nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-11 21:53:48 +01:00
Code Issues Packages Projects Releases Wiki Activity
11,156 Commits 53 Branches 630 Tags 125 MiB
987190c2bc
Commit Graph

276 Commits

Author SHA1 Message Date
Robert Ransom
d2629f78a0 Add crypto_pk_check_key_public_exponent function 2011-05-16 14:07:34 -04:00
Nick Mathewson
59f9097d5c Hand-conversion and audit phase of memcmp transition 
Here I looked at the results of the automated conversion and cleaned
them up as follows:

   If there was a tor_memcmp or tor_memeq that was in fact "safe"[*] I
   changed it to a fast_memcmp or fast_memeq.

   Otherwise if there was a tor_memcmp that could turn into a
   tor_memneq or tor_memeq, I converted it.

This wants close attention.

[*] I'm erring on the side of caution here, and leaving some things
as tor_memcmp that could in my opinion use the data-dependent
fast_memcmp variant.
 2011-05-11 16:12:51 -04:00
Nick Mathewson
db7b2a33ee Automated conversion of memcmp to tor_memcmp/tor_mem[n]eq 
This commit is _exactly_ the result of

perl -i -pe 's/\bmemcmp\(/tor_memcmp\(/g' src/*/*.[ch]
perl -i -pe 's/\!\s*tor_memcmp\(/tor_memeq\(/g' src/*/*.[ch]
perl -i -pe 's/0\s*==\s*tor_memcmp\(/tor_memeq\(/g' src/*/*.[ch]
perl -i -pe 's/0\s*!=\s*tor_memcmp\(/tor_memneq\(/g' src/*/*.[ch]
git checkout src/common/di_ops.[ch]
git checkout src/or/test.c
git checkout src/common/test.h
 2011-05-11 16:12:51 -04:00
Nick Mathewson
43ffd023e9 Make SIZE_T_CEILING unsigned; add a signed SSIZE_T_CEILING 
None of the comparisons were _broken_ previously, but avoiding
signed/unsigned comparisons makes everybody happier.

Fixes bug2475.
 2011-04-26 13:03:58 -04:00
Nick Mathewson
50c259d763 Make the DH parameter we use for TLS match the one from Apache's mod_ssl 
Our regular DH parameters that we use for circuit and rendezvous
crypto are unchanged.  This is yet another small step on the path of
protocol fingerprinting resistance.

(Backport from 0.2.2's 5ed73e3807)
 2011-02-10 15:55:06 -05:00
Nick Mathewson
9b09627edd Zero out some more key data before freeing it 
Found by cypherpunks; fixes bug 2384.
 2011-01-15 14:10:52 -05:00
Nick Mathewson
b97b0efec8 Merge branch 'bug2352_obsize' into maint-0.2.1 2011-01-15 13:15:06 -05:00
Nick Mathewson
115782bdbe Fix a heap overflow found by debuger, and make it harder to make that mistake again 
Our public key functions assumed that they were always writing into a
large enough buffer.  In one case, they weren't.

(Incorporates fixes from sebastian)
 2011-01-15 11:49:25 -05:00
Nick Mathewson
729f404efe Add logic in routerparse to not read overlong private keys 
I am not at all sure that it is possible to trigger a bug here,
but better safe than sorry.
 2011-01-10 12:07:34 -05:00
Nick Mathewson
1a07348a50 Bump copyright statements to 2011 2011-01-03 11:50:39 -05:00
Nick Mathewson
785086cfba Have all of our allocation functions and a few others check for underflow 
It's all too easy in C to convert an unsigned value to a signed one,
which will (on all modern computers) give you a huge signed value.  If
you have a size_t value of size greater than SSIZE_T_MAX, that is way
likelier to be an underflow than it is to be an actual request for
more than 2gb of memory in one go.  (There's nothing in Tor that
should be trying to allocate >2gb chunks.)
 2010-12-13 18:40:21 -05:00
Nick Mathewson
c3e63483b2 Update Tor Project copyright years 2010-02-27 17:14:21 -05:00
Nick Mathewson
1c87a27574 Fix bug 1173: remove an assert(unsigned >= 0). 2009-12-15 15:51:59 -05:00
Nick Mathewson
260de44313 Fixes to spelling fixes. Thanks, Roger! 2009-05-28 12:22:48 -04:00
Nick Mathewson
ec7e054668 Spell-check Tor. 2009-05-27 17:55:51 -04:00
Karsten Loesing
9b32e8c141 Update copyright to 2009. 2009-05-04 11:28:27 -04:00
Nick Mathewson
8ebceeb352 Make sure that even in the weird fiddly paths that lead to init_keys, 
crypto_global_init gets called.  Also have it be crypto_global_init
that calls crypto_seed_rng, so we are not dependent on OpenSSL's
RAND_poll in these fiddly cases.

