Commit Graph

218 Commits

Author SHA1 Message Date
Peter Palfrader
0d9aedfcea Downgrade a few INFO level logs to DEBUG again. Also add two or three new
logs in cases where a calling function's log was downgraded and we wouldn't
get any log message otherwise.


svn:r5263
2005-10-17 16:21:42 +00:00
Nick Mathewson
9bc2467626 Okay, try to use RAND_poll() from OpenSSL where available.
svn:r5229
2005-10-08 05:47:15 +00:00
Roger Dingledine
c4757e0705 LOG_ERR is for when we know we're going to exit. use LOG_WARN in other
cases.


svn:r5220
2005-10-07 19:53:57 +00:00
Nick Mathewson
150e5ac098 disable RAND_poll() for the alpha of the day; at least 24 hours of testing is in order for something like that.
svn:r5216
2005-10-07 19:17:20 +00:00
Nick Mathewson
a53ecc94f9 Add half our entropy from RAND_poll in OpenSSL. These know how to use egd (if present) openbsd weirdness (if present), vms/os2 weirdness (if we ever port there), and more in the future.
svn:r5215
2005-10-07 19:03:09 +00:00
Nick Mathewson
a89daaeca9 Once an hour (not just on startup) give OpenSSL some more entropy.
Add entropy in 512-bit chunks, not 160-bit chunks.  (This latter
change is voodoo.)


svn:r5211
2005-10-06 22:22:22 +00:00
Nick Mathewson
cc35e1720f Using RAND_pseudo_bytes instead of RAND_bytes is an accident waiting to happen, and does not really speed us up much when we do it. So stop doing it.
svn:r5210
2005-10-06 22:18:01 +00:00
Nick Mathewson
ba24193ab5 Make doxygen marginally happier
svn:r5208
2005-10-06 04:33:40 +00:00
Nick Mathewson
f8c07e1f33 free EVP cipher information on shutdown to remove some spurious dmalloc complaints.
svn:r5180
2005-10-03 21:10:35 +00:00
Nick Mathewson
de198d800b Never call free() on tor_malloc()d memory. This is unlikely to be our current leak, but it may help dmalloc work.
svn:r5168
2005-09-30 20:47:58 +00:00
Nick Mathewson
26e7a05725 even better function start checks; give dmalloc a chance of working.
svn:r5162
2005-09-30 01:39:24 +00:00
Nick Mathewson
92451f74a8 Reformat inconsistent function declarations.
svn:r5160
2005-09-30 01:09:52 +00:00
Nick Mathewson
5c53545d81 Add a bunch more warnings to out warning suite; resolve them; pack structs a little better.
svn:r5150
2005-09-29 22:59:17 +00:00
Nick Mathewson
f8a80e8d59 Helper functions to perform our truncated base64 encoding on hexdigests.
svn:r5087
2005-09-18 02:18:59 +00:00
Nick Mathewson
6b479b3cfa Only do openssl accel stuff if version is at least 0.9.7
svn:r4973
2005-09-09 22:07:15 +00:00
Roger Dingledine
fa507c63e8 put quotes around user-supplied strings so they are more likely to
realize if they add bad characters (like quotes) to the torrc


svn:r4844
2005-08-26 18:40:44 +00:00
Roger Dingledine
121ea4dd93 a url for better reference
svn:r4778
2005-08-15 01:03:50 +00:00
Nick Mathewson
943ef5256b fix whitespace issues
svn:r4752
2005-08-08 21:59:48 +00:00
Nick Mathewson
9345323b18 far far cleaner implementation of handshake checking logic. Backport candidate.
svn:r4736
2005-08-07 20:36:14 +00:00
Roger Dingledine
bfe65db284 ok, so now it was just redundant. nick, do you recall what rfc
you were trying to point to?


svn:r4727
2005-08-07 17:11:33 +00:00
Roger Dingledine
b9a7482c02 note another potential security problem with generating key material
from our DH handshake.


svn:r4724
2005-08-06 16:50:51 +00:00
Roger Dingledine
261bf4c4d4 rfc 3536 "provides a glossary of terms used in the IETF when discussing
internationalization."


