Commit c2d5ec5e authored by Nick Mathewson's avatar Nick Mathewson
Browse files

Merge branch 'maint-0.4.2' into bug40076_042

parents c4742b89 cdb0e6c2
o Minor bugfixes (testing, windows):
- Fix a test failure caused by an unexpected bug warning in
our test for tor_gmtime_r(-1). Fixes bug 29922;
bugfix on
o Minor bugfixes (CI):
- Terminate test-stem if it takes more than 9.5 minutes to run.
(Travis terminates the job after 10 minutes of no output.)
Diagnostic for 29437. Fixes bug 30011; bugfix on
o Minor bugfixes (TLS protocol, integration tests):
- When classifying a client's selection of TLS ciphers, if the client
ciphers are not yet available, do not cache the result. Previously,
we had cached the unavailability of the cipher list and never looked
again, which in turn led us to assume that the client only supported
the ancient V1 link protocol. This, in turn, was causing Stem
integration tests to stall in some cases.
Fixes bug 30021; bugfix on
o Minor bugfixes (security):
- Fix a potential double free bug when reading huge bandwidth files. The
issue is not exploitable in the current Tor network because the
vulnerable code is only reached when directory authorities read bandwidth
files, but bandwidth files come from a trusted source (usually the
authorities themselves). Furthermore, the issue is only exploitable in
rare (non-POSIX) 32-bit architectures which are not used by any of the
current authorities. Fixes bug 30040; bugfix on Bug found
and fixed by Tobias Stoeckmann.
o Minor bugfixes (hardening):
- Verify in more places that we are not about to create a buffer
with more than INT_MAX bytes, to avoid possible OOB access in the event
of bugs. Fixes bug 30041; bugfix on Found and fixed by
Tobias Stoeckmann.
o Minor bugfixes (memory leak):
- Avoid a minor memory leak that could occur on relays when
creating a keys directory failed. Fixes bug 30148; bugfix on
o Minor bugfixes (compilation, unusual configuration):
- Avoid failures when building with ALL_BUGS_ARE_FAILED due to
missing declarations of abort(), and prevent other such failures
in the future. Fixes bug 30189; bugfix on
o Minor bugfixes (lib):
do not log a warning for OpenSSL versions that should be compatible
Fixes bug 30190; bugfix on
o Minor bugfixes (directory authority):
- Move the "bandwidth-file-headers" line in directory authority votes
so that it conforms to dir-spec.txt. Fixes bug 30316; bugfix on
o Minor features (compile-time modules):
- Add a --list-modules command to print a list of which compile-time
modules are enabled. Closes ticket 30452.
o Minor bugfixes ():
- Avoid a GCC 9.1.1 warning (and possible crash depending on libc
implemenation) when failing to load a hidden service client authorization
file. Fixes bug 30475; bugfix on
o Minor bugfixes (portability):
- Avoid crashing in our tor_vasprintf() implementation on systems that
define neither vasprintf() nor _vscprintf(). (This bug has been here
long enough that we question whether people are running Tor on such
systems, but we're applying the fix out of caution.) Fixes bug 30561;
bugfix on Found and fixed by Tobias Stoeckmann.
o Minor bugfixes (testing):
- Skip test_rebind when the TOR_SKIP_TEST_REBIND environmental variable is
set. Fixes bug 30713; bugfix on
- Skip test_rebind on macOS in Travis, because it is unreliable on
macOS on Travis. Fixes bug 30713; bugfix on
o Minor bugfixes (continuous integration):
- Allow the test-stem job to fail in Travis, because it sometimes hangs.
Fixes bug 30744; bugfix on
o Minor bugfixes (directory authorities):
- Stop crashing after parsing an unknown descriptor purpose annotation.
We think this bug can only be triggered by modifying a local file.
Fixes bug 30781; bugfix on
o Minor bugfixes (memory leaks):
- Fix a trivial memory leak when parsing an invalid value
from a download schedule in the configuration. Fixes bug
30894; bugfix on
o Minor bugfixes (relay):
- Avoid crashing when starting with a corrupt keys directory where
the old ntor key and the new ntor key are identical. Fixes bug 30916;
bugfix on
o Minor bugfixes (crash on exit):
- Avoid a set of possible code paths that could use try to use freed memory
in routerlist_free() while Tor was exiting. Fixes bug 31003; bugfix on
o Minor bugfixes (logging, protocol violations):
- Do not log a nonfatal assertion failure when receiving a VERSIONS
cell on a connection using the obsolete v1 link protocol. Log a
protocol_warn instead. Fixes bug 31107; bugfix on
o Minor bugfixes (code quality):
- Fix "make check-includes" so it runs correctly on out-of-tree builds.
Fixes bug 31335; bugfix on
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment