nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-10 13:13:44 +01:00
Code Issues Packages Projects Releases Wiki Activity
31,144 Commits 53 Branches 630 Tags 125 MiB
2328c79a5f
Commit Graph

31144 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nick Mathewson
2328c79a5f Add off-by-one checks for key length. 2020-03-17 10:44:38 -04:00
Nick Mathewson
8abdb39489 Extract key length check into a new function, and check more fields. 
In the openssl that I have, it should be safe to only check the size
of n.  But if I'm wrong, or if other openssls work differently, we
should check whether any of the fields are too large.

Issue spotted by Teor.
 2020-03-17 10:44:38 -04:00
Nick Mathewson
29c9675bde Fix memory leak in crypto_pk_asn1_decode_private. 
(Deep, deep thanks to Taylor for reminding me to test this!)
 2020-03-14 14:17:37 -04:00
Nick Mathewson
ab2e66ccdc Add a test for crypto_pk_asn1_decode_private maxbits. 2020-03-14 14:17:13 -04:00
Nick Mathewson
be064f77b9 Revise TROVE-2020-002 fix to work on older OpenSSL versions. 
Although OpenSSL before 1.1.1 is no longer supported, it's possible
that somebody is still using it with 0.3.5, so we probably shouldn't
break it with this fix.
 2020-03-14 13:38:53 -04:00
Nick Mathewson
d0bce65ce2 changes file for 33119 aka TROVE-2020-002 2020-02-05 12:02:32 -05:00
Nick Mathewson
f160212ee8 When parsing tokens, reject early on spurious keys. 2020-02-05 11:57:31 -05:00
Nick Mathewson
9e1085c924 When parsing, reject >1024-bit RSA private keys sooner. 
Private-key validation is fairly expensive for long keys in openssl,
so we need to avoid it sooner.
 2020-02-05 11:11:35 -05:00
teor
41d52e9cd8
Merge remote-tracking branch 'tor-github/pr/1614' into maint-0.3.5 2020-01-30 07:53:53 +10:00
teor
19954cffd7
Merge remote-tracking branch 'tor-github/pr/1513' into maint-0.3.5 2020-01-16 09:57:27 +10:00
Peter Gerber
0d64bafcfe Correct how we use libseccomp 
This fixes a startup crash with libseccomp v2.4.0 if Sandbox is
set to 1.
 2019-12-17 09:47:28 -05:00
teor
0b3763612c
Merge remote-tracking branch 'tor-github/pr/1459' into bug32240_32242_035 2019-12-16 09:21:05 +10:00
teor
75096de4c7
Merge branch 'bug32240_029' into bug32240_035 
Merge
* Chutney Trusty deletion in bug32240_029
* NSS addition in maint-0.3.5
 2019-12-16 09:09:16 +10:00
teor
37b04aeed7
changes: file for 32240 2019-12-16 09:06:25 +10:00
teor
0f07d25243
Travis: Run Chutney jobs in Ubuntu Bionic images 
Closes 32240.
 2019-12-16 09:03:48 +10:00
teor
704f3224a2
Travis: Turn off Tor's Sandbox in Chutney jobs 
We need to set "Sandbox 0", until we fix sandbox errors that are
triggered by Ubuntu Xenial and Bionic. See 32722.

Part of 32240.
 2019-12-16 09:01:45 +10:00
teor
1cd20ff848
Merge branch 'maint-0.2.9' into maint-0.3.5 2019-12-16 08:15:55 +10:00
teor
05908d57f6
Merge remote-tracking branch 'tor-github/pr/1576' into maint-0.3.5 2019-12-16 08:14:04 +10:00
teor
7dd5946094
Merge remote-tracking branch 'tor-github/pr/1575' into maint-0.2.9 2019-12-16 08:13:38 +10:00
Nick Mathewson
0c4f0ec977 bump to 0.3.5.9-dev 2019-12-09 16:01:11 -05:00
Nick Mathewson
74cae547e5 Merge branch 'maint-0.2.9' into maint-0.3.5 2019-12-06 16:02:07 -05:00
Karsten Loesing
b7b467d3af Update geoip and geoip6 to the December 3 2019 database. 2019-12-06 11:50:35 +01:00
teor
a277f28947
changes: file for 32629 2019-12-06 10:51:43 +10:00
teor
b84e7715da
changes: file for 32629 2019-12-06 10:51:05 +10:00
Nick Mathewson
c53567c36f Bump version to 0.3.5.9 2019-12-05 13:29:49 -05:00
teor
aee966cb06
Merge remote-tracking branch 'tor-github/pr/1277' into maint-0.3.5 2019-12-05 10:11:18 +10:00
teor
62cf12a8bd
Travis: use -std=gnu99 with NSS, and clang with Chutney 
NSS:
* test NSS-specific code with -std=gnu99
* use a recent gcc version from the latest Ubuntu image

