571 Commits

Author	SHA1	Message	Date
Nick Mathewson	fdafe11a25	Give an #error when we want threads and OpenSSL has disabled threads ... Fixes ticket 6673.	2013-03-11 13:23:10 -04:00
Nick Mathewson	55ce9bff54	Remove unused check_fingerprint_syntax	2013-03-01 22:01:26 -05:00
Nick Mathewson	a05dc378e3	Remove unused HMAC-SHA1 function ... (We're not adding any new SHA1 instances in our protocols, so this should never actually be needed.)	2013-03-01 21:59:12 -05:00
Nick Mathewson	a4e9d67292	Remove some functions which were unused except for their tests	2013-02-23 23:38:43 -05:00
Nick Mathewson	365e302f61	Remove a bunch of unused macro definitions	2013-02-23 23:05:25 -05:00
Nick Mathewson	8cdd8b8353	Fix numerous problems with Tor's weak RNG. ... We need a weak RNG in a couple of places where the strong RNG is both needless and too slow. We had been using the weak RNG from our platform's libc implementation, but that was problematic (because many platforms have exceptionally horrible weak RNGs -- like, ones that only return values between 0 and SHORT_MAX) and because we were using it in a way that was wrong for LCG-based weak RNGs. (We were counting on the low bits of the LCG output to be as random as the high ones, which isn't true.) This patch adds a separate type for a weak RNG, adds an LCG implementation for it, and uses that exclusively where we had been using the platform weak RNG.	2013-02-08 16:28:05 -05:00
Nick Mathewson	7301339e33	fix wide lines from tor_log rename	2013-02-01 16:19:02 -05:00
Nick Mathewson	a141430ec3	Rename log() to tor_log() for logging ... This is meant to avoid conflict with the built-in log() function in math.h. It resolves ticket 7599. First reported by dhill. This was generated with the following perl script: #!/usr/bin/perl -w -i -p s/\blog\(LOG_(ERR|WARN|NOTICE|INFO|DEBUG)\s*,\s*/log_\L$1\(/g; s/\blog\(/tor_log\(/g;	2013-02-01 15:43:37 -05:00
Nick Mathewson	e0581a4b57	Replace base-{16,32,64} with base{16,32,64} in the code ... Patch from onizuka generated with find ./ -type f -perm -u+rw -exec sed -ri 's/(Base)-(16|32|64)/\1\2/gi' {} \; Fixes issue 6875 on Tor.	2013-01-17 16:08:28 -05:00
Nick Mathewson	b998431a33	Merge branch '024_msvc_squashed' ... Conflicts: src/or/or.h srcwin32/orconfig.h	2013-01-16 22:32:12 -05:00
Nick Mathewson	5e06c4ee32	When building with MSVC, call every enum bitfield unsigned ... Fixes bug 7305.	2013-01-16 22:29:39 -05:00
Nick Mathewson	4da083db3b	Update the copyright date to 201.	2013-01-16 01:54:56 -05:00
Nick Mathewson	b1bdecd703	Merge branch 'ntor-resquashed' ... Conflicts: src/or/cpuworker.c src/or/or.h src/test/bench.c	2013-01-03 11:52:41 -05:00
Nick Mathewson	25c05cb747	Refactor strong os-RNG into its own function ... Previously, we only used the strong OS entropy source as part of seeding OpenSSL's RNG. But with curve25519, we'll have occasion to want to generate some keys using extremely-good entopy, as well as the means to do so. So let's! This patch refactors the OS-entropy wrapper into its own crypto_strongest_rand() function, and makes our new curve25519_secret_key_generate function try it as appropriate.	2013-01-02 14:11:13 -05:00
Sebastian Hahn	11e8a445c3	Fix a couple of harmless clang3.2 warnings	2012-12-31 18:23:28 +01:00
Nick Mathewson	6921d1fd25	Implement HKDF from RFC5869 ... This is a customizable extract-and-expand HMAC-KDF for deriving keys. It derives from RFC5869, which derives its rationale from Krawczyk, H., "Cryptographic Extraction and Key Derivation: The HKDF Scheme", Proceedings of CRYPTO 2010, 2010, <http://eprint.iacr.org/2010/264>. I'm also renaming the existing KDF, now that Tor has two of them. This is the key derivation scheme specified in ntor. There are also unit tests.	2012-12-06 01:54:09 -05:00
Nick Mathewson	3c3084e165	Add a crypto_dh_dup, for benchmark support	2012-12-06 01:54:09 -05:00
Nick Mathewson	e6828ea634	Refer to RFC 4648 instead of the obsolete RFC 3548 ... Affects comments only. For ticket 6849.	2012-11-23 09:51:35 -05:00
Nick Mathewson	81deddb08c	Merge remote-tracking branch 'origin/maint-0.2.3' ... Conflicts: src/common/crypto.c src/or/rendservice.c	2012-11-08 16:48:04 -05:00
Nick Mathewson	49dd5ef3a3	Add and use and unlikely-to-be-eliminated memwipe() ... Apparently some compilers like to eliminate memset() operations on data that's about to go out-of-scope. I've gone with the safest possible replacement, which might be a bit slow. I don't think this is critical path in any way that will affect performance, but if it is, we can work on that in 0.2.4. Fixes bug 7352.	2012-11-08 16:44:50 -05:00
Nick Mathewson	56c0baa523	Rename all reserved C identifiers we defined ... For everything we declare that starts with _, make it end with _ instead. This is a machine-generated patch. To make it, start by getting the list of reserved identifiers using: git ls-tree -r --name-only HEAD | grep '\.[ch]$' | \ xargs ctags --c-kinds=defglmpstuvx -o - | grep '^_' | \ cut -f 1 | sort| uniq You might need gnu ctags. Then pipe the output through this script: ============================== use strict; BEGIN { print "#!/usr/bin/perl -w -i -p\n\n"; } chomp; next if ( /^__attribute__/ or /^__func__/ or /^_FILE_OFFSET_BITS/ or /^_FORTIFY_SOURCE/ or /^_GNU_SOURCE/ or /^_WIN32/ or /^_DARWIN_UNLIMITED/ or /^_FILE_OFFSET_BITS/ or /^_LARGEFILE64_SOURCE/ or /^_LFS64_LARGEFILE/ or /^__cdecl/ or /^__attribute__/ or /^__func__/ or /^_WIN32_WINNT/); my $ident = $_; my $better = $ident; $better =~ s/^_//; $better = "${better}_"; print "s/(?<![A-Za-z0-9_])$ident(?![A-Za-z0-9_])/$better/g;\n"; ============================== Then run the resulting script on all the files you want to change. (That is, all the C except that in src/ext.) The resulting script was: ============================== s/(?<![A-Za-z0-9_])_address(?![A-Za-z0-9_])/address_/g; s/(?<![A-Za-z0-9_])_aes_fill_buf(?![A-Za-z0-9_])/aes_fill_buf_/g; s/(?<![A-Za-z0-9_])_AllowInvalid(?![A-Za-z0-9_])/AllowInvalid_/g; s/(?<![A-Za-z0-9_])_AP_CONN_STATE_MAX(?![A-Za-z0-9_])/AP_CONN_STATE_MAX_/g; s/(?<![A-Za-z0-9_])_AP_CONN_STATE_MIN(?![A-Za-z0-9_])/AP_CONN_STATE_MIN_/g; s/(?<![A-Za-z0-9_])_assert_cache_ok(?![A-Za-z0-9_])/assert_cache_ok_/g; s/(?<![A-Za-z0-9_])_A_UNKNOWN(?![A-Za-z0-9_])/A_UNKNOWN_/g; s/(?<![A-Za-z0-9_])_base(?![A-Za-z0-9_])/base_/g; s/(?<![A-Za-z0-9_])_BridgePassword_AuthDigest(?![A-Za-z0-9_])/BridgePassword_AuthDigest_/g; s/(?<![A-Za-z0-9_])_buffer_stats_compare_entries(?![A-Za-z0-9_])/buffer_stats_compare_entries_/g; s/(?<![A-Za-z0-9_])_chan_circid_entries_eq(?![A-Za-z0-9_])/chan_circid_entries_eq_/g; s/(?<![A-Za-z0-9_])_chan_circid_entry_hash(?![A-Za-z0-9_])/chan_circid_entry_hash_/g; s/(?