Commit Graph

30606 Commits

Author SHA1 Message Date
Nick Mathewson
108d9879eb Extract the non-generic part of tor_tls_context_decref(). 2018-08-21 12:25:33 -04:00
Nick Mathewson
96f8e19802 Implement PBKDF2 with NSS.
This was a gap that we left in the last commit.
2018-08-21 12:25:33 -04:00
Nick Mathewson
6a88d8f6b4 When enabling NSS, disable OpenSSL.
We used to link both libraries at once, but now that I'm working on
TLS, there's nothing left to keep OpenSSL around for when NSS is
enabled.

Note that this patch causes a couple of places that still assumed
OpenSSL to be disabled when NSS is enabled
   - tor-gencert
   - pbkdf2
2018-08-21 12:25:33 -04:00
Nick Mathewson
1992c76130 Split tls modules and their tests into openssl and generic.
Also, add a stubbed-out nss version of the modules.  The tests won't
pass with NSS yet since the NSS modules don't do anything.

This is a good patch to read with --color-moved.
2018-08-21 12:25:33 -04:00
Nick Mathewson
91c1e88b7a Refactor some of the certificate-manipulation logic 2018-08-21 12:25:33 -04:00
Nick Mathewson
598bc78bfa Extract tortls structures into a new header; clean up a little 2018-08-21 12:25:33 -04:00
Nick Mathewson
9a4f05b05c Split X509 code out of tortls.c 2018-08-21 12:25:33 -04:00
Nick Mathewson
3ccb94d7b6 The RSA_free in this test is no longer needed or wanted 2018-08-21 12:24:08 -04:00
Nick Mathewson
aa45511250 Implement RSA for NSS. 2018-08-21 12:24:08 -04:00
Nick Mathewson
cb5cfe3177 Also reinitialize the pregenerated keys postfork. 2018-08-21 12:24:08 -04:00
Nick Mathewson
b94e7de7db Refactor crypto_rsa to use pem module.
This cleans up a lot of junk from crypto_rsa_openssl, and will
save us duplicated code in crypto_rsa_nss (when it exists).

(Actually, it already exists, but I am going to use git rebase so
that this commit precedes the creation of crypto_rsa_nss.)
2018-08-21 12:24:08 -04:00
Nick Mathewson
9566ed6fd9 Add rudimentary support for PEM-encoding, since NSS doesn't do that. 2018-08-21 12:24:08 -04:00
Nick Mathewson
0812f1cbc2 Use a constant for "65537" 2018-08-21 12:24:08 -04:00
Nick Mathewson
824009cde5 Rename openssl-bridging functions in crypto_rsa
These functions exist only to expose RSA keys to other places in Tor
that use OpenSSL; let's be specific about their purpose.
2018-08-21 12:24:08 -04:00
Nick Mathewson
38212d2e40 Remove a redundant function. 2018-08-21 12:24:08 -04:00
Nick Mathewson
0f971d7c91 Rename functions that encode/decode private keys
It is not nice to expose a private key's contents without having the
function name advertise the fact.  Fortunately, we weren't misusing
these yet.
2018-08-21 12:24:08 -04:00
Nick Mathewson
752ffa2197 Extract openssl RSA functionality into its own file. 2018-08-21 12:24:08 -04:00
Nick Mathewson
9bb0ac4bf1 Merge branch 'coverage_6aug_squashed' 2018-08-21 12:14:51 -04:00
Nick Mathewson
fe00a481fc Add a unit test for tor_log_mallinfo() 2018-08-21 12:14:41 -04:00
Nick Mathewson
f124037cde Add unit tests for parsing "extended" format of config lines. 2018-08-21 12:14:41 -04:00
Nick Mathewson
21a9d03445 fixup! Check for duplicate-close in connection_dir_finished_flusing() 2018-08-21 11:15:07 -04:00
Nick Mathewson
ff0be08059 Fix a bug warning when sending an error on an HTTPTunnelPort conn
Fixes bug 26470; bugfix on 0.3.2.1-alpha.
2018-08-21 10:12:04 -04:00
Nick Mathewson
df874ed0f1 Merge branch 'maint-0.3.3' into maint-0.3.4 2018-08-21 10:01:41 -04:00
Nick Mathewson
9bc947dc18 Merge branch 'maint-0.3.4' 2018-08-21 10:01:41 -04:00
Nick Mathewson
4c0c4d4ade Add changes file for 26873. I missed this when merging earlier. 2018-08-21 10:01:38 -04:00
Nick Mathewson
18183de060 Check for duplicate-close in connection_dir_finished_flusing()
Fix for 26896.
2018-08-21 09:50:48 -04:00
Neel Chauhan
eb2b130ad9 If ExitRelay is not specified, emulate the behavior of "ExitRelay 0" 2018-08-20 20:25:23 -04:00
Nick Mathewson
85a8792344 Rewrite test_tortls_cert_matches_key()
Unlike the old test, this test no will no longer mess around with
the forbidden internals of any openssl data structures.

