Once a NACK is received on the intro circuit, tor tries an other usable one
by extending the current circuit to it. If no more intro points are usable,
now close the circuit.

Fixes #14224

Signed-off-by: David Goulet <dgoulet@ev0ke.net>

Backports some commits from tor master.

Fixes bug 14195. Bugfix on 0.1.0.1-rc.

teor authored 10 years ago and Nick Mathewson committed 10 years ago

Check for a missing option value in parse_virtual_addr_network
before asserting on the NULL in tor_addr_parse_mask_ports.
This avoids crashing on torrc lines like Vi[rtualAddrNetworkIPv[4|6]]
when no value follows the option.

Bugfix on 0.2.3 (de4cc126 on 24 November 2012), fixes #14142.

Also, avoid crashing when we attempt to double-remove an edge
connection from the DNS resolver: just log a bug warning instead.

Fixes bug 14129.  Bugfix on 0d20fee2, which was in 0.0.7rc1.

jowr found the bug.  cypherpunks wrote the fix.  I added the log
message and removed the assert.

This is a good idea in case the caller stupidly doesn't check the
return value from baseX_decode(), and as a workaround for the
current inconsistent API of base16_decode.

Prevents any fallout from bug 14013.

Conflicts:
	src/or/config.c

See also http://marc.info/?l=openssl-dev&m=141357408522028&w=2

Closes 8093.

The POODLE attack doesn't affect Tor, but there's no reason to tempt
fate: SSLv3 isn't going to get any better.

Also, make sure we will compile correctly on systems where they
finally rip it out.

Fixes issue #13325.  Caused by this openbsd commit:

   ​http://marc.info/?l=openbsd-cvs&m=140768179627976&w=2

Reported by Fredzupy.

Fixes bug 13295; bugfix on 0.2.5.3-alpha.

The alternative here is to call crypto_global_init() from tor-resolve,
but let's avoid linking openssl into tor-resolve for as long as we
can.