mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-24 12:23:32 +01:00
0bc1241494
Proposal 289 prevents SENDME-flooding by requiring the other side to authenticate the data it has received. But this data won't actually be random if they are downloading a known resource. "No problem", we said, "let's fell the empty parts of our cells with some randomness!" and we did that in #26871. Unfortunately, if the relay data payloads are all completely full, there won't be any empty parts for us to randomize. Therefore, we now pick random "randomness windows" between CIRCWINDOW_INCREMENT/2 and CIRCWINDOW_INCREMENT. We remember whether we have sent a cell containing at least 16 bytes of randomness in that window. If we haven't, then when the window is exhausted, we send one. (This window approach is designed to lower the number of rng checks we have to do. The number 16 is pulled out of a hat to change the attacker's guessing difficulty to "impossible".) Implements 28646. |
||
---|---|---|
.. | ||
coccinelle | ||
codegen | ||
git | ||
maint | ||
test | ||
README |
The scripts directory holds tools for use in building, generating, testing, and maintaining the Tor source code. It is mainly for use by developers. Code maintenance scripts ------------------------ maint/checkLogs.pl -- Verify that Tor log statements are unique. maint/check_config_macros.pl -- Look for autoconf tests whose results are never used. maint/checkOptionDocs.pl -- Make sure that Tor options are documented in the manpage, and that the manpage only documents real Tor options. maint/checkSpaces.pl -- Style checker for the Tor source code. Mainly checks whitespace. maint/findMergedChanges.pl -- Find a set of changes/* files that have been merged into an upstream version. maint/format_changelog.py -- Flow the changelog into the proper format. maint/redox.py -- Find places that should have DOCDOC comments to indicate a need for doxygen comments, and put those comments there. maint/updateVersions.pl -- Update the version number in the .nsi and windows orconfig.h files. Testing scripts --------------- test/chutney-git-bisect.sh -- a git bisect run script that bisects using chutney. The script builds tor and tor-gencert, then runs chutney. The script takes optional arguments for out-of-tree builds, and specific chutney network flavours. You should copy this script before using it with git bisect, so that it doesn't change (or disappear) during bisection. test/cov-blame -- Mash up the results of gcov with git blame. Mainly useful to find out who has been writing untested code. test/cov-diff -- Compare two directories of gcov files to identify changed lines without coverage. test/coverage -- Generates a directory full of gcov files. You need to use this script instead of calling gcov directly because of our confusingly named object files. test/scan-build.sh -- Example script for invoking clang's scan-build static analysis tools. Code generation scripts ----------------------- codegen/gen_linux_syscalls.pl -- Generate a table mapping linux syscall numbers to their names. codegen/gen_server_ciphers.py -- Generate a sorted list of TLS ciphersuites for servers to choose from. codegen/get_mozilla_ciphers.py -- Generate a list of TLS ciphersuites for clients to use in order to look like Firefox. Code transformation scripts --------------------------- coccinelle/calloc.cocci -- Transform code to replace variants of malloc(a*b) with calloc(a,b)