| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2020-03-17 | Merge branch 'maint-0.4.1' into maint-0.4.2 | Nick Mathewson | |
| 2020-03-17 | Merge branch 'trove_2020_002_041' into maint-0.4.1 | Nick Mathewson | |
| 2020-03-17 | Merge branch 'maint-0.4.1' into maint-0.4.2 | Nick Mathewson | |
| 2020-03-17 | Merge branch 'trove_2020_004_041_v2' into maint-0.4.1 | Nick Mathewson | |
| 2020-03-17 | Merge branch 'maint-0.4.1' into maint-0.4.2 | Nick Mathewson | |
| 2020-03-17 | Merge branch 'maint-0.3.5' into maint-0.4.1 | Nick Mathewson | |
| 2020-03-17 | Fix TROVE-2020-003. | George Kadianakis | |
| Given that ed25519 public key validity checks are usually not needed and (so far) they are only necessary for onion addesses in the Tor protocol, we decided to fix this specific bug instance without modifying the rest of the codebase (see below for other fix approaches). In our minimal fix we check that the pubkey in hs_service_add_ephemeral() is valid and error out otherwise. | |||
| 2020-03-17 | Trivial bugfixes found during TROVE investigation. | George Kadianakis | |
| 2020-03-17 | Merge branch 'trove_2020_002_035' into trove_2020_002_041 | Nick Mathewson | |
| 2020-03-17 | Use >= consistently with max_bits. | Nick Mathewson | |
| 2020-03-17 | Add off-by-one checks for key length. | Nick Mathewson | |
| 2020-03-17 | Extract key length check into a new function, and check more fields. | Nick Mathewson | |
| In the openssl that I have, it should be safe to only check the size of n. But if I'm wrong, or if other openssls work differently, we should check whether any of the fields are too large. Issue spotted by Teor. | |||
| 2020-03-16 | circpad_setup_machine_on_circ(): exit early on error. | Nick Mathewson | |
| This function does a nonfatal assertion to make sure that a machine is not registered twice, but Tobias Pulls found a case where it happens. Instead, make the function exit early so that it doesn't cause a remotely triggered memory leak. Fixes bug 33619; bugfix on 0.4.0.1-alpha. This is also tracked as TROVE-2020-004. | |||
| 2020-03-14 | Merge branch 'trove_2020_002_035' into trove_2020_002_041 | Nick Mathewson | |
| 2020-03-14 | Fix memory leak in crypto_pk_asn1_decode_private. | Nick Mathewson | |
| (Deep, deep thanks to Taylor for reminding me to test this!) | |||
| 2020-03-14 | Add a test for crypto_pk_asn1_decode_private maxbits. | Nick Mathewson | |
| 2020-03-14 | Revise TROVE-2020-002 fix to work on older OpenSSL versions. | Nick Mathewson | |
| Although OpenSSL before 1.1.1 is no longer supported, it's possible that somebody is still using it with 0.3.5, so we probably shouldn't break it with this fix. | |||
| 2020-03-13 | Bump to 0.3.5.10 | Nick Mathewson | |
| 2020-03-13 | Bump to 0.4.1.9 | Nick Mathewson | |
| 2020-03-13 | Bump to 0.4.2.7. | Nick Mathewson | |
| 2020-03-13 | Merge branch 'maint-0.3.5' into maint-0.4.1 | Nick Mathewson | |
| 2020-03-13 | Merge branch 'maint-0.4.1' into maint-0.4.2 | Nick Mathewson | |
| 2020-03-13 | Merge remote-tracking branch 'tor-github/pr/1693/head' into maint-0.3.5 | Nick Mathewson | |
| 2020-03-13 | Merge remote-tracking branch 'tor-github/pr/1718/head' into maint-0.4.2 | Nick Mathewson | |
| 2020-02-12 | Merge branch 'maint-0.4.1' into maint-0.4.2 | teor | |
| 2020-02-12 | Merge branch 'maint-0.3.5' into maint-0.4.1 | teor | |
| 2020-02-12 | Lowercase the BridgeDistribution value from torrc in descriptors. | Alexander Færøy | |
| This patch ensures that we always lowercase the BridgeDistribution from torrc in descriptors before submitting it. See: https://bugs.torproject.org/32753 | |||
| 2020-02-11 | dirauth: Rename function for better clarity | David Goulet | |
| Signed-off-by: David Goulet <dgoulet@torproject.org> | |||
| 2020-02-11 | test: Add unit test for connection_dir_is_global_write_low() | David Goulet | |
| Part of #33029 Signed-off-by: David Goulet <dgoulet@torproject.org> | |||