<![A-Za-z0-9_])_check_no_tls_errors(?![A-Za-z0-9_])/check_no_tls_errors_/g; s/(?<![A-Za-z0-9_])_c_hist_compare(?![A-Za-z0-9_])/c_hist_compare_/g; s/(?<![A-Za-z0-9_])_circ(?![A-Za-z0-9_])/circ_/g; s/(?<![A-Za-z0-9_])_circuit_get_global_list(?![A-Za-z0-9_])/circuit_get_global_list_/g; s/(?<![A-Za-z0-9_])_circuit_mark_for_close(?![A-Za-z0-9_])/circuit_mark_for_close_/g; s/(?<![A-Za-z0-9_])_CIRCUIT_PURPOSE_C_MAX(?![A-Za-z0-9_])/CIRCUIT_PURPOSE_C_MAX_/g; s/(?<![A-Za-z0-9_])_CIRCUIT_PURPOSE_MAX(?![A-Za-z0-9_])/CIRCUIT_PURPOSE_MAX_/g; s/(?<![A-Za-z0-9_])_CIRCUIT_PURPOSE_MIN(?![A-Za-z0-9_])/CIRCUIT_PURPOSE_MIN_/g; s/(?<![A-Za-z0-9_])_CIRCUIT_PURPOSE_OR_MAX(?![A-Za-z0-9_])/CIRCUIT_PURPOSE_OR_MAX_/g; s/(?<![A-Za-z0-9_])_CIRCUIT_PURPOSE_OR_MIN(?![A-Za-z0-9_])/CIRCUIT_PURPOSE_OR_MIN_/g; s/(?<![A-Za-z0-9_])_cmp_int_strings(?![A-Za-z0-9_])/cmp_int_strings_/g; s/(?<![A-Za-z0-9_])_compare_cached_resolves_by_expiry(?![A-Za-z0-9_])/compare_cached_resolves_by_expiry_/g; s/(?<![A-Za-z0-9_])_compare_digests(?![A-Za-z0-9_])/compare_digests_/g; s/(?<![A-Za-z0-9_])_compare_digests256(?![A-Za-z0-9_])/compare_digests256_/g; s/(?<![A-Za-z0-9_])_compare_dir_src_ents_by_authority_id(?![A-Za-z0-9_])/compare_dir_src_ents_by_authority_id_/g; s/(?<![A-Za-z0-9_])_compare_duration_idx(?![A-Za-z0-9_])/compare_duration_idx_/g; s/(?<![A-Za-z0-9_])_compare_int(?![A-Za-z0-9_])/compare_int_/g; s/(?<![A-Za-z0-9_])_compare_networkstatus_v2_published_on(?![A-Za-z0-9_])/compare_networkstatus_v2_published_on_/g; s/(?<![A-Za-z0-9_])_compare_old_routers_by_identity(?![A-Za-z0-9_])/compare_old_routers_by_identity_/g; s/(?<![A-Za-z0-9_])_compare_orports(?![A-Za-z0-9_])/compare_orports_/g; s/(?<![A-Za-z0-9_])_compare_pairs(?![A-Za-z0-9_])/compare_pairs_/g; s/(?<![A-Za-z0-9_])_compare_routerinfo_by_id_digest(?![A-Za-z0-9_])/compare_routerinfo_by_id_digest_/g; s/(?<![A-Za-z0-9_])_compare_routerinfo_by_ip_and_bw(?![A-Za-z0-9_])/compare_routerinfo_by_ip_and_bw_/g; s/(?<![A-Za-z0-9_])_compare_signed_descriptors_by_age(?![A-Za-z0-9_])/compare_signed_descriptors_by_age_/g; s/(?<![A-Za-z0-9_])_compare_string_ptrs(?![A-Za-z0-9_])/compare_string_ptrs_/g; s/(?<![A-Za-z0-9_])_compare_strings_for_pqueue(?![A-Za-z0-9_])/compare_strings_for_pqueue_/g; s/(?<![A-Za-z0-9_])_compare_strs(?![A-Za-z0-9_])/compare_strs_/g; s/(?<![A-Za-z0-9_])_compare_tor_version_str_ptr(?![A-Za-z0-9_])/compare_tor_version_str_ptr_/g; s/(?<![A-Za-z0-9_])_compare_vote_rs(?![A-Za-z0-9_])/compare_vote_rs_/g; s/(?<![A-Za-z0-9_])_compare_votes_by_authority_id(?![A-Za-z0-9_])/compare_votes_by_authority_id_/g; s/(?<![A-Za-z0-9_])_compare_without_first_ch(?![A-Za-z0-9_])/compare_without_first_ch_/g; s/(?<![A-Za-z0-9_])_connection_free(?![A-Za-z0-9_])/connection_free_/g; s/(?<![A-Za-z0-9_])_connection_mark_and_flush(?![A-Za-z0-9_])/connection_mark_and_flush_/g; s/(?<![A-Za-z0-9_])_connection_mark_for_close(?![A-Za-z0-9_])/connection_mark_for_close_/g; s/(?<![A-Za-z0-9_])_connection_mark_unattached_ap(?![A-Za-z0-9_])/connection_mark_unattached_ap_/g; s/(?<![A-Za-z0-9_])_connection_write_to_buf_impl(?![A-Za-z0-9_])/connection_write_to_buf_impl_/g; s/(?<![A-Za-z0-9_])_ConnLimit(?![A-Za-z0-9_])/ConnLimit_/g; s/(?<![A-Za-z0-9_])_CONN_TYPE_MAX(?![A-Za-z0-9_])/CONN_TYPE_MAX_/g; s/(?<![A-Za-z0-9_])_CONN_TYPE_MIN(?![A-Za-z0-9_])/CONN_TYPE_MIN_/g; s/(?<![A-Za-z0-9_])_CONTROL_CONN_STATE_MAX(?![A-Za-z0-9_])/CONTROL_CONN_STATE_MAX_/g; s/(?<![A-Za-z0-9_])_CONTROL_CONN_STATE_MIN(?![A-Za-z0-9_])/CONTROL_CONN_STATE_MIN_/g; s/(?<![A-Za-z0-9_])_CPUWORKER_STATE_MAX(?![A-Za-z0-9_])/CPUWORKER_STATE_MAX_/g; s/(?<![A-Za-z0-9_])_CPUWORKER_STATE_MIN(?![A-Za-z0-9_])/CPUWORKER_STATE_MIN_/g; s/(?<![A-Za-z0-9_])_crypto_dh_get_dh(?![A-Za-z0-9_])/crypto_dh_get_dh_/g; s/(?<![A-Za-z0-9_])_crypto_global_initialized(?![A-Za-z0-9_])/crypto_global_initialized_/g; s/(?<![A-Za-z0-9_])_crypto_new_pk_from_rsa(?![A-Za-z0-9_])/crypto_new_pk_from_rsa_/g; s/(?<![A-Za-z0-9_])_crypto_pk_get_evp_pkey(?![A-Za-z0-9_])/crypto_pk_get_evp_pkey_/g; s/(?<![A-Za-z0-9_])_crypto_pk_get_rsa(?![A-Za-z0-9_])/crypto_pk_get_rsa_/g; s/(?<![A-Za-z0-9_])_DIR_CONN_STATE_MAX(?![A-Za-z0-9_])/DIR_CONN_STATE_MAX_/g; s/(?<![A-Za-z0-9_])_DIR_CONN_STATE_MIN(?![A-Za-z0-9_])/DIR_CONN_STATE_MIN_/g; s/(?<![A-Za-z0-9_])_DIR_PURPOSE_MAX(?![A-Za-z0-9_])/DIR_PURPOSE_MAX_/g; s/(?<![A-Za-z0-9_])_DIR_PURPOSE_MIN(?![A-Za-z0-9_])/DIR_PURPOSE_MIN_/g; s/(?<![A-Za-z0-9_])_dirreq_map_get(?![A-Za-z0-9_])/dirreq_map_get_/g; s/(?<![A-Za-z0-9_])_dirreq_map_put(?![A-Za-z0-9_])/dirreq_map_put_/g; s/(?<![A-Za-z0-9_])_dns_randfn(?![A-Za-z0-9_])/dns_randfn_/g; s/(?<![A-Za-z0-9_])_dummy(?![A-Za-z0-9_])/dummy_/g; s/(?<![A-Za-z0-9_])_edge(?![A-Za-z0-9_])/edge_/g; s/(?<![A-Za-z0-9_])_END_CIRC_REASON_MAX(?![A-Za-z0-9_])/END_CIRC_REASON_MAX_/g; s/(?<![A-Za-z0-9_])_END_CIRC_REASON_MIN(?![A-Za-z0-9_])/END_CIRC_REASON_MIN_/g; s/(?<![A-Za-z0-9_])_EOF(?![A-Za-z0-9_])/EOF_/g; s/(?<![A-Za-z0-9_])_ERR(?![A-Za-z0-9_])/ERR_/g; s/(?<![A-Za-z0-9_])_escaped_val(?![A-Za-z0-9_])/escaped_val_/g; s/(?<![A-Za-z0-9_])_evdns_log(?![A-Za-z0-9_])/evdns_log_/g; s/(?<![A-Za-z0-9_])_evdns_nameserver_add_impl(?![A-Za-z0-9_])/evdns_nameserver_add_impl_/g; s/(?<![A-Za-z0-9_])_EVENT_MAX(?![A-Za-z0-9_])/EVENT_MAX_/g; s/(?<![A-Za-z0-9_])_EVENT_MIN(?![A-Za-z0-9_])/EVENT_MIN_/g; s/(?<![A-Za-z0-9_])_ExcludeExitNodesUnion(?![A-Za-z0-9_])/ExcludeExitNodesUnion_/g; s/(?<![A-Za-z0-9_])_EXIT_CONN_STATE_MAX(?![A-Za-z0-9_])/EXIT_CONN_STATE_MAX_/g; s/(?<![A-Za-z0-9_])_EXIT_CONN_STATE_MIN(?![A-Za-z0-9_])/EXIT_CONN_STATE_MIN_/g; s/(?<![A-Za-z0-9_])_EXIT_PURPOSE_MAX(?![A-Za-z0-9_])/EXIT_PURPOSE_MAX_/g; s/(?<![A-Za-z0-9_])_EXIT_PURPOSE_MIN(?![A-Za-z0-9_])/EXIT_PURPOSE_MIN_/g; s/(?<![A-Za-z0-9_])_extrainfo_free(?![A-Za-z0-9_])/extrainfo_free_/g; s/(?<![A-Za-z0-9_])_find_by_keyword(?![A-Za-z0-9_])/find_by_keyword_/g; s/(?<![A-Za-z0-9_])_free_cached_dir(?![A-Za-z0-9_])/free_cached_dir_/g; s/(?<![A-Za-z0-9_])_free_cached_resolve(?![A-Za-z0-9_])/free_cached_resolve_/g; s/(?<![A-Za-z0-9_])_free_duplicate_routerstatus_entry(?![A-Za-z0-9_])/free_duplicate_routerstatus_entry_/g; s/(?<![A-Za-z0-9_])_free_link_history(?![A-Za-z0-9_])/free_link_history_/g; s/(?<![A-Za-z0-9_])_geoip_compare_entries(?![A-Za-z0-9_])/geoip_compare_entries_/g; s/(?<![A-Za-z0-9_])_geoip_compare_key_to_entry(?![A-Za-z0-9_])/geoip_compare_key_to_entry_/g; s/(?<![A-Za-z0-9_])_hex_decode_digit(?![A-Za-z0-9_])/hex_decode_digit_/g; s/(?<![A-Za-z0-9_])_idxplus1(?![A-Za-z0-9_])/idxplus1_/g; s/(?<![A-Za-z0-9_])__libc_enable_secure(?![A-Za-z0-9_])/_libc_enable_secure_/g; s/(?<![A-Za-z0-9_])_log_debug(?![A-Za-z0-9_])/log_debug_/g; s/(?<![A-Za-z0-9_])_log_err(?![A-Za-z0-9_])/log_err_/g; s/(?<![A-Za-z0-9_])_log_fn(?![A-Za-z0-9_])/log_fn_/g; s/(?