Commit Graph

11634 Commits

Author SHA1 Message Date
Sebastian Hahn
c54e33e442 New testcase for exit_policy_is_general_exit 2010-02-03 05:44:05 +01:00
Sebastian Hahn
03bd98b3b1 Don't assign Exit flag incorrectly
exit_policy_is_general_exit() assumed that there are no redundancies
in the passed policy, in the sense that we actively combine entries
in the policy to really get rid of any redundancy. Since we cannot
do that without massively rewriting the policy lines the relay
operators set, fix exit_policy_is_general_exit().

Fixes bug 1238, discovered by Martin Kowalczyk.
2010-02-03 05:44:00 +01:00
Nick Mathewson
c7a2efb380 Add a changelog entry for fixing bug 1237.
We don't have such an entry for 0.2.1.x, since bug 1237 never made it
into a released version of 0.2.1.x.
2010-02-02 16:22:12 -05:00
Nick Mathewson
1a2129e3f7 Merge remote branch 'origin/maint-0.2.1' 2010-02-02 16:21:17 -05:00
Nick Mathewson
f6ff14a82e Link libssl and libcrypto in the right order.
For most linking setups, this doesn't matter.  But for some setups, when
statically linking openssl, it does matter, since you need to link things
with dependencies before you link things they depend on.

Fix for bug 1237.
2010-02-02 16:12:45 -05:00
Nick Mathewson
3a8ad7bfd8 add a2x intermediate files to gitignore 2010-01-31 22:53:40 -05:00
Nick Mathewson
5314438799 Merge remote branch 'origin/maint-0.2.1' 2010-01-31 22:53:19 -05:00
Nick Mathewson
abd447f876 Revise OpenSSL fix to work with OpenSSL 1.0.0beta*
In brief: you mustn't use the SSL3_FLAG solution with anything but 0.9.8l,
and you mustn't use the SSL_OP solution with anything before 0.9.8m, and
you get in _real_ trouble if you try to set the flag in 1.0.0beta, since
they use it for something different.

For the ugly version, see my long comment in tortls.c
2010-01-31 22:48:29 -05:00
Nick Mathewson
445e95b129 Merge commit 'origin/maint-0.2.1'
Conflicts:
	src/common/tortls.c
2010-01-29 17:20:59 -05:00
Nick Mathewson
1744e447a1 Decide whether to use SSL flags based on runtime OpenSSL version.
We need to do this because Apple doesn't update its dev-tools headers
when it updates its libraries in a security patch.  On the bright
side, this might get us out of shipping a statically linked OpenSSL on
OSX.

May fix bug 1225.

[backported]
2010-01-29 17:17:47 -05:00
Nick Mathewson
4905eaa38c Detect the correct versions of openssl for tls negotiation fix
Since it doesn't seem to hurt, we should use _both_ fixes whenever
we see OpenSSL 0.9.7L .. 0.9.8, or OpenSSL 0.9.8L..
2010-01-29 17:11:20 -05:00
Nick Mathewson
8d68e5c748 Decide whether to use SSL flags based on runtime OpenSSL version.
We need to do this because Apple doesn't update its dev-tools headers
when it updates its libraries in a security patch.  On the bright
side, this might get us out of shipping a statically linked OpenSSL on
OSX.

May fix bug 1225.
2010-01-29 17:02:17 -05:00
Nick Mathewson
f75f7322b9 Clarify a paragraph in prop 169. 2010-01-29 16:39:27 -05:00
Sebastian Hahn
e015fe8b09 Make sure docdir is defined when making doc/
Apparently some autoconf versions need this, while others don't.
This means documentation will be installed into share/doc/tor/.
2010-01-28 09:03:21 +01:00
Sebastian Hahn
32c1863a67 Fix building the tarball
This removes the Makefile.am from doc/design-paper and replaces it with
a static Makefile. We don't need to call it during the normal Tor build
process, as we don't need its targets normally. Keeping it around in
case we want to rebuild the pdf or ps files later.
2010-01-28 09:03:21 +01:00
Nick Mathewson
c5380d6064 The name for the proposal status of 151 is "finished", not "Implemented" 2010-01-28 00:04:45 -05:00
Nick Mathewson
380d00246b Proposal 169: Eliminate TLS renegotiation
I propose a backward-compatible change to the Tor connection
establishment protocol to avoid the use of TLS
renegotiation.

