Commit Graph

22269 Commits

Author SHA1 Message Date
Nick Mathewson
5e5d4c99c1 Remove from master all changes files scheduled for 0.2.8.3
These won't go in the 0.2.9.1-alpha changelog, since 0.2.8.3 will
come out first.

Generated automatically with findMergedChanges.pl
2016-05-17 11:24:36 -04:00
Nick Mathewson
6382cd93cb Merge branch 'maint-0.2.8' 2016-05-17 11:10:20 -04:00
Nick Mathewson
d6a2fec05e Merge branch 'bug18616-v4-merged_028' into maint-0.2.8 2016-05-17 11:09:54 -04:00
Nick Mathewson
49c83dd21a Merge branch 'maint-0.2.8' 2016-05-17 11:06:52 -04:00
Nick Mathewson
ff5eb7fc62 Fix remaining lintChanges warnings. 2016-05-17 11:06:41 -04:00
Nick Mathewson
e0fb75c349 Resolve lintChanges warnings. 2016-05-17 11:05:57 -04:00
Nick Mathewson
548d14247e Merge remote-tracking branch 'arma/bug18616-v4' into maint-0.2.8 2016-05-17 10:48:12 -04:00
Roger Dingledine
06031b441e touchups and refactorings on bug 18616 branch
no behavior changes
2016-05-16 17:43:47 -04:00
Nick Mathewson
0f9b0b8bfe Initialize networking _before_ initializing libevent in the tests
This prevents WSANOTINITIALISED errors and fixes bug 18668. Bugfix
on 0.2.8.1-alpha -- 1bac468882 specifically.
2016-05-16 14:30:04 -04:00
David Goulet
50ff24e276 dirauth: don't use hardcoded length when parsing digests
When parsing detached signature, we make sure that we use the length of the
digest algorithm instead of an hardcoded DIGEST256_LEN in order to avoid
comparing bytes out of bound with a smaller digest length such as SHA1.

Fixes #19066

Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-05-16 11:18:51 -04:00
Nick Mathewson
249f3a1664 Fix memory leak in test_crypto_aes_ctr_testvec 2016-05-16 09:55:09 -04:00
Nick Mathewson
d9080f5d3a Check linking of hardening options, give better warnings if it fails.
Previously we'd only check whether the hardening options succeeded
at the compile step. Now we'll try to link with them too, and tell
the user in advance if something seems likely to go wrong.

Closes ticket 18895.
2016-05-16 09:37:27 -04:00
Nick Mathewson
9abd7b8f90 Windows lacks truncate(3).
Fix the new crypto tests, which used truncate(3).
2016-05-16 09:25:19 -04:00
Nick Mathewson
5dbb0bdae9 Merge branch 'maint-0.2.8' 2016-05-16 08:33:53 -04:00
Nick Mathewson
6cc3397e26 Merge remote-tracking branch 'teor/fallback-script' into maint-0.2.8 2016-05-16 08:33:17 -04:00
Nick Mathewson
060e0d0a75 Merge branch 'crypto_unit_tests_v2_squashed' 2016-05-16 08:26:11 -04:00
Nick Mathewson
62c5a1fa45 Mark even more crypto lines (the fragile_assert ones) as unreachable 2016-05-16 08:26:00 -04:00
Nick Mathewson
b688945dfb Refactor digest allocation backend code
I'm doing this to simplify crypto_digest_smartlist_prefix, and make
it better covered by our tests.
2016-05-16 08:26:00 -04:00
Nick Mathewson
365d0fcc6d Cover all our DH code, and/or mark it unreachable. 2016-05-16 08:26:00 -04:00
Nick Mathewson
94b34d1be6 At long last, unit tests for degenerate DH public keys.
Apparently, we detect and reject them correctly. Aren't you glad?
2016-05-16 08:26:00 -04:00
Nick Mathewson
98a590577a Treat absent argument to crypto_log_errors as a bug. 2016-05-16 08:26:00 -04:00
Nick Mathewson
d88656ec06 Slight improvements to DH coverage. 2016-05-16 08:25:59 -04:00
Nick Mathewson
c395334879 Mark some unreachable lines in crypto.c 2016-05-16 08:25:59 -04:00
Nick Mathewson
7a5f15b6e0 Improve test coverage of our strongest-rng code. 2016-05-16 08:25:59 -04:00
Nick Mathewson
148f0004e1 Test coverage on ed25519 load/store functions. 2016-05-16 08:25:59 -04:00
Nick Mathewson
ec81329339 Do not leak the 'tag' when trying to read a truncated ed25519 key file
Fix for bug 18956.
2016-05-16 08:25:59 -04:00
Nick Mathewson
5b91e70a4f Mark unreachable lines in crypto_ed25519.c 2016-05-16 08:25:59 -04:00
Nick Mathewson
8a536be705 Mark unreachable lines in crypto_curve25519.c
Also, resolve a bug in test_ntor_cl.c
2016-05-16 08:25:53 -04:00
Nick Mathewson
820b1984ad Mark three lines unreachable, with extensive docs and use of BUG macros 2016-05-16 08:25:53 -04:00
Nick Mathewson
df3a5e0cad HKDF-SHA256 test vectors from RFC5869 2016-05-16 08:25:53 -04:00
Nick Mathewson
7bc9d1e002 Merge branch 'maint-0.2.8' 2016-05-12 15:33:56 -04:00
Nick Mathewson
e8cc9f3edf Merge branch 'maint-0.2.7' into maint-0.2.8 2016-05-12 15:33:47 -04:00
Nick Mathewson
4165b1a0da Merge branch 'bug18977_026_v2' into maint-0.2.7 2016-05-12 15:33:35 -04:00
Nick Mathewson
44cbd00dfa Fix a compiler warning on windows when sizeof(long)==sizeof(int) 2016-05-12 14:51:38 -04:00
Nick Mathewson
20b01cece8 Merge branch 'bug18977_024_v2' into bug18977_026_v2
Had conflicts related to other correct_tm bugs in 0.2.6.  Added wday
for another case.
2016-05-12 14:39:06 -04:00
Nick Mathewson
e57f26c135 Have correct_tm set tm_wday as well.
The tm_wday field had been left uninitialized, which was causing
some assertions to fail on Windows unit tests.

