nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-11 13:43:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
14,589 Commits 53 Branches 630 Tags 125 MiB
9727d21f68
Commit Graph

2023 Commits

Author SHA1 Message Date
Nick Mathewson
9727d21f68 Revert "Detect renegotiation when it actually happens." 
This reverts commit 4fd79f9def.
 2011-12-06 19:49:21 -05:00
Nick Mathewson
e09dd43ab3 Revert "Detect and deny excess renegotiations attempts." 
This reverts commit ecd239e3b5.
 2011-12-06 19:49:21 -05:00
Nick Mathewson
021ff31ba6 Revert "Get rid of tor_tls_block_renegotiation()." 
This reverts commit 340809dd22.
 2011-12-06 19:49:21 -05:00
Nick Mathewson
fa74af0cfa Revert "Also handle needless renegotiations in SSL_write()." 
This reverts commit e2b3527106.
 2011-12-06 19:49:20 -05:00
Nick Mathewson
45c46129ed Revert "Fix issues pointed out by nickm." 
This reverts commit e097bffaed.
 2011-12-06 19:49:20 -05:00
Nick Mathewson
616b60cef3 Revert "Use callback-driven approach to block renegotiations." 
This reverts commit 406ae1ba5a.
 2011-12-06 19:49:20 -05:00
Nick Mathewson
53f535aeb8 Revert "appease check-spaces" 
This reverts commit f77f9bddb8.
 2011-12-06 19:49:20 -05:00
Nick Mathewson
df1f72329a Revert "Refactor tor_event_base_once to do what we actually want" 
This reverts commit 7920ea55b8.
 2011-12-06 19:49:20 -05:00
Nick Mathewson
17880e4c0a Revert "Fix some wide lines in tortls.c" 
This reverts commit e8dde3aabd.
 2011-12-06 19:49:20 -05:00
Nick Mathewson
e83e720c8b Revert "use event_free() wrapper; fix bug 4582" 
This reverts commit 9a88c0cd32.
 2011-12-06 19:49:20 -05:00
Nick Mathewson
acc1806eb8 Revert "Don't schedule excess_renegotiations_callback unless it's set" 
This reverts commit 617617e21a.
 2011-12-06 19:49:20 -05:00
Nick Mathewson
75134c6c86 Revert "indent; add comment" 
This reverts commit 40a87c4c08.
 2011-12-06 19:49:20 -05:00
Nick Mathewson
135a5102a3 Revert "Make pending libevent actions cancelable" 
This reverts commit aba25a6939.
 2011-12-06 19:49:20 -05:00
Nick Mathewson
50fd99d7ef Revert "Set renegotiation callbacks immediately on tls inititation" 
This reverts commit e27a26d568.
 2011-12-06 19:49:19 -05:00
Nick Mathewson
d9edee3a3b Merge remote-tracking branch 'origin/maint-0.2.2' 2011-12-02 16:10:17 -05:00
Nick Mathewson
2b5a035604 tor_accept_socket() should take tor_addr_t for listener arg 
Fixes bug 4535; bugfix on 0.2.2.28-beta; found by "troll_un"
 2011-12-02 16:09:16 -05:00
Nick Mathewson
0920cd02f4 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-12-02 15:38:29 -05:00
Nick Mathewson
b7015603fa Fix bug 4530; check return val of tor_addr_lookup correctly 
Fix on 0.2.1.5-alpha; reported by troll_un
 2011-12-02 15:37:24 -05:00
Sebastian Hahn
95af91565b Work around a false positive in Coverity. 
Fixes cid 501 and 502.
 2011-12-02 06:16:57 +01:00
George Kadianakis
02708b7d80 Free the global DH parameters in crypto_global_cleanup(). 2011-11-30 13:17:47 -05:00
George Kadianakis
a708e85236 Move crypto_global_cleanup() to the bottom of crypto.c. 2011-11-30 13:17:39 -05:00
Nick Mathewson
29db095a35 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-11-30 12:41:08 -05:00
Linus Nordberg
f786307ab7 First chunk of support for bridges on IPv6 
Comments below focus on changes, see diff for added code.

New type tor_addr_port_t holding an IP address and a TCP/UDP port.

New flag in routerinfo_t, ipv6_preferred.  This should go in the
node_t instead but not now.

Replace node_get_addr() with
- node_get_prim_addr() for primary address, i.e. IPv4 for now
- node_get_pref_addr() for preferred address, IPv4 or IPv6.

Rename node_get_addr_ipv4h() node_get_prim_addr_ipv4h() for
consistency.  The primary address will not allways be an IPv4 address.
Same for node_get_orport() -> node_get_prim_orport().

Rewrite node_is_a_configured_bridge() to take all OR ports into account.

