nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-11 13:43:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
20,445 Commits 53 Branches 630 Tags 125 MiB
8d44ce910d
Commit Graph

3085 Commits

Author SHA1 Message Date
Nick Mathewson
1af67d7f72 Merge remote-tracking branch 'public/bug15205_025' into maint-0.2.6 2015-03-09 19:47:12 -04:00
Nick Mathewson
24c031b1a2 Don't use checked strl{cat,cpy} on OSX. 
There is a bug in the overlap-checking in strlcat that can crash Tor
servers.  Fixes bug 15205; this is an OSX bug, not a Tor bug.
 2015-03-09 15:09:49 -04:00
Nick Mathewson
4ced3b59aa Merge remote-tracking branch 'origin/maint-0.2.6' 2015-03-04 15:19:43 +01:00
Nick Mathewson
de2c5ad815 Revert "Missing dependencies; fixes 15127." 
This reverts commit 930ab95e1f.
 2015-03-04 15:18:33 +01:00
Nick Mathewson
55e1fe874d Merge remote-tracking branch 'origin/maint-0.2.6' 2015-03-04 12:20:01 +01:00
Nick Mathewson
c5c4ea2db0 Merge remote-tracking branch 'public/bug15088_025' into maint-0.2.6 2015-03-04 12:19:28 +01:00
Nick Mathewson
d5b2cbea10 Add wait4 to the seccomp2 sandbox allowable syscall list 
fixes bug 15088. patch from sanic.
 2015-03-04 12:18:10 +01:00
Nick Mathewson
6a8550fa3c Merge remote-tracking branch 'origin/maint-0.2.6' 2015-03-04 12:15:10 +01:00
Nick Mathewson
5ad47aafab Merge remote-tracking branch 'public/bug15127_025' into maint-0.2.6 2015-03-04 12:14:17 +01:00
Nick Mathewson
930ab95e1f Missing dependencies; fixes 15127. 2015-03-04 12:09:33 +01:00
Andrea Shepard
d97f43dc8b Fix formatting 2015-03-02 10:24:58 +00:00
Nick Mathewson
0dde4d6fa2 Merge remote-tracking branch 'yawning/bug14922' 2015-02-25 08:56:34 -05:00
Nick Mathewson
a9720b90f8 Fix whitespace from tor_x509_cert rename 2015-02-24 12:03:11 -05:00
Nick Mathewson
f253aef14f Mechanical rename: tor_cert_t -> tor_x509_cert_t 2015-02-24 12:03:10 -05:00
Nick Mathewson
d74a78c58a Merge branch 'bug14950_logs_squashed' 2015-02-23 13:04:03 -05:00
Nick Mathewson
21ac0cd2af Let AF_UNIX connections through the sandbox 
Fixes bug 15003; bugfix on 0.2.6.3-alpha.
 2015-02-23 12:35:20 -05:00
Nick Mathewson
7a1a0a4cd7 Merge remote-tracking branch 'public/bug14988_025' 2015-02-23 11:33:07 -05:00
Nick Mathewson
aeb38bbdce add another unused-var marker in backtrace.c for 14988 2015-02-23 11:32:04 -05:00
Nick Mathewson
8a9d86bf05 Merge remote-tracking branch 'public/bug11454_11457' 2015-02-20 01:08:12 -05:00
Nick Mathewson
251f6cfcd8 Quiet "caching debian-tor for debian-tor" notice 2015-02-19 12:30:34 -05:00
Yawning Angel
cbd26157c5 Remove tor_strclear(), and replace previous calls with memwipe(). 2015-02-17 18:53:33 +00:00
Nick Mathewson
0b46b08225 Check thread count for negative; realloc->reallocarray 
CID 1268069
 2015-02-17 08:46:11 -05:00
Nick Mathewson
5d2a23397a Fix a few coverity "Use after NULL check" warnings 
Also remove the unit test mocks that allowed get_options() to be
NULL; that's an invariant violation for get_options().
 2015-02-16 15:40:15 -05:00
Nick Mathewson
7117959199 Fix deadcode warning in get_interface_addresses_raw(). 
CID  1268070
 2015-02-16 15:28:36 -05:00
Nick Mathewson
2af7bc5b46 Fix a trivial double-close in address.c. CID 1268071 2015-02-16 15:24:13 -05:00
Sebastian Hahn
424edd5710 Don't leak a cond var when starting threads in a pool 2015-02-15 11:21:54 +01:00
Nick Mathewson
5644d92dd7 Merge remote-tracking branch 'sebastian/bug14875' 2015-02-12 14:50:13 -05:00
Sebastian Hahn
c8ce973dc7 Avoid undefined behaviour in ifreq_to_smartlist 
This could trigger where _SIZEOF_ADDR_IFREQ() might not return a
multiple of sizeof(void *). Fixes bug 14875; not in any released version
of Tor.
 2015-02-12 14:56:47 +01:00
Sebastian Hahn
87a95b0236 Actually get all interface addresses 
If we guessed a buffer size too small, we never increased the buffer and
tried again

