Nick Mathewson
118bfab75b
add test-memwipe to .gitignore
2015-06-17 13:01:39 -04:00
Nick Mathewson
d3b4214c6e
Fix an unchecked-case warning on windows
2015-06-17 11:31:53 -04:00
Nick Mathewson
be32777aa5
changes file for 13642
2015-06-17 10:51:39 -04:00
Nick Mathewson
b9b658e727
Add the openssh 6.8p1 readpassphrase implementation
...
This way glibc users don't have to fall back to getpass.
Windows users are still out of luck
2015-06-17 10:41:22 -04:00
Nick Mathewson
8d44ce910d
Add readpassphrase.c in src/ext
...
This is taken verbatim from openssh 6.8p1, which appears to have
lightly tweaked it from the openbsd version.
2015-06-17 10:19:40 -04:00
Nick Mathewson
d68133c745
Merge branch '13642_offline_master_v2_squashed'
2015-06-17 10:12:37 -04:00
Nick Mathewson
b6eee531bb
Support encrypted offline master keys with a new --keygen flag
...
When --keygen is provided, we prompt for a passphrase when we make a
new master key; if it is nonempty, we store the secret key in a new
crypto_pwbox.
Also, if --keygen is provided and there *is* an encrypted master key,
we load it and prompt for a passphrase unconditionally.
We make a new signing key unconditionally when --keygen is provided.
We never overwrite a master key.
2015-06-17 10:11:18 -04:00
Nick Mathewson
cbdf2c5d8f
Add a tor_getpass to read passphrases. Needs better backend.
2015-06-17 10:11:18 -04:00
David Goulet
a5b5d4bd2e
Extend intro point to a 4th hop on cannibalization
...
Fixes #16260
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-06-17 09:32:26 -04:00
Nick Mathewson
43a98c7da6
Merge remote-tracking branch 'origin/maint-0.2.6'
2015-06-17 09:19:11 -04:00
Nick Mathewson
c8cb55659a
Merge remote-tracking branch 'origin/maint-0.2.5' into maint-0.2.6
2015-06-17 09:18:45 -04:00
teor
75388f67c0
Correctly handle failed crypto_early_init
...
If crypto_early_init fails, a typo in a return value from tor_init
means that tor_main continues running, rather than returning
an error value.
Fixes bug 16360; bugfix on d3fb846d8c#4900 .
Patch by "teor".
2015-06-17 09:18:32 -04:00
David Goulet
8acf5255c2
Revert "Do not replace a HS descriptor with a different replica of itself"
...
This reverts commit 9407040c59
2015-06-16 13:41:42 -04:00
teor
8092ae0c4e
Document the consensus download interval used by hidden services
...
In the comments in update_consensus_networkstatus_fetch_time_impl
in networkstatus.c
2015-06-16 03:11:09 +10:00
teor
4079d2e0a5
Fix spacing in tortls.c
2015-06-16 03:10:44 +10:00
Nick Mathewson
130a9c0ac8
Merge remote-tracking branch 'origin/maint-0.2.6'
2015-06-15 10:19:46 -04:00
Nick Mathewson
3c5fe7b8ab
Merge commit '1eb2c0cbd3a9be2650419bd07474770629261f56'
...
This is an 'ours' merge to leave the version number alone.
2015-06-15 10:19:32 -04:00
Nick Mathewson
59fa0c2d99
Fix another seccomp2 issue
...
Allow pipe() and pipe2() syscalls; we need these when eventfd2()
support is missing. Fixes bug 16363; bugfix on 0.2.6.3-alpha. Patch
from "teor".
2015-06-15 10:13:11 -04:00
Nick Mathewson
c3e3c6ca85
Merge remote-tracking branch 'teor/feature15817-clang-sanitizers'
2015-06-11 10:24:28 -04:00
Nick Mathewson
aab7d666cd
Add a log message to try to track down #16013
2015-06-11 09:55:47 -04:00
Nick Mathewson
09895d48c6
Spell occurred right
2015-06-10 14:09:36 -04:00
Nick Mathewson
59b0272883
fwd-port 0.2.6.9 changes
2015-06-10 13:58:20 -04:00
Nick Mathewson
a60d9023c3
Merge remote-tracking branch 'teor/bug16343-master-key-assert'
2015-06-10 12:40:32 -04:00
teor
e870f6285d
Fix clang address of struct member always non-NULL in SSL master key
...
clang complains that the address of struct member in an assert in
SSL_SESSION_get_master_key is always non-NULL.
Instead, check each pointer argument is non-NULL before using it.
Fix on f90a704f12
2015-06-11 01:06:15 +10:00
Andrea Shepard
95bcd2dc15
Update and clarify release checklist
2015-06-10 15:05:52 +00:00
Andrea Shepard
1eb2c0cbd3
Bump version to 0.2.6.9
2015-06-10 15:02:04 +00:00
teor
3879c10162
Tweak clang sanitizer blacklist for out-of-tree builds, make, ccache
...
