Nick Mathewson
a86f95df5c
Merge branch 'maint-0.2.8' into maint-0.2.9
2017-02-13 14:38:03 -05:00
Nick Mathewson
9b90d515a9
Merge branch 'maint-0.2.7' into maint-0.2.8
2017-02-13 14:37:55 -05:00
Nick Mathewson
75fe218b16
Merge branch 'maint-0.2.6' into maint-0.2.7
2017-02-13 14:37:49 -05:00
Nick Mathewson
43c18b1b7a
Merge branch 'maint-0.2.5' into maint-0.2.6
2017-02-13 14:37:42 -05:00
Nick Mathewson
124062e843
Merge branch 'maint-0.2.4' into maint-0.2.5
2017-02-13 14:37:01 -05:00
Karsten Loesing
f6016058b4
Update geoip and geoip6 to the February 8 2017 database.
2017-02-12 15:56:31 +01:00
Nick Mathewson
23f1caf2af
Merge branch 'maint-0.2.8' into maint-0.2.9
2017-02-07 10:39:23 -05:00
Nick Mathewson
eca4a89319
Merge branch 'maint-0.2.7' into maint-0.2.8
2017-02-07 10:39:13 -05:00
Nick Mathewson
4bce2072ac
Merge branch 'maint-0.2.6' into maint-0.2.7
2017-02-07 10:39:03 -05:00
Nick Mathewson
f2a30413a3
Merge branch 'maint-0.2.5' into maint-0.2.6
2017-02-07 10:37:53 -05:00
Nick Mathewson
2ce4330249
Merge remote-tracking branch 'public/bug18710_025' into maint-0.2.5
2017-02-07 10:37:43 -05:00
Nick Mathewson
c056d19323
Merge branch 'maint-0.2.4' into maint-0.2.5
2017-02-07 10:37:31 -05:00
Nick Mathewson
85a2487f97
Disable a log_backtrace (which 0.2.4 does not have) in 16248 fix
2017-02-07 09:49:23 -05:00
Nick Mathewson
cfeb1db2fb
Add comments to connection_check_event().
2017-02-07 09:48:24 -05:00
Nick Mathewson
457d38a6e9
Change behavior on missing/present event to warn instead of asserting.
...
Add a changes file.
2017-02-07 09:48:19 -05:00
Nick Mathewson
650c03127a
If we start/stop reading on a dnsserv connection, don't assert.
...
Fixes bug 16248. Patch from cypherpunks. Bugfix on 0.2.0.1-alpha.
2017-02-07 09:48:13 -05:00
Nick Mathewson
65cda78ec6
Merge branch 'maint-0.2.8' into maint-0.2.9
2017-02-07 09:30:19 -05:00
Nick Mathewson
a9f936d0d7
Merge branch 'maint-0.2.7' into maint-0.2.8
2017-02-07 09:30:10 -05:00
Nick Mathewson
86d5a6fac0
Merge branch 'maint-0.2.6' into maint-0.2.7
...
"ours" merge to avoid reverting 17354, which was already fixed in
0.2.7.4-rc.
2017-02-07 09:29:27 -05:00
Nick Mathewson
5446cb8d3d
Revert "Add hidserv-stats filname to our sandbox filter"
...
Reverting this in 0.2.6 only -- we're no backporting
seccomp2-loosening fixes to 0.2.6.
This reverts commit 2ec5e24c58
.
2017-02-07 09:28:50 -05:00
Nick Mathewson
a271ad2a7e
changes file for 21280
2017-02-07 09:27:17 -05:00
junglefowl
c4920a60c6
Do not truncate too long hostnames
...
If a hostname is supplied to tor-resolve which is too long, it will be
silently truncated, resulting in a different hostname lookup:
$ tor-resolve $(python -c 'print("google.com" + "m" * 256)')
If tor-resolve uses SOCKS5, the length is stored in an unsigned char,
which overflows in this case and leads to the hostname "google.com".
As this one is a valid hostname, it returns an address instead of giving
an error due to the invalid supplied hostname.
2017-02-07 09:27:00 -05:00
Nick Mathewson
9379984128
Merge branch 'teor_bug21357-v2_029' into maint-0.2.9
2017-02-07 09:24:08 -05:00
Nick Mathewson
dff390dcc7
Merge branch 'bug21108_029' into maint-0.2.9
2017-02-07 09:22:31 -05:00
Nick Mathewson
3e5b1c2d95
Merge branch 'maint-0.2.8' into maint-0.2.9
2017-02-07 09:20:52 -05:00
Nick Mathewson
b60fb3ab8b
Merge branch 'maint-0.2.7' into maint-0.2.8
2017-02-07 09:20:45 -05:00
Nick Mathewson
0a43134009
Merge branch 'maint-0.2.6' into maint-0.2.7
...
