Commit Graph

484 Commits

Author SHA1 Message Date
rl1987
68260e85b5 Move sizeof check to torint.h 2019-03-25 10:17:30 +02:00
Nick Mathewson
b25cd5cfe1 Implement code to manage a per-thread instance of crypto_fast_rng()
The subsystems API makes this really simple, fortunately.

Closes ticket 29536
2019-02-19 15:36:08 -05:00
David Goulet
6c173d00f5 Merge branch 'tor-github/pr/702' 2019-02-14 11:43:10 -05:00
George Kadianakis
00b073b1bc Merge branch 'maint-0.3.5' 2019-02-14 18:01:07 +02:00
George Kadianakis
d83c299eba Merge branch 'tor-github/pr/689' into maint-0.3.5 2019-02-14 18:00:05 +02:00
Nick Mathewson
f3cbd6426c Implement a fast aes-ctr prng
This module is currently implemented to use the same technique as
libottery (later used by the bsds' arc4random replacement), using
AES-CTR-256 as its underlying stream cipher.  It's backtracking-
resistant immediately after each call, and prediction-resistant
after a while.

Here's how it works:

We generate psuedorandom bytes using AES-CTR-256.  We generate BUFLEN bytes
at a time.  When we do this, we keep the first SEED_LEN bytes as the key
and the IV for our next invocation of AES_CTR, and yield the remaining
BUFLEN - SEED_LEN bytes to the user as they invoke the PRNG.  As we yield
bytes to the user, we clear them from the buffer.

Every RESEED_AFTER times we refill the buffer, we mix in an additional
SEED_LEN bytes from our strong PRNG into the seed.

If the user ever asks for a huge number of bytes at once, we pull SEED_LEN
bytes from the PRNG and use them with our stream cipher to fill the user's
request.
2019-02-14 09:26:40 -05:00
Nick Mathewson
622a9a8a36 Extract the common body of our random-int functions into a macro
This is the second part of refactoring the random-int-in-range code.
2019-02-14 09:26:40 -05:00
David Goulet
d5de1a0a55 Merge branch 'tor-github/pr/651' 2019-02-13 11:02:02 -05:00
David Goulet
6efc2a0e1f Merge branch 'tor-github/pr/650' into maint-0.3.5 2019-02-13 10:56:24 -05:00
Nick Mathewson
49ec29044d Add more openssl includes to fix no-deprecated compilation
Closes ticket 29026; patch from Mangix.
2019-02-08 08:51:23 -05:00
Nick Mathewson
b9abdcd6bc Fix compilation when openssl is compiled without engine support.
Patch from Mangix. Closes part of ticket 29026.
2019-02-08 08:50:43 -05:00
Nick Mathewson
a49149fc13 Extract numeric CSPRNG functions into a new module.
Some of the code for getting a random value within a range wants to
be shared between crypto_rand() and the new crypto_fast_rng() code.
2019-02-06 22:06:05 -05:00
Nick Mathewson
21d184a184 Remove extraneous #if/#endif wrapper in crypto_rand.c
I don't know how this got here, but this kind of a wrapper only
belongs in a header file.
2019-02-06 22:05:39 -05:00
Nick Mathewson
8ca808f81d Code for anonymous mappings via mmap() or CreateFileMapping().
Using an anonymous mmap() is a good way to get pages that we can set
kernel-level flags on, like minherit() or madvise() or mlock().
We're going to use that so that we can make uninheritable locked
pages to store PRNG data.
2019-02-06 22:03:30 -05:00
Nick Mathewson
d23704bf26 Merge branch 'ticket28668_035' into ticket28668_040 2019-01-23 14:50:22 -05:00
Nick Mathewson
6144cf99ad Capture more BUG warnings in util/time test
These are ones that happen on windows only.

Fixes bug 29161.
2019-01-23 12:37:12 -05:00
Peter Gerber
db3ee1d862
Allow getsockopt(…, SOL_SOCKET, SO_ACCEPTCONN, …) in sandbox
SO_ACCEPTCONN checks whether socket listening is enabled and is
used ever since 9369152aae has been merged.

