Nick Mathewson
3b704fd166
Merge branch 'prop176-v2'
2011-10-10 23:22:25 -04:00
Nick Mathewson
8af0cfc10d
Add some points to make it easy to turn off v3 support
2011-10-10 23:14:32 -04:00
Nick Mathewson
cc07b5a129
Changes file for prop176 branch
2011-10-10 23:14:32 -04:00
Sebastian Hahn
35fe4825fc
Quiet two notices, and spelling mistake cleanup
2011-10-10 23:14:31 -04:00
Sebastian Hahn
66200320ff
Fix a few 64bit compiler warnings
2011-10-10 23:14:31 -04:00
Nick Mathewson
1bd65680bd
Add more log statements for protocol/internal failures
2011-10-10 23:14:31 -04:00
Nick Mathewson
059d3d0613
Remove auth_challenge field from or_handshake_state_t
...
We didn't need to record this value; it was already recorded
implicitly while computing cell digests for later examination in the
authenticate cells.
2011-10-10 23:14:31 -04:00
Nick Mathewson
d79ff2ce94
spec conformance: allow only one cert of each type
2011-10-10 23:14:31 -04:00
Nick Mathewson
e56d7a3809
Give tor_cert_get_id_digests() fail-fast behavior
...
Right now we can take the digests only of an RSA key, and only expect to
take the digests of an RSA key. The old tor_cert_get_id_digests() would
return a good set of digests for an RSA key, and an all-zero one for a
non-RSA key. This behavior is too error-prone: it carries the risk that
we will someday check two non-RSA keys for equality and conclude that
they must be equal because they both have the same (zero) "digest".
Instead, let's have tor_cert_get_id_digests() return NULL for keys we
can't handle, and make its callers explicitly test for NULL.
2011-10-10 23:14:31 -04:00
Nick Mathewson
40f0d111c2
Fix some more issues wrt tor_cert_new found by asn
2011-10-10 23:14:30 -04:00
Nick Mathewson
ce102f7a59
Make more safe_str usage happen for new logs in command.c
2011-10-10 23:14:30 -04:00
Nick Mathewson
23664fb3b8
Set up network parameters on non-authenticated incoming connections
...
Also add some info log messages for the steps of the v3 handshake.
Now my test network bootstraps!
2011-10-10 23:14:30 -04:00
Nick Mathewson
7aadae606b
Make sure we stop putting cells into our hash at the right time.
2011-10-10 23:14:30 -04:00
Nick Mathewson
41b250d7ea
Bugfixes for authenticate handling and generation
2011-10-10 23:14:30 -04:00
Nick Mathewson
610cb0ecc4
Fix log message about what cells we are sending
2011-10-10 23:14:30 -04:00
Nick Mathewson
f726c67dd4
more verbose log for recording an odd cell
2011-10-10 23:14:30 -04:00
Nick Mathewson
40f343e176
Actually accept cells in SERVER_RENEGOTIATING
2011-10-10 23:14:29 -04:00
Nick Mathewson
6bfb31ff56
Generate certificates that enable v3 handshake
2011-10-10 23:14:29 -04:00
Nick Mathewson
7935c4bdfa
Allow "finished flushing" during v3 handshake
2011-10-10 23:14:29 -04:00
Nick Mathewson
83bb9742b5
Hook up all of the prop176 code; allow v3 negotiations to actually work
2011-10-10 23:14:18 -04:00
Nick Mathewson
445f947890
Remove a no-longer-relevant comment
2011-10-10 23:14:17 -04:00
Nick Mathewson
9a77ebc794
Make tor_tls_cert_is_valid check key lengths
2011-10-10 23:14:17 -04:00
Nick Mathewson
3f22ec179c
New functions to record digests of cells during v3 handshake
...
Also, free all of the new fields in or_handshake_state_t
2011-10-10 23:14:17 -04:00
Nick Mathewson
6c7f28454e
Implement cert/auth cell reading
2011-10-10 23:14:17 -04:00
Nick Mathewson
81024f43ec
Basic function to write authenticate cells
...
Also, tweak the cert cell code to send auth certs
2011-10-10 23:14:16 -04:00
Nick Mathewson
e48e47fa03
Function to return peer cert as tor_tls_cert
2011-10-10 23:14:16 -04:00
Nick Mathewson
a6fc5059cd
Add AUTH keys as specified in proposal 176
...
Our keys and x.509 certs are proliferating here. Previously we had:
An ID cert (using the main ID key), self-signed
A link cert (using a shorter-term link key), signed by the ID key
Once proposal 176 and 179 are done, we will also have:
Optionally, a presentation cert (using the link key),
signed by whomever.
