Merge remote-tracking branch 'public/bug15205_025' into maint-0.2.5
This commit is contained in:
commit
eecd410984
|
@ -0,0 +1,4 @@
|
|||
o Major bugfixes (FreeBSD IPFW transparent proxy):
|
||||
- Fix address detection with FreeBSD transparent proxies,
|
||||
when "TransProxyType ipfw" is in use.
|
||||
Fixes bug 15064; bugfix on 0.2.5.4-alpha.
|
|
@ -0,0 +1,5 @@
|
|||
o Major bugfixes (crash, OSX, security):
|
||||
- Fix a remote denial-of-service opportunity caused by a bug
|
||||
in OSX's _strlcat_chk() function. Fixes bug 15205; bug first
|
||||
appeared in OSX 10.9.
|
||||
|
|
@ -224,6 +224,18 @@ extern INLINE double U64_TO_DBL(uint64_t x) {
|
|||
#define strncasecmp _strnicmp
|
||||
#define strcasecmp _stricmp
|
||||
#endif
|
||||
|
||||
#if defined __APPLE__
|
||||
/* On OSX 10.9 and later, the overlap-checking code for strlcat would
|
||||
* appear to have a severe bug that can sometimes cause aborts in Tor.
|
||||
* Instead, use the non-checking variants. This is sad.
|
||||
*
|
||||
* See https://trac.torproject.org/projects/tor/ticket/15205
|
||||
*/
|
||||
#undef strlcat
|
||||
#undef strlcpy
|
||||
#endif
|
||||
|
||||
#ifndef HAVE_STRLCAT
|
||||
size_t strlcat(char *dst, const char *src, size_t siz) ATTR_NONNULL((1,2));
|
||||
#endif
|
||||
|
|
|
@ -1531,7 +1531,8 @@ connection_ap_get_original_destination(entry_connection_t *conn,
|
|||
if (options->TransProxyType_parsed == TPT_PF_DIVERT)
|
||||
return destination_from_socket(conn, req);
|
||||
|
||||
if (options->TransProxyType_parsed == TPT_DEFAULT)
|
||||
if (options->TransProxyType_parsed == TPT_DEFAULT ||
|
||||
options->TransProxyType_parsed == TPT_IPFW)
|
||||
return destination_from_pf(conn, req);
|
||||
|
||||
(void)conn;
|
||||
|
|
Loading…
Reference in New Issue