1. 19 Jul, 2019 1 commit
    • Tobias Stoeckmann's avatar
      Prevent UB on signed overflow. · 0d4a689d
      Tobias Stoeckmann authored
      
      
      Overflowing a signed integer in C is an undefined behaviour.
      It is possible to trigger this undefined behaviour in tor_asprintf on
      Windows or systems lacking vasprintf.
      
      On these systems, eiter _vscprintf or vsnprintf is called to retrieve
      the required amount of bytes to hold the string. These functions can
      return INT_MAX. The easiest way to recreate this is the use of a
      specially crafted configuration file, e.g. containing the line:
      
      FirewallPorts AAAAA<in total 2147483610 As>
      
      This line triggers the needed tor_asprintf call which eventually
      leads to an INT_MAX return value from _vscprintf or vsnprintf.
      
      The needed byte for \0 is added to the result, triggering the
      overflow and therefore the undefined behaviour.
      
      Casting the value to size_t before addition fixes the behaviour.
      Signed-off-by: default avatarTobias Stoeckmann <tobias@stoeckmann.org>
      0d4a689d
  2. 28 Jun, 2019 3 commits
    • teor's avatar
      changes: file for 28795 · fb977f8c
      teor authored
      Replace the 157 fallbacks originally introduced in Tor 0.3.5.6-rc
      in December 2018 (of which ~122 were still functional), with a
      list of 148 fallbacks (70 new, 78 existing, 79 removed) generated
      in June 2019.
      
      Closes ticket 28795.
      
      Note that we created extra lists from DE and US, but they didn't add
      any more fallbacks when we tried to merge them.
      fb977f8c
    • teor's avatar
      fallback: apply the second fallback list from 2019 · f3b2a81c
      teor authored
      Update the fallback directory mirrors by merging the current list with:
      fallback_dirs_2019-06-28-08-58-39_AU_f0437a39ddbc8459.inc
      
      Part of 28795, see that ticket for logs.
      f3b2a81c
    • teor's avatar
      fallback: apply the first fallback list from 2019 · 37c2808a
      teor authored
      Update the fallback directory mirrors by replacing the old list with:
      fallback_dirs_2019-06-25-11-49-10_AU_a37adb956fbb5cd2.inc
      
      Part of 28795, see that ticket for logs.
      37c2808a
  3. 11 Jun, 2019 1 commit
  4. 17 May, 2019 1 commit
  5. 19 Apr, 2019 2 commits
  6. 05 Apr, 2019 3 commits
  7. 04 Apr, 2019 1 commit
    • Nick Mathewson's avatar
      Do not cache bogus results from classifying client ciphers · 1710f4bb
      Nick Mathewson authored
      When classifying a client's selection of TLS ciphers, if the client
      ciphers are not yet available, do not cache the result. Previously,
      we had cached the unavailability of the cipher list and never looked
      again, which in turn led us to assume that the client only supported
      the ancient V1 link protocol.  This, in turn, was causing Stem
      integration tests to stall in some cases.  Fixes bug 30021; bugfix
      on 0.2.4.8-alpha.
      1710f4bb
  8. 03 Apr, 2019 1 commit
  9. 01 Apr, 2019 2 commits
  10. 22 Mar, 2019 1 commit
  11. 20 Mar, 2019 2 commits
  12. 19 Mar, 2019 1 commit
  13. 18 Mar, 2019 1 commit
  14. 14 Mar, 2019 1 commit
    • Roger Dingledine's avatar
      relays shouldn't close idle rend circuits · add0f89c
      Roger Dingledine authored
      Allow connections to single onion services to remain idle without being
      disconnected.
      
      Relays acting as rendezvous points for single onion services were
      mistakenly closing idle established rendezvous circuits after 60 seconds,
      thinking that they are unused directory-fetching circuits that had served
      their purpose.
      
      Fixes bug 29665; bugfix on 0.2.1.26.
      add0f89c
  15. 13 Mar, 2019 5 commits
  16. 09 Mar, 2019 1 commit
  17. 08 Mar, 2019 1 commit
    • David Goulet's avatar
      hs-v2: Copy needed information between service on prunning · b4e44a37
      David Goulet authored
      
      
      Turns out that when reloading a tor configured with hidden service(s), we
      weren't copying all the needed information between the old service object to
      the new one.
      
      For instance, the desc_is_dirty timestamp wasn't which could lead to the
      service uploading its descriptor much later than it would need to.
      
      The replaycache wasn't also moved over and some intro point information as
      well.
      
      Fixes #23790
      Signed-off-by: David Goulet's avatarDavid Goulet <dgoulet@torproject.org>
      b4e44a37
  18. 06 Mar, 2019 1 commit
  19. 01 Mar, 2019 4 commits
  20. 27 Feb, 2019 1 commit
  21. 19 Feb, 2019 1 commit
  22. 12 Feb, 2019 1 commit
  23. 23 Jan, 2019 1 commit
  24. 09 Jan, 2019 1 commit
  25. 07 Jan, 2019 1 commit
  26. 04 Jan, 2019 1 commit