Closes ticket #29150
2019-01-22 21:51:25 +00:00
Nick Mathewson
21dd3ece62 Merge branch 'maint-0.3.5' 2019-01-22 11:55:56 -05:00
Nick Mathewson
4159d103d6 Merge branch 'bug29042_035' into maint-0.3.5 2019-01-22 11:55:53 -05:00
Nick Mathewson
16430fdaf5 Merge branch 'maint-0.3.5' 2019-01-16 14:43:53 -05:00
Kris Katterjohn
cbcf75d728 Update and fix a couple of comments in meminfo.c
This fixes a typo and also notes that HW_PHYSMEM64 is defined on
NetBSD (not just OpenBSD).

Signed-off-by: Kris Katterjohn <katterjohn@gmail.com>
2019-01-16 14:40:15 -05:00
Kris Katterjohn
0f3d88a159 Use HW_PHYSMEM instead of HW_USERMEM in get_total_system_memory_impl
The code checked for sysctl being available and HW_PHYSMEM being
defined, but HW_USERMEM was actually being used with sysctl instead
of HW_PHYSMEM.

The case for OpenBSD, etc. use HW_PHYSMEM64 (which is obviously a
64-bit variant of HW_PHYSMEM) and the case for OSX uses HW_MEMSIZE
(which appears to be a 64-bit variant of HW_PHYSMEM).

Signed-off-by: Kris Katterjohn <katterjohn@gmail.com>
2019-01-16 14:40:15 -05:00
Nick Mathewson
0981ac4c59 Log more messages when failing to decode RSA keys
We log these messages at INFO level, except when we are reading a
private key from a file, in which case we log at WARN.

This fixes a regression from when we re-wrote our PEM code to be
generic between nss and openssl.

Fixes bug 29042, bugfix on 0.3.5.1-alpha.
2019-01-16 14:35:30 -05:00
Nick Mathewson
2f683465d4 Bump copyright date to 2019 2019-01-16 12:33:22 -05:00
Nick Mathewson
efe55b8898 Bump copyright date to 2019. 2019-01-16 12:32:32 -05:00
Nick Mathewson
b169c8c14f Merge remote-tracking branch 'asn-github/adaptive_padding-final' 2019-01-14 14:48:00 -05:00
Nick Mathewson
99947c3ce0 Merge remote-tracking branch 'teor/bug29015' 2019-01-14 13:59:07 -05:00
Kris Katterjohn
df1a8a657e Actually close the stdout pipe on error in process_unix_exec
When cleaning up after an error in process_unix_exec, the stdin
pipe was being double closed instead of closing both the stdin
and stdout pipes.  This occurred in two places.

Signed-off-by: Kris Katterjohn <katterjohn@gmail.com>
2019-01-11 18:55:09 -05:00
Nick Mathewson
5dd926caa6 Include the beginnings of a FAQ about which timer to use. 2019-01-11 09:08:51 -05:00
Taylor R Campbell
d82a8a7f9d Add some more type checking.
NOTE: This commit breaks the build, because there was a mistake in an
earlier change of exactly the sort that this is meant to detect!  I'm
leaving it broken for illustration.
2019-01-11 14:41:28 +02:00
Taylor R Campbell
0f8253bddb Use the distribution abstraction as an abstraction. 2019-01-11 14:40:50 +02:00
Taylor R Campbell
531df9590d Move ceil call back into the geometric sampler.
Test exactly what the geometric sampler returns, because that's what
the downstream callers of it are going to use.

