Commit Graph

2412 Commits

Author SHA1 Message Date
Nick Mathewson
7e8d7a017e Merge remote-tracking branch 'origin/maint-0.2.3' 2012-07-05 05:08:54 -04:00
Nick Mathewson
e9b33ed1bf On windows, ENOBUFS starts with WSA. #6296. Fix on 0.2.18-rc 2012-07-05 05:01:00 -04:00
Nick Mathewson
da3edc4df0 Fix clang warning on d4285f03df. Not in any released tor. 2012-06-29 00:22:57 -04:00
Nick Mathewson
19a81ef020 Merge commit '81cd3d7ad641a8dbf' 2012-06-28 15:52:57 -04:00
Roger Dingledine
81cd3d7ad6 add a blurb for 0.2.3.18-rc, other minor cleanups 2012-06-28 15:32:36 -04:00
Nick Mathewson
d4285f03df Extend tor_sscanf so it can replace sscanf in rephist.c
Fixes bug 4195 and Coverity CID 448
2012-06-28 09:54:05 -04:00
Nick Mathewson
05dd0a9cd9 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-06-26 11:03:32 -04:00
Nick Mathewson
5fad3dc36b Fix a warning when using glibc's strcspn with clang.
With glibc 2.15 and clang 3.0, I get warnings from where we use the
strcpsn implementation in the header as strcspn(string, "=").  This
is apparently because clang sees that part of the strcspn macro
expands to "="[2], and doesn't realize that that part of the macro
is only evaluated when "="[1] != 0.
2012-06-26 11:02:44 -04:00
Nick Mathewson
201b852c27 Fix a compilation warning with clang 3.0
In b1ad1a1d02 we introduced an implicit (but safe)
long-to-int shortening that clang didn't like.

Warning not in any released version of Tor.
2012-06-26 10:48:31 -04:00
Nick Mathewson
888d5d08fe Merge remote-tracking branch 'public/bug2385' 2012-06-25 12:05:36 -04:00
Nick Mathewson
ffd7189b3f Don't assert in get_string_from_pipe() on len==0
We can treat this case as an EAGAIN (probably because of an
unexpected internal NUL) rather than a crash-worthy problem.

Fixes bug 6225, again.  Bug not in any released version of Tor.
2012-06-23 15:35:43 -04:00
Nick Mathewson
b1ad1a1d02 Resolve crash caused by format_helper_exit_status changes in #5557
Because the string output was no longer equal in length to
HEX_ERRNO_SIZE, the write() call would add some extra spaces and
maybe a NUL, and the NUL would trigger an assert in
get_string_from_pipe.

Fixes bug 6225; bug not in any released version of Tor.
2012-06-23 15:32:04 -04:00
Nick Mathewson
4a7e4129af Style tweaks and add a warning about NUL-termination 2012-06-22 22:21:20 -04:00
Andrea Shepard
c21af69f29 Refactor unsigned int hex formatting out of format_helper_exit_status() in util.c 2012-06-22 22:21:20 -04:00
Andrea Shepard
4c62cc6f99 Make format_helper_exit_status() avoid unnecessary spaces 2012-06-22 22:21:19 -04:00
Nick Mathewson
4a8eaad7ef Clear a couple more fields in rend_service_load_auth_keys 2012-06-18 13:13:53 -04:00
Nick Mathewson
97555f4537 fix a compiler warning added in one of my XXX023 fixes. 2012-06-15 16:43:59 -04:00
Nick Mathewson
30c4653780 Whitespace fix 2012-06-15 16:12:24 -04:00
Nick Mathewson
e62104a7d2 Move tor_gettimeofday_cached() into compat_libevent 2012-06-15 15:07:53 -04:00
Nick Mathewson
1755f792ed Refactor GETINFO process/descriptor-limit
Previously it duplicated some getrlimit code and content from compat.c;
now it doesn't.
2012-06-15 15:07:53 -04:00
Nick Mathewson
2491fff5a6 Triage the XXX023 and XXX022 comments: postpone many. 2012-06-15 15:07:52 -04:00
Nick Mathewson
37ef4f1689 Change smartlist_create->smartlist_new in bug4744 branch as merged to master 2012-06-13 12:16:02 -04:00
Nick Mathewson
aa1fc73e33 Merge branch 'bug4744_squashed' 2012-06-13 12:09:13 -04:00
Nick Mathewson
df6bd478ee Implement the client side of proposal 198
This is a feature removal: we no longer fake any ciphersuite other
than the not-really-standard SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA
(0xfeff).  This change will let servers rely on our actually
supporting what we claim to support, and thereby let Tor migrate to
better TLS ciphersuites.

As a drawback, Tor instances that use old openssl versions and
openssl builds with ciphers disabled will no longer give the
"firefox" cipher list.
2012-06-13 12:06:28 -04:00
Sebastian Hahn
9dd4e5a9b0 Fix another clang compile warning
We forgot this when we fixed 5969.
2012-06-13 16:51:56 +02:00
Nick Mathewson
667a12b471 Merge remote-tracking branch 'public/bug4592' 2012-06-11 10:34:48 -04:00
Nick Mathewson
a6180b7f29 Merge branch 'bug6097' 2012-06-11 10:14:01 -04:00
Roger Dingledine
167f6f1e96 typo noticed by "_raptor" 2012-06-07 15:35:19 -04:00
Nick Mathewson
bf9252587b Fix mingw build with -DUNICODE -D_UNICODE
This is a very blunt fix, and mostly just turns some func() calls
into FuncA() to make things build again.  Fixes bug 6097.
2012-06-07 11:59:32 -04:00
Nick Mathewson
1e5683b167 Be more careful calling wcstombs
The function is not guaranteed to NUL-terminate its output.  It
*is*, however, guaranteed not to generate more than two bytes per
multibyte character (plus terminating nul), so the general approach
I'm taking is to try to allocate enough space, AND to manually add a
NUL at the end of each buffer just in case I screwed up the "enough
space" thing.

