[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/net/tor
Module Name: pkgsrc
Committed By: jschauma
Date: Sun Jan 20 20:11:09 UTC 2008
pkgsrc/net/tor: Makefile distinfo
Update to 0.1.2.19:
Tor 0.1.2.19 fixes a huge memory leak on exit relays, makes the default
exit policy a little bit more conservative so it's safer to run an exit
relay on a home system, and fixes a variety of smaller issues.
Changes in version 0.1.2.19 - 2008-01-17
o Security fixes:
- Exit policies now reject connections that are addressed to a
relay's public (external) IP address too, unless
ExitPolicyRejectPrivate is turned off. We do this because too
many relays are running nearby to services that trust them based
on network address.
o Major bugfixes:
- When the clock jumps forward a lot, do not allow the bandwidth
buckets to become negative. Fixes bug 544.
- Fix a memory leak on exit relays; we were leaking a cached_resolve_t
on every successful resolve. Reported by Mike Perry.
- Purge old entries from the "rephist" database and the hidden
service descriptor database even when DirPort is zero.
- Stop thinking that 0.1.2.x directory servers can handle "begin_dir"
requests. Should ease bugs 406 and 419 where 0.1.2.x relays are
crashing or mis-answering these requests.
- When we decide to send a 503 response to a request for servers, do
not then also send the server descriptors: this defeats the whole
purpose. Fixes bug 539.
o Minor bugfixes:
- Changing the ExitPolicyRejectPrivate setting should cause us to
rebuild our server descriptor.
- Fix handling of hex nicknames when answering controller requests for
networkstatus by name, or when deciding whether to warn about
unknown routers in a config option. (Patch from mwenge.)
- Fix a couple of hard-to-trigger autoconf problems that could result
in really weird results on platforms whose sys/types.h files define
nonstandard integer types.
- Don't try to create the datadir when running --verify-config or
--hash-password. Resolves bug 540.
- If we were having problems getting a particular descriptor from the
directory caches, and then we learned about a new descriptor for
that router, we weren't resetting our failure count. Reported
- Although we fixed bug 539 (where servers would send HTTP status 503
responses _and_ send a body too), there are still servers out there
that haven't upgraded. Therefore, make clients parse such bodies
when they receive them.
- Run correctly on systems where rlim_t is larger than unsigned long.
This includes some 64-bit systems.
- Run correctly on platforms (like some versions of OS X 10.5) where
the real limit for number of open files is OPEN_FILES, not rlim_max
- Avoid a spurious free on base64 failure.
- Avoid segfaults on certain complex invocations of
- Fix rare bug on REDIRECTSTREAM control command when called with no
port set: it could erroneously report an error when none had
To generate a diff of this commit:
cvs rdiff -r1.50 -r1.51 pkgsrc/net/tor/Makefile
cvs rdiff -r1.26 -r1.27 pkgsrc/net/tor/distinfo
cvs rdiff -r1.4 -r1.5 pkgsrc/net/tor/patches/patch-ae
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Main Index |
Thread Index |