nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-09-22 22:14:58 +02:00
Code Issues Packages Projects Releases Wiki Activity
14,508 Commits 53 Branches 629 Tags 108 MiB
f89c619679
Commit Graph

9972 Commits

Author SHA1 Message Date
George Kadianakis
b31601975b Move DH_GENERATOR to crypto.c. 2011-11-25 17:44:11 +01:00
George Kadianakis
1df6b5a734 Move broken primes to dynamic_dh_modulus.broken. 2011-11-25 17:39:45 +01:00
George Kadianakis
4938bcc06a Do dynamic DH modulus storing in crypto.c. 2011-11-25 17:39:28 +01:00
Nick Mathewson
25c9e3aab9 Merge branch 'more_aes_hackery_rebased' 
Conflicts:
	changes/aes_hackery
 2011-11-25 10:36:13 -05:00
Nick Mathewson
fbec45c9b4 Make AES unit tests cover the AES and the EVP case. 2011-11-25 10:32:21 -05:00
Nick Mathewson
9814019a54 Use openssl's counter mode implementation when we have 1.0.0 or later 
This shaves about 7% off our per-cell AES crypto time for me; the
effect for accelerated AES crypto should be even more, since the AES
calculation itself will make an even smaller portion of the
counter-mode performance.

(We don't want to do this for pre-1.0.0 OpenSSL, since our AES_CTR
implementation was actually faster than OpenSSL's there, by about
10%.)

Fixes issue #4526.
 2011-11-25 10:32:21 -05:00
Nick Mathewson
8143074b3f Use EVP for AES only when hardware accel is present 
Fixes bug 4525, fix on 0.2.3.8-alpha.
 2011-11-25 10:32:00 -05:00
Peter Palfrader
f1c47586ac tor-gencert: Fix a minor formatting issue in an error message (re: #4574) 2011-11-25 10:04:41 -05:00
Peter Palfrader
86be8fcf0a Handle build-trees better. 
Properly create git revision and source file sha1sums include files when
building tor not in its source tree but in a dedicated build tree.
 2011-11-24 23:56:01 -05:00
Nick Mathewson
eaa3a379f0 Move disable-debugger-attachment fn to compat where it belongs. Fix whitespace 2011-11-24 23:45:47 -05:00
Nick Mathewson
3508de3cd6 Tweak disable_debugger_attachment a little 
Don't warn when we have no implementation of this function (since it's
on-by-default); reformat the changes entry; fix an overlong line.
 2011-11-24 23:39:52 -05:00
Nick Mathewson
68114ca52c Merge remote-tracking branch 'ioerror/DisableDebuggerAttachment' 
Conflicts:
	src/or/config.c
 2011-11-24 23:38:32 -05:00
Nick Mathewson
f634228a07 Merge remote-tracking branch 'public/feature4516' 2011-11-24 22:59:37 -05:00
George Kadianakis
1d1d5ae7f8 Finishing touches. 
- Make check-spaces happy.
- Remove a stray header from crypto.h
 2011-11-25 01:08:31 +01:00
George Kadianakis
7c37a664c1 Rename 'dynamic prime' to 'dynamic DH modulus'. 2011-11-25 01:00:58 +01:00
George Kadianakis
782c907c7c s/DynamicPrimes/DynamicDHGroups/g 2011-11-25 01:00:14 +01:00
George Kadianakis
bdeb797a13 Notify the user that her computer is generating numbers. 2011-11-25 00:59:47 +01:00
George Kadianakis
5f3f41c234 Make sure that the stored DH prime is safe to use. 2011-11-25 00:33:40 +01:00
George Kadianakis
94076d9e3b Move crypto_get_stored_dynamic_prime() to crypto.c 2011-11-24 22:59:01 +01:00
George Kadianakis
2ef68980a7 Move store_dynamic_prime() to crypto.c. 2011-11-24 22:32:10 +01:00
George Kadianakis
cabb8e54c7 Tone down the logging. 2011-11-24 22:14:09 +01:00
George Kadianakis
8a726dd0dd Implement dynamic prime reading and storing to disk. 2011-11-24 22:13:44 +01:00
George Kadianakis
42bda231ee Make DynamicPrimes SIGHUP-able. 
Instead of passing the DynamicPrimes configuration option to
crypto_global_init(), generate and set a new TLS DH prime when we read
the torrc.
 2011-11-24 22:13:38 +01:00
George Kadianakis
0e71be5d94 Improve code in the dynamic primes realm. 2011-11-24 22:13:19 +01:00
George Kadianakis
fb38e58d14 Improve logging. 2011-11-24 22:13:00 +01:00
George Kadianakis
1797e0a39e Make it compile. 2011-11-24 22:12:44 +01:00
George Kadianakis
375e55eaa2 Rename "Rakshasa" to "Dynamic Prime". 2011-11-24 22:09:15 +01:00
George Kadianakis
659381e00d Introduce the DynamicPrimes configuration option. 2011-11-24 22:09:06 +01:00
George Kadianakis
edec9409e8 Copy/Paste Jake's stuff. 
This commit copies parts of Jake's
f3bb6846975193d9a6649c31f94bda47e4014070 commit verbatim to the
current master.
 2011-11-24 22:06:50 +01:00
Sebastian Hahn
f77f9bddb8 appease check-spaces 2011-11-24 09:20:51 +01:00
Sebastian Hahn
46d69cb915 Fix compile warning in tor_inet_pton() (on 64bit) 
This slipped through into 0.2.3.8-alpha unfortunately.
 2011-11-24 09:19:57 +01:00
Nick Mathewson
f067067ee6 Merge branch 'bug2474' 
Had to resolve conflicts wrt the " (using bufferevents)" addition to the
startup string.

