nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-14 15:23:27 +01:00
Code Issues Packages Projects Releases Wiki Activity
18,852 Commits 53 Branches 630 Tags 125 MiB
aeb299ba6d
Commit Graph

3066 Commits

Author SHA1 Message Date
Nick Mathewson
9ca329581a Merge branch 'maint-0.2.4' into maint-0.2.5 
Conflicts:
	src/or/config.c
 2016-01-07 09:40:23 -08:00
teor (Tim Wilson-Brown)
11f63d26ac Update dannenberg's V3 authority identity fingerprint 
This new identity key was changed on 18 November 2015.
 2016-01-07 09:39:04 -08:00
Nick Mathewson
ae223138fb Merge branch 'maint-0.2.4' into maint-0.2.5 2016-01-07 09:13:54 -08:00
Karsten Loesing
1496056c12 Update geoip and geoip6 to the January 5 2016 database. 2016-01-07 11:10:37 +01:00
Nick Mathewson
c3d11b119d Merge branch 'maint-0.2.4' into maint-0.2.5 2015-12-08 10:20:14 -05:00
Arlo Breault
5138f5ca69 Ensure node is a guard candidate when picking a directory guard 2015-12-08 09:49:01 -05:00
Nick Mathewson
4328525770 Merge branch 'maint-0.2.4' into maint-0.2.5 2015-12-08 09:38:48 -05:00
Nick Mathewson
b0867fec96 Fix a compilation warning introduced by clang 3.6 
There was a dead check when we made sure that an array member of a
struct was non-NULL.  Tor has been doing this check since at least
0.2.3, maybe earlier.

Fixes bug 17781.
 2015-12-08 09:37:05 -05:00
Nick Mathewson
e8e89fd7a1 Merge branch 'maint-0.2.4' into maint-0.2.5 2015-12-07 10:10:21 -05:00
Karsten Loesing
dbb919cf94 Update geoip and geoip6 to the December 1 2015 database. 2015-12-05 17:02:59 +01:00
Nick Mathewson
35bf07b8d6 Check for len < 4 in dn_indicates_v3_cert 
Without this check, we potentially look up to 3 characters before
the start of a malloc'd segment, which could provoke a crash under
certain (weird afaik) circumstances.

Fixes 17404; bugfix on 0.2.6.3-alpha.
 2015-10-21 11:44:43 -04:00
Nick Mathewson
3569cffe14 Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 2015-10-09 10:12:59 -04:00
Karsten Loesing
62b02a1941 Update geoip and geoip6 to the October 9 2015 database. 2015-10-09 15:27:55 +02:00
Nick Mathewson
809217e6f3 Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 2015-09-24 10:06:00 -04:00
Karsten Loesing
8b3e0b7729 Update geoip and geoip6 to the September 3 2015 database. 2015-09-24 15:08:15 +02:00
Nick Mathewson
01bb260f31 Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 2015-07-29 10:47:07 -04:00
Karsten Loesing
7004d67430 Update geoip and geoip6 to the July 8 2015 database. 2015-07-29 15:49:04 +02:00
Nick Mathewson
fd082c394b Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 2015-06-25 11:43:04 -04:00
Nick Mathewson
fde4199e1c Merge remote-tracking branch 'karsten/geoip6-jun2015' into maint-0.2.4 2015-06-25 11:42:47 -04:00
Nick Mathewson
cb8c5c023f Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2015-06-25 11:42:31 -04:00
teor
75388f67c0 Correctly handle failed crypto_early_init 
If crypto_early_init fails, a typo in a return value from tor_init
means that tor_main continues running, rather than returning
an error value.

Fixes bug 16360; bugfix on d3fb846d8c in 0.2.5.2-alpha,
introduced when implementing #4900.

Patch by "teor".
 2015-06-17 09:18:32 -04:00
Karsten Loesing
08e14e1448 Update geoip6 to the June 3 2015 database. 2015-06-09 16:28:48 +02:00
Karsten Loesing
e5907e94c2 Update geoip to the June 3 2015 database. 2015-06-09 16:26:10 +02:00
John Brooks
2b27ce52d2 Fix out-of-bounds read in INTRODUCE2 client auth 
The length of auth_data from an INTRODUCE2 cell is checked when the
auth_type is recognized (1 or 2), but not for any other non-zero
auth_type. Later, auth_data is assumed to have at least
REND_DESC_COOKIE_LEN bytes, leading to a client-triggered out of bounds
read.

Fixed by checking auth_len before comparing the descriptor cookie
against known clients.

