Robert Ransom
987190c2bc
Require that certain public keys have public exponent 65537
2011-05-16 14:28:46 -04:00
Robert Ransom
d2629f78a0
Add crypto_pk_check_key_public_exponent function
2011-05-16 14:07:34 -04:00
Robert Ransom
7571e9f1cb
Check fetched rendezvous descriptors' service IDs
2011-05-16 14:07:24 -04:00
Nick Mathewson
00ff80e0ae
Fixup whitespace issues from 3122 commit
2011-05-15 20:06:36 -04:00
Nick Mathewson
10d670674a
Another doc tweak on tor_memcmp: <b>b</b>, not <b>.
2011-05-15 19:56:05 -04:00
Roger Dingledine
b48f83ab8c
minor tweaks to 4b19730c82
2011-05-15 19:20:42 -04:00
Nick Mathewson
1f678277a1
Merge remote-tracking branch 'public/bug3122_memcmp_squashed' into maint-0.2.1
2011-05-12 19:20:40 -04:00
Nick Mathewson
d1c7f65a8e
Merge branch 'bug3135' into maint-0.2.1
2011-05-11 22:49:44 -04:00
Nick Mathewson
13847b8db6
Fix crash when read_file_to_string() fails in SAVECONF
...
The new behavior is to try to rename the old file if there is one there
that we can't read. In all likelihood, that will fail too, but at least
we tried, and at least it won't crash.
2011-05-11 22:05:41 -04:00
Nick Mathewson
59f9097d5c
Hand-conversion and audit phase of memcmp transition
...
Here I looked at the results of the automated conversion and cleaned
them up as follows:
If there was a tor_memcmp or tor_memeq that was in fact "safe"[*] I
changed it to a fast_memcmp or fast_memeq.
Otherwise if there was a tor_memcmp that could turn into a
tor_memneq or tor_memeq, I converted it.
This wants close attention.
[*] I'm erring on the side of caution here, and leaving some things
as tor_memcmp that could in my opinion use the data-dependent
fast_memcmp variant.
2011-05-11 16:12:51 -04:00
Nick Mathewson
db7b2a33ee
Automated conversion of memcmp to tor_memcmp/tor_mem[n]eq
...
This commit is _exactly_ the result of
perl -i -pe 's/\bmemcmp\(/tor_memcmp\(/g' src/*/*.[ch]
perl -i -pe 's/\!\s*tor_memcmp\(/tor_memeq\(/g' src/*/*.[ch]
perl -i -pe 's/0\s*==\s*tor_memcmp\(/tor_memeq\(/g' src/*/*.[ch]
perl -i -pe 's/0\s*!=\s*tor_memcmp\(/tor_memneq\(/g' src/*/*.[ch]
git checkout src/common/di_ops.[ch]
git checkout src/or/test.c
git checkout src/common/test.h
2011-05-11 16:12:51 -04:00
Nick Mathewson
1d703ed22b
Add a "di_ops.h" include to util.h
2011-05-11 16:12:51 -04:00
Nick Mathewson
4b19730c82
Add a data-independent variant of memcmp and a d-i memeq function.
...
The tor_memcmp code is by Robert Ransom, and the tor_memeq code is
by me. Both incorporate some ideas from DJB's stuff.
2011-05-11 16:12:33 -04:00
Roger Dingledine
e7b10e5ecf
Update to the May 1 2011 Maxmind GeoLite Country database
2011-05-10 23:04:11 -04:00
Sebastian Hahn
8a36f21251
Fix a failure case of connection_ap_handshake_attach_circuit()
...
tor_fragile_assert() might be a no-op, so we have to return something
here to indicate failure to the caller.
2011-04-28 18:14:50 +02:00
Robert Ransom
f1cf9bd74d
Fix a bug introduced by purging rend_cache on NEWNYM
...
If the user sent a SIGNAL NEWNYM command after we fetched a rendezvous
descriptor, while we were building the introduction-point circuit, we
would give up entirely on trying to connect to the hidden service.
Original patch by rransom slightly edited to go into 0.2.1
2011-04-28 18:14:50 +02:00
Robert Ransom
2ad18ae736
Allow rend_client_send_introduction to fail transiently
...
i.e. without closing the AP connection.
2011-04-28 18:14:50 +02:00
Robert Ransom
440e48ddf2
Forget all rendezvous client state on SIGNAL NEWNYM
2011-04-28 18:14:50 +02:00
Nick Mathewson
43ffd023e9
Make SIZE_T_CEILING unsigned; add a signed SSIZE_T_CEILING
...
None of the comparisons were _broken_ previously, but avoiding
signed/unsigned comparisons makes everybody happier.
Fixes bug2475.
2011-04-26 13:03:58 -04:00
Nick Mathewson
e98583594d
Fix a bug in removing DNSPort requests from their circular list
...
Under heavy load, this could result in an assertion failure. Fix for
bug 2933; bugfix on 0.2.0.10-alpha.
