nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-11 21:53:48 +01:00
Code Issues Packages Projects Releases Wiki Activity
14,902 Commits 53 Branches 630 Tags 125 MiB
3fc3ed50a1
Commit Graph

264 Commits

Author SHA1 Message Date
Nick Mathewson
3fc3ed50a1 Merge remote-tracking branch 'public/bug4361' 
Conflicts:
	src/or/command.c
 2012-03-08 14:23:52 -05:00
Nick Mathewson
26e789fbfd Rename nonconformant identifiers. 
Fixes bug 4893.

These changes are pure mechanical, and were generated with this
perl script:

  /usr/bin/perl -w -i.bak -p

  s/crypto_pk_env_t/crypto_pk_t/g;
  s/crypto_dh_env_t/crypto_dh_t/g;
  s/crypto_cipher_env_t/crypto_cipher_t/g;
  s/crypto_digest_env_t/crypto_digest_t/g;

  s/aes_free_cipher/aes_cipher_free/g;
  s/crypto_free_cipher_env/crypto_cipher_free/g;
  s/crypto_free_digest_env/crypto_digest_free/g;
  s/crypto_free_pk_env/crypto_pk_free/g;

  s/_crypto_dh_env_get_dh/_crypto_dh_get_dh/g;
  s/_crypto_new_pk_env_rsa/_crypto_new_pk_from_rsa/g;
  s/_crypto_pk_env_get_evp_pkey/_crypto_pk_get_evp_pkey/g;
  s/_crypto_pk_env_get_rsa/_crypto_pk_get_rsa/g;

  s/crypto_new_cipher_env/crypto_cipher_new/g;
  s/crypto_new_digest_env/crypto_digest_new/g;
  s/crypto_new_digest256_env/crypto_digest256_new/g;
  s/crypto_new_pk_env/crypto_pk_new/g;

  s/crypto_create_crypto_env/crypto_cipher_new/g;

  s/connection_create_listener/connection_listener_new/g;
  s/smartlist_create/smartlist_new/g;
  s/transport_create/transport_new/g;
 2012-01-18 15:53:30 -05:00
Nick Mathewson
b8675e5fe3 Do not pretend to allow PADDING as the first cell of a v3 handshake 2012-01-11 12:34:28 -05:00
Nick Mathewson
3826e058ac Implement proposal 187: reserve a cell type for client authorization 
This needs a changes file and more testing.
 2012-01-11 11:10:18 -05:00
Nick Mathewson
0539c34c35 Merge branch 'bug4360' 2011-11-21 10:48:02 -05:00
Nick Mathewson
7992eb43c5 Log more loudly on a bad cert from an authority. 
Clock skew made this situation way too frequent so we demoted it to
"protocol_warn", but when there's an authority, it should really just
be warn.
 2011-11-20 00:48:25 -05:00
Nick Mathewson
69dd993a92 Make certificate skew into a protocol warning 2011-11-15 15:57:46 -05:00
Nick Mathewson
325a659cb1 Even when we can't answer an AUTH_CHALLENGE, send NETINFO. 
Fixes bug 4368; fix on 0.2.3.6-alpha; bug found by "frosty".
 2011-11-03 12:40:02 -04:00
Nick Mathewson
248b967ce6 Add comments and changes file for 4361; tweak control flow a bit 2011-11-03 12:31:31 -04:00
frosty
3dd2f990a3 Do not send a NETINFO cell as a client until after we have got a CERT cell 2011-11-03 12:03:05 -04:00
Nick Mathewson
88c4b425bd Fix bug 4367: correctly detect auth_challenge cells we can't use 
Found by frosty_un, bugfix on 0.2.3.6-alpha, fix suggested by arma.
 2011-11-03 11:52:35 -04:00
Roger Dingledine
be1f3a5eb5 normalize the name of the CERTS cell 2011-10-31 04:33:38 -04:00
Nick Mathewson
4dd8d811d6 Merge branch 'bug4343' 2011-10-28 18:05:25 -04:00
Nick Mathewson
212c3acd42 Merge remote-tracking branch 'origin/maint-0.2.2' 
Conflicts:
	src/or/command.c
 2011-10-28 18:02:57 -04:00
Nick Mathewson
cf8bffa359 Discard all cells on a marked connection 
Fix for bug 4299
 2011-10-28 17:04:15 -04:00
Nick Mathewson
2018f86e0c "Authetnicate" is not the usual spelling 2011-10-28 16:41:04 -04:00
Nick Mathewson
c2a098e980 Fix a double-free that would occur on an invalid cert in a CERTS cell 
We would stash the certs in the handshake state before checking them
for validity... and then if they turned out to be invalid, we'd give
an error and free them.  Then, later, we'd free them again when we
tore down the connection.