Also simplify the interface of ifreq_to_smartlist a little
 2015-02-12 14:54:39 +01:00
Nick Mathewson
99e915dbfe Merge remote-tracking branch 'public/bug14759' 2015-02-11 15:15:24 -05:00
Nick Mathewson
f5f6d13e4c Fix crash on glibc __libc_message() 
__libc_message() tries to open /dev/tty with O_RDWR, but the sandbox
catches that and calls it a crash.  Instead, I'm making the sandbox
setenv LIBC_FATAL_STDERR_, so that glibc uses stderr instead.

Fix for 14759, bugfix on 0.2.5.1-alpha
 2015-02-11 09:46:29 -05:00
Nick Mathewson
6f331645c7 Remove mempools and buf freelists 
They have been off-by-default since 0.2.5 and nobody has complained. :)

Also remove the buf_shrink() function, which hasn't done anything
since we first stopped using contiguous memory to store buffers.

Closes ticket 14848.
 2015-02-11 09:03:50 -05:00
Nick Mathewson
5c820def99 Merge remote-tracking branch 'sysrqb/bug14802_025' 2015-02-09 22:39:55 -08:00
Matthew Finkel
9ae321db66 Return 0 when detecting the amount of memory fails 
Fixes bug 14802;  bugfix on 0.2.5.4-alpha.
 2015-02-09 02:06:18 +00:00
Sebastian Hahn
6d8b614729 Avoid logging startup messages twice 2015-02-06 21:34:21 +01:00
Nick Mathewson
3f993dacc1 use ARRAY_LENGTH macro in domain_to_string 2015-02-05 11:01:13 -05:00
Yawning Angel
b330bdec8e Add a string representation for LD_SCHED, and a extra sanity check. 
This both fixes the problem, and ensures that forgetting to update
domain_list in the future will trigger the bug codepath instead of
a NULL pointer deref.
 2015-02-05 15:46:27 +00:00
Nick Mathewson
5c807f30e4 Add more parenthesis to the definition of ARRAY_LENGTH 2015-02-02 14:14:35 -05:00
Nick Mathewson
69deab8b2a Merge remote-tracking branch 'public/bug13319' 2015-02-02 10:25:25 -05:00
Nick Mathewson
e78b7e2776 Merge remote-tracking branch 'public/14188_part1' 2015-02-02 10:15:26 -05:00
David Goulet
2c41f12048 Fix: check r < 0 before checking errno 
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
 2015-01-30 15:18:40 -05:00
David Goulet
51f793e37e Fix possible infinite loop on pipe/sock_drain() 
If the returned value of read/recv is 0 (meaning EOF), we'll end up in an
infinite loop (active wait) until something is written on the pipe which is
not really what we want here especially because those functions are called
from the main thread.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
 2015-01-30 15:05:18 -05:00
Nick Mathewson
fac8d40886 Merge remote-tracking branch 'public/prop227_v2' 
Conflicts:
	src/test/test_dir.c
 2015-01-30 07:36:55 -05:00
Arthur Edelstein
cb714d896c Bug #8405: Report SOCKS username/password in CIRC status events 
Introduces two new circuit status name-value parameters: SOCKS_USERNAME
and SOCKS_PASSWORD. Values are enclosing in quotes and unusual characters
are escaped.

