Commit Graph

311 Commits

Author SHA1 Message Date
Nick Mathewson
e80bdfb4a0 Correctly detect BIO_new failures
This bug was noticed by cypherpunks; fixes bug 2378.

Bugfix on svn commit r110.
2011-01-25 18:26:49 -05:00
Nick Mathewson
bfde636aad Always treat failure to allocate an RSA key as an unrecoverable allocation error 2011-01-25 18:19:09 -05:00
Nick Mathewson
c939c953ae Remove an unused function in crypto.c 2011-01-25 18:07:02 -05:00
Nick Mathewson
5ed73e3807 Make the DH parameter we use for TLS match the one from Apache's mod_ssl
Our regular DH parameters that we use for circuit and rendezvous
crypto are unchanged.  This is yet another small step on the path of
protocol fingerprinting resistance.
2011-01-24 16:50:11 -05:00
Nick Mathewson
a7790d48af Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-01-15 14:15:19 -05:00
Nick Mathewson
9b09627edd Zero out some more key data before freeing it
Found by cypherpunks; fixes bug 2384.
2011-01-15 14:10:52 -05:00
Nick Mathewson
1393985768 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2
Conflicts:
	src/or/routerparse.c
	src/or/test.c
2011-01-15 13:25:13 -05:00
Nick Mathewson
b97b0efec8 Merge branch 'bug2352_obsize' into maint-0.2.1 2011-01-15 13:15:06 -05:00
Nick Mathewson
ed87738ede Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2
Conflicts:
	src/or/config.c
	src/or/networkstatus.c
	src/or/rendcommon.c
	src/or/routerparse.c
	src/or/test.c
2011-01-15 12:02:55 -05:00
Nick Mathewson
115782bdbe Fix a heap overflow found by debuger, and make it harder to make that mistake again
Our public key functions assumed that they were always writing into a
large enough buffer.  In one case, they weren't.

(Incorporates fixes from sebastian)
2011-01-15 11:49:25 -05:00
Nick Mathewson
729f404efe Add logic in routerparse to not read overlong private keys
I am not at all sure that it is possible to trigger a bug here,
but better safe than sorry.
2011-01-10 12:07:34 -05:00
Nick Mathewson
240fa42aac Fix size_t vs unsigned comparison too 2011-01-05 12:49:02 -05:00
Nick Mathewson
0222228d64 Fix up size and sign issues in base32 code
Fixes bug 2331.
2011-01-03 16:16:53 -05:00
Nick Mathewson
bb5f99d4df Merge remote branch 'sebastian/bug2314' into maint-0.2.2 2011-01-03 12:47:14 -05:00
Nick Mathewson
f1de329e78 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2
Conflicts:
	src/common/test.h
	src/or/test.c
2011-01-03 11:51:17 -05:00
Nick Mathewson
1a07348a50 Bump copyright statements to 2011 2011-01-03 11:50:39 -05:00
Sebastian Hahn
9ecf133686 Fix compile wanrings revealed by gcc 4.5 on mingw 2010-12-27 09:47:41 +01:00
Nick Mathewson
b5e293afe6 Merge remote branch fix_security_bug_021 into fix_security_bug_022
Conflicts:
	src/common/memarea.c
	src/or/or.h
	src/or/rendclient.c
2010-12-15 22:48:23 -05:00
Nick Mathewson
785086cfba Have all of our allocation functions and a few others check for underflow
It's all too easy in C to convert an unsigned value to a signed one,
which will (on all modern computers) give you a huge signed value.  If
you have a size_t value of size greater than SSIZE_T_MAX, that is way
likelier to be an underflow than it is to be an actual request for
more than 2gb of memory in one go.  (There's nothing in Tor that
should be trying to allocate >2gb chunks.)
2010-12-13 18:40:21 -05:00
Nick Mathewson
89e97bdf94 Add wrappers function for libc random()
On windows, it's called something different.
2010-11-29 16:00:47 -05:00
Sebastian Hahn
213139f887 Properly refcount client_identity_key
In a2bb0bf we started using a separate client identity key. When we are
in "public server mode" (that means not a bridge) we will use the same
key. Reusing the key without doing the proper refcounting leads to a
segfault on cleanup during shutdown. Fix that.

Also introduce an assert that triggers if our refcount falls below 0.
That should never happen.
2010-10-26 18:22:04 +02:00
Nick Mathewson
14bc4dcc22 Rename log.h to torlog.h
This should make us conflict less with system files named "log.h".
Yes, we shouldn't have been conflicting with those anyway, but some
people's compilers act very oddly.