Fixes bug 18977.
2016-05-12 14:37:27 -04:00
Nick Mathewson
6bc052365a Use a much less clever scan_signed no-overflow hack 2016-05-12 14:33:26 -04:00
Nick Mathewson
a7207329a8 Run tor_sscanf test in subprocess, in hopes of coaxing more info from jenkins 2016-05-12 13:37:05 -04:00
Nick Mathewson
445e05a015 Fix inconsistent tab/space mixing in include.am files.
This is a whitespace only, cosmetic fix.

There is still some inconsistency between lists, but less
inconsistency inside individual lists.
2016-05-12 13:06:58 -04:00
Nick Mathewson
607a9056d4 Merge branch 'ftrapv_v3'
There were some conflicts here, and some breakage to fix concerning
library link order in newer targets.
2016-05-12 13:00:45 -04:00
Nick Mathewson
fb999abea6 Document why we build memwipe that way. 2016-05-12 12:56:47 -04:00
Nick Mathewson
a3615a988e Prefer builtin true. 2016-05-12 12:54:15 -04:00
Nick Mathewson
b1dce55b82 Do not apply bugtrapping flags to test-memwipe, since testing memwipe requires bugs.
Fixes bug 18901.
2016-05-12 11:22:10 -04:00
Nick Mathewson
ef01109932 Rename SOURCES to SRC for things in include.am 2016-05-12 11:21:28 -04:00
Nick Mathewson
e40cfc4425 Move the ctime part of choose_array_element_by_weight into di_ops
This way it gets the ctime options.
2016-05-12 11:21:28 -04:00
Nick Mathewson
20432fc541 Refactor out u64_dbl_t
This type saved a tiny amount of allocation, but not enough to be
worth keeping.

(This is in preparation for moving choose_array_element_by_weight)
2016-05-12 11:21:28 -04:00
Nick Mathewson
ce854a8d22 Add -ftrapv to gcc-hardening ... mostly!
We know there are overflows in curve25519-donna-c32, so we'll have
to have that one be fwrapv.

Only apply the asan, ubsan, and trapv options to the code that does
not need to run in constant time.  Those options introduce branches
to the code they instrument.

(These introduced branches should never actually be taken, so it
might _still_ be constant time after all, but branch predictors are
complicated enough that I'm not really confident here. Let's aim for
safety.)

Closes 17983.
2016-05-12 11:21:28 -04:00
Nick Mathewson
58e0e587a6 Merge branch 'maint-0.2.8' 2016-05-12 11:09:40 -04:00
Nick Mathewson
ce6f2d1c4d Merge remote-tracking branch 'arma/bug19003-try2' into maint-0.2.8 2016-05-12 11:09:33 -04:00
Nick Mathewson
f936f186b2 Use tor_queue.h, not sys/queue.h, in timeouts.[ch].
Closes 19041.
2016-05-12 10:10:59 -04:00