<![A-Za-z0-9_])_log_fn_function_name(?![A-Za-z0-9_])/log_fn_function_name_/g; s/(?<![A-Za-z0-9_])_log_global_min_severity(?![A-Za-z0-9_])/log_global_min_severity_/g; s/(?<![A-Za-z0-9_])_log_info(?![A-Za-z0-9_])/log_info_/g; s/(?<![A-Za-z0-9_])_log_notice(?![A-Za-z0-9_])/log_notice_/g; s/(?<![A-Za-z0-9_])_log_prefix(?![A-Za-z0-9_])/log_prefix_/g; s/(?<![A-Za-z0-9_])_log_warn(?![A-Za-z0-9_])/log_warn_/g; s/(?<![A-Za-z0-9_])_magic(?![A-Za-z0-9_])/magic_/g; s/(?<![A-Za-z0-9_])_MALLOC_LOCK(?![A-Za-z0-9_])/MALLOC_LOCK_/g; s/(?<![A-Za-z0-9_])_MALLOC_LOCK_INIT(?![A-Za-z0-9_])/MALLOC_LOCK_INIT_/g; s/(?<![A-Za-z0-9_])_MALLOC_UNLOCK(?![A-Za-z0-9_])/MALLOC_UNLOCK_/g; s/(?<![A-Za-z0-9_])_microdesc_eq(?![A-Za-z0-9_])/microdesc_eq_/g; s/(?<![A-Za-z0-9_])_microdesc_hash(?![A-Za-z0-9_])/microdesc_hash_/g; s/(?<![A-Za-z0-9_])_MIN_TOR_TLS_ERROR_VAL(?![A-Za-z0-9_])/MIN_TOR_TLS_ERROR_VAL_/g; s/(?<![A-Za-z0-9_])_mm_free(?![A-Za-z0-9_])/mm_free_/g; s/(?<![A-Za-z0-9_])_NIL(?![A-Za-z0-9_])/NIL_/g; s/(?<![A-Za-z0-9_])_n_openssl_mutexes(?![A-Za-z0-9_])/n_openssl_mutexes_/g; s/(?<![A-Za-z0-9_])_openssl_dynlock_create_cb(?![A-Za-z0-9_])/openssl_dynlock_create_cb_/g; s/(?<![A-Za-z0-9_])_openssl_dynlock_destroy_cb(?![A-Za-z0-9_])/openssl_dynlock_destroy_cb_/g; s/(?<![A-Za-z0-9_])_openssl_dynlock_lock_cb(?![A-Za-z0-9_])/openssl_dynlock_lock_cb_/g; s/(?<![A-Za-z0-9_])_openssl_locking_cb(?![A-Za-z0-9_])/openssl_locking_cb_/g; s/(?<![A-Za-z0-9_])_openssl_mutexes(?![A-Za-z0-9_])/openssl_mutexes_/g; s/(?<![A-Za-z0-9_])_option_abbrevs(?![A-Za-z0-9_])/option_abbrevs_/g; s/(?<![A-Za-z0-9_])_option_vars(?![A-Za-z0-9_])/option_vars_/g; s/(?<![A-Za-z0-9_])_OR_CONN_STATE_MAX(?![A-Za-z0-9_])/OR_CONN_STATE_MAX_/g; s/(?<![A-Za-z0-9_])_OR_CONN_STATE_MIN(?![A-Za-z0-9_])/OR_CONN_STATE_MIN_/g; s/(?<![A-Za-z0-9_])_OutboundBindAddressIPv4(?![A-Za-z0-9_])/OutboundBindAddressIPv4_/g; s/(?<![A-Za-z0-9_])_OutboundBindAddressIPv6(?![A-Za-z0-9_])/OutboundBindAddressIPv6_/g; s/(?<![A-Za-z0-9_])_PDS_PREFER_TUNNELED_DIR_CONNS(?![A-Za-z0-9_])/PDS_PREFER_TUNNELED_DIR_CONNS_/g; s/(?<![A-Za-z0-9_])_port(?![A-Za-z0-9_])/port_/g; s/(?<![A-Za-z0-9_])__progname(?![A-Za-z0-9_])/_progname_/g; s/(?<![A-Za-z0-9_])_PublishServerDescriptor(?![A-Za-z0-9_])/PublishServerDescriptor_/g; s/(?<![A-Za-z0-9_])_remove_old_client_helper(?![A-Za-z0-9_])/remove_old_client_helper_/g; s/(?<![A-Za-z0-9_])_rend_cache_entry_free(?![A-Za-z0-9_])/rend_cache_entry_free_/g; s/(?<![A-Za-z0-9_])_routerlist_find_elt(?![A-Za-z0-9_])/routerlist_find_elt_/g; s/(?<![A-Za-z0-9_])_SafeLogging(?![A-Za-z0-9_])/SafeLogging_/g; s/(?<![A-Za-z0-9_])_SHORT_FILE_(?![A-Za-z0-9_])/SHORT_FILE__/g; s/(?<![A-Za-z0-9_])_state_abbrevs(?![A-Za-z0-9_])/state_abbrevs_/g; s/(?<![A-Za-z0-9_])_state_vars(?![A-Za-z0-9_])/state_vars_/g; s/(?<![A-Za-z0-9_])_t(?![A-Za-z0-9_])/t_/g; s/(?<![A-Za-z0-9_])_t32(?![A-Za-z0-9_])/t32_/g; s/(?<![A-Za-z0-9_])_test_op_ip6(?![A-Za-z0-9_])/test_op_ip6_/g; s/(?<![A-Za-z0-9_])_thread1_name(?![A-Za-z0-9_])/thread1_name_/g; s/(?<![A-Za-z0-9_])_thread2_name(?![A-Za-z0-9_])/thread2_name_/g; s/(?<![A-Za-z0-9_])_thread_test_func(?![A-Za-z0-9_])/thread_test_func_/g; s/(?<![A-Za-z0-9_])_thread_test_mutex(?![A-Za-z0-9_])/thread_test_mutex_/g; s/(?<![A-Za-z0-9_])_thread_test_start1(?![A-Za-z0-9_])/thread_test_start1_/g; s/(?<![A-Za-z0-9_])_thread_test_start2(?![A-Za-z0-9_])/thread_test_start2_/g; s/(?<![A-Za-z0-9_])_thread_test_strmap(?![A-Za-z0-9_])/thread_test_strmap_/g; s/(?<![A-Za-z0-9_])_tor_calloc(?![A-Za-z0-9_])/tor_calloc_/g; s/(?<![A-Za-z0-9_])_TOR_CHANNEL_INTERNAL(?![A-Za-z0-9_])/TOR_CHANNEL_INTERNAL_/g; s/(?<![A-Za-z0-9_])_TOR_CIRCUITMUX_EWMA_C(?![A-Za-z0-9_])/TOR_CIRCUITMUX_EWMA_C_/g; s/(?<![A-Za-z0-9_])_tor_free(?![A-Za-z0-9_])/tor_free_/g; s/(?<![A-Za-z0-9_])_tor_malloc(?![A-Za-z0-9_])/tor_malloc_/g; s/(?<![A-Za-z0-9_])_tor_malloc_zero(?![A-Za-z0-9_])/tor_malloc_zero_/g; s/(?<![A-Za-z0-9_])_tor_memdup(?![A-Za-z0-9_])/tor_memdup_/g; s/(?<![A-Za-z0-9_])_tor_realloc(?![A-Za-z0-9_])/tor_realloc_/g; s/(?<![A-Za-z0-9_])_tor_strdup(?![A-Za-z0-9_])/tor_strdup_/g; s/(?<![A-Za-z0-9_])_tor_strndup(?![A-Za-z0-9_])/tor_strndup_/g; s/(?<![A-Za-z0-9_])_TOR_TLS_SYSCALL(?![A-Za-z0-9_])/TOR_TLS_SYSCALL_/g; s/(?<![A-Za-z0-9_])_TOR_TLS_ZERORETURN(?![A-Za-z0-9_])/TOR_TLS_ZERORETURN_/g; s/(?<![A-Za-z0-9_])__USE_ISOC99(?![A-Za-z0-9_])/_USE_ISOC99_/g; s/(?<![A-Za-z0-9_])_UsingTestNetworkDefaults(?![A-Za-z0-9_])/UsingTestNetworkDefaults_/g; s/(?<![A-Za-z0-9_])_val(?![A-Za-z0-9_])/val_/g; s/(?<![A-Za-z0-9_])_void_for_alignment(?![A-Za-z0-9_])/void_for_alignment_/g; ==============================	2012-10-12 12:22:13 -04:00
Andrea Shepard	5543c5b202	Fix formatting in various places after 6465/6816 work	2012-10-10 00:48:36 -07:00
Nick Mathewson	751b3aabb5	Merge remote-tracking branch 'public/openssl_1_is_best'	2012-10-04 12:50:41 -04:00
Robert Ransom	cd884c764b	Fix documentation for crypto_pk_cmp_keys ... Now that crypto_pk_cmp_keys might return the result of tor_memcmp, there is no guarantee that it will only return -1, 0, or 1. (It currently does only return -1, 0, or 1, but that's a lucky accident due to details of the current implementation of tor_memcmp and the particular input given to it.) Fortunately, none of crypto_pk_cmp_keys's callers rely on this behaviour, so changing its documentation is sufficient.	2012-09-17 11:02:53 -04:00
Robert Ransom	62babcaf0a	Implement and use crypto_pk_eq_keys	2012-09-17 11:02:53 -04:00
Robert Ransom	f3916a6855	Make crypto_pk_cmp_keys do something sane for NULL keys ... Fixes bug 4283; bugfix on r76 (Git commit 01aadefbfc).	2012-09-17 11:02:52 -04:00
Nick Mathewson	be68c1fb43	Log a notice if we're running with OpenSSL before 1.0.0. ... These versions have some dubious, slow crypto implementations; 1.0.0 is a great improvement, and at this point is pretty mature.	2012-09-12 19:32:24 -04:00
Nick Mathewson	feabf4148f	Drop support for openssl 0.9.7 ... 097 hasn't seen a new version since 2007; we can drop support too. This lets us remove our built-in sha256 implementation, and some checks for old bugs.	2012-09-12 19:25:58 -04:00
Nick Mathewson	7607ad2bec	Detect openssl header version doesn't match runtime version ... We already do this for libevent; let's do it for openssl too. For now, I'm making it always a warn, since this has caused some problems in the past. Later, we can see about making it less severe.	2012-09-06 11:31:30 -04:00
Nick Mathewson	e3a130a7eb	Don't log about Libevent/OpenSSL initialization when all's well ... OTOH, log the Libevent and OpenSSL versions on the first line when we're starting Tor.	2012-09-06 11:31:22 -04:00
Nick Mathewson	20d6f787aa	Fix "make check-spaces" issues	2012-06-05 00:49:18 -04:00
