summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
...
| | * | | | | | | | | remove absolute path from contrib/package_nsis-mingw.sh in order to make it ↵Erinn Clark2011-10-31
| |/ / / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | easier to automatically build tor expert bundle
* | | | | | | | | | blurb and version bump for 0.2.3.7-alphator-0.2.3.7-alphaRoger Dingledine2011-10-30
| | | | | | | | | |
* | | | | | | | | | there will be a new alpha release today (oct 30)Roger Dingledine2011-10-30
| | | | | | | | | |
* | | | | | | | | | bridges send netinfo cells like clients on outgoing connsRoger Dingledine2011-10-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | fixes bug 4348
* | | | | | | | | | amend the changelog entry for 4299Roger Dingledine2011-10-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | it doesn't have to do with small cells. rather, it has to do with using cells to decide whether to mark the connection for close.
* | | | | | | | | | fold in changes entriesRoger Dingledine2011-10-29
| | | | | | | | | |
* | | | | | | | | | Merge remote-tracking branch 'origin/maint-0.2.2'Nick Mathewson2011-10-29
|\ \ \ \ \ \ \ \ \ \ | |/ / / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: src/or/config.c
| * | | | | | | | | Add a changes file for the 4340 fixSebastian Hahn2011-10-29
| | | | | | | | | |
| * | | | | | | | | Disable stats requiring geoip info if we have noneSebastian Hahn2011-10-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In other parts of the code we will otherwise attempt to collect these statistics, and that will lead to crashes.
* | | | | | | | | | Merge branch 'bug4343'Nick Mathewson2011-10-28
|\ \ \ \ \ \ \ \ \ \
| * | | | | | | | | | "Authetnicate" is not the usual spellingNick Mathewson2011-10-28
| | | | | | | | | | |
| * | | | | | | | | | Fix a double-free that would occur on an invalid cert in a CERTS cellNick Mathewson2011-10-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We would stash the certs in the handshake state before checking them for validity... and then if they turned out to be invalid, we'd give an error and free them. Then, later, we'd free them again when we tore down the connection. Fixes bug 4343; fix on 0.2.3.6-alpha.
| * | | | | | | | | | Fix a memory-poisoning memset in tortls.cNick Mathewson2011-10-28
| | | | | | | | | | |
* | | | | | | | | | | Bump version to 0.2.3.6-alpha-devNick Mathewson2011-10-28
| | | | | | | | | | |
* | | | | | | | | | | Merge remote-tracking branch 'origin/maint-0.2.2'Nick Mathewson2011-10-28
|\ \ \ \ \ \ \ \ \ \ \ | |/ / / / / / / / / / |/| / / / / / / / / / | |/ / / / / / / / / | | | | | | | | | | Conflicts: src/or/command.c
| * | | | | | | | | Discard all cells on a marked connectionNick Mathewson2011-10-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix for bug 4299
* | | | | | | | | | Merge remote-tracking branch 'origin/maint-0.2.2'Nick Mathewson2011-10-28
|\ \ \ \ \ \ \ \ \ \ | |/ / / / / / / / /
| * | | | | | | | | Fix typo, spotted by tmpname0901. Thanks!Sebastian Hahn2011-10-28
| | | | | | | | | |
* | | | | | | | | | Merge branch 'maint-0.2.2'Roger Dingledine2011-10-27
|\ \ \ \ \ \ \ \ \ \ | |/ / / / / / / / /
| * | | | | | | | | bump maint-0.2.2 to 0.2.2.34-devRoger Dingledine2011-10-27
| | | | | | | | | |
* | | | | | | | | | find all those stanzas in master tooRoger Dingledine2011-10-27
| | | | | | | | | |
* | | | | | | | | | Merge branch 'maint-0.2.2'Roger Dingledine2011-10-27
|\ \ \ \ \ \ \ \ \ \ | |/ / / / / / / / /
| * | | | | | | | | Merge branch 'maint-0.2.1' into maint-0.2.2Roger Dingledine2011-10-27
| |\ \ \ \ \ \ \ \ \ | | |/ / / / / / / /
| | * | | | | | | | bump maint to 0.2.1.31Roger Dingledine2011-10-27
| | | | | | | | | |
* | | | | | | | | | a little blurb for 0.2.3.6-alphator-0.2.3.6-alphaRoger Dingledine2011-10-26
| | | | | | | | | |
* | | | | | | | | | forward-port the stable releases notesRoger Dingledine2011-10-26
| | | | | | | | | |
* | | | | | | | | | bump to 0.2.3.6-alphaRoger Dingledine2011-10-26
| | | | | | | | | |
* | | | | | | | | | fold in changes entriesRoger Dingledine2011-10-26
| | | | | | | | | |
* | | | | | | | | | Merge branch 'maint-0.2.2_secfix' into master_secfixSebastian Hahn2011-10-27
|\ \ \ \ \ \ \ \ \ \ | |/ / / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: src/common/tortls.c src/or/connection_or.c src/or/dirserv.c src/or/or.h
| * | | | | | | | | Add option to give guard flag to relays without the CVE-2011-2768 fixRobert Ransom2011-10-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This way, all of the DA operators can upgrade immediately, without nuking every client's set of entry guards as soon as a majority of them upgrade. Until enough guards have upgraded, a majority of dirauths should set this config option so that there are still enough guards in the network. After a few days pass, all dirauths should use the default.