Conflicts:
	src/or/main.c
 2011-11-23 17:14:54 -05:00
Nick Mathewson
2b4d4ffa8f Tweak the "this is not a stable release" warning some more 2011-11-23 17:09:36 -05:00
Nick Mathewson
3890c81e7c Merge remote-tracking branch 'origin/maint-0.2.2' 2011-11-23 16:28:18 -05:00
Nick Mathewson
fbf1c5ee79 Merge remote-tracking branch 'public/bug4230' into maint-0.2.2 2011-11-23 16:22:26 -05:00
Sebastian Hahn
841247a586 Fix a compile warning on 64bit OS X 
Backport of 68475fc5c5 which accidentally
only made it into master. Fixes bug 4547. Bug isn't in any released
version.
 2011-11-23 12:06:55 -05:00
Roger Dingledine
dfe6dac37c bump to 0.2.3.8-alpha-dev 2011-11-23 04:41:19 -05:00
Sebastian Hahn
68475fc5c5 Fix a compile warning on 64bit OS X 2011-11-23 01:41:37 +01:00
Roger Dingledine
a58d9e6045 bump to 0.2.3.8-alpha 2011-11-22 18:29:57 -05:00
Roger Dingledine
fce107b11e raise AuthDirFastGuarantee from 20KB to 100KB 
This patch reverts part of 39ceda7e05 (where it used to be 100KB).
 2011-11-21 18:44:59 -05:00
Roger Dingledine
58764d8ec6 apparently or_options_t likes being a const in master 2011-11-21 18:42:07 -05:00
Roger Dingledine
6a76007b08 Merge branch 'maint-0.2.2' 
Conflicts:
	src/or/dirserv.c
 2011-11-21 18:36:49 -05:00
Roger Dingledine
c0ec4eafc5 parameterize bw cutoffs to guarantee Fast and Guard flags 
Now it will be easier for researchers to simulate Tor networks with
different values. Resolves ticket 4484.
 2011-11-21 18:22:10 -05:00
Nick Mathewson
f4e053d6df Merge branch 'bug4518' into maint-0.2.2 2011-11-21 17:25:51 -05:00
Nick Mathewson
929074b368 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-11-21 10:52:38 -05:00
Nick Mathewson
b3c988f0d7 Merge remote-tracking branch 'public/bug3963' into maint-0.2.2 2011-11-21 10:52:15 -05:00
Nick Mathewson
0539c34c35 Merge branch 'bug4360' 2011-11-21 10:48:02 -05:00
Sebastian Hahn
2efa6eb652 Sockets are unsigned on windows 
this gets rid of a warning about signed/unsigned comparison

This is a backport of 0a5338e03c that
accidentally only went into master
 2011-11-20 15:15:14 +01:00
Nick Mathewson
7992eb43c5 Log more loudly on a bad cert from an authority. 
Clock skew made this situation way too frequent so we demoted it to
"protocol_warn", but when there's an authority, it should really just
be warn.
 2011-11-20 00:48:25 -05:00
Sebastian Hahn
3dc2a1c62c Get rid of an unused parameter warning on win 
This is a backport of bed79c47f4 which
accidentally only went into master
 2011-11-20 03:02:28 +01:00
Nick Mathewson
8e388bc39c Only call cull_wedged_cpuworkers once every 60 seconds. 
The function is over 10 or 20% on some of Moritz's profiles, depending
on how you could.

Since it's checking for a multi-hour timeout, this is safe to do.

