* commit 'tor-0.2.2.19-alpha':
  pick a more accurate release date
  bump to 0.2.2.19-alpha
  prepare for our emergency openssl fix release
  Do not set the hostname TLS extension server-side; only client-side
  Fix a unit test broken by fix for 2195
  Add changes file for bug2195.
  Fix logic error in router_dump_router_to_string.
  Add comments to some of the bug2183 fix code
  Generate a router descriptor even if generating an extra-info descriptor fails.
  Do not emit an extra-info-digest descriptor line if the digest is zero.
  Tweak the bugfix for 2183 a bit more.
  new development version
  Don't use log_err for non-criticial warnings.
  Try harder not to exceed the 50 KB extra-info descriptor limit.

Add debian/patches/15_tlsext_host_name: Work around change in
libssl0.9.8 (0.9.8g-15+lenny9 and 0.9.8o-3), taken from 0.2.1.27
(closes: #604198):

Do not set the tlsext_host_name extension on server SSL objects; only on
client SSL objects.  We set it to immitate a browser, not a vhosting
server. This resolves an incompatibility with openssl 0.9.8p and openssl
1.0.0b.  Fixes bug 2204; bugfix on 0.2.1.1-alpha.

Conflicts:

	debian/changelog

Cherry picked from debian-0.2.1.
Original commit: ab0643c3

If we overwrite src/or/micro-revision.i in during build, clean it out in
the clean target.

This may fix bug 2204, and resolve the incompatibility with openssl
0.9.8p/1.0.0b.

Spotted by Nick Mathewson.

Fixes bug #2195.

* debian-merge: (68 commits)
  New upstream version
  final touchups
  bump to 0.2.2.18-alpha
  warn more about AllowSingleHopExits
  merge in more changelog entries
  Clean up my 1776 fix a bit
  Move controller event for socks warning into log_unsafe_socks_warning
  changes entry for nopublish removal in 5040c855
  Make the coducmentation for SingleHop stuff slightly more dire
  Rate-limit unsafe socks warning
  Avoid perma-blocking the controller on bug in shrink_freelist
  Add changes file for bug1125
  Add changes file for bug1125
  Disable logging to control port connections in buf_shrink_freelists.
  Move the original log_info call out of the core of buf_shrink_freelists.
  Disable logging to control port connections in buf_shrink_freelists.
  Move the original log_info call out of the core of buf_shrink_freelists.
  let unpublished bridges learn their ip address too
  Enforce multiplicity rules when parsing annotations.
  Fix a bug where seting allow_annotations==0 only ignores annotations, but does not block them
  ...

* commit 'tor-0.2.2.18-alpha': (67 commits)
  final touchups
  bump to 0.2.2.18-alpha
  warn more about AllowSingleHopExits
  merge in more changelog entries
  Clean up my 1776 fix a bit
  Move controller event for socks warning into log_unsafe_socks_warning
  changes entry for nopublish removal in 5040c855
  Make the coducmentation for SingleHop stuff slightly more dire
  Rate-limit unsafe socks warning
  Avoid perma-blocking the controller on bug in shrink_freelist
  Add changes file for bug1125
  Add changes file for bug1125
  Disable logging to control port connections in buf_shrink_freelists.
  Move the original log_info call out of the core of buf_shrink_freelists.
  Disable logging to control port connections in buf_shrink_freelists.
  Move the original log_info call out of the core of buf_shrink_freelists.
  let unpublished bridges learn their ip address too
  Enforce multiplicity rules when parsing annotations.
  Fix a bug where seting allow_annotations==0 only ignores annotations, but does not block them
  Bulletproof the routerlist manipulation functions to handle reinserting the same descriptor
  ...

Sebastian notes (and I think correctly) that one of our ||s should
have been an &&, which simplifies a boolean expression to decide
whether to replace bridges.  I'm also refactoring out the negation at
the start of the expression, to make it more readable.

Sebastian Hahn authored 14 years ago and Nick Mathewson committed 14 years ago

Pick 5 seconds as the limit. 5 seconds is a compromise here between
making sure the user notices that the bad behaviour is (still) happening
and not spamming their log too much needlessly (the log message is
pretty long). We also keep warning every time if safesocks is
specified, because then the user presumably wants to hear about every
blocked instance.

(This is based on the original patch by Sebastian, then backported to
0.2.2 and with warnings split into their own function.)

Our checks that we don't exceed the 50 KB size limit of extra-info
descriptors apparently failed. This patch fixes these checks and reserves
another 250 bytes for appending the signature. Fixes bug 2183.

In all likelihood, this bug would make Tor assert, but if it doesn't,
let's not have two bugs.