Fixes #15823; bugfix on 0.2.1.6-alpha.
 2015-05-05 15:05:32 -04:00
Nick Mathewson
6c7720ed49 Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 2015-04-27 14:16:55 -04:00
Nick Mathewson
efae1bcef6 Merge remote-tracking branch 'karsten/geoip6-apr2015' into maint-0.2.4 2015-04-27 14:15:58 -04:00
Nick Mathewson
609cdec112 Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2015-04-27 14:15:44 -04:00
Karsten Loesing
b5f6495876 Update geoip6 to the April 8 2015 database. 2015-04-24 17:51:36 +02:00
Karsten Loesing
bcc0a48cfe Update geoip to the April 8 2015 database. 2015-04-24 17:49:45 +02:00
Nick Mathewson
fe69a7e1d7 Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 2015-04-06 09:25:37 -04:00
Nick Mathewson
7451b4cafe Changes file for bug15601 2015-04-06 09:24:16 -04:00
Yawning Angel
49ddd92c11 Validate the RSA key size received when parsing INTRODUCE2 cells. 
Fixes bug 15600; reported by skruffy
 2015-04-06 09:18:17 -04:00
Nick Mathewson
3781955f07 Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 2015-04-03 09:38:54 -04:00
Nick Mathewson
01e4bc80cd Merge branch 'bug15515_024' into maint-0.2.4 2015-04-03 09:36:59 -04:00
George Kadianakis
8dba8a088d Block multiple introductions on the same intro circuit. 2015-04-03 09:35:47 -04:00
Nick Mathewson
9063f29160 Revert "Make TransProxyType ipfw work correctly" 
This reverts commit 681802817d.

(I didn't mean to backport this, but somehow I had based my branch
for #15205 on it.)
 2015-03-12 12:49:08 -04:00
Nick Mathewson
eecd410984 Merge remote-tracking branch 'public/bug15205_025' into maint-0.2.5 2015-03-12 12:27:25 -04:00
Nick Mathewson
306f2f0eff Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 2015-03-09 16:24:44 -04:00
Nick Mathewson
220e9be095 Merge remote-tracking branch 'karsten/geoip6-mar2015' into maint-0.2.4 2015-03-09 16:24:07 -04:00
Nick Mathewson
5588e677bd Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2015-03-09 16:23:55 -04:00
Karsten Loesing
62714068d9 Update geoip6 to the March 3 2015 database. 2015-03-09 21:11:52 +01:00
Karsten Loesing
beda8d2934 Update geoip to the March 3 2015 database. 2015-03-09 21:09:44 +01:00
Nick Mathewson
24c031b1a2 Don't use checked strl{cat,cpy} on OSX. 
There is a bug in the overlap-checking in strlcat that can crash Tor
servers.  Fixes bug 15205; this is an OSX bug, not a Tor bug.
 2015-03-09 15:09:49 -04:00
Nick Mathewson
448bd22092 Merge remote-tracking branch 'public/bug14261_025' into maint-0.2.5 2015-03-09 13:17:20 -04:00
Nick Mathewson
62631904cb GETINFO bw-event-cache to get information on recent BW events 
Closes 14128; useful to regain functionality lost because of 13988.
 2015-03-09 13:13:56 -04:00
Nick Mathewson
e3408248b9 Merge remote-tracking branch 'public/bug13988_025' into maint-0.2.5 2015-03-09 13:12:54 -04:00
Nick Mathewson
410ce4cb49 Merge remote-tracking branch 'public/bug15088_025' into maint-0.2.5 2015-03-09 13:09:50 -04:00
Nick Mathewson
1a7419c3df Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 2015-03-09 11:09:30 -04:00
Nick Mathewson
6704e18dd2 Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2015-03-09 11:08:57 -04:00
Nick Mathewson
addffcc14d Adjust changes header 2015-03-09 11:07:50 -04:00
Nick Mathewson
681802817d Make TransProxyType ipfw work correctly 
Fixes bug 15064; bugfix on 0.2.5.4-alpha.
 2015-03-04 12:25:52 +01:00
Nick Mathewson
d5b2cbea10 Add wait4 to the seccomp2 sandbox allowable syscall list 
fixes bug 15088. patch from sanic.
 2015-03-04 12:18:10 +01:00
Nick Mathewson
81a994ce77 Make the assert related to 15083 a tiny bit more tolerant 2015-03-03 22:25:26 +01:00
Nick Mathewson
71ee53fe9b Do not leave empty, invalid chunks in buffers during buf_pullup 
This fixes an assertion failure bug in 15083; bugfix on 0.2.0.10-alpha.

