Commit Graph

24250 Commits

Author SHA1 Message Date
Nick Mathewson
0666928c5c Replace signature-checking and digest-checking while fuzzing 2017-01-30 08:37:22 -05:00
Nick Mathewson
e2aeaeb76c Make a bunch of signature/digest-checking functions mockable 2017-01-30 08:37:22 -05:00
Nick Mathewson
67eb6470d7 Merge branches 'server_ciphers' and 'ciphers.inc' 2017-01-27 16:45:18 -05:00
Nick Mathewson
26a9787aa5 MOre gen_server_ciphers improvements:
- Remove DES from mandatory list.
  - always put the closing ; on its own line.
2017-01-27 16:15:26 -05:00
Nick Mathewson
3bfe5dae04 Merge remote-tracking branch 'dgoulet/ticket21269_030_01' 2017-01-27 11:26:23 -05:00
Daniel Kahn Gillmor
e1337b4252 client: set IPv6Traffic to on by default
See:
  https://trac.torproject.org/projects/tor/ticket/21269
  https://bugs.debian.org/851798

Closes #21269

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-01-27 09:12:32 -05:00
Nick Mathewson
8bd3c1b74d Merge branch 'feature17975' 2017-01-27 08:13:37 -05:00
Nick Mathewson
795582169a Bulletproof conn_get_outbound_address() a little. 2017-01-27 08:12:14 -05:00
Nick Mathewson
782c52658c Remove an impossible comparison. 2017-01-27 08:08:08 -05:00
Nick Mathewson
81c78ec755 Outbindbindaddress variants for Exit and OR.
Allow separation of exit and relay traffic to different source IP
addresses (Ticket #17975). Written by Michael Sonntag.
2017-01-27 08:05:29 -05:00
Nick Mathewson
ad382049ed Fix a signed/unsigned comparison warning 2017-01-25 13:23:08 -05:00
junglefowl
373d9aff7a Fail if file is too large to mmap.
If tor_mmap_file is called with a file which is larger than SIZE_MAX,
only a small part of the file will be memory-mapped due to integer
truncation.

This can only realistically happen on 32 bit architectures with large
file support.
2017-01-25 13:21:44 -05:00
Nick Mathewson
1130fd87ed changes file for 21280 2017-01-25 13:15:37 -05:00
junglefowl
d5a95e1ea1 Do not truncate too long hostnames
If a hostname is supplied to tor-resolve which is too long, it will be
silently truncated, resulting in a different hostname lookup:

$ tor-resolve $(python -c 'print("google.com" + "m" * 256)')