Rather than doing a TLS renegotiation to exchange
certificates and authenticate the original handshake, this
proposal takes an approach similar to Steven Murdoch's
proposal 124, and uses Tor cells to authenticate the
parties' identities once the initial TLS handshake is
finished.
2010-01-28 00:04:25 -05:00
Sebastian Hahn
02889bae21 Fix comments for getinfo_helper_t
rieo pointed out something isn't right here
2010-01-27 22:12:43 +01:00
Sebastian Hahn
ca148f7219 Clean the man and html files with make (dist)clean 2010-01-27 20:23:13 +01:00
Sebastian Hahn
2c0ad636d9 Stop shipping the design paper in the tarballs 2010-01-27 20:09:19 +01:00
Nick Mathewson
0d51a2537a Fix ChangeLog entry for asciidoc branch. 2010-01-27 13:27:53 -05:00
Nick Mathewson
a379a0a488 Merge remote branch 'sebastian/manpage' 2010-01-27 13:24:05 -05:00
Nick Mathewson
f1d1b2f27b Bump version to 0.2.2.8-alpha-dev 2010-01-27 13:22:20 -05:00
Nick Mathewson
e407c1adab Add a comment explaining the doc build system
Updated a little by Sebastian
2010-01-27 12:19:58 +01:00
Nick Mathewson
0c81d4c62b Make the asciidoc build process work from outside top_srcdir
Edited a little by Sebastian
2010-01-27 12:13:10 +01:00
Sebastian Hahn
1a3f42d1d0 Fix a few typos in the manpage, and reword the DisableAllSwap entry 2010-01-27 12:13:10 +01:00
Sebastian Hahn
a330cdc6fb Convert the Tor manpage to asciidoc.
This should be a very faithful conversion, preserving as much of the layout
of the old manpage as possible. This wasn't possible for the nt-service
and the DataDirectory/state parts. See a later commit for some small
cleanups.

Tiago Faria helped with the asciidoc conversion, big thanks!
2010-01-27 12:13:10 +01:00
Sebastian Hahn
ce860d8efd Convert the tor-resolve manpage to asciidoc 2010-01-27 12:13:10 +01:00
Sebastian Hahn
59a9908f66 Convert the torify manpage to asciidoc 2010-01-27 12:13:10 +01:00
Sebastian Hahn
2fc0c3031b Convert the tor-gencert manpage to asciidoc 2010-01-27 12:13:10 +01:00
Sebastian Hahn
9fe1c000b0 Allow generating documentation from asciidoc in the Makefile 2010-01-27 12:13:05 +01:00
Sebastian Hahn
3efadcd0d5 Move the torify manpage into the doc dir 2010-01-27 11:36:39 +01:00
Sebastian Hahn
f6a673490f Stop putting parts of the website into tarballs.
The website wasn't used by our packages, and most users will not know how
to open html.en files anyways.
2010-01-27 11:36:39 +01:00
Roger Dingledine
ff88bc7db8 0.2.2.8-alpha is coming out today sometime 2010-01-26 13:11:58 -05:00
Karsten Loesing
7e65871ccc Fix a memory corruption bug while collecting bridge stats
We accidentally freed the internal buffer for bridge stats when we
were writing the bridge stats file or honoring a control port
request for said data. Change the interfaces for
geoip_get_bridge_stats* to prevent these problems, and remove the
offending free/add a tor_strdup.

