summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Bump RPM to upstream 0.2.4.25rpm-tor-0.2.4.25rpm-release-0.2.4Ondrej Mikle2014-10-22
|
* Merge tag 'tor-0.2.4.25' of https://git.torproject.org/tor into ↵Ondrej Mikle2014-10-22
|\ | | | | | | rpm-release-0.2.4
| * copy 0.2.4.25 entry from ChangeLog to ReleaseNotes.tor-0.2.4.25Nick Mathewson2014-10-19
| |
| * better release blurb, maybe. Also bump version.Nick Mathewson2014-10-19
| |
| * Remove a stray changes file.Nick Mathewson2014-10-19
| |
| * Changelog for 0.2.4.25Nick Mathewson2014-10-19
| |
| * Merge remote-tracking branch 'origin/maint-0.2.4' into release-0.2.4Nick Mathewson2014-10-19
| |\
| | * Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4Nick Mathewson2014-10-16
| | |\
| | | * Merge branch 'no_sslv3_023' into maint-0.2.3Nick Mathewson2014-10-16
| | | |\
| | | | * Disable SSLv3 unconditionally. Closes ticket 13426.Nick Mathewson2014-10-15
| | | | | | | | | | | | | | | | | | | | | | | | | The POODLE attack doesn't affect Tor, but there's no reason to tempt fate: SSLv3 isn't going to get any better.
* | | | | Bump RPM to 0.2.4.24rpm-tor-0.2.4.24Ondrej Mikle2014-09-24
| | | | |
* | | | | Merge tag 'tor-0.2.4.24' of https://git.torproject.org/tor into ↵Ondrej Mikle2014-09-24
|\ \ \ \ \ | |/ / / / | | | | | | | | | | rpm-release-0.2.4
| * | | | bump stable to 0.2.4.24tor-0.2.4.24Roger Dingledine2014-09-22
| | | | |
| * | | | Merge branch 'maint-0.2.4' into release-0.2.4Roger Dingledine2014-09-22
| |\ \ \ \ | | |/ / /
| | * | | Merge branch 'maint-0.2.3' into maint-0.2.4Roger Dingledine2014-09-20
| | |\ \ \ | | | |/ /
| | | * | gabelmoo's IPv4 address changedSebastian Hahn2014-09-20
| | | |/
| | * | clients now send correct address for rendezvous pointRoger Dingledine2014-09-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Clients now send the correct address for their chosen rendezvous point when trying to access a hidden service. They used to send the wrong address, which would still work some of the time because they also sent the identity digest of the rendezvous point, and if the hidden service happened to try connecting to the rendezvous point from a relay that already had a connection open to it, the relay would reuse that connection. Now connections to hidden services should be more robust and faster. Also, this bug meant that clients were leaking to the hidden service whether they were on a little-endian (common) or big-endian (rare) system, which for some users might have reduced their anonymity. Fixes bug 13151; bugfix on 0.2.1.5-alpha.
| | * | Merge remote-tracking branch 'karsten/geoip6-aug2014' into maint-0.2.4Nick Mathewson2014-08-13
| | |\ \
| | | * | Update geoip6 to the August 7 2014 database.Karsten Loesing2014-08-13
| | | | |
| | * | | Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4Nick Mathewson2014-08-13
| | |\ \ \ | | | |/ / | | |/| / | | | |/
| | | * Update geoip to the August 7 2014 database.Karsten Loesing2014-08-13
| | | |
| | * | fix extra words in man pageRoger Dingledine2014-08-09
| | | |
* | | | Bump to upstream 0.2.4.23rpm-tor-0.2.4.23Ondrej Mikle2014-07-29
| | | |
* | | | Merge tag 'tor-0.2.4.23' of https://git.torproject.org/tor into ↵Ondrej Mikle2014-07-29
|\ \ \ \ | |/ / / | | | | | | | | rpm-release-0.2.4
| * | | Merge branch 'maint-0.2.4' into release-0.2.4tor-0.2.4.23Roger Dingledine2014-07-28
| |\ \ \ | | |/ / | | | | | | | | | | | | | | | | | | | | Conflicts: configure.ac contrib/tor-mingw.nsi.in src/win32/orconfig.h
| | * | bump to 0.2.4.23Roger Dingledine2014-07-28
| | | |
| * | | give it a release blurbRoger Dingledine2014-07-28
| | | |
| * | | fold in changes entriesRoger Dingledine2014-07-28
| | | |
| * | | Merge branch 'maint-0.2.4' into release-0.2.4Roger Dingledine2014-07-28
| |\ \ \ | | |/ /
| | * | Warn and drop the circuit if we receive an inbound 'relay early' cellRoger Dingledine2014-07-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Those used to be normal to receive on hidden service circuits due to bug 1038, but the buggy Tor versions are long gone from the network so we can afford to resume watching for them. Resolves the rest of bug 1038; bugfix on 0.2.1.19.
