Yawning Angel
9467485517
Add crypto_xof_t
and assorted routines, backed by SHAKE256.
...
This is an eXtendable-Output Function with the following claimed
security strengths against *all* adversaries:
Collision: min(d/2, 256)
Preimage: >= min(d, 256)
2nd Preimage: min(d, 256)
where d is the amount of output used, in bits.
2015-12-19 22:45:21 +00:00
Yawning Angel
687f9b3bd7
Add the SHA-3 hash functions to common/crypto.h.
...
* DIGEST_SHA3_[256,512] added as supported algorithms, which do
exactly what is said on the tin.
* test/bench now benchmarks all of the supported digest algorithms,
so it's possible to see just how slow SHA-3 is, though the message
sizes could probably use tweaking since this is very dependent on
the message size vs the SHA-3 rate.
2015-12-19 22:44:05 +00:00
Yawning Angel
5356eba6ca
Use tor specific headers and memwipe() instead of memset_s(), and build.
...
This is where things get tor specific. It's just replacing stdint.h
and memset_s with the tor compat code so going back is trivial...
2015-12-19 22:34:39 +00:00
Yawning Angel
18685df031
Expose an incremental API in addition to the one-shot routines.
...
The digest routines use init/update/sum, where sum will automatically
copy the internal state to support calculating running digests.
The XOF routines use init/absorb/squeeze, which behave exactly as stated
on the tin.
2015-12-19 22:34:39 +00:00
Yawning Angel
e993003792
Clean import of keccak-tiny ( https://github.com/coruus/keccak-tiny )
...
As of commit: 64b6647514212b76ae7bca0dea9b7b197d1d8186
2015-12-18 20:32:10 +00:00
Nick Mathewson
f0a4282e9a
fix routerlist/pick_directory_server_impl in light of 12538
2015-12-18 14:10:03 -05:00
Nick Mathewson
f5f35e9009
Fix config/directory_fetch after 12538 merge
2015-12-18 13:36:41 -05:00
Nick Mathewson
a6c9fcc486
Fix nodelist/node_is_dir test wrt 12538.
2015-12-18 13:24:23 -05:00
Nick Mathewson
c4fb7ad034
Merge branch 'feature12538_028_01_squashed'
2015-12-18 13:16:49 -05:00
Nick Mathewson
14c9b99051
mark a variable unused to fix a warning.
2015-12-18 13:16:40 -05:00
David Goulet
ea6f88478c
Use dir_server_mode() in find_dl_schedule()
...
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-12-18 13:14:10 -05:00
Nick Mathewson
0c8e042c30
Restore semantics of advertise vs serve on directory cacheing
...
When we are low on accounted bandwidth, we stop advertising that
we're a directory, but we will continue to answer directory
requests, just as before.
2015-12-18 13:14:10 -05:00
Nick Mathewson
54406f78b8
Change dataflow on generating 'dir-cache' flag.
...
Convention is that router_dump_router_to_string() should look at its
input "router", which should be generated by
router_build_fresh_descirptor().
2015-12-18 13:14:10 -05:00
Matthew Finkel
6a5528356f
Assert rs are added in con and con_md tests
2015-12-18 13:14:10 -05:00
Matthew Finkel
185c93c954
Automatically generate md-con method vers in test
2015-12-18 13:14:10 -05:00
Matthew Finkel
21654ca7bd
Let make_consensus_method_list be used in tests
2015-12-18 13:14:10 -05:00
Matthew Finkel
fb80a748ea
A router must be a dir cache before it may be HSDir
...
Fixes #15801
2015-12-18 13:14:09 -05:00
Matthew Finkel
3007de8efc
{dis,en}abling DirCache is a semantic change
2015-12-18 13:14:09 -05:00
Matthew Finkel
d49ad438a8
Rebuild descriptor when DirCache is {dis,en}abled
2015-12-18 13:14:09 -05:00
Matthew Finkel
997f779a7f
Add new DirCache configuration option
...
This will give relay operators the ability of disabling the caching of
directory data. In general, this should not be necessary, but on some
lower-resource systems it may beneficial.
2015-12-18 13:14:09 -05:00
Matthew Finkel
e0bd6cdef2
Add unit test for router_pick_directory_server_impl
2015-12-18 13:14:09 -05:00
Matthew Finkel
0a7d22a664
Client should check if dir server has open dir port or handles tunnelled requests
...
Final piece of prop 237. Closes 12538.
2015-12-18 13:14:09 -05:00
Nick Mathewson
05f02f65c4
changes file for 17893
2015-12-18 13:12:42 -05:00
cypherpunks
874f982aec
Stop building and testing Tor twice with distcheck
2015-12-18 13:11:32 -05:00
Nick Mathewson
511105af9c
changes file for 17892
2015-12-18 13:10:13 -05:00
cypherpunks
59e5bf7e2a
Remove an extra space in backtrace version string
2015-12-18 13:09:05 -05:00
cypherpunks
4c55ccbe95
Fix a memory leak in the backtrace test
2015-12-18 13:09:05 -05:00
cypherpunks
afc5af3f00
Log the backtrace when the backtrace test fails
2015-12-18 13:09:04 -05:00
Nick Mathewson
0c5d8d9a4f
Move some more code inside a tortls.c ifdef to fix deadcode warning.
2015-12-18 11:11:42 -05:00
Nick Mathewson
4ede2decad
Fix an unreached null-pointer deref in connection tests
...
This is CID 1343603
2015-12-18 10:35:25 -05:00
Nick Mathewson
9b1c491ec6
Fix a buffer overrun in connection tests.
...
This is CID 1343601.
2015-12-18 10:32:50 -05:00
Nick Mathewson
498897e33d
Fix a coverity uninitialized-pointer warning in policy tests.
...
This is CID 1340255
2015-12-18 10:29:27 -05:00
Nick Mathewson
428e2b7636
Fix a coverity NULL-pointer deref warning in the DNS tests.
...
This is CID 1340251
2015-12-18 10:27:30 -05:00
Nick Mathewson
6b5b1a02d4
Fix a coverity NULL-pointer deref warning in the tortls tests.
...
Also, make our cert validation code more NULL-resistant.
This is CID 1327891.
2015-12-18 10:25:15 -05:00
Nick Mathewson
2e99371eb9
Looks like I added one X509_free too many :(
2015-12-18 10:20:14 -05:00
Nick Mathewson
9e2c4ee557
Fix some dead code in tortls.c
...
If SSL_CIPHER_find exists, then we won't use either of the two
kludges that would replace it.
Found by Coverity; fixes CID 1340256.
2015-12-18 10:04:01 -05:00
Nick Mathewson
4604b3ab19
Fix a null-pointer deref when writing geoip stats
...
Found by coverity; CID 1327892.
2015-12-18 10:00:44 -05:00
Nick Mathewson
2e74d182b2
Fix remaining memory leaks in unit tests.
2015-12-18 09:58:14 -05:00
cypherpunks
6598581d81
Add zlib path when linking the switch_id test
2015-12-18 08:42:16 -05:00
Nick Mathewson
f96d191cf3
Merge branch '17752_again'
2015-12-17 16:31:56 -05:00
Nick Mathewson
8585cc57f8
Merge branch 'maint-0.2.7'
2015-12-17 14:57:16 -05:00
Nick Mathewson
2cbaf39af4
Add some more ed25519 key files to the seccomp sandbox list
...
Fixes bug 17675; bugfix on 0.2.7.3-alpha.
2015-12-17 14:56:24 -05:00
Nick Mathewson
f1be33fc00
Another try at fixing 17752
...
I believe that the final SMARTLIST_DEL_CURRENT was sometimes
double-removing items that had already been removed by
connection_mark_unattached_ap or
connection_ap_handshake_attach_circuit().
The fix here is to prevent iteration over the list that other
functions might be modifying.
2015-12-17 12:30:13 -05:00
cypherpunks
54d9632cdd
Fix unused variable errors
2015-12-17 12:18:07 -05:00
Nick Mathewson
4bb72a4d12
Return 77 means "skipped"
2015-12-17 08:36:31 -05:00
cypherpunks
759e6f8afb
Improve warning message
...
The user parameter is not checked so we do not know the user has been
specified.
2015-12-17 08:34:27 -05:00
cypherpunks
9d5e47d2d7
Add missing parentheses
2015-12-17 08:34:27 -05:00
cypherpunks
fd399ec850
Remove Windows specific data type usage
...
The Tor code base already contains usage of setsockopt(2) with an int as
their option value without problems.
2015-12-17 08:34:27 -05:00
cypherpunks
2d2312d989
Conform to the type signature of setsockopt(2)
...
According to the POSIX standard the option value is a pointer to void
and the option length a socklen_t. The Windows implementation makes the
option value be a pointer to character and the option length an int.
Casting the option value to a pointer to void conforms to the POSIX
standard while the implicit cast to a pointer to character conforms to
the Windows implementation.
The casts of the option length to the socklen_t data type conforms to
the POSIX standard. The socklen_t data type is actually an alias of an
int so it also conforms to the Windows implementation.
2015-12-17 08:34:27 -05:00
cypherpunks
596f9a4b4c
Use a Windows specific socket error code
2015-12-17 08:34:27 -05:00