655 Commits

Author	SHA1	Message	Date
Nick Mathewson	accb726db6	Remove a little duplicated code in TAP key expansion ... patch from pfrankw; closes 17587.	2015-11-13 09:46:32 -05:00
Nick Mathewson	3aebeeffa5	Every openssl we support has ERR_remove_thread_state	2015-11-10 10:13:04 -05:00
Nick Mathewson	c32a43a4d2	Move openssl version compatibility defines into a new header.	2015-11-10 10:02:21 -05:00
Yawning Angel	3e3ec750cd	Fix compilation with OpenSSL 1.1.0-dev. ... OpenSSL changed the API: * 5998e29035 * b0700d2c8d	2015-11-06 19:02:56 +00:00
Nick Mathewson	b5aa257d46	Fix "make check-spaces"	2015-10-02 14:33:54 +02:00
Ola Bini	94e5db3dca	Add tests for tortls.c	2015-09-15 17:09:18 +02:00
Nick Mathewson	280672bdbc	Handle negative inputs to crypto_random_time_range(). ... (These inputs are possible when Shadow starts the world at time_t 0, and breaks our assumption that Tor didn't exist in the 1970s.) Fixes regression introduced in 241e6b09. Fixes #16980.	2015-09-08 10:22:01 -04:00
Yawning Angel	af898f5475	Add crypto_rand_unmocked, which is crypto_rand without mocking. ... There is odd issues with calling crypto_rand from our copy of ed25519-donna, due to mocking that are not easily resolved.	2015-08-12 15:57:05 +00:00
Nick Mathewson	347fe449fe	Move formatting functions around. ... The base64 and base32 functions used to be in crypto.c; crypto_format.h had no header; some general-purpose functions were in crypto_curve25519.c. This patch makes a {crypto,util}_format.[ch], and puts more functions there. Small modules are beautiful!	2015-07-31 11:21:34 -04:00
Yawning Angel	840e68d917	Integrate and enable ed25519-donna. ... The runtime sanity checking is slightly different from the optimized basepoint stuff in that it uses a given implementation's self tests if available, and checks if signing/verification works with a test vector from the IETF EdDSA draft. The unit tests include a new testcase that will fuzz donna against ref0, including the blinding and curve25519 key conversion routines. If this is something that should be done at runtime (No?), the code can be stolen from there. Note: Integrating batch verification is not done yet.	2015-07-06 10:11:10 +00:00
Yawning Angel	f079c27761	Integrate the accelerated Curve25519 scalar basemult. ... Integration work scavanged from nickm's `ticket8897_9663_v2` branch, with minor modifications. Tor will still sanity check the output but now also attempts to catch extreme breakage by spot checking the optimized implementation vs known values from the NaCl documentation. Implements feature 9663.	2015-07-06 09:57:23 +00:00
Nick Mathewson	753797391f	More tweaks for windows compilation. (ick)	2015-06-29 13:47:44 -04:00
Nick Mathewson	d9052c629b	Remove checks for visual C 6.	2015-06-29 12:55:03 -04:00
Nick Mathewson	7816ba8f1a	Add assertions to crypto_dh_dup() ... Without these, coverity is annoyed that aren't checking for NULL in bench.c CID 1293335 -- found by coverity.	2015-05-28 12:27:22 -04:00
Nick Mathewson	1b52e95028	Merge branch '12498_ed25519_keys_v6' ... Fixed numerous conflicts, and ported code to use new base64 api.	2015-05-28 11:04:33 -04:00
Nick Mathewson	277c9a3580	Note some functions that should move or be merged	2015-05-28 10:47:47 -04:00
Nick Mathewson	efa21bb941	Implement proposal 228: cross-certification with onion keys ... Routers now use TAP and ntor onion keys to sign their identity keys, and put these signatures in their descriptors. That allows other parties to be confident that the onion keys are indeed controlled by the router that generated the descriptor.	2015-05-28 10:40:57 -04:00
Nick Mathewson	fe5d2477aa	Implement ed25519-signed descriptors ... Now that we have ed25519 keys, we can sign descriptors with them and check those signatures as documented in proposal 220.	2015-05-28 10:40:56 -04:00
Nick Mathewson	0b7bf3585a	Generate error ASAP if building with too-old openssl	2015-05-21 11:54:13 -04:00
Nick Mathewson	ed02a409cf	Merge branch 'bug16034_no_more_openssl_098_squashed' ... Conflicts: src/test/testing_common.c	2015-05-20 15:33:22 -04:00
Nick Mathewson	f8f407d66a	Now that OpenSSL 0.9.8 is dead, crypto_seed_rng() needs no args ... It needed an argument before because it wasn't safe to call RAND_poll() on openssl 0.9.8c if you had already opened more fds than would fit in fd_set.	2015-05-20 15:27:36 -04:00
Nick Mathewson	971f0f8e18	Remove code to support OpenSSL 0.9.8	2015-05-20 15:27:36 -04:00
Yawning Angel	53a347592a	ERR_remove_state() is deprecated since OpenSSL 1.0.0. ... OpenSSL 1.1.0 must be built with "enable-deprecated", and compiled with `OPENSSL_USE_DEPRECATED` for this to work, so instead, use the newer routine as appropriate.	2015-05-13 11:13:07 -04:00
Yawning Angel	915c7438a7	Add "ADD_ONION"/"DEL_ONION" and "GETINFO onions/*" to the controller. ... These commands allow for the creation and management of ephemeral Onion ("Hidden") services that are either bound to the lifetime of the originating control connection, or optionally the lifetime of the tor instance. Implements #6411.	2015-04-28 10:19:08 -04:00
Nick Mathewson	9a81ed1d23	Fix some RNG function issues	2015-04-23 11:13:51 -04:00
Nick Mathewson	c3894473fe	whitespace fixes	2015-04-23 09:36:43 -04:00
Nick Mathewson	241e6b0937	Fix some conversion problems	2015-04-23 09:16:42 -04:00
Nick Mathewson	647b7d37c2	Merge remote-tracking branch 'public/bug15745_027_03'	2015-04-23 09:10:35 -04:00
Nick Mathewson	55118d90ca	Fix some implicit conversion warnings	2015-04-23 09:09:20 -04:00
Yawning Angel	196499da73	Use a custom Base64 encoder with more control over the output format.	2015-04-23 09:06:58 -04:00
Nick Mathewson	6bf31543dc	Make the crypto_rand_int_range return value right-exclusive.	2015-04-21 11:30:21 -04:00
David Goulet	3f41318472	Add crypto_rand_int_range() and use it ... Incidently, this fixes a bug where the maximum value was never used when only using crypto_rand_int(). For instance this example below in rendservice.c never gets to INTRO_POINT_LIFETIME_MAX_SECONDS. int intro_point_lifetime_seconds = INTRO_POINT_LIFETIME_MIN_SECONDS + crypto_rand_int(INTRO_POINT_LIFETIME_MAX_SECONDS - INTRO_POINT_LIFETIME_MIN_SECONDS); Signed-off-by: David Goulet <dgoulet@ev0ke.net>	2015-04-21 11:06:12 -04:00
Yawning Angel	ba2485f7df	Remove USE_OPENSSL_BASE64 and the associated code. ... The alternative has been available since 2007, there's no way to actually enable the ifdef, and it breaks on well formed but not OpenSSL style inputs.	2015-04-10 09:12:47 +00:00
Nick Mathewson	cd8f13b5cb	Merge branch 'bug13736'	2015-04-01 13:46:50 -04:00
