mirrors/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2025-02-27 07:59:35 +01:00
Code Issues Projects Releases Wiki Activity
20880 commits 53 branches 632 tags 102 MiB
Commit graph

3161 commits

Author SHA1 Message Date
Nick Mathewson
254ab5a8de Use correct argument types for inet_pton. 
(I blame whoever decided that using a void* for a union was a good
idea.)
 2014-11-04 00:45:14 -05:00
rl1987
0da4ddda4f Checking if FQDN is actually IPv6 address string and handling that case. 2014-11-04 00:37:24 -05:00
rl1987
2f1068e68a Adding helper function that checks if string is a valid IPv6 address. 2014-11-04 00:37:21 -05:00
rl1987
e8e45ff13e Introducing helper function to validate IPv4 address strings. 2014-11-04 00:36:37 -05:00
rl1987
1ea9a6fd72 Introducing helper function to validate DNS name strings. 2014-11-04 00:35:43 -05:00
Nick Mathewson
5bcf952261 Check more thoroughly for unlogged OpenSSL errors 2014-11-02 13:04:44 -05:00
Nick Mathewson
a142fc29af Use tor_malloc_zero(x), not tor_calloc(x,sizeof(char)) 
(Also, fixes a wide line.)
 2014-11-02 12:08:51 -05:00
Nick Mathewson
bbd8d07167 Apply new calloc coccinelle patch 2014-11-02 11:56:02 -05:00
Nick Mathewson
ded33cb2c7 Use the | trick to save a comparison in our calloc check. 2014-11-02 11:54:42 -05:00
Nick Mathewson
0d8abf5365 Switch to a < comparison for our calloc check; explain how it works 2014-11-02 11:54:42 -05:00
Mansour Moufid
81b452d245 Document the calloc function overflow check. 2014-11-02 11:54:42 -05:00
Mansour Moufid
06b1ef7b76 Remove a duplicate comment. 2014-11-02 11:54:42 -05:00
Mansour Moufid
3206dbdce1 Refactor the tor_reallocarray_ overflow check. 2014-11-02 11:54:42 -05:00
Mansour Moufid
aff6fa0b59 Refactor the tor_calloc_ overflow check. 2014-11-02 11:54:41 -05:00
Nick Mathewson
542b470164 Refactor {str,digest}map into a common implementation; add digest256map 
Needed for #13399.
 2014-10-31 10:54:12 -04:00
teor
13298d90a9 Silence spurious clang warnings 
Silence clang warnings under --enable-expensive-hardening, including:
  + implicit truncation of 64 bit values to 32 bit;
  + const char assignment to self;
  + tautological compare; and
  + additional parentheses around equality tests. (gcc uses these to
    silence assignment, so clang warns when they're present in an
    equality test. But we need to use extra parentheses in macros to
    isolate them from other code).
 2014-10-30 22:34:46 +11:00
Nick Mathewson
fcdcb377a4 Add another year to our copyright dates. 
Because in 95 years, we or our successors will surely care about
enforcing the BSD license terms on this code.  Right?
 2014-10-28 15:30:16 -04:00
Sebastian Hahn
909aa51b3f Remove configure option to disable curve25519 
By now, support in the network is widespread and it's time to require
more modern crypto on all Tor instances, whether they're clients or
servers. By doing this early in 0.2.6, we can be sure that at some point
all clients will have reasonable support.
 2014-10-27 14:41:19 +01:00
teor
c9d0967dd9 Fix minor typos, two line lengths, and a repeated include 2014-10-23 02:57:11 +11:00
Nick Mathewson
653221e807 Merge remote-tracking branch 'public/bug11824_v2' 2014-10-22 11:01:50 -04:00
Nick Mathewson
8e4daa7bb0 Merge remote-tracking branch 'public/ticket6938' 
Conflicts:
	src/tools/tor-resolve.c
 2014-10-22 10:14:03 -04:00
Nick Mathewson
3826a88fc0 Merge remote-tracking branch 'teor/bug13476-improve-time-handling' 2014-10-21 13:14:27 -04:00
Nick Mathewson
e3d166b7a6 Merge remote-tracking branch 'teor/memwipe-more-keys' 2014-10-20 11:12:51 -04:00
Nick Mathewson
affa251c83 Use a macro to indicate "The ecdhe group we use by default". 
This might make Coverity happier about the if statement where we
have a default case that's the same as one of the other cases. CID 1248515
 2014-10-20 09:08:42 -04:00
teor
2e1f5c1fc0 Memwipe more keys after tor has finished with them 
Ensure we securely wipe keys from memory after
crypto_digest_get_digest and init_curve25519_keypair_from_file
have finished using them.

Fixes bug 13477.
 2014-10-20 03:06:28 +11:00
teor
d7b13543e2 Clamp (some) years supplied by the system to 1 CE 
Clamp year values returned by system localtime(_r) and
gmtime(_r) to year 1. This ensures tor can read any
values it might write out.