Fixes bug 4518.
 2011-11-19 18:30:55 -05:00
Anders Sundman
725d4f035c Imporved unit test coverage for tor_inet_pton 2011-11-19 10:58:33 +01:00
Anders Sundman
edc561432a Minor tor_inet_pton bug fixes 
In particular:
* Disallow "0x10::"
* Don't blow up on ":"
* Disallow "::10000"
 2011-11-19 10:58:33 +01:00
Nick Mathewson
53dac6df18 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-11-18 19:09:08 -05:00
Sebastian Hahn
6ef44b7849 Don't log about stats when running as a client without geoip 
Completely disable stats if we aren't running as a relay. We won't
collect any anyway, so setting up the infrastructure for them and
logging about them is wrong. This also removes a confusing log
message that clients without a geoip db would have seen.

Fixes bug 4353.
 2011-11-19 00:50:03 +01:00
Nick Mathewson
b88db7573c Merge remote-tracking branch 'public/benchmark' 2011-11-18 18:42:49 -05:00
Nick Mathewson
6e6a661296 New UserspaceIOCPBuffers option to set SO_{SND,RCV}BUF to zero 
When running with IOCP, we are in theory able to use userspace-
allocated buffers to avoid filling up the stingy amount of kernel
space allocated for sockets buffers.

The bufferevent_async implementation in Libevent provides this
ability, in theory.  (There are likely to be remaining bugs).  This
patch adds a new option that, when using IOCP bufferevents, sets
each socket's send and receive buffers to 0, so that we should use
this ability.

When all the bugs are worked out here, if we are right about bug 98,
this might solve or mitigate bug 98.

This option is experimental and will likely require lots of testing
and debugging.
 2011-11-18 17:43:03 -05:00
Nick Mathewson
6a6233b70b Fix a couple of memory leaks in rend_add_service spotted by coverity 2011-11-17 17:14:49 -05:00
Roger Dingledine
95163ec072 trivial code cleanup in generate_v2_networkstatus_opinion() 2011-11-16 18:59:20 -05:00
Roger Dingledine
3992c5487f fix trivial typo 
somebody should s/authoritative directory server/directory authority/g
at some point
 2011-11-16 18:10:13 -05:00
Nick Mathewson
2408934516 Merge remote-tracking branch 'sebastian/bug2893' 2011-11-16 17:30:24 -05:00
Nick Mathewson
2f3dad10a8 Merge branch 'bug4457_master' 2011-11-16 16:23:15 -05:00
Nick Mathewson
5a02406ae0 Merge branch 'bug4457_022' into maint-0.2.2 2011-11-16 16:22:47 -05:00
Sebastian Hahn
7bd46344df Eat all whitespace after a control command 2011-11-16 18:14:06 +01:00
Roger Dingledine
67650a869d allow manual control port authenticate via netcat 2011-11-16 18:14:03 +01:00
Sebastian Hahn
8200a85323 Fix a check-spaces complaint 2011-11-16 16:40:56 +01:00
Sebastian Hahn
9fc7725aba Don't allow building on platforms where AF_UNSPEC != 0 2011-11-16 16:39:04 +01:00
Sebastian Hahn
688b53059e Don't fail to send netinfo if real_addr is unset 
If we haven't set real_addr on a connection, we also now that _base.addr
hasn't been tampered with. So we can use that.
 2011-11-16 16:05:46 +01:00
Nick Mathewson
69dd993a92 Make certificate skew into a protocol warning 2011-11-15 15:57:46 -05:00
Nick Mathewson
87622e4c7e Allow up to a 30 days future skew, 48 hours past skew in certs. 2011-11-15 15:57:41 -05:00
Nick Mathewson
26fcb4bb8c Merge remote-tracking branch 'sebastian/bug4469' 2011-11-15 11:59:37 -05:00
Nick Mathewson
3ef40f6993 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-11-15 11:42:38 -05:00
Sebastian Hahn
4b8d2ad6f5 Fix compile warnings on windows 2011-11-15 13:34:04 +01:00
Nick Mathewson
5bea660f8e Use real_addr in send_netinfo 
Reported by "troll_un"; bugfix on 0.2.0.10-alpha; fixes bug 4349.
 2011-11-14 22:43:40 -05:00
Nick Mathewson
4af82fb388 Merge remote-tracking branch 'public/bug4367' 2011-11-14 22:35:49 -05:00
Nick Mathewson
7be50c26e8 Disable IOCP and retry event_base_new_with_config once on failure 
This is a fancier bug4457 workaround for 0.2.3.  In 0.2.2, we could
just tell Libevent "Don't enable locking!" so it wouldn't try to make
the event_base notifiable.  But for IOCP, we need a notifiable base.
(Eventually, we'll want a notifiable base for other stuff, like
multithreaded crypto.)  So the solution is to try a full-featured
initialization, and then retry with all the options turned off if that
fails.
 2011-11-14 18:12:29 -05:00
Nick Mathewson
cf8117136c Merge remote-tracking branch 'public/bug4457_022' into bug4457_master 
Conflicts:
	src/common/compat_libevent.c

