nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-23 20:03:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

touch-ups

Browse Source
This commit is contained in:
Roger Dingledine 2012-10-26 00:39:06 -04:00
parent d44b7bb525
commit 4fc866ce7f
2 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
ChangeLog
View File

@ -1,13 +1,13 @@
Changes in version 0.2.4.5-alpha - 2012-10-25 Changes in version 0.2.4.5-alpha - 2012-10-25
Tor 0.2.3.24-rc comes hard at the heels of 0.2.4.4-alpha, to fix two Tor 0.2.4.5-alpha comes hard at the heels of 0.2.4.4-alpha, to fix
important security vulnerabilities that could lead to remotely two important security vulnerabilities that could lead to remotely
triggerable relay crashes, fixes a major bug that was preventing triggerable relay crashes, fix a major bug that was preventing clients
clients from choosing good exit nodes, and refactor some of our code. from choosing suitable exit nodes, and refactor some of our code.
o Major bugfixes (security, also in 0.2.3.24-rc): o Major bugfixes (security, also in 0.2.3.24-rc):
- Fix a group of remotely triggerable assertion failures related to - Fix a group of remotely triggerable assertion failures related to
incorrect link protocol negotiation. Found, diagnosed, and fixed incorrect link protocol negotiation. Found, diagnosed, and fixed
by "some guy from France." Fix for CVE-2012-2250; bugfix on by "some guy from France". Fix for CVE-2012-2250; bugfix on
0.2.3.6-alpha. 0.2.3.6-alpha.
- Fix a denial of service attack by which any directory authority - Fix a denial of service attack by which any directory authority
could crash all the others, or by which a single v2 directory could crash all the others, or by which a single v2 directory
@ -32,7 +32,7 @@ Changes in version 0.2.4.5-alpha - 2012-10-25
o Minor bugfixes: o Minor bugfixes:
- Only disable TLS session ticket support when running as a TLS - Only disable TLS session ticket support when running as a TLS
server. This keeps clients harder to distinguish from regular firefox server. Now clients will blend better with regular Firefox
connections. Fixes bug 7189; bugfix on Tor 0.2.3.23-rc. connections. Fixes bug 7189; bugfix on Tor 0.2.3.23-rc.
o Code simplification and refactoring: o Code simplification and refactoring:

2
src/common/tortls.c
View File

@ -1195,7 +1195,7 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime,
* create an opportunity to fingerprint us (since it's unusual to use them * create an opportunity to fingerprint us (since it's unusual to use them
* with TLS sessions turned off). * with TLS sessions turned off).
* *
* In 0.2.4, clients advertise support for them, though to avoid a TLS * In 0.2.4, clients advertise support for them though, to avoid a TLS
* distinguishability vector. This can give us worse PFS, though, if we * distinguishability vector. This can give us worse PFS, though, if we
* get a server that doesn't set SSL_OP_NO_TICKET. With luck, there will * get a server that doesn't set SSL_OP_NO_TICKET. With luck, there will
* be few such servers by the time 0.2.4 is more stable. * be few such servers by the time 0.2.4 is more stable.