commit tor for openSUSE:Factory

30 Dec 2013

Hello community,

here is the log from the commit of package tor for openSUSE:Factory checked in at 2013-12-30 10:46:55
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/tor (Old)
 and      /work/SRC/openSUSE:Factory/.tor.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "tor"

Changes:
--------

--- /work/SRC/openSUSE:Factory/tor/tor.changes	2013-12-16 07:15:01.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.tor.new/tor.changes	2013-12-30 10:46:56.000000000 +0100
@@ -1,0 +2,37 @@
+Fri Dec 27 20:55:26 UTC 2013 - andreas.stieger@gmx.de
+
+- tor 0.2.4.20
+  fixes potentially poor random number generation for users who 
+  1) use OpenSSL 1.0.0 or later, 
+  2) set "HardwareAccel 1" in their torrc file, 
+  3) have "Sandy Bridge" or "Ivy Bridge" Intel processors
+  and 
+  4) have no state file in their DataDirectory (as would happen on
+  first start). 
+  Users who generated relay or hidden service identity keys in such
+  a situation should discard them and generate new ones.
+  No 2 is not the default configuration for openSUSE.
+  This release also fixes a logic error that caused Tor clients to build
+  many more preemptive circuits than they actually need.
+- Major bugfixes:
+  - Do not allow OpenSSL engines to replace the PRNG, even when
+    HardwareAccel is set. The only default builtin PRNG engine uses
+    the Intel RDRAND instruction to replace the entire PRNG, and
+    ignores all attempts to seed it with more entropy. That's
+    cryptographically stupid: the right response to a new alleged
+    entropy source is never to discard all previously used entropy
+    sources. Fixes bug 10402; works around behavior introduced in
+    OpenSSL 1.0.0.
+  - Fix assertion failure when AutomapHostsOnResolve yields an IPv6
+    address.
+  - Avoid launching spurious extra circuits when a stream is pending.
+    This fixes a bug where any circuit that _wasn't_ unusable for new
+    streams would be treated as if it were, causing extra circuits to
+    be launched.
+- Minor bugfixes:
+  - Avoid a crash bug when starting with a corrupted microdescriptor
+    cache file.
+  - If we fail to dump a previously cached microdescriptor to disk, avoid
+    freeing duplicate data later on.
+
+-------------------------------------------------------------------

Old:
----
  tor-0.2.4.19.tar.gz
  tor-0.2.4.19.tar.gz.asc

New:
----
  tor-0.2.4.20.tar.gz
  tor-0.2.4.20.tar.gz.asc

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ tor.spec ++++++
--- /var/tmp/diff_new_pack.jl3hSf/_old	2013-12-30 10:46:57.000000000 +0100
+++ /var/tmp/diff_new_pack.jl3hSf/_new	2013-12-30 10:46:57.000000000 +0100
@@ -19,7 +19,7 @@
 %define with_bufferevents 0%{?suse_version} > 1220
 
 Name:           tor
-Version:        0.2.4.19
+Version:        0.2.4.20
 Release:        0
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 Summary:        Anonymizing overlay network for TCP (The onion router)

++++++ tor-0.2.4.19.tar.gz -> tor-0.2.4.20.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tor-0.2.4.19/ChangeLog new/tor-0.2.4.20/ChangeLog
--- old/tor-0.2.4.19/ChangeLog	2013-12-10 23:08:26.000000000 +0100
+++ new/tor-0.2.4.20/ChangeLog	2013-12-23 06:35:55.000000000 +0100
@@ -1,3 +1,39 @@
+Changes in version 0.2.4.20 - 2013-12-22
+  Tor 0.2.4.20 fixes potentially poor random number generation for users
+  who 1) use OpenSSL 1.0.0 or later, 2) set "HardwareAccel 1" in their
+  torrc file, 3) have "Sandy Bridge" or "Ivy Bridge" Intel processors,
+  and 4) have no state file in their DataDirectory (as would happen on
+  first start). Users who generated relay or hidden service identity
+  keys in such a situation should discard them and generate new ones.
+
+  This release also fixes a logic error that caused Tor clients to build
+  many more preemptive circuits than they actually need.
+
+  o Major bugfixes:
+    - Do not allow OpenSSL engines to replace the PRNG, even when
+      HardwareAccel is set. The only default builtin PRNG engine uses
+      the Intel RDRAND instruction to replace the entire PRNG, and
+      ignores all attempts to seed it with more entropy. That's
+      cryptographically stupid: the right response to a new alleged
+      entropy source is never to discard all previously used entropy
+      sources. Fixes bug 10402; works around behavior introduced in
+      OpenSSL 1.0.0. Diagnosis and investigation thanks to "coderman"
+      and "rl1987".
+    - Fix assertion failure when AutomapHostsOnResolve yields an IPv6
+      address. Fixes bug 10465; bugfix on 0.2.4.7-alpha.
+    - Avoid launching spurious extra circuits when a stream is pending.
+      This fixes a bug where any circuit that _wasn't_ unusable for new
+      streams would be treated as if it were, causing extra circuits to
+      be launched. Fixes bug 10456; bugfix on 0.2.4.12-alpha.
+
+  o Minor bugfixes:
+    - Avoid a crash bug when starting with a corrupted microdescriptor
+      cache file. Fixes bug 10406; bugfix on 0.2.2.6-alpha.
+    - If we fail to dump a previously cached microdescriptor to disk, avoid
+      freeing duplicate data later on. Fixes bug 10423; bugfix on
+      0.2.4.13-alpha. Spotted by "bobnomnom".
+
+
 Changes in version 0.2.4.19 - 2013-12-11
   The Tor 0.2.4 release series is dedicated to the memory of Aaron Swartz
   (1986-2013). Aaron worked on diverse projects including helping to guide
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tor-0.2.4.19/ReleaseNotes new/tor-0.2.4.20/ReleaseNotes
--- old/tor-0.2.4.19/ReleaseNotes	2013-12-10 23:08:26.000000000 +0100
+++ new/tor-0.2.4.20/ReleaseNotes	2013-12-23 00:37:45.000000000 +0100
@@ -3,6 +3,42 @@
 of Tor. If you want to see more detailed descriptions of the changes in
 each development snapshot, see the ChangeLog file.
 