svn:r4723
2005-08-05 22:08:57 +00:00
Nick Mathewson
224fecb281 Appease insane windows compiler. (Oh no, an extra semi, the sky is falling!)
svn:r4722
2005-08-05 19:25:23 +00:00
Nick Mathewson
197eb2b2cb fix harmless copy-and-paste error
svn:r4718
2005-08-05 14:59:14 +00:00
Nick Mathewson
ea2aa107a7 cover a few more cases; needs testing and once-over
svn:r4717
2005-08-05 14:20:38 +00:00
Nick Mathewson
3fa821d911 oops, that array got bigger
svn:r4708
2005-08-04 23:18:51 +00:00
Nick Mathewson
7a9eb49f5f Discard special bignum values.
svn:r4706
2005-08-04 23:14:42 +00:00
Nick Mathewson
2aff87caae Load hardware acceleration options when/where available. Can anybody test this?
svn:r4467
2005-06-20 18:56:35 +00:00
Nick Mathewson
d4972bd2e1 Remove code that has been #if-0ed for a long time.
svn:r4435
2005-06-15 18:34:46 +00:00
Roger Dingledine
fcd0fc3364 flesh out the source file descriptions for doxygen
svn:r4404
2005-06-11 05:31:17 +00:00
Nick Mathewson
0831823763 Change end-of-file NLNL convention. It turns out arma I and I agree.
svn:r4382
2005-06-09 19:03:31 +00:00
Nick Mathewson
5420aed38e Possible bugfix for 151: backport candidate.
svn:r4318
2005-06-06 20:02:09 +00:00
Nick Mathewson
10b2208d93 Make Tor compile with no warnings with gcc4.0 on OSX
svn:r4184
2005-05-07 05:55:06 +00:00
Nick Mathewson
0e81265359 update copyright notices.
svn:r3982
2005-04-01 20:15:56 +00:00
Nick Mathewson
837d7dff69 Try to make crash-on-shutdown bug harder to trigger.
svn:r3939
2005-04-01 02:37:10 +00:00
Nick Mathewson
905c16846a Fix a few more instances of memory not freed on exit (found by weasel).
svn:r3830
2005-03-23 06:20:50 +00:00
Nick Mathewson
aac97a3c6a Tell openssl how to use locks and how to find thread ids -- this may prevent race conditions surrounding the error queue.
svn:r3622
2005-02-13 22:32:25 +00:00
Nick Mathewson
f6221b695f Apply windows patch from Dmitri Bely
svn:r3617
2005-02-12 21:03:37 +00:00
Roger Dingledine
9e6d6c6096 Bugfix: we've been using openssl's BIO_get_mem_data incorrectly.
We assumed the pem-encoded data written by PEM_write_bio_RSAPrivateKey
is nul-terminated, and at least sometimes, it's not.


svn:r3263
2005-01-03 22:35:40 +00:00
Nick Mathewson
8c85c0bef8 Note that length checking on base64_decode is kinda conservative
svn:r3144
2004-12-13 18:38:19 +00:00
Nick Mathewson
fd4c624677 Belt *or* suspenders will be sufficient when casting things to unsigned char.
svn:r3122
2004-12-08 07:20:21 +00:00
Nick Mathewson
fe6eb34a10 Solaris CC freaks out if isspace and friends get anything other than an int. We learned that, so we casted. But it is also a bad idea to cast a signed char to an int and expect things to work on win32. Now we cast to unsigned char, then to int, then pass to isspace. Ug
svn:r3120
2004-12-08 00:42:50 +00:00
Nick Mathewson
a980446d0c Be more proactive about noticing underflows: size_t values greater than 0x800...00 are likely to be trouble.
svn:r3064
2004-12-02 04:33:01 +00:00
Nick Mathewson
b457cfb5eb Spell-check strings and comments
svn:r3052
2004-12-01 03:48:14 +00:00
Nick Mathewson
7fbd297532 Suggestion from weasel: Make tor --version --version dump the cvs Id of every file.
svn:r3019
2004-11-29 22:25:31 +00:00
Nick Mathewson
6f5dbefa7e Normalize space: add one between every control keyword and control clause.
svn:r3003
2004-11-28 09:05:49 +00:00
Roger Dingledine
7c9a707900 remove emacs droppings, since nick says he doesn't need them anymore
svn:r2989
2004-11-26 04:00:55 +00:00
Nick Mathewson
5a5be93f80 Normalize whitespace; add a "tell me about all the unnormalized whitespace" target; fix a braino in dirserv.c
svn:r2758
2004-11-09 20:04:00 +00:00
Nick Mathewson
cea9125d71 Implement two flavors of authentication for control connections: one for trusted FS, one for untrusted FS.
svn:r2664
2004-11-03 19:49:03 +00:00
Nick Mathewson
ad4dc74482 Use a stricter set of warnings; make them all pass.
svn:r2645
2004-11-02 03:02:17 +00:00
Roger Dingledine
85c79ffbc7 canonicalize "src" and "dest" arg order in crypto.c (and others)
svn:r2644
2004-11-02 02:28:51 +00:00
Nick Mathewson
ce79bab7f1 Split util into util (general utilities), container (smartlist and strmap), and compat (cross-platform compatability).
svn:r2640
2004-11-01 20:41:47 +00:00
Nick Mathewson
5bc0dba933 Move all util functions that need openssl into crypto.c; make non-openssl functions that util needs into util. Now openssl can be separated.
svn:r2628
2004-10-30 19:26:31 +00:00
Nick Mathewson
2fbf31533b Tricksy compiler warnings! We hates them, hates them forever, my precious!
svn:r2615
2004-10-27 21:14:11 +00:00
Nick Mathewson
ce5709184b Pass with -Wstrict-prototypes
svn:r2614
2004-10-27 18:16:37 +00:00
Nick Mathewson
f67f83b1fa Use strlcpy, not strncpy
svn:r2603
2004-10-27 06:03:28 +00:00
Roger Dingledine
6d873e5743 don't assert multiple things in the same tor_assert()
svn:r2545
2004-10-16 22:28:11 +00:00
Nick Mathewson
a42adce362 fix memory leak in router.c; start relying on NULL==(zero bytes)
svn:r2538
2004-10-16 20:38:57 +00:00
Roger Dingledine
918ce7a084 a few more ints to size_ts
svn:r2461
2004-10-13 05:54:58 +00:00
Roger Dingledine
a7d858bd6e start the great migration from int to size_t
and clean some deadweight from util.h


