Commit Graph

23304 Commits

Author SHA1 Message Date
Isis Lovecruft
a53059c6a0 Document two additional functions in src/or/routerkeys.c.
Adds docstrings for generate_ed_link_cert() and should_make_new_ed_keys().
2016-11-03 08:40:10 -04:00
Nick Mathewson
70e7d28b3e Generate our x509 certificates using sha256, not sha1.
All supported Tors (0.2.4+) require versions of openssl that can
handle this.

Now that our link certificates are RSA2048, this might actually help
vs fingerprinting a little.
2016-11-03 08:40:10 -04:00
Nick Mathewson
805e97a433 Drop support for AUTHTYPE_RSA_SHA256_RFC5705 authentication.
This was a stopgap method, designed on the theory that some routers
might support it before they could support Ed25519.  But it looks
like everybody who supports RFC5705 will also have an Ed25519 key,
so there's not a lot of reason to have this even supported.
2016-11-03 08:40:10 -04:00
Nick Mathewson
53656381df Changes file for 15055 branch. 2016-11-03 08:40:10 -04:00
Nick Mathewson
5a2f70f86a Clean up comments, mark more branches as BUG. 2016-11-03 08:40:10 -04:00
Nick Mathewson
d4c57909f8 Test failing cases of ed25519 authentication. 2016-11-03 08:40:10 -04:00
Nick Mathewson
acbb60cd63 Move unittests' RSA pregen code into a new file, and improve.
This patch moves the pregenerated RSA key logic into a new
testing_rsakeys.c.

Also, it adds support for RSA2048, since the link handshake tests
want that.

Also, it includes pregenerated keys, rather than trying to actually
generate the keys at startup, since generating even a small handful
of RSA2048 keys makes for an annoying delay.
2016-11-03 08:40:10 -04:00
Nick Mathewson
af2459f09e Unit tests for cert-chain-processing, including failed cases
Check out the coverage!
2016-11-03 08:40:10 -04:00
Nick Mathewson
a90a111a5f Label a few conditions in link authentication code as bugs. 2016-11-03 08:40:09 -04:00
Nick Mathewson
672fe4bee4 Extend link handshake tests to handle successful Ed25519 handshakes.
Success cases only. Failure cases to come.
2016-11-03 08:40:09 -04:00
Nick Mathewson
99af260acc For testing: function to construct (but not save) Ed keys and certs 2016-11-03 08:40:09 -04:00
Nick Mathewson
67e66898d2 For testing: add a tor_x509_cert_dup(). 2016-11-03 08:39:31 -04:00
Nick Mathewson
88c2a6b936 Send and receive AUTHENTICATE cells correctly with ED keys.
Includes updated test for authchallenge cells
2016-11-03 08:39:31 -04:00
Nick Mathewson
e64bac6eb4 Increase TLS RSA link key length to 2048 bits
Oddly, nothing broke.

Closes ticket 13752.
2016-11-03 08:39:30 -04:00
Nick Mathewson
b4a5c77901 Verify ed25519 link handshake certificates
This code stores the ed certs as appropriate, and tries to check
them. The Ed25519 result is not yet used, and (because of its
behavior) this will break RSA authenticate cells.  That will get
fixed as we go, however.

This should implement 19157, but it needs tests, and it needs
to get wired in.
2016-11-03 08:39:28 -04:00
Nick Mathewson
99b3e54691 Add "Ed ID" arguments to a bunch of connection-ID-related fns.
In particular, these functions are the ones that set the identity of
a given connection or channel, and/or confirm that we have learned
said IDs.

There's a lot of stub code here: we don't actually need to use the
new keys till we start looking up connections/channels by Ed25519
IDs.  Still, we want to start passing the Ed25519 IDs in now, so it
makes sense to add these stubs as part of 15055.
2016-11-03 08:37:22 -04:00
Nick Mathewson
0704fa8a63 Handle u32 overflow in ed25519 cert expiration time.
The impact here isn't too bad. First, the only affected certs that
expire after 32-bit signed time overflows in Y2038. Second, it could
only make it seem that a non-expired cert is expired: it could never
make it seem that an expired cert was still live.

Fixes bug 20027; bugfix on 0.2.7.2-alpha.
2016-11-03 08:37:22 -04:00
Nick Mathewson
fae7060aea Fix a misfeature with the Ed cert expiration API
The batch-verification helper didn't expose the expiration time,
which made it pretty error-prone.

This closes ticket 15087.
2016-11-03 08:37:22 -04:00
Nick Mathewson
0b4221f98d Make the current time an argument to x509 cert-checking functions
This makes the code a bit cleaner by having more of the functions be
pure functions that don't depend on the current time.
2016-11-03 08:37:22 -04:00
Nick Mathewson
e3c8253721 Add function to check RSA->Ed cross-certifications
Also, adjust signing approach to more closely match the signing
scheme in the proposal.

(The format doesn't quite match the format in the proposal, since
RSA signatures aren't fixed-length.)

Closes 19020.
2016-11-03 08:37:22 -04:00
Nick Mathewson
348b90a915 Refactor RSA certificate checking into its own function. 2016-11-03 08:37:22 -04:00
Nick Mathewson
e94f1b4e0d Free rsa_ed_crosscert at exit.
Fixes bug 17779; bugfix on 0.2.7.2-alpha.
2016-11-03 08:37:21 -04:00
Nick Mathewson
e23389841c Migrate certificates into a sub-structure of or_handshake_state
This will help us do cert-checking in the background in the future,
perhaps.
2016-11-03 08:37:21 -04:00
Nick Mathewson
4ef42e7c52 Refactor ...compute_authenticate_cell_body() to return a var_cell_t.
This means we don't need to precompute the length.

