Yawning Angel
53a347592a
ERR_remove_state() is deprecated since OpenSSL 1.0.0.
...
OpenSSL 1.1.0 must be built with "enable-deprecated", and compiled with
`OPENSSL_USE_DEPRECATED` for this to work, so instead, use the newer
routine as appropriate.
2015-05-13 11:13:07 -04:00
Yawning Angel
915c7438a7
Add "ADD_ONION"/"DEL_ONION" and "GETINFO onions/*" to the controller.
...
These commands allow for the creation and management of ephemeral
Onion ("Hidden") services that are either bound to the lifetime of
the originating control connection, or optionally the lifetime of
the tor instance.
Implements #6411 .
2015-04-28 10:19:08 -04:00
Nick Mathewson
9a81ed1d23
Fix some RNG function issues
2015-04-23 11:13:51 -04:00
Nick Mathewson
c3894473fe
whitespace fixes
2015-04-23 09:36:43 -04:00
Nick Mathewson
241e6b0937
Fix some conversion problems
2015-04-23 09:16:42 -04:00
Nick Mathewson
647b7d37c2
Merge remote-tracking branch 'public/bug15745_027_03'
2015-04-23 09:10:35 -04:00
Nick Mathewson
55118d90ca
Fix some implicit conversion warnings
2015-04-23 09:09:20 -04:00
Yawning Angel
196499da73
Use a custom Base64 encoder with more control over the output format.
2015-04-23 09:06:58 -04:00
Nick Mathewson
6bf31543dc
Make the crypto_rand_int_range return value right-exclusive.
2015-04-21 11:30:21 -04:00
David Goulet
3f41318472
Add crypto_rand_int_range() and use it
...
Incidently, this fixes a bug where the maximum value was never used when
only using crypto_rand_int(). For instance this example below in
rendservice.c never gets to INTRO_POINT_LIFETIME_MAX_SECONDS.
int intro_point_lifetime_seconds =
INTRO_POINT_LIFETIME_MIN_SECONDS +
crypto_rand_int(INTRO_POINT_LIFETIME_MAX_SECONDS -
INTRO_POINT_LIFETIME_MIN_SECONDS);
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-21 11:06:12 -04:00
Yawning Angel
ba2485f7df
Remove USE_OPENSSL_BASE64
and the associated code.
...
The alternative has been available since 2007, there's no way to
actually enable the ifdef, and it breaks on well formed but not OpenSSL
style inputs.
2015-04-10 09:12:47 +00:00
Nick Mathewson
cd8f13b5cb
Merge branch 'bug13736'
2015-04-01 13:46:50 -04:00
Nick Mathewson
baf24bf4d1
Unindent a block in crypto_set_tls_dh_prime
2015-04-01 13:40:37 -04:00
cypherpunks
5176f6f103
Remove relative paths to header files.
...
The paths are already in the directory search path of the compiler therefore no
need to include them in the source code.
2015-03-14 13:00:05 -04:00
Nick Mathewson
511ca9b91c
Remove DynamicDHGroups as obsoleted by PluggableTransports or P256.
...
Closes ticket 13736.
2015-03-14 12:40:55 -04:00
Nick Mathewson
e9caa8645e
Try to work around changes in openssl 1.1.0
...
Prefer not to use a couple of deprecated functions; include more
headers in tortls.c
This is part of ticket 14188.
2015-01-28 10:00:58 -05:00
Nick Mathewson
f54e54b0b4
Bump copyright dates to 2015, in case someday this matters.
2015-01-02 14:27:39 -05:00
Nick Mathewson
0965bbd5ac
Merge remote-tracking branch 'origin/maint-0.2.5'
2014-12-22 16:02:47 -05:00
Nick Mathewson
6d728ba880
Merge remote-tracking branch 'public/bug14013_024' into maint-0.2.5
2014-12-22 15:58:49 -05:00
Nick Mathewson
47760c7ba5
When decoding a base-{16,32,64} value, clear the target buffer first
...
This is a good idea in case the caller stupidly doesn't check the
return value from baseX_decode(), and as a workaround for the
current inconsistent API of base16_decode.
Prevents any fallout from bug 14013.
2014-12-22 12:56:35 -05:00
George Kadianakis
447ece46f5
Constify crypto_pk_get_digest().
2014-12-02 12:15:11 +00:00
rl1987
4b18d8931b
Downgrade RSA signature verification failure error message to info loglevel.
2014-11-09 17:39:23 +02:00
Nick Mathewson
fcdcb377a4
Add another year to our copyright dates.
...
Because in 95 years, we or our successors will surely care about
enforcing the BSD license terms on this code. Right?
2014-10-28 15:30:16 -04:00
teor
2e1f5c1fc0
Memwipe more keys after tor has finished with them
...
Ensure we securely wipe keys from memory after
crypto_digest_get_digest and init_curve25519_keypair_from_file
have finished using them.
Fixes bug 13477.
2014-10-20 03:06:28 +11:00
Nick Mathewson
90bce702ba
Merge remote-tracking branch 'public/bug10816'
2014-10-09 10:57:19 -04:00
Nick Mathewson
42350968a9
Drop check for NTE_BAD_KEYSET error
...
Any error when acquiring the CryptoAPI context should get treated as
bad. Also, this one can't happen for the arguments we're giving.
Fixes bug 10816; bugfix on 0.0.2pre26.
2014-08-29 13:24:29 -04:00
Nick Mathewson
e72a5b3c07
Move secret-to-key functionality into a separate module
...
I'm about to add more of these, so we might as well trudge forward.
2014-08-28 12:04:22 -04:00
Nick Mathewson
9b2d8c4e20
Rename secret_to_key to secret_to_key_rfc2440
2014-08-28 11:20:31 -04:00
Nick Mathewson
2bfd92d0d1
Apply coccinelle script to replace malloc(a*b)->calloc(a,b)
2014-08-13 10:39:56 -04:00
Nick Mathewson
58f4200789
Thread support is now required
...