Nick Mathewson	baf24bf4d1	Unindent a block in crypto_set_tls_dh_prime	2015-04-01 13:40:37 -04:00
cypherpunks	5176f6f103	Remove relative paths to header files. ... The paths are already in the directory search path of the compiler therefore no need to include them in the source code.	2015-03-14 13:00:05 -04:00
Nick Mathewson	511ca9b91c	Remove DynamicDHGroups as obsoleted by PluggableTransports or P256. ... Closes ticket 13736.	2015-03-14 12:40:55 -04:00
Nick Mathewson	e9caa8645e	Try to work around changes in openssl 1.1.0 ... Prefer not to use a couple of deprecated functions; include more headers in tortls.c This is part of ticket 14188.	2015-01-28 10:00:58 -05:00
Nick Mathewson	f54e54b0b4	Bump copyright dates to 2015, in case someday this matters.	2015-01-02 14:27:39 -05:00
Nick Mathewson	0965bbd5ac	Merge remote-tracking branch 'origin/maint-0.2.5'	2014-12-22 16:02:47 -05:00
Nick Mathewson	6d728ba880	Merge remote-tracking branch 'public/bug14013_024' into maint-0.2.5	2014-12-22 15:58:49 -05:00
Nick Mathewson	47760c7ba5	When decoding a base-{16,32,64} value, clear the target buffer first ... This is a good idea in case the caller stupidly doesn't check the return value from baseX_decode(), and as a workaround for the current inconsistent API of base16_decode. Prevents any fallout from bug 14013.	2014-12-22 12:56:35 -05:00
George Kadianakis	447ece46f5	Constify crypto_pk_get_digest().	2014-12-02 12:15:11 +00:00
rl1987	4b18d8931b	Downgrade RSA signature verification failure error message to info loglevel.	2014-11-09 17:39:23 +02:00
Nick Mathewson	fcdcb377a4	Add another year to our copyright dates. ... Because in 95 years, we or our successors will surely care about enforcing the BSD license terms on this code. Right?	2014-10-28 15:30:16 -04:00
teor	2e1f5c1fc0	Memwipe more keys after tor has finished with them ... Ensure we securely wipe keys from memory after crypto_digest_get_digest and init_curve25519_keypair_from_file have finished using them. Fixes bug 13477.	2014-10-20 03:06:28 +11:00
Nick Mathewson	90bce702ba	Merge remote-tracking branch 'public/bug10816'	2014-10-09 10:57:19 -04:00
Nick Mathewson	42350968a9	Drop check for NTE_BAD_KEYSET error ... Any error when acquiring the CryptoAPI context should get treated as bad. Also, this one can't happen for the arguments we're giving. Fixes bug 10816; bugfix on 0.0.2pre26.	2014-08-29 13:24:29 -04:00
Nick Mathewson	e72a5b3c07	Move secret-to-key functionality into a separate module ... I'm about to add more of these, so we might as well trudge forward.	2014-08-28 12:04:22 -04:00
Nick Mathewson	9b2d8c4e20	Rename secret_to_key to secret_to_key_rfc2440	2014-08-28 11:20:31 -04:00
Nick Mathewson	2bfd92d0d1	Apply coccinelle script to replace malloc(a*b)->calloc(a,b)	2014-08-13 10:39:56 -04:00
Nick Mathewson	58f4200789	Thread support is now required ... Long ago we supported systems where there was no support for threads, or where the threading library was broken. We shouldn't have do that any more: on every OS that matters, threads exist, and the OS supports running threads across multiple CPUs. This resolves tickets 9495 and 12439. It's a prerequisite to making our workqueue code work better, since sensible workqueue implementations don't split across multiple processes.	2014-06-20 10:20:10 -04:00
Nick Mathewson	156eefca45	Make sure everything using an interned string is preceded by a log ... (It's nice to know what we were about to rename before we died from renaming it.)	2014-04-16 22:03:09 -04:00
Nick Mathewson	d5e11f21cc	Fix warnings from doxygen ... Most of these are simple. The only nontrivial part is that our pattern for using ENUM_BF was confusing doxygen by making declarations that didn't look like declarations.	2014-03-25 11:27:43 -04:00
Roger Dingledine	c08b47977e	Never run crypto_early_init() more than once ... Previously we had set up all the infrastructure to avoid calling it after the first time, but didn't actually use it.	2014-03-23 00:38:17 -04:00
Roger Dingledine	d336d407d6	whitespace fix	2014-03-23 00:12:40 -04:00
Karsten Loesing	3ca5fe81e3	Write hashed bridge fingerprint to logs and to disk. ... Implements #10884.	2014-02-28 08:53:13 -05:00
Nick Mathewson	c1e98c8afe	Randomize the global siphash key at startup ... This completes our conversion to using siphash for our hash functions.	2014-02-12 12:12:58 -05:00
Nick Mathewson	d3fb846d8c	Split crypto_global_init() into pre/post config ... It's increasingly apparent that we want to make sure we initialize our PRNG nice and early, or else OpenSSL will do it for us. (OpenSSL doesn't do _too_ bad a job, but it's nice to do it ourselves.) We'll also need this for making sure we initialize the siphash key before we do any hashes.	2014-02-12 12:04:07 -05:00
Florent Daigniere	01132c93fd	Some anti-forensics paranoia... ... sed -i 's/BN_free/BN_clear_free/g'	2014-02-06 16:09:12 -05:00
Florent Daigniere	9d6e805d28	Some anti-forensics paranoia... ... sed -i 's/BN_free/BN_clear_free/g'	2014-02-03 10:44:19 -05:00
Nick Mathewson	85284c33d1	Merge remote-tracking branch 'origin/maint-0.2.4' ... Conflicts: src/common/crypto.c	2013-12-18 22:04:21 -05:00
Nick Mathewson	7b87003957	Never allow OpenSSL engines to replace the RAND_SSLeay method ... This fixes bug 10402, where the rdrand engine would use the rdrand instruction, not as an additional entropy source, but as a replacement for the entire userspace PRNG. That's obviously stupid: even if you don't think that RDRAND is a likely security risk, the right response to an alleged new alleged entropy source is never to throw away all previously used entropy sources. Thanks to coderman and rl1987 for diagnosing and tracking this down.	2013-12-18 11:53:07 -05:00
Nick Mathewson	adf2fa9b49	Fix compilation under openssl 0.9.8 ... It's not nice to talk about NID_aes_{128,256}_{ctr,gcm} when they don't exist. Fix on 84458b79a78ea7e26820bf0; bug not in any released Tor.	2013-11-18 11:25:07 -05:00
Nick Mathewson	84458b79a7	Log more OpenSSL engine statuses at startup. ... Fixes ticket 10043; patch from Joshua Datko.	2013-11-18 11:12:24 -05:00
Nick Mathewson	25a3ae922f	Merge remote-tracking branch 'Ryman/bug6384' ... Conflicts: src/or/config.c src/or/main.c	2013-09-13 12:55:53 -04:00
Nick Mathewson	e0b2cd061b	Merge remote-tracking branch 'ctoader/gsoc-cap-stage2' ... Conflicts: src/common/sandbox.c	2013-09-13 12:31:41 -04:00
Kevin Butler	b539b37205	Fixed leak and added minor documentation for #6384.	2013-09-04 02:56:06 +01:00
Kevin Butler	6e17fa6d7b	Added --library-versions flag to print the compile time and runtime versions of libevent, openssl and zlib. Partially implements #6384.	2013-09-01 17:38:01 +01:00
