Commit Graph

3450 Commits

Author SHA1 Message Date
Nick Mathewson
a5704b1c62 Add a sha256 hmac function, with tests
(cherry picked from commit fdbb9cdf74)
2012-02-22 05:46:08 -08:00
Nick Mathewson
81fe3e438b Merge remote-tracking branch 'sebastian/bug5161' 2012-02-20 13:00:17 -05:00
Robert Ransom
cd029f0ca3 Fix crypto_hmac_sha256 documentation comment 2012-02-20 02:47:10 -08:00
Sebastian Hahn
bc66878bde Don't redeclare environ if std headers already did
This would cause a redundant redeclaration warning on some versions of
Linux otherwise.
2012-02-19 16:52:38 +01:00
Nick Mathewson
1d36693570 Use get_environment(), not environ. 2012-02-17 11:50:19 -05:00
Nick Mathewson
eaedcba493 Merge branch 'bug5105-v2-squashed'
Conflicts:
	src/or/transports.c
2012-02-17 11:50:10 -05:00
Robert Ransom
33552c16ca Heap-allocate strings returned by get_current_process_environment_variables 2012-02-17 11:42:21 -05:00
Robert Ransom
c0808b795f Pass process_environment_t * to tor_spawn_background
Now tor_spawn_background's prototype is OS-independent.
2012-02-17 11:42:20 -05:00
Robert Ransom
ee3a49d6ed Remove (void)envp from tor_spawn_background
The envp argument is used on Windows.
2012-02-17 11:42:20 -05:00
Robert Ransom
340d906419 Change type of unixoid_environment_block to match tor_spawn_background's arg 2012-02-17 11:42:20 -05:00
Robert Ransom
d37a1ec8c6 Add set_environment_variable_in_smartlist 2012-02-17 11:42:20 -05:00
Robert Ransom
0ba93e184a Add get_current_process_environment_variables 2012-02-17 11:42:19 -05:00
Robert Ransom
98cec14982 Add process_environment_make and related utilities 2012-02-17 11:42:19 -05:00
Robert Ransom
806e0f7e19 Add tor_calloc 2012-02-17 11:42:19 -05:00
Sebastian Hahn
efb7b9dec1 Use _NSGetEnviron() instead of environ where required
OS X would otherwise crash with a segfault when linked statically to
some libraries.
2012-02-14 11:18:39 -05:00
Nick Mathewson
077b9f19a4 If SOCK_CLOEXEC and friends fail, fall back to regular socket() calls
Since 0.2.3.1-alpha, we've supported the Linux extensions to socket(),
open(), socketpair(), and accept() that enable us to create an fd and
make it close-on-exec with a single syscall.  This not only saves us a
syscall (big deal), but makes us less vulnerable to race conditions
where we open a socket and then exec before we can make it
close-on-exec.

But these extensions are not supported on all Linuxes: They were added
between 2.6.23 or so and 2.6.28 or so.  If you were to build your Tor
against a recent Linux's kernel headers, and then run it with a older
kernel, you would find yourselve unable to open sockets.  Ouch!

The solution here is that, when one of these syscalls fails with
EINVAL, we should try again in the portable way.  This adds an extra
syscall in the case where we built with new headers and are running
with old ones, but it will at least allow Tor to work.

Fixes bug 5112; bugfix on 0.2.3.1-alpha.
2012-02-14 10:34:06 -05:00
Sebastian Hahn
efcdc930fb Make ht.h conform to Tor's code style again
When porting over changes from libevent, a bunch of tabs and a couple of
long lines got introduced.
2012-02-14 11:13:06 +01:00
Nick Mathewson
a31fb42d2e Port over the last ht.h changes from libevent: avoid _reserved identifiers 2012-02-13 18:40:30 -05:00
Nick Mathewson
107f604f31 Port over ht.h improvements from Libevent.
There is a facility (not used now in Tor) to avoid storing the hash
of a given type if it is a fast-to-calculate hash.

There are also a few ancient-openbsd compilation issues fixed here.

The fact that Tor says INLINE while Libevent says inline remains
unaddressed.
2012-02-13 18:06:40 -05:00
Nick Mathewson
1e9400d9c8 ht.h comment tweaks, upstreamed from libevent 2012-02-13 17:56:13 -05:00
Nick Mathewson
4aa0aa0300 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/common/Makefile.am
	src/or/Makefile.am
2012-02-12 23:27:31 -05:00
Sebastian Hahn
8ce6722d76 Properly protect paths to sed, sha1sum, openssl
in Makefile.am, we used it without quoting it, causing build failure if
your openssl/sed/sha1sum happened to live in a directory with a space in
it (very common on windows)
2012-02-10 20:12:03 +01:00
Nick Mathewson
8855b2a90c Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/common/tortls.c

Conflict on comment near use of the new OPENSSL_V macro
2012-02-10 10:56:37 -05:00
Nick Mathewson
2da0efb547 Use correct CVE number for CVE-2011-4576. Found by fermenthor. bug 5066 2012-02-10 10:55:39 -05:00
Nick Mathewson
79a80c88ee Fix straggling MS_WINDOWS issues; add a changes file
There was one MS_WINDOWS that remained because it wasn't on a macro
line; a few remaining uses (and the definition!) in configure.in;
and a now-nonsensical stanza of eventdns_tor.h that previously
defined 'WIN32' if it didn't exist.
2012-01-31 15:48:47 -05:00
Nick Mathewson
5cf9167f91 Use the standard _WIN32, not the Torism MS_WINDOWS or deprecated WIN32
This commit is completely mechanical; I used this perl script to make it:

 #!/usr/bin/perl -w -i.bak -p

 if (/^\s*\#/) {
     s/MS_WINDOWS/_WIN32/g;
     s/\bWIN32\b/_WIN32/g;
 }
2012-01-31 15:48:47 -05:00
Nick Mathewson
48424772aa Actually enable the windows absolute-path code
Checking for "WINDOWS" is wrong; our magic macro is MS_WINDOWS

Fixes bug 4973; bugfix on 0.2.3.11-alpha.
2012-01-31 10:42:41 -05:00
Nick Mathewson
26e789fbfd Rename nonconformant identifiers.
Fixes bug 4893.

These changes are pure mechanical, and were generated with this
perl script:

  /usr/bin/perl -w -i.bak -p

  s/crypto_pk_env_t/crypto_pk_t/g;
  s/crypto_dh_env_t/crypto_dh_t/g;
  s/crypto_cipher_env_t/crypto_cipher_t/g;
  s/crypto_digest_env_t/crypto_digest_t/g;

  s/aes_free_cipher/aes_cipher_free/g;
  s/crypto_free_cipher_env/crypto_cipher_free/g;
  s/crypto_free_digest_env/crypto_digest_free/g;
  s/crypto_free_pk_env/crypto_pk_free/g;

  s/_crypto_dh_env_get_dh/_crypto_dh_get_dh/g;
  s/_crypto_new_pk_env_rsa/_crypto_new_pk_from_rsa/g;
  s/_crypto_pk_env_get_evp_pkey/_crypto_pk_get_evp_pkey/g;
  s/_crypto_pk_env_get_rsa/_crypto_pk_get_rsa/g;

  s/crypto_new_cipher_env/crypto_cipher_new/g;
  s/crypto_new_digest_env/crypto_digest_new/g;
  s/crypto_new_digest256_env/crypto_digest256_new/g;
  s/crypto_new_pk_env/crypto_pk_new/g;

  s/crypto_create_crypto_env/crypto_cipher_new/g;

  s/connection_create_listener/connection_listener_new/g;
  s/smartlist_create/smartlist_new/g;
  s/transport_create/transport_new/g;
2012-01-18 15:53:30 -05:00
Nick Mathewson
d1b40cf2e7 Merge remote-tracking branch 'public/bug4533_part1'
Conflicts:
	src/common/compat.h
2012-01-18 15:33:04 -05:00
Nick Mathewson
1772782e42 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-01-18 15:29:41 -05:00
Nick Mathewson
dd4b1a2ac6 Fix SOCKET_OK test on win64.
Bugfix on 0.2.2.29-beta; partial fix for 4533; found by wanoskarnet
2012-01-18 10:48:29 -05:00
Nick Mathewson
dea0720dad Warn if sizeof(tor_socket_t) != sizeof(SOCKET) 2012-01-17 16:38:47 -05:00
Nick Mathewson
6e8c2a3e46 Use SOCKET_OK macros in even more places
Add a TOR_INVALID_SOCKET macro to wrap -1/INVALID_SOCKET.

Partial work for bug4533.
2012-01-17 16:35:07 -05:00
Nick Mathewson
9c29369a04 Convert instances of tor_malloc+tor_snprintf into tor_asprintf
These were found by looking for tor_snprintf() instances that were
preceeded closely by tor_malloc(), though I probably converted some
more snprintfs as well.

(In every case, make sure that the length variable (if any) is
removed, renamed, or lowered, so that anything else that might have
assumed a longer buffer doesn't exist.)
2012-01-16 15:03:44 -05:00
Nick Mathewson
9c6d913b9e Rename smartlist_{v,}asprintf_add to smartlist_add_{v,}asprintf 2012-01-16 15:01:54 -05:00
Nick Mathewson
411cf8f714 Make openssl 0.9.8l log message accurate
fixes 4837
2012-01-11 15:41:46 -05:00
Nick Mathewson
f729e1e984 Merge branch 'feature3457-v4-nm-squashed'
Conflicts:
	src/or/rendclient.c
2012-01-11 12:10:14 -05:00
Nick Mathewson
b5af456685 Use spaceless ISO8601 time format, not sec,usec. 2012-01-11 12:08:01 -05:00
Nick Mathewson
f371816209 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-01-11 11:07:37 -05:00
Nick Mathewson
0126150c2d Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2012-01-11 11:07:13 -05:00
Nick Mathewson
8d5c0e58ea Fix a compilation warning for our bug4822 fix on 64-bit linux 2012-01-11 11:06:31 -05:00
Nick Mathewson
5e9d349979 Merge remote-tracking branch 'public/bug4650_nm_squashed' 2012-01-10 17:59:49 -05:00
Nick Mathewson
73d4dbe103 whitespace and warning fixes for bug4746 2012-01-10 16:53:37 -05:00
Nick Mathewson
7fbf1e225e Merge remote-tracking branch 'asn-mytor/bug4746' 2012-01-10 16:44:03 -05:00
Nick Mathewson
dca3c9fff8 Add missing documentation for counter-mode checks 2012-01-10 11:15:46 -05:00
Nick Mathewson
cc5c14b732 Clean up indentation in aes.c 2012-01-10 11:15:42 -05:00
Nick Mathewson
d29a390733 Test for broken counter-mode at runtime
To solve bug 4779, we want to avoid OpenSSL 1.0.0's counter mode.
But Fedora (and maybe others) lie about the actual OpenSSL version,
so we can't trust the header to tell us if it's safe.

Instead, let's do a run-time test to see whether it's safe, and if
not, use our built-in version.

fermenthor contributed a pretty essential fixup to this patch. Thanks!
2012-01-10 11:15:35 -05:00
Nick Mathewson
5741aef3dc We no longer need to detect openssl without RAND_poll()
We require openssl 0.9.7 or later, and RAND_poll() was first added in
openssl 0.9.6.
2012-01-10 10:40:31 -05:00
Nick Mathewson
85c7d7659e Add macros to construct openssl version numbers
It's a pain to convert 0x0090813f to and from 0.9.8s-release on the
fly, so these macros should help.
2012-01-10 10:40:30 -05:00
Sebastian Hahn
2367f7e559 Make sure MAX_DNS_LABEL_SIZE is defined
MAX_DNS_LABEL_SIZE was only defined for old versions of openssl, which
broke the build. Spotted by xiando. Fixes bug 4413; not in any released
version.
2012-01-10 06:14:35 +01:00
Nick Mathewson
b1ee1a719d Tweaks for bug4413 fix
The thing that's limited to 63 bytes is a "label", not a hostname.

Docment input constraints and behavior on bogus inputs.

Generally it's better to check for overflow-like conditions before
than after.  In this case, it's not a true overflow, so we're okay,
but let's be consistent.

pedantic less->fewer in the documentation
2012-01-09 19:14:51 -05:00
Stephen Palmateer
3fadc074ca Remove (untriggerable) overflow in crypto_random_hostname()
Fixes bug 4413; bugfix on xxxx.

Hostname components cannot be larger than 63 characters.
This simple check makes certain randlen cannot overflow rand_bytes_len.
2012-01-09 19:05:05 -05:00
Nick Mathewson
1e5d66997b Merge remote-tracking branch 'origin/maint-0.2.2' 2012-01-09 16:40:42 -05:00
Nick Mathewson
c78a314e95 Fix comment about TLSv1_method() per comments by wanoskarnet 2012-01-09 16:40:21 -05:00
Roger Dingledine
ecdea4eeaf Merge branch 'maint-0.2.2' 2012-01-08 12:17:16 -05:00
Roger Dingledine
1416dd47a9 add a note from wanoskarnet
he disagrees about what the code that we decided not to use would do
2012-01-08 09:03:03 -05:00
Emile Snyder
d7eaa4b396 Change to use SSL_state_string_long() instead of homebrew ssl_state_to_string() function. 2012-01-06 05:31:34 -08:00
Nick Mathewson
ef69f2f2ab Merge remote-tracking branch 'origin/maint-0.2.2' 2012-01-05 14:17:44 -05:00
Nick Mathewson
ccd8289958 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2012-01-05 14:16:30 -05:00
Robert Ransom
4752b34879 Log at info level when disabling SSLv3 2012-01-05 12:28:56 -05:00
Nick Mathewson
db78fe4589 Disable SSLv3 when using a not-up-to-date openssl
This is to address bug 4822, and CVE-2011-4576.
2012-01-05 12:28:55 -05:00
Roger Dingledine
ff03347579 note some dead code. if i'm right, should this be removed? 2012-01-05 05:37:06 -05:00
Sebastian Hahn
98959f63ac Disallow disabling DisableDebuggerAttachment on runnning Tor
Also, have tor_disable_debugger_attach() return a tristate of
success/failure/don't-know-how , and only log appropriately.
2012-01-04 15:09:02 -05:00
Sebastian Hahn
5d9be49540 Fix a check-spaces violation in compat.c
Also fix a comment typo
2011-12-30 23:30:57 +01:00
Nick Mathewson
9f06ec0c13 Add interface enumeration based on SIOCGIFCONF for older unixes 2011-12-28 16:34:16 -05:00
Nick Mathewson
5d44a6b334 Multicast addresses, if any were configured, would not be good if addrs 2011-12-28 16:34:16 -05:00
Nick Mathewson
aa529f6c32 Use getifaddrs, not connect+getsockname, to find our address
This resolves bug1827, and lets us avoid freaking people out.
Later, we can use it to get a complete list of our interfaces.
2011-12-28 16:34:16 -05:00
Nick Mathewson
78f43c5d03 Require openssl 1.0.0a for using openssl's ctr-mode implementation
Previously we required 1.0.0, but there was a bug in the 1.0.0 counter
mode. Found by Pascal. Fixes bug 4779.

A more elegant solution would be good here if somebody has time to code
one.
2011-12-27 20:31:23 -05:00
Nick Mathewson
85d7811456 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-12-26 17:58:51 -05:00
Sebastian Hahn
da876aec63 Provide correct timeradd/timersup replacements
Bug caught and patch provided by Vektor. Fixes bug 4778.t
2011-12-25 23:19:08 +01:00
Kamran Riaz Khan
a1c1fc72d1 Prepend cwd for relative config file paths.
Modifies filenames which do not start with '/' or '.' on non-Windows
platforms; uses _fullpath on Windows.
2011-12-22 10:17:48 -05:00
George Kadianakis
d05bc02192 Add an informative header on the 'keys/dynamic_dh_params' file. 2011-12-19 16:06:22 +01:00
Robert Ransom
d688a40a0e Don't crash on startup of a dormant relay
If a relay is dormant at startup, it will call init_keys before
crypto_set_tls_dh_prime.  This is bad.  Let's make it not so bad, because
someday it *will* happen again.
2011-12-12 11:25:55 -08:00
Sebastian Hahn
0f8026ec23 Some more check-spaces stuff
This re-applies a check-spaces fix that was part of
7920ea55b8 and got reverted along with the
rest of that commit in df1f72329a.
2011-12-08 08:47:09 +01:00
Nick Mathewson
71ecfaa52f indent; add comment
This re-applies 40a87c4c08 which got
accidentally reverted in 75134c6c86.
Thanks asn for spotting this.
2011-12-08 08:45:24 +01:00
Sebastian Hahn
ee8b4b4e6e appease check-spaces
This re-applies f77f9bddb8 which got
accidentally reverted in 53f535aeb8.
Thanks asn for spotting this.
2011-12-08 08:43:32 +01:00
Nick Mathewson
0ebcf345ce Revert "Refactor the SSL_set_info_callback() callbacks."
This reverts commit 69a821ea1c.
2011-12-06 19:49:21 -05:00
Nick Mathewson
9727d21f68 Revert "Detect renegotiation when it actually happens."
This reverts commit 4fd79f9def.
2011-12-06 19:49:21 -05:00
Nick Mathewson
e09dd43ab3 Revert "Detect and deny excess renegotiations attempts."
This reverts commit ecd239e3b5.
2011-12-06 19:49:21 -05:00
Nick Mathewson
021ff31ba6 Revert "Get rid of tor_tls_block_renegotiation()."
This reverts commit 340809dd22.
2011-12-06 19:49:21 -05:00
Nick Mathewson
fa74af0cfa Revert "Also handle needless renegotiations in SSL_write()."
This reverts commit e2b3527106.
2011-12-06 19:49:20 -05:00
Nick Mathewson
45c46129ed Revert "Fix issues pointed out by nickm."
This reverts commit e097bffaed.
2011-12-06 19:49:20 -05:00
Nick Mathewson
616b60cef3 Revert "Use callback-driven approach to block renegotiations."
This reverts commit 406ae1ba5a.
2011-12-06 19:49:20 -05:00
Nick Mathewson
53f535aeb8 Revert "appease check-spaces"
This reverts commit f77f9bddb8.
2011-12-06 19:49:20 -05:00
Nick Mathewson
df1f72329a Revert "Refactor tor_event_base_once to do what we actually want"
This reverts commit 7920ea55b8.
2011-12-06 19:49:20 -05:00
Nick Mathewson
17880e4c0a Revert "Fix some wide lines in tortls.c"
This reverts commit e8dde3aabd.
2011-12-06 19:49:20 -05:00
Nick Mathewson
e83e720c8b Revert "use event_free() wrapper; fix bug 4582"
This reverts commit 9a88c0cd32.
2011-12-06 19:49:20 -05:00
Nick Mathewson
acc1806eb8 Revert "Don't schedule excess_renegotiations_callback unless it's set"
This reverts commit 617617e21a.
2011-12-06 19:49:20 -05:00
Nick Mathewson
75134c6c86 Revert "indent; add comment"
This reverts commit 40a87c4c08.
2011-12-06 19:49:20 -05:00
Nick Mathewson
135a5102a3 Revert "Make pending libevent actions cancelable"
This reverts commit aba25a6939.
2011-12-06 19:49:20 -05:00
Nick Mathewson
50fd99d7ef Revert "Set renegotiation callbacks immediately on tls inititation"
This reverts commit e27a26d568.
2011-12-06 19:49:19 -05:00
Nick Mathewson
d9edee3a3b Merge remote-tracking branch 'origin/maint-0.2.2' 2011-12-02 16:10:17 -05:00
Nick Mathewson
2b5a035604 tor_accept_socket() should take tor_addr_t for listener arg
Fixes bug 4535; bugfix on 0.2.2.28-beta; found by "troll_un"
2011-12-02 16:09:16 -05:00
Nick Mathewson
0920cd02f4 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-12-02 15:38:29 -05:00
Nick Mathewson
b7015603fa Fix bug 4530; check return val of tor_addr_lookup correctly
Fix on 0.2.1.5-alpha; reported by troll_un
2011-12-02 15:37:24 -05:00
Sebastian Hahn
95af91565b Work around a false positive in Coverity.
Fixes cid 501 and 502.
2011-12-02 06:16:57 +01:00
George Kadianakis
02708b7d80 Free the global DH parameters in crypto_global_cleanup(). 2011-11-30 13:17:47 -05:00
George Kadianakis
a708e85236 Move crypto_global_cleanup() to the bottom of crypto.c. 2011-11-30 13:17:39 -05:00
Nick Mathewson
29db095a35 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-11-30 12:41:08 -05:00
Linus Nordberg
f786307ab7 First chunk of support for bridges on IPv6
Comments below focus on changes, see diff for added code.

New type tor_addr_port_t holding an IP address and a TCP/UDP port.

New flag in routerinfo_t, ipv6_preferred.  This should go in the
node_t instead but not now.

Replace node_get_addr() with
- node_get_prim_addr() for primary address, i.e. IPv4 for now
- node_get_pref_addr() for preferred address, IPv4 or IPv6.

Rename node_get_addr_ipv4h() node_get_prim_addr_ipv4h() for
consistency.  The primary address will not allways be an IPv4 address.
Same for node_get_orport() -> node_get_prim_orport().

Rewrite node_is_a_configured_bridge() to take all OR ports into account.

Extend argument list to extend_info_from_node and
extend_info_from_router with a flag indicating if we want to use the
routers primary address or the preferred address.  Use the preferred
address in as few situtations as possible for allowing clients to
connect to bridges over IPv6.
2011-11-30 11:55:45 -05:00
Nick Mathewson
8bb23c7def Merge branch 'bug4587_v2' 2011-11-29 19:15:40 -05:00
Nick Mathewson
e27a26d568 Set renegotiation callbacks immediately on tls inititation
This way, we can't miss a renegotiation attempt in a v2 handshake,
or miss excess renegotiation attempts.  Partial fix for bug 4587.
2011-11-29 19:10:19 -05:00
Nick Mathewson
da6c136817 Merge remote-tracking branch 'asn-mytor/bug4548_take2' 2011-11-29 18:30:41 -05:00
Nick Mathewson
aba25a6939 Make pending libevent actions cancelable
This avoids a dangling pointer issue in the 3412 code, and should
fix bug 4599.
2011-11-29 17:08:29 -05:00
Nick Mathewson
40a87c4c08 indent; add comment 2011-11-27 09:24:41 -05:00
Nick Mathewson
e665ec6409 Merge remote-tracking branch 'asn/bug4584' 2011-11-27 09:18:55 -05:00
Nick Mathewson
617617e21a Don't schedule excess_renegotiations_callback unless it's set
Partial fix for bug 4587; reported by "frosty_un".
2011-11-27 08:21:59 -05:00
George Kadianakis
b42ff6545a Use random bytes as our certificate serial numbers.
Instead of using time(NULL) in our certificate serial numbers, use
eight random bytes as suggested in proposal 179.
2011-11-27 08:20:17 +01:00
George Kadianakis
055d6c01ff Write dynamic DH parameters to a file.
Instead of only writing the dynamic DH prime modulus to a file, write
the whole DH parameters set for forward compatibility. At the moment
we only accept '2' as the group generator.

The DH parameters gets stored in base64-ed DER format to the
'dynamic_dh_params' file.
2011-11-26 19:29:57 +01:00
George Kadianakis
f28014bf1a Introduce write_bytes_to_new_file().
Introduce write_bytes_to_new_file(), a function which writes bytes to
a file only if that file did not exist.
2011-11-26 18:56:49 +01:00
Nick Mathewson
9a88c0cd32 use event_free() wrapper; fix bug 4582 2011-11-25 19:09:48 -05:00
Nick Mathewson
e8dde3aabd Fix some wide lines in tortls.c 2011-11-25 17:22:46 -05:00
Nick Mathewson
7920ea55b8 Refactor tor_event_base_once to do what we actually want
This version avoids the timeout system entirely, gives a nicer
interface, and lets us manage allocation explicitly.
2011-11-25 17:18:54 -05:00
Nick Mathewson
e5f2f10844 Merge remote-tracking branch 'asn/bug4312' 2011-11-25 17:00:47 -05:00
Nick Mathewson
d6c18c5804 Make process_handle_t private and fix some unit tests
Let's *not* expose more cross-platform-compatibility structures, or
expect code to use them right.

Also, don't fclose() stdout_handle and stdin_handle until we do
tor_process_handle_destroy, or we risk a double-fclose.
2011-11-25 16:47:25 -05:00
Nick Mathewson
093e6724c7 Merge remote-tracking branch 'asn/bug3472_act2' 2011-11-25 16:00:31 -05:00
Nick Mathewson
cb8059b42d Merge remote-tracking branch 'sebastian/pure_removal' 2011-11-25 14:54:04 -05:00
Sebastian Hahn
75d8ad7320 Purge ATTR_PURE from the code
We're using it incorrectly in many cases, and it doesn't help as far as
we know.
2011-11-25 17:57:50 +01:00
George Kadianakis
b31601975b Move DH_GENERATOR to crypto.c. 2011-11-25 17:44:11 +01:00
George Kadianakis
1df6b5a734 Move broken primes to dynamic_dh_modulus.broken. 2011-11-25 17:39:45 +01:00
George Kadianakis
4938bcc06a Do dynamic DH modulus storing in crypto.c. 2011-11-25 17:39:28 +01:00
Nick Mathewson
25c9e3aab9 Merge branch 'more_aes_hackery_rebased'
Conflicts:
	changes/aes_hackery
2011-11-25 10:36:13 -05:00
Nick Mathewson
9814019a54 Use openssl's counter mode implementation when we have 1.0.0 or later
This shaves about 7% off our per-cell AES crypto time for me; the
effect for accelerated AES crypto should be even more, since the AES
calculation itself will make an even smaller portion of the
counter-mode performance.

(We don't want to do this for pre-1.0.0 OpenSSL, since our AES_CTR
implementation was actually faster than OpenSSL's there, by about
10%.)

Fixes issue #4526.
2011-11-25 10:32:21 -05:00
Nick Mathewson
8143074b3f Use EVP for AES only when hardware accel is present
Fixes bug 4525, fix on 0.2.3.8-alpha.
2011-11-25 10:32:00 -05:00
Peter Palfrader
86be8fcf0a Handle build-trees better.
Properly create git revision and source file sha1sums include files when
building tor not in its source tree but in a dedicated build tree.
2011-11-24 23:56:01 -05:00
Nick Mathewson
eaa3a379f0 Move disable-debugger-attachment fn to compat where it belongs. Fix whitespace 2011-11-24 23:45:47 -05:00
George Kadianakis
1d1d5ae7f8 Finishing touches.
- Make check-spaces happy.
- Remove a stray header from crypto.h
2011-11-25 01:08:31 +01:00
George Kadianakis
7c37a664c1 Rename 'dynamic prime' to 'dynamic DH modulus'. 2011-11-25 01:00:58 +01:00
George Kadianakis
bdeb797a13 Notify the user that her computer is generating numbers. 2011-11-25 00:59:47 +01:00
George Kadianakis
5f3f41c234 Make sure that the stored DH prime is safe to use. 2011-11-25 00:33:40 +01:00
George Kadianakis
94076d9e3b Move crypto_get_stored_dynamic_prime() to crypto.c 2011-11-24 22:59:01 +01:00
George Kadianakis
2ef68980a7 Move store_dynamic_prime() to crypto.c. 2011-11-24 22:32:10 +01:00
George Kadianakis
cabb8e54c7 Tone down the logging. 2011-11-24 22:14:09 +01:00
George Kadianakis
8a726dd0dd Implement dynamic prime reading and storing to disk. 2011-11-24 22:13:44 +01:00
George Kadianakis
42bda231ee Make DynamicPrimes SIGHUP-able.
Instead of passing the DynamicPrimes configuration option to
crypto_global_init(), generate and set a new TLS DH prime when we read
the torrc.
2011-11-24 22:13:38 +01:00
George Kadianakis
0e71be5d94 Improve code in the dynamic primes realm. 2011-11-24 22:13:19 +01:00
George Kadianakis
fb38e58d14 Improve logging. 2011-11-24 22:13:00 +01:00
George Kadianakis
1797e0a39e Make it compile. 2011-11-24 22:12:44 +01:00
George Kadianakis
375e55eaa2 Rename "Rakshasa" to "Dynamic Prime". 2011-11-24 22:09:15 +01:00
George Kadianakis
659381e00d Introduce the DynamicPrimes configuration option. 2011-11-24 22:09:06 +01:00
George Kadianakis
edec9409e8 Copy/Paste Jake's stuff.
This commit copies parts of Jake's
f3bb6846975193d9a6649c31f94bda47e4014070 commit verbatim to the
current master.
2011-11-24 22:06:50 +01:00
Sebastian Hahn
f77f9bddb8 appease check-spaces 2011-11-24 09:20:51 +01:00
Sebastian Hahn
46d69cb915 Fix compile warning in tor_inet_pton() (on 64bit)
This slipped through into 0.2.3.8-alpha unfortunately.
2011-11-24 09:19:57 +01:00
Nick Mathewson
3ebe960f3f Detect tor_addr_to_str failure in tor_dup_addr.
This avoids a possible strdup of an uninitialized buffer.

Fixes 4529; fix on 0.2.1.3-alpha; reported by troll_un.
2011-11-23 23:04:10 -05:00
Nick Mathewson
3890c81e7c Merge remote-tracking branch 'origin/maint-0.2.2' 2011-11-23 16:28:18 -05:00
Nick Mathewson
fbf1c5ee79 Merge remote-tracking branch 'public/bug4230' into maint-0.2.2 2011-11-23 16:22:26 -05:00
Sebastian Hahn
2efa6eb652 Sockets are unsigned on windows
this gets rid of a warning about signed/unsigned comparison

This is a backport of 0a5338e03c that
accidentally only went into master
2011-11-20 15:15:14 +01:00
Sebastian Hahn
3dc2a1c62c Get rid of an unused parameter warning on win
This is a backport of bed79c47f4 which
accidentally only went into master
2011-11-20 03:02:28 +01:00
Anders Sundman
edc561432a Minor tor_inet_pton bug fixes
In particular:
* Disallow "0x10::"
* Don't blow up on ":"
* Disallow "::10000"
2011-11-19 10:58:33 +01:00
Nick Mathewson
2f3dad10a8 Merge branch 'bug4457_master' 2011-11-16 16:23:15 -05:00
Sebastian Hahn
8200a85323 Fix a check-spaces complaint 2011-11-16 16:40:56 +01:00
Sebastian Hahn
9fc7725aba Don't allow building on platforms where AF_UNSPEC != 0 2011-11-16 16:39:04 +01:00
Nick Mathewson
69dd993a92 Make certificate skew into a protocol warning 2011-11-15 15:57:46 -05:00
Nick Mathewson
87622e4c7e Allow up to a 30 days future skew, 48 hours past skew in certs. 2011-11-15 15:57:41 -05:00
Sebastian Hahn
4b8d2ad6f5 Fix compile warnings on windows 2011-11-15 13:34:04 +01:00
Nick Mathewson
7be50c26e8 Disable IOCP and retry event_base_new_with_config once on failure
This is a fancier bug4457 workaround for 0.2.3.  In 0.2.2, we could
just tell Libevent "Don't enable locking!" so it wouldn't try to make
the event_base notifiable.  But for IOCP, we need a notifiable base.
(Eventually, we'll want a notifiable base for other stuff, like
multithreaded crypto.)  So the solution is to try a full-featured
initialization, and then retry with all the options turned off if that
fails.
2011-11-14 18:12:29 -05:00
Nick Mathewson
cf8117136c Merge remote-tracking branch 'public/bug4457_022' into bug4457_master
Conflicts:
	src/common/compat_libevent.c

Resolving conflict by not taking 7363eae13c ("Use the
EVENT_BASE_FLAG_NOLOCK flag to prevent socketpair() invocation"): in
Tor 0.2.3.x, we _do_ sometimes use notifiable event bases.
2011-11-14 17:59:42 -05:00
Nick Mathewson
0f6c021617 Detect failure from event_init() or event_base_new_with_config() 2011-11-14 17:53:45 -05:00
Nick Mathewson
7363eae13c Use the EVENT_BASE_FLAG_NOLOCK flag to prevent socketpair() invocation
In Tor 0.2.2, we never need the event base to be notifiable, since we
don't call it from other threads.  This is a workaround for bug 4457,
which is not actually a Tor bug IMO.
2011-11-14 17:48:57 -05:00
Nick Mathewson
8592126a18 Merge remote-tracking branch '4ZM/topic/test/4433_address' 2011-11-14 12:53:34 -05:00
George Kadianakis
406ae1ba5a Use callback-driven approach to block renegotiations.
Also use this new approach in the bufferevents-enabled case.
2011-11-13 14:47:11 +01:00
Sebastian Hahn
a2ecf131f3 Remove the torint.h include from aes.h
This hasn't been needed for a while, there's nothing in aes.h now that
would need uint* stuff.
2011-11-11 11:47:25 -05:00
Nick Mathewson
46d236c684 Remove vestiges of RIJNDAEL_COUNTER_OPTIMIZATION 2011-11-11 11:47:25 -05:00
Nick Mathewson
7d8edfcceb Stop using "u32" and "u8" in aes.c 2011-11-11 11:47:24 -05:00
Nick Mathewson
21cf7079fe Dump our internal AES implementation
This thing was pretty pointless on versions of OpenSSL 0.9.8 and later,
and almost totally pointless on OpenSSL 1.0.0.

Also, favor EVP by default, since it lets us get hardware acceleration
where present.  (See issue 4442)
2011-11-11 11:47:24 -05:00
Anders Sundman
1b97588a31 Return value bugfix of tor_addr_to_PTR_name
Returns value semantics was inconsitent between IPv4 and IPv6
2011-11-11 08:14:32 +01:00
Anders Sundman
930eed21c3 Fixed buffer bounds check bug in tor_addr_to_str 2011-11-11 07:53:58 +01:00
Anders Sundman
01e1dc0e62 Fixed of-by-one error in tor_inet_ntop
The of-by-one error could lead to 1 byte buffer over runs IPv6 for addresses.
2011-11-11 07:47:00 +01:00
Nick Mathewson
e1c6431e42 Correct the handling of overflow behavior in smartlist_ensure_capacity
The old behavior was susceptible to the compiler optimizing out our
assertion check, *and* could still overflow size_t on 32-bit systems
even when it did work.
2011-11-09 14:48:52 -05:00
Nick Mathewson
9452b65680 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-11-09 10:28:43 -05:00
Sebastian Hahn
0cc7a63fc0 Don't warn when compiling with --disable-threads
STMT_VOID semantics suggested by nick, thanks!
2011-11-09 10:26:35 +01:00
George Kadianakis
e097bffaed Fix issues pointed out by nickm.
- Rename tor_tls_got_server_hello() to tor_tls_got_client_hello().
- Replaced some aggressive asserts with LD_BUG logging.

  They were the innocent "I believe I understand how these callbacks
  work, and this assert proves it" type of callbacks, and not the "If
  this statement is not true, computer is exploding." type of
  callbacks.
- Added a changes file.
2011-11-03 22:33:50 +01:00
Andrea Gelmini
72d4d762c1 Remove some duplicate includes 2011-11-03 10:23:33 -04:00
Nick Mathewson
7a8960cf1b Fix a memory-poisoning memset in tortls.c 2011-10-28 16:37:42 -04:00
Sebastian Hahn
2dec6597af Merge branch 'maint-0.2.2_secfix' into master_secfix
Conflicts:
	src/common/tortls.c
	src/or/connection_or.c
	src/or/dirserv.c
	src/or/or.h
2011-10-27 00:38:45 +02:00
Sebastian Hahn
df05e5ef4d Merge branch 'maint-0.2.1_secfix' into maint-0.2.2_secfix
Conflicts:
	src/or/connection_or.c
2011-10-26 23:30:27 +02:00
Nick Mathewson
638fdedcf1 Don't send a certificate chain on outgoing TLS connections from non-relays 2011-10-26 23:20:56 +02:00
Nick Mathewson
beb9097bed Merge remote-tracking branch 'origin/maint-0.2.2' 2011-10-26 11:08:19 -04:00
Sebastian Hahn
3a890b3b70 Properly refcount client_identity_key
In a2bb0bf we started using a separate client identity key. When we are
in "public server mode" (that means not a bridge) we will use the same
key. Reusing the key without doing the proper refcounting leads to a
segfault on cleanup during shutdown. Fix that.

Also introduce an assert that triggers if our refcount falls below 0.
That should never happen.
2011-10-26 14:17:01 +02:00
Nick Mathewson
299a78c5fe Make crypto_free_pk_env tolerate NULL arg in 0.2.1. Error-proofing against bug 988 backport 2011-10-26 14:14:05 +02:00
Robert Ransom
9976df9e56 Maintain separate server and client TLS contexts.
Fixes bug #988.

Conflicts:

	src/or/main.c
	src/or/router.c
2011-10-26 14:13:55 +02:00
Robert Ransom
8781640111 Refactor tor_tls_context_new:
* Make tor_tls_context_new internal to tortls.c, and return the new
  tor_tls_context_t from it.

* Add a public tor_tls_context_init wrapper function to replace it.

Conflicts:

	src/or/main.c
	src/or/router.c
2011-10-26 14:08:36 +02:00
George Kadianakis
e2b3527106 Also handle needless renegotiations in SSL_write().
SSL_read(), SSL_write() and SSL_do_handshake() can always progress the
SSL protocol instead of their normal operation, this means that we
must be checking for needless renegotiations after they return.

Introduce tor_tls_got_excess_renegotiations() which makes the
          tls->server_handshake_count > 2
check for us, and use it in tor_tls_read() and tor_tls_write().

Cases that should not be handled:

* SSL_do_handshake() is only called by tor_tls_renegotiate() which is a
  client-only function.

* The SSL_read() in tor_tls_shutdown() does not need to be handled,
  since SSL_shutdown() will be called if SSL_read() returns an error.
2011-10-26 13:36:30 +02:00
Nick Mathewson
c5a3664f27 Fix zlib macro brokenness on osx with zlib 1.2.4 and higher.
From the code:
   zlib 1.2.4 and 1.2.5 do some "clever" things with macros.  Instead of
   saying "(defined(FOO) ? FOO : 0)" they like to say "FOO-0", on the theory
   that nobody will care if the compile outputs a no-such-identifier warning.

   Sorry, but we like -Werror over here, so I guess we need to define these.
   I hope that zlib 1.2.6 doesn't break these too.