While here, also assert that the geometric sampler returns a positive
integer.  (Our geometric distribution is the one suported on {1, 2,
3, ...} that returns the number of trials before the first success,
not the one supported on {0, 1, 2, ...} that returns the number of
failures before the first success.)
2019-01-11 14:40:50 +02:00
George Kadianakis
e0e0338dc4 Rename crypto_rand_uint32() -> crypto_rand_u32()
See https://github.com/torproject/tor/pull/624#discussion_r246453777
2019-01-10 13:06:08 +02:00
Nick Mathewson
0ed966fde1 Merge branch 'maint-0.3.5' 2019-01-09 09:38:27 -05:00
Nick Mathewson
694e3c57fd Merge remote-tracking branch 'tor-github/pr/636' into maint-0.3.5 2019-01-09 09:38:22 -05:00
Nick Mathewson
e6a4401200 Merge branch 'maint-0.3.5' 2019-01-09 08:52:10 -05:00
Kris Katterjohn
c13a81f7f9 Fix (and make consistent) the use of OpenBSD preprocessor macro tests
Prior to this commit, the testsuite was failing on OpenBSD.  After
this commit the testsuite runs fine on OpenBSD.

It was previously decided to test for the OpenBSD macro (rather than
__OpenBSD__, etc.) because OpenBSD forks seem to have the former
macro defined.  sys/param.h must be included for the OpenBSD macro
definition; however, many files tested for the OpenBSD macro without
having this header included.

This commit includes sys/param.h in the files where the OpenBSD macro
is used (and sys/param.h is not already included), and it also
changes some instances of the __OpenBSD__ macro to OpenBSD.

See commit 27df23abb6 which changed
everything to use OpenBSD instead of __OpenBSD__ or OPENBSD.  See
also tickets #6982 and #20980 (the latter ticket is where it was
decided to use the OpenBSD macro).

Signed-off-by: Kris Katterjohn <katterjohn@gmail.com>
2019-01-09 08:51:57 -05:00
Nick Mathewson
f9a7701ff1 Merge branch 'ticket28856_v2' 2019-01-09 08:46:40 -05:00
teor
671c34d9b4
lib/net: improve the docs for tor_{ersatz_,}socketpair()
Add some details about IP family support, and point to
tor_socketpair() from tor_ersatz_socketpair().

Closes ticket 29015.
2019-01-08 14:45:17 +10:00
Kris Katterjohn
c59b572e93 Fix tor_ersatz_socketpair on IPv6-only systems
In get_local_listener used by tor_ersatz_socketpair, the address
family used when binding the IPv6 socket was AF_INET instead of
AF_INET6.

Fixes bug 28995; bugfix on 0.3.5.1-alpha.

Signed-off-by: Kris Katterjohn <katterjohn@gmail.com>
2019-01-07 17:28:21 -06:00
Nick Mathewson
4e4f93d364 Add a #ifdef HAVE_UNISTD_H check to buffers.c
Reported on tor-dev by Gisle Vanem.  Bug not in any released Tor

(The suggested patch used _MSC_VER, but that's not how we do stuff
with autoconf.  With autoconf, you detect the feature you want,
rather than trying to list all the systems that do or do not have
it.)
2019-01-03 09:52:19 -05:00
Nick Mathewson
9ba690e33f Merge branch 'maint-0.3.5' 2019-01-03 09:45:56 -05:00
Nick Mathewson
abdc6aede2 Merge branch 'ticket28851_035_squashed' into maint-0.3.5 2019-01-03 09:45:53 -05:00
Nick Mathewson
b82717b273 Stop re-checking our hardcoded dh parameters on every startup
Closes ticket 28851.
2019-01-03 09:45:43 -05:00
Nick Mathewson
47176eb678 Merge branch 'maint-0.3.5' 2019-01-03 09:44:15 -05:00
Nick Mathewson
98736cf36a Merge remote-tracking branch 'public/ticket28838_035' into maint-0.3.5 2019-01-03 09:44:10 -05:00
Nick Mathewson
27853938a1 Merge branch 'maint-0.3.5' 2019-01-03 09:02:40 -05:00
Nick Mathewson
ed62f0fa15 Merge branch 'maint-0.3.4' into maint-0.3.5 2019-01-03 09:02:39 -05:00
Nick Mathewson
3e7f13a4ef Merge branch 'maint-0.3.5' 2019-01-02 16:15:39 -05:00
Nick Mathewson
b33bcb1e63 Add an errno.h include to freespace.c to fix bug 28974. 2019-01-02 15:19:52 -05:00