Nick Mathewson	fd6749203e	More unit tests for handle_client_auth_nonce ... Incidentally, this business here where I make crypto_rand mockable: this is exactly the kind of thing that would make me never want to include test-support stuff in production builds.	2013-08-15 12:03:37 -04:00
Cristian Toader	89b39db003	updated filters to work with orport	2013-08-09 19:07:20 +03:00
Nick Mathewson	a3e0a87d95	Completely refactor how FILENAME_PRIVATE works ... We previously used FILENAME_PRIVATE identifiers mostly for identifiers exposed only to the unit tests... but also for identifiers exposed to the benchmarker, and sometimes for identifiers exposed to a similar module, and occasionally for no really good reason at all. Now, we use FILENAME_PRIVATE identifiers for identifiers shared by Tor and the unit tests. They should be defined static when we aren't building the unit test, and globally visible otherwise. (The STATIC macro will keep us honest here.) For identifiers used only by the unit tests and never by Tor at all, on the other hand, we wrap them in #ifdef TOR_UNIT_TESTS. This is not the motivating use case for the split test/non-test build system; it's just a test example to see how it works, and to take a chance to clean up the code a little.	2013-07-10 15:20:10 -04:00
Nick Mathewson	7f9066ceee	Make OPENSSL_free(dh_string_repr) conditional.	2013-06-10 13:49:13 -04:00
Marek Majkowski	6f1c67195c	Bug #5170 - also simplify i2d_DHparams	2013-06-06 12:13:24 +01:00
Marek Majkowski	2132d036e3	Bug #5170 - i2d_RSAPublicKey supports allocating its own output buffer	2013-06-06 11:45:35 +01:00
Arlo Breault	0ab38b9366	Remove PK_PKCS1_PADDING ... See #8792	2013-05-17 10:11:33 -04:00
Nick Mathewson	da30adcf0f	Merge remote-tracking branch 'origin/maint-0.2.4' ... Conflicts: src/common/crypto.c	2013-04-18 11:16:05 -04:00
Nick Mathewson	9fec0c1a95	Remove a double-newline	2013-04-18 11:14:05 -04:00
Nick Mathewson	8362f8854a	Merge branch 'less_charbuf_rebased' into maint-0.2.4 ... Conflicts: src/or/dirserv.c src/or/dirserv.h src/test/test_dir.c	2013-04-18 11:13:36 -04:00
Nick Mathewson	e1128d905c	Fix a couple of documentation issues.	2013-04-18 11:04:57 -04:00
Nick Mathewson	cb75519bbf	Refactor dirobj signature generation ... Now we can compute the hash and signature of a dirobj before concatenating the smartlist, and we don't need to play silly games with sigbuf and realloc any more.	2013-04-18 11:04:57 -04:00
Nick Mathewson	19d6650f81	Merge remote-tracking branch 'origin/maint-0.2.4'	2013-03-18 15:41:14 -04:00
Nick Mathewson	eff1cfaaf7	Merge remote-tracking branch 'public/bug6673' into maint-0.2.4	2013-03-18 15:40:50 -04:00
Nick Mathewson	b163e801bc	Merge remote-tracking branch 'origin/maint-0.2.4' ... Conflicts: src/or/routerlist.c	2013-03-15 12:20:17 -04:00
Nick Mathewson	fdafe11a25	Give an #error when we want threads and OpenSSL has disabled threads ... Fixes ticket 6673.	2013-03-11 13:23:10 -04:00
Nick Mathewson	55ce9bff54	Remove unused check_fingerprint_syntax	2013-03-01 22:01:26 -05:00
Nick Mathewson	a05dc378e3	Remove unused HMAC-SHA1 function ... (We're not adding any new SHA1 instances in our protocols, so this should never actually be needed.)	2013-03-01 21:59:12 -05:00
Nick Mathewson	a4e9d67292	Remove some functions which were unused except for their tests	2013-02-23 23:38:43 -05:00
Nick Mathewson	365e302f61	Remove a bunch of unused macro definitions	2013-02-23 23:05:25 -05:00
Nick Mathewson	8cdd8b8353	Fix numerous problems with Tor's weak RNG. ... We need a weak RNG in a couple of places where the strong RNG is both needless and too slow. We had been using the weak RNG from our platform's libc implementation, but that was problematic (because many platforms have exceptionally horrible weak RNGs -- like, ones that only return values between 0 and SHORT_MAX) and because we were using it in a way that was wrong for LCG-based weak RNGs. (We were counting on the low bits of the LCG output to be as random as the high ones, which isn't true.) This patch adds a separate type for a weak RNG, adds an LCG implementation for it, and uses that exclusively where we had been using the platform weak RNG.	2013-02-08 16:28:05 -05:00
Nick Mathewson	7301339e33	fix wide lines from tor_log rename	2013-02-01 16:19:02 -05:00
Nick Mathewson	a141430ec3	Rename log() to tor_log() for logging ... This is meant to avoid conflict with the built-in log() function in math.h. It resolves ticket 7599. First reported by dhill. This was generated with the following perl script: #!/usr/bin/perl -w -i -p s/\blog\(LOG_(ERR|WARN|NOTICE|INFO|DEBUG)\s*,\s*/log_\L$1\(/g; s/\blog\(/tor_log\(/g;	2013-02-01 15:43:37 -05:00
Nick Mathewson	e0581a4b57	Replace base-{16,32,64} with base{16,32,64} in the code ... Patch from onizuka generated with find ./ -type f -perm -u+rw -exec sed -ri 's/(Base)-(16|32|64)/\1\2/gi' {} \; Fixes issue 6875 on Tor.	2013-01-17 16:08:28 -05:00
Nick Mathewson	b998431a33	Merge branch '024_msvc_squashed' ... Conflicts: src/or/or.h srcwin32/orconfig.h	2013-01-16 22:32:12 -05:00
Nick Mathewson	5e06c4ee32	When building with MSVC, call every enum bitfield unsigned ... Fixes bug 7305.	2013-01-16 22:29:39 -05:00
Nick Mathewson	4da083db3b	Update the copyright date to 201.	2013-01-16 01:54:56 -05:00
Nick Mathewson	b1bdecd703	Merge branch 'ntor-resquashed' ... Conflicts: src/or/cpuworker.c src/or/or.h src/test/bench.c	2013-01-03 11:52:41 -05:00
Nick Mathewson	25c05cb747	Refactor strong os-RNG into its own function ... Previously, we only used the strong OS entropy source as part of seeding OpenSSL's RNG. But with curve25519, we'll have occasion to want to generate some keys using extremely-good entopy, as well as the means to do so. So let's! This patch refactors the OS-entropy wrapper into its own crypto_strongest_rand() function, and makes our new curve25519_secret_key_generate function try it as appropriate.	2013-01-02 14:11:13 -05:00
Sebastian Hahn	11e8a445c3	Fix a couple of harmless clang3.2 warnings	2012-12-31 18:23:28 +01:00
Nick Mathewson	6921d1fd25	Implement HKDF from RFC5869 ... This is a customizable extract-and-expand HMAC-KDF for deriving keys. It derives from RFC5869, which derives its rationale from Krawczyk, H., "Cryptographic Extraction and Key Derivation: The HKDF Scheme", Proceedings of CRYPTO 2010, 2010, <http://eprint.iacr.org/2010/264>. I'm also renaming the existing KDF, now that Tor has two of them. This is the key derivation scheme specified in ntor. There are also unit tests.	2012-12-06 01:54:09 -05:00
Nick Mathewson	3c3084e165	Add a crypto_dh_dup, for benchmark support	2012-12-06 01:54:09 -05:00