| * | | | | | | | | Don't give the Guard flag to relays without the CVE-2011-2768 fixRobert Ransom2011-10-26
| | | | | | | | | |
| * | | | | | | | | Make tor_version_same_series non-staticRobert Ransom2011-10-26
| | | | | | | | | |
| * | | | | | | | | Merge branch 'maint-0.2.1_secfix' into maint-0.2.2_secfixSebastian Hahn2011-10-26
| |\ \ \ \ \ \ \ \ \ | | |/ / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: src/or/connection_or.c
| | * | | | | | | | Reject create cells on outgoing OR connections from bridgesRobert Ransom2011-10-26
| | | | | | | | | |
| | * | | | | | | | Mark which OR connections are outgoingRobert Ransom2011-10-26
| | | | | | | | | |
| | * | | | | | | | Don't use any OR connection which sent us a CREATE_FAST cell for an EXTENDRobert Ransom2011-10-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix suggested by Nick Mathewson.
| | * | | | | | | | Don't send a certificate chain on outgoing TLS connections from non-relaysNick Mathewson2011-10-26
| | | | | | | | | |
* | | | | | | | | | Merge branch 'maint-0.2.2'Roger Dingledine2011-10-26
|\ \ \ \ \ \ \ \ \ \ | |/ / / / / / / / /
| * | | | | | | | | Merge branch 'maint-0.2.1' into maint-0.2.2Roger Dingledine2011-10-26
| |\ \ \ \ \ \ \ \ \ | | |/ / / / / / / /
| | * | | | | | | | Remove the -F option from tor-resolve.Nick Mathewson2011-10-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It used to mean "Force": it would tell tor-resolve to ask tor to resolve an address even if it ended with .onion. But when AutomapHostsOnResolve was added, automatically refusing to resolve .onion hosts stopped making sense. So in 0.2.1.16-rc (commit 298dc95dfd8), we made tor-resolve happy to resolve anything. The -F option stayed in, though, even though it didn't do anything. Oddly, it never got documented. Found while fixing GCC 4.6 "set, unused variable" warnings.
| | * | | | | | | | manually backport a5232e0c4cRoger Dingledine2011-10-26
| | | | | | | | | |
* | | | | | | | | | Merge branch 'maint-0.2.2'Roger Dingledine2011-10-26
|\ \ \ \ \ \ \ \ \ \ | |/ / / / / / / / /
| * | | | | | | | | Merge branch 'maint-0.2.1' into maint-0.2.2Roger Dingledine2011-10-26
| |\ \ \ \ \ \ \ \ \ | | |/ / / / / / / /
| | * | | | | | | | stop asserting at bootRoger Dingledine2011-10-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The patch for 3228 made us try to run init_keys() before we had loaded our state file, resulting in an assert inside init_keys. We had moved it too early in the function. Now it's later in the function, but still above the accounting calls.
| | * | | | | | | | Reinit keys at the start of options_act().Nick Mathewson2011-10-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously we did this nearer to the end (in the old_options && transition_affects_workers() block). But other stuff cares about keys being consistent with options... particularly anything which tries to access a key, which can die in assert_identity_keys_ok(). Fixes bug 3228; bugfix on 0.2.2.18-alpha. Conflicts: src/or/config.c
| | * | | | | | | | Don't crash a bridge authority on SIGHUP if it's not in the consensusRobert Ransom2011-10-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes bug 2572.
| | * | | | | | | | Fix assert for relay/bridge state changeSebastian Hahn2011-10-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When we added support for separate client tls certs on bridges in a2bb0bfdd5 we forgot to correctly initialize this when changing from relay to bridge or vice versa while Tor is running. Fix that by always initializing keys when the state changes. Fixes bug 2433. Conflicts: src/or/config.c
| | * | | | | | | | Don't crash when accountingmax is set in non-server TorsNick Mathewson2011-10-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We use a hash of the identity key to seed a prng to tell when an accounting period should end. But thanks to the bug998 changes, clients no longer have server-identity keys to use as a long-term seed in accounting calculations. In any case, their identity keys (as used in TLS) were never never fixed. So we can just set the wakeup time from a random seed instead there. Still open is whether everybody should be random. This patch fixes bug 2235, which was introduced in 0.2.2.18-alpha. Diagnosed with help from boboper on irc.
| | * | | | | | | | Properly refcount client_identity_keySebastian Hahn2011-10-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In a2bb0bf we started using a separate client identity key. When we are in "public server mode" (that means not a bridge) we will use the same key. Reusing the key without doing the proper refcounting leads to a segfault on cleanup during shutdown. Fix that. Also introduce an assert that triggers if our refcount falls below 0. That should never happen.
| | * | | | | | | | Add some asserts to get_{tlsclient|server}_identity_keyNick Mathewson2011-10-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We now require that: - Only actual servers should ever call get_server_identity_key - If you're being a client or bridge, the client and server keys should differ. - If you're being a public relay, the client and server keys should be the same.
generated by cgit v1.2.1 (git 2.18.0) at 2024-02-08 07:51:41 +0000