Long ago we supported systems where there was no support for
threads, or where the threading library was broken. We shouldn't
have do that any more: on every OS that matters, threads exist, and
the OS supports running threads across multiple CPUs.
This resolves tickets 9495 and 12439. It's a prerequisite to making
our workqueue code work better, since sensible workqueue
implementations don't split across multiple processes.
2014-06-20 10:20:10 -04:00
Nick Mathewson
156eefca45
Make sure everything using an interned string is preceded by a log
...
(It's nice to know what we were about to rename before we died from
renaming it.)
2014-04-16 22:03:09 -04:00
Nick Mathewson
d5e11f21cc
Fix warnings from doxygen
...
Most of these are simple. The only nontrivial part is that our
pattern for using ENUM_BF was confusing doxygen by making declarations
that didn't look like declarations.
2014-03-25 11:27:43 -04:00
Roger Dingledine
c08b47977e
Never run crypto_early_init() more than once
...
Previously we had set up all the infrastructure to avoid calling it
after the first time, but didn't actually use it.
2014-03-23 00:38:17 -04:00
Roger Dingledine
d336d407d6
whitespace fix
2014-03-23 00:12:40 -04:00
Karsten Loesing
3ca5fe81e3
Write hashed bridge fingerprint to logs and to disk.
...
Implements #10884 .
2014-02-28 08:53:13 -05:00
Nick Mathewson
c1e98c8afe
Randomize the global siphash key at startup
...
This completes our conversion to using siphash for our hash functions.
2014-02-12 12:12:58 -05:00
Nick Mathewson
d3fb846d8c
Split crypto_global_init() into pre/post config
...
It's increasingly apparent that we want to make sure we initialize our
PRNG nice and early, or else OpenSSL will do it for us. (OpenSSL
doesn't do _too_ bad a job, but it's nice to do it ourselves.)
We'll also need this for making sure we initialize the siphash key
before we do any hashes.
2014-02-12 12:04:07 -05:00
Florent Daigniere
01132c93fd
Some anti-forensics paranoia...
...
sed -i 's/BN_free/BN_clear_free/g'
2014-02-06 16:09:12 -05:00
Florent Daigniere
9d6e805d28
Some anti-forensics paranoia...
...
sed -i 's/BN_free/BN_clear_free/g'
2014-02-03 10:44:19 -05:00
Nick Mathewson
85284c33d1
Merge remote-tracking branch 'origin/maint-0.2.4'
...
Conflicts:
src/common/crypto.c
2013-12-18 22:04:21 -05:00
Nick Mathewson
7b87003957
Never allow OpenSSL engines to replace the RAND_SSLeay method
...
This fixes bug 10402, where the rdrand engine would use the rdrand
instruction, not as an additional entropy source, but as a replacement
for the entire userspace PRNG. That's obviously stupid: even if you
don't think that RDRAND is a likely security risk, the right response
to an alleged new alleged entropy source is never to throw away all
previously used entropy sources.
Thanks to coderman and rl1987 for diagnosing and tracking this down.
2013-12-18 11:53:07 -05:00
Nick Mathewson
adf2fa9b49
Fix compilation under openssl 0.9.8
...
It's not nice to talk about NID_aes_{128,256}_{ctr,gcm} when they
don't exist.
Fix on 84458b79a78ea7e26820bf0; bug not in any released Tor.
2013-11-18 11:25:07 -05:00
Nick Mathewson
84458b79a7
Log more OpenSSL engine statuses at startup.
...
Fixes ticket 10043; patch from Joshua Datko.
2013-11-18 11:12:24 -05:00
Nick Mathewson
25a3ae922f
Merge remote-tracking branch 'Ryman/bug6384'
...
Conflicts:
src/or/config.c
src/or/main.c
2013-09-13 12:55:53 -04:00
Nick Mathewson
e0b2cd061b
Merge remote-tracking branch 'ctoader/gsoc-cap-stage2'
...
Conflicts:
src/common/sandbox.c
2013-09-13 12:31:41 -04:00
Kevin Butler
b539b37205
Fixed leak and added minor documentation for #6384 .
2013-09-04 02:56:06 +01:00
Kevin Butler
6e17fa6d7b
Added --library-versions flag to print the compile time and runtime versions of libevent, openssl and zlib. Partially implements #6384 .
2013-09-01 17:38:01 +01:00
Nick Mathewson
fd6749203e
More unit tests for handle_client_auth_nonce
...
Incidentally, this business here where I make crypto_rand mockable:
this is exactly the kind of thing that would make me never want to
include test-support stuff in production builds.
2013-08-15 12:03:37 -04:00
Cristian Toader
89b39db003
updated filters to work with orport
2013-08-09 19:07:20 +03:00
Nick Mathewson
a3e0a87d95
Completely refactor how FILENAME_PRIVATE works
...
We previously used FILENAME_PRIVATE identifiers mostly for
identifiers exposed only to the unit tests... but also for
identifiers exposed to the benchmarker, and sometimes for
identifiers exposed to a similar module, and occasionally for no
really good reason at all.
Now, we use FILENAME_PRIVATE identifiers for identifiers shared by
Tor and the unit tests. They should be defined static when we
aren't building the unit test, and globally visible otherwise. (The
STATIC macro will keep us honest here.)
For identifiers used only by the unit tests and never by Tor at all,
on the other hand, we wrap them in #ifdef TOR_UNIT_TESTS.
This is not the motivating use case for the split test/non-test
build system; it's just a test example to see how it works, and to
take a chance to clean up the code a little.
2013-07-10 15:20:10 -04:00
Nick Mathewson
7f9066ceee
Make OPENSSL_free(dh_string_repr) conditional.
2013-06-10 13:49:13 -04:00
Marek Majkowski
6f1c67195c
Bug #5170 - also simplify i2d_DHparams
2013-06-06 12:13:24 +01:00
Marek Majkowski
2132d036e3
Bug #5170 - i2d_RSAPublicKey supports allocating its own output buffer
2013-06-06 11:45:35 +01:00
Arlo Breault
0ab38b9366
Remove PK_PKCS1_PADDING
...