+Changes in version 0.2.4.20 - 2013-12-22
+  Tor 0.2.4.20 fixes potentially poor random number generation for users
+  who 1) use OpenSSL 1.0.0 or later, 2) set "HardwareAccel 1" in their
+  torrc file, 3) have "Sandy Bridge" or "Ivy Bridge" Intel processors,
+  and 4) have no state file in their DataDirectory (as would happen on
+  first start). Users who generated relay or hidden service identity
+  keys in such a situation should discard them and generate new ones.
+
+  This release also fixes a logic error that caused Tor clients to build
+  many more preemptive circuits than they actually need.
+
+  o Major bugfixes:
+    - Do not allow OpenSSL engines to replace the PRNG, even when
+      HardwareAccel is set. The only default builtin PRNG engine uses
+      the Intel RDRAND instruction to replace the entire PRNG, and
+      ignores all attempts to seed it with more entropy. That's
+      cryptographically stupid: the right response to a new alleged
+      entropy source is never to discard all previously used entropy
+      sources. Fixes bug 10402; works around behavior introduced in
+      OpenSSL 1.0.0. Diagnosis and investigation thanks to "coderman"
+      and "rl1987".
+    - Fix assertion failure when AutomapHostsOnResolve yields an IPv6
+      address. Fixes bug 10465; bugfix on 0.2.4.7-alpha.
+    - Avoid launching spurious extra circuits when a stream is pending.
+      This fixes a bug where any circuit that _wasn't_ unusable for new
+      streams would be treated as if it were, causing extra circuits to
+      be launched. Fixes bug 10456; bugfix on 0.2.4.12-alpha.
+
+  o Minor bugfixes:
+    - Avoid a crash bug when starting with a corrupted microdescriptor
+      cache file. Fixes bug 10406; bugfix on 0.2.2.6-alpha.
+    - If we fail to dump a previously cached microdescriptor to disk, avoid
+      freeing duplicate data later on. Fixes bug 10423; bugfix on
+      0.2.4.13-alpha. Spotted by "bobnomnom".
+
+
 Changes in version 0.2.4.19 - 2013-12-11
   The Tor 0.2.4 release series is dedicated to the memory of Aaron Swartz
   (1986-2013). Aaron worked on diverse projects including helping to guide
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tor-0.2.4.19/configure new/tor-0.2.4.20/configure
--- old/tor-0.2.4.19/configure	2013-12-10 23:08:30.000000000 +0100
+++ new/tor-0.2.4.20/configure	2013-12-23 06:36:13.000000000 +0100
@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for tor 0.2.4.19.
+# Generated by GNU Autoconf 2.69 for tor 0.2.4.20.
 #
 #
 # Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc.
@@ -577,8 +577,8 @@
 # Identity of this package.
 PACKAGE_NAME='tor'
 PACKAGE_TARNAME='tor'
-PACKAGE_VERSION='0.2.4.19'
-PACKAGE_STRING='tor 0.2.4.19'
+PACKAGE_VERSION='0.2.4.20'
+PACKAGE_STRING='tor 0.2.4.20'
 PACKAGE_BUGREPORT=''
 PACKAGE_URL=''
 
@@ -1357,7 +1357,7 @@
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-\`configure' configures tor 0.2.4.19 to adapt to many kinds of systems.
+\`configure' configures tor 0.2.4.20 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1427,7 +1427,7 @@
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of tor 0.2.4.19:";;
+     short | recursive ) echo "Configuration of tor 0.2.4.20:";;
    esac
   cat <<\_ACEOF
 
@@ -1563,7 +1563,7 @@
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-tor configure 0.2.4.19
+tor configure 0.2.4.20
 generated by GNU Autoconf 2.69
 
 Copyright (C) 2012 Free Software Foundation, Inc.
@@ -2268,7 +2268,7 @@
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by tor $as_me 0.2.4.19, which was
+It was created by tor $as_me 0.2.4.20, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   $ $0 $@
@@ -3085,7 +3085,7 @@
 
