[no description] https://git.osdyson.ru/mirror/pkgsrc/atom?h=pkgsrc_2008Q2 2008-04-22T18:06:09Z 2008-04-22T18:06:09Z tnn tnn 2008-04-22T18:06:09Z urn:sha1:c2d8fe94848bf6a6c4af55a3066ff88fe8c65b8e 2008-02-19T13:48:12Z obache obache 2008-02-19T13:48:12Z urn:sha1:65dc6ea8ebf686f5d28ad4cc93570f8aaac3b229 Should fix PR 38046. 2008-02-19T13:45:18Z obache obache 2008-02-19T13:45:18Z urn:sha1:877d41720e2f948bb6a4b91bb2284d2b7a8d211c unusable here yet. 2008-01-20T20:11:09Z jschauma jschauma 2008-01-20T20:11:09Z urn:sha1:b1d1bdcbae6ebf3db4fec0c94d42ebeda873d6f7 Tor 0.1.2.19 fixes a huge memory leak on exit relays, makes the default exit policy a little bit more conservative so it's safer to run an exit relay on a home system, and fixes a variety of smaller issues. https://www.torproject.org/download.html Changes in version 0.1.2.19 - 2008-01-17 o Security fixes: - Exit policies now reject connections that are addressed to a relay's public (external) IP address too, unless ExitPolicyRejectPrivate is turned off. We do this because too many relays are running nearby to services that trust them based on network address. o Major bugfixes: - When the clock jumps forward a lot, do not allow the bandwidth buckets to become negative. Fixes bug 544. - Fix a memory leak on exit relays; we were leaking a cached_resolve_t on every successful resolve. Reported by Mike Perry. - Purge old entries from the "rephist" database and the hidden service descriptor database even when DirPort is zero. - Stop thinking that 0.1.2.x directory servers can handle "begin_dir" requests. Should ease bugs 406 and 419 where 0.1.2.x relays are crashing or mis-answering these requests. - When we decide to send a 503 response to a request for servers, do not then also send the server descriptors: this defeats the whole purpose. Fixes bug 539. o Minor bugfixes: - Changing the ExitPolicyRejectPrivate setting should cause us to rebuild our server descriptor. - Fix handling of hex nicknames when answering controller requests for networkstatus by name, or when deciding whether to warn about unknown routers in a config option. (Patch from mwenge.) - Fix a couple of hard-to-trigger autoconf problems that could result in really weird results on platforms whose sys/types.h files define nonstandard integer types. - Don't try to create the datadir when running --verify-config or --hash-password. Resolves bug 540. - If we were having problems getting a particular descriptor from the directory caches, and then we learned about a new descriptor for that router, we weren't resetting our failure count. Reported by lodger. - Although we fixed bug 539 (where servers would send HTTP status 503 responses _and_ send a body too), there are still servers out there that haven't upgraded. Therefore, make clients parse such bodies when they receive them. - Run correctly on systems where rlim_t is larger than unsigned long. This includes some 64-bit systems. - Run correctly on platforms (like some versions of OS X 10.5) where the real limit for number of open files is OPEN_FILES, not rlim_max from getrlimit(RLIMIT_NOFILES). - Avoid a spurious free on base64 failure. - Avoid segfaults on certain complex invocations of router_get_by_hexdigest(). - Fix rare bug on REDIRECTSTREAM control command when called with no port set: it could erroneously report an error when none had happened. 2008-01-18T05:06:18Z tnn tnn 2008-01-18T05:06:18Z urn:sha1:1c8e24b168b5909ecc586bdbb660570b490d92ef on packages that are affected by the switch from the openssl 0.9.7 branch to the 0.9.8 branch. ok jlam@ 2008-01-06T19:56:54Z jschauma jschauma 2008-01-06T19:56:54Z urn:sha1:887ad5f536bd627f3d3ade32827a736a6d1148cf 2008-01-06T19:44:23Z jschauma jschauma 2008-01-06T19:44:23Z urn:sha1:d6eddca3e4bb4857c4ae4e8bba7c4402a5183233 2007-12-16T21:51:54Z rillig rillig 2007-12-16T21:51:54Z urn:sha1:c91507ab34c31ca5e73e256cdb48b7815102bf25 2007-11-16T05:30:13Z bjs bjs 2007-11-16T05:30:13Z urn:sha1:bbf1af7143e093055b46e5f02ff34caec703db99 o Major bugfixes (crashes): - If a connection is shut down abruptly because of something that happened inside connection_flushed_some(), do not call connection_finished_flushing(). Should fix bug 451: "connection_stop_writing: Assertion conn->write_event failed" Bugfix on 0.1.2.7-alpha. - Fix possible segfaults in functions called from rend_process_relay_cell(). o Major bugfixes (hidden services): - Hidden services were choosing introduction points uniquely by hexdigest, but when constructing the hidden service descriptor they merely wrote the (potentially ambiguous) nickname. - Clients now use the v2 intro format for hidden service connections: they specify their chosen rendezvous point by identity digest rather than by (potentially ambiguous) nickname. These changes could speed up hidden service connections dramatically. o Major bugfixes (other): - Stop publishing a new server descriptor just because we get a HUP signal. This led (in a roundabout way) to some servers getting dropped from the networkstatus lists for a few hours each day. - When looking for a circuit to cannibalize, consider family as well as identity. Fixes bug 438. Bugfix on 0.1.0.x (which introduced circuit cannibalization). - When a router wasn't listed in a new networkstatus, we were leaving the flags for that router alone -- meaning it remained Named, Running, etc -- even though absence from the networkstatus means that it shouldn't be considered to exist at all anymore. Now we clear all the flags for routers that fall out of the networkstatus consensus. Fixes bug 529. o Minor bugfixes: - Don't try to access (or alter) the state file when running --list-fingerprint or --verify-config or --hash-password. Resolves bug 499. - When generating information telling us how to extend to a given router, do not try to include the nickname if it is absent. Resolves bug 467. - Fix a user-triggerable segfault in expand_filename(). (There isn't a way to trigger this remotely.) - When sending a status event to the controller telling it that an OR address is readable, set the port correctly. (Previously we were reporting the dir port.) - Fix a minor memory leak whenever a controller sends the PROTOCOLINFO command. Bugfix on 0.1.2.17. - When loading bandwidth history, do not believe any information in the future. Fixes bug 434. - When loading entry guard information, do not believe any information in the future. - When we have our clock set far in the future and generate an onion key, then re-set our clock to be correct, we should not stop the onion key from getting rotated. - On some platforms, accept() can return a broken address. Detect this more quietly, and deal accordingly. Fixes bug 483. - It's not actually an error to find a non-pending entry in the DNS cache when canceling a pending resolve. Don't log unless stuff is fishy. Resolves bug 463. - Don't reset trusted dir server list when we set a configuration option. Patch from Robert Hogan. 2007-10-25T14:58:29Z obache obache 2007-10-25T14:58:29Z urn:sha1:c6ee029a2b1115699ff382ccbc9d23e1c9167411 While here, change user/group and directory handling to the usual manner. Bump PKGREVISION.