To solve bug 4779, we want to avoid OpenSSL 1.0.0's counter mode.
But Fedora (and maybe others) lie about the actual OpenSSL version,
so we can't trust the header to tell us if it's safe.

Instead, let's do a run-time test to see whether it's safe, and if
not, use our built-in version.

fermenthor contributed a pretty essential fixup to this patch. Thanks!

We require openssl 0.9.7 or later, and RAND_poll() was first added in
openssl 0.9.6.

It's a pain to convert 0x0090813f to and from 0.9.8s-release on the
fly, so these macros should help.

This might help us see which authorities are problematic in getting
their vote published the first time.

Sebastian Hahn authored 14 years ago and Nick Mathewson committed 13 years ago

When we have an effective bandwidthrate configured so that we cannot
exceed our bandwidth limit in one accounting interval, don't disable
advertising the dirport. Implements ticket 2434.

Fixes #4883, not yet in any release.

MAX_DNS_LABEL_SIZE was only defined for old versions of openssl, which
broke the build. Spotted by xiando. Fixes bug 4413; not in any released
version.

The thing that's limited to 63 bytes is a "label", not a hostname.

Docment input constraints and behavior on bogus inputs.

Generally it's better to check for overflow-like conditions before
than after.  In this case, it's not a true overflow, so we're okay,
but let's be consistent.

pedantic less->fewer in the documentation

Stephen Palmateer authored 13 years ago and Nick Mathewson committed 13 years ago

Fixes bug 4413; bugfix on xxxx.

Hostname components cannot be larger than 63 characters.
This simple check makes certain randlen cannot overflow rand_bytes_len.

Fixes bug 4856; bugfix on 0.0.6

This bug was introduced in 79fc5217, back in 2004.

he disagrees about what the code that we decided not to use would do

Fixes bug 4842, not in any release.

This is to address bug 4822, and CVE-2011-4576.

Fixes bug 4829; bug not in any released tor.