 # Define the identity of the package.
  PACKAGE='tor'
- VERSION='0.2.4.19'
+ VERSION='0.2.4.20'
 
 
 cat >>confdefs.h <<_ACEOF
@@ -12126,7 +12126,7 @@
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by tor $as_me 0.2.4.19, which was
+This file was extended by tor $as_me 0.2.4.20, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -12192,7 +12192,7 @@
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
 ac_cs_version="\\
-tor config.status 0.2.4.19
+tor config.status 0.2.4.20
 configured by $0, generated by GNU Autoconf 2.69,
   with options \\"\$ac_cs_config\\"
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tor-0.2.4.19/configure.ac new/tor-0.2.4.20/configure.ac
--- old/tor-0.2.4.19/configure.ac	2013-12-10 23:08:26.000000000 +0100
+++ new/tor-0.2.4.20/configure.ac	2013-12-23 06:35:55.000000000 +0100
@@ -3,7 +3,7 @@
 dnl Copyright (c) 2007-2013, The Tor Project, Inc.
 dnl See LICENSE for licensing information
 
-AC_INIT([tor],[0.2.4.19])
+AC_INIT([tor],[0.2.4.20])
 AC_CONFIG_SRCDIR([src/or/main.c])
 AC_CONFIG_MACRO_DIR([m4])
 AM_INIT_AUTOMAKE
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tor-0.2.4.19/contrib/tor-mingw.nsi.in new/tor-0.2.4.20/contrib/tor-mingw.nsi.in
--- old/tor-0.2.4.19/contrib/tor-mingw.nsi.in	2013-12-10 23:08:26.000000000 +0100
+++ new/tor-0.2.4.20/contrib/tor-mingw.nsi.in	2013-12-23 06:35:55.000000000 +0100
@@ -8,7 +8,7 @@
 !include "LogicLib.nsh"
 !include "FileFunc.nsh"
 !insertmacro GetParameters
-!define VERSION "0.2.4.19"
+!define VERSION "0.2.4.20"
 !define INSTALLER "tor-${VERSION}-win32.exe"
 !define WEBSITE "https://www.torproject.org/"
 !define LICENSE "LICENSE"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tor-0.2.4.19/doc/tor-fw-helper.1.in new/tor-0.2.4.20/doc/tor-fw-helper.1.in
--- old/tor-0.2.4.19/doc/tor-fw-helper.1.in	2013-11-16 19:13:13.000000000 +0100
+++ new/tor-0.2.4.20/doc/tor-fw-helper.1.in	2013-07-14 02:27:29.000000000 +0200
@@ -2,12 +2,12 @@
 .\"     Title: tor-fw-helper
 .\"    Author: Jacob Appelbaum
 .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\"      Date: 11/16/2013
+.\"      Date: 07/13/2013
 .\"    Manual: Tor Manual
 .\"    Source: Tor
 .\"  Language: English
 .\"
-.TH "TOR\-FW\-HELPER" "1" "11/16/2013" "Tor" "Tor Manual"
+.TH "TOR\-FW\-HELPER" "1" "07/13/2013" "Tor" "Tor Manual"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tor-0.2.4.19/doc/tor-fw-helper.html.in new/tor-0.2.4.20/doc/tor-fw-helper.html.in
--- old/tor-0.2.4.19/doc/tor-fw-helper.html.in	2013-11-16 19:13:12.000000000 +0100
+++ new/tor-0.2.4.20/doc/tor-fw-helper.html.in	2013-07-14 02:27:29.000000000 +0200
@@ -841,7 +841,7 @@
 <div id="footnotes"><hr /></div>
 <div id="footer">
 <div id="footer-text">
-Last updated 2013-10-09 15:29:52 EDT
+Last updated 2013-07-06 18:11:10 EDT
 </div>
 </div>
 </body>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tor-0.2.4.19/doc/tor-gencert.1.in new/tor-0.2.4.20/doc/tor-gencert.1.in
--- old/tor-0.2.4.19/doc/tor-gencert.1.in	2013-09-05 05:41:41.000000000 +0200
+++ new/tor-0.2.4.20/doc/tor-gencert.1.in	2013-07-01 22:30:07.000000000 +0200
@@ -2,12 +2,12 @@
 .\"     Title: tor-gencert
 .\"    Author: Nick Mathewson
 .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\"      Date: 09/04/2013
+.\"      Date: 07/01/2013
 .\"    Manual: Tor Manual
 .\"    Source: Tor
 .\"  Language: English
 .\"
-.TH "TOR\-GENCERT" "1" "09/04/2013" "Tor" "Tor Manual"
+.TH "TOR\-GENCERT" "1" "07/01/2013" "Tor" "Tor Manual"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tor-0.2.4.19/doc/tor-gencert.html.in new/tor-0.2.4.20/doc/tor-gencert.html.in
--- old/tor-0.2.4.19/doc/tor-gencert.html.in	2013-09-05 05:41:49.000000000 +0200
+++ new/tor-0.2.4.20/doc/tor-gencert.html.in	2013-07-01 22:30:13.000000000 +0200
@@ -896,7 +896,7 @@
 <div id="footnotes"><hr /></div>
 <div id="footer">
 <div id="footer-text">
-Last updated 2013-08-22 20:10:09 EDT
+Last updated 2013-06-05 21:24:12 EDT
 </div>
 </div>
 </body>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tor-0.2.4.19/doc/tor-resolve.1.in new/tor-0.2.4.20/doc/tor-resolve.1.in
--- old/tor-0.2.4.19/doc/tor-resolve.1.in	2013-09-05 05:41:44.000000000 +0200
+++ new/tor-0.2.4.20/doc/tor-resolve.1.in	2013-07-01 22:30:08.000000000 +0200
@@ -2,12 +2,12 @@
 .\"     Title: tor-resolve
 .\"    Author: Peter Palfrader
 .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\"      Date: 09/04/2013
+.\"      Date: 07/01/2013
 .\"    Manual: Tor Manual
 .\"    Source: Tor
 .\"  Language: English
 .\"
-.TH "TOR\-RESOLVE" "1" "09/04/2013" "Tor" "Tor Manual"
+.TH "TOR\-RESOLVE" "1" "07/01/2013" "Tor" "Tor Manual"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tor-0.2.4.19/doc/tor-resolve.html.in new/tor-0.2.4.20/doc/tor-resolve.html.in
--- old/tor-0.2.4.19/doc/tor-resolve.html.in	2013-09-05 05:41:49.000000000 +0200