Fixes bug 5909.
2012-06-07 11:09:38 -04:00
Nick Mathewson
d09a3ecd01 Merge remote-tracking branch 'public/getfilesize_64'
Conflicts:
	src/common/compat.c

The getfilesize change conflicted with the removal of file_handle
from the windows tor_mmap_t.
2012-06-05 11:10:42 -04:00
Nick Mathewson
b482c870ca Fix some mingw build warnings
These include:
   - Having a weird in_addr that can't be initialized with {0}
   - Needing INVALID_HANDLE_VALUE instead of -1 for file handles.
   - Having a weird dependent definition for struct stat.
   - pid is signed, not unsigned.
2012-06-05 11:06:26 -04:00
Nick Mathewson
7f45ea5c41 Merge remote-tracking branch 'public/bug3894' 2012-06-05 10:31:00 -04:00
Nick Mathewson
20d6f787aa Fix "make check-spaces" issues 2012-06-05 00:49:18 -04:00
Nick Mathewson
913067f788 Resolve about 24 DOCDOCs 2012-06-05 00:17:54 -04:00
Nick Mathewson
064e7c19c6 Missing copyright/license statement for procmon.c 2012-06-04 21:02:13 -04:00
Nick Mathewson
0fa107a6aa Update copyright dates to 2012; add a few missing copyright statements 2012-06-04 20:58:17 -04:00
Nick Mathewson
173b18c79b Add about 60 more DOCDOC comments to 0.2.3
Also, try to resolve some doxygen issues.  First, define a magic
"This is doxygen!" macro so that we take the correct branch in
various #if/#else/#endifs in order to get the right documentation.
Second, add in a few grouping @{ and @} entries in order to get some
variables and fields to get grouped together.
2012-06-04 19:59:08 -04:00
Nick Mathewson
361260ff8f Resolve some markup complaints from doxygen 2012-06-04 19:56:33 -04:00
Nick Mathewson
f68c042637 Resolve all currently pending DOCDOC items in master 2012-06-04 19:05:51 -04:00
Nick Mathewson
329e1c65d3 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-06-04 11:36:33 -04:00
Nick Mathewson
6d85a79653 Merge remote-tracking branch 'public/bug6033' into maint-0.2.2 2012-06-04 11:33:27 -04:00
Nick Mathewson
841a8d551a Work around a bug in OpenSSL 1.0.1's TLS 1.1 and TLS 1.2 support
It appears that when OpenSSL negotiates a 1.1 or 1.2 connection, and it
decides to renegotiate, the client will send a record with version "1.0"
rather than with the current TLS version.  This would cause the
connection to fail whenever both sides had OpenSSL 1.0.1, and the v2 Tor
handshake was in use.

As a workaround, disable TLS 1.1 and TLS 1.2.  When a later version of
OpenSSL is released, we can make this conditional on running a fixed
version of OpenSSL.

Alternatively, we could disable TLS 1.1 and TLS 1.2 only on the client
side.  But doing it this way for now means that we not only fix TLS with
patched clients; we also fix TLS when the server has this patch and the
client does not.  That could be important to keep the network running
well.

Fixes bug 6033.
2012-06-02 20:09:05 -04:00
Nick Mathewson
dff73d26f3 Merge remote-tracking branch 'public/bug5089'
Conflicts:
	src/test/test_util.c

Merge the unit tests; I added some when I did this branch against
0.2.2, and then the test format changed and master added more tests.
2012-05-31 16:21:54 -04:00
Nick Mathewson
0e207f9acb Merge remote-tracking branch 'public/close_file_mapping'
Conflicts:
	src/common/compat.h

Conflict was between replacement of MS_WINDOWS with _WIN32 in
master, and with removal of file_handle from tor_mmap_t struct in
close_file_mapping branch (for bug 5951 fix).
2012-05-31 12:38:11 -04:00
Nick Mathewson
2e58882b90 reindent CreateFile arguments. 2012-05-31 12:36:54 -04:00
Nick Mathewson
f1aae1236f Merge remote-tracking branch 'linus/bug5355_ln' 2012-05-31 12:33:16 -04:00
Nick Mathewson
ffc21b653f Merge remote-tracking branch 'origin/maint-0.2.2'
(For bug 5969 fix)
2012-05-31 00:07:52 -04:00
Nick Mathewson
3a9351b57e Fix more clang format-nonliteral warnings (bug 5969) 2012-05-30 23:59:49 -04:00
Nick Mathewson
e284894672 Add __attribute__(format)s for our varargs printf/scanf wrappers
It turns out that if you set the third argument of
__attribute__(format) to 0, GCC and Clang will check the format
argument without expecting to find variadic arguments.  This is the
correct behavior for vsnprintf, vasprintf, and vscanf.

I'm hoping this will fix bug 5969 (a clang warning) by telling clang that
the format argument to tor_vasprintf is indeed a format string.
2012-05-30 12:14:38 -04:00
Sebastian Hahn
a5a8296892 Fix clang 3.1 compile warning in crypto.c
(Tweaked by nickm)
2012-05-30 11:56:43 -04:00
Linus Nordberg
f998590e5b Don't stomp on errno. 2012-05-29 15:38:03 +02:00
Nick Mathewson
254504fc14 Have get_parent_directory() handle "/foo" and "/" correctly.
The parent of "/foo" is "/"; and "/" is its own parent.

This would cause Tor to fail if you tried to have a PF_UNIX control
socket in the root directory.  That would be a stupid thing to do
for other reasons, but there's no reason to fail like _this_.

Bug found by Esteban Manchado Velázquez. Fix for bug 5089; bugfix on
Tor 0.2.2.26-beta.  Unit test included.
2012-05-24 12:56:31 -04:00
Nick Mathewson
e7d34935fb Use GetFileSize correctly on win32
(Use its second parameter to find the high 32 bits of the file size;
check its return value for error conditions.)
2012-05-24 10:31:11 -04:00
Nick Mathewson
ab1b81e838 Close the windows file handle after CreateFileMapping; it isn't needed
I did the changes file; the rest came pseudonymously
2012-05-23 12:39:05 -04:00
Nick Mathewson
f35271bf3e Fix some more FreeBSD4 issues (based on a patch from grarpamp)
Apparently, freebsd 4 doesn't like malloc.h, needs sys/param.h for
MIN/MAX, and doesn't have a SIZE_MAX.

For bug 3894.
2012-05-16 14:34:17 -04:00
Nick Mathewson
d732b87e60 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-05-16 12:20:56 -04:00
Sebastian Hahn
679aa93e23 Fix month check in parse_http_time, add test 2012-05-16 12:15:13 -04:00
Nick Mathewson
801923ac21 Remove more dubiosity in struct tm handling. related to bug5346 2012-05-16 12:15:08 -04:00
Nick Mathewson
1abe533b33 Reject an additional type of bad date in parse_http_time 2012-05-16 12:14:48 -04:00
Esteban Manchado Velázquez
d0d9c3d71e Fix parse_http_time and add tests
* It seems parse_http_time wasn't parsing correctly any date with commas (RFCs
  1123 and 850). Fix that.
* It seems parse_http_time was reporting the wrong month (they start at 0, not
  1). Fix that.
* Add some tests for parse_http_time, covering all three formats.
2012-05-16 12:14:48 -04:00
Nick Mathewson
a925fc9189 Merge remote-tracking branch 'public/bug2822' 2012-05-16 11:10:09 -04:00
Nick Mathewson
89c1689009 Change our ciphersuite list to match ff8 2012-05-15 15:25:54 -04:00
Nick Mathewson
e3243ad5f6 Treat SW_SERVER_HELLO_B as another sign of an SSL handshake
We've been only treating SW_SERVER_HELLO_A as meaning that an SSL
handshake was happening.  But that's not right: if the initial
attempt to write a ServerHello fails, we would get a callback in
state SW_SERVER_HELLO_B instead.

