mirrors/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2025-02-27 07:59:35 +01:00
Code Issues Projects Releases Wiki Activity
23432 commits 53 branches 632 tags 102 MiB
Commit graph

3616 commits

Author SHA1 Message Date
Nick Mathewson
3c28d95ca7 Add more EINVAL errno setting on key read failures 
Teor found these.  This is for part of #16582.
 2015-07-15 10:35:29 -04:00
Nick Mathewson
b566cb9e84 Make file-reading and key-reading preserve errno 
This is an important part of #16582.
 2015-07-14 10:18:52 -04:00
Nick Mathewson
19f9803f8e Okay, this time it was my fault 2015-07-12 15:44:43 -04:00
Nick Mathewson
58cd21f601 Fine, mingw! fine! are you happy now?? 2015-07-12 15:30:35 -04:00
Nick Mathewson
7ed477786c This should be the last SecureZeroMemory fix 2015-07-12 15:14:52 -04:00
Nick Mathewson
9f21c85e04 Dammit, autoconf! 2015-07-12 15:02:43 -04:00
Nick Mathewson
db88d91ebe Nth time is maybe the charm for fixing windows readpassword build errors 2015-07-12 14:34:11 -04:00
Nick Mathewson
de397d57c9 note some dead code in set_max_file_descriptors 2015-07-11 16:53:32 -04:00
Nick Mathewson
d18215ed16 Try one more one more time to get tor-ci-windows working 
Apparently its mingw headers are missing some stuff.
 2015-07-10 09:59:29 -04:00
Nick Mathewson
ad0d181854 Attempt yet again to make the tor-ci-windows builder happy 2015-07-10 09:16:32 -04:00
Nick Mathewson
a6a0759e3a Merge remote-tracking branch 'yawning/feature16467_9663' 2015-07-09 12:53:55 -04:00
teor
57c61f39a0 Always use the sandbox in tor_open_cloexec 
Use the sandbox in tor_open_cloexec, whether or not O_CLOEXEC is defined.
Patch by "teor". Fix on 0.2.3.1-alpha.
 2015-07-08 02:17:31 +10:00
Yawning Angel
840e68d917 Integrate and enable ed25519-donna. 
The runtime sanity checking is slightly different from the optimized
basepoint stuff in that it uses a given implementation's self tests if
available, and checks if signing/verification works with a test vector
from the IETF EdDSA draft.

The unit tests include a new testcase that will fuzz donna against ref0,
including the blinding and curve25519 key conversion routines.  If this
is something that should be done at runtime (No?), the code can be
stolen from there.

Note: Integrating batch verification is not done yet.
 2015-07-06 10:11:10 +00:00
Yawning Angel
f079c27761 Integrate the accelerated Curve25519 scalar basemult. 
Integration work scavanged from nickm's `ticket8897_9663_v2` branch,
with minor modifications.  Tor will still sanity check the output but
now also attempts to catch extreme breakage by spot checking the
optimized implementation vs known values from the NaCl documentation.

Implements feature 9663.
 2015-07-06 09:57:23 +00:00
Yawning Angel
0f3eeca9b8 Integrate ed25519-donna (Not yet used). 
Integrate ed25519-donna into the build process, and provide an
interface that matches the `ref10` code.  Apart from the blinding and
Curve25519 key conversion, this functions as a drop-in replacement for
ref10 (verified by modifying crypto_ed25519.c).

Tests pass, and the benchmarks claim it is quite a bit faster, however
actually using the code requires additional integration work.
 2015-07-06 09:40:28 +00:00
Nick Mathewson
877354a9af Try a little harder to fix the tor-ci-windows builder, or figure out why it is broke 2015-06-29 16:09:37 -04:00
Nick Mathewson
753797391f More tweaks for windows compilation. (ick) 2015-06-29 13:47:44 -04:00
Nick Mathewson
d9052c629b Remove checks for visual C 6. 2015-06-29 12:55:03 -04:00
Nick Mathewson
229bb7e50f Fix some compilation issues. 2015-06-27 14:27:00 -04:00
Nick Mathewson
3149bfc254 Merge branch 'bug16288_027_03_squashed' 2015-06-25 11:30:52 -04:00
David Goulet
699acd8d54 Validate the open file limit when creating a socket 
Fixes #16288

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
 2015-06-25 11:30:47 -04:00
Nick Mathewson
07e1e754f3 Merge branch 'readpassphrase_v2' 2015-06-25 10:53:13 -04:00
Nick Mathewson
272229ff5d Remove janky getpass implementations 2015-06-25 10:52:47 -04:00
Nick Mathewson
a64f2d167e Add a getpass implementation for windows that won't totally suck 
The logic here is inspired by Python's win_getpass(), which I'm
assuming is better than nothing.
 2015-06-25 10:52:47 -04:00
Yawning Angel
3f336966a2 Work around nytimes.com's broken hostnames in our SOCKS checks. 
RFC 952 is approximately 30 years old, and people are failing to comply,
by serving A records with '_' as part of the hostname.  Since relaxing
the check is a QOL improvement for our userbase, relax the check to
allow such abominations as destinations, especially since there are
likely to be other similarly misconfigured domains out there.
 2015-06-24 13:52:29 +00:00
Nick Mathewson
b9b658e727 Add the openssh 6.8p1 readpassphrase implementation 
This way glibc users don't have to fall back to getpass.