Possible fix for bug 1526.
2011-10-26 07:30:11 -04:00
George Kadianakis
340809dd22 Get rid of tor_tls_block_renegotiation().
Since we check for naughty renegotiations using
tor_tls_t.server_handshake_count we don't need that semi-broken
function (at least till there is a way to disable rfc5746
renegotiations too).
2011-10-26 13:16:14 +02:00
George Kadianakis
ecd239e3b5 Detect and deny excess renegotiations attempts.
Switch 'server_handshake_count' from a uint8_t to 2 unsigned int bits.
Since we won't ever be doing more than 3 handshakes, we don't need the
extra space.

Toggle tor_tls_t.got_renegotiate based on the server_handshake_count.
Also assert that when we've done two handshakes as a server (the initial
SSL handshake, and the renegotiation handshake) we've just
renegotiated.

Finally, in tor_tls_read() return an error if we see more than 2
handshakes.
2011-10-26 03:12:18 +02:00
George Kadianakis
4fd79f9def Detect renegotiation when it actually happens.
The renegotiation callback was called only when the first Application
Data arrived, instead of when the renegotiation took place.

This happened because SSL_read() returns -1 and sets the error to
SSL_ERROR_WANT_READ when a renegotiation happens instead of reading
data [0].

I also added a commented out aggressive assert that I won't enable yet
because I don't feel I understand SSL_ERROR_WANT_READ enough.

[0]: Look at documentation of SSL_read(), SSL_get_error() and
     SSL_CTX_set_mode() (SSL_MODE_AUTO_RETRY section).
2011-10-26 03:09:22 +02:00
George Kadianakis
69a821ea1c Refactor the SSL_set_info_callback() callbacks.
Introduce tor_tls_state_changed_callback(), which handles every SSL
state change.

The new function tor_tls_got_server_hello() is called every time we
send a ServerHello during a v2 handshake, and plays the role of the
previous tor_tls_server_info_callback() function.
2011-10-26 02:05:45 +02:00
George Kadianakis
6b3c3b968f Rename tor_process_destroy() to tor_process_handle_destroy(). 2011-10-24 16:04:31 +02:00
George Kadianakis
47a5b8009b Improve general code quality.
- Add a tor_process_get_pid() function that returns the PID of a
  process_handle_t.
- Conform to make check-spaces.
- Add some more documentation.
- Improve some log messages.
2011-10-24 16:01:24 +02:00
George Kadianakis
f12a40d860 Prepare util.[ch] to use the new process_handle_t API.
Also, create tor_process_destroy() which destroys a process_handle_t.
2011-10-24 15:55:53 +02:00
Nick Mathewson
87a93917c3 Fix a reference-leak in tor_tls_received_v3_certificate
We were calling SSL_get_peer_certificate but not X509_free.

This is a major part of bug4252; the bug has been in no released version.
2011-10-23 13:23:53 -04:00
Nick Mathewson
80cf342e47 Fix memory leak in prop176 code
This fixes part of bug4252.  Bug not in any released version.
2011-10-23 13:23:53 -04:00
George Kadianakis
45307ff980 Port managed proxy launching code to the new subprocess API. 2011-10-17 22:46:44 +02:00
Nick Mathewson
426f6bfda2 Stop using addr_port_lookup as an address splitting function
It's too risky to have a function where if you leave one parameter
NULL, it splits up address:port strings, but if you set it, it does
hostname resolution.
2011-10-11 12:02:19 -04:00
Nick Mathewson
491e20ae13 Change "reverse_lookup_name" functions to refer to "PTR_name"s
Under the new convention, having a tor_addr.*lookup function that
doesn't do hostname resolution is too close for comfort.

I used this script here, and have made no other changes.

  s/tor_addr_parse_reverse_lookup_name/tor_addr_parse_PTR_name/g;
  s/tor_addr_to_reverse_lookup_name/tor_addr_to_PTR_name/g;
2011-10-11 11:48:21 -04:00
Nick Mathewson
00b2b69add Fix names of functions that convert strings to addrs
Now let's have "lookup" indicate that there can be a hostname
resolution, and "parse" indicate that there wasn't.  Previously, we
had one "lookup" function that did resolution; four "parse" functions,
half of which did resolution; and a "from_str()" function that didn't
do resolution.  That's confusing and error-prone!

The code changes in this commit are exactly the result of this perl
script, run under "perl -p -i.bak" :

  s/tor_addr_port_parse/tor_addr_port_lookup/g;
  s/parse_addr_port(?=[^_])/addr_port_lookup/g;
  s/tor_addr_from_str/tor_addr_parse/g;

This patch leaves aton and pton alone: their naming convention and
behavior is is determined by the sockets API.

More renaming may be needed.
2011-10-11 11:30:12 -04:00
Nick Mathewson
69921837a7 Fix a bunch of whitespace errors 2011-10-11 11:30:01 -04:00
Nick Mathewson
8af0cfc10d Add some points to make it easy to turn off v3 support 2011-10-10 23:14:32 -04:00
Sebastian Hahn
35fe4825fc Quiet two notices, and spelling mistake cleanup 2011-10-10 23:14:31 -04:00
Nick Mathewson
e56d7a3809 Give tor_cert_get_id_digests() fail-fast behavior
Right now we can take the digests only of an RSA key, and only expect to
take the digests of an RSA key.  The old tor_cert_get_id_digests() would
return a good set of digests for an RSA key, and an all-zero one for a
non-RSA key.  This behavior is too error-prone: it carries the risk that
we will someday check two non-RSA keys for equality and conclude that
they must be equal because they both have the same (zero) "digest".

Instead, let's have tor_cert_get_id_digests() return NULL for keys we
can't handle, and make its callers explicitly test for NULL.
2011-10-10 23:14:31 -04:00
Nick Mathewson
40f0d111c2 Fix some more issues wrt tor_cert_new found by asn 2011-10-10 23:14:30 -04:00
Nick Mathewson
6bfb31ff56 Generate certificates that enable v3 handshake 2011-10-10 23:14:29 -04:00
Nick Mathewson
445f947890 Remove a no-longer-relevant comment 2011-10-10 23:14:17 -04:00
Nick Mathewson
9a77ebc794 Make tor_tls_cert_is_valid check key lengths 2011-10-10 23:14:17 -04:00
Nick Mathewson
e48e47fa03 Function to return peer cert as tor_tls_cert 2011-10-10 23:14:16 -04:00
Nick Mathewson
a6fc5059cd Add AUTH keys as specified in proposal 176
Our keys and x.509 certs are proliferating here.  Previously we had:
   An ID cert (using the main ID key), self-signed
   A link cert (using a shorter-term link key), signed by the ID key

Once proposal 176 and 179 are done, we will also have:
   Optionally, a presentation cert (using the link key),
       signed by whomever.
   An authentication cert (using a shorter-term ID key), signed by
       the ID key.

These new keys are managed as part of the tls context infrastructure,
since you want to rotate them under exactly the same circumstances,
and since they need X509 certificates.
2011-10-10 23:14:16 -04:00
Nick Mathewson
0a4f562772 Functions to get a public RSA key from a cert 2011-10-10 23:14:16 -04:00
Nick Mathewson
92602345e0 Function to detect certificate types that signal v3 certificates 2011-10-10 23:14:10 -04:00
Nick Mathewson
8c9fdecfe9 Function to get digests of the certs and their keys 2011-10-10 23:14:10 -04:00
Nick Mathewson
f4c1fa2a04 More functions to manipulate certs received in cells 2011-10-10 23:14:10 -04:00
Nick Mathewson
c39688de6c Function to extract the TLSSECRETS field for v3 handshakes 2011-10-10 23:14:10 -04:00
Nick Mathewson
fdbb9cdf74 Add a sha256 hmac function, with tests 2011-10-10 23:14:09 -04:00
Nick Mathewson
c0bbcf138f Turn X509 certificates into a first-class type and add some functions 2011-10-10 23:14:02 -04:00
Nick Mathewson
dcf69a9e12 New function to get all digests of a public key 2011-10-10 23:14:02 -04:00
Sebastian Hahn
cce85c819b Fix a compile warning on OS X 10.6 and up 2011-10-11 02:25:00 +02:00
Nick Mathewson
6a673ad313 Add a missing comma in tor_check_port_forwarding
My fault; fix for bug 4213.
2011-10-10 11:42:05 -04:00
Nick Mathewson
ed39621a9d Merge remote-tracking branch 'asn2/bug3656'
Conflicts:
	src/common/util.c
	src/common/util.h
	src/or/config.h
	src/or/main.c
	src/test/test_util.c
2011-10-07 16:05:13 -04:00
George Kadianakis
3be9d76fa2 Make it compile on Windows™. 2011-10-07 15:44:44 +02:00
Nick Mathewson
246afc1b1b Make internal error check for unrecognized digest algorithm more robust
Fixes Coverity CID 479.
2011-10-06 14:13:09 -04:00
Nick Mathewson
2725a88d5e Merge remote-tracking branch 'origin/maint-0.2.2' 2011-10-03 15:19:00 -04:00
Sebastian Hahn
103c861dfe Looks like Windows version 6.2 will be Windows 8
Thanks to funkstar for the report
2011-10-01 14:50:44 +02:00
Nick Mathewson
41dfc4c19c Make bufferevents work with TokenBucketRefillInterval 2011-09-22 15:07:34 -04:00
Nick Mathewson
40288e1e66 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-09-20 10:25:56 -04:00
Mansour Moufid
1ba90ab655 Fix a potentially useless integer overflow check.
GCC 4.2 and maybe other compilers optimize away unsigned integer
overflow checks of the form (foo + bar < foo), for all bar.

Fix one such check in `src/common/OpenBSD_malloc_Linux.c'.
2011-09-20 09:52:44 -04:00
George Kadianakis
2e73f9b3ee Put some sense into our logging.
Transform our logging severities to something more sensible.
Remove sneaky printf()s.
2011-09-12 00:10:07 +02:00
George Kadianakis
de7565f87f Make check-spaces happy. 2011-09-11 23:34:36 +02:00
George Kadianakis
c6811c57cb Enforce transport names being C identifiers.
Introduce string_is_C_identifier() and use it to enforce transport
names according to the 180 spec.
2011-09-11 23:34:11 +02:00
George Kadianakis
782810a8bf Introduce tor_terminate_process() function. 2011-09-11 20:26:01 +02:00
Nick Mathewson
a41f1fc612 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	configure.in
	src/or/circuitbuild.c
2011-09-09 12:58:12 -04:00
Steven Murdoch
cfa9ee5fe7 Fix double-closing a stdio stream
After a stream reached eof, we fclose it, but then
test_util_spawn_background_partial_read() reads from it again, which causes
an error and thus another fclose(). Some platforms are fine with this, others
(e.g. debian-sid-i386) trigger a double-free() error. The actual code used by
Tor (log_from_pipe() and tor_check_port_forwarding()) handle this case
correctly.
2011-09-01 14:15:54 +01:00
Nick Mathewson
6a3e4a89a2 Tweaks on last process-launch patches 2011-08-31 22:14:38 -04:00
Steven Murdoch
5b8a20ed44 Make a version of tor_read_all_handle() for non-Windows platforms
Mainly used for testing reading from subprocesses. To be more generic
we now pass in a pointer to a process_handle_t rather than a Windows-
specific HANDLE.
2011-09-01 01:43:44 +01:00
Nick Mathewson
a7c07605d0 Add a missing include to util.c to get waitpid() on Linux 2011-08-31 00:36:43 -04:00
Nick Mathewson
0ac4b0f99d Check for lround with autoconf; fall back to rint. 2011-08-30 22:22:15 -04:00
Sebastian Hahn
03760f6c6f Fix a compilation issue on older FreeBSDs 2011-08-30 20:45:49 -04:00
Nick Mathewson
2778cdd671 Rename tor_join_cmdline to tor_join_win_cmdline; tweak doxygen 2011-08-30 16:00:08 -04:00
Nick Mathewson
4f585b9ee2 Merge remote-tracking branch 'sjmurdoch/bug2046' 2011-08-30 15:51:45 -04:00
Steven Murdoch
d1dd9991cd Document limitation of log_from_handle with partial reads 2011-08-30 15:02:28 +01:00
Steven Murdoch
da34360952 Factor out and re-write code for splitting lines from a handle
Now handles non-printable characters and will not output a spurious
new-line if given a partial line.
2011-08-30 14:55:51 +01:00
Steven Murdoch
bc97f41080 Refactor out command line formatting
Now correctly handles whitespace, quotes and backslashes. Passes all unit tests.
2011-08-29 14:37:38 +01:00
Steven Murdoch
93792b5aa6 Add a sanity check 2011-08-29 00:36:41 +01:00
Steven Murdoch
f1ff65dfad Replace two magic tristates with #define'd names
- process_handle_t.status
- return value of tor_get_exit_code()
2011-08-29 00:30:18 +01:00
Steven Murdoch
3f0a197aad Make signature of tor_spawn_background more conventional
Conventionally in Tor, structs are returned as pointers, so change
tor_spawn_background() to return the process handle in a pointer rather
than as return value.
2011-08-28 23:35:02 +01:00
Nick Mathewson
f186e16241 Add write watermarks to filtered bufferevents. 2011-08-24 17:31:37 -04:00
Nick Mathewson
59d0f750c9 Apply rate-limiting to the lowest bufferevent in the stack.
When we're doing filtering ssl bufferevents, we want the rate-limits
to apply to the lowest level of the bufferevent stack, so that we're
actually limiting bytes sent on the network. Otherwise, we'll read
from the network aggressively, and only limit stuff as we process it.
2011-08-24 17:31:32 -04:00
Steven Murdoch
1da5081ae0 Appease "make check-spaces" 2011-08-24 21:34:13 +01:00
Steven Murdoch
50b48c3ea7 Improve comments and fix one bug 2011-08-24 21:33:53 +01:00
Steven Murdoch
476807211c We don't need to find our own path, just tell Windows to search 2011-08-24 20:50:58 +01:00
Nick Mathewson
ede9cd4f99 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-08-24 13:53:17 -04:00
Gisle Vanem
5939c09d35 lround() missing in MSVC
lround() is missing in MS Visual-C's <math.h>. Not available anywhere.
Here is an easy patch.
2011-08-24 13:52:44 -04:00
Steven Murdoch
2efafdfe14 Fix compilation errors under *nix 2011-08-23 01:09:24 +01:00
Steven Murdoch
1ad986335a Tidy up subprocess code
- Better error handling
- Write description of functions
- Don't assume non-negative process return values
2011-08-22 19:43:38 +01:00
Steven Murdoch
f46f6aabb4 Fix some compiler warnings 2011-08-22 18:13:58 +01:00
Steven Murdoch
6443a756df Merge branch 'bug1983-port-tor-fw-helper-to-windows' into bug2046
Conflicts:
	configure.in
	src/tools/tor-fw-helper/Makefile.am
	src/tools/tor-fw-helper/tor-fw-helper-upnp.c
	src/tools/tor-fw-helper/tor-fw-helper.c
2011-08-22 17:53:17 +01:00
Nick Mathewson
d3653063d3 Automatically use filtering bufferevents with IOCP. 2011-08-18 15:16:05 -04:00
Steven Murdoch
cc5b6d6cee Merge remote branch 'origin/master' into bug2046 2011-08-18 18:42:02 +01:00
Steven Murdoch
7d015c886a Complete logging of output from port forwarding helper 2011-08-18 18:41:23 +01:00
Nick Mathewson
52e36feda1 Call evthread_use_windows_threads when running with IOCP on windows 2011-08-17 14:44:16 -04:00
Sebastian Hahn
6a06f45b04 Actually pick a random port when "auto" is specified
ddc65e2b33 had broken this
2011-08-17 10:41:36 -04:00
George Kadianakis
db4cde3810 Improve the code a tad.
* Use strcmpstart() instead of strcmp(x,y,strlen(y)).
* Warn the user if the managed proxy failed to launch.
* Improve function documentation.
* Use smartlist_len() instead of n_unconfigured_proxies.
* Split managed_proxy_destroy() to managed_proxy_destroy()
  and managed_proxy_destroy_with_transports().
* Constification.
2011-08-15 17:26:03 +02:00
Sebastian Hahn
f137ae896e Don't warn on http connection to my orport
Also remove a few other related warnings that could occur during the ssl
handshake. We do this because the relay operator can't do anything about
them, and they aren't their fault.
2011-08-11 20:37:51 +02:00
Nick Mathewson
b76f46c6d8 Merge branch 'bug1692-squashed' 2011-08-10 15:04:36 -04:00
Robert Ransom
e42a74e563 Add smartlist_[v]asprintf_add
I should have added this before implementing #2411.
2011-08-10 15:03:24 -04:00
Sebastian Hahn
bed79c47f4 Get rid of an unused parameter warning on win 2011-08-09 11:03:17 +02:00
Sebastian Hahn
0a5338e03c Sockets are unsigned on windows
this gets rid of a warning about signed/unsigned comparison
2011-08-09 11:03:16 +02:00
Nick Mathewson
e802199cb3 Initial patch to build Tor with msvc and nmake
We'll still need to tweak it so that it looks for includes and
libraries somewhere more sensible than "where we happened to find
them on Erinn's system"; so that tests and tools get built too;
so that it's a bit documented; and so that we actually try running
the output.

Work done with Erinn Clark.
2011-08-01 12:36:59 -04:00
Steven Murdoch
5bf9890b3b Test case for reading the partial output of a background process 2011-07-25 04:08:08 +01:00
Steven Murdoch
99baa7e45c Fix compilation on non-Windows platforms 2011-07-23 23:49:30 +01:00
Steven Murdoch
c5796a8fb2 If hProcess is NULL, read_all_handle returns if it would block 2011-07-23 21:35:50 +01:00
Steven Murdoch
2d5059e08e Use PeekNamedPipe to avoid blocking ReadFile when there is nothing to read 2011-07-22 21:12:00 +01:00
Steven Murdoch
55a1cb53d6 Add code to read all from a handle, but this block forever
See http://stackoverflow.com/questions/3722409/windows-child-process-with-redirected-input-and-output
for a potential solution
2011-07-22 15:57:56 +01:00
Steven Murdoch
fec902dd60 Add Windows version of tor_spawn_background and ancillary functions 2011-07-21 19:26:19 +01:00
Steven Murdoch
35c89be02b Generalize process spawning so its test compiles (but fails) in Windows
- pid, stdout/stderr_pipe now encapsulated in process_handle
- read_all replaced by tor_read_all_from_process_stdin/stderr
- waitpid replaced by tor_get_exit_code

Untested on *nix
2011-07-21 16:34:48 +01:00
Nick Mathewson
1d7beea2ab Merge remote-tracking branch 'origin/maint-0.2.2' 2011-07-20 13:17:59 -04:00
Nick Mathewson
718252b253 Check return value in fmt_addr
Previously, if tor_addr_to_str() returned NULL, we would reuse the
last value returned by fmt_addr().  (This could happen if we were
erroneously asked to format an AF_UNSPEC address.)  Now instead we
return "???".
2011-07-20 13:17:48 -04:00
Nick Mathewson
94f85f216a Turn streq_opt into a generic strcmp_opt. 2011-07-19 02:36:11 -04:00
Nick Mathewson
773bfaf91e Implement stream isolation
This is the meat of proposal 171: we change circuit_is_acceptable()
to require that the connection is compatible with every connection
that has been linked to the circuit; we update circuit_is_better to
prefer attaching streams to circuits in the way that decreases the
circuits' usefulness the least; and we update link_apconn_to_circ()
to do the appropriate bookkeeping.
2011-07-19 01:58:45 -04:00
George Kadianakis
69271b2a38 Reuse get_string_from_pipe() in log_from_pipe(). 2011-07-18 17:06:16 +02:00
George Kadianakis
14c5a24fe7 Replaced ST_* enum prefix for stream status with IO_STREAM_*. 2011-07-18 02:35:29 +02:00
Nick Mathewson
44cfa53873 Make WIN32_WINNT defines conditional
Requested by Gisle Vanem on tor-dev.  I'm not quite sure this is the
right solution, but it's probably harmless.
2011-07-15 10:03:59 -04:00
George Kadianakis
810a7a5fa0 Make some utility functions.
* Create a function that will get input from a stream, so that we can
  communicate with the managed proxy.
* Hackish change to tor_spawn_background() so that we can specify an
  environ for our spawn.
2011-07-13 18:59:52 +02:00
Nick Mathewson
3f97c665aa Document feature3116 fns and improve output
- We were reporting the _bottom_ N failing states, not the top N.
- With bufferevents enabled, we logged all TLS states as being "in
  bufferevent", which isn't actually informative.
- When we had nothing to report, we reported nothing too loudly.
- Also, we needed documentation.
2011-07-11 16:13:17 -04:00
Nick Mathewson
734d9486f6 Record the states of failing OR connections
This code lets us record the state of any outgoing OR connection
that fails before it becomes open, so we can notice if they're all
dying in the same SSL state or the same OR handshake state.

More work is still needed:
  - We need documentation
  - We need to actually call the code that reports the failure when
    we realize that we're having a hard time connecting out or
    making circuits.
  - We need to periodically clear out all this data -- perhaps,
    whenever we build a circuit successfully?
  - We'll eventually want to expose it to controllers, perhaps.

Partial implementation of feature 3116.
2011-07-11 16:13:17 -04:00
Nick Mathewson
e273890b10 Merge branch 'cov217_master' 2011-07-01 12:57:21 -04:00
Nick Mathewson
734e860d98 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-07-01 12:56:40 -04:00
Nick Mathewson
2ba19f9b4a Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-07-01 12:55:23 -04:00
Nick Mathewson
d25feadebb Fix insanely large stack_allocation in log_credential_status
I'm not one to insist on C's miserly stack limits, but allocating a
256K array on the stack is too much even for me.

Bugfix on 0.2.1.7-alpha.  Found by coverity.  Fixes CID # 450.
2011-07-01 12:38:05 -04:00
Nick Mathewson
a0ae80788c Replace 4 more sscanf()s with tor_sscanf()
For some inexplicable reason, Coverity departs from its usual
standards of avoiding false positives here, and warns about all
sscanf usage, even when the formatting strings are totally safe.

Addresses CID # 447, 446.
2011-07-01 11:26:30 -04:00
Nick Mathewson
9919b01275 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-06-22 18:15:27 -04:00
Robert Ransom
2b5ebc7097 Improve documentation of smartlist_split_string 2011-06-22 14:09:43 -07:00
Robert Ransom
d7254bea11 Fix minor comment issues 2011-06-22 14:09:43 -07:00
Nick Mathewson
410e440a8d Log SSL state changes at LOG_DEBUG, LD_HANDSHAKE.
This can be slightly useful for debugging blocking events.

Addresses ticket 3116; based on loud_ssl_states branch.
2011-06-20 17:45:12 -04:00
Nick Mathewson
997499369e Merge remote-tracking branch 'origin/maint-0.2.2' 2011-06-20 15:28:16 -04:00
Nick Mathewson
1040ccafb2 Fix overwide lines in util.c 2011-06-20 15:28:06 -04:00
Nick Mathewson
8839b86085 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-06-14 12:25:33 -04:00
Jérémy Bobbio
54d7d31cba Make ControlSocketsGroupWritable work with User.
Original message from bug3393:

check_private_dir() to ensure that ControlSocketsGroupWritable is
safe to use. Unfortunately, check_private_dir() only checks against
the currently running user… which can be root until privileges are
dropped to the user and group configured by the User config option.

The attached patch fixes the issue by adding a new effective_user
argument to check_private_dir() and updating the callers. It might
not be the best way to fix the issue, but it did in my tests.

(Code by lunar; changelog by nickm)
2011-06-14 12:18:32 -04:00
Nick Mathewson
d25d08dc4d Merge remote-tracking branch 'asn2/bug3336' 2011-06-06 18:34:45 -04:00
Nick Mathewson
8cd5a3c186 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-06-06 16:20:22 -04:00
Nick Mathewson
5afab5ca19 Check maximum properly in crypto_rand_int()
George Kadianakis notes that if you give crypto_rand_int() a value
above INT_MAX, it can return a negative number, which is not what
the documentation would imply.

The simple solution is to assert that the input is in [1,INT_MAX+1].
If in the future we need a random-value function that can return
values up to UINT_MAX, we can add one.

Fixes bug 3306; bugfix on 0.2.2pre14.
2011-06-06 16:18:06 -04:00
George Kadianakis
9eab601f10 Add the heartbeat domain in log.c:domain_list[]
so that parse_log_domain() doesn't fail.
2011-06-05 21:27:53 +02:00
Nick Mathewson
12f9c91c06 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-06-03 11:36:21 -04:00
Nick Mathewson
bbf2fee8ff Reject 128-byte keys that are not 1024-bit
When we added the check for key size, we required that the keys be
128 bytes.  But RSA_size (which defers to BN_num_bytes) will return
128 for keys of length 1017..1024.  This patch adds a new
crypto_pk_num_bits() that returns the actual number of significant
bits in the modulus, and uses that to enforce key sizes.

Also, credit the original bug3318 in the changes file.
2011-06-03 11:31:19 -04:00
Nick Mathewson
b73a662a26 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-06-01 11:11:31 -04:00
Gisle
1d8bcba067 Fix compile error in procmon.c
An elusive compile-error (MingW-gcc v4.50 on Win_XP); a missing
comma (!) and a typo ('err_msg' at line 277 changed to 'errmsg').
Aso changed the format for 'err_code' at line 293 into a "%ld" to suppress
a warning. How did this go unnoticed for ~1 month? Btw. This is my 1st ever
'git commit', so it better work.
2011-06-01 11:11:12 -04:00
Nick Mathewson
fa1d47293b Merge remote-tracking branch 'origin/maint-0.2.2'
The conflicts were mainly caused by the routerinfo->node transition.

Conflicts:
	src/or/circuitbuild.c
	src/or/command.c
	src/or/connection_edge.c
	src/or/directory.c
	src/or/dirserv.c
	src/or/relay.c
	src/or/rendservice.c
	src/or/routerlist.c
2011-05-30 15:41:46 -04:00
Nick Mathewson
7f0fb8e608 whitespace fixes 2011-05-30 15:21:06 -04:00
Nick Mathewson
21de9d46e2 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/common/compat.c
	src/or/main.c
2011-05-30 14:58:26 -04:00
Nick Mathewson
da7c60dcf3 Merge remote-tracking branch 'public/bug3270' into maint-0.2.2 2011-05-30 14:49:49 -04:00
Nick Mathewson
8e09f7cf10 Fix a -Wunused-but-set-variable instance in master 2011-05-28 01:57:38 -04:00
Nick Mathewson
6f200b61b7 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-23 02:16:25 -04:00
Robert Ransom
6cac100b13 Unbreak the build on libevent 1.x systems 2011-05-22 22:54:02 -07:00
Nick Mathewson
2527acb2dc Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/common/Makefile.am
	src/or/control.c
2011-05-23 01:23:53 -04:00
Nick Mathewson
b80a8bba19 Merge branch 'feature3049-v2' into maint-0.2.2
Conflicts:
	src/common/Makefile.am
2011-05-23 01:19:04 -04:00
Nick Mathewson
1e69c60dcc The first argument for a libevent callback should be evutil_socket_t 2011-05-23 01:12:00 -04:00
Nick Mathewson
93b699e1ea Appease make check-spaces wrt procmon.h 2011-05-23 01:10:49 -04:00
Nick Mathewson
cfeafe5e77 Use a 64-bit type to hold sockets on win64.
On win64, sockets are of type UINT_PTR; on win32 they're u_int;
elsewhere they're int.  The correct windows way to check a socket for
being set is to compare it with INVALID_SOCKET; elsewhere you see if
it is negative.

On Libevent 2, all callbacks take sockets as evutil_socket_t; we've
been passing them int.

This patch should fix compilation and correctness when built for
64-bit windows.  Fixes bug 3270.
2011-05-23 00:17:48 -04:00
Roger Dingledine
cb7fff193e Merge branch 'maint-0.2.2' 2011-05-21 18:14:16 -04:00
Roger Dingledine
a2851d3034 what's up with this trailing whitespace 2011-05-20 23:30:37 -04:00
Robert Ransom
0caa37db4d Fix some comments 2011-05-20 08:25:42 -07:00
Robert Ransom
4b266c6e72 Implement __OwningControllerProcess option
Implements part of feature 3049.
2011-05-20 08:25:42 -07:00
Nick Mathewson
03ccce6d77 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-16 14:50:53 -04:00
Nick Mathewson
e908e3a332 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
Fixed trivial conflict due to headers moving into their own .h files
from or.h.

Conflicts:
	src/or/or.h
2011-05-16 14:49:55 -04:00
Nick Mathewson
4a22046c86 squash! Add crypto_pk_check_key_public_exponent function
Rename crypto_pk_check_key_public_exponent to crypto_pk_public_exponent_ok:
it's nice to name predicates s.t. you can tell how to interpret true
and false.
2011-05-16 14:45:06 -04:00
Robert Ransom
d2629f78a0 Add crypto_pk_check_key_public_exponent function 2011-05-16 14:07:34 -04:00
Nick Mathewson
de8e0ef0bd Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-15 22:15:06 -04:00
Nick Mathewson
83fe07d3f2 Increase the length of the buffer in smartlist_string_num_isin().
This was harmless, since we only used this for checking for lists of
port values, but it's the principle of the thing.

Fixes 3175; bugfix on 0.1.0.1-rc
2011-05-15 22:13:53 -04:00
Nick Mathewson
4ac8ff9c9f Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-15 20:22:44 -04:00
Nick Mathewson
f72e792be5 Make check_private_dir check for group ownership as appropriate 2011-05-15 20:20:30 -04:00
Nick Mathewson
287f6cb128 Fix up some comment issues spotted by rransom 2011-05-15 20:20:30 -04:00
Nick Mathewson
5d147d8527 Add a new flag to check_private_dir to make it _not_ change permissions
We'll need this for checking permissions on the directories that hold
control sockets: if somebody says "ControlSocket ~/foo", it would be
pretty rude to do a chmod 700 on their homedir.
2011-05-15 20:20:29 -04:00
Nick Mathewson
3b6cbf2534 Add a function to pull off the final component of a path 2011-05-15 20:20:29 -04:00
Nick Mathewson
b147c01295 Make check_private_dir accept g+rx dirs if told to do so. 2011-05-15 20:20:29 -04:00
Nick Mathewson
68acfefbdb Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-15 20:12:20 -04:00
Nick Mathewson
4c3853aca8 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
Conflicts:
	src/or/networkstatus.c
2011-05-15 20:09:10 -04:00
Nick Mathewson
00ff80e0ae Fixup whitespace issues from 3122 commit 2011-05-15 20:06:36 -04:00
Nick Mathewson
ced06a8009 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-15 19:56:40 -04:00
Nick Mathewson
d29c2eb921 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-05-15 19:56:27 -04:00
Nick Mathewson
10d670674a Another doc tweak on tor_memcmp: <b>b</b>, not <b>. 2011-05-15 19:56:05 -04:00
Roger Dingledine
b48f83ab8c minor tweaks to 4b19730c82 2011-05-15 19:20:42 -04:00
Nick Mathewson
37e3fb8af2 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/connection_edge.c
2011-05-15 11:44:51 -04:00
Nick Mathewson
2253697a04 New smartlist function to see if two lists of strings are equal.
We'll use this to detect changes in CSV options.
2011-05-13 16:18:53 -04:00
Nick Mathewson
600744b4be Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/config.c
	src/or/dirserv.c
	src/or/or.h
2011-05-13 10:48:07 -04:00
Nick Mathewson
28cc7b0180 Add a new "tor_sockaddr_to_str()" function
It does what it says on the tin.  It turns out I'll want this in a couple
of places.
2011-05-13 10:41:18 -04:00
Robert Ransom
c714a098ea Improve a documentation comment 2011-05-12 02:57:09 -07:00
Robert Ransom
cb9df5e53c Fix comment typo 2011-05-12 00:27:19 -07:00
Nick Mathewson
9fba014e3f Merge remote-tracking branch 'public/bug3122_memcmp_022' into bug3122_memcmp_023
Conflicts in various places, mainly node-related.  Resolved them in
favor of HEAD, with copying of tor_mem* operations from bug3122_memcmp_022.

	src/common/Makefile.am
	src/or/circuitlist.c
	src/or/connection_edge.c
	src/or/directory.c
	src/or/microdesc.c
	src/or/networkstatus.c
	src/or/router.c
	src/or/routerlist.c
	src/test/test_util.c
2011-05-11 16:39:45 -04:00
Nick Mathewson
0cbcbc3412 Re-apply the automated conversion to 0.2.2 to make handle any memcmps that snuck in 2011-05-11 16:27:27 -04:00
Nick Mathewson
44ad734573 Merge remote-tracking branch 'public/3122_memcmp_squashed' into bug3122_memcmp_022
Conflicts throughout.  All resolved in favor of taking HEAD and
adding tor_mem* or fast_mem* ops as appropriate.

	src/common/Makefile.am
	src/or/circuitbuild.c
	src/or/directory.c
	src/or/dirserv.c
	src/or/dirvote.c
	src/or/networkstatus.c
	src/or/rendclient.c
	src/or/rendservice.c
	src/or/router.c
	src/or/routerlist.c
	src/or/routerparse.c
	src/or/test.c
2011-05-11 16:24:29 -04:00
Nick Mathewson
59f9097d5c Hand-conversion and audit phase of memcmp transition
Here I looked at the results of the automated conversion and cleaned
them up as follows:

   If there was a tor_memcmp or tor_memeq that was in fact "safe"[*] I
   changed it to a fast_memcmp or fast_memeq.

   Otherwise if there was a tor_memcmp that could turn into a
   tor_memneq or tor_memeq, I converted it.

This wants close attention.

[*] I'm erring on the side of caution here, and leaving some things
as tor_memcmp that could in my opinion use the data-dependent
fast_memcmp variant.
2011-05-11 16:12:51 -04:00
Nick Mathewson
db7b2a33ee Automated conversion of memcmp to tor_memcmp/tor_mem[n]eq
This commit is _exactly_ the result of

perl -i -pe 's/\bmemcmp\(/tor_memcmp\(/g' src/*/*.[ch]
perl -i -pe 's/\!\s*tor_memcmp\(/tor_memeq\(/g' src/*/*.[ch]
perl -i -pe 's/0\s*==\s*tor_memcmp\(/tor_memeq\(/g' src/*/*.[ch]
perl -i -pe 's/0\s*!=\s*tor_memcmp\(/tor_memneq\(/g' src/*/*.[ch]
git checkout src/common/di_ops.[ch]
git checkout src/or/test.c
git checkout src/common/test.h
2011-05-11 16:12:51 -04:00
Nick Mathewson
1d703ed22b Add a "di_ops.h" include to util.h 2011-05-11 16:12:51 -04:00
Nick Mathewson
4b19730c82 Add a data-independent variant of memcmp and a d-i memeq function.
The tor_memcmp code is by Robert Ransom, and the tor_memeq code is
by me.  Both incorporate some ideas from DJB's stuff.
2011-05-11 16:12:33 -04:00
Robert Ransom
b7452dcbcb Fix comment typo 2011-05-10 05:15:02 -07:00
Nick Mathewson
1065a5ef29 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-05 21:54:04 -04:00
Nick Mathewson
330116f034 Fix up some check-spaces issues 2011-05-05 21:53:46 -04:00
Nick Mathewson
8b33928676 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-28 17:15:31 -04:00
John Brooks
2dc9546eef Correct the logic from f14754fbd for tor_gmtime_r 2011-04-28 17:13:45 -04:00
Nick Mathewson
51e551d383 Detect and handle NULL returns from (gm/local)time_r
These functions can return NULL for otherwise-valid values of
time_t.  Notably, the glibc gmtime manpage says it can return NULL
if the year if greater than INT_MAX, and the windows MSDN gmtime
page says it can return NULL for negative time_t values.

Also, our formatting code is not guaranteed to correctly handle
years after 9999 CE.

This patch tries to correct this by detecting NULL values from
gmtime/localtime_r, and trying to clip them to a reasonable end of
the scale.  If they are in the middle of the scale, we call it a
downright error.

Arguably, it's a bug to get out-of-bounds dates like this to begin
with.  But we've had bugs of this kind in the past, and warning when
we see a bug is much kinder than doing a NULL-pointer dereference.

Boboper found this one too.
2011-04-28 17:12:54 -04:00
Nick Mathewson
26456d3354 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-27 22:14:54 -04:00
Nick Mathewson
0130e7c9d2 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
Conflicts:
	src/common/torint.h
2011-04-27 22:14:28 -04:00
Nick Mathewson
43ffd023e9 Make SIZE_T_CEILING unsigned; add a signed SSIZE_T_CEILING
None of the comparisons were _broken_ previously, but avoiding
signed/unsigned comparisons makes everybody happier.

Fixes bug2475.
2011-04-26 13:03:58 -04:00
Nick Mathewson
4a7f979b54 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-19 12:41:01 -04:00
Nick Mathewson
5cc322e547 Standardize our printf code on %d, not %i. 2011-04-19 12:40:29 -04:00
Nick Mathewson
99c2bfe76b Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/rephist.c
2011-04-08 13:37:57 -04:00
Nick Mathewson
1be1221385 Free pending_cb_messages on exit 2011-04-07 15:25:33 -04:00
Nick Mathewson
67d88a7d60 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/common/address.c
	src/common/compat_libevent.c
	src/common/memarea.c
	src/common/util.h
	src/or/buffers.c
	src/or/circuitbuild.c
	src/or/circuituse.c
	src/or/connection.c
	src/or/directory.c
	src/or/networkstatus.c
	src/or/or.h
	src/or/routerlist.c
2011-04-07 12:17:20 -04:00
Nick Mathewson
ba0cd8094f Merge remote-tracking branch 'public/xxx_fixups' into maint-0.2.2
Conflicts:
	src/or/or.h
2011-04-07 12:03:04 -04:00
Nick Mathewson
ee871e7a0e Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/common/compat.h
	src/or/circuitlist.c
	src/or/circuituse.c
	src/or/or.h
	src/or/rephist.c
2011-03-30 14:55:50 -04:00
Nick Mathewson
5eaba5ac21 Implement replacements for timer(add,cmp,sub) on platforms lacking them. 2011-03-30 14:41:41 -04:00
Sebastian Hahn
9facf8918f Improve a few comments 2011-03-28 19:28:04 +02:00
Nick Mathewson
05887f10ff Triage the XXX022 and XXX021 comments remaining in the code
Remove some, postpone others, leave some alone.  Now the only
remaining XXX022s are ones that seem important to fix or investigate.
2011-03-25 18:32:27 -04:00
Nick Mathewson
c4bd067359 Comment out ancient asserts for bug 930; resolve an xxx021 2011-03-25 16:28:38 -04:00
Nick Mathewson
41380fa3b3 Fixup tor_addr_to_sockaddr return convention 2011-03-25 16:28:38 -04:00
Nick Mathewson
88bb40d8f8 Clean up a comment-conversation about bad libevent version/method combos 2011-03-25 16:28:38 -04:00
Nick Mathewson
444e46d96d Remove the "fuzzy time" code
It was the start of a neat idea, but it only got used in 3 places,
none of which really needed it.
2011-03-25 16:28:37 -04:00
Nick Mathewson
1db6eb6cb7 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-03-16 18:10:24 -04:00
Nick Mathewson
721954b3a2 Resolve the one DOCDOC in the 0.2.2 code atm 2011-03-16 18:07:55 -04:00
Nick Mathewson
b1b6552251 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/common/crypto.c
2011-03-16 17:16:54 -04:00
Nick Mathewson
3310dd2358 Clean up whitespace 2011-03-16 17:11:30 -04:00
Nick Mathewson
57b954293e Merge remote-tracking branch 'origin/maint-0.2.2'
Trivial Conflicts in
	src/common/crypto.c
	src/or/main.h
	src/or/or.h
2011-03-16 17:09:32 -04:00
Nick Mathewson
6617822b84 Doxygen documentation for about 100 things that didn't have any
About 860 doxygen-less things remain in 0.2.2
2011-03-16 17:05:37 -04:00
Nick Mathewson
7f6af7a602 Fix up all doxygen warnings other than "foo is not documented" 2011-03-16 14:47:27 -04:00
Nick Mathewson
26009a3ed0 Merge remote branch 'origin/maint-0.2.2' 2011-03-07 17:12:08 -05:00
Sebastian Hahn
f83debb51d Fix setting target port in get_interface_address6
We want to use the discard port correctly, so a htons() was missing.
Also we need to set it correctly depending on address family.

