summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Passing SMP flags from ~/.rpmmacros to make for rpmbuild/mockrpm-release-0.2.3Ondrej Mikle2013-02-06
|
* RPM packaging bump to 0.2.3.35-rcrpm-tor-0.2.3.25-rcOndrej Mikle2012-12-18
|
* Merge tag 'tor-0.2.3.25' of https://git.torproject.org/tor into ↵Ondrej Mikle2012-12-18
|\ | | | | | | rpm-release-0.2.3
| * bump to 0.2.3.25tor-0.2.3.25Roger Dingledine2012-11-19
| |
| * fold in changes entries. finish the 0.2.3 blurb.Roger Dingledine2012-11-19
| |
| * Merge branch 'maint-0.2.3' into release-0.2.3Roger Dingledine2012-11-19
| |\
| | * use a more logical operatorRoger Dingledine2012-11-12
| | | | | | | | | | | | | | | | | | | | | Fix a harmless bug when opting against publishing a relay descriptor because DisableNetwork is set. Fixes bug 7464; bugfix on 0.2.3.9-alpha.
| | * Turn a memwipe in tor_process_handle_destroy() back to memsetNick Mathewson2012-11-08
| | | | | | | | | | | | | | | It broke linking on tor-resolve.c, and it's not actually sanitizing anything sensitive. Fix for bug 7420; bug not on ony released Tor.
| | * Merge branch 'bug7352_023_rebased' into maint-0.2.3Nick Mathewson2012-11-08
| | |\
| | | * Add and use and unlikely-to-be-eliminated memwipe()Nick Mathewson2012-11-08
| | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | Apparently some compilers like to eliminate memset() operations on data that's about to go out-of-scope. I've gone with the safest possible replacement, which might be a bit slow. I don't think this is critical path in any way that will affect performance, but if it is, we can work on that in 0.2.4. Fixes bug 7352.
* | | Bump to upstream 0.2.3.24-rc. Openssl dependency changed 0.9.7 -> 0.9.8, ↵rpm-tor-0.2.3.24-rcOndrej Mikle2012-10-28
| | | | | | | | | | | | 0.9.7 is no longer supported by Tor
* | | Merge tag 'tor-0.2.3.24-rc' of https://git.torproject.org/tor into ↵Ondrej Mikle2012-10-28
|\ \ \ | |/ / | | | | | | rpm-release-0.2.3
| * | last clarification for the changelogtor-0.2.3.24-rcRoger Dingledine2012-10-25
| | |
| * | update the release notes tooRoger Dingledine2012-10-25
| | |
| * | Remove folded-in changes fileNick Mathewson2012-10-25
| | |
| * | Bump version to 0.2.3.24-rc.Nick Mathewson2012-10-25
| | |
| * | Draft blurb for 0.2.3.24-rc; guess a release dateNick Mathewson2012-10-25
| | |
| * | Merge branch 'link_negotiation_assert_023' into release-0.2.3Nick Mathewson2012-10-25
| |\ \ | | |/
| | * Fix a remotely triggerable assertion failure (CVE-2012-2250)Nick Mathewson2012-10-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If we completed the handshake for the v2 link protocol but wound up negotiating the wong protocol version, we'd become so confused about what part of the handshake we were in that we'd promptly die with an assertion. This is a fix for CVE-2012-2250; it's a bugfix on 0.2.3.6-alpha. All servers running that version or later should really upgrade. Bug and fix from "some guy from France." I tweaked his code slightly to make it log the IP of the offending node.
| * | prep for next rcRoger Dingledine2012-10-23
| | |
| * | Merge branch 'maint-0.2.3' into release-0.2.3Roger Dingledine2012-10-23
| |\ \ | | |/
| | * Make unit test for bug7191 work with new smartlist_new() nameNick Mathewson2012-10-23
| | |
| | * Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3Nick Mathewson2012-10-23
| | |\
| | | * Add some unit tests for smartlist_bsearch_idx() on short listsAndrea Shepard2012-10-23
| | | | | | | | | | | | | | | | | | | | Conflicts: src/test/test_containers.c
| | | * Add a changes file for bug 7191.Nick Mathewson2012-10-23
| | | |
| | | * Fix binary search on lists of 0 or 1 element.Nick Mathewson2012-10-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The implementation we added has a tendency to crash with lists of 0 or one element. That can happen if we get a consensus vote, v2 consensus, consensus, or geoip file with 0 or 1 element. There's a DOS opportunity there that authorities could exploit against one another, and which an evil v2 authority could exploit against anything downloading v2 directory information.. This fix is minimalistic: It just adds a special-case for 0- and 1-element lists. For 0.2.4 (the current alpha series) we'll want a better patch. This is bug 7191; it's a fix on 0.2.0.10-alpha.
