summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2011-10-13Update to the October 2011 GeoIP database.Karsten Loesing
2011-09-15Update to the September 2011 GeoIP database.Karsten Loesing
2011-09-13Generate our ssl session certs with a plausible lifetimeRoger Dingledine
Nobody but Tor uses certs on the wire with 2 hour lifetimes, and it makes us stand out. Resolves ticket 4014.
2011-08-08Update to the August 2011 GeoIP database.Karsten Loesing
2011-07-07update to the july 2011 geoip dbRoger Dingledine
2011-07-01Merge branches 'cov217_021' and 'cid_450' into maint-0.2.1Nick Mathewson
2011-07-01Use strlcpy in create_unix_sockaddr()Nick Mathewson
Using strncpy meant that if listenaddress were ever >= sizeof(sockaddr_un.sun_path), we would fail to nul-terminate sun_path. This isn't a big deal: we never read sun_path, and the kernel is smart enough to reject the sockaddr_un if it isn't nul-terminated. Nonetheless, it's a dumb failure mode. Instead, we should reject addresses that don't fit in sockaddr_un.sun_path. Coverity found this; it's CID 428. Bugfix on 0.2.0.3-alpha.
2011-07-01Fix a rare memory leak in rend_cache_storeNick Mathewson
When we rejected a descriptor for not being the one we wanted, we were letting the parsed descriptor go out of scope. Found by Coverity; CID # 30. Bugfix on 0.2.1.26. (No changes file yet, since this is not in any 0.2.1.x release.)
2011-07-01Fix insanely large stack_allocation in log_credential_statusNick Mathewson
I'm not one to insist on C's miserly stack limits, but allocating a 256K array on the stack is too much even for me. Bugfix on 0.2.1.7-alpha. Found by coverity. Fixes CID # 450.
2011-06-17Abandon rendezvous circuits on SIGNAL NEWNYMRobert Ransom
2011-06-05move to the june 1 2011 maxmind geoip dbRoger Dingledine
2011-05-28Merge branch 'bug2574' into maint-0.2.1Nick Mathewson
2011-05-23Work correctly if your nameserver is ::1Nick Mathewson
We had all the code in place to handle this right... except that we were unconditionally opening a PF_INET socket instead of looking at sa_family. Ow. Fixes bug 2574; not a bugfix on any particular version, since this never worked before.
2011-05-16squash! Add crypto_pk_check_key_public_exponent functionNick Mathewson
Rename crypto_pk_check_key_public_exponent to crypto_pk_public_exponent_ok: it's nice to name predicates s.t. you can tell how to interpret true and false.
2011-05-16Require that certain public keys have public exponent 65537Robert Ransom
2011-05-16Add crypto_pk_check_key_public_exponent functionRobert Ransom
2011-05-16Check fetched rendezvous descriptors' service IDsRobert Ransom
2011-05-15Fixup whitespace issues from 3122 commitNick Mathewson
2011-05-15Another doc tweak on tor_memcmp: <b>b</b>, not <b>.Nick Mathewson
2011-05-15minor tweaks to 4b19730c8234dRoger Dingledine
2011-05-12Merge remote-tracking branch 'public/bug3122_memcmp_squashed' into maint-0.2.1Nick Mathewson
2011-05-11Fix crash when read_file_to_string() fails in SAVECONFNick Mathewson
The new behavior is to try to rename the old file if there is one there that we can't read. In all likelihood, that will fail too, but at least we tried, and at least it won't crash.
2011-05-11Hand-conversion and audit phase of memcmp transitionNick Mathewson
Here I looked at the results of the automated conversion and cleaned them up as follows: If there was a tor_memcmp or tor_memeq that was in fact "safe"[*] I changed it to a fast_memcmp or fast_memeq. Otherwise if there was a tor_memcmp that could turn into a tor_memneq or tor_memeq, I converted it. This wants close attention. [*] I'm erring on the side of caution here, and leaving some things as tor_memcmp that could in my opinion use the data-dependent fast_memcmp variant.