See #8792
2013-05-17 10:11:33 -04:00
Nick Mathewson
da30adcf0f
Merge remote-tracking branch 'origin/maint-0.2.4'
...
Conflicts:
src/common/crypto.c
2013-04-18 11:16:05 -04:00
Nick Mathewson
9fec0c1a95
Remove a double-newline
2013-04-18 11:14:05 -04:00
Nick Mathewson
8362f8854a
Merge branch 'less_charbuf_rebased' into maint-0.2.4
...
Conflicts:
src/or/dirserv.c
src/or/dirserv.h
src/test/test_dir.c
2013-04-18 11:13:36 -04:00
Nick Mathewson
e1128d905c
Fix a couple of documentation issues.
2013-04-18 11:04:57 -04:00
Nick Mathewson
cb75519bbf
Refactor dirobj signature generation
...
Now we can compute the hash and signature of a dirobj before
concatenating the smartlist, and we don't need to play silly games
with sigbuf and realloc any more.
2013-04-18 11:04:57 -04:00
Nick Mathewson
19d6650f81
Merge remote-tracking branch 'origin/maint-0.2.4'
2013-03-18 15:41:14 -04:00
Nick Mathewson
eff1cfaaf7
Merge remote-tracking branch 'public/bug6673' into maint-0.2.4
2013-03-18 15:40:50 -04:00
Nick Mathewson
b163e801bc
Merge remote-tracking branch 'origin/maint-0.2.4'
...
Conflicts:
src/or/routerlist.c
2013-03-15 12:20:17 -04:00
Nick Mathewson
fdafe11a25
Give an #error when we want threads and OpenSSL has disabled threads
...
Fixes ticket 6673.
2013-03-11 13:23:10 -04:00
Nick Mathewson
55ce9bff54
Remove unused check_fingerprint_syntax
2013-03-01 22:01:26 -05:00
Nick Mathewson
a05dc378e3
Remove unused HMAC-SHA1 function
...
(We're not adding any new SHA1 instances in our protocols, so this
should never actually be needed.)
2013-03-01 21:59:12 -05:00
Nick Mathewson
a4e9d67292
Remove some functions which were unused except for their tests
2013-02-23 23:38:43 -05:00
Nick Mathewson
365e302f61
Remove a bunch of unused macro definitions
2013-02-23 23:05:25 -05:00
Nick Mathewson
8cdd8b8353
Fix numerous problems with Tor's weak RNG.
...
We need a weak RNG in a couple of places where the strong RNG is
both needless and too slow. We had been using the weak RNG from our
platform's libc implementation, but that was problematic (because
many platforms have exceptionally horrible weak RNGs -- like, ones
that only return values between 0 and SHORT_MAX) and because we were
using it in a way that was wrong for LCG-based weak RNGs. (We were
counting on the low bits of the LCG output to be as random as the
high ones, which isn't true.)
This patch adds a separate type for a weak RNG, adds an LCG
implementation for it, and uses that exclusively where we had been
using the platform weak RNG.
2013-02-08 16:28:05 -05:00
Nick Mathewson
7301339e33
fix wide lines from tor_log rename
2013-02-01 16:19:02 -05:00
Nick Mathewson
a141430ec3
Rename log() to tor_log() for logging
...
This is meant to avoid conflict with the built-in log() function in
math.h. It resolves ticket 7599. First reported by dhill.
This was generated with the following perl script:
#!/usr/bin/perl -w -i -p
s/\blog\(LOG_(ERR|WARN|NOTICE|INFO|DEBUG)\s*,\s*/log_\L$1\(/g;
s/\blog\(/tor_log\(/g;
2013-02-01 15:43:37 -05:00
Nick Mathewson
e0581a4b57
Replace base-{16,32,64} with base{16,32,64} in the code
...
Patch from onizuka generated with
find ./ -type f -perm -u+rw -exec sed -ri 's/(Base)-(16|32|64)/\1\2/gi' {} \;
Fixes issue 6875 on Tor.
2013-01-17 16:08:28 -05:00
Nick Mathewson
b998431a33
Merge branch '024_msvc_squashed'
...
Conflicts:
src/or/or.h
srcwin32/orconfig.h
2013-01-16 22:32:12 -05:00
Nick Mathewson
5e06c4ee32
When building with MSVC, call every enum bitfield unsigned
...
Fixes bug 7305.
2013-01-16 22:29:39 -05:00
Nick Mathewson
4da083db3b
Update the copyright date to 201.
2013-01-16 01:54:56 -05:00
Nick Mathewson
b1bdecd703
Merge branch 'ntor-resquashed'
...
Conflicts:
src/or/cpuworker.c
src/or/or.h
src/test/bench.c
2013-01-03 11:52:41 -05:00
Nick Mathewson
25c05cb747
Refactor strong os-RNG into its own function
...
Previously, we only used the strong OS entropy source as part of
seeding OpenSSL's RNG. But with curve25519, we'll have occasion to
want to generate some keys using extremely-good entopy, as well as the
means to do so. So let's!
This patch refactors the OS-entropy wrapper into its own
crypto_strongest_rand() function, and makes our new
curve25519_secret_key_generate function try it as appropriate.
2013-01-02 14:11:13 -05:00
Sebastian Hahn
11e8a445c3
Fix a couple of harmless clang3.2 warnings
2012-12-31 18:23:28 +01:00
Nick Mathewson
6921d1fd25
Implement HKDF from RFC5869
...
This is a customizable extract-and-expand HMAC-KDF for deriving keys.
It derives from RFC5869, which derives its rationale from Krawczyk,
H., "Cryptographic Extraction and Key Derivation: The HKDF Scheme",
Proceedings of CRYPTO 2010, 2010, <http://eprint.iacr.org/2010/264 >.
I'm also renaming the existing KDF, now that Tor has two of them.
This is the key derivation scheme specified in ntor.
There are also unit tests.
