Roger Dingledine
19c372daf0
clean up a comment that confused arturo
2012-01-07 07:41:46 -05:00
Emile Snyder
d7eaa4b396
Change to use SSL_state_string_long() instead of homebrew ssl_state_to_string() function.
2012-01-06 05:31:34 -08:00
Nick Mathewson
ef69f2f2ab
Merge remote-tracking branch 'origin/maint-0.2.2'
2012-01-05 14:17:44 -05:00
Nick Mathewson
ccd8289958
Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
2012-01-05 14:16:30 -05:00
Robert Ransom
4752b34879
Log at info level when disabling SSLv3
2012-01-05 12:28:56 -05:00
Nick Mathewson
db78fe4589
Disable SSLv3 when using a not-up-to-date openssl
...
This is to address bug 4822, and CVE-2011-4576.
2012-01-05 12:28:55 -05:00
Roger Dingledine
9bfb8af265
Merge branch 'maint-0.2.2'
2012-01-05 06:55:34 -05:00
Roger Dingledine
a1074c7aa2
Merge branch 'maint-0.2.1' into maint-0.2.2
2012-01-05 06:45:28 -05:00
Roger Dingledine
ff03347579
note some dead code. if i'm right, should this be removed?
2012-01-05 05:37:06 -05:00
Karsten Loesing
1db1b23a7b
Update to the January 2012 GeoIP database.
2012-01-05 11:10:57 +01:00
Nick Mathewson
65420e4cb5
Merge remote-tracking branch 'rransom-tor/bug1297b-v2'
2012-01-04 13:50:24 -05:00
Robert Ransom
0bd53b8d87
Verbotify documentation comments for the #1297-fix flags
2012-01-04 09:37:49 -08:00
Nick Mathewson
47b7a27929
Merge remote-tracking branch 'origin/maint-0.2.2'
2012-01-03 13:22:34 -05:00
Sebastian Hahn
5d9be49540
Fix a check-spaces violation in compat.c
...
Also fix a comment typo
2011-12-30 23:30:57 +01:00
Sebastian Hahn
d861b4cc9d
Fix spelling in a controlsocket log msg
...
Fixes bug 4803.
2011-12-30 23:27:02 +01:00
Nick Mathewson
bfae41328e
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-12-28 16:52:31 -05:00
Nick Mathewson
84bf8e3808
Merge remote-tracking branch 'public/bug4788' into maint-0.2.2
2011-12-28 16:50:45 -05:00
Nick Mathewson
9f06ec0c13
Add interface enumeration based on SIOCGIFCONF for older unixes
2011-12-28 16:34:16 -05:00
Nick Mathewson
5d44a6b334
Multicast addresses, if any were configured, would not be good if addrs
2011-12-28 16:34:16 -05:00
Nick Mathewson
aa529f6c32
Use getifaddrs, not connect+getsockname, to find our address
...
This resolves bug1827, and lets us avoid freaking people out.
Later, we can use it to get a complete list of our interfaces.
2011-12-28 16:34:16 -05:00
Nick Mathewson
e3a6493898
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-12-28 15:57:48 -05:00
Nick Mathewson
c563551eef
Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
2011-12-28 15:56:37 -05:00
Nick Mathewson
120a745346
Bug 4786 fix: don't convert EARLY to RELAY on v1 connections
...
We used to do this as a workaround for older Tors, but now it's never
the correct thing to do (especially since anything that didn't
understand RELAY_EARLY is now deprecated hard).
2011-12-28 15:54:06 -05:00
Robert Ransom
2b189a222b
Don't exit when marking a newly created _C_INTRODUCING circ for close
2011-12-28 09:02:14 -08:00
Nick Mathewson
9bcb187387
Authorities reject insecure Tors.
...
This patch should make us reject every Tor that was vulnerable to
CVE-2011-0427. Additionally, it makes us reject every Tor that couldn't
handle RELAY_EARLY cells, which helps with proposal 110 (#4339 ).
2011-12-27 21:47:04 -05:00
Nick Mathewson
78f43c5d03
Require openssl 1.0.0a for using openssl's ctr-mode implementation
...
Previously we required 1.0.0, but there was a bug in the 1.0.0 counter
mode. Found by Pascal. Fixes bug 4779.
