| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2015-05-28 | Fix the position-check for ed25519 certs to work with annotations | Nick Mathewson | |
| When there are annotations on a router descriptor, the ed25519-identity element won't be at position 0 or 1; it will be at router+1 or router-1. This patch also adds a missing smartlist function to search a list for an item with a particular pointer. | |||
| 2015-05-28 | Tie key-pinning logic into directory authority operation | Nick Mathewson | |
| With this patch: * Authorities load the key-pinning log at startup. * Authorities open a key-pinning log for writing at startup. * Authorities reject any router with an ed25519 key where they have previously seen that ed25519 key with a different RSA key, or vice versa. * Authorities warn about, but *do not* reject, RSA-only descriptors when the RSA key has previously gone along with an Ed25519 key. (We should make this a 'reject' too, but we can't do that until we're sure there's no legit reason to downgrade to 0.2.5.) | |||
| 2015-05-28 | Key-pinning back-end for directory authorities. | Nick Mathewson | |
| This module implements a key-pinning mechanism to ensure that it's safe to use RSA keys as identitifers even as we migrate to Ed25519 keys. It remembers, for every Ed25519 key we've seen, what the associated Ed25519 key is. This way, if we see a different Ed25519 key with that RSA key, we'll know that there's a mismatch. We persist these entries to disk using a simple format, where each line has a base64-encoded RSA SHA1 hash, then a base64-endoded Ed25519 key. Empty lines, misformed lines, and lines beginning with a # are ignored. Lines beginning with @ are reserved for future extensions. | |||
| 2015-05-28 | Implement proposal 228: cross-certification with onion keys | Nick Mathewson | |
| Routers now use TAP and ntor onion keys to sign their identity keys, and put these signatures in their descriptors. That allows other parties to be confident that the onion keys are indeed controlled by the router that generated the descriptor. | |||
| 2015-05-28 | Implement proposal 228: cross-certification with onion keys | Nick Mathewson | |
| Routers now use TAP and ntor onion keys to sign their identity keys, and put these signatures in their descriptors. That allows other parties to be confident that the onion keys are indeed controlled by the router that generated the descriptor. | |||
| 2015-05-28 | Implement ed25519-signed descriptors | Nick Mathewson | |
| Now that we have ed25519 keys, we can sign descriptors with them and check those signatures as documented in proposal 220. | |||
| 2015-05-28 | prop220: Implement certificates and key storage/creation | Nick Mathewson | |
| For prop220, we have a new ed25519 certificate type. This patch implements the code to create, parse, and validate those, along with code for routers to maintain their own sets of certificates and keys. (Some parts of master identity key encryption are done, but the implementation of that isn't finished) | |||
| 2015-02-24 | Fix whitespace from tor_x509_cert rename | Nick Mathewson | |
| 2015-02-24 | Mechanical rename: tor_cert_t -> tor_x509_cert_t | Nick Mathewson | |
| 2015-02-24 | Merge remote-tracking branch 'origin/maint-0.2.6' | Nick Mathewson | |
| 2015-02-24 | Add sections to changes files; please lintchanges | Nick Mathewson | |
| 2015-02-24 | Merge remote-tracking branch 'origin/maint-0.2.6' | Nick Mathewson | |
| 2015-02-24 | Log less/better about systemd at startup | Nick Mathewson | |
| Report errors if the notification fails; report success only if it succeeds; and if we are not notifying systemd because we aren't running with systemd, don't log at notice. | |||
