| Age | Commit message (Collapse) | Author |
|---|
|
Fixes bug 4856; bugfix on 0.0.6
This bug was introduced in 79fc5217, back in 2004.
|
|
|
|
|
|
|
|
Fixes bug 4803.
|
|
|
|
|
|
We used to do this as a workaround for older Tors, but now it's never
the correct thing to do (especially since anything that didn't
understand RELAY_EARLY is now deprecated hard).
|
|
This patch should make us reject every Tor that was vulnerable to
CVE-2011-0427. Additionally, it makes us reject every Tor that couldn't
handle RELAY_EARLY cells, which helps with proposal 110 (#4339).
|
|
Back in #1240, r1eo linked to information about how this could happen
with older Linux kernels in response to nmap. Bugs #4545 and #4547
are about how our approach to trying to deal with this condition was
broken and stupid. Thanks to wanoskarnet for reminding us about #1240.
This is a fix for the abovementioned bugs, and is a bugfix on
0.1.0.3-rc.
|
|
|
|
|
|
Fixes bug 4531; partial backport of e27a26d5.
|
|
Backport of 68475fc5c5a806ebbb5657de1667dab2c3e09b7c which accidentally
only made it into master. Fixes bug 4547. Bug isn't in any released
version.
|
|
Now it will be easier for researchers to simulate Tor networks with
different values. Resolves ticket 4484.
|
|
|
|
|
|
The function is over 10 or 20% on some of Moritz's profiles, depending
on how you could.
Since it's checking for a multi-hour timeout, this is safe to do.
Fixes bug 4518.
|
|
Completely disable stats if we aren't running as a relay. We won't
collect any anyway, so setting up the infrastructure for them and
logging about them is wrong. This also removes a confusing log
message that clients without a geoip db would have seen.
Fixes bug 4353.
|
|
Reported by "troll_un"; bugfix on 0.2.0.10-alpha; fixes bug 4349.
|
|
|
|
|
|
|
|
|
|
|
|
Fixes bug 4410.
|
|
|
|
In other parts of the code we will otherwise attempt to collect these
statistics, and that will lead to crashes.
|
|
Fix for bug 4299
|
|
|
|
This way, all of the DA operators can upgrade immediately, without nuking
every client's set of entry guards as soon as a majority of them upgrade.
Until enough guards have upgraded, a majority of dirauths should set this
config option so that there are still enough guards in the network. After
a few days pass, all dirauths should use the default.
|
|
|
|
|
|
Conflicts:
src/or/connection_or.c
|
|
|
|
|
|
Fix suggested by Nick Mathewson.
|
|
|
|
The patch for 3228 made us try to run init_keys() before we had loaded
our state file, resulting in an assert inside init_keys. We had moved
it too early in the function.
Now it's later in the function, but still above the accounting calls.
|
|
Previously we did this nearer to the end (in the old_options &&
transition_affects_workers() block). But other stuff cares about
keys being consistent with options... particularly anything which
tries to access a key, which can die in assert_identity_keys_ok().
Fixes bug 3228; bugfix on 0.2.2.18-alpha.
Conflicts:
src/or/config.c
|
|
Fixes bug 2572.
|
|
When we added support for separate client tls certs on bridges in
a2bb0bfdd5 we forgot to correctly initialize this when changing
from relay to bridge or vice versa while Tor is running. Fix that
by always initializing keys when the state changes.
Fixes bug 2433.
Conflicts:
src/or/config.c
|
|
|
|
We use a hash of the identity key to seed a prng to tell when an
accounting period should end. But thanks to the bug998 changes,
clients no longer have server-identity keys to use as a long-term seed
in accounting calculations. In any case, their identity keys (as used
in TLS) were never never fixed. So we can just set the wakeup time
from a random seed instead there. Still open is whether everybody
should be random.
This patch fixes bug 2235, which was introduced in 0.2.2.18-alpha.
Diagnosed with help from boboper on irc.
|
|
In a2bb0bf we started using a separate client identity key. When we are
in "public server mode" (that means not a bridge) we will use the same
key. Reusing the key without doing the proper refcounting leads to a
segfault on cleanup during shutdown. Fix that.
Also introduce an assert that triggers if our refcount falls below 0.
That should never happen.
|
|
We now require that:
- Only actual servers should ever call get_server_identity_key
- If you're being a client or bridge, the client and server keys should
differ.
- If you're being a public relay, the client and server keys
should be the same.
|
|
|
|
Fixes a bug described in ticket #988.
Conflicts:
src/or/main.c
src/or/router.c
|
|
Fixes bug #988.
Conflicts:
src/or/main.c
src/or/router.c
|
|
* Make tor_tls_context_new internal to tortls.c, and return the new
tor_tls_context_t from it.
* Add a public tor_tls_context_init wrapper function to replace it.
Conflicts:
src/or/main.c
src/or/router.c
|
