- tor-commits - lists.torproject.org

[tor/master] Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
by nickm＠torproject.org 16 May '11

16 May '11

1 0

[tor/master] rm files for changes merged in all of release021, release022, master
by nickm＠torproject.org 16 May '11

16 May '11

commit 0d94f78705d5376059cd2b1bdfe96e84067e212f Author: Nick Mathewson <nickm(a)torproject.org> Date: Mon May 16 16:17:35 2011 -0400 rm files for changes merged in all of release021, release022, master --- changes/all_descs | 4 ---- changes/annotations_fix | 10 ---------- changes/bug1074-part2 | 6 ------ changes/bug1125 | 8 -------- changes/bug1141 | 5 ----- changes/bug1172 | 9 --------- changes/bug1840 | 7 ------- changes/bug1859 | 9 --------- changes/bug1981 | 6 ------ changes/bug2050 | 5 ----- changes/bug2190 | 6 ------ changes/bug2305 | 5 ----- changes/bug2313 | 4 ---- changes/bug2324 | 4 ---- changes/bug2324_uncompress | 5 ----- changes/bug2326 | 6 ------ changes/bug2328 | 9 --------- changes/bug2332 | 4 ---- changes/bug2352 | 6 ------ changes/bug2384 | 6 ------ changes/bug2402_redux | 6 ------ changes/bug2408 | 6 ------ changes/bug2470 | 5 ----- changes/bug2475 | 5 ----- changes/bug2629 | 5 ----- changes/bug2750 | 6 ------ changes/bug2933 | 4 ---- changes/dhparam | 3 --- changes/fix2204 | 7 ------- changes/forget-rend-descs-on-newnym | 9 --------- changes/gabelmoo-newip | 3 --- changes/geoip-apr2011 | 3 --- changes/geoip-dec2010 | 3 --- changes/geoip-feb2011 | 3 --- changes/geoip-jan2011 | 3 --- changes/geoip-mar2011 | 3 --- changes/geoip-oct2010 | 3 --- changes/geoip-sep2010 | 3 --- changes/geoip-update-august2010 | 3 --- changes/geoip-update-june2010 | 2 -- changes/ipv6_crash | 4 ---- changes/maatuska-new-v3auth | 3 --- changes/mingw-openssl098m | 3 --- changes/misc-reason | 3 --- changes/new-geoip-db | 5 ----- changes/openbsd-sysheaders | 4 ---- changes/policy_summarize-assert | 6 ------ changes/remove-debian | 5 ----- changes/remove-website | 5 ----- changes/routerparse_maxima | 4 ---- changes/security_bug | 5 ----- changes/tolen_asserts | 8 -------- changes/torspec.git | 5 ----- changes/zlib_aint_openssl | 3 --- 54 files changed, 0 insertions(+), 272 deletions(-) diff --git a/changes/all_descs b/changes/all_descs deleted file mode 100644 index 10711b2..0000000 --- a/changes/all_descs +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes (bridge authority) - - Do not allow encrypte requests for "all" bridges to return all - bridges. - diff --git a/changes/annotations_fix b/changes/annotations_fix deleted file mode 100644 index b259a30..0000000 --- a/changes/annotations_fix +++ /dev/null @@ -1,10 +0,0 @@ - o Major bugfixes - - Do even more to reject (and not just ignore) annotations on - router descriptors received anywhere but from the cache. - Previously we would ignore such annotations at first, but cache - them to disk anyway. Bugfix on 0.2.0.8-alpha. Found by piebeer. - - o Minor bugfixes - - Enforce multiplicity rules when parsing annotations. Bugfix on - 0.2.0.8-alpha. Found by piebeer. - diff --git a/changes/bug1074-part2 b/changes/bug1074-part2 deleted file mode 100644 index 6644f49..0000000 --- a/changes/bug1074-part2 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes: - - Stop sending a CLOCK_SKEW controller status event whenever - we fetch directory information from a relay that has a wrong clock. - Instead, only inform the controller when it's a trusted authority - that claims our clock is wrong. Bugfix on tor-0.1.2.6-alpha; - fixes the other half of bug 1074. diff --git a/changes/bug1125 b/changes/bug1125 deleted file mode 100644 index 1331246..0000000 --- a/changes/bug1125 +++ /dev/null @@ -1,8 +0,0 @@ - o Major bugfixes - - Do not log messages to the controller while shrinking buffer - freelists. Doing so would sometimes make the controller - connection try to allocate a buffer chunk, which would mess - up the internals of the freelist and cause an assertion - failure. Fixes bug 1125; fixed by Robert Ransom. Bugfix on - Tor 0.2.0.16-alpha. - diff --git a/changes/bug1141 b/changes/bug1141 deleted file mode 100644 index 9975e41..0000000 --- a/changes/bug1141 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes: - - Fix an assertion failure that could occur in caches or bridge users - when using a very short voting interval on a testing network. - Diagnosed by Robert Hogan. Fixes bug 1141; bugfix on 0.2.0.8-alpha. - diff --git a/changes/bug1172 b/changes/bug1172 deleted file mode 100644 index 3abd743..0000000 --- a/changes/bug1172 +++ /dev/null @@ -1,9 +0,0 @@ - o Minor bugfixes: - - When we restart our relay, we might get a successful connection - from the outside before we've started our reachability tests, - triggering a warning: "ORPort found reachable, but I have no - routerinfo yet. Failing to inform controller of success." This - bug was harmless unless Tor is running under a controller - like Vidalia, in which case the controller would never get a - REACHABILITY_SUCCEEDED status event. Bugfix on 0.1.2.6-alpha; - fixes bug 1172. diff --git a/changes/bug1840 b/changes/bug1840 deleted file mode 100644 index 0ef2b98..0000000 --- a/changes/bug1840 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes: - - Allow handshaking OR connections to take a full KeepalivePeriod - seconds to handshake. Previously, we would close them after - IDLE_OR_CONN_TIMEOUT seconds, as if they were open. This is a - bugfix on 0.2.1.26. Thanks to mingw-san for analysis help. Fixes - bug 1840. - diff --git a/changes/bug1859 b/changes/bug1859 deleted file mode 100644 index 5b139f3..0000000 --- a/changes/bug1859 +++ /dev/null @@ -1,9 +0,0 @@ - o Minor bugfixes: - - Bring the logic that gathers routerinfos and assesses the - acceptability of circuits into line. This prevents a Tor OP from getting - locked in a cycle of choosing its local OR as an exit for a path (due to - a .exit request) and then rejecting the circuit because its OR is not - listed yet. Also prevent Tor clients from using an OR running in the same - instance as an exit (due to a .exit request) if the OR does not meet the - same requirements expected of an OR running elsewhere. - Fixes bug 1859; bugfix on 0.2.0-alpha. diff --git a/changes/bug1981 b/changes/bug1981 deleted file mode 100644 index 3e5e1d3..0000000 --- a/changes/bug1981 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes: - - When you use bridges and your network goes away and your bridges - get marked as down, recover when you attempt a new socks connection - (if the network is back) rather than waiting up to an hour to try - fetching new descriptors for your bridges. Bugfix on 0.2.0.3-alpha; - fixes bug 1981. diff --git a/changes/bug2050 b/changes/bug2050 deleted file mode 100644 index 3e45d34..0000000 --- a/changes/bug2050 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes: - - Learn our external IP address when we're a relay or bridge, even if - we set PublishServerDescriptor to 0. Bugfix on 0.2.0.3-alpha, - where we introduced bridge relays that don't need to publish to - be useful. Fixes bug 2050. diff --git a/changes/bug2190 b/changes/bug2190 deleted file mode 100644 index 92ecba7..0000000 --- a/changes/bug2190 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes - - Prevent calls from Libevent from inside Libevent log handlers. - This had potential to cause a nasty set of crashes, especially if - running Libevent with debug logging enabled, and running Tor - with a controller watching for low-severity log messages. - Bugfix on 0.1.0.2-rc. Fixes bug 2190. diff --git a/changes/bug2305 b/changes/bug2305 deleted file mode 100644 index c979d5f..0000000 --- a/changes/bug2305 +++ /dev/null @@ -1,5 +0,0 @@ - o Build changes - - Tor does not build packages correctly with Automake 1.6 and earlier; - added a check to Makefile.am to make sure that we're building with - Automake 1.7 or later. - diff --git a/changes/bug2313 b/changes/bug2313 deleted file mode 100644 index 0ffbe4a..0000000 --- a/changes/bug2313 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes - - Fix compilation on mingw when a pthreads compatibility library - has been installed. (We don't want to use it, so we shouldn't - be including pthread.h.) Fixes bug 2313; bugfix on 0.1.0.1-rc. diff --git a/changes/bug2324 b/changes/bug2324 deleted file mode 100644 index eefc837..0000000 --- a/changes/bug2324 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes - - Add a check for SIZE_T_MAX to tor_realloc to try to avoid - underflow errors there too. Fixes bug 2324. - diff --git a/changes/bug2324_uncompress b/changes/bug2324_uncompress deleted file mode 100644 index 223a3ce..0000000 --- a/changes/bug2324_uncompress +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (security): - - Prevent a DoS attack by disallowing any zlib-compressed data - whose compression factor is implausibly high. Fixes the - second part of bug2324; found by doors. - diff --git a/changes/bug2326 b/changes/bug2326 deleted file mode 100644 index 239a383..0000000 --- a/changes/bug2326 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes - - Fix a bug where we would assert if we ever had a - cached-descriptors.new file (or another file read directly into - memory) of exactly SIZE_T_CEILING bytes. Found by doors; fixes - bug 2326; bugfix on 0.2.1.25. - diff --git a/changes/bug2328 b/changes/bug2328 deleted file mode 100644 index fee80a1..0000000 --- a/changes/bug2328 +++ /dev/null @@ -1,9 +0,0 @@ - o Minor bugfixes - - Fix a bug where we would declare that we had run out of virtual - addresses when the address space was only half-exhausted. Bugfix - on 0.1.2.1-alpha. - - Correctly handle the case where AutomapHostsOnResolve is set but no - virtual addresses are available. Fixes bug2328, bugfix on - 0.1.2.1-alpha. Bug found by doorss. - - Correctly handle wrapping around to when we run out of virtual address - space. Found by cypherpunks, bugfix on 0.2.0.5-alpha. diff --git a/changes/bug2332 b/changes/bug2332 deleted file mode 100644 index 5f73ddd..0000000 --- a/changes/bug2332 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes - - Fix a bug with handling misformed replies to reverse DNS lookup - requests in DNSPort. Bugfix on Tor 0.2.0.1-alpha. Related to a bug - reported by doorss. diff --git a/changes/bug2352 b/changes/bug2352 deleted file mode 100644 index 744dbdb..0000000 --- a/changes/bug2352 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes - - Fix some potential asserts and partsing issues with grossly - malformed router caches. Fixes bug 2352. Found by doorss. - Bugfix on Tor 0.2.1.27. - - diff --git a/changes/bug2384 b/changes/bug2384 deleted file mode 100644 index ded5eee..0000000 --- a/changes/bug2384 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes - - Zero out a few more keys in memory before freeing them. Fixes bug - 2384 and part of bug 2385. These key instances found by - "cypherpunks". Bugfix on 0.0.2pre9. - - diff --git a/changes/bug2402_redux b/changes/bug2402_redux deleted file mode 100644 index 84be04a..0000000 --- a/changes/bug2402_redux +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes - - Use micro-revision numbers in 0.2.1.x instead: apparently, they - were more used than we had known. (Bugfix on 0.2.1.30). - - Instead of generating our