Fixes bug 1208.
2010-01-26 11:55:43 +01:00
Nick Mathewson
2d3f21e9ee Merge commit 'sebastian/quiet' 2010-01-25 14:39:20 -05:00
Nick Mathewson
df3812ede1 Rearrange _thread_test_func to please Coverity Scan
I believe  that since  we were allocating  *cp while holding  a mutex,
coverity deduced that  *cp must be protected by  that mutex, and later
flipped out  when we didn't  use it  that way. If  this is so,  we can
solve our problems by moving the *cp = tor_strdup(buf) part outside of
the mutex-protected code.
2010-01-25 14:12:37 -05:00
Nick Mathewson
2590d733f4 Try to untangle the logic in server_port_flush
It's a bit confusing to have a loop where another function,
confusingly named "*_free", is responsible for advancing the loop
variable (or rather, for altering a structure so that the next time
the loop variable's initializer is evaluated it evaluates to something
different.)

Not only has this confused people: it's also confused coverity scan.
Let's fix that.
2010-01-25 14:09:58 -05:00
Nick Mathewson
ab87b61a9d Don't unlock a new log until done logging the tor version.
This might please coverity scan.
2010-01-25 14:09:18 -05:00
Sebastian Hahn
7e89cc31ab Be quieter about failing to decode authority digests
This was freaking out some relay operators without good reason, as
it is nothing the relay operator can do anything about anyways.

Quieting this warning suggested by rieo.
2010-01-25 18:05:20 +01:00
Nick Mathewson
a93cabd9ab Since dump_microdescriptor() can return -1; make its type ssize_t 2010-01-24 16:24:47 -05:00
Peter Palfrader
256861023e Handle errors reported by fwrite() in dump_microdescriptor()
Does not deal with error handling in dump_microdescriptor's callers.
2010-01-24 15:05:20 -05:00
Nick Mathewson
0552deb613 Merge commit 'origin/maint-0.2.1'
Resolved conflicts in:
	configure.in
	src/or/Makefile.am
	src/tools/Makefile.am
2010-01-24 15:03:45 -05:00
Nick Mathewson
b6038f4ac6 Add --enable-static-(openssl|libevent) options
These options only work when using --with-(openssl|libevent)-dir to
explicitly pick a libevent or openssl location.
2010-01-24 14:34:47 -05:00
Peter Palfrader
ca60a6ce3f New configure option: --enable-gcc-warnings-advisory
the new configure option --enable-gcc-warnings-advisory enables
all the gcc flags that --enable-gcc-warnings does with the
exception of -Werror.
2010-01-24 13:51:40 -05:00
Nick Mathewson
3b4b6009a0 Merge remote branch 'origin/maint-0.2.1' 2010-01-23 20:46:57 -05:00
Nick Mathewson
aec4aea190 Fix two rare leaks spotted by rieo. 2010-01-23 20:46:38 -05:00
Nick Mathewson
4ad5094c90 Avoid a possible crash in tls_log_errors.
We were checking for msg==NULL, but not lib or proc.  This case can
only occur if we have an error whose string we somehow haven't loaded,
but it's worth coding defensively here.

Spotted by rieo on IRC.
2010-01-22 16:32:15 -05:00
Roger Dingledine
2309d0caae make the 0.2.2.7-alpha changelog actually complete.
weasel makes a good point.
2010-01-20 15:39:23 -05:00
Nick Mathewson
d4354b506b Don't use OutboundBindAddress to connect to localhost
The OutboundBindAddress option is useful for making sure that all of
your outbond connections use a given interface.  But when connecting
to 127.0.0.1 (or ::1 even) it's important to actually have the
connection come _from_ localhost, since lots of programs running on
localhost use the source address to authenticate that the connection
is really coming from the same host.

Our old code always bound to OutboundBindAddress, whether connecting
to localhost or not.  This would potentially break DNS servers on
localhost, and socks proxies on localhost.  This patch changes the
behavior so that we only look at OutboundBindAddress when connecting
to a non-loopback address.
2010-01-20 13:09:10 -05:00