Review provided by danieldg
2011-03-05 16:58:20 +01:00
Sebastian Hahn
865ea5d263 Fix connect() failures in get_interface_address6()
The third argument for connect should be dependent on the address
family. Issue spotted by piebeer who also wrote the patch.
2011-03-05 16:57:05 +01:00
Nick Mathewson
f608872b0c C style fix: a no-args function is void fn(void), not void fn(). 2011-03-03 23:42:14 -05:00
Nick Mathewson
8ae179deec Add a magic field to tor_tls_t to catch exdata corruption bugs, if any appear. 2011-03-03 23:41:34 -05:00
Robert Ransom
74fc993b98 Check the result of SSL_set_ex_data
Reported by piebeer.
2011-03-03 16:17:39 -08:00
Robert Ransom
fe1137be6f Use SSL_*_ex_data instead of SSL_*_app_data
SSL_*_app_data uses ex_data index 0, which will be the first one allocated
by SSL_get_ex_new_index. Thus, if we ever started using the ex_data feature
for some other purpose, or a library linked to Tor ever started using
OpenSSL's ex_data feature, Tor would break in spectacular and mysterious
ways. Using the SSL_*_ex_data functions directly now may save us from
that particular form of breakage in the future.

But I would not be surprised if using OpenSSL's ex_data functions at all
(directly or not) comes back to bite us on our backends quite hard. The
specified behaviour of dup_func in the man page is stupid, and
crypto/ex_data.c is a horrific mess.
2011-03-03 15:34:53 -08:00
Robert Ransom
13ee803469 Remove now-unused helper functions
These functions were needed only by code removed in the preceding commit.

Reported by mobmix.
2011-03-03 14:59:21 -08:00
Gladys Shufflebottom
49de5431d5 remove tls related hash table code 2011-03-01 18:11:25 -05:00
Nick Mathewson
46b07462ae Merge remote branch 'origin/maint-0.2.2' 2011-02-22 13:02:42 -05:00
Nick Mathewson
9d5873cdae Merge branch 'log_domains' into maint-0.2.2 2011-02-22 13:01:02 -05:00
Nick Mathewson
ce149c1022 That shalt also not have a label without a statement. 2011-02-22 12:52:52 -05:00
Nick Mathewson
933ffd536d Merge remote branch 'origin/maint-0.2.2' 2011-02-22 12:47:47 -05:00
Sebastian Hahn
098b6ba72d Initial heartbeat subsystem commit.
Sets:
* Documentation
* Logging domain
* Configuration option
* Scheduled event
* Makefile
It also creates status.c and the log_heartbeat() function.

All code was written by Sebastian Hahn. Commit message was
written by me (George Kadianakis).
2011-02-22 12:40:36 -05:00
Sebastian Hahn
5dbaf9dbd5 Windows has EACCES, not EACCESS
Once again spotted by mobmix

Also add a changes file for the fix
2011-02-11 17:02:26 +01:00
Nick Mathewson
50c259d763 Make the DH parameter we use for TLS match the one from Apache's mod_ssl
Our regular DH parameters that we use for circuit and rendezvous
crypto are unchanged.  This is yet another small step on the path of
protocol fingerprinting resistance.

(Backport from 0.2.2's 5ed73e3807)
2011-02-10 15:55:06 -05:00
Nick Mathewson
f25fc6e650 Merge remote branch 'origin/maint-0.2.2' 2011-02-08 14:02:43 -05:00
Sebastian Hahn
9c7e2cf010 Locking failures on windows are indicated by EACCES
Patch our implementation of tor_lockfile_lock() to handle this case
correctly. Also add a note that blocking behaviour differs from windows
to *nix. Fixes bug 2504, issue pointed out by mobmix.
2011-02-08 18:35:07 +01:00
Robert Ransom
0ab8b7c0f2 Thou shalt not overflow even stupidly small buffers 2011-02-04 05:50:44 -08:00
Nick Mathewson
912b76a1bf Merge remote branch 'origin/maint-0.2.2' 2011-02-03 13:56:37 -05:00
Nick Mathewson
e80bdfb4a0 Correctly detect BIO_new failures
This bug was noticed by cypherpunks; fixes bug 2378.

Bugfix on svn commit r110.
2011-01-25 18:26:49 -05:00
Nick Mathewson
bfde636aad Always treat failure to allocate an RSA key as an unrecoverable allocation error 2011-01-25 18:19:09 -05:00
Nick Mathewson
76582442a8 Handle failing cases of DH allocation 2011-01-25 18:09:38 -05:00
Nick Mathewson
c939c953ae Remove an unused function in crypto.c 2011-01-25 18:07:02 -05:00
Nick Mathewson
89ee779f92 Add a torrc option to report log domains 2011-01-25 15:53:15 -05:00
Nick Mathewson
e261a1a3e6 Simplify syntax for negated log domains
Previously if you wanted to say "All messages except network
messages", you needed to say "[*,~net]" and if you said "[~net]" by
mistake, you would get no messages at all.  Now, if you say "[~net]",
you get everything except networking messages.
2011-01-25 15:03:36 -05:00
Nick Mathewson
aaa5737a2e Merge remote branch 'origin/maint-0.2.2' 2011-01-24 17:51:52 -05:00
Nick Mathewson
5ed73e3807 Make the DH parameter we use for TLS match the one from Apache's mod_ssl
Our regular DH parameters that we use for circuit and rendezvous
crypto are unchanged.  This is yet another small step on the path of
protocol fingerprinting resistance.
2011-01-24 16:50:11 -05:00
Nick Mathewson
07888ed8e4 Merge remote branch 'origin/maint-0.2.2' 2011-01-15 14:17:59 -05:00
Nick Mathewson
a7790d48af Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-01-15 14:15:19 -05:00
Nick Mathewson
9b09627edd Zero out some more key data before freeing it
Found by cypherpunks; fixes bug 2384.
2011-01-15 14:10:52 -05:00
Nick Mathewson
1758ef51de Merge remote branch 'origin/maint-0.2.2' 2011-01-15 13:26:02 -05:00
Nick Mathewson
1393985768 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2
Conflicts:
	src/or/routerparse.c
	src/or/test.c
2011-01-15 13:25:13 -05:00
Nick Mathewson
b97b0efec8 Merge branch 'bug2352_obsize' into maint-0.2.1 2011-01-15 13:15:06 -05:00
Robert Ransom
7ea674e0e0 Remove some unnecessary occurrences of +1.
I dug through the OpenSSL source and verified that RSA_private_decrypt will
not write more than RSA_size(key) bytes to its output buffer.
2011-01-15 13:11:44 -05:00
Nick Mathewson
f550c96ade Merge remote branch 'origin/maint-0.2.2' 2011-01-15 12:16:18 -05:00
Nick Mathewson
cff4cfef4f Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-01-15 12:13:50 -05:00
Nick Mathewson
8f11642ceb Merge branch 'bug2324_uncompress' into maint-0.2.1 2011-01-15 12:12:34 -05:00
Nick Mathewson
1fcfc18628 clean up message; explain a magic number in a comment 2011-01-15 12:12:10 -05:00
Nick Mathewson
1b8f2ef550 Merge remote branch 'origin/maint-0.2.2' 2011-01-15 12:03:44 -05:00
Nick Mathewson
ed87738ede Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2
Conflicts:
	src/or/config.c
	src/or/networkstatus.c
	src/or/rendcommon.c
	src/or/routerparse.c
	src/or/test.c
2011-01-15 12:02:55 -05:00
Nick Mathewson
115782bdbe Fix a heap overflow found by debuger, and make it harder to make that mistake again
Our public key functions assumed that they were always writing into a
large enough buffer.  In one case, they weren't.

(Incorporates fixes from sebastian)
2011-01-15 11:49:25 -05:00
Roger Dingledine
10d385bd71 typos 2011-01-12 18:38:52 -05:00
Nick Mathewson
9a6a8ea466 Merge remote branch 'origin/maint-0.2.2' 2011-01-12 14:38:24 -05:00
Nick Mathewson
2c04c506a4 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-01-12 14:38:11 -05:00
Nick Mathewson
9fcc14224b Make our replacement INT32_MAX always signed
The C standard says that INT32_MAX is supposed to be a signed
integer.  On platforms that have it, we get the correct
platform-defined value.  Our own replacement, however, was
unsigned.  That's going to cause a bug somewhere eventually.
2011-01-12 14:29:38 -05:00
Nick Mathewson
71d786b2d3 Merge branch 'bug2320' 2011-01-12 12:52:31 -05:00
Nick Mathewson
3dbfc6a734 Merge remote branch 'origin/maint-0.2.2' 2011-01-12 12:43:30 -05:00
Nick Mathewson
729f404efe Add logic in routerparse to not read overlong private keys
I am not at all sure that it is possible to trigger a bug here,
but better safe than sorry.
2011-01-10 12:07:34 -05:00
Nick Mathewson
d4165ef8b4 Use autoconf's FLEXIBLE_ARRAY_MEMBER for unspecified-length arrays
C99 allows a syntax for structures whose last element is of
unspecified length:
   struct s {
     int elt1;
     ...
     char last_element[];
   };

Recent (last-5-years) autoconf versions provide an
AC_C_FLEXIBLE_ARRAY_MEMBER test that defines FLEXIBLE_ARRAY_MEMBER
to either no tokens (if you have c99 flexible array support) or to 1
(if you don't).  At that point you just use offsetof
[STRUCT_OFFSET() for us] to see where last_element begins, and
allocate your structures like:

   struct s {
     int elt1;
     ...
     char last_element[FLEXIBLE_ARRAY_MEMBER];
   };

   tor_malloc(STRUCT_OFFSET(struct s, last_element) +
                                   n_elements*sizeof(char));

The advantages are:

   1) It's easier to see which structures and elements are of
      unspecified length.
   2) The compiler and related checking tools can also see which
      structures and elements are of unspecified length, in case they
      wants to try weird bounds-checking tricks or something.
   3) The compiler can warn us if we do something dumb, like try
      to stack-allocate a flexible-length structure.
2011-01-06 15:59:05 -05:00
Nick Mathewson
240fa42aac Fix size_t vs unsigned comparison too 2011-01-05 12:49:02 -05:00
Nick Mathewson
d14b0d54d2 Fix a SIZE_T_CEILING check in torgzip.c; noticed by cypherpunks 2011-01-05 12:42:34 -05:00
Nick Mathewson
0222228d64 Fix up size and sign issues in base32 code
Fixes bug 2331.
2011-01-03 16:16:53 -05:00
Nick Mathewson
a87a55a9b6 Merge remote branch 'origin/maint-0.2.2' 2011-01-03 15:55:41 -05:00
Nick Mathewson
64798dab4f Detect and disallow compression bombs 2011-01-03 15:54:23 -05:00
Nick Mathewson
f089804332 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-01-03 15:31:19 -05:00
Nick Mathewson
e365aee971 Avoid assertion on read_file_to_str() with size==SIZE_T_CEILING-1
Spotted by doors, fixes bug 2326.
2011-01-03 15:30:11 -05:00
Nick Mathewson
a96b46570f Merge remote branch 'origin/maint-0.2.2' 2011-01-03 15:16:36 -05:00
Nick Mathewson
cee433d751 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-01-03 15:15:54 -05:00
Nick Mathewson
e09ab69703 Check size against SIZE_T_CEILING in realloc too.
Fixes bug 2324.
2011-01-03 15:15:27 -05:00
Nick Mathewson
0489f7e004 Merge remote branch 'origin/maint-0.2.2' 2011-01-03 13:19:10 -05:00
Nick Mathewson
27cefef3a2 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-01-03 13:18:33 -05:00
Nick Mathewson
394a6bf4cd Merge remote branch 'origin/maint-0.2.2' 2011-01-03 12:47:58 -05:00
Nick Mathewson
bb5f99d4df Merge remote branch 'sebastian/bug2314' into maint-0.2.2 2011-01-03 12:47:14 -05:00
Nick Mathewson
5c09431cc7 Never include pthread.h when building for Windows.
On Windows, we never use pthreads, since it doesn't usually exist,
and when it does it tends to be a little weirdly-behaved.  But some
mingw installations have a pthreads installed, so autoconf detects
pthread.h and tells us about it.  This would make us include
pthread.h, which could make for trouble when the iffy pthread.h
tried to include config.h.

This patch changes compat.h so that we never include pthread.h on
Windows.  Fixes bug 2313; bugfix on 0.1.0.1-rc.
2011-01-03 12:45:13 -05:00
Nick Mathewson
8730884ebe Merge remote branch 'origin/maint-0.2.2' 2011-01-03 11:53:28 -05:00
Nick Mathewson
30b3475e6d Bump copyright statements to 2011 (0.2.2) 2011-01-03 11:52:09 -05:00
Nick Mathewson
f1de329e78 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2
Conflicts:
	src/common/test.h
	src/or/test.c
2011-01-03 11:51:17 -05:00
Nick Mathewson
1a07348a50 Bump copyright statements to 2011 2011-01-03 11:50:39 -05:00
Sebastian Hahn
9ecf133686 Fix compile wanrings revealed by gcc 4.5 on mingw 2010-12-27 09:47:41 +01:00
Nick Mathewson
0a3b7f1471 Merge remote branch 'origin/maint-0.2.2' 2010-12-21 15:50:09 -05:00
Nick Mathewson
cdbd6d0fe8 Merge remote branch 'rransom/bug2190_the_hard_way' into maint-0.2.2 2010-12-21 15:48:14 -05:00
Nick Mathewson
69771bb5fc Merge remote branch 'public/bug2190_021' into maint-0.2.1 2010-12-21 15:44:50 -05:00
Roger Dingledine
c79427a992 Merge branch 'maint-0.2.2' 2010-12-19 22:08:42 -05:00
Nick Mathewson
dd2ae32bc1 Turn on epoll changelists with libevent 2.0.9-rc and later
Libevent 2.0 has a "changelist" feature that avoids making redundant
syscalls if we wind up doing a lot of event_add/event_del operations
on the same fd in a row.  Unfortunately, due to a weird design
choice in Linux, it doesn't work right with epoll when multiple fds
refer to the same socket (e.g., one is a dup() of the other).  We
don't dup() anything we give to Libevent, though, so it is safe for
us to explicitly turn this feature on.
2010-12-16 13:37:43 -05:00
Nick Mathewson
b5e293afe6 Merge remote branch fix_security_bug_021 into fix_security_bug_022
Conflicts:
	src/common/memarea.c
	src/or/or.h
	src/or/rendclient.c
2010-12-15 22:48:23 -05:00
Nick Mathewson
b8a7bad799 Make payloads into uint8_t.
This will avoid some signed/unsigned assignment-related bugs.
2010-12-15 22:31:11 -05:00
Nick Mathewson
785086cfba Have all of our allocation functions and a few others check for underflow
It's all too easy in C to convert an unsigned value to a signed one,
which will (on all modern computers) give you a huge signed value.  If
you have a size_t value of size greater than SSIZE_T_MAX, that is way
likelier to be an underflow than it is to be an actual request for
more than 2gb of memory in one go.  (There's nothing in Tor that
should be trying to allocate >2gb chunks.)
2010-12-13 18:40:21 -05:00
Nick Mathewson
649ee99846 Base SIZE_T_CEILING on SSIZE_T_MAX. 2010-12-13 18:40:15 -05:00
Robert Ransom
cc051f9aca Only add each log message to pending_cb_messages once. 2010-12-11 05:26:36 -08:00
Robert Ransom
4a9d60734c Don't call flush_pending_log_callbacks while logging LD_NOCB messages.
Found by boboper.
2010-12-11 04:41:35 -08:00
Steven Murdoch
d5127ebdd8 Fix connecting the stdin of tor-fw-helper to /dev/null
This wasn't working due to the parameters of dup2 being in the wrong order.
As a result, tor-fw-helper was inheriting the stdin of Tor.
2010-12-01 12:22:21 -05:00
Nick Mathewson
9908404f01 Merge remote branch 'sjmurdoch/cloexec' 2010-12-01 11:42:34 -05:00
Steven Murdoch
a961521a86 Check that FD_CLOEXEC is set before using it
I don't know if any platforms we care about don't have FD_CLOEXEC,
but this is what we do elsewhere
2010-12-01 15:43:17 +00:00
Steven Murdoch
786abbd54c Open log files with CLOEXEC flag set 2010-12-01 15:38:18 +00:00
Nick Mathewson
3ed7505dc5 Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	src/or/relay.c
2010-11-30 19:23:40 -05:00
Nick Mathewson
89e97bdf94 Add wrappers function for libc random()
On windows, it's called something different.
2010-11-29 16:00:47 -05:00
mingw-san
78df6404eb Fix compilation with mingw and OpenSSL 0.9.8m+ 2010-11-23 12:47:38 -05:00
Nick Mathewson
cbd3745924 Merge remote branch 'origin/maint-0.2.2' 2010-11-21 14:34:22 -05:00
Nick Mathewson
2bd64f9e8f Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2010-11-21 14:33:11 -05:00
Steven Murdoch
15f2b7859b Don't both open the socket with SOCK_CLOEXEC and set FD_CLOEXEC 2010-11-21 15:40:17 +00:00
Nick Mathewson
92a99736fd Do not set the hostname TLS extension server-side; only client-side
This may fix bug 2204, and resolve the incompatibility with openssl
0.9.8p/1.0.0b.
2010-11-20 22:21:50 -05:00
Steven Murdoch
9d63dfcf49 Fix compile error on MacOS X (and other platforms without O_CLOEXEC) 2010-11-20 13:50:55 +00:00
Nick Mathewson
b4f56dd4c6 Obviate need for doing a CLOEXEC on pipes: just close them before exec 2010-11-20 01:24:30 -05:00
Nick Mathewson
e669d25e43 Do cloexec on socketpairs and stdio files 2010-11-20 01:16:29 -05:00
Nick Mathewson
5a66de7015 Initial work to set CLOEXEC on all possible fds
Still to go: some pipes, all stdio files.
2010-11-20 00:58:40 -05:00
Nick Mathewson
d166d18643 Better fix for 2190: defer libevent->controller messages instead of dropping 2010-11-19 22:52:32 -05:00
Nick Mathewson
668f7a2639 Do not send Libevent log messages to a controller (0.2.1 backport)
Doing so could make Libevent call Libevent from inside a Libevent
logging call, which is a recipe for reentrant confusion and
hard-to-debug crashes.  This would especially hurt if Libevent
debug-level logging is enabled AND the user has a controller
watching for low-severity log messages.

Fix bug 2190; fix on 0.1.0.2-rc.
2010-11-19 22:27:40 -05:00
Nick Mathewson
6199ac5fbe Do not send Libevent log messages to a controller.
Doing so could make Libevent call Libevent from inside a Libevent
logging call, which is a recipe for reentrant confusion and
hard-to-debug crashes.  This would especially hurt if Libevent
debug-level logging is enabled AND the user has a controller
watching for low-severity log messages.

Fix bug 2190; fix on 0.1.0.2-rc.
2010-11-19 22:22:43 -05:00
Nick Mathewson
223fc208f6 Split long lines in configure.in and Makefile.am files
Having very long single lines with lots and lots of things in them
tends to make files hard to diff and hard to merge.  Since our tools
are one-line-at-a-time, we should try to construct lists that way too,
within reason.

This incidentally turned up a few headers in configure.in that we were
for some reason searching for twice.
2010-11-11 14:22:48 -05:00
Nick Mathewson
d238d8386f Add a testing-only option to use bufferevent_openssl as a filter
We need filtering bufferevent_openssl so that we can wrap around
IOCP bufferevents on Windows.  This patch adds a temporary option to
turn on filtering mode, so that we can test it out on non-IOCP
systems to make sure it hasn't got any surprising bugs.

It also fixes some allocation/teardown errors in using
bufferevent_openssl as a filter.
2010-11-09 15:36:27 -05:00
Nick Mathewson
1fb342dfab Merge branch 'loggranularity' 2010-11-08 12:40:33 -05:00
Nick Mathewson
ccec0a1bd3 Merge remote branch 'origin/maint-0.2.2' 2010-10-26 13:59:09 -04:00
Sebastian Hahn
213139f887 Properly refcount client_identity_key
In a2bb0bf we started using a separate client identity key. When we are
in "public server mode" (that means not a bridge) we will use the same
key. Reusing the key without doing the proper refcounting leads to a
segfault on cleanup during shutdown. Fix that.

Also introduce an assert that triggers if our refcount falls below 0.
That should never happen.
2010-10-26 18:22:04 +02:00
Nick Mathewson
17fdde3d92 Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	src/common/tortls.c
2010-10-21 16:23:01 -04:00
Nick Mathewson
4dbd8ba008 clarify fmt_addr32 documentation to note that the address is in host-order 2010-10-15 18:04:07 -04:00
Nick Mathewson
441d90a8f9 Fix one-time memory leak when initializing libevent. Spotted by Sebastian 2010-10-15 17:14:04 -04:00
Nick Mathewson
a7cf788740 Merge branch 'bug1992_part1' 2010-10-15 17:08:18 -04:00
Nick Mathewson
96ab83d3b6 Improve accuracy of comment about aes_crypt performance
The old comment was from before I tried a huge pile of crazy stuff to
make the inner loop faster.  Short answer: GCC already knows how to
unroll loops pretty well.  Other short answer: we should have made the
relay payload size an even multiple of 4, 8, or ideally 16.
2010-10-15 13:44:25 -04:00
Nick Mathewson
05274ba9b5 Kill comments saying to remove asserts once bug930 is solved.
It's okay to leave the asserts in: the code doesn't appear in profiles.
2010-10-15 13:44:25 -04:00
Nick Mathewson
04231a2ebe Fix an apostrophe in a comment 2010-10-15 12:39:23 -04:00
Nick Mathewson
94a99ad205 Add a portable tor_timercmp
We can't use the platform timercmp, because
  1) some platforms don't have them
  2) some that do have them only support certain relational operators
2010-10-15 12:35:05 -04:00
Nick Mathewson
59cba1767c Make the return value of tor_addr_sockaddr always be signed 2010-10-15 11:36:16 -04:00
Nick Mathewson
a5289fa794 Remove the unused old fuzzy-time code 2010-10-15 11:16:42 -04:00
Nick Mathewson
adc4f678f1 Fix an xxx wrt picking libevent methods known-to-work
The short version is, "where we want to do it, we have nothing real to
chose from and we can't do it easily. Where it's easy to do, we have
no reason to do it yet."
2010-10-15 10:58:16 -04:00
Sebastian Hahn
9bed40eb10 Make check-spaces happy 2010-10-14 17:54:45 +02:00
Nick Mathewson
8c837db38f Merge branch 'nodes' 2010-10-13 16:04:25 -04:00
Nick Mathewson
fbacbf9fd9 Set OpenSSL 0.9.8l renegotiation flag early enough for bufferevents
This seems to fix another case of bug2001.
2010-10-12 14:52:33 -04:00
Nick Mathewson
a9172c87be Actually call connection_tls_finish_handshake() with bufferevents
First start of a fix for bug2001, but my test network still isn't
working: the client and the server send each other VERSIONS cells,
but never notice that they got them.
2010-10-12 14:52:33 -04:00
Nick Mathewson
8ecb5abbe1 Add header for tor_tls_log_one_error 2010-10-11 13:26:57 -04:00
Nick Mathewson
4cfa6fbaca Log OpenSSL errors coming from bufferevent_openssl 2010-10-11 13:25:41 -04:00
Nick Mathewson
544a8afe5a Merge remote branch 'sjmurdoch/bug1903' 2010-10-11 11:01:15 -04:00
Nick Mathewson
8f76f31761 Make tor_sscanf handle %x 2010-10-11 10:50:47 -04:00
Steven Murdoch
8a12ce2cf9 Add a unit test for tor_spawn_background
- Test sucessfully starting a process
- Test failing to find the executable
2010-10-10 19:08:44 +01:00
Steven Murdoch
68e576e9f9 Update documentation for tor_spawn_background
- Include description of stdout_read, stderr_read, and argv
2010-10-10 19:08:44 +01:00
Steven Murdoch
23e9f362a2 Fix issues in nickm's review of log_from_pipe for bug #1903
- Replace sscanf with tor_sscanf
- Replace use of strstr with equivalent call to strcmpstart
2010-10-10 19:08:44 +01:00
Steven Murdoch
4d694c7890 Fix nickm's comments on logging for bug #1903
- Use log_warn rather than log_err for bad but survivable events
2010-10-10 19:08:44 +01:00
Steven Murdoch
708ba8899f Note icky constructs mentioned in bug #1903
- To be dealt with as part of bug #2029
2010-10-10 19:07:40 +01:00
Sebastian Hahn
34546e2573 Fix a compile warning on OSX 10.6 2010-10-07 06:31:08 +02:00
Robert Ransom
17efbe031d Maintain separate server and client TLS contexts.
Fixes bug #988.
2010-10-04 21:51:47 -07:00
Robert Ransom
d3879dbd16 Refactor tor_tls_context_new:
* Make tor_tls_context_new internal to tortls.c, and return the new
  tor_tls_context_t from it.

* Add a public tor_tls_context_init wrapper function to replace it.
2010-10-04 17:57:29 -07:00
Nick Mathewson
4c71be65d8 Merge remote branch 'origin/maint-0.2.2' 2010-10-04 13:56:17 -04:00
Robert Ransom
1b8c8059c7 Correct a bogus comment.
Whether or not OpenSSL reference-counts SSL_CTX objects is irrelevant;
what matters is that Tor reference-counts its wrapper objects for
SSL_CTXs.
2010-10-04 13:53:54 -04:00
Robert Ransom
c70d9d77ab Correct a couple of log messages in tortls.c 2010-10-04 13:53:48 -04:00
Robert Ransom
068185eca2 Fix several comments in tortls.c 2010-10-04 13:47:57 -04:00
Steven Murdoch
5a77c64834 Fix issues in nickm's review of format_helper_exit_status for bug #1903
- Responsibility of clearing hex_errno is no longer with caller
- More conservative bounds checking
- Length requirement of hex_errno documented
- Output format documented
2010-10-04 14:31:27 +01:00
Karsten Loesing
8c5ba9388b Make logging resolution configurable.
Implements enhancement 1668.
2010-10-04 08:15:18 +02:00
Roger Dingledine
22f723e4a3 refactor all these tor_inet_ntoa idioms
but don't refactor the ones that look messy
2010-10-01 21:31:09 -04:00
Nick Mathewson
b5341314c1 Implement a few more node-based functions
Some of these functions only work for routerinfo-based nodes, and as
such are only usable for advisory purposes.  Fortunately, our uses
of them are compatible with this limitation.
2010-10-01 18:14:27 -04:00
Nick Mathewson
fe309e7ad6 Implement a basic node and nodelist type
The node_t type is meant to serve two key functions:

  1) Abstracting difference between routerinfo_t and microdesc_t
     so that clients can use microdesc_t instead of routerinfo_t.

  2) Being a central place to hold mutable state about nodes
     formerly held in routerstatus_t and routerinfo_t.

This patch implements a nodelist type that holds a node for every
router that we would consider using.
2010-10-01 18:14:26 -04:00
Nick Mathewson
80b515b85f Initialize fd values in tor_port_check_forwarding to -1 2010-10-01 18:14:17 -04:00
Nick Mathewson
495e630a49 Merge branch 'tor-fw-squashed2'
Conflicts:
	src/common/util.c
2010-09-30 16:22:39 -04:00
Nick Mathewson
0e9d969bb2 Fix space and formatting issues 2010-09-30 15:55:42 -04:00
Nick Mathewson
d39e46c26d Merge remote branch 'origin/maint-0.2.2' 2010-09-30 15:30:14 -04:00
Nick Mathewson
2835dcf69f #if-out the fw-helper code in util.c when building on windows 2010-09-30 12:58:48 -04:00
Steven Murdoch
a6dc00fa75 Start tor-fw-helper in the background, and log whatever it outputs 2010-09-30 11:40:37 -04:00
Sebastian Hahn
45c51e3238 Fix check-spaces 2010-09-30 06:17:32 +02:00
Roger Dingledine
50720a9a4f make c612ddee compile with old libevents 2010-09-29 02:50:46 -04:00
Nick Mathewson
73d93c033d Autodetect the number of CPUs when possible if NumCPUs==0
This is needed for IOCP, since telling the IOCP backend about all
your CPUs is a good idea.  It'll also come in handy with asn's
multithreaded crypto stuff, and for people who run servers without
reading the manual.
2010-09-28 14:42:21 -04:00
Nick Mathewson
c612ddee17 Add a new option to enable/disable IOCP support 2010-09-28 14:01:45 -04:00
Nick Mathewson
5c83c06c98 Merge branch 'bufferevent5' 2010-09-27 16:48:25 -04:00
Nick Mathewson
6950749c0a Make the bufferevent code use the renegotiation-reenabling hack 2010-09-27 16:07:14 -04:00
Nick Mathewson
e385961542 Merge remote branch 'public/bug1954' into maint-0.2.2 2010-09-27 15:39:40 -04:00
Nick Mathewson
b7ae108e18 Always defer bufferevent_openssl callbacks to avoid reentrant invocations 2010-09-27 14:29:42 -04:00
Nick Mathewson
b49cf6a77a Fix whitespace in bufferevents branch 2010-09-27 14:22:18 -04:00
Nick Mathewson
a16ed90ec8 Document and/or fix stuff found by Sebastian in code review
Thanks to Sebastian for his code-review of the bufferevents patch series.x
2010-09-27 14:22:18 -04:00
Sebastian Hahn
865bea3b89 Some bufferevents related fixes and pointers for nickm 2010-09-27 14:22:18 -04:00
Nick Mathewson
ffd5070b04 Convert bufferevents to use rate-limiting.
This requires the latest Git version of Libevent as of 24 March 2010.
In the future, we'll just say it requires Libevent 2.0.5-alpha or
later.

Since Libevent doesn't yet support hierarchical rate limit groups,
there isn't yet support for tracking relayed-bytes separately when
using the bufferevent system.  If a future version does add support
for hierarchical buckets, we can add that back in.
2010-09-27 14:22:18 -04:00
Nick Mathewson
c74a4ab515 Documentation for a few bufferevent functions. 2010-09-27 12:31:14 -04:00
Nick Mathewson
bd3612cd2b Get SSL connections and linked connections working with bufferevents.
Clients are now verified to work and build circuits correctly.  There
are still a few warnings given here and there that I need to look into.
2010-09-27 12:31:14 -04:00
Nick Mathewson
57e7b54b7b Teach read_event/write_event manipulators about bufferevents.
Add an --enable-bufferevents config switch.
2010-09-27 12:28:43 -04:00
Nick Mathewson
d073d7d4eb Consistency issues in load_windows_system_library patch. Thanks Sebastian 2010-09-24 14:16:55 -04:00
Nick Mathewson
c8e1538a0b Merge remote branch 'sebastian/continuation' 2010-09-24 13:43:55 -04:00
Sebastian Hahn
851255170a Note that the torrc format doesn't need nl at end 2010-09-24 13:32:27 +02:00
Nick Mathewson
0a0cc4599f Tweak continuation-and-comment logic
I think there was a read-off-the-end-of-the-buffer bug that I fixed.
At least I added some good comments, I hope.
2010-09-23 22:58:04 -04:00
Nick Mathewson
418e6caeeb New function to load windows system libraries
This function uses GetSystemDirectory() to make sure we load the version
of the library from c:\windows\system32 (or local equivalent) rather than
whatever version lives in the cwd.
2010-09-21 14:39:23 -04:00
Nick Mathewson
6d8fc4eb38 Add a simple integer-ceiling-division macro before we get it wrong 2010-09-14 22:32:36 -04:00
Sebastian Hahn
a05ef55b66 Allow comments for multi-line torrc options 2010-09-11 01:41:23 +02:00
Nick Mathewson
07049b3d25 Support mutli-line torrc options via the usual backslash syntax 2010-09-10 09:19:10 -04:00
Nick Mathewson
edc9256e95 Merge remote branch 'public/win_unicode_fixes' 2010-09-06 10:06:07 -04:00
Nick Mathewson
285addbd94 Fix some issues in rate-limiting noticed by Sebastian 2010-08-31 12:52:11 -04:00
Nick Mathewson
c0c7868250 Make the windows build succeed with or without -DUNICODE enabled.
This should keep WinCE working (unicode always-on) and get Win98
working again (unicode never-on).

There are two places where we explicitly use ASCII-only APIs, still:
in ntmain.c and in the unit tests.

This patch also fixes a bug in windoes tor_listdir that would cause
the first file to be listed an arbitrary number of times that was
also introduced with WinCE support.

Should fix bug 1797.
2010-08-20 13:40:01 -04:00
Nick Mathewson
ba9c1275c4 Add a generic rate-limited log mechanism, and use it in a few places
Incidentally fixes bug 1042.
2010-08-18 15:55:49 -04:00
Nick Mathewson
51377ae1bb Merge commit 'sebastian/mlockall' 2010-08-03 10:50:18 -04:00
Sebastian Hahn
90d3260b4a whitespace fix 2010-07-27 07:56:25 +02:00
mingw-san
856a36c434 Fix compilation with mingw and OpenSSL 0.9.8m+ 2010-07-26 15:05:11 -04:00
Sebastian Hahn
6cee3d466d Make sure we don't warn for libevent versions like 1.4.14b-stable 2010-07-26 20:39:12 +02:00
Nick Mathewson
14bc4dcc22 Rename log.h to torlog.h
This should make us conflict less with system files named "log.h".
Yes, we shouldn't have been conflicting with those anyway, but some
people's compilers act very oddly.

The actual change was done with one "git mv", by editing
Makefile.am, and running
   find . -name '*.[ch]' | xargs perl -i -pe 'if (/^#include.*\Wlog.h/) {s/log.h/torlog.h/; }'
2010-07-09 22:05:38 -04:00
Nick Mathewson
485cab869d Merge remote branch 'public/rand_double2' 2010-06-29 18:57:59 -04:00
Nick Mathewson
b111a7cd9c Make cbt_generate_sample use crypto_rand_double()
Possible workaround for bug 1139, if anybody cares.
2010-06-25 21:33:22 -04:00
Nick Mathewson
faad8bd0e8 Merge branch 'bug1526-v2' 2010-06-25 18:56:15 -04:00
Nick Mathewson
0d5ff48b92 Fix a compile error when building with Libevent before 1.4.5-stable
Older versions of Libevent forgot to declare enough function arguments
constant.
2010-06-25 16:14:21 -04:00
Nick Mathewson
ad2d8ac073 Use Libevent 2.0's periodic timers where available.
These timers behave better with non-monotonic clocks than our old
ones, and also try harder to make once-per-second events get called
one second apart, rather than one-plus-epsilon seconds apart.

This fixes bug 943 for everybody using Libevent 2.0 or later.
2010-06-25 15:31:46 -04:00
Nick Mathewson
1a52e39c22 Fix zlib macro brokenness on osx with zlib 1.2.4 and higher.
From the code:
   zlib 1.2.4 and 1.2.5 do some "clever" things with macros.  Instead of
   saying "(defined(FOO) ? FOO : 0)" they like to say "FOO-0", on the theory
   that nobody will care if the compile outputs a no-such-identifier warning.

   Sorry, but we like -Werror over here, so I guess we need to define these.
   I hope that zlib 1.2.6 doesn't break these too.

Possible fix for bug 1526.
2010-06-22 23:25:08 -04:00
Nick Mathewson
8e1bf98f4a Log an error if openssl fails to copy a key for us
This should never happen unless openssl is buggy or some of our
assumptions are deeply wrong, but one of those might have been the
cause of the not-yet-reproducible bug 1209.  If it ever happens again,
let's get some info we can use.
2010-06-22 22:20:52 -04:00
Nick Mathewson
006e2e8620 Add a function to return a double in range [0,1). 2010-06-22 21:30:26 -04:00
Florian Zumbiehl
426116113f Save a couple characters' allocation in esc_for_log 2010-06-14 14:05:18 -04:00
Nick Mathewson
03ea5f930e Reinstate warning when HOME isn't set.
Having ~/.tor expand into /.tor is, after all, almost certainly not
what the user wanted, and it deserves a warning message.

Also, convert a guess-and-malloc-and-sprintf triple into an asprintf.
2010-06-07 11:20:39 -04:00
Sebastian Hahn
0882e1e839 Treat unset $HOME like empty $HOME
This means Tor no longer dies when it doesn't have a $HOME.
2010-06-07 02:18:01 +02:00
Nick Mathewson
312f4ee410 Make pointer types correct in WinCE patch 2010-05-24 12:30:19 -04:00
valerino
076063ca90 moved wince related includes and defs to compat.h where possible, removed unused/redundant wince includes 2010-05-24 11:46:54 -04:00
valerino
8d31141ccb Port Tor to work on Windows CE
Most of the changes here are switches to use APIs available on Windows
CE.  The most pervasive change is that Windows CE only provides the
wide-character ("FooW") variants of most of the windows function, and
doesn't support the older ASCII verions at all.