micro-version numbers using SVN revisions, - use git revisions instead. Bugfix on 0.2.1.15-rc; fixes bug 2402. - diff --git a/changes/bug2408 b/changes/bug2408 deleted file mode 100644 index 1d2dbf1..0000000 --- a/changes/bug2408 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes - - Ignore and warn about "PublishServerDescriptor hidserv" torrc - options. The 'hidserv' argument never controlled publication - of hidden service descriptors. Bugfix on 0.2.0.1-alpha. - - diff --git a/changes/bug2470 b/changes/bug2470 deleted file mode 100644 index 8ff97b7..0000000 --- a/changes/bug2470 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes: - - If relays set RelayBandwidthBurst but not RelayBandwidthRate, - Tor would ignore their RelayBandwidthBurst setting, - potentially using more bandwidth than expected. Bugfix on - 0.2.0.1-alpha. Reported by Paul Wouters. Fixes bug 2470. diff --git a/changes/bug2475 b/changes/bug2475 deleted file mode 100644 index d6f0595..0000000 --- a/changes/bug2475 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes: - - Avoid signed/unsigned comparisons by making SIZE_T_CEILING unsigned. - (None of the cases where we did this before were wrong, but by making - this change we can avoid warnings.) Fixes bug2475; bugfix on - Tor 0.2.1.28. diff --git a/changes/bug2629 b/changes/bug2629 deleted file mode 100644 index 87817cf..0000000 --- a/changes/bug2629 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes - - Fix a crash bug that could occur occasionally when a client was - configured with a large number of bridges. Fixes bug 2629; bugfix - on 0.2.1.2-alpha. Bugfix by trac user "shitlei". - diff --git a/changes/bug2750 b/changes/bug2750 deleted file mode 100644 index 4371a0a..0000000 --- a/changes/bug2750 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes - - Correct the warning displayed when a rendezvous descriptor exceeds - the maximum size. Fixes bug 2750; bugfix on 0.2.1.5-alpha. Found - by John Brooks. - - diff --git a/changes/bug2933 b/changes/bug2933 deleted file mode 100644 index 7aaf526..0000000 --- a/changes/bug2933 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes - - Fix an uncommon assertion failure when running with DNSPort under - heavy load. Fixes bug 2933; bugfix on 2.0.1-alpha. - diff --git a/changes/dhparam b/changes/dhparam deleted file mode 100644 index cb31243..0000000 --- a/changes/dhparam +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features - - Adjust our TLS Diffie-Hellman parameters to match those used by - Apache's mod_ssl. diff --git a/changes/fix2204 b/changes/fix2204 deleted file mode 100644 index fb2771a..0000000 --- a/changes/fix2204 +++ /dev/null @@ -1,7 +0,0 @@ - o Major bugfixes - - Do not set the tlsext_host_name extension on server SSL objects; - only on client SSL objects. We set it to immitate a browser, not a - vhosting server. This resolves an incompatibility with openssl 0.9.8p - and openssl 1.0.0b. Fixes bug 2204; bugfix on 0.2.1.1-alpha. - - diff --git a/changes/forget-rend-descs-on-newnym b/changes/forget-rend-descs-on-newnym deleted file mode 100644 index ab2fd61..0000000 --- a/changes/forget-rend-descs-on-newnym +++ /dev/null @@ -1,9 +0,0 @@ - o Security fixes: - - Forget all hidden service descriptors cached as a client when - processing a SIGNAL NEWNYM command. Fixes bug 3000. Bugfix on - 0.0.6. - o Code simplifications and refactoring: - - Allow rend_client_send_introduction to fail without closing the - AP connection permanently. - - diff --git a/changes/gabelmoo-newip b/changes/gabelmoo-newip deleted file mode 100644 index 8e9a19c..0000000 --- a/changes/gabelmoo-newip +++ /dev/null @@ -1,3 +0,0 @@ - o Directory authority changes: - - Change IP address and ports for gabelmoo (v3 directory authority). - diff --git a/changes/geoip-apr2011 b/changes/geoip-apr2011 deleted file mode 100644 index c38f8ae..0000000 --- a/changes/geoip-apr2011 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update to the April 1 2011 Maxmind GeoLite Country database. - diff --git a/changes/geoip-dec2010 b/changes/geoip-dec2010 deleted file mode 100644 index d6247ce..0000000 --- a/changes/geoip-dec2010 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update to the December 1 2010 Maxmind GeoLite Country database. - diff --git a/changes/geoip-feb2011 b/changes/geoip-feb2011 deleted file mode 100644 index 12eb0ac..0000000 --- a/changes/geoip-feb2011 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update to the February 1 2011 Maxmind GeoLite Country database. - diff --git a/changes/geoip-jan2011 b/changes/geoip-jan2011 deleted file mode 100644 index b58805a..0000000 --- a/changes/geoip-jan2011 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update to the January 1 2011 Maxmind GeoLite Country database. - diff --git a/changes/geoip-mar2011 b/changes/geoip-mar2011 deleted file mode 100644 index fda927f..0000000 --- a/changes/geoip-mar2011 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update to the March 1 2011 Maxmind GeoLite Country database. - diff --git a/changes/geoip-oct2010 b/changes/geoip-oct2010 deleted file mode 100644 index a7235fa..0000000 --- a/changes/geoip-oct2010 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update to the October 1 2010 Maxmind GeoLite Country database. - diff --git a/changes/geoip-sep2010 b/changes/geoip-sep2010 deleted file mode 100644 index 47eb006..0000000 --- a/changes/geoip-sep2010 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update to the September 1 2010 Maxmind GeoLite Country database. - diff --git a/changes/geoip-update-august2010 b/changes/geoip-update-august2010 deleted file mode 100644 index 8f12785..0000000 --- a/changes/geoip-update-august2010 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features - - Update to the August 1 2010 Maxmind GeoLite Country database. - diff --git a/changes/geoip-update-june2010 b/changes/geoip-update-june2010 deleted file mode 100644 index 7a15c00..0000000 --- a/changes/geoip-update-june2010 +++ /dev/null @@ -1,2 +0,0 @@ - o Minor features - - Update to the June 1 2010 Maxmind GeoLite Country database. diff --git a/changes/ipv6_crash b/changes/ipv6_crash deleted file mode 100644 index 02f8aaa..0000000 --- a/changes/ipv6_crash +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes: - - Fix a crash in parsing router descriptors containing IPv6 - addresses. This one crashed the directory authorities when somebody - fired up some experimental code. Bugfix on 0.2.1.3-alpha. diff --git a/changes/maatuska-new-v3auth b/changes/maatuska-new-v3auth deleted file mode 100644 index 9508b30..0000000 --- a/changes/maatuska-new-v3auth +++ /dev/null @@ -1,3 +0,0 @@ - o New directory authorities: - - Set up maatuska (run by Linus Nordberg) as the eighth v3 directory - authority. diff --git a/changes/mingw-openssl098m b/changes/mingw-openssl098m deleted file mode 100644 index b419976..0000000 --- a/changes/mingw-openssl098m +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features - - Build correctly on mingw with more recent version of OpenSSL 0.9.8. - Patch from mingw-san. diff --git a/changes/misc-reason b/changes/misc-reason deleted file mode 100644 index 80db2d2..0000000 --- a/changes/misc-reason +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Have clients begin understanding the new END_STREAM_REASON_NOROUTE - error code. diff --git a/changes/new-geoip-db b/changes/new-geoip-db deleted file mode 100644 index 06d69ea..0000000 --- a/changes/new-geoip-db +++ /dev/null @@ -1,5 +0,0 @@ - o Major features: - - Move to the Maxmind GeoIP db (rather than the June 2009 - ip-to-country GeoIP db) for our statistics that count how many - users relays are seeing from each country. Now we have more accurate - data for many African countries. diff --git a/changes/openbsd-sysheaders b/changes/openbsd-sysheaders deleted file mode 100644 index 2babde2..0000000 --- a/changes/openbsd-sysheaders +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - When building with --enable-gcc-warnings on OpenBSD, disable - warnings in system headers. This makes --enable-gcc-warnings - pass on OpenBSD 4.8. \ No newline at end of file diff --git a/changes/policy_summarize-assert b/changes/policy_summarize-assert deleted file mode 100644 index 619e8e7..0000000 --- a/changes/policy_summarize-assert +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (security) - - Fix a bounds-checking error that could allow an attacker to - remotely crash a directory authority. Found by piebeer. - Bugfix on 0.2.1.5-alpha. - - diff --git a/changes/remove-debian b/changes/remove-debian deleted file mode 100644 index 6eb1896..0000000 --- a/changes/remove-debian +++ /dev/null @@ -1,5 +0,0 @@ - o Removed files: - - Remove the old debian/ directory from the main Tor distribution. - The official Tor-for-debian git repository lives at the URL - https://git.torproject.org/debian/tor.git . - diff --git a/changes/remove-website b/changes/remove-website deleted file mode 100644 index ecbfbf9..0000000 --- a/changes/remove-website +++ /dev/null @@ -1,5 +0,0 @@ - o Removed files: - - Stop shipping the old doc/website/ directory in the tarball. We - changed the website format in late 2010, and what we shipped in - 0.2.1.26 really wasn't that useful anyway. - diff --git a/changes/routerparse_maxima b/changes/routerparse_maxima deleted file mode 100644 index 340f2c3..0000000 --- a/changes/routerparse_maxima +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes - - Check for and reject overly long directory certificates and - directory tokens before they have a chance to hit any - assertions. Bugfix on 0.2.1.28. Found by doorss. diff --git a/changes/security_bug b/changes/security_bug deleted file mode 100644 index 990beee..0000000 --- a/changes/security_bug +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes: - - Fix a remotely exploitable bug that could be used to crash instances - of Tor remotely by overflowing on the heap. Remove-code execution - hasn't been confirmed, but can't be ruled out. Obviously, everyone - should upgrade. Bugfix on the 0.1.1 series and later. diff --git a/changes/tolen_asserts b/changes/tolen_asserts deleted file mode 100644 index a9834ab..0000000 --- a/changes/tolen_asserts +++ /dev/null @@ -1,8 +0,0 @@ - o Major bugfixes (security) - - Fix a heap overflow bug where an adversary could cause heap - corruption. This bug potentially allows remote code execution - attacks. Found by debuger. Fixes CVE-2011-0427. Bugfix on - 0.1.2.10-rc. - o Defensive programming - - Introduce output size checks on all of our decryption functions. - diff --git a/changes/torspec.git b/changes/torspec.git deleted file mode 100644 index ba33ca2..0000000 --- a/changes/torspec.git +++ /dev/null @@ -1,5 +0,0 @@ - o Packaging changes: - - Stop shipping the Tor specs files and development proposal documents - in the tarball. They are now in a separate git repository at - git://git.torproject.org/torspec.git - diff --git a/changes/zlib_aint_openssl b/changes/zlib_aint_openssl deleted file mode 100644 index dd8e10a..0000000 --- a/changes/zlib_aint_openssl +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes - - When warning about missing zlib development packages, give the - correct package names. Bugfix on 0.2.0.1-alpha.

