mirrors/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2025-02-27 07:59:35 +01:00
Code Issues Projects Releases Wiki Activity
32647 commits 53 branches 632 tags 102 MiB
Commit graph

633 commits

Author SHA1 Message Date
Nick Mathewson
19dbc385d5 Merge remote-tracking branch 'tor-github/pr/298' 2018-09-12 09:38:52 -04:00
Nick Mathewson
8294c40c96 Merge remote-tracking branch 'tor-github/pr/318' 2018-09-12 08:12:19 -04:00
Nick Mathewson
a52d5d5309 Refactor initialization in curve25519_basepoint_spot_check 
This is an attempt to work around what I think may be a bug in
OSS-Fuzz, which thinks that uninitialized data might be passed to
the curve25519 functions.
 2018-09-09 10:21:13 -04:00
Nick Mathewson
9ca1af9a87 Merge remote-tracking branch 'dgoulet/ticket20700_035_03' 2018-09-07 15:03:32 -04:00
Suphanat Chunhapanya
10f4c46e50 test: Build an HSv3 descriptor with authorized client 
Signed-off-by: David Goulet <dgoulet@torproject.org>
 2018-09-07 13:59:22 -04:00
Nick Mathewson
13d0855a89 Merge remote-tracking branch 'teor/bug27521' 2018-09-07 10:29:45 -04:00
Nick Mathewson
ee6d8bcf71 Merge branch 'maint-0.3.4' 2018-09-07 09:15:56 -04:00
teor
3b6d1676ec
Comment: Fix typos in get_interface_addresses_win32() 
Closes 27521.
 2018-09-07 11:32:57 +10:00
Nick Mathewson
22e2403145 Revert "Avoid double-close on TCP sockets under NSS." 
This reverts commit b5fddbd241.

The commit here was supposed to be a solution for #27451 (fd
management with NSS), but instead it caused an assertion failure.

Fixes bug 27500; but not in any released Tor.
 2018-09-06 11:06:30 -04:00
Nick Mathewson
bcfab63ca5 Merge remote-tracking branch 'teor/ticket27467' 2018-09-06 09:24:47 -04:00
teor
d0965561a5
Remove GetAdaptersAddresses_fn_t 
The code that used it was removed as part of the 26481 refactor.

Closes ticket 27467.
 2018-09-06 12:54:03 +10:00
Nick Mathewson
b8a2bdbdc8 Backport to older NSS, which does not have SEC_DerSignDataWithAlgorithmID 2018-09-05 16:49:15 -04:00
Nick Mathewson
5656144290 Fix checkspaces 2018-09-05 16:48:53 -04:00
Nick Mathewson
710aa122e4 Suppress strict-prototypes warnings in one more batch of NSS headers 2018-09-05 16:36:18 -04:00
Nick Mathewson
8cd091a8d3 Add a last-ditch memwipe() implementation for nss+old glibc 
On new glibc versions, there's an explicit_bzero().  With openssl,
there's openssl_memwipe().

When no other approach works, use memwipe() and a memory barrier.
 2018-09-05 16:34:01 -04:00
Nick Mathewson
824160fd82 Fix a type, and hopefully the win64 builds. 2018-09-05 09:36:15 -04:00
Nick Mathewson
dc7c979453 Add note about use of tor_memcmp() 2018-09-05 09:11:53 -04:00
Nick Mathewson
79a7fbb79b Fix a reverse-inull warning from coverity in new code. 2018-09-05 08:34:14 -04:00
Nick Mathewson
03efb67b42 Debug one last reference-counting issue that only appeared on openssl master 2018-09-04 20:46:46 -04:00
Nick Mathewson
0db5c54957 Merge branch 'nss_squashed' into nss_merge 2018-09-04 20:21:07 -04:00
Nick Mathewson
d644c93ae9 Resolve openssl-only memory leaks 2018-09-04 19:45:28 -04:00
Nick Mathewson
c50537fd94 Fix a pair of remaining leaks in tortls_nss.c 
Fun fact: PR_Close leaks memory if its socket is not valid.
 2018-09-04 19:45:21 -04:00
Nick Mathewson
274efb1263 Use FREE_AND_NULL for impl types 2018-09-04 14:52:35 -04:00
Nick Mathewson
ad94d43fc5 Port test_tortls_verify to not depend on openssl internals 2018-09-04 14:52:35 -04:00
Nick Mathewson
59c1b34b72 Remove tor_tls_check_lifetime as unused. 
Everything that might have used it, uses tor_tls_cert_is_valid() instead.
 2018-09-04 14:52:35 -04:00
Nick Mathewson
7acb8c8d18 Document winsock includes better 2018-09-04 14:52:35 -04:00
Nick Mathewson
70c27b7e39 Fix documentation of initialized fields in crypto_init.c 2018-09-04 14:52:35 -04:00
Nick Mathewson
edbb5ef5b2 Make some additional RSA functions const 2018-09-04 14:52:35 -04:00
Nick Mathewson
600e046ed3 Rename crypto_pk_check_key(), use it more reasonably, add tests 
This function was a wrapper around RSA_check_key() in openssl, which
checks for invalid RSA private keys (like those where p or q are
composite, or where d is not the inverse of e, or where n != p*q).
We don't need a function like this in NSS, since unlike OpenSSL, NSS
won't let you import a bogus private key.

I've renamed the function and changed its return type to make it
more reasonable, and added a unit test for trying to read a key
where n != p*q.
 2018-09-04 14:52:35 -04:00
Nick Mathewson
3b5d6ef15b Unify functions for reading/writing PEM keys, to avoid duplication. 2018-09-04 14:52:35 -04:00
Nick Mathewson
f46a7eafb8 Do not leak a reference to "slot" when decoding private key. 2018-09-04 14:52:35 -04:00
Nick Mathewson
36f3bdac03 Update prefork and postfork NSS code for unit tests. 2018-09-04 14:52:35 -04:00
Nick Mathewson
52ac539b99 Test a few more tortls.c functions 2018-09-04 14:52:35 -04:00
Nick Mathewson
7163389b55 Several unit tests to improve test coverage of x509*.c 2018-09-04 14:52:35 -04:00
Nick Mathewson
02086a216f Remove tor_x509_get_cert_impl as unneeded. 2018-09-04 14:52:35 -04:00
Nick Mathewson
b5fddbd241 Avoid double-close on TCP sockets under NSS. 2018-09-04 14:52:35 -04:00
Nick Mathewson
52d5f4da12 Avoid spurious error logs when using NSS 
The tls_log_errors() function now behaves differently for NSS than
it did for OpenSSL, so we need to tweak it a bit.
 2018-09-04 14:52:35 -04:00
Nick Mathewson
dd04fc35c6 Remove tor_tls_shutdown() 
This function was supposed to implement a half-duplex mode for our
TLS connections.  However, nothing in Tor actually uses it (besides
some unit tests), and the implementation looks really questionable
to me.  It's probably best to remove it.  We can add a tested one
later if we need one in the future.
 2018-09-04 14:52:35 -04:00
Nick Mathewson
5205c7fd90 Initial NSS support for TLS. 
This is enough to get a chutney network to bootstrap, though a bunch
of work remains.
 2018-09-04 14:52:35 -04:00
Nick Mathewson
3507fead10 Merge branch 'tor_api_owning_control' 2018-09-04 11:04:21 -04:00
cypherpunks
d32b08af6f string: add string_is_utf8() helper 
Ticket #27373.
 2018-09-03 13:54:43 +00:00
rl1987
01eb164574 Reject addresses with needless trailing colon 2018-08-31 19:34:14 +03:00
rl1987
23ed863da4 Improve bracket handling in tor_addr_parse() 
* Actually check for second bracket
* Only attempt parsing IPv4 address when no brackets found
 2018-08-31 18:55:36 +03:00
Mike Perry
93ff8b411a Merge branch 'ticket25573-034' into ticket25573-master 2018-08-29 17:10:06 +00:00
Nick Mathewson
219f6ea516 Fix log.c comments about assert vs tor_assert vs raw_assert. 2018-08-28 15:58:16 -04:00
Nick Mathewson
c567b8fcb4 NSS support for x509 certs 
7 unit tests are failing at this point, but they're all TLS-related.
 2018-08-22 16:11:45 -04:00
Nick Mathewson
7c5339677f Log error strings in crypto_nss_log_errors(). 
I'll need this for debugging.
 2018-08-22 12:36:25 -04:00
Nick Mathewson
de66bd397c Merge branch 'maint-0.3.4' 2018-08-21 19:20:37 -04:00
Nick Mathewson
5245a296c5 Make some x509 functions generic; remove some fields NSS doesn't need 2018-08-21 12:25:33 -04:00
Nick Mathewson
b9ca8f2356 Extract internal-only parts of x509.h 2018-08-21 12:25:33 -04:00