r13988@catbus: nickm | 2007-07-29 16:32:36 -0400 (759ed3ce) · Commits · The Tor Project / Core / debian / tor

ChangeLog

+4 −0

Original line number	Diff line number	Diff line
		@@ -18,6 +18,10 @@ Changes in version 0.2.0.3-alpha - 2007-07-29
		- Directory authorities now never mark more than 3 servers per IP as
		Valid and Running. (Implements proposal 109, by Kevin Bauer and
		Damon McCoy.)
		- Minor change to organizationName and commonName generation procedures
		in certificates, to invalidate some earlier censorware approaches.
		This is not a long-term solution, but applying it will give us a bit of
		time to look into the epidemiology of countermeasures as they spread.

		o Major bugfixes (directory):
		- Rewrite directory tokenization code to never run off the end of

+3 −3

Original line number	Diff line number	Diff line
		@@ -274,7 +274,7 @@ tor_tls_create_certificate(crypto_pk_env_t *rsa,
		if ((nid = OBJ_txt2nid("organizationName")) == NID_undef)
		goto error;
		if (!(X509_NAME_add_entry_by_NID(name, nid, MBSTRING_ASC,
		(unsigned char*)"Tor", -1, -1, 0)))
		(unsigned char*)"t o r", -1, -1, 0)))
		goto error;
		if ((nid = OBJ_txt2nid("commonName")) == NID_undef) goto error;
		if (!(X509_NAME_add_entry_by_NID(name, nid, MBSTRING_ASC,
		@@ -288,7 +288,7 @@ tor_tls_create_certificate(crypto_pk_env_t *rsa,
		if ((nid = OBJ_txt2nid("organizationName")) == NID_undef)
		goto error;
		if (!(X509_NAME_add_entry_by_NID(name_issuer, nid, MBSTRING_ASC,
		(unsigned char*)"Tor", -1, -1, 0)))
		(unsigned char*)"t o r", -1, -1, 0)))
		goto error;
		if ((nid = OBJ_txt2nid("commonName")) == NID_undef) goto error;
		if (!(X509_NAME_add_entry_by_NID(name_issuer, nid, MBSTRING_ASC,
		@@ -361,7 +361,7 @@ tor_tls_context_new(crypto_pk_env_t identity, const char nickname,
		char nn2[128];
		if (!nickname)
		nickname = "null";
		tor_snprintf(nn2, sizeof(nn2), "%s <identity>", nickname);
		tor_snprintf(nn2, sizeof(nn2), "%s <signing>", nickname);

		tor_tls_init();