channel
logic.
|
|
Failure to do so left us open to a remotely triggerable assertion
failure. Fixes CVE-2012-2249; bugfix on 0.2.3.6-alpha. Reported by
"some guy from France".
|
|
We were calling channel_get_actual_remote_descr() before we used the
output of a previous channel_get_canonical_remote_descr(), thus
invalidating its output.
|
|
|
|
When we merged the channel code, we made the 'address' field of linked
directory connections created with begindir (and their associated edge
connections) contain an address:port string, when they should only
have contained the address part.
This patch also tweaks the interface to the get_descr method of
channels so that it takes a set of flags rather than a single flag.
|
|
In 4768c0efe3e9471cc367c3740d1a4ba0ab79626c (not in any released
version of Tor), we removed a little block of code that set the addr
field of an exit connection used in making a tunneled directory
request. Turns out that wasn't right.
|
|
|
|
|
|
originated remotely in circuit_end_reason_to_control_string()
|
|
circuit_truncated()
|
|
|
|
|
|
|
|
|