Merge branch 'maint-0.2.2' into release-0.2.2
This commit is contained in:
commit
d188563f72
|
@ -0,0 +1,5 @@
|
|||
o Minor features:
|
||||
- Tor used to limit HttpProxyAuthenticator values to 48 characters.
|
||||
Changed the limit to 512 characters by removing base64 newlines.
|
||||
Fixes bug 2752. Fix by Michael Yakubovich.
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
o Major bugfixes:
|
||||
- When we configure a new bridge via the controller, don't wait up
|
||||
to ten seconds before trying to fetch its descriptor. Bugfix on
|
||||
0.2.0.3-alpha; fixes bug 3198 (suggested by 2355).
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes:
|
||||
- Require that onion keys have exponent 65537 in microdescriptors too.
|
||||
Fixes part of bug 3207; bugfix on 0.2.2.25-alpha
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
o Major bugfixes:
|
||||
- Fix a crash bug when changing bridges in a running Tor process.
|
||||
Fixes bug 3213; bugfix on 0.2.2.26-beta.
|
||||
|
|
@ -4539,7 +4539,7 @@ get_configured_bridge_by_addr_port_digest(const tor_addr_t *addr,
|
|||
!tor_addr_compare(&bridge->addr, addr, CMP_EXACT) &&
|
||||
bridge->port == port)
|
||||
return bridge;
|
||||
if (tor_memeq(bridge->identity, digest, DIGEST_LEN))
|
||||
if (digest && tor_memeq(bridge->identity, digest, DIGEST_LEN))
|
||||
return bridge;
|
||||
}
|
||||
SMARTLIST_FOREACH_END(bridge);
|
||||
|
|
|
@ -3398,8 +3398,8 @@ options_validate(or_options_t *old_options, or_options_t *options,
|
|||
}
|
||||
|
||||
if (options->HTTPProxyAuthenticator) {
|
||||
if (strlen(options->HTTPProxyAuthenticator) >= 48)
|
||||
REJECT("HTTPProxyAuthenticator is too long (>= 48 chars).");
|
||||
if (strlen(options->HTTPProxyAuthenticator) >= 512)
|
||||
REJECT("HTTPProxyAuthenticator is too long (>= 512 chars).");
|
||||
}
|
||||
|
||||
if (options->HTTPSProxy) { /* parse it now */
|
||||
|
@ -3412,8 +3412,8 @@ options_validate(or_options_t *old_options, or_options_t *options,
|
|||
}
|
||||
|
||||
if (options->HTTPSProxyAuthenticator) {
|
||||
if (strlen(options->HTTPSProxyAuthenticator) >= 48)
|
||||
REJECT("HTTPSProxyAuthenticator is too long (>= 48 chars).");
|
||||
if (strlen(options->HTTPSProxyAuthenticator) >= 512)
|
||||
REJECT("HTTPSProxyAuthenticator is too long (>= 512 chars).");
|
||||
}
|
||||
|
||||
if (options->Socks4Proxy) { /* parse it now */
|
||||
|
|
|
@ -3232,8 +3232,17 @@ alloc_http_authenticator(const char *authenticator)
|
|||
authenticator, authenticator_length) < 0) {
|
||||
tor_free(base64_authenticator); /* free and set to null */
|
||||
} else {
|
||||
/* remove extra \n at end of encoding */
|
||||
base64_authenticator[strlen(base64_authenticator) - 1] = 0;
|
||||
int i = 0, j = 0;
|
||||
int len = strlen(base64_authenticator);
|
||||
|
||||
/* remove all newline occurrences within the string */
|
||||
for (i=0; i < len; ++i) {
|
||||
if ('\n' != base64_authenticator[i]) {
|
||||
base64_authenticator[j] = base64_authenticator[i];
|
||||
++j;
|
||||
}
|
||||
}
|
||||
base64_authenticator[j]='\0';
|
||||
}
|
||||
return base64_authenticator;
|
||||
}
|
||||
|
|
|
@ -924,8 +924,6 @@ run_scheduled_events(time_t now)
|
|||
if (time_to_try_getting_descriptors < now) {
|
||||
update_router_descriptor_downloads(now);
|
||||
update_extrainfo_downloads(now);
|
||||
if (options->UseBridges)
|
||||
fetch_bridge_descriptors(options, now);
|
||||
if (router_have_minimum_dir_info())
|
||||
time_to_try_getting_descriptors = now + LAZY_DESCRIPTOR_RETRY_INTERVAL;
|
||||
else
|
||||
|
@ -938,6 +936,9 @@ run_scheduled_events(time_t now)
|
|||
now + DESCRIPTOR_FAILURE_RESET_INTERVAL;
|
||||
}
|
||||
|
||||
if (options->UseBridges)
|
||||
fetch_bridge_descriptors(options, now);
|
||||
|
||||
/** 1b. Every MAX_SSL_KEY_LIFETIME seconds, we change our TLS context. */
|
||||
if (!last_rotated_x509_certificate)
|
||||
last_rotated_x509_certificate = now;
|
||||
|
|
|
@ -4336,6 +4336,11 @@ microdescs_parse_from_string(const char *s, const char *eos,
|
|||
}
|
||||
|
||||
tok = find_by_keyword(tokens, K_ONION_KEY);
|
||||
if (!crypto_pk_public_exponent_ok(tok->key)) {
|
||||
log_warn(LD_DIR,
|
||||
"Relay's onion key had invalid exponent.");
|
||||
goto next;
|
||||
}
|
||||
md->onion_pkey = tok->key;
|
||||
tok->key = NULL;
|
||||
|
||||
|
|
Loading…
Reference in New Issue