Nick Mathewson	0fa107a6aa	Update copyright dates to 2012; add a few missing copyright statements	2012-06-04 20:58:17 -04:00
Nick Mathewson	173b18c79b	Add about 60 more DOCDOC comments to 0.2.3 ... Also, try to resolve some doxygen issues. First, define a magic "This is doxygen!" macro so that we take the correct branch in various #if/#else/#endifs in order to get the right documentation. Second, add in a few grouping @{ and @} entries in order to get some variables and fields to get grouped together.	2012-06-04 19:59:08 -04:00
Sebastian Hahn	a5a8296892	Fix clang 3.1 compile warning in crypto.c ... (Tweaked by nickm)	2012-05-30 11:56:43 -04:00
Nick Mathewson	21e3261914	Bump _WIN32_WINNT to 0x0501 throughout the code ... This tells the windows headers to give us definitions that didn't exist before XP -- like the ones that we need for IPv6 support. See bug #5861. We didn't run into this issue with mingw, since mingw doesn't respect _WIN32_WINNT as well as it should for some of its definitions.	2012-05-14 13:46:37 -04:00
Nick Mathewson	9ffccb3f49	Remove all instances of WIN32_WINNT (without leading _) ... We started adding it in 59e2c77824 back in 2004, 8 years and 3 days ago. It's time to deprogram ourselves from this cargo cult.	2012-05-14 13:36:52 -04:00
Nick Mathewson	4db5a1e151	Remove needless check for a buffer that could not be NULL. ... Fixes coverity CID 508: coverity scan doesn't like checking a variable for non-NULL after it has been definitely dereferenced. This should take us back down to zero coverity issues.	2012-04-18 10:38:39 -04:00
Nick Mathewson	ab3197c059	Remove a couple redundant NULL-checks before crypto_cipher_free ... Calling crypto_cipher_free(NULL) is always safe, since (by convention) all of our xyz_free() functions treat xyz_free(NULL) as a no-op. Flagged by coverity scan; fixes CID 508 and 509.	2012-03-30 10:16:58 -04:00
Nick Mathewson	01905a6ef9	Excise PK_NO_PADDING entirely: Unpadded RSA is silly. ... We never use it, so having it around is pointless. Suggested by Sebastian	2012-03-27 22:38:06 -04:00
Nick Mathewson	de0dca0de7	Refactor the API for setting up a block cipher. ... It allows us more flexibility on the backend if the user needs to specify the key and IV at setup time.	2012-03-27 22:37:56 -04:00
Nick Mathewson	00b4784575	Remove support for PK_NO_PADDING in crypto_pk_public_hybrid_encrypt ... We never use it, and it would be a stupid thing if we started using it.	2012-03-27 22:37:55 -04:00
Robert Ransom	cd029f0ca3	Fix crypto_hmac_sha256 documentation comment	2012-02-20 02:47:10 -08:00
Nick Mathewson	5cf9167f91	Use the standard _WIN32, not the Torism MS_WINDOWS or deprecated WIN32 ... This commit is completely mechanical; I used this perl script to make it: #!/usr/bin/perl -w -i.bak -p if (/^\s*\#/) { s/MS_WINDOWS/_WIN32/g; s/\bWIN32\b/_WIN32/g; }	2012-01-31 15:48:47 -05:00
Nick Mathewson	26e789fbfd	Rename nonconformant identifiers. ... Fixes bug 4893. These changes are pure mechanical, and were generated with this perl script: /usr/bin/perl -w -i.bak -p s/crypto_pk_env_t/crypto_pk_t/g; s/crypto_dh_env_t/crypto_dh_t/g; s/crypto_cipher_env_t/crypto_cipher_t/g; s/crypto_digest_env_t/crypto_digest_t/g; s/aes_free_cipher/aes_cipher_free/g; s/crypto_free_cipher_env/crypto_cipher_free/g; s/crypto_free_digest_env/crypto_digest_free/g; s/crypto_free_pk_env/crypto_pk_free/g; s/_crypto_dh_env_get_dh/_crypto_dh_get_dh/g; s/_crypto_new_pk_env_rsa/_crypto_new_pk_from_rsa/g; s/_crypto_pk_env_get_evp_pkey/_crypto_pk_get_evp_pkey/g; s/_crypto_pk_env_get_rsa/_crypto_pk_get_rsa/g; s/crypto_new_cipher_env/crypto_cipher_new/g; s/crypto_new_digest_env/crypto_digest_new/g; s/crypto_new_digest256_env/crypto_digest256_new/g; s/crypto_new_pk_env/crypto_pk_new/g; s/crypto_create_crypto_env/crypto_cipher_new/g; s/connection_create_listener/connection_listener_new/g; s/smartlist_create/smartlist_new/g; s/transport_create/transport_new/g;	2012-01-18 15:53:30 -05:00
Nick Mathewson	73d4dbe103	whitespace and warning fixes for bug4746	2012-01-10 16:53:37 -05:00
Nick Mathewson	7fbf1e225e	Merge remote-tracking branch 'asn-mytor/bug4746'	2012-01-10 16:44:03 -05:00
Nick Mathewson	d29a390733	Test for broken counter-mode at runtime ... To solve bug 4779, we want to avoid OpenSSL 1.0.0's counter mode. But Fedora (and maybe others) lie about the actual OpenSSL version, so we can't trust the header to tell us if it's safe. Instead, let's do a run-time test to see whether it's safe, and if not, use our built-in version. fermenthor contributed a pretty essential fixup to this patch. Thanks!	2012-01-10 11:15:35 -05:00
Nick Mathewson	5741aef3dc	We no longer need to detect openssl without RAND_poll() ... We require openssl 0.9.7 or later, and RAND_poll() was first added in openssl 0.9.6.	2012-01-10 10:40:31 -05:00
Nick Mathewson	85c7d7659e	Add macros to construct openssl version numbers ... It's a pain to convert 0x0090813f to and from 0.9.8s-release on the fly, so these macros should help.	2012-01-10 10:40:30 -05:00
Sebastian Hahn	2367f7e559	Make sure MAX_DNS_LABEL_SIZE is defined ... MAX_DNS_LABEL_SIZE was only defined for old versions of openssl, which broke the build. Spotted by xiando. Fixes bug 4413; not in any released version.	2012-01-10 06:14:35 +01:00
Nick Mathewson	b1ee1a719d	Tweaks for bug4413 fix ... The thing that's limited to 63 bytes is a "label", not a hostname. Docment input constraints and behavior on bogus inputs. Generally it's better to check for overflow-like conditions before than after. In this case, it's not a true overflow, so we're okay, but let's be consistent. pedantic less->fewer in the documentation	2012-01-09 19:14:51 -05:00
Stephen Palmateer	3fadc074ca	Remove (untriggerable) overflow in crypto_random_hostname() ... Fixes bug 4413; bugfix on xxxx. Hostname components cannot be larger than 63 characters. This simple check makes certain randlen cannot overflow rand_bytes_len.	2012-01-09 19:05:05 -05:00
George Kadianakis	d05bc02192	Add an informative header on the 'keys/dynamic_dh_params' file.	2011-12-19 16:06:22 +01:00
Robert Ransom	d688a40a0e	Don't crash on startup of a dormant relay ... If a relay is dormant at startup, it will call init_keys before crypto_set_tls_dh_prime. This is bad. Let's make it not so bad, because someday it *will* happen again.	2011-12-12 11:25:55 -08:00
Sebastian Hahn	95af91565b	Work around a false positive in Coverity. ... Fixes cid 501 and 502.	2011-12-02 06:16:57 +01:00
George Kadianakis	02708b7d80	Free the global DH parameters in crypto_global_cleanup().	2011-11-30 13:17:47 -05:00
George Kadianakis	a708e85236	Move crypto_global_cleanup() to the bottom of crypto.c.	2011-11-30 13:17:39 -05:00