+++ new/tor-0.2.4.20/doc/tor-resolve.html.in	2013-07-01 22:30:14.000000000 +0200
@@ -821,7 +821,7 @@
 <div id="footnotes"><hr /></div>
 <div id="footer">
 <div id="footer-text">
-Last updated 2013-08-22 20:10:09 EDT
+Last updated 2013-06-05 21:24:12 EDT
 </div>
 </div>
 </body>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tor-0.2.4.19/doc/tor.1.in new/tor-0.2.4.20/doc/tor.1.in
--- old/tor-0.2.4.19/doc/tor.1.in	2013-12-10 23:10:01.000000000 +0100
+++ new/tor-0.2.4.20/doc/tor.1.in	2013-12-23 07:24:29.000000000 +0100
@@ -2,12 +2,12 @@
 .\"     Title: tor
 .\"    Author: [see the "AUTHORS" section]
 .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\"      Date: 12/10/2013
+.\"      Date: 12/23/2013
 .\"    Manual: Tor Manual
 .\"    Source: Tor
 .\"  Language: English
 .\"
-.TH "TOR" "1" "12/10/2013" "Tor" "Tor Manual"
+.TH "TOR" "1" "12/23/2013" "Tor" "Tor Manual"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tor-0.2.4.19/doc/tor.html.in new/tor-0.2.4.20/doc/tor.html.in
--- old/tor-0.2.4.19/doc/tor.html.in	2013-12-10 23:10:05.000000000 +0100
+++ new/tor-0.2.4.20/doc/tor.html.in	2013-12-23 07:24:55.000000000 +0100
@@ -4447,7 +4447,7 @@
 <div id="footnotes"><hr /></div>
 <div id="footer">
 <div id="footer-text">
-Last updated 2013-12-10 17:08:26 EST
+Last updated 2013-12-23 00:35:55 EST
 </div>
 </div>
 </body>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tor-0.2.4.19/doc/torify.1.in new/tor-0.2.4.20/doc/torify.1.in
--- old/tor-0.2.4.19/doc/torify.1.in	2013-10-10 20:55:24.000000000 +0200
+++ new/tor-0.2.4.20/doc/torify.1.in	2013-07-07 00:39:32.000000000 +0200
@@ -2,12 +2,12 @@
 .\"     Title: torify
 .\"    Author: [see the "AUTHORS" section]
 .\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\"      Date: 10/10/2013
+.\"      Date: 07/06/2013
 .\"    Manual: Tor Manual
 .\"    Source: Tor
 .\"  Language: English
 .\"
-.TH "TORIFY" "1" "10/10/2013" "Tor" "Tor Manual"
+.TH "TORIFY" "1" "07/06/2013" "Tor" "Tor Manual"
 .\" -----------------------------------------------------------------
 .\" * Define some portability stuff
 .\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tor-0.2.4.19/doc/torify.html.in new/tor-0.2.4.20/doc/torify.html.in
--- old/tor-0.2.4.19/doc/torify.html.in	2013-10-10 20:55:28.000000000 +0200
+++ new/tor-0.2.4.20/doc/torify.html.in	2013-07-07 00:39:36.000000000 +0200
@@ -789,7 +789,7 @@
 <div id="footnotes"><hr /></div>
 <div id="footer">
 <div id="footer-text">
-Last updated 2013-10-09 15:29:52 EDT
+Last updated 2013-07-06 18:11:10 EDT
 </div>
 </div>
 </body>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tor-0.2.4.19/micro-revision.i new/tor-0.2.4.20/micro-revision.i
--- old/tor-0.2.4.19/micro-revision.i	2013-12-10 23:09:33.000000000 +0100
+++ new/tor-0.2.4.20/micro-revision.i	2013-12-23 07:20:53.000000000 +0100
@@ -1 +1 @@
-"e719d05fd296a9dd"
+"3cb5c70beec5bf46"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tor-0.2.4.19/src/common/common_sha1.i new/tor-0.2.4.20/src/common/common_sha1.i
--- old/tor-0.2.4.19/src/common/common_sha1.i	2013-12-10 23:08:53.000000000 +0100
+++ new/tor-0.2.4.20/src/common/common_sha1.i	2013-12-23 07:16:29.000000000 +0100
@@ -1,5 +1,5 @@
 "6df0654a8a4ec4df3dd8091424d2fbb4d795dc0b  src/common/aes.c\n"
-"48dd91d36656559ccafbad27946d68b16406bf6b  src/common/crypto.c\n"
+"2e4e078d95ba5772913d20915096388de95c9458  src/common/crypto.c\n"
 "e690691451ae42afdaff915313ead860b1d021d0  src/common/crypto_format.c\n"
 "02c1744d1e1db0967595bc6bd2d69432692d082f  src/common/torgzip.c\n"
 "affb838c4670191cd5e021953f7876687b494166  src/common/tortls.c\n"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tor-0.2.4.19/src/common/crypto.c new/tor-0.2.4.20/src/common/crypto.c
--- old/tor-0.2.4.19/src/common/crypto.c	2013-12-10 23:08:26.000000000 +0100
+++ new/tor-0.2.4.20/src/common/crypto.c	2013-12-23 06:35:55.000000000 +0100
@@ -169,8 +169,8 @@
     const char *name, *id;
     name = ENGINE_get_name(e);
     id = ENGINE_get_id(e);
-    log_notice(LD_CRYPTO, "Using OpenSSL engine %s [%s] for %s",
-        name?name:"?", id?id:"?", fn);
+    log_notice(LD_CRYPTO, "Default OpenSSL engine for %s is %s [%s]",
+               fn, name?name:"?", id?id:"?");
   } else {
     log_info(LD_CRYPTO, "Using default implementation for %s", fn);
   }
@@ -288,7 +288,7 @@
       }
       log_engine("RSA", ENGINE_get_default_RSA());
       log_engine("DH", ENGINE_get_default_DH());
-      log_engine("RAND", ENGINE_get_default_RAND());
+      log_engine("RAND (which we will not use)", ENGINE_get_default_RAND());
       log_engine("SHA1", ENGINE_get_digest_engine(NID_sha1));
       log_engine("3DES", ENGINE_get_cipher_engine(NID_des_ede3_ecb));
       log_engine("AES", ENGINE_get_cipher_engine(NID_aes_128_ecb));
@@ -297,6 +297,13 @@
       log_info(LD_CRYPTO, "NOT using OpenSSL engine support.");
     }
 