A more elegant solution would be good here if somebody has time to code
one.
2011-12-27 20:31:23 -05:00
Robert Ransom
836161c560
Add an option to close HS service-side rend circs on timeout
2011-12-27 08:02:43 -08:00
Robert Ransom
f88c8ca8c9
Don't close HS service-side rend circs on timeout
2011-12-27 08:02:43 -08:00
Robert Ransom
078e3e9dd5
Add an option to close 'almost-connected' HS client circs on timeout
2011-12-27 08:02:43 -08:00
Robert Ransom
4b13c33c0c
Don't close HS client circs which are 'almost connected' on timeout
2011-12-27 08:02:42 -08:00
Nick Mathewson
334a0513de
Downgrade relay_early-related warning
2011-12-26 18:11:41 -05:00
Nick Mathewson
85d7811456
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-12-26 17:58:51 -05:00
Roger Dingledine
3aade2fab7
Merge remote-tracking branch 'nickm/prop110_v2'
2011-12-25 17:43:09 -05:00
Sebastian Hahn
da876aec63
Provide correct timeradd/timersup replacements
...
Bug caught and patch provided by Vektor. Fixes bug 4778.t
2011-12-25 23:19:08 +01:00
Robert Ransom
4c3a23b283
Look up the rend circ whose INTRODUCE1 is being ACKed correctly
...
This change cannibalizes circuit_get_by_rend_query_and_purpose because it
had exactly one caller.
2011-12-22 23:46:09 -08:00
Nick Mathewson
7cb804343b
Merge remote-tracking branch 'rransom/feature2411-v4'
2011-12-22 10:51:39 -05:00
Nick Mathewson
782b7f49d8
Fix bug2571: warn on EntryNodes set and UseEntryGuards disabled
2011-12-22 10:31:52 -05:00
Kamran Riaz Khan
a1c1fc72d1
Prepend cwd for relative config file paths.
...
Modifies filenames which do not start with '/' or '.' on non-Windows
platforms; uses _fullpath on Windows.
2011-12-22 10:17:48 -05:00
Nick Mathewson
2710a96ba4
Allow prop110 violations if AllowNonearlyExtend is set in consensus
2011-12-22 10:12:49 -05:00
Nick Mathewson
847541ce5d
Log what fraction of EXTEND cells have died for being non-early
2011-12-22 09:51:59 -05:00
Nick Mathewson
0187bd8728
Implement the last of proposal 110
...
Reject all EXTEND requests not received in a relay_early cell
2011-12-22 09:51:59 -05:00
Robert Ransom
66f77561c0
Mark each intro circ with the rend cookie sent in its INTRODUCE1 cell
...
Needed by fix for #4759 .
2011-12-22 06:45:45 -08:00
Nick Mathewson
878a684386
Merge remote-tracking branch 'public/bug4697'
2011-12-22 09:45:26 -05:00
Nick Mathewson
8cdeaedf86
Convert a couple of char[256]s into sockaddr_storage
2011-12-21 11:23:13 -05:00
Nick Mathewson
f75660958c
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-12-21 11:20:56 -05:00
Nick Mathewson
b5e6bbc01d
Do not even try to keep going on a socket with socklen==0
...
Back in #1240 , r1eo linked to information about how this could happen
with older Linux kernels in response to nmap. Bugs #4545 and #4547
are about how our approach to trying to deal with this condition was
broken and stupid. Thanks to wanoskarnet for reminding us about #1240 .
This is a fix for the abovementioned bugs, and is a bugfix on
0.1.0.3-rc.
2011-12-21 11:19:41 -05:00
Nick Mathewson
14127f226d
Merge remote-tracking branch 'asn-mytor/bug4531'
2011-12-20 14:40:16 -05:00
Nick Mathewson
26053bd7c9
Merge remote-tracking branch 'asn-mytor/bug4725_take2'
2011-12-20 14:28:31 -05:00
George Kadianakis
0cfdd88adb
Don't call tor_tls_set_logged_address till after checking conn->tls.
...
Fixes bug 4531.
2011-12-20 19:21:15 +01:00
Nick Mathewson
ba1766bc3f
Add explicit cast to make gcc happy
2011-12-20 11:19:57 -05:00