Merge branch 'maint-0.2.2' into release-0.2.2
This commit is contained in:
commit
121ae29ed9
|
@ -0,0 +1,3 @@
|
|||
o Minor bugfixes (documentation):
|
||||
- Document the GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays
|
||||
directory authority option (introduced in Tor 0.2.2.34).
|
|
@ -0,0 +1,5 @@
|
|||
o Major bugfixes:
|
||||
- Fix the SOCKET_OK test that we use to tell when socket
|
||||
creation fails so that it works on Win64. Fixes part of bug
|
||||
4533; bugfix on 0.2.2.29-beta. Bug found by wanoskarnet.
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
o Minor bugfixes:
|
||||
- Update "ClientOnly" man page entry to explain that there isn't
|
||||
really any point to messing with it. Resolves ticket 5005.
|
|
@ -499,11 +499,12 @@ The following options are useful only for clients (that is, if
|
|||
number like 60. (Default: 0)
|
||||
|
||||
**ClientOnly** **0**|**1**::
|
||||
If set to 1, Tor will under no circumstances run as a server or serve
|
||||
directory requests. The default is to run as a client unless ORPort is
|
||||
configured. (Usually, you don't need to set this; Tor is pretty smart at
|
||||
figuring out whether you are reliable and high-bandwidth enough to be a
|
||||
useful server.) (Default: 0)
|
||||
If set to 1, Tor will under no circumstances run as a relay or serve
|
||||
directory requests. This config option is mostly meaningless: we
|
||||
added it back when we were considering having Tor clients auto-promote
|
||||
themselves to being relays if they were stable and fast enough. The
|
||||
current behavior is simply that Tor is a client unless ORPort or
|
||||
DirPort are configured. (Default: 0)
|
||||
|
||||
**ExcludeNodes** __node__,__node__,__...__::
|
||||
A list of identity fingerprints, nicknames, country codes and address
|
||||
|
@ -1347,6 +1348,10 @@ DIRECTORY AUTHORITY SERVER OPTIONS
|
|||
votes on whether to accept relays as hidden service directories.
|
||||
(Default: 1)
|
||||
|
||||
GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays **0**|**1**::
|
||||
When this option is set to 0, do not vote to give the Guard flag to any
|
||||
version of Tor vulnerable to CVE-2011-2769. (Default: 0)
|
||||
|
||||
HIDDEN SERVICE OPTIONS
|
||||
----------------------
|
||||
|
||||
|
|
|
@ -396,7 +396,7 @@ typedef int socklen_t;
|
|||
|
||||
#ifdef MS_WINDOWS
|
||||
#define tor_socket_t intptr_t
|
||||
#define SOCKET_OK(s) ((unsigned)(s) != INVALID_SOCKET)
|
||||
#define SOCKET_OK(s) ((SOCKET)(s) != INVALID_SOCKET)
|
||||
#else
|
||||
#define tor_socket_t int
|
||||
#define SOCKET_OK(s) ((s) >= 0)
|
||||
|
|
|
@ -802,8 +802,8 @@ tor_tls_context_new(crypto_pk_env_t *identity, unsigned int key_lifetime,
|
|||
"might otherwise be vulnerable to CVE-2011-4657 "
|
||||
"(compile-time version %08lx (%s); "
|
||||
"runtime version %08lx (%s))",
|
||||
OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT,
|
||||
SSLeay(), SSLeay_version(SSLEAY_VERSION));
|
||||
(unsigned long)OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT,
|
||||
(unsigned long)SSLeay(), SSLeay_version(SSLEAY_VERSION));
|
||||
SSL_CTX_set_options(result->ctx, SSL_OP_NO_SSLv3);
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue