mirrors/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2025-02-28 00:53:04 +01:00
Code Issues Projects Releases Wiki Activity
31863 commits 53 branches 632 tags 102 MiB
Commit graph

510 commits

Author SHA1 Message Date
Nick Mathewson
9e1a3be064 Prevent duplicate initialization of NSS DH module 
Allowing this didn't do any actual harm, since there aren't any
shared structures or leakable objects here.  Still, it's bad style
and might cause trouble in the future.

Closes ticket 27856.
 2018-09-27 13:26:47 -04:00
Nick Mathewson
34402ece8c geoip: fix windows compilation 2018-09-27 11:02:58 -04:00
Nick Mathewson
c8f2a6d2fe Extract the non-stats part of geoip into a new src/lib/geoip. 2018-09-27 10:26:01 -04:00
Nick Mathewson
6c739c3fb2 Fix arm compilation with openssl <1.1 
Bug 27781; bugfix on 0.3.5.1-alpha.
 2018-09-24 11:11:29 -04:00
Nick Mathewson
4e2028152d Fix an NSS socket leak-on-error found by dgoulet 2018-09-20 13:53:04 -04:00
Nick Mathewson
d6c564e09a Use the correct macro to detect an invalid socket in tortls_nss.c 
Fixes bug 27782; bugfix on 0.3.5.1-alpha
 2018-09-20 12:55:31 -04:00
Nick Mathewson
62b709bc26 Release ownership of the dummy socket that tortls_nss.c will close 
Related to #27795 -- since NSS will close the socket, we must not
count it as owned by Tor.
 2018-09-20 12:53:39 -04:00
Nick Mathewson
1c1e84281d Add a tor_release_socket_ownership() function. 2018-09-20 12:46:47 -04:00
Nick Mathewson
1f377e910f Merge branch 'maint-0.3.4' 2018-09-20 10:43:08 -04:00
Nick Mathewson
7ace8d5a61 Assert that some trunnel _new() functions return non-NULL 
The trunnel functions are written under the assumption that their
allocators can fail, so GCC LTO thinks they might return NULL.  In
point of fact, they're using tor_malloc() and friends, which can't
fail, but GCC won't necessarily figure that out.

Fixes part of #27772.
 2018-09-18 14:43:57 -04:00
Nick Mathewson
ea5792f333 Make crypto_strongest_rand() non-mockable 
Instead, have it call a mockable function.  We don't want
crypto_strongest_rand() to be mockable, since doing so creates a
type error when we call it from ed25519-donna, which we do not build
in a test mode.

Fixes bug 27728; bugfix on 0.3.5.1-alpha
 2018-09-18 12:40:18 -04:00
George Kadianakis
43324b0e4d Fix minor memleak in edge-case of crypto_rsa.c function. 2018-09-18 14:01:15 +03:00
Nick Mathewson
f606b3cfd1 Lower the maximum size of a private key file to 16 MB 
This shouldn't be a user-visible change: nobody has a 16 MB RSA
key that they're trying to use with Tor.

I'm doing this to fix CID 1439330 / ticket 27730, where coverity
complains (on 64-bit) that we are making a comparison that is never
true.
 2018-09-17 11:08:56 -04:00
Nick Mathewson
991bec67ee When Tor is compiled with NSS, don't claim support for LinkAuth=1 
Closes ticket 27288
 2018-09-16 13:28:29 -04:00
Nick Mathewson
035166e7bf Add a missing function for windows 2018-09-14 15:02:11 -04:00
Nick Mathewson
af39649aad Explicitly ignore BIO_set_close() return val to fix #27711 2018-09-14 13:09:10 -04:00
Nick Mathewson
79f8641ee5 Merge branch 'nss_countbytes_squashed' 2018-09-14 12:45:30 -04:00
Nick Mathewson
ac93c911ce Allow malloc includes in tls library 2018-09-14 12:44:56 -04:00
Nick Mathewson
126819c947 Add support for lower-level byte counting with NSS 
This is harder than with OpenSSL, since OpenSSL counts the bytes on
its own and NSS doesn't.  To fix this, we need to define a new
PRFileDesc layer that has its own byte-counting support.

Closes ticket 27289.
 2018-09-14 12:44:56 -04:00
Nick Mathewson
0e4fcd3996 Merge branch 'nss_27664' 2018-09-14 10:24:46 -04:00
Nick Mathewson
e43ae24e7d Merge branch 'nss_27451' 2018-09-14 10:22:38 -04:00
Nick Mathewson
d8280216c0 Include torint.h in socketpair.c for intptr_t definition. 2018-09-13 17:54:26 -04:00
Nick Mathewson
92357a07bd Fix a 32-bit off_t/size_t warning in crypto_rsa.c 
Bug not in any released Tor.
 2018-09-13 17:49:39 -04:00
Nick Mathewson
2d05500a1e Merge remote-tracking branch 'UntoSten/inform-about-conf-includes' 2018-09-13 13:35:59 -04:00
Nick Mathewson
75d6609eb1 Run crypto_prefork() before start_daemon(). 
Without this, RunAsDaemon breaks NSS.

