nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-09-22 14:04:58 +02:00
Code Issues Packages Projects Releases Wiki Activity
22,847 Commits 53 Branches 629 Tags 108 MiB
0704fa8a63
Commit Graph

22847 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nick Mathewson
0704fa8a63 Handle u32 overflow in ed25519 cert expiration time. 
The impact here isn't too bad. First, the only affected certs that
expire after 32-bit signed time overflows in Y2038. Second, it could
only make it seem that a non-expired cert is expired: it could never
make it seem that an expired cert was still live.

Fixes bug 20027; bugfix on 0.2.7.2-alpha.
 2016-11-03 08:37:22 -04:00
Nick Mathewson
fae7060aea Fix a misfeature with the Ed cert expiration API 
The batch-verification helper didn't expose the expiration time,
which made it pretty error-prone.

This closes ticket 15087.
 2016-11-03 08:37:22 -04:00
Nick Mathewson
0b4221f98d Make the current time an argument to x509 cert-checking functions 
This makes the code a bit cleaner by having more of the functions be
pure functions that don't depend on the current time.
 2016-11-03 08:37:22 -04:00
Nick Mathewson
e3c8253721 Add function to check RSA->Ed cross-certifications 
Also, adjust signing approach to more closely match the signing
scheme in the proposal.

(The format doesn't quite match the format in the proposal, since
RSA signatures aren't fixed-length.)

Closes 19020.
 2016-11-03 08:37:22 -04:00
Nick Mathewson
348b90a915 Refactor RSA certificate checking into its own function. 2016-11-03 08:37:22 -04:00
Nick Mathewson
e94f1b4e0d Free rsa_ed_crosscert at exit. 
Fixes bug 17779; bugfix on 0.2.7.2-alpha.
 2016-11-03 08:37:21 -04:00
Nick Mathewson
e23389841c Migrate certificates into a sub-structure of or_handshake_state 
This will help us do cert-checking in the background in the future,
perhaps.
 2016-11-03 08:37:21 -04:00
Nick Mathewson
4ef42e7c52 Refactor ...compute_authenticate_cell_body() to return a var_cell_t. 
This means we don't need to precompute the length.

Helps simplify the implementation of 19156.
 2016-11-03 08:37:21 -04:00
Nick Mathewson
2bf6553949 Code to send correct authentication data when we are using AUTHTYPE>2 
Implements the major part of 19156, except doesn't actually send the
new cell type yet.
 2016-11-03 08:37:21 -04:00
Nick Mathewson
b004ff45d7 New authentication types to use RFC5705. 
See proposal 244.  This feature lets us stop looking at the internals
of SSL objects, *and* should let us port better to more SSL libraries,
if they have RFC5705 support.

Preparatory for #19156
 2016-11-03 08:37:20 -04:00
Nick Mathewson
fdd8f8df67 Send ed25519 certificates in certs cell, when we have them. 
Implements 19155 (send CERTS cells correctly for Ed25519)

Also send RSA->Ed crosscert
 2016-11-03 08:37:16 -04:00
Nick Mathewson
5205e95275 Refactor connection_or_send_certs_cell() to use trunnel 
We no longer generate certs cells by pasting the certs together one
by one. Instead we use trunnel to generate them.

Preliminary work for 19155 (send CERTS cell with ed certs)
 2016-11-03 08:35:40 -04:00
Nick Mathewson
986695fb74 When parsing certs cells, allow more certs types 
Implements the parsing part of #19157
 2016-11-03 08:35:36 -04:00
Nick Mathewson
77e2be06f6 make check-spaces 2016-09-09 15:38:46 -04:00
Nick Mathewson
75a7997148 Fix a coupole of coverity complaints. 2016-09-09 15:29:57 -04:00
Nick Mathewson
4c55e8a58f Fix cases where the tests were doing closesocket() on a non-socket 
These seem to have caused warnings on windows. Hmmm.
 2016-09-09 10:28:12 -04:00
Nick Mathewson
2fe7e3d9d2 Oh dear, I was missing an extern. 2016-09-09 10:20:34 -04:00
Nick Mathewson
373bfd9630 Make a couple more tests run faster. 
The point of diminishing returns has been reached.
 2016-09-09 10:08:27 -04:00
Nick Mathewson
7c52109641 Disable a single pbkdf2 test vector 
The other test vectors are pretty complete, and get full coverage, I
believe.