svn:r2455
2004-10-12 20:20:19 +00:00
Roger Dingledine
1c757b917d fix signed/unsigned comparison, plus typo
svn:r2451
2004-10-12 19:09:40 +00:00
Nick Mathewson
6c970aec94 Turn tor_strpartion into a swiss-army-knife function, so it can terminate or not-terminate appropriately.
svn:r2429
2004-10-07 21:37:06 +00:00
Nick Mathewson
7b98fb58eb More complete docs for crypto.c; factor out string partitioning code
svn:r2427
2004-10-07 20:58:53 +00:00
Nick Mathewson
ce3162d035 Make base-64-encoded DER work, including workaround for ugly openssl misfeature that makes base64 decoding fail when you strip out the newlines.
svn:r2423
2004-10-07 03:11:42 +00:00
Nick Mathewson
8cca36d26a Implement (temporarily) a base64-encoded-DER format for RSA keys; make it easier to generate fingerprints with no space
svn:r2419
2004-10-06 13:26:10 +00:00
Nick Mathewson
93f085c4a2 Stop using openssl functions that rely on stdio; they can apparently lead to linker grief on win32.
svn:r2354
2004-09-21 04:55:43 +00:00
Nick Mathewson
0ef85f6dba Some platforms have weird translations when you open files in "test" mode; make read/write_str_to_file aware.
svn:r2336
2004-09-08 07:16:34 +00:00
Roger Dingledine
d91cacb839 agree with nick: this legal-chars-in-filename stuff gets us nothing
svn:r2310
2004-08-24 21:57:12 +00:00
Nick Mathewson
015232bd39 As far as I can tell, CONFIG_LEGAL_FILENAME_CHARACTERS is both pointless and broken. #if it out, pending agreement from arma. This fixes a bug on win32 that rejected paths with a : in them.
svn:r2309
2004-08-24 20:48:22 +00:00
Nick Mathewson
7119345fbb Fix base16_decode; trashing the stack is rude.
svn:r2110
2004-07-22 21:41:50 +00:00
Roger Dingledine
7459d067a5 now base16_encode() and base32_encode() can't ever fail
svn:r2103
2004-07-22 08:30:06 +00:00
Roger Dingledine
156cfb00fa oh, and it should compile too
svn:r2088
2004-07-21 22:34:32 +00:00
Roger Dingledine
6e571c8c4c make base16_encode() fail more obviously when it fails
svn:r2087
2004-07-21 22:33:26 +00:00
Nick Mathewson
7d8de8cd10 More digest/nickname fixes
svn:r2000
2004-07-02 23:40:03 +00:00
Nick Mathewson
541add90a1 Track routers by hash of identity key; use hex hash of identity key in place of nickname; accept (and use) hash of identity key in EXTEND cells.
svn:r1994
2004-07-01 01:16:59 +00:00
Roger Dingledine
8ca162c472 put a comment reminding us that we do hashes in software only
svn:r1925
2004-06-01 16:36:56 +00:00
Roger Dingledine
6dc576bab7 bugfix: our integrity-checking digest was checking only the most
recent cell, not the previous cells like we'd thought.

