nihilist/tor: mirror repository of the tor core protocol in case of issues - tor

mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-23 20:03:31 +01:00

mirror repository of the tor core protocol in case of issues

Go to file

Mike Perry cc52f7e5b7 Bug 40897 Bug Bounty: Double the number of max conflux circs We strongly suspect that bug 40897 was caused by a custom Tor client that tried to use more than the default number of conflux circuits, for either performance or traffic analysis defense gains, or both. This entity hit a safety check on the exit side, which caused a UAF. Our "belt and suspenders" snapped off, and hit us in the face... again... Since there are good reasons to try more than 2 conflux legs, and research has found some traffic analysis benefits with as many as 5, we're going to raise and parameterize this limit as a form of bug bounty for finding this UAF, so that this entity can try out a little more confluxing. This should also make it easier for researchers to try things like gathering traces with larger amounts of confluxing than normal, to measure real-world traffic analysis impacts of conflux. Shine on, you yoloing anonymous diamond. Let us know if you find out anything interesting!		2023-12-07 18:37:30 +00:00
.gitlab/issue_templates	Remove Proposal.md.	2021-02-12 20:39:48 +00:00
changes	fallbackdir: Update list generated on November 09, 2023	2023-11-09 09:23:59 -05:00
contrib	version: Bump version to 0.4.8.9-dev	2023-11-09 10:10:33 -05:00
doc	Include a basic Rust wrapper for Equi-X and HashX	2023-07-26 12:27:15 -07:00
m4	added check for compiler support of Wextra-semi	2022-11-01 15:32:43 -06:00
scripts	ci-driver: fix running doxygen and stem tests on 0.4.8	2023-09-14 21:55:20 +02:00
src	Bug 40897 Bug Bounty: Double the number of max conflux circs	2023-12-07 18:37:30 +00:00
.appveyor.yml	CI: Remove VS2015 AppVeyor build	2020-08-12 14:09:32 +03:00
.clang-format	Add a dire warning about not reformatting the whole codebase yet.	2020-02-12 18:52:35 -05:00
.editorconfig	Add .editorconfig to follow coding standards style	2018-06-17 19:24:40 -04:00
.gitignore	cargo: Move lockfile to root and update	2023-08-15 09:52:30 -07:00
.gitlab-ci.yml	Merge branch 'maint-0.4.7' into maint-0.4.8	2023-09-18 09:08:57 -04:00
.travis.yml	rust: Remove Rust support from tree	2021-10-06 15:12:04 -04:00
acinclude.m4	m4: Change LIBS order of TOR_SEARCH_LIBRARY()	2021-01-13 09:52:10 -05:00
autogen.sh	Cleanup shellcheck warnings in autogen.sh	2019-01-18 13:49:30 +02:00
Cargo.lock	cargo: Move lockfile to root and update	2023-08-15 09:52:30 -07:00
Cargo.toml	cargo: Add geoip db tool to top level workspace	2023-08-04 09:55:26 -04:00
ChangeLog	ChangeLog and ReleaseNotes for 0.4.8.4 stable	2023-08-23 10:12:54 -04:00
CODE_OF_CONDUCT	Add CODE_OF_CONDUCT file	2018-07-05 11:22:33 +03:00
configure.ac	version: Bump version to 0.4.8.9-dev	2023-11-09 10:10:33 -05:00
CONTRIBUTING	Add CODE_OF_CONDUCT file	2018-07-05 11:22:33 +03:00
Doxyfile.in	Remove last artifacts of Rust related code	2021-10-06 15:12:04 -04:00
INSTALL	Remove old instructions from INSTALL	2018-07-03 16:34:52 +03:00
LICENSE	Merge branch 'maint-0.3.5' into maint-0.4.4	2021-03-12 11:36:34 -05:00
Makefile.am	Merge branch 'maint-0.4.7'	2023-06-19 08:09:45 -04:00
README.md	readme: Fix sentence in Releases section	2022-03-09 14:13:34 -05:00
ReleaseNotes	ChangeLog and ReleaseNotes for 0.4.8.4 stable	2023-08-23 10:12:54 -04:00
warning_flags.in	Try @warning_flags to avoid bloating verbose make logs	2018-12-21 10:00:23 -05:00

README.md

Tor protects your privacy on the internet by hiding the connection between your Internet address and the services you use. We believe Tor is reasonably secure, but please ensure you read the instructions and configure it properly.

Build

To build Tor from source:

./configure
make
make install

To build Tor from a just-cloned git repository:

./autogen.sh
./configure
make
make install

Releases

The tarballs, checksums and signatures can be found here: https://dist.torproject.org

Checksum: <tarball-name>.sha256sum
Signatures: <tarball-name>.sha256sum.asc

Schedule

You can find our release schedule here:

https://gitlab.torproject.org/tpo/core/team/-/wikis/NetworkTeam/CoreTorReleases

Keys that CAN sign a release

The following keys are the maintainers of this repository. One or many of these keys can sign the releases, do NOT expect them all:

Alexander Færøy: 514102454D0A87DB0767A1EBBE6A0531C18A9179
David Goulet: B74417EDDF22AC9F9E90F49142E86A2A11F48D36
Nick Mathewson: 2133BC600AB133E1D826D173FE43009C4607B1FB

Development

See our hacking documentation in doc/HACKING/.

Resources

Home page:

https://www.torproject.org/

Download new versions:

https://www.torproject.org/download/download.html

Documentation, including links to installation and setup instructions:

https://www.torproject.org/docs/documentation.html

Frequently Asked Questions:

https://www.torproject.org/docs/faq.html