Example:

    650 CIRC 5 EXTENDED [...] SOCKS_USERNAME="my_username" SOCKS_PASSWORD="my_password"
 2015-01-28 12:02:15 -05:00
Nick Mathewson
e9caa8645e Try to work around changes in openssl 1.1.0 
Prefer not to use a couple of deprecated functions; include more
headers in tortls.c

This is part of  ticket 14188.
 2015-01-28 10:00:58 -05:00
Nick Mathewson
420037dcef Merge branch 'if_addr_refactoring_squashed' 
Conflicts:
	src/test/include.am
	src/test/test.c
 2015-01-23 10:13:37 -05:00
rl1987
3966145dff Refactor code that looks up addresses from interfaces 
Now the code has separate implementation and examination functions,
uses smartlists sanely, and has relatively decent test coverage.
 2015-01-23 10:07:17 -05:00
Nick Mathewson
4a6b43bf76 fix some warnings in compat_threads.c 2015-01-22 14:22:39 -05:00
Nick Mathewson
1fb9979eb8 Move a redundant _GNU_SOURCE to where it is not redundant 2015-01-22 14:18:10 -05:00
Nick Mathewson
38b3f9a619 use the correct free fn. spotted by dgoulet 2015-01-21 14:54:38 -05:00
Nick Mathewson
23fc1691b6 Merge branch 'better_workqueue_v3_squashed' 2015-01-21 14:47:16 -05:00
David Goulet
d684dbb0c7 Support monotonic time for pthread_cond_timedwait 
This is to avoid that the pthread_cond_timedwait() is not affected by time
adjustment which could make the waiting period very long or very short which
is not what we want in any cases.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
 2015-01-21 14:29:12 -05:00
Nick Mathewson
3c8dabf69a Fix up some workqueue/threading issues spotted by dgoulet. 2015-01-21 12:26:41 -05:00
Nick Mathewson
ac5b70c700 handle EINTR in compat_*threads.c 2015-01-21 12:18:11 -05:00
Nick Mathewson
746bb55851 Ignore warning for redundant decl in openssl/srtp.h 
Backports some commits from tor master.
 2015-01-15 12:38:08 -05:00
Nick Mathewson
a52e549124 Update workqueue implementation to use a single queue for the work 
Previously I used one queue per worker; now I use one queue for
everyone.  The "broadcast" code is gone, replaced with an idempotent
'update' operation.
 2015-01-15 11:05:22 -05:00
George Kadianakis
45bc5a0743 Restrict sample values of the Laplace distribution to int64_t. 
This helps avoid undefined behavior from casting big double values to
int64_t. Fixes #14090.
 2015-01-15 14:43:58 +00:00
Nick Mathewson
051ad788e0 Incorporate some comments based on notes from dgoulet 2015-01-14 11:31:14 -05:00
Nick Mathewson
1e896214e7 Refactor cpuworker to use workqueue/threadpool code. 2015-01-14 11:23:34 -05:00
Nick Mathewson
cc6529e9bb Fix check-spaces 2015-01-14 11:19:35 -05:00
Nick Mathewson
e5f8c772f4 Test and fix workqueue_entry_cancel(). 2015-01-14 11:17:46 -05:00
Nick Mathewson
e47a90a976 "Recursive" locks, not "reentrant" locks. Duh. 2015-01-14 11:12:40 -05:00
Nick Mathewson
d69717f61b Use correct (absolute) time for pthread_cond_timedwait 2015-01-14 11:09:52 -05:00
Nick Mathewson
9fdc0d0594 Fix windows compilation of condition code 2015-01-14 11:09:51 -05:00
Nick Mathewson
d850ec8574 Fix linux compilation (pipe2 needs _GNU_SOURCE) 2015-01-14 11:09:51 -05:00
Nick Mathewson
c51f7c23e3 Test a little more of compat_threads.c 2015-01-14 11:05:56 -05:00
Nick Mathewson
3868b5d210 Rename mutex_for_cond -> mutex_nonreentrant 
We'll want to use these for other stuff too.
 2015-01-14 11:05:56 -05:00
Nick Mathewson
b2db3fb462 Documentation for new workqueue and condition and locking stuff 2015-01-14 11:05:54 -05:00
Nick Mathewson
4abbf13f99 Add a way to tell all threads to do something. 2015-01-14 11:01:21 -05:00
Nick Mathewson
51bc0e7f3d Isolate the "socketpair or a pipe" logic for alerting main thread 
This way we can use the linux eventfd extension where available.
Using EVFILT_USER on the BSDs will be a teeny bit trickier, and will
require libevent hacking.
 2015-01-14 11:01:19 -05:00
Nick Mathewson
c7eebe237d Make pending work cancellable. 2015-01-14 10:56:27 -05:00
Nick Mathewson
a82604b526 Initial workqueue implemention, with a simple test. 
It seems to be working, but more tuning is needed.
 2015-01-14 10:56:24 -05:00
Nick Mathewson
6c9363310a Specialize handling for mutexes allocated for condition variables 
(These must not be reentrant mutexes with pthreads.)
 2015-01-14 10:52:56 -05:00
Nick Mathewson
65016304d2 Add tor_cond_init/uninit 2015-01-14 10:49:59 -05:00
Nick Mathewson
e865248156 Add a timeout to tor_cond_wait; add tor_cond impl from libevent 
The windows code may need some tweaks for it to compile; I've not
tested it yet.
 2015-01-14 10:47:39 -05:00
Nick Mathewson
c2f0d52b7f Split threading-related code out of compat.c 
Also, re-enable the #if'd out condition-variable code.