Nick Mathewson	da6c136817	Merge remote-tracking branch 'asn-mytor/bug4548_take2'	2011-11-29 18:30:41 -05:00
George Kadianakis	055d6c01ff	Write dynamic DH parameters to a file. ... Instead of only writing the dynamic DH prime modulus to a file, write the whole DH parameters set for forward compatibility. At the moment we only accept '2' as the group generator. The DH parameters gets stored in base64-ed DER format to the 'dynamic_dh_params' file.	2011-11-26 19:29:57 +01:00
George Kadianakis	b31601975b	Move DH_GENERATOR to crypto.c.	2011-11-25 17:44:11 +01:00
George Kadianakis	1df6b5a734	Move broken primes to dynamic_dh_modulus.broken.	2011-11-25 17:39:45 +01:00
George Kadianakis	4938bcc06a	Do dynamic DH modulus storing in crypto.c.	2011-11-25 17:39:28 +01:00
Nick Mathewson	8143074b3f	Use EVP for AES only when hardware accel is present ... Fixes bug 4525, fix on 0.2.3.8-alpha.	2011-11-25 10:32:00 -05:00
George Kadianakis	1d1d5ae7f8	Finishing touches. ... - Make check-spaces happy. - Remove a stray header from crypto.h	2011-11-25 01:08:31 +01:00
George Kadianakis	7c37a664c1	Rename 'dynamic prime' to 'dynamic DH modulus'.	2011-11-25 01:00:58 +01:00
George Kadianakis	bdeb797a13	Notify the user that her computer is generating numbers.	2011-11-25 00:59:47 +01:00
George Kadianakis	5f3f41c234	Make sure that the stored DH prime is safe to use.	2011-11-25 00:33:40 +01:00
George Kadianakis	94076d9e3b	Move crypto_get_stored_dynamic_prime() to crypto.c	2011-11-24 22:59:01 +01:00
George Kadianakis	2ef68980a7	Move store_dynamic_prime() to crypto.c.	2011-11-24 22:32:10 +01:00
George Kadianakis	cabb8e54c7	Tone down the logging.	2011-11-24 22:14:09 +01:00
George Kadianakis	8a726dd0dd	Implement dynamic prime reading and storing to disk.	2011-11-24 22:13:44 +01:00
George Kadianakis	42bda231ee	Make DynamicPrimes SIGHUP-able. ... Instead of passing the DynamicPrimes configuration option to crypto_global_init(), generate and set a new TLS DH prime when we read the torrc.	2011-11-24 22:13:38 +01:00
George Kadianakis	0e71be5d94	Improve code in the dynamic primes realm.	2011-11-24 22:13:19 +01:00
George Kadianakis	fb38e58d14	Improve logging.	2011-11-24 22:13:00 +01:00
George Kadianakis	1797e0a39e	Make it compile.	2011-11-24 22:12:44 +01:00
George Kadianakis	375e55eaa2	Rename "Rakshasa" to "Dynamic Prime".	2011-11-24 22:09:15 +01:00
George Kadianakis	659381e00d	Introduce the DynamicPrimes configuration option.	2011-11-24 22:09:06 +01:00
George Kadianakis	edec9409e8	Copy/Paste Jake's stuff. ... This commit copies parts of Jake's f3bb6846975193d9a6649c31f94bda47e4014070 commit verbatim to the current master.	2011-11-24 22:06:50 +01:00
Andrea Gelmini	72d4d762c1	Remove some duplicate includes	2011-11-03 10:23:33 -04:00
Nick Mathewson	beb9097bed	Merge remote-tracking branch 'origin/maint-0.2.2'	2011-10-26 11:08:19 -04:00
Nick Mathewson	445f947890	Remove a no-longer-relevant comment	2011-10-10 23:14:17 -04:00
Nick Mathewson	fdbb9cdf74	Add a sha256 hmac function, with tests	2011-10-10 23:14:09 -04:00
Nick Mathewson	dcf69a9e12	New function to get all digests of a public key	2011-10-10 23:14:02 -04:00
Nick Mathewson	246afc1b1b	Make internal error check for unrecognized digest algorithm more robust ... Fixes Coverity CID 479.	2011-10-06 14:13:09 -04:00
Nick Mathewson	44cfa53873	Make WIN32_WINNT defines conditional ... Requested by Gisle Vanem on tor-dev. I'm not quite sure this is the right solution, but it's probably harmless.	2011-07-15 10:03:59 -04:00
Nick Mathewson	8cd5a3c186	Merge remote-tracking branch 'origin/maint-0.2.2'	2011-06-06 16:20:22 -04:00
Nick Mathewson	5afab5ca19	Check maximum properly in crypto_rand_int() ... George Kadianakis notes that if you give crypto_rand_int() a value above INT_MAX, it can return a negative number, which is not what the documentation would imply. The simple solution is to assert that the input is in [1,INT_MAX+1]. If in the future we need a random-value function that can return values up to UINT_MAX, we can add one. Fixes bug 3306; bugfix on 0.2.2pre14.	2011-06-06 16:18:06 -04:00
Nick Mathewson	12f9c91c06	Merge remote-tracking branch 'origin/maint-0.2.2'	2011-06-03 11:36:21 -04:00
Nick Mathewson	bbf2fee8ff	Reject 128-byte keys that are not 1024-bit ... When we added the check for key size, we required that the keys be 128 bytes. But RSA_size (which defers to BN_num_bytes) will return 128 for keys of length 1017..1024. This patch adds a new crypto_pk_num_bits() that returns the actual number of significant bits in the modulus, and uses that to enforce key sizes. Also, credit the original bug3318 in the changes file.	2011-06-03 11:31:19 -04:00
Nick Mathewson	03ccce6d77	Merge remote-tracking branch 'origin/maint-0.2.2'	2011-05-16 14:50:53 -04:00
Nick Mathewson	e908e3a332	Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 ... Fixed trivial conflict due to headers moving into their own .h files from or.h. Conflicts: src/or/or.h	2011-05-16 14:49:55 -04:00
Nick Mathewson	4a22046c86	squash! Add crypto_pk_check_key_public_exponent function ... Rename crypto_pk_check_key_public_exponent to crypto_pk_public_exponent_ok: it's nice to name predicates s.t. you can tell how to interpret true and false.	2011-05-16 14:45:06 -04:00
Robert Ransom	d2629f78a0	Add crypto_pk_check_key_public_exponent function	2011-05-16 14:07:34 -04:00
Nick Mathewson	9fba014e3f	Merge remote-tracking branch 'public/bug3122_memcmp_022' into bug3122_memcmp_023 ... Conflicts in various places, mainly node-related. Resolved them in favor of HEAD, with copying of tor_mem* operations from bug3122_memcmp_022. src/common/Makefile.am src/or/circuitlist.c src/or/connection_edge.c src/or/directory.c src/or/microdesc.c src/or/networkstatus.c src/or/router.c src/or/routerlist.c src/test/test_util.c	2011-05-11 16:39:45 -04:00
Nick Mathewson	44ad734573	Merge remote-tracking branch 'public/3122_memcmp_squashed' into bug3122_memcmp_022 ... Conflicts throughout. All resolved in favor of taking HEAD and adding tor_mem* or fast_mem* ops as appropriate. src/common/Makefile.am src/or/circuitbuild.c src/or/directory.c src/or/dirserv.c src/or/dirvote.c src/or/networkstatus.c src/or/rendclient.c src/or/rendservice.c src/or/router.c src/or/routerlist.c src/or/routerparse.c src/or/test.c	2011-05-11 16:24:29 -04:00
Nick Mathewson	59f9097d5c	Hand-conversion and audit phase of memcmp transition ... Here I looked at the results of the automated conversion and cleaned them up as follows: If there was a tor_memcmp or tor_memeq that was in fact "safe"[*] I changed it to a fast_memcmp or fast_memeq. Otherwise if there was a tor_memcmp that could turn into a tor_memneq or tor_memeq, I converted it. This wants close attention. [*] I'm erring on the side of caution here, and leaving some things as tor_memcmp that could in my opinion use the data-dependent fast_memcmp variant.	2011-05-11 16:12:51 -04:00
