nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-09-23 14:34:58 +02:00
Code Issues Packages Projects Releases Wiki Activity
22,863 Commits 53 Branches 629 Tags 108 MiB
a53059c6a0
Commit Graph

59 Commits

Author SHA1 Message Date
Isis Lovecruft
a53059c6a0 Document two additional functions in src/or/routerkeys.c. 
Adds docstrings for generate_ed_link_cert() and should_make_new_ed_keys().
 2016-11-03 08:40:10 -04:00
Nick Mathewson
af2459f09e Unit tests for cert-chain-processing, including failed cases 
Check out the coverage!
 2016-11-03 08:40:10 -04:00
Nick Mathewson
99af260acc For testing: function to construct (but not save) Ed keys and certs 2016-11-03 08:40:09 -04:00
Nick Mathewson
e94f1b4e0d Free rsa_ed_crosscert at exit. 
Fixes bug 17779; bugfix on 0.2.7.2-alpha.
 2016-11-03 08:37:21 -04:00
Nick Mathewson
9fe6fea1cc Fix a huge pile of -Wshadow warnings. 
These appeared on some of the Jenkins platforms. Apparently some
GCCs care when you shadow globals, and some don't.
 2016-07-28 10:22:10 -04:00
Nick Mathewson
4757303873 Fix all -Wshadow warnings on Linux 
This is a partial fix for 18902.
 2016-07-28 06:58:44 -04:00
Peter Palfrader
54c3066c72 Fix a typo in the getting passphrase prompt for the ed25519 identity key 2016-06-25 13:33:35 +02:00
Nick Mathewson
fdb57db581 Merge branch 'bug18133_027' into maint-0.2.8 2016-04-01 08:17:56 -04:00
Nick Mathewson
4093f343ca fix indentation 2016-04-01 08:16:21 -04:00
Nick Mathewson
4895d8288c Do not treat "DOCDOC" as doxygen. 2016-03-26 10:11:45 -04:00
Nick Mathewson
005a20ec85 Log a better message when OfflineMasterKey is set. 
Fixes bug 18133; bugfix on 0.2.7.2-alpha.
 2016-03-21 11:57:23 -04:00
Nick Mathewson
57699de005 Update the copyright year. 2016-02-27 18:48:19 +01:00
Nick Mathewson
fe6ca826df Make sure that every module in src/or has a brief description. 2016-02-27 18:08:24 +01:00
Nick Mathewson
8a4bba06d2 Rename crypto_digest_all, and digests_t. 
They are no longer "all" digests, but only the "common" digests.

Part of 17795.

This is an automated patch I made with a couple of perl one-liners:

  perl -i -pe 's/crypto_digest_all/crypto_common_digests/g;' src/*/*.[ch]
  perl -i -pe 's/\bdigests_t\b/common_digests_t/g;' src/*/*.[ch]
 2016-02-10 15:28:19 -05:00
Nick Mathewson
9c4a0aef0c Fix a memory leak in reading an expired ed signing key. 
Closes 17403.
 2015-10-21 11:16:28 -04:00
Nick Mathewson
df0b4f0342 Merge branch 'feature16769_squashed' 2015-09-22 09:26:30 -04:00
Nick Mathewson
bca4211de5 Add a --master-key option 
This lets the user override the default location for the master key
when used with --keygen