Work queues are going to make us hack on all of this stuff a bit more
closely, so it might not be a terrible idea to make it easier to hack.
 2015-01-14 10:41:53 -05:00
Nick Mathewson
d8b7dcca8d Merge remote-tracking branch 'andrea/ticket12585_v3' 2015-01-13 12:50:55 -05:00
Nick Mathewson
2edfdc02a2 Merge remote-tracking branch 'teor/bug13111-empty-key-files-fn-empty' 2015-01-12 14:06:14 -05:00
Anthony G. Basile
8df35a0c88 src/common/compat_libevent.h: include testsupport.h 
When tor is configured with --enable-bufferevents, the build fails
because compat_libevent.h makes use of the macro MOCK_DECL() which
is defined in testsupport.h, but not included.  We add the include.
 2015-01-12 01:03:47 -05:00
Nick Mathewson
b2663298e9 Fix tortls.c build with GCC<4.6 
apparantly, "pragma GCC diagnostic push/pop" don't exist with older versions.

Fixes bug in 740e592790f570c446cbb5e6d4a77f842f75; bug not in any
released Tor.
 2015-01-10 17:31:48 -05:00
Nick Mathewson
740e592790 Ignore warning for redundant decl in openssl/srtp.h 2015-01-10 16:06:25 -05:00
Nick Mathewson
53ecfba284 Merge remote-tracking branch 'teor/fix-typos' 2015-01-10 16:00:12 -05:00
Nick Mathewson
ddfdeb5659 More documentation for proposal 227 work 2015-01-10 15:44:32 -05:00
Nick Mathewson
c83d838146 Implement proposal 227-vote-on-package-fingerprints.txt 
This implementation includes tests and a little documentation.
 2015-01-10 15:09:07 -05:00
teor
f8ffb57bc4 Merge branch 'master' of https://git.torproject.org/tor into bug13111-empty-key-files-fn-empty 
Conflicts:
  src/or/connection_edge.c
Merged in favour of origin.
 2015-01-10 17:20:06 +11:00
teor
c200ab46b8 Merge branch 'bug14001-clang-warning' into bug13111-empty-key-files-fn-empty 
Conflicts:
  src/or/router.c
Choose newer comment.
Merge changes to comment and function invocation.
 2015-01-10 16:34:10 +11:00
teor
5ac26cb7c7 Fix a minor misspelling in util.c 2015-01-10 15:52:55 +11:00
Nick Mathewson
69df16e376 Rewrite the logic for deciding when to drop old/superseded certificates 
Fixes bug 11454, where we would keep around a superseded descriptor
if the descriptor replacing it wasn't at least a week later.  Bugfix
on 0.2.1.8-alpha.