(That's "instead" and not "in addition": any failed attempt to write
the hello will fail and cause the info callback not to get written.)

Fix for bug 4592; bugfix on 0.2.0.13-alpha.
2012-05-15 11:15:43 -04:00
Nick Mathewson
21e3261914 Bump _WIN32_WINNT to 0x0501 throughout the code
This tells the windows headers to give us definitions that didn't
exist before XP -- like the ones that we need for IPv6 support.

See bug #5861.  We didn't run into this issue with mingw, since
mingw doesn't respect _WIN32_WINNT as well as it should for some of
its definitions.
2012-05-14 13:46:37 -04:00
Nick Mathewson
9ffccb3f49 Remove all instances of WIN32_WINNT (without leading _)
We started adding it in 59e2c77824 back in 2004, 8 years and 3
days ago.  It's time to deprogram ourselves from this cargo cult.
2012-05-14 13:36:52 -04:00
Nick Mathewson
7134be0637 MSVC build issue: add magic to make openssl headers in aes.c work 2012-05-14 13:04:13 -04:00
Nick Mathewson
02d206a58b Be a good git person: store nmakefiles in correct text fmt 2012-05-14 13:01:05 -04:00
Nick Mathewson
b6028b9e8b Fix win32 compilation of 31eb73f88e 2012-05-14 12:08:05 -04:00
Nick Mathewson
a2f0e7a65b Cut down on the OS information we give.
For uname-based detection, we now give only the OS name (e.g.,
"Darwin", "Linux".)  For Windows, we give only the Operating System
name as inferred from dw(Major|Minor)version, (e.g., "Windows XP",
"Windows 7"), and whether the VER_NT_SERVER flag is set.

For ticket 2988.
2012-05-11 17:52:53 -04:00
Nick Mathewson
e0655708a2 Merge remote-tracking branch 'asn/bug4865_take2' 2012-05-11 11:52:51 -04:00
Nick Mathewson
84ddc4b6aa Merge remote-tracking branch 'public/bug5091' 2012-05-11 11:45:40 -04:00
Nick Mathewson
62f8e3926d Merge remote-tracking branch 'public/bug4591' 2012-05-10 15:55:12 -04:00
Nick Mathewson
c78a42685f Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/common/util.c
	src/test/test_util.c
2012-05-10 15:41:04 -04:00
Nick Mathewson
57ed459b0d Refactor new getcwd code
Make sure that the "path_length *= 2" statement can't overflow.

Move the "malloc and getcwd" loop into its own function.
2012-05-10 14:20:15 -04:00
Nick Mathewson
9b344628ed Handle out-of-range values in tor_parse_* integer functions
The underlying strtoX functions handle overflow by saturating and
setting errno to ERANGE.  If the min/max arguments to the
tor_parse_* functions are equal to the minimum/maximum of the
underlying type, then with the old approach, we wouldn't treat a
too-large value as genuinely broken.

Found this while looking at bug 5786; bugfix on 19da1f36 (in Tor
0.0.9), which introduced these functions.
2012-05-07 12:25:59 -04:00
Roger Dingledine
c648f9751f fix quad typo in comments
i assume if nickm maintained "libeven" this would never have been
introduced. :)
2012-05-07 01:54:53 -04:00
Nick Mathewson
a1538d607d Fix bug 5762: detect missing accept4 that gives ENOSYS
We had been checking for EINVAL, but that means that SOCK_* isn't
supported, not that the syscall itself is missing.

Bugfix on 0.2.3.1-alpha, which started to use accept4.
2012-05-04 13:18:14 -04:00
Nick Mathewson
c03a233faa Remove __ from HAVE_EXTERN_ENVIRON_DECLARED__
I think that the trailing __ got added in false analogy to
HAVE_MACRO__func__, HAVE_MACRO__FUNC__, and HAVE_MACRO__FUNCTION__.
But those macros actually indicate the presence of __func__,
__FUNC__, and __FUNCTION__ respectively.  The __ at the end of
HAVE_EXTERN_ENVIRON_DECLARED would only be appropriate if the
environ were declared__, whatever that means.

(As a side-note, HAVE_MACRO__func__ and so on should probably be
renamed HAVE_MACRO___func__ and so on.  But that can wait.)

This is an identifier renaming only.
2012-04-30 12:52:16 -04:00
Nick Mathewson
f0212197cc Only disable cert chaining on the first TLS handshake
If the client uses a v2 cipherlist on the renegotiation handshake,
it looks as if they could fail to get a good cert chain from the
server, since they server would re-disable certificate chaining.

This patch makes it so the code that make the server side of the
first v2 handshake special can get called only once.

Fix for 4591; bugfix on 0.2.0.20-rc.
2012-04-27 12:13:56 -04:00
Nick Mathewson
9dddfe83f3 Several mingw/msvc/cross-compilation fixes
They boil down to:
 - MS_WINDOWS is dead and replaced with _WIN32, but we let a few
   instances creep in when we merged Esteban's tests.
 - Capitalizing windows header names confuses mingw.
 - #ifdef 0 ain't C.
 - One unit test wasn't compiled on windows, but was being listed
   anyway.
 - One unit test was checking for the wrong value.

Gisle Vanem found and fixed the latter 3 issues.
2012-04-26 18:36:25 -04:00
Nick Mathewson
6f5a74002a Merge remote-tracking branch 'public/bug5112' 2012-04-24 11:14:22 -04:00
Nick Mathewson
4db5a1e151 Remove needless check for a buffer that could not be NULL.
Fixes coverity CID 508: coverity scan doesn't like checking a
variable for non-NULL after it has been definitely dereferenced.

This should take us back down to zero coverity issues.
2012-04-18 10:38:39 -04:00
George Kadianakis
6d2898607b Fix issues found by nickm.
* Document fmt_addr_impl() and friends.
* Parenthesize macro arguments.
* Rename get_first_listener_addrport_for_pt() to
  get_first_listener_addrport_string().
* Handle port_cfg_t with no_listen.
* Handle failure of router_get_active_listener_port_by_type().
* Add an XXX to router_get_active_listener_port_by_type().
2012-04-12 22:42:37 +02:00
George Kadianakis
b80728a115 tor_vsscanf(): Don't return -1 if '%%' doesn't match.
tor_vsscanf() is supposed to return the current number of matches on
match failure.
2012-04-03 16:20:24 +02:00
George Kadianakis
da6e0993dc Generalize fmt_addr() to support IPv6 decorations. 2012-03-31 13:48:20 +02:00
nils
efb8a09f41 Fix tor_strtok_r_impl and test cases per bug #5091
==

Nick here. I tweaked this patch a little to make it apply cleanly to
master, to extract some common code into a function, and to replace
snprintf with tor_snprintf.

