mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-10 05:03:43 +01:00
Fix typos.
Typos found with codespell. Please keep in mind that this should have impact on actual code and must be carefully evaluated: src/core/or/lttng_circuit.inc - ctf_enum_value("CONTROLER", CIRCUIT_PURPOSE_CONTROLLER) + ctf_enum_value("CONTROLLER", CIRCUIT_PURPOSE_CONTROLLER)
This commit is contained in:
parent
e2d3c9c5f8
commit
4a0cd79588
@ -96,7 +96,7 @@ variables:
|
||||
- if [ "$CHUTNEY" = yes ]; then git clone --depth 1 https://git.torproject.org/chutney.git ; export CHUTNEY_PATH="$(pwd)/chutney"; fi
|
||||
- if [ "$TRACING" = yes ]; then apt install liblttng-ust-dev; fi
|
||||
|
||||
# Minmal check on debian: just make, make check.
|
||||
# Minimal check on debian: just make, make check.
|
||||
#
|
||||
debian-minimal:
|
||||
image: debian:stable
|
||||
|
@ -1501,7 +1501,7 @@ dnl These cflags add bunches of branches, and we haven't been able to
|
||||
dnl persuade ourselves that they're suitable for code that needs to be
|
||||
dnl constant time.
|
||||
AC_SUBST(CFLAGS_BUGTRAP)
|
||||
dnl These cflags are variant ones sutable for code that needs to be
|
||||
dnl These cflags are variant ones suitable for code that needs to be
|
||||
dnl constant-time.
|
||||
AC_SUBST(CFLAGS_CONSTTIME)
|
||||
|
||||
|
@ -6,7 +6,7 @@
|
||||
|
||||
"""
|
||||
exitlist -- Given a Tor directory on stdin, lists the Tor servers
|
||||
that accept connections to given addreses.
|
||||
that accept connections to given addresses.
|
||||
|
||||
example usage:
|
||||
|
||||
|
@ -124,7 +124,7 @@ the module calls. Modules which call fewer other modules are better targets.
|
||||
|
||||
Strive to change the C API as little as possible.
|
||||
|
||||
We are currently targetting Rust stable. (See `CodingStandardsRust.md` for more
|
||||
We are currently targeting Rust stable. (See `CodingStandardsRust.md` for more
|
||||
details.)
|
||||
|
||||
It is on our TODO list to try to cultivate good
|
||||
|
@ -102,7 +102,7 @@ they do not apply to security-related patch release versions.
|
||||
4. Open tickets for connecting the new branches to various other
|
||||
places. See section 2 above for a list of affected locations.
|
||||
|
||||
5. Stop running practracker on maintainence and release branches:
|
||||
5. Stop running practracker on maintenance and release branches:
|
||||
* Remove "check-best-practices" from the check-local Makefile
|
||||
target in the maint-x.y.z branch only.
|
||||
* Delete the file scripts/maint/practracker/.enable_practracker_in_hooks
|
||||
|
@ -47,7 +47,7 @@ A trace event in tor has the following standard format:
|
||||
tor_trace(subsystem, event_name, args...);
|
||||
```
|
||||
|
||||
The `subsystem` parameter is the name of the subsytem the trace event is in.
|
||||
The `subsystem` parameter is the name of the subsystem the trace event is in.
|
||||
For example that could be "scheduler" or "vote" or "hs". The idea is to add
|
||||
some context to the event so when we collect them we know where it's coming
|
||||
from.
|
||||
@ -135,7 +135,7 @@ This is pretty easy. Let's say you want to add a trace event in
|
||||
#include "lib/trace/events.h"
|
||||
```
|
||||
|
||||
Then, the `tor_trace()` macro can be used with the specific format detailled
|
||||
Then, the `tor_trace()` macro can be used with the specific format detailed
|
||||
before in a previous section. As an example:
|
||||
|
||||
```c
|
||||
|
@ -13,7 +13,7 @@ opened on your host at the same time.
|
||||
FreeBSD
|
||||
-------
|
||||
|
||||
Tune the followind sysctl(8) variables:
|
||||
Tune the following sysctl(8) variables:
|
||||
* kern.maxfiles - maximum allowed file descriptors (for entire system)
|
||||
* kern.maxfilesperproc - maximum file descriptors one process is allowed
|
||||
to use
|
||||
|
@ -54,7 +54,7 @@ AC_DEFUN([AC_PC_FROM_UCONTEXT],
|
||||
else
|
||||
AC_CHECK_HEADERS(sys/ucontext.h) # ucontext on OS X 10.6 (at least)
|
||||
fi
|
||||
AC_CHECK_HEADERS(cygwin/signal.h) # ucontext on cywgin
|
||||
AC_CHECK_HEADERS(cygwin/signal.h) # ucontext on cygwin
|
||||
AC_MSG_CHECKING([how to access the program counter from a struct ucontext])
|
||||
pc_fields=" uc_mcontext.gregs[[REG_PC]]" # Solaris x86 (32 + 64 bit)
|
||||
pc_fields="$pc_fields uc_mcontext.gregs[[REG_EIP]]" # Linux (i386)
|
||||
|
@ -53,7 +53,7 @@ fi[]dnl
|
||||
# to PKG_CHECK_MODULES(), but does not set variables or print errors.
|
||||
#
|
||||
# Please remember that m4 expands AC_REQUIRE([PKG_PROG_PKG_CONFIG])
|
||||
# only at the first occurence in configure.ac, so if the first place
|
||||
# only at the first occurrence in configure.ac, so if the first place
|
||||
# it's called might be skipped (such as if it is within an "if", you
|
||||
# have to call PKG_CHECK_EXISTS manually
|
||||
# --------------------------------------------------------------
|
||||
|
@ -461,7 +461,7 @@ fi
|
||||
if [[ "${STEM}" = "yes" ]]; then
|
||||
start_section "Stem"
|
||||
if [[ "${TOR_VER_AT_LEAST_044}" = 'yes' ]]; then
|
||||
# XXXX This shold probably be part some test-stem make target.
|
||||
# XXXX This should probably be part of some test-stem make target.
|
||||
if runcmd timelimit -p -t 520 -s USR1 -T 30 -S ABRT \
|
||||
python3 "${STEM_PATH}/run_tests.py" \
|
||||
--tor src/app/tor \
|
||||
|
@ -494,7 +494,7 @@ set_tor_github_pr_fetch_config
|
||||
fetch_remote "tor-github"
|
||||
|
||||
# GitLab remote
|
||||
printf "%s Seting up remote %s\\n" "$MARKER" "${BYEL}tor-gitlab${CNRM}"
|
||||
printf "%s Setting up remote %s\\n" "$MARKER" "${BYEL}tor-gitlab${CNRM}"
|
||||
add_remote "tor-gitlab" "$GITLAB_PULL"
|
||||
set_remote_push "tor-gitlab" "$GITLAB_PUSH"
|
||||
# Add custom fetch for MRs
|
||||
|
@ -3,7 +3,7 @@
|
||||
# To install this script, copy it to .git/hooks/pre-commit in local copy of
|
||||
# tor git repo and make sure it has permission to execute.
|
||||
#
|
||||
# This is pre-commit git hook script that prevents commiting your changeset if
|
||||
# This is pre-commit git hook script that prevents committing your changeset if
|
||||
# it fails our code formatting, changelog entry formatting, module include
|
||||
# rules, etc...
|
||||
|
||||
|
@ -70,7 +70,7 @@ LINE_OBVIOUSNESS_LIMIT = 4
|
||||
# Maximum line width. This includes a terminating newline character.
|
||||
#
|
||||
# (This is the maximum before encoding, so that if the the operating system
|
||||
# uses multiple characers to encode newline, that's still okay.)
|
||||
# uses multiple characters to encode newline, that's still okay.)
|
||||
LINE_WIDTH=80
|
||||
|
||||
class Problem(Exception):
|
||||
|
@ -11,7 +11,7 @@
|
||||
#
|
||||
|
||||
"""
|
||||
This program uses a set of plugable filters to inspect and transform
|
||||
This program uses a set of pluggable filters to inspect and transform
|
||||
our C code.
|
||||
"""
|
||||
|
||||
|
@ -153,7 +153,7 @@ This is an automated commit, generated by this command:
|
||||
if no_verify:
|
||||
msg += """
|
||||
It was generated with --no-verify, so it probably breaks some commit hooks.
|
||||
The commiter should be sure to fix them up in a subsequent commit.
|
||||
The committer should be sure to fix them up in a subsequent commit.
|
||||
"""
|
||||
|
||||
return msg
|
||||
|
@ -1518,7 +1518,7 @@ compute_group_readable_flag(const char *datadir,
|
||||
* the datadirectory */
|
||||
return datadir_gr;
|
||||
} else {
|
||||
/* The directores are different, so we default to "not group-readable" */
|
||||
/* The directories are different, so we default to "not group-readable" */
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
@ -5872,9 +5872,9 @@ warn_client_dns_cache(const char *option, int disabling)
|
||||
return;
|
||||
|
||||
warn_deprecated_option(option,
|
||||
"Client-side DNS cacheing enables a wide variety of route-"
|
||||
"Client-side DNS caching enables a wide variety of route-"
|
||||
"capture attacks. If a single bad exit node lies to you about "
|
||||
"an IP address, cacheing that address would make you visit "
|
||||
"an IP address, caching that address would make you visit "
|
||||
"an address of the attacker's choice every time you connected "
|
||||
"to your destination.");
|
||||
}
|
||||
@ -7009,7 +7009,7 @@ options_get_dir_fname2_suffix,(const or_options_t *options,
|
||||
return fname;
|
||||
}
|
||||
|
||||
/** Check wether the data directory has a private subdirectory
|
||||
/** Check whether the data directory has a private subdirectory
|
||||
* <b>subdir</b>. If not, try to create it. Return 0 on success,
|
||||
* -1 otherwise. */
|
||||
int
|
||||
|
@ -1041,7 +1041,7 @@ struct or_options_t {
|
||||
/** Maximum allowed burst of circuits. Reaching that value, the address is
|
||||
* detected as malicious and a defense might be used. */
|
||||
int DoSCircuitCreationBurst;
|
||||
/** When an address is marked as malicous, what defense should be used
|
||||
/** When an address is marked as malicious, what defense should be used
|
||||
* against it. See the dos_cc_defense_type_t enum. */
|
||||
int DoSCircuitCreationDefenseType;
|
||||
/** For how much time (in seconds) the defense is applicable for a malicious
|
||||
|
@ -21,7 +21,7 @@ struct config_suite_t;
|
||||
struct or_state_t {
|
||||
uint32_t magic_;
|
||||
/** The time at which we next plan to write the state to the disk. Equal to
|
||||
* TIME_MAX if there are no savable changes, 0 if there are changes that
|
||||
* TIME_MAX if there are no saveable changes, 0 if there are changes that
|
||||
* should be saved right away. */
|
||||
time_t next_write;
|
||||
|
||||
|
@ -17,7 +17,7 @@
|
||||
/** Method used to resolved an address. In other words, how was the address
|
||||
* discovered by tor. */
|
||||
typedef enum {
|
||||
/* Default value. Indiate that no method found the address. */
|
||||
/* Default value. Indicate that no method found the address. */
|
||||
RESOLVED_ADDR_NONE = 0,
|
||||
/* Found from the "Address" configuration option. */
|
||||
RESOLVED_ADDR_CONFIGURED = 1,
|
||||
|
@ -88,7 +88,7 @@
|
||||
## yourself to make this work.
|
||||
#ORPort 443 NoListen
|
||||
#ORPort 127.0.0.1:9090 NoAdvertise
|
||||
## If you want to listen on IPv6 your numeric address must be explictly
|
||||
## If you want to listen on IPv6 your numeric address must be explicitly
|
||||
## between square brackets as follows. You must also listen on IPv4.
|
||||
#ORPort [2001:DB8::1]:9050
|
||||
|
||||
|
@ -88,7 +88,7 @@
|
||||
## yourself to make this work.
|
||||
#ORPort 443 NoListen
|
||||
#ORPort 127.0.0.1:9090 NoAdvertise
|
||||
## If you want to listen on IPv6 your numeric address must be explictly
|
||||
## If you want to listen on IPv6 your numeric address must be explicitly
|
||||
## between square brackets as follows. You must also listen on IPv4.
|
||||
#ORPort [2001:DB8::1]:9050
|
||||
|
||||
|
@ -246,7 +246,7 @@ estimated_usec_for_onionskins(uint32_t n_requests, uint16_t onionskin_type)
|
||||
if (onionskin_type > MAX_ONION_HANDSHAKE_TYPE) /* should be impossible */
|
||||
return 1000 * (uint64_t)n_requests;
|
||||
if (PREDICT_UNLIKELY(onionskins_n_processed[onionskin_type] < 100)) {
|
||||
/* Until we have 100 data points, just asssume everything takes 1 msec. */
|
||||
/* Until we have 100 data points, just assume everything takes 1 msec. */
|
||||
return 1000 * (uint64_t)n_requests;
|
||||
} else {
|
||||
/* This can't overflow: we'll never have more than 500000 onionskins
|
||||
|
@ -1475,7 +1475,7 @@ get_my_roles(const or_options_t *options)
|
||||
|
||||
/* We also consider tor to have the role of a client if the ControlPort is
|
||||
* set because a lot of things can be done over the control port which
|
||||
* requires tor to have basic functionnalities. */
|
||||
* requires tor to have basic functionalities. */
|
||||
int is_client = options_any_client_port_set(options) ||
|
||||
options->ControlPort_set ||
|
||||
options->OwningControllerFD != UINT64_MAX;
|
||||
|
@ -72,7 +72,7 @@ note_user_activity(time_t now)
|
||||
}
|
||||
|
||||
/**
|
||||
* Change the time at which "user activitiy" was last seen to <b>now</b>.
|
||||
* Change the time at which "user activity" was last seen to <b>now</b>.
|
||||
*
|
||||
* Unlike note_user_actity, this function sets the time without checking
|
||||
* whether it is in the past, and without causing any rescan of periodic events
|
||||
|
@ -32,7 +32,7 @@
|
||||
*
|
||||
* NOTE: For now, the separation between channels and specialized channels
|
||||
* (like channeltls) is not that well defined. So the channeltls layer calls
|
||||
* channel_process_cell() which originally comes from the connection subsytem.
|
||||
* channel_process_cell() which originally comes from the connection subsystem.
|
||||
* This should be hopefully be fixed with #23993.
|
||||
*
|
||||
* For *outbound* cells, the entry point is: channel_write_packed_cell().
|
||||
@ -2387,7 +2387,7 @@ channel_is_better(channel_t *a, channel_t *b)
|
||||
* Get a channel to extend a circuit.
|
||||
*
|
||||
* Given the desired relay identity, pick a suitable channel to extend a
|
||||
* circuit to the target IPv4 or IPv6 address requsted by the client. Search
|
||||
* circuit to the target IPv4 or IPv6 address requested by the client. Search
|
||||
* for an existing channel for the requested endpoint. Make sure the channel
|
||||
* is usable for new circuits, and matches one of the target addresses.
|
||||
*
|
||||
|
@ -7,7 +7,7 @@
|
||||
/**
|
||||
* \file circuitbuild.c
|
||||
*
|
||||
* \brief Implements the details of building circuits (by chosing paths,
|
||||
* \brief Implements the details of building circuits (by choosing paths,
|
||||
* constructing/sending create/extend cells, and so on).
|
||||
*
|
||||
* On the client side, this module handles launching circuits. Circuit
|
||||
|
@ -127,7 +127,7 @@ MOCK_DECL(unsigned int, circuitmux_num_cells, (circuitmux_t *cmux));
|
||||
unsigned int circuitmux_num_circuits(circuitmux_t *cmux);
|
||||
unsigned int circuitmux_num_active_circuits(circuitmux_t *cmux);
|
||||
|
||||
/* Debuging interface - slow. */
|
||||
/* Debugging interface - slow. */
|
||||
int64_t circuitmux_count_queued_destroy_cells(const channel_t *chan,
|
||||
const circuitmux_t *cmux);
|
||||
|
||||
|
@ -1536,7 +1536,7 @@ circpad_machine_schedule_padding,(circpad_machine_runtime_t *mi))
|
||||
/**
|
||||
* If the machine transitioned to the END state, we need
|
||||
* to check to see if it wants us to shut it down immediately.
|
||||
* If it does, then we need to send the appropiate negotiation commands
|
||||
* If it does, then we need to send the appropriate negotiation commands
|
||||
* depending on which side it is.
|
||||
*
|
||||
* After this function is called, mi may point to freed memory. Do
|
||||
@ -2076,7 +2076,7 @@ circpad_machine_conditions_keep(origin_circuit_t *circ,
|
||||
*
|
||||
* The padding code only cares if the circuit is building,
|
||||
* opened, used for streams, and/or still has relay early cells.
|
||||
* This returns a bitmask of all state properities that apply to
|
||||
* This returns a bitmask of all state properties that apply to
|
||||
* this circuit.
|
||||
*/
|
||||
static inline
|
||||
@ -2390,7 +2390,7 @@ circpad_deliver_unrecognized_cell_events(circuit_t *circ,
|
||||
* Deliver circpad events for "recognized" relay cells.
|
||||
*
|
||||
* Recognized cells are destined for this hop, either client or middle.
|
||||
* Check if this is a padding cell or not, and send the appropiate
|
||||
* Check if this is a padding cell or not, and send the appropriate
|
||||
* received event.
|
||||
*/
|
||||
void
|
||||
@ -2682,7 +2682,7 @@ circpad_circ_responder_machine_init(void)
|
||||
serialize this into the consensus or the torrc */
|
||||
|
||||
/* We transition to the burst state on padding receive and on non-padding
|
||||
* recieve */
|
||||
* receive */
|
||||
circ_responder_machine->states[CIRCPAD_STATE_START].
|
||||
next_state[CIRCPAD_EVENT_PADDING_RECV] = CIRCPAD_STATE_BURST;
|
||||
circ_responder_machine->states[CIRCPAD_STATE_START].
|
||||
@ -2711,7 +2711,7 @@ circpad_circ_responder_machine_init(void)
|
||||
/* During burst state we wait forever for padding to arrive.
|
||||
|
||||
We are waiting for a padding cell from the client to come in, so that we
|
||||
respond, and we immitate how extend looks like */
|
||||
respond, and we imitate how extend looks like */
|
||||
circ_responder_machine->states[CIRCPAD_STATE_BURST].histogram[0] = 0;
|
||||
// Only infinity bin:
|
||||
circ_responder_machine->states[CIRCPAD_STATE_BURST].histogram[1] = 1;
|
||||
|
@ -25,7 +25,7 @@
|
||||
* Client-side introduction circuit hiding machine:
|
||||
*
|
||||
* This machine hides client-side introduction circuits by making their
|
||||
* circuit consruction sequence look like normal general circuits that
|
||||
* circuit construction sequence look like normal general circuits that
|
||||
* download directory information. Furthermore, the circuits are kept open
|
||||
* until all the padding has been sent, since intro circuits are usually
|
||||
* very short lived and this act as a distinguisher. For more info see
|
||||
|
@ -1991,7 +1991,7 @@ circuit_purpose_is_hidden_service(uint8_t purpose)
|
||||
return 0;
|
||||
}
|
||||
|
||||
/** Retrun true iff the given circuit is an HS client circuit. */
|
||||
/** Return true iff the given circuit is an HS client circuit. */
|
||||
bool
|
||||
circuit_purpose_is_hs_client(const uint8_t purpose)
|
||||
{
|
||||
@ -1999,7 +1999,7 @@ circuit_purpose_is_hs_client(const uint8_t purpose)
|
||||
purpose <= CIRCUIT_PURPOSE_C_HS_MAX_);
|
||||
}
|
||||
|
||||
/** Retrun true iff the given circuit is an HS service circuit. */
|
||||
/** Return true iff the given circuit is an HS service circuit. */
|
||||
bool
|
||||
circuit_purpose_is_hs_service(const uint8_t purpose)
|
||||
{
|
||||
@ -2007,14 +2007,14 @@ circuit_purpose_is_hs_service(const uint8_t purpose)
|
||||
purpose <= CIRCUIT_PURPOSE_S_HS_MAX_);
|
||||
}
|
||||
|
||||
/** Retrun true iff the given circuit is an HS Vanguards circuit. */
|
||||
/** Return true iff the given circuit is an HS Vanguards circuit. */
|
||||
bool
|
||||
circuit_purpose_is_hs_vanguards(const uint8_t purpose)
|
||||
{
|
||||
return (purpose == CIRCUIT_PURPOSE_HS_VANGUARDS);
|
||||
}
|
||||
|
||||
/** Retrun true iff the given circuit is an HS v2 circuit. */
|
||||
/** Return true iff the given circuit is an HS v2 circuit. */
|
||||
bool
|
||||
circuit_is_hs_v2(const circuit_t *circ)
|
||||
{
|
||||
@ -2022,7 +2022,7 @@ circuit_is_hs_v2(const circuit_t *circ)
|
||||
(CONST_TO_ORIGIN_CIRCUIT(circ)->rend_data != NULL));
|
||||
}
|
||||
|
||||
/** Retrun true iff the given circuit is an HS v3 circuit. */
|
||||
/** Return true iff the given circuit is an HS v3 circuit. */
|
||||
bool
|
||||
circuit_is_hs_v3(const circuit_t *circ)
|
||||
{
|
||||
|
@ -19,7 +19,7 @@
|
||||
* TCP application socket that has arrived via (e.g.) a SOCKS request, or an
|
||||
* exit connection.
|
||||
*
|
||||
* Not every instance of edge_connection_t truly represents an edge connction,
|
||||
* Not every instance of edge_connection_t truly represents an edge connection,
|
||||
* however. (Sorry!) We also create edge_connection_t objects for streams that
|
||||
* we will not be handling with TCP. The types of these streams are:
|
||||
* <ul>
|
||||
@ -578,8 +578,8 @@ connection_edge_end(edge_connection_t *conn, uint8_t reason)
|
||||
/**
|
||||
* Helper function for bsearch.
|
||||
*
|
||||
* As per smartlist_bsearch, return < 0 if key preceeds member,
|
||||
* > 0 if member preceeds key, and 0 if they are equal.
|
||||
* As per smartlist_bsearch, return < 0 if key precedes member,
|
||||
* > 0 if member precedes key, and 0 if they are equal.
|
||||
*
|
||||
* This is equivalent to subtraction of the values of key - member
|
||||
* (why does no one ever say that explicitly?).
|
||||
@ -2066,7 +2066,7 @@ connection_ap_handle_onion(entry_connection_t *conn,
|
||||
log_info(LD_GENERAL, "Found %s descriptor in cache for %s. %s.",
|
||||
(descriptor_is_usable) ? "usable" : "unusable",
|
||||
safe_str_client(onion_address),
|
||||
(descriptor_is_usable) ? "Not fetching." : "Refecting.");
|
||||
(descriptor_is_usable) ? "Not fetching." : "Refetching.");
|
||||
} else {
|
||||
rend_cache_lookup_result = -ENOENT;
|
||||
}
|
||||
@ -2655,8 +2655,8 @@ destination_from_socket(entry_connection_t *conn, socks_request_t *req)
|
||||
break;
|
||||
#endif /* defined(TRANS_NETFILTER_IPV6) */
|
||||
default:
|
||||
log_warn(LD_BUG,
|
||||
"Received transparent data from an unsuported socket family %d",
|
||||
log_warn(LD_BUG, "Received transparent data from an unsupported "
|
||||
"socket family %d",
|
||||
ENTRY_TO_CONN(conn)->socket_family);
|
||||
return -1;
|
||||
}
|
||||
|
@ -28,7 +28,7 @@
|
||||
/*
|
||||
* Circuit Purposes
|
||||
*
|
||||
* The following defines an enumeration of all possible circuit purpose so
|
||||
* The following defines an enumeration of all possible circuit purposes so
|
||||
* they appear in the trace with the define name (first parameter of
|
||||
* ctf_enum_value) instead of the numerical value.
|
||||
*/
|
||||
@ -70,7 +70,7 @@ TRACEPOINT_ENUM(tor_circuit, purpose,
|
||||
|
||||
/* Misc. */
|
||||
ctf_enum_value("TESTING", CIRCUIT_PURPOSE_TESTING)
|
||||
ctf_enum_value("CONTROLER", CIRCUIT_PURPOSE_CONTROLLER)
|
||||
ctf_enum_value("CONTROLLER", CIRCUIT_PURPOSE_CONTROLLER)
|
||||
ctf_enum_value("PATH_BIAS_TESTING", CIRCUIT_PURPOSE_PATH_BIAS_TESTING)
|
||||
|
||||
/* VanGuard */
|
||||
|
@ -50,7 +50,7 @@ typedef struct extend_cell_t {
|
||||
tor_addr_port_t orport_ipv4;
|
||||
/** An IPv6 address and port for the node we're connecting to. */
|
||||
tor_addr_port_t orport_ipv6;
|
||||
/** Identity fingerprint of the node we're conecting to.*/
|
||||
/** Identity fingerprint of the node we're connecting to.*/
|
||||
uint8_t node_id[DIGEST_LEN];
|
||||
/** Ed25519 public identity key. Zero if not set. */
|
||||
struct ed25519_public_key_t ed_pubkey;
|
||||
|
@ -31,7 +31,7 @@ struct or_connection_t {
|
||||
/** This is the ClientHash value we expect to receive from the
|
||||
* client during the Extended ORPort authentication protocol. We
|
||||
* compute it upon receiving the ClientNoce from the client, and we
|
||||
* compare it with the acual ClientHash value sent by the
|
||||
* compare it with the actual ClientHash value sent by the
|
||||
* client. */
|
||||
char *ext_or_auth_correct_client_hash;
|
||||
/** String carrying the name of the pluggable transport
|
||||
@ -74,7 +74,7 @@ struct or_connection_t {
|
||||
unsigned int is_outgoing:1;
|
||||
unsigned int proxy_type:3; /**< One of PROXY_NONE...PROXY_HAPROXY */
|
||||
unsigned int wide_circ_ids:1;
|
||||
/** True iff a failure on this connection indicates a posssible
|
||||
/** True iff a failure on this connection indicates a possible
|
||||
* bootstrapping problem. We set this as true if we notice that this
|
||||
* connection could handle a pending origin circuit, or if we launch it to
|
||||
* handle an origin circuit. */
|
||||
|
@ -54,7 +54,7 @@ enum path_state_t {
|
||||
/** Did any SOCKS streams or hidserv introductions actually succeed on
|
||||
* this circuit?
|
||||
*
|
||||
* If any streams detatch/fail from this circuit, the code transitions
|
||||
* If any streams detach/fail from this circuit, the code transitions
|
||||
* the circuit back to PATH_STATE_USE_ATTEMPTED to ensure we probe. See
|
||||
* pathbias_mark_use_rollback() for that.
|
||||
*/
|
||||
|
@ -1849,7 +1849,7 @@ policies_log_first_redundant_entry(const smartlist_t *policy)
|
||||
int found_ipv4_wildcard = 0, found_ipv6_wildcard = 0;
|
||||
const int i = p_sl_idx;
|
||||
|
||||
/* Look for accept/reject *[4|6|]:* entires */
|
||||
/* Look for accept/reject *[4|6|]:* entries */
|
||||
if (p->prt_min <= 1 && p->prt_max == 65535 && p->maskbits == 0) {
|
||||
family = tor_addr_family(&p->addr);
|
||||
/* accept/reject *:* may have already been expanded into
|
||||
|
@ -678,7 +678,7 @@ sendme_record_received_cell_digest(circuit_t *circ, crypt_path_t *cpath)
|
||||
/* Record incoming digest. */
|
||||
cpath_sendme_record_cell_digest(cpath, false);
|
||||
} else {
|
||||
/* Record foward digest. */
|
||||
/* Record forward digest. */
|
||||
relay_crypto_record_sendme_digest(&TO_OR_CIRCUIT(circ)->crypto, true);
|
||||
}
|
||||
}
|
||||
|
@ -6,7 +6,7 @@
|
||||
|
||||
/**
|
||||
* @file server_port_cfg_st.h
|
||||
* @brief Cnfiguration structure for server ports.
|
||||
* @brief Configuration structure for server ports.
|
||||
**/
|
||||
|
||||
#ifndef SERVER_PORT_CFG_ST_H
|
||||
|
@ -479,7 +479,7 @@ parse_socks5_userpass_auth(const uint8_t *raw_data, socks_request_t *req,
|
||||
/**
|
||||
* Validate and respond to SOCKS5 username/password request we
|
||||
* parsed in parse_socks5_userpass_auth (corresponding to <b>req</b>.
|
||||
* Set <b>req->reply</b> to appropriate responsed. Return
|
||||
* Set <b>req->reply</b> to appropriate response. Return
|
||||
* SOCKS_RESULT_DONE on success or SOCKS_RESULT_INVALID on failure.
|
||||
*/
|
||||
static socks_result_t
|
||||
|
@ -6,7 +6,7 @@ If you run `make`, two .a archives will be built, similar to djb's curve25519
|
||||
code. Alternatively, read on:
|
||||
|
||||
The C implementation is contained within curve25519-donna.c. It has no external
|
||||
dependancies and is BSD licenced. You can copy/include/link it directly in with
|
||||
dependencies and is BSD licenced. You can copy/include/link it directly in with
|
||||
your program. Recommended C flags: -O2
|
||||
|
||||
The x86-64 bit implementation is contained within curve25519-donna-x86-64.c and
|
||||
|
@ -1,5 +1,5 @@
|
||||
[ed25519](http://ed25519.cr.yp.to/) is an
|
||||
[Elliptic Curve Digital Signature Algortithm](http://en.wikipedia.org/wiki/Elliptic_Curve_DSA),
|
||||
[Elliptic Curve Digital Signature Algorithm](http://en.wikipedia.org/wiki/Elliptic_Curve_DSA),
|
||||
developed by [Dan Bernstein](http://cr.yp.to/djb.html),
|
||||
[Niels Duif](http://www.nielsduif.nl/),
|
||||
[Tanja Lange](http://hyperelliptic.org/tanja),
|
||||
@ -56,7 +56,7 @@ No configuration is needed **if you are compiling against OpenSSL**.
|
||||
|
||||
##### Hash Options
|
||||
|
||||
If you are not compiling aginst OpenSSL, you will need a hash function.
|
||||
If you are not compiling against OpenSSL, you will need a hash function.
|
||||
|
||||
To use a simple/**slow** implementation of SHA-512, use `-DED25519_REFHASH` when compiling `ed25519.c`.
|
||||
This should never be used except to verify the code works when OpenSSL is not available.
|
||||
@ -73,7 +73,7 @@ custom hash implementation in ed25519-hash-custom.h. The hash must have a 512bit
|
||||
|
||||
##### Random Options
|
||||
|
||||
If you are not compiling aginst OpenSSL, you will need a random function for batch verification.
|
||||
If you are not compiling against OpenSSL, you will need a random function for batch verification.
|
||||
|
||||
To use a custom random function, use `-DED25519_CUSTOMRANDOM` when compiling `ed25519.c` and put your
|
||||
custom hash implementation in ed25519-randombytes-custom.h. The random function must implement:
|
||||
@ -170,7 +170,7 @@ signing due to both using the same code for the scalar multiply.
|
||||
|
||||
#### Testing
|
||||
|
||||
Fuzzing against reference implemenations is now available. See [fuzz/README](fuzz/README.md).
|
||||
Fuzzing against reference implementations is now available. See [fuzz/README](fuzz/README.md).
|
||||
|
||||
Building `ed25519.c` with `-DED25519_TEST` and linking with `test.c` will run basic sanity tests
|
||||
and benchmark each function. `test-batch.c` has been incorporated in to `test.c`.
|
||||
|
@ -6,7 +6,7 @@
|
||||
|
||||
function usage($reason) {
|
||||
echoln("Usage: php build-nix.php [flags]");
|
||||
echoln("Flags in parantheses are optional");
|
||||
echoln("Flags in parentheses are optional");
|
||||
echoln("");
|
||||
echoln(" --bits=[32,64]");
|
||||
echoln(" --function=[curve25519,ed25519]");
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* Tor: Removed, file is inclued in ed25519.c instead. */
|
||||
/* Tor: Removed, file is included in ed25519.c instead. */
|
||||
/* #include <stdio.h> */
|
||||
/* #include "ed25519-donna.h" */
|
||||
|
||||
|
@ -422,7 +422,7 @@ addressmap_rewrite(char *address, size_t maxlen,
|
||||
goto done;
|
||||
}
|
||||
|
||||
/* Check wither the flags we were passed tell us not to use this
|
||||
/* Check whether the flags we were passed tell us not to use this
|
||||
* mapping. */
|
||||
switch (ent->source) {
|
||||
case ADDRMAPSRC_DNS:
|
||||
@ -515,7 +515,7 @@ addressmap_rewrite_reverse(char *address, size_t maxlen, unsigned flags,
|
||||
else if (f == AF_INET6 && !(flags & AMR_FLAG_USE_IPV6_DNS))
|
||||
return 0;
|
||||
/* FFFF we should reverse-map virtual addresses even if we haven't
|
||||
* enabled DNS cacheing. */
|
||||
* enabled DNS caching. */
|
||||
}
|
||||
|
||||
tor_asprintf(&s, "REVERSE[%s]", address);
|
||||
|
@ -934,7 +934,7 @@ learned_bridge_descriptor(routerinfo_t *ri, int from_cache)
|
||||
if (!from_cache) {
|
||||
/* This schedules the re-fetch at a constant interval, which produces
|
||||
* a pattern of bridge traffic. But it's better than trying all
|
||||
* configured briges several times in the first few minutes. */
|
||||
* configured bridges several times in the first few minutes. */
|
||||
download_status_reset(&bridge->fetch_status);
|
||||
}
|
||||
|
||||
|
@ -683,7 +683,7 @@ pathbias_mark_use_success(origin_circuit_t *circ)
|
||||
}
|
||||
|
||||
/**
|
||||
* If a stream ever detatches from a circuit in a retriable way,
|
||||
* If a stream ever detaches from a circuit in a retriable way,
|
||||
* we need to mark this circuit as still needing either another
|
||||
* successful stream, or in need of a probe.
|
||||
*
|
||||
|
@ -342,7 +342,7 @@ entry_guard_get_pathbias_state(entry_guard_t *guard)
|
||||
|
||||
HANDLE_IMPL(entry_guard, entry_guard_t, ATTR_UNUSED STATIC)
|
||||
|
||||
/** Return an interval betweeen 'now' and 'max_backdate' seconds in the past,
|
||||
/** Return an interval between 'now' and 'max_backdate' seconds in the past,
|
||||
* chosen uniformly at random. We use this before recording persistent
|
||||
* dates, so that we aren't leaking exactly when we recorded it.
|
||||
*/
|
||||
@ -3359,7 +3359,7 @@ get_guard_state_for_bridge_desc_fetch(const char *digest)
|
||||
}
|
||||
|
||||
/* Update the guard last_tried_to_connect time since it's checked by the
|
||||
* guard susbsystem. */
|
||||
* guard subsystem. */
|
||||
guard->last_tried_to_connect = approx_time();
|
||||
|
||||
/* Create the guard state */
|
||||
|
@ -16,7 +16,7 @@
|
||||
* managed proxies that are still unconfigured.
|
||||
*
|
||||
* In every run_scheduled_event() tick, we attempt to launch and then
|
||||
* configure the unconfiged managed proxies, using the configuration
|
||||
* configure the unconfigured managed proxies, using the configuration
|
||||
* protocol defined in the 180_pluggable_transport.txt proposal. A
|
||||
* managed proxy might need several ticks to get fully configured.
|
||||
*
|
||||
|
@ -280,7 +280,7 @@ is_valid_initial_command(control_connection_t *conn, const char *cmd)
|
||||
#define MAX_COMMAND_LINE_LENGTH (1024*1024)
|
||||
|
||||
/** Wrapper around peek_buf_has_control0 command: presents the same
|
||||
* interface as that underlying functions, but takes a connection_t intead of
|
||||
* interface as that underlying functions, but takes a connection_t instead of
|
||||
* a buf_t.
|
||||
*/
|
||||
static int
|
||||
|
@ -5,7 +5,7 @@
|
||||
|
||||
/**
|
||||
* @file getinfo_geoip.c
|
||||
* @brief GEOIP-related contoller GETINFO commands.
|
||||
* @brief GEOIP-related controller GETINFO commands.
|
||||
**/
|
||||
|
||||
#include "core/or/or.h"
|
||||
|
@ -47,7 +47,7 @@ CONF_VAR(AuthDirTestEd25519LinkKeys, BOOL, 0, "1")
|
||||
/**
|
||||
* Bool (default 1): As an authority, should we launch tests for
|
||||
* reachability, and use those results to vote on "Running"? If 0,
|
||||
* we assume that every relay is Runnning.
|
||||
* we assume that every relay is Running.
|
||||
**/
|
||||
CONF_VAR(AuthDirTestReachability, BOOL, 0, "1")
|
||||
|
||||
|
@ -70,7 +70,7 @@
|
||||
*
|
||||
* We persist these entries to disk using a simple format, where each line
|
||||
* has a base64-encoded RSA SHA1 hash, then a base64-endoded Ed25519 key.
|
||||
* Empty lines, misformed lines, and lines beginning with # are
|
||||
* Empty lines, malformed lines, and lines beginning with # are
|
||||
* ignored. Lines beginning with @ are reserved for future extensions.
|
||||
*
|
||||
* The dirserv.c module is the main user of these functions.
|
||||
@ -507,7 +507,7 @@ keypin_clear(void)
|
||||
HT_CLEAR(rsamap,&the_rsa_map);
|
||||
|
||||
if (bad_entries) {
|
||||
log_warn(LD_BUG, "Found %d discrepencies in the keypin database.",
|
||||
log_warn(LD_BUG, "Found %d discrepancies in the keypin database.",
|
||||
bad_entries);
|
||||
}
|
||||
}
|
||||
|
@ -780,7 +780,7 @@ new_protocol_run(time_t valid_after)
|
||||
sr_compute_srv();
|
||||
}
|
||||
|
||||
/* Prepare for the new protocol run by reseting the state */
|
||||
/* Prepare for the new protocol run by resetting the state */
|
||||
reset_state_for_new_protocol_run(valid_after);
|
||||
|
||||
/* Do some logging */
|
||||
|
@ -6,7 +6,7 @@
|
||||
|
||||
/**
|
||||
* @file vote_microdesc_hash_st.h
|
||||
* @brief Microdescriptor-hash voting strcture.
|
||||
* @brief Microdescriptor-hash voting structure.
|
||||
**/
|
||||
|
||||
#ifndef VOTE_MICRODESC_HASH_ST_H
|
||||
|
@ -45,7 +45,7 @@ typedef struct {
|
||||
/* True iff this voting schedule was set on demand meaning not through the
|
||||
* normal vote operation of a dirauth or when a consensus is set. This only
|
||||
* applies to a directory authority that needs to recalculate the voting
|
||||
* timings only for the first vote even though this object was initilized
|
||||
* timings only for the first vote even though this object was initialized
|
||||
* prior to voting. */
|
||||
int created_on_demand;
|
||||
|
||||
|
@ -735,7 +735,7 @@ digest_list_contains_best_consensus(consensus_flavor_t flavor,
|
||||
typedef struct {
|
||||
/** name of the flavor to retrieve. */
|
||||
char *flavor;
|
||||
/** flavor to retrive, as enum. */
|
||||
/** flavor to retrieve, as enum. */
|
||||
consensus_flavor_t flav;
|
||||
/** plus-separated list of authority fingerprints; see
|
||||
* client_likes_consensus(). Aliases the URL in the request passed to
|
||||
|
@ -829,7 +829,7 @@ gen_ed_diff(const smartlist_t *cons1_orig, const smartlist_t *cons2,
|
||||
}
|
||||
|
||||
/* Helper: Read a base-10 number between 0 and INT32_MAX from <b>s</b> and
|
||||
* store it in <b>num_out</b>. Advance <b>s</b> to the characer immediately
|
||||
* store it in <b>num_out</b>. Advance <b>s</b> to the character immediately
|
||||
* after the number. Return 0 on success, -1 on failure. */
|
||||
static int
|
||||
get_linenum(const char **s, int *num_out)
|
||||
@ -1335,7 +1335,7 @@ consensus_join_lines(const smartlist_t *inp)
|
||||
}
|
||||
|
||||
/** Given two consensus documents, try to compute a diff between them. On
|
||||
* success, retun a newly allocated string containing that diff. On failure,
|
||||
* success, return a newly allocated string containing that diff. On failure,
|
||||
* return NULL. */
|
||||
char *
|
||||
consensus_diff_generate(const char *cons1, size_t cons1len,
|
||||
|
@ -247,7 +247,7 @@ routerstatus_parse_guardfraction(const char *guardfraction_str,
|
||||
|
||||
tor_assert(bool_eq(vote, vote_rs));
|
||||
|
||||
/* If this info comes from a consensus, but we should't apply
|
||||
/* If this info comes from a consensus, but we shouldn't apply
|
||||
guardfraction, just exit. */
|
||||
if (is_consensus && !should_apply_guardfraction(NULL)) {
|
||||
return 0;
|
||||
|
@ -653,17 +653,18 @@ router_parse_entry_from_string(const char *s, const char *end,
|
||||
goto err;
|
||||
}
|
||||
if (strcmp(ed_cert_tok->object_type, "ED25519 CERT")) {
|
||||
log_warn(LD_DIR, "Wrong object type on identity-ed25519 in decriptor");
|
||||
log_warn(LD_DIR, "Wrong object type on identity-ed25519 "
|
||||
"in descriptor");
|
||||
goto err;
|
||||
}
|
||||
if (strcmp(cc_ntor_tok->object_type, "ED25519 CERT")) {
|
||||
log_warn(LD_DIR, "Wrong object type on ntor-onion-key-crosscert "
|
||||
"in decriptor");
|
||||
"in descriptor");
|
||||
goto err;
|
||||
}
|
||||
if (strcmp(cc_tap_tok->object_type, "CROSSCERT")) {
|
||||
log_warn(LD_DIR, "Wrong object type on onion-key-crosscert "
|
||||
"in decriptor");
|
||||
"in descriptor");
|
||||
goto err;
|
||||
}
|
||||
if (strcmp(cc_ntor_tok->args[0], "0") &&
|
||||
@ -1065,7 +1066,8 @@ extrainfo_parse_entry_from_string(const char *s, const char *end,
|
||||
goto err;
|
||||
}
|
||||
if (strcmp(ed_cert_tok->object_type, "ED25519 CERT")) {
|
||||
log_warn(LD_DIR, "Wrong object type on identity-ed25519 in decriptor");
|
||||
log_warn(LD_DIR, "Wrong object type on identity-ed25519 "
|
||||
"in descriptor");
|
||||
goto err;
|
||||
}
|
||||
|
||||
|
@ -48,7 +48,7 @@ typedef enum {
|
||||
/** We are hibernating, and we won't wake up till there's more bandwidth to
|
||||
* use. */
|
||||
HIBERNATE_STATE_DORMANT=4,
|
||||
/** We start out in state default, which means we havent decided which state
|
||||
/** We start out in state default, which means we haven't decided which state
|
||||
* we're in. */
|
||||
HIBERNATE_STATE_INITIAL=5
|
||||
} hibernate_state_t;
|
||||
|
@ -854,7 +854,7 @@ hs_cache_lookup_as_client(const ed25519_public_key_t *key)
|
||||
* was not usable but the descriptor was
|
||||
* still stored.
|
||||
*
|
||||
* Any other codes means indicate where the error occured and the descriptor
|
||||
* Any other codes means indicate where the error occurred and the descriptor
|
||||
* was not stored. */
|
||||
hs_desc_decode_status_t
|
||||
hs_cache_store_as_client(const char *desc_str,
|
||||
@ -1019,7 +1019,7 @@ hs_cache_client_intro_state_purge(void)
|
||||
}
|
||||
|
||||
/* This is called when new client authorization was added to the global state.
|
||||
* It attemps to decode the descriptor of the given service identity key.
|
||||
* It attempts to decode the descriptor of the given service identity key.
|
||||
*
|
||||
* Return true if decoding was successful else false. */
|
||||
bool
|
||||
|
@ -56,7 +56,7 @@ compute_introduce_mac(const uint8_t *encoded_cell, size_t encoded_cell_len,
|
||||
/* First, put the encoded cell in the msg. */
|
||||
memcpy(mac_msg, encoded_cell, encoded_cell_len);
|
||||
offset += encoded_cell_len;
|
||||
/* Second, put the CLIENT_PK + ENCRYPTED_DATA but ommit the MAC field (which
|
||||
/* Second, put the CLIENT_PK + ENCRYPTED_DATA but omit the MAC field (which
|
||||
* is junk at this point). */
|
||||
memcpy(mac_msg + offset, encrypted, (encrypted_len - DIGEST256_LEN));
|
||||
offset += (encrypted_len - DIGEST256_LEN);
|
||||
@ -293,7 +293,7 @@ introduce1_set_encrypted_link_spec(trn_cell_introduce_encrypted_t *cell,
|
||||
}
|
||||
|
||||
/** Set padding in the enc_cell only if needed that is the total length of both
|
||||
* sections are below the mininum required for an INTRODUCE1 cell. */
|
||||
* sections are below the minimum required for an INTRODUCE1 cell. */
|
||||
static void
|
||||
introduce1_set_encrypted_padding(const trn_cell_introduce1_t *cell,
|
||||
trn_cell_introduce_encrypted_t *enc_cell)
|
||||
|
@ -3,7 +3,7 @@
|
||||
|
||||
/**
|
||||
* \file hs_cell.h
|
||||
* \brief Header file containing cell data for the whole HS subsytem.
|
||||
* \brief Header file containing cell data for the whole HS subsystem.
|
||||
**/
|
||||
|
||||
#ifndef TOR_HS_CELL_H
|
||||
|
@ -817,7 +817,7 @@ hs_circ_service_intro_has_opened(hs_service_t *service,
|
||||
tor_assert(desc);
|
||||
tor_assert(circ);
|
||||
|
||||
/* Cound opened circuits that have sent ESTABLISH_INTRO cells or are already
|
||||
/* Count opened circuits that have sent ESTABLISH_INTRO cells or are already
|
||||
* established introduction circuits */
|
||||
num_intro_circ = count_opened_desc_intro_point_circuits(service, desc);
|
||||
num_needed_circ = service->config.num_intro_points;
|
||||
|
@ -3,7 +3,7 @@
|
||||
|
||||
/**
|
||||
* \file hs_circuit.h
|
||||
* \brief Header file containing circuit data for the whole HS subsytem.
|
||||
* \brief Header file containing circuit data for the whole HS subsystem.
|
||||
**/
|
||||
|
||||
#ifndef TOR_HS_CIRCUIT_H
|
||||
|
@ -329,7 +329,7 @@ retry_all_socks_conn_waiting_for_desc(void)
|
||||
* a descriptor but we do have it in the cache.
|
||||
*
|
||||
* This can happen is tor comes back from suspend where it previously
|
||||
* had the descriptor but the intro points were not usuable. Once it
|
||||
* had the descriptor but the intro points were not usable. Once it
|
||||
* came back to life, the intro point failure cache was cleaned up and
|
||||
* thus the descriptor became usable again leaving us in this code path.
|
||||
*
|
||||
@ -1756,7 +1756,7 @@ remove_client_auth_creds_file(const char *filename)
|
||||
goto end;
|
||||
}
|
||||
|
||||
log_warn(LD_REND, "Successfuly removed client auth file (%s).",
|
||||
log_warn(LD_REND, "Successfully removed client auth file (%s).",
|
||||
creds_file_path);
|
||||
|
||||
end:
|
||||
|
@ -3,7 +3,7 @@
|
||||
|
||||
/**
|
||||
* \file hs_client.h
|
||||
* \brief Header file containing client data for the HS subsytem.
|
||||
* \brief Header file containing client data for the HS subsystem.
|
||||
**/
|
||||
|
||||
#ifndef TOR_HS_CLIENT_H
|
||||
@ -35,12 +35,12 @@ typedef enum {
|
||||
|
||||
/* Status code of client auth credential registration */
|
||||
typedef enum {
|
||||
/* We successfuly registered these credentials */
|
||||
/* We successfully registered these credentials */
|
||||
REGISTER_SUCCESS,
|
||||
/* We successfully registered these credentials, but had to replace some
|
||||
* existing ones. */
|
||||
REGISTER_SUCCESS_ALREADY_EXISTS,
|
||||
/* We successfuly registered these credentials, and also decrypted a cached
|
||||
/* We successfully registered these credentials, and also decrypted a cached
|
||||
* descriptor. */
|
||||
REGISTER_SUCCESS_AND_DECRYPTED,
|
||||
/* We failed to register these credentials, because of a bad HS address. */
|
||||
@ -51,7 +51,7 @@ typedef enum {
|
||||
|
||||
/* Status code of client auth credential removal */
|
||||
typedef enum {
|
||||
/* We successfuly removed these credentials */
|
||||
/* We successfully removed these credentials */
|
||||
REMOVAL_SUCCESS,
|
||||
/* No need to remove those credentials, because they were not there. */
|
||||
REMOVAL_SUCCESS_NOT_FOUND,
|
||||
|
@ -1814,7 +1814,7 @@ hs_get_extend_info_from_lspecs(const smartlist_t *lspecs,
|
||||
|
||||
/***********************************************************************/
|
||||
|
||||
/** Initialize the entire HS subsytem. This is called in tor_init() before any
|
||||
/** Initialize the entire HS subsystem. This is called in tor_init() before any
|
||||
* torrc options are loaded. Only for >= v3. */
|
||||
void
|
||||
hs_init(void)
|
||||
|
@ -3,7 +3,7 @@
|
||||
|
||||
/**
|
||||
* \file hs_common.h
|
||||
* \brief Header file containing common data for the whole HS subsytem.
|
||||
* \brief Header file containing common data for the whole HS subsystem.
|
||||
**/
|
||||
|
||||
#ifndef TOR_HS_COMMON_H
|
||||
|
@ -16,7 +16,7 @@
|
||||
* options and then put in a staging list. It will stay there until
|
||||
* hs_service_load_all_keys() is called. That function is responsible to
|
||||
* load/generate the keys for the service in the staging list and if
|
||||
* successful, transfert the service to the main global service list where
|
||||
* successful, transferred the service to the main global service list where
|
||||
* at that point it is ready to be used.
|
||||
*
|
||||
* Configuration functions are per-version and there is a main generic one for
|
||||
@ -362,7 +362,7 @@ config_validate_service(const hs_service_config_t *config)
|
||||
return -1;
|
||||
}
|
||||
|
||||
/** Configuration funcion for a version 3 service. The given service
|
||||
/** Configuration function for a version 3 service. The given service
|
||||
* object must be already allocated and passed through
|
||||
* config_generic_service() prior to calling this function.
|
||||
*
|
||||
|
@ -3,7 +3,7 @@
|
||||
|
||||
/**
|
||||
* \file hs_config.h
|
||||
* \brief Header file containing configuration ABI/API for the HS subsytem.
|
||||
* \brief Header file containing configuration ABI/API for the HS subsystem.
|
||||
**/
|
||||
|
||||
#ifndef TOR_HS_CONFIG_H
|
||||
|
@ -186,7 +186,7 @@ build_mac(const uint8_t *mac_key, size_t mac_key_len,
|
||||
crypto_digest_free(digest);
|
||||
}
|
||||
|
||||
/** Using a secret data and a given decriptor object, build the secret
|
||||
/** Using a secret data and a given descriptor object, build the secret
|
||||
* input needed for the KDF.
|
||||
*
|
||||
* secret_input = SECRET_DATA | subcredential | INT_8(revision_counter)
|
||||
@ -1407,7 +1407,7 @@ build_descriptor_cookie_keys(const hs_subcredential_t *subcredential,
|
||||
}
|
||||
|
||||
/** Decrypt the descriptor cookie given the descriptor, the auth client,
|
||||
* and the client secret key. On sucess, return 0 and a newly allocated
|
||||
* and the client secret key. On success, return 0 and a newly allocated
|
||||
* descriptor cookie descriptor_cookie_out. On error or if the client id
|
||||
* is invalid, return -1 and descriptor_cookie_out is set to
|
||||
* NULL. */
|
||||
@ -1433,7 +1433,7 @@ decrypt_descriptor_cookie(const hs_descriptor_t *desc,
|
||||
tor_assert(!fast_mem_is_zero((char *) desc->subcredential.subcred,
|
||||
DIGEST256_LEN));
|
||||
|
||||
/* Catch potential code-flow cases of an unitialized private key sneaking
|
||||
/* Catch potential code-flow cases of an uninitialized private key sneaking
|
||||
* into this function. */
|
||||
if (BUG(fast_mem_is_zero((char *)client_auth_sk, sizeof(*client_auth_sk)))) {
|
||||
goto done;
|
||||
@ -1448,7 +1448,7 @@ decrypt_descriptor_cookie(const hs_descriptor_t *desc,
|
||||
tor_assert(keystream_length > 0);
|
||||
|
||||
/* If the client id of auth client is not the same as the calculcated
|
||||
* client id, it means that this auth client is invaild according to the
|
||||
* client id, it means that this auth client is invalid according to the
|
||||
* client secret key client_auth_sk. */
|
||||
if (tor_memneq(client->client_id, keystream, HS_DESC_CLIENT_ID_LEN)) {
|
||||
goto done;
|
||||
@ -1481,7 +1481,7 @@ decrypt_descriptor_cookie(const hs_descriptor_t *desc,
|
||||
* the descriptor object <b>desc</b> and <b>descriptor_cookie</b>
|
||||
* to generate the right decryption keys; set <b>decrypted_out</b> to
|
||||
* the plaintext. If <b>is_superencrypted_layer</b> is set, this is
|
||||
* the outter encrypted layer of the descriptor.
|
||||
* the outer encrypted layer of the descriptor.
|
||||
*
|
||||
* On any error case, including an empty output, return 0 and set
|
||||
* *<b>decrypted_out</b> to NULL.
|
||||
@ -2003,7 +2003,7 @@ desc_sig_is_valid(const char *b64_sig,
|
||||
/* Signature length check. */
|
||||
if (strlen(b64_sig) != ED25519_SIG_BASE64_LEN) {
|
||||
log_warn(LD_REND, "Service descriptor has an invalid signature length."
|
||||
"Exptected %d but got %lu",
|
||||
"Expected %d but got %lu",
|
||||
ED25519_SIG_BASE64_LEN, (unsigned long) strlen(b64_sig));
|
||||
goto err;
|
||||
}
|
||||
|
@ -4,7 +4,7 @@
|
||||
/**
|
||||
* \file hs_ident.c
|
||||
* \brief Contains circuit and connection identifier code for the whole HS
|
||||
* subsytem.
|
||||
* subsystem.
|
||||
**/
|
||||
|
||||
#include "lib/crypt_ops/crypto_util.h"
|
||||
|
@ -4,7 +4,7 @@
|
||||
/**
|
||||
* \file hs_ident.h
|
||||
* \brief Header file containing circuit and connection identifier data for
|
||||
* the whole HS subsytem.
|
||||
* the whole HS subsystem.
|
||||
*
|
||||
* \details
|
||||
* This interface is used to uniquely identify a hidden service on a circuit
|
||||
|
@ -120,7 +120,7 @@ get_onion_public_key(const char *value, ed25519_public_key_t *pkey_out)
|
||||
}
|
||||
|
||||
/* We don't want the .onion so we add 2 because size - 1 is copied with
|
||||
* strlcpy() in order to accomodate the NUL byte and sizeof() counts the NUL
|
||||
* strlcpy() in order to accommodate the NUL byte and sizeof() counts the NUL
|
||||
* byte so we need to remove them from the equation. */
|
||||
strlcpy(address, value, strlen(value) - sizeof(".onion") + 2);
|
||||
|
||||
@ -264,10 +264,10 @@ hs_ob_parse_config_file(hs_service_config_t *config)
|
||||
|
||||
/** Compute all possible subcredentials for every onion master key in the given
|
||||
* service config object. subcredentials_out is allocated and set as an
|
||||
* continous array containing all possible values.
|
||||
* continuous array containing all possible values.
|
||||
*
|
||||
* On success, return the number of subcredential put in the array which will
|
||||
* correspond to an arry of size: n * DIGEST256_LEN where DIGEST256_LEN is the
|
||||
* correspond to an array of size: n * DIGEST256_LEN where DIGEST256_LEN is the
|
||||
* length of a single subcredential.
|
||||
*
|
||||
* If the given configuration object has no OB master keys configured, 0 is
|
||||
@ -300,7 +300,7 @@ compute_subcredentials(const hs_service_t *service,
|
||||
/* Time to build all the subcredentials for each time period: two for each
|
||||
* instance descriptor plus three for the onionbalance frontend service: the
|
||||
* previous one (-1), the current one (0) and the next one (1) for each
|
||||
* configured key in order to accomodate client and service consensus skew.
|
||||
* configured key in order to accommodate client and service consensus skew.
|
||||
*
|
||||
* If the client consensus after_time is at 23:00 but the service one is at
|
||||
* 01:00, the client will be using the previous time period where the
|
||||
@ -356,9 +356,10 @@ compute_subcredentials(const hs_service_t *service,
|
||||
* If we are not an Onionbalance instance or we are not ready to do so, this
|
||||
* is a NOP.
|
||||
*
|
||||
* This function is called everytime we build a new descriptor. That's because
|
||||
* we want our Onionbalance keys to always use up-to-date subcredentials both
|
||||
* for the instance (ourselves) and for the onionbalance frontend.
|
||||
* This function is called every time we build a new descriptor. That's
|
||||
* because we want our Onionbalance keys to always use up-to-date
|
||||
* subcredentials both for the instance (ourselves) and for the onionbalance
|
||||
* frontend.
|
||||
*/
|
||||
void
|
||||
hs_ob_refresh_keys(hs_service_t *service)
|
||||
|
@ -546,7 +546,7 @@ service_intro_point_remove(const hs_service_t *service,
|
||||
/* Trying all descriptors. */
|
||||
FOR_EACH_DESCRIPTOR_BEGIN(service, desc) {
|
||||
/* We'll try to remove the descriptor on both descriptors which is not
|
||||
* very expensive to do instead of doing loopup + remove. */
|
||||
* very expensive to do instead of doing lookup + remove. */
|
||||
digest256map_remove(desc->intro_points.map,
|
||||
ip->auth_key_kp.pubkey.pubkey);
|
||||
} FOR_EACH_DESCRIPTOR_END;
|
||||
@ -784,7 +784,7 @@ close_service_rp_circuits(hs_service_t *service)
|
||||
ed25519_pubkey_eq(ô->hs_ident->identity_pk,
|
||||
&service->keys.identity_pk)) {
|
||||
/* Reason is FINISHED because service has been removed and thus the
|
||||
* circuit is considered old/uneeded. When freed, it is removed from the
|
||||
* circuit is considered old/unneeded. When freed, it is removed from the
|
||||
* hs circuitmap. */
|
||||
circuit_mark_for_close(TO_CIRCUIT(ocirc), END_CIRC_REASON_FINISHED);
|
||||
}
|
||||
@ -802,7 +802,7 @@ close_intro_circuits(hs_service_intropoints_t *intro_points)
|
||||
origin_circuit_t *ocirc = hs_circ_service_get_intro_circ(ip);
|
||||
if (ocirc) {
|
||||
/* Reason is FINISHED because service has been removed and thus the
|
||||
* circuit is considered old/uneeded. When freed, the circuit is removed
|
||||
* circuit is considered old/unneeded. When freed, the circuit is removed
|
||||
* from the HS circuitmap. */
|
||||
circuit_mark_for_close(TO_CIRCUIT(ocirc), END_CIRC_REASON_FINISHED);
|
||||
}
|
||||
@ -1086,7 +1086,7 @@ load_service_keys(hs_service_t *service)
|
||||
goto end;
|
||||
}
|
||||
|
||||
/* Succes. */
|
||||
/* Success. */
|
||||
ret = 0;
|
||||
end:
|
||||
tor_free(fname);
|
||||
@ -2378,7 +2378,7 @@ should_remove_intro_point(hs_service_intro_point_t *ip, time_t now)
|
||||
|
||||
tor_assert(ip);
|
||||
|
||||
/* Any one of the following needs to be True to furfill the criteria to
|
||||
/* Any one of the following needs to be True to fulfill the criteria to
|
||||
* remove an intro point. */
|
||||
bool has_no_retries = (ip->circuit_retries >
|
||||
MAX_INTRO_POINT_CIRCUIT_RETRIES);
|
||||
@ -2997,7 +2997,7 @@ upload_descriptor_to_all(const hs_service_t *service,
|
||||
/* Get our list of responsible HSDir. */
|
||||
responsible_dirs = smartlist_new();
|
||||
/* The parameter 0 means that we aren't a client so tell the function to use
|
||||
* the spread store consensus paremeter. */
|
||||
* the spread store consensus parameter. */
|
||||
hs_get_responsible_hsdirs(&desc->blinded_kp.pubkey, desc->time_period_num,
|
||||
service->desc_next == desc, 0, responsible_dirs);
|
||||
|
||||
@ -3231,7 +3231,7 @@ refresh_service_descriptor(const hs_service_t *service,
|
||||
hs_service_descriptor_t *desc, time_t now)
|
||||
{
|
||||
/* There are few fields that we consider "mutable" in the descriptor meaning
|
||||
* we need to update them regurlarly over the lifetime fo the descriptor.
|
||||
* we need to update them regularly over the lifetime for the descriptor.
|
||||
* The rest are set once and should not be modified.
|
||||
*
|
||||
* - Signing key certificate.
|
||||
@ -3529,7 +3529,7 @@ service_add_fnames_to_list(const hs_service_t *service, smartlist_t *list)
|
||||
s_dir = service->config.directory_path;
|
||||
/* The hostname file. */
|
||||
smartlist_add(list, hs_path_from_filename(s_dir, fname_hostname));
|
||||
/* The key files splitted in two. */
|
||||
/* The key files split in two. */
|
||||
tor_snprintf(fname, sizeof(fname), "%s_secret_key", fname_keyfile_prefix);
|
||||
smartlist_add(list, hs_path_from_filename(s_dir, fname));
|
||||
tor_snprintf(fname, sizeof(fname), "%s_public_key", fname_keyfile_prefix);
|
||||
@ -3907,7 +3907,7 @@ hs_service_set_conn_addr_port(const origin_circuit_t *circ,
|
||||
goto err_no_close;
|
||||
}
|
||||
|
||||
/* Find a virtual port of that service mathcing the one in the connection if
|
||||
/* Find a virtual port of that service matching the one in the connection if
|
||||
* successful, set the address in the connection. */
|
||||
if (hs_set_conn_addr_port(service->config.ports, conn) < 0) {
|
||||
log_info(LD_REND, "No virtual port mapping exists for port %d for "
|
||||
@ -4240,7 +4240,7 @@ hs_service_find(const ed25519_public_key_t *identity_pk)
|
||||
return find_service(hs_service_map, identity_pk);
|
||||
}
|
||||
|
||||
/** Allocate and initilize a service object. The service configuration will
|
||||
/** Allocate and initialize a service object. The service configuration will
|
||||
* contain the default values. Return the newly allocated object pointer. This
|
||||
* function can't fail. */
|
||||
hs_service_t *
|
||||
|
@ -3,7 +3,7 @@
|
||||
|
||||
/**
|
||||
* \file hs_service.h
|
||||
* \brief Header file containing service data for the HS subsytem.
|
||||
* \brief Header file containing service data for the HS subsystem.
|
||||
**/
|
||||
|
||||
#ifndef TOR_HS_SERVICE_H
|
||||
@ -121,9 +121,9 @@ typedef struct hs_service_intropoints_t {
|
||||
*
|
||||
* Mutable elements are initialized when we build the descriptor but they are
|
||||
* also altered during the lifetime of the descriptor. They could be
|
||||
* _refreshed_ everytime we upload the descriptor (which happens multiple times
|
||||
* over the lifetime of the descriptor), or through periodic events. We do this
|
||||
* for elements like the descriptor revision counter and various
|
||||
* _refreshed_ every time we upload the descriptor (which happens multiple
|
||||
* times over the lifetime of the descriptor), or through periodic events. We
|
||||
* do this for elements like the descriptor revision counter and various
|
||||
* certificates. See refresh_service_descriptor() and
|
||||
* update_service_descriptor_intro_points().
|
||||
*/
|
||||
|
@ -638,7 +638,7 @@ ed_key_init_from_file(const char *fname, uint32_t flags,
|
||||
bad_cert = 1;
|
||||
} else if (signing_key && cert->signing_key_included &&
|
||||
! ed25519_pubkey_eq(&signing_key->pubkey, &cert->signing_key)) {
|
||||
tor_log(severity, LD_OR, "Certificate signed by unexpectd key!");
|
||||
tor_log(severity, LD_OR, "Certificate signed by unexpected key!");
|
||||
bad_cert = 1;
|
||||
}
|
||||
|
||||
|
@ -127,7 +127,7 @@ typedef struct nodelist_t {
|
||||
*
|
||||
* Whenever a node's routerinfo or microdescriptor is about to change,
|
||||
* you should remove it from this map with node_remove_from_ed25519_map().
|
||||
* Whenever a node's routerinfo or microdescriptor has just chaned,
|
||||
* Whenever a node's routerinfo or microdescriptor has just changed,
|
||||
* you should add it to this map with node_add_to_ed25519_map().
|
||||
*/
|
||||
HT_HEAD(nodelist_ed_map, node_t) nodes_by_ed_id;
|
||||
@ -1200,7 +1200,7 @@ node_supports_v3_rendezvous_point(const node_t *node)
|
||||
}
|
||||
|
||||
/** Return true iff <b>node</b> supports the DoS ESTABLISH_INTRO cell
|
||||
* extenstion. */
|
||||
* extension. */
|
||||
bool
|
||||
node_supports_establish_intro_dos_extension(const node_t *node)
|
||||
{
|
||||
|
@ -531,7 +531,7 @@ routers_have_same_or_addrs(const routerinfo_t *r1, const routerinfo_t *r2)
|
||||
* Nodes that don't have a routerinfo must be general-purpose nodes, because
|
||||
* routerstatuses and microdescriptors only come via consensuses.
|
||||
*
|
||||
* The <b>flags</b> chech that <b>node</b>:
|
||||
* The <b>flags</b> check that <b>node</b>:
|
||||
* - <b>CRN_NEED_UPTIME</b>: has more than a minimum uptime;
|
||||
* - <b>CRN_NEED_CAPACITY</b>: has more than a minimum capacity;
|
||||
* - <b>CRN_NEED_GUARD</b>: is a Guard;
|
||||
|
@ -1691,7 +1691,7 @@ launch_one_resolve(const char *address, uint8_t query_type,
|
||||
log_warn(LD_BUG, "Called with PTR query and unexpected address family");
|
||||
break;
|
||||
default:
|
||||
log_warn(LD_BUG, "Called with unexpectd query type %d", (int)query_type);
|
||||
log_warn(LD_BUG, "Called with unexpected query type %d", (int)query_type);
|
||||
break;
|
||||
}
|
||||
|
||||
|
@ -391,7 +391,7 @@ connection_ext_or_auth_handle_client_hash(connection_t *conn)
|
||||
}
|
||||
|
||||
/** Handle data from <b>or_conn</b> received on Extended ORPort.
|
||||
* Return -1 on error. 0 on unsufficient data. 1 on correct. */
|
||||
* Return -1 on error. 0 on insufficient data. 1 on correct. */
|
||||
static int
|
||||
connection_ext_or_auth_process_inbuf(or_connection_t *or_conn)
|
||||
{
|
||||
|
@ -6,7 +6,7 @@
|
||||
|
||||
/**
|
||||
* @file relay_periodic.c
|
||||
* @brief Periodic functions for the relay subsytem
|
||||
* @brief Periodic functions for the relay subsystem
|
||||
**/
|
||||
|
||||
#include "orconfig.h"
|
||||
|
@ -174,7 +174,7 @@ router_should_check_reachability(int test_or, int test_dir)
|
||||
#define SELF_EXCLUDED_WARN_INTERVAL 3600
|
||||
static ratelim_t warning_limit=RATELIM_INIT(SELF_EXCLUDED_WARN_INTERVAL);
|
||||
log_fn_ratelim(&warning_limit, LOG_WARN, LD_CIRC,
|
||||
"Can't peform self-tests for this relay: we have "
|
||||
"Can't perform self-tests for this relay: we have "
|
||||
"listed ourself in ExcludeNodes, and StrictNodes is set. "
|
||||
"We cannot learn whether we are usable, and will not "
|
||||
"be able to advertise ourself.");
|
||||
|
@ -257,7 +257,7 @@ rend_cache_free_all(void)
|
||||
/** Remove all entries that re REND_CACHE_FAILURE_MAX_AGE old. This is
|
||||
* called every second.
|
||||
*
|
||||
* We have to clean these regurlarly else if for whatever reasons an hidden
|
||||
* We have to clean these regularly else if for whatever reasons an hidden
|
||||
* service goes offline and a client tries to connect to it during that
|
||||
* time, a failure entry is created and the client will be unable to connect
|
||||
* for a while even though the service has return online. */
|
||||
|
@ -671,7 +671,7 @@ rend_service_prune_list_impl_(void)
|
||||
ocirc->build_state->chosen_exit)),
|
||||
safe_str_client(rend_data_get_address(ocirc->rend_data)));
|
||||
/* Reason is FINISHED because service has been removed and thus the
|
||||
* circuit is considered old/uneeded. */
|
||||
* circuit is considered old/unneeded. */
|
||||
circuit_mark_for_close(TO_CIRCUIT(ocirc), END_CIRC_REASON_FINISHED);
|
||||
}
|
||||
smartlist_free(surviving_services);
|
||||
@ -4138,7 +4138,7 @@ rend_consider_services_intro_points(time_t now)
|
||||
* list of the service. */
|
||||
unsigned int n_intro_points_to_open;
|
||||
/* Have an unsigned len so we can use it to compare values else gcc is
|
||||
* not happy with unmatching signed comparaison. */
|
||||
* not happy with unmatching signed comparison. */
|
||||
unsigned int intro_nodes_len;
|
||||
/* Different service are allowed to have the same introduction point as
|
||||
* long as they are on different circuit thus why we clear this list. */
|
||||
@ -4184,7 +4184,7 @@ rend_consider_services_intro_points(time_t now)
|
||||
intro->circuit_retries++;
|
||||
} SMARTLIST_FOREACH_END(intro);
|
||||
|
||||
/* Avoid mismatched signed comparaison below. */
|
||||
/* Avoid mismatched signed comparison below. */
|
||||
intro_nodes_len = (unsigned int) smartlist_len(service->intro_nodes);
|
||||
|
||||
/* Quiescent state, we have more or the equal amount of wanted node for
|
||||
@ -4274,7 +4274,7 @@ rend_consider_services_intro_points(time_t now)
|
||||
log_warn(LD_REND, "Error launching circuit to node %s for service %s.",
|
||||
safe_str_client(extend_info_describe(intro->extend_info)),
|
||||
safe_str_client(service->service_id));
|
||||
/* This funcion will be called again by the main loop so this intro
|
||||
/* This function will be called again by the main loop so this intro
|
||||
* point without a intro circuit will be retried on or removed after
|
||||
* a maximum number of attempts. */
|
||||
}
|
||||
|
@ -774,7 +774,7 @@ geoip_get_dirreq_history(dirreq_type_t type)
|
||||
*
|
||||
* Store a newly allocated comma-separated string in <a>ipver_str</a>
|
||||
* containing entries for clients connecting over IPv4 and IPv6. The
|
||||
* format is family=num where num is the nubmer of IPs we've seen
|
||||
* format is family=num where num is the number of IPs we've seen
|
||||
* connecting over that protocol family, and family is 'v4' or 'v6'.
|
||||
*
|
||||
* Return 0 on success and -1 if we're missing geoip data. */
|
||||
|
@ -1829,7 +1829,7 @@ rep_hist_stored_maybe_new_hs(const crypto_pk_t *pubkey)
|
||||
|
||||
/* The number of cells that are supposed to be hidden from the adversary
|
||||
* by adding noise from the Laplace distribution. This value, divided by
|
||||
* EPSILON, is Laplace parameter b. It must be greather than 0. */
|
||||
* EPSILON, is Laplace parameter b. It must be greater than 0. */
|
||||
#define REND_CELLS_DELTA_F 2048
|
||||
/* Security parameter for obfuscating number of cells with a value between
|
||||
* ]0.0, 1.0]. Smaller values obfuscate observations more, but at the same
|
||||
|
@ -14,7 +14,7 @@
|
||||
*
|
||||
* All socket-backed and TLS-based connection_t objects have a pair of
|
||||
* buffers: one for incoming data, and one for outcoming data. These are fed
|
||||
* and drained from functions in connection.c, trigged by events that are
|
||||
* and drained from functions in connection.c, triggered by events that are
|
||||
* monitored in main.c.
|
||||
*
|
||||
* This module only handles the buffer implementation itself. To use a buffer
|
||||
|
@ -273,7 +273,7 @@ typedef struct config_deprecation_t {
|
||||
#endif /* !defined(COCCI) */
|
||||
|
||||
/**
|
||||
* Validation function: verify whether a configuation object is well-formed
|
||||
* Validation function: verify whether a configuration object is well-formed
|
||||
* and consistent.
|
||||
*
|
||||
* On success, return 0. On failure, set <b>msg_out</b> to a newly allocated
|
||||
|
@ -156,7 +156,7 @@ typed_var_copy(void *dest, const void *src, const var_type_def_t *def)
|
||||
if (BUG(!def))
|
||||
return -1; // LCOV_EXCL_LINE
|
||||
if (def->fns->copy) {
|
||||
// If we have been provided a copy fuction, use it.
|
||||
// If we have been provided a copy function, use it.
|
||||
return def->fns->copy(dest, src, def);
|
||||
}
|
||||
|
||||
|
@ -82,7 +82,7 @@ namemap_fmt_name(const namemap_t *map, unsigned id)
|
||||
|
||||
/**
|
||||
* Helper: As namemap_get_id(), but requires that <b>name</b> is
|
||||
* <b>namelen</b> charaters long, and that <b>namelen</b> is no more than
|
||||
* <b>namelen</b> characters long, and that <b>namelen</b> is no more than
|
||||
* MAX_NAMEMAP_NAME_LEN.
|
||||
*/
|
||||
static unsigned
|
||||
|
@ -163,7 +163,7 @@ crypto_dh_init_openssl(void)
|
||||
|
||||
/** Number of bits to use when choosing the x or y value in a Diffie-Hellman
|
||||
* handshake. Since we exponentiate by this value, choosing a smaller one
|
||||
* lets our handhake go faster.
|
||||
* lets our handshake go faster.
|
||||
*/
|
||||
#define DH_PRIVATE_KEY_BITS 320
|
||||
|
||||
|
@ -57,7 +57,7 @@
|
||||
#if OPENSSL_VERSION_NUMBER >= OPENSSL_VER(1,1,0,0,5) && \
|
||||
!defined(LIBRESSL_VERSION_NUMBER)
|
||||
/* OpenSSL as of 1.1.0pre4 has an "new" thread API, which doesn't require
|
||||
* seting up various callbacks.
|
||||
* setting up various callbacks.
|
||||
*
|
||||
* OpenSSL 1.1.0pre4 has a messed up `ERR_remove_thread_state()` prototype,
|
||||
* while the previous one was restored in pre5, and the function made a no-op
|
||||
|
@ -37,7 +37,7 @@
|
||||
* configure messages with their types, channels, and receivers. Then, use
|
||||
* dispatch_new() with that dispatch_cfg_t to create the dispatch_t object.
|
||||
*
|
||||
* (We use a two-phase contruction procedure here to enable better static
|
||||
* (We use a two-phase construction procedure here to enable better static
|
||||
* reasoning about publish/subscribe relationships.)
|
||||
*
|
||||
* Once you have a dispatch_t, you can queue messages on it with
|
||||
|
@ -275,7 +275,7 @@ base64_encode(char *dest, size_t destlen, const char *src, size_t srclen,
|
||||
}
|
||||
switch (n_idx) {
|
||||
case 0:
|
||||
/* 0 leftover bits, no pading to add. */
|
||||
/* 0 leftover bits, no padding to add. */
|
||||
break;
|
||||
case 1:
|
||||
/* 8 leftover bits, pad to 12 bits, write the 2 6-bit values followed
|
||||
|
@ -180,7 +180,7 @@ clean_fname_for_stat(char *name)
|
||||
/** Modify <b>fname</b> to contain the name of its parent directory. Doesn't
|
||||
* actually examine the filesystem; does a purely syntactic modification.
|
||||
*
|
||||
* The parent of the root director is considered to be iteself.
|
||||
* The parent of the root director is considered to be itself.
|
||||
*
|
||||
* Path separators are the forward slash (/) everywhere and additionally
|
||||
* the backslash (\) on Win32.
|
||||
@ -319,7 +319,7 @@ make_path_absolute(const char *fname)
|
||||
* picture explanation here should be read first.
|
||||
*
|
||||
* Purpose of the functions:
|
||||
* - tor_glob - recevies a pattern and returns all the paths that result from
|
||||
* - tor_glob - receives a pattern and returns all the paths that result from
|
||||
* its glob expansion, globs can be present on all path components.
|
||||
* - get_glob_opened_files - receives a pattern and returns all the paths that
|
||||
* are opened during its expansion (the paths before any path fragment that
|
||||
@ -328,10 +328,10 @@ make_path_absolute(const char *fname)
|
||||
* allowed list.
|
||||
*
|
||||
* Due to OS API differences explained below, the implementation of tor_glob is
|
||||
* completly different for Windows and POSIX systems, so we ended up with three
|
||||
* different implementations:
|
||||
* completely different for Windows and POSIX systems, so we ended up with
|
||||
* three different implementations:
|
||||
* - tor_glob for POSIX - as POSIX glob does everything we need, we simply call
|
||||
* it and process the results. This is completly implemented in tor_glob.
|
||||
* it and process the results. This is completely implemented in tor_glob.
|
||||
* - tor_glob for WIN32 - because the WIN32 API only supports expanding globs
|
||||
* in the last path fragment, we need to expand the globs in each path
|
||||
* fragment manually and call recursively to get the same behaviour as POSIX
|
||||
|
@ -784,7 +784,7 @@ logs_free_all(void)
|
||||
|
||||
/** Flush the signal-safe log files.
|
||||
*
|
||||
* This function is safe to call from a signal handler. It is currenly called
|
||||
* This function is safe to call from a signal handler. It is currently called
|
||||
* by the BUG() macros, when terminating the process on an abnormal condition.
|
||||
*/
|
||||
void
|
||||
|
@ -891,7 +891,7 @@ icdf_genpareto(double p, double mu, double sigma, double xi)
|
||||
|
||||
/**
|
||||
* Compute the inverse of the SF of the GeneralizedPareto(mu, sigma,
|
||||
* xi) distribution. Ill-conditioned for p near 1; conditon number is
|
||||
* xi) distribution. Ill-conditioned for p near 1; condition number is
|
||||
*
|
||||
* -xi/(1 - p^{-xi})
|
||||
*/
|
||||
@ -1000,7 +1000,7 @@ sample_uniform_interval(double p0, double a, double b)
|
||||
* since if we treat subnormals as having an implicit
|
||||
* zero bit before the `binary' point, their exponents
|
||||
* are all the same. There is at most one carry/borrow
|
||||
* bit, which can always be acommodated either in a
|
||||
* bit, which can always be accommodated either in a
|
||||
* subnormal, or, at largest, in the implicit one bit
|
||||
* of a normal.
|
||||
*
|
||||
|
@ -26,7 +26,7 @@ struct metrics_store_t {
|
||||
/** Indexed by metrics entry name. An entry is a smartlist_t of one or more
|
||||
* metrics_store_entry_t allowing for multiple metrics of the same name.
|
||||
*
|
||||
* The reason we allow multiple entires is because there are cases where one
|
||||
* The reason we allow multiple entries is because there are cases where one
|
||||
* metrics can be used twice by the same entity but with different labels.
|
||||
* One example is an onion service with multiple ports, the port specific
|
||||
* metrics will have a port value as a label. */
|
||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user