The actual change was done with one "git mv", by editing
Makefile.am, and running
   find . -name '*.[ch]' | xargs perl -i -pe 'if (/^#include.*\Wlog.h/) {s/log.h/torlog.h/; }'
2010-07-09 22:05:38 -04:00
Nick Mathewson
485cab869d Merge remote branch 'public/rand_double2' 2010-06-29 18:57:59 -04:00
Nick Mathewson
b111a7cd9c Make cbt_generate_sample use crypto_rand_double()
Possible workaround for bug 1139, if anybody cares.
2010-06-25 21:33:22 -04:00
Nick Mathewson
8e1bf98f4a Log an error if openssl fails to copy a key for us
This should never happen unless openssl is buggy or some of our
assumptions are deeply wrong, but one of those might have been the
cause of the not-yet-reproducible bug 1209.  If it ever happens again,
let's get some info we can use.
2010-06-22 22:20:52 -04:00
Nick Mathewson
006e2e8620 Add a function to return a double in range [0,1). 2010-06-22 21:30:26 -04:00
Nick Mathewson
b006e3279f Merge remote branch 'origin/maint-0.2.1'
Conflicts:
	src/common/test.h
	src/or/test.c
2010-02-27 17:16:31 -05:00
Nick Mathewson
c3e63483b2 Update Tor Project copyright years 2010-02-27 17:14:21 -05:00
Nick Mathewson
616cbb31c7 Merge commit 'origin/maint-0.2.1' 2009-12-15 17:11:40 -05:00
Nick Mathewson
1c87a27574 Fix bug 1173: remove an assert(unsigned >= 0). 2009-12-15 15:51:59 -05:00
Nick Mathewson
9e6225ae16 Merge commit 'sebastian/coverity' 2009-12-12 02:10:19 -05:00
Sebastian Hahn
3807db001d *_free functions now accept NULL
Some *_free functions threw asserts when passed NULL. Now all of them
accept NULL as input and perform no action when called that way.

This gains us consistence for our free functions, and allows some
code simplifications where an explicit null check is no longer necessary.
2009-12-12 03:29:44 +01:00
Sebastian Hahn
70abd843fd crypto_cipher_set_key cannot fail
In 5e4d53d535 we made it so that
crypto_cipher_set_key cannot fail. The call will now
always succeed, to returning a boolean for success/failure makes
no sense.
2009-10-27 04:31:23 +01:00
Nick Mathewson
5e4d53d535 Remove checks for array existence. (CID 410..415)
In C, the code "char x[10]; if (x) {...}" always takes the true branch of
the if statement.  Coverity notices this now.

In some cases, we were testing arrays to make sure that an operation
we wanted to do would suceed.  Those cases are now always-true.

In some cases, we were testing arrays to see if something was _set_.
Those caes are now tests for strlen(s), or tests for
!tor_mem_is_zero(d,len).
2009-10-26 22:40:41 -04:00
Karsten Loesing
d2b4b49ff0 Reduce log level for someone else sending us weak DH keys.
See task 1114. The most plausible explanation for someone sending us weak
DH keys is that they experiment with their Tor code or implement a new Tor
client. Usually, we don't care about such events, especially not on warn
level. If we really care about someone not following the Tor protocol, we
can set ProtocolWarnings to 1.
2009-10-25 23:47:05 -07:00
Nick Mathewson
200c39b66c Document the microdescriptor code better. 2009-10-18 18:46:12 -04:00
Nick Mathewson
5576a3a094 Parse detached signature documents with multiple flavors and algorithms. 2009-10-15 15:17:13 -04:00
Nick Mathewson
3b2fc659a8 Refactor consensus signature storage for multiple digests and flavors.
This patch introduces a new type called document_signature_t to represent the
signature of a consensus document.  Now, each consensus document can have up
to one document signature per voter per digest algorithm.  Also, each
detached-signatures document can have up to one signature per <voter,
algorithm, flavor>.
2009-10-15 15:17:13 -04:00
Nick Mathewson
8d41e6c471 Support for encoding and decoding 256-bit digests in base64 2009-10-15 15:17:12 -04:00
Nick Mathewson
cfba9c01bf Alter keygen function to generate keys of different lengths. 2009-09-29 00:53:25 -04:00
Nathan Freitas
76d26ae52d Disable OpenSSL engines when building for Android.
Apparently the Android developers dumped OpenSSL's support for hardware
acceleration in order to save some memory, so you can't build programs using
engines on Android.

[Patch revised by nickm]
2009-09-29 00:53:10 -04:00
Nathan Freitas
8c585cce39 Include util.h and log.h as relative paths.
This shouldn't be necessary, but apparently the Android cross-compiler
doesn't respect -I as well as it should.  (-I is supposed to add to the
*front* of the search path.  Android's gcc wrapper apparently likes to add to
the end.  This is broken, but we need to work around it.)
2009-09-29 00:52:52 -04:00
Nick Mathewson
5da3b45fdc Make crypto_digest_get_digest nondestructive again.
Fixes bug in f57883a39.
2009-08-20 12:03:32 -04:00
Nick Mathewson
d0c212995a Add a SHA256 implementation for platforms that lack it.
(This would be everywhere running OpenSSL 0.9.7x and earlier, including
all current Macintosh users.)

The code is based on Tom St Denis's LibTomCrypt implementation,
modified to be way less general and use Tor's existing facilities.  I
picked this one because it was pretty fast and pretty free, and
because Python uses it too.
2009-08-20 01:47:13 -04:00
Nick Mathewson
f57883a39e Add basic support for SHA256.
This adds an openssl 0.9.8 dependency.  Let's see if anybody cares.
2009-08-19 19:43:54 -04:00
Nick Mathewson
e84ddead34 Merge branch 'hardware_accel_improvements' 2009-05-31 13:36:50 -04:00
Nick Mathewson
260de44313 Fixes to spelling fixes. Thanks, Roger! 2009-05-28 12:22:48 -04:00
Nick Mathewson
ec7e054668 Spell-check Tor. 2009-05-27 17:55:51 -04:00
Martin Peck
7703b887f5 Add support for dynamic OpenSSL hardware crypto acceleration engines. 2009-05-23 16:42:44 -07:00
Karsten Loesing
9b32e8c141 Update copyright to 2009. 2009-05-04 11:28:27 -04:00