If tor-resolve uses SOCKS5, the length is stored in an unsigned char,
which overflows in this case and leads to the hostname "google.com".
As this one is a valid hostname, it returns an address instead of giving
an error due to the invalid supplied hostname.
2017-01-25 13:13:25 -05:00
Suphanat Chunhapanya
05c1e2b7d6 Add ChangeLog for check_existing 2017-01-25 13:11:57 -05:00
Suphanat Chunhapanya
1e26d6dbe8 Add the output file to the usage 2017-01-25 13:11:57 -05:00
Suphanat Chunhapanya
e6eaf14350 Add usage for check_existing 2017-01-25 13:11:57 -05:00
Suphanat Chunhapanya
d97792d596 Logging existing fallbacks at warning level 2017-01-25 13:11:57 -05:00
Suphanat Chunhapanya
3fd58aa98d Automate checking existing fallbacks 2017-01-25 13:11:56 -05:00
Nick Mathewson
363be43df3 Re-run gen_server_ciphers 2017-01-24 15:30:35 -05:00
Nick Mathewson
8a9eca1267 Teach gen_server_ciphers about CCM and Chacha.
Also, teach it to not use 3DES any more.
2017-01-24 15:29:26 -05:00
Nick Mathewson
4f1dc34e36 Regenerate ciphers.inc 2017-01-24 15:05:35 -05:00
Nick Mathewson
3db28eaea2 Update ciphers.inc script to understand openssl-1.1 2017-01-24 15:02:36 -05:00
Nick Mathewson
9e8671bb9a Merge branch 'bug20824_v4' 2017-01-24 09:20:49 -05:00
Nick Mathewson
33dcd0c44b changes file for DROPGUARDS 2017-01-24 09:19:44 -05:00
Nick Mathewson
12efa1f1cc Add a unit test for dropguards 2017-01-24 09:18:56 -05:00
Nick Mathewson
818b44cc7c Repair the (deprecated, ugly) DROPGUARDS controller function.
This actually is much easier to write now that guard_selection_t is
first-class.
2017-01-24 09:18:56 -05:00
Nick Mathewson
fae4d3d925 Merge remote-tracking branch 'asn/remove_legacy_guards' 2017-01-24 09:01:25 -05:00
George Kadianakis
b047d97b28 Remove some more remnants of legacy guard selection. 2017-01-24 13:35:57 +02:00
Nick Mathewson
d95d988946 Merge branch 'feature_20956_029' 2017-01-23 16:07:15 -05:00
Nick Mathewson
83307fc267 Add __SocksPort etc variants for non-persistent use
Implements feature 20956.
2017-01-23 16:06:51 -05:00
Nick Mathewson
c4cc11a9df Bump to 0.3.0.2-alpha-dev 2017-01-23 14:38:10 -05:00
Nick Mathewson
7dd5fcb707 Merge branch 'maint-0.2.9' 2017-01-23 14:34:33 -05:00
Nick Mathewson
0d4d9b6d88 Bump version to 0.2.9.9-dev 2017-01-23 14:34:08 -05:00
Roger Dingledine
0668d29354 forward-port the 0.2.9.9 changelog stanza 2017-01-23 09:42:02 -05:00
Nick Mathewson
e760c1b291 forward-port trove-2017-001 entry and blurb. 2017-01-23 09:16:36 -05:00
Nick Mathewson
55eca7a374 Remove an x 2017-01-23 09:09:23 -05:00
Nick Mathewson
4a93ed1ede Merge branch 'maint-0.2.9' 2017-01-23 08:55:40 -05:00
Nick Mathewson
767516680c TROVE-2017-001 : move -ftrapv back into --expensive-hardening. 2017-01-23 08:47:10 -05:00
Nick Mathewson
beaeee25ae version bump (0.3.0.2-alpha) 2017-01-23 08:20:46 -05:00
Nick Mathewson
5a1497c0b7 Merge branch 'maint-0.2.9' 2017-01-23 08:20:13 -05:00
Nick Mathewson
698df98837 version bump 2017-01-23 08:19:48 -05:00
Nick Mathewson
b3ae5753b6 Note "also in 0.2.9.9" for backported entries. 2017-01-23 07:59:02 -05:00
Nick Mathewson
15dd86cc1f Reflow changelog 2017-01-23 07:56:11 -05:00
Roger Dingledine
4fc0a31287 clean up changelog for 0.3.0.2-alpha release 2017-01-22 22:08:15 -05:00
Roger Dingledine
5066facb23 try to explain bug 20307 better 2017-01-22 20:51:57 -05:00
Nick Mathewson
d78ed9fb73 oh, here it is 2017-01-22 19:40:30 -05:00
Nick Mathewson
5baa3ec06e Begin 0.3.0.2-alpha changelog
(Automated sort and format)
2017-01-22 19:05:50 -05:00
Nick Mathewson
da65bdd320 Merge branch 'maint-0.2.9'
"ours" merge to avoid taking cherry-picked 20307 fix
2017-01-22 19:04:02 -05:00
Roger Dingledine
bcbb2d111b clean up grammar on bug20307 changes file
pointed out by toralf on irc
2017-01-22 19:03:12 -05:00