Tor protects your privacy on the internet by hiding the connection
between your Internet address and the services you use. We believe Tor
is reasonably secure, but please ensure you read the instructions and
configure it properly.
To build Tor from source:
./configure; make; make install
Home page:
https://www.torproject.org/
Download new versions:
https://www.torproject.org/download.html
Documentation, including links to installation and setup instructions:
https://www.torproject.org/documentation.html
Making applications work with Tor:
https://wiki.torproject.org/noreply/TheOnionRouter/TorifyHOWTO
Frequently Asked Questions:
https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ
Forked from
The Tor Project / Core / Tor
28334 commits behind the upstream repository.
Nick Mathewson
authored
To fix a major security problem related to incorrect use of SSL/TLS renegotiation, OpenSSL has turned off renegotiation by default. We are not affected by this security problem, however, since we do renegotiation right. (Specifically, we never treat a renegotiated credential as authenticating previous communication.) Nevertheless, OpenSSL's new behavior requires us to explicitly turn renegotiation back on in order to get our protocol working again. Amusingly, this is not so simple as "set the flag when you create the SSL object" , since calling connect or accept seems to clear the flags. For belt-and-suspenders purposes, we clear the flag once the Tor handshake is done. There's no way to exploit a second handshake either, but we might as well not allow it.
| Name | Last commit | Last update |
|---|---|---|
| Win32Build | ||
| contrib | ||
| debian | ||
| doc | ||
| src | ||
| .gitignore | ||
| AUTHORS | ||
| ChangeLog | ||
| Doxyfile.in | ||
| INSTALL | ||
| LICENSE | ||
| Makefile.am | ||
| README | ||
| ReleaseNotes | ||
| acinclude.m4 | ||
| autogen.sh | ||
| configure.in | ||
| tor.spec.in |