Additionally, it verifies several other behaviors of
tor_tls_cert_matches_key() that we had wanted to verify, such as
the possibility of the certificate's key not matching.

Fixes bug 27226; bugfix on 0.2.5.1-alpha.
2018-08-20 17:43:41 -04:00
Nick Mathewson
c1f476a3d5 Use our x509 wrapper code in tor_tls_cert_matches_key()
This allows us to mock our own tor_tls_get_peer_certificate()
function in order to test ..cert_matches_key(), which will in turn
allow us to simplify test_tortls_cert_matches_key() considerably.

Prep work for the fix for 27226.
2018-08-20 17:42:38 -04:00
Neel Chauhan
aab6aea197 Fix typo in comment for getinfo_helper_current_time() 2018-08-20 11:49:35 -04:00
rl1987
c6a154e7b8 Add changes file 2018-08-19 21:05:17 +03:00
rl1987
5ab2110eb6 Rework predicted_ports_prediction_time_remaining() to fix CID 1438153 2018-08-19 21:03:01 +03:00
cypherpunks
6c0e7a9e1a test/protover: add double-voting test 2018-08-19 02:21:46 +00:00
traumschule
29d62987da doc/tor: add note for IPv6-only hosts (fixes #27204) 2018-08-19 03:19:49 +02:00
rl1987
ed0ee340d4 Refactoring: Move code that creates listener for port into new function 2018-08-18 11:26:38 +03:00
cypherpunks
18416b2cf0 test/protover: add test for whitespace parsing bug 2018-08-17 17:25:24 +00:00
cypherpunks
4f3e6d5027 test/protover: add test for hyphen parsing bug 2018-08-17 17:21:46 +00:00
Nick Mathewson
700f5bcc43 Merge branch 'maint-0.3.3' into maint-0.3.4 2018-08-17 09:38:26 -04:00
Nick Mathewson
e0b8c53f56 Merge branch 'maint-0.3.4' 2018-08-17 09:38:26 -04:00
Nick Mathewson
87aacbfbba Merge remote-tracking branch 'onionk/rust-protospace' into maint-0.3.3 2018-08-17 09:38:08 -04:00
cypherpunks
7b7dd9ae1c rust/protover: don't accept whitespace in ProtoSet::from_str()
It's impossible for spaces to get here, since spaces are used as
separators between individual protocol entries higher up.

And it shouldn't ignore whitespace that isn't a literal space
character, because that would differ from the C implementation.

These were added in 9925d2e687.

Fixes #27177. Bugfix on 0.3.3.5-rc.
2018-08-17 13:34:03 +00:00
Nick Mathewson
ac721bd3b4 Merge branch 'maint-0.3.3' into maint-0.3.4 2018-08-17 09:29:46 -04:00
Nick Mathewson
bedc0b0b8f Merge branch 'maint-0.3.4' 2018-08-17 09:29:46 -04:00
cypherpunks
cc93f175ed rust/protover: fix hyphen parsing bug in ProtoSet::from_str()
It was parsing "1-2-3" as if it were 1-2, ignoring the 2nd hyphen
and everything after.

Introduced in d1820c1516.

Fixes #27164; bugfix on 0.3.3.1-alpha.
2018-08-17 13:27:24 +00:00
Nick Mathewson
042aed3f1d Merge remote-tracking branch 'onionk/rust-docs1' 2018-08-17 09:07:06 -04:00
Unto Sten
ba3c785092 Inform users about configuration file and directory includes
This patch makes it clearer to users what settings Tor daemon
is actually using. I think it is pretty important.
2018-08-17 14:08:59 +03:00
Neel Chauhan
64d9ea1413
In addrs_in_same_network_family(), choose IP subnet size based on IP type 2018-08-17 13:37:51 +10:00
cypherpunks
fc7fed6155 rust/protover: fix docs for UnvalidatedProtoEntry::from_str
This got shuffled around in b786b146ed
and hasn't been accurate since 124caf28e6.
2018-08-17 02:38:23 +00:00
cypherpunks
e65a4fa42c rust/protover: fix parsing docs
The function takes an already validated utf-8 string, and
it never checks if the version numbers are an empty string.
That parse error happens later.

Fix on 701c2b69f5
2018-08-17 02:38:23 +00:00
cypherpunks
7bb658a633 rust/protover: fix ProtoEntry::from_str docs
Texxt was copied from a function that returned a single
tuple in 88b2f170e4.
2018-08-17 02:38:23 +00:00