Commit Graph

11270 Commits

Author SHA1 Message Date
Roger Dingledine 7da1ae7adf Merge branch 'maint-0.2.1' into release-0.2.1 2012-01-05 06:43:13 -05:00
Roger Dingledine df17b62d54 add a changes file for ticket 4825 2012-01-05 06:42:26 -05:00
Roger Dingledine 0b74f64275 Merge branch 'maint-0.2.1' into release-0.2.1 2012-01-05 06:38:15 -05:00
Karsten Loesing 1db1b23a7b Update to the January 2012 GeoIP database. 2012-01-05 11:10:57 +01:00
Nick Mathewson 120a745346 Bug 4786 fix: don't convert EARLY to RELAY on v1 connections
We used to do this as a workaround for older Tors, but now it's never
the correct thing to do (especially since anything that didn't
understand RELAY_EARLY is now deprecated hard).
2011-12-28 15:54:06 -05:00
Nick Mathewson 887bddb7e7 Tweak changelog a little 2011-12-15 14:23:21 -05:00
Nick Mathewson fbfc8e032f Copy 0.2.1.32 changelog entry into releasenotes 2011-12-15 13:17:05 -05:00
Nick Mathewson c30ac81d40 Bump the version to 0.2.1.32 2011-12-15 12:01:07 -05:00
Nick Mathewson aea35fbb1b Changelog and blurb for 0.2.1.32 2011-12-15 11:38:00 -05:00
Nick Mathewson 03c7d9e992 Merge branch 'maint-0.2.1' into release-0.2.1 2011-12-15 11:35:23 -05:00
Nick Mathewson 9d0777839b Add a fix for the buf_pullup bug that Vektor reported 2011-12-15 11:28:24 -05:00
Nick Mathewson 5eff44ca8e Update the release-0.2.1 changelog while I am at it 2011-12-14 16:09:13 -05:00
Nick Mathewson 67357ca9f3 Merge branch 'maint-0.2.1' into release-0.2.1 2011-12-14 16:06:03 -05:00
Karsten Loesing ff2c9acbb3 Update to the December 2011 GeoIP database. 2011-12-08 09:55:44 +01:00
Nick Mathewson 13f02c387f Merge remote-tracking branch 'karsten/geoip-november2011' into maint-0.2.1 2011-11-14 11:10:10 -05:00
Karsten Loesing 6d45c6d548 Update to the November 2011 GeoIP database. 2011-11-07 14:23:48 +01:00
Sebastian Hahn be6928d6e7 Add a changes file for 4410 2011-11-06 18:00:10 +01:00
Dan Rosenberg d5161ab895 Fix remotely triggerable assert during ip decryption
Fixes bug 4410.
2011-11-06 17:23:14 +01:00
Roger Dingledine e234c1cd23 minor cleanup on already published changelog text 2011-10-27 20:16:33 -04:00
Roger Dingledine abd34f1527 Merge branch 'maint-0.2.1' into release-0.2.1 2011-10-27 20:02:58 -04:00
Roger Dingledine 5d3095152e bump maint to 0.2.1.31 2011-10-27 20:01:58 -04:00
Roger Dingledine e740ac08c6 slight tweak to text 2011-10-26 18:24:05 -04:00
Roger Dingledine 4f699cd24a opt for a short and sweet release blurb for 0.2.1.31.
anybody who's reading it to decide whether to use it should not be
using it.
2011-10-26 18:09:28 -04:00
Roger Dingledine 484240c4b8 bump to 0.2.1.31 2011-10-26 18:03:26 -04:00
Roger Dingledine 6bb9bd17d0 fold in changes files 2011-10-26 18:02:13 -04:00
Roger Dingledine 6097b8eefc Merge branch 'maint-0.2.1' into release-0.2.1 2011-10-26 17:41:24 -04:00
Robert Ransom a74e7fd40f Reject create cells on outgoing OR connections from bridges 2011-10-26 23:21:14 +02:00
Robert Ransom c05bb53508 Mark which OR connections are outgoing 2011-10-26 23:21:11 +02:00
Roger Dingledine 031d8fcdab merge in more changes entries 2011-10-26 17:21:07 -04:00
Robert Ransom af12c39d6d Don't use any OR connection which sent us a CREATE_FAST cell for an EXTEND
Fix suggested by Nick Mathewson.
2011-10-26 23:20:56 +02:00
Nick Mathewson 638fdedcf1 Don't send a certificate chain on outgoing TLS connections from non-relays 2011-10-26 23:20:56 +02:00
Roger Dingledine 9f61d8a3b3 Merge branch 'maint-0.2.1' into release-0.2.1 2011-10-26 17:13:18 -04:00
Nick Mathewson a166f10414 Remove the -F option from tor-resolve.
It used to mean "Force": it would tell tor-resolve to ask tor to
resolve an address even if it ended with .onion.  But when
AutomapHostsOnResolve was added, automatically refusing to resolve
.onion hosts stopped making sense.  So in 0.2.1.16-rc (commit
298dc95dfd), we made tor-resolve happy to resolve anything.

The -F option stayed in, though, even though it didn't do anything.
Oddly, it never got documented.