| 2015-02-24 | changes file for ticket 14950 | Nick Mathewson | |
| 2015-02-24 | Bump master to 0.2.7tor-0.2.7.0-root | Nick Mathewson | |
| 2015-02-24 | Update test_status.c to accommodate changes in heartbeat messages | Nick Mathewson | |
| Fixes #15012; bug not in any released Tor | |||
| 2015-02-23 | Merge branch 'bug14950_logs_squashed' | Nick Mathewson | |
| 2015-02-23 | Avoid logging natural-language reports that are redundant with bootstrapping | Nick Mathewson | |
| 2015-02-23 | Usually downgrade middle heartbeat messages when stuff is in-range | Nick Mathewson | |
| 2015-02-23 | Merge branch 'bug14989' | Nick Mathewson | |
| 2015-02-23 | Let AF_UNIX connections through the sandbox | Nick Mathewson | |
| Fixes bug 15003; bugfix on 0.2.6.3-alpha. | |||
| 2015-02-23 | Fix running with the seccomp2 sandbox | Nick Mathewson | |
| We had a regression in 0.2.6.3-alpha when we stopped saying IPPROTO_TCP to socket(). Fixes bug 14989, bugfix on 0.2.6.3-alpha. | |||
| 2015-02-23 | Merge remote-tracking branch 'public/bug14988_025' | Nick Mathewson | |
| 2015-02-23 | add another unused-var marker in backtrace.c for 14988 | Nick Mathewson | |
| 2015-02-23 | changes file for 5246e8f99255b376ded3d90b3c7a345c4748e68c | Nick Mathewson | |
| 2015-02-23 | Remove lingering mempool code | cypherpunks | |
| 2015-02-23 | Fix endianness issues in test_config_resolve_my_address(). | rl1987 | |
| Since resolve_my_address() yields IP address in host order there is no need to use byteorder functions for conversion. | |||
| 2015-02-20 | Merge remote-tracking branch 'public/bug11454_11457' | Nick Mathewson | |
| 2015-02-20 | Merge remote-tracking branch 'origin/maint-0.2.5' | Nick Mathewson | |
| 2015-02-20 | Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 | Nick Mathewson | |
| 2015-02-19 | bump version to 0.2.6.3-alpha-dev | Nick Mathewson | |
| 2015-02-19 | Adjust changelog to combine 3 sections about the same thingtor-0.2.6.3-alpha | Nick Mathewson | |
| 2015-02-19 | Pick a date (today) | Nick Mathewson | |
| 2015-02-19 | Quiet "caching debian-tor for debian-tor" notice | Nick Mathewson | |
| 2015-02-19 | fold one more entry into the changelog | Nick Mathewson | |
| 2015-02-19 | Merge branch 'AUTHDIR_NEWDESC_enough_squashed' | Nick Mathewson | |
| 2015-02-19 | Try to fix authdir_newdesc events | Nick Mathewson | |
| We were sending values that were truncated by the length of the annotations. | |||
| 2015-02-19 | Increment version to 0.2.6.3-alpha | Nick Mathewson | |
| 2015-02-19 | Merge changes into changelog | Nick Mathewson | |
| 2015-02-19 | appease lintchanges | Nick Mathewson | |
| 2015-02-19 | Check for # characters in lintchanges | Nick Mathewson | |
| 2015-02-19 | reflow 0.2.6.3 changelog | Nick Mathewson | |
| 2015-02-19 | answer some of roger's questions | Nick Mathewson | |
| 2015-02-19 | Merge branch 'bug12844_macros' | Nick Mathewson | |
| 2015-02-19 | Merge branch 'bug13762_quiet_squashed' | Nick Mathewson | |
| 2015-02-19 | Do not try to download an EI for which we don't have a matching SD. | Nick Mathewson | |
| This quiets some log messages for #13762, and adds a better INFO message for the underlying confusion. | |||
| 2015-02-19 | sorry brits | Roger Dingledine | |
| 2015-02-19 | final cleanups | Roger Dingledine | |
| 2015-02-19 | reach into the past and fix two changelog stanzas | Roger Dingledine | |
| 2015-02-19 | Check ENABLE_TOR2WEB_MODE before any tor2webmode code | Nick Mathewson | |
 |
index : tor | |
| Transit encryption and privacy out of the box | The Tor Project |
| summaryrefslogtreecommitdiff |