nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-28 06:13:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
mirror repository of the tor core protocol in case of issues
13,288 Commits 53 Branches 630 Tags 128 MiB
C 94.4%
Python 1.5%
C++ 1.1%
Shell 1.1%
M4 0.9%
Other 0.8%
8743080a28
Go to file
Nick Mathewson 8743080a28 Disable TLS Session Tickets, which we were apparently getting for free 
OpenSSL 1.0.0 added an implementation of TLS session tickets, a
"feature" that let session resumption occur without server-side state
by giving clients an encrypted "ticket" that the client could present
later to get the session going again with the same keys as before.
OpenSSL was giving the keys to decrypt these tickets the lifetime of
the SSL contexts, which would have been terrible for PFS if we had
long-lived SSL contexts.  Fortunately, we don't.  Still, it's pretty
bad.  We should also drop these, since our use of the extension stands
out with our non-use of session cacheing.

Found by nextgens. Bugfix on all versions of Tor when built with
openssl 1.0.0 or later.  Fixes bug 7139.
2012-10-19 00:54:51 -04:00
changes Disable TLS Session Tickets, which we were apparently getting for free 2012-10-19 00:54:51 -04:00
contrib remove absolute path from contrib/package_nsis-mingw.sh in order to make it easier to automatically build tor expert bundle 2011-10-31 00:52:52 +00:00
doc Clarify MaxCircuitDirtiness behavior with hidden services. Bug 5259. 2012-05-15 11:22:06 -04:00
src Disable TLS Session Tickets, which we were apparently getting for free 2012-10-19 00:54:51 -04:00
.gitignore Remove everything related to os x expert package 2010-11-10 04:04:29 +01:00
acinclude.m4 Fix warnings with new versions of autoconf 2010-10-11 12:36:02 +02:00
autogen.sh r14641@catbus: nickm | 2007-08-17 17:53:14 -0400 2007-08-17 21:55:24 +00:00
ChangeLog pick a more accurate release date 2010-11-22 22:44:20 -05:00
configure.in Build with warnings and clang 3.0 2011-12-13 07:43:53 +01:00
Doxyfile.in Fix up all doxygen warnings other than "foo is not documented" 2011-03-16 14:47:27 -04:00
INSTALL we changed autogen.sh's behavior, so update the INSTALL file 2008-01-23 19:08:53 +00:00
LICENSE Bump copyright statements to 2011 2011-01-03 11:50:39 -05:00
Makefile.am Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-01-03 17:24:32 -05:00
README we have two faqs for now 2010-02-22 00:41:48 -05:00
ReleaseNotes put the 0.2.1.30 changes into releasenotes 2011-03-11 17:38:55 -05:00
tor.spec.in Update rpm spec file so that it will build without manual intervention on all rpm-based distributions 2010-09-30 21:48:29 -04:00

README 

Tor protects your privacy on the internet by hiding the connection
between your Internet address and the services you use. We believe Tor
is reasonably secure, but please ensure you read the instructions and
configure it properly.

To build Tor from source:
        ./configure && make && make install

Home page:
        https://www.torproject.org/

Download new versions:
        https://www.torproject.org/download.html

Documentation, including links to installation and setup instructions:
        https://www.torproject.org/documentation.html

Making applications work with Tor:
        https://wiki.torproject.org/noreply/TheOnionRouter/TorifyHOWTO

Frequently Asked Questions:
        https://www.torproject.org/faq.html
        https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