This patch will require use of the wcecompat library to get working
versions of the posix-style fd-based file IO functions.

[commit message by nickm]
2010-05-24 11:46:45 -04:00
Sebastian Hahn
0b82ce3eb6 Demote a warning about missing client ciphers 2010-04-20 03:57:33 -04:00
Roger Dingledine
77babb832a minor cleanups 2010-04-20 02:48:35 -04:00
Nick Mathewson
6ff471d814 Fix a compilation warning on compat_libevent.c on some versions of windows libevent 2010-04-19 16:41:25 -04:00
Nick Mathewson
af9dd4af02 Fix two compile-blockers in tor_vasprintf().
1) mingw doesn't have _vscprintf(); mingw instead has a working snprintf.

2) windows compilers that _do_ have a working _vscprintf spell it so; they do
   not spell it _vcsprintf().
2010-04-19 16:37:26 -04:00
Nick Mathewson
c38fa93ad1 Merge commit 'origin/maint-0.2.1' 2010-04-15 10:35:09 -04:00
Nick Mathewson
6ad09cc6af Fix renegotiation on OpenSSL versions that backport RFC5746.
Our code assumed that any version of OpenSSL before 0.9.8l could not
possibly require SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION.  This is
so... except that many vendors have backported the flag from later
versions of openssl when they backported the RFC5476 renegotiation
feature.

The new behavior is particularly annoying to detect.  Previously,
leaving SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION unset meant that
clients would fail to renegotiate.  People noticed that one fast!
Now, OpenSSL's RFC5476 support means that clients will happily talk to
any servers there are, but servers won't accept renegotiation requests
from unpatched clients unless SSL_OP_ALLOW_etc is set.  More fun:
servers send back a "no renegotiation for you!" error, which unpatched
clients respond to by stalling, and generally producing no useful
error message.

This might not be _the_ cause of bug 1346, but it is quite likely _a_
cause for bug 1346.
2010-04-13 15:05:03 -04:00
Nick Mathewson
927425150b Merge branch 'asprintf' 2010-04-02 12:30:46 -04:00
Roger Dingledine
625963d92a commit my annotations while i was hunting down the host order bug 2010-03-05 16:04:01 -05:00
Nick Mathewson
897b0ebbac better handle the case where *strp is in asprintf args 2010-02-28 21:46:46 -05:00
Sebastian Hahn
4aa56cbd2d Remove the request for current memlock limits
The getrlimit call didn't have any effect. Also make some logging
less verbose on default log level, and refactor a bit.
2010-02-28 14:48:47 +01:00
Nick Mathewson
da220157a9 Update copyright dates for files not in maint-0.2.1 2010-02-27 17:19:00 -05:00
Nick Mathewson
b006e3279f Merge remote branch 'origin/maint-0.2.1'
Conflicts:
	src/common/test.h
	src/or/test.c
2010-02-27 17:16:31 -05:00
Nick Mathewson
c3e63483b2 Update Tor Project copyright years 2010-02-27 17:14:21 -05:00
Sebastian Hahn
a9802d3322 Zero a cipher completely before freeing it
We used to only zero the first ptrsize bytes of the cipher. Since
cipher is large enough, we didn't zero too many bytes. Discovered
and fixed by ekir. Fixes bug 1254.
2010-02-26 05:47:25 +01:00
Nick Mathewson
f0b5f87eab Add the MIN and MAX macros for platforms that lack them 2010-02-25 16:48:39 -05:00
Nick Mathewson
eb10d441b6 Fix 64-bit printf issues in consensus-bw-weights5-merge.
For my 64-bit Linux system running with GCC 4.4.3-fc12-whatever, you
can't do 'printf("%lld", (int64_t)x);' Instead you need to tell the
compiler 'printf("%lld", (long long int)x);' or else it doesn't
believe the types match.  This is why we added U64_PRINTF_ARG; it
looks like we needed an I64_PRINTF_ARG too.
2010-02-25 16:22:40 -05:00
Nick Mathewson
6fa8dacb97 Add a tor_asprintf() function, and use it in a couple of places.
asprintf() is a GNU extension that some BSDs have picked up: it does a printf
into a newly allocated chunk of RAM.

Our tor_asprintf() differs from standard asprintf() in that:
  - Like our other malloc functions, it asserts on OOM.
  - It works on windows.
  - It always sets its return-field.
2010-02-25 16:09:10 -05:00
Mike Perry
f4d6315afa Remove misc unnecessary newlines found by new check. 2010-02-22 16:52:11 -08:00
Mike Perry
95aad71678 Add %lld compat defines. 2010-02-22 16:52:10 -08:00
Nick Mathewson
c084ae145e Merge remote branch 'sebastian/bug1254' 2010-02-22 12:45:01 -05:00
Nick Mathewson
d35b8dc582 Make expand_filename into a tor_strdup() alias on windows.
On Windows, we don't have a notion of ~ meaning "our homedir", so we
were deliberately using an #ifdef to avoid calling expand_filename()
in multiple places.  This is silly: The right place to turn a function
into a no-op on a single platform is in the function itself, not in
every single call-site.
2010-02-22 12:42:31 -05:00
Sebastian Hahn
f5112fa487 Zero a cipher completely before freeing it
We used to only zero the first ptrsize bytes of the cipher. Since
cipher is large enough, we didn't zero too many bytes. Discovered
and fixed by ekir. Fixes bug 1254.
2010-02-22 11:41:39 +01:00
Roger Dingledine
603432090d fix typo and garbage grammar 2010-02-21 17:18:42 -05:00
Nick Mathewson
391f75d792 Merge remote branch 'sebastian/bug1143' 2010-02-19 16:58:24 -05:00
Sebastian Hahn
408a828b1f Make the DNSPort option work with libevent 2.x
We need to use evdns_add_server_port_with_base() when configuring
our DNS listener, because libevent segfaults otherwise. Add a macro
in compat_libevent.h to pick the correct implementation depending
on the libevent version.

Fixes bug 1143, found by SwissTorExit
2010-02-19 22:36:53 +01:00
Nick Mathewson
715f104eeb Merge remote branch 'origin/maint-0.2.1'
Conflicts:
	ChangeLog
	configure.in
	contrib/tor-mingw.nsi.in
	src/win32/orconfig.h
2010-02-18 12:01:56 -05:00
Sebastian Hahn
c2c3a5a3f5 Fix compile 2010-02-18 13:08:57 +01:00
Nick Mathewson
e861b3be88 Even more conservative option-setting for SSL renegotiation.
This time, set the SSL3_FLAGS_ALLOW_UNSAFE_RENEGOTIATION flag on every
version before OpenSSL 0.9.8l.  I can confirm that the option value (0x0010)
wasn't reused until OpenSSL 1.0.0beta3.
2010-02-17 23:55:03 -05:00
Nick Mathewson
79bdfb63e9 Remove the --enable-iphone option as needless.
On or-talk, Marco Bonetti reports that recent iPhone SDKs build
Tor fine without it.
2010-02-12 23:06:05 -05:00
Sebastian Hahn
fe18275563 Add Windows version detection for Vista and 7
Vista is Windows 6.0, and 7 is Windows 6.1. Fixes bug 1097.

Also fix a coding style violation.
2010-02-10 08:40:44 +01:00
Nick Mathewson
c0d682686a Make tor_addr_copy() conform to memcpy requirements
The src and dest of a memcpy() call aren't supposed to overlap,
but we were sometimes calling tor_addr_copy() as a no-op.

Also, tor_addr_assign was a redundant copy of tor_addr_copy(); this patch
removes it.
2010-02-09 12:32:10 -05:00
Nick Mathewson
5314438799 Merge remote branch 'origin/maint-0.2.1' 2010-01-31 22:53:19 -05:00
Nick Mathewson
abd447f876 Revise OpenSSL fix to work with OpenSSL 1.0.0beta*
In brief: you mustn't use the SSL3_FLAG solution with anything but 0.9.8l,
and you mustn't use the SSL_OP solution with anything before 0.9.8m, and
you get in _real_ trouble if you try to set the flag in 1.0.0beta, since
they use it for something different.

For the ugly version, see my long comment in tortls.c
2010-01-31 22:48:29 -05:00
Nick Mathewson
1744e447a1 Decide whether to use SSL flags based on runtime OpenSSL version.
We need to do this because Apple doesn't update its dev-tools headers
when it updates its libraries in a security patch.  On the bright
side, this might get us out of shipping a statically linked OpenSSL on
OSX.

May fix bug 1225.

[backported]
2010-01-29 17:17:47 -05:00
Nick Mathewson
4905eaa38c Detect the correct versions of openssl for tls negotiation fix
Since it doesn't seem to hurt, we should use _both_ fixes whenever
we see OpenSSL 0.9.7L .. 0.9.8, or OpenSSL 0.9.8L..
2010-01-29 17:11:20 -05:00
Nick Mathewson
8d68e5c748 Decide whether to use SSL flags based on runtime OpenSSL version.
We need to do this because Apple doesn't update its dev-tools headers
when it updates its libraries in a security patch.  On the bright
side, this might get us out of shipping a statically linked OpenSSL on
OSX.

May fix bug 1225.
2010-01-29 17:02:17 -05:00
Nick Mathewson
ab87b61a9d Don't unlock a new log until done logging the tor version.
This might please coverity scan.
2010-01-25 14:09:18 -05:00
Nick Mathewson
3b4b6009a0 Merge remote branch 'origin/maint-0.2.1' 2010-01-23 20:46:57 -05:00
Nick Mathewson
4ad5094c90 Avoid a possible crash in tls_log_errors.
We were checking for msg==NULL, but not lib or proc.  This case can
only occur if we have an error whose string we somehow haven't loaded,
but it's worth coding defensively here.

Spotted by rieo on IRC.
2010-01-22 16:32:15 -05:00
Sebastian Hahn
4728bd904f Fix build on Solaris by disabling support for DisableAllSwap
Fixes bug 1198. Solaris doesn't have RLIMIT_MEMLOCK for get/setrlimit,
so disable support because we don't know if all memory can be locked.
2010-01-19 05:04:50 +01:00
Roger Dingledine
356c927476 don't list windows capabilities in windows uname
we never used them, and maybe it's a bad idea to publish them
2010-01-15 15:56:53 -05:00
Nick Mathewson
05a2473b7f Merge branch 'ewma' 2009-12-18 22:33:02 -05:00
Karsten Loesing
f80672d747 Remove duplicate words and a duplicate newline. 2009-12-18 12:55:05 +01:00
Nick Mathewson
235f1e1a96 Refactor out the 'find string at start of any line' logic.
We do this in too many places throughout the code; it's time to start
clamping down.

Also, refactor Karsten's patch to use strchr-then-strndup, rather than
malloc-then-strlcpy-then-strchr-then-clear.
2009-12-17 18:29:37 -05:00
Nick Mathewson
616cbb31c7 Merge commit 'origin/maint-0.2.1' 2009-12-15 17:11:40 -05:00
Nick Mathewson
1c87a27574 Fix bug 1173: remove an assert(unsigned >= 0). 2009-12-15 15:51:59 -05:00
Nick Mathewson
e56747f9cf Refactor a bit so that it is safe to include math.h, and mostly not needed. 2009-12-15 14:40:49 -05:00
Nick Mathewson
2c672f73bf Fix comment typos in container.c 2009-12-15 13:20:02 -05:00
Nick Mathewson
c210db0d41 Enhance pqueue so we can remove items from the middle.
This changes the pqueue API by requiring an additional int in every
structure that we store in a pqueue to hold the index of that structure
within the heap.
2009-12-12 19:06:38 -05:00
Nick Mathewson
d086c9a7f7 Merge commit 'sebastian/fixes' 2009-12-12 02:10:57 -05:00
Nick Mathewson
9e6225ae16 Merge commit 'sebastian/coverity' 2009-12-12 02:10:19 -05:00
Nick Mathewson
0c1b3070cf Now that FOO_free(NULL) always works, remove checks before calling it. 2009-12-12 02:07:59 -05:00
Sebastian Hahn
3807db001d *_free functions now accept NULL
Some *_free functions threw asserts when passed NULL. Now all of them
accept NULL as input and perform no action when called that way.

This gains us consistence for our free functions, and allows some
code simplifications where an explicit null check is no longer necessary.
2009-12-12 03:29:44 +01:00
Sebastian Hahn
28b29e0fd7 Fix typo in a comment 2009-12-12 02:53:27 +01:00
Nick Mathewson
b51a33e527 Merge commit 'origin/maint-0.2.1' 2009-12-04 14:31:17 -05:00
Martin Peck
3a2d677fa7 Improved workaround for disabled OpenSSL renegotiation.
It turns out that OpenSSL 0.9.8m is likely to take a completely
different approach for reenabling renegotiation than OpenSSL 0.9.8l
did, so we need to work with both. :p   Fixes bug 1158.

(patch by coderman; commit message by nickm)
2009-12-04 14:25:08 -05:00
Roger Dingledine
403f99eaa4 add a minimum for CircuitStreamTimeout, plus a man page
plus some other unrelated touchups that have been sitting in my
sandbox
2009-11-22 07:15:30 -05:00
Nick Mathewson
2b1bb233b3 Use the same mlockall checks with tor_set_max_memlock 2009-11-20 14:45:29 -05:00
Nick Mathewson
444eff6286 Fix compilation on OSX 10.3.
On this OSX version, there is a stub mlockall() function
that doesn't work, *and* the declaration for it is hidden by
an '#ifdef _P1003_1B_VISIBLE'.  This would make autoconf
successfully find the function, but our code fail to build
when no declaration was found.

This patch adds an additional test for the declaration.
2009-11-20 13:28:16 -05:00
Jacob Appelbaum
6f1fe7e941 Fix compilation with with bionic libc.
This fixes bug 1147:

 bionic doesn't have an actual implementation of mlockall();
 mlockall() is merely in the headers but not actually in the library.
 This prevents Tor compilation with the bionic libc for Android handsets.
2009-11-14 16:45:14 -05:00
Nick Mathewson
0a58567ce3 Merge commit 'origin/maint-0.2.1'
Conflicts:
	src/common/tortls.c
2009-11-06 15:24:52 -05:00
Nick Mathewson
ce0a89e262 Make Tor work with OpenSSL 0.9.8l
To fix a major security problem related to incorrect use of
SSL/TLS renegotiation, OpenSSL has turned off renegotiation by
default.  We are not affected by this security problem, however,
since we do renegotiation right.  (Specifically, we never treat a
renegotiated credential as authenticating previous communication.)
Nevertheless, OpenSSL's new behavior requires us to explicitly
turn renegotiation back on in order to get our protocol working
again.

Amusingly, this is not so simple as "set the flag when you create
the SSL object" , since calling connect or accept seems to clear
the flags.

For belt-and-suspenders purposes, we clear the flag once the Tor
handshake is done.  There's no way to exploit a second handshake
either, but we might as well not allow it.
2009-11-05 18:13:08 -05:00
Jacob Appelbaum
2aac39a779 Implement DisableAllSwap to avoid putting secret info in page files.
This commit implements a new config option: 'DisableAllSwap'
This option probably only works properly when Tor is started as root.
We added two new functions: tor_mlockall() and tor_set_max_memlock().
tor_mlockall() attempts to mlock() all current and all future memory pages.
For tor_mlockall() to work properly we set the process rlimits for memory to
RLIM_INFINITY (and beyond) inside of tor_set_max_memlock().
We behave differently from mlockall() by only allowing tor_mlockall() to be
called one single time. All other calls will result in a return code of 1.
It is not possible to change DisableAllSwap while running.
A sample configuration item was added to the torrc.complete.in config file.
A new item in the man page for DisableAllSwap was added.
Thanks to Moxie Marlinspike and Chris Palmer for their feedback on this patch.

Please note that we make no guarantees about the quality of your OS and its
mlock/mlockall implementation. It is possible that this will do nothing at all.
It is also possible that you can ulimit the mlock properties of a given user
such that root is not required. This has not been extensively tested and is
unsupported. I have included some comments for possible ways we can handle
this on win32.
2009-10-27 04:28:40 -04:00
Sebastian Hahn
70abd843fd crypto_cipher_set_key cannot fail
In 5e4d53d535 we made it so that
crypto_cipher_set_key cannot fail. The call will now
always succeed, to returning a boolean for success/failure makes
no sense.
2009-10-27 04:31:23 +01:00
Nick Mathewson
5e4d53d535 Remove checks for array existence. (CID 410..415)
In C, the code "char x[10]; if (x) {...}" always takes the true branch of
the if statement.  Coverity notices this now.

In some cases, we were testing arrays to make sure that an operation
we wanted to do would suceed.  Those cases are now always-true.

In some cases, we were testing arrays to see if something was _set_.
Those caes are now tests for strlen(s), or tests for
!tor_mem_is_zero(d,len).
2009-10-26 22:40:41 -04:00
Karsten Loesing
d2b4b49ff0 Reduce log level for someone else sending us weak DH keys.
See task 1114. The most plausible explanation for someone sending us weak
DH keys is that they experiment with their Tor code or implement a new Tor
client. Usually, we don't care about such events, especially not on warn
level. If we really care about someone not following the Tor protocol, we
can set ProtocolWarnings to 1.
2009-10-25 23:47:05 -07:00
Nick Mathewson
afc76a4e71 Fix two bugs found by Coverity scan.
One was a simple buffer overrun; the other was a high-speed pointer
collision.  Both were introduced by my microdescs branch.
2009-10-19 23:19:42 -04:00
Nick Mathewson
f629687053 Merge branch 'microdesc' 2009-10-19 00:45:47 -04:00
Nick Mathewson
465d4e1cd1 Document some formerly undocumented functions. 2009-10-19 00:30:52 -04:00
Nick Mathewson
200c39b66c Document the microdescriptor code better. 2009-10-18 18:46:12 -04:00
Nick Mathewson
e26a79ca8a Make start_writing_to_stdio_file() respect O_BINARY. 2009-10-15 15:17:13 -04:00
Nick Mathewson
5576a3a094 Parse detached signature documents with multiple flavors and algorithms. 2009-10-15 15:17:13 -04:00
Nick Mathewson
3b2fc659a8 Refactor consensus signature storage for multiple digests and flavors.
This patch introduces a new type called document_signature_t to represent the
signature of a consensus document.  Now, each consensus document can have up
to one document signature per voter per digest algorithm.  Also, each
detached-signatures document can have up to one signature per <voter,
algorithm, flavor>.
2009-10-15 15:17:13 -04:00
Nick Mathewson
e1ddee8bbe Code to generate, store, and parse microdescriptors and consensuses.
The consensus documents are not signed properly, not served, and not
exchanged yet.
2009-10-15 15:17:13 -04:00
Nick Mathewson
a8e92ba8fd Add a function to get the most frequent member of a list. 2009-10-15 15:17:13 -04:00
Nick Mathewson
8d41e6c471 Support for encoding and decoding 256-bit digests in base64 2009-10-15 15:17:12 -04:00
Nick Mathewson
83c3f118db Code to parse and access network parameters.
Partial backport of 381766ce4b.
Partial backport of 56c6d78520.
2009-10-14 16:15:41 -04:00
Nick Mathewson
cfba9c01bf Alter keygen function to generate keys of different lengths. 2009-09-29 00:53:25 -04:00
Nathan Freitas
76d26ae52d Disable OpenSSL engines when building for Android.
Apparently the Android developers dumped OpenSSL's support for hardware
acceleration in order to save some memory, so you can't build programs using
engines on Android.

[Patch revised by nickm]
2009-09-29 00:53:10 -04:00
Nathan Freitas
8c585cce39 Include util.h and log.h as relative paths.
This shouldn't be necessary, but apparently the Android cross-compiler
doesn't respect -I as well as it should.  (-I is supposed to add to the
*front* of the search path.  Android's gcc wrapper apparently likes to add to
the end.  This is broken, but we need to work around it.)
2009-09-29 00:52:52 -04:00
Nick Mathewson
0a438c7daf Describe how to regenerate the TLS state name table. 2009-09-25 15:15:06 -04:00
Nick Mathewson
a3f1da2ec0 Fix compilation on OpenSSLs with unusual state lists.
"Unusual" in this context means "not the same as nickm's."  We should grow a
better list later.

(Also, move TLS state table to a separate header.)
2009-09-24 13:00:28 -04:00
Nick Mathewson
b8b2935367 Debugging logs for TLS handshake
The big change is to add a function to display the current SSL handshake
state, and to log it everywhere reasonable.  (A failure in
SSL23_ST_CR_SRVR_HELLO_A is different from one in
SSL3_ST_CR_SESSION_TICKET_A.)

This patch also adds a new log domain for OR handshaking, so you can pull out
all the handshake log messages without having to run at debug for everything.
For example, you'd just say "log notice-err [handshake]debug-err file
tor.log".
2009-09-24 12:31:22 -04:00
Nick Mathewson
d4b54549b8 Refactor unit tests to use the tinytest framework.
"Tinytest" is a minimalist C unit testing framework I wrote for
Libevent.  It supports some generally useful features, like being able
to run separate unit tests in their own processes.

I tried to do the refactoring to change test.c as little as possible.
Thus, we mostly don't call the tinytest macros directly.  Instead, the
test.h header is now a wrapper on tinytest.h to make our existing
test_foo() macros work.

The next step(s) here will be:
  - To break test.c into separate files, each with its own test group.
  - To look into which things we can test
  - To refactor the more fiddly tests to use the tinytest macros
    directly and/or run forked.
  - To see about writing unit tests for things we couldn't previously
    test without forking.
2009-09-23 00:24:43 -04:00
Sebastian Hahn
772ce9d085 Fix compile on Snow Leopard 2009-09-20 23:17:00 -04:00
Mike Perry
e2cc4e353a Add a couple of time helper functions.
Also add rounding support to tv_mdiff().
2009-09-20 18:03:39 -07:00
Nick Mathewson
4b10ba484b Merge commit 'origin/maint-0.2.1' 2009-09-17 00:42:41 -04:00
Nick Mathewson
9c38941195 Work around a memory leak in openssl 0.9.8g (and maybe others) 2009-09-17 00:01:20 -04:00
Sebastian Hahn
5e01a86b42 some cleanups:
documentation fix for get_uint64
remove extra "." from a log line
fix a long line
2009-09-15 07:12:12 -04:00
Nick Mathewson
381766ce4b Implement proposal 167: Authorities vote on network parameters.
This code adds a new field to vote on: "params".  It consists of a list of
sorted key=int pairs.  The output is computed as the median of all the
integers for any key on which anybody voted.

Improved with input from Roger.
2009-09-14 23:21:53 -04:00
Nick Mathewson
0edc39303d Add a median_int32 and find_nth_int32 2009-09-14 23:21:52 -04:00
Sebastian Hahn
0a71d1c6a7 Fix compile warnings on Snow Leopard
Big thanks to nickm and arma for helping me with this!
2009-09-01 22:16:46 +02:00
Nick Mathewson
1cda6f3e75 Merge commit 'origin/maint-0.2.1' 2009-09-01 15:59:40 -04:00
Sebastian Hahn
742788b737 typo 2009-09-01 21:58:06 +02:00
Nick Mathewson
bddda9bbdb Use an _actual_ fix for the byte-reverse warning.
(Given that we're pretty much assuming that int is 32 bits, and given that
hex values are always unsigned, taking out the "ul" from 0xff000000 should
be fine.)
2009-09-01 15:51:09 -04:00
Nick Mathewson
2f0184ece1 Use a simpler fix for the byte-reversing warning 2009-09-01 15:41:38 -04:00
Sebastian Hahn
aea9cf1011 Fix compile warnings on Snow Leopard
Big thanks to nickm and arma for helping me with this!
2009-09-01 18:36:27 +02:00
Nick Mathewson
00b37f071d Revise parsing of time and memory units to handle spaces.
When we added support for fractional units (like 1.5 MB) I broke
support for giving units with no space (like 2MB).  This patch should
fix that.  It also adds a propoer tor_parse_double().

Fix for bug 1076.  Bugfix on 0.2.2.1-alpha.
2009-08-31 00:18:55 -04:00
Roger Dingledine
659552a3c6 Merge branch 'maint-0.2.1' 2009-08-27 21:42:58 -04:00
Nick Mathewson
5da3b45fdc Make crypto_digest_get_digest nondestructive again.
Fixes bug in f57883a39.
2009-08-20 12:03:32 -04:00
Nick Mathewson
9d11827780 Fix a rare infinite-recursion bug when shutting down.
Once we had called log_free_all(), anything that tried to log a
message (like a failed tor_assert()) would fail like this:

   1. The logging call eventually invokes the _log() function.
   2. _log() calls tor_mutex_lock(log_mutex).
   3. tor_mutex_lock(m) calls tor_assert(m).
   4. Since we freed the log_mutex, tor_assert() fails, and tries to
      log its failure.
   5. GOTO 1.

Now we allocate the mutex statically, and never destroy it on
shutdown.

Bugfix on 0.2.0.16-alpha, which introduced the log mutex.

This bug was found by Matt Edman.
2009-08-20 11:55:33 -04:00
Nick Mathewson
d0c212995a Add a SHA256 implementation for platforms that lack it.
(This would be everywhere running OpenSSL 0.9.7x and earlier, including
all current Macintosh users.)

The code is based on Tom St Denis's LibTomCrypt implementation,
modified to be way less general and use Tor's existing facilities.  I
picked this one because it was pretty fast and pretty free, and
because Python uses it too.
2009-08-20 01:47:13 -04:00
Nick Mathewson
f57883a39e Add basic support for SHA256.
This adds an openssl 0.9.8 dependency.  Let's see if anybody cares.
2009-08-19 19:43:54 -04:00
Mike Perry
9e1fe29beb Switch over to tor_strtok_r instead of strtok_r. 2009-08-09 18:42:29 -07:00
Nick Mathewson
3886467f38 Add a new tor_strtok_r for platforms that don't have one, plus tests.
I don't think we actually use (or plan to use) strtok_r in a reentrant
way anywhere in our code, but would be nice not to have to think about
whether we're doing it.
2009-08-09 17:30:15 -07:00
Karsten Loesing
7b716878cb Fix dirreq and cell stats on 32-bit architectures.
When determining how long directory requests take or how long cells spend
in queues, we were comparing timestamps on microsecond detail only to
convert results to second or millisecond detail later on. But on 32-bit
architectures this means that 2^31 microseconds only cover time
differences of up to 36 minutes. Instead, compare timestamps on
millisecond detail.
2009-07-27 16:23:53 +02:00
Karsten Loesing
8f1a973669 Two tweaks to exit-port statistics.
Add two functions for round_to_next_multiple_of() for uint32_t and
uint64_t.

Avoid division in every step of the loop over all ports.
2009-07-13 22:43:06 +02:00
Nick Mathewson
94e8c34cb7 Set EV_PERSIST flag on signal events with Libevent < 2.0.
Fix for bug 1007.
2009-06-18 10:07:26 -04:00
Sebastian Hahn
0caf8dd0b6 Fix bug 1001
For compatibility with Libevent2, tor_event_new should accept
a NULL base without crashing.
2009-06-16 17:30:08 +02:00
Nick Mathewson
74bf885b2d Whitespace and osx fixes on libevent2 patch. 2009-06-12 15:09:09 -04:00
Nick Mathewson
33b1d714e7 Make Tor compile with Libevent 1.0 again. 2009-06-12 14:27:53 -04:00
Nick Mathewson
c0af3cdfb6 Move the Libvent setup logic into compat_libevent from config.
This has been some pretty ugly and voodoo-laden code.  I've tried to
clean it up a bit, but more work probably remains.
2009-06-12 14:27:52 -04:00
Nick Mathewson
e5b88dc83f Update Tor to use Libevent 2.0 APIs when available.
This patch adds a new compat_libevent.[ch] set of files, and moves our
Libevent compatibility and utilitity functions there.  We build them
into a separate .a so that nothing else in src/commmon depends on
Libevent (partially fixing bug 507).

Also, do not use our own built-in evdns copy when we have Libevent
2.0, whose evdns is finally good enough (thus fixing Bug 920).
2009-06-12 14:27:52 -04:00
Nick Mathewson
77ffd6b2a7 Merge commit 'origin/maint-0.2.1' 2009-05-31 19:17:22 -04:00
Nick Mathewson
e84ddead34 Merge branch 'hardware_accel_improvements' 2009-05-31 13:36:50 -04:00
Nick Mathewson
fd992deeea Don't attempt to log messages to a controller from a worker thread.
This patch adds a function to determine whether we're in the main
thread, and changes control_event_logmsg() to return immediately if
we're in a subthread.  This is necessary because otherwise we will
call connection_write_to_buf, which modifies non-locked data
structures.

Bugfix on 0.2.0.x; fix for at least one of the things currently
called "bug 977".
2009-05-30 18:16:24 -04:00
Nick Mathewson
4913a8c4ba Merge commit 'origin/maint-0.2.1' 2009-05-28 16:07:49 -04:00
Nick Mathewson
260de44313 Fixes to spelling fixes. Thanks, Roger! 2009-05-28 12:22:48 -04:00
Nick Mathewson
cb18fc2190 Merge commit 'origin/maint-0.2.1' 2009-05-27 18:12:18 -04:00
Nick Mathewson
ec7e054668 Spell-check Tor. 2009-05-27 17:55:51 -04:00
Nick Mathewson
f0453c45c8 Spelling fixes in comments and strings 2009-05-27 16:36:13 -04:00
Martin Peck
7703b887f5 Add support for dynamic OpenSSL hardware crypto acceleration engines. 2009-05-23 16:42:44 -07:00
Nick Mathewson
793e97bb2a Add a quick macro to calculate hashtable memory usage 2009-05-22 23:30:52 -04:00
Nick Mathewson
14a549552a Merge branch 'maint-0.2.1' into merge_tmp 2009-05-17 02:11:34 -04:00
Nick Mathewson
11b9c839f0 Stop using malloc_usable_size(): valgrind hates it. 2009-05-17 01:55:02 -04:00
Nick Mathewson
e563874045 Merge commit 'origin/maint-0.2.1' 2009-05-17 00:05:38 -04:00
Nick Mathewson
9f25a5529a Fix an assertion-failure in memarea_alloc() on 64-bit platforms.
The trick is that we should assert that our next_mem pointer has not
run off the end of the array _before_ we realign the pointer, since
doing that could take us over the end... but only if we're on a system
where malloc() gives us ram in increments smaller than sizeof(void*).
2009-05-17 00:02:59 -04:00
Nick Mathewson
479d21254a Merge commit 'origin/maint-0.2.1' 2009-05-13 16:55:42 -04:00
Nick Mathewson
c36efb0c45 Use a mutex to protect the count of open sockets.
This matters because a cpuworker can close its socket when it
finishes.  Cpuworker typically runs in another thread, so without a
lock here, we can have a race condition and get confused about how
many sockets are open.  Possible fix for bug 939.
2009-05-13 09:38:48 -04:00
Nick Mathewson
d9650cfa50 Add sentinel values to the end of memarea chunks.
This might detect some possible causes of bug 930, and will at least
make sure we aren't doing some dumb memory-corruption stuff with the heap
and router-parsing.
2009-05-12 15:10:23 -04:00
Nick Mathewson
fdbdb4dc15 Include the *_sha1.i files in their own *_codedigest.c files.
This way we do not need to rebuild util.c and/or config.c whenever
any unrelated source file in src/common or src/or has changed.
2009-05-08 12:35:36 -04:00
Sebastian Hahn
b9b16ef9a5 Add a missing newline 2009-05-05 11:12:41 -04:00
Karsten Loesing
9b32e8c141 Update copyright to 2009. 2009-05-04 11:28:27 -04:00
Karsten Loesing
4ebcc4da34 Update copyright to 2009. 2009-05-02 22:00:54 +02:00
Nick Mathewson
6ac3a8b0cd Command-line option to dump SHA1 digests of all source files.
Now, when you call tor --digests, it dumps the SHA1 digest of each
source file that Tor was built with.  We support both 'sha1sum' and
'openssl sha1'.  If the user is building from a tarball and they
haven't edited anything, they don't need any program that calculates
SHA1.  If they _have_ modified a file but they don't have a program to
calculate SHA1, we try to build so we do not output digests.
2009-04-29 14:46:04 -04:00
Nick Mathewson
be9d72303e Actually do that memarea_strndup fix right. Not only must you not examine unmapped ram, but you also must not copy it. From lark.
svn:r19095
2009-03-21 16:01:52 +00:00
Nick Mathewson
0fa01654b9 fix from lark: make memarea_strndup() work even at the end of a mmap chunk. Bug was harmless for now, I think.
svn:r19094
2009-03-21 11:52:53 +00:00
Nick Mathewson
cb3b95de19 Add some asserts to try to catch bug 930
svn:r19074
2009-03-18 15:12:56 +00:00
Roger Dingledine
2f69c67957 doxygen tweak
svn:r18818
2009-03-09 06:20:15 +00:00
Nick Mathewson
cbbc0c9c86 Actually use tor_sscanf() to parse untrusted input.
svn:r18761
2009-03-03 18:02:36 +00:00
Nick Mathewson
26d83fc04c Add a simple locale-independent no-surprises sscanf replacement.
tor_sscanf() only handles %u and %s for now, which will make it
adequate to replace sscanf() for date/time/IP parsing.  We want this
to prevent attackers from constructing weirdly formed descriptors,
cells, addresses, HTTP responses, etc, that validate under some
locales but not others.

svn:r18760
2009-03-03 18:02:31 +00:00
Nick Mathewson
9f8d095e0f Add and use set/get_uint64 on onion tags. [bug 604; backportable]
It seems that 64-bit Sparc Solaris demands 64-bit-aligned access to
uint64_t, but does not 64-bit-align the stack-allocated char array we
use for cpuworker tags.  So this patch adds a set/get_uint64 pair, and
uses them to access the conn_id field in the tag.

svn:r18743
2009-03-02 19:15:05 +00:00
Nick Mathewson
f99098cca4 Use prctl to reenable core dumps when we have setuid to a non-root user.
svn:r18449
2009-02-09 15:20:17 +00:00
Nick Mathewson
fe987d3a17 Remove some deadcode and use tor_inet_aton uniformly.
svn:r18422
2009-02-09 03:13:05 +00:00
Nick Mathewson
72e420ff3c Fix typo found by Justin Coffi on or-talk
svn:r18258
2009-01-23 22:45:08 +00:00
Nick Mathewson
25c6ff6f55 Support 64-bit time_t. Patch from Matthias Drochner. Partial backport candidate.
svn:r18234
2009-01-22 16:28:12 +00:00
Nick Mathewson
8ebceeb352 Make sure that even in the weird fiddly paths that lead to init_keys,
crypto_global_init gets called.  Also have it be crypto_global_init
that calls crypto_seed_rng, so we are not dependent on OpenSSL's
RAND_poll in these fiddly cases.