Nick Mathewson	e6828ea634	Refer to RFC 4648 instead of the obsolete RFC 3548 ... Affects comments only. For ticket 6849.	2012-11-23 09:51:35 -05:00
Nick Mathewson	81deddb08c	Merge remote-tracking branch 'origin/maint-0.2.3' ... Conflicts: src/common/crypto.c src/or/rendservice.c	2012-11-08 16:48:04 -05:00
Nick Mathewson	49dd5ef3a3	Add and use and unlikely-to-be-eliminated memwipe() ... Apparently some compilers like to eliminate memset() operations on data that's about to go out-of-scope. I've gone with the safest possible replacement, which might be a bit slow. I don't think this is critical path in any way that will affect performance, but if it is, we can work on that in 0.2.4. Fixes bug 7352.	2012-11-08 16:44:50 -05:00
Nick Mathewson	56c0baa523	Rename all reserved C identifiers we defined ... For everything we declare that starts with _, make it end with _ instead. This is a machine-generated patch. To make it, start by getting the list of reserved identifiers using: git ls-tree -r --name-only HEAD | grep '\.[ch]$' | \ xargs ctags --c-kinds=defglmpstuvx -o - | grep '^_' | \ cut -f 1 | sort| uniq You might need gnu ctags. Then pipe the output through this script: ============================== use strict; BEGIN { print "#!/usr/bin/perl -w -i -p\n\n"; } chomp; next if ( /^__attribute__/ or /^__func__/ or /^_FILE_OFFSET_BITS/ or /^_FORTIFY_SOURCE/ or /^_GNU_SOURCE/ or /^_WIN32/ or /^_DARWIN_UNLIMITED/ or /^_FILE_OFFSET_BITS/ or /^_LARGEFILE64_SOURCE/ or /^_LFS64_LARGEFILE/ or /^__cdecl/ or /^__attribute__/ or /^__func__/ or /^_WIN32_WINNT/); my $ident = $_; my $better = $ident; $better =~ s/^_//; $better = "${better}_"; print "s/(?<![A-Za-z0-9_])$ident(?![A-Za-z0-9_])/$better/g;\n"; ============================== Then run the resulting script on all the files you want to change. (That is, all the C except that in src/ext.) The resulting script was: ============================== s/(?<![A-Za-z0-9_])_address(?![A-Za-z0-9_])/address_/g; s/(?<![A-Za-z0-9_])_aes_fill_buf(?![A-Za-z0-9_])/aes_fill_buf_/g; s/(?<![A-Za-z0-9_])_AllowInvalid(?![A-Za-z0-9_])/AllowInvalid_/g; s/(?<![A-Za-z0-9_])_AP_CONN_STATE_MAX(?![A-Za-z0-9_])/AP_CONN_STATE_MAX_/g; s/(?<![A-Za-z0-9_])_AP_CONN_STATE_MIN(?![A-Za-z0-9_])/AP_CONN_STATE_MIN_/g; s/(?<![A-Za-z0-9_])_assert_cache_ok(?![A-Za-z0-9_])/assert_cache_ok_/g; s/(?<![A-Za-z0-9_])_A_UNKNOWN(?![A-Za-z0-9_])/A_UNKNOWN_/g; s/(?<![A-Za-z0-9_])_base(?![A-Za-z0-9_])/base_/g; s/(?<![A-Za-z0-9_])_BridgePassword_AuthDigest(?![A-Za-z0-9_])/BridgePassword_AuthDigest_/g; s/(?<![A-Za-z0-9_])_buffer_stats_compare_entries(?![A-Za-z0-9_])/buffer_stats_compare_entries_/g; s/(?<![A-Za-z0-9_])_chan_circid_entries_eq(?![A-Za-z0-9_])/chan_circid_entries_eq_/g; s/(?<![A-Za-z0-9_])_chan_circid_entry_hash(?![A-Za-z0-9_])/chan_circid_entry_hash_/g; s/(?<![A-Za-z0-9_])_check_no_tls_errors(?![A-Za-z0-9_])/check_no_tls_errors_/g; s/(?<![A-Za-z0-9_])_c_hist_compare(?![A-Za-z0-9_])/c_hist_compare_/g; s/(?<![A-Za-z0-9_])_circ(?![A-Za-z0-9_])/circ_/g; s/(?<![A-Za-z0-9_])_circuit_get_global_list(?![A-Za-z0-9_])/circuit_get_global_list_/g; s/(?<![A-Za-z0-9_])_circuit_mark_for_close(?![A-Za-z0-9_])/circuit_mark_for_close_/g; s/(?<![A-Za-z0-9_])_CIRCUIT_PURPOSE_C_MAX(?![A-Za-z0-9_])/CIRCUIT_PURPOSE_C_MAX_/g; s/(?<![A-Za-z0-9_])_CIRCUIT_PURPOSE_MAX(?![A-Za-z0-9_])/CIRCUIT_PURPOSE_MAX_/g; s/(?<![A-Za-z0-9_])_CIRCUIT_PURPOSE_MIN(?![A-Za-z0-9_])/CIRCUIT_PURPOSE_MIN_/g; s/(?<![A-Za-z0-9_])_CIRCUIT_PURPOSE_OR_MAX(?![A-Za-z0-9_])/CIRCUIT_PURPOSE_OR_MAX_/g; s/(?<![A-Za-z0-9_])_CIRCUIT_PURPOSE_OR_MIN(?![A-Za-z0-9_])/CIRCUIT_PURPOSE_OR_MIN_/g; s/(?<![A-Za-z0-9_])_cmp_int_strings(?![A-Za-z0-9_])/cmp_int_strings_/g; s/(?<![A-Za-z0-9_])_compare_cached_resolves_by_expiry(?![A-Za-z0-9_])/compare_cached_resolves_by_expiry_/g; s/(?<![A-Za-z0-9_])_compare_digests(?![A-Za-z0-9_])/compare_digests_/g; s/(?<![A-Za-z0-9_])_compare_digests256(?![A-Za-z0-9_])/compare_digests256_/g; s/(?<![A-Za-z0-9_])_compare_dir_src_ents_by_authority_id(?![A-Za-z0-9_])/compare_dir_src_ents_by_authority_id_/g; s/(?<![A-Za-z0-9_])_compare_duration_idx(?![A-Za-z0-9_])/compare_duration_idx_/g; s/(?<![A-Za-z0-9_])_compare_int(?![A-Za-z0-9_])/compare_int_/g; s/(?<![A-Za-z0-9_])_compare_networkstatus_v2_published_on(?![A-Za-z0-9_])/compare_networkstatus_v2_published_on_/g; s/(?<![A-Za-z0-9_])_compare_old_routers_by_identity(?![A-Za-z0-9_])/compare_old_routers_by_identity_/g; s/(?<![A-Za-z0-9_])_compare_orports(?![A-Za-z0-9_])/compare_orports_/g; s/(?<![A-Za-z0-9_])_compare_pairs(?![A-Za-z0-9_])/compare_pairs_/g; s/(?<![A-Za-z0-9_])_compare_routerinfo_by_id_digest(?![A-Za-z0-9_])/compare_routerinfo_by_id_digest_/g; s/(?<![A-Za-z0-9_])_compare_routerinfo_by_ip_and_bw(?![A-Za-z0-9_])/compare_routerinfo_by_ip_and_bw_/g; s/(?<![A-Za-z0-9_])_compare_signed_descriptors_by_age(?![A-Za-z0-9_])/compare_signed_descriptors_by_age_/g; s/(?<![A-Za-z0-9_])_compare_string_ptrs(?![A-Za-z0-9_])/compare_string_ptrs_/g; s/(?<![A-Za-z0-9_])_compare_strings_for_pqueue(?![A-Za-z0-9_])/compare_strings_for_pqueue_/g; s/(?<![A-Za-z0-9_])_compare_strs(?![A-Za-z0-9_])/compare_strs_/g; s/(?<![A-Za-z0-9_])_compare_tor_version_str_ptr(?![A-Za-z0-9_])/compare_tor_version_str_ptr_/g; s/(?<![A-Za-z0-9_])_compare_vote_rs(?![A-Za-z0-9_])/compare_vote_rs_/g; s/(?<![A-Za-z0-9_])_compare_votes_by_authority_id(?![A-Za-z0-9_])/compare_votes_by_authority_id_/g; s/(?<![A-Za-z0-9_])_compare_without_first_ch(?![A-Za-z0-9_])/compare_without_first_ch_/g; s/(?<![A-Za-z0-9_])_connection_free(?![A-Za-z0-9_])/connection_free_/g; s/(?<![A-Za-z0-9_])_connection_mark_and_flush(?![A-Za-z0-9_])/connection_mark_and_flush_/g; s/(?<![A-Za-z0-9_])_connection_mark_for_close(?![A-Za-z0-9_])/connection_mark_for_close_/g; s/(?<![A-Za-z0-9_])_connection_mark_unattached_ap(?![A-Za-z0-9_])/connection_mark_unattached_ap_/g; s/(?<![A-Za-z0-9_])_connection_write_to_buf_impl(?![A-Za-z0-9_])/connection_write_to_buf_impl_/g; s/(?<![A-Za-z0-9_])_ConnLimit(?![A-Za-z0-9_])/ConnLimit_/g; s/(?<![A-Za-z0-9_])_CONN_TYPE_MAX(?![A-Za-z0-9_])/CONN_TYPE_MAX_/g; s/(?<![A-Za-z0-9_])_CONN_TYPE_MIN(?![A-Za-z0-9_])/CONN_TYPE_MIN_/g; s/(?<![A-Za-z0-9_])_CONTROL_CONN_STATE_MAX(?![A-Za-z0-9_])/CONTROL_CONN_STATE_MAX_/g; s/(?<![A-Za-z0-9_])_CONTROL_CONN_STATE_MIN(?![A-Za-z0-9_])/CONTROL_CONN_STATE_MIN_/g; s/(?<![A-Za-z0-9_])_CPUWORKER_STATE_MAX(?![A-Za-z0-9_])/CPUWORKER_STATE_MAX_/g; s/(?<![A-Za-z0-9_])_CPUWORKER_STATE_MIN(?![A-Za-z0-9_])/CPUWORKER_STATE_MIN_/g; s/(?<![A-Za-z0-9_])_crypto_dh_get_dh(?![A-Za-z0-9_])/crypto_dh_get_dh_/g; s/(?<![A-Za-z0-9_])_crypto_global_initialized(?![A-Za-z0-9_])/crypto_global_initialized_/g; s/(?