aboutsummaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2012-02-09Update to the February 2012 GeoIP database.maint-0.2.1Karsten Loesing
2012-01-11Fix a compilation warning for our bug4822 fix on 64-bit linuxNick Mathewson
2012-01-05Log at info level when disabling SSLv3Robert Ransom
2012-01-05Disable SSLv3 when using a not-up-to-date opensslNick Mathewson
This is to address bug 4822, and CVE-2011-4576.
2012-01-05Update to the January 2012 GeoIP database.Karsten Loesing
2011-12-28Bug 4786 fix: don't convert EARLY to RELAY on v1 connectionsNick Mathewson
We used to do this as a workaround for older Tors, but now it's never the correct thing to do (especially since anything that didn't understand RELAY_EARLY is now deprecated hard).
2011-12-15Add a fix for the buf_pullup bug that Vektor reportedNick Mathewson
2011-12-08Update to the December 2011 GeoIP database.Karsten Loesing
2011-11-14Merge remote-tracking branch 'karsten/geoip-november2011' into maint-0.2.1Nick Mathewson
2011-11-07Update to the November 2011 GeoIP database.Karsten Loesing
2011-11-06Fix remotely triggerable assert during ip decryptionDan Rosenberg
Fixes bug 4410.
2011-10-27bump maint to 0.2.1.31Roger Dingledine
2011-10-26Reject create cells on outgoing OR connections from bridgesRobert Ransom
2011-10-26Mark which OR connections are outgoingRobert Ransom
2011-10-26Don't use any OR connection which sent us a CREATE_FAST cell for an EXTENDRobert Ransom
Fix suggested by Nick Mathewson.
2011-10-26Don't send a certificate chain on outgoing TLS connections from non-relaysNick Mathewson
2011-10-26Remove the -F option from tor-resolve.Nick Mathewson
It used to mean "Force": it would tell tor-resolve to ask tor to resolve an address even if it ended with .onion. But when AutomapHostsOnResolve was added, automatically refusing to resolve .onion hosts stopped making sense. So in 0.2.1.16-rc (commit 298dc95dfd8), we made tor-resolve happy to resolve anything. The -F option stayed in, though, even though it didn't do anything. Oddly, it never got documented. Found while fixing GCC 4.6 "set, unused variable" warnings.
2011-10-26manually backport a5232e0c4cRoger Dingledine
2011-10-26stop asserting at bootRoger Dingledine
The patch for 3228 made us try to run init_keys() before we had loaded our state file, resulting in an assert inside init_keys. We had moved it too early in the function. Now it's later in the function, but still above the accounting calls.
2011-10-26Reinit keys at the start of options_act().Nick Mathewson
Previously we did this nearer to the end (in the old_options && transition_affects_workers() block). But other stuff cares about keys being consistent with options... particularly anything which tries to access a key, which can die in assert_identity_keys_ok(). Fixes bug 3228; bugfix on 0.2.2.18-alpha. Conflicts: src/or/config.c
2011-10-26Don't crash a bridge authority on SIGHUP if it's not in the consensusRobert Ransom
Fixes bug 2572.
2011-10-26Fix assert for relay/bridge state changeSebastian Hahn
When we added support for separate client tls certs on bridges in a2bb0bfdd5 we forgot to correctly initialize this when changing from relay to bridge or vice versa while Tor is running. Fix that by always initializing keys when the state changes. Fixes bug 2433. Conflicts: src/or/config.c
2011-10-26Don't crash when accountingmax is set in non-server TorsNick Mathewson
We use a hash of the identity key to seed a prng to tell when an accounting period should end. But thanks to the bug998 changes, clients no longer have server-identity keys to use as a long-term seed in accounting calculations. In any case, their identity keys (as used in TLS) were never never fixed. So we can just set the wakeup time from a random seed instead there. Still open is whether everybody should be random. This patch fixes bug 2235, which was introduced in 0.2.2.18-alpha. Diagnosed with help from boboper on irc.
2011-10-26Properly refcount client_identity_keySebastian Hahn
In a2bb0bf we started using a separate client identity key. When we are in "public server mode" (that means not a bridge) we will use the same key. Reusing the key without doing the proper refcounting leads to a segfault on cleanup during shutdown. Fix that. Also introduce an assert that triggers if our refcount falls below 0. That should never happen.
2011-10-26Add some asserts to get_{tlsclient|server}_identity_keyNick Mathewson
We now require that: - Only actual servers should ever call get_server_identity_key - If you're being a client or bridge, the client and server keys should differ. - If you're being a public relay, the client and server keys should be the same.