Should fix bug 907.  Bugfix on 0.0.9pre6.  Backport candidate.

svn:r18210
2009-01-21 15:38:39 +00:00
Nick Mathewson
bf2b71beb8 Fix an error in tor_addr_parse that kept us from having a hidden service or a bridge live at an IPv6 address.
svn:r18206
2009-01-21 07:24:50 +00:00
Nick Mathewson
3f8ab367c1 Fix warning on panther compile, and bug 913. Backport candidate.
svn:r18203
2009-01-21 03:51:14 +00:00
Nick Mathewson
a87980c2eb Add a better (non-locale-having) ctypes implementation to avoid protocol and parsing mismatches on different platforms.
svn:r18189
2009-01-20 21:33:56 +00:00
Nick Mathewson
a33452c401 Fix up (I hope) most ot the things that coverity suddenly claimed were REVERSE_INULL. This is what we get for bragging about being down to 0 issues.
svn:r18096
2009-01-13 14:43:51 +00:00
Nick Mathewson
943626050c Fix a leak memory on the failing case of test_memeq_hex
svn:r18094
2009-01-13 14:43:43 +00:00
Nick Mathewson
0fe5ce423a Fix a harmless-to-us bug in ht.h.
There was a field that _HT_FOI_INSERT was never setting. Everything that calls _HT_FOI_INSERT was setting it via tor_malloc_zero, but that's fragile.

svn:r18064
2009-01-10 14:40:43 +00:00
Nick Mathewson
585d4a12b5 Note a problem in the interface tor_addr_to_sockaddr.
svn:r17982
2009-01-06 20:50:51 +00:00
Nick Mathewson
765bb14f69 Another fun openbsd warning fix. On ioerror's computer at least, they redefined an unsigned field in zlib.h to be signed. I am quite sure this makes me more secure somehow.
svn:r17892
2009-01-04 23:15:42 +00:00
Nick Mathewson
743c6c8277 OpenBSD malloc.h believes that you should be able to detect headers with autoconf, or build without warnings, but not both. So never include malloc.h on OpenBSD. Backport candidate.
svn:r17891
2009-01-04 22:47:42 +00:00
Nick Mathewson
9c94b428d9 Fix the oldest bug in a while: stop accepting 1.2.3 as a valid IPv4 address on any platform.
svn:r17887
2009-01-04 19:47:17 +00:00
Nick Mathewson
c4b8fef362 Remove svn $Id$s from our source, and remove tor --version --version.
The subversion $Id$ fields made every commit force a rebuild of
whatever file got committed.  They were not actually useful for
telling the version of Tor files in the wild.

svn:r17867
2009-01-04 00:35:51 +00:00
Nick Mathewson
9c20441bcb Only set sin_len/sin6_len when they exist.
svn:r17851
2009-01-02 20:57:10 +00:00
Nick Mathewson
48f2ce298b Try harder to make sure we zero-out the extraneous sockaddr fields and that we set sockaddr_len. Conceivably a backport candidate, though nothing has yet been sen to break.
svn:r17849
2009-01-02 20:39:38 +00:00
Nick Mathewson
52932d6f1a Remove some code that is #ifdefed out, and that we no longer seem to use, if we ever did.
svn:r17827
2008-12-30 04:16:49 +00:00
Nick Mathewson
e8a3fa91a6 Use a consistent naming standard for header file guard macros, taking care not to collide with any system headers. This tripped us up on Android.
svn:r17805
2008-12-29 02:21:02 +00:00
Nick Mathewson
b0a8ecd193 Use RSA_generate_key_ex where available.
svn:r17804
2008-12-29 02:20:57 +00:00
Nick Mathewson
94507f1b6d Fix bug in recent address.c patch: actually set the value of address * to 0.0.0.0 as we did before. This makes CMP_EXACT comparisons with bitmask 0 work on address * again.
svn:r17801
2008-12-29 01:30:35 +00:00
Nick Mathewson
ccda4e481c Fix compilation under gethostbyname-based systems.
svn:r17800
2008-12-27 15:46:16 +00:00
Nick Mathewson
374c1e979f Refactor tor_addr_t manipulation functions so that as few as possible look at the tor_addr_t representation.
svn:r17790
2008-12-26 21:26:05 +00:00
Nick Mathewson
616f6643ef get_interface_addr6(), and by extension get_interface_addr(), were pretty borked. Copying a tor_addr_t from a sockaddr_storage using memcpy is a poor notion.
svn:r17789
2008-12-26 21:26:03 +00:00
Nick Mathewson
61722638ea Refactor tor_addr_compare_masked() so that CMP_SEMANTIC makes more sense, and has decent semantics for maskbits; and so that CMP_EXACT works right for bits==0.
svn:r17788
2008-12-26 20:37:18 +00:00
Nick Mathewson
73e1a1d26e Document our Bloom filter parameter choices.
svn:r17785
2008-12-26 17:35:18 +00:00
Nick Mathewson
df5e8f65bc Add more missing documentation, and correct an error in container.c documentation: Don't introduce two parameters called n when you're calling an algorithm O(n).
svn:r17783
2008-12-26 17:35:08 +00:00
Roger Dingledine
a12c3f2c86 some fixes i found in my sandbox
svn:r17771
2008-12-25 15:37:47 +00:00
Nick Mathewson
558e9899e4 Document most undocumented variables.
svn:r17754
2008-12-23 17:56:31 +00:00
Nick Mathewson
d7f55dafe0 Properly zero-out addresses when setting them. Probably this was not hurting anything.
svn:r17749
2008-12-23 14:21:34 +00:00
Nick Mathewson
b4d387c28b Make freelist_len in memarea.c static; document a few variables.
svn:r17741
2008-12-22 19:14:08 +00:00
Nick Mathewson
b68379b13b Add DOCDOC entries for undocumented static and global variables.
svn:r17739
2008-12-22 19:00:05 +00:00
Nick Mathewson
1e5f457461 Fix most DOCDOCs remaining and/or added by redox.
svn:r17734
2008-12-22 17:53:04 +00:00
Nick Mathewson
1725c0c8a5 Add DOCDOC comments for all undocumented functions. Add missing *s to other comments so that they will get recognized as doxygen.
svn:r17729
2008-12-22 14:56:28 +00:00
Nick Mathewson
55348884b5 Fix all of the doxygen warnings not pertaining to missing documentation.
svn:r17727
2008-12-22 14:56:16 +00:00
Nick Mathewson
029be5ad02 Move in-addr.arpa parsing and generation into address.c, and simplify the code that does it elsewhere. Incidentally, this lets exit servers answer requests for ip6.arpa addresses.
svn:r17707
2008-12-19 18:52:00 +00:00
Nick Mathewson
efb863189c Expose hex_decode_digit from util.c
svn:r17706
2008-12-19 18:51:52 +00:00
Nick Mathewson
bf80e2df3f Replace calls to time(NULL) that occur on the order of once per read, one per write, or once per cell with calls to a function that looks at a cached value of time. This is tricksy to benchmark, since it will only help on systems where time() is a syscall and syscalls are relatively slow.
svn:r17690
2008-12-18 17:19:04 +00:00
Nick Mathewson
b6f89a647a One log.c XXX021 was a misunderstanding. Also, clip log messages passed to syslog to their maximum length when there is a maximum.
svn:r17688
2008-12-18 17:18:06 +00:00
Nick Mathewson
122170c1d3 Downlgrade tweak, and answer lots of XXX021s. No actual code fixes in this patch.
svn:r17686
2008-12-18 16:11:24 +00:00
Nick Mathewson
6c6b0283cb Ben confirms that the MUST in rfc2631 is only for compatibility with X9.42, and isn't actually a security thing.
svn:r17685
2008-12-18 16:11:16 +00:00
Nick Mathewson
8d5a9d762c Log an error on win32 if directory listing fails.
svn:r17684
2008-12-18 16:11:12 +00:00
Nick Mathewson
9c3d17ebb5 Fix a small memory leak of around 32 bytes per TLS connection opened. Bugfix on 0.2.1.1-alpha.
svn:r17678
2008-12-18 15:00:09 +00:00
Nick Mathewson
cebdf93949 Fix bug 889: share deep-copied keys between threads to avoid races in reference counts. Bugfix on 0.1.0.1-rc.
svn:r17672
2008-12-18 05:28:27 +00:00
Nick Mathewson
6693f32530 Resolve many DOCDOCs.
svn:r17662
2008-12-17 22:58:20 +00:00
Nick Mathewson
f43bcdc063 Use ctags and a python script to find identifiers that are never used anywhere, and remove the ones that we really want gone.
svn:r17651
2008-12-17 17:20:42 +00:00
Nick Mathewson
98066d62bc Lower sprintf buffer max to ~SSIZE_T_MAX from SIZE_T_CEILING, since we need to compare it to a signed int.
svn:r17600
2008-12-11 21:11:22 +00:00
Nick Mathewson
4277b0e926 Remove some cargo-cult gcc hacks around tor_assert and predict_unlikely; instead, use the standard convert-to-boolean hack of "svn st"
svn:r17597
2008-12-11 20:23:46 +00:00
Nick Mathewson
3be88b2c70 Change test_memeq macro to not leak memory. Addresses coverity CID 47.
svn:r17577
2008-12-11 06:17:54 +00:00
Nick Mathewson
d60d8976b9 Better error message when told to setuid to ourself.
svn:r17543
2008-12-09 23:26:12 +00:00
Nick Mathewson
07c8b2be21 Compile without warnings on mingw.
svn:r17522
2008-12-08 19:52:26 +00:00
Nick Mathewson
6fb06f334a Try to fix windows mmap code.
svn:r17493
2008-12-05 19:36:35 +00:00
Nick Mathewson
7f793fa733 Simplify mmap object layout to avoid confusing static analysis tools, and us too.
svn:r17490
2008-12-05 02:17:41 +00:00
Nick Mathewson
2be5215181 Fix a hard-to-trigger memory leak in log_credential status. Found by Coverity scan. CID 349.
svn:r17484
2008-12-05 01:29:59 +00:00
Nick Mathewson
37bd9181f0 Do not use O_APPEND on fd-based operations that do not really want it; have them just lseek instead.
svn:r17460
2008-12-02 23:49:40 +00:00
Roger Dingledine
96a185d9b7 style cleanup
svn:r17457
2008-12-02 23:42:21 +00:00
Nick Mathewson
bd6b3072f9 Change logging code to use fds instead of stdio. Fixes bug 861, and probably makes logging slightly faster. Not a backport candidate: bug 861 is too obscure and harmless.
svn:r17456
2008-12-02 23:36:58 +00:00
Nick Mathewson
6221bdd294 Add two lseek wrappers to compat.[ch]: one to return current fd position, and one to move the fd to the end of the file.
svn:r17454
2008-12-02 23:26:04 +00:00
Nick Mathewson
60738daf85 Define socklen_t before using it in compat.h
svn:r17444
2008-12-02 18:54:47 +00:00
Nick Mathewson
191197eff7 Revert my older supposed gcc-4.4 warning workaround. GCC was not being needlessly prissy; it was hinting at the wrongly pure smartlist_bsearch_idx.
svn:r17396
2008-11-26 17:14:59 +00:00
Nick Mathewson
651a0a2fb5 Stop marking bsearch_idx as pure; it is not.
svn:r17393
2008-11-26 16:57:46 +00:00
Nick Mathewson
4cddcf8873 Cast uid_t and gid_t to unsigned before passing to printf %u.
svn:r17392
2008-11-26 16:13:12 +00:00
Nick Mathewson
bc597758dc Use fcntl for file locking when flock() is not available.
svn:r17391
2008-11-26 16:10:56 +00:00
Nick Mathewson
07a08d933d Resolve a warning under gcc 4.4 trunk.
svn:r17357
2008-11-22 02:19:14 +00:00
Nick Mathewson
bdc0aec00a Update _log_global_min_severity after switch_logs_debug(), so that USR2 will work again. Bugfix on 0.1.2.8-beta. Spotted by Geoff Down.
svn:r17317
2008-11-17 19:58:51 +00:00
Nick Mathewson
a790a13705 define get_uint8 and set_uint8 macros to make code cleaner.
svn:r17261
2008-11-12 14:39:25 +00:00
Nick Mathewson
a95e0e7355 apply sebastian's fix for bug 859. Apparently on win32 one must lock at least one byte when locking, but locking a nonexistant byte is okay. )
svn:r17244
2008-11-11 15:29:40 +00:00
Nick Mathewson
6c50ab6e61 Document a couple of functions.
svn:r17239
2008-11-10 20:40:01 +00:00
Roger Dingledine
c62d5f6a5c beg nick for some documentation on the locking functions
svn:r17233
2008-11-10 00:48:13 +00:00
Roger Dingledine
0554e87f58 better error message when you set User but start tor as non-root.
hopefully will address bug 857.


svn:r17232
2008-11-10 00:41:07 +00:00
Nick Mathewson
13e079f9ec Log a little more when credential-switching fails.
svn:r17228
2008-11-09 16:54:54 +00:00
Roger Dingledine
b32e600d50 while we're cleaning code, get rid of some unreachable code at
the bottom of switch_id


svn:r17205
2008-11-07 04:35:41 +00:00
Roger Dingledine
14773f42a7 now that we drop privs more thoroughly, switch_id() is no longer
idempotent. so now we remember if we've succeeded, and if so we
don't even try.


svn:r17204
2008-11-07 04:34:47 +00:00
Roger Dingledine
7c65792500 remove more redundant code from r17200
svn:r17203
2008-11-07 04:11:03 +00:00
Nick Mathewson
1b98f45b3d Developers should usually configure with --enable-gcc-warnings, and should regularly make check-spaces. Also, int fn() does not mean the same in C as it does in C++ or Java.
svn:r17201
2008-11-07 02:53:46 +00:00
Steven Murdoch
9d68ed08e9 Patch from Jacob Appelbaum and me to make User option more robust, properly set supplementary groups, deprecated the Group option, and log more information on credential switching
svn:r17200
2008-11-07 02:06:12 +00:00
Nick Mathewson
3ebd1ebeca The chunk_size field in memarea_t was never actually set. Remove the whole thing.
svn:r17195
2008-11-05 20:34:22 +00:00
Nick Mathewson
35bef7fefd make read_all and write_all return ssize_t.
svn:r17194
2008-11-05 19:29:17 +00:00
Nick Mathewson
b56d1545db Fix freebsd 7 compile by adding malloc_np.h header. Fix bug 850.
svn:r17190
2008-11-05 15:56:53 +00:00
Nick Mathewson
3f84ed3d46 Add a new memcmpstart to use instead of strcmpstart when the thing we are comparing is not nul-terminated.
svn:r17187
2008-11-03 16:35:48 +00:00
Nick Mathewson
361086005c Fix a possible negative shift in address comparison. May fix bug 845 and bug 811
svn:r17169
2008-10-29 13:29:54 +00:00
Nick Mathewson
0ab45fee73 Document some dmalloc stuff and some stupid C tricks.
svn:r17161
2008-10-27 16:30:52 +00:00
Jacob Appelbaum
7873d324df This patch changes some of the code in util.c to refactor calls to
dmalloc_malloc, dmalloc_realloc and dmalloc_strdup. It only calls those
functions if we're using the magic USE_DMALLOC macro. If we're not doing
that, we call the normal malloc, realloc and strdup. This is my first
night at malloc disambiguation club, so I had to disambiguate. Also, first commit, I have my commit bit now. Huzzzah!!!


svn:r17157
2008-10-26 22:56:53 +00:00
Roger Dingledine
c7af43a624 Now NodeFamily and MyFamily config options allow spaces in
identity fingerprints, so it's easier to paste them in.
Suggested by Lucky Green.


svn:r17021
2008-10-01 03:41:33 +00:00
Roger Dingledine
982a22a121 fix typo
svn:r16949
2008-09-24 00:49:29 +00:00
Nick Mathewson
f28fc83ea5 More logging for mtbf/wfu calculations.
svn:r16941
2008-09-23 18:24:20 +00:00
Nick Mathewson
f95d7c189b Refactor unit test macros and tor_free_all() logic a bit so as to make it easier to free memory on failing tests, in order to suppress scanner warnings and to make dmalloc() usable with tests.
svn:r16816
2008-09-09 20:43:31 +00:00
Nick Mathewson
6c432a5565 Replace the dummy-use var in SMARTLIST_FOREACH_END() with one that is less likely to confuse analysis tools into thinking we do use after free. Arguably, (void)x should count as use in suppressing unused variable warnings, but not in generating hey-you-used-a-variable warnings. Arguably, though, it shouldn't.
svn:r16815
2008-09-09 19:29:33 +00:00
Nick Mathewson
aacda9cd8e We should not alter an addr_policy_t that has been canonicalized.
svn:r16802
2008-09-09 03:48:01 +00:00
Nick Mathewson
339f094056 Refactor some code and add some asserts based on scanner results.
svn:r16783
2008-09-05 21:19:53 +00:00
Nick Mathewson
a345506672 Add an assert to make tools happier.
svn:r16782
2008-09-05 20:59:09 +00:00
Nick Mathewson
4d94e061c7 Clean up some redundant stuff in crypto_dh_new().
svn:r16778
2008-09-05 20:18:22 +00:00
Nick Mathewson
8ea780632f Make severity args to add_*_log() functions be const
svn:r16775
2008-09-05 19:52:44 +00:00
Nick Mathewson
c33dde4ac1 Fix mingw build with --enable-gcc-warnings set.
svn:r16759
2008-09-04 21:58:09 +00:00
Nick Mathewson
fa2f72ded7 An asterisk makes a difference sometimes. Fixes bug 809.
svn:r16758
2008-09-04 20:42:02 +00:00
Roger Dingledine
ed45a42f98 take out the crazy line from last night that made no sense. apparently
it does work for tas after all.


svn:r16724
2008-09-01 21:24:25 +00:00
Roger Dingledine
9f823f54d5 remove some redundant includes. i expect the first one to be a problem
for tas, but who knows.


svn:r16723
2008-09-01 21:16:07 +00:00
Nick Mathewson
f80ac31d74 Add a lockfile to the Tor data directory to avoid situations where two Tors start with the same datadir, or where a --list-fingerprints races with a server to create keys, or such.
svn:r16722
2008-09-01 20:06:26 +00:00
Roger Dingledine
04eded4a5c take out a line that i think is extraneous. come on, what could
go wrong?


svn:r16714
2008-09-01 08:01:40 +00:00
Roger Dingledine
6942bd66ea Fix compile on OpenBSD 4.4-current. Bugfix on 0.2.1.5-alpha.
Reported by Tas.


svn:r16713
2008-09-01 08:01:22 +00:00
Roger Dingledine
4eab76f074 remove a code path that should never happen (and if it did, we'd be
complaining about an errno set from some arbitrary previous problem).


svn:r16684
2008-08-29 09:06:18 +00:00
Roger Dingledine
c5fef3c57f commit jake's patch to include strings with socks5 error numbers
svn:r16657
2008-08-25 21:02:22 +00:00
Nick Mathewson
88e6162649 r17848@tombo: nickm | 2008-08-22 12:10:11 -0400
Make definition of tor_mutex_t go into compat.h, so that it is possible to inline mutexes in critical objects.  Add init/uninit functions for mutexes allocated inside other structs.


svn:r16623
2008-08-22 16:24:52 +00:00
Nick Mathewson
0711408c22 Adjust definition of SMARTLIST_FOREACH_END() to enforce matching variable.
svn:r16597
2008-08-19 15:33:03 +00:00
Nick Mathewson
22259a0877 The first of Karsten's proposal 121 patches: configure and maintain client authorization data. Tweaked a bit: see comments on or-dev.
svn:r16475
2008-08-08 14:36:11 +00:00
Nick Mathewson
f6879caa04 Try once again to make BSD compilation happy.
svn:r16474
2008-08-08 12:58:17 +00:00
Nick Mathewson
d9601c65e0 r17666@tombo: nickm | 2008-08-07 15:12:30 -0400
Make tor_addr_from_sockaddr also give away the port in a useful format


svn:r16458
2008-08-07 19:13:35 +00:00
Nick Mathewson
2905291af2 r17659@tombo: nickm | 2008-08-06 12:22:11 -0400
Fix bug 794: recover 3 bytes wasted per memory chunk.  Fix from rovv.


svn:r16447
2008-08-06 16:22:25 +00:00
Nick Mathewson
645cbd690b r17643@31-33-44: nickm | 2008-08-05 16:18:25 -0400
Oops.  Remove code to set (nonportable) sin_len fields.  Added it to try to fix a bug that turned out to be something else.


svn:r16436
2008-08-05 20:18:28 +00:00
Nick Mathewson
960a0f0a99 r17641@31-33-44: nickm | 2008-08-05 16:07:53 -0400
Initial conversion of uint32_t addr to tor_addr_t addr in connection_t and related types.  Most of the Tor wire formats using these new types are in, but the code to generate and use it is not.  This is a big patch.  Let me know what it breaks for you.


svn:r16435
2008-08-05 20:08:19 +00:00
Karsten Loesing
626fafe563 Make compiler with GCC warnings enabled happy.
svn:r16300
2008-07-31 10:33:02 +00:00
Nick Mathewson
f366d10a2f r17435@tombo: nickm | 2008-07-30 08:50:54 -0400
Allow alternate form of SMARTLIST_FOREACH with paired BEGIN and END macros.  This lets the compiler tell us which line an error has occurred on.


svn:r16256
2008-07-30 13:04:28 +00:00
Nick Mathewson
e5bc5f11b8 r17434@tombo: nickm | 2008-07-29 10:58:36 -0400
Refactor tor_addr_from_string: it didnt need most of parse_addr_mask_port_range, and its dependence on that latter function made it less flexible.


svn:r16255
2008-07-30 13:04:26 +00:00
Nick Mathewson
507b01357a r17426@tombo: nickm | 2008-07-28 20:34:03 -0400
More test coverage for tor_addr_t; fix a couple of bugs.


svn:r16234
2008-07-29 00:34:50 +00:00
Nick Mathewson
056d97da0c r17391@pc-10-8-1-079: nickm | 2008-07-25 17:11:17 +0200
Tor_addr_compare did a semantic comparison, such that ::1.2.3.4 and 1.2.3.4 were "equal".  we sometimes need an exact comparison.  Add a feature to do that.


svn:r16210
2008-07-25 15:11:21 +00:00
Nick Mathewson
9da0482007 r17358@pc-10-8-1-079: nickm | 2008-07-25 16:41:03 +0200
Split out the address manipulation functions from compat and util: they were about 21% of the total of those, and spread out too much.


svn:r16208
2008-07-25 14:43:24 +00:00
Nick Mathewson
3ce6e2fba2 r17346@aud-055: nickm | 2008-07-24 15:37:19 +0200
Make generic address manipulation functions work better.  Switch address policy code to use tor_addr_t, so it can handle IPv6.  That is a good place to start.


svn:r16178
2008-07-24 13:44:04 +00:00
Karsten Loesing
9231858ff5 Fix bug 763. When a hidden service is giving up on an introduction point candidate that was not included in the last published rendezvous descriptor, don't reschedule publication of the next descriptor.
svn:r15825
2008-07-10 21:02:01 +00:00
Nick Mathewson
cb7cc9e12d r16882@tombo: nickm | 2008-07-10 14:31:25 -0400
Fix for session-related bug found by Geoff Goodell. backport candidate, once tested.


svn:r15821
2008-07-10 18:31:33 +00:00
Nick Mathewson
c5ec7a3677 Stop using __attribute__((nonnull)): It gets us occcasional warnings when we do something so foolish it can be detected without dataflow analysis, but it also eliminates some of our error checking code. Suggested by Peter Gutmann.
svn:r15803
2008-07-09 15:23:23 +00:00
Nick Mathewson
1a564901e4 Fix the rest of the GCC warnings on OpenBSD_malloc_linux.c
svn:r15698
2008-07-06 18:33:35 +00:00
Nick Mathewson
8bc2ab03f8 Remove spurious "netintet" check from configure.in
svn:r15672
2008-07-05 21:17:04 +00:00
Nick Mathewson
9d7a2d4eae r16689@tombo: nickm | 2008-07-03 11:03:14 -0400
Fix for bug 742: do not use O_CREAT on 2-option version of open().  Especially do not use it on /dev/null.  Fix from Michael Scherer. Bugfix on 0.0.2pre19 (wow).


svn:r15626
2008-07-03 15:04:16 +00:00
Nick Mathewson
3ec25c2410 r16587@tombo: nickm | 2008-06-28 00:13:40 -0400
fix for bug 704; found by sjmurdoch.  Windows and recent openssl both want to define OCSP_RESPONSE; do not let them.


svn:r15533
2008-06-28 04:16:17 +00:00
Nick Mathewson
d4ed91c672 Set dynamic-locking callbacks in openssl. These can be more efficient when openssl uses them.
svn:r15222
2008-06-13 16:35:12 +00:00
Roger Dingledine
d395135e2f fix a few typos, and give the bootstrap phase stuff a changelog entry.
svn:r15183
2008-06-13 04:26:05 +00:00
Nick Mathewson
22080354ed r16217@tombo: nickm | 2008-06-12 21:13:09 -0400
Remove spurious debugging message.


svn:r15176
2008-06-13 01:13:12 +00:00
Nick Mathewson
617843988c r16215@tombo: nickm | 2008-06-12 18:39:03 -0400
Implement code to manually force the OpenSSL client cipher list to match the one recommended in proposal 124, *even if* we do not know all those ciphers.  This is a bit of a kludge, but it is at least decently well commented.


svn:r15173
2008-06-12 22:39:13 +00:00
Nick Mathewson
d0a4ad3a1c r16127@tombo: nickm | 2008-06-10 14:03:01 -0400
Improved code for counting clients by country: support recording by number of directory status requests in addition to number of IPs seen.


svn:r15097
2008-06-10 18:08:56 +00:00
Nick Mathewson
ae2d022f0c Remov unused macro in crypto.c
svn:r14950
2008-06-04 18:41:08 +00:00
Nick Mathewson
61ac80a914 Ouch. We were sometimes getting openssl compression by default. This is pointless for us, since the overwhelming majority of our cells are encrypted, full of compressed data, or both. This is also harmful, since doing piles of compression is not cheap. Backport candidate once more tested.
svn:r14830
2008-05-29 14:39:56 +00:00
Nick Mathewson
ac330d9ba7 New code to implement proposal for local geoip stats. Only enabled with --enable-geoip-stats passed to configure.
svn:r14802
2008-05-29 02:29:35 +00:00
Nick Mathewson
da67500336 If the user has an openssl that supports my "release buffer ram" patch, use it.
svn:r14671
2008-05-19 18:13:00 +00:00
Nick Mathewson
09cd8fa371 r19795@catbus: nickm | 2008-05-16 14:54:24 -0400
Rename tor_addr_t manipulation functions for a consistent style.


svn:r14639
2008-05-16 19:19:49 +00:00
Nick Mathewson
b7a80920e2 r15558@tombo: nickm | 2008-05-09 04:35:12 -0400
New (temporary) tool to dump the modulus of a key.  May help with a project of weasel's.


svn:r14580
2008-05-09 08:35:38 +00:00
Nick Mathewson
1823c45a71 r19613@catbus: nickm | 2008-05-05 19:57:06 -0400
Log correct openssl buf capacity when using my sooper sekrit buffer hack.  This will help test the aforementioned ssbh.


svn:r14567
2008-05-05 23:57:17 +00:00
Roger Dingledine
a364592ca0 make check-spaces wants a newline at the end of tortls
svn:r14508
2008-04-29 19:51:38 +00:00
Nick Mathewson
05b184de01 r15304@tombo: nickm | 2008-04-23 16:31:40 -0400
Forward-port: I had apparently broken OSX and Freebsd by not initializing threading before we initialize the logging system.  This patch should do so, and fix bug 671.


svn:r14430
2008-04-23 20:32:31 +00:00
Nick Mathewson
299014b2c7 r15251@tombo: nickm | 2008-04-22 11:59:46 -0400
On platforms using pthreads, allow a thread to acquire a lock it already holds.  This is crucial for logging: otherwise any log message thrown from inside the logging process (especially from control.c) will deadlock.  Win32 CriticalSections are already recursive.  Bug spotted by nwf.  Bugfix on 0.2.0.16-alpha.  Backport candidate. I hope this is portable.


svn:r14406
2008-04-22 15:59:59 +00:00
Nick Mathewson
b927ede48c r15161@31-33-107: nickm | 2008-04-10 11:11:58 -0400
Make dumpstats() log the size and fullness of openssl-internal buffers, so I can test my hypothesis that many of them are empty, and my alternative hypothesis that many of them are mostly empty, against the null hypothesis that we really need to be burning 32K per open OR connection on this.


svn:r14350
2008-04-10 15:12:24 +00:00
Nick Mathewson
20cf4d1f09 r19283@catbus: nickm | 2008-04-09 21:44:18 -0400
The optimist calls the glass half full.  The pessimist calls it half empty.  The engineer says it is twice as large as it needs to be.  In this case, the engineer says that the default smartlist size is twice as large as it needs to be and wouldn't it be nice to save half a megabyte with a one-line patch?


svn:r14341
2008-04-10 01:44:23 +00:00
Nick Mathewson
cc7a8a63b1 r15120@tombo: nickm | 2008-04-08 18:01:58 -0400
Add very short 0.2.1.x list based on discussion from arma. needs fleshing out and merging with other lists.


svn:r14324
2008-04-08 22:02:08 +00:00
Nick Mathewson
98aea7186c r19249@catbus: nickm | 2008-04-08 14:04:02 -0400
Oops. Fix one last memarea freelist bug.


svn:r14322
2008-04-08 18:04:05 +00:00
Nick Mathewson
a725d5da5e r19247@catbus: nickm | 2008-04-08 13:50:01 -0400
Fix behavior of memarea freelists.


svn:r14321
2008-04-08 17:50:03 +00:00
Nick Mathewson
f8bacfd724 r19245@catbus: nickm | 2008-04-08 13:33:27 -0400
Oops. It turns out that there are some subtle differences between >= and <.


svn:r14320
2008-04-08 17:33:29 +00:00
Nick Mathewson
31153d6374 r19243@catbus: nickm | 2008-04-08 13:28:59 -0400
Use a freelist to hold a few recent memarea chunks.  We do a kazillion memarea allocs and frees; that cant be good for us.


svn:r14319
2008-04-08 17:29:05 +00:00
Nick Mathewson
a627407fcb r19233@catbus: nickm | 2008-04-08 13:06:34 -0400
When we remove old routers, use Bloom filters rather than a digestmap-based set in order to tell which ones we absolutely need to keep.  This will save us roughly a kazillion little short-lived allocations for hash table entries.


svn:r14318
2008-04-08 17:06:41 +00:00
Nick Mathewson
2d68487e7f r19229@catbus: nickm | 2008-04-07 12:28:22 -0400
Add a new SMARTLIST_FOREACH_JOIN macro to iterate through two sorted lists in lockstep.  This happens at least 3 times in the code so far, and is likely to happen more in the future.  Previous attempts to do so proved touchy, tricky, and error-prone: now, we only need to get it right in one place.


svn:r14309
2008-04-07 16:28:34 +00:00
Nick Mathewson
4c04b7f4f6 r19201@catbus: nickm | 2008-04-04 14:23:19 -0400
Better macro documentation


svn:r14298
2008-04-04 21:18:51 +00:00
Peter Palfrader
9d132fbde6 Add --hush switch.
New --hush command-line option similar to --quiet.  While --quiet disables all
logging to the console on startup, --hush limits the output to messages of
warning and error severity.


svn:r14222
2008-03-27 17:25:49 +00:00
Nick Mathewson
02acee891c r19089@catbus: nickm | 2008-03-27 11:05:23 -0400
Free some static hashtables and the log mutex on exit. Backport candidate.


svn:r14212
2008-03-27 15:05:28 +00:00
Roger Dingledine
e9221f4a0d fix a leak when adding a temp log
svn:r14203
2008-03-26 18:59:45 +00:00
Roger Dingledine
8dfccf6145 fix mem leak in parsing log config lines
svn:r14202
2008-03-26 18:36:46 +00:00
Nick Mathewson
e8cc756c13 r19072@catbus: nickm | 2008-03-26 13:50:24 -0400
Add code to debug memory area size.  Use results of this code to set a couple of area sizes more sanely.


svn:r14201
2008-03-26 17:50:27 +00:00
Nick Mathewson
762d82cf74 r19062@catbus: nickm | 2008-03-26 12:56:25 -0400
Fix whitespace


svn:r14197
2008-03-26 16:56:37 +00:00
Nick Mathewson
e4ebe3409e r19049@catbus: nickm | 2008-03-26 12:33:25 -0400
Add new stacklike, free-all-at-once memory allocation strategy.  Use it when parsing directory information.  This helps parsing speed, and may well help fragmentation some too.  hidden-service-related stuff still uses the old tokenizing strategies.


svn:r14194
2008-03-26 16:33:33 +00:00
Nick Mathewson
df6b256bc0 r19041@catbus: nickm | 2008-03-25 16:20:42 -0400
More unit tests to improve coverage.


svn:r14185
2008-03-25 20:20:45 +00:00
Nick Mathewson
41deb5cd7b r19039@catbus: nickm | 2008-03-25 12:15:58 -0400
Add some unit tests, particularly for AES counter mode.


svn:r14180
2008-03-25 16:16:05 +00:00
Roger Dingledine
901e2ad04b correct a confusing log message
svn:r14165
2008-03-24 18:37:52 +00:00
Nick Mathewson
b5b77f8bf3 r19004@catbus: nickm | 2008-03-21 15:18:43 -0400
Use RAND_poll() again: the bug that made us stop using it has been fixed.


svn:r14150
2008-03-21 19:18:57 +00:00
Nick Mathewson
7dd78f1576 r18929@catbus: nickm | 2008-03-18 12:08:16 -0400
Detect errors from directory listing correctly on win32.  Bug found by lodger.


svn:r14102
2008-03-18 16:08:49 +00:00
Nick Mathewson
199d65d059 r18927@catbus: nickm | 2008-03-18 11:11:49 -0400
Combine common code in set_max_file_descriptors(): all that varies from platform to platform in the no-getrlimit() case is the connection limit and the platform name.


svn:r14101
2008-03-18 15:11:52 +00:00
Nick Mathewson
fba2599680 r18923@catbus: nickm | 2008-03-18 11:01:22 -0400
Add missing typecasts to log message  in set_max_file_descriptors to tell gcc everything is okay on windows.  Fixes bug 630.


svn:r14099
2008-03-18 15:01:36 +00:00
Nick Mathewson
05f5d778a2 r18919@catbus: nickm | 2008-03-18 10:53:38 -0400
Forward-port bug 622 fix as diagnosed by lodger.


svn:r14096
2008-03-18 14:53:41 +00:00
Nick Mathewson
ea6f636e94 r18890@catbus: nickm | 2008-03-17 13:19:29 -0400
Clarify documentation for file_status a little


svn:r14079
2008-03-17 17:21:09 +00:00
Peter Palfrader
0cccf7375b And use 16k pages on ia64. Maybe this should be a configure thing
svn:r14073
2008-03-17 09:46:18 +00:00
Nick Mathewson
2ed4b818cb r18878@catbus: nickm | 2008-03-17 00:11:02 -0400
Clean up an overwide line.


svn:r14072
2008-03-17 04:11:05 +00:00
Nick Mathewson
bd547e3cfc r18861@catbus: nickm | 2008-03-16 23:22:56 -0400
Fix a couple of bugs in setting control log callback severity.


svn:r14065
2008-03-17 03:37:52 +00:00
Nick Mathewson
0b941640df r18852@catbus: nickm | 2008-03-16 22:47:19 -0400
Downgrade "sslv3 alert handshake failure" message to info.


svn:r14057
2008-03-17 02:47:49 +00:00
Nick Mathewson
b29f763ee1 r18850@catbus: nickm | 2008-03-16 22:35:38 -0400
Use 8k pages in openbsd malloc code on alpha. Bug and solution found by weasel.  Also, when initializing openbsd malloc code, check that compiled page size matches output of getpagesize().


svn:r14056
2008-03-17 02:47:40 +00:00
Nick Mathewson
46155aca17 r18804@catbus: nickm | 2008-03-13 18:18:31 -0400
Refactor log domain mask code so that nobody outside of log.c has to use SEVERITY_MASK_IDX.  It is error-prone.


svn:r14016
2008-03-13 22:18:38 +00:00
Nick Mathewson
d928e5685f r18803@catbus: nickm | 2008-03-13 17:59:25 -0400
Fix behavior of switch_logs_debug() in trunk.  Fixes bug 626. Bugfix on r13875.


svn:r14015
2008-03-13 22:18:36 +00:00
Nick Mathewson
0c6fc51909 r18793@catbus: nickm | 2008-03-13 14:09:19 -0400
Add a malloc_good_size() implementation to OpenBSD_malloc_Linux.c.  Also, make configure.in not use support functions for the platform malloc when we are not using the platform mallocs.


svn:r14010
2008-03-13 18:11:33 +00:00
Peter Palfrader
e6b2d119e8 Assert that severity in logv() is sane. Interesting effects otherwise (It is being used as an array index)
svn:r14006
2008-03-13 16:56:14 +00:00
Nick Mathewson
cad3d651d0 r18783@catbus: nickm | 2008-03-13 11:06:45 -0400
Oops, do a better fix for that.


svn:r14001
2008-03-13 15:06:49 +00:00
Nick Mathewson
ac6cc43047 r18781@catbus: nickm | 2008-03-13 11:00:51 -0400
Have OpenBSD_malloc_Linux.c use SIZE_T_MAX from torint.h, instead of checking cpu macros.  There is always one more cpu you havent checked for.


svn:r14000
2008-03-13 15:06:26 +00:00
Peter Palfrader
3a92e3f15f I wonder what the DISGARD service is
svn:r13999
2008-03-13 14:09:01 +00:00
Nick Mathewson
11e464c331 r18753@catbus: nickm | 2008-03-11 14:56:39 -0400
Make some assert()s into tor_assert()s.  Make some tor_assert()s called from logging into assert()s, and document why.


svn:r13977
2008-03-11 18:56:41 +00:00
Nick Mathewson
4d32c2e81f r18751@catbus: nickm | 2008-03-11 14:22:43 -0400
Fix for bug 614: always look at the network BIO for the SSL object, not at the buffering BIO (if one exists because we are renegotiating or something).  Bugfix on 0.1.2.x, oddly enough, though it should be impossible to trigger the problem there.  Backport candidate.  See comments in tortls.c for detailed implementation note.


svn:r13975
2008-03-11 18:22:49 +00:00
Nick Mathewson
24f91d2876 r18747@catbus: nickm | 2008-03-11 13:21:25 -0400
Request client certs when renegotiating on server-side. Spotted by lodger.  Bugfix on 0.2.0.x.


svn:r13973
2008-03-11 17:21:44 +00:00
Nick Mathewson
7587e16796 r18639@catbus: nickm | 2008-03-07 20:11:48 -0500
Change semantics of add-a-log functions to copy severity setup: that is way less error-prone.  Fix up config.c to act accordingly.


svn:r13888
2008-03-08 01:11:54 +00:00
Nick Mathewson
2675276618 r18638@catbus: nickm | 2008-03-07 20:11:15 -0500
Fix typo in tortls.c comment.


svn:r13887
2008-03-08 01:11:52 +00:00
Nick Mathewson
f56ba5f3d6 r18630@catbus: nickm | 2008-03-05 17:31:33 -0500
Implement domain-selection for logging.  Source is documented; needs documentation in manpage (maybe).  For now, see doxygen comment on parse_log_severity_config in log.c


svn:r13875
2008-03-05 22:31:39 +00:00
Nick Mathewson
77d1654c50 r18535@catbus: nickm | 2008-03-01 09:58:33 -0500
Whoo.  People diagnosed and fixed bug 616. See changelog for details.  Bugfix on 0.2.0.20-rc.


svn:r13793
2008-03-01 14:59:03 +00:00
Roger Dingledine
04efc74e18 be a little bit more helpful than "Error reading directory."
make a note to try to be more helpful still.


svn:r13776
2008-02-28 21:37:39 +00:00
Nick Mathewson
d14f8f2547 r14516@tombo: nickm | 2008-02-27 03:10:26 -0500
Write some unit tests for a few functions and cases that needed them.


svn:r13751
2008-02-27 08:10:28 +00:00
Roger Dingledine
e7f3d6f76c fix most of pnx's warnings on irix64
svn:r13706
2008-02-24 23:39:53 +00:00
Nick Mathewson
3452486ac6 r14422@tombo: nickm | 2008-02-24 17:09:56 -0500
Whitespace fixes


svn:r13700
2008-02-24 22:11:18 +00:00
Roger Dingledine
a0bc80bbf8 <weasel> tortls.c: In function `tor_tls_client_is_using_v2_ciphers':
<weasel> tortls.c:634: warning: passing arg 1 of `SSL_get_session' discards
qualifiers from pointer target type

Nick, see if you like this patch.


svn:r13690
2008-02-24 00:35:20 +00:00
Nick Mathewson
e7db789e82 r14399@tombo: nickm | 2008-02-22 14:09:38 -0500
More 64-to-32 fixes. Partial backport candidate. still not done.


svn:r13680
2008-02-22 19:09:45 +00:00
Nick Mathewson
031c212776 r18360@catbus: nickm | 2008-02-21 22:26:32 -0500
Make torint.h define ssize_t more robustly; add spaces to last patch


svn:r13670
2008-02-22 03:26:35 +00:00
Nick Mathewson
688b7ddf83 r18358@catbus: nickm | 2008-02-21 22:21:57 -0500
Remove extraneous commas in compat.c


svn:r13669
2008-02-22 03:23:20 +00:00
Nick Mathewson
6a1e0c2373 r18356@catbus: nickm | 2008-02-21 21:54:55 -0500
Remove redundant check from container.c that gcc 4.2 didnt like


svn:r13668
2008-02-22 02:55:02 +00:00
Nick Mathewson
b21a122ef6 r14379@tombo: nickm | 2008-02-21 17:14:24 -0500
Enable v2 handshakes.


svn:r13666
2008-02-21 22:14:32 +00:00
Nick Mathewson
69300eb606 r14374@tombo: nickm | 2008-02-21 16:57:39 -0500
Fix all remaining shorten-64-to-32 errors in src/common.  Some were genuine problems.  Many were compatibility errors with libraries (openssl, zlib) that like predate size_t.  Partial backport candidate.