Part of 16769.
 2015-09-22 09:24:35 -04:00
Nick Mathewson
d8f031aec2 Add a new --newpass option to add or remove secret key passphrases. 2015-09-22 09:24:35 -04:00
Nick Mathewson
e94ef30a2f Merge branch 'feature16944_v2' 2015-09-22 09:19:28 -04:00
Nick Mathewson
a444b11323 Convince coverity that we do not have a particular memory leak 2015-09-13 14:44:46 -04:00
Nick Mathewson
41891cbf93 Merge remote-tracking branch 'public/ed25519_hup_v2' 2015-09-10 10:37:13 -04:00
Nick Mathewson
d70b1b4da1 Never ever try to load the secret key if offline_master is set 
(Not even if we can't find the public key.)
 2015-09-04 09:55:07 -04:00
Nick Mathewson
0ba4e0895a Add "OfflineMasterKey" option 
When this is set, and Tor is running as a relay, it will not
generate or load its secret identity key.  You can manage the secret
identity key with --keygen.  Implements ticket 16944.
 2015-09-04 09:55:07 -04:00
Nick Mathewson
b977a570c4 Fix a false-positive in coverity scan with an assertion 
CID 1301373
 2015-09-01 09:50:33 -04:00
Nick Mathewson
f64ef65b9d Fix code for checking expired certificates on load 
Fixes CID 1306915, which noticed that the check was dead.
 2015-09-01 09:47:51 -04:00
Nick Mathewson
037e8763a7 Reload Ed25519 keys on sighup. 
Closes ticket 16790.
 2015-08-19 13:37:21 -04:00
Nick Mathewson
426ef9c8eb More log messages for keygen problems 2015-08-19 13:36:51 -04:00
Nick Mathewson
c88a8a7ca3 Explain better why we are about to load the master key. 2015-08-19 13:36:51 -04:00
Nick Mathewson
76ec891572 When we infer the master key from the certificate, save it to disk. 2015-08-19 13:36:50 -04:00
Nick Mathewson
138b28dc35 Add test_keygen tests for all log outputs; improve keygen outputs. 2015-08-19 13:36:50 -04:00
Nick Mathewson
8f6f1544c9 Resolve failing test_keygen tests. 2015-08-19 13:36:50 -04:00
Nick Mathewson
f362e7a873 Checkpoint work on ed25519 keygen improvements. 
Needs changes file, documentation, test integration, more tests.
 2015-08-19 13:36:49 -04:00
Nick Mathewson
b5cfcb2045 Fix most check-spaces issues 2015-07-16 11:10:14 -04:00
Nick Mathewson
7bd5212ddc Merge branches 'feature_16582' and 'feature_16581' 2015-07-15 11:05:33 -04:00
Nick Mathewson
c4ab8f74da Don't allow INIT_ED_KEY_{NO_REPAIR,NEEDCERT} to be used together. 
We haven't implemented NO_REPAIR for NEEDCERT, and we don't need it:
but it's safest to stop any attempt to use it that way.
 2015-07-15 10:45:40 -04:00
Nick Mathewson
3c28d95ca7 Add more EINVAL errno setting on key read failures 
Teor found these.  This is for part of #16582.
 2015-07-15 10:35:29 -04:00
Nick Mathewson
3fcb74e98b Add more consistency checks in load_ed_keys 
Make sure that signing certs are signed by the right identity key,
to prevent a recurrence of #16530.  Also make sure that the master
identity key we find on disk matches the one we have in RAM, if we
have one.

This is for #16581.
 2015-07-14 11:27:49 -04:00
Nick Mathewson
1360326588 Do more consistency checks in ed_key_init_from_file() 
When there is a signing key and the certificate lists a key, make
sure that the certificate lists the same signing key.

When there are public key and secret key stored in separate files,
make sure they match.

Use the right file name when we load an encrypted secret key and
then find a problem with it.

This is part of 16581.
 2015-07-14 11:12:18 -04:00
Nick Mathewson
5e8edba3d8 If loading an ed25519 master key fails with errno != ENOENT, give up. 
This implements feature 16582: if we get EMFILE or something when
loading our master key, we should not at that point attempt to
overwrite it.
 2015-07-14 10:36:39 -04:00
Nick Mathewson
0a6997d78b Preserve errno when loading encrypted ed25519 keys. 2015-07-14 10:23:07 -04:00
Nick Mathewson
48f69685f5 Avoid a segfault when reading an encrypted key that isn't there 
Patch from cypherpunks. Fixes bug 16449. Bug not in any released tor.
 2015-06-27 14:14:13 -04:00
Nick Mathewson
1edaef2adf fix some memory leaks that coverity found 2015-06-19 09:03:34 -04:00
Nick Mathewson
c2c23d1443 Handle "keygen" if datadir does not yet exist 2015-06-17 13:51:45 -04:00
Nick Mathewson
d68133c745 Merge branch '13642_offline_master_v2_squashed' 2015-06-17 10:12:37 -04:00
Nick Mathewson
b6eee531bb Support encrypted offline master keys with a new --keygen flag 
When --keygen is provided, we prompt for a passphrase when we make a
new master key; if it is nonempty, we store the secret key in a new
crypto_pwbox.

Also, if --keygen is provided and there *is* an encrypted master key,
we load it and prompt for a passphrase unconditionally.

We make a new signing key unconditionally when --keygen is provided.
We never overwrite a master key.
 2015-06-17 10:11:18 -04:00
teor
383a27afc5 Ensure signing_key is non-NULL before accessing one of its members 
signing_key can be NULL in ed_key_init_from_file in routerkeys.c.
Discovered by clang 3.7 address sanitizer.

Fix on c03694938e, not in any released version of Tor.
 2015-06-03 04:19:05 +10:00
Nick Mathewson
fcc01d7caf Fix a memory leak in routerkeys.c 2015-06-01 10:45:51 -04:00
Andrea Shepard
0e0b65db4f Appease make check-spaces 2015-06-01 12:59:14 +00:00
Nick Mathewson
12a2321501 Another memory leak bytes the dust. 2015-05-29 16:17:54 -04:00
Nick Mathewson
2c32b2848a Small leak in ed_key_init_from_file. CID 1301373 2015-05-28 12:52:34 -04:00