Age | Commit message (Collapse) | Author |
|
This patch introduces a new type called document_signature_t to represent the
signature of a consensus document. Now, each consensus document can have up
to one document signature per voter per digest algorithm. Also, each
detached-signatures document can have up to one signature per <voter,
algorithm, flavor>.
|
|
The consensus documents are not signed properly, not served, and not
exchanged yet.
|
|
|
|
|
|
|
|
Previously, we insisted that a valid signature must be a signature of
the expected digest. Now we accept anything that starts with the
expected digest. This lets us include another digest later.
|
|
|
|
|
|
|
|
Conflicts:
ChangeLog
configure.in
contrib/tor-mingw.nsi.in
src/or/config.c
src/win32/orconfig.h
|
|
|
|
|
|
backport of c43859c5c12361fad505
backport of 0d13e0ed145f4c1b5bd1
|
|
Partial backport of 381766ce4b1145460.
Partial backport of 56c6d78520a98fb64.
|
|
|
|
When we tried to use the deprecated non-threadsafe evdns
interfaces in Libevent 2 without using the also-deprecated
event_init() interface, Libevent 2 would sensibly crash, since it
has no guess where to find the Libevent library.
Here we use the evdns_base_*() functions instead if they're
present, and fake them if they aren't.
|
|
|
|
|
|
|
|
|
|
|
|
The test suite need the test.h file to build. Add it to
noinst_HEADERS in the Makefile.am so it gets included
in the tarball that make dist produces.
|
|
tinytest_main() returns 0 on success, -1 on errors and 1 on test
failures. So test.c should check on !=0 instead of <0.
|
|
|
|
This is a possible fix for bug 1023, where if we vote (or make a v2
consensus networkstatus) right after we come online, we can call
rep_hist_note_router_unreachable() on every router we haven't connected
to yet, and thereby make all their uptime values reset.
|
|
i think this doesn't actually affect anything, since linked
conns usually don't impact buckets
|
|
|
|
This was introduced in f7e6e852e80c22b40a8f09bc1c85074726d7078e.
Found by Coverity
|
|
There were however other places where we used to call this
function that might have caused this to fire. Better
safe than sorry now.
|
|
This seems to be happening to me a lot on a garbage DSL line.
We may need to come up with 2 threshholds: a high short onehop
count and a lower longer count.
|
|
Pretimeouts may have build time data, just no timeout data.
|
|
|
|
Don't count one-hop circuits when we're estimating how long it
takes circuits to build on average. Otherwise we'll set our circuit
build timeout lower than we should. Bugfix on 0.2.2.2-alpha.
|
|
|
|
|
|
Directory authorities now reject Tor relays with versions less than
0.1.2.14. This step cuts out four relays from the current network,
none of which are very big.
|
|
1108 was actually just a fencepost error in an assert,
but making the state file handling code resilient is a
good idea.
|
|
Previously, tor-gencert would call RSA_generate_key() directly.
This won't work on Android, which removes the (deprecated since
OpenSSL 0.9.8) function. We can't call RSA_generate_key_ex()
unconditionally either, since that didn't exist before 0.9.8.
Instead, we must call our own crypto_pk_generate_key_with_bits,
which knows how to call RSA_generate_key or RSA_generate_key_ex as
appropriate.
[Based on patch by Nathan Freitas]
|
|
|
|
Apparently the Android developers dumped OpenSSL's support for hardware
acceleration in order to save some memory, so you can't build programs using
engines on Android.
[Patch revised by nickm]
|
|
This shouldn't be necessary, but apparently the Android cross-compiler
doesn't respect -I as well as it should. (-I is supposed to add to the
*front* of the search path. Android's gcc wrapper apparently likes to add to
the end. This is broken, but we need to work around it.)
|
|
|
|
|
|
|
|
|
|
|
|
The earlier fix would only handle the success case. In the failing
case, test_mem_op does a goto done, which would leave the leak leaking.
|
|
Found by coverity
test_mem_op_hex was leaking memory, which showed up in a few
tests.
Also, the dir_param test had a memleak of its own.
Found by Coverity
|
|
Found by Coverity
|
|
Should quiet a coverity warning.
|