svn:r13665
2008-02-21 21:57:47 +00:00
Nick Mathewson
b375472d14 r14373@tombo: nickm | 2008-02-21 16:29:18 -0500
Apply warnings about implicit 64-to-32 conversions; some from Sebastian Hahn; some not.


svn:r13664
2008-02-21 21:57:42 +00:00
Roger Dingledine
1cd90948ab maybe appease the overflow detectors more
svn:r13663
2008-02-21 21:56:04 +00:00
Nick Mathewson
daefbfe691 r14371@tombo: nickm | 2008-02-21 16:13:18 -0500
Fix all -Wshorten-64-to-32 warnings that appear on my macbook.


svn:r13662
2008-02-21 21:15:31 +00:00
Nick Mathewson
5c03f82a65 r18345@catbus: nickm | 2008-02-21 13:45:04 -0500
Do the last part of arma's fix for bug 437: Track the origin of every addrmap, and use this info so we can remove all the trackhostexits-originated mappings for a given exit.


svn:r13660
2008-02-21 18:45:11 +00:00
Nick Mathewson
e2f25558b9 r14362@31-33-219: nickm | 2008-02-21 11:01:10 -0500
Change some of our log messages related to closed TLS connections in order to better reflect reality.


svn:r13657
2008-02-21 16:11:58 +00:00
Nick Mathewson
8b1789c71f r18336@catbus: nickm | 2008-02-21 09:33:15 -0500
Patch from Sebastian Hahn: remove obsolete timeval manipulation functions.


svn:r13653
2008-02-21 14:33:20 +00:00
Roger Dingledine
b3c0d066e5 other cleanups that have been sitting in my sandbox
svn:r13649
2008-02-21 09:01:32 +00:00
Roger Dingledine
b28a342e35 resolve one more, and leave two for nick.
svn:r13644
2008-02-21 05:53:50 +00:00
Nick Mathewson
063ced8903 r18296@catbus: nickm | 2008-02-20 23:30:11 -0500
Answer one xxx020 item; move 7 other ones to a new "XXX020rc" category: they should get fixed before we cut a release candidate. arma: please review these to see whether you have fixes/answers for any. Please check out the other 14 XXX020s to see if any look critical for the release candidate.


svn:r13640
2008-02-21 04:30:14 +00:00
Nick Mathewson
47e6247673 r18294@catbus: nickm | 2008-02-20 22:42:44 -0500
Fix a spelling error and clean up a recent veracode-induced integer overflow check.  Both spotted by Chris Palmer.


svn:r13639
2008-02-21 03:42:56 +00:00
Nick Mathewson
1df0647c66 r18291@catbus: nickm | 2008-02-20 22:35:32 -0500
Resolve all DOCDOC issues, and document some other undocumented code, and fix a changelog entry.


svn:r13638
2008-02-21 03:38:46 +00:00
Nick Mathewson
7b022eda9c r18290@catbus: nickm | 2008-02-20 22:34:59 -0500
Correct handling of nested MAP_FOREACH loops.  There are none of those ATM, but isn't it nice that now they'll be correct?


svn:r13637
2008-02-21 03:38:44 +00:00
Nick Mathewson
93aa335516 r18269@catbus: nickm | 2008-02-20 17:28:24 -0500
Apply patch from Sebastian Hahn: stop imposing an arbitrary maximum on the number of file descriptors used for busy servers.  Bug reported by Olaf Selke.


svn:r13626
2008-02-20 22:28:26 +00:00
Nick Mathewson
b30c1637bd One last tweak on debugging code.
svn:r13621
2008-02-20 17:30:00 +00:00
Nick Mathewson
88efec10a2 r18256@catbus: nickm | 2008-02-20 11:57:31 -0500
Simplify rounding logic in bitarray; fix a bug in bitarray_expand().


svn:r13619
2008-02-20 16:57:41 +00:00
Nick Mathewson
0399538b90 r18233@catbus: nickm | 2008-02-19 18:46:07 -0500
Count sockets returned from socketpair() too.  This is probably not the socket counting bug.


svn:r13600
2008-02-19 23:46:08 +00:00
Nick Mathewson
42c4670e27 r18230@catbus: nickm | 2008-02-19 18:29:43 -0500
Add a few asserts to catch possible errors found by veracode.


svn:r13598
2008-02-19 23:29:45 +00:00
Nick Mathewson
dbcf29d301 r18228@catbus: nickm | 2008-02-19 18:05:53 -0500
Chris Palmer notes that almost nobody is using smartlist_set_capacity().  Chris Palmer is right.  Remove this basically pointless function.


svn:r13596
2008-02-19 23:05:56 +00:00
Nick Mathewson
9479dd3768 r18226@catbus: nickm | 2008-02-19 18:01:01 -0500
Brown-paper-bag time.  We were failing to count all the sockets from accept().


svn:r13595
2008-02-19 23:01:07 +00:00
Nick Mathewson
632c035ad9 r18221@catbus: nickm | 2008-02-19 17:46:16 -0500
New debugging code to figure out what is happending with socket counts.


svn:r13593
2008-02-19 22:46:19 +00:00
Nick Mathewson
4ccffd7aea r18218@catbus: nickm | 2008-02-19 17:27:40 -0500
When SafeLogging is off, have TLS errors and messages logged with their associated addresses.


svn:r13591
2008-02-19 22:27:44 +00:00
Nick Mathewson
749735215b r18208@catbus: nickm | 2008-02-19 17:02:30 -0500
Add some checks in torgzip.c to make sure we never overflow size_t there.  Also make sure we do not realloc(list,0) in container.c.  Backport candidate.


svn:r13587
2008-02-19 22:05:49 +00:00
Roger Dingledine
d61835a4ba clean up the socket counting thing. third time's a charm.
svn:r13581
2008-02-19 19:48:07 +00:00
Nick Mathewson
f4dc006fb5 r18198@catbus: nickm | 2008-02-19 14:30:30 -0500
Try to *fix* the socket counting problem, and add an info log to detect whether we really fixed it


svn:r13580
2008-02-19 19:30:41 +00:00
Roger Dingledine
ab4d3888e4 hunt for killerchicken's socket counting problem
svn:r13578
2008-02-19 19:27:55 +00:00
Nick Mathewson
5d069a543b r18138@catbus: nickm | 2008-02-18 13:13:18 -0500
Try to make conditional include logic for openbsd malloc not warn on arma's computer. May fix bug 610.


svn:r13557
2008-02-18 18:14:32 +00:00
Nick Mathewson
4c1e4821d2 r18123@catbus: nickm | 2008-02-17 14:08:45 -0500
Fix capitalization error


svn:r13545
2008-02-17 19:09:02 +00:00
Nick Mathewson
a8b371c333 r14238@tombo: nickm | 2008-02-17 14:03:44 -0500
Add openbsd memory allocator discussed in bug 468, to make it easier for linux users to get non-awful allocation patterns.  Use --enable-openbsd-malloc to turn it on.  Needs more testing.


svn:r13544
2008-02-17 19:03:49 +00:00
Nick Mathewson
24e8e1fb36 r14185@tombo: nickm | 2008-02-15 18:05:54 -0500
Replace the hefty tor_strpartition with a simple function to replace its only (trivial) use.


svn:r13532
2008-02-15 23:39:14 +00:00
Nick Mathewson
ca4eb987c8 r14182@tombo: nickm | 2008-02-15 17:20:51 -0500
Defer, downgrade, or address more XXX020s.  The remaining ones are all ones we should deal with before release.


svn:r13530
2008-02-15 23:39:08 +00:00
Nick Mathewson
418c2e1b6b r14181@tombo: nickm | 2008-02-15 16:48:17 -0500
Fix all but 2 DOCDOC items; defer many XXX020s (particularly those where fixing them would fix no bugs at the risk of introducing some bugs).


svn:r13529
2008-02-15 23:39:04 +00:00
Roger Dingledine
740097a65e We were leaking a file descriptor if Tor started with a zero-length
cached-descriptors file. Patch by freddy77; bugfix on 0.1.2.


svn:r13488
2008-02-13 07:23:37 +00:00
Nick Mathewson
f3eaeb99a3 r18051@catbus: nickm | 2008-02-12 15:20:43 -0500
Re-tune mempool parametes based on testing on peacetime: use smaller chuncks, free them a little more aggressively, and try very hard to concentrate allocations on fuller chunks.  Also, lots of new documentation.


svn:r13484
2008-02-12 20:20:52 +00:00
Roger Dingledine
587a57fdef fix the compile
svn:r13480
2008-02-12 04:50:53 +00:00
Nick Mathewson
a9f1fb20d7 r18045@catbus: nickm | 2008-02-11 23:48:54 -0500
oops.  Not *quite* ready, just yet, maybe.  Do not turn the TLS client handshake on by mistake _again_.


svn:r13479
2008-02-12 04:48:59 +00:00
Nick Mathewson
aace52320c r18041@catbus: nickm | 2008-02-11 23:43:18 -0500
Make version negotiation and handshaking messages more useful and accurate.


svn:r13477
2008-02-12 04:43:25 +00:00
Nick Mathewson
5ced3fd790 r18036@catbus: nickm | 2008-02-11 23:36:38 -0500
Make a couple of messages less noisy


svn:r13476
2008-02-12 04:37:13 +00:00
Nick Mathewson
bc4d6515fc r14111@tombo: nickm | 2008-02-10 20:52:19 -0500
"0 bytes in 1 empty chunks" is hardly likely.


svn:r13463
2008-02-11 01:52:24 +00:00
Roger Dingledine
f882a2fc5e tweak
svn:r13443
2008-02-09 10:45:49 +00:00
Roger Dingledine
509d2912dc doxygen and other cleanups
svn:r13440
2008-02-09 03:11:10 +00:00
Nick Mathewson
f27a368265 r17987@catbus: nickm | 2008-02-08 17:01:56 -0500
Remove spurious log stmt


svn:r13432
2008-02-08 22:01:59 +00:00
Nick Mathewson
de827f89df r14062@tombo: nickm | 2008-02-08 15:17:07 -0500
Change DNs in x509 certificates to be harder to fingerprint.  Raise common code.  Refactor random hostname generation into crypto.c


svn:r13429
2008-02-08 21:13:12 +00:00
Nick Mathewson
809227a121 r14061@tombo: nickm | 2008-02-08 14:30:42 -0500
Add a couple of (currently disabled) strategies for trying to avoid using too much ram in memory pools: prefer putting new cells in almost-full chunks, and be willing to free the last empty chunk if we have not needed it for a while.  Also add better output to mp_pool_log_status to track how many mallocs a given memory pool strategy is saving us, so we can tune the mempool parameters.


svn:r13428
2008-02-08 21:13:08 +00:00
Nick Mathewson
23a9c9695b r17968@catbus: nickm | 2008-02-07 14:11:02 -0500
Clean up IPv6-testing code in test.c; resolve a bunch of XXX020s.


svn:r13425
2008-02-08 21:09:35 +00:00
Nick Mathewson
729555e1ca r17967@catbus: nickm | 2008-02-07 11:44:51 -0500
Fix some warnings identified by building with -D_FORTIFY_SOURCE=2.  Remove a redundant (and nuts) definition of _FORTIFY_SOURCE from eventdns.c.


svn:r13424
2008-02-08 21:09:29 +00:00
Nick Mathewson
b8179871a6 r17964@catbus: nickm | 2008-02-07 10:45:02 -0500
Fix bug in last patch that made secret_to_key crash.


svn:r13415
2008-02-07 16:10:36 +00:00
Nick Mathewson
eecc44dab8 r17963@catbus: nickm | 2008-02-07 10:14:25 -0500
Be more thorough about memory poisoning and clearing.  Add an in-place version of aes_crypt in order to remove a memcpy from relay_crypt_one_payload.


svn:r13414
2008-02-07 16:10:33 +00:00
Nick Mathewson
842a33ff20 Update some copyright notices: it is now 2008.
svn:r13412
2008-02-07 05:31:47 +00:00
Nick Mathewson
46b1a21dc4 r17955@catbus: nickm | 2008-02-06 16:53:07 -0500
The SSL portion of the revised handshake now seems to work: I just finally got a client and a server to negotiate versions.  Now to make sure certificate verification is really happening, connections are getting opened, etc.


svn:r13409
2008-02-06 21:53:13 +00:00
Nick Mathewson
46532d8111 r17953@catbus: nickm | 2008-02-06 15:00:44 -0500
Implement a better means for testing for renegotiation.


svn:r13408
2008-02-06 20:00:47 +00:00
Nick Mathewson
4d70094b6e r17951@catbus: nickm | 2008-02-06 14:34:13 -0500
Add more documentation; change the behavior of read_to_buf_tls to be more consistent.  Note a longstanding problem with current read/write interfaces.


svn:r13407
2008-02-06 19:34:32 +00:00
Nick Mathewson
a869574c56 r17947@catbus: nickm | 2008-02-06 11:57:53 -0500
Fix a bunch of DOCDOC items; document the --quiet flag; refactor a couple of XXXX020 items.


svn:r13405
2008-02-06 16:58:05 +00:00
Roger Dingledine
f76cdc1a61 misc small fixes
svn:r13403
2008-02-06 12:46:46 +00:00
Nick Mathewson
8366da01fb r17935@catbus: nickm | 2008-02-05 20:54:54 -0500
Add typechecking cast functions for typed digestmap variants.


svn:r13396
2008-02-06 05:31:15 +00:00
Nick Mathewson
9c7eaa7a9d r17918@catbus: nickm | 2008-02-05 16:39:17 -0500
Remove a few #if-0d items.


svn:r13392
2008-02-05 21:39:56 +00:00
Nick Mathewson
a51deb9a9c r17903@catbus: nickm | 2008-02-05 14:40:03 -0500
Remove some dead code; fix some XXX020s; turn some XXX020s into XXXX_IP6s (i.e., "needs to be fixed when we add ipv6 support").


svn:r13382
2008-02-05 19:40:26 +00:00
Nick Mathewson
ac69319d3f r17899@catbus: nickm | 2008-02-05 14:14:06 -0500
Fix a couple of XXX020 items. Also, disable all "condition" sychronization code, since Tor does not use it yet


svn:r13380
2008-02-05 19:40:19 +00:00
Nick Mathewson
3958d7b16f r17898@catbus: nickm | 2008-02-05 14:01:35 -0500
Add (and use) a MAP_DEL_CURRENT macro to augment a non-const variant of MAP_FOREACH.


svn:r13379
2008-02-05 19:40:17 +00:00
Nick Mathewson
54029559d7 Apparently, our windows code for detecting ipv6 structures has worked for a while. Remove the special-case, remove the related XXXX020s, and add useful comments instead.
svn:r13377
2008-02-05 19:36:06 +00:00
Nick Mathewson
b4ebe55d12 r13971@tombo: nickm | 2008-01-30 14:25:25 -0500
Write a new autoconf macro to test whether a function is declared. It is suboptimal and possibly buggy in some way, but it seems to work for me.  use it to test for a declaration of malloc_good_size, so we can workaround operating systems (like older OSX) that have the function in their libc but do not deign to declare it in their headers.  Should resolve bug 587.


svn:r13339
2008-01-30 19:25:31 +00:00
Nick Mathewson
c7fe633780 New macros to simplify writing loops over map key-value pairs.
svn:r13302
2008-01-26 22:49:36 +00:00
Roger Dingledine
750ed3d015 We accidentally enabled the under-development v2 TLS handshake
code, which is causing log entries like "TLS error while
renegotiating handshake". Disable it again. Resolves bug 590.


svn:r13219
2008-01-21 22:33:01 +00:00
Nick Mathewson
ddb753f87a r17717@catbus: nickm | 2008-01-21 17:09:23 -0500
Fix certificate leak.


svn:r13218
2008-01-21 22:09:42 +00:00
Nick Mathewson
4a3b7496f0 r17639@catbus: nickm | 2008-01-15 19:09:21 -0500
Fix some hard to trigger but nonetheless real memory leaks spotted by an anonymous contributor.  Needs review.  Partial backport candidate.


svn:r13147
2008-01-16 05:27:19 +00:00
Nick Mathewson
24aae484c9 r17624@catbus: nickm | 2008-01-15 00:42:01 -0500
Fixes to more anonymously-reported typos and logic errors.


svn:r13136
2008-01-15 05:57:19 +00:00
Nick Mathewson
d7fb8a34ac r17613@catbus: nickm | 2008-01-14 13:52:44 -0500
Do not segfault if symetric key generation somehow fails in crypto_hybrid_encrypt.


svn:r13132
2008-01-14 19:00:28 +00:00
Roger Dingledine
2ac1e36248 minor cleanups
svn:r13095
2008-01-10 17:54:24 +00:00
Roger Dingledine
8ba1ba7d81 <tup> tor segfaults when reading a config value that contains a malformed
escape sequence; this patch fixes it


svn:r13086
2008-01-09 18:23:28 +00:00
Nick Mathewson
becbafc9db r17491@catbus: nickm | 2008-01-07 11:50:24 -0500
Remove some dead code.


svn:r13053
2008-01-07 16:50:33 +00:00
Nick Mathewson
491298a067 r17490@catbus: nickm | 2008-01-07 11:48:02 -0500
Fix bug 582: decref the idcert when we add it to the store.


svn:r13052
2008-01-07 16:50:31 +00:00
Nick Mathewson
d73b791969 r17473@catbus: nickm | 2008-01-05 22:15:05 -0500
Add a reverse mapping from SSL to tor_tls_t*: we need this in order to do a couple of things the sensible way from inside callbacks.  Also, add a couple of missing cases in connection_or.c


svn:r13040
2008-01-06 03:16:11 +00:00
Nick Mathewson
6d58d80e78 r17472@catbus: nickm | 2008-01-05 22:10:19 -0500
Another test for the increasingly bad check-spaces style checker to check: #else\n#if is almost a sure sign of a failure to use #elif.  Fortunately, we only did that 3 times.


svn:r13039
2008-01-06 03:16:08 +00:00
Nick Mathewson
864d830598 r17471@catbus: nickm | 2008-01-05 21:47:08 -0500
Missing documentation in container.h


svn:r13038
2008-01-06 03:16:06 +00:00
Nick Mathewson
614dc52623 r17467@catbus: nickm | 2008-01-05 19:54:20 -0500
fix whitespace


svn:r13035
2008-01-06 00:54:22 +00:00
Nick Mathewson
58de695f90 r15787@tombo: nickm | 2008-01-02 01:59:07 -0500
Allow config values in quotes to contain special characters, with full C escape syntax.  With tests.  Addresses bug 557.


svn:r13021
2008-01-02 06:59:15 +00:00
Nick Mathewson
86f5180853 r15786@tombo: nickm | 2008-01-02 01:11:51 -0500
Push the strdups used for parsing configuration lines into parse_line_from_string().  This will make it easier to parse more complex value formats, which in turn will help fix bug 557


svn:r13020
2008-01-02 06:59:12 +00:00
Nick Mathewson
c0ec281565 r15784@tombo: nickm | 2008-01-02 00:38:06 -0500
Fix bug 575: protect the list of logs with a mutex.  I couldn't find any appreciable change in logging performance on osx, but ymmv. You can undef USE_LOG_MUTEX to see if stuff gets faster for you.


svn:r13019
2008-01-02 05:38:53 +00:00
Nick Mathewson
11fff225fa r15779@tombo: nickm | 2008-01-01 23:43:24 -0500
Use reference-counting to avoid allocating a zillion little addr_policy_t objects. (This is an old patch that had been sitting on my hard drive for a while.)


svn:r13017
2008-01-02 04:43:44 +00:00
Nick Mathewson
71e117e444 r15767@tombo: nickm | 2007-12-31 16:06:27 -0500
Note an unfreed cert


svn:r13008
2007-12-31 21:12:14 +00:00
Nick Mathewson
c03ef9c395 r17423@catbus: nickm | 2007-12-28 01:54:42 -0500
Fix compilation with dmalloc


svn:r12998
2007-12-28 06:54:46 +00:00
Nick Mathewson
0c8142e981 r15691@tombo: nickm | 2007-12-25 18:13:54 -0500
New, slightly esoteric function, tor_malloc_roundup().  While tor_malloc(x) allocates x bytes, tor_malloc_roundup(&x) allocates the same size of chunk it would use to store x bytes, and sets x to the usable size of that chunk.


svn:r12981
2007-12-26 00:12:01 +00:00
Roger Dingledine
1d8a8063b9 clean up copyrights, and assign 2007 copyrights to The Tor Project, Inc
svn:r12786
2007-12-12 21:09:01 +00:00
Nick Mathewson
bd49bba49e r17091@catbus: nickm | 2007-12-11 18:05:55 -0500
Fix compilation when --disable-threads is passed in.


svn:r12768
2007-12-11 23:06:51 +00:00
Nick Mathewson
25a8744d9c r15223@tombo: nickm | 2007-12-07 23:41:21 -0500
Aaand, do the code to enable the client side of the new TLS handshake.  There are some loose ends that need tying up in connection_or, and a lot of half-baked code to remove, and some special cases to test for, and lots and lots of testing to do, but that is what weekends are for.


svn:r12721
2007-12-08 04:41:34 +00:00
Nick Mathewson
f948caad7b r15161@tombo: nickm | 2007-12-05 11:30:37 -0500
Fix bug reported by Steve Murphy on or-talk: detect the s6_addr32 and s6_addr16 fields via autoconf.


svn:r12679
2007-12-05 16:30:52 +00:00
Nick Mathewson
593ab7e808 r15106@tombo: nickm | 2007-12-04 00:08:35 -0500
Change tor_addr_t to be a tagged union of in_addr and in6_addr, not of sockaddr_in and sockaddr_in6.  It's hardly used in the main code as it is, but let's get it right before it gets popular.


svn:r12660
2007-12-04 05:19:56 +00:00
Nick Mathewson
f4e228f849 r16919@catbus: nickm | 2007-12-03 12:59:02 -0500
Add DHE-RSA-AES256-SHA to the list of ciphers encountered from v1 connections.


svn:r12652
2007-12-03 17:59:32 +00:00
Nick Mathewson
d8ad247dfd r15088@tombo: nickm | 2007-11-30 23:47:29 -0500
Add support to get a callback invoked when the client renegotiate a connection.  Also, make clients renegotiate.  (not enabled yet, until they detect that the server acted like a v2 server)


svn:r12623
2007-12-01 08:09:48 +00:00
Nick Mathewson
1789f94668 r15087@tombo: nickm | 2007-11-30 22:32:26 -0500
Start getting freaky with openssl callbacks in tortls.c: detect client ciphers, and if the list doesn't look like the list current Tors use, present only a single cert do not ask for a client cert. Also, support for client-side renegotiation.  None of this is enabled unless you define V2_HANDSHAKE_SERVER.


svn:r12622
2007-12-01 08:09:46 +00:00
Nick Mathewson
6fe70f4c69 r16879@catbus: nickm | 2007-11-30 14:07:05 -0500
Log *useful* information from dmalloc.  (Unfreed pointers, not total of freed and unfreed).


svn:r12616
2007-11-30 19:07:11 +00:00
Roger Dingledine
fa2c3a73e4 make dmalloc 5.4.2 work again too
svn:r12615
2007-11-30 19:02:56 +00:00
Nick Mathewson
ac82d81538 r16874@catbus: nickm | 2007-11-30 13:11:09 -0500
When using dmalloc, dump the top ten memory consumers to the _DMALLOC_ logfile when we get a SIGUSR1.  Hint: it is not what you would think.


svn:r12613
2007-11-30 18:11:26 +00:00
Roger Dingledine
188cb920d0 cleanups while i was trying to figure out how it worked
svn:r12612
2007-11-30 17:23:46 +00:00
Roger Dingledine
7f12ebc3fa cleanups on r12579
svn:r12580
2007-11-27 21:17:43 +00:00
Nick Mathewson
d483d3144a r16669@catbus: nickm | 2007-11-14 14:50:03 -0500
When we complete an OR handshake, set up all the internal fields and mark the connection as open.


svn:r12495
2007-11-14 20:01:12 +00:00
Nick Mathewson
e0b9c893bc r16573@catbus: nickm | 2007-11-08 11:57:16 -0500
Mess with the formula for the Guard flag again.  Now it requires that you be in the most familiar 7/8 of nodes, and have above median wfu for that 7/8th.  See spec for details.  Also, log thresholds better.


svn:r12440
2007-11-08 16:58:59 +00:00
Nick Mathewson
0e993e6008 r16523@catbus: nickm | 2007-11-07 11:35:49 -0500
Improve "tls error. breaking" message a little.


svn:r12411
2007-11-07 16:37:08 +00:00
Roger Dingledine
7b826f8fe4 a note from steven about how to set up a private test network
without link encryption.


svn:r12410
2007-11-07 15:33:14 +00:00
Nick Mathewson
e047f7f865 r16455@catbus: nickm | 2007-11-06 12:48:00 -0500
Parse CERT cells and act correctly when we get them.


svn:r12396
2007-11-06 18:00:07 +00:00
Nick Mathewson
512d3b161c r16450@catbus: nickm | 2007-11-06 09:18:11 -0500
Fix compile on sparc64


svn:r12394
2007-11-06 14:19:14 +00:00
Nick Mathewson
85654f4ab9 r16432@catbus: nickm | 2007-11-05 14:18:57 -0500
Send and parse link_auth cells properly.


svn:r12386
2007-11-05 19:19:46 +00:00
Nick Mathewson
12afd4777c r16413@catbus: nickm | 2007-11-05 13:14:18 -0500
Add functions to encode certificates


svn:r12384
2007-11-05 18:15:54 +00:00
Nick Mathewson
323490303e r16412@catbus: nickm | 2007-11-05 11:45:17 -0500
Make TLS contexts reference-counted, and add a reference from TLS objects to their corresponding context.  This lets us reliably get the certificates for a given TLS connection, even if we have rotated TLS contexts.


svn:r12383
2007-11-05 18:15:52 +00:00
Nick Mathewson
ea1bea5830 r16411@catbus: nickm | 2007-11-05 11:27:37 -0500
Remember X509 certificates in the context.  Store peer/self certificate digests in handshake state.


svn:r12382
2007-11-05 18:15:50 +00:00
Nick Mathewson
22c31d91ab r16410@catbus: nickm | 2007-11-05 10:54:29 -0500
Code to remember client_random and server_random values, and to compute hmac using TLS master secret.


svn:r12381
2007-11-05 18:15:47 +00:00
Nick Mathewson
c217be996d r14677@tombo: nickm | 2007-11-03 15:16:27 -0400
Add a smartlist_bsearch_idx function that gives more useful output than regular bsearch for the value-not-found case.


svn:r12360
2007-11-03 20:12:38 +00:00
Nick Mathewson
3a6287615b r16367@catbus: nickm | 2007-11-02 13:13:15 -0400
Space fixes.


svn:r12345
2007-11-02 17:16:34 +00:00
Nick Mathewson
dfc689bda2 r14652@tombo: nickm | 2007-11-02 12:02:13 -0400
If setting our rlimit to rlim_max or cap fails, fall back to OPEN_FILES if defiled.  This makes Tor run on OSX 10.5, while allowing OSX to mend its ways in the future.


svn:r12341
2007-11-02 16:02:26 +00:00
Nick Mathewson
e76581f97e r14647@tombo: nickm | 2007-11-02 10:48:37 -0400
Use rlim_t instead of unsigned long to manipulate rlimit values.


svn:r12339
2007-11-02 14:50:37 +00:00
Nick Mathewson
7712ddf8e7 r16317@catbus: nickm | 2007-10-31 23:52:52 -0400
Use HMAC() function from openssl. Oops.


svn:r12304
2007-11-01 03:56:17 +00:00
Nick Mathewson
5da5d2bd79 r16302@catbus: nickm | 2007-10-31 16:45:16 -0400
Clean spaces.


svn:r12301
2007-10-31 20:48:10 +00:00
Nick Mathewson
17266cc44a r16287@catbus: nickm | 2007-10-31 00:53:53 -0400
HMAC-SHA-1 implementation, with unit tests based on vectors from RVFC2202.  Steven's stuff will need this.


svn:r12289
2007-10-31 04:56:59 +00:00
Nick Mathewson
7e80640b97 r16285@catbus: nickm | 2007-10-30 17:43:25 -0400
Implement (but do not enable) link connection version negotiation


svn:r12286
2007-10-30 21:46:02 +00:00
Nick Mathewson
c0c2001a5b r16279@catbus: nickm | 2007-10-30 11:14:29 -0400
Improved skew reporting:  "You are 365 days in the duture" is more useful than "You are 525600 minutes in the future".  Also, when we get something that proves we are at least an hour in the past, tell the controller "CLOCK_SKEW MIN_SKEW=-3600" rather than just "CLOCK_SKEW"


svn:r12283
2007-10-30 15:17:07 +00:00
Nick Mathewson
7da93b80ca r16159@catbus: nickm | 2007-10-25 12:53:38 -0400
Drop support for OpenSSL 0.9.6.


svn:r12191
2007-10-25 16:54:56 +00:00
Nick Mathewson
4750c46aea r16128@catbus: nickm | 2007-10-24 22:52:16 -0400
Fix windows mmap changes.


svn:r12171
2007-10-25 02:53:24 +00:00
Nick Mathewson
99d72f7295 r16100@catbus: nickm | 2007-10-24 11:33:52 -0400
Make tor_mmap_file() set and preserve errno in a useful way.


svn:r12153
2007-10-24 15:45:42 +00:00
Nick Mathewson
42172829ce r16016@catbus: nickm | 2007-10-21 20:44:19 -0400
Check a platform assumption we have made without checking for too long: "Characters are represented in ascii."


svn:r12088
2007-10-22 00:44:42 +00:00
Nick Mathewson
722c7bdff4 r15997@catbus: nickm | 2007-10-21 20:25:40 -0400
New code (disabled for now) to use the SSL context's cert store instead of using its "extra chain cert" list to get our identity certificate sent.  This is a little close to what OpenSSL expects people to do, and it has the advantage that we should be able to keep the id cert from being sent by setting the NO_CHAIN_CERT bit.  I have tried turning new code on, and it seemed to work fine.


svn:r12086
2007-10-22 00:26:02 +00:00
Nick Mathewson
9f93d48697 r15989@catbus: nickm | 2007-10-20 19:48:29 -0400
Fix implementation of sdmap_size and rimap_size() and eimap_size().  Nobody was using them, so no backport needed.


svn:r12068
2007-10-20 23:48:35 +00:00
Nick Mathewson
b0a18d1bfa r15967@catbus: nickm | 2007-10-19 14:14:47 -0400
Change meaning of "freefn" argument to smartlist_uniq so that we can remove duplicates from a list without freeing them.


svn:r12053
2007-10-19 18:56:28 +00:00
Nick Mathewson
e3113502ad r15882@catbus: nickm | 2007-10-17 15:23:05 -0400
oprofile was telling me that a fair bit of our time in openssl was spent in base64_decode, so replace base64_decode with an all-at-once fairly optimized implementation.  For decoding keys and digests, it seems 3-3.5x faster than calling out to openssl.  (Yes, I wrote it from scratch.)


svn:r12002
2007-10-17 19:23:56 +00:00
Nick Mathewson
2e131e31b5 r15861@catbus: nickm | 2007-10-16 13:10:22 -0400
Fix example use of hash table iterators


svn:r11991
2007-10-16 17:21:05 +00:00
Nick Mathewson
7f9e9c816c r15790@catbus: nickm | 2007-10-15 11:38:28 -0400
Fix bug 528: fix memory leak in base32_decode().  While there, also make base32_decode() accept upper-case inputs.


svn:r11946
2007-10-15 15:38:44 +00:00
Nick Mathewson
3de8158b16 r15702@catbus: nickm | 2007-10-11 17:29:20 -0400
Remove a bunch of redundant includes in crypto.c


svn:r11885
2007-10-11 21:40:32 +00:00
Roger Dingledine
bab60e5ade bugfix on r11301:
Fix a minor memory leak whenever we wrote out a file. Bugfix on
0.2.0.7-alpha.


svn:r11863
2007-10-11 03:10:52 +00:00
Roger Dingledine
900ddcb8fd bugfix on r11298:
Fix a minor memory leak whenever we parse guards from our state
file. Bugfix on 0.2.0.7-alpha.


svn:r11862
2007-10-11 02:03:53 +00:00
Nick Mathewson
6f7847b378 r15530@catbus: nickm | 2007-10-04 12:16:27 -0400
Add a bunch of function documentation; clean up a little code; fix some XXXXs; tag the nonsensical EXTRAINFO_PURPOSE_GENERAL as nonsesnse; note another bit of "do not cache special routers" code to nuke.


svn:r11761
2007-10-04 16:21:58 +00:00
Nick Mathewson
8439c4ec2f r15512@catbus: nickm | 2007-10-02 16:27:43 -0400
Make some functions static; remove some dead code.


svn:r11750
2007-10-02 20:35:23 +00:00
Nick Mathewson
38ac9f6005 r14682@Kushana: nickm | 2007-09-28 15:23:38 -0400
From little acorns: redo our string and digest hashing code to be faster, since this stuff may be critical-path.


svn:r11700
2007-09-28 19:23:54 +00:00
Nick Mathewson
fc5dd0cdbb r15231@catbus: nickm | 2007-09-20 16:04:30 -0400
Patch from karsten: remove cbc and make unit tests handle aes-ctr-with-iv.


svn:r11538
2007-09-20 20:08:47 +00:00
Nick Mathewson
f0634bb7ca r14532@Kushana: nickm | 2007-09-20 13:25:38 -0400
Clean up some macros in aes.c


svn:r11537
2007-09-20 17:28:07 +00:00
Nick Mathewson
262d5ab0a8 r15210@catbus: nickm | 2007-09-20 13:04:05 -0400
Re-optimize counter-mode: save about 15% on my core2 by (1) not regenerating the entire counter buffer every time we encrypt a block of keystream (2) using the platform-optimized htonl to convert to big-endian (It's a single instruction on 486 and later ) and (3) not even keeping a separate "counter" and "buffer" when the platform is big-endian. The third still needs testing.


svn:r11536
2007-09-20 17:07:45 +00:00
Roger Dingledine
d4e950ccc8 poke at svn until it compiles. nick, you should decide if this
is what you meant to do.


svn:r11529
2007-09-20 03:06:45 +00:00
Nick Mathewson
5f7950e874 r15172@catbus: nickm | 2007-09-19 11:50:02 -0400
New (untested) code to implement AES-with-IV.  Currently, IVs are generated randomly.  Once tested, should be (almost) a drop-in replacement for the CBC functions.


svn:r11519
2007-09-19 15:53:41 +00:00
Nick Mathewson
7e93139a85 r15171@catbus: nickm | 2007-09-19 11:44:54 -0400
Switch our AES implementation from "128 bit counter with to 64 bits set to 0" to a proper implementation of counter mode.  Also, add an aes_set_iv function to initialize the counter to a nonzero value.


svn:r11518
2007-09-19 15:53:38 +00:00
Roger Dingledine
1a930cfc70 minor style tweaks
svn:r11490
2007-09-18 17:18:14 +00:00
Roger Dingledine
f15a4c8bd7 add some crypto/util functions from karsten, as the first
step of integrating his new hidden service stuff


svn:r11489
2007-09-18 17:07:56 +00:00
Nick Mathewson
8c13967803 r14448@Kushana: nickm | 2007-09-17 14:26:56 -0400
Unify all of the divergent median/nth-percentile code in container.[ch]


svn:r11457
2007-09-17 18:27:49 +00:00
Nick Mathewson
565f5f32c5 r14363@Kushana: nickm | 2007-09-08 16:25:45 -0400
Another round of whitespeace fixes.


svn:r11407
2007-09-08 20:25:57 +00:00
Nick Mathewson
509bc3b4a0 r14359@Kushana: nickm | 2007-09-08 15:07:17 -0400
Add some generic skew-and-tolerance functions so we can handle time more sanely.


svn:r11406
2007-09-08 19:08:46 +00:00
Nick Mathewson
c341bc090e r14869@catbus: nickm | 2007-08-31 08:49:26 -0400
Fix a segfault in expand_filename("~").  Found by lindi.


svn:r11332
2007-08-31 12:51:52 +00:00
Nick Mathewson
f189ecbf20 r14832@catbus: nickm | 2007-08-29 15:00:27 -0400
Use (and debug) new file-writing functions in order to simplify code that formerly built big strings in RAM.


svn:r11301
2007-08-29 19:02:43 +00:00
Nick Mathewson
8408122222 r14831@catbus: nickm | 2007-08-29 14:17:42 -0400
Refactor write_chunks_to_file_impl: break out the "pick a temporary name if it makes sense, and open the right filename" logic and the "close the file and unlink or rename if necessary" logic.  This will let us write big files in a smarter way than "Build a big string" or "make a list of chunks", once we get around to using it.


svn:r11300
2007-08-29 19:02:37 +00:00
Nick Mathewson
d3224bad42 r14227@Kushana: nickm | 2007-08-27 11:33:28 -0400
Add a new ClientDNSRejectInternalAddresses option (default: on) to refuse to believe that any address can map to or from an internal address.  This blocks some kinds of potential browser-based attacks, especially on hosts using DNSPort.  Also clarify behavior in some comments.  Backport candiate?


svn:r11287
2007-08-27 15:33:58 +00:00
Roger Dingledine
05f12bffe9 Handle unexpected whitespace better in malformed descriptors. Bug
found using Benedikt Boss's new Tor fuzzer! Bugfix on 0.2.0.x.


svn:r11229
2007-08-20 20:05:56 +00:00
Nick Mathewson
a237f25f9a r14651@catbus: nickm | 2007-08-17 21:37:03 -0400
Another attempt to confirm to msvc for bug 482.


svn:r11162
2007-08-18 01:38:11 +00:00
Peter Palfrader
0713606469 redefine BITARRAY_MASK as a function of BITARRAY_SHIFT
svn:r11160
2007-08-17 22:43:00 +00:00
Nick Mathewson
1f244d3943 r14639@catbus: nickm | 2007-08-17 17:45:28 -0400
Compile without warnings on MinGW, even with --enable-gcc-warnings enabled.


svn:r11157
2007-08-17 21:46:34 +00:00
Nick Mathewson
f8b3927e07 r14634@catbus: nickm | 2007-08-17 16:43:49 -0400
Try to fix bug 482: do not rely on s6_addr16 or s6_addr32 on MSVC.  How ugly.