<![A-Za-z0-9_])_crypto_new_pk_from_rsa(?![A-Za-z0-9_])/crypto_new_pk_from_rsa_/g; s/(?<![A-Za-z0-9_])_crypto_pk_get_evp_pkey(?![A-Za-z0-9_])/crypto_pk_get_evp_pkey_/g; s/(?<![A-Za-z0-9_])_crypto_pk_get_rsa(?![A-Za-z0-9_])/crypto_pk_get_rsa_/g; s/(?<![A-Za-z0-9_])_DIR_CONN_STATE_MAX(?![A-Za-z0-9_])/DIR_CONN_STATE_MAX_/g; s/(?<![A-Za-z0-9_])_DIR_CONN_STATE_MIN(?![A-Za-z0-9_])/DIR_CONN_STATE_MIN_/g; s/(?<![A-Za-z0-9_])_DIR_PURPOSE_MAX(?![A-Za-z0-9_])/DIR_PURPOSE_MAX_/g; s/(?<![A-Za-z0-9_])_DIR_PURPOSE_MIN(?![A-Za-z0-9_])/DIR_PURPOSE_MIN_/g; s/(?<![A-Za-z0-9_])_dirreq_map_get(?![A-Za-z0-9_])/dirreq_map_get_/g; s/(?<![A-Za-z0-9_])_dirreq_map_put(?![A-Za-z0-9_])/dirreq_map_put_/g; s/(?<![A-Za-z0-9_])_dns_randfn(?![A-Za-z0-9_])/dns_randfn_/g; s/(?<![A-Za-z0-9_])_dummy(?![A-Za-z0-9_])/dummy_/g; s/(?<![A-Za-z0-9_])_edge(?![A-Za-z0-9_])/edge_/g; s/(?<![A-Za-z0-9_])_END_CIRC_REASON_MAX(?![A-Za-z0-9_])/END_CIRC_REASON_MAX_/g; s/(?<![A-Za-z0-9_])_END_CIRC_REASON_MIN(?![A-Za-z0-9_])/END_CIRC_REASON_MIN_/g; s/(?<![A-Za-z0-9_])_EOF(?![A-Za-z0-9_])/EOF_/g; s/(?<![A-Za-z0-9_])_ERR(?![A-Za-z0-9_])/ERR_/g; s/(?<![A-Za-z0-9_])_escaped_val(?![A-Za-z0-9_])/escaped_val_/g; s/(?<![A-Za-z0-9_])_evdns_log(?![A-Za-z0-9_])/evdns_log_/g; s/(?<![A-Za-z0-9_])_evdns_nameserver_add_impl(?![A-Za-z0-9_])/evdns_nameserver_add_impl_/g; s/(?<![A-Za-z0-9_])_EVENT_MAX(?![A-Za-z0-9_])/EVENT_MAX_/g; s/(?<![A-Za-z0-9_])_EVENT_MIN(?![A-Za-z0-9_])/EVENT_MIN_/g; s/(?<![A-Za-z0-9_])_ExcludeExitNodesUnion(?![A-Za-z0-9_])/ExcludeExitNodesUnion_/g; s/(?<![A-Za-z0-9_])_EXIT_CONN_STATE_MAX(?![A-Za-z0-9_])/EXIT_CONN_STATE_MAX_/g; s/(?<![A-Za-z0-9_])_EXIT_CONN_STATE_MIN(?![A-Za-z0-9_])/EXIT_CONN_STATE_MIN_/g; s/(?<![A-Za-z0-9_])_EXIT_PURPOSE_MAX(?![A-Za-z0-9_])/EXIT_PURPOSE_MAX_/g; s/(?<![A-Za-z0-9_])_EXIT_PURPOSE_MIN(?![A-Za-z0-9_])/EXIT_PURPOSE_MIN_/g; s/(?<![A-Za-z0-9_])_extrainfo_free(?![A-Za-z0-9_])/extrainfo_free_/g; s/(?<![A-Za-z0-9_])_find_by_keyword(?![A-Za-z0-9_])/find_by_keyword_/g; s/(?<![A-Za-z0-9_])_free_cached_dir(?![A-Za-z0-9_])/free_cached_dir_/g; s/(?<![A-Za-z0-9_])_free_cached_resolve(?![A-Za-z0-9_])/free_cached_resolve_/g; s/(?<![A-Za-z0-9_])_free_duplicate_routerstatus_entry(?![A-Za-z0-9_])/free_duplicate_routerstatus_entry_/g; s/(?<![A-Za-z0-9_])_free_link_history(?![A-Za-z0-9_])/free_link_history_/g; s/(?<![A-Za-z0-9_])_geoip_compare_entries(?![A-Za-z0-9_])/geoip_compare_entries_/g; s/(?<![A-Za-z0-9_])_geoip_compare_key_to_entry(?![A-Za-z0-9_])/geoip_compare_key_to_entry_/g; s/(?<![A-Za-z0-9_])_hex_decode_digit(?![A-Za-z0-9_])/hex_decode_digit_/g; s/(?<![A-Za-z0-9_])_idxplus1(?![A-Za-z0-9_])/idxplus1_/g; s/(?<![A-Za-z0-9_])__libc_enable_secure(?![A-Za-z0-9_])/_libc_enable_secure_/g; s/(?<![A-Za-z0-9_])_log_debug(?![A-Za-z0-9_])/log_debug_/g; s/(?<![A-Za-z0-9_])_log_err(?![A-Za-z0-9_])/log_err_/g; s/(?<![A-Za-z0-9_])_log_fn(?![A-Za-z0-9_])/log_fn_/g; s/(?<![A-Za-z0-9_])_log_fn_function_name(?![A-Za-z0-9_])/log_fn_function_name_/g; s/(?<![A-Za-z0-9_])_log_global_min_severity(?![A-Za-z0-9_])/log_global_min_severity_/g; s/(?<![A-Za-z0-9_])_log_info(?![A-Za-z0-9_])/log_info_/g; s/(?<![A-Za-z0-9_])_log_notice(?![A-Za-z0-9_])/log_notice_/g; s/(?<![A-Za-z0-9_])_log_prefix(?![A-Za-z0-9_])/log_prefix_/g; s/(?<![A-Za-z0-9_])_log_warn(?![A-Za-z0-9_])/log_warn_/g; s/(?<![A-Za-z0-9_])_magic(?![A-Za-z0-9_])/magic_/g; s/(?<![A-Za-z0-9_])_MALLOC_LOCK(?![A-Za-z0-9_])/MALLOC_LOCK_/g; s/(?<![A-Za-z0-9_])_MALLOC_LOCK_INIT(?![A-Za-z0-9_])/MALLOC_LOCK_INIT_/g; s/(?<![A-Za-z0-9_])_MALLOC_UNLOCK(?![A-Za-z0-9_])/MALLOC_UNLOCK_/g; s/(?<![A-Za-z0-9_])_microdesc_eq(?![A-Za-z0-9_])/microdesc_eq_/g; s/(?<![A-Za-z0-9_])_microdesc_hash(?![A-Za-z0-9_])/microdesc_hash_/g; s/(?<![A-Za-z0-9_])_MIN_TOR_TLS_ERROR_VAL(?![A-Za-z0-9_])/MIN_TOR_TLS_ERROR_VAL_/g; s/(?<![A-Za-z0-9_])_mm_free(?![A-Za-z0-9_])/mm_free_/g; s/(?<![A-Za-z0-9_])_NIL(?![A-Za-z0-9_])/NIL_/g; s/(?<![A-Za-z0-9_])_n_openssl_mutexes(?![A-Za-z0-9_])/n_openssl_mutexes_/g; s/(?<![A-Za-z0-9_])_openssl_dynlock_create_cb(?![A-Za-z0-9_])/openssl_dynlock_create_cb_/g; s/(?<![A-Za-z0-9_])_openssl_dynlock_destroy_cb(?![A-Za-z0-9_])/openssl_dynlock_destroy_cb_/g; s/(?<![A-Za-z0-9_])_openssl_dynlock_lock_cb(?![A-Za-z0-9_])/openssl_dynlock_lock_cb_/g; s/(?<![A-Za-z0-9_])_openssl_locking_cb(?![A-Za-z0-9_])/openssl_locking_cb_/g; s/(?<![A-Za-z0-9_])_openssl_mutexes(?![A-Za-z0-9_])/openssl_mutexes_/g; s/(?<![A-Za-z0-9_])_option_abbrevs(?![A-Za-z0-9_])/option_abbrevs_/g; s/(?<![A-Za-z0-9_])_option_vars(?![A-Za-z0-9_])/option_vars_/g; s/(?<![A-Za-z0-9_])_OR_CONN_STATE_MAX(?![A-Za-z0-9_])/OR_CONN_STATE_MAX_/g; s/(?<![A-Za-z0-9_])_OR_CONN_STATE_MIN(?![A-Za-z0-9_])/OR_CONN_STATE_MIN_/g; s/(?<![A-Za-z0-9_])_OutboundBindAddressIPv4(?![A-Za-z0-9_])/OutboundBindAddressIPv4_/g; s/(?<![A-Za-z0-9_])_OutboundBindAddressIPv6(?![A-Za-z0-9_])/OutboundBindAddressIPv6_/g; s/(?<![A-Za-z0-9_])_PDS_PREFER_TUNNELED_DIR_CONNS(?![A-Za-z0-9_])/PDS_PREFER_TUNNELED_DIR_CONNS_/g; s/(?<![A-Za-z0-9_])_port(?![A-Za-z0-9_])/port_/g; s/(?<![A-Za-z0-9_])__progname(?![A-Za-z0-9_])/_progname_/g; s/(?<![A-Za-z0-9_])_PublishServerDescriptor(?![A-Za-z0-9_])/PublishServerDescriptor_/g; s/(?<![A-Za-z0-9_])_remove_old_client_helper(?![A-Za-z0-9_])/remove_old_client_helper_/g; s/(?<![A-Za-z0-9_])_rend_cache_entry_free(?![A-Za-z0-9_])/rend_cache_entry_free_/g; s/(?<![A-Za-z0-9_])_routerlist_find_elt(?![A-Za-z0-9_])/routerlist_find_elt_/g; s/(?<![A-Za-z0-9_])_SafeLogging(?![A-Za-z0-9_])/SafeLogging_/g; s/(?<![A-Za-z0-9_])_SHORT_FILE_(?![A-Za-z0-9_])/SHORT_FILE__/g; s/(?<![A-Za-z0-9_])_state_abbrevs(?![A-Za-z0-9_])/state_abbrevs_/g; s/(?<![A-Za-z0-9_])_state_vars(?![A-Za-z0-9_])/state_vars_/g; s/(?<![A-Za-z0-9_])_t(?![A-Za-z0-9_])/t_/g; s/(?<![A-Za-z0-9_])_t32(?![A-Za-z0-9_])/t32_/g; s/(?<![A-Za-z0-9_])_test_op_ip6(?![A-Za-z0-9_])/test_op_ip6_/g; s/(?<![A-Za-z0-9_])_thread1_name(?![A-Za-z0-9_])/thread1_name_/g; s/(?<![A-Za-z0-9_])_thread2_name(?![A-Za-z0-9_])/thread2_name_/g; s/(?<![A-Za-z0-9_])_thread_test_func(?![A-Za-z0-9_])/thread_test_func_/g; s/(?<![A-Za-z0-9_])_thread_test_mutex(?![A-Za-z0-9_])/thread_test_mutex_/g; s/(?<![A-Za-z0-9_])_thread_test_start1(?![A-Za-z0-9_])/thread_test_start1_/g; s/(?<![A-Za-z0-9_])_thread_test_start2(?![A-Za-z0-9_])/thread_test_start2_/g; s/(?<![A-Za-z0-9_])_thread_test_strmap(?![A-Za-z0-9_])/thread_test_strmap_/g; s/(?<![A-Za-z0-9_])_tor_calloc(?![A-Za-z0-9_])/tor_calloc_/g; s/(?<![A-Za-z0-9_])_TOR_CHANNEL_INTERNAL(?![A-Za-z0-9_])/TOR_CHANNEL_INTERNAL_/g; s/(?<![A-Za-z0-9_])_TOR_CIRCUITMUX_EWMA_C(?![A-Za-z0-9_])/TOR_CIRCUITMUX_EWMA_C_/g; s/(?<![A-Za-z0-9_])_tor_free(?![A-Za-z0-9_])/tor_free_/g; s/(?<![A-Za-z0-9_])_tor_malloc(?![A-Za-z0-9_])/tor_malloc_/g; s/(?<![A-Za-z0-9_])_tor_malloc_zero(?![A-Za-z0-9_])/tor_malloc_zero_/g; s/(?<![A-Za-z0-9_])_tor_memdup(?![A-Za-z0-9_])/tor_memdup_/g; s/(?<![A-Za-z0-9_])_tor_realloc(?![A-Za-z0-9_])/tor_realloc_/g; s/(?<![A-Za-z0-9_])_tor_strdup(?![A-Za-z0-9_])/tor_strdup_/g; s/(?<![A-Za-z0-9_])_tor_strndup(?![A-Za-z0-9_])/tor_strndup_/g; s/(?<![A-Za-z0-9_])_TOR_TLS_SYSCALL(?![A-Za-z0-9_])/TOR_TLS_SYSCALL_/g; s/(?<![A-Za-z0-9_])_TOR_TLS_ZERORETURN(?![A-Za-z0-9_])/TOR_TLS_ZERORETURN_/g; s/(?<![A-Za-z0-9_])__USE_ISOC99(?![A-Za-z0-9_])/_USE_ISOC99_/g; s/(?<![A-Za-z0-9_])_UsingTestNetworkDefaults(?![A-Za-z0-9_])/UsingTestNetworkDefaults_/g; s/(?<![A-Za-z0-9_])_val(?![A-Za-z0-9_])/val_/g; s/(?<![A-Za-z0-9_])_void_for_alignment(?![A-Za-z0-9_])/void_for_alignment_/g; ==============================	2012-10-12 12:22:13 -04:00