2012-12-06 01:54:09 -05:00
Nick Mathewson
3c3084e165
Add a crypto_dh_dup, for benchmark support
2012-12-06 01:54:09 -05:00
Nick Mathewson
e6828ea634
Refer to RFC 4648 instead of the obsolete RFC 3548
...
Affects comments only. For ticket 6849.
2012-11-23 09:51:35 -05:00
Nick Mathewson
81deddb08c
Merge remote-tracking branch 'origin/maint-0.2.3'
...
Conflicts:
src/common/crypto.c
src/or/rendservice.c
2012-11-08 16:48:04 -05:00
Nick Mathewson
49dd5ef3a3
Add and use and unlikely-to-be-eliminated memwipe()
...
Apparently some compilers like to eliminate memset() operations on
data that's about to go out-of-scope. I've gone with the safest
possible replacement, which might be a bit slow. I don't think this
is critical path in any way that will affect performance, but if it
is, we can work on that in 0.2.4.
Fixes bug 7352.
2012-11-08 16:44:50 -05:00
Nick Mathewson
56c0baa523
Rename all reserved C identifiers we defined
...
For everything we declare that starts with _, make it end with _ instead.
This is a machine-generated patch. To make it, start by getting the
list of reserved identifiers using:
git ls-tree -r --name-only HEAD | grep '\.[ch]$' | \
xargs ctags --c-kinds=defglmpstuvx -o - | grep '^_' | \
cut -f 1 | sort| uniq
You might need gnu ctags.
Then pipe the output through this script:
==============================
use strict;
BEGIN { print "#!/usr/bin/perl -w -i -p\n\n"; }
chomp;
next if (
/^__attribute__/ or
/^__func__/ or
/^_FILE_OFFSET_BITS/ or
/^_FORTIFY_SOURCE/ or
/^_GNU_SOURCE/ or
/^_WIN32/ or
/^_DARWIN_UNLIMITED/ or
/^_FILE_OFFSET_BITS/ or
/^_LARGEFILE64_SOURCE/ or
/^_LFS64_LARGEFILE/ or
/^__cdecl/ or
/^__attribute__/ or
/^__func__/ or
/^_WIN32_WINNT/);
my $ident = $_;
my $better = $ident;
$better =~ s/^_//;
$better = "${better}_";
print "s/(?<![A-Za-z0-9_])$ident(?![A-Za-z0-9_])/$better/g;\n";
==============================
Then run the resulting script on all the files you want to change.
(That is, all the C except that in src/ext.) The resulting script was:
==============================
s/(?<![A-Za-z0-9_])_address(?![A-Za-z0-9_])/address_/g;
s/(?<![A-Za-z0-9_])_aes_fill_buf(?![A-Za-z0-9_])/aes_fill_buf_/g;
s/(?<![A-Za-z0-9_])_AllowInvalid(?![A-Za-z0-9_])/AllowInvalid_/g;
s/(?<![A-Za-z0-9_])_AP_CONN_STATE_MAX(?![A-Za-z0-9_])/AP_CONN_STATE_MAX_/g;
s/(?<![A-Za-z0-9_])_AP_CONN_STATE_MIN(?![A-Za-z0-9_])/AP_CONN_STATE_MIN_/g;
s/(?<![A-Za-z0-9_])_assert_cache_ok(?![A-Za-z0-9_])/assert_cache_ok_/g;
s/(?<![A-Za-z0-9_])_A_UNKNOWN(?![A-Za-z0-9_])/A_UNKNOWN_/g;
s/(?<![A-Za-z0-9_])_base(?![A-Za-z0-9_])/base_/g;
s/(?<![A-Za-z0-9_])_BridgePassword_AuthDigest(?![A-Za-z0-9_])/BridgePassword_AuthDigest_/g;
s/(?<![A-Za-z0-9_])_buffer_stats_compare_entries(?![A-Za-z0-9_])/buffer_stats_compare_entries_/g;
s/(?<![A-Za-z0-9_])_chan_circid_entries_eq(?![A-Za-z0-9_])/chan_circid_entries_eq_/g;
s/(?<![A-Za-z0-9_])_chan_circid_entry_hash(?![A-Za-z0-9_])/chan_circid_entry_hash_/g;
s/(?<![A-Za-z0-9_])_check_no_tls_errors(?![A-Za-z0-9_])/check_no_tls_errors_/g;
s/(?<![A-Za-z0-9_])_c_hist_compare(?![A-Za-z0-9_])/c_hist_compare_/g;
s/(?<![A-Za-z0-9_])_circ(?![A-Za-z0-9_])/circ_/g;
s/(?<![A-Za-z0-9_])_circuit_get_global_list(?![A-Za-z0-9_])/circuit_get_global_list_/g;
s/(?<![A-Za-z0-9_])_circuit_mark_for_close(?![A-Za-z0-9_])/circuit_mark_for_close_/g;
s/(?<![A-Za-z0-9_])_CIRCUIT_PURPOSE_C_MAX(?![A-Za-z0-9_])/CIRCUIT_PURPOSE_C_MAX_/g;
s/(?<![A-Za-z0-9_])_CIRCUIT_PURPOSE_MAX(?![A-Za-z0-9_])/CIRCUIT_PURPOSE_MAX_/g;
s/(?<![A-Za-z0-9_])_CIRCUIT_PURPOSE_MIN(?![A-Za-z0-9_])/CIRCUIT_PURPOSE_MIN_/g;
s/(?<![A-Za-z0-9_])_CIRCUIT_PURPOSE_OR_MAX(?![A-Za-z0-9_])/CIRCUIT_PURPOSE_OR_MAX_/g;
s/(?<![A-Za-z0-9_])_CIRCUIT_PURPOSE_OR_MIN(?![A-Za-z0-9_])/CIRCUIT_PURPOSE_OR_MIN_/g;
s/(?<![A-Za-z0-9_])_cmp_int_strings(?![A-Za-z0-9_])/cmp_int_strings_/g;
s/(?<![A-Za-z0-9_])_compare_cached_resolves_by_expiry(?![A-Za-z0-9_])/compare_cached_resolves_by_expiry_/g;
s/(?<![A-Za-z0-9_])_compare_digests(?![A-Za-z0-9_])/compare_digests_/g;
s/(?<![A-Za-z0-9_])_compare_digests256(?![A-Za-z0-9_])/compare_digests256_/g;
s/(?<![A-Za-z0-9_])_compare_dir_src_ents_by_authority_id(?![A-Za-z0-9_])/compare_dir_src_ents_by_authority_id_/g;
s/(?<![A-Za-z0-9_])_compare_duration_idx(?![A-Za-z0-9_])/compare_duration_idx_/g;
s/(?<![A-Za-z0-9_])_compare_int(?![A-Za-z0-9_])/compare_int_/g;
s/(?<![A-Za-z0-9_])_compare_networkstatus_v2_published_on(?![A-Za-z0-9_])/compare_networkstatus_v2_published_on_/g;
s/(?<![A-Za-z0-9_])_compare_old_routers_by_identity(?![A-Za-z0-9_])/compare_old_routers_by_identity_/g;
s/(?<![A-Za-z0-9_])_compare_orports(?![A-Za-z0-9_])/compare_orports_/g;
s/(?<![A-Za-z0-9_])_compare_pairs(?![A-Za-z0-9_])/compare_pairs_/g;
s/(?<![A-Za-z0-9_])_compare_routerinfo_by_id_digest(?![A-Za-z0-9_])/compare_routerinfo_by_id_digest_/g;
s/(?<![A-Za-z0-9_])_compare_routerinfo_by_ip_and_bw(?![A-Za-z0-9_])/compare_routerinfo_by_ip_and_bw_/g;
s/(?<![A-Za-z0-9_])_compare_signed_descriptors_by_age(?![A-Za-z0-9_])/compare_signed_descriptors_by_age_/g;
s/(?<![A-Za-z0-9_])_compare_string_ptrs(?![A-Za-z0-9_])/compare_string_ptrs_/g;
s/(?<![A-Za-z0-9_])_compare_strings_for_pqueue(?![A-Za-z0-9_])/compare_strings_for_pqueue_/g;
s/(?<![A-Za-z0-9_])_compare_strs(?![A-Za-z0-9_])/compare_strs_/g;
s/(?<![A-Za-z0-9_])_compare_tor_version_str_ptr(?![A-Za-z0-9_])/compare_tor_version_str_ptr_/g;
s/(?<![A-Za-z0-9_])_compare_vote_rs(?![A-Za-z0-9_])/compare_vote_rs_/g;
s/(?<![A-Za-z0-9_])_compare_votes_by_authority_id(?![A-Za-z0-9_])/compare_votes_by_authority_id_/g;
s/(?<![A-Za-z0-9_])_compare_without_first_ch(?![A-Za-z0-9_])/compare_without_first_ch_/g;
s/(?<![A-Za-z0-9_])_connection_free(?![A-Za-z0-9_])/connection_free_/g;
s/(?<![A-Za-z0-9_])_connection_mark_and_flush(?![A-Za-z0-9_])/connection_mark_and_flush_/g;
s/(?<![A-Za-z0-9_])_connection_mark_for_close(?![A-Za-z0-9_])/connection_mark_for_close_/g;
s/(?<![A-Za-z0-9_])_connection_mark_unattached_ap(?![A-Za-z0-9_])/connection_mark_unattached_ap_/g;
s/(?<![A-Za-z0-9_])_connection_write_to_buf_impl(?![A-Za-z0-9_])/connection_write_to_buf_impl_/g;
s/(?<![A-Za-z0-9_])_ConnLimit(?![A-Za-z0-9_])/ConnLimit_/g;
s/(?<![A-Za-z0-9_])_CONN_TYPE_MAX(?![A-Za-z0-9_])/CONN_TYPE_MAX_/g;
s/(?<![A-Za-z0-9_])_CONN_TYPE_MIN(?![A-Za-z0-9_])/CONN_TYPE_MIN_/g;
s/(?<![A-Za-z0-9_])_CONTROL_CONN_STATE_MAX(?![A-Za-z0-9_])/CONTROL_CONN_STATE_MAX_/g;
s/(?<![A-Za-z0-9_])_CONTROL_CONN_STATE_MIN(?![A-Za-z0-9_])/CONTROL_CONN_STATE_MIN_/g;
s/(?<![A-Za-z0-9_])_CPUWORKER_STATE_MAX(?![A-Za-z0-9_])/CPUWORKER_STATE_MAX_/g;
s/(?<![A-Za-z0-9_])_CPUWORKER_STATE_MIN(?![A-Za-z0-9_])/CPUWORKER_STATE_MIN_/g;
s/(?<![A-Za-z0-9_])_crypto_dh_get_dh(?![A-Za-z0-9_])/crypto_dh_get_dh_/g;
s/(?<![A-Za-z0-9_])_crypto_global_initialized(?![A-Za-z0-9_])/crypto_global_initialized_/g;
s/(?<![A-Za-z0-9_])_crypto_new_pk_from_rsa(?![A-Za-z0-9_])/crypto_new_pk_from_rsa_/g;
s/(?<![A-Za-z0-9_])_crypto_pk_get_evp_pkey(?![A-Za-z0-9_])/crypto_pk_get_evp_pkey_/g;
s/(?<![A-Za-z0-9_])_crypto_pk_get_rsa(?![A-Za-z0-9_])/crypto_pk_get_rsa_/g;
s/(?<![A-Za-z0-9_])_DIR_CONN_STATE_MAX(?![A-Za-z0-9_])/DIR_CONN_STATE_MAX_/g;
s/(?<![A-Za-z0-9_])_DIR_CONN_STATE_MIN(?![A-Za-z0-9_])/DIR_CONN_STATE_MIN_/g;
s/(?<![A-Za-z0-9_])_DIR_PURPOSE_MAX(?![A-Za-z0-9_])/DIR_PURPOSE_MAX_/g;
s/(?<![A-Za-z0-9_])_DIR_PURPOSE_MIN(?![A-Za-z0-9_])/DIR_PURPOSE_MIN_/g;
