Nick Mathewson
af54a01828
Kill non-open OR connections with any data on their inbufs.
...
This fixes a DoS issue where a client could send so much data in 5
minutes that they exhausted the server's RAM. Fix for bug 5934 and
6007. Bugfix on 0.2.0.20-rc, which enabled the v2 handshake.
2012-06-04 11:29:18 -04:00
Nick Mathewson
3a9351b57e
Fix more clang format-nonliteral warnings (bug 5969)
2012-05-30 23:59:49 -04:00
Nick Mathewson
e284894672
Add __attribute__(format)s for our varargs printf/scanf wrappers
...
It turns out that if you set the third argument of
__attribute__(format) to 0, GCC and Clang will check the format
argument without expecting to find variadic arguments. This is the
correct behavior for vsnprintf, vasprintf, and vscanf.
I'm hoping this will fix bug 5969 (a clang warning) by telling clang that
the format argument to tor_vasprintf is indeed a format string.
2012-05-30 12:14:38 -04:00
Nick Mathewson
75fc4dbbca
Make the succeeding parse_http_time tests more obviously right
...
(When the correct answer is given in terms of seconds since the
epoch, it's hard to be sure that it really is the right answer
just by reading the code.)
2012-05-16 12:19:56 -04:00
Nick Mathewson
dd749798a4
Merge branch 'bug5346_squashed' into maint-0.2.2
2012-05-16 12:15:35 -04:00
Sebastian Hahn
679aa93e23
Fix month check in parse_http_time, add test
2012-05-16 12:15:13 -04:00
Nick Mathewson
801923ac21
Remove more dubiosity in struct tm handling. related to bug5346
2012-05-16 12:15:08 -04:00
Nick Mathewson
7ae798ac38
changes file for branch bug5346
2012-05-16 12:14:48 -04:00
Nick Mathewson
1abe533b33
Reject an additional type of bad date in parse_http_time
2012-05-16 12:14:48 -04:00
Esteban Manchado Velázquez
d0d9c3d71e
Fix parse_http_time and add tests
...
* It seems parse_http_time wasn't parsing correctly any date with commas (RFCs
1123 and 850). Fix that.
* It seems parse_http_time was reporting the wrong month (they start at 0, not
1). Fix that.
* Add some tests for parse_http_time, covering all three formats.
2012-05-16 12:14:48 -04:00
Nick Mathewson
3ed4c5dc05
Correct the bulletproofing of routerlist_insert()
...
The original code updated some variables, but forgot to remove a
replaced old-routerdesc from rl->old_routers.
Related to bug 1776.
2012-05-16 10:51:02 -04:00
Nick Mathewson
8e07798284
Clarify MaxCircuitDirtiness behavior with hidden services. Bug 5259.
2012-05-15 11:22:06 -04:00
Nick Mathewson
5905a0b2db
Merge branch 'bug5796_022_squashed' into maint-0.2.2
2012-05-15 10:04:49 -04:00
Nick Mathewson
f2a6eedded
Fix a crash bug on SETCIRCUITPURPOSE.
2012-05-15 10:03:10 -04:00
Nick Mathewson
0be946c693
Merge remote-tracking branch 'karsten/geoip-may2012' into maint-0.2.2
2012-05-15 10:00:51 -04:00
Roger Dingledine
436654ee96
fix over-wide line from f661747370
2012-05-10 17:46:19 -04:00
Nick Mathewson
79c4c8195a
Merge branch 'bug5786_range_022' into maint-0.2.2
2012-05-10 15:38:57 -04:00
Ravi Chandra Padmala
5bbf04dc97
Add changes/bug5760
2012-05-10 12:55:33 +05:30
Ravi Chandra Padmala
f661747370
Add missing CRLFs to AUTHCHALLENGE failure replies
...
Fix #5760
2012-05-10 11:13:09 +05:30
Nick Mathewson
9b344628ed
Handle out-of-range values in tor_parse_* integer functions
...
The underlying strtoX functions handle overflow by saturating and
setting errno to ERANGE. If the min/max arguments to the
tor_parse_* functions are equal to the minimum/maximum of the
underlying type, then with the old approach, we wouldn't treat a
too-large value as genuinely broken.
Found this while looking at bug 5786; bugfix on 19da1f36
2012-05-07 12:25:59 -04:00
Karsten Loesing
24731ce6a7
Update to the May 2012 GeoIP database.
2012-05-07 12:50:47 +02:00
Nick Mathewson
f6afd4efa6
Fix a log-uninitialized-buffer bug.
...
Fix for 5647; bugfix on 0.2.1.5-alpha.
2012-04-18 23:02:09 -04:00
George Kadianakis
2d276ab9d9
rend_service_introduce(): do protocol violation check before anything else.
...
(Cherry-picked from 6ba13e4 by nickm)
2012-04-18 22:26:06 -04:00
Nick Mathewson
86c4b750da
Merge branch 'bug5593' into maint-0.2.2
2012-04-11 10:04:31 -04:00
Karsten Loesing
b395b59353
Update to the April 2012 GeoIP database.
