Karsten Loesing
436f7106b4
Exclude Teredo IPv6 prefix from geoip6.
...
The latest GeoLite2 database includes a pointer from 2001::/32 to the root
node of the IPv4 address space in the tree. We need to exclude this whole
address space from geoip6, similar to how we exclude IPv4-mapped IPv6
addresses and the 6to4 mapping subnet.
2014-02-13 18:58:21 +01:00
Roger Dingledine
745434d29a
bump to 0.2.5.2-alpha
2014-02-13 04:06:36 -05:00
Roger Dingledine
f63b394d90
give 0.2.5.2-alpha a release blurb
2014-02-13 03:49:46 -05:00
Roger Dingledine
8028d8fded
fold in the changes files to the new 0.2.5.2-alpha changelog
2014-02-13 02:46:26 -05:00
Nick Mathewson
10d1b0b33e
Changes file for feature4900
2014-02-12 12:20:29 -05:00
Nick Mathewson
c1e98c8afe
Randomize the global siphash key at startup
...
This completes our conversion to using siphash for our hash functions.
2014-02-12 12:12:58 -05:00
Nick Mathewson
d3fb846d8c
Split crypto_global_init() into pre/post config
...
It's increasingly apparent that we want to make sure we initialize our
PRNG nice and early, or else OpenSSL will do it for us. (OpenSSL
doesn't do _too_ bad a job, but it's nice to do it ourselves.)
We'll also need this for making sure we initialize the siphash key
before we do any hashes.
2014-02-12 12:04:07 -05:00
Nick Mathewson
0e97c8e23e
Siphash-2-4 is now our hash in nearly all cases.
...
I've made an exception for cases where I'm sure that users can't
influence the inputs. This is likely to cause a slowdown somewhere,
but it's safer to siphash everything and *then* look for cases to
optimize.
This patch doesn't actually get us any _benefit_ from siphash yet,
since we don't really randomize the key at any point.
2014-02-12 11:32:10 -05:00
Nick Mathewson
f05820531a
csiphash: Add functions to take a global key.
2014-02-12 11:27:41 -05:00
Nick Mathewson
f51df9bb93
Tests for siphash, from reference implementation.
2014-02-12 10:58:03 -05:00
Nick Mathewson
1bd86b69b6
csiphash: avoid unaligned access on non-x86
2014-02-12 10:57:46 -05:00
Nick Mathewson
9605978eb6
Get csiphash better integrated with our build system
2014-02-12 10:24:04 -05:00
Nick Mathewson
f4656c0cc9
Raw import of Marek Majkowski's cisphash.c
...
siphash is a hash function designed for producing hard-to-predict
64-bit outputs from short inputs and a 128-bit key. It's chosen for
security and speed.
See https://131002.net/siphash/ for more information on siphash.
Source: https://github.com/majek/csiphash/
2014-02-12 10:09:45 -05:00
Nick Mathewson
2c0088b8aa
Merge remote-tracking branch 'origin/maint-0.2.4'
2014-02-12 09:17:11 -05:00
Nick Mathewson
d6e6eaba60
Fix windows compilation of e0c8031516
...
There is no WSAEPERM; we were implying that there was.This fixes a
bug in e0c8031516
2014-02-12 09:16:22 -05:00
Karsten Loesing
74c2bff781
Remove remaining v0 hidden service descriptor code.
...
Fixes the rest of #10841 after #10881 already removed some hidden service
authority code.
2014-02-12 14:36:08 +01:00
Roger Dingledine
1ccc282122
add a missing word to the man page
2014-02-12 04:01:59 -05:00
Roger Dingledine
7c39bf0e44
go through and rewrite the changes files to be more user-facing
2014-02-12 03:59:59 -05:00
Nick Mathewson
0ee449ca92
Merge remote-tracking branch 'origin/maint-0.2.4'
2014-02-11 18:58:58 -05:00
Nick Mathewson
91d4bb0b00
Merge branch 'bug10777_netunreach_024' into maint-0.2.4
2014-02-11 18:57:55 -05:00
Nick Mathewson
0844a262a2
update changes file
2014-02-11 18:57:38 -05:00
Nick Mathewson
8836c1ee2f
Merge remote-tracking branch 'public/bug10777_nointernal_024' into maint-0.2.4
2014-02-11 18:55:26 -05:00
Nick Mathewson
c3720c05fa
Free leakable values in the unit tests.
...
Thanks, Coverity! (CID 1171414, 1171415, 1171416)
2014-02-11 18:10:33 -05:00
Nick Mathewson
10d4d3e2d5
Merge remote-tracking branch 'public/no_itime_queue_025'
2014-02-11 11:52:35 -05:00
Nick Mathewson
5e0cdc5ef2
Merge branch 'bug10881'
2014-02-11 11:42:06 -05:00
Nick Mathewson
0228b9bd4b
Tweak DirAuthority documentation
...