| | * | add a changes file for bug 12718Roger Dingledine2014-07-27
| | | |
| | * | Confusing log message when circuit can't be extendedArlo Breault2014-07-27
| | | |
| | * | circuit_build_failed: distinguish "first hop chan failed", "CREATE failed"Nick Mathewson2014-07-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Roger spotted this on tor-dev in his comments on proposal 221. (Actually, detect DESTROY vs everything else, since arma likes network timeout indicating failure but not overload indicating failure.)
| | * | Implement proposal 221: Stop sending CREATE_FASTNick Mathewson2014-07-25
| | | | | | | | | | | | | | | | | | | | This makes FastFirstHopPK an AUTOBOOL; makes the default "auto"; and makes the behavior of "auto" be "look at the consensus."
| | * | Avoid illegal read off end of an array in prune_v2_cipher_listNick Mathewson2014-07-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This function is supposed to construct a list of all the ciphers in the "v2 link protocol cipher list" that are supported by Tor's openssl. It does this by invoking ssl23_get_cipher_by_char on each two-byte ciphersuite ID to see which ones give a match. But when ssl23_get_cipher_by_char cannot find a match for a two-byte SSL3/TLS ciphersuite ID, it checks to see whether it has a match for a three-byte SSL2 ciphersuite ID. This was causing a read off the end of the 'cipherid' array. This was probably harmless in practice, but we shouldn't be having any uninitialized reads. (Using ssl23_get_cipher_by_char in this way is a kludge, but then again the entire existence of the v2 link protocol is kind of a kludge. Once Tor 0.2.2 clients are all gone, we can drop this code entirely.) Found by starlight. Fix on 0.2.4.8-alpha. Fixes bug 12227.
| * | | Merge branch 'maint-0.2.4' into release-0.2.4Roger Dingledine2014-07-24
| |\ \ \ | | |/ /
| | * | update manpage for numentryguards / numdirectoryguardsRoger Dingledine2014-07-24
| | | |
| | * | add a NumDirectoryGuards consensus param tooRoger Dingledine2014-07-24
| | | |
| | * | Add and use a new NumEntryGuards consensus parameter.Roger Dingledine2014-07-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When specified, it overrides our default of 3 entry guards. (By default, it overrides the number of directory guards too.) Implements ticket 12688.
| | * | Merge branch 'curve25519-donna32' into maint-0.2.4Nick Mathewson2014-07-23
| | |\ \
| | | * | Put the bug number and correct credits in the changes file for the new ↵Nick Mathewson2014-07-23
| | | | | | | | | | | | | | | | | | | | curve25519-donna32
| | | * | Small tweaks to make curve25519-donna32 compile with our warningsNick Mathewson2014-07-15
| | | | |
| | | * | Update to latest curve25519-donna32Nick Mathewson2014-07-15
| | | | |
| * | | | fold in the changes entries so farRoger Dingledine2014-07-21
| | | | |
| * | | | Merge branch 'maint-0.2.4' into release-0.2.4Roger Dingledine2014-07-21
| |\ \ \ \ | | |/ / /
| | * | | Merge remote-tracking branch 'karsten/geoip6-jul2014' into maint-0.2.4Nick Mathewson2014-07-21
| | |\ \ \
| | | * | | Update geoip6 to the July 10 2014 database.Karsten Loesing2014-07-18
| | | |/ /
| | * | | Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4Nick Mathewson2014-07-21
| | |\ \ \ | | | |/ / | | |/| / | | | |/
| | | * Update geoip to the July 10 2014 database.Karsten Loesing2014-07-18
| | | |
| | * | Fix changes file for geoipNick Mathewson2014-06-10
| | | |
generated by cgit v1.2.1 (git 2.18.0) at 2024-02-02 11:33:49 +0000