This one test vector accounted for half the time spent in
test-slow.  "Now that's slow!"
 2016-09-09 09:57:15 -04:00
Nick Mathewson
5e30e26c6d Chop another ~93 RSA key generations out of the unit tests 
We have a mock for our RSA key generation function, so we now wire
it to pk_generate(). This covers all the cases that were not using
pk_generate() before -- all ~93 of them.
 2016-09-09 09:45:50 -04:00
Nick Mathewson
05110c9294 Move the donna-fuzzing tests into test_slow. 
This shaves another 3-4 seconds off the main-path tests for me,
which is again worth it, according to XKCD#1204.
 2016-09-09 08:58:42 -04:00
Nick Mathewson
5ec395b27f Re-enable RSA cacheing in tests, with a better design. 
This makes tests faster and saves about 6 seconds for me, which
makes it worth it, according to https://xkcd.com/1205.
 2016-09-09 08:58:42 -04:00
Nick Mathewson
63e34e9e49 Reinstate a couple of teardown_capture_of_logs that I missed 
Patch from rubiate. See #19999
 2016-09-08 19:49:21 -04:00
Nick Mathewson
55713f0d79 Placate "make check-spaces" 2016-09-08 15:43:56 -04:00
Nick Mathewson
d860b99dbf Fix remaining test warnings. (in test_relay.c) 2016-09-08 15:25:56 -04:00
Nick Mathewson
3fcd5d71ad Fix typo error in bug warning in relay.c 2016-09-08 15:15:57 -04:00
Nick Mathewson
e9fdec2b1d capture and detect expected BUG messages in shared-random tests 2016-09-08 15:13:53 -04:00
Nick Mathewson
deb294ff53 Simplify log_test_helpers interface 
Previously, you needed to store the previous log severity in a local
variable, and it wasn't clear if you were allowed to call these
functions more than once.
 2016-09-08 15:03:11 -04:00
Nick Mathewson
b0a9e54705 Resolve more BUG warnings in the unit tests 2016-09-08 14:39:20 -04:00
Nick Mathewson
d0fe86f39e Fix bug warnings in test_circuitlist. 2016-09-08 14:04:55 -04:00
Nick Mathewson
3269307daf Treat all nonfatal assertion failures as unit test failures. 
Part of 19999.
 2016-09-08 13:27:30 -04:00
Nick Mathewson
6a1454aa46 Tolerate another failure mode of get_if_addres6_list in tests 2016-09-08 11:47:16 -04:00
Nick Mathewson
f9cb9d8990 more consistent use of expect_log_msg_containing 2016-09-08 11:16:09 -04:00
Nick Mathewson
f64f293c48 Suppress a really impressive pile of warnings in conection/.. tests 2016-09-08 10:56:51 -04:00
Nick Mathewson
d626ffe29c Fix a bug in connection/download_status.. tests 2016-09-08 10:48:22 -04:00
Nick Mathewson
3705ee8fe4 Revise log-testing macros to dump the actual log contents on failure 2016-09-08 10:33:01 -04:00
Nick Mathewson
ae3ea9a7a1 Remove redundant definitions of expect_{no_,}log_msg() 2016-09-08 10:32:59 -04:00
Nick Mathewson
fe9cfeba6e Fix libevent linking on openbsd. 
Closes ticket 19902; bugfix on 0.2.9.1-alpha; patch from rubiate
 2016-09-08 10:09:34 -04:00
Nick Mathewson
f3cda3272a Disable -Wthread-safety. 
See changes file; closes ticket 20110.
 2016-09-08 09:37:40 -04:00
Nick Mathewson
8acb951fc8 Unit test fix: windows should be able to handle DNSPort just fine. 2016-09-08 09:23:20 -04:00
Nick Mathewson
08d1ac4f2a Patch from rubiate: disable openbsd memory protections in test-memwipe 
Test-memwipe is *supposed* to invoke undefined behavior, alas.

Closes 20066.
 2016-09-08 09:00:24 -04:00
Nick Mathewson
bee5f38e39 set the "addr" field in the dir_handle_get tests, to resolve bug warnings. 2016-09-07 14:30:51 -04:00
Nick Mathewson
ab4485e281 Remove the useless (and uninitialized) MOCK_TOR_ADDR in test_dir_handle_get.c 2016-09-07 14:26:43 -04:00
Nick Mathewson
f028434a5f Merge branch 'maint-0.2.8' 2016-09-07 13:54:21 -04:00
Nick Mathewson
6494f3346b Merge branch 'maint-0.2.7' into maint-0.2.8 2016-09-07 13:54:12 -04:00
Nick Mathewson
11edbf4808 Merge branch 'maint-0.2.6' into maint-0.2.7 2016-09-07 13:54:03 -04:00
Nick Mathewson
52a99cb6c1 Merge branch 'maint-0.2.5' into maint-0.2.6 2016-09-07 13:53:53 -04:00
Nick Mathewson
e4d82da05b Merge branch 'maint-0.2.4' into maint-0.2.5 2016-09-07 13:53:43 -04:00
Nick Mathewson
9d933bbacf Capture and enforce BUG warnings in dir/param_voting_lookup 2016-09-07 13:49:18 -04:00
Nick Mathewson
075c52084d Fix unit test failure introduced by #20002 
Updating the consensus algorithm made a non-valid node never get
listed, which messed up some other tests.
 2016-09-07 13:40:38 -04:00