-- nickm
2012-03-30 11:01:21 -04:00
Nick Mathewson
56e0959d2a Have tor_parse_*long functions check for negative bases
One of our unit tests checks that they behave correctly (giving an
error) when the base is negative.  But there isn't a guarantee that
strtol and friends actually handle negative bases correctly.

Found by Coverity Scan; fix for CID 504.
2012-03-30 10:34:05 -04:00
Nick Mathewson
ab3197c059 Remove a couple redundant NULL-checks before crypto_cipher_free
Calling crypto_cipher_free(NULL) is always safe, since (by
convention) all of our xyz_free() functions treat xyz_free(NULL) as
a no-op.

Flagged by coverity scan; fixes CID 508 and 509.
2012-03-30 10:16:58 -04:00
Linus Nordberg
734fad4103 Make relays handle an address suggestion from a directory server giving an IPv6 address.
last_guessed_ip becomes a tor_addr_t.

Most parts of router_new_address_suggestion() learns
about IPv6 (resolve_my_address() is still IPv4 only).
2012-03-28 22:16:55 +02:00
Nick Mathewson
433d757846 Reject SOCKS requests for "localhost" or ".local"
Sending them on is futile, since we will be told "127.0.0.1" and then
think we've been lied to.  Partial fix for 2822.
2012-03-28 03:19:00 -04:00
Nick Mathewson
01905a6ef9 Excise PK_NO_PADDING entirely: Unpadded RSA is silly.
We never use it, so having it around is pointless.

Suggested by Sebastian
2012-03-27 22:38:06 -04:00
Nick Mathewson
55c3e29669 Use OpenSSL 1.0.1's EVP aes_ctr implementation when available
This should be really fast on Intel chips.
2012-03-27 22:38:06 -04:00
Nick Mathewson
de0dca0de7 Refactor the API for setting up a block cipher.
It allows us more flexibility on the backend if the user needs to
specify the key and IV at setup time.
2012-03-27 22:37:56 -04:00
Nick Mathewson
00b4784575 Remove support for PK_NO_PADDING in crypto_pk_public_hybrid_encrypt
We never use it, and it would be a stupid thing if we started using it.
2012-03-27 22:37:55 -04:00
Nick Mathewson
80b2756b53 Log statement to help track down bug4091 2012-03-27 18:28:39 -04:00
Nick Mathewson
650e2aac46 Merge commit 'a5704b1c624c9a808f52f3a125339f00e2b9a378' into maint-0.2.2 2012-03-26 13:59:49 -04:00
Nick Mathewson
bd0657602d get_mozilla_ciphers: look at ssl3con.c, not sslenum.c 2012-03-14 18:36:58 -04:00
Nick Mathewson
c2ed9a2940 get_mozilla_ciphers: output lowercase hex. 2012-03-14 18:19:21 -04:00
Nick Mathewson
c5dca8f208 Try to make get_mozilla_ciphers output the right macros in the right order 2012-03-14 17:53:17 -04:00
Nick Mathewson
092b9aca8c Have get_mozilla_ciphers take sourcedirs as arguments 2012-03-14 16:53:39 -04:00
Nick Mathewson
a6a905cc11 Make get_mozilla_ciphers script a little more regexy and readable 2012-03-14 16:45:38 -04:00
Nick Mathewson
db07aaf45f Script to generate ciphers.inc by Arturo 2012-03-14 16:01:15 -04:00
George Kadianakis
aae570b493 Close fds on pipe() error in tor_spawn_background(). 2012-03-12 12:41:29 -04:00
Sebastian Hahn
d916fc38b6 Stop using MAX_PATH, it might not be defined
This broke compilation on Hurd
2012-03-10 16:53:01 +01:00
Nick Mathewson
c13dc5170f Merge remote-tracking branch 'origin/maint-0.2.2' 2012-03-09 11:54:45 -05:00
Nick Mathewson
be0535f00b Correctly handle broken escape sequences in torrc values
Previously, malformatted torrc values could crash us.

Patch by Esteban Manchado.  Fixes bug 5090; fix on 0.2.0.16-alpha.
2012-03-09 11:50:22 -05:00
Esteban Manchado Velázquez
8a633a3ebd Small fix in tor_sscanf documentation 2012-03-08 20:49:23 -05:00
Esteban Manchado Velázquez
a753ef8517 Fix typo in config parser documentation 2012-03-08 20:49:17 -05:00
Nick Mathewson
5daa765bd1 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-03-08 14:15:18 -05:00
Sebastian Hahn
fe50b676bc Fix compile warnings in openbsd malloc 2012-03-08 19:28:59 +01:00
Nick Mathewson
77a7a980d0 Don't leak the env_vars_sorted smartlist in process_environment_make
Found by Coverity.

No changes/ file, because this bug has not been in a release yet.
2012-02-29 19:49:26 -05:00
Nick Mathewson
a5704b1c62 Add a sha256 hmac function, with tests
(cherry picked from commit fdbb9cdf74)
2012-02-22 05:46:08 -08:00
Nick Mathewson
81fe3e438b Merge remote-tracking branch 'sebastian/bug5161' 2012-02-20 13:00:17 -05:00
Robert Ransom
cd029f0ca3 Fix crypto_hmac_sha256 documentation comment 2012-02-20 02:47:10 -08:00
Sebastian Hahn
bc66878bde Don't redeclare environ if std headers already did
This would cause a redundant redeclaration warning on some versions of
Linux otherwise.
2012-02-19 16:52:38 +01:00
Nick Mathewson
1d36693570 Use get_environment(), not environ. 2012-02-17 11:50:19 -05:00
Nick Mathewson
eaedcba493 Merge branch 'bug5105-v2-squashed'
Conflicts:
	src/or/transports.c
2012-02-17 11:50:10 -05:00
Robert Ransom
33552c16ca Heap-allocate strings returned by get_current_process_environment_variables 2012-02-17 11:42:21 -05:00
Robert Ransom
c0808b795f Pass process_environment_t * to tor_spawn_background
Now tor_spawn_background's prototype is OS-independent.
2012-02-17 11:42:20 -05:00
Robert Ransom
ee3a49d6ed Remove (void)envp from tor_spawn_background
The envp argument is used on Windows.
2012-02-17 11:42:20 -05:00
Robert Ransom
340d906419 Change type of unixoid_environment_block to match tor_spawn_background's arg 2012-02-17 11:42:20 -05:00
Robert Ransom
d37a1ec8c6 Add set_environment_variable_in_smartlist 2012-02-17 11:42:20 -05:00
Robert Ransom
0ba93e184a Add get_current_process_environment_variables 2012-02-17 11:42:19 -05:00
Robert Ransom
98cec14982 Add process_environment_make and related utilities 2012-02-17 11:42:19 -05:00
Robert Ransom
806e0f7e19 Add tor_calloc 2012-02-17 11:42:19 -05:00
Sebastian Hahn
efb7b9dec1 Use _NSGetEnviron() instead of environ where required
OS X would otherwise crash with a segfault when linked statically to
some libraries.
2012-02-14 11:18:39 -05:00
Nick Mathewson
077b9f19a4 If SOCK_CLOEXEC and friends fail, fall back to regular socket() calls
Since 0.2.3.1-alpha, we've supported the Linux extensions to socket(),
open(), socketpair(), and accept() that enable us to create an fd and
make it close-on-exec with a single syscall.  This not only saves us a
syscall (big deal), but makes us less vulnerable to race conditions
where we open a socket and then exec before we can make it
close-on-exec.