Nick Mathewson	db7b2a33ee	Automated conversion of memcmp to tor_memcmp/tor_mem[n]eq ... This commit is _exactly_ the result of perl -i -pe 's/\bmemcmp\(/tor_memcmp\(/g' src/*/*.[ch] perl -i -pe 's/\!\s*tor_memcmp\(/tor_memeq\(/g' src/*/*.[ch] perl -i -pe 's/0\s*==\s*tor_memcmp\(/tor_memeq\(/g' src/*/*.[ch] perl -i -pe 's/0\s*!=\s*tor_memcmp\(/tor_memneq\(/g' src/*/*.[ch] git checkout src/common/di_ops.[ch] git checkout src/or/test.c git checkout src/common/test.h	2011-05-11 16:12:51 -04:00
Nick Mathewson	26456d3354	Merge remote-tracking branch 'origin/maint-0.2.2'	2011-04-27 22:14:54 -04:00
Nick Mathewson	0130e7c9d2	Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 ... Conflicts: src/common/torint.h	2011-04-27 22:14:28 -04:00
Nick Mathewson	43ffd023e9	Make SIZE_T_CEILING unsigned; add a signed SSIZE_T_CEILING ... None of the comparisons were _broken_ previously, but avoiding signed/unsigned comparisons makes everybody happier. Fixes bug2475.	2011-04-26 13:03:58 -04:00
Nick Mathewson	b1b6552251	Merge remote-tracking branch 'origin/maint-0.2.2' ... Conflicts: src/common/crypto.c	2011-03-16 17:16:54 -04:00
Nick Mathewson	3310dd2358	Clean up whitespace	2011-03-16 17:11:30 -04:00
Nick Mathewson	57b954293e	Merge remote-tracking branch 'origin/maint-0.2.2' ... Trivial Conflicts in src/common/crypto.c src/or/main.h src/or/or.h	2011-03-16 17:09:32 -04:00
Nick Mathewson	6617822b84	Doxygen documentation for about 100 things that didn't have any ... About 860 doxygen-less things remain in 0.2.2	2011-03-16 17:05:37 -04:00
Nick Mathewson	50c259d763	Make the DH parameter we use for TLS match the one from Apache's mod_ssl ... Our regular DH parameters that we use for circuit and rendezvous crypto are unchanged. This is yet another small step on the path of protocol fingerprinting resistance. (Backport from 0.2.2's 5ed73e3807)	2011-02-10 15:55:06 -05:00
Nick Mathewson	912b76a1bf	Merge remote branch 'origin/maint-0.2.2'	2011-02-03 13:56:37 -05:00
Nick Mathewson	e80bdfb4a0	Correctly detect BIO_new failures ... This bug was noticed by cypherpunks; fixes bug 2378. Bugfix on svn commit r110.	2011-01-25 18:26:49 -05:00
Nick Mathewson	bfde636aad	Always treat failure to allocate an RSA key as an unrecoverable allocation error	2011-01-25 18:19:09 -05:00
Nick Mathewson	c939c953ae	Remove an unused function in crypto.c	2011-01-25 18:07:02 -05:00
Nick Mathewson	aaa5737a2e	Merge remote branch 'origin/maint-0.2.2'	2011-01-24 17:51:52 -05:00
Nick Mathewson	5ed73e3807	Make the DH parameter we use for TLS match the one from Apache's mod_ssl ... Our regular DH parameters that we use for circuit and rendezvous crypto are unchanged. This is yet another small step on the path of protocol fingerprinting resistance.	2011-01-24 16:50:11 -05:00
Nick Mathewson	07888ed8e4	Merge remote branch 'origin/maint-0.2.2'	2011-01-15 14:17:59 -05:00
Nick Mathewson	a7790d48af	Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2	2011-01-15 14:15:19 -05:00
Nick Mathewson	9b09627edd	Zero out some more key data before freeing it ... Found by cypherpunks; fixes bug 2384.	2011-01-15 14:10:52 -05:00
Nick Mathewson	1758ef51de	Merge remote branch 'origin/maint-0.2.2'	2011-01-15 13:26:02 -05:00
Nick Mathewson	1393985768	Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 ... Conflicts: src/or/routerparse.c src/or/test.c	2011-01-15 13:25:13 -05:00
Nick Mathewson	b97b0efec8	Merge branch 'bug2352_obsize' into maint-0.2.1	2011-01-15 13:15:06 -05:00
Robert Ransom	7ea674e0e0	Remove some unnecessary occurrences of +1. ... I dug through the OpenSSL source and verified that RSA_private_decrypt will not write more than RSA_size(key) bytes to its output buffer.	2011-01-15 13:11:44 -05:00
Nick Mathewson	ed87738ede	Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 ... Conflicts: src/or/config.c src/or/networkstatus.c src/or/rendcommon.c src/or/routerparse.c src/or/test.c	2011-01-15 12:02:55 -05:00
Nick Mathewson	115782bdbe	Fix a heap overflow found by debuger, and make it harder to make that mistake again ... Our public key functions assumed that they were always writing into a large enough buffer. In one case, they weren't. (Incorporates fixes from sebastian)	2011-01-15 11:49:25 -05:00
Nick Mathewson	729f404efe	Add logic in routerparse to not read overlong private keys ... I am not at all sure that it is possible to trigger a bug here, but better safe than sorry.	2011-01-10 12:07:34 -05:00
Nick Mathewson	240fa42aac	Fix size_t vs unsigned comparison too	2011-01-05 12:49:02 -05:00
Nick Mathewson	0222228d64	Fix up size and sign issues in base32 code ... Fixes bug 2331.	2011-01-03 16:16:53 -05:00
Nick Mathewson	bb5f99d4df	Merge remote branch 'sebastian/bug2314' into maint-0.2.2	2011-01-03 12:47:14 -05:00
Nick Mathewson	f1de329e78	Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 ... Conflicts: src/common/test.h src/or/test.c	2011-01-03 11:51:17 -05:00
Nick Mathewson	1a07348a50	Bump copyright statements to 2011	2011-01-03 11:50:39 -05:00
Sebastian Hahn	9ecf133686	Fix compile wanrings revealed by gcc 4.5 on mingw	2010-12-27 09:47:41 +01:00
Nick Mathewson	b5e293afe6	Merge remote branch fix_security_bug_021 into fix_security_bug_022 ... Conflicts: src/common/memarea.c src/or/or.h src/or/rendclient.c	2010-12-15 22:48:23 -05:00
Nick Mathewson	785086cfba	Have all of our allocation functions and a few others check for underflow ... It's all too easy in C to convert an unsigned value to a signed one, which will (on all modern computers) give you a huge signed value. If you have a size_t value of size greater than SSIZE_T_MAX, that is way likelier to be an underflow than it is to be an actual request for more than 2gb of memory in one go. (There's nothing in Tor that should be trying to allocate >2gb chunks.)	2010-12-13 18:40:21 -05:00
Nick Mathewson	89e97bdf94	Add wrappers function for libc random() ... On windows, it's called something different.	2010-11-29 16:00:47 -05:00
Sebastian Hahn	213139f887	Properly refcount client_identity_key ... In a2bb0bf we started using a separate client identity key. When we are in "public server mode" (that means not a bridge) we will use the same key. Reusing the key without doing the proper refcounting leads to a segfault on cleanup during shutdown. Fix that. Also introduce an assert that triggers if our refcount falls below 0. That should never happen.	2010-10-26 18:22:04 +02:00