Avoid using file names and file paths for compatibility with
out-of-tree builds.
Note make and ccache don't track blacklist dependencies,
add workarounds.
2015-06-11 00:59:04 +10:00
Karsten Loesing
08e14e1448
Update geoip6 to the June 3 2015 database.
2015-06-09 16:28:48 +02:00
Karsten Loesing
e5907e94c2
Update geoip to the June 3 2015 database.
2015-06-09 16:26:10 +02:00
Nick Mathewson
64bdf040f0
Merge remote-tracking branch 'teor/feature15817-clang-sanitizers'
2015-06-08 10:57:25 -04:00
Nick Mathewson
c0c0a6085e
Merge remote-tracking branch 'origin/maint-0.2.6'
2015-06-08 10:33:38 -04:00
David Goulet
6785f0b65a
HSDir flag now requires the Stable flag
...
Fixes #8243
2015-06-08 10:28:35 -04:00
teor
7f3b15a8ec
Edit contrib/README to document the contrib/clang directory
2015-06-06 07:56:41 +10:00
teor
bc0a9843e5
Add instructions for clang sanitizers, static analyzer, and coverity
...
Document use of coverity, clang static analyzer, and clang dynamic
undefined behavior and address sanitizers in doc/HACKING.
Add clang dynamic sanitizer blacklist in
contrib/clang/sanitizer_blacklist.txt to exempt known undefined
behavior. Include detailed usage instructions in this blacklist file.
Patch by "teor".
2015-06-06 04:04:23 +10:00
Nick Mathewson
2f67a6e8c9
Merge remote-tracking branch 'origin/maint-0.2.6'
2015-06-04 15:02:47 -04:00
Yawning Angel
f2ff814582
Set session_group after the port's data structure has been populated.
...
Fixes #16247 , patch by "jojelino".
2015-06-04 13:53:35 +00:00
Nick Mathewson
e48f8e5e87
Merge remote-tracking branch 'public/bug15760_hard_026_v2'
2015-06-02 15:08:14 -04:00
Yawning Angel
8024f6a75f
A few more minor OpenSSL 1.1 fixes.
...
* Use `TLS_method()` instead of the deprecated `SSLv23_method()`
* Fix one missed conversion to `SSL_CIPHER_get_id()`
2015-06-02 15:04:20 -04:00
Nick Mathewson
34edf17d88
Merge remote-tracking branch 'teor/bug16115-minor-fixes'
2015-06-02 14:51:13 -04:00
Nick Mathewson
e8386cce1c
Merge remote-tracking branch 'origin/maint-0.2.6'
2015-06-02 14:29:37 -04:00
Peter Palfrader
a68e5323f8
Fix sandboxing to work when running as a relay
...
This includes correctly allowing renaming secret_id_key and allowing the
eventfd2 and futex syscalls. Fixes bug 16244; bugfix on 0.2.6.1-alpha.
2015-06-02 14:20:01 -04:00
teor
6d8a2ff24f
Check for NULL values in getinfo_helper_onions
...
Fix on 915c7438a7
2015-06-03 04:19:06 +10:00
teor
383a27afc5
Ensure signing_key is non-NULL before accessing one of its members
...
signing_key can be NULL in ed_key_init_from_file in routerkeys.c.
Discovered by clang 3.7 address sanitizer.
Fix on c03694938e
2015-06-03 04:19:05 +10:00
teor
e0477de0e2
Remove undefined directive-in-macro in test_util_writepid
...
clang 3.7 complains that using a preprocessor directive inside
a macro invocation in test_util_writepid in test_util.c is undefined.
Fix on 79e85313aa
2015-06-03 04:19:05 +10:00
teor
2b73dbf2a4
Always initialise return value in compute_desc_id in rendcommon.c
...
Fix on e6a581f126
2015-06-03 04:19:05 +10:00
teor
b3f79da0d5
Silence unused variable warnings in find_cipher_by_id
...
Unused variable warnings were still generated under some versions of OpenSSL.
Instead, make sure all variables are used under all versions.
Fix on 496df21c89
2015-06-03 04:19:05 +10:00
teor
b1094fdec5
Fix an incorrect comment on spawn_func
...
spawn_func calls pthread_create on unix, not fork
Fix on existing code split out of compat.c into
compat_pthreads.c in c2f0d52b7f
2015-06-03 04:18:43 +10:00
Nick Mathewson
0030765e04
Merge remote-tracking branch 'public/bug15760_hard_026_v2'
...
Conflicts:
src/common/tortls.c
2015-06-02 13:45:27 -04:00
Nick Mathewson
ff835e2328
Use autoconf, not OPENSSL_VERSION_NUMBER, to detect SSL_CIPHER_find
...
Repairs build with libressl
2015-06-02 13:38:27 -04:00
Nick Mathewson
f90a704f12
Use accessor functions for client_random/server_random/master_key
...
If OpenSSL accepts my patch to introduce these functions, they'll
be a way to help Tor work with OpenSSL 1.1.
2015-06-02 13:38:27 -04:00