Should fix bug 907.  Bugfix on 0.0.9pre6.  Backport candidate.

svn:r18210
 2009-01-21 15:38:39 +00:00
Nick Mathewson
c4b8fef362 Remove svn $Id$s from our source, and remove tor --version --version. 
The subversion $Id$ fields made every commit force a rebuild of
whatever file got committed.  They were not actually useful for
telling the version of Tor files in the wild.

svn:r17867
 2009-01-04 00:35:51 +00:00
Nick Mathewson
b0a8ecd193 Use RSA_generate_key_ex where available. 
svn:r17804
 2008-12-29 02:20:57 +00:00
Nick Mathewson
b4d387c28b Make freelist_len in memarea.c static; document a few variables. 
svn:r17741
 2008-12-22 19:14:08 +00:00
Nick Mathewson
1e5f457461 Fix most DOCDOCs remaining and/or added by redox. 
svn:r17734
 2008-12-22 17:53:04 +00:00
Nick Mathewson
1725c0c8a5 Add DOCDOC comments for all undocumented functions. Add missing *s to other comments so that they will get recognized as doxygen. 
svn:r17729
 2008-12-22 14:56:28 +00:00
Nick Mathewson
6c6b0283cb Ben confirms that the MUST in rfc2631 is only for compatibility with X9.42, and isn't actually a security thing. 
svn:r17685
 2008-12-18 16:11:16 +00:00
Nick Mathewson
cebdf93949 Fix bug 889: share deep-copied keys between threads to avoid races in reference counts. Bugfix on 0.1.0.1-rc. 
svn:r17672
 2008-12-18 05:28:27 +00:00
Nick Mathewson
f43bcdc063 Use ctags and a python script to find identifiers that are never used anywhere, and remove the ones that we really want gone. 
svn:r17651
 2008-12-17 17:20:42 +00:00
Nick Mathewson
4d94e061c7 Clean up some redundant stuff in crypto_dh_new(). 
svn:r16778
 2008-09-05 20:18:22 +00:00
Nick Mathewson
22259a0877 The first of Karsten's proposal 121 patches: configure and maintain client authorization data. Tweaked a bit: see comments on or-dev. 
svn:r16475
 2008-08-08 14:36:11 +00:00
Nick Mathewson
3ec25c2410 r16587@tombo: nickm | 2008-06-28 00:13:40 -0400 
fix for bug 704; found by sjmurdoch.  Windows and recent openssl both want to define OCSP_RESPONSE; do not let them.


svn:r15533
 2008-06-28 04:16:17 +00:00
Nick Mathewson
d4ed91c672 Set dynamic-locking callbacks in openssl. These can be more efficient when openssl uses them. 
svn:r15222
 2008-06-13 16:35:12 +00:00
Nick Mathewson
ae2d022f0c Remov unused macro in crypto.c 
svn:r14950
 2008-06-04 18:41:08 +00:00
Nick Mathewson
b7a80920e2 r15558@tombo: nickm | 2008-05-09 04:35:12 -0400 
New (temporary) tool to dump the modulus of a key.  May help with a project of weasel's.


svn:r14580
 2008-05-09 08:35:38 +00:00
Nick Mathewson
b5b77f8bf3 r19004@catbus: nickm | 2008-03-21 15:18:43 -0400 
Use RAND_poll() again: the bug that made us stop using it has been fixed.


svn:r14150
 2008-03-21 19:18:57 +00:00
Nick Mathewson
3452486ac6 r14422@tombo: nickm | 2008-02-24 17:09:56 -0500 
Whitespace fixes


svn:r13700
 2008-02-24 22:11:18 +00:00
Nick Mathewson
e7db789e82 r14399@tombo: nickm | 2008-02-22 14:09:38 -0500 
More 64-to-32 fixes. Partial backport candidate. still not done.


