| Age | Commit message (Collapse) | Author |
|---|
|
|
|
crypto_get_rsa_padding_overhead() and crypto_get_rsa_padding() are
not static inline anymore in order to split the crypto_rsa module
from crypto.[ch].
Also included necessary modules in order to solve dependency issues.
Also made two functions in crypto.c use crypto_pk_asn1_encdoe()
instead of reaching into the crypto_pk_t struct.
|
|
OpenSSL never uses these callbacks anymore so the code is disabled.
Fixes #25097.
Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
|
|
Add two new files (crypto_rsa.c, crypto_rsa.h) as new module of crypto.[ch].
This new module includes all functions and dependencies related to RSA
operations. Those have been removed from crypto.[ch].
All new changes related to RSA operations must be done in these files.
Follows #24658
Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
|
|
|
|
|
|
As we're trying not to have all the other modules in Tor, we moved the openssl
namespace includes back into crypto.c and crypto_openssl_mgt.c files.
Follows #24658.
Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
|
|
Renamed free_openssl() to crypto_openssl_free_all(). Also we made variables and
functions static again.
Follows #24658.
Signed-off-by: Fernando Fernandez Mancera <ffernandezmancera@gmail.com>
|
|
This causes openssl to get completely reinitialized on startup,
which is probably a good idea.
|
|
|
|
Add free_openssl() function to free the memory allocated for OpenSSL version
management variables. It is required since OpenSSL management has been isolated
from the crypto module.
Follows #24658.
Signed-off-by: Fernando Fernandez Mancera <ffernandezmancera@gmail.com>
|
|
Add two new files (crypto_openssl.c, crypto_openssl.h) as new module of
crypto.[ch]. This new module includes all functions and dependencies related
to OpenSSL management. Those have been removed from crypto.[ch].
All new changes related to OpenSSL management must be done in these files.
Follows #24658
Signed-off-by: Fernando Fernandez Mancera <ffernandezmancera@gmail.com>
|
|
|
|
|
|
If we don't do this, we will use freed memory on restart.
Part of 24581.
|
|
|
|
|
|
Making errno error log more useful for getrandom() call. Adding if statement to
make difference between ENOSYS and other errors.
Fixes #24500
Signed-off-by: Fernando Fernandez Mancera <ffernandezmancera@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
Fixes bug 24246 and TROVE-2017-011.
This bug is so old, it's in Matej's code. Seems to have been
introduced with e01522bbed6eea.
|
|
|
|
Apparently, my compiler now generates coverage markers for
label-only lines, so we need to exclude those too if they are meant
to be unreachable.
|
|
|
|
|
|
We need to keep these around for TAP and old-style hidden services,
but they're obsolete, and we shouldn't encourage anyone to use them.
So I've added "obsolete" to their names, and a comment explaining
what the problem is.
Closes ticket 23026.
|
|
|
|
- Move some crypto structures so that they are visible by tests.
- Introduce a func to count number of hops in cpath which will be used
by the tests.
- Mark a function as mockable.
|
|
A fair number of our mock_impl declarations were messed up so that
even our special AM_ETAGSFLAGS couldn't find them.
This should be a whitespace-only patch.
|
|
|
|
CVE-2008-0166 is long gone, and we no longer need a helper tool to
dump out public key moduli so folks can detect it.
Closes ticket 21842.
|
|
This makes it so main.c, and the rest of src/or, no longer need to
include any openssl headers.
|
|
|
|
|
|
|
|
|
|
We still silently ignore
memwipe(NULL, ch, 0);
and
memwipe(ptr, ch, 0); /* for ptr != NULL */
But we now assert on:
memwipe(NULL, ch, 30);
|
|
Check size argument to memwipe() for underflow.
Closes bug #18089. Reported by "gk", patch by "teor".
Bugfix on 0.2.3.25 and 0.2.4.6-alpha (#7352),
commit 49dd5ef3 on 7 Nov 2012.
|
|
|
|
I got confused when I saw my Tor saying it was opening a file
that doesn't exist. It turns out it isn't opening it, it's just
calling open() on it and then moving on when it's not there.
|
|
|
|
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
|
|
|
|
Tor 0.2.9 has a broader range of fixes and workarounds here, but for
0.2.8, we're just going to maintain the existing behavior.
(The alternative would be to backport both
1eba088054eca1555b455ee4a2adfafecb888af9 and
16fcbd21c963a9a65bf55024680c8323c8b7175d , but the latter is kind of
a subtle kludge in the configure.ac script, and I'm not a fan of
backporting that kind of thing.)
|
|
|
|
|