Andrea Shepard	5543c5b202	Fix formatting in various places after 6465/6816 work	2012-10-10 00:48:36 -07:00
Nick Mathewson	751b3aabb5	Merge remote-tracking branch 'public/openssl_1_is_best'	2012-10-04 12:50:41 -04:00
Robert Ransom	cd884c764b	Fix documentation for crypto_pk_cmp_keys ... Now that crypto_pk_cmp_keys might return the result of tor_memcmp, there is no guarantee that it will only return -1, 0, or 1. (It currently does only return -1, 0, or 1, but that's a lucky accident due to details of the current implementation of tor_memcmp and the particular input given to it.) Fortunately, none of crypto_pk_cmp_keys's callers rely on this behaviour, so changing its documentation is sufficient.	2012-09-17 11:02:53 -04:00
Robert Ransom	62babcaf0a	Implement and use crypto_pk_eq_keys	2012-09-17 11:02:53 -04:00
Robert Ransom	f3916a6855	Make crypto_pk_cmp_keys do something sane for NULL keys ... Fixes bug 4283; bugfix on r76 (Git commit 01aadefbfc).	2012-09-17 11:02:52 -04:00
Nick Mathewson	be68c1fb43	Log a notice if we're running with OpenSSL before 1.0.0. ... These versions have some dubious, slow crypto implementations; 1.0.0 is a great improvement, and at this point is pretty mature.	2012-09-12 19:32:24 -04:00
Nick Mathewson	feabf4148f	Drop support for openssl 0.9.7 ... 097 hasn't seen a new version since 2007; we can drop support too. This lets us remove our built-in sha256 implementation, and some checks for old bugs.	2012-09-12 19:25:58 -04:00
Nick Mathewson	7607ad2bec	Detect openssl header version doesn't match runtime version ... We already do this for libevent; let's do it for openssl too. For now, I'm making it always a warn, since this has caused some problems in the past. Later, we can see about making it less severe.	2012-09-06 11:31:30 -04:00
Nick Mathewson	e3a130a7eb	Don't log about Libevent/OpenSSL initialization when all's well ... OTOH, log the Libevent and OpenSSL versions on the first line when we're starting Tor.	2012-09-06 11:31:22 -04:00
Nick Mathewson	20d6f787aa	Fix "make check-spaces" issues	2012-06-05 00:49:18 -04:00
Nick Mathewson	0fa107a6aa	Update copyright dates to 2012; add a few missing copyright statements	2012-06-04 20:58:17 -04:00
Nick Mathewson	173b18c79b	Add about 60 more DOCDOC comments to 0.2.3 ... Also, try to resolve some doxygen issues. First, define a magic "This is doxygen!" macro so that we take the correct branch in various #if/#else/#endifs in order to get the right documentation. Second, add in a few grouping @{ and @} entries in order to get some variables and fields to get grouped together.	2012-06-04 19:59:08 -04:00
Sebastian Hahn	a5a8296892	Fix clang 3.1 compile warning in crypto.c ... (Tweaked by nickm)	2012-05-30 11:56:43 -04:00
Nick Mathewson	21e3261914	Bump _WIN32_WINNT to 0x0501 throughout the code ... This tells the windows headers to give us definitions that didn't exist before XP -- like the ones that we need for IPv6 support. See bug #5861. We didn't run into this issue with mingw, since mingw doesn't respect _WIN32_WINNT as well as it should for some of its definitions.	2012-05-14 13:46:37 -04:00
Nick Mathewson	9ffccb3f49	Remove all instances of WIN32_WINNT (without leading _) ... We started adding it in 59e2c77824 back in 2004, 8 years and 3 days ago. It's time to deprogram ourselves from this cargo cult.	2012-05-14 13:36:52 -04:00
Nick Mathewson	4db5a1e151	Remove needless check for a buffer that could not be NULL. ... Fixes coverity CID 508: coverity scan doesn't like checking a variable for non-NULL after it has been definitely dereferenced. This should take us back down to zero coverity issues.	2012-04-18 10:38:39 -04:00
Nick Mathewson	ab3197c059	Remove a couple redundant NULL-checks before crypto_cipher_free ... Calling crypto_cipher_free(NULL) is always safe, since (by convention) all of our xyz_free() functions treat xyz_free(NULL) as a no-op. Flagged by coverity scan; fixes CID 508 and 509.	2012-03-30 10:16:58 -04:00
Nick Mathewson	01905a6ef9	Excise PK_NO_PADDING entirely: Unpadded RSA is silly. ... We never use it, so having it around is pointless. Suggested by Sebastian	2012-03-27 22:38:06 -04:00
Nick Mathewson	de0dca0de7	Refactor the API for setting up a block cipher. ... It allows us more flexibility on the backend if the user needs to specify the key and IV at setup time.	2012-03-27 22:37:56 -04:00
Nick Mathewson	00b4784575	Remove support for PK_NO_PADDING in crypto_pk_public_hybrid_encrypt ... We never use it, and it would be a stupid thing if we started using it.	2012-03-27 22:37:55 -04:00
Robert Ransom	cd029f0ca3	Fix crypto_hmac_sha256 documentation comment	2012-02-20 02:47:10 -08:00
Nick Mathewson	5cf9167f91	Use the standard _WIN32, not the Torism MS_WINDOWS or deprecated WIN32 ... This commit is completely mechanical; I used this perl script to make it: #!/usr/bin/perl -w -i.bak -p if (/^\s*\#/) { s/MS_WINDOWS/_WIN32/g; s/\bWIN32\b/_WIN32/g; }	2012-01-31 15:48:47 -05:00
Nick Mathewson	26e789fbfd	Rename nonconformant identifiers. ... Fixes bug 4893. These changes are pure mechanical, and were generated with this perl script: /usr/bin/perl -w -i.bak -p s/crypto_pk_env_t/crypto_pk_t/g; s/crypto_dh_env_t/crypto_dh_t/g; s/crypto_cipher_env_t/crypto_cipher_t/g; s/crypto_digest_env_t/crypto_digest_t/g; s/aes_free_cipher/aes_cipher_free/g; s/crypto_free_cipher_env/crypto_cipher_free/g; s/crypto_free_digest_env/crypto_digest_free/g; s/crypto_free_pk_env/crypto_pk_free/g; s/_crypto_dh_env_get_dh/_crypto_dh_get_dh/g; s/_crypto_new_pk_env_rsa/_crypto_new_pk_from_rsa/g; s/_crypto_pk_env_get_evp_pkey/_crypto_pk_get_evp_pkey/g; s/_crypto_pk_env_get_rsa/_crypto_pk_get_rsa/g; s/crypto_new_cipher_env/crypto_cipher_new/g; s/crypto_new_digest_env/crypto_digest_new/g; s/crypto_new_digest256_env/crypto_digest256_new/g; s/crypto_new_pk_env/crypto_pk_new/g; s/crypto_create_crypto_env/crypto_cipher_new/g; s/connection_create_listener/connection_listener_new/g; s/smartlist_create/smartlist_new/g; s/transport_create/transport_new/g;	2012-01-18 15:53:30 -05:00