1 0

[tor/master] Merge remote-tracking branch 'origin/maint-0.2.2'
by nickm＠torproject.org 16 May '11

16 May '11

commit 98994e26770e1f991774627788e68b99f6b0d2bc Merge: 03ccce6 952ae0e Author: Nick Mathewson <nickm(a)torproject.org> Date: Mon May 16 16:41:17 2011 -0400 Merge remote-tracking branch 'origin/maint-0.2.2'

1 0

[tor/maint-0.2.2] rm files for changes merged in all of release021, release022, master
by nickm＠torproject.org 16 May '11

16 May '11

commit 0d94f78705d5376059cd2b1bdfe96e84067e212f Author: Nick Mathewson <nickm(a)torproject.org> Date: Mon May 16 16:17:35 2011 -0400 rm files for changes merged in all of release021, release022, master --- changes/all_descs | 4 ---- changes/annotations_fix | 10 ---------- changes/bug1074-part2 | 6 ------ changes/bug1125 | 8 -------- changes/bug1141 | 5 ----- changes/bug1172 | 9 --------- changes/bug1840 | 7 ------- changes/bug1859 | 9 --------- changes/bug1981 | 6 ------ changes/bug2050 | 5 ----- changes/bug2190 | 6 ------ changes/bug2305 | 5 ----- changes/bug2313 | 4 ---- changes/bug2324 | 4 ---- changes/bug2324_uncompress | 5 ----- changes/bug2326 | 6 ------ changes/bug2328 | 9 --------- changes/bug2332 | 4 ---- changes/bug2352 | 6 ------ changes/bug2384 | 6 ------ changes/bug2402_redux | 6 ------ changes/bug2408 | 6 ------ changes/bug2470 | 5 ----- changes/bug2475 | 5 ----- changes/bug2629 | 5 ----- changes/bug2750 | 6 ------ changes/bug2933 | 4 ---- changes/dhparam | 3 --- changes/fix2204 | 7 ------- changes/forget-rend-descs-on-newnym | 9 --------- changes/gabelmoo-newip | 3 --- changes/geoip-apr2011 | 3 --- changes/geoip-dec2010 | 3 --- changes/geoip-feb2011 | 3 --- changes/geoip-jan2011 | 3 --- changes/geoip-mar2011 | 3 --- changes/geoip-oct2010 | 3 --- changes/geoip-sep2010 | 3 --- changes/geoip-update-august2010 | 3 --- changes/geoip-update-june2010 | 2 -- changes/ipv6_crash | 4 ---- changes/maatuska-new-v3auth | 3 --- changes/mingw-openssl098m | 3 --- changes/misc-reason | 3 --- changes/new-geoip-db | 5 ----- changes/openbsd-sysheaders | 4 ---- changes/policy_summarize-assert | 6 ------ changes/remove-debian | 5 ----- changes/remove-website | 5 ----- changes/routerparse_maxima | 4 ---- changes/security_bug | 5 ----- changes/tolen_asserts | 8 -------- changes/torspec.git | 5 ----- changes/zlib_aint_openssl | 3 --- 54 files changed, 0 insertions(+), 272 deletions(-) diff --git a/changes/all_descs b/changes/all_descs deleted file mode 100644 index 10711b2..0000000 --- a/changes/all_descs +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes (bridge authority) - - Do not allow encrypte requests for "all" bridges to return all - bridges. - diff --git a/changes/annotations_fix b/changes/annotations_fix deleted file mode 100644 index b259a30..0000000 --- a/changes/annotations_fix +++ /dev/null @@ -1,10 +0,0 @@ - o Major bugfixes - - Do even more to reject (and not just ignore) annotations on - router descriptors received anywhere but from the cache. - Previously we would ignore such annotations at first, but cache - them to disk anyway. Bugfix on 0.2.0.8-alpha. Found by piebeer. - - o Minor bugfixes - - Enforce multiplicity rules when parsing annotations. Bugfix on - 0.2.0.8-alpha. Found by piebeer. - diff --git a/changes/bug1074-part2 b/changes/bug1074-part2 deleted file mode 100644 index 6644f49..0000000 --- a/changes/bug1074-part2 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes: - - Stop sending a CLOCK_SKEW controller status event whenever - we fetch directory information from a relay that has a wrong clock. - Instead, only inform the controller when it's a trusted authority - that claims our clock is wrong. Bugfix on tor-0.1.2.6-alpha; - fixes the other half of bug 1074. diff --git a/changes/bug1125 b/changes/bug1125 deleted file mode 100644 index 1331246..0000000 --- a/changes/bug1125 +++ /dev/null @@ -1,8 +0,0 @@ - o Major bugfixes - - Do not log messages to the controller while shrinking buffer - freelists. Doing so would sometimes make the controller - connection try to allocate a buffer chunk, which would mess - up the internals of the freelist and cause an assertion - failure. Fixes bug 1125; fixed by Robert Ransom. Bugfix on - Tor 0.2.0.16-alpha. - diff --git a/changes/bug1141 b/changes/bug1141 deleted file mode 100644 index 9975e41..0000000 --- a/changes/bug1141 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes: - - Fix an assertion failure that could occur in caches or bridge users - when using a very short voting interval on a testing network. - Diagnosed by Robert Hogan. Fixes bug 1141; bugfix on 0.2.0.8-alpha. - diff --git a/changes/bug1172 b/changes/bug1172 deleted file mode 100644 index 3abd743..0000000 --- a/changes/bug1172 +++ /dev/null @@ -1,9 +0,0 @@ - o Minor bugfixes: - - When we restart our relay, we might get a successful connection - from the outside before we've started our reachability tests, - triggering a warning: "ORPort found reachable, but I have no - routerinfo yet. Failing to inform controller of success." This - bug was harmless unless Tor is running under a controller - like Vidalia, in which case the controller would never get a - REACHABILITY_SUCCEEDED status event. Bugfix on 0.1.2.6-alpha; - fixes bug 1172. diff --git a/changes/bug1840 b/changes/bug1840 deleted file mode 100644 index 0ef2b98..0000000 --- a/changes/bug1840 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes: - - Allow handshaking OR connections to take a full KeepalivePeriod - seconds to handshake. Previously, we would close them after - IDLE_OR_CONN_TIMEOUT seconds, as if they were open. This is a - bugfix on 0.2.1.26. Thanks to mingw-san for analysis help. Fixes - bug 1840. - diff --git a/changes/bug1859 b/changes/bug1859 deleted file mode 100644 index 5b139f3..0000000 --- a/changes/bug1859 +++ /dev/null @@ -1,9 +0,0 @@ - o Minor bugfixes: - - Bring the logic that gathers routerinfos and assesses the - acceptability of circuits into line. This prevents a Tor OP from getting - locked in a cycle of choosing its local OR as an exit for a path (due to - a .exit request) and then rejecting the circuit because its OR is not - listed yet. Also prevent Tor clients from using an OR running in the same - instance as an exit (due to a .exit request) if the OR does not meet the - same requirements expected of an OR running elsewhere. - Fixes bug 1859; bugfix on 0.2.0-alpha. diff --git a/changes/bug1981 b/changes/bug1981 deleted file mode 100644 index 3e5e1d3..0000000 --- a/changes/bug1981 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes: - - When you use bridges and your network goes away and your bridges - get marked as down, recover when you attempt a new socks connection - (if the network is back) rather than waiting up to an hour to try - fetching new descriptors for your bridges. Bugfix on 0.2.0.3-alpha; - fixes bug 1981. diff --git a/changes/bug2050 b/changes/bug2050 deleted file mode 100644 index 3e45d34..0000000 --- a/changes/bug2050 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes: - - Learn our external IP address when we're a relay or bridge, even if - we set PublishServerDescriptor to 0. Bugfix on 0.2.0.3-alpha, - where we introduced bridge relays that don't need to publish to - be useful. Fixes bug 2050. diff --git a/changes/bug2190 b/changes/bug2190 deleted file mode 100644 index 92ecba7..0000000 --- a/changes/bug2190 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes - - Prevent calls from Libevent from inside Libevent log handlers. - This had potential to cause a nasty set of crashes, especially if - running Libevent with debug logging enabled, and running Tor - with a controller watching for low-severity log messages. - Bugfix on 0.1.0.2-rc. Fixes bug 2190. diff --git a/changes/bug2305 b/changes/bug2305 deleted file mode 100644 index c979d5f..0000000 --- a/changes/bug2305 +++ /dev/null @@ -1,5 +0,0 @@ - o Build changes - - Tor does not build packages correctly with Automake 1.6 and earlier; - added a check to Makefile.am to make sure that we're building with - Automake 1.7 or later. - diff --git a/changes/bug2313 b/changes/bug2313 deleted file mode 100644 index 0ffbe4a..0000000 --- a/changes/bug2313 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes - - Fix compilation on mingw when a pthreads compatibility library - has been installed. (We don't want to use it, so we shouldn't - be including pthread.h.) Fixes bug 2313; bugfix on 0.1.0.1-rc. diff --git a/changes/bug2324 b/changes/bug2324 deleted file mode 100644 index eefc837..0000000 --- a/changes/bug2324 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes - - Add a check for SIZE_T_MAX to tor_realloc to try to avoid - underflow errors there too. Fixes bug 2324. - diff --git a/changes/bug2324_uncompress b/changes/bug2324_uncompress deleted file mode 100644 index 223a3ce..0000000 --- a/changes/bug2324_uncompress +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (security): - - Prevent a DoS attack by disallowing any zlib-compressed data - whose compression factor is implausibly high. Fixes the - second part of bug2324; found by doors. - diff --git a/changes/bug2326 b/changes/bug2326 deleted file mode 100644 index 239a383..0000000 --- a/changes/bug2326 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes - - Fix a bug where we would assert if we ever had a - cached-descriptors.new file (or another file read directly into - memory) of exactly SIZE_T_CEILING bytes. Found by doors; fixes - bug 2326; bugfix on 0.2.1.25. - diff --git a/changes/bug2328 b/changes/bug2328 deleted file mode 100644 index fee80a1..0000000 --- a/changes/bug2328 +++ /dev/null @@ -1,9 +0,0 @@ - o Minor bugfixes - - Fix a bug where we would declare that we had run out of virtual - addresses when the address space was only half-exhausted. Bugfix - on 0.1.2.1-alpha. - - Correctly handle the case where AutomapHostsOnResolve is set but no - virtual addresses are available. Fixes bug2328, bugfix on - 0.1.2.1-alpha. Bug found by doorss. - - Correctly handle wrapping around to when we run out of virtual address - space. Found by cypherpunks, bugfix on 0.2.0.5-alpha. diff --git a/changes/bug2332 b/changes/bug2332 deleted file mode 100644 index 5f73ddd..0000000 --- a/changes/bug2332 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes - - Fix a bug with handling misformed replies to reverse DNS lookup - requests in DNSPort. Bugfix on Tor 0.2.0.1-alpha. Related to a bug - reported by doorss. diff --git a/changes/bug2352 b/changes/bug2352 deleted file mode 100644 index 744dbdb..0000000 --- a/changes/bug2352 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes - - Fix some potential asserts and partsing issues with grossly - malformed router caches. Fixes bug 2352. Found by doorss. - Bugfix on Tor 0.2.1.27. - - diff --git a/changes/bug2384 b/changes/bug2384 deleted file mode 100644 index ded5eee..0000000 --- a/changes/bug2384 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes - - Zero out a few more keys in memory before freeing them. Fixes bug - 2384 and part of bug 2385. These key instances found by - "cypherpunks". Bugfix on 0.0.2pre9. - - diff --git a/changes/bug2402_redux b/changes/bug2402_redux deleted file mode 100644 index 84be04a..0000000 --- a/changes/bug2402_redux +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes - - Use micro-revision numbers in 0.2.1.x instead: apparently, they - were more used than we had known. (Bugfix on 0.2.1.30). - - Instead of generating our micro-version numbers using SVN revisions, - use git revisions instead. Bugfix on 0.2.1.15-rc; fixes bug 2402. - diff --git a/changes/bug2408 b/changes/bug2408 deleted file mode 100644 index 1d2dbf1..0000000 --- a/changes/bug2408 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes - - Ignore and warn about "PublishServerDescriptor hidserv" torrc - options. The 'hidserv' argument never controlled publication - of hidden service descriptors. Bugfix on 0.2.0.1-alpha. - - diff --git a/changes/bug2470 b/changes/bug2470 deleted file mode 100644 index 8ff97b7..0000000 --- a/changes/bug2470 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes: - - If relays set RelayBandwidthBurst but not RelayBandwidthRate, - Tor would ignore their RelayBandwidthBurst setting, - potentially using more bandwidth than expected. Bugfix on - 0.2.0.1-alpha. Reported by Paul Wouters. Fixes bug 2470. diff --git a/changes/bug2475 b/changes/bug2475 deleted file mode 100644 index d6f0595..0000000 --- a/changes/bug2475 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes: - - Avoid signed/unsigned comparisons by making SIZE_T_CEILING unsigned. - (None of the cases where we did this before were wrong, but by making - this change we can avoid warnings.) Fixes bug2475; bugfix on - Tor 0.2.1.28. diff --git a/changes/bug2629 b/changes/bug2629 deleted file mode 100644 index 87817cf..0000000 --- a/changes/bug2629 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes - - Fix a crash bug that could occur occasionally when a client was - configured with a large number of bridges. Fixes bug 2629; bugfix - on 0.2.1.2-alpha. Bugfix by trac user "shitlei". - diff --git a/changes/bug2750 b/changes/bug2750 deleted file mode 100644 index 4371a0a..0000000 --- a/changes/bug2750 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes - - Correct the warning displayed when a rendezvous descriptor exceeds - the maximum size. Fixes bug 2750; bugfix on 0.2.1.5-alpha. Found - by John Brooks. - - diff --git a/changes/bug2933 b/changes/bug2933 deleted file mode 100644 index 7aaf526..0000000 --- a/changes/bug2933 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes - - Fix an uncommon assertion failure when running with DNSPort under - heavy load. Fixes bug 2933; bugfix on 2.0.1-alpha. - diff --git a/changes/dhparam b/changes/dhparam deleted file mode 100644 index cb31243..0000000 --- a/changes/dhparam +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features - - Adjust our TLS Diffie-Hellman parameters to match those used by - Apache's mod_ssl. diff --git a/changes/fix2204 b/changes/fix2204 deleted file mode 100644 index fb2771a..0000000 --- a/changes/fix2204 +++ /dev/null @@ -1,7 +0,0 @@ - o Major bugfixes - - Do not set the tlsext_host_name extension on server SSL objects; - only on client SSL objects. We set it to immitate a browser, not a - vhosting server. This resolves an incompatibility with openssl 0.9.8p - and openssl 1.0.0b. Fixes bug 2204; bugfix on 0.2.1.1-alpha. - - diff --git a/changes/forget-rend-descs-on-newnym b/changes/forget-rend-descs-on-newnym deleted file mode 100644 index ab2fd61..0000000 --- a/changes/forget-rend-descs-on-newnym +++ /dev/null @@ -1,9 +0,0 @@ - o Security fixes: - - Forget all hidden service descriptors cached as a client when - processing a SIGNAL NEWNYM command. Fixes bug 3000. Bugfix on - 0.0.6. - o Code simplifications and refactoring: - - Allow rend_client_send_introduction to fail without closing the - AP connection permanently. - - diff --git a/changes/gabelmoo-newip b/changes/gabelmoo-newip deleted file mode 100644 index 8e9a19c..0000000 --- a/changes/gabelmoo-newip +++ /dev/null @@ -1,3 +0,0 @@ - o Directory authority changes: - - Change IP address and ports for gabelmoo (v3 directory authority). - diff --git a/changes/geoip-apr2011 b/changes/geoip-apr2011 deleted file mode 100644 index c38f8ae..0000000 --- a/changes/geoip-apr2011 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update to the April 1 2011 Maxmind GeoLite Country database. - diff --git a/changes/geoip-dec2010 b/changes/geoip-dec2010 deleted file mode 100644 index d6247ce..0000000 --- a/changes/geoip-dec2010 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update to the December 1 2010 Maxmind GeoLite Country database. - diff --git a/changes/geoip-feb2011 b/changes/geoip-feb2011 deleted file mode 100644 index 12eb0ac..0000000 --- a/changes/geoip-feb2011 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update to the February 1 2011 Maxmind GeoLite Country database. - diff --git a/changes/geoip-jan2011 b/changes/geoip-jan2011 deleted file mode 100644 index b58805a..0000000 --- a/changes/geoip-jan2011 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update to the January 1 2011 Maxmind GeoLite Country database. - diff --git a/changes/geoip-mar2011 b/changes/geoip-mar2011 deleted file mode 100644 index fda927f..0000000 --- a/changes/geoip-mar2011 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update to the March 1 2011 Maxmind GeoLite Country database. - diff --git a/changes/geoip-oct2010 b/changes/geoip-oct2010 deleted file mode 100644 index a7235fa..0000000 --- a/changes/geoip-oct2010 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update to the October 1 2010 Maxmind GeoLite Country database. - diff --git a/changes/geoip-sep2010 b/changes/geoip-sep2010 deleted file mode 100644 index 47eb006..0000000 --- a/changes/geoip-sep2010 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update to the September 1 2010 Maxmind GeoLite Country database. - diff --git a/changes/geoip-update-august2010 b/changes/geoip-update-august2010 deleted file mode 100644 index 8f12785..0000000 --- a/changes/geoip-update-august2010 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features - - Update to the August 1 2010 Maxmind GeoLite Country database. - diff --git a/changes/geoip-update-june2010 b/changes/geoip-update-june2010 deleted file mode 100644 index 7a15c00..0000000 --- a/changes/geoip-update-june2010 +++ /dev/null @@ -1,2 +0,0 @@ - o Minor features - - Update to the June 1 2010 Maxmind GeoLite Country database. diff --git a/changes/ipv6_crash b/changes/ipv6_crash deleted file mode 100644 index 02f8aaa..0000000 --- a/changes/ipv6_crash +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes: - - Fix a crash in parsing router descriptors containing IPv6 - addresses. This one crashed the directory authorities when somebody - fired up some experimental code. Bugfix on 0.2.1.3-alpha. diff --git a/changes/maatuska-new-v3auth b/changes/maatuska-new-v3auth deleted file mode 100644 index 9508b30..0000000 --- a/changes/maatuska-new-v3auth +++ /dev/null @@ -1,3 +0,0 @@ - o New directory authorities: - - Set up maatuska (run by Linus Nordberg) as the eighth v3 directory - authority. diff --git a/changes/mingw-openssl098m b/changes/mingw-openssl098m deleted file mode 100644 index b419976..0000000 --- a/changes/mingw-openssl098m +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features - - Build correctly on mingw with more recent version of OpenSSL 0.9.8. - Patch from mingw-san. diff --git a/changes/misc-reason b/changes/misc-reason deleted file mode 100644 index 80db2d2..0000000 --- a/changes/misc-reason +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Have clients begin understanding the new END_STREAM_REASON_NOROUTE - error code. diff --git a/changes/new-geoip-db b/changes/new-geoip-db deleted file mode 100644 index 06d69ea..0000000 --- a/changes/new-geoip-db +++ /dev/null @@ -1,5 +0,0 @@ - o Major features: - - Move to the Maxmind GeoIP db (rather than the June 2009 - ip-to-country GeoIP db) for our statistics that count how many - users relays are seeing from each country. Now we have more accurate - data for many African countries. diff --git a/changes/openbsd-sysheaders b/changes/openbsd-sysheaders deleted file mode 100644 index 2babde2..0000000 --- a/changes/openbsd-sysheaders +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - When building with --enable-gcc-warnings on OpenBSD, disable - warnings in system headers. This makes --enable-gcc-warnings - pass on OpenBSD 4.8. \ No newline at end of file diff --git a/changes/policy_summarize-assert b/changes/policy_summarize-assert deleted file mode 100644 index 619e8e7..0000000 --- a/changes/policy_summarize-assert +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (security) - - Fix a bounds-checking error that could allow an attacker to - remotely crash a directory authority. Found by piebeer. - Bugfix on 0.2.1.5-alpha. - - diff --git a/changes/remove-debian b/changes/remove-debian deleted file mode 100644 index 6eb1896..0000000 --- a/changes/remove-debian +++ /dev/null @@ -1,5 +0,0 @@ - o Removed files: - - Remove the old debian/ directory from the main Tor distribution. - The official Tor-for-debian git repository lives at the URL - https://git.torproject.org/debian/tor.git . - diff --git a/changes/remove-website b/changes/remove-website deleted file mode 100644 index ecbfbf9..0000000 --- a/changes/remove-website +++ /dev/null @@ -1,5 +0,0 @@ - o Removed files: - - Stop shipping the old doc/website/ directory in the tarball. We - changed the website format in late 2010, and what we shipped in - 0.2.1.26 really wasn't that useful anyway. - diff --git a/changes/routerparse_maxima b/changes/routerparse_maxima deleted file mode 100644 index 340f2c3..0000000 --- a/changes/routerparse_maxima +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes - - Check for and reject overly long directory certificates and - directory tokens before they have a chance to hit any - assertions. Bugfix on 0.2.1.28. Found by doorss. diff --git a/changes/security_bug b/changes/security_bug deleted file mode 100644 index 990beee..0000000 --- a/changes/security_bug +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes: - - Fix a remotely exploitable bug that could be used to crash instances - of Tor remotely by overflowing on the heap. Remove-code execution - hasn't been confirmed, but can't be ruled out. Obviously, everyone - should upgrade. Bugfix on the 0.1.1 series and later. diff --git a/changes/tolen_asserts b/changes/tolen_asserts deleted file mode 100644 index a9834ab..0000000 --- a/changes/tolen_asserts +++ /dev/null @@ -1,8 +0,0 @@ - o Major bugfixes (security) - - Fix a heap overflow bug where an adversary could cause heap - corruption. This bug potentially allows remote code execution - attacks. Found by debuger. Fixes CVE-2011-0427. Bugfix on - 0.1.2.10-rc. - o Defensive programming - - Introduce output size checks on all of our decryption functions. - diff --git a/changes/torspec.git b/changes/torspec.git deleted file mode 100644 index ba33ca2..0000000 --- a/changes/torspec.git +++ /dev/null @@ -1,5 +0,0 @@ - o Packaging changes: - - Stop shipping the Tor specs files and development proposal documents - in the tarball. They are now in a separate git repository at - git://git.torproject.org/torspec.git - diff --git a/changes/zlib_aint_openssl b/changes/zlib_aint_openssl deleted file mode 100644 index dd8e10a..0000000 --- a/changes/zlib_aint_openssl +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes - - When warning about missing zlib development packages, give the - correct package names. Bugfix on 0.2.0.1-alpha.