But these extensions are not supported on all Linuxes: They were added
between 2.6.23 or so and 2.6.28 or so.  If you were to build your Tor
against a recent Linux's kernel headers, and then run it with a older
kernel, you would find yourselve unable to open sockets.  Ouch!

The solution here is that, when one of these syscalls fails with
EINVAL, we should try again in the portable way.  This adds an extra
syscall in the case where we built with new headers and are running
with old ones, but it will at least allow Tor to work.

Fixes bug 5112; bugfix on 0.2.3.1-alpha.
2012-02-14 10:34:06 -05:00
Sebastian Hahn
efcdc930fb Make ht.h conform to Tor's code style again
When porting over changes from libevent, a bunch of tabs and a couple of
long lines got introduced.
2012-02-14 11:13:06 +01:00
Nick Mathewson
a31fb42d2e Port over the last ht.h changes from libevent: avoid _reserved identifiers 2012-02-13 18:40:30 -05:00
Nick Mathewson
107f604f31 Port over ht.h improvements from Libevent.
There is a facility (not used now in Tor) to avoid storing the hash
of a given type if it is a fast-to-calculate hash.

There are also a few ancient-openbsd compilation issues fixed here.

The fact that Tor says INLINE while Libevent says inline remains
unaddressed.
2012-02-13 18:06:40 -05:00
Nick Mathewson
1e9400d9c8 ht.h comment tweaks, upstreamed from libevent 2012-02-13 17:56:13 -05:00
Nick Mathewson
4aa0aa0300 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/common/Makefile.am
	src/or/Makefile.am
2012-02-12 23:27:31 -05:00
Sebastian Hahn
8ce6722d76 Properly protect paths to sed, sha1sum, openssl
in Makefile.am, we used it without quoting it, causing build failure if
your openssl/sed/sha1sum happened to live in a directory with a space in
it (very common on windows)
2012-02-10 20:12:03 +01:00
Nick Mathewson
8855b2a90c Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/common/tortls.c

Conflict on comment near use of the new OPENSSL_V macro
2012-02-10 10:56:37 -05:00
Nick Mathewson
2da0efb547 Use correct CVE number for CVE-2011-4576. Found by fermenthor. bug 5066 2012-02-10 10:55:39 -05:00
Nick Mathewson
79a80c88ee Fix straggling MS_WINDOWS issues; add a changes file
There was one MS_WINDOWS that remained because it wasn't on a macro
line; a few remaining uses (and the definition!) in configure.in;
and a now-nonsensical stanza of eventdns_tor.h that previously
defined 'WIN32' if it didn't exist.
2012-01-31 15:48:47 -05:00
Nick Mathewson
5cf9167f91 Use the standard _WIN32, not the Torism MS_WINDOWS or deprecated WIN32
This commit is completely mechanical; I used this perl script to make it:

 #!/usr/bin/perl -w -i.bak -p

 if (/^\s*\#/) {
     s/MS_WINDOWS/_WIN32/g;
     s/\bWIN32\b/_WIN32/g;
 }
2012-01-31 15:48:47 -05:00
Nick Mathewson
48424772aa Actually enable the windows absolute-path code
Checking for "WINDOWS" is wrong; our magic macro is MS_WINDOWS

Fixes bug 4973; bugfix on 0.2.3.11-alpha.
2012-01-31 10:42:41 -05:00
Nick Mathewson
26e789fbfd Rename nonconformant identifiers.
Fixes bug 4893.

These changes are pure mechanical, and were generated with this
perl script:

  /usr/bin/perl -w -i.bak -p

  s/crypto_pk_env_t/crypto_pk_t/g;
  s/crypto_dh_env_t/crypto_dh_t/g;
  s/crypto_cipher_env_t/crypto_cipher_t/g;
  s/crypto_digest_env_t/crypto_digest_t/g;

  s/aes_free_cipher/aes_cipher_free/g;
  s/crypto_free_cipher_env/crypto_cipher_free/g;
  s/crypto_free_digest_env/crypto_digest_free/g;
  s/crypto_free_pk_env/crypto_pk_free/g;

  s/_crypto_dh_env_get_dh/_crypto_dh_get_dh/g;
  s/_crypto_new_pk_env_rsa/_crypto_new_pk_from_rsa/g;
  s/_crypto_pk_env_get_evp_pkey/_crypto_pk_get_evp_pkey/g;
  s/_crypto_pk_env_get_rsa/_crypto_pk_get_rsa/g;

  s/crypto_new_cipher_env/crypto_cipher_new/g;
  s/crypto_new_digest_env/crypto_digest_new/g;
  s/crypto_new_digest256_env/crypto_digest256_new/g;
  s/crypto_new_pk_env/crypto_pk_new/g;

  s/crypto_create_crypto_env/crypto_cipher_new/g;

  s/connection_create_listener/connection_listener_new/g;
  s/smartlist_create/smartlist_new/g;
  s/transport_create/transport_new/g;
2012-01-18 15:53:30 -05:00
Nick Mathewson
d1b40cf2e7 Merge remote-tracking branch 'public/bug4533_part1'
Conflicts:
	src/common/compat.h
2012-01-18 15:33:04 -05:00
Nick Mathewson
1772782e42 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-01-18 15:29:41 -05:00
Nick Mathewson
dd4b1a2ac6 Fix SOCKET_OK test on win64.
Bugfix on 0.2.2.29-beta; partial fix for 4533; found by wanoskarnet
2012-01-18 10:48:29 -05:00
Nick Mathewson
dea0720dad Warn if sizeof(tor_socket_t) != sizeof(SOCKET) 2012-01-17 16:38:47 -05:00
Nick Mathewson
6e8c2a3e46 Use SOCKET_OK macros in even more places
Add a TOR_INVALID_SOCKET macro to wrap -1/INVALID_SOCKET.