Chutney:
* use clang, so we keep one clang Linux job
* keep clang on a fast job, so the overall build finishes quickly

Closes ticket 32500 for 0.3.5.
 2019-12-03 12:46:22 +10:00
teor
145ff92d92
Merge branch 'maint-0.2.9' into maint-0.3.5 
Merge C_DIALECT_OPTIONS from ticket32500_029 with
other configure options from maint-0.3.5.
 2019-12-03 12:45:41 +10:00
teor
792c15fde2
Travis: use -std=gnu99 in some jobs 
Require C99 standards-conforming code in Travis CI, but allow GNU gcc
extensions. Also activates clang's -Wtypedef-redefinition warnings.

Builds some jobs with -std=gnu99, and some jobs without.

Closes ticket 32500.
 2019-12-03 12:42:39 +10:00
teor
6558bb4460
Travis: Disable the macOS Rust job 
This time, we're disabling it because it's the lowest priority job.
(And also slow.)

Part of 32629.
 2019-12-01 20:25:00 +10:00
teor
f2f7491cd9
Merge branch 'ticket32629_029' into ticket32629_035 
Merge re-enable chutney from ticket32629_029 with
stem from maint-0.3.5.
 2019-11-28 12:21:08 +10:00
teor
453e092e52
Revert "Travis: Disable the Rust macOS build" 
This reverts commit 4c4a0d50ff.
 2019-11-28 12:11:37 +10:00
teor
99b5f1b261
Revert "Travis: Disable all but one macOS build" 
This reverts commit 511aeba8ee.
 2019-11-28 12:10:10 +10:00
teor
501b5174d8
Merge remote-tracking branch 'tor-github/pr/1464' into maint-0.3.5 2019-11-25 12:35:11 +10:00
teor
400cee261e
Merge remote-tracking branch 'tor-github/pr/1422' into maint-0.3.5 2019-11-25 12:34:29 +10:00
teor
54c01119ed
Merge remote-tracking branch 'tor-github/pr/1405' into maint-0.3.5 2019-11-25 12:33:55 +10:00
teor
83424cb62f
Merge remote-tracking branch 'tor-github/pr/1395' into maint-0.3.5 2019-11-25 12:33:14 +10:00
teor
f9812ee5f7
Merge remote-tracking branch 'tor-github/pr/1394' into maint-0.3.5 2019-11-25 12:29:43 +10:00
Nick Mathewson
7beaaed245 Merge branch 'maint-0.2.9' into maint-0.3.5 2019-11-11 10:14:03 -05:00
teor
2abff832dd
Appveyor: Install OpenSSL to resolve a header/library mismatch 
Install the mingw OpenSSL package in Appveyor. This makes sure that
the OpenSSL headers and libraries match in Tor's Appveyor builds.

(This bug was triggered by an Appveyor image update.)

Fixes bug 32449; bugfix on 0.3.5.6-rc.
 2019-11-11 13:19:15 +10:00
Karsten Loesing
853b6ad095 Update geoip and geoip6 to the November 6 2019 database. 2019-11-09 10:10:19 +01:00
Nick Mathewson
4d70e725d1 Do not try to shut down the event loop when it is not initialized. 
Doing so caused us to crash in some unusual circumstances, such as
using --verify-config to verify a configuration that failed during
the options_act() stage.

Fixes bug 32407; bugfix on 0.3.3.1-alpha.
 2019-11-06 11:33:23 -05:00
teor
1bde356bf6
Merge branch 'maint-0.2.9' into maint-0.3.5 2019-11-06 11:19:30 +10:00
teor
4abfcb7997
Merge remote-tracking branch 'tor-github/pr/1354' into maint-0.3.5 2019-11-06 11:18:09 +10:00
teor
0e2834a371
Merge remote-tracking branch 'tor-github/pr/1348' into maint-0.3.5 2019-11-06 11:17:43 +10:00
teor
d2e4262ebc
Merge remote-tracking branch 'tor-github/pr/1340' into maint-0.3.5 2019-11-06 11:17:01 +10:00
teor
6bfdd09679
Merge remote-tracking branch 'tor-github/pr/1343' into maint-0.3.5 2019-11-06 11:16:09 +10:00
teor
0650bf3695
Merge remote-tracking branch 'tor-github/pr/1342' into maint-0.2.9 2019-11-06 11:15:45 +10:00
teor
c06d540ff9
Merge remote-tracking branch 'tor-github/pr/1330' into maint-0.2.9 2019-11-06 11:14:53 +10:00
teor
15d67842f9
Merge branch 'maint-0.2.9' into maint-0.3.5 2019-10-29 08:26:32 +10:00