Nick Mathewson	14bc4dcc22	Rename log.h to torlog.h ... This should make us conflict less with system files named "log.h". Yes, we shouldn't have been conflicting with those anyway, but some people's compilers act very oddly. The actual change was done with one "git mv", by editing Makefile.am, and running find . -name '*.[ch]' | xargs perl -i -pe 'if (/^#include.*\Wlog.h/) {s/log.h/torlog.h/; }'	2010-07-09 22:05:38 -04:00
Nick Mathewson	485cab869d	Merge remote branch 'public/rand_double2'	2010-06-29 18:57:59 -04:00
Nick Mathewson	b111a7cd9c	Make cbt_generate_sample use crypto_rand_double() ... Possible workaround for bug 1139, if anybody cares.	2010-06-25 21:33:22 -04:00
Nick Mathewson	8e1bf98f4a	Log an error if openssl fails to copy a key for us ... This should never happen unless openssl is buggy or some of our assumptions are deeply wrong, but one of those might have been the cause of the not-yet-reproducible bug 1209. If it ever happens again, let's get some info we can use.	2010-06-22 22:20:52 -04:00
Nick Mathewson	006e2e8620	Add a function to return a double in range [0,1).	2010-06-22 21:30:26 -04:00
Nick Mathewson	b006e3279f	Merge remote branch 'origin/maint-0.2.1' ... Conflicts: src/common/test.h src/or/test.c	2010-02-27 17:16:31 -05:00
Nick Mathewson	c3e63483b2	Update Tor Project copyright years	2010-02-27 17:14:21 -05:00
Nick Mathewson	616cbb31c7	Merge commit 'origin/maint-0.2.1'	2009-12-15 17:11:40 -05:00
Nick Mathewson	1c87a27574	Fix bug 1173: remove an assert(unsigned >= 0).	2009-12-15 15:51:59 -05:00
Nick Mathewson	9e6225ae16	Merge commit 'sebastian/coverity'	2009-12-12 02:10:19 -05:00
Sebastian Hahn	3807db001d	*_free functions now accept NULL ... Some *_free functions threw asserts when passed NULL. Now all of them accept NULL as input and perform no action when called that way. This gains us consistence for our free functions, and allows some code simplifications where an explicit null check is no longer necessary.	2009-12-12 03:29:44 +01:00
Sebastian Hahn	70abd843fd	crypto_cipher_set_key cannot fail ... In 5e4d53d535 we made it so that crypto_cipher_set_key cannot fail. The call will now always succeed, to returning a boolean for success/failure makes no sense.	2009-10-27 04:31:23 +01:00
Nick Mathewson	5e4d53d535	Remove checks for array existence. (CID 410..415) ... In C, the code "char x[10]; if (x) {...}" always takes the true branch of the if statement. Coverity notices this now. In some cases, we were testing arrays to make sure that an operation we wanted to do would suceed. Those cases are now always-true. In some cases, we were testing arrays to see if something was _set_. Those caes are now tests for strlen(s), or tests for !tor_mem_is_zero(d,len).	2009-10-26 22:40:41 -04:00
Karsten Loesing	d2b4b49ff0	Reduce log level for someone else sending us weak DH keys. ... See task 1114. The most plausible explanation for someone sending us weak DH keys is that they experiment with their Tor code or implement a new Tor client. Usually, we don't care about such events, especially not on warn level. If we really care about someone not following the Tor protocol, we can set ProtocolWarnings to 1.	2009-10-25 23:47:05 -07:00
Nick Mathewson	200c39b66c	Document the microdescriptor code better.	2009-10-18 18:46:12 -04:00
Nick Mathewson	5576a3a094	Parse detached signature documents with multiple flavors and algorithms.	2009-10-15 15:17:13 -04:00
Nick Mathewson	3b2fc659a8	Refactor consensus signature storage for multiple digests and flavors. ... This patch introduces a new type called document_signature_t to represent the signature of a consensus document. Now, each consensus document can have up to one document signature per voter per digest algorithm. Also, each detached-signatures document can have up to one signature per <voter, algorithm, flavor>.	2009-10-15 15:17:13 -04:00
Nick Mathewson	8d41e6c471	Support for encoding and decoding 256-bit digests in base64	2009-10-15 15:17:12 -04:00
Nick Mathewson	cfba9c01bf	Alter keygen function to generate keys of different lengths.	2009-09-29 00:53:25 -04:00
Nathan Freitas	76d26ae52d	Disable OpenSSL engines when building for Android. ... Apparently the Android developers dumped OpenSSL's support for hardware acceleration in order to save some memory, so you can't build programs using engines on Android. [Patch revised by nickm]	2009-09-29 00:53:10 -04:00
Nathan Freitas	8c585cce39	Include util.h and log.h as relative paths. ... This shouldn't be necessary, but apparently the Android cross-compiler doesn't respect -I as well as it should. (-I is supposed to add to the *front* of the search path. Android's gcc wrapper apparently likes to add to the end. This is broken, but we need to work around it.)	2009-09-29 00:52:52 -04:00
Nick Mathewson	5da3b45fdc	Make crypto_digest_get_digest nondestructive again. ... Fixes bug in f57883a39.	2009-08-20 12:03:32 -04:00
Nick Mathewson	d0c212995a	Add a SHA256 implementation for platforms that lack it. ... (This would be everywhere running OpenSSL 0.9.7x and earlier, including all current Macintosh users.) The code is based on Tom St Denis's LibTomCrypt implementation, modified to be way less general and use Tor's existing facilities. I picked this one because it was pretty fast and pretty free, and because Python uses it too.	2009-08-20 01:47:13 -04:00
Nick Mathewson	f57883a39e	Add basic support for SHA256. ... This adds an openssl 0.9.8 dependency. Let's see if anybody cares.	2009-08-19 19:43:54 -04:00
Nick Mathewson	e84ddead34	Merge branch 'hardware_accel_improvements'	2009-05-31 13:36:50 -04:00
Nick Mathewson	260de44313	Fixes to spelling fixes. Thanks, Roger!	2009-05-28 12:22:48 -04:00
Nick Mathewson	ec7e054668	Spell-check Tor.	2009-05-27 17:55:51 -04:00
Martin Peck	7703b887f5	Add support for dynamic OpenSSL hardware crypto acceleration engines.	2009-05-23 16:42:44 -07:00
Karsten Loesing	9b32e8c141	Update copyright to 2009.	2009-05-04 11:28:27 -04:00
Karsten Loesing	4ebcc4da34	Update copyright to 2009.	2009-05-02 22:00:54 +02:00
Nick Mathewson	8ebceeb352	Make sure that even in the weird fiddly paths that lead to init_keys, ... crypto_global_init gets called. Also have it be crypto_global_init that calls crypto_seed_rng, so we are not dependent on OpenSSL's RAND_poll in these fiddly cases. Should fix bug 907. Bugfix on 0.0.9pre6. Backport candidate. svn:r18210	2009-01-21 15:38:39 +00:00
Nick Mathewson	c4b8fef362	Remove svn $Id$s from our source, and remove tor --version --version. ... The subversion $Id$ fields made every commit force a rebuild of whatever file got committed. They were not actually useful for telling the version of Tor files in the wild. svn:r17867	2009-01-04 00:35:51 +00:00
Nick Mathewson	b0a8ecd193	Use RSA_generate_key_ex where available. ... svn:r17804	2008-12-29 02:20:57 +00:00