+    if (RAND_get_rand_method() != RAND_SSLeay()) {
+      log_notice(LD_CRYPTO, "It appears that one of our engines has provided "
+                 "a replacement the OpenSSL RNG. Resetting it to the default "
+                 "implementation.");
+      RAND_set_rand_method(RAND_SSLeay());
+    }
+
     evaluate_evp_for_aes(-1);
     evaluate_ctr_for_aes();
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tor-0.2.4.19/src/or/circuituse.c new/tor-0.2.4.20/src/or/circuituse.c
--- old/tor-0.2.4.19/src/or/circuituse.c	2013-12-10 23:08:26.000000000 +0100
+++ new/tor-0.2.4.20/src/or/circuituse.c	2013-12-23 06:35:55.000000000 +0100
@@ -828,7 +828,7 @@
       cpath_build_state_t *build_state = origin_circ->build_state;
       if (build_state->is_internal || build_state->onehop_tunnel)
         continue;
-      if (!origin_circ->unusable_for_new_conns)
+      if (origin_circ->unusable_for_new_conns)
         continue;
 
       exitnode = build_state_get_exit_node(build_state);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tor-0.2.4.19/src/or/connection_edge.c new/tor-0.2.4.20/src/or/connection_edge.c
--- old/tor-0.2.4.19/src/or/connection_edge.c	2013-12-10 23:08:26.000000000 +0100
+++ new/tor-0.2.4.20/src/or/connection_edge.c	2013-12-23 06:35:55.000000000 +0100
@@ -61,6 +61,11 @@
 static int connection_exit_connect_dir(edge_connection_t *exitconn);
 static int consider_plaintext_ports(entry_connection_t *conn, uint16_t port);
 static int connection_ap_supports_optimistic_data(const entry_connection_t *);
+static void connection_ap_handshake_socks_resolved_addr(
+                                            entry_connection_t *conn,
+                                            const tor_addr_t *answer,
+                                            int ttl,
+                                            time_t expires);
 
 /** An AP stream has failed/finished. If it hasn't already sent back
  * a socks reply, send one now (based on endreason). Also set
@@ -1156,17 +1161,13 @@
     }
 
     if (socks->command == SOCKS_COMMAND_RESOLVE) {
-      uint32_t answer;
-      struct in_addr in;
+      tor_addr_t answer;
       /* Reply to resolves immediately if we can. */
-      if (tor_inet_aton(socks->address, &in)) { /* see if it's an IP already */
-        /* leave it in network order */
-        answer = in.s_addr;
+      if (tor_addr_parse(&answer, socks->address) >= 0) {/* is it an IP? */
         /* remember _what_ is supposed to have been resolved. */
         strlcpy(socks->address, orig_address, sizeof(socks->address));
-        connection_ap_handshake_socks_resolved(conn,RESOLVED_TYPE_IPV4,4,
-                                               (uint8_t*)&answer,
-                                               -1,map_expires);
+        connection_ap_handshake_socks_resolved_addr(conn, &answer, -1,
+                                                    map_expires);
         connection_mark_unattached_ap(conn,
                                 END_STREAM_REASON_DONE |
                                 END_STREAM_REASON_FLAG_ALREADY_SOCKS_REPLIED);
@@ -2059,6 +2060,35 @@
   }
 }
 