this change is backward incompatible.


svn:r1868
2004-05-15 23:49:41 +00:00
Nick Mathewson
9c3fba5c3b Not every RSA decrypt should warn on failure.
svn:r1853
2004-05-12 19:30:28 +00:00
Roger Dingledine
3cdf2d67da it's amazing what a bit of punctuation can do for appearances
svn:r1843
2004-05-10 10:27:54 +00:00
Nick Mathewson
c0ea93337d Doxygenate common.
svn:r1829
2004-05-10 03:53:24 +00:00
Roger Dingledine
1558fb7650 some patches on the patches
svn:r1761
2004-05-01 23:29:20 +00:00
Nick Mathewson
9a041591ac Finish documenting the functions in common
svn:r1758
2004-05-01 21:41:23 +00:00
Nick Mathewson
908ccb9dcd Handle windows socket errors correctly; comment most of common.
svn:r1756
2004-05-01 20:46:28 +00:00
Nick Mathewson
ddb15b8f67 Remove IVs from cipher code, since AES-ctr has none.
svn:r1742
2004-04-28 20:31:32 +00:00
Roger Dingledine
5d1510883e use nick's _ARRAYSIZE abstraction
svn:r1741
2004-04-28 20:22:37 +00:00
Nick Mathewson
7055f837ab Make Tor build on win32 with VC6 without warnings.
svn:r1739
2004-04-28 20:13:21 +00:00
Nick Mathewson
ac622d94dc Workarounds for a couple of pieces of windows strangeness.
svn:r1734
2004-04-28 19:35:12 +00:00
Roger Dingledine
4e0dd5bd33 some compilers don't like an array of length zero
nick: should we remove support for IVs for now, since we don't
use them and don't plan to use them?


svn:r1732
2004-04-27 23:50:35 +00:00
Nick Mathewson
f6dbe5a0d4 Refactor crypto error handling to be more like TLS error handling:
crypto_perror is a no-no, since an operation can set more than one
error.

Also, fix a bug in the unix crypto_seed_rng: mixing stdio with
/dev/urandom is a bad idea, since fopen can make all kinds of weird
extraneous syscalls (mmap, fcntl, stat64, etc.) and since fread tends
to buffer data in big chunks, thus depleting the entropy pool.


svn:r1717
2004-04-26 18:09:50 +00:00
Roger Dingledine
37192bd25e use tor_assert and PUBLIC_KEY_OK
but don't use tor_assert inside log.c, to avoid loops


svn:r1696
2004-04-25 19:59:38 +00:00
Nick Mathewson
70bbd0cafa Add assert on crypto_pk_write_private_key,and macros to make sure we have real keys
svn:r1694
2004-04-25 19:21:44 +00:00
Roger Dingledine
6a45028ccb don't warn when private_decrypt_hybrid fails
svn:r1689
2004-04-25 04:32:59 +00:00
Nick Mathewson
c44016e86e Merge flagday into main branch.
svn:r1683
2004-04-24 22:17:50 +00:00
Nick Mathewson
306adfc8bd Fix two dumb leaks in crypto.c
svn:r1592
2004-04-12 05:27:38 +00:00
Nick Mathewson
aa7cfd93e5 Fix base32 implementation; make base32 implementation follow standard; add more tests for base32
svn:r1574
2004-04-08 20:56:33 +00:00
Nick Mathewson
f24519e4b9 Set correct address and port mappings on outgoing rendezvous connections
svn:r1513
2004-04-06 22:05:49 +00:00
Nick Mathewson
2fc106d210 Force hybrid encryption on for key negotiation
svn:r1509
2004-04-06 20:55:46 +00:00
Nick Mathewson
6290d027c9 Continue attack on magic numbers; use new crypto wrappers where possible
svn:r1504
2004-04-06 20:16:12 +00:00
Nick Mathewson
12ede0a2c4 use the right variable when comparing hashes; maybe fix "Hash of session" bug
svn:r1481
2004-04-05 17:36:30 +00:00
Nick Mathewson
84b9e90d5f i2d_RSAPublicKey advances the pointer it receives past the ASN1-encoded string.
svn:r1478
2004-04-05 17:10:48 +00:00