Resolving conflict by not taking 7363eae13c ("Use the
EVENT_BASE_FLAG_NOLOCK flag to prevent socketpair() invocation"): in
Tor 0.2.3.x, we _do_ sometimes use notifiable event bases.
 2011-11-14 17:59:42 -05:00
Nick Mathewson
0f6c021617 Detect failure from event_init() or event_base_new_with_config() 2011-11-14 17:53:45 -05:00
Nick Mathewson
7363eae13c Use the EVENT_BASE_FLAG_NOLOCK flag to prevent socketpair() invocation 
In Tor 0.2.2, we never need the event base to be notifiable, since we
don't call it from other threads.  This is a workaround for bug 4457,
which is not actually a Tor bug IMO.
 2011-11-14 17:48:57 -05:00
Nick Mathewson
8592126a18 Merge remote-tracking branch '4ZM/topic/test/4433_address' 2011-11-14 12:53:34 -05:00
Nick Mathewson
9292a78722 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-11-14 11:10:45 -05:00
Nick Mathewson
2b7bdc295a Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-11-14 11:10:27 -05:00
Nick Mathewson
13f02c387f Merge remote-tracking branch 'karsten/geoip-november2011' into maint-0.2.1 2011-11-14 11:10:10 -05:00
George Kadianakis
406ae1ba5a Use callback-driven approach to block renegotiations. 
Also use this new approach in the bufferevents-enabled case.
 2011-11-13 14:47:11 +01:00
Gisle Vanem
af12a7ac00 Fix test_util.c compilation on MSVC 
"Those '{}' constructs are not well liked by MSVC (cl v.16.xx)."

Received on tor-dev; fixes bug on 0.2.3.3-alpha.
 2011-11-11 23:49:53 -05:00
Nick Mathewson
ce51887291 All-in-one benchmark test for cell crypto 2011-11-11 13:06:17 -05:00
Nick Mathewson
4c9b6df84d Convert bench_dmap to produce reasonable output. 2011-11-11 12:46:22 -05:00
Nick Mathewson
ff93535c71 New src/test/bench.c to allow us to actually _run_ benchmark code 
Yes, the timing functions are suboptimal.  Please improve!
 2011-11-11 12:35:08 -05:00
Sebastian Hahn
a2ecf131f3 Remove the torint.h include from aes.h 
This hasn't been needed for a while, there's nothing in aes.h now that
would need uint* stuff.
 2011-11-11 11:47:25 -05:00
Sebastian Hahn
38123ffa23 Fix the bench_{aes,dmap} test functions to work with TT 
TT expects them to be named test_bench_{aes,dmap}. Also change the
DISABLED macro to reflect that.
 2011-11-11 11:47:25 -05:00
Nick Mathewson
46d236c684 Remove vestiges of RIJNDAEL_COUNTER_OPTIMIZATION 2011-11-11 11:47:25 -05:00
Nick Mathewson
7d8edfcceb Stop using "u32" and "u8" in aes.c 2011-11-11 11:47:24 -05:00
Nick Mathewson
21cf7079fe Dump our internal AES implementation 
This thing was pretty pointless on versions of OpenSSL 0.9.8 and later,
and almost totally pointless on OpenSSL 1.0.0.

Also, favor EVP by default, since it lets us get hardware acceleration
where present.  (See issue 4442)
 2011-11-11 11:47:24 -05:00
Nick Mathewson
d348cfdbdf Merge remote-tracking branch '4ZM/topic/test/4434_address' 2011-11-11 11:07:29 -05:00
Anders Sundman
ca1e88a0db Unit tests for tor_addr_to_str 2011-11-11 08:32:26 +01:00
Anders Sundman
b6b7efc084 Unit tests for tor_addr_to_PTR_name 2011-11-11 08:14:42 +01:00
Anders Sundman
1b97588a31 Return value bugfix of tor_addr_to_PTR_name 
Returns value semantics was inconsitent between IPv4 and IPv6
 2011-11-11 08:14:32 +01:00
Anders Sundman
930eed21c3 Fixed buffer bounds check bug in tor_addr_to_str 2011-11-11 07:53:58 +01:00
Anders Sundman
8c7658dfdf Unit tests for tor_inet_ntop 2011-11-11 07:49:41 +01:00
Anders Sundman
01e1dc0e62 Fixed of-by-one error in tor_inet_ntop 
The of-by-one error could lead to 1 byte buffer over runs IPv6 for addresses.
 2011-11-11 07:47:00 +01:00