Fixes bug 11457, where a certificate with a publication time in the
future could make us discard existing (and subsequent!) certificates
with correct publication times.  Bugfix on 0.2.0.3-alpha.
 2015-01-09 10:28:59 -05:00
Jacob Appelbaum
8d59ddf3cb Commit second draft of Jake's SOCKS5-over-AF_UNIX patch. See ticket #12585. 
Signed-off-by: Andrea Shepard <andrea@torproject.org>
 2015-01-07 17:42:57 +00:00
Nick Mathewson
1abd526c75 Merge remote-tracking branch 'public/bug12985_025' 2015-01-07 11:55:50 -05:00
Nick Mathewson
cb54cd6745 Merge branch 'bug9286_v3_squashed' 2015-01-07 10:06:50 -05:00
Nick Mathewson
7984fc1531 Stop accepting milliseconds in various directory contexts 
Have clients and authorities both have new behavior, since the
fix for bug 11243 has gone in.  But make clients still accept
accept old bogus HSDir descriptors, to avoid fingerprinting trickery.

Fixes bug 9286.
 2015-01-07 10:05:55 -05:00
Nick Mathewson
cf2ac8e255 Merge remote-tracking branch 'public/feature11791' 2015-01-06 13:52:54 -05:00
Nick Mathewson
f54e54b0b4 Bump copyright dates to 2015, in case someday this matters. 2015-01-02 14:27:39 -05:00
Nick Mathewson
6e689aed75 Fix a memory leak in tor-resolve 
Resolves bug 14050
 2014-12-30 12:35:01 -05:00
Nick Mathewson
b3b840443d Remove a logically dead check to please coverity 2014-12-30 12:10:30 -05:00
Nick Mathewson
d7ecdd645a Wipe all of the target space in tor_addr_{to,from}_sockaddr() 
Otherwise we risk a subsequent memdup or memcpy copying
uninitialized RAM into some other place that might eventually expose
it.  Let's make sure that doesn't happen.

Closes ticket 14041
 2014-12-29 10:06:12 -05:00
Nick Mathewson
e85f0c650c Merge branch 'resolvemyaddr_squashed' 2014-12-29 10:00:34 -05:00
rl1987
28217b969e Adding comprehensive test cases for resolve_my_address. 
Also, improve comments on resolve_my_address to explain what it
actually does.
 2014-12-29 09:59:47 -05:00
rl1987
a56511e594 Fix a few comments 2014-12-29 09:59:14 -05:00
Nick Mathewson
d151a069e9 tweak whitespace; log bad socket family if bug occurs 2014-12-23 10:53:40 -05:00
Francisco Blas Izquierdo Riera (klondike)
cca6ed80bf Add the transparent proxy getsockopt to the sandbox 
When receiving a trasnsparently proxied request with tor using iptables tor
dies because the appropriate getsockopt calls aren't enabled on the sandbox.

This patch fixes this by adding the two getsockopt calls used when doing
transparent proxying with tor to the sandbox for the getsockopt policy.

This patch is released under the same license as the original file as
long as the author is credited.

Signed-off-by: Francisco Blas Izquierdo Riera (klondike) <klondike@gentoo.org>
 2014-12-23 10:51:36 -05:00
Nick Mathewson
0965bbd5ac Merge remote-tracking branch 'origin/maint-0.2.5' 2014-12-22 16:02:47 -05:00
Nick Mathewson
6d728ba880 Merge remote-tracking branch 'public/bug14013_024' into maint-0.2.5 2014-12-22 15:58:49 -05:00
Nick Mathewson
47760c7ba5 When decoding a base-{16,32,64} value, clear the target buffer first 
This is a good idea in case the caller stupidly doesn't check the
return value from baseX_decode(), and as a workaround for the
current inconsistent API of base16_decode.

Prevents any fallout from bug 14013.
 2014-12-22 12:56:35 -05:00
teor
e40591827e Make log bufer 10k, not 9.78k. 2014-12-21 13:36:06 -05:00
teor
769fc5af09 Fix a comment in tor_addr_parse 2014-12-21 13:35:42 -05:00
teor
6a9cae2e1d Fix clang warning, IPv6 address comment, buffer size typo 
The address of an array in the middle of a structure will
always be non-NULL. clang recognises this and complains.
Disable the tautologous and redundant check to silence
this warning.