Fixes bug 4343; fix on 0.2.3.6-alpha.
 2011-10-28 16:38:56 -04:00
Sebastian Hahn
2dec6597af Merge branch 'maint-0.2.2_secfix' into master_secfix 
Conflicts:
	src/common/tortls.c
	src/or/connection_or.c
	src/or/dirserv.c
	src/or/or.h
 2011-10-27 00:38:45 +02:00
Sebastian Hahn
df05e5ef4d Merge branch 'maint-0.2.1_secfix' into maint-0.2.2_secfix 
Conflicts:
	src/or/connection_or.c
 2011-10-26 23:30:27 +02:00
Robert Ransom
a74e7fd40f Reject create cells on outgoing OR connections from bridges 2011-10-26 23:21:14 +02:00
Robert Ransom
af12c39d6d Don't use any OR connection which sent us a CREATE_FAST cell for an EXTEND 
Fix suggested by Nick Mathewson.
 2011-10-26 23:20:56 +02:00
Roger Dingledine
a68867b150 manually backport a5232e0c4c 2011-10-26 17:11:52 -04:00
Nick Mathewson
e0a053be01 Do not tread vpadding cell as versions cell. Not in any released version. 2011-10-26 11:50:50 -04:00
Nick Mathewson
9d355bf479 Double-check that we really can get RSA keys from ID/Auth certs 
Addresses issue 4287; issue not in any released Tor.
 2011-10-23 13:31:09 -04:00
Nick Mathewson
80cf342e47 Fix memory leak in prop176 code 
This fixes part of bug4252.  Bug not in any released version.
 2011-10-23 13:23:53 -04:00
Nick Mathewson
69921837a7 Fix a bunch of whitespace errors 2011-10-11 11:30:01 -04:00
Nick Mathewson
8af0cfc10d Add some points to make it easy to turn off v3 support 2011-10-10 23:14:32 -04:00
Sebastian Hahn
35fe4825fc Quiet two notices, and spelling mistake cleanup 2011-10-10 23:14:31 -04:00
Nick Mathewson
1bd65680bd Add more log statements for protocol/internal failures 2011-10-10 23:14:31 -04:00
Nick Mathewson
059d3d0613 Remove auth_challenge field from or_handshake_state_t 
We didn't need to record this value; it was already recorded
implicitly while computing cell digests for later examination in the
authenticate cells.
 2011-10-10 23:14:31 -04:00
Nick Mathewson
d79ff2ce94 spec conformance: allow only one cert of each type 2011-10-10 23:14:31 -04:00
Nick Mathewson
e56d7a3809 Give tor_cert_get_id_digests() fail-fast behavior 
Right now we can take the digests only of an RSA key, and only expect to
take the digests of an RSA key.  The old tor_cert_get_id_digests() would
return a good set of digests for an RSA key, and an all-zero one for a
non-RSA key.  This behavior is too error-prone: it carries the risk that
we will someday check two non-RSA keys for equality and conclude that
they must be equal because they both have the same (zero) "digest".