s/(?<![A-Za-z0-9_])_dirreq_map_get(?![A-Za-z0-9_])/dirreq_map_get_/g;
s/(?<![A-Za-z0-9_])_dirreq_map_put(?![A-Za-z0-9_])/dirreq_map_put_/g;
s/(?<![A-Za-z0-9_])_dns_randfn(?![A-Za-z0-9_])/dns_randfn_/g;
s/(?<![A-Za-z0-9_])_dummy(?![A-Za-z0-9_])/dummy_/g;
s/(?<![A-Za-z0-9_])_edge(?![A-Za-z0-9_])/edge_/g;
s/(?<![A-Za-z0-9_])_END_CIRC_REASON_MAX(?![A-Za-z0-9_])/END_CIRC_REASON_MAX_/g;
s/(?<![A-Za-z0-9_])_END_CIRC_REASON_MIN(?![A-Za-z0-9_])/END_CIRC_REASON_MIN_/g;
s/(?<![A-Za-z0-9_])_EOF(?![A-Za-z0-9_])/EOF_/g;
s/(?<![A-Za-z0-9_])_ERR(?![A-Za-z0-9_])/ERR_/g;
s/(?<![A-Za-z0-9_])_escaped_val(?![A-Za-z0-9_])/escaped_val_/g;
s/(?<![A-Za-z0-9_])_evdns_log(?![A-Za-z0-9_])/evdns_log_/g;
s/(?<![A-Za-z0-9_])_evdns_nameserver_add_impl(?![A-Za-z0-9_])/evdns_nameserver_add_impl_/g;
s/(?<![A-Za-z0-9_])_EVENT_MAX(?![A-Za-z0-9_])/EVENT_MAX_/g;
s/(?<![A-Za-z0-9_])_EVENT_MIN(?![A-Za-z0-9_])/EVENT_MIN_/g;
s/(?<![A-Za-z0-9_])_ExcludeExitNodesUnion(?![A-Za-z0-9_])/ExcludeExitNodesUnion_/g;
s/(?<![A-Za-z0-9_])_EXIT_CONN_STATE_MAX(?![A-Za-z0-9_])/EXIT_CONN_STATE_MAX_/g;
s/(?<![A-Za-z0-9_])_EXIT_CONN_STATE_MIN(?![A-Za-z0-9_])/EXIT_CONN_STATE_MIN_/g;
s/(?<![A-Za-z0-9_])_EXIT_PURPOSE_MAX(?![A-Za-z0-9_])/EXIT_PURPOSE_MAX_/g;
s/(?<![A-Za-z0-9_])_EXIT_PURPOSE_MIN(?![A-Za-z0-9_])/EXIT_PURPOSE_MIN_/g;
s/(?<![A-Za-z0-9_])_extrainfo_free(?![A-Za-z0-9_])/extrainfo_free_/g;
s/(?<![A-Za-z0-9_])_find_by_keyword(?![A-Za-z0-9_])/find_by_keyword_/g;
s/(?<![A-Za-z0-9_])_free_cached_dir(?![A-Za-z0-9_])/free_cached_dir_/g;
s/(?<![A-Za-z0-9_])_free_cached_resolve(?![A-Za-z0-9_])/free_cached_resolve_/g;
s/(?<![A-Za-z0-9_])_free_duplicate_routerstatus_entry(?![A-Za-z0-9_])/free_duplicate_routerstatus_entry_/g;
s/(?<![A-Za-z0-9_])_free_link_history(?![A-Za-z0-9_])/free_link_history_/g;
s/(?<![A-Za-z0-9_])_geoip_compare_entries(?![A-Za-z0-9_])/geoip_compare_entries_/g;
s/(?<![A-Za-z0-9_])_geoip_compare_key_to_entry(?![A-Za-z0-9_])/geoip_compare_key_to_entry_/g;
s/(?<![A-Za-z0-9_])_hex_decode_digit(?![A-Za-z0-9_])/hex_decode_digit_/g;
s/(?<![A-Za-z0-9_])_idxplus1(?![A-Za-z0-9_])/idxplus1_/g;
s/(?<![A-Za-z0-9_])__libc_enable_secure(?![A-Za-z0-9_])/_libc_enable_secure_/g;
s/(?<![A-Za-z0-9_])_log_debug(?![A-Za-z0-9_])/log_debug_/g;
s/(?<![A-Za-z0-9_])_log_err(?![A-Za-z0-9_])/log_err_/g;
s/(?<![A-Za-z0-9_])_log_fn(?![A-Za-z0-9_])/log_fn_/g;
s/(?<![A-Za-z0-9_])_log_fn_function_name(?![A-Za-z0-9_])/log_fn_function_name_/g;
s/(?<![A-Za-z0-9_])_log_global_min_severity(?![A-Za-z0-9_])/log_global_min_severity_/g;
s/(?<![A-Za-z0-9_])_log_info(?![A-Za-z0-9_])/log_info_/g;
s/(?<![A-Za-z0-9_])_log_notice(?![A-Za-z0-9_])/log_notice_/g;
s/(?<![A-Za-z0-9_])_log_prefix(?![A-Za-z0-9_])/log_prefix_/g;
s/(?<![A-Za-z0-9_])_log_warn(?![A-Za-z0-9_])/log_warn_/g;
s/(?<![A-Za-z0-9_])_magic(?![A-Za-z0-9_])/magic_/g;
s/(?<![A-Za-z0-9_])_MALLOC_LOCK(?![A-Za-z0-9_])/MALLOC_LOCK_/g;
s/(?<![A-Za-z0-9_])_MALLOC_LOCK_INIT(?![A-Za-z0-9_])/MALLOC_LOCK_INIT_/g;
s/(?<![A-Za-z0-9_])_MALLOC_UNLOCK(?![A-Za-z0-9_])/MALLOC_UNLOCK_/g;
s/(?<![A-Za-z0-9_])_microdesc_eq(?![A-Za-z0-9_])/microdesc_eq_/g;
s/(?<![A-Za-z0-9_])_microdesc_hash(?![A-Za-z0-9_])/microdesc_hash_/g;
s/(?<![A-Za-z0-9_])_MIN_TOR_TLS_ERROR_VAL(?![A-Za-z0-9_])/MIN_TOR_TLS_ERROR_VAL_/g;
s/(?<![A-Za-z0-9_])_mm_free(?![A-Za-z0-9_])/mm_free_/g;
s/(?<![A-Za-z0-9_])_NIL(?![A-Za-z0-9_])/NIL_/g;
s/(?<![A-Za-z0-9_])_n_openssl_mutexes(?![A-Za-z0-9_])/n_openssl_mutexes_/g;
s/(?<![A-Za-z0-9_])_openssl_dynlock_create_cb(?![A-Za-z0-9_])/openssl_dynlock_create_cb_/g;
s/(?<![A-Za-z0-9_])_openssl_dynlock_destroy_cb(?![A-Za-z0-9_])/openssl_dynlock_destroy_cb_/g;