1 0

[tor/maint-0.2.2] Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
by nickm＠torproject.org 16 May '11

16 May '11

1 0

[tor/maint-0.2.1] rm files for changes merged in all of release021, release022, master
by nickm＠torproject.org 16 May '11

16 May '11

commit 0d94f78705d5376059cd2b1bdfe96e84067e212f Author: Nick Mathewson <nickm(a)torproject.org> Date: Mon May 16 16:17:35 2011 -0400 rm files for changes merged in all of release021, release022, master --- changes/all_descs | 4 ---- changes/annotations_fix | 10 ---------- changes/bug1074-part2 | 6 ------ changes/bug1125 | 8 -------- changes/bug1141 | 5 ----- changes/bug1172 | 9 --------- changes/bug1840 | 7 ------- changes/bug1859 | 9 --------- changes/bug1981 | 6 ------ changes/bug2050 | 5 ----- changes/bug2190 | 6 ------ changes/bug2305 | 5 ----- changes/bug2313 | 4 ---- changes/bug2324 | 4 ---- changes/bug2324_uncompress | 5 ----- changes/bug2326 | 6 ------ changes/bug2328 | 9 --------- changes/bug2332 | 4 ---- changes/bug2352 | 6 ------ changes/bug2384 | 6 ------ changes/bug2402_redux | 6 ------ changes/bug2408 | 6 ------ changes/bug2470 | 5 ----- changes/bug2475 | 5 ----- changes/bug2629 | 5 ----- changes/bug2750 | 6 ------ changes/bug2933 | 4 ---- changes/dhparam | 3 --- changes/fix2204 | 7 ------- changes/forget-rend-descs-on-newnym | 9 --------- changes/gabelmoo-newip | 3 --- changes/geoip-apr2011 | 3 --- changes/geoip-dec2010 | 3 --- changes/geoip-feb2011 | 3 --- changes/geoip-jan2011 | 3 --- changes/geoip-mar2011 | 3 --- changes/geoip-oct2010 | 3 --- changes/geoip-sep2010 | 3 --- changes/geoip-update-august2010 | 3 --- changes/geoip-update-june2010 | 2 -- changes/ipv6_crash | 4 ---- changes/maatuska-new-v3auth | 3 --- changes/mingw-openssl098m | 3 --- changes/misc-reason | 3 --- changes/new-geoip-db | 5 ----- changes/openbsd-sysheaders | 4 ---- changes/policy_summarize-assert | 6 ------ changes/remove-debian | 5 ----- changes/remove-website | 5 ----- changes/routerparse_maxima | 4 ---- changes/security_bug | 5 ----- changes/tolen_asserts | 8 -------- changes/torspec.git | 5 ----- changes/zlib_aint_openssl | 3 --- 54 files changed, 0 insertions(+), 272 deletions(-) diff --git a/changes/all_descs b/changes/all_descs deleted file mode 100644 index 10711b2..0000000 --- a/changes/all_descs +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes (bridge authority) - - Do not allow encrypte requests for "all" bridges to return all - bridges. - diff --git a/changes/annotations_fix b/changes/annotations_fix deleted file mode 100644 index b259a30..0000000 --- a/changes/annotations_fix +++ /dev/null @@ -1,10 +0,0 @@ - o Major bugfixes - - Do even more to reject (and not just ignore) annotations on - router descriptors received anywhere but from the cache. - Previously we would ignore such annotations at first, but cache - them to disk anyway. Bugfix on 0.2.0.8-alpha. Found by piebeer. - - o Minor bugfixes - - Enforce multiplicity rules when parsing annotations. Bugfix on - 0.2.0.8-alpha. Found by piebeer. - diff --git a/changes/bug1074-part2 b/changes/bug1074-part2 deleted file mode 100644 index 6644f49..0000000 --- a/changes/bug1074-part2 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes: - - Stop sending a CLOCK_SKEW controller status event whenever - we fetch directory information from a relay that has a wrong clock. - Instead, only inform the controller when it's a trusted authority - that claims our clock is wrong. Bugfix on tor-0.1.2.6-alpha; - fixes the other half of bug 1074. diff --git a/changes/bug1125 b/changes/bug1125 deleted file mode 100644 index 1331246..0000000 --- a/changes/bug1125 +++ /dev/null @@ -1,8 +0,0 @@ - o Major bugfixes - - Do not log messages to the controller while shrinking buffer - freelists. Doing so would sometimes make the controller - connection try to allocate a buffer chunk, which would mess - up the internals of the freelist and cause an assertion - failure. Fixes bug 1125; fixed by Robert Ransom. Bugfix on - Tor 0.2.0.16-alpha. - diff --git a/changes/bug1141 b/changes/bug1141 deleted file mode 100644 index 9975e41..0000000 --- a/changes/bug1141 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes: - - Fix an assertion failure that could occur in caches or bridge users - when using a very short voting interval on a testing network. - Diagnosed by Robert Hogan. Fixes bug 1141; bugfix on 0.2.0.8-alpha. - diff --git a/changes/bug1172 b/changes/bug1172 deleted file mode 100644 index 3abd743..0000000 --- a/changes/bug1172 +++ /dev/null @@ -1,9 +0,0 @@ - o Minor bugfixes: - - When we restart our relay, we might get a successful connection - from the outside before we've started our reachability tests, - triggering a warning: "ORPort found reachable, but I have no - routerinfo yet. Failing to inform controller of success." This - bug was harmless unless Tor is running under a controller - like Vidalia, in which case the controller would never get a - REACHABILITY_SUCCEEDED status event. Bugfix on 0.1.2.6-alpha; - fixes bug 1172. diff --git a/changes/bug1840 b/changes/bug1840 deleted file mode 100644 index 0ef2b98..0000000 --- a/changes/bug1840 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes: - - Allow handshaking OR connections to take a full KeepalivePeriod - seconds to handshake. Previously, we would close them after - IDLE_OR_CONN_TIMEOUT seconds, as if they were open. This is a - bugfix on 0.2.1.26. Thanks to mingw-san for analysis help. Fixes - bug 1840. - diff --git a/changes/bug1859 b/changes/bug1859 deleted file mode 100644 index 5b139f3..0000000 --- a/changes/bug1859 +++ /dev/null @@ -1,9 +0,0 @@ - o Minor bugfixes: - - Bring the logic that gathers routerinfos and assesses the - acceptability of circuits into line. This prevents a Tor OP from getting - locked in a cycle of choosing its local OR as an exit for a path (due to - a .exit request) and then rejecting the circuit because its OR is not - listed yet. Also prevent Tor clients from using an OR running in the same - instance as an exit (due to a .exit request) if the OR does not meet the - same requirements expected of an OR running elsewhere. - Fixes bug 1859; bugfix on 0.2.0-alpha. diff --git a/changes/bug1981 b/changes/bug1981 deleted file mode 100644 index 3e5e1d3..0000000 --- a/changes/bug1981 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes: - - When you use bridges and your network goes away and your bridges - get marked as down, recover when you attempt a new socks connection - (if the network is back) rather than waiting up to an hour to try - fetching new descriptors for your bridges. Bugfix on 0.2.0.3-alpha; - fixes bug 1981. diff --git a/changes/bug2050 b/changes/bug2050 deleted file mode 100644 index 3e45d34..0000000 --- a/changes/bug2050 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes: - - Learn our external IP address when we're a relay or bridge, even if - we set PublishServerDescriptor to 0. Bugfix on 0.2.0.3-alpha, - where we introduced bridge relays that don't need to publish to - be useful. Fixes bug 2050. diff --git a/changes/bug2190 b/changes/bug2190 deleted file mode 100644 index 92ecba7..0000000 --- a/changes/bug2190 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes - - Prevent calls from Libevent from inside Libevent log handlers. - This had potential to cause a nasty set of crashes, especially if - running Libevent with debug logging enabled, and running Tor - with a controller watching for low-severity log messages. - Bugfix on 0.1.0.2-rc. Fixes bug 2190. diff --git a/changes/bug2305 b/changes/bug2305 deleted file mode 100644 index c979d5f..0000000 --- a/changes/bug2305 +++ /dev/null @@ -1,5 +0,0 @@ - o Build changes - - Tor does not build packages correctly with Automake 1.6 and earlier; - added a check to Makefile.am to make sure that we're building with - Automake 1.7 or later. - diff --git a/changes/bug2313 b/changes/bug2313 deleted file mode 100644 index 0ffbe4a..0000000 --- a/changes/bug2313 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes - - Fix compilation on mingw when a pthreads compatibility library - has been installed. (We don't want to use it, so we shouldn't - be including pthread.h.) Fixes bug 2313; bugfix on 0.1.0.1-rc. diff --git a/changes/bug2324 b/changes/bug2324 deleted file mode 100644 index eefc837..0000000 --- a/changes/bug2324 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes - - Add a check for SIZE_T_MAX to tor_realloc to try to avoid - underflow errors there too. Fixes bug 2324. - diff --git a/changes/bug2324_uncompress b/changes/bug2324_uncompress deleted file mode 100644 index 223a3ce..0000000 --- a/changes/bug2324_uncompress +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes (security): - - Prevent a DoS attack by disallowing any zlib-compressed data - whose compression factor is implausibly high. Fixes the - second part of bug2324; found by doors. - diff --git a/changes/bug2326 b/changes/bug2326 deleted file mode 100644 index 239a383..0000000 --- a/changes/bug2326 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes - - Fix a bug where we would assert if we ever had a - cached-descriptors.new file (or another file read directly into - memory) of exactly SIZE_T_CEILING bytes. Found by doors; fixes - bug 2326; bugfix on 0.2.1.25. - diff --git a/changes/bug2328 b/changes/bug2328 deleted file mode 100644 index fee80a1..0000000 --- a/changes/bug2328 +++ /dev/null @@ -1,9 +0,0 @@ - o Minor bugfixes - - Fix a bug where we would declare that we had run out of virtual - addresses when the address space was only half-exhausted. Bugfix - on 0.1.2.1-alpha. - - Correctly handle the case where AutomapHostsOnResolve is set but no - virtual addresses are available. Fixes bug2328, bugfix on - 0.1.2.1-alpha. Bug found by doorss. - - Correctly handle wrapping around to when we run out of virtual address - space. Found by cypherpunks, bugfix on 0.2.0.5-alpha. diff --git a/changes/bug2332 b/changes/bug2332 deleted file mode 100644 index 5f73ddd..0000000 --- a/changes/bug2332 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes - - Fix a bug with handling misformed replies to reverse DNS lookup - requests in DNSPort. Bugfix on Tor 0.2.0.1-alpha. Related to a bug - reported by doorss. diff --git a/changes/bug2352 b/changes/bug2352 deleted file mode 100644 index 744dbdb..0000000 --- a/changes/bug2352 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes - - Fix some potential asserts and partsing issues with grossly - malformed router caches. Fixes bug 2352. Found by doorss. - Bugfix on Tor 0.2.1.27. - - diff --git a/changes/bug2384 b/changes/bug2384 deleted file mode 100644 index ded5eee..0000000 --- a/changes/bug2384 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes - - Zero out a few more keys in memory before freeing them. Fixes bug - 2384 and part of bug 2385. These key instances found by - "cypherpunks". Bugfix on 0.0.2pre9. - - diff --git a/changes/bug2402_redux b/changes/bug2402_redux deleted file mode 100644 index 84be04a..0000000 --- a/changes/bug2402_redux +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes - - Use micro-revision numbers in 0.2.1.x instead: apparently, they - were more used than we had known. (Bugfix on 0.2.1.30). - - Instead of generating our micro-version