1. 22 Nov, 2009 5 commits
  2. 20 Nov, 2009 2 commits
  3. 19 Nov, 2009 2 commits
  4. 18 Nov, 2009 1 commit
  5. 17 Nov, 2009 5 commits
  6. 15 Nov, 2009 9 commits
  7. 14 Nov, 2009 1 commit
    • Jacob Appelbaum's avatar
      Fix compilation with with bionic libc. · 6f1fe7e9
      Jacob Appelbaum authored and Nick Mathewson's avatar Nick Mathewson committed
      This fixes bug 1147:
      
       bionic doesn't have an actual implementation of mlockall();
       mlockall() is merely in the headers but not actually in the library.
       This prevents Tor compilation with the bionic libc for Android handsets.
      6f1fe7e9
  8. 13 Nov, 2009 4 commits
    • Nick Mathewson's avatar
      0f212193
    • Peter Palfrader's avatar
      Merge branch 'debian-merge' into debian-0.2.1 · 4db6e63c
      Peter Palfrader authored
      * debian-merge: (37 commits)
        New upstream version
        bump to 0.2.1.20
        Move moria1 and Tonga to alternate IP addresses.
        read the "circwindow" parameter from the consensus
        Code to parse and access network parameters.
        Revert "Teach connection_ap_can_use_exit about Exclude*Nodes"
        Work around a memory leak in openssl 0.9.8g (and maybe others)
        Teach connection_ap_can_use_exit about Exclude*Nodes
        make some bug 1090 warnings go away
        Fix a memory leak when parsing a ns
        Fix obscure 64-bit big-endian hidserv bug
        turns out the packaging changes aren't in 0.2.1.20
        update changelog with bundle details
        Use an _actual_ fix for the byte-reverse warning.
        Use a simpler fix for the byte-reversing warning
        Fix compile warnings on Snow Leopard
        Add getinfo accepted-server-descriptor. Clean spec.
        Reduce log level for bug case that we now know really exists.
        Only send reachability status events on overall success/failure
        update the README instructions and OS X makefiles
        ...
      4db6e63c
    • Peter Palfrader's avatar
      New upstream version · 751e9b2b
      Peter Palfrader authored
      751e9b2b
    • Peter Palfrader's avatar
      Merge commit 'tor-0.2.1.20' into debian-merge · 0e749396
      Peter Palfrader authored
      * commit 'tor-0.2.1.20': (36 commits)
        bump to 0.2.1.20
        Move moria1 and Tonga to alternate IP addresses.
        read the "circwindow" parameter from the consensus
        Code to parse and access network parameters.
        Revert "Teach connection_ap_can_use_exit about Exclude*Nodes"
        Work around a memory leak in openssl 0.9.8g (and maybe others)
        Teach connection_ap_can_use_exit about Exclude*Nodes
        make some bug 1090 warnings go away
        Fix a memory leak when parsing a ns
        Fix obscure 64-bit big-endian hidserv bug
        turns out the packaging changes aren't in 0.2.1.20
        update changelog with bundle details
        Use an _actual_ fix for the byte-reverse warning.
        Use a simpler fix for the byte-reversing warning
        Fix compile warnings on Snow Leopard
        Add getinfo accepted-server-descriptor. Clean spec.
        Reduce log level for bug case that we now know really exists.
        Only send reachability status events on overall success/failure
        update the README instructions and OS X makefiles
        Avoid segfault when accessing hidden service.
        ...
      0e749396
  9. 12 Nov, 2009 1 commit
  10. 08 Nov, 2009 1 commit
  11. 06 Nov, 2009 2 commits
  12. 05 Nov, 2009 1 commit
    • Nick Mathewson's avatar
      Make Tor work with OpenSSL 0.9.8l · ce0a89e2
      Nick Mathewson authored
      To fix a major security problem related to incorrect use of
      SSL/TLS renegotiation, OpenSSL has turned off renegotiation by
      default.  We are not affected by this security problem, however,
      since we do renegotiation right.  (Specifically, we never treat a
      renegotiated credential as authenticating previous communication.)
      Nevertheless, OpenSSL's new behavior requires us to explicitly
      turn renegotiation back on in order to get our protocol working
      again.
      
      Amusingly, this is not so simple as "set the flag when you create
      the SSL object" , since calling connect or accept seems to clear
      the flags.
      
      For belt-and-suspenders purposes, we clear the flag once the Tor
      handshake is done.  There's no way to exploit a second handshake
      either, but we might as well not allow it.
      ce0a89e2
  13. 04 Nov, 2009 1 commit
  14. 27 Oct, 2009 5 commits
    • Jacob Appelbaum's avatar
      Implement DisableAllSwap to avoid putting secret info in page files. · 2aac39a7
      Jacob Appelbaum authored and Roger Dingledine's avatar Roger Dingledine committed
      This commit implements a new config option: 'DisableAllSwap'
      This option probably only works properly when Tor is started as root.
      We added two new functions: tor_mlockall() and tor_set_max_memlock().
      tor_mlockall() attempts to mlock() all current and all future memory pages.
      For tor_mlockall() to work properly we set the process rlimits for memory to
      RLIM_INFINITY (and beyond) inside of tor_set_max_memlock().
      We behave differently from mlockall() by only allowing tor_mlockall() to be
      called one single time. All other calls will result in a return code of 1.
      It is not possible to change DisableAllSwap while running.
      A sample configuration item was added to the torrc.complete.in config file.
      A new item in the man page for DisableAllSwap was added.
      Thanks to Moxie Marlinspike and Chris Palmer for their feedback on this patch.
      
      Please note that we make no guarantees about the quality of your OS and its
      mlock/mlockall implementation. It is possible that this will do nothing at all.
      It is also possible that you can ulimit the mlock properties of a given user
      such that root is not required. This has not been extensively tested and is
      unsupported. I have included some comments for possible ways we can handle
      this on win32.
      2aac39a7
    • Karsten Loesing's avatar
      Fix bug 1113. · 56c23851
      Karsten Loesing authored
      Bridges do not use the default exit policy, but reject *:* by default.
      56c23851
    • Roger Dingledine's avatar
      Merge commit 'karsten/log-1092' · 8c34e792
      Roger Dingledine authored
      8c34e792
    • Karsten Loesing's avatar
      c8b27a8e
    • Karsten Loesing's avatar
      Fix bug 1042. · 19ddee55
      Karsten Loesing authored
      If your relay can't keep up with the number of incoming create cells, it
      would log one warning per failure into your logs. Limit warnings to 1 per
      minute.
      19ddee55