A comment about an IPv6 address string incorrectly refers
to an IPv4 address format.

A log buffer is sized 10024 rather than 10240.

Fixes bug 14001.
 2014-12-20 22:20:54 +11:00
Nick Mathewson
357191a095 Define an int64_min when it is missing 2014-12-19 14:12:22 -05:00
Karsten Loesing
7cd53b75c1 Add better support to obfuscate statistics. 2014-12-10 11:16:26 +01:00
George Kadianakis
447ece46f5 Constify crypto_pk_get_digest(). 2014-12-02 12:15:11 +00:00
Nick Mathewson
a28df3fb67 Merge remote-tracking branch 'andrea/cmux_refactor_configurable_threshold' 
Conflicts:
	src/or/or.h
	src/test/Makefile.nmake
 2014-11-27 22:39:46 -05:00
Nick Mathewson
734ba5cb0a Use smaller zlib objects when under memory pressure 
We add a compression level argument to tor_zlib_new, and use it to
determine how much memory to allocate for the zlib object.  We use the
existing level by default, but shift to smaller levels for small
requests when we have been over 3/4 of our memory usage in the past
half-hour.

Closes ticket 11791.
 2014-11-17 11:43:50 -05:00
Nick Mathewson
9b11dc3617 Merge remote-tracking branch 'public/bug7484' 
Conflicts:
	src/test/test_addr.c
 2014-11-12 13:44:57 -05:00
Nick Mathewson
a3dafd3f58 Replace operators used as macro arguments with OP_XX macros 
Part of fix for 13172
 2014-11-12 13:28:07 -05:00
Nick Mathewson
2170171d84 Merge branch 'ticket13172' 2014-11-12 13:25:17 -05:00
rl1987
4b18d8931b Downgrade RSA signature verification failure error message to info loglevel. 2014-11-09 17:39:23 +02:00
teor
fd7e9e9030 Stop failing when key files are zero-length 
Instead, generate new keys, and overwrite the empty key files.
Adds FN_EMPTY to file_status_t and file_status.
Fixes bug 13111.

Related changes due to review of FN_FILE usage:
Stop generating a fresh .old RSA key file when the .old file is missing.
Avoid overwriting .old key files with empty key files.
Skip loading zero-length extra info store, router store, stats, state,
and key files.
 2014-11-08 20:31:20 +11:00
teor
ce7fd6e160 Stop crashing when a NULL filename is passed to file_status() 
Stop crashing when a NULL filename is passed to file_status(),
instead, return FN_ERROR.
Also return FN_ERROR when a zero-length filename is passed to file_status().
Fixed as part of bug 13111.
 2014-11-08 20:26:53 +11:00
Nick Mathewson
00f5909876 Define macros meaning <,>,==,!=,<=,>= 
This lets us avoid putting operators directly in macro arguments,
and thus will help us unconfuse coccinelle.