numbers using SVN revisions, - use git revisions instead. Bugfix on 0.2.1.15-rc; fixes bug 2402. - diff --git a/changes/bug2408 b/changes/bug2408 deleted file mode 100644 index 1d2dbf1..0000000 --- a/changes/bug2408 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes - - Ignore and warn about "PublishServerDescriptor hidserv" torrc - options. The 'hidserv' argument never controlled publication - of hidden service descriptors. Bugfix on 0.2.0.1-alpha. - - diff --git a/changes/bug2470 b/changes/bug2470 deleted file mode 100644 index 8ff97b7..0000000 --- a/changes/bug2470 +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes: - - If relays set RelayBandwidthBurst but not RelayBandwidthRate, - Tor would ignore their RelayBandwidthBurst setting, - potentially using more bandwidth than expected. Bugfix on - 0.2.0.1-alpha. Reported by Paul Wouters. Fixes bug 2470. diff --git a/changes/bug2475 b/changes/bug2475 deleted file mode 100644 index d6f0595..0000000 --- a/changes/bug2475 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes: - - Avoid signed/unsigned comparisons by making SIZE_T_CEILING unsigned. - (None of the cases where we did this before were wrong, but by making - this change we can avoid warnings.) Fixes bug2475; bugfix on - Tor 0.2.1.28. diff --git a/changes/bug2629 b/changes/bug2629 deleted file mode 100644 index 87817cf..0000000 --- a/changes/bug2629 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes - - Fix a crash bug that could occur occasionally when a client was - configured with a large number of bridges. Fixes bug 2629; bugfix - on 0.2.1.2-alpha. Bugfix by trac user "shitlei". - diff --git a/changes/bug2750 b/changes/bug2750 deleted file mode 100644 index 4371a0a..0000000 --- a/changes/bug2750 +++ /dev/null @@ -1,6 +0,0 @@ - o Minor bugfixes - - Correct the warning displayed when a rendezvous descriptor exceeds - the maximum size. Fixes bug 2750; bugfix on 0.2.1.5-alpha. Found - by John Brooks. - - diff --git a/changes/bug2933 b/changes/bug2933 deleted file mode 100644 index 7aaf526..0000000 --- a/changes/bug2933 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes - - Fix an uncommon assertion failure when running with DNSPort under - heavy load. Fixes bug 2933; bugfix on 2.0.1-alpha. - diff --git a/changes/dhparam b/changes/dhparam deleted file mode 100644 index cb31243..0000000 --- a/changes/dhparam +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features - - Adjust our TLS Diffie-Hellman parameters to match those used by - Apache's mod_ssl. diff --git a/changes/fix2204 b/changes/fix2204 deleted file mode 100644 index fb2771a..0000000 --- a/changes/fix2204 +++ /dev/null @@ -1,7 +0,0 @@ - o Major bugfixes - - Do not set the tlsext_host_name extension on server SSL objects; - only on client SSL objects. We set it to immitate a browser, not a - vhosting server. This resolves an incompatibility with openssl 0.9.8p - and openssl 1.0.0b. Fixes bug 2204; bugfix on 0.2.1.1-alpha. - - diff --git a/changes/forget-rend-descs-on-newnym b/changes/forget-rend-descs-on-newnym deleted file mode 100644 index ab2fd61..0000000 --- a/changes/forget-rend-descs-on-newnym +++ /dev/null @@ -1,9 +0,0 @@ - o Security fixes: - - Forget all hidden service descriptors cached as a client when - processing a SIGNAL NEWNYM command. Fixes bug 3000. Bugfix on - 0.0.6. - o Code simplifications and refactoring: - - Allow rend_client_send_introduction to fail without closing the - AP connection permanently. - - diff --git a/changes/gabelmoo-newip b/changes/gabelmoo-newip deleted file mode 100644 index 8e9a19c..0000000 --- a/changes/gabelmoo-newip +++ /dev/null @@ -1,3 +0,0 @@ - o Directory authority changes: - - Change IP address and ports for gabelmoo (v3 directory authority). - diff --git a/changes/geoip-apr2011 b/changes/geoip-apr2011 deleted file mode 100644 index c38f8ae..0000000 --- a/changes/geoip-apr2011 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update to the April 1 2011 Maxmind GeoLite Country database. - diff --git a/changes/geoip-dec2010 b/changes/geoip-dec2010 deleted file mode 100644 index d6247ce..0000000 --- a/changes/geoip-dec2010 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update to the December 1 2010 Maxmind GeoLite Country database. - diff --git a/changes/geoip-feb2011 b/changes/geoip-feb2011 deleted file mode 100644 index 12eb0ac..0000000 --- a/changes/geoip-feb2011 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update to the February 1 2011 Maxmind GeoLite Country database. - diff --git a/changes/geoip-jan2011 b/changes/geoip-jan2011 deleted file mode 100644 index b58805a..0000000 --- a/changes/geoip-jan2011 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update to the January 1 2011 Maxmind GeoLite Country database. - diff --git a/changes/geoip-mar2011 b/changes/geoip-mar2011 deleted file mode 100644 index fda927f..0000000 --- a/changes/geoip-mar2011 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update to the March 1 2011 Maxmind GeoLite Country database. - diff --git a/changes/geoip-oct2010 b/changes/geoip-oct2010 deleted file mode 100644 index a7235fa..0000000 --- a/changes/geoip-oct2010 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update to the October 1 2010 Maxmind GeoLite Country database. - diff --git a/changes/geoip-sep2010 b/changes/geoip-sep2010 deleted file mode 100644 index 47eb006..0000000 --- a/changes/geoip-sep2010 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Update to the September 1 2010 Maxmind GeoLite Country database. - diff --git a/changes/geoip-update-august2010 b/changes/geoip-update-august2010 deleted file mode 100644 index 8f12785..0000000 --- a/changes/geoip-update-august2010 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features - - Update to the August 1 2010 Maxmind GeoLite Country database. - diff --git a/changes/geoip-update-june2010 b/changes/geoip-update-june2010 deleted file mode 100644 index 7a15c00..0000000 --- a/changes/geoip-update-june2010 +++ /dev/null @@ -1,2 +0,0 @@ - o Minor features - - Update to the June 1 2010 Maxmind GeoLite Country database. diff --git a/changes/ipv6_crash b/changes/ipv6_crash deleted file mode 100644 index 02f8aaa..0000000 --- a/changes/ipv6_crash +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes: - - Fix a crash in parsing router descriptors containing IPv6 - addresses. This one crashed the directory authorities when somebody - fired up some experimental code. Bugfix on 0.2.1.3-alpha. diff --git a/changes/maatuska-new-v3auth b/changes/maatuska-new-v3auth deleted file mode 100644 index 9508b30..0000000 --- a/changes/maatuska-new-v3auth +++ /dev/null @@ -1,3 +0,0 @@ - o New directory authorities: - - Set up maatuska (run by Linus Nordberg) as the eighth v3 directory - authority. diff --git a/changes/mingw-openssl098m b/changes/mingw-openssl098m deleted file mode 100644 index b419976..0000000 --- a/changes/mingw-openssl098m +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features - - Build correctly on mingw with more recent version of OpenSSL 0.9.8. - Patch from mingw-san. diff --git a/changes/misc-reason b/changes/misc-reason deleted file mode 100644 index 80db2d2..0000000 --- a/changes/misc-reason +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features: - - Have clients begin understanding the new END_STREAM_REASON_NOROUTE - error code. diff --git a/changes/new-geoip-db b/changes/new-geoip-db deleted file mode 100644 index 06d69ea..0000000 --- a/changes/new-geoip-db +++ /dev/null @@ -1,5 +0,0 @@ - o Major features: - - Move to the Maxmind GeoIP db (rather than the June 2009 - ip-to-country GeoIP db) for our statistics that count how many - users relays are seeing from each country. Now we have more accurate - data for many African countries. diff --git a/changes/openbsd-sysheaders b/changes/openbsd-sysheaders deleted file mode 100644 index 2babde2..0000000 --- a/changes/openbsd-sysheaders +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes: - - When building with --enable-gcc-warnings on OpenBSD, disable - warnings in system headers. This makes --enable-gcc-warnings - pass on OpenBSD 4.8. \ No newline at end of file diff --git a/changes/policy_summarize-assert b/changes/policy_summarize-assert deleted file mode 100644 index 619e8e7..0000000 --- a/changes/policy_summarize-assert +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (security) - - Fix a bounds-checking error that could allow an attacker to - remotely crash a directory authority. Found by piebeer. - Bugfix on 0.2.1.5-alpha. - - diff --git a/changes/remove-debian b/changes/remove-debian deleted file mode 100644 index 6eb1896..0000000 --- a/changes/remove-debian +++ /dev/null @@ -1,5 +0,0 @@ - o Removed files: - - Remove the old debian/ directory from the main Tor distribution. - The official Tor-for-debian git repository lives at the URL - https://git.torproject.org/debian/tor.git . - diff --git a/changes/remove-website b/changes/remove-website deleted file mode 100644 index ecbfbf9..0000000 --- a/changes/remove-website +++ /dev/null @@ -1,5 +0,0 @@ - o Removed files: - - Stop shipping the old doc/website/ directory in the tarball. We - changed the website format in late 2010, and what we shipped in - 0.2.1.26 really wasn't that useful anyway. - diff --git a/changes/routerparse_maxima b/changes/routerparse_maxima deleted file mode 100644 index 340f2c3..0000000 --- a/changes/routerparse_maxima +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes - - Check for and reject overly long directory certificates and - directory tokens before they have a chance to hit any - assertions. Bugfix on 0.2.1.28. Found by doorss. diff --git a/changes/security_bug b/changes/security_bug deleted file mode 100644 index 990beee..0000000 --- a/changes/security_bug +++ /dev/null @@ -1,5 +0,0 @@ - o Major bugfixes: - - Fix a remotely exploitable bug that could be used to crash instances - of Tor remotely by overflowing on the heap. Remove-code execution - hasn't been confirmed, but can't be ruled out. Obviously, everyone - should upgrade. Bugfix on the 0.1.1 series and later. diff --git a/changes/tolen_asserts b/changes/tolen_asserts deleted file mode 100644 index a9834ab..0000000 --- a/changes/tolen_asserts +++ /dev/null @@ -1,8 +0,0 @@ - o Major bugfixes (security) - - Fix a heap overflow bug where an adversary could cause heap - corruption. This bug potentially allows remote code execution - attacks. Found by debuger. Fixes CVE-2011-0427. Bugfix on - 0.1.2.10-rc. - o Defensive programming - - Introduce output size checks on all of our decryption functions. - diff --git a/changes/torspec.git b/changes/torspec.git deleted file mode 100644 index ba33ca2..0000000 --- a/changes/torspec.git +++ /dev/null @@ -1,5 +0,0 @@ - o Packaging changes: - - Stop shipping the Tor specs files and development proposal documents - in the tarball. They are now in a separate git repository at - git://git.torproject.org/torspec.git - diff --git a/changes/zlib_aint_openssl b/changes/zlib_aint_openssl deleted file mode 100644 index dd8e10a..0000000 --- a/changes/zlib_aint_openssl +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes - - When warning about missing zlib development packages, give the - correct package names. Bugfix on 0.2.0.1-alpha.