Partial work for bug4533.
2012-01-17 16:35:07 -05:00
Nick Mathewson
9c29369a04 Convert instances of tor_malloc+tor_snprintf into tor_asprintf
These were found by looking for tor_snprintf() instances that were
preceeded closely by tor_malloc(), though I probably converted some
more snprintfs as well.

(In every case, make sure that the length variable (if any) is
removed, renamed, or lowered, so that anything else that might have
assumed a longer buffer doesn't exist.)
2012-01-16 15:03:44 -05:00
Nick Mathewson
9c6d913b9e Rename smartlist_{v,}asprintf_add to smartlist_add_{v,}asprintf 2012-01-16 15:01:54 -05:00
Nick Mathewson
411cf8f714 Make openssl 0.9.8l log message accurate
fixes 4837
2012-01-11 15:41:46 -05:00
Nick Mathewson
f729e1e984 Merge branch 'feature3457-v4-nm-squashed'
Conflicts:
	src/or/rendclient.c
2012-01-11 12:10:14 -05:00
Nick Mathewson
b5af456685 Use spaceless ISO8601 time format, not sec,usec. 2012-01-11 12:08:01 -05:00
Nick Mathewson
f371816209 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-01-11 11:07:37 -05:00
Nick Mathewson
0126150c2d Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2012-01-11 11:07:13 -05:00
Nick Mathewson
8d5c0e58ea Fix a compilation warning for our bug4822 fix on 64-bit linux 2012-01-11 11:06:31 -05:00
Nick Mathewson
5e9d349979 Merge remote-tracking branch 'public/bug4650_nm_squashed' 2012-01-10 17:59:49 -05:00
Nick Mathewson
73d4dbe103 whitespace and warning fixes for bug4746 2012-01-10 16:53:37 -05:00
Nick Mathewson
7fbf1e225e Merge remote-tracking branch 'asn-mytor/bug4746' 2012-01-10 16:44:03 -05:00
Nick Mathewson
dca3c9fff8 Add missing documentation for counter-mode checks 2012-01-10 11:15:46 -05:00
Nick Mathewson
cc5c14b732 Clean up indentation in aes.c 2012-01-10 11:15:42 -05:00
Nick Mathewson
d29a390733 Test for broken counter-mode at runtime
To solve bug 4779, we want to avoid OpenSSL 1.0.0's counter mode.
But Fedora (and maybe others) lie about the actual OpenSSL version,
so we can't trust the header to tell us if it's safe.

Instead, let's do a run-time test to see whether it's safe, and if
not, use our built-in version.

fermenthor contributed a pretty essential fixup to this patch. Thanks!
2012-01-10 11:15:35 -05:00
Nick Mathewson
5741aef3dc We no longer need to detect openssl without RAND_poll()
We require openssl 0.9.7 or later, and RAND_poll() was first added in
openssl 0.9.6.
2012-01-10 10:40:31 -05:00
Nick Mathewson
85c7d7659e Add macros to construct openssl version numbers
It's a pain to convert 0x0090813f to and from 0.9.8s-release on the
fly, so these macros should help.
2012-01-10 10:40:30 -05:00
Sebastian Hahn
2367f7e559 Make sure MAX_DNS_LABEL_SIZE is defined
MAX_DNS_LABEL_SIZE was only defined for old versions of openssl, which
broke the build. Spotted by xiando. Fixes bug 4413; not in any released
version.
2012-01-10 06:14:35 +01:00
Nick Mathewson
b1ee1a719d Tweaks for bug4413 fix
The thing that's limited to 63 bytes is a "label", not a hostname.

Docment input constraints and behavior on bogus inputs.

Generally it's better to check for overflow-like conditions before
than after.  In this case, it's not a true overflow, so we're okay,
but let's be consistent.

pedantic less->fewer in the documentation
2012-01-09 19:14:51 -05:00
Stephen Palmateer
3fadc074ca Remove (untriggerable) overflow in crypto_random_hostname()
Fixes bug 4413; bugfix on xxxx.

Hostname components cannot be larger than 63 characters.
This simple check makes certain randlen cannot overflow rand_bytes_len.
2012-01-09 19:05:05 -05:00
Nick Mathewson
1e5d66997b Merge remote-tracking branch 'origin/maint-0.2.2' 2012-01-09 16:40:42 -05:00
Nick Mathewson
c78a314e95 Fix comment about TLSv1_method() per comments by wanoskarnet 2012-01-09 16:40:21 -05:00
Roger Dingledine
ecdea4eeaf Merge branch 'maint-0.2.2' 2012-01-08 12:17:16 -05:00
Roger Dingledine
1416dd47a9 add a note from wanoskarnet
he disagrees about what the code that we decided not to use would do
2012-01-08 09:03:03 -05:00
Emile Snyder
d7eaa4b396 Change to use SSL_state_string_long() instead of homebrew ssl_state_to_string() function. 2012-01-06 05:31:34 -08:00
Nick Mathewson
ef69f2f2ab Merge remote-tracking branch 'origin/maint-0.2.2' 2012-01-05 14:17:44 -05:00
Nick Mathewson
ccd8289958 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2012-01-05 14:16:30 -05:00
Robert Ransom
4752b34879 Log at info level when disabling SSLv3 2012-01-05 12:28:56 -05:00
Nick Mathewson
db78fe4589 Disable SSLv3 when using a not-up-to-date openssl
This is to address bug 4822, and CVE-2011-4576.
2012-01-05 12:28:55 -05:00
Roger Dingledine
ff03347579 note some dead code. if i'm right, should this be removed? 2012-01-05 05:37:06 -05:00
Sebastian Hahn
98959f63ac Disallow disabling DisableDebuggerAttachment on runnning Tor
Also, have tor_disable_debugger_attach() return a tristate of
success/failure/don't-know-how , and only log appropriately.
2012-01-04 15:09:02 -05:00
Sebastian Hahn
5d9be49540 Fix a check-spaces violation in compat.c
Also fix a comment typo
2011-12-30 23:30:57 +01:00
Nick Mathewson
9f06ec0c13 Add interface enumeration based on SIOCGIFCONF for older unixes 2011-12-28 16:34:16 -05:00
Nick Mathewson
5d44a6b334 Multicast addresses, if any were configured, would not be good if addrs 2011-12-28 16:34:16 -05:00
Nick Mathewson
aa529f6c32 Use getifaddrs, not connect+getsockname, to find our address
This resolves bug1827, and lets us avoid freaking people out.
Later, we can use it to get a complete list of our interfaces.
2011-12-28 16:34:16 -05:00
Nick Mathewson
78f43c5d03 Require openssl 1.0.0a for using openssl's ctr-mode implementation
Previously we required 1.0.0, but there was a bug in the 1.0.0 counter
mode. Found by Pascal. Fixes bug 4779.