svn:r13680
 2008-02-22 19:09:45 +00:00
Nick Mathewson
69300eb606 r14374@tombo: nickm | 2008-02-21 16:57:39 -0500 
Fix all remaining shorten-64-to-32 errors in src/common.  Some were genuine problems.  Many were compatibility errors with libraries (openssl, zlib) that like predate size_t.  Partial backport candidate.


svn:r13665
 2008-02-21 21:57:47 +00:00
Nick Mathewson
b375472d14 r14373@tombo: nickm | 2008-02-21 16:29:18 -0500 
Apply warnings about implicit 64-to-32 conversions; some from Sebastian Hahn; some not.


svn:r13664
 2008-02-21 21:57:42 +00:00
Nick Mathewson
24e8e1fb36 r14185@tombo: nickm | 2008-02-15 18:05:54 -0500 
Replace the hefty tor_strpartition with a simple function to replace its only (trivial) use.


svn:r13532
 2008-02-15 23:39:14 +00:00
Roger Dingledine
509d2912dc doxygen and other cleanups 
svn:r13440
 2008-02-09 03:11:10 +00:00
Nick Mathewson
de827f89df r14062@tombo: nickm | 2008-02-08 15:17:07 -0500 
Change DNs in x509 certificates to be harder to fingerprint.  Raise common code.  Refactor random hostname generation into crypto.c


svn:r13429
 2008-02-08 21:13:12 +00:00
Nick Mathewson
b8179871a6 r17964@catbus: nickm | 2008-02-07 10:45:02 -0500 
Fix bug in last patch that made secret_to_key crash.


svn:r13415
 2008-02-07 16:10:36 +00:00
Nick Mathewson
eecc44dab8 r17963@catbus: nickm | 2008-02-07 10:14:25 -0500 
Be more thorough about memory poisoning and clearing.  Add an in-place version of aes_crypt in order to remove a memcpy from relay_crypt_one_payload.


svn:r13414
 2008-02-07 16:10:33 +00:00
Nick Mathewson
842a33ff20 Update some copyright notices: it is now 2008. 
svn:r13412
 2008-02-07 05:31:47 +00:00
Nick Mathewson
a51deb9a9c r17903@catbus: nickm | 2008-02-05 14:40:03 -0500 
Remove some dead code; fix some XXX020s; turn some XXX020s into XXXX_IP6s (i.e., "needs to be fixed when we add ipv6 support").


svn:r13382
 2008-02-05 19:40:26 +00:00
Nick Mathewson
d7fb8a34ac r17613@catbus: nickm | 2008-01-14 13:52:44 -0500 
Do not segfault if symetric key generation somehow fails in crypto_hybrid_encrypt.


svn:r13132
 2008-01-14 19:00:28 +00:00
Nick Mathewson
becbafc9db r17491@catbus: nickm | 2008-01-07 11:50:24 -0500 
Remove some dead code.


svn:r13053
 2008-01-07 16:50:33 +00:00
Roger Dingledine
1d8a8063b9 clean up copyrights, and assign 2007 copyrights to The Tor Project, Inc 
svn:r12786
 2007-12-12 21:09:01 +00:00
Roger Dingledine
7f12ebc3fa cleanups on r12579 
svn:r12580
 2007-11-27 21:17:43 +00:00
Nick Mathewson
e047f7f865 r16455@catbus: nickm | 2007-11-06 12:48:00 -0500 
Parse CERT cells and act correctly when we get them.


svn:r12396
 2007-11-06 18:00:07 +00:00
Nick Mathewson
7712ddf8e7 r16317@catbus: nickm | 2007-10-31 23:52:52 -0400 
Use HMAC() function from openssl. Oops.


svn:r12304
 2007-11-01 03:56:17 +00:00
Nick Mathewson
17266cc44a r16287@catbus: nickm | 2007-10-31 00:53:53 -0400 
HMAC-SHA-1 implementation, with unit tests based on vectors from RVFC2202.  Steven's stuff will need this.


svn:r12289
 2007-10-31 04:56:59 +00:00