svn:r11155
2007-08-17 20:44:54 +00:00
Nick Mathewson
181ba71a90 r14051@Kushana: nickm | 2007-08-15 15:55:36 -0400
Fix an XXXX020 and a few DOCDOCs.


svn:r11127
2007-08-15 19:56:01 +00:00
Nick Mathewson
3fc04529d4 r14093@catbus: nickm | 2007-08-08 01:49:54 -0400
Include fewer redundant headers; use the compiler search paths better.


svn:r11060
2007-08-08 05:50:31 +00:00
Nick Mathewson
50f5f63678 r14091@catbus: nickm | 2007-08-08 01:13:17 -0400
Fix an annoying warning on OpenBSD: only include malloc.h if we are using it.


svn:r11059
2007-08-08 05:14:03 +00:00
Nick Mathewson
652d4e0248 r13926@Kushana: nickm | 2007-08-03 00:55:23 -0700
Fix compilation with HAVE_GETADDRINFO unset


svn:r11042
2007-08-03 07:57:31 +00:00
Nick Mathewson
ba28346f2f r13907@Kushana: nickm | 2007-08-02 10:29:13 -0700
Try (once again) to fix mingw build wrt detecting ipv6 types.


svn:r11037
2007-08-02 17:30:42 +00:00
Nick Mathewson
d5c78593d2 r13873@Kushana: nickm | 2007-07-31 10:54:05 -0700
Split over-optimized digestmap_set code into a generic part and a digestmap-specific part.


svn:r11012
2007-08-01 15:57:48 +00:00
Nick Mathewson
484c8b776d r13872@Kushana: nickm | 2007-07-31 08:27:54 -0700
Rename IN4_ADDR and IN6_ADDR to try to avoid conflicting with Windows definitions.  This may fix the windows build.


svn:r11011
2007-08-01 15:57:34 +00:00
Nick Mathewson
2872a43386 r13871@Kushana: nickm | 2007-07-31 08:10:58 -0700
Fix warning aobut unused parameter on platforms without mallinfo.


svn:r11010
2007-08-01 15:57:07 +00:00
Nick Mathewson
45c82b1d85 r14024@catbus: nickm | 2007-07-30 14:13:58 -0400
Glibc (and maybe others) define a mallinfo() that can be used to see how the platform malloc is acting inside.  When we have it, dump its output on dumpmemusage().


svn:r10996
2007-07-30 18:14:14 +00:00
Nick Mathewson
23a345b3c2 r14015@catbus: nickm | 2007-07-30 13:18:05 -0400
Add missing code documentation in src/common


svn:r10991
2007-07-30 17:46:12 +00:00
Nick Mathewson
759ed3ce3f r13988@catbus: nickm | 2007-07-29 16:32:36 -0400
Cheesy attempt to break some censorware.  Not a long-term fix, but it will be intersting to watch the epidemiology of the workarounds as the censors apply them.


svn:r10975
2007-07-29 23:11:42 +00:00
Nick Mathewson
25bd4204d0 r13964@catbus: nickm | 2007-07-28 22:55:10 -0400
Change "IN_ADDR" macro to "IN4_ADDR" in an attempt to fix mingw compilation


svn:r10963
2007-07-29 02:55:24 +00:00
Nick Mathewson
a5477c7bb9 r13944@catbus: nickm | 2007-07-27 15:52:35 -0400
Fix warnings on platforms where rlim values can be signed.
 Add an 8k buffer freelist.
 


svn:r10948
2007-07-27 19:53:29 +00:00
Nick Mathewson
35561a542c r13934@catbus: nickm | 2007-07-27 10:41:00 -0400
Fix spelling; add a comment.


svn:r10943
2007-07-27 14:41:08 +00:00
Peter Palfrader
49db52abe6 Maybe fix #471. Compute the size of bitfields more correctly. Nick, please check.
svn:r10941
2007-07-27 04:45:42 +00:00
Nick Mathewson
b1c873182d r13926@catbus: nickm | 2007-07-26 17:21:06 -0400
Add a bit-array type with reasonably fast inline functions.


svn:r10938
2007-07-26 21:26:53 +00:00
Nick Mathewson
189bc7cf9f r13920@catbus: nickm | 2007-07-26 16:25:25 -0400
whitespace fixes


svn:r10935
2007-07-26 20:26:53 +00:00
Nick Mathewson
701fce8e5c r13858@catbus: nickm | 2007-07-22 18:44:02 -0400
Fix/note some relatively trivial mem usage issues


svn:r10905
2007-07-22 22:49:49 +00:00
Nick Mathewson
8e50aa7341 r13856@catbus: nickm | 2007-07-20 14:30:44 -0400
slightly smarter heuristic about when to use obsolete ::a.b.c.d format.


svn:r10893
2007-07-20 18:30:47 +00:00
Nick Mathewson
8ba42a3bde r13850@catbus: nickm | 2007-07-20 12:25:24 -0400
Fix some bugs in ntop/pton.


svn:r10891
2007-07-20 16:25:27 +00:00
Nick Mathewson
6223160ab7 r13848@catbus: nickm | 2007-07-19 16:47:16 -0400
Use our own version of inet_ntop and inet_pton everywhere, to avoid partitioning attacks.


svn:r10888
2007-07-19 20:47:18 +00:00
Nick Mathewson
a1f4644a94 r13840@catbus: nickm | 2007-07-19 16:00:43 -0400
Apparently, this problem can occur on the whole BSD family. "Yay."


svn:r10884
2007-07-19 20:00:45 +00:00
Nick Mathewson
b2772f93cb r13838@catbus: nickm | 2007-07-19 15:50:16 -0400
Apparently, OSX does not define s6_addr32 or s6_addr16. How silly.


svn:r10883
2007-07-19 19:50:20 +00:00
Nick Mathewson
679b55eb1f r13836@catbus: nickm | 2007-07-19 15:43:04 -0400
Some older GCCs think that iph4 could be used uninitialized. Fix that.


svn:r10882
2007-07-19 19:43:08 +00:00
Nick Mathewson
4a240552c4 r13834@catbus: nickm | 2007-07-19 15:40:42 -0400
Another patch from croup: drop support for address masks that do not correspond to bit prefixes.  Nobody has used this for a while, and we have given warnings for a long time.


svn:r10881
2007-07-19 19:40:45 +00:00
Nick Mathewson
bbbf504281 r13827@catbus: nickm | 2007-07-19 14:42:25 -0400
Merge in some generic address manipulation code from croup.  Needs some work.


svn:r10880
2007-07-19 18:46:09 +00:00
Nick Mathewson
ad45ddfb07 r13788@catbus: nickm | 2007-07-16 14:26:25 -0400
Patch from croup: rewrite the logic of get_next_token() to do the right thing with input that ends at weird places, or aligns with block boundaries after mmap.  should fix bug 455.  Needs fuzzing.


svn:r10847
2007-07-16 18:26:31 +00:00
Roger Dingledine
6d2cb32d10 free some more memory on exit
svn:r10837
2007-07-16 04:33:47 +00:00
Nick Mathewson
7e20fdbefb r13687@catbus: nickm | 2007-07-10 16:08:14 -0400
Possible partial fix for bug 455: use eos logic everywhere.


svn:r10786
2007-07-10 20:08:18 +00:00
Nick Mathewson
73b4428a8b r13631@catbus: nickm | 2007-07-06 10:17:22 -0400
Try to fix win32 build again.


svn:r10750
2007-07-06 14:17:30 +00:00
Nick Mathewson
bbc7cf86d5 r13600@Kushana: nickm | 2007-07-05 23:49:47 -0400
try to fix mingw compile


svn:r10743
2007-07-06 03:49:57 +00:00
Nick Mathewson
a9469098ca r13596@kushana: nickm | 2007-07-05 10:53:22 -0400
Argh, re-enable CRITICAL_SECTION code in win32.


svn:r10741
2007-07-05 14:53:27 +00:00
Nick Mathewson
5c9c420111 svn:r10740 2007-07-05 14:51:10 +00:00
Nick Mathewson
ae4ab0f617 r13454@kushana: nickm | 2007-06-20 14:22:44 -0400
Switch windows locking implementation to CRITICAL_SECTION, not Mutex: Mutex is heavier-weight, and meant for multi-process situations.


svn:r10739
2007-07-05 14:51:01 +00:00
Peter Palfrader
f274c1413e Make it build with -O0 as well
svn:r10722
2007-07-02 17:50:57 +00:00
Peter Palfrader
adff891463 Make DEBUG_SMARTLIST work
svn:r10721
2007-07-02 17:48:56 +00:00
Nick Mathewson
1bdcfd9203 r13570@catbus: nickm | 2007-06-30 20:41:05 -0400
Implement conditions in compat.c; switch windows to use "critical sections" instead of mutexes.  Apparently, mutexes are for IPC and critical sections are for multithreaded.


svn:r10716
2007-07-01 16:22:45 +00:00
Nick Mathewson
5adfa09fce r13477@catbus: nickm | 2007-06-17 14:22:03 -0400
Sun CC likes to give warnings for the do { } while(0) construction for making statement-like macros.  Define STMT_BEGIN/STMT_END macros that do the right thing, and use them everywhere.


svn:r10645
2007-06-17 18:22:39 +00:00
Nick Mathewson
93f32db438 r13476@catbus: nickm | 2007-06-17 14:04:41 -0400
Build with fewer compiler warnings on Sun.  (This and previous Sun patches are thanks to the tremendously handy services of unix-center.net.)


svn:r10644
2007-06-17 18:22:35 +00:00
Nick Mathewson
a8e88adba4 r13410@catbus: nickm | 2007-06-13 18:39:05 -0400
Fix compilation on compilers that do not allow you to typedef the same type twice.


svn:r10598
2007-06-13 22:39:10 +00:00
Nick Mathewson
546209a4de r13384@catbus: nickm | 2007-06-13 13:53:26 -0400
make test_* functions stop conflicting with variables named v1 and v2.


svn:r10584
2007-06-13 18:15:56 +00:00
Nick Mathewson
3637ee0e59 r13383@catbus: nickm | 2007-06-13 13:53:04 -0400
Expose a function to parse a private key from a string as CRYPTO_PRIVATE.  For testing.


svn:r10583
2007-06-13 18:15:53 +00:00
Nick Mathewson
399890307d r13362@catbus: nickm | 2007-06-11 19:00:23 -0400
Fix a warning on platforms where sizeof(size_t)==8, but sizeof(unsigned long)<8.


svn:r10566
2007-06-11 23:00:26 +00:00
Nick Mathewson
dddf065e62 r13358@catbus: nickm | 2007-06-11 18:46:24 -0400
Fix some dumb copypasta in r10562.


svn:r10565
2007-06-11 22:46:35 +00:00
Nick Mathewson
f45732513e r13354@catbus: nickm | 2007-06-11 18:17:40 -0400
Add typechecking wrappers to digestmap, so we can work with "map from digest to [FOO]" for arbitrary FOOs and still have some typesafety.


svn:r10562
2007-06-11 22:19:37 +00:00
Nick Mathewson
6673d445f5 r13283@catbus: nickm | 2007-06-06 01:43:44 -0400
Fix up a couple of loops flagged by -Wunsafe-loop-optimizations so that they are more readable (and more amenable to compilation)


svn:r10513
2007-06-06 13:02:22 +00:00
Nick Mathewson
bb6f53d60c r13243@catbus: nickm | 2007-06-04 15:17:15 -0400
Start of code to compute consensus network-status stuff from a bunch of votes.  Strangely, it does not yet feel like an enormous ugly hack. 


svn:r10489
2007-06-04 19:19:01 +00:00
Nick Mathewson
6faa9e2641 r13239@catbus: nickm | 2007-06-04 11:30:37 -0400
Fix the fix for bug 445: set umask properly.  Also use open+fdopen rather than just umask+fopen, and create authority identity key with mode 400.


svn:r10485
2007-06-04 15:30:40 +00:00
Nick Mathewson
cb0324c400 r13191@catbus: nickm | 2007-06-03 19:38:18 -0400
Set umask(0700) when starting tor-gencert; resolves bug 445.


svn:r10475
2007-06-03 23:38:20 +00:00
Nick Mathewson
aee7f01624 r13154@catbus: nickm | 2007-06-02 11:26:44 -0400
Server-side support for If-Modified-Since in HTTP requsts for v1 stuff, and for network-status documents.


svn:r10451
2007-06-02 15:26:57 +00:00
Nick Mathewson
5b6d7f10f3 r13143@catbus: nickm | 2007-06-01 16:43:40 -0400
Try to fix some mipspro compiler warnings. There will still be some left.


svn:r10444
2007-06-02 12:44:54 +00:00
Roger Dingledine
b1ee20f0e8 trivial changes from my sandbox
svn:r10429
2007-05-31 23:57:46 +00:00
Nick Mathewson
534c55f531 r13111@catbus: nickm | 2007-05-31 15:03:41 -0400
Cleanup whitespace.


svn:r10425
2007-05-31 19:03:49 +00:00
Nick Mathewson
71c0a13703 r13110@catbus: nickm | 2007-05-31 15:03:24 -0400
Fix windows build.


svn:r10424
2007-05-31 19:03:46 +00:00
Nick Mathewson
4061b2cbd1 r13101@catbus: nickm | 2007-05-31 12:57:42 -0400
Unit tests [and debugging] for tor_inet_ntop() and tor_inet_pton()


svn:r10420
2007-05-31 18:48:25 +00:00
Nick Mathewson
e11a92bd54 r13058@catbus: nickm | 2007-05-29 14:39:53 -0400
Note that the fix for bug 222 should technically be turned into a real fix, not a kludge, one of these days.


svn:r10397
2007-05-29 18:39:59 +00:00
Nick Mathewson
e5ed434c42 r13054@catbus: nickm | 2007-05-29 14:20:50 -0400
An even better workaround for the probably-already-fixed bug 222.


svn:r10395
2007-05-29 18:21:00 +00:00
Nick Mathewson
f89a3b1448 r13050@catbus: nickm | 2007-05-29 13:31:11 -0400
Resolve all but 3 DOCDOCs.


svn:r10393
2007-05-29 17:31:13 +00:00
Nick Mathewson
916e98d3fa r13042@catbus: nickm | 2007-05-29 10:41:10 -0400
oops; use tor_inet_aton rather than inet_aton in tor_inet_ntop.  Spotted by Li-Hui Zhou.


svn:r10389
2007-05-29 14:41:24 +00:00
Roger Dingledine
0c047b87f5 polish r9933-r9994
svn:r10335
2007-05-25 19:41:31 +00:00
Nick Mathewson
bb524e99c9 r12955@catbus: nickm | 2007-05-25 13:17:30 -0400
First bare stubs of ipv6 work: commit some (untested, hence doublessly broken) implementations of inet_ntop/pton for systems that lack them.


svn:r10326
2007-05-25 18:22:37 +00:00
Nick Mathewson
a312afd67e r12936@catbus: nickm | 2007-05-24 14:12:34 -0400
Review XXXX comments without a version; upgrade some to XXXX020.


svn:r10315
2007-05-24 18:12:52 +00:00
Nick Mathewson
79707437d9 r12933@catbus: nickm | 2007-05-24 14:10:28 -0400
Optimize digestmap_set, since it sometimes shows up in profiles.  Seems to work so far, but it isnt the prettiest thing ever.


svn:r10312
2007-05-24 18:12:38 +00:00
Nick Mathewson
d3d86b17a7 r12916@catbus: nickm | 2007-05-24 12:43:45 -0400
Add math functions to round values to the nearest power of 2.  Make mempools more careful about making sure that the size of their chunks is a little less than a power of 2, not a little more.


svn:r10304
2007-05-24 17:12:57 +00:00
Nick Mathewson
c9fa4e6583 r12898@catbus: nickm | 2007-05-22 13:11:04 -0400
More v3 directory code: have authorities load certificates; have everybody store certificates to disk and load them; provide a way to configure v3 authorities.


svn:r10293
2007-05-22 17:58:25 +00:00
Nick Mathewson
e935d73b34 r12852@catbus: nickm | 2007-05-22 11:00:27 -0400
Use svn revisions consistently throughout all log messages.


svn:r10291
2007-05-22 15:48:46 +00:00
Nick Mathewson
4ec5e139c8 r12850@catbus: nickm | 2007-05-21 22:20:42 -0400
Partial backport candidate: do not rely on finding a \0 after an mmaped() router/extrainfo file.  Also, set journal length correctly when starting up.


svn:r10248
2007-05-22 02:20:52 +00:00
Nick Mathewson
5364833be0 r13017@Kushana: nickm | 2007-05-20 13:40:45 -0400
Address points in r10227.


svn:r10229
2007-05-20 17:43:55 +00:00
Roger Dingledine
ddd0054a85 point out two remote crash bugs, a memory leak, and a few other
items we should probably look into.


svn:r10227
2007-05-20 14:15:23 +00:00
Nick Mathewson
5f58bee0b0 r12812@catbus: nickm | 2007-05-19 16:17:36 -0400
Fix compilation with -O0; add unit tests for swap and shuffle.


svn:r10223
2007-05-19 20:17:37 +00:00
Nick Mathewson
7a61357250 r12790@catbus: nickm | 2007-05-18 17:24:26 -0400
Fix build on gcc 4.2


svn:r10212
2007-05-18 21:24:37 +00:00
Nick Mathewson
a187704872 r12980@Kushana: nickm | 2007-05-18 14:11:05 -0400
Add a "swap" function to smartlist, add a "shuffle" function for smartlist to crypto.c, and make appropriate hashtable functions be more const.


svn:r10208
2007-05-18 21:19:14 +00:00
Nick Mathewson
836328be2e r12777@catbus: nickm | 2007-05-16 21:52:23 -0400
Fix dumb bug introduced in r10199


svn:r10202
2007-05-17 01:52:26 +00:00
Nick Mathewson
807adfc879 r12769@catbus: nickm | 2007-05-16 17:32:01 -0400
Fix warnings from -Wunsafe-loop-optimizations, which incidentally turned up a logic bug in connection_or_flush_from_first_active_circuit that would overcount the number of cells flushed.


svn:r10199
2007-05-16 22:15:48 +00:00
Nick Mathewson
e043b86f47 r12764@catbus: nickm | 2007-05-15 17:17:39 -0400
Enable (and cope with) more GCC 4.2 warnings.


svn:r10196
2007-05-15 21:17:48 +00:00
Roger Dingledine
440b7f0c70 polish r9726-r9903
svn:r10182
2007-05-13 09:25:06 +00:00
Nick Mathewson
a7696a936d r12700@catbus: nickm | 2007-05-09 17:22:53 -0400
[Backport candidate] On windows, open cached-routers with the sharing mode "FILE_SHARE_READ so that other processes can read it while Tor is running. (Reported by Janbar). 


svn:r10148
2007-05-09 21:22:56 +00:00
Roger Dingledine
d112e7b1ad fix some code comments, a wrapper, and add a todo item
svn:r10111
2007-05-04 07:24:01 +00:00
Nick Mathewson
9279c1d5fe r12638@catbus: nickm | 2007-05-02 17:37:30 -0400
Remove the "RSA keys are 128-bits" assumption from crypto.c


svn:r10096
2007-05-02 21:37:53 +00:00
Nick Mathewson
fa39336e65 r12607@catbus: nickm | 2007-04-30 21:36:28 -0400
More attempt to fix win32 building.  This time, with extra linking.


svn:r10080
2007-05-01 01:36:32 +00:00
Nick Mathewson
6a27dd8284 r12595@catbus: nickm | 2007-04-30 18:32:34 -0400
Move private function declarations from crypto.c into a new #ifdef CRYPTO_PRIVATE block in crypto.h


svn:r10074
2007-04-30 22:42:50 +00:00
Nick Mathewson
105d782109 r12546@catbus: nickm | 2007-04-29 21:27:43 -0400
Correctly report win98se and win95osr2 versions.


svn:r10047
2007-04-30 01:27:47 +00:00
Nick Mathewson
2f4784cbd8 r12499@catbus: nickm | 2007-04-23 10:42:23 -0400
Keep a freelist of unused 4k buffer chunks, rather than wasting 8k for every inactive connection_t.


svn:r10006
2007-04-23 14:42:27 +00:00
Nick Mathewson
227b2e0226 r12759@Kushana: nickm | 2007-04-20 08:47:20 -0400
Track the number of connection_t separately from the number of open sockets.  It is already possible to have connections that do not count: resolving conns, for one.  Once we move from socketpairs to linked conns, and once we do dns proxying, there will be lots of such connections.


svn:r9994
2007-04-21 17:24:18 +00:00
Nick Mathewson
6ee5bef092 r12458@catbus: nickm | 2007-04-19 15:52:23 -0400
Fix a bug in displaying memory pool usage.  Also dump cell allocation, and track padded_cell_ts as they are allocated and freed, to make sure we are not leaking cells.


svn:r9992
2007-04-19 19:52:30 +00:00
Nick Mathewson
7392464b88 r12456@catbus: nickm | 2007-04-19 14:47:01 -0400
Make dumpmemusage() dump cell pool usage information.


svn:r9991
2007-04-19 18:47:04 +00:00
Nick Mathewson
362fbc79d2 r12414@catbus: nickm | 2007-04-16 17:37:17 -0400
More proposal-104 stuff: actually remember extra-info stuff.


svn:r9975
2007-04-16 21:37:21 +00:00
Nick Mathewson
7467c35249 r12353@catbus: nickm | 2007-04-11 15:58:46 -0400
Apparently some compilers think that anonymous unions are bad C.  Technically, they're right, so let's name the union in mempool.c.


svn:r9946
2007-04-11 19:58:51 +00:00
Nick Mathewson
38a5f09502 r12349@catbus: nickm | 2007-04-11 09:18:15 -0400
Add code to shrink the cell memory pool by discarding empty chunks that have been empty for the last 60 seconds.  Also, instead of having test.c duplicate declarations for exposed functions, put them inside #ifdef foo_PRIVATE blocks in the headers.  This prevents bugs where test.c gets out of sync.


svn:r9944
2007-04-11 13:18:25 +00:00
Nick Mathewson
1c8f9b319b r12344@catbus: nickm | 2007-04-10 21:27:25 -0400
Fix documentation and usage of 2nd argument to mp_pool_new.


svn:r9942
2007-04-11 01:27:33 +00:00
Nick Mathewson
51e4b8d706 r12338@catbus: nickm | 2007-04-10 20:29:05 -0400
Document memory pool implementation, and tweak it even mor.  See? Programming is fun.


svn:r9940
2007-04-11 00:30:34 +00:00
Nick Mathewson
28de06b8e6 r12337@catbus: nickm | 2007-04-10 17:55:26 -0400
Add support for using memory pools to allocate queued cell; pass --disable-cell-pool to configure to disable this.


svn:r9939
2007-04-11 00:30:29 +00:00
Nick Mathewson
6ba0b0e9f4 r12336@catbus: nickm | 2007-04-10 17:34:25 -0400
Unit tests and debugging for memory pool implementation.


svn:r9938
2007-04-11 00:30:25 +00:00
Nick Mathewson
d7359eb996 r12335@catbus: nickm | 2007-04-10 16:53:48 -0400
Initial version of memory pool logic. Needs unit tests.  Made to be easily separable from Tor.


svn:r9937
2007-04-11 00:30:22 +00:00
Nick Mathewson
d1ad950ca8 Turn bool_neq and bool_eq into macros.
svn:r9914
2007-03-29 02:37:06 +00:00
Nick Mathewson
f8f5ea10de r12191@catbus: nickm | 2007-03-15 15:33:37 -0400
Check return values from pthread_mutex functions.


svn:r9862
2007-03-17 21:09:49 +00:00
Roger Dingledine
d374616301 clean up some minor typos and log confusions
svn:r9832
2007-03-15 22:47:21 +00:00
Nick Mathewson
f25e2167f5 r12533@Kushana: nickm | 2007-03-11 05:01:15 -0400
Oh. Tor was supposed to compile?


svn:r9797
2007-03-11 09:05:17 +00:00
Nick Mathewson
02ce8e6b12 r12474@Kushana: nickm | 2007-03-06 16:10:05 -0500
We have a PATH_SEPARATOR macro.  How about we use it?


svn:r9782
2007-03-09 21:39:30 +00:00
Nick Mathewson
d62e37b4a9 r12473@Kushana: nickm | 2007-03-06 15:49:45 -0500
Excise PREDICT and PREDICT_FALSE in favor of PREDICT_LIKELY and PREDICT_UNLIKELY.


svn:r9781
2007-03-09 21:39:19 +00:00
Nick Mathewson
5d1bee87ff r12468@Kushana: nickm | 2007-03-06 15:24:00 -0500
More unit tests: gcov is fun.


svn:r9748
2007-03-06 20:25:44 +00:00
Nick Mathewson
4a6e29b029 r12076@catbus: nickm | 2007-03-04 15:41:04 -0500
oops; remove spurious argument from _log_prefix.


svn:r9734
2007-03-04 21:08:26 +00:00
Nick Mathewson
7fcceb2c25 r12074@catbus: nickm | 2007-03-04 15:11:43 -0500
Make all LD_BUG log messsages get prefixed with "Bug: ".  Remove manually-generated "Bug: "s from log-messages.  (Apparently, we remembered to add them about 40% of the time.)


svn:r9733
2007-03-04 20:11:46 +00:00
Nick Mathewson
dec9e4f0d8 r12011@catbus: nickm | 2007-02-28 18:13:32 -0500
Back out insufficiently evidenced FULL_UNROLL in aes.c


svn:r9693
2007-03-01 00:41:25 +00:00
Nick Mathewson
e2b1a77c3e r12006@catbus: nickm | 2007-02-28 16:06:24 -0500
On mingw, use "%I64u" to printf/scanf 64-bit integers, instead of the usual GCC "%llu".  This prevents a bug when saving 64-bit int configuration values on mingw; the high-order 32 bits would get truncated.  If the value was then reloaded, disaster would occur. (Fixes bug 400 and maybe also bug 397.)  Backport candidate.


svn:r9691
2007-02-28 21:07:19 +00:00
Nick Mathewson
f38240435a r12001@catbus: nickm | 2007-02-28 15:24:12 -0500
Try to build without warnings on mingw with verbose warnings on.  First attempt.


svn:r9688
2007-02-28 20:24:27 +00:00
Nick Mathewson
dfbced7499 r11998@catbus: nickm | 2007-02-28 13:56:55 -0500
Correct an MSC_VER check.


svn:r9685
2007-02-28 18:57:03 +00:00
Nick Mathewson
e1176ece5a r11992@catbus: nickm | 2007-02-28 12:46:32 -0500
compile fix on mingw: mingw does not define _MSC_VER.


svn:r9682
2007-02-28 17:46:36 +00:00
Nick Mathewson
dae5fc7982 r11981@catbus: nickm | 2007-02-28 11:55:27 -0500
Clamp declarable bandwidth at INT32_MAX, not INT_MAX.


svn:r9677
2007-02-28 16:56:07 +00:00
Nick Mathewson
d6368fd075 r11976@catbus: nickm | 2007-02-27 19:35:59 -0500
Add some missing (redundant but helpful in most cases) static declarations, and remove a function nobody was calling.


svn:r9672
2007-02-28 00:36:03 +00:00
Nick Mathewson
16f1008d01 Add a missing paren, and the results of an experiment.
svn:r9664
2007-02-27 06:00:11 +00:00
Nick Mathewson
9d714e6258 r11959@catbus: nickm | 2007-02-26 22:53:36 -0500
try to make aes encryption of cells about 30-40% faster where applicable.  offer not available for all architectures or all versions of openssl.


svn:r9663
2007-02-27 03:53:45 +00:00
Nick Mathewson
230fbd95c0 r11956@catbus: nickm | 2007-02-26 13:33:49 -0500
Add a quick-and-dirty AES benchmark function to the bottom of aes.c so I can go collecting data.


svn:r9660
2007-02-26 18:33:55 +00:00
Nick Mathewson
82e2d6001a r11954@catbus: nickm | 2007-02-26 13:01:19 -0500
Note some optimizations that are probably not worth it for 0.1.2.x based on preliminary profiling.


svn:r9659
2007-02-26 18:01:23 +00:00
Roger Dingledine
522a97098b more cleanups; getting closer
svn:r9655
2007-02-26 05:36:02 +00:00
Roger Dingledine
50f22e858a doc pedant
svn:r9634
2007-02-24 07:50:38 +00:00
Nick Mathewson
f599adf40a r11909@catbus: nickm | 2007-02-24 02:37:40 -0500
Move tricky "delete the member of the smartlist currently under iteration" logic into its own happyfun macro.


svn:r9633
2007-02-24 07:37:45 +00:00
Roger Dingledine
9946bb7fbd cosmetic, comment, and todo fixes
svn:r9627
2007-02-24 01:12:53 +00:00
Nick Mathewson
0fb179aa2e r11860@catbus: nickm | 2007-02-21 00:56:15 -0500
Another optimization suggested by Shark output: shave off >90% of uses of logv by cutting down on calls to log_debug when log actually debugging.  This is showing up in some profiles bug not others, and might be as much as 2.5%.


svn:r9612
2007-02-21 05:57:12 +00:00
Nick Mathewson
275ce1d2a4 r11852@catbus: nickm | 2007-02-20 17:25:17 -0500
Reverse arguments in memset() call in no-mmap version of tor_munmap_file().  Resolves bug 392.  Spotted by "fookoowa"--thanks!


svn:r9604
2007-02-20 22:25:20 +00:00
Nick Mathewson
b6e6b7101b r11850@catbus: nickm | 2007-02-20 13:34:13 -0500
Apply patch from coderman: have posix subthreads mask out signals.  This could prevent some kinds of crashes when subthreads try to handle SIGPIPEs and die in the attempt.  Backport candidate.


svn:r9603
2007-02-20 18:34:18 +00:00
Nick Mathewson
d2893398f6 r11832@catbus: nickm | 2007-02-16 15:31:59 -0500
Fix 35 remaining DOCDOC comments. Yowza.


svn:r9596
2007-02-16 20:39:37 +00:00
Nick Mathewson
11e5656ab7 r11826@catbus: nickm | 2007-02-16 14:58:38 -0500
Resolve 56 DOCDOC comments.


svn:r9594
2007-02-16 20:01:02 +00:00
Nick Mathewson
d4aaffc6e7 r11824@catbus: nickm | 2007-02-16 13:16:47 -0500
Move all struct-offset-manipulation macros into util.h, and use them consistently.  Because there are days when "SUBTYPE_P(handle, subtype, _base)" is just easier to read and write than "(basetp*)(((handle) - STRUCT_OFFSET(subtype, _base))".


svn:r9592
2007-02-16 20:00:43 +00:00
Nick Mathewson
1c8a9d37b6 r11791@catbus: nickm | 2007-02-13 11:36:07 -0500
Try to fix mingw compile error reported by Li-Hui Zhou.


svn:r9578
2007-02-13 16:36:14 +00:00
Nick Mathewson
3c691b9da6 r11785@catbus: nickm | 2007-02-12 20:27:48 -0500
Node-picking fixes: Never warn when a down node is listed in a config option (bug 348); always warn when a node in a config option is unnamed.  Also, when entrynodes is configured, then build the guard list as: (parts of EntryNodes that were guards before), (the rest of EntryNodes), (the rest of the old guards).  This last point ensures that EntryNode users will get the EntryNodes they want with the minimum change to their guard list.


svn:r9574
2007-02-13 01:27:55 +00:00
Nick Mathewson
759c58151e r11775@catbus: nickm | 2007-02-12 16:39:09 -0500
Update copyright dates.


svn:r9570
2007-02-12 21:39:53 +00:00
Nick Mathewson
30e7c05075 r11774@catbus: nickm | 2007-02-12 16:31:47 -0500
Handle errors on opening cached-routers* more uniformly and sanely: log not-found errors at level INFO, and all other errors at level WARN.  Needs testing on win32.


svn:r9569
2007-02-12 21:39:44 +00:00
Nick Mathewson
0c40a080a4 r11773@catbus: nickm | 2007-02-12 15:18:48 -0500
Implement proposal 106: stop requiring clients to have certificates, and stop checking for nicknames in certificates.  [See proposal 106 for rationale.]  Also improve messages when checking TLS handshake, to re-resolve bug 382.


svn:r9568
2007-02-12 21:39:33 +00:00
Roger Dingledine
4ba57f68e4 more changes. i'm all caught up now.
svn:r9495
2007-02-06 02:49:07 +00:00
Nick Mathewson
f02be02356 r11639@catbus: nickm | 2007-02-05 13:33:38 -0500
Add documentation to src/common/*.h; improve documentation for SMARTLIST_FOREACH; remove never-used options and corresponding tests from tor_strpartition.


svn:r9483
2007-02-05 18:33:52 +00:00
Nick Mathewson
fefba95363 r11629@catbus: nickm | 2007-02-02 15:06:17 -0500
Removing the last DOCDOC comment hurt so much that I had to use Doxygen to identify undocumented macros and comments, and add 150 more DOCDOCs to point out where they were.  Oops.  Hey, kids!  Fixing some of these could be your first Tor patch!


svn:r9477
2007-02-02 20:06:43 +00:00
Nick Mathewson
8507699256 r11624@catbus: nickm | 2007-02-01 13:17:35 -0500
Note a few questionable bits pointed out by RATS.  (And no, RATS, I'm not about to stop having fixed-sized local buffers for you.  I know how to use them, thankyouverymuch.)


svn:r9474
2007-02-01 18:33:02 +00:00
Nick Mathewson
5cb99857bc r11620@catbus: nickm | 2007-02-01 13:06:27 -0500
Call stat() slightly less often; use fstat() when possible.


svn:r9472
2007-02-01 18:09:27 +00:00
Nick Mathewson
76f896e714 r11607@catbus: nickm | 2007-01-30 17:19:27 -0500
Audit non-const char arguments; make a lot more of them const.


svn:r9466
2007-01-30 22:19:41 +00:00
Nick Mathewson
ef0720f909 r9689@catbus: nickm | 2007-01-19 22:34:20 -0500
And remove another strcpy.


svn:r9375
2007-01-20 03:35:03 +00:00
Nick Mathewson
c57ef84fc5 r11987@Kushana: nickm | 2007-01-19 14:57:28 -0500
Implement SOCKS_BAD_HOSTNAME status event. Defer remaining status events.  Clean up control-spec.txt a little, and fill in recommendations for events.


svn:r9374
2007-01-19 21:25:32 +00:00
Nick Mathewson
39e50cbb48 r9776@totoro: nickm | 2007-01-18 14:37:01 -0500
Yes, apparently saying strcpy in front of openbsd is like saying "intellectual property" in front of RMS.  They both have a point, I guess, even though they extend it to contexts where it is completely irrelevant.


svn:r9370
2007-01-18 19:37:23 +00:00
Nick Mathewson
093d71762c r11978@Kushana: nickm | 2007-01-15 18:54:25 -0500
Apparently, the OpenBSD linker thinks it knows C better than I do, and gets to call me names for having strcat and strcpy and sprintf in my code--whether I use them safely or not.  All right, OpenBSD.  You win... this round.


svn:r9360
2007-01-15 23:56:38 +00:00
Nick Mathewson
380f8983c7 r11966@Kushana: nickm | 2007-01-15 16:12:17 -0500
Tidy up ORCONN reason patch from Mike Perry.  Changes: make some of the handling of TLS error codes less error prone.  Enforce house style wrt spaces.  Make it compile with --enable-gcc-warnings.  Only set or_conn->tls_error in the case of an actual error.  Add a changelog entry.


svn:r9355
2007-01-15 21:21:05 +00:00
Nick Mathewson
ead35ef944 r11957@Kushana: nickm | 2007-01-15 15:25:57 -0500
Patch from Mike Perry: Track reasons for OR connection failure; display them in control events. Needs review and revision.


svn:r9354
2007-01-15 21:13:37 +00:00
Roger Dingledine
254005fc1b apparently i think of comments with no whitespace around them as
"read this if you don't understand the code and want some help."
which is not the same as "hey, you think you understand this code,
but you don't."


svn:r9307
2007-01-09 00:57:36 +00:00
Roger Dingledine
1d8a4cb989 Fix an assert error introduced in 0.1.2.5-alpha: if a single TLS
connection handles more than 4 gigs in either direction, we assert.


svn:r9306
2007-01-09 00:50:50 +00:00
Roger Dingledine
658c09c06f more progress and cleanups
svn:r9269
2007-01-05 06:03:10 +00:00
Nick Mathewson
6fbf17e7b0 r11749@Kushana: nickm | 2006-12-29 00:51:42 -0500
Remove dead code; make targets of addressmap commands/configs use AllowNonRFC953Hostnames


svn:r9211
2006-12-29 05:51:50 +00:00
Nick Mathewson
361998d0f3 r11741@Kushana: nickm | 2006-12-28 22:41:29 -0500
Count TLS bytes accurately: previously, we counted only the number of bytes read or transmitted via tls, not the number of extra bytes used to do so.  This has been a lonstanding wart.  The fix "Works for me".


svn:r9207
2006-12-29 03:42:46 +00:00
Nick Mathewson
4cd302a1eb r11722@Kushana: nickm | 2006-12-28 13:51:42 -0500
Add a helper function for case-insensitive search through a smartlist


svn:r9198
2006-12-28 21:29:03 +00:00
Nick Mathewson
94d7d8d88f r11670@Kushana: nickm | 2006-12-21 12:23:55 -0500
Clean up logic in parse_port_range(); accept 0 on low end and 65536 on high end for people who are bad at math.


svn:r9169
2006-12-21 17:38:15 +00:00
Nick Mathewson
ca516311e3 r11668@Kushana: nickm | 2006-12-20 22:22:53 -0500
Fix bug found by Keith Skinner: Treat malformed max-ports in address ranges as an error, and dont ignore errors with min-ports even if a max-port is present.


svn:r9168
2006-12-21 03:22:59 +00:00
Nick Mathewson
078aab810b r11597@Kushana: nickm | 2006-12-15 15:49:27 -0500
Add a rudimentary line-wrapping function for use in dumping comments in config files.


svn:r9132
2006-12-15 21:26:23 +00:00
Nick Mathewson
309c579452 r11581@Kushana: nickm | 2006-12-15 00:12:24 -0500
Make PIDFile work on windows.  Reported by Arrakis.


svn:r9116
2006-12-15 05:12:52 +00:00
Nick Mathewson
43e06eba8b r11566@Kushana: nickm | 2006-12-13 17:46:24 -0500
Try to fix an assert failure in new write limiting code: make buffers.c aware of previous "forced" write sizes from tortls.


svn:r9105
2006-12-13 22:46:42 +00:00
Roger Dingledine
8cf8b8087a when we decide not to mmap, because the file is empty or isn't
there at all, don't yell so loud.


svn:r9065
2006-12-11 04:21:10 +00:00
Nick Mathewson
e8dc71ade4 r11444@Kushana: nickm | 2006-12-07 09:38:52 -0500
Fix a couple of obvious bugs in tor_mmap_file on Windows: first, fix a boolean error when checking the return value of CreateFileMapping.  Second, CreateFileMapping is documented to return NULL on failure.


svn:r9035
2006-12-07 14:39:42 +00:00
Roger Dingledine
936f075f11 help ftello find its prototype
svn:r9016
2006-12-02 23:08:55 +00:00
Roger Dingledine
c5b90daf86 cleanups, bump to 0.1.2.4-alpha
svn:r9015
2006-12-02 22:47:46 +00:00
Nick Mathewson
facc49cf6f r9371@totoro: nickm | 2006-11-21 10:59:28 -0500
Fix a trivial comment.


svn:r8979
2006-11-21 23:50:21 +00:00
Nick Mathewson
d6cc235eba r9315@totoro: nickm | 2006-11-13 22:40:59 -0500
Fix a build warning on angela-sid


svn:r8949
2006-11-14 03:41:05 +00:00
Nick Mathewson
9243e54177 r9313@totoro: nickm | 2006-11-13 20:07:41 -0500
Try to compile with fewer warnings on irix64's MIPSpro compiler /
 environment, which apparently believes that:
   - off_t can be bigger than size_t.
   - only mean kids assign things they do not subsequently inspect.
 
