When we ran out of intro points for a hidden service (which could
happen on a newnym), we would change the connection's state back to
"waiting for hidden service descriptor."  But this would make an
assertion fail if we went on to call circuit_get_open_circ_or_launch
again.

This fixes bug 16013; I believe the bug was introduced in
38be533c, where we made it possible for
circuit_get_open_circ_or_launch() to change the connection's state.

When I fixed #11243, I made it so we would take the digest of a
descriptor before tokenizing it, so we could desist from download
attempts if parsing failed.  But when I did that, I didn't remove an
assertion that the descriptor began with "onion-key".  Usually, this
was enforced by "find_start_of_next_microdescriptor", but when
find_start_of_next_microdescriptor returned NULL, the assertion was
triggered.

Fixes bug 16400.  Thanks to torkeln for reporting and
cypherpunks_backup for diagnosing and writing the first fix here.

teor authored 9 years ago and Nick Mathewson committed 9 years ago

If crypto_early_init fails, a typo in a return value from tor_init
means that tor_main continues running, rather than returning
an error value.

Fixes bug 16360; bugfix on d3fb846d in 0.2.5.2-alpha,
introduced when implementing #4900.

Patch by "teor".

This reverts commit 9407040c.

Small fix, "e->received" had to be removed since that variable doesn't exist
anymore.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>

Allow pipe() and pipe2() syscalls; we need these when eventfd2()
support is missing. Fixes bug 16363; bugfix on 0.2.6.3-alpha.  Patch
from "teor".

David Goulet authored 9 years ago and Nick Mathewson committed 9 years ago

Fixes #8243

Fixes #16247, patch by "jojelino".

Peter Palfrader authored 9 years ago and Nick Mathewson committed 9 years ago

This includes correctly allowing renaming secret_id_key and allowing the
eventfd2 and futex syscalls.  Fixes bug 16244; bugfix on 0.2.6.1-alpha.

Patch from "NewEraCracker."  Fixes bug16030; bugfix on 0.2.6.2-alpha.

Fixes bug 16164; bugfix on 0.2.6.3-alpha. Patch from Peter Palfrader.

John Brooks authored 9 years ago and Nick Mathewson committed 9 years ago

The length of auth_data from an INTRODUCE2 cell is checked when the
auth_type is recognized (1 or 2), but not for any other non-zero
auth_type. Later, auth_data is assumed to have at least
REND_DESC_COOKIE_LEN bytes, leading to a client-triggered out of bounds
read.

Fixed by checking auth_len before comparing the descriptor cookie
against known clients.

Fixes #15823; bugfix on 0.2.1.6-alpha.

Fixes #15850, part of #15801. Change file is added by this commit. The
original comment in the reverted commit is removed because right now we
*need* a DirPort until #15849 is implemented so no doubt nor confusion there
anymore.

This reverts commit 80bed1ac.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>