Commit Graph

15358 Commits

Author SHA1 Message Date
Nick Mathewson
c09de55fb8 Add #ifdef'd code (on by default) to allocate ACIs sequentially.
svn:r462
2003-09-16 17:17:39 +00:00
Roger Dingledine
8b71b7338f clean up exported api's
svn:r461
2003-09-16 05:41:49 +00:00
Roger Dingledine
9c6343fdf8 refactor connects into connection_connect()
svn:r460
2003-09-16 01:58:46 +00:00
Nick Mathewson
e4dfc3c8fe Cipher lists need to be colon separated. Also make initialization more bulletproof
svn:r459
2003-09-15 19:38:52 +00:00
Nick Mathewson
633a5ffc0b Fix TLS error logging
svn:r458
2003-09-15 18:37:49 +00:00
Nick Mathewson
408bff4a23 Log protocol errors
svn:r457
2003-09-15 18:18:37 +00:00
Roger Dingledine
ebc23f690c bugfix: onion pending queue now works
and fixed recent memory leak


svn:r456
2003-09-14 08:17:14 +00:00
Roger Dingledine
b63013e847 finally tracked down the seg fault
svn:r455
2003-09-14 06:43:18 +00:00
Roger Dingledine
e585dad887 fix the cpuworker circ-had-vanished bug (maybe)
still several (many) tls-related bugs outstanding.


svn:r454
2003-09-14 02:58:50 +00:00
Roger Dingledine
429fb381f8 let tor compile with tls on rh9
nick: is this the right way to do the autoconf stuff? what happens when
/usr/kerberos/include/ doesn't exist?
an alternate way is to add `pkg-config --cflags openssl` to CFLAGS, but
it seems that command only works on rh9. yay portability issues.


svn:r453
2003-09-14 01:44:44 +00:00
Roger Dingledine
05612786e4 fix two more bugs
svn:r452
2003-09-13 21:53:38 +00:00
Roger Dingledine
31bf3ec420 reshuffle functions for cleaner organization
svn:r451
2003-09-12 22:45:31 +00:00
Roger Dingledine
1738af9620 tls works between routers now too
things are still a bit shaky


svn:r450
2003-09-12 06:50:21 +00:00
Roger Dingledine
b1078b7a3c tls works with onion proxies now.
svn:r449
2003-09-12 06:20:36 +00:00
Roger Dingledine
556bea4b6d serious bug in cpuworker. need to think about redesign or how to handle it.
svn:r448
2003-09-12 06:18:38 +00:00
Nick Mathewson
001cd08b2e Fix bugs in certificate generation and SSL context creation. Both seem to work now.
svn:r447
2003-09-11 23:26:31 +00:00
Roger Dingledine
ec23ebc4e6 update onion router configs for tls
svn:r446
2003-09-11 22:20:16 +00:00
Roger Dingledine
fa1bfaa349 check for funny business from the remote peer
svn:r445
2003-09-11 22:19:48 +00:00
Nick Mathewson
5082ee8ae0 Non-debugging messages are nice to log too
svn:r444
2003-09-11 22:13:13 +00:00
Nick Mathewson
529d3bc56f Resolve XXXXs in tortls.c
svn:r443
2003-09-11 21:38:57 +00:00
Nick Mathewson
f5b4ef1fa2 Simplify some code paths in TLS; cut down on memory leaks; use
reasonable ciphers if not everyone has OpenSSL 0.9.7.


svn:r442
2003-09-11 21:12:39 +00:00
Nick Mathewson
36a3086434 Add router_get_by_pk function; use in connection_tls_finish_handshake.
svn:r441
2003-09-11 20:32:15 +00:00
Roger Dingledine
0761bc7b83 fix typo that's been bugging me
svn:r440
2003-09-11 20:10:39 +00:00
Roger Dingledine
44c3a7c2d7 collect info from peer we just handshaked with
svn:r439
2003-09-11 20:06:55 +00:00
Nick Mathewson
e22b271895 Add certificate verification functions
svn:r438
2003-09-10 00:47:39 +00:00
Nick Mathewson
9955b265ab Make crypto structures private to crypto.c
svn:r437
2003-09-10 00:47:24 +00:00
Nick Mathewson
67697d5ab1 Add prototypes for functions to check whether the peer certificate is
valid (if it is present); and to get a public key from a peer
certificate (in order to identify the peer).