Found while fixing GCC 4.6 "set, unused variable" warnings.
2011-10-26 17:13:04 -04:00
Roger Dingledine a68867b150 manually backport a5232e0c4c 2011-10-26 17:11:52 -04:00
Roger Dingledine 9ac4ceb0d4 Merge branch 'maint-0.2.1' into release-0.2.1 2011-10-26 16:34:20 -04:00
Roger Dingledine cecc5b7aa1 stop asserting at boot
The patch for 3228 made us try to run init_keys() before we had loaded
our state file, resulting in an assert inside init_keys. We had moved
it too early in the function.

Now it's later in the function, but still above the accounting calls.
2011-10-26 22:09:44 +02:00
Nick Mathewson 55d9e4b8ba Reinit keys at the start of options_act().
Previously we did this nearer to the end (in the old_options &&
transition_affects_workers() block).  But other stuff cares about
keys being consistent with options... particularly anything which
tries to access a key, which can die in assert_identity_keys_ok().

Fixes bug 3228; bugfix on 0.2.2.18-alpha.

Conflicts:

	src/or/config.c
2011-10-26 22:09:44 +02:00
Robert Ransom 62c29a93ba Don't crash a bridge authority on SIGHUP if it's not in the consensus
Fixes bug 2572.
2011-10-26 22:09:44 +02:00
Sebastian Hahn 9082898944 Fix assert for relay/bridge state change
When we added support for separate client tls certs on bridges in
a2bb0bfdd5 we forgot to correctly initialize this when changing
from relay to bridge or vice versa while Tor is running. Fix that
by always initializing keys when the state changes.

Fixes bug 2433.

Conflicts:

	src/or/config.c
2011-10-26 22:09:44 +02:00
Nick Mathewson d0a91386e5 Don't crash when accountingmax is set in non-server Tors
We use a hash of the identity key to seed a prng to tell when an
accounting period should end.  But thanks to the bug998 changes,
clients no longer have server-identity keys to use as a long-term seed
in accounting calculations.  In any case, their identity keys (as used
in TLS) were never never fixed.  So we can just set the wakeup time
from a random seed instead there.  Still open is whether everybody
should be random.

This patch fixes bug 2235, which was introduced in 0.2.2.18-alpha.

Diagnosed with help from boboper on irc.
2011-10-26 14:20:47 +02:00
Sebastian Hahn 3a890b3b70 Properly refcount client_identity_key
In a2bb0bf we started using a separate client identity key. When we are
in "public server mode" (that means not a bridge) we will use the same
key. Reusing the key without doing the proper refcounting leads to a
segfault on cleanup during shutdown. Fix that.

Also introduce an assert that triggers if our refcount falls below 0.
That should never happen.
2011-10-26 14:17:01 +02:00
Nick Mathewson dc557e8164 Add some asserts to get_{tlsclient|server}_identity_key
We now require that:
  - Only actual servers should ever call get_server_identity_key
  - If you're being a client or bridge, the client and server keys should
    differ.
  - If you're being a public relay, the client and server keys
    should be the same.
2011-10-26 14:16:54 +02:00
Nick Mathewson 2a2301e411 Rename get_client_identity_key to get_tlsclient_identity_key 2011-10-26 14:16:34 +02:00
Robert Ransom 59e565e2a2 Maintain separate server and client identity keys when appropriate.
Fixes a bug described in ticket #988.

Conflicts:

	src/or/main.c
	src/or/router.c
2011-10-26 14:16:20 +02:00
Nick Mathewson 299a78c5fe Make crypto_free_pk_env tolerate NULL arg in 0.2.1. Error-proofing against bug 988 backport 2011-10-26 14:14:05 +02:00
Robert Ransom 9976df9e56 Maintain separate server and client TLS contexts.
Fixes bug #988.

Conflicts:

	src/or/main.c
	src/or/router.c
2011-10-26 14:13:55 +02:00
Robert Ransom 8781640111 Refactor tor_tls_context_new:
* Make tor_tls_context_new internal to tortls.c, and return the new
  tor_tls_context_t from it.

* Add a public tor_tls_context_init wrapper function to replace it.

Conflicts:

	src/or/main.c
	src/or/router.c
2011-10-26 14:08:36 +02:00
Robert Ransom 07ab559a8e Add public_server_mode function. 2011-10-26 14:03:43 +02:00
Roger Dingledine 7c29b6996e Merge branch 'maint-0.2.1' into release-0.2.1 2011-10-26 07:39:01 -04:00
Nick Mathewson c5a3664f27 Fix zlib macro brokenness on osx with zlib 1.2.4 and higher.
From the code:
   zlib 1.2.4 and 1.2.5 do some "clever" things with macros.  Instead of
   saying "(defined(FOO) ? FOO : 0)" they like to say "FOO-0", on the theory
   that nobody will care if the compile outputs a no-such-identifier warning.

   Sorry, but we like -Werror over here, so I guess we need to define these.
   I hope that zlib 1.2.6 doesn't break these too.

Possible fix for bug 1526.
2011-10-26 07:30:11 -04:00