2012-04-11 14:15:49 +02:00
Nick Mathewson
dd3f4f1bdb
Include a Host: header with any HTTP/1.1 proxy request
...
Bugfix on 0.2.2.1-alpha, which added the orginal HTTP proxy
authentication code. Fix for bug 5593.
2012-04-10 12:00:20 -04:00
Nick Mathewson
439fc704f1
Wrap long line; strlen("ides")<strlen("turtles").
2012-04-04 21:05:19 -04:00
Sebastian Hahn
b24487d106
ides has become turtles, and gotten a new IP address
...
As per ticket 5569
2012-04-05 01:53:04 +02:00
Roger Dingledine
5fed1ccd90
put a _ before or_options_t elements that aren't configurable
...
it's fine with me if we change the current convention, but we should
actually decide to change it if we want to.
2012-04-01 15:59:38 -04:00
Roger Dingledine
40ab832c4e
BridgePassword was never for debugging
...
It is for the not-yet-implemented bridge community design.
2012-04-01 15:59:00 -04:00
Nick Mathewson
9a69c24150
Do not use strcmp() to compare an http authenticator to its expected value
...
This fixes a side-channel attack on the (fortunately unused!)
BridgePassword option for bridge authorities. Fix for bug 5543;
bugfix on 0.2.0.14-alpha.
2012-04-01 00:42:04 -04:00
Nick Mathewson
9740f067c4
Safe cookie authentication gets a changes file
2012-03-26 14:06:27 -04:00
Nick Mathewson
6dcbfec82d
Merge remote-tracking branch 'rransom-tor/safecookie-022-v3' into maint-0.2.2
2012-03-26 14:03:29 -04:00
Nick Mathewson
650e2aac46
Merge commit 'a5704b1c624c9a808f52f3a125339f00e2b9a378' into maint-0.2.2
2012-03-26 13:59:49 -04:00
Nick Mathewson
ec1bc8a979
Use a given name in the bug5090 message, at its holder's request.
2012-03-09 14:50:46 -05:00
Nick Mathewson
99bd5400e8
Never choose a bridge as an exit. Bug 5342.
2012-03-09 14:27:50 -05:00
Nick Mathewson
8abfcc0804
Revise "sufficient exit nodes" check to work with restrictive ExitNodes
...
If you set ExitNodes so that only 1 exit node is accepted, the
previous patch would have made you unable to build circuits.
2012-03-09 14:23:23 -05:00
Nick Mathewson
a574f7f3fe
Merge branch 'bug5343' into maint-0.2.2
2012-03-09 13:54:04 -05:00
Nick Mathewson
31f253ae6a
Oops; credit bug5090 patch to flupzor. estebanm only found the bug.
2012-03-09 11:54:27 -05:00
Nick Mathewson
be0535f00b
Correctly handle broken escape sequences in torrc values
...
Previously, malformatted torrc values could crash us.
Patch by Esteban Manchado. Fixes bug 5090; fix on 0.2.0.16-alpha.
2012-03-09 11:50:22 -05:00
Nick Mathewson
ec8a06c5a1
Require a threshold of exit nodes before building circuits
...
This mitigates an attack proposed by wanoskarnet, in which all of a
client's bridges collude to restrict the exit nodes that the client
knows about. Fixes bug 5343.
2012-03-08 15:42:54 -05:00
Sebastian Hahn
fe50b676bc
Fix compile warnings in openbsd malloc
2012-03-08 19:28:59 +01:00
Nick Mathewson
9d5d3a7fd4
Merge remote-tracking branch 'karsten/geoip-march2012' into maint-0.2.2
2012-03-08 10:50:03 -05:00
Karsten Loesing
c5d7ee714f
Update to the March 2012 GeoIP database.
2012-03-08 09:35:15 +01:00
Roger Dingledine
e21756908f
new ip address for maatuska
2012-02-29 13:22:41 -05:00
Robert Ransom
e111e371b4
Implement 'safe cookie authentication'
2012-02-22 05:46:09 -08:00
Nick Mathewson
a5704b1c62
Add a sha256 hmac function, with tests
...
(cherry picked from commit fdbb9cdf74
2012-02-22 05:46:08 -08:00
Sebastian Hahn
8ce6722d76
Properly protect paths to sed, sha1sum, openssl
...
in Makefile.am, we used it without quoting it, causing build failure if
your openssl/sed/sha1sum happened to live in a directory with a space in
it (very common on windows)
2012-02-10 20:12:03 +01:00
Nick Mathewson
c8b855082b
Downgrade "missing a certificate" from notice to info
...
It was apparently getting mistaken for a problem, even though it was
at notice.
Fixes 5067; fix on 0.2.0.10-alpha.
2012-02-10 12:01:56 -05:00
Nick Mathewson
2da0efb547
Use correct CVE number for CVE-2011-4576. Found by fermenthor. bug 5066
2012-02-10 10:55:39 -05:00