+/**
+ * As connection_ap_handshake_socks_resolved, but take a tor_addr_t to send
+ * as the answer.
+ */
+static void
+connection_ap_handshake_socks_resolved_addr(entry_connection_t *conn,
+                                            const tor_addr_t *answer,
+                                            int ttl,
+                                            time_t expires)
+{
+  if (tor_addr_family(answer) == AF_INET) {
+    uint32_t a = tor_addr_to_ipv4n(answer); /* network order */
+    connection_ap_handshake_socks_resolved(conn,RESOLVED_TYPE_IPV4,4,
+                                           (uint8_t*)&a,
+                                           ttl, expires);
+  } else if (tor_addr_family(answer) == AF_INET6) {
+    const uint8_t *a = tor_addr_to_in6_addr8(answer);
+    connection_ap_handshake_socks_resolved(conn,RESOLVED_TYPE_IPV6,16,
+                                           a,
+                                           ttl, expires);
+  } else {
+    log_warn(LD_BUG, "Got called with address of unexpected family %d",
+             tor_addr_family(answer));
+    connection_ap_handshake_socks_resolved(conn,
+                                           RESOLVED_TYPE_ERROR,0,NULL,-1,-1);
+  }
+}
+
+
 /** Send an answer to an AP connection that has requested a DNS lookup via
  * SOCKS.  The type should be one of RESOLVED_TYPE_(IPV4|IPV6|HOSTNAME) or -1
  * for unreachable; the answer should be in the format specified in the socks
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tor-0.2.4.19/src/or/dirvote.c new/tor-0.2.4.20/src/or/dirvote.c
--- old/tor-0.2.4.19/src/or/dirvote.c	2013-12-10 23:08:26.000000000 +0100
+++ new/tor-0.2.4.20/src/or/dirvote.c	2013-12-23 06:35:55.000000000 +0100
@@ -3585,7 +3585,8 @@
 
   {
     smartlist_t *lst = microdescs_parse_from_string(output,
-                                                 output+strlen(output), 0, 1);
+                                                 output+strlen(output), 0,
+                                                    SAVED_NOWHERE);
     if (smartlist_len(lst) != 1) {
       log_warn(LD_DIR, "We generated a microdescriptor we couldn't parse.");
       SMARTLIST_FOREACH(lst, microdesc_t *, md, microdesc_free(md));
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tor-0.2.4.19/src/or/microdesc.c new/tor-0.2.4.20/src/or/microdesc.c
--- old/tor-0.2.4.19/src/or/microdesc.c	2013-12-10 23:08:26.000000000 +0100
+++ new/tor-0.2.4.20/src/or/microdesc.c	2013-12-23 06:35:55.000000000 +0100
@@ -154,11 +154,10 @@
 {
   smartlist_t *descriptors, *added;
   const int allow_annotations = (where != SAVED_NOWHERE);
-  const int copy_body = (where != SAVED_IN_CACHE);
 
   descriptors = microdescs_parse_from_string(s, eos,
                                              allow_annotations,
-                                             copy_body);
+                                             where);
   if (listed_at > 0) {
     SMARTLIST_FOREACH(descriptors, microdesc_t *, md,
                       md->last_listed = listed_at);
@@ -407,6 +406,26 @@
     return 0;
 }
 
+/**
+ * Mark <b>md</b> as having no body, and release any storage previously held
+ * by its body.
+ */
+static void
+microdesc_wipe_body(microdesc_t *md)
+{
+  if (!md)
+    return;
+
+  if (md->saved_location != SAVED_IN_CACHE)
+    tor_free(md->body);
+
+  md->off = 0;
+  md->saved_location = SAVED_NOWHERE;
+  md->body = NULL;
+  md->bodylen = 0;
+  md->no_save = 1;
+}
+
 /** Regenerate the main cache file for <b>cache</b>, clear the journal file,
  * and update every microdesc_t in the cache with pointers to its new
  * location.  If <b>force</b> is true, do this unconditionally.  If
@@ -455,12 +474,7 @@
 
     size = dump_microdescriptor(fd, md, &annotation_len);
     if (size < 0) {
-      if (md->saved_location != SAVED_IN_CACHE)
-        tor_free(md->body);
-      md->saved_location = SAVED_NOWHERE;
-      md->off = 0;
-      md->bodylen = 0;
-      md->no_save = 1;
+      microdesc_wipe_body(md);
 