svn:r436
2003-09-10 00:10:37 +00:00
Roger Dingledine
c0f5ddcf33 fix confirmed win32 bug
svn:r435
2003-09-08 23:10:24 +00:00
Roger Dingledine
0bac4247ca tls infrastructure now in place, give or take
svn:r434
2003-09-08 10:59:00 +00:00
Roger Dingledine
1a9b5f9de9 another wishlist function for the tls interface
svn:r433
2003-09-08 10:46:19 +00:00
Roger Dingledine
a6a5784bca add CertFile, Nickname
write new certfile if you don't have one already
set up a tls context on startup


svn:r432
2003-09-08 06:26:38 +00:00
Roger Dingledine
ace475f01c hide the global tls context inside tortls.c
svn:r431
2003-09-08 06:22:19 +00:00
Roger Dingledine
413c7a19ed clean up config.c so it doesn't expose as much
svn:r430
2003-09-08 05:16:18 +00:00
Roger Dingledine
3fa170e11f more futzing towards tls
not there yet


svn:r429
2003-09-07 10:24:40 +00:00
Roger Dingledine
99035f3520 clean read_to_buf more
svn:r428
2003-09-05 11:25:24 +00:00
Roger Dingledine
77dfd7826d fill in a gap in the spec
svn:r427
2003-09-05 06:46:39 +00:00
Roger Dingledine
7a34cdf5ee general cleanup and reabstraction, to prepare for tls
svn:r426
2003-09-05 06:04:03 +00:00
Roger Dingledine
99d1e4931b move variable declarations to top of function
svn:r425
2003-09-05 05:58:21 +00:00
Nick Mathewson
fd20011c26 Add initial interfaces and code for TLS support. Interfaces are right; code needs work and testing.
svn:r424
2003-09-04 16:05:08 +00:00
Roger Dingledine
4fb92e5bf7 update the TODO
svn:r423
2003-08-31 00:11:01 +00:00
Roger Dingledine
e13d947986 point out why router_forget_router probably doesn't work
svn:r422
2003-08-29 21:50:53 +00:00
Nick Mathewson
e14aedaad0 Fix memory leaks in directory parsing
svn:r421
2003-08-28 04:21:57 +00:00
Roger Dingledine
c8401a30ae remove op_port from the spec also
svn:r420
2003-08-27 22:45:10 +00:00
Roger Dingledine
7ae853b04c router formats don't include op_port now either
svn:r419
2003-08-27 22:42:39 +00:00
Roger Dingledine
ce289f65f2 remove last vestiges of op_port
svn:r418
2003-08-27 22:42:10 +00:00
Roger Dingledine
4c7e936a3a note an assert bug that's still around
svn:r417
2003-08-25 22:02:42 +00:00
Roger Dingledine
90f22933e7 make the conn->package_window bug go away.
not resolved, but at least the servers will stop crashing.


svn:r416
2003-08-25 21:43:51 +00:00
Nick Mathewson
14c8bc598b Attempt to track down bug in conn->package_window
svn:r415
2003-08-25 20:57:23 +00:00
Nick Mathewson
ee0440f908 Correct description of extracting Kf and Kb from g^xy.
svn:r414
2003-08-25 18:50:29 +00:00
Roger Dingledine
0878ceb779 remove bandwidth negotation from the code
we still use bandwidth on a per-connection basis for rate
limiting. but it's unclear if we need this infrastructure in
addition to the total-bandwidth rate limiting that we also do.

i'll leave both infrastructures in, and we'll remove the
per-connection one if it starts rotting too much.


svn:r413
2003-08-25 08:28:34 +00:00