mirrors/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2025-02-26 23:52:30 +01:00
Code Issues Projects Releases Wiki Activity
21220 commits 53 branches 632 tags 102 MiB
Commit graph

3229 commits

Author SHA1 Message Date
Nick Mathewson
b701b7962b Fix comment switcheroo. Spotted by skruffy 2015-12-08 12:53:51 -05:00
Nick Mathewson
7f074e08d8 Merge branch 'feature13696_squashed' 2015-12-08 12:35:26 -05:00
Yawning Angel
353c71516e Add support for getrandom() and getentropy() when available 
Implements feature #13696.
 2015-12-08 12:34:53 -05:00
teor (Tim Wilson-Brown)
021958934f Consistently ignore multicast in internal reject private exit policies 
Consistently ignore multicast addresses when automatically
generating reject private exit policies.

Closes ticket 17763. Bug fix on 10a6390deb,
not in any released version of Tor. Patch by "teor".
 2015-12-07 14:46:19 +11:00
Nick Mathewson
eedef41944 use sockaddr_storage for stack-allocated sockets in ersatz socketpair 2015-11-27 11:52:59 -05:00
Nick Mathewson
f108be7c25 Make SIZEOF_SOCKADDR return socklen_t to avoid bad compares. 2015-11-27 11:48:54 -05:00
Nick Mathewson
a45aacd2e2 Use uint16_t, not in_port_t (which does not exist on Windows). See #17638. 2015-11-27 11:39:03 -05:00
Nick Mathewson
e5754c42d1 Merge branch 'bug17686_v2_027' 2015-11-25 22:33:49 -05:00
Nick Mathewson
1cfa2bc859 Fix documentation for crypto_rand* 2015-11-25 22:29:59 -05:00
Nick Mathewson
ddcbe26474 Now that crypto_rand() cannot fail, it should return void. 2015-11-25 22:29:59 -05:00
Nick Mathewson
10fdee6285 Add crypto-initializer functions to those whose return values must be checked 2015-11-25 22:29:59 -05:00
Nick Mathewson
dedea28c2e Make crypto_seed_rng() and crypto_rand() less scary. 
These functions must really never fail; so have crypto_rand() assert
that it's working okay, and have crypto_seed_rng() demand that
callers check its return value.  Also have crypto_seed_rng() check
RAND_status() before returning.
 2015-11-25 22:29:59 -05:00
teor (Tim Wilson-Brown)
b1b8f7982e Check the return value of HMAC in crypto.c and assert on error 
Fixes bug #17658; bugfix on commit in fdbb9cdf74 (11 Oct 2011)
in tor version 0.2.3.5-alpha-dev.
 2015-11-26 10:46:36 +11:00
Nick Mathewson
45caeec9a0 Merge remote-tracking branch 'teor/comments-20151123' 2015-11-25 09:08:15 -05:00
Nick Mathewson
7194d3d957 Tweak gtank's sha512 patch a little 2015-11-25 09:04:17 -05:00
George Tankersley
695412302b implement teor's comments 2015-11-24 02:17:37 +00:00
George Tankersley
ff54cc8481 add SHA512 support to crypto 2015-11-24 01:34:28 +00:00
teor (Tim Wilson-Brown)
5b2adfb3d4 Fix comments to describe actual return values (crypto.c) 2015-11-23 20:31:57 +11:00
teor (Tim Wilson-Brown)
84d1373ba0 Fix typo in comment on crypto_add_spaces_to_fp 2015-11-23 18:59:11 +11:00
teor (Tim Wilson-Brown)
604d3ee48d Comment only: crypto_seed_rng no longer has a "startup" parameter 2015-11-23 10:26:07 +11:00
Nick Mathewson
cbc1b8a4f7 fix "make check-spaces" 2015-11-20 10:52:56 -05:00
teor (Tim Wilson-Brown)
53ec840bdf Make tor_ersatz_socketpair work on IPv6-only systems 
(But it won't work on some systems without IPv4/IPv6 localhost
(some BSD jails) by design, to avoid creating sockets on routable
IP addresses. However, those systems likely have the AF_UNIX socketpair,
which tor prefers.)

Fixes bug #17638; bugfix on a very early tor version,
earlier than 22dba27d8d (23 Nov 2004) / svn:r2943.