2011-05-11Automated conversion of memcmp to tor_memcmp/tor_mem[n]eqNick Mathewson
This commit is _exactly_ the result of perl -i -pe 's/\bmemcmp\(/tor_memcmp\(/g' src/*/*.[ch] perl -i -pe 's/\!\s*tor_memcmp\(/tor_memeq\(/g' src/*/*.[ch] perl -i -pe 's/0\s*==\s*tor_memcmp\(/tor_memeq\(/g' src/*/*.[ch] perl -i -pe 's/0\s*!=\s*tor_memcmp\(/tor_memneq\(/g' src/*/*.[ch] git checkout src/common/di_ops.[ch] git checkout src/or/test.c git checkout src/common/test.h
2011-05-11Add a "di_ops.h" include to util.hNick Mathewson
2011-05-11Add a data-independent variant of memcmp and a d-i memeq function.Nick Mathewson
The tor_memcmp code is by Robert Ransom, and the tor_memeq code is by me. Both incorporate some ideas from DJB's stuff.
2011-05-10Update to the May 1 2011 Maxmind GeoLite Country databaseRoger Dingledine
2011-04-28Fix a failure case of connection_ap_handshake_attach_circuit()Sebastian Hahn
tor_fragile_assert() might be a no-op, so we have to return something here to indicate failure to the caller.
2011-04-28Fix a bug introduced by purging rend_cache on NEWNYMRobert Ransom
If the user sent a SIGNAL NEWNYM command after we fetched a rendezvous descriptor, while we were building the introduction-point circuit, we would give up entirely on trying to connect to the hidden service. Original patch by rransom slightly edited to go into 0.2.1
2011-04-28Allow rend_client_send_introduction to fail transientlyRobert Ransom
i.e. without closing the AP connection.
2011-04-28Forget all rendezvous client state on SIGNAL NEWNYMRobert Ransom
2011-04-26Make SIZE_T_CEILING unsigned; add a signed SSIZE_T_CEILINGNick Mathewson
None of the comparisons were _broken_ previously, but avoiding signed/unsigned comparisons makes everybody happier. Fixes bug2475.
2011-04-21Fix a bug in removing DNSPort requests from their circular listNick Mathewson
Under heavy load, this could result in an assertion failure. Fix for bug 2933; bugfix on 0.2.0.10-alpha.
2011-04-19Merge remote-tracking branch 'rransom/bug2750-v3' into maint-0.2.1Nick Mathewson
2011-04-19Ouch: correctly tabify the micro-revision.i target in Makefile.am (0.2.1 only)Nick Mathewson
2011-04-18Add an XXXRobert Ransom
2011-04-18Correct the warning emitted when rejecting an oversized HS descRobert Ransom
2011-04-06Merge remote-tracking branch 'public/bug2402_again' into maint-0.2.1Nick Mathewson
2011-04-04switch to the apr 2011 geoip dbRoger Dingledine
2011-03-15Fix a compile warning when using clangSebastian Hahn
Issue noticed by Steven Murdoch; fixes bug 2689. The cast didn't do anything, and we don't need to look at the return value of the function here.
2011-03-13we're not reachable if we don't have a routerinfo yetRoger Dingledine
2011-03-11Backport: Generate version tags using Git, not (broken) svn revisions.Nick Mathewson
Partial backport of daa0326aaaa85a760be94ee2360cfa61a9fb5be2 . Resolves bug 2402. Bugfix on 0.2.1.15 (for the part where we switched to git) and on 0.2.1.30 (for the part where we dumped micro-revisions.)
2011-03-11Revert "Simplest fix to bug2402: do not include SVN versions"Nick Mathewson
This reverts commit a1073ee956021ead19d30c2151510dbaced416a8. Apparently, we totally misunderstood how the debian packages were using microrevisions. Better fix that!
2011-03-08move to march 2011 geoip fileRoger Dingledine
2011-03-08Avoid crash in any_pending_bridge_descriptor_fetchesNick Mathewson
This is based on shitlei's fix for bug2629, with extra parens removed. Fixes bug 2629, bugfix on 0.2.1.2-alpha.
2011-03-06Merge branch 'real_ipv6_fix' into maint-0.2.1Nick Mathewson
2011-03-06Oops, here's the *REAL* fix for the ipv6 issueNick Mathewson
We need to _REJECT_ descriptors with accept6/reject6 lines. If we let them onto the network , other un-upgraded tors will crash.
2011-03-06Merge branch 'careful_with_all_descs' into maint-0.2.1Nick Mathewson
2011-03-06Revert "Disallow reject6 and accept6 lines in descriptors"Nick Mathewson
This reverts commit b3918b3bbbfa9097246d63746c8b540eff2ec8e8.
2011-03-06exit_policy_is_general_exit is IPv4 only; it should admit it.Nick Mathewson
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion