nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-13 06:33:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add a (diabled by default) option in crypto.h to disable most of the interesting crypto-related changes made on 0.1.1.9. This will help hunt bug 234.

Browse Source 
svn:r5777
This commit is contained in:
Nick Mathewson 2006-01-10 21:12:06 +00:00
parent 210d9db54d
commit 55ac4f032c
3 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/common/crypto.c
View File

@ -228,7 +228,9 @@ crypto_global_init(int useAccel)
void void
crypto_thread_cleanup(void) crypto_thread_cleanup(void)
{ {
#ifndef ENABLE_0119_PARANOIA
ERR_remove_state(0); ERR_remove_state(0);
#endif
} }
/** Uninitialize the crypto library. Return 0 on success, -1 on failure. /** Uninitialize the crypto library. Return 0 on success, -1 on failure.
@ -237,13 +239,17 @@ int
crypto_global_cleanup(void) crypto_global_cleanup(void)
{ {
EVP_cleanup(); EVP_cleanup();
#ifndef ENABLE_0119_PARANOIA
ERR_remove_state(0); ERR_remove_state(0);
#endif
ERR_free_strings(); ERR_free_strings();
#ifndef NO_ENGINES #ifndef NO_ENGINES
ENGINE_cleanup(); ENGINE_cleanup();
#ifndef ENABLE_0119_PARANOIA
CONF_modules_unload(1); CONF_modules_unload(1);
CRYPTO_cleanup_all_ex_data(); CRYPTO_cleanup_all_ex_data();
#endif #endif
#endif
#ifdef TOR_IS_MULTITHREADED #ifdef TOR_IS_MULTITHREADED
if (_n_openssl_mutexes) { if (_n_openssl_mutexes) {
int n = _n_openssl_mutexes; int n = _n_openssl_mutexes;
@ -1375,7 +1381,9 @@ crypto_dh_new(void)
if (!(res->dh->g = BN_dup(dh_param_g))) if (!(res->dh->g = BN_dup(dh_param_g)))
goto err; goto err;
#ifndef ENABLE_0119_PARANOIA
res->dh->length = DH_PRIVATE_KEY_BITS; res->dh->length = DH_PRIVATE_KEY_BITS;
#endif
return res; return res;
err: err:
@ -1602,7 +1610,11 @@ crypto_dh_free(crypto_dh_env_t *dh)
/* Use RAND_poll if openssl is 0.9.6 release or later. (The "f" means /* Use RAND_poll if openssl is 0.9.6 release or later. (The "f" means
"release".) */ "release".) */
#ifndef ENABLE_0119_PARANOIA
#define USE_RAND_POLL (OPENSSL_VERSION_NUMBER >= 0x0090600fl) #define USE_RAND_POLL (OPENSSL_VERSION_NUMBER >= 0x0090600fl)
#else
#define USE_RAND_POLL 0
#endif
/** Seed OpenSSL's random number generator with bytes from the /** Seed OpenSSL's random number generator with bytes from the
* operating system. Return 0 on success, -1 on failure. * operating system. Return 0 on success, -1 on failure.

2
src/common/crypto.h
View File

@ -15,6 +15,8 @@
#include <stdio.h> #include <stdio.h>
#undef ENABLE_0119_PARANOIA
/** Length of the output of our message digest. */ /** Length of the output of our message digest. */
#define DIGEST_LEN 20 #define DIGEST_LEN 20
/** Length of our symmetric cipher's keys. */ /** Length of our symmetric cipher's keys. */

2
src/common/tortls.c
View File

@ -363,7 +363,9 @@ tor_tls_context_new(crypto_pk_env_t *identity,
goto error; goto error;
SSL_CTX_set_options(*ctx, SSL_OP_NO_SSLv2); SSL_CTX_set_options(*ctx, SSL_OP_NO_SSLv2);
#endif #endif
#ifndef ENABLE_0119_PARANOIA
SSL_CTX_set_options(*ctx, SSL_OP_SINGLE_DH_USE); SSL_CTX_set_options(*ctx, SSL_OP_SINGLE_DH_USE);
#endif
if (!SSL_CTX_set_cipher_list(*ctx, CIPHER_LIST)) if (!SSL_CTX_set_cipher_list(*ctx, CIPHER_LIST))
goto error; goto error;
if (!client_only) { if (!client_only) {