       /* rewind, in case it was a partial write. */
       tor_fd_setpos(fd, off);
@@ -497,11 +511,7 @@
     HT_FOREACH(mdp, microdesc_map, &cache->map) {
       microdesc_t *md = *mdp;
       if (md->saved_location == SAVED_IN_CACHE) {
-        md->off = 0;
-        md->saved_location = SAVED_NOWHERE;
-        md->body = NULL;
-        md->bodylen = 0;
-        md->no_save = 1;
+        microdesc_wipe_body(md);
       }
     }
     return -1;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tor-0.2.4.19/src/or/or_sha1.i new/tor-0.2.4.20/src/or/or_sha1.i
--- old/tor-0.2.4.19/src/or/or_sha1.i	2013-12-10 23:09:33.000000000 +0100
+++ new/tor-0.2.4.20/src/or/or_sha1.i	2013-12-23 07:20:51.000000000 +0100
@@ -8,18 +8,18 @@
 "db8e6e4e880a19999aa97663ae08c52972386563  src/or/circuitmux.c\n"
 "d4ad2888c3101581cf4544750370f2cd3cf94fdd  src/or/circuitmux_ewma.c\n"
 "0d147a24797417d019592ee0f8dee3feccbf1318  src/or/circuitstats.c\n"
-"86dfff9e8ac34bf9acbcb302d0e9a6a2a22d0a35  src/or/circuituse.c\n"
+"eac62ce167b3dbaea1ee00a98a9f063d7614f4fc  src/or/circuituse.c\n"
 "fb90791ead8ce4c952212372db0444f8940c8d5a  src/or/command.c\n"
 "9a49da73907e8594264a69587d079903a4a33505  src/or/config.c\n"
 "36dc692c0ddd83463722eeca9016c730b5bc654e  src/or/confparse.c\n"
 "db9dc5fcde8b68f45cd6b8ffcff4e83ef530d62c  src/or/connection.c\n"
-"989fa93d192f5d9b84c473cb48c1e8b70537d781  src/or/connection_edge.c\n"
+"8f5c91d0ae62ab7aac23bc2f31139fdd8fdc4730  src/or/connection_edge.c\n"
 "45b23f791bbaae08deaa9adaa23f021cb056a732  src/or/connection_or.c\n"
 "dd37d24f3da34951f5aab7cf06ed7f0af720ae11  src/or/control.c\n"
 "a06da0534bf2653f0c919eeb12b45911372149d9  src/or/cpuworker.c\n"
 "36cba941a3af51e8b89604a1432a9cf4439533d9  src/or/directory.c\n"
 "0833ae16c55ccff2e947bd68254b37a76ada6cc4  src/or/dirserv.c\n"
-"ebbef044d54ac1ed0b47fc03665c0d5da762a669  src/or/dirvote.c\n"
+"e8964aa5e0d59a47291daca873a30c2e54ed570e  src/or/dirvote.c\n"
 "58873f9472fbd3374bb8bedf8898cd610979759d  src/or/dns.c\n"
 "7051649c91cbb08873693d147e4c6da7e1e043e5  src/or/dnsserv.c\n"
 "e5c6da5c0eb4b4214e6365b83fb5483d2d234cef  src/or/fp_pair.c\n"
@@ -27,7 +27,7 @@
 "21c231afb35845cfc303614e8e976479b715ffdc  src/or/entrynodes.c\n"
 "66f74cc610e925fa42eb4311f57d4db0ed60db49  src/or/hibernate.c\n"
 "18f5dea5f1b8dc6cb56eaa21e6c4fd0d38b10917  src/or/main.c\n"
-"4c0b1401e2e267e6fb433e30be3d277982b05137  src/or/microdesc.c\n"
+"0c5f95c1426ce13d5c633c30ba3a61d0a65b257d  src/or/microdesc.c\n"
 "288cac7fd59e434bdc04158e48413e80499aad42  src/or/networkstatus.c\n"
 "9948d42c266b0c71a8faef363d0d77d0d5680341  src/or/nodelist.c\n"
 "6f437580030e374cdc059d48ce3f912ba0d56672  src/or/onion.c\n"
@@ -45,7 +45,7 @@
 "3654e3f8358f16bb04b24922706f2ea2b2b9b8c9  src/or/replaycache.c\n"
 "c278c0a175daf6639fed9731da6ef5a0cd4f3a58  src/or/router.c\n"
 "d4fee3f549913565df2e122847186695b76311d8  src/or/routerlist.c\n"
-"56adf1ad5065f1b75d629f732f21fbb2b4683783  src/or/routerparse.c\n"
+"cae8e4f9d879575e62b7f1884f16864d33da6890  src/or/routerparse.c\n"
 "a1d43f45a49918eb613e13121ef85cc4405c04ca  src/or/routerset.c\n"
 "c3f3a207c09f4a889cd0cb311978de21cca3d5f8  src/or/statefile.c\n"
 "40b4d2e7810e5054cf52a45736423e580ca437d5  src/or/status.c\n"
@@ -102,6 +102,6 @@
 "30ed07fadbfc50eac024c415868f2e9ad6bc20fc  src/or/router.h\n"
 "98fbe2beb9b694bd3bddc509a0430aebafcf9d2e  src/or/routerlist.h\n"
 "ac098125b79f6fba41a58b498811f60c852d562b  src/or/routerset.h\n"
-"08128c087abb5778613fae5a991b3b913c76a314  src/or/routerparse.h\n"
+"ee45bbe04fd8686a28901ee82c43ad6f42dccde8  src/or/routerparse.h\n"
 "00e61f581c3734b619af4fe1a95e940862a8f76f  src/or/statefile.h\n"
 "1cec9dc4fff60b5569944a81db1b20e6d00066c0  src/or/status.h\n"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tor-0.2.4.19/src/or/routerparse.c new/tor-0.2.4.20/src/or/routerparse.c
--- old/tor-0.2.4.19/src/or/routerparse.c	2013-12-10 23:08:26.000000000 +0100
+++ new/tor-0.2.4.20/src/or/routerparse.c	2013-12-23 06:35:55.000000000 +0100
@@ -4245,12 +4245,17 @@
 