s/(?<![A-Za-z0-9_])_openssl_dynlock_lock_cb(?![A-Za-z0-9_])/openssl_dynlock_lock_cb_/g;
s/(?<![A-Za-z0-9_])_openssl_locking_cb(?![A-Za-z0-9_])/openssl_locking_cb_/g;
s/(?<![A-Za-z0-9_])_openssl_mutexes(?![A-Za-z0-9_])/openssl_mutexes_/g;
s/(?<![A-Za-z0-9_])_option_abbrevs(?![A-Za-z0-9_])/option_abbrevs_/g;
s/(?<![A-Za-z0-9_])_option_vars(?![A-Za-z0-9_])/option_vars_/g;
s/(?<![A-Za-z0-9_])_OR_CONN_STATE_MAX(?![A-Za-z0-9_])/OR_CONN_STATE_MAX_/g;
s/(?<![A-Za-z0-9_])_OR_CONN_STATE_MIN(?![A-Za-z0-9_])/OR_CONN_STATE_MIN_/g;
s/(?<![A-Za-z0-9_])_OutboundBindAddressIPv4(?![A-Za-z0-9_])/OutboundBindAddressIPv4_/g;
s/(?<![A-Za-z0-9_])_OutboundBindAddressIPv6(?![A-Za-z0-9_])/OutboundBindAddressIPv6_/g;
s/(?<![A-Za-z0-9_])_PDS_PREFER_TUNNELED_DIR_CONNS(?![A-Za-z0-9_])/PDS_PREFER_TUNNELED_DIR_CONNS_/g;
s/(?<![A-Za-z0-9_])_port(?![A-Za-z0-9_])/port_/g;
s/(?<![A-Za-z0-9_])__progname(?![A-Za-z0-9_])/_progname_/g;
s/(?<![A-Za-z0-9_])_PublishServerDescriptor(?![A-Za-z0-9_])/PublishServerDescriptor_/g;
s/(?<![A-Za-z0-9_])_remove_old_client_helper(?![A-Za-z0-9_])/remove_old_client_helper_/g;
s/(?<![A-Za-z0-9_])_rend_cache_entry_free(?![A-Za-z0-9_])/rend_cache_entry_free_/g;
s/(?<![A-Za-z0-9_])_routerlist_find_elt(?![A-Za-z0-9_])/routerlist_find_elt_/g;
s/(?<![A-Za-z0-9_])_SafeLogging(?![A-Za-z0-9_])/SafeLogging_/g;
s/(?<![A-Za-z0-9_])_SHORT_FILE_(?![A-Za-z0-9_])/SHORT_FILE__/g;
s/(?<![A-Za-z0-9_])_state_abbrevs(?![A-Za-z0-9_])/state_abbrevs_/g;
s/(?<![A-Za-z0-9_])_state_vars(?![A-Za-z0-9_])/state_vars_/g;
s/(?<![A-Za-z0-9_])_t(?![A-Za-z0-9_])/t_/g;
s/(?<![A-Za-z0-9_])_t32(?![A-Za-z0-9_])/t32_/g;
s/(?<![A-Za-z0-9_])_test_op_ip6(?![A-Za-z0-9_])/test_op_ip6_/g;
s/(?<![A-Za-z0-9_])_thread1_name(?![A-Za-z0-9_])/thread1_name_/g;
s/(?<![A-Za-z0-9_])_thread2_name(?![A-Za-z0-9_])/thread2_name_/g;
s/(?<![A-Za-z0-9_])_thread_test_func(?![A-Za-z0-9_])/thread_test_func_/g;
s/(?<![A-Za-z0-9_])_thread_test_mutex(?![A-Za-z0-9_])/thread_test_mutex_/g;
s/(?<![A-Za-z0-9_])_thread_test_start1(?![A-Za-z0-9_])/thread_test_start1_/g;
s/(?<![A-Za-z0-9_])_thread_test_start2(?![A-Za-z0-9_])/thread_test_start2_/g;
s/(?<![A-Za-z0-9_])_thread_test_strmap(?![A-Za-z0-9_])/thread_test_strmap_/g;
s/(?<![A-Za-z0-9_])_tor_calloc(?![A-Za-z0-9_])/tor_calloc_/g;
s/(?<![A-Za-z0-9_])_TOR_CHANNEL_INTERNAL(?![A-Za-z0-9_])/TOR_CHANNEL_INTERNAL_/g;
s/(?<![A-Za-z0-9_])_TOR_CIRCUITMUX_EWMA_C(?![A-Za-z0-9_])/TOR_CIRCUITMUX_EWMA_C_/g;
s/(?<![A-Za-z0-9_])_tor_free(?![A-Za-z0-9_])/tor_free_/g;
s/(?<![A-Za-z0-9_])_tor_malloc(?![A-Za-z0-9_])/tor_malloc_/g;
s/(?<![A-Za-z0-9_])_tor_malloc_zero(?![A-Za-z0-9_])/tor_malloc_zero_/g;
s/(?<![A-Za-z0-9_])_tor_memdup(?![A-Za-z0-9_])/tor_memdup_/g;
s/(?<![A-Za-z0-9_])_tor_realloc(?![A-Za-z0-9_])/tor_realloc_/g;
s/(?<![A-Za-z0-9_])_tor_strdup(?![A-Za-z0-9_])/tor_strdup_/g;
s/(?<![A-Za-z0-9_])_tor_strndup(?![A-Za-z0-9_])/tor_strndup_/g;
s/(?<![A-Za-z0-9_])_TOR_TLS_SYSCALL(?![A-Za-z0-9_])/TOR_TLS_SYSCALL_/g;
s/(?<![A-Za-z0-9_])_TOR_TLS_ZERORETURN(?![A-Za-z0-9_])/TOR_TLS_ZERORETURN_/g;
s/(?<![A-Za-z0-9_])__USE_ISOC99(?![A-Za-z0-9_])/_USE_ISOC99_/g;
s/(?<![A-Za-z0-9_])_UsingTestNetworkDefaults(?![A-Za-z0-9_])/UsingTestNetworkDefaults_/g;
s/(?<![A-Za-z0-9_])_val(?![A-Za-z0-9_])/val_/g;
s/(?<![A-Za-z0-9_])_void_for_alignment(?![A-Za-z0-9_])/void_for_alignment_/g;
==============================
2012-10-12 12:22:13 -04:00
Andrea Shepard
5543c5b202
Fix formatting in various places after 6465/6816 work
2012-10-10 00:48:36 -07:00
Nick Mathewson
751b3aabb5
Merge remote-tracking branch 'public/openssl_1_is_best'
2012-10-04 12:50:41 -04:00
Robert Ransom
cd884c764b
Fix documentation for crypto_pk_cmp_keys
...
Now that crypto_pk_cmp_keys might return the result of tor_memcmp, there