1 0

[tor/release-0.2.2] Set SO_REUSEADDR on all sockets, not just listeners
by nickm＠torproject.org 16 May '11

16 May '11

commit aba7bb705a69697ade1cff24e6693db2cb87236a Author: Nick Mathewson <nickm(a)torproject.org> Date: Tue May 3 22:22:20 2011 -0400 Set SO_REUSEADDR on all sockets, not just listeners See bug 2850 for rationale: it appears that on some busy exits, the OS decides that every single port is now unusable because they have been all used too recently. --- changes/bug2850 | 5 +++++ src/or/connection.c | 34 +++++++++++++++++++++++----------- 2 files changed, 28 insertions(+), 11 deletions(-) diff --git a/changes/bug2850 b/changes/bug2850 new file mode 100644 index 0000000..77ccbfa --- /dev/null +++ b/changes/bug2850 @@ -0,0 +1,5 @@ + - Minor features + o Set SO_REUSEADDR on all sockets, not just listeners. This should + help busy exit nodes avoid running out of useable ports just because + all the ports have been used in the near past. Resolves issue 2850. + diff --git a/src/or/connection.c b/src/or/connection.c index 6e7bbd5..e90e13f 100644 --- a/src/or/connection.c +++ b/src/or/connection.c @@ -851,6 +851,25 @@ warn_too_many_conns(void) } } +/** Tell the TCP stack that it shouldn't wait for a long time after + * sock has closed before reusing its port. */ +static void +make_socket_reuseable(int sock) +{ +#ifdef MS_WINDOWS + (void) sock; +#else + int one=1; + + /* REUSEADDR on normal places means you can rebind to the port + * right after somebody else has let it go. But REUSEADDR on win32 + * means you can bind to the port _even when somebody else + * already has it bound_. So, don't do that on Win32. */ + setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void*) &one, + (socklen_t)sizeof(one)); +#endif +} + /** Bind a new non-blocking socket listening to the socket described * by listensockaddr. * @@ -873,9 +892,6 @@ connection_create_listener(struct sockaddr *listensockaddr, socklen_t socklen, if (listensockaddr->sa_family == AF_INET) { int is_tcp = (type != CONN_TYPE_AP_DNS_LISTENER); -#ifndef MS_WINDOWS - int one=1; -#endif if (is_tcp) start_reading = 1; @@ -893,14 +909,7 @@ connection_create_listener(struct sockaddr *listensockaddr, socklen_t socklen, goto err; } -#ifndef MS_WINDOWS - /* REUSEADDR on normal places means you can rebind to the port - * right after somebody else has let it go. But REUSEADDR on win32 - * means you can bind to the port _even when somebody else - * already has it bound_. So, don't do that on Win32. */ - setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (void*) &one, - (socklen_t)sizeof(one)); -#endif + make_socket_reuseable(s); if (bind(s,listensockaddr,socklen) < 0) { const char *helpfulhint = ""; @@ -1088,6 +1097,7 @@ connection_handle_listener_read(connection_t *conn, int new_type) "Connection accepted on socket %d (child of fd %d).", news,conn->s); + make_socket_reuseable(news); set_socket_nonblocking(news); if (options->ConstrainedSockets) @@ -1297,6 +1307,8 @@ connection_connect(connection_t *conn, const char *address, log_debug(LD_NET, "Connecting to %s:%u.", escaped_safe_str_client(address), port); + make_socket_reuseable(s); + if (connect(s, dest_addr, dest_addr_len) < 0) { int e = tor_socket_errno(s); if (!ERRNO_IS_CONN_EINPROGRESS(e)) {

1 0

[tor/release-0.2.2] Merge remote-tracking branch 'public/bug2850' into maint-0.2.2
by nickm＠torproject.org 16 May '11