| * | | Merge branch 'maint-0.2.3' into release-0.2.3Roger Dingledine2012-10-23
| |\ \ \ | | |/ /
| | * | Let 0.2.3 clients exit to internal addresses if they wantRoger Dingledine2012-10-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Clients now consider the ClientRejectInternalAddresses config option when using a microdescriptor consensus stanza to decide whether an exit relay would allow exiting to an internal address. Fixes bug 7190; bugfix on 0.2.3.1-alpha.
| | * | Fix parse_short_policy (bug 7192.)Nick Mathewson2012-10-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Our implementation of parse_short_policy was screwed up: it would ignore the last character of every short policy. Obviously, that's broken. This patch fixes the busted behavior, and adds a bunch of unit tests to make sure the rest of that function is okay. Fixes bug 7192; fix on 0.2.3.1-alpha.
| | * | add a unit test to expose bug 7192Roger Dingledine2012-10-22
| | | |
* | | | Bump tor.spec.in to 0.2.3.23-rc, updated description.rpm-tor-0.2.3.23-rcOndrej Mikle2012-10-22
| | | |
* | | | Merge tag 'tor-0.2.3.23-rc' of https://git.torproject.org/tor into ↵Ondrej Mikle2012-10-22
|\ \ \ \ | |/ / / | | | | | | | | rpm-release-0.2.3
| * | | fold in the 0.2.3.23 changes entriestor-0.2.3.23-rcRoger Dingledine2012-10-20
| | | |
| * | | shift the categories around a bitRoger Dingledine2012-10-20
| | | |
| * | | bump to 0.2.3.23-rcRoger Dingledine2012-10-19
| | | |
| * | | fold in recent changes entriesRoger Dingledine2012-10-19
| | | |
| * | | Merge branch 'maint-0.2.3' into release-0.2.3Roger Dingledine2012-10-19
| |\ \ \ | | |/ /
| | * | Merge branch 'block_renegotiate_023' into maint-0.2.3Nick Mathewson2012-10-19
| | |\ \
| | | * | Discard extraneous renegotiation attempts in the v3 link protocolNick Mathewson2012-10-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Failure to do so left us open to a remotely triggerable assertion failure. Fixes CVE-2012-2249; bugfix on 0.2.3.6-alpha. Reported by "some guy from France".
| | * | | Merge branch 'bug7149' into maint-0.2.3Nick Mathewson2012-10-19
| | |\ \ \
| | | * | | Don't serve or accept v2 HS descs over a DirPortRobert Ransom2012-10-19
| | |/ / / | | | | | | | | | | | | | | | (changes file tweaked by nickm)
| | * | | Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3Nick Mathewson2012-10-19
| | |\ \ \ | | | |/ / | | |/| / | | | |/
| | | * Disable TLS Session Tickets, which we were apparently getting for freeNick Mathewson2012-10-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | OpenSSL 1.0.0 added an implementation of TLS session tickets, a "feature" that let session resumption occur without server-side state by giving clients an encrypted "ticket" that the client could present later to get the session going again with the same keys as before. OpenSSL was giving the keys to decrypt these tickets the lifetime of the SSL contexts, which would have been terrible for PFS if we had long-lived SSL contexts. Fortunately, we don't. Still, it's pretty bad. We should also drop these, since our use of the extension stands out with our non-use of session cacheing. Found by nextgens. Bugfix on all versions of Tor when built with openssl 1.0.0 or later. Fixes bug 7139.
| * | | slight tweak, and also reformatRoger Dingledine2012-10-13
| | | |
| * | | Expand 0.2.3 dedication paragaph to full version of latest draftNick Mathewson2012-10-13
| | | | | | | | | | | | | | | | We should still make sure mlp approves it.
| * | | fold in the changes files so farRoger Dingledine2012-10-13
| | | |
| * | | correct a point about loggingRoger Dingledine2012-10-13
| | | |
| * | | start at an 0.2.3 release notesRoger Dingledine2012-10-13
| | | |
| * | | Merge branch 'maint-0.2.3' into release-0.2.3Roger Dingledine2012-10-13
| |\ \ \ | | |/ /
| | * | Merge branch 'bug7014_023_squashed' into maint-0.2.3Nick Mathewson2012-10-09
| | |\ \
generated by cgit v1.2.1 (git 2.18.0) at 2024-02-02 11:53:16 +0000