 I don't try to fix the "error" that makes it say:
 
 cc-3970 cc: WARNING File = main.c, Line = 1277
   conversion from pointer to same-sized integral type (potential portability
           problem)
 
     uintptr_t sig = (uintptr_t)arg;
 
 Because really, what can you do about a compiler that claims to be c99
 but doesn't understand that void* x = NULL; uintptr_t y = (uintptr_t) x;
 is safe?
 


svn:r8948
2006-11-14 01:07:52 +00:00
Roger Dingledine
3d6b97399f Avoid assert failure when our cached-routers file is empty on startup.
(reported by revstray)


svn:r8928
2006-11-12 07:09:22 +00:00
Nick Mathewson
50771a6b48 r9380@Kushana: nickm | 2006-10-24 21:25:07 -0400
Add string.h include to compat.h so that strlcpy() and strlcat() will always be defined after including compat.h.  This should resolve warnings on centos.


svn:r8824
2006-10-25 01:25:17 +00:00
Roger Dingledine
0459db2c0d checkpoint some changes as i read diffs
svn:r8780
2006-10-20 19:11:12 +00:00
Nick Mathewson
c8c36dd227 r9304@dhcp-18-188-67-85: nickm | 2006-10-20 12:22:46 -0400
Change HT_INIT from a special-case to a macro-calling-a-function like the rest of ht.h.  This might prevent errors if somebody did, I dunno, "HT_INIT(tp, hashtable++)". Based on a patch from Watson Ladd.


svn:r8776
2006-10-20 16:22:53 +00:00
Roger Dingledine
dcd33ef599 i saw somebody on #tor paste a string where these were
null. better safe than sorry.


svn:r8767
2006-10-20 00:12:02 +00:00
Nick Mathewson
7551c44a53 r9274@Kushana: nickm | 2006-10-19 16:16:58 -0400
Add unit tests for tor_mmap_file(); make tor_mmap_t.size always be the size of the file (not the size of the mapping); add an extra argument to read_file_to_str() so it can return the size of the result string.


svn:r8762
2006-10-19 23:05:02 +00:00
Nick Mathewson
17abfa6a6a r8971@totoro: nickm | 2006-10-09 10:16:23 -0400
Move definition of ssize_t to torint.h


svn:r8670
2006-10-09 15:47:08 +00:00
Nick Mathewson
e618c15aff r8967@totoro: nickm | 2006-10-08 23:38:50 -0400
Fix some test and warn failures in last commit


svn:r8665
2006-10-09 03:39:06 +00:00
Nick Mathewson
c6f2d725d0 r8957@totoro: nickm | 2006-10-08 22:35:17 -0400
The otherwise regrettable MIPSpro C compiler warns about values set but never used, and about mixing enums and ints; these are good warnings, and so should be fixed.  This removes some dead code and some potential bugs. Thanks to pnx.


svn:r8664
2006-10-09 02:35:51 +00:00
Andrew Lewman
563be121c2 Add missing return so this builds on mingw.
svn:r8649
2006-10-08 18:24:31 +00:00
Nick Mathewson
f07f7a7a12 r8923@totoro: nickm | 2006-10-07 11:44:33 -0400
More doxygen comments


svn:r8637
2006-10-07 16:25:28 +00:00
Roger Dingledine
f2bd0e2f16 more minor cleanups
svn:r8630
2006-10-07 06:28:50 +00:00
Roger Dingledine
881d23847a fix something that looked scary to me. i believe this won't
change any behavior currently, but it will avoiding calling
noop code that might change for the worse some time.

nick, please confirm.


svn:r8623
2006-10-07 00:52:23 +00:00
Roger Dingledine
06e5b2283c minor cleanups
svn:r8622
2006-10-07 00:50:39 +00:00
Nick Mathewson
29fa9eb216 r8860@totoro: nickm | 2006-10-03 14:48:33 -0400
Use ANSI-style definition syntax in strlcat.c and strlcpy.c so that gcc stops barfing with -Wold-style-definition


svn:r8591
2006-10-03 19:00:07 +00:00
Nick Mathewson
4c56ac93ca r8851@totoro: nickm | 2006-10-02 18:13:27 -0400
Remove/clarify some XXXs for no longer being accurate; for begin things we do not indend to fix; for already being parts of big todo issues (like "/* XXX ipv6 */"); etc. Also fix some spaces.


svn:r8580
2006-10-02 22:13:42 +00:00
Nick Mathewson
bff83b666c r8846@totoro: nickm | 2006-10-02 16:59:57 -0400
Move is_local_IP to config.c; have it check for same-/24; make it used only for reachability (not for banwidth, because that is probably not what we want). Fixes an XXX.


svn:r8578
2006-10-02 21:00:35 +00:00
Nick Mathewson
d75edc35cc r8845@totoro: nickm | 2006-10-02 16:34:58 -0400
Fix an XXXX: make path_is_relative work on windows even though we never use it there.


svn:r8577
2006-10-02 21:00:24 +00:00
Nick Mathewson
36adc7cdd9 r8844@totoro: nickm | 2006-10-02 16:32:44 -0400
Resolve an XXXX: make sure that we are actually on 2s-complement hardware.


svn:r8576
2006-10-02 21:00:20 +00:00
Nick Mathewson
219ad6395c r8825@totoro: nickm | 2006-10-01 17:41:27 -0400
Add function to return a random uint64_t.


svn:r8570
2006-10-01 21:59:05 +00:00
Nick Mathewson
c2d304366b r9032@Kushana: nickm | 2006-09-29 18:51:42 -0400
Now, all log messages should be distinct.


svn:r8545
2006-09-29 22:51:47 +00:00
Nick Mathewson
7d366f61cb r9025@Kushana: nickm | 2006-09-29 18:33:13 -0400
Differentiate more duplicated log entries


svn:r8542
2006-09-29 22:33:40 +00:00
Nick Mathewson
8308a37908 r9023@Kushana: nickm | 2006-09-29 17:27:24 -0400
Make distinct all non-bug messages at notice or higher that appear 3 or more times.


svn:r8541
2006-09-29 22:33:34 +00:00
Nick Mathewson
87648bdcf8 r9008@Kushana: nickm | 2006-09-29 13:50:10 -0400
Doxygen comments for code in common.  Also simplify a few code paths to be more clear/speedy/correct.


svn:r8536
2006-09-29 18:13:37 +00:00
Nick Mathewson
05604c60d4 r9006@Kushana: nickm | 2006-09-29 10:48:23 -0400
Omit function names from NOTICE, WARN and ERR messages unless they are in LD_BUG.


svn:r8534
2006-09-29 18:13:29 +00:00
Nick Mathewson
d3a06684bc r8974@Kushana: nickm | 2006-09-28 17:05:59 -0400
Improvement to last entry guards patch: track when we last attempted to connect to a node in our state file along with how long it has been unreachable.  Also clarify behavior of parse_iso_time() when it gets extra characters.


svn:r8520
2006-09-28 23:57:49 +00:00
Nick Mathewson
95132f836a r8750@totoro: nickm | 2006-09-27 20:52:01 -0400
Fix some warnings on mingw; hopefully this should let us build on mingw without warnings.


svn:r8509
2006-09-28 00:53:02 +00:00
Nick Mathewson
0f8491a254 Backport candidate: remove dangerous free(0) on hashtable init
svn:r8499
2006-09-25 16:06:09 +00:00
Nick Mathewson
78c068397a add missing paren in dmalloc tor_free
svn:r8498
2006-09-25 15:44:40 +00:00
Nick Mathewson
7c21dabef1 r8878@Kushana: nickm | 2006-09-21 17:15:47 -0400
Trivial whitespace cleanups.


svn:r8443
2006-09-21 21:48:55 +00:00
Nick Mathewson
b2cc52fa02 Speed up eat_whitespace by a lot.
svn:r8434
2006-09-19 23:55:35 +00:00
Nick Mathewson
6b716fdfb9 NEEDS REVIEW. Act on previous comment, and handle named servers differently: now, we allow multiple servers with the same name in the routerlist even if that name is reserved, but we check whether names are reserved when we try to look up routers by nickname. This is a minor security fix. This makes router_add_to_routerlist O(1). This is a backport candidate.
svn:r8433
2006-09-19 23:48:14 +00:00
Nick Mathewson
2d4950c837 Malloc and friends are critical-path: Thus, add an it-wont-happen branch prediction for NULL returns, and skip the malloc(0) check on platforms where malloc(0) returns a pointer.
svn:r8431
2006-09-19 22:36:48 +00:00
Nick Mathewson
7b0ec744bc Switch routerlist.c to using memcmp on digests rather than crypto_pk_cmp_keys(); speed up find_whitespace a lot (8x for me) by using a switch statement. This should speed parsing a lot of routers at once by a lot.
svn:r8430
2006-09-19 22:20:09 +00:00
Nick Mathewson
93beeac01d Merge in some bsockets calls, all wrapped inside #if defined(USE_BSOCKETS)
svn:r8427
2006-09-19 20:41:31 +00:00
Nick Mathewson
e58b9c1151 r8819@Kushana: nickm | 2006-09-15 00:27:45 -0400
Implement a smartlist_uniq() that will with luck not end the world.


svn:r8396
2006-09-15 04:27:58 +00:00
Peter Palfrader
28cac25d7e r9749@danube: weasel | 2006-09-14 06:53:12 +0200
Do not graciously increase the size to be mmaped if the current size already is
 at a page_size boundary.  This is important since if a file has a size of zero
 and we mmap() it with length > 0, then accessing the mmaped memory area causes
 a bus error.  However, if we pass a length of 0 to mmap() it will return with -1
 and things work from there.


svn:r8387
2006-09-14 04:53:42 +00:00
Roger Dingledine
9af3175687 parameterize the loudness of get_interface_address()
svn:r8358
2006-09-09 19:20:27 +00:00
Roger Dingledine
5f6351ceb3 fix typo, add log message
svn:r8357
2006-09-09 19:16:07 +00:00
Nick Mathewson
365ccf0742 r8725@Kushana: nickm | 2006-09-06 04:39:29 -0400
spawn_func fixes: have cpuworker_main and dnsworker_main confirm to the right interfaces [casting func to void* is icky].  Also, make pthread_create() build without warnings.


svn:r8327
2006-09-06 08:42:20 +00:00
Nick Mathewson
000b7b287c r8724@Kushana: nickm | 2006-09-06 04:32:28 -0400
Fix spaces; restore support for mapping files over 4GB on win32 (?)


svn:r8326
2006-09-06 08:42:16 +00:00
Mike Chiussi
6ec9c1092a - made configure check if we are building for win32
- made configure link to required system dll's if building for win32
- added diffs for libevent 1.1b
- forced user to turn off eventdns if win32 is set 
- cleaned up tor_mmap_file()_win32 (not sure if it's stable)
- cleaned up some warnings and typos




svn:r8322
2006-09-06 01:49:55 +00:00
Nick Mathewson
c4ac4bcba3 r8696@Kushana: nickm | 2006-08-31 14:43:44 -0400
Try to appease some warnings with newer gccs that believe that ignoring a return value is okay, but casting a return value and then ignoring it is a sign of madness.


svn:r8312
2006-08-31 18:47:54 +00:00
Nick Mathewson
f170e5798f r8692@Kushana: nickm | 2006-08-31 13:38:07 -0400
Fix bug 327 (part 2): Cast char to unsigned char before passing to toupper/tolower.  (Follow the same idiom as with isupper and friends, in case we run into the same problem on SGI or whereever it was.)


svn:r8310
2006-08-31 17:39:51 +00:00
Nick Mathewson
bc0c39f85d r8691@Kushana: nickm | 2006-08-31 13:30:46 -0400
Fix bug 327 (part 1): Use correct macro to test for GCC 3 or later.


svn:r8309
2006-08-31 17:39:47 +00:00
Nick Mathewson
fee33d2ff1 r8682@Kushana: nickm | 2006-08-29 17:58:59 -0400
Fix compilation on GCC2 by disabling fun attributes unless __GNUC_MAJOR__ >= 3.


svn:r8303
2006-08-29 21:59:20 +00:00
Nick Mathewson
6fcdcc7fc7 r8626@Kushana: nickm | 2006-08-27 23:45:46 -0400
Aw, crap.  Non-gcc bug.  We need regular windows builds.


svn:r8259
2006-08-28 03:46:21 +00:00
Roger Dingledine
9f5856c03d stop three memory leaks. nick, fix these if i'm wrong.
svn:r8235
2006-08-27 02:07:54 +00:00
Nick Mathewson
b050ecf86c r7404@Kushana: nickm | 2006-08-16 09:32:19 -0400
Pass hints to getaddrinfo; fix bug 280 (?)


svn:r7069
2006-08-16 18:47:19 +00:00
Roger Dingledine
4b94dabb53 note a compile warning that we should investigate one day.
svn:r7052
2006-08-14 09:44:54 +00:00
Nick Mathewson
b68ffcc193 r7341@Kushana: nickm | 2006-08-11 00:51:05 -0700
Amazing how much difference adding a ! to all your asserts can make.


svn:r7029
2006-08-11 07:51:34 +00:00
Nick Mathewson
33fc829273 r7337@Kushana: nickm | 2006-08-11 00:42:04 -0700
Only use __builtin_offsetof with gcc 4 or later


svn:r7028
2006-08-11 07:42:11 +00:00
Nick Mathewson
42a5d7a4ba r7335@Kushana: nickm | 2006-08-11 00:13:03 -0700
fix wide lines


svn:r7025
2006-08-11 07:17:16 +00:00
Nick Mathewson
ffab3b48a8 r7326@Kushana: nickm | 2006-08-10 23:50:49 -0700
And another GCC change: predict that tor_frees() are usually real frees, and tor_asserts() usually wont happen. Other test should wait till -fprofile-arcs


svn:r7022
2006-08-11 07:09:35 +00:00
Nick Mathewson
4eddbcf262 r7325@Kushana: nickm | 2006-08-10 23:37:31 -0700
Use gcc offsetof where available.


svn:r7021
2006-08-11 07:09:28 +00:00
Nick Mathewson
09a895e222 r7324@Kushana: nickm | 2006-08-10 23:23:15 -0700
Add more warnings to the list of those we tolerate. Start using GCC attributes more, for better error checking and better code generation.


svn:r7020
2006-08-11 07:09:17 +00:00
Nick Mathewson
1b7ad5aed3 r7030@Kushana: nickm | 2006-08-04 14:46:52 -0700
Close an fd leak on failed mmap()


svn:r6988
2006-08-05 17:53:32 +00:00
Nick Mathewson
7c596c166b r7029@Kushana: nickm | 2006-08-04 14:08:41 -0700
Remove now-spurious size and data arguments from tor_mmap_file


svn:r6987
2006-08-05 17:53:21 +00:00
Nick Mathewson
dbac3fb481 r7028@Kushana: nickm | 2006-08-04 13:10:16 -0700
Make data and size fields visible in tor_mmap_t; hide win magic differently.


svn:r6986
2006-08-05 17:53:08 +00:00
Nick Mathewson
db72fb9cdc r7025@Kushana: nickm | 2006-08-04 12:03:22 -0700
Finish (I hope) windows mmap impl.


svn:r6981
2006-08-04 19:03:40 +00:00
Nick Mathewson
bf72878cad r7012@Kushana: nickm | 2006-08-03 19:21:25 -0700
Add an "mmap handle" type to encapsulate bookkeeping elements of mmap issues; add prelim win32 impl


svn:r6980
2006-08-04 18:32:43 +00:00
Roger Dingledine
e64825126b turn future seg faults into asserts
svn:r6970
2006-08-03 04:23:45 +00:00
Nick Mathewson
80282d8f55 r6993@Kushana: nickm | 2006-07-31 16:19:21 -0400
Interesting how much a ! can change the behavior of an assert.


svn:r6962
2006-07-31 20:19:58 +00:00
Nick Mathewson
ea0f5ec8ad r6980@Kushana: nickm | 2006-07-31 13:18:22 -0400
Add a utility function to verify that a string has been through strlower.


svn:r6959
2006-07-31 18:01:37 +00:00
Nick Mathewson
d934607069 r6979@Kushana: nickm | 2006-07-31 13:16:58 -0400
Add assert_ok functions for strmap and digestmap; use them in unit test code.


svn:r6958
2006-07-31 18:01:27 +00:00
Nick Mathewson
3843b1b3d0 r6978@Kushana: nickm | 2006-07-31 13:16:14 -0400
Add isupper and islower wrappers to compat.h


svn:r6957
2006-07-31 18:01:22 +00:00
Nick Mathewson
2fe537c57a r6958@Kushana: nickm | 2006-07-29 18:54:15 -0400
Looks like we might need a priority queue.


svn:r6953
2006-07-31 17:59:37 +00:00
Nick Mathewson
8786b4b88e Fix a bug in HT_REMOVE.
svn:r6925
2006-07-27 18:35:25 +00:00
Nick Mathewson
45c3a4365f Get better numbers out of HT_REP_OK
svn:r6924
2006-07-27 17:37:37 +00:00
Peter Palfrader
521c006fd5 Remove .cvsignore files from trunk
svn:r6891
2006-07-25 01:00:48 +00:00
Nick Mathewson
6d2eb77555 Whitespace fix
svn:r6816
2006-07-23 07:19:49 +00:00
Nick Mathewson
35960e1162 Add a mem_is_zero function (I think we will need this) and a STRUCT_OFFSET macro (we already need this).
svn:r6810
2006-07-23 05:32:35 +00:00
Nick Mathewson
08a4114abf Another MSVC6 fix. Grnk.
svn:r6802
2006-07-21 14:53:23 +00:00
Nick Mathewson
77c28d112b Hm. We probably should define INT64_MAX if we really want it. (Especially since we only want it on one platform, where, coincidentally, it is not defined.)
svn:r6784
2006-07-18 02:01:32 +00:00
Nick Mathewson
e572d5990c MSVC6 is apparently terrified of unnatural cross-breeding between uint64_t and double, and needs more persuasion than usual to cast one to the other. Issue identified by Frediano Ziglio; patch revised for minimal impact on non-MSVC6 compilers.
svn:r6768
2006-07-17 00:39:05 +00:00
Roger Dingledine
3d79eb52ab stick to nick's nul/null convention
svn:r6763
2006-07-15 19:21:30 +00:00
Nick Mathewson
28a7c8a64c Make compilation work on old MSVCs without GetVertsionEx magic. Patch from Frediano Ziglio.
svn:r6749
2006-07-09 22:29:12 +00:00
Roger Dingledine
fad85f173a when an exit node gets a malformed begin cell, don't complain to
the node operator, since he can't do anything about it.


svn:r6733
2006-07-06 02:44:07 +00:00
Roger Dingledine
12cc290a7d ok, i'm not allowed to say that there. oh well.
svn:r6720
2006-07-04 16:11:35 +00:00
Roger Dingledine
579849f600 fix a misleading function comment
svn:r6717
2006-07-04 15:52:22 +00:00
Roger Dingledine
5dc1e6f788 if we're the server-side of the tls and there are problems,
don't yell as loudly.


svn:r6716
2006-07-04 15:51:59 +00:00
Roger Dingledine
35e95d7783 minor fixes
svn:r6710
2006-07-04 03:25:07 +00:00
Nick Mathewson
05eff35ac6 Harmless: Z_OK is not an acceptable answer to Z_FINISH.
svn:r6701
2006-06-29 11:17:36 +00:00
Nick Mathewson
1cd04abf1a Actually enable mmap. That should improve matters.
svn:r6694
2006-06-28 08:54:32 +00:00
Nick Mathewson
06e09cdd47 Apparently, zlib sometimes reports Z_BUF_ERROR on input exhaustion as well as on running out of output space. This could well fix the assert bug reported by weasel and arma.
svn:r6682
2006-06-24 02:06:52 +00:00
Nick Mathewson
06ffee3b67 Ooh, that could have been bad. Sort digests as digests, not strings.
svn:r6679
2006-06-22 07:29:14 +00:00
Nick Mathewson
e2697a62ac When requesting or serving resources via fingerprint/digest, request and respond in-order, removing duplicates.
svn:r6673
2006-06-21 04:57:12 +00:00
Nick Mathewson
73ada60d64 remove non-germane comment
svn:r6640
2006-06-18 07:37:21 +00:00
Nick Mathewson
f83a628a76 perhaps the reason I rail against cut-and-paste programming so vehemently is that I am so bad at it.
svn:r6638
2006-06-18 07:32:31 +00:00
Nick Mathewson
630e9cd510 Add some incremental encryption wrappers to torgzip code
svn:r6636
2006-06-18 07:24:29 +00:00
Nick Mathewson
af8096815e Add a memdup function to util
svn:r6635
2006-06-18 07:22:36 +00:00
Nick Mathewson
78428dccdb Add smartlist_reverse and smartlist_pop_last.
svn:r6634
2006-06-18 07:21:35 +00:00
Nick Mathewson
1f585987c4 Another escape() fix, for picky sprintfs.
svn:r6579
2006-06-09 17:07:22 +00:00
Nick Mathewson
2936da4c28 Override our notion of printability for esc_for_log. 127 and up are never printable. Take that, locales.
svn:r6578
2006-06-09 15:57:58 +00:00
Roger Dingledine
85d408a573 Bandaid for a seg fault i just got in 0.1.1.20.
More generally, i reopened bug 222. Whee.


svn:r6571
2006-06-09 06:35:45 +00:00
Roger Dingledine
8cf45df230 and now the exciting part: there is now no such thing as doing
a client-only tls, that is, one with no certs.


svn:r6558
2006-06-07 06:21:11 +00:00
Roger Dingledine
0bfef523df simplify the tortls api: we only support being a "server", that
is, even tor clients do the same sort of handshake.

this has been true for years, so it's best to get rid of the
stale code.


svn:r6557
2006-06-07 06:10:54 +00:00
Roger Dingledine
7512be0b65 looks like we missed a piece of the 0.1.1.9 paranoia code.
hopefully this change is a no-op.


svn:r6556
2006-06-07 02:57:23 +00:00
Roger Dingledine
45065f1466 simplify code now that libevent considers all sockets pollable.
what we really mean now is ">= 0", which is clearer to test for.


svn:r6543
2006-06-05 09:08:10 +00:00
Roger Dingledine
266afcd7d5 bandaid for bug 299. this is still a bug, since we don't
initialize for hardware acceleration in certain configurations;
but not critical until that is supported.


svn:r6536
2006-06-05 04:29:03 +00:00
Nick Mathewson
853e2d99b6 Add a new warning to our "warn a lot" list: unused parameters. This means we have to explicitly "use" unuseds, but it can catch bugs. (It caught two coding mistakes so far.)
svn:r6532
2006-06-04 22:42:13 +00:00
Nick Mathewson
c660a0f6a2 More DNS fixes. Send meaningful TTLs back to the client when
possible.  Cache at the server side independently from the TTL, to
prevent attackers from probing the server to see who has been asking
for what hostnames.  (Hi, Dan Kaminski!)

Also, clean some whitespace.


svn:r6526
2006-06-03 21:41:14 +00:00
Nick Mathewson
86da3e0a0a Patch based on post by Mike C to or-dev; special-case based on use of MSVC, rather than on MS_WINDOWS, so that mingw builds.
svn:r6523
2006-06-03 18:52:31 +00:00
Nick Mathewson
64d487a2d6 Add a basic mmap function, with a "fake-it" wrapper to do read_file_from_str instead. Based on code from Michael Mohr.
svn:r6510
2006-05-28 16:54:39 +00:00
Roger Dingledine
7f611f4732 if we're a server and some peer has a broken tls certificate, don't
shout about it unless we want to hear about protocol violations.


svn:r6507
2006-05-26 16:32:16 +00:00
Roger Dingledine
731f4086c0 resolve an unused variable
svn:r6503
2006-05-26 13:51:45 +00:00
Roger Dingledine
a4cdb834b9 Stop being picky about what the arguments to mapaddress look like.
we were refusing names that had $ in them, which people who specify
$key.exit will be sad about. There are likely other examples.
If people can think of reasons why we should be picky, let me know.


svn:r6496
2006-05-25 20:06:09 +00:00
Roger Dingledine
36712a443b Stop initializing the hardware accelerator engines simply because
we overloaded the meaning of the argument to crypto_global_init().


svn:r6490
2006-05-24 00:37:38 +00:00
Roger Dingledine
67a885ecac Claim a commonname of Tor, rather than TOR, in tls handshakes.
Maybe this will help us win the war of names.


svn:r6489
2006-05-24 00:21:55 +00:00
Nick Mathewson
89a8411ace Throw out this UNALIGNED_INT_ACCESS_OK nonsense. Even where it works, it is often way way slower than doing the right thing. Backport candidate.
svn:r6473
2006-05-23 08:23:03 +00:00
Peter Palfrader
f7ba9d77e4 All these headers we get via torint.h
svn:r6452
2006-05-10 10:24:17 +00:00
Nick Mathewson
8a13a7cfe8 mainline branch. Remove some more dead XXXs.
svn:r6401
2006-04-18 03:58:42 +00:00
Nick Mathewson
1fbc74661f Remove DER64 functions in trunk: they will never be used again unless the directory authorities switch back to 0.0.9tooearly.
svn:r6376
2006-04-10 21:23:00 +00:00
Roger Dingledine
7e3a98b489 "" is not a plausible address for addressmaps.
svn:r6299
2006-04-03 00:26:51 +00:00
Peter Palfrader
1fa7b3cef7 Avoid warnings about machine/limits.h on Debian GNU/kFreeBSD
svn:r6271
2006-03-29 05:14:12 +00:00
Roger Dingledine
0543900fbf clean up the traces from tracking the 0.1.1.9-alpha stack-smashing bug.
svn:r6240
2006-03-26 06:47:51 +00:00
Roger Dingledine
7871ad9116 failing in a support function is a warn, not an err.
svn:r6239
2006-03-26 06:47:08 +00:00
Nick Mathewson
6d9632ba23 Check return value from GetVersionEx (even though the MSDN example doesnt) and zero out the LPOSVERSIONINFOEX struct before getting the version. This may fix the "johnboy" [major=-858993460,minor=-858993460] problem.
svn:r6233
2006-03-24 05:26:33 +00:00
Nick Mathewson
15e5cf6088 Fix memory leak when uncompressing concatenated zlib streams. Unit tests and tor client work; looks ok.
svn:r6211
2006-03-21 20:31:27 +00:00
Roger Dingledine
6449e2f6d6 ok, commenting that out broke things real bad.
leave it, and accept the memory leak for now.


svn:r6201
2006-03-20 02:13:35 +00:00
Roger Dingledine
54ced294df Resolve a memory leak on clients. This disables some
functionality that we might still want. Nick?


svn:r6200
2006-03-20 00:52:22 +00:00
Nick Mathewson
0f0e14c6e3 normalize whitespace.
svn:r6173
2006-03-17 04:43:37 +00:00
Roger Dingledine
0e62befab8 add tor_strisprint() back in, this time with comments.
svn:r6170
2006-03-15 23:35:55 +00:00
Roger Dingledine
4cd4353847 and remove now-extraneous function
svn:r6168
2006-03-15 19:17:46 +00:00
Nick Mathewson
0bc19dddf5 Use INLINE (which we define) instead of __inline (which is nonstandard) in ht.h. Resolves bug 270; maybe sun C will work now.
svn:r6153
2006-03-13 15:09:49 +00:00
Nick Mathewson
daea6b21a5 Fix bug in close_logs(): when we close and delete logs, remove them all from the global "logfiles" list. This should fix bug 222.
svn:r6145
2006-03-13 00:54:21 +00:00
Nick Mathewson
0c132ee2a1 Instead of listing a set of compilers that prefers __func__ to __FUNCTION__, use autoconf. Also, prefer __func__ in our own code: __func__ is a C99 standard, whereas __FUNCTION__ is not. [Fixes bug 254.]
svn:r6144
2006-03-13 00:25:36 +00:00
Nick Mathewson
bd8ffccae7 More cleanups noticed by weasel; also, remove macros that nobody uses.
svn:r6143
2006-03-12 23:31:16 +00:00
Nick Mathewson
4d3e709c4b Use escaped() for remaining cases.
svn:r6117
2006-03-11 02:21:30 +00:00
Roger Dingledine
a385b0087f fix infinite loop
svn:r6090
2006-03-06 20:01:46 +00:00
Nick Mathewson
5777ee0e1a Add some functions to escape values from the network before sending them to the log. Use them everywhere except for routerinfo->plaftorm, routerinfo->contact_info, and rend*.c. (need sleep now)
svn:r6087
2006-03-05 09:50:26 +00:00
Nick Mathewson
6a4e304d9e Allow private:* in routerdescs; not generated yet (because older Tors do not understand it); needs testing.
svn:r6086
2006-03-05 05:27:59 +00:00
Peter Palfrader
42f14e8e10 Add function names to log_* on non-gcc
svn:r6039
2006-02-18 07:18:14 +00:00
Peter Palfrader
4f5e607389 Finish log function renaming for non-GNUC systems
svn:r6034
2006-02-18 02:11:48 +00:00
Roger Dingledine
6ce36ead42 Start the process of converting warn to log_warn and so on.
This is needed because Windows already has an err() that we
can't clobber. And we need to be able to make the log functions
a macro so we can print the function's name in the log entry.


svn:r6000
2006-02-13 08:01:59 +00:00
Nick Mathewson
2cc66125b8 try to fix bug with spurious "everything is broken" warning
svn:r5994
2006-02-13 00:26:43 +00:00
Nick Mathewson
dba155ecff Generate 18.0.0.0/8 address policy format in descs when we can; warn when the mask is not reducible to a bit-prefix.
svn:r5991
2006-02-12 23:58:22 +00:00
Roger Dingledine
b99f903e34 and don't warn when it happens here either, unless the user
wants to hear it.


svn:r5990
2006-02-12 23:44:02 +00:00
Roger Dingledine
53c54b75c9 Correct a function comment. Nick: is this right?
svn:r5989
2006-02-12 23:34:03 +00:00
Roger Dingledine
5f051574d5 Happy new year!
svn:r5949
2006-02-09 05:46:49 +00:00
Roger Dingledine
28f3765b5a and maybe some function documentation will help too
svn:r5935
2006-02-09 02:59:37 +00:00
Roger Dingledine
6f579deff4 check for EADDRINUSE in a cross-platform way (unless i'm wrong)
svn:r5899
2006-02-03 12:25:46 +00:00
Roger Dingledine
418dc7b16e I believe this resolves bug 234, the mysterious crash on 0.1.1.9
and later servers. I'm not sure yet, but better to have it in CVS
while we speculate that it's the fix.


svn:r5895
2006-02-02 10:10:07 +00:00
Peter Palfrader
dbf2e10460 Apply Matt Ghali's --with-syslog-facility patch
svn:r5883
2006-02-01 02:15:44 +00:00
Roger Dingledine
f1864dfff3 On systems that don't have getrlimit (like windows), we were artificially
constraining ourselves to a max of 1024 connections. Now if there is no
getrlimit, just assume that we can handle the whole 15000 connections.

The better answer is to find a getrlimit equivalent on Windows, but hey,
one step at a time.


svn:r5854
2006-01-23 23:39:13 +00:00
Nick Mathewson
45757dafb7 Split PARANOIA_B into B1 and B2.
svn:r5849
2006-01-22 18:22:04 +00:00
Nick Mathewson
241310bbac Split 0119_PARANOIA into 0119_PARANOIA_[ABC]. A is "this is suspicious, and we have not tried running without this yet". B is "this is suspicious, but the last time we tested, it was okay." C is "How could this possibly be the cause?"
svn:r5840
2006-01-17 23:08:38 +00:00
Nick Mathewson
099b9ce2f9 Fix bug 230: add a rollback function to reverse all changes since the last mark_logs_temp(), and move log initialization into the two-phase part of option setting.
svn:r5803
2006-01-11 19:40:14 +00:00
Nick Mathewson
55ac4f032c Add a (diabled by default) option in crypto.h to disable most of the interesting crypto-related changes made on 0.1.1.9. This will help hunt bug 234.
svn:r5777
2006-01-10 21:12:06 +00:00
Nick Mathewson
7fc62029d4 Refuse to use RunAsDaemon when torrc is a relative path. Fixes bug 229.
svn:r5767
2006-01-10 20:00:20 +00:00
Roger Dingledine
a45b131590 check for integer overflows in more places, when adding elements to
smartlists. this could possibly prevent a buffer overflow on malicious
huge inputs. i don't see any, but i haven't looked carefully.


svn:r5695
2006-01-02 04:40:18 +00:00
Nick Mathewson
0da2069643 Clearner fix for timegm assert problem.
svn:r5690
2006-01-01 23:13:19 +00:00
Nick Mathewson
04db9de847 Fix assertion-trigger bug found by sjmurdoch
svn:r5689
2006-01-01 23:09:19 +00:00
Roger Dingledine
6005e110b9 whitespace fixes
svn:r5682
2005-12-31 06:26:10 +00:00
Nick Mathewson
9482b1b9d5 Choose directory servers from routerstatus list, not from routerinfo list. This way, as soon was we have a networkstatus, we can ask a cache to give us routers, rather than needing to ask the directories.
svn:r5586
2005-12-14 22:00:58 +00:00
Nick Mathewson
7e6a41af93 Make hashtables use a little less space on 64-bit architectures.
svn:r5585
2005-12-14 21:10:06 +00:00
Nick Mathewson
1af630d32c Bite the bullet and limit all our source lines to 80 characters, the way IBM intended.
svn:r5582
2005-12-14 20:40:40 +00:00
Roger Dingledine
9b0a40ec78 crank the max line limit down to 150 chars.
svn:r5550
2005-12-10 08:27:01 +00:00
Nick Mathewson
a1bcdb2f76 util.c:1308: error: conflicting types for "is_internal_IP"
svn:r5545
2005-12-09 05:15:36 +00:00
Roger Dingledine
c0a6e2232c let is_internal_IP() know whether you're asking about an IP
address for connecting or an IP address for binding, because
in the latter, 0.0.0.0 is a special case.


svn:r5543
2005-12-09 02:45:33 +00:00
Nick Mathewson
e9b66ec906 Document CREATE_FAST better in the code. Move our key expansion algorithm into a separate function in crypto.c
svn:r5530
2005-12-08 17:38:32 +00:00
Nick Mathewson
cf5facf3e1 Do not free a constant string.
svn:r5527
2005-12-08 04:01:37 +00:00
Roger Dingledine
130d0e4d1d fix typo noticed by scrimbly
svn:r5522
2005-12-07 19:49:18 +00:00
Roger Dingledine
485b2cb4dc get rid of nick's crazy voodoo dh checking.
svn:r5518
2005-12-06 23:09:44 +00:00
Peter Palfrader
1bf56b452e Remove superfluous strdup
svn:r5503
2005-12-05 01:30:11 +00:00
Peter Palfrader
7a70a142f4 Also print usernames, not just numeric UIDs when we tell the user that his data directory has the wrong owner
svn:r5502
2005-12-05 01:28:10 +00:00
Roger Dingledine
8b0f1f029c give a hint when people are running tor as the wrong user, rather than
telling them to start chowning random directories.


svn:r5500
2005-12-05 01:07:58 +00:00
Nick Mathewson
ce3cdecb9d Make more arguments const; do not call hash tables trees.
svn:r5487
2005-12-03 02:00:51 +00:00
Nick Mathewson
4a0b6af935 Ive spent about 10 hours benchmarking permutations on our counter-mode implementation. This is the one that flies. (Avoid OpenSSL; optimizze rijndael calling convention to avoid needing to marshall and unmarshall counter.) This should speed up cell encryption by about 27%.
svn:r5486
2005-12-01 18:30:39 +00:00
Roger Dingledine
a6da372000 and its header
svn:r5478
2005-11-30 22:23:27 +00:00
Roger Dingledine
923ad87470 remove another unused function
svn:r5477
2005-11-30 22:19:02 +00:00
Roger Dingledine
77a425d8b2 Remove some functions that were around for hupping log files. We handle
them already in do_hup() by marking our log files as temporary and then
rotating them in options_init_from_torrc().


svn:r5473
2005-11-30 06:45:30 +00:00
Nick Mathewson
d56a65c497 Fix some verbose warnings and remove an unneeded include.
svn:r5472
2005-11-30 06:38:41 +00:00
Nick Mathewson
9cec3a13f5 remove some functions that are not used; #if0 out some files that are not likely to be used.
svn:r5471
2005-11-30 06:27:59 +00:00
Nick Mathewson
6b49a93bd5 Move code to check for zero digests into util.c
svn:r5468
2005-11-30 02:47:59 +00:00
Nick Mathewson
72cb64406a HT_NEXT invalidates the last iterator; fix rmv-related segfault.
svn:r5458
2005-11-26 00:42:25 +00:00
Roger Dingledine
b6b1b4f283 Bandaid workaround to make cvs not crash tor clients.
This is not a real fix. I didn't look at the rest of the code.
Nick?


svn:r5455
2005-11-25 02:16:10 +00:00
Nick Mathewson
05482a0899 Add functions to return number of elts in associative containers
svn:r5448
2005-11-23 07:48:13 +00:00