A more elegant solution would be good here if somebody has time to code
one.
2011-12-27 20:31:23 -05:00
Nick Mathewson
85d7811456 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-12-26 17:58:51 -05:00
Sebastian Hahn
da876aec63 Provide correct timeradd/timersup replacements
Bug caught and patch provided by Vektor. Fixes bug 4778.t
2011-12-25 23:19:08 +01:00
Kamran Riaz Khan
a1c1fc72d1 Prepend cwd for relative config file paths.
Modifies filenames which do not start with '/' or '.' on non-Windows
platforms; uses _fullpath on Windows.
2011-12-22 10:17:48 -05:00
George Kadianakis
d05bc02192 Add an informative header on the 'keys/dynamic_dh_params' file. 2011-12-19 16:06:22 +01:00
Robert Ransom
d688a40a0e Don't crash on startup of a dormant relay
If a relay is dormant at startup, it will call init_keys before
crypto_set_tls_dh_prime.  This is bad.  Let's make it not so bad, because
someday it *will* happen again.
2011-12-12 11:25:55 -08:00
Sebastian Hahn
0f8026ec23 Some more check-spaces stuff
This re-applies a check-spaces fix that was part of
7920ea55b8 and got reverted along with the
rest of that commit in df1f72329a.
2011-12-08 08:47:09 +01:00
Nick Mathewson
71ecfaa52f indent; add comment
This re-applies 40a87c4c08 which got
accidentally reverted in 75134c6c86.
Thanks asn for spotting this.
2011-12-08 08:45:24 +01:00
Sebastian Hahn
ee8b4b4e6e appease check-spaces
This re-applies f77f9bddb8 which got
accidentally reverted in 53f535aeb8.
Thanks asn for spotting this.
2011-12-08 08:43:32 +01:00
Nick Mathewson
0ebcf345ce Revert "Refactor the SSL_set_info_callback() callbacks."
This reverts commit 69a821ea1c.
2011-12-06 19:49:21 -05:00
Nick Mathewson
9727d21f68 Revert "Detect renegotiation when it actually happens."
This reverts commit 4fd79f9def.
2011-12-06 19:49:21 -05:00
Nick Mathewson
e09dd43ab3 Revert "Detect and deny excess renegotiations attempts."
This reverts commit ecd239e3b5.
2011-12-06 19:49:21 -05:00
Nick Mathewson
021ff31ba6 Revert "Get rid of tor_tls_block_renegotiation()."
This reverts commit 340809dd22.
2011-12-06 19:49:21 -05:00
Nick Mathewson
fa74af0cfa Revert "Also handle needless renegotiations in SSL_write()."
This reverts commit e2b3527106.
2011-12-06 19:49:20 -05:00
Nick Mathewson
45c46129ed Revert "Fix issues pointed out by nickm."
This reverts commit e097bffaed.
2011-12-06 19:49:20 -05:00
Nick Mathewson
616b60cef3 Revert "Use callback-driven approach to block renegotiations."
This reverts commit 406ae1ba5a.
2011-12-06 19:49:20 -05:00
Nick Mathewson
53f535aeb8 Revert "appease check-spaces"
This reverts commit f77f9bddb8.
2011-12-06 19:49:20 -05:00
Nick Mathewson
df1f72329a Revert "Refactor tor_event_base_once to do what we actually want"
This reverts commit 7920ea55b8.
2011-12-06 19:49:20 -05:00
Nick Mathewson
17880e4c0a Revert "Fix some wide lines in tortls.c"
This reverts commit e8dde3aabd.
2011-12-06 19:49:20 -05:00
Nick Mathewson
e83e720c8b Revert "use event_free() wrapper; fix bug 4582"
This reverts commit 9a88c0cd32.
2011-12-06 19:49:20 -05:00
Nick Mathewson
acc1806eb8 Revert "Don't schedule excess_renegotiations_callback unless it's set"
This reverts commit 617617e21a.
2011-12-06 19:49:20 -05:00
Nick Mathewson
75134c6c86 Revert "indent; add comment"
This reverts commit 40a87c4c08.
2011-12-06 19:49:20 -05:00
Nick Mathewson
135a5102a3 Revert "Make pending libevent actions cancelable"
This reverts commit aba25a6939.
2011-12-06 19:49:20 -05:00
Nick Mathewson
50fd99d7ef Revert "Set renegotiation callbacks immediately on tls inititation"
This reverts commit e27a26d568.
2011-12-06 19:49:19 -05:00
Nick Mathewson
d9edee3a3b Merge remote-tracking branch 'origin/maint-0.2.2' 2011-12-02 16:10:17 -05:00
Nick Mathewson
2b5a035604 tor_accept_socket() should take tor_addr_t for listener arg
Fixes bug 4535; bugfix on 0.2.2.28-beta; found by "troll_un"
2011-12-02 16:09:16 -05:00
Nick Mathewson
0920cd02f4 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-12-02 15:38:29 -05:00
Nick Mathewson
b7015603fa Fix bug 4530; check return val of tor_addr_lookup correctly
Fix on 0.2.1.5-alpha; reported by troll_un
2011-12-02 15:37:24 -05:00
Sebastian Hahn
95af91565b Work around a false positive in Coverity.
Fixes cid 501 and 502.
2011-12-02 06:16:57 +01:00
George Kadianakis
02708b7d80 Free the global DH parameters in crypto_global_cleanup(). 2011-11-30 13:17:47 -05:00
George Kadianakis
a708e85236 Move crypto_global_cleanup() to the bottom of crypto.c. 2011-11-30 13:17:39 -05:00
Nick Mathewson
29db095a35 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-11-30 12:41:08 -05:00
Linus Nordberg
f786307ab7 First chunk of support for bridges on IPv6
Comments below focus on changes, see diff for added code.

New type tor_addr_port_t holding an IP address and a TCP/UDP port.

New flag in routerinfo_t, ipv6_preferred.  This should go in the
node_t instead but not now.

Replace node_get_addr() with
- node_get_prim_addr() for primary address, i.e. IPv4 for now
- node_get_pref_addr() for preferred address, IPv4 or IPv6.

Rename node_get_addr_ipv4h() node_get_prim_addr_ipv4h() for
consistency.  The primary address will not allways be an IPv4 address.
Same for node_get_orport() -> node_get_prim_orport().

Rewrite node_is_a_configured_bridge() to take all OR ports into account.