Patch by "teor".
 2015-11-19 19:08:22 +11:00
teor (Tim Wilson-Brown)
878b5738c2 Update comments in get_interface_addresses_ioctl 
Comment-only change noting platforms that can return IPv6
addresses from SIOCGIFCONF (or SIOCGLIFCONF).
 2015-11-18 23:30:25 +11:00
Nick Mathewson
7a940fac1c appease check-spaces 2015-11-13 13:46:47 -05:00
Nick Mathewson
d467227323 Merge remote-tracking branch 'public/ticket11150_client_only' 2015-11-13 09:58:16 -05:00
Nick Mathewson
accb726db6 Remove a little duplicated code in TAP key expansion 
patch from pfrankw; closes 17587.
 2015-11-13 09:46:32 -05:00
Nick Mathewson
d20a3d07e3 Merge branch 'karsten_bug13192_026_03_teor' 2015-11-12 11:40:58 -05:00
Nick Mathewson
1f7ba115a4 Rename cast_double_to_int64 to clamp_double_to_int64 2015-11-12 11:33:48 -05:00
Nick Mathewson
0694263b75 Make round_to_next_multiple_of always round upwards. 
Yes, even if it has to return a non-multiple.  This prevents us from
ever having a bug where we try to use it for allocation, and under-allocate.
 2015-11-12 11:32:14 -05:00
Nick Mathewson
05c34b3330 appease check-spaces 2015-11-10 10:40:19 -05:00
Nick Mathewson
39e8fa81f7 every version of openssl we support has SSL_get_state 2015-11-10 10:14:58 -05:00
Nick Mathewson
3aebeeffa5 Every openssl we support has ERR_remove_thread_state 2015-11-10 10:13:04 -05:00
Nick Mathewson
c32a43a4d2 Move openssl version compatibility defines into a new header. 2015-11-10 10:02:21 -05:00
Yawning Angel
3e3ec750cd Fix compilation with OpenSSL 1.1.0-dev. 
OpenSSL changed the API:
 * 5998e29035
 * b0700d2c8d
 2015-11-06 19:02:56 +00:00
Nick Mathewson
5e9f2384cf Fix various coverity-found issues 2015-10-21 16:01:29 -04:00
Nick Mathewson
f217b24e05 Merge remote-tracking branch 'origin/maint-0.2.7' 2015-10-21 12:03:04 -04:00
Nick Mathewson
4fb4906975 Merge remote-tracking branch 'public/bug17404_024' into maint-0.2.7 2015-10-21 12:02:42 -04:00
Nick Mathewson
9459ae260e Fix the return value 2015-10-21 12:01:05 -04:00
Nick Mathewson
895a98dbaf Merge remote-tracking branch 'origin/maint-0.2.7' 2015-10-21 11:53:00 -04:00
Nick Mathewson
b809c265e7 Merge remote-tracking branch 'public/bug17404_024' into maint-0.2.7 2015-10-21 11:51:03 -04:00
Nick Mathewson
35bf07b8d6 Check for len < 4 in dn_indicates_v3_cert 
Without this check, we potentially look up to 3 characters before
the start of a malloc'd segment, which could provoke a crash under
certain (weird afaik) circumstances.

Fixes 17404; bugfix on 0.2.6.3-alpha.
 2015-10-21 11:44:43 -04:00
Nick Mathewson
2461ea1faa Merge remote-tracking branch 'origin/maint-0.2.7' 2015-10-21 08:17:34 -04:00
Nick Mathewson
542cc8a5ff Fix a memory leak; bug 17398. 2015-10-21 08:17:07 -04:00
Nick Mathewson
a5ed8b1667 Fix compilation of sandbox.[ch] under musl-libc 
Patch from jamestk; fix on 0.2.5.1-alpha. Fixes 17347.
 2015-10-15 10:37:41 -04:00
Nick Mathewson
fa4a81518a Merge branch 'bug17347' 2015-10-15 10:36:29 -04:00
Nick Mathewson
50148dc45d Fix compilation of sandbox.[ch] under musl-libc 
Patch from jamestk; fix on 0.2.5.1-alpha. Fixes 17347.
 2015-10-15 10:35:45 -04:00
Nick Mathewson
5bd3290df3 Remove workaround code for broken client-side renegotiation 
Since 11150 removed client-side support for renegotiation, we no
longer need to make sure we have an openssl/TLSvX combination that
supports it (client-side)
 2015-10-07 10:16:37 -04:00
Nick Mathewson
6505d529a5 Remove client-side support for detecting v1 handshake 
Fixes more of 11150
 2015-10-07 10:13:39 -04:00
Nick Mathewson
2ad6e1bb0e Make the mis-named V2_HANDSHAKE_SERVER/CLIENT macros always-on. 
They selected the V2 handshake *and* the V3 handshake, in a strange
mixture.  Both handshakes have been mandatory for a long time.
 2015-10-07 10:07:29 -04:00
Nick Mathewson
bd1a137893 Remove the client-side code for the v1 and v2 tls handshakes. 
(This is safe since super-old Tor servers are no longer allowed on
the network.)

Closes the client-side part of 11150.
 2015-10-07 10:04:12 -04:00