Esteban Manchado Velázquez authored 13 years ago and Nick Mathewson committed 12 years ago

* It seems parse_http_time wasn't parsing correctly any date with commas (RFCs
  1123 and 850). Fix that.
* It seems parse_http_time was reporting the wrong month (they start at 0, not
  1). Fix that.
* Add some tests for parse_http_time, covering all three formats.

The original code updated some variables, but forgot to remove a
replaced old-routerdesc from rl->old_routers.

Related to bug 1776.

Fix #5760

The underlying strtoX functions handle overflow by saturating and
setting errno to ERANGE.  If the min/max arguments to the
tor_parse_* functions are equal to the minimum/maximum of the
underlying type, then with the old approach, we wouldn't treat a
too-large value as genuinely broken.

Found this while looking at bug 5786; bugfix on 19da1f36 (in Tor
0.0.9), which introduced these functions.

Fix for 5647; bugfix on 0.2.1.5-alpha.

George Kadianakis authored 12 years ago and Nick Mathewson committed 12 years ago

(Cherry-picked from 6ba13e4 by nickm)

Bugfix on 0.2.2.1-alpha, which added the orginal HTTP proxy
authentication code.  Fix for bug 5593.

As per ticket 5569

it's fine with me if we change the current convention, but we should
actually decide to change it if we want to.

It is for the not-yet-implemented bridge community design.

This fixes a side-channel attack on the (fortunately unused!)
BridgePassword option for bridge authorities.  Fix for bug 5543;
bugfix on 0.2.0.14-alpha.

If you set ExitNodes so that only 1 exit node is accepted, the
previous patch would have made you unable to build circuits.

Previously, malformatted torrc values could crash us.

Patch by Esteban Manchado.  Fixes bug 5090; fix on 0.2.0.16-alpha.

This mitigates an attack proposed by wanoskarnet, in which all of a
client's bridges collude to restrict the exit nodes that the client
knows about.  Fixes bug 5343.

(cherry picked from commit fdbb9cdf)

in Makefile.am, we used it without quoting it, causing build failure if
your openssl/sed/sha1sum happened to live in a directory with a space in
it (very common on windows)

It was apparently getting mistaken for a problem, even though it was
at notice.

Fixes 5067; fix on 0.2.0.10-alpha.