Nick Mathewson	73d4dbe103	whitespace and warning fixes for bug4746	2012-01-10 16:53:37 -05:00
Nick Mathewson	7fbf1e225e	Merge remote-tracking branch 'asn-mytor/bug4746'	2012-01-10 16:44:03 -05:00
Nick Mathewson	d29a390733	Test for broken counter-mode at runtime ... To solve bug 4779, we want to avoid OpenSSL 1.0.0's counter mode. But Fedora (and maybe others) lie about the actual OpenSSL version, so we can't trust the header to tell us if it's safe. Instead, let's do a run-time test to see whether it's safe, and if not, use our built-in version. fermenthor contributed a pretty essential fixup to this patch. Thanks!	2012-01-10 11:15:35 -05:00
Nick Mathewson	5741aef3dc	We no longer need to detect openssl without RAND_poll() ... We require openssl 0.9.7 or later, and RAND_poll() was first added in openssl 0.9.6.	2012-01-10 10:40:31 -05:00
Nick Mathewson	85c7d7659e	Add macros to construct openssl version numbers ... It's a pain to convert 0x0090813f to and from 0.9.8s-release on the fly, so these macros should help.	2012-01-10 10:40:30 -05:00
Sebastian Hahn	2367f7e559	Make sure MAX_DNS_LABEL_SIZE is defined ... MAX_DNS_LABEL_SIZE was only defined for old versions of openssl, which broke the build. Spotted by xiando. Fixes bug 4413; not in any released version.	2012-01-10 06:14:35 +01:00
Nick Mathewson	b1ee1a719d	Tweaks for bug4413 fix ... The thing that's limited to 63 bytes is a "label", not a hostname. Docment input constraints and behavior on bogus inputs. Generally it's better to check for overflow-like conditions before than after. In this case, it's not a true overflow, so we're okay, but let's be consistent. pedantic less->fewer in the documentation	2012-01-09 19:14:51 -05:00
Stephen Palmateer	3fadc074ca	Remove (untriggerable) overflow in crypto_random_hostname() ... Fixes bug 4413; bugfix on xxxx. Hostname components cannot be larger than 63 characters. This simple check makes certain randlen cannot overflow rand_bytes_len.	2012-01-09 19:05:05 -05:00
George Kadianakis	d05bc02192	Add an informative header on the 'keys/dynamic_dh_params' file.	2011-12-19 16:06:22 +01:00
Robert Ransom	d688a40a0e	Don't crash on startup of a dormant relay ... If a relay is dormant at startup, it will call init_keys before crypto_set_tls_dh_prime. This is bad. Let's make it not so bad, because someday it *will* happen again.	2011-12-12 11:25:55 -08:00
Sebastian Hahn	95af91565b	Work around a false positive in Coverity. ... Fixes cid 501 and 502.	2011-12-02 06:16:57 +01:00
George Kadianakis	02708b7d80	Free the global DH parameters in crypto_global_cleanup().	2011-11-30 13:17:47 -05:00
George Kadianakis	a708e85236	Move crypto_global_cleanup() to the bottom of crypto.c.	2011-11-30 13:17:39 -05:00
Nick Mathewson	da6c136817	Merge remote-tracking branch 'asn-mytor/bug4548_take2'	2011-11-29 18:30:41 -05:00
George Kadianakis	055d6c01ff	Write dynamic DH parameters to a file. ... Instead of only writing the dynamic DH prime modulus to a file, write the whole DH parameters set for forward compatibility. At the moment we only accept '2' as the group generator. The DH parameters gets stored in base64-ed DER format to the 'dynamic_dh_params' file.	2011-11-26 19:29:57 +01:00
George Kadianakis	b31601975b	Move DH_GENERATOR to crypto.c.	2011-11-25 17:44:11 +01:00
George Kadianakis	1df6b5a734	Move broken primes to dynamic_dh_modulus.broken.	2011-11-25 17:39:45 +01:00
George Kadianakis	4938bcc06a	Do dynamic DH modulus storing in crypto.c.	2011-11-25 17:39:28 +01:00
Nick Mathewson	8143074b3f	Use EVP for AES only when hardware accel is present ... Fixes bug 4525, fix on 0.2.3.8-alpha.	2011-11-25 10:32:00 -05:00
George Kadianakis	1d1d5ae7f8	Finishing touches. ... - Make check-spaces happy. - Remove a stray header from crypto.h	2011-11-25 01:08:31 +01:00
George Kadianakis	7c37a664c1	Rename 'dynamic prime' to 'dynamic DH modulus'.	2011-11-25 01:00:58 +01:00
George Kadianakis	bdeb797a13	Notify the user that her computer is generating numbers.	2011-11-25 00:59:47 +01:00
George Kadianakis	5f3f41c234	Make sure that the stored DH prime is safe to use.	2011-11-25 00:33:40 +01:00
George Kadianakis	94076d9e3b	Move crypto_get_stored_dynamic_prime() to crypto.c	2011-11-24 22:59:01 +01:00
George Kadianakis	2ef68980a7	Move store_dynamic_prime() to crypto.c.	2011-11-24 22:32:10 +01:00
George Kadianakis	cabb8e54c7	Tone down the logging.	2011-11-24 22:14:09 +01:00
George Kadianakis	8a726dd0dd	Implement dynamic prime reading and storing to disk.	2011-11-24 22:13:44 +01:00
George Kadianakis	42bda231ee	Make DynamicPrimes SIGHUP-able. ... Instead of passing the DynamicPrimes configuration option to crypto_global_init(), generate and set a new TLS DH prime when we read the torrc.	2011-11-24 22:13:38 +01:00
George Kadianakis	0e71be5d94	Improve code in the dynamic primes realm.	2011-11-24 22:13:19 +01:00
George Kadianakis	fb38e58d14	Improve logging.	2011-11-24 22:13:00 +01:00
George Kadianakis	1797e0a39e	Make it compile.	2011-11-24 22:12:44 +01:00
George Kadianakis	375e55eaa2	Rename "Rakshasa" to "Dynamic Prime".	2011-11-24 22:09:15 +01:00
George Kadianakis	659381e00d	Introduce the DynamicPrimes configuration option.	2011-11-24 22:09:06 +01:00
George Kadianakis	edec9409e8	Copy/Paste Jake's stuff. ... This commit copies parts of Jake's f3bb6846975193d9a6649c31f94bda47e4014070 commit verbatim to the current master.	2011-11-24 22:06:50 +01:00
Andrea Gelmini	72d4d762c1	Remove some duplicate includes	2011-11-03 10:23:33 -04:00
Nick Mathewson	beb9097bed	Merge remote-tracking branch 'origin/maint-0.2.2'	2011-10-26 11:08:19 -04:00
Nick Mathewson	445f947890	Remove a no-longer-relevant comment	2011-10-10 23:14:17 -04:00
Nick Mathewson	fdbb9cdf74	Add a sha256 hmac function, with tests	2011-10-10 23:14:09 -04:00
Nick Mathewson	dcf69a9e12	New function to get all digests of a public key	2011-10-10 23:14:02 -04:00
Nick Mathewson	246afc1b1b	Make internal error check for unrecognized digest algorithm more robust ... Fixes Coverity CID 479.	2011-10-06 14:13:09 -04:00
Nick Mathewson	44cfa53873	Make WIN32_WINNT defines conditional ... Requested by Gisle Vanem on tor-dev. I'm not quite sure this is the right solution, but it's probably harmless.	2011-07-15 10:03:59 -04:00
Nick Mathewson	8cd5a3c186	Merge remote-tracking branch 'origin/maint-0.2.2'	2011-06-06 16:20:22 -04:00
