From 3bb756b93b89b474fce9cef8c5e11f07df8a66a3 Mon Sep 17 00:00:00 2001 From: Roger Dingledine Date: Fri, 1 Jul 2005 02:01:21 +0000 Subject: forward-port the 0.1.0.11 stuff svn:r4515 --- ChangeLog | 10 ++++++++++ src/or/connection_edge.c | 2 +- src/or/router.c | 2 +- 3 files changed, 12 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index c9de0a3d86..b8ff69249a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -21,6 +21,16 @@ Changes in version 0.1.1.1-alpha - 2005-06-29 test this? +Changes in version 0.1.0.11 - 2005-06-30 + o Bugfixes on 0.1.0.x: + - Fix major security bug: servers were disregarding their + exit policies if clients behaved unexpectedly. + - Make OS X init script check for missing argument, so we don't + confuse users who invoke it incorrectly. + - Fix a seg fault in "tor --hash-password foo". + - The MAPADDRESS control command was broken. + + Changes in version 0.1.0.10 - 2005-06-14 o Fixes on Win32: - Make NT services work and start on startup on Win32 (based on diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c index 8df2f55daf..82ed35e502 100644 --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@ -1553,7 +1553,7 @@ connection_exit_connect(connection_t *conn) uint16_t port; if (!connection_edge_is_rendezvous_stream(conn) && - router_compare_to_my_exit_policy(conn) == ADDR_POLICY_REJECTED) { + router_compare_to_my_exit_policy(conn)) { log_fn(LOG_INFO,"%s:%d failed exit policy. Closing.", safe_str(conn->address), conn->port); connection_edge_end(conn, END_STREAM_REASON_EXITPOLICY, conn->cpath_layer); diff --git a/src/or/router.c b/src/or/router.c index 8ffef3ed81..3fc46408f7 100644 --- a/src/or/router.c +++ b/src/or/router.c @@ -640,7 +640,7 @@ router_upload_dir_desc_to_dirservers(int force) } /** OR only: Check whether my exit policy says to allow connection to - * conn. Return false if we accept; true if we reject. + * conn. Return 0 if we accept; non-0 if we reject. */ int router_compare_to_my_exit_policy(connection_t *conn) -- cgit v1.2.3-54-g00ecf