2011-10-26Rename get_client_identity_key to get_tlsclient_identity_keyNick Mathewson
2011-10-26Maintain separate server and client identity keys when appropriate.Robert Ransom
Fixes a bug described in ticket #988. Conflicts: src/or/main.c src/or/router.c
2011-10-26Make crypto_free_pk_env tolerate NULL arg in 0.2.1. Error-proofing against ↵Nick Mathewson
bug 988 backport
2011-10-26Maintain separate server and client TLS contexts.Robert Ransom
Fixes bug #988. Conflicts: src/or/main.c src/or/router.c
2011-10-26Refactor tor_tls_context_new:Robert Ransom
* Make tor_tls_context_new internal to tortls.c, and return the new tor_tls_context_t from it. * Add a public tor_tls_context_init wrapper function to replace it. Conflicts: src/or/main.c src/or/router.c
2011-10-26Add public_server_mode function.Robert Ransom
2011-10-26Fix zlib macro brokenness on osx with zlib 1.2.4 and higher.Nick Mathewson
From the code: zlib 1.2.4 and 1.2.5 do some "clever" things with macros. Instead of saying "(defined(FOO) ? FOO : 0)" they like to say "FOO-0", on the theory that nobody will care if the compile outputs a no-such-identifier warning. Sorry, but we like -Werror over here, so I guess we need to define these. I hope that zlib 1.2.6 doesn't break these too. Possible fix for bug 1526.
2011-10-13Update to the October 2011 GeoIP database.Karsten Loesing
2011-09-15Update to the September 2011 GeoIP database.Karsten Loesing
2011-09-13Generate our ssl session certs with a plausible lifetimeRoger Dingledine
Nobody but Tor uses certs on the wire with 2 hour lifetimes, and it makes us stand out. Resolves ticket 4014.
2011-08-08Update to the August 2011 GeoIP database.Karsten Loesing
2011-07-07update to the july 2011 geoip dbRoger Dingledine
2011-07-01Merge branches 'cov217_021' and 'cid_450' into maint-0.2.1Nick Mathewson
2011-07-01Use strlcpy in create_unix_sockaddr()Nick Mathewson
Using strncpy meant that if listenaddress were ever >= sizeof(sockaddr_un.sun_path), we would fail to nul-terminate sun_path. This isn't a big deal: we never read sun_path, and the kernel is smart enough to reject the sockaddr_un if it isn't nul-terminated. Nonetheless, it's a dumb failure mode. Instead, we should reject addresses that don't fit in sockaddr_un.sun_path. Coverity found this; it's CID 428. Bugfix on 0.2.0.3-alpha.
2011-07-01Fix a rare memory leak in rend_cache_storeNick Mathewson
When we rejected a descriptor for not being the one we wanted, we were letting the parsed descriptor go out of scope. Found by Coverity; CID # 30. Bugfix on 0.2.1.26. (No changes file yet, since this is not in any 0.2.1.x release.)
2011-07-01Fix insanely large stack_allocation in log_credential_statusNick Mathewson
I'm not one to insist on C's miserly stack limits, but allocating a 256K array on the stack is too much even for me. Bugfix on 0.2.1.7-alpha. Found by coverity. Fixes CID # 450.
2011-06-17Abandon rendezvous circuits on SIGNAL NEWNYMRobert Ransom
2011-06-05move to the june 1 2011 maxmind geoip dbRoger Dingledine
2011-05-28Merge branch 'bug2574' into maint-0.2.1Nick Mathewson
2011-05-23Work correctly if your nameserver is ::1Nick Mathewson
We had all the code in place to handle this right... except that we were unconditionally opening a PF_INET socket instead of looking at sa_family. Ow. Fixes bug 2574; not a bugfix on any particular version, since this never worked before.
2011-05-16squash! Add crypto_pk_check_key_public_exponent functionNick Mathewson
Rename crypto_pk_check_key_public_exponent to crypto_pk_public_exponent_ok: it's nice to name predicates s.t. you can tell how to interpret true and false.
2011-05-16Require that certain public keys have public exponent 65537Robert Ransom
2011-05-16Add crypto_pk_check_key_public_exponent functionRobert Ransom
2011-05-16Check fetched rendezvous descriptors' service IDsRobert Ransom
2011-05-15Fixup whitespace issues from 3122 commitNick Mathewson