Nick Mathewson	b4d387c28b	Make freelist_len in memarea.c static; document a few variables. ... svn:r17741	2008-12-22 19:14:08 +00:00
Nick Mathewson	1e5f457461	Fix most DOCDOCs remaining and/or added by redox. ... svn:r17734	2008-12-22 17:53:04 +00:00
Nick Mathewson	1725c0c8a5	Add DOCDOC comments for all undocumented functions. Add missing *s to other comments so that they will get recognized as doxygen. ... svn:r17729	2008-12-22 14:56:28 +00:00
Nick Mathewson	6c6b0283cb	Ben confirms that the MUST in rfc2631 is only for compatibility with X9.42, and isn't actually a security thing. ... svn:r17685	2008-12-18 16:11:16 +00:00
Nick Mathewson	cebdf93949	Fix bug 889: share deep-copied keys between threads to avoid races in reference counts. Bugfix on 0.1.0.1-rc. ... svn:r17672	2008-12-18 05:28:27 +00:00
Nick Mathewson	f43bcdc063	Use ctags and a python script to find identifiers that are never used anywhere, and remove the ones that we really want gone. ... svn:r17651	2008-12-17 17:20:42 +00:00
Nick Mathewson	4d94e061c7	Clean up some redundant stuff in crypto_dh_new(). ... svn:r16778	2008-09-05 20:18:22 +00:00
Nick Mathewson	22259a0877	The first of Karsten's proposal 121 patches: configure and maintain client authorization data. Tweaked a bit: see comments on or-dev. ... svn:r16475	2008-08-08 14:36:11 +00:00
Nick Mathewson	3ec25c2410	r16587@tombo: nickm | 2008-06-28 00:13:40 -0400 ... fix for bug 704; found by sjmurdoch. Windows and recent openssl both want to define OCSP_RESPONSE; do not let them. svn:r15533	2008-06-28 04:16:17 +00:00
Nick Mathewson	d4ed91c672	Set dynamic-locking callbacks in openssl. These can be more efficient when openssl uses them. ... svn:r15222	2008-06-13 16:35:12 +00:00
Nick Mathewson	ae2d022f0c	Remov unused macro in crypto.c ... svn:r14950	2008-06-04 18:41:08 +00:00
Nick Mathewson	b7a80920e2	r15558@tombo: nickm | 2008-05-09 04:35:12 -0400 ... New (temporary) tool to dump the modulus of a key. May help with a project of weasel's. svn:r14580	2008-05-09 08:35:38 +00:00
Nick Mathewson	b5b77f8bf3	r19004@catbus: nickm | 2008-03-21 15:18:43 -0400 ... Use RAND_poll() again: the bug that made us stop using it has been fixed. svn:r14150	2008-03-21 19:18:57 +00:00
Nick Mathewson	3452486ac6	r14422@tombo: nickm | 2008-02-24 17:09:56 -0500 ... Whitespace fixes svn:r13700	2008-02-24 22:11:18 +00:00
Nick Mathewson	e7db789e82	r14399@tombo: nickm | 2008-02-22 14:09:38 -0500 ... More 64-to-32 fixes. Partial backport candidate. still not done. svn:r13680	2008-02-22 19:09:45 +00:00
Nick Mathewson	69300eb606	r14374@tombo: nickm | 2008-02-21 16:57:39 -0500 ... Fix all remaining shorten-64-to-32 errors in src/common. Some were genuine problems. Many were compatibility errors with libraries (openssl, zlib) that like predate size_t. Partial backport candidate. svn:r13665	2008-02-21 21:57:47 +00:00
Nick Mathewson	b375472d14	r14373@tombo: nickm | 2008-02-21 16:29:18 -0500 ... Apply warnings about implicit 64-to-32 conversions; some from Sebastian Hahn; some not. svn:r13664	2008-02-21 21:57:42 +00:00
Nick Mathewson	24e8e1fb36	r14185@tombo: nickm | 2008-02-15 18:05:54 -0500 ... Replace the hefty tor_strpartition with a simple function to replace its only (trivial) use. svn:r13532	2008-02-15 23:39:14 +00:00
Roger Dingledine	509d2912dc	doxygen and other cleanups ... svn:r13440	2008-02-09 03:11:10 +00:00
Nick Mathewson	de827f89df	r14062@tombo: nickm | 2008-02-08 15:17:07 -0500 ... Change DNs in x509 certificates to be harder to fingerprint. Raise common code. Refactor random hostname generation into crypto.c svn:r13429	2008-02-08 21:13:12 +00:00
Nick Mathewson	b8179871a6	r17964@catbus: nickm | 2008-02-07 10:45:02 -0500 ... Fix bug in last patch that made secret_to_key crash. svn:r13415	2008-02-07 16:10:36 +00:00
Nick Mathewson	eecc44dab8	r17963@catbus: nickm | 2008-02-07 10:14:25 -0500 ... Be more thorough about memory poisoning and clearing. Add an in-place version of aes_crypt in order to remove a memcpy from relay_crypt_one_payload. svn:r13414	2008-02-07 16:10:33 +00:00
Nick Mathewson	842a33ff20	Update some copyright notices: it is now 2008. ... svn:r13412	2008-02-07 05:31:47 +00:00
Nick Mathewson	a51deb9a9c	r17903@catbus: nickm | 2008-02-05 14:40:03 -0500 ... Remove some dead code; fix some XXX020s; turn some XXX020s into XXXX_IP6s (i.e., "needs to be fixed when we add ipv6 support"). svn:r13382	2008-02-05 19:40:26 +00:00
Nick Mathewson	d7fb8a34ac	r17613@catbus: nickm | 2008-01-14 13:52:44 -0500 ... Do not segfault if symetric key generation somehow fails in crypto_hybrid_encrypt. svn:r13132	2008-01-14 19:00:28 +00:00
Nick Mathewson	becbafc9db	r17491@catbus: nickm | 2008-01-07 11:50:24 -0500 ... Remove some dead code. svn:r13053	2008-01-07 16:50:33 +00:00
Roger Dingledine	1d8a8063b9	clean up copyrights, and assign 2007 copyrights to The Tor Project, Inc ... svn:r12786	2007-12-12 21:09:01 +00:00
Roger Dingledine	7f12ebc3fa	cleanups on r12579 ... svn:r12580	2007-11-27 21:17:43 +00:00
Nick Mathewson	e047f7f865	r16455@catbus: nickm | 2007-11-06 12:48:00 -0500 ... Parse CERT cells and act correctly when we get them. svn:r12396	2007-11-06 18:00:07 +00:00
Nick Mathewson	7712ddf8e7	r16317@catbus: nickm | 2007-10-31 23:52:52 -0400 ... Use HMAC() function from openssl. Oops. svn:r12304	2007-11-01 03:56:17 +00:00
Nick Mathewson	17266cc44a	r16287@catbus: nickm | 2007-10-31 00:53:53 -0400 ... HMAC-SHA-1 implementation, with unit tests based on vectors from RVFC2202. Steven's stuff will need this. svn:r12289	2007-10-31 04:56:59 +00:00
Nick Mathewson	7da93b80ca	r16159@catbus: nickm | 2007-10-25 12:53:38 -0400 ... Drop support for OpenSSL 0.9.6. svn:r12191	2007-10-25 16:54:56 +00:00
Nick Mathewson	e3113502ad	r15882@catbus: nickm | 2007-10-17 15:23:05 -0400 ... oprofile was telling me that a fair bit of our time in openssl was spent in base64_decode, so replace base64_decode with an all-at-once fairly optimized implementation. For decoding keys and digests, it seems 3-3.5x faster than calling out to openssl. (Yes, I wrote it from scratch.) svn:r12002	2007-10-17 19:23:56 +00:00
Nick Mathewson	7f9e9c816c	r15790@catbus: nickm | 2007-10-15 11:38:28 -0400 ... Fix bug 528: fix memory leak in base32_decode(). While there, also make base32_decode() accept upper-case inputs. svn:r11946	2007-10-15 15:38:44 +00:00
Nick Mathewson	3de8158b16	r15702@catbus: nickm | 2007-10-11 17:29:20 -0400 ... Remove a bunch of redundant includes in crypto.c svn:r11885	2007-10-11 21:40:32 +00:00
Nick Mathewson	fc5dd0cdbb	r15231@catbus: nickm | 2007-09-20 16:04:30 -0400 ... Patch from karsten: remove cbc and make unit tests handle aes-ctr-with-iv. svn:r11538	2007-09-20 20:08:47 +00:00