Patch from 'cypherpunks'
 2015-03-03 22:21:41 +01:00
Nick Mathewson
2bcb596dcf Merge remote-tracking branch 'public/bug14129_024' into maint-0.2.4 2015-02-24 13:23:44 -05:00
Nick Mathewson
1525eeeb49 Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 2015-02-20 01:04:49 -05:00
Sina Rabbani
8e61d38cf1 Faravahar's New IP Address as of 2/20/2015 2015-02-16 11:51:36 -05:00
Nick Mathewson
7cbdec578b Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 2015-01-23 08:52:55 -05:00
Nick Mathewson
df4c484021 Merge remote-tracking branch 'karsten/geoip6-jan2015' into maint-0.2.4 2015-01-23 08:52:35 -05:00
Nick Mathewson
dbd5a9a8f9 Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2015-01-23 08:52:20 -05:00
Karsten Loesing
a9ce0cd659 Update geoip6 to the January 7 2015 database. 2015-01-22 09:58:29 +01:00
Karsten Loesing
c3f8f5ab0e Update geoip to the January 7 2015 database. 2015-01-22 09:56:54 +01:00
Nick Mathewson
ceb6dee465 Increase limit for status vote download size by a factor of 5. 
We've started to hit the limit here.  We introduced the limit in
0.1.2.5-alpha.  This fixes bug 14261, but we should have a smarter way
to not actually do the behavior this permits.  See #14267 for a ticket
about fixing that.
 2015-01-18 15:25:29 -05:00
Nick Mathewson
746bb55851 Ignore warning for redundant decl in openssl/srtp.h 
Backports some commits from tor master.
 2015-01-15 12:38:08 -05:00
Nick Mathewson
f2fb85f970 Remove needless strdup in addressmap_register_virtual_address() 
Fixes bug 14195. Bugfix on 0.1.0.1-rc.
 2015-01-13 12:24:42 -05:00
Nick Mathewson
c9dd2d1a6a Merge remote-tracking branch 'public/bug14129_024' into maint-0.2.5 2015-01-12 00:59:29 -05:00
teor
b08cfc65a7 Don't crash on torrc Vi[rtualAddrNetworkIPv[4|6]] with no option value 
Check for a missing option value in parse_virtual_addr_network
before asserting on the NULL in tor_addr_parse_mask_ports.
This avoids crashing on torrc lines like Vi[rtualAddrNetworkIPv[4|6]]
when no value follows the option.

Bugfix on 0.2.3 (de4cc126cb on 24 November 2012), fixes #14142.
 2015-01-11 11:05:00 -05:00
Nick Mathewson
905287415b Avoid attempts to double-remove edge connections from the DNS resolver. 
Also, avoid crashing when we attempt to double-remove an edge
connection from the DNS resolver: just log a bug warning instead.

Fixes bug 14129.  Bugfix on 0d20fee2fb, which was in 0.0.7rc1.

jowr found the bug.  cypherpunks wrote the fix.  I added the log
message and removed the assert.
 2015-01-08 11:00:21 -05:00
Sebastian Hahn
2b9d48791d Enlarge the buffer for a line in a bw file 2015-01-07 12:44:16 +01:00
Nick Mathewson
184a2dbbdd whoops; missing changes file for 14013 2014-12-23 10:55:25 -05:00
Nick Mathewson
6830667d58 Increase bandwidth usage report interval to 4 hours. 2014-12-22 12:24:13 -05:00
Nick Mathewson
5b55778c86 Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 2014-11-24 09:19:06 -05:00
Nick Mathewson
137982f955 Merge remote-tracking branch 'karsten/geoip6-nov2014' into maint-0.2.4 2014-11-24 09:18:36 -05:00
Nick Mathewson
8d5f1e6961 Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2014-11-24 09:18:21 -05:00
Karsten Loesing
5441c733e0 Update geoip6 to the November 15 2014 database. 2014-11-24 14:23:18 +01:00
Karsten Loesing
8611c6bccd Update geoip to the November 15 2014 database. 2014-11-24 14:21:31 +01:00
Nick Mathewson
6c146f9c83 Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 
Conflicts:
	src/or/config.c
 2014-11-12 15:30:11 -05:00
Sebastian Hahn
0493db4adb Add changes file for #13926 2014-11-12 15:25:52 -05:00
Nick Mathewson
fd8f21e730 Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 2014-10-19 15:40:07 -04:00
Nick Mathewson
403c6ae78e Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2014-10-19 15:39:48 -04:00
Nick Mathewson
c1dd598df8 Note that our #13426 fix is also a #13471 fix. 
See also http://marc.info/?l=openssl-dev&m=141357408522028&w=2
 2014-10-19 15:38:44 -04:00
Nick Mathewson
ab4b29625d Downgrade 'unexpected sendme cell from client' to PROTOCOL_WARN 
Closes 8093.
 2014-10-16 13:04:11 -04:00
Nick Mathewson
22b9caf0ae Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 2014-10-16 09:08:52 -04:00
Nick Mathewson
943fd4a252 Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2014-10-16 09:08:32 -04:00
Nick Mathewson
c1c83eb376 Merge branch 'no_sslv3_023' into maint-0.2.3 2014-10-16 09:08:09 -04:00
Nick Mathewson
af73d3e4d8 Disable SSLv3 unconditionally. Closes ticket 13426. 
The POODLE attack doesn't affect Tor, but there's no reason to tempt
fate: SSLv3 isn't going to get any better.
 2014-10-15 11:50:05 -04:00
Nick Mathewson
d315b8e8bc Merge remote-tracking branch 'public/bug13325_024' into maint-0.2.5 2014-10-03 19:57:41 -04:00
Nick Mathewson
d1fa0163e5 Run correctly on OpenBSD systems without SSL_METHOD.get_cipher_by_char 
Also, make sure we will compile correctly on systems where they
finally rip it out.