16 May '11

commit 919bf6ff3cfb1387f3f9ecf9ce97d8e95e330a05 Merge: 83fe07d aba7bb7 Author: Nick Mathewson <nickm(a)torproject.org> Date: Mon May 16 11:10:17 2011 -0400 Merge remote-tracking branch 'public/bug2850' into maint-0.2.2 Fixed a trivial conflict where this and the ControlSocketGroupWritable code both added different functions to the same part of connection.c. Conflicts: src/or/connection.c changes/bug2850 | 5 +++++ src/or/connection.c | 34 +++++++++++++++++++++++----------- 2 files changed, 28 insertions(+), 11 deletions(-) diff --cc src/or/connection.c index b7d6fe4,e90e13f..5054909 --- a/src/or/connection.c +++ b/src/or/connection.c @@@ -853,43 -851,25 +853,62 @@@ warn_too_many_conns(void } } +#ifdef HAVE_SYS_UN_H +/** Check whether we should be willing to open an AF_UNIX socket in + * path. Return 0 if we should go ahead and -1 if we shouldn't. */ +static int +check_location_for_unix_socket(or_options_t *options, const char *path) +{ + int r = -1; + char *p = tor_strdup(path); + cpd_check_t flags = CPD_CHECK_MODE_ONLY; + if (get_parent_directory(p)<0) + goto done; + + if (options->ControlSocketsGroupWritable) + flags |= CPD_GROUP_OK; + + if (check_private_dir(p, flags) < 0) { + char *escpath, *escdir; + escpath = esc_for_log(path); + escdir = esc_for_log(p); + log_warn(LD_GENERAL, "Before Tor can create a control socket in %s, the " + "directory %s needs to exist, and to be accessible only by the " + "user%s account that is running Tor. (On some Unix systems, " + "anybody who can list a socket can conect to it, so Tor is " + "being careful.)", escpath, escdir, + options->ControlSocketsGroupWritable ? " and group" : ""); + tor_free(escpath); + tor_free(escdir); + goto done; + } + + r = 0; + done: + tor_free(p); + return r; +} +#endif + + /** Tell the TCP stack that it shouldn't wait for a long time after + * sock has closed before reusing its port. */ + static void + make_socket_reuseable(int sock) + { + #ifdef MS_WINDOWS + (void) sock; + #else + int one=1; + + /* REUSEADDR on normal places means you can rebind to the port + * right after somebody else has let it go. But REUSEADDR on win32 + * means you can bind to the port _even when somebody else + * already has it bound_. So, don't do that on Win32. */ + setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void*) &one, + (socklen_t)sizeof(one)); + #endif + } + /** Bind a new non-blocking socket listening to the socket described * by listensockaddr. * @@@ -912,11 -891,7 +931,8 @@@ connection_create_listener(const struc } if (listensockaddr->sa_family == AF_INET) { + tor_addr_t addr; int is_tcp = (type != CONN_TYPE_AP_DNS_LISTENER); - #ifndef MS_WINDOWS - int one=1; - #endif if (is_tcp) start_reading = 1;

1 0

[tor/release-0.2.2] Check fetched rendezvous descriptors' service IDs
by nickm＠torproject.org 16 May '11

16 May '11

commit 7571e9f1cb81927c5bd47190409a30c7f23ea4a1 Author: Robert Ransom <rransom.8774(a)gmail.com> Date: Wed Apr 27 13:37:08 2011 -0700 Check fetched rendezvous descriptors' service IDs --- changes/check-fetched-rend-desc-service-id | 7 +++++++ src/or/directory.c | 5 +++-- src/or/or.h | 3 ++- src/or/rendcommon.c | 22 +++++++++++++++++++++- 4 files changed, 33 insertions(+), 4 deletions(-) diff --git a/changes/check-fetched-rend-desc-service-id b/changes/check-fetched-rend-desc-service-id new file mode 100644 index 0000000..2f37c30 --- /dev/null +++ b/changes/check-fetched-rend-desc-service-id @@ -0,0 +1,7 @@ + o Security fixes: + - When fetching a hidden service descriptor, check that it is for + the hidden service we were trying to connect to, in order to + stop a directory from pre-seeding a client with a descriptor for + a hidden service that they didn't want. Bugfix on 0.0.6. + + diff --git a/src/or/directory.c b/src/or/directory.c index 01f3375..9f9b2c1 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -1909,7 +1909,8 @@ connection_dir_client_reached_eof(dir_connection_t *conn) (int)body_len, status_code, escaped(reason)); switch (status_code) { case 200: - if (rend_cache_store(body, body_len, 0) < -1) { + if (rend_cache_store(body, body_len, 0, + conn->rend_data->onion_address) < -1) { log_warn(LD_REND,"Failed to parse rendezvous descriptor."); /* Any pending rendezvous attempts will notice when * connection_about_to_close_connection() @@ -3114,7 +3115,7 @@ directory_handle_command_post(dir_connection_t *conn, const char *headers, !strcmpstart(url,"/tor/rendezvous/publish")) { /* rendezvous descriptor post */ log_info(LD_REND, "Handling rendezvous descriptor post."); - if (rend_cache_store(body, body_len, 1) < 0) { + if (rend_cache_store(body, body_len, 1, NULL) < 0) { log_fn(LOG_PROTOCOL_WARN, LD_DIRSERV, "Rejected rend descriptor (length %d) from %s.", (int)body_len, conn->_base.address); diff --git a/src/or/or.h b/src/or/or.h index 897ad32..976ba9f 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -4146,7 +4146,8 @@ int rend_cache_lookup_desc(const char *query, int version, const char **desc, int rend_cache_lookup_entry(const char *query, int version, rend_cache_entry_t **entry_out); int rend_cache_lookup_v2_desc_as_dir(const char *query, const char **desc); -int rend_cache_store(const char *desc, size_t desc_len, int published); +int rend_cache_store(const char *desc, size_t desc_len, int published, + const char *service_id); int rend_cache_store_v2_desc_as_client(const char *desc, const rend_data_t *rend_query); int rend_cache_store_v2_desc_as_dir(const char *desc); diff --git a/src/or/rendcommon.c b/src/or/rendcommon.c index c83573b..8727a70 100644 --- a/src/or/rendcommon.c +++ b/src/or/rendcommon.c @@ -1047,9 +1047,14 @@ rend_cache_lookup_v2_desc_as_dir(const char *desc_id, const char **desc) * * The published flag tells us if we store the descriptor * in our role as directory (1) or if we cache it as client (0). + * + * If service_id is non-NULL and the descriptor is not for that + * service ID, reject it. service_id must be specified if and + * only if published is 0 (we fetched this descriptor). */ int -rend_cache_store(const char *desc, size_t desc_len, int published) +rend_cache_store(const char *desc, size_t desc_len, int published, + const char *service_id) { rend_cache_entry_t *e; rend_service_descriptor_t *parsed; @@ -1068,6 +1073,12 @@ rend_cache_store(const char *desc, size_t desc_len, int published) rend_service_descriptor_free(parsed); return -2; } + if ((service_id != NULL) && strcmp(query, service_id)) { + log_warn(LD_REND, "Received service descriptor for service ID %s; " + "expected descriptor for service ID %s.", + query, safe_str(service_id)); + return -2; + } now = time(NULL); if (parsed->timestamp < now-REND_CACHE_MAX_AGE-REND_CACHE_MAX_SKEW) { log_fn(LOG_PROTOCOL_WARN, LD_REND, @@ -1253,6 +1264,8 @@ rend_cache_store_v2_desc_as_dir(const char *desc) * If we have an older descriptor with the same ID, replace it. * If we have any v0 descriptor with the same ID, reject this one in order * to not get confused with having both versions for the same service. + * If the descriptor's service ID does not match + * rend_query-\>onion_address, reject it. * Return -2 if it's malformed or otherwise rejected; return -1 if we * already have a v0 descriptor here; return 0 if it's the same or older * than one we've already got; return 1 if it's novel. @@ -1303,6 +1316,13 @@ rend_cache_store_v2_desc_as_client(const char *desc, retval = -2; goto err; } + if (strcmp(rend_query->onion_address, service_id)) { + log_warn(LD_REND, "Received service descriptor for service ID %s; " + "expected descriptor for service ID %s.", + service_id, safe_str(rend_query->onion_address)); + retval = -2; + goto err; + } /* Decode/decrypt introduction points. */ if (intro_content) { if (rend_query->auth_type != REND_NO_AUTH &&

1 0

[tor/release-0.2.2] Add crypto_pk_check_key_public_exponent function
by nickm＠torproject.org 16 May '11

16 May '11

commit d2629f78a000486f8f994ba0ab75ceeaee67fc55 Author: Robert Ransom <rransom.8774(a)gmail.com> Date: Thu Apr 28 12:13:03 2011 -0700 Add crypto_pk_check_key_public_exponent function --- src/common/crypto.c | 12 ++++++++++++ src/common/crypto.h | 1 + 2 files changed, 13 insertions(+), 0 deletions(-) diff --git a/src/common/crypto.c b/src/common/crypto.c index f3268fe..6761fd7 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -656,6 +656,18 @@ crypto_pk_key_is_private(const crypto_pk_env_t *key) return PRIVATE_KEY_OK(key); } +/** Return true iff env contains a public key whose public exponent + * equals 65537. + */ +int +crypto_pk_check_key_public_exponent(crypto_pk_env_t *env) +{ + tor_assert(env); + tor_assert(env->key); + + return BN_is_word(env->key->e, 65537); +} + /** Compare the public-key components of a and b. Return -1 if a\<b, 0 * if a==b, and 1 if a\>b. */ diff --git a/src/common/crypto.h b/src/common/crypto.h index 576c03d..0fcd067 100644 --- a/src/common/crypto.h +++ b/src/common/crypto.h @@ -92,6 +92,7 @@ size_t crypto_pk_keysize(crypto_pk_env_t *env); crypto_pk_env_t *crypto_pk_dup_key(crypto_pk_env_t *orig); crypto_pk_env_t *crypto_pk_copy_full(crypto_pk_env_t *orig); int crypto_pk_key_is_private(const crypto_pk_env_t *key); +int crypto_pk_check_key_public_exponent(crypto_pk_env_t *env); int crypto_pk_public_encrypt(crypto_pk_env_t *env, char *to, size_t tolen, const char *from, size_t fromlen, int padding);

1 0