This is an "ours" merge to avoid conflicts on the authority list:
the 0.2.7 branch already has the tonga->bifroest merge.
2017-02-07 09:20:13 -05:00
Nick Mathewson
c6f2ae514e
Merge branch 'maint-0.2.5' into maint-0.2.6
2017-02-07 09:18:54 -05:00
Nick Mathewson
b9ef21cf56
Merge branch 'maint-0.2.4' into maint-0.2.5
2017-02-07 09:17:59 -05:00
Nick Mathewson
e4a42242ea
Backport the tonga->bifroest move to 0.2.4.
...
This is a backport of 19728 and 19690
2017-02-07 09:15:21 -05:00
Nick Mathewson
946661d1db
Merge branch 'maint-0.2.8' into maint-0.2.9
2017-02-07 08:55:35 -05:00
Nick Mathewson
93ea18e918
Merge branch 'maint-0.2.7' into maint-0.2.8
2017-02-07 08:55:28 -05:00
Nick Mathewson
115cefdeee
Merge branch 'maint-0.2.6' into maint-0.2.7
2017-02-07 08:55:07 -05:00
Nick Mathewson
e6965f78b8
Merge branch 'maint-0.2.5' into maint-0.2.6
2017-02-07 08:54:54 -05:00
Nick Mathewson
6b37512dc7
Merge branch 'maint-0.2.4' into maint-0.2.5
2017-02-07 08:54:47 -05:00
Nick Mathewson
d6eae78e29
Merge remote-tracking branch 'public/bug19152_024_v2' into maint-0.2.4
2017-02-07 08:47:11 -05:00
Nick Mathewson
0f46f7d1ec
Merge branch 'maint-0.2.8' into maint-0.2.9
2017-02-07 08:39:39 -05:00
Nick Mathewson
7b24f3e0fe
Merge branch 'maint-0.2.7' into maint-0.2.8
2017-02-07 08:39:33 -05:00
Nick Mathewson
eb72365554
Merge branch 'maint-0.2.6' into maint-0.2.7
2017-02-07 08:39:25 -05:00
Nick Mathewson
8936c50d83
Merge branch 'maint-0.2.5' into maint-0.2.6
2017-02-07 08:39:07 -05:00
Nick Mathewson
05ec055c41
Merge branch 'maint-0.2.4' into maint-0.2.5
2017-02-07 08:38:59 -05:00
Nick Mathewson
51675f97d3
Merge remote-tracking branch 'public/bug17404_024' into maint-0.2.4
2017-02-07 08:37:07 -05:00
Nick Mathewson
da0d5ad983
Merge branch 'maint-0.2.5' into maint-0.2.6
2017-02-07 08:34:37 -05:00
Nick Mathewson
332543baed
Merge branch 'maint-0.2.4' into maint-0.2.5
2017-02-07 08:34:08 -05:00
Nick Mathewson
6cb8c0fd4e
Refine the memwipe() arguments check for 18089 a little more.
...
We still silently ignore
memwipe(NULL, ch, 0);
and
memwipe(ptr, ch, 0); /* for ptr != NULL */
But we now assert on:
memwipe(NULL, ch, 30);
2017-02-07 08:33:51 -05:00
teor (Tim Wilson-Brown)
fb7d1f41b4
Make memwipe() do nothing when passed a NULL pointer or zero size
...
Check size argument to memwipe() for underflow.
Closes bug #18089 . Reported by "gk", patch by "teor".
Bugfix on 0.2.3.25 and 0.2.4.6-alpha (#7352 ),
commit 49dd5ef3
on 7 Nov 2012.
2017-02-07 08:33:39 -05:00
Nick Mathewson
640b402232
Merge branch 'maint-0.2.4' into maint-0.2.5
2017-02-07 08:32:10 -05:00
John Brooks
053e11f397
Fix out-of-bounds read in INTRODUCE2 client auth
...
The length of auth_data from an INTRODUCE2 cell is checked when the
auth_type is recognized (1 or 2), but not for any other non-zero
auth_type. Later, auth_data is assumed to have at least
REND_DESC_COOKIE_LEN bytes, leading to a client-triggered out of bounds
read.
Fixed by checking auth_len before comparing the descriptor cookie
against known clients.
Fixes #15823 ; bugfix on 0.2.1.6-alpha.
2017-02-07 08:31:37 -05:00
Nick Mathewson
b928095afc
Rework 21359 changes file slightly.
2017-02-01 10:39:48 -05:00
rubiate
e9ec818c28
Support LibreSSL with opaque structures
...
Determining if OpenSSL structures are opaque now uses an autoconf check
instead of comparing the version number. Some definitions have been
moved to their own check as assumptions which were true for OpenSSL
with opaque structures did not hold for LibreSSL. Closes ticket 21359.
2017-02-01 10:30:49 -05:00