Looks like clang doesn't complain about this kind of thing.

Spotted by Andrea.  Bug not in any released version.

Conflicts:
	src/or/circuitbuild.c

There was a huge-looking conflict in circuitbuild.c, but the only
change that had been made to circuitbuild.c since I forked off the
split_circuitbuild branch was 17442560.  So I took the
split_circuitbuild version of the conflicting part, and manually
re-applied the change from 17442560..

This is an "ours" commit ; I'm merging a separate version of the
block-renegotiate patch into 0.2.4.

Robert Ransom authored 12 years ago and Nick Mathewson committed 12 years ago

(changes file tweaked by nickm)

OpenSSL 1.0.0 added an implementation of TLS session tickets, a
"feature" that let session resumption occur without server-side state
by giving clients an encrypted "ticket" that the client could present
later to get the session going again with the same keys as before.
OpenSSL was giving the keys to decrypt these tickets the lifetime of
the SSL contexts, which would have been terrible for PFS if we had
long-lived SSL contexts.  Fortunately, we don't.  Still, it's pretty
bad.  We should also drop these, since our use of the extension stands
out with our non-use of session cacheing.

Found by nextgens. Bugfix on all versions of Tor when built with
openssl 1.0.0 or later.  Fixes bug 7139.

Andrea Shepard authored 12 years ago and Nick Mathewson committed 12 years ago

Factor out common parts of channel_tls_connect() and channel_tls_handle_incoming(); fixes get_remote_addr problem with incoming connections for bug 7112

Failure to do so left us open to a remotely triggerable assertion
failure. Fixes CVE-2012-2249; bugfix on 0.2.3.6-alpha. Reported by
"some guy from France".

This patch is a forward-port to 0.2.4, to work with the new channel
logic.

Failure to do so left us open to a remotely triggerable assertion
failure. Fixes CVE-2012-2249; bugfix on 0.2.3.6-alpha. Reported by
"some guy from France".

We were calling channel_get_actual_remote_descr() before we used the
output of a previous channel_get_canonical_remote_descr(), thus
invalidating its output.

When we merged the channel code, we made the 'address' field of linked
directory connections created with begindir (and their associated edge
connections) contain an address:port string, when they should only
have contained the address part.

This patch also tweaks the interface to the get_descr method of
channels so that it takes a set of flags rather than a single flag.

In 4768c0ef (not in any released
version of Tor), we removed a little block of code that set the addr
field of an exit connection used in making a tunneled directory
request.  Turns out that wasn't right.

Our convention is that we use the changelog to note release-to-release
changes; we don't need to add changelog entries for bugs that didn't
appear in any released version of Tor.  (By convention, we sometimes
say "this bug does not appear in any released version of Tor" or words
to that effect in the commit message so that when Roger goes to make
sure the changelog is right, he knows not to expect a changelog entry
for that part.)

Use LD_PROTOCOL rather than LD_BUG to warn about bogus reason codes that originated remotely in circuit_end_reason_to_control_string()

My scripts missed it because it was in eventdns.c, which was in ext,
but it _was_ using one of our identifiers.  That's probably because
eventdns.c has drifted a bit since we forked it.

I'm not going to fix the other reserved identifiers in eventdns.c,
since that would make it drift even more.