For ticket 13172.
 2014-11-06 11:21:13 -05:00
Nick Mathewson
8f645befba 11291: Fix warnings, add changes file, rename 'mask'. 2014-11-05 14:12:18 -05:00
Nick Mathewson
4df419a4b1 Merge remote-tracking branch 'meejah/ticket-11291-extra-utests' 
Conflicts:
	src/or/config.c
 2014-11-05 14:11:47 -05:00
Nick Mathewson
60c86a3b79 Merge branch 'bug13315_squashed' 
Conflicts:
	src/or/buffers.c
 2014-11-04 00:48:25 -05:00
Nick Mathewson
74cbd8d559 fix indentation 2014-11-04 00:46:32 -05:00
Nick Mathewson
254ab5a8de Use correct argument types for inet_pton. 
(I blame whoever decided that using a void* for a union was a good
idea.)
 2014-11-04 00:45:14 -05:00
rl1987
0da4ddda4f Checking if FQDN is actually IPv6 address string and handling that case. 2014-11-04 00:37:24 -05:00
rl1987
2f1068e68a Adding helper function that checks if string is a valid IPv6 address. 2014-11-04 00:37:21 -05:00
rl1987
e8e45ff13e Introducing helper function to validate IPv4 address strings. 2014-11-04 00:36:37 -05:00
rl1987
1ea9a6fd72 Introducing helper function to validate DNS name strings. 2014-11-04 00:35:43 -05:00
Nick Mathewson
5bcf952261 Check more thoroughly for unlogged OpenSSL errors 2014-11-02 13:04:44 -05:00
Nick Mathewson
a142fc29af Use tor_malloc_zero(x), not tor_calloc(x,sizeof(char)) 
(Also, fixes a wide line.)
 2014-11-02 12:08:51 -05:00
Nick Mathewson
bbd8d07167 Apply new calloc coccinelle patch 2014-11-02 11:56:02 -05:00
Nick Mathewson
ded33cb2c7 Use the | trick to save a comparison in our calloc check. 2014-11-02 11:54:42 -05:00
Nick Mathewson
0d8abf5365 Switch to a < comparison for our calloc check; explain how it works 2014-11-02 11:54:42 -05:00
Mansour Moufid
81b452d245 Document the calloc function overflow check. 2014-11-02 11:54:42 -05:00
Mansour Moufid
06b1ef7b76 Remove a duplicate comment. 2014-11-02 11:54:42 -05:00
Mansour Moufid
3206dbdce1 Refactor the tor_reallocarray_ overflow check. 2014-11-02 11:54:42 -05:00
Mansour Moufid
aff6fa0b59 Refactor the tor_calloc_ overflow check. 2014-11-02 11:54:41 -05:00
Nick Mathewson
542b470164 Refactor {str,digest}map into a common implementation; add digest256map 
Needed for #13399.
 2014-10-31 10:54:12 -04:00
teor
13298d90a9 Silence spurious clang warnings 
Silence clang warnings under --enable-expensive-hardening, including:
  + implicit truncation of 64 bit values to 32 bit;
  + const char assignment to self;
  + tautological compare; and
  + additional parentheses around equality tests. (gcc uses these to
    silence assignment, so clang warns when they're present in an
    equality test. But we need to use extra parentheses in macros to
    isolate them from other code).
 2014-10-30 22:34:46 +11:00
Nick Mathewson
fcdcb377a4 Add another year to our copyright dates. 
Because in 95 years, we or our successors will surely care about
enforcing the BSD license terms on this code.  Right?
 2014-10-28 15:30:16 -04:00
Sebastian Hahn
909aa51b3f Remove configure option to disable curve25519 
By now, support in the network is widespread and it's time to require
more modern crypto on all Tor instances, whether they're clients or
servers. By doing this early in 0.2.6, we can be sure that at some point
all clients will have reasonable support.
 2014-10-27 14:41:19 +01:00
teor
c9d0967dd9 Fix minor typos, two line lengths, and a repeated include 2014-10-23 02:57:11 +11:00
Nick Mathewson
653221e807 Merge remote-tracking branch 'public/bug11824_v2' 2014-10-22 11:01:50 -04:00
Nick Mathewson
8e4daa7bb0 Merge remote-tracking branch 'public/ticket6938' 
Conflicts:
	src/tools/tor-resolve.c
 2014-10-22 10:14:03 -04:00
Nick Mathewson
3826a88fc0 Merge remote-tracking branch 'teor/bug13476-improve-time-handling' 2014-10-21 13:14:27 -04:00
Nick Mathewson
e3d166b7a6 Merge remote-tracking branch 'teor/memwipe-more-keys' 2014-10-20 11:12:51 -04:00
Nick Mathewson
affa251c83 Use a macro to indicate "The ecdhe group we use by default". 
This might make Coverity happier about the if statement where we
have a default case that's the same as one of the other cases. CID 1248515
 2014-10-20 09:08:42 -04:00
teor
2e1f5c1fc0 Memwipe more keys after tor has finished with them 
Ensure we securely wipe keys from memory after
crypto_digest_get_digest and init_curve25519_keypair_from_file
have finished using them.

Fixes bug 13477.
 2014-10-20 03:06:28 +11:00
teor
d7b13543e2 Clamp (some) years supplied by the system to 1 CE 
Clamp year values returned by system localtime(_r) and
gmtime(_r) to year 1. This ensures tor can read any
values it might write out.

Fixes bug 13476.
 2014-10-20 02:47:31 +11:00