1. 27 Feb, 2010 1 commit
    • Sebastian Hahn's avatar
      Properly handle non-terminated strings · b67657bd
      Sebastian Hahn authored
      Treat strings returned from signed_descriptor_get_body_impl() as not
      NUL-terminated. Since the length of the strings is available, this is
      not a big problem.
      
      Discovered by rieo.
      b67657bd
  2. 26 Feb, 2010 3 commits
    • Sebastian Hahn's avatar
      Proper NULL checking in circuit_list_path_impl() · 86828e20
      Sebastian Hahn authored
      Another dereference-then-NULL-check sequence. No reports of this bug
      triggered in the wild. Fixes bugreport 1256.
      
      Thanks to ekir for discovering and reporting this bug.
      86828e20
    • Sebastian Hahn's avatar
      Proper NULL checking for hsdesc publication · f36c36f4
      Sebastian Hahn authored
      Fix a dereference-then-NULL-check sequence. This bug wasn't triggered
      in the wild, but we should fix it anyways in case it ever happens.
      Also make sure users get a note about this being a bug when they
      see it in their log.
      
      Thanks to ekir for discovering and reporting this bug.
      f36c36f4
    • Sebastian Hahn's avatar
      Zero a cipher completely before freeing it · a9802d33
      Sebastian Hahn authored
      We used to only zero the first ptrsize bytes of the cipher. Since
      cipher is large enough, we didn't zero too many bytes. Discovered
      and fixed by ekir. Fixes bug 1254.
      a9802d33
  3. 21 Feb, 2010 2 commits
  4. 18 Feb, 2010 4 commits
  5. 13 Feb, 2010 1 commit
  6. 12 Feb, 2010 2 commits
  7. 08 Feb, 2010 1 commit
    • Sebastian Hahn's avatar
      Don't use gethostbyname() in resolve_my_address() · a168cd2a
      Sebastian Hahn authored
      Tor has tor_lookup_hostname(), which prefers ipv4 addresses automatically.
      Bug 1244 occured because gethostbyname() returned an ipv6 address, which
      Tor cannot handle currently. Fixes bug 1244; bugfix on 0.0.2pre25.
      Reported by Mike Mestnik.
      a168cd2a
  8. 07 Feb, 2010 1 commit
  9. 02 Feb, 2010 1 commit
    • Nick Mathewson's avatar
      Link libssl and libcrypto in the right order. · f6ff14a8
      Nick Mathewson authored
      For most linking setups, this doesn't matter.  But for some setups, when
      statically linking openssl, it does matter, since you need to link things
      with dependencies before you link things they depend on.
      
      Fix for bug 1237.
      f6ff14a8
  10. 01 Feb, 2010 1 commit
    • Nick Mathewson's avatar
      Revise OpenSSL fix to work with OpenSSL 1.0.0beta* · abd447f8
      Nick Mathewson authored
      In brief: you mustn't use the SSL3_FLAG solution with anything but 0.9.8l,
      and you mustn't use the SSL_OP solution with anything before 0.9.8m, and
      you get in _real_ trouble if you try to set the flag in 1.0.0beta, since
      they use it for something different.
      
      For the ugly version, see my long comment in tortls.c
      abd447f8
  11. 29 Jan, 2010 1 commit
  12. 24 Jan, 2010 3 commits
  13. 22 Jan, 2010 1 commit
    • Nick Mathewson's avatar
      Avoid a possible crash in tls_log_errors. · 4ad5094c
      Nick Mathewson authored
      We were checking for msg==NULL, but not lib or proc.  This case can
      only occur if we have an error whose string we somehow haven't loaded,
      but it's worth coding defensively here.
      
      Spotted by rieo on IRC.
      4ad5094c
  14. 19 Jan, 2010 5 commits
  15. 18 Jan, 2010 1 commit
  16. 21 Dec, 2009 1 commit
  17. 15 Dec, 2009 1 commit
  18. 04 Dec, 2009 1 commit
  19. 23 Nov, 2009 1 commit
  20. 17 Nov, 2009 1 commit
  21. 13 Nov, 2009 4 commits
    • Nick Mathewson's avatar
      0f212193
    • Peter Palfrader's avatar
      Merge branch 'debian-merge' into debian-0.2.1 · 4db6e63c
      Peter Palfrader authored
      * debian-merge: (37 commits)
        New upstream version
        bump to 0.2.1.20
        Move moria1 and Tonga to alternate IP addresses.
        read the "circwindow" parameter from the consensus
        Code to parse and access network parameters.
        Revert "Teach connection_ap_can_use_exit about Exclude*Nodes"
        Work around a memory leak in openssl 0.9.8g (and maybe others)
        Teach connection_ap_can_use_exit about Exclude*Nodes
        make some bug 1090 warnings go away
        Fix a memory leak when parsing a ns
        Fix obscure 64-bit big-endian hidserv bug
        turns out the packaging changes aren't in 0.2.1.20
        update changelog with bundle details
        Use an _actual_ fix for the byte-reverse warning.
        Use a simpler fix for the byte-reversing warning
        Fix compile warnings on Snow Leopard
        Add getinfo accepted-server-descriptor. Clean spec.
        Reduce log level for bug case that we now know really exists.
        Only send reachability status events on overall success/failure
        update the README instructions and OS X makefiles
        ...
      4db6e63c
    • Peter Palfrader's avatar
      New upstream version · 751e9b2b
      Peter Palfrader authored
      751e9b2b
    • Peter Palfrader's avatar
      Merge commit 'tor-0.2.1.20' into debian-merge · 0e749396
      Peter Palfrader authored
      * commit 'tor-0.2.1.20': (36 commits)
        bump to 0.2.1.20
        Move moria1 and Tonga to alternate IP addresses.
        read the "circwindow" parameter from the consensus
        Code to parse and access network parameters.
        Revert "Teach connection_ap_can_use_exit about Exclude*Nodes"
        Work around a memory leak in openssl 0.9.8g (and maybe others)
        Teach connection_ap_can_use_exit about Exclude*Nodes
        make some bug 1090 warnings go away
        Fix a memory leak when parsing a ns
        Fix obscure 64-bit big-endian hidserv bug
        turns out the packaging changes aren't in 0.2.1.20
        update changelog with bundle details
        Use an _actual_ fix for the byte-reverse warning.
        Use a simpler fix for the byte-reversing warning
        Fix compile warnings on Snow Leopard
        Add getinfo accepted-server-descriptor. Clean spec.
        Reduce log level for bug case that we now know really exists.
        Only send reachability status events on overall success/failure
        update the README instructions and OS X makefiles
        Avoid segfault when accessing hidden service.
        ...
      0e749396
  22. 05 Nov, 2009 1 commit
    • Nick Mathewson's avatar
      Make Tor work with OpenSSL 0.9.8l · ce0a89e2
      Nick Mathewson authored
      To fix a major security problem related to incorrect use of
      SSL/TLS renegotiation, OpenSSL has turned off renegotiation by
      default.  We are not affected by this security problem, however,
      since we do renegotiation right.  (Specifically, we never treat a
      renegotiated credential as authenticating previous communication.)
      Nevertheless, OpenSSL's new behavior requires us to explicitly
      turn renegotiation back on in order to get our protocol working
      again.
      
      Amusingly, this is not so simple as "set the flag when you create
      the SSL object" , since calling connect or accept seems to clear
      the flags.
      
      For belt-and-suspenders purposes, we clear the flag once the Tor
      handshake is done.  There's no way to exploit a second handshake
      either, but we might as well not allow it.
      ce0a89e2
  23. 27 Oct, 2009 2 commits