Fixes bug 27664; bug not in any released Tor.
 2018-09-13 08:58:28 -04:00
Nick Mathewson
b4f20ec8a6 Merge remote-tracking branch 'tor-github/pr/280' 2018-09-12 16:13:23 -04:00
Nick Mathewson
ae5692994f Add a tor_tls_release_socket() function. 
This function tells the underlying TLS object that it shouldn't
close the fd on exit.  Mostly, we hope not to have to use it, since
the NSS implementation is kludgey, but it should allow us to fix
 2018-09-12 11:12:05 -04:00
Nick Mathewson
19dbc385d5 Merge remote-tracking branch 'tor-github/pr/298' 2018-09-12 09:38:52 -04:00
Nick Mathewson
8294c40c96 Merge remote-tracking branch 'tor-github/pr/318' 2018-09-12 08:12:19 -04:00
Nick Mathewson
a52d5d5309 Refactor initialization in curve25519_basepoint_spot_check 
This is an attempt to work around what I think may be a bug in
OSS-Fuzz, which thinks that uninitialized data might be passed to
the curve25519 functions.
 2018-09-09 10:21:13 -04:00
Nick Mathewson
9ca1af9a87 Merge remote-tracking branch 'dgoulet/ticket20700_035_03' 2018-09-07 15:03:32 -04:00
Suphanat Chunhapanya
10f4c46e50 test: Build an HSv3 descriptor with authorized client 
Signed-off-by: David Goulet <dgoulet@torproject.org>
 2018-09-07 13:59:22 -04:00
Nick Mathewson
13d0855a89 Merge remote-tracking branch 'teor/bug27521' 2018-09-07 10:29:45 -04:00
Nick Mathewson
ee6d8bcf71 Merge branch 'maint-0.3.4' 2018-09-07 09:15:56 -04:00
teor
3b6d1676ec
Comment: Fix typos in get_interface_addresses_win32() 
Closes 27521.
 2018-09-07 11:32:57 +10:00
Nick Mathewson
22e2403145 Revert "Avoid double-close on TCP sockets under NSS." 
This reverts commit b5fddbd241.

The commit here was supposed to be a solution for #27451 (fd
management with NSS), but instead it caused an assertion failure.

Fixes bug 27500; but not in any released Tor.
 2018-09-06 11:06:30 -04:00
Nick Mathewson
bcfab63ca5 Merge remote-tracking branch 'teor/ticket27467' 2018-09-06 09:24:47 -04:00
teor
d0965561a5
Remove GetAdaptersAddresses_fn_t 
The code that used it was removed as part of the 26481 refactor.

Closes ticket 27467.
 2018-09-06 12:54:03 +10:00
Nick Mathewson
b8a2bdbdc8 Backport to older NSS, which does not have SEC_DerSignDataWithAlgorithmID 2018-09-05 16:49:15 -04:00
Nick Mathewson
5656144290 Fix checkspaces 2018-09-05 16:48:53 -04:00
Nick Mathewson
710aa122e4 Suppress strict-prototypes warnings in one more batch of NSS headers 2018-09-05 16:36:18 -04:00
Nick Mathewson
8cd091a8d3 Add a last-ditch memwipe() implementation for nss+old glibc 
On new glibc versions, there's an explicit_bzero().  With openssl,
there's openssl_memwipe().

When no other approach works, use memwipe() and a memory barrier.
 2018-09-05 16:34:01 -04:00
Nick Mathewson
824160fd82 Fix a type, and hopefully the win64 builds. 2018-09-05 09:36:15 -04:00
Nick Mathewson
dc7c979453 Add note about use of tor_memcmp() 2018-09-05 09:11:53 -04:00
Nick Mathewson
79a7fbb79b Fix a reverse-inull warning from coverity in new code. 2018-09-05 08:34:14 -04:00
Nick Mathewson
03efb67b42 Debug one last reference-counting issue that only appeared on openssl master 2018-09-04 20:46:46 -04:00
Nick Mathewson
0db5c54957 Merge branch 'nss_squashed' into nss_merge 2018-09-04 20:21:07 -04:00
Nick Mathewson
d644c93ae9 Resolve openssl-only memory leaks 2018-09-04 19:45:28 -04:00
Nick Mathewson
c50537fd94 Fix a pair of remaining leaks in tortls_nss.c 
Fun fact: PR_Close leaks memory if its socket is not valid.
 2018-09-04 19:45:21 -04:00
Nick Mathewson
274efb1263 Use FREE_AND_NULL for impl types 2018-09-04 14:52:35 -04:00