Fixes issue #13325.  Caused by this openbsd commit:

   ​http://marc.info/?l=openbsd-cvs&m=140768179627976&w=2

Reported by Fredzupy.
 2014-10-03 12:15:09 -04:00
Nick Mathewson
09951bea7f Don't use the getaddrinfo sandbox cache from tor-resolve 
Fixes bug 13295; bugfix on 0.2.5.3-alpha.

The alternative here is to call crypto_global_init() from tor-resolve,
but let's avoid linking openssl into tor-resolve for as long as we
can.
 2014-09-29 12:57:07 -04:00
Roger Dingledine
87576e826f Merge branch 'maint-0.2.4' into maint-0.2.5 
Conflicts:
	src/or/config.c
 2014-09-20 16:50:32 -04:00
Roger Dingledine
288b3ec603 Merge branch 'maint-0.2.3' into maint-0.2.4 2014-09-20 16:49:24 -04:00
Sebastian Hahn
0eec8e2aa5 gabelmoo's IPv4 address changed 2014-09-20 16:46:02 -04:00
Nick Mathewson
be0e26272b Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 2014-09-16 11:10:02 -04:00
Roger Dingledine
0c3b3650aa clients now send correct address for rendezvous point 
Clients now send the correct address for their chosen rendezvous point
when trying to access a hidden service. They used to send the wrong
address, which would still work some of the time because they also
sent the identity digest of the rendezvous point, and if the hidden
service happened to try connecting to the rendezvous point from a relay
that already had a connection open to it, the relay would reuse that
connection. Now connections to hidden services should be more robust
and faster. Also, this bug meant that clients were leaking to the hidden
service whether they were on a little-endian (common) or big-endian (rare)
system, which for some users might have reduced their anonymity.

Fixes bug 13151; bugfix on 0.2.1.5-alpha.
 2014-09-16 11:05:36 -04:00
Roger Dingledine
6215ebb266 Reduce log severity for unused ClientTransportPlugin lines 
Tor Browser includes several ClientTransportPlugin lines in its
torrc-defaults file, leading every Tor Browser user who looks at her
logs to see these notices and wonder if they're dangerous.

Resolves bug 13124; bugfix on 0.2.5.3-alpha.
 2014-09-11 08:02:37 -04:00
Nick Mathewson
3c2c6a6116 In routerlist_assert_ok(), check r2 before taking &(r2->cache_info) 
Technically, we're not allowed to take the address of a member can't
exist relative to the null pointer.  That makes me wonder how any sane
compliant system implements the offsetof macro, but let's let sleeping
balrogs lie.

Fixes 13096; patch on 0.1.1.9-alpha; patch from "teor", who was using
clang -fsanitize=undefined-trap -fsanitize-undefined-trap-on-error -ftrapv
 2014-09-10 23:48:11 -04:00
Nick Mathewson
a9b2e5eac6 Merge remote-tracking branch 'public/bug12908_025' into maint-0.2.5 2014-09-10 22:12:47 -04:00
Nick Mathewson
8eed82b3d4 Merge remote-tracking branch 'andrea/bug12160_025' into maint-0.2.5 2014-09-09 11:04:54 -04:00
Nick Mathewson
dd22ab519a Merge remote-tracking branch 'public/bug12700_024' into maint-0.2.5 2014-09-09 10:51:39 -04:00
Nick Mathewson
8391c96091 Clean up the MVSC nmake files so they work again. 
Fixes bug 13081; bugfix on 0.2.5.1-alpha. Patch from "NewEraCracker."
 2014-09-09 10:27:05 -04:00