An authentication cert (using a shorter-term ID key), signed by
the ID key.
These new keys are managed as part of the tls context infrastructure,
since you want to rotate them under exactly the same circumstances,
and since they need X509 certificates.
2011-10-10 23:14:16 -04:00
Nick Mathewson
0a4f562772
Functions to get a public RSA key from a cert
2011-10-10 23:14:16 -04:00
Nick Mathewson
92602345e0
Function to detect certificate types that signal v3 certificates
2011-10-10 23:14:10 -04:00
Nick Mathewson
8c9fdecfe9
Function to get digests of the certs and their keys
2011-10-10 23:14:10 -04:00
Nick Mathewson
f4c1fa2a04
More functions to manipulate certs received in cells
2011-10-10 23:14:10 -04:00
Nick Mathewson
c39688de6c
Function to extract the TLSSECRETS field for v3 handshakes
2011-10-10 23:14:10 -04:00
Nick Mathewson
df78daa5da
Functions to send cert and auth_challenge cells.
2011-10-10 23:14:10 -04:00
Nick Mathewson
1b0645acba
Cell types and states for new OR handshake
...
Also, define all commands > 128 as variable-length when using
v3 or later link protocol. Running into a var cell with an
unrecognized type is no longer a bug.
2011-10-10 23:14:09 -04:00
Nick Mathewson
fdbb9cdf74
Add a sha256 hmac function, with tests
2011-10-10 23:14:09 -04:00
Nick Mathewson
c0bbcf138f
Turn X509 certificates into a first-class type and add some functions
2011-10-10 23:14:02 -04:00
Nick Mathewson
dcf69a9e12
New function to get all digests of a public key
2011-10-10 23:14:02 -04:00
Nick Mathewson
bc2d9357f5
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-10-10 22:50:52 -04:00
Nick Mathewson
b5edc838f2
Merge remote-tracking branch 'sebastian/osxcompile'
2011-10-10 22:03:20 -04:00
Sebastian Hahn
b4bd836f46
Consider hibernation before dropping privs
...
Without this patch, Tor wasn't sure whether it would be hibernating or
not, so it postponed opening listeners until after the privs had been
dropped. This doesn't work so well for low ports. Bug was introduced in
the fix for bug 2003. Fixes bug 4217, reported by Zax and katmagic.
Thanks!
2011-10-11 02:42:12 +02:00
Sebastian Hahn
cce85c819b
Fix a compile warning on OS X 10.6 and up
2011-10-11 02:25:00 +02:00
Nick Mathewson
6a673ad313
Add a missing comma in tor_check_port_forwarding
...
My fault; fix for bug 4213.
2011-10-10 11:42:05 -04:00
Robert Ransom
9648f034c0
Update documentation comment for rend_client_reextend_intro_circuit
...
One of its callers assumes a non-zero result indicates a permanent failure
(i.e. the current attempt to connect to this HS either has failed or is
doomed). The other caller only requires that this function's result
never equal -2.
Bug reported by Sebastian Hahn.
2011-10-10 05:33:53 -07:00
Robert Ransom
274b25de12
Don't launch a useless circuit in rend_client_reextend_intro_circuit
...
Fixes bug 4212. Bug reported by katmagic and found by Sebastian.
2011-10-10 03:05:19 -07:00
Nick Mathewson
19f1d3e331
Merge remote-tracking branch 'origin/maint-0.2.2'
...
This merge is here to take a commit (feature 3951) that we already
have in master, so use "merge -s ours"
2011-10-07 16:49:59 -04:00
Nick Mathewson
f37d24c550
Note ticket and source version for feature3951 in changes file
2011-10-07 16:47:43 -04:00
Nick Mathewson
ca597efb22
Merge remote-tracking branch 'karsten/feature3951' into maint-0.2.2
2011-10-07 16:46:50 -04:00
Nick Mathewson
1ec22eac4b
Merge remote-tracking branch 'public/bug2003_nm'
2011-10-07 16:43:45 -04:00
Nick Mathewson
8b0ee60fe7
reinstate a notice for the non-loopback socksport case
...
Thanks to prop171, it's no longer a crazy thing to do, but you should
make sure that you really meant it!
2011-10-07 16:34:21 -04:00
Nick Mathewson
b49fcc6cf2
Merge remote-tracking branch 'rransom-tor/bug4018'
2011-10-07 16:32:04 -04:00