Extend argument list to extend_info_from_node and
extend_info_from_router with a flag indicating if we want to use the
routers primary address or the preferred address.  Use the preferred
address in as few situtations as possible for allowing clients to
connect to bridges over IPv6.
2011-11-30 11:55:45 -05:00
Nick Mathewson
8bb23c7def Merge branch 'bug4587_v2' 2011-11-29 19:15:40 -05:00
Nick Mathewson
e27a26d568 Set renegotiation callbacks immediately on tls inititation
This way, we can't miss a renegotiation attempt in a v2 handshake,
or miss excess renegotiation attempts.  Partial fix for bug 4587.
2011-11-29 19:10:19 -05:00
Nick Mathewson
da6c136817 Merge remote-tracking branch 'asn-mytor/bug4548_take2' 2011-11-29 18:30:41 -05:00
Nick Mathewson
aba25a6939 Make pending libevent actions cancelable
This avoids a dangling pointer issue in the 3412 code, and should
fix bug 4599.
2011-11-29 17:08:29 -05:00
Nick Mathewson
40a87c4c08 indent; add comment 2011-11-27 09:24:41 -05:00
Nick Mathewson
e665ec6409 Merge remote-tracking branch 'asn/bug4584' 2011-11-27 09:18:55 -05:00
Nick Mathewson
617617e21a Don't schedule excess_renegotiations_callback unless it's set
Partial fix for bug 4587; reported by "frosty_un".
2011-11-27 08:21:59 -05:00
George Kadianakis
b42ff6545a Use random bytes as our certificate serial numbers.
Instead of using time(NULL) in our certificate serial numbers, use
eight random bytes as suggested in proposal 179.
2011-11-27 08:20:17 +01:00
George Kadianakis
055d6c01ff Write dynamic DH parameters to a file.
Instead of only writing the dynamic DH prime modulus to a file, write
the whole DH parameters set for forward compatibility. At the moment
we only accept '2' as the group generator.

The DH parameters gets stored in base64-ed DER format to the
'dynamic_dh_params' file.
2011-11-26 19:29:57 +01:00
George Kadianakis
f28014bf1a Introduce write_bytes_to_new_file().
Introduce write_bytes_to_new_file(), a function which writes bytes to
a file only if that file did not exist.
2011-11-26 18:56:49 +01:00
Nick Mathewson
9a88c0cd32 use event_free() wrapper; fix bug 4582 2011-11-25 19:09:48 -05:00
Nick Mathewson
e8dde3aabd Fix some wide lines in tortls.c 2011-11-25 17:22:46 -05:00
Nick Mathewson
7920ea55b8 Refactor tor_event_base_once to do what we actually want
This version avoids the timeout system entirely, gives a nicer
interface, and lets us manage allocation explicitly.
2011-11-25 17:18:54 -05:00
Nick Mathewson
e5f2f10844 Merge remote-tracking branch 'asn/bug4312' 2011-11-25 17:00:47 -05:00
Nick Mathewson
d6c18c5804 Make process_handle_t private and fix some unit tests
Let's *not* expose more cross-platform-compatibility structures, or
expect code to use them right.

Also, don't fclose() stdout_handle and stdin_handle until we do
tor_process_handle_destroy, or we risk a double-fclose.
2011-11-25 16:47:25 -05:00
Nick Mathewson
093e6724c7 Merge remote-tracking branch 'asn/bug3472_act2' 2011-11-25 16:00:31 -05:00
Nick Mathewson
cb8059b42d Merge remote-tracking branch 'sebastian/pure_removal' 2011-11-25 14:54:04 -05:00
Sebastian Hahn
75d8ad7320 Purge ATTR_PURE from the code
We're using it incorrectly in many cases, and it doesn't help as far as
we know.
2011-11-25 17:57:50 +01:00
George Kadianakis
b31601975b Move DH_GENERATOR to crypto.c. 2011-11-25 17:44:11 +01:00
George Kadianakis
1df6b5a734 Move broken primes to dynamic_dh_modulus.broken. 2011-11-25 17:39:45 +01:00
George Kadianakis
4938bcc06a Do dynamic DH modulus storing in crypto.c. 2011-11-25 17:39:28 +01:00
Nick Mathewson
25c9e3aab9 Merge branch 'more_aes_hackery_rebased'
Conflicts:
	changes/aes_hackery
2011-11-25 10:36:13 -05:00
Nick Mathewson
9814019a54 Use openssl's counter mode implementation when we have 1.0.0 or later
This shaves about 7% off our per-cell AES crypto time for me; the
effect for accelerated AES crypto should be even more, since the AES
calculation itself will make an even smaller portion of the
counter-mode performance.

(We don't want to do this for pre-1.0.0 OpenSSL, since our AES_CTR
implementation was actually faster than OpenSSL's there, by about
10%.)

Fixes issue #4526.
2011-11-25 10:32:21 -05:00
Nick Mathewson
8143074b3f Use EVP for AES only when hardware accel is present
Fixes bug 4525, fix on 0.2.3.8-alpha.
2011-11-25 10:32:00 -05:00
Peter Palfrader
86be8fcf0a Handle build-trees better.
Properly create git revision and source file sha1sums include files when
building tor not in its source tree but in a dedicated build tree.
2011-11-24 23:56:01 -05:00
Nick Mathewson
eaa3a379f0 Move disable-debugger-attachment fn to compat where it belongs. Fix whitespace 2011-11-24 23:45:47 -05:00
George Kadianakis
1d1d5ae7f8 Finishing touches.
- Make check-spaces happy.
- Remove a stray header from crypto.h
2011-11-25 01:08:31 +01:00
George Kadianakis
7c37a664c1 Rename 'dynamic prime' to 'dynamic DH modulus'. 2011-11-25 01:00:58 +01:00
George Kadianakis
bdeb797a13 Notify the user that her computer is generating numbers. 2011-11-25 00:59:47 +01:00
George Kadianakis
5f3f41c234 Make sure that the stored DH prime is safe to use. 2011-11-25 00:33:40 +01:00
George Kadianakis
94076d9e3b Move crypto_get_stored_dynamic_prime() to crypto.c 2011-11-24 22:59:01 +01:00
George Kadianakis
2ef68980a7 Move store_dynamic_prime() to crypto.c. 2011-11-24 22:32:10 +01:00
George Kadianakis
cabb8e54c7 Tone down the logging. 2011-11-24 22:14:09 +01:00
George Kadianakis
8a726dd0dd Implement dynamic prime reading and storing to disk. 2011-11-24 22:13:44 +01:00
George Kadianakis
42bda231ee Make DynamicPrimes SIGHUP-able.
Instead of passing the DynamicPrimes configuration option to
crypto_global_init(), generate and set a new TLS DH prime when we read
the torrc.
2011-11-24 22:13:38 +01:00
George Kadianakis
0e71be5d94 Improve code in the dynamic primes realm. 2011-11-24 22:13:19 +01:00
George Kadianakis
fb38e58d14 Improve logging. 2011-11-24 22:13:00 +01:00
George Kadianakis
1797e0a39e Make it compile. 2011-11-24 22:12:44 +01:00