Nick Mathewson	5afab5ca19	Check maximum properly in crypto_rand_int() ... George Kadianakis notes that if you give crypto_rand_int() a value above INT_MAX, it can return a negative number, which is not what the documentation would imply. The simple solution is to assert that the input is in [1,INT_MAX+1]. If in the future we need a random-value function that can return values up to UINT_MAX, we can add one. Fixes bug 3306; bugfix on 0.2.2pre14.	2011-06-06 16:18:06 -04:00
Nick Mathewson	12f9c91c06	Merge remote-tracking branch 'origin/maint-0.2.2'	2011-06-03 11:36:21 -04:00
Nick Mathewson	bbf2fee8ff	Reject 128-byte keys that are not 1024-bit ... When we added the check for key size, we required that the keys be 128 bytes. But RSA_size (which defers to BN_num_bytes) will return 128 for keys of length 1017..1024. This patch adds a new crypto_pk_num_bits() that returns the actual number of significant bits in the modulus, and uses that to enforce key sizes. Also, credit the original bug3318 in the changes file.	2011-06-03 11:31:19 -04:00
Nick Mathewson	03ccce6d77	Merge remote-tracking branch 'origin/maint-0.2.2'	2011-05-16 14:50:53 -04:00
Nick Mathewson	e908e3a332	Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 ... Fixed trivial conflict due to headers moving into their own .h files from or.h. Conflicts: src/or/or.h	2011-05-16 14:49:55 -04:00
Nick Mathewson	4a22046c86	squash! Add crypto_pk_check_key_public_exponent function ... Rename crypto_pk_check_key_public_exponent to crypto_pk_public_exponent_ok: it's nice to name predicates s.t. you can tell how to interpret true and false.	2011-05-16 14:45:06 -04:00
Robert Ransom	d2629f78a0	Add crypto_pk_check_key_public_exponent function	2011-05-16 14:07:34 -04:00
Nick Mathewson	9fba014e3f	Merge remote-tracking branch 'public/bug3122_memcmp_022' into bug3122_memcmp_023 ... Conflicts in various places, mainly node-related. Resolved them in favor of HEAD, with copying of tor_mem* operations from bug3122_memcmp_022. src/common/Makefile.am src/or/circuitlist.c src/or/connection_edge.c src/or/directory.c src/or/microdesc.c src/or/networkstatus.c src/or/router.c src/or/routerlist.c src/test/test_util.c	2011-05-11 16:39:45 -04:00
Nick Mathewson	44ad734573	Merge remote-tracking branch 'public/3122_memcmp_squashed' into bug3122_memcmp_022 ... Conflicts throughout. All resolved in favor of taking HEAD and adding tor_mem* or fast_mem* ops as appropriate. src/common/Makefile.am src/or/circuitbuild.c src/or/directory.c src/or/dirserv.c src/or/dirvote.c src/or/networkstatus.c src/or/rendclient.c src/or/rendservice.c src/or/router.c src/or/routerlist.c src/or/routerparse.c src/or/test.c	2011-05-11 16:24:29 -04:00
Nick Mathewson	59f9097d5c	Hand-conversion and audit phase of memcmp transition ... Here I looked at the results of the automated conversion and cleaned them up as follows: If there was a tor_memcmp or tor_memeq that was in fact "safe"[*] I changed it to a fast_memcmp or fast_memeq. Otherwise if there was a tor_memcmp that could turn into a tor_memneq or tor_memeq, I converted it. This wants close attention. [*] I'm erring on the side of caution here, and leaving some things as tor_memcmp that could in my opinion use the data-dependent fast_memcmp variant.	2011-05-11 16:12:51 -04:00
Nick Mathewson	db7b2a33ee	Automated conversion of memcmp to tor_memcmp/tor_mem[n]eq ... This commit is _exactly_ the result of perl -i -pe 's/\bmemcmp\(/tor_memcmp\(/g' src/*/*.[ch] perl -i -pe 's/\!\s*tor_memcmp\(/tor_memeq\(/g' src/*/*.[ch] perl -i -pe 's/0\s*==\s*tor_memcmp\(/tor_memeq\(/g' src/*/*.[ch] perl -i -pe 's/0\s*!=\s*tor_memcmp\(/tor_memneq\(/g' src/*/*.[ch] git checkout src/common/di_ops.[ch] git checkout src/or/test.c git checkout src/common/test.h	2011-05-11 16:12:51 -04:00
Nick Mathewson	26456d3354	Merge remote-tracking branch 'origin/maint-0.2.2'	2011-04-27 22:14:54 -04:00
Nick Mathewson	0130e7c9d2	Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 ... Conflicts: src/common/torint.h	2011-04-27 22:14:28 -04:00
Nick Mathewson	43ffd023e9	Make SIZE_T_CEILING unsigned; add a signed SSIZE_T_CEILING ... None of the comparisons were _broken_ previously, but avoiding signed/unsigned comparisons makes everybody happier. Fixes bug2475.	2011-04-26 13:03:58 -04:00
Nick Mathewson	b1b6552251	Merge remote-tracking branch 'origin/maint-0.2.2' ... Conflicts: src/common/crypto.c	2011-03-16 17:16:54 -04:00
Nick Mathewson	3310dd2358	Clean up whitespace	2011-03-16 17:11:30 -04:00
Nick Mathewson	57b954293e	Merge remote-tracking branch 'origin/maint-0.2.2' ... Trivial Conflicts in src/common/crypto.c src/or/main.h src/or/or.h	2011-03-16 17:09:32 -04:00
Nick Mathewson	6617822b84	Doxygen documentation for about 100 things that didn't have any ... About 860 doxygen-less things remain in 0.2.2	2011-03-16 17:05:37 -04:00
Nick Mathewson	50c259d763	Make the DH parameter we use for TLS match the one from Apache's mod_ssl ... Our regular DH parameters that we use for circuit and rendezvous crypto are unchanged. This is yet another small step on the path of protocol fingerprinting resistance. (Backport from 0.2.2's 5ed73e3807)	2011-02-10 15:55:06 -05:00
Nick Mathewson	912b76a1bf	Merge remote branch 'origin/maint-0.2.2'	2011-02-03 13:56:37 -05:00
Nick Mathewson	e80bdfb4a0	Correctly detect BIO_new failures ... This bug was noticed by cypherpunks; fixes bug 2378. Bugfix on svn commit r110.	2011-01-25 18:26:49 -05:00
Nick Mathewson	bfde636aad	Always treat failure to allocate an RSA key as an unrecoverable allocation error	2011-01-25 18:19:09 -05:00
Nick Mathewson	c939c953ae	Remove an unused function in crypto.c	2011-01-25 18:07:02 -05:00
Nick Mathewson	aaa5737a2e	Merge remote branch 'origin/maint-0.2.2'	2011-01-24 17:51:52 -05:00
Nick Mathewson	5ed73e3807	Make the DH parameter we use for TLS match the one from Apache's mod_ssl ... Our regular DH parameters that we use for circuit and rendezvous crypto are unchanged. This is yet another small step on the path of protocol fingerprinting resistance.	2011-01-24 16:50:11 -05:00
Nick Mathewson	07888ed8e4	Merge remote branch 'origin/maint-0.2.2'	2011-01-15 14:17:59 -05:00
Nick Mathewson	a7790d48af	Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2	2011-01-15 14:15:19 -05:00
Nick Mathewson	9b09627edd	Zero out some more key data before freeing it ... Found by cypherpunks; fixes bug 2384.	2011-01-15 14:10:52 -05:00
Nick Mathewson	1758ef51de	Merge remote branch 'origin/maint-0.2.2'	2011-01-15 13:26:02 -05:00
Nick Mathewson	1393985768	Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 ... Conflicts: src/or/routerparse.c src/or/test.c	2011-01-15 13:25:13 -05:00