Windows users are still out of luck
 2015-06-17 10:41:22 -04:00
Nick Mathewson
d68133c745 Merge branch '13642_offline_master_v2_squashed' 2015-06-17 10:12:37 -04:00
Nick Mathewson
cbdf2c5d8f Add a tor_getpass to read passphrases. Needs better backend. 2015-06-17 10:11:18 -04:00
teor
4079d2e0a5 Fix spacing in tortls.c 2015-06-16 03:10:44 +10:00
Nick Mathewson
130a9c0ac8 Merge remote-tracking branch 'origin/maint-0.2.6' 2015-06-15 10:19:46 -04:00
Nick Mathewson
59fa0c2d99 Fix another seccomp2 issue 
Allow pipe() and pipe2() syscalls; we need these when eventfd2()
support is missing. Fixes bug 16363; bugfix on 0.2.6.3-alpha.  Patch
from "teor".
 2015-06-15 10:13:11 -04:00
teor
e870f6285d Fix clang address of struct member always non-NULL in SSL master key 
clang complains that the address of struct member in an assert in
SSL_SESSION_get_master_key is always non-NULL.
Instead, check each pointer argument is non-NULL before using it.

Fix on f90a704f12 from 27 May 2015, not in any released version of tor.
 2015-06-11 01:06:15 +10:00
Nick Mathewson
e48f8e5e87 Merge remote-tracking branch 'public/bug15760_hard_026_v2' 2015-06-02 15:08:14 -04:00
Yawning Angel
8024f6a75f A few more minor OpenSSL 1.1 fixes. 
* Use `TLS_method()` instead of the deprecated `SSLv23_method()`
 * Fix one missed conversion to `SSL_CIPHER_get_id()`
 2015-06-02 15:04:20 -04:00
Nick Mathewson
34edf17d88 Merge remote-tracking branch 'teor/bug16115-minor-fixes' 2015-06-02 14:51:13 -04:00
Nick Mathewson
e8386cce1c Merge remote-tracking branch 'origin/maint-0.2.6' 2015-06-02 14:29:37 -04:00
Peter Palfrader
a68e5323f8 Fix sandboxing to work when running as a relay 
This includes correctly allowing renaming secret_id_key and allowing the
eventfd2 and futex syscalls.  Fixes bug 16244; bugfix on 0.2.6.1-alpha.
 2015-06-02 14:20:01 -04:00
teor
b3f79da0d5 Silence unused variable warnings in find_cipher_by_id 
Unused variable warnings were still generated under some versions of OpenSSL.
Instead, make sure all variables are used under all versions.

Fix on 496df21c89, not in any released version of tor.
 2015-06-03 04:19:05 +10:00
teor
b1094fdec5 Fix an incorrect comment on spawn_func 
spawn_func calls pthread_create on unix, not fork

Fix on existing code split out of compat.c into
compat_pthreads.c in c2f0d52b7f
 2015-06-03 04:18:43 +10:00
Nick Mathewson
0030765e04 Merge remote-tracking branch 'public/bug15760_hard_026_v2' 
Conflicts:
	src/common/tortls.c
 2015-06-02 13:45:27 -04:00
Nick Mathewson
ff835e2328 Use autoconf, not OPENSSL_VERSION_NUMBER, to detect SSL_CIPHER_find 
Repairs build with libressl
 2015-06-02 13:38:27 -04:00
Nick Mathewson
f90a704f12 Use accessor functions for client_random/server_random/master_key 
If OpenSSL accepts my patch to introduce these functions, they'll
be a way to help Tor work with OpenSSL 1.1.
 2015-06-02 13:38:27 -04:00
Andrea Shepard
0e0b65db4f Appease make check-spaces 2015-06-01 12:59:14 +00:00
Nick Mathewson
b66f4cfc9d Merge remote-tracking branch 'origin/maint-0.2.6' 2015-05-28 14:06:01 -04:00
Nick Mathewson
97330ced0c Fix sandbox use with systemd. bug 16212. 2015-05-28 14:05:46 -04:00
Nick Mathewson
7816ba8f1a Add assertions to crypto_dh_dup() 
Without these, coverity is annoyed that aren't checking for NULL in bench.c

CID 1293335 -- found by coverity.
 2015-05-28 12:27:22 -04:00
Nick Mathewson
a194385d56 Impose an upper limit on threads per threadpool. 
Found by Coverity; Fixes CID 1268069
 2015-05-28 12:24:29 -04:00
Nick Mathewson
1b52e95028 Merge branch '12498_ed25519_keys_v6' 
Fixed numerous conflicts, and ported code to use new base64 api.
 2015-05-28 11:04:33 -04:00
Nick Mathewson
277c9a3580 Note some functions that should move or be merged 2015-05-28 10:47:47 -04:00
Nick Mathewson
55bb7bbafd Tests for AUTHENTICATE cell functionality. 2015-05-28 10:41:50 -04:00