sarah
/
tor
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge branch 'maint-0.2.2' into release-0.2.2

This commit is contained in:
Roger Dingledine 2012-02-29 13:25:13 -05:00
parent 121ae29ed9 e21756908f
commit 30d0319684
10 changed files with 7217 additions and 5603 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
changes/bug5065 Normal file
View File

@ -0,0 +1,5 @@
o Major bugfixes:
- Fix build if path to sed, openssl or sha1sum contains spaces.
This is pretty common on Windows. Fixes bug 5065; bugfix on
0.2.2.1-alpha.

5
changes/bug5067 Normal file
View File

@ -0,0 +1,5 @@
o Minor bugfixes (usability):
- Downgrade the "We're missing a certificate" message from notice
to info: people kept mistaking it for a real problem, whereas it
is only a problem when we are failing to bootstrap. Fixes bug
5067; bugfix on 0.2.10-alpha.

3
changes/geoip-february2012 Normal file
View File

@ -0,0 +1,3 @@
o Minor features:
- Update to the February 7 2012 Maxmind GeoLite Country database.

3
changes/maatuska-ip Normal file
View File

@ -0,0 +1,3 @@
o Directory authority changes:
- Change IP address for maatuska (v3 directory authority).

4
src/common/Makefile.am
View File

@ -20,9 +20,9 @@ noinst_HEADERS = address.h torlog.h crypto.h util.h compat.h aes.h torint.h tort
common_sha1.i: $(libor_SOURCES) $(libor_crypto_a_SOURCES) $(noinst_HEADERS)
if test "@SHA1SUM@" != none; then \
@SHA1SUM@ $(libor_SOURCES) $(libor_crypto_a_SOURCES) $(noinst_HEADERS) | @SED@ -n 's/^\(.*\)$$/"\1\\n"/p' > common_sha1.i; \
"@SHA1SUM@" $(libor_SOURCES) $(libor_crypto_a_SOURCES) $(noinst_HEADERS) | "@SED@" -n 's/^\(.*\)$$/"\1\\n"/p' > common_sha1.i; \
elif test "@OPENSSL@" != none; then \
@OPENSSL@ sha1 $(libor_SOURCES) $(libor_crypto_a_SOURCES) $(noinst_HEADERS) | @SED@ -n 's/SHA1(\(.*\))= \(.*\)/"\2 \1\\n"/p' > common_sha1.i; \
"@OPENSSL@" sha1 $(libor_SOURCES) $(libor_crypto_a_SOURCES) $(noinst_HEADERS) | "@SED@" -n 's/SHA1(\(.*\))= \(.*\)/"\2 \1\\n"/p' > common_sha1.i; \
else \
rm common_sha1.i; \
touch common_sha1.i; \

6
src/common/tortls.c
View File

@ -72,7 +72,7 @@
(OPENSSL_VERSION_NUMBER >= 0x00909000L && \
OPENSSL_VERSION_NUMBER < 0x1000006fL))
/* This is a version of OpenSSL before 0.9.8s/1.0.0f. It does not have
* the CVE-2011-4657 fix, and as such it can't use RELEASE_BUFFERS and
* the CVE-2011-4576 fix, and as such it can't use RELEASE_BUFFERS and
* SSL3 safely at the same time.
*/
#define DISABLE_SSL3_HANDSHAKE
@ -797,9 +797,9 @@ tor_tls_context_new(crypto_pk_env_t *identity, unsigned int key_lifetime,
SSLeay() < 0x0090813fL ||
(SSLeay() >= 0x00909000L &&
SSLeay() < 0x1000006fL)) {
/* And not SSL3 if it's subject to CVE-2011-4657. */
/* And not SSL3 if it's subject to CVE-2011-4576. */
log_info(LD_NET, "Disabling SSLv3 because this OpenSSL version "
"might otherwise be vulnerable to CVE-2011-4657 "
"might otherwise be vulnerable to CVE-2011-4576 "
"(compile-time version %08lx (%s); "
"runtime version %08lx (%s))",
(unsigned long)OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT,

12782
src/config/geoip
View File

File diff suppressed because it is too large Load Diff

4
src/or/Makefile.am
View File

@ -74,9 +74,9 @@ micro-revision.i: FORCE
or_sha1.i: $(tor_SOURCES)
if test "@SHA1SUM@" != none; then \
@SHA1SUM@ $(tor_SOURCES) | @SED@ -n 's/^\(.*\)$$/"\1\\n"/p' > or_sha1.i; \
"@SHA1SUM@" $(tor_SOURCES) | "@SED@" -n 's/^\(.*\)$$/"\1\\n"/p' > or_sha1.i; \
elif test "@OPENSSL@" != none; then \
@OPENSSL@ sha1 $(tor_SOURCES) | @SED@ -n 's/SHA1(\(.*\))= \(.*\)/"\2 \1\\n"/p' > or_sha1.i; \
"@OPENSSL@" sha1 $(tor_SOURCES) | "@SED@" -n 's/SHA1(\(.*\))= \(.*\)/"\2 \1\\n"/p' > or_sha1.i; \
else \
rm or_sha1.i; \
touch or_sha1.i; \

2
src/or/config.c
View File

@ -820,7 +820,7 @@ add_default_trusted_dir_authorities(authority_type_t type)
"208.83.223.34:443 0AD3 FA88 4D18 F89E EA2D 89C0 1937 9E0E 7FD9 4417",
"maatuska orport=80 no-v2 "
"v3ident=49015F787433103580E3B66A1707A00E60F2D15B "
"213.115.239.118:443 BD6A 8292 55CB 08E6 6FBE 7D37 4836 3586 E46B 3810",
"171.25.193.9:443 BD6A 8292 55CB 08E6 6FBE 7D37 4836 3586 E46B 3810",
NULL
};
for (i=0; dirservers[i]; i++) {

6
src/or/routerlist.c
View File

@ -504,9 +504,9 @@ authority_certs_fetch_missing(networkstatus_t *status, time_t now)
if (download_status_is_ready(&cl->dl_status, now,
MAX_CERT_DL_FAILURES) &&
!digestmap_get(pending, voter->identity_digest)) {
log_notice(LD_DIR, "We're missing a certificate from authority "
"with signing key %s: launching request.",
hex_str(sig->signing_key_digest, DIGEST_LEN));
log_info(LD_DIR, "We're missing a certificate from authority "
"with signing key %s: launching request.",
hex_str(sig->signing_key_digest, DIGEST_LEN));
smartlist_add(missing_digests, sig->identity_digest);
}
} SMARTLIST_FOREACH_END(sig);