1. 15 Mar, 2010 1 commit
  2. 07 Mar, 2010 1 commit
  3. 04 Mar, 2010 1 commit
    • Nick Mathewson's avatar
      Apply Roger's bug 1269 fix. · 3ff09239
      Nick Mathewson authored
      From http://archives.seul.org/tor/relays/Mar-2010/msg00006.html :
      
         As I understand it, the bug should show up on relays that don't set
         Address to an IP address (so they need to resolve their Address
         line or their hostname to guess their IP address), and their
         hostname or Address line fails to resolve -- at that point they'll
         pick a random 4 bytes out of memory and call that their address. At
         the same time, relays that *do* successfully resolve their address
         will ignore the result, and only come up with a useful address if
         their interface address happens to be a public IP address.
      3ff09239
  4. 02 Mar, 2010 1 commit
  5. 27 Feb, 2010 2 commits
  6. 26 Feb, 2010 3 commits
    • Sebastian Hahn's avatar
      Proper NULL checking in circuit_list_path_impl() · 86828e20
      Sebastian Hahn authored
      Another dereference-then-NULL-check sequence. No reports of this bug
      triggered in the wild. Fixes bugreport 1256.
      
      Thanks to ekir for discovering and reporting this bug.
      86828e20
    • Sebastian Hahn's avatar
      Proper NULL checking for hsdesc publication · f36c36f4
      Sebastian Hahn authored
      Fix a dereference-then-NULL-check sequence. This bug wasn't triggered
      in the wild, but we should fix it anyways in case it ever happens.
      Also make sure users get a note about this being a bug when they
      see it in their log.
      
      Thanks to ekir for discovering and reporting this bug.
      f36c36f4
    • Sebastian Hahn's avatar
      Zero a cipher completely before freeing it · a9802d33
      Sebastian Hahn authored
      We used to only zero the first ptrsize bytes of the cipher. Since
      cipher is large enough, we didn't zero too many bytes. Discovered
      and fixed by ekir. Fixes bug 1254.
      a9802d33
  7. 21 Feb, 2010 2 commits
  8. 18 Feb, 2010 4 commits
  9. 13 Feb, 2010 1 commit
  10. 12 Feb, 2010 2 commits
  11. 08 Feb, 2010 1 commit
    • Sebastian Hahn's avatar
      Don't use gethostbyname() in resolve_my_address() · a168cd2a
      Sebastian Hahn authored
      Tor has tor_lookup_hostname(), which prefers ipv4 addresses automatically.
      Bug 1244 occured because gethostbyname() returned an ipv6 address, which
      Tor cannot handle currently. Fixes bug 1244; bugfix on 0.0.2pre25.
      Reported by Mike Mestnik.
      a168cd2a
  12. 07 Feb, 2010 1 commit
  13. 02 Feb, 2010 1 commit
    • Nick Mathewson's avatar
      Link libssl and libcrypto in the right order. · f6ff14a8
      Nick Mathewson authored
      For most linking setups, this doesn't matter.  But for some setups, when
      statically linking openssl, it does matter, since you need to link things
      with dependencies before you link things they depend on.
      
      Fix for bug 1237.
      f6ff14a8
  14. 01 Feb, 2010 1 commit
    • Nick Mathewson's avatar
      Revise OpenSSL fix to work with OpenSSL 1.0.0beta* · abd447f8
      Nick Mathewson authored
      In brief: you mustn't use the SSL3_FLAG solution with anything but 0.9.8l,
      and you mustn't use the SSL_OP solution with anything before 0.9.8m, and
      you get in _real_ trouble if you try to set the flag in 1.0.0beta, since
      they use it for something different.
      
      For the ugly version, see my long comment in tortls.c
      abd447f8
  15. 29 Jan, 2010 1 commit
  16. 24 Jan, 2010 3 commits
  17. 22 Jan, 2010 1 commit
    • Nick Mathewson's avatar
      Avoid a possible crash in tls_log_errors. · 4ad5094c
      Nick Mathewson authored
      We were checking for msg==NULL, but not lib or proc.  This case can
      only occur if we have an error whose string we somehow haven't loaded,
      but it's worth coding defensively here.
      
      Spotted by rieo on IRC.
      4ad5094c
  18. 19 Jan, 2010 5 commits
  19. 18 Jan, 2010 1 commit
  20. 21 Dec, 2009 1 commit
  21. 15 Dec, 2009 1 commit
  22. 04 Dec, 2009 1 commit
  23. 23 Nov, 2009 1 commit
  24. 17 Nov, 2009 1 commit
  25. 13 Nov, 2009 2 commits
    • Nick Mathewson's avatar
      0f212193
    • Peter Palfrader's avatar
      Merge branch 'debian-merge' into debian-0.2.1 · 4db6e63c
      Peter Palfrader authored
      * debian-merge: (37 commits)
        New upstream version
        bump to 0.2.1.20
        Move moria1 and Tonga to alternate IP addresses.
        read the "circwindow" parameter from the consensus
        Code to parse and access network parameters.
        Revert "Teach connection_ap_can_use_exit about Exclude*Nodes"
        Work around a memory leak in openssl 0.9.8g (and maybe others)
        Teach connection_ap_can_use_exit about Exclude*Nodes
        make some bug 1090 warnings go away
        Fix a memory leak when parsing a ns
        Fix obscure 64-bit big-endian hidserv bug
        turns out the packaging changes aren't in 0.2.1.20
        update changelog with bundle details
        Use an _actual_ fix for the byte-reverse warning.
        Use a simpler fix for the byte-reversing warning
        Fix compile warnings on Snow Leopard
        Add getinfo accepted-server-descriptor. Clean spec.
        Reduce log level for bug case that we now know really exists.
        Only send reachability status events on overall success/failure
        update the README instructions and OS X makefiles
        ...
      4db6e63c