Fixes bug 13476.
 2014-10-20 02:47:31 +11:00
teor
238b8eaa60 Improve date validation in HTTP headers 
Check all date/time values passed to tor_timegm
and parse_rfc1123_time for validity, taking leap
years into account.
Improves HTTP header validation.

Avoid unlikely signed integer overflow in tor_timegm
on systems with 32-bit time_t.
Fixes bug 13476.
 2014-10-20 02:40:27 +11:00
teor
dd556fb1e6 Use correct day of year in correct_tm() 
Set the correct day of year value in correct_tm() when the
system's localtime(_r) or gmtime(_r) functions fail to set struct tm.

Fixes bug 13476.
 2014-10-20 02:32:05 +11:00
Nick Mathewson
33b399a7b2 Merge remote-tracking branch 'origin/maint-0.2.5' 2014-10-16 09:09:20 -04:00
Nick Mathewson
22b9caf0ae Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 2014-10-16 09:08:52 -04:00
Nick Mathewson
943fd4a252 Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2014-10-16 09:08:32 -04:00
Nick Mathewson
af73d3e4d8 Disable SSLv3 unconditionally. Closes ticket 13426. 
The POODLE attack doesn't affect Tor, but there's no reason to tempt
fate: SSLv3 isn't going to get any better.
 2014-10-15 11:50:05 -04:00
Nick Mathewson
f1782d9c4c Clean whitespace in last patch. 2014-10-13 13:20:07 -04:00
teor
f51418aabc Avoid overflow in format_time_interval, create unit tests 
Fix an instance of integer overflow in format_time_interval() when
taking the absolute value of the supplied signed interval value.
Fixes bug 13393.

Create unit tests for format_time_interval().
 2014-10-12 20:50:10 +11:00
Nick Mathewson
90bce702ba Merge remote-tracking branch 'public/bug10816' 2014-10-09 10:57:19 -04:00
Nick Mathewson
bbffd0a018 Merge remote-tracking branch 'origin/maint-0.2.5' 2014-10-03 19:58:25 -04:00
Nick Mathewson
d315b8e8bc Merge remote-tracking branch 'public/bug13325_024' into maint-0.2.5 2014-10-03 19:57:41 -04:00
Nick Mathewson
d1fa0163e5 Run correctly on OpenBSD systems without SSL_METHOD.get_cipher_by_char 
Also, make sure we will compile correctly on systems where they
finally rip it out.

Fixes issue #13325.  Caused by this openbsd commit:

   ​http://marc.info/?l=openbsd-cvs&m=140768179627976&w=2

Reported by Fredzupy.
 2014-10-03 12:15:09 -04:00
Andrea Shepard
5a07fb96f2 Make tor_libevent_get_base() mockable 2014-09-30 23:14:25 -07:00
Andrea Shepard
d438cf1ec9 Implement scheduler mechanism to track lists of channels wanting cells or writes; doesn't actually drive the cell flow from it yet 2014-09-30 22:48:24 -07:00
Nick Mathewson
2e607ff519 Merge remote-tracking branch 'origin/maint-0.2.5' 2014-09-29 13:02:50 -04:00
Nick Mathewson
09951bea7f Don't use the getaddrinfo sandbox cache from tor-resolve 
Fixes bug 13295; bugfix on 0.2.5.3-alpha.

The alternative here is to call crypto_global_init() from tor-resolve,
but let's avoid linking openssl into tor-resolve for as long as we
can.
 2014-09-29 12:57:07 -04:00
Nick Mathewson
5190ec0bc4 Merge remote-tracking branch 'public/require_some_c99' 2014-09-26 11:06:41 -04:00
Nick Mathewson
6e7cbfc465 Avoid a "constant variable guards dead code" warning from coverity 
Fixes CID 752028
 2014-09-26 09:40:30 -04:00
Nick Mathewson
7c52a0555a Check key_len in secret_to_key_new() 
This bug shouldn't be reachable so long as secret_to_key_len and
secret_to_key_make_specifier stay in sync, but we might screw up
someday.

Found by coverity; this is CID 1241500
 2014-09-26 09:06:36 -04:00
Nick Mathewson
4e87b97872 Fix on that last fix. 2014-09-25 17:59:10 -04:00
Nick Mathewson
9190468246 Fix warnings on 32-bit builds. 
When size_t is the most memory you can have, make sure that things
referring to real parts of memory are size_t, not uint64_t or off_t.

But not on any released Tor.
 2014-09-25 17:50:13 -04:00
Nick Mathewson
1c5d680b3d Merge branch 'ed25519_ref10_squashed' 
Conflicts:
	src/common/include.am
	src/ext/README
 2014-09-25 15:11:34 -04:00
Nick Mathewson
46cda485bc Comments and tweaks based on review by asn 
Add some documentation

Rename "derive" -> "blind"

Check for failure on randombytes().
 2014-09-25 15:08:32 -04:00
Nick Mathewson
f0eb7ae79f More documentation for ed25519 stuff. 2014-09-25 15:08:31 -04:00