is no guarantee that it will only return -1, 0, or 1. (It currently does
only return -1, 0, or 1, but that's a lucky accident due to details of the
current implementation of tor_memcmp and the particular input given to it.)
Fortunately, none of crypto_pk_cmp_keys's callers rely on this behaviour,
so changing its documentation is sufficient.
2012-09-17 11:02:53 -04:00
Robert Ransom
62babcaf0a
Implement and use crypto_pk_eq_keys
2012-09-17 11:02:53 -04:00
Robert Ransom
f3916a6855
Make crypto_pk_cmp_keys do something sane for NULL keys
...
Fixes bug 4283; bugfix on r76
(Git commit 01aadefbfc
).
2012-09-17 11:02:52 -04:00
Nick Mathewson
be68c1fb43
Log a notice if we're running with OpenSSL before 1.0.0.
...
These versions have some dubious, slow crypto implementations; 1.0.0
is a great improvement, and at this point is pretty mature.
2012-09-12 19:32:24 -04:00
Nick Mathewson
feabf4148f
Drop support for openssl 0.9.7
...
097 hasn't seen a new version since 2007; we can drop support too.
This lets us remove our built-in sha256 implementation, and some
checks for old bugs.
2012-09-12 19:25:58 -04:00
Nick Mathewson
7607ad2bec
Detect openssl header version doesn't match runtime version
...
We already do this for libevent; let's do it for openssl too.
For now, I'm making it always a warn, since this has caused some
problems in the past. Later, we can see about making it less severe.
2012-09-06 11:31:30 -04:00
Nick Mathewson
e3a130a7eb
Don't log about Libevent/OpenSSL initialization when all's well
...
OTOH, log the Libevent and OpenSSL versions on the first line when
we're starting Tor.
2012-09-06 11:31:22 -04:00
Nick Mathewson
20d6f787aa
Fix "make check-spaces" issues
2012-06-05 00:49:18 -04:00
Nick Mathewson
0fa107a6aa
Update copyright dates to 2012; add a few missing copyright statements
2012-06-04 20:58:17 -04:00
Nick Mathewson
173b18c79b
Add about 60 more DOCDOC comments to 0.2.3
...
Also, try to resolve some doxygen issues. First, define a magic
"This is doxygen!" macro so that we take the correct branch in
various #if/#else/#endifs in order to get the right documentation.
Second, add in a few grouping @{ and @} entries in order to get some
variables and fields to get grouped together.
2012-06-04 19:59:08 -04:00
Sebastian Hahn
a5a8296892
Fix clang 3.1 compile warning in crypto.c
...
(Tweaked by nickm)
2012-05-30 11:56:43 -04:00
Nick Mathewson
21e3261914
Bump _WIN32_WINNT to 0x0501 throughout the code
...
This tells the windows headers to give us definitions that didn't
exist before XP -- like the ones that we need for IPv6 support.
See bug #5861 . We didn't run into this issue with mingw, since
mingw doesn't respect _WIN32_WINNT as well as it should for some of
its definitions.
2012-05-14 13:46:37 -04:00
Nick Mathewson
9ffccb3f49
Remove all instances of WIN32_WINNT (without leading _)
...
We started adding it in 59e2c77824
back in 2004, 8 years and 3
days ago. It's time to deprogram ourselves from this cargo cult.
2012-05-14 13:36:52 -04:00
Nick Mathewson
4db5a1e151
Remove needless check for a buffer that could not be NULL.
...
Fixes coverity CID 508: coverity scan doesn't like checking a
variable for non-NULL after it has been definitely dereferenced.
This should take us back down to zero coverity issues.
2012-04-18 10:38:39 -04:00
Nick Mathewson
ab3197c059
Remove a couple redundant NULL-checks before crypto_cipher_free
...
Calling crypto_cipher_free(NULL) is always safe, since (by
convention) all of our xyz_free() functions treat xyz_free(NULL) as
a no-op.
Flagged by coverity scan; fixes CID 508 and 509.
2012-03-30 10:16:58 -04:00