Helps simplify the implementation of 19156.
2016-11-03 08:37:21 -04:00
Nick Mathewson
2bf6553949 Code to send correct authentication data when we are using AUTHTYPE>2
Implements the major part of 19156, except doesn't actually send the
new cell type yet.
2016-11-03 08:37:21 -04:00
Nick Mathewson
b004ff45d7 New authentication types to use RFC5705.
See proposal 244.  This feature lets us stop looking at the internals
of SSL objects, *and* should let us port better to more SSL libraries,
if they have RFC5705 support.

Preparatory for #19156
2016-11-03 08:37:20 -04:00
Nick Mathewson
fdd8f8df67 Send ed25519 certificates in certs cell, when we have them.
Implements 19155 (send CERTS cells correctly for Ed25519)

Also send RSA->Ed crosscert
2016-11-03 08:37:16 -04:00
Nick Mathewson
5205e95275 Refactor connection_or_send_certs_cell() to use trunnel
We no longer generate certs cells by pasting the certs together one
by one. Instead we use trunnel to generate them.

Preliminary work for 19155 (send CERTS cell with ed certs)
2016-11-03 08:35:40 -04:00
Nick Mathewson
986695fb74 When parsing certs cells, allow more certs types
Implements the parsing part of #19157
2016-11-03 08:35:36 -04:00
Ivan Markin
922bc45a56 hs: Added rend_service_is_ephemeral() and made related code use it
Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-11-02 10:01:35 -04:00
teor
0ee9049e94
Use the latest options in rend_service_check_private_dir
Fixup on both:
* Refactor, adding a create argument... and
* Check every hidden service directory's permissions...
2016-11-02 14:55:14 +11:00
teor
1747f28861
Check every hidden service directory's permissions when configuring
Previously, we would only check the last hidden service directory.

Fixes #20529, bugfix on ticket 13942 commit 85bfad1 in 0.2.6.2-alpha.
2016-11-02 14:32:04 +11:00
teor
01fe039b78
Test single onion service configs where the directory does not exist
Runs a test for each combination of create/don't create directories.

Tests #20484.
2016-11-02 14:17:52 +11:00
teor
13fbbe9cce
Make sure passthrough_test_setup doesn't inadvertently fail or skip tests
passthrough_test_setup doesn't pass through arguments if the argument
is equal to 0 or TT_SKIP. Instead, it fails or skips the test.

Assert on this, so we don't accidentally fail or skip tests.
2016-11-02 14:16:14 +11:00
teor
77e1d660ee
Add get_fname_rnd for unit tests that want a unique path every time 2016-11-02 14:14:19 +11:00
teor
d7634dc519
Create get_fname_suffix, and refactor get_fname to use it 2016-11-02 14:13:34 +11:00
teor
2f48693663
Improve comments in check_private_dir and onion poisoning
Comment changes only
2016-11-02 14:11:26 +11:00
teor
a906ff88a3
fixup! Refactor, adding a create argument to rend_service_check_private_dir 2016-11-02 14:10:52 +11:00
teor
fedafe7c0e
Use check_private_dir in test_single_onion_poisoning
This avoids Win32 conditionals for mkdir.
2016-11-02 11:37:11 +11:00
teor
6c54181559
Remove redundant group permission code from rend_service_check_private_dir
check_private_dir already does this for existing directories.
2016-11-02 11:20:49 +11:00
teor
c9db775243
Refactor, adding a create argument to rend_service_check_private_dir
It used to be rend_service_check_and_create_private_dir, which always
created the directory.

No behaviour change.
2016-11-02 11:20:19 +11:00
Nick Mathewson
b2f82d45b7 Always call connection_ap_attach_pending() once a second.
Fixes bug 19969; bugfix on b1d56fc58.  We can fix this some more in
later Tors, but for now, this is probably the simplest fix possible.

This is a belt-and-suspenders fix, where the earlier fix ("Ask
event_base_loop to finish when we add a pending stream") aims to respond
to new streams as soon as they arrive, and this one aims to make sure
that we definitely respond to all of the streams.
2016-11-01 20:09:44 -04:00
Roger Dingledine
d89804a69d Ask event_base_loop to finish when we add a pending stream
Fixes bug 19969; bugfix on b1d56fc58. We can fix this some more in
later Tors, but for now, this is probably the right fix for us.
2016-11-01 19:52:55 -04:00
Roger Dingledine
28b755e660 refactor out the tor_event_base_loopexit() call
no actual changes
2016-11-01 19:52:54 -04:00
Nick Mathewson
25f53955f6 Merge branch 'maint-0.2.9' 2016-11-01 13:32:29 -04:00
Nick Mathewson
ff3e08f2af Attempt to fix unit tests on netbsd 2016-11-01 13:32:21 -04:00
Nick Mathewson
cb35a7c271 Merge branch 'maint-0.2.9' 2016-11-01 13:05:45 -04:00
Nick Mathewson
733b245283 Merge remote-tracking branch 'teor/bug20472-029-v2' into maint-0.2.9 2016-11-01 13:05:33 -04:00
Nick Mathewson
db67867a81 Merge remote-tracking branch 'pastly/ticket20486' 2016-11-01 12:55:14 -04:00
Nick Mathewson
e6d84ac04f Merge branch 'maint-0.2.9' 2016-11-01 12:49:13 -04:00