Extend argument list to extend_info_from_node and
extend_info_from_router with a flag indicating if we want to use the
routers primary address or the preferred address.  Use the preferred
address in as few situtations as possible for allowing clients to
connect to bridges over IPv6.
 2011-11-30 11:55:45 -05:00
Nick Mathewson
8bb23c7def Merge branch 'bug4587_v2' 2011-11-29 19:15:40 -05:00
Nick Mathewson
e27a26d568 Set renegotiation callbacks immediately on tls inititation 
This way, we can't miss a renegotiation attempt in a v2 handshake,
or miss excess renegotiation attempts.  Partial fix for bug 4587.
 2011-11-29 19:10:19 -05:00
Nick Mathewson
da6c136817 Merge remote-tracking branch 'asn-mytor/bug4548_take2' 2011-11-29 18:30:41 -05:00
Nick Mathewson
aba25a6939 Make pending libevent actions cancelable 
This avoids a dangling pointer issue in the 3412 code, and should
fix bug 4599.
 2011-11-29 17:08:29 -05:00
Nick Mathewson
40a87c4c08 indent; add comment 2011-11-27 09:24:41 -05:00
Nick Mathewson
e665ec6409 Merge remote-tracking branch 'asn/bug4584' 2011-11-27 09:18:55 -05:00
Nick Mathewson
617617e21a Don't schedule excess_renegotiations_callback unless it's set 
Partial fix for bug 4587; reported by "frosty_un".
 2011-11-27 08:21:59 -05:00
George Kadianakis
b42ff6545a Use random bytes as our certificate serial numbers. 
Instead of using time(NULL) in our certificate serial numbers, use
eight random bytes as suggested in proposal 179.
 2011-11-27 08:20:17 +01:00
George Kadianakis
055d6c01ff Write dynamic DH parameters to a file. 
Instead of only writing the dynamic DH prime modulus to a file, write
the whole DH parameters set for forward compatibility. At the moment
we only accept '2' as the group generator.

The DH parameters gets stored in base64-ed DER format to the
'dynamic_dh_params' file.
 2011-11-26 19:29:57 +01:00
George Kadianakis
f28014bf1a Introduce write_bytes_to_new_file(). 
Introduce write_bytes_to_new_file(), a function which writes bytes to
a file only if that file did not exist.
 2011-11-26 18:56:49 +01:00
Nick Mathewson
9a88c0cd32 use event_free() wrapper; fix bug 4582 2011-11-25 19:09:48 -05:00
Nick Mathewson
e8dde3aabd Fix some wide lines in tortls.c 2011-11-25 17:22:46 -05:00
Nick Mathewson
7920ea55b8 Refactor tor_event_base_once to do what we actually want 
This version avoids the timeout system entirely, gives a nicer
interface, and lets us manage allocation explicitly.
 2011-11-25 17:18:54 -05:00
Nick Mathewson
e5f2f10844 Merge remote-tracking branch 'asn/bug4312' 2011-11-25 17:00:47 -05:00
Nick Mathewson
d6c18c5804 Make process_handle_t private and fix some unit tests 
Let's *not* expose more cross-platform-compatibility structures, or
expect code to use them right.

Also, don't fclose() stdout_handle and stdin_handle until we do
tor_process_handle_destroy, or we risk a double-fclose.
 2011-11-25 16:47:25 -05:00
Nick Mathewson
093e6724c7 Merge remote-tracking branch 'asn/bug3472_act2' 2011-11-25 16:00:31 -05:00
Nick Mathewson
cb8059b42d Merge remote-tracking branch 'sebastian/pure_removal' 2011-11-25 14:54:04 -05:00
Sebastian Hahn
75d8ad7320 Purge ATTR_PURE from the code 
We're using it incorrectly in many cases, and it doesn't help as far as
we know.
 2011-11-25 17:57:50 +01:00
George Kadianakis
b31601975b Move DH_GENERATOR to crypto.c. 2011-11-25 17:44:11 +01:00
George Kadianakis
1df6b5a734 Move broken primes to dynamic_dh_modulus.broken. 2011-11-25 17:39:45 +01:00
George Kadianakis
4938bcc06a Do dynamic DH modulus storing in crypto.c. 2011-11-25 17:39:28 +01:00
Nick Mathewson
25c9e3aab9 Merge branch 'more_aes_hackery_rebased' 
Conflicts:
	changes/aes_hackery
 2011-11-25 10:36:13 -05:00
Nick Mathewson
9814019a54 Use openssl's counter mode implementation when we have 1.0.0 or later 
This shaves about 7% off our per-cell AES crypto time for me; the
effect for accelerated AES crypto should be even more, since the AES
calculation itself will make an even smaller portion of the
counter-mode performance.

(We don't want to do this for pre-1.0.0 OpenSSL, since our AES_CTR
implementation was actually faster than OpenSSL's there, by about
10%.)

Fixes issue #4526.
 2011-11-25 10:32:21 -05:00
Nick Mathewson
8143074b3f Use EVP for AES only when hardware accel is present 
Fixes bug 4525, fix on 0.2.3.8-alpha.
 2011-11-25 10:32:00 -05:00
Peter Palfrader
86be8fcf0a Handle build-trees better. 
Properly create git revision and source file sha1sums include files when
building tor not in its source tree but in a dedicated build tree.
 2011-11-24 23:56:01 -05:00
Nick Mathewson
eaa3a379f0 Move disable-debugger-attachment fn to compat where it belongs. Fix whitespace 2011-11-24 23:45:47 -05:00
George Kadianakis
1d1d5ae7f8 Finishing touches. 
- Make check-spaces happy.
- Remove a stray header from crypto.h
 2011-11-25 01:08:31 +01:00