 /** Parse as many microdescriptors as are found from the string starting at
  * <b>s</b> and ending at <b>eos</b>.  If allow_annotations is set, read any
- * annotations we recognize and ignore ones we don't.  If <b>copy_body</b> is
- * true, then strdup the bodies of the microdescriptors.  Return all newly
+ * annotations we recognize and ignore ones we don't.
+ *
+ * If <b>saved_location</b> isn't SAVED_IN_CACHE, make a local copy of each
+ * descriptor in the body field of each microdesc_t.
+ *
+ * Return all newly
  * parsed microdescriptors in a newly allocated smartlist_t. */
 smartlist_t *
 microdescs_parse_from_string(const char *s, const char *eos,
-                             int allow_annotations, int copy_body)
+                             int allow_annotations,
+                             saved_location_t where)
 {
   smartlist_t *tokens;
   smartlist_t *result;
@@ -4259,6 +4264,7 @@
   const char *start = s;
   const char *start_of_next_microdesc;
   int flags = allow_annotations ? TS_ANNOTATIONS_OK : 0;
+  const int copy_body = (where != SAVED_IN_CACHE);
 
   directory_token_t *tok;
 
@@ -4288,6 +4294,7 @@
       tor_assert(cp);
 
       md->bodylen = start_of_next_microdesc - cp;
+      md->saved_location = where;
       if (copy_body)
         md->body = tor_memdup_nulterm(cp, md->bodylen);
       else
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tor-0.2.4.19/src/or/routerparse.h new/tor-0.2.4.20/src/or/routerparse.h
--- old/tor-0.2.4.19/src/or/routerparse.h	2013-10-09 21:29:53.000000000 +0200
+++ new/tor-0.2.4.20/src/or/routerparse.h	2013-12-22 08:25:53.000000000 +0100
@@ -64,7 +64,7 @@
 
 smartlist_t *microdescs_parse_from_string(const char *s, const char *eos,
                                           int allow_annotations,
-                                          int copy_body);
+                                          saved_location_t where);
 
 authority_cert_t *authority_cert_parse_from_string(const char *s,
                                                    const char **end_of_string);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tor-0.2.4.19/src/test/test_microdesc.c new/tor-0.2.4.20/src/test/test_microdesc.c
--- old/tor-0.2.4.19/src/test/test_microdesc.c	2013-10-09 21:29:53.000000000 +0200
+++ new/tor-0.2.4.20/src/test/test_microdesc.c	2013-12-22 08:25:53.000000000 +0100
@@ -240,8 +240,53 @@
   tor_free(fn);
 }
 
+static const char truncated_md[] =
+  "@last-listed 2013-08-08 19:02:59\n"
+  "onion-key\n"
+  "-----BEGIN RSA PUBLIC KEY-----\n"
+  "MIGJAoGBAM91vLFNaM+gGhnRIdz2Cm/Kl7Xz0cOobIdVzhS3cKUJfk867hCuTipS\n"
+  "NveLBzNopvgXKruAAzEj3cACxk6Q8lv5UWOGCD1UolkgsWSE62RBjap44g+oc9J1\n"
+  "RI9968xOTZw0VaBQg9giEILNXl0djoikQ+5tQRUvLDDa67gpa5Q1AgMBAAE=\n"
+  "-----END RSA PUBLIC KEY-----\n"
+  "family @\n";
+
+static void
+test_md_cache_broken(void *data)
+{
+  or_options_t *options;
+  char *fn=NULL;
+  microdesc_cache_t *mc = NULL;
+
+  (void)data;
+
+  options = get_options_mutable();
+  tt_assert(options);
+  options->DataDirectory = tor_strdup(get_fname("md_datadir_test2"));
+
+#ifdef _WIN32
+  tt_int_op(0, ==, mkdir(options->DataDirectory));
+#else
+  tt_int_op(0, ==, mkdir(options->DataDirectory, 0700));
+#endif
+
+  tor_asprintf(&fn, "%s"PATH_SEPARATOR"cached-microdescs",
+               options->DataDirectory);
+
+  write_str_to_file(fn, truncated_md, 1);
+
+  mc = get_microdesc_cache();
+  tt_assert(mc);
+
+ done:
+  if (options)
+    tor_free(options->DataDirectory);
+  tor_free(fn);
+  microdesc_free_all();
+}
+
 struct testcase_t microdesc_tests[] = {
   { "cache", test_md_cache, TT_FORK, NULL, NULL },
+  { "broken_cache", test_md_cache_broken, TT_FORK, NULL, NULL },
   END_OF_TESTCASES
 };
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/tor-0.2.4.19/src/win32/orconfig.h new/tor-0.2.4.20/src/win32/orconfig.h
--- old/tor-0.2.4.19/src/win32/orconfig.h	2013-12-10 23:08:26.000000000 +0100
+++ new/tor-0.2.4.20/src/win32/orconfig.h	2013-12-23 06:35:55.000000000 +0100
@@ -241,7 +241,7 @@
 #define USING_TWOS_COMPLEMENT
 
 /* Version number of package */
-#define VERSION "0.2.4.19"
+#define VERSION "0.2.4.20"
 
 
 

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org

    

root＠hilbert.suse.de

tags

participants (1)