2011-04-21 13:39:00 -04:00
Nick Mathewson
dfc9c6a0f9
Merge remote-tracking branch 'rransom/bug2750-v3' into maint-0.2.1
2011-04-19 12:30:50 -04:00
Nick Mathewson
cfd7b118a7
Ouch: correctly tabify the micro-revision.i target in Makefile.am (0.2.1 only)
2011-04-19 12:29:20 -04:00
Robert Ransom
adc31001c2
Add an XXX
2011-04-18 13:25:48 -07:00
Robert Ransom
bfebc942ea
Correct the warning emitted when rejecting an oversized HS desc
2011-04-18 13:17:40 -07:00
Nick Mathewson
32341ac467
Merge remote-tracking branch 'public/bug2402_again' into maint-0.2.1
2011-04-06 16:13:22 -04:00
Roger Dingledine
0cdd262941
switch to the apr 2011 geoip db
2011-04-04 03:52:58 -04:00
Erinn Clark
3a7cee9d29
Fix configure.in zlib package names.
2011-03-28 17:48:22 -04:00
Sebastian Hahn
30b3f0cdb1
Fix a compile warning when using clang
...
Issue noticed by Steven Murdoch; fixes bug 2689. The cast didn't do
anything, and we don't need to look at the return value of the function
here.
2011-03-15 15:13:35 -04:00
Roger Dingledine
1a9d19e972
we're not reachable if we don't have a routerinfo yet
2011-03-13 15:47:59 -04:00
Roger Dingledine
151ab61442
put the 0.2.1.30 changes into releasenotes
2011-03-11 17:38:55 -05:00
Nick Mathewson
02d93caa09
Backport: Generate version tags using Git, not (broken) svn revisions.
...
Partial backport of daa0326aaa
2011-03-11 11:01:17 -05:00
Nick Mathewson
671318c3a8
Revert "Simplest fix to bug2402: do not include SVN versions"
...
This reverts commit a1073ee956
2011-03-11 10:47:25 -05:00
Roger Dingledine
d080fe8db1
move to march 2011 geoip file
2011-03-08 18:15:17 -05:00
Nick Mathewson
9a6df21539
Avoid crash in any_pending_bridge_descriptor_fetches
...
This is based on shitlei's fix for bug2629, with extra parens removed.
Fixes bug 2629, bugfix on 0.2.1.2-alpha.
2011-03-08 15:17:41 -05:00
Nick Mathewson
4fa70e11ed
Merge branch 'real_ipv6_fix' into maint-0.2.1
2011-03-06 13:42:05 -05:00
Nick Mathewson
2ce132e335
Oops, here's the *REAL* fix for the ipv6 issue
...
We need to _REJECT_ descriptors with accept6/reject6 lines. If we
let them onto the network , other un-upgraded tors will crash.
2011-03-06 13:41:55 -05:00
Nick Mathewson
0f637492e3
Merge branch 'careful_with_all_descs' into maint-0.2.1
2011-03-06 13:35:42 -05:00
Nick Mathewson
b231026c42
changes file for careful_with_all_descs
2011-03-06 13:35:24 -05:00
Nick Mathewson
3da0837b0b
Revert "Disallow reject6 and accept6 lines in descriptors"
...
This reverts commit b3918b3bbb
2011-03-06 13:26:38 -05:00
Nick Mathewson
8b01fd7bad
exit_policy_is_general_exit is IPv4 only; it should admit it.
2011-03-06 13:16:53 -05:00
Nick Mathewson
fb421c0005
Changes file for ipv6 parsing issue
2011-03-06 13:15:32 -05:00
Sebastian Hahn
b3918b3bbb
Disallow reject6 and accept6 lines in descriptors
...
This fixes a remotely triggerable assert on directory authorities, who
don't handle descriptors with ipv6 contents well yet. We will want to
revert this once we're ready to handle ipv6.
Issue raised by lorth on #tor, who wasn't able to use Tor anymore.
Analyzed with help from Christian Fromme. Fix suggested by arma. Bugfix
on 0.2.1.3-alpha.
2011-03-06 18:20:28 +01:00
Nick Mathewson
bcbc8c51cb
Do not serve encrypt-only descriptors with the "all" request. Reported by piebeer
2011-03-04 00:04:25 -05:00
Nick Mathewson
10ad3442e1
Remove doc/spec/Makefile.in from list of generated files
2011-02-22 17:51:03 -05:00
Nick Mathewson
491abbc65e
Merge remote branch 'public/bug1859_021' into maint-0.2.1
2011-02-22 17:19:41 -05:00
Nick Mathewson
7605985b3f
Merge remote branch 'public/bug2402_nothing' into maint-0.2.1
2011-02-22 15:54:13 -05:00
Roger Dingledine
372773d681
changes file for removing torspec from the tarball
2011-02-22 14:50:00 -05:00
Roger Dingledine
0ab62a4dc5
prefer https urls
2011-02-22 14:39:09 -05:00
Nick Mathewson
7bdb7d4811
Remove specs from 0.2.1 branch: they have moved to a new repository.
2011-02-21 16:02:16 -05:00
Roger Dingledine
28de4d83fd
fix the other half of bug 1074
2011-02-10 17:11:06 -05:00