Instead, let's have tor_cert_get_id_digests() return NULL for keys we
can't handle, and make its callers explicitly test for NULL.
 2011-10-10 23:14:31 -04:00
Nick Mathewson
ce102f7a59 Make more safe_str usage happen for new logs in command.c 2011-10-10 23:14:30 -04:00
Nick Mathewson
23664fb3b8 Set up network parameters on non-authenticated incoming connections 
Also add some info log messages for the steps of the v3 handshake.

Now my test network bootstraps!
 2011-10-10 23:14:30 -04:00
Nick Mathewson
7aadae606b Make sure we stop putting cells into our hash at the right time. 2011-10-10 23:14:30 -04:00
Nick Mathewson
41b250d7ea Bugfixes for authenticate handling and generation 2011-10-10 23:14:30 -04:00
Nick Mathewson
610cb0ecc4 Fix log message about what cells we are sending 2011-10-10 23:14:30 -04:00
Nick Mathewson
83bb9742b5 Hook up all of the prop176 code; allow v3 negotiations to actually work 2011-10-10 23:14:18 -04:00
Nick Mathewson
9a77ebc794 Make tor_tls_cert_is_valid check key lengths 2011-10-10 23:14:17 -04:00
Nick Mathewson
6c7f28454e Implement cert/auth cell reading 2011-10-10 23:14:17 -04:00
Nick Mathewson
1b0645acba Cell types and states for new OR handshake 
Also, define all commands > 128 as variable-length when using
v3 or later link protocol.  Running into a var cell with an
unrecognized type is no longer a bug.
 2011-10-10 23:14:09 -04:00
Nick Mathewson
fa1d47293b Merge remote-tracking branch 'origin/maint-0.2.2' 
The conflicts were mainly caused by the routerinfo->node transition.

Conflicts:
	src/or/circuitbuild.c
	src/or/command.c
	src/or/connection_edge.c
	src/or/directory.c
	src/or/dirserv.c
	src/or/relay.c
	src/or/rendservice.c
	src/or/routerlist.c
 2011-05-30 15:41:46 -04:00
Nick Mathewson
7e67a24038 Merge branch 'bug3045' into maint-0.2.2 
Conflicts:
	src/or/circuitbuild.c
 2011-05-30 15:18:59 -04:00
Nick Mathewson
42b15a0aaa Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-28 01:55:34 -04:00
Nick Mathewson
a5232e0c4c Fix GCC 4.6's new -Wunused-but-set-variable warnings. 
Most instances were dead code; for those, I removed the assignments.
Some were pieces of info we don't currently plan to use, but which
we might in the future.  For those, I added an explicit cast-to-void
to indicate that we know that the thing's unused.  Finally, one was
a case where we were testing the wrong variable in a unit test.
That one I fixed.

This resolves bug 3208.
 2011-05-23 17:04:38 -04:00
Nick Mathewson
b95dd03e5f Log descriptions of nodes, not just nicknames. 
This patch introduces a few new functions in router.c to produce a
more helpful description of a node than its nickame, and then tweaks
nearly all log messages taking a nickname as an argument to call these
functions instead.

There are a few cases where I left the old log messages alone: in
these cases, the nickname was that of an authority (whose nicknames
are useful and unique), or the message already included an identity
and/or an address.  I might have missed a couple more too.

This is a fix for bug 3045.
 2011-05-15 21:58:46 -04:00
Nick Mathewson
42c1a47123 Revert bug1074_launch_authconn* branch: needs more design, less crashing 2011-02-28 12:58:29 -05:00
Nick Mathewson
b3d74045ae Add a missing const 2011-02-25 12:32:29 -05:00
Nick Mathewson
a47fdaf9a0 Merge branch 'bug1074_launch_conn_on_skew' 
Fixed conflict on rename of router_get_by_digest->router_get_by_id_digest

Conflicts:
	src/or/command.c
 2011-02-25 12:12:44 -05:00
Nick Mathewson
c94f3711ee whitespace fixup 2011-02-25 12:05:33 -05:00