| 2020-02-11 | dirauth: Resume sending 503 directory error code | David Goulet | |
| Authorities were never sending back 503 error code because by design they should be able to always answer directory requests regardless of bandwidth capacity. However, that recently backfired because of a large number of requests from unknown source using the DirPort that are _not_ getting their 503 code which overloaded the DirPort leading to the authority to be unable to answer to its fellow authorities. This is not a complete solution to the problem but it will help ease off the load on the authority side by sending back 503 codes *unless* the connection is from a known relay or an authority. Fixes #33029 Signed-off-by: David Goulet <dgoulet@torproject.org> | |||
| 2020-02-11 | dirauth: Add option AuthDirRejectRequestsUnderLoad | David Goulet | |
| This controls the previous feature added that makes dirauth send back a 503 error code on non relay connections if under bandwidth pressure. Signed-off-by: David Goulet <dgoulet@torproject.org> | |||
| 2020-02-11 | dirlist: Add configured trusted dir to the nodelist address set | David Goulet | |
| The configured, within the torrc or hardcoded, directory authorities addresses are now added to the nodelist address set. Signed-off-by: David Goulet <dgoulet@torproject.org> | |||
| 2020-02-11 | nodelist: Helper to add an address to the nodelist address set | David Goulet | |
| We separate v4 and v6 because we often use an IPv4 address represented with a uint32_t instead of a tor_addr_t. This will be used to also add the trusted directory addresses taken from the configuration. The trusted directories from the consensus are already added to the address set from their descriptor. Signed-off-by: David Goulet <dgoulet@torproject.org> | |||
| 2020-02-11 | mainloop: Modernize a bit connection_dir_is_global_write_low() | David Goulet | |
| Signed-off-by: David Goulet <dgoulet@torproject.org> | |||
| 2020-02-11 | mainloop: Remove unused parameter from connection_dir_is_global_write_low() | David Goulet | |
| Signed-off-by: David Goulet <dgoulet@torproject.org> | |||
| 2020-02-11 | mainloop: Rename global_write_bucket_low() | David Goulet | |
| That function is only used to test the global bucket write limit for a directory connection. It should _not_ be used for anything else since that function looks to see if we are a directory authority. Rename it to something more meaningful. No change in behavior at this commit, only renaming. Part of #33029 Signed-off-by: David Goulet <dgoulet@torproject.org> | |||
| 2020-02-10 | Merge branch 'maint-0.4.1' into maint-0.4.2 | Nick Mathewson | |
| 2020-02-10 | Merge branch 'maint-0.4.0' into maint-0.4.1 | Nick Mathewson | |
| 2020-02-10 | Merge branch 'maint-0.3.5' into maint-0.4.0maint-0.4.0 | Nick Mathewson | |
| 2020-02-10 | Fix a Rust compilation warning; resolve bug 33212. | Nick Mathewson | |
| 2020-02-05 | Merge branch 'trove_2020_002_035' into trove_2020_002_041 | Nick Mathewson | |
| Resolved Conflicts: src/feature/dirparse/parsecommon.c | |||
| 2020-02-05 | When parsing tokens, reject early on spurious keys. | Nick Mathewson | |
| 2020-02-05 | When parsing, reject >1024-bit RSA private keys sooner. | Nick Mathewson | |
| Private-key validation is fairly expensive for long keys in openssl, so we need to avoid it sooner. | |||
| 2020-01-30 | bump to 0.4.2.6-dev | Nick Mathewson | |
| 2020-01-30 | Bump to 0.4.1.8-dev | Nick Mathewson | |
| 2020-01-29 | Bump version to 0.4.2.6 | Nick Mathewson | |
| 2020-01-29 | bump to 0.4.1.8 | Nick Mathewson | |
| 2020-01-30 | Merge branch 'maint-0.4.1' into maint-0.4.2 | teor | |
| 2020-01-30 | Merge branch 'maint-0.4.0' into maint-0.4.1 | teor | |
| 2020-01-30 | Merge branch 'maint-0.3.5' into maint-0.4.0 | teor | |
 |
index : tor | |
| Transit encryption and privacy out of the box | The Tor Project |
| aboutsummaryrefslogtreecommitdiff |