Per a comment from karsten, there is no longer v2 authority support,
so stop pretending there is. Also, fix a grammar error.x
2014-02-11 11:34:32 -05:00
Nick Mathewson
cb065a55bd
Merge remote-tracking branch 'karsten/one-dirauth'
2014-02-11 10:15:03 -05:00
Nick Mathewson
cb28fe486f
Merge remote-tracking branch 'public/bug10722'
2014-02-11 10:08:58 -05:00
Karsten Loesing
aae4ebf63f
Add changes file for ticket 10842.
...
This is a bugfix on 0.2.2.26-beta, because 6b83b3b
2014-02-11 08:51:28 +01:00
Nick Mathewson
c0483c7f85
Remove options for configuring HS authorities.
...
(There is no longer meaningfully any such thing as a HS authority,
since we stopped uploading or downloading v0 hs descriptors in
0.2.2.1-alpha.)
Implements #10881 , and part of #10841 .
2014-02-10 22:41:52 -05:00
Roger Dingledine
dd3f2f6332
fix trivial typo
2014-02-10 16:05:35 -05:00
Nick Mathewson
e0c8031516
make EACCES survivable too.
2014-02-10 15:06:10 -05:00
Nick Mathewson
5b55e0e181
Merge remote-tracking branch 'public/no_itime_queue'
...
The conflicts here were tricky, and required me to eliminate the
command-queue as well. That wasn't so hard.
Conflicts:
src/or/or.h
src/or/relay.c
2014-02-10 15:04:23 -05:00
Nick Mathewson
3133cde3c1
Excise the insertion_time_elem_t logic
...
It's now redundant with the inserted_time field in packed_cell_t
Fixes bug 10870.
2014-02-10 13:55:27 -05:00
Nick Mathewson
a73b0da653
Merge remote-tracking branch 'origin/maint-0.2.4'
2014-02-09 21:41:59 -05:00
Nick Mathewson
7f6aa780e3
Merge remote-tracking branch 'andrea/bug9602' into maint-0.2.4
2014-02-09 21:41:24 -05:00
Nick Mathewson
b15f75b632
Don't treat END_STREAM_REASON_INTERNAL as total circuit failure
...
It can happen because we sent something that got an ENETUNREACH
response.
Bugfix on 0.2.4.8-alpha; fixes a part of bug 10777.
2014-02-09 21:35:14 -05:00
Nick Mathewson
f5d32c08ba
Call ENETUNREACH a case of NOROUTE, not a case of INTERNAL.
...
Found by cypherpunks; fix for a part of bug 10777; bugfix on 0.1.0.1-rc.
2014-02-09 21:30:23 -05:00
Andrea Shepard
c330d63ff7
Make sure orconn->chan gets nulled out when channels exit from channel_free_all() too
2014-02-08 14:05:51 -08:00
Karsten Loesing
26dd328891
Update to the February 2014 GeoIP database.
2014-02-08 12:09:37 +01:00
Karsten Loesing
749ead79ad
Don't zero-pad day of the month.
2014-02-08 12:03:27 +01:00
Karsten Loesing
3bea0fff79
Add script to convert GeoLite2 country databases.
...
Copied over from https://github.com/nmathewson/mmdb-convert ,
commit 52f0d43408ed3a0fe7c3b2fa7099da7f6b7c4502.
2014-02-08 11:56:54 +01:00
Karsten Loesing
becc3d5b4e
Remove script to clean up GeoLite country databases.
2014-02-08 11:56:27 +01:00
Karsten Loesing
ebe7e22045
Suppress warning in networks with only 1 dirauth.
2014-02-08 11:02:27 +01:00
Nick Mathewson
a0577aacb4
Merge remote-tracking branch 'origin/maint-0.2.4'
2014-02-07 17:41:41 -05:00
Nick Mathewson
9bb34aa897
Survive fedora's openssl in our benchmarks
...
Apparently fedora currently has ECDH but not P224. This isn't a huge
deal, since we no longer use OpenSSL's P224 ever (see #9780 and
72c1e5acfe
2014-02-07 17:36:11 -05:00
Nick Mathewson
fdf68479b0
Explain CURVE25519_ENABLED: closes 9774
2014-02-07 16:16:56 -05:00
Nick Mathewson
aa3c8c1397
Use the right functions; strncpy is usually not the answer
2014-02-07 12:25:49 -05:00
Nick Mathewson
f1682a615f
Merge remote-tracking branch 'houqp/hs_control_fix'
2014-02-07 12:22:56 -05:00
Nick Mathewson
040b478692
Remove a needless check in channel_tls_handle_incoming
...
This patch removes an "if (chan)" that occurred at a place where
chan was definitely non-NULL. Having it there made some static
analysis tools conclude that we were up to shenanigans.
This resolves #9979 .
2014-02-07 12:01:16 -05:00
