| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
|
|
|
|
|
|
Included crypto_digest.h in some files in order to solve xof+digest module
dependency issues. Removed crypto.h where it isn't needed anymore.
Follows #24658.
Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
|
|
Without this patch, not only will TLS1.3 not work with Tor, but
OpenSSL 1.1.1 with TLS1.3 enabled won't build any connections at
all: It requires that either TLS1.3 be disabled, or some TLS1.3
ciphersuites be listed.
Closes ticket 24978.
|
|
|
|
Patch suggestion from catalyst.
Related to 24423
|
|
|
|
Apparently, my compiler now generates coverage markers for
label-only lines, so we need to exclude those too if they are meant
to be unreachable.
|
|
|
|
|
|
|
|
The biggest offender here was sometimes not checking the output of
crypto_pk_get_digest.
Fixes bug 19418. Reported by Guido Vranken.
|
|
Closes bug 22964. Based on Teor's replacement there, but tries
to put the comment in a more logical place, and explain why we're
actually disabling compression in the first place.
|
|
|
|
|
|
Make it clear that we're returning a newly allocated copy.
|
|
|
|
Previously we'd send the _current_ link certificate, which would
cause a handshaking failure when the TLS context rotated.
|
|
A fair number of our mock_impl declarations were messed up so that
even our special AM_ETAGSFLAGS couldn't find them.
This should be a whitespace-only patch.
|
|
This lets test_link_handshake stop including openssl headers.
|
|
This change makes it so those those APIs will not require prior
inclusion of openssl headers. I've left some APIs alone-- those
will change to be extra-private.
|
|
|
|
|
|
Since 0.2.4.11-alpha (in 0196647970a91d) we've tried to randomize
the start time to up to some time in the past. But unfortunately we
allowed the start time to be in the future as well, which isn't
really legit.
The new behavior lets the start time be be up to
MAX(cert_lifetime-2days, 0) in the past, but never in the future.
Fixes bug 21420; bugfix on 0.2.4.11-alpha.
|
|
|
|
|
|
|
|
fixes bug 20551; bugfix on 0.2.1.1-alpha
|
|
|
|
This function is allowed to return NULL if the certified key isn't
RSA. But in a couple of places we were treating this as a bug or
internal error, and in one other place we weren't checking for it at
all!
Caught by Isis during code review for #15055. The serious bug was
only on the 15055 branch, thank goodness.
|
|
All supported Tors (0.2.4+) require versions of openssl that can
handle this.
Now that our link certificates are RSA2048, this might actually help
vs fingerprinting a little.
|
|
|
|
Oddly, nothing broke.
Closes ticket 13752.
|
|
This makes the code a bit cleaner by having more of the functions be
pure functions that don't depend on the current time.
|
|
See proposal 244. This feature lets us stop looking at the internals
of SSL objects, *and* should let us port better to more SSL libraries,
if they have RFC5705 support.
Preparatory for #19156
|
|
Closes ticket 19998.
|
|
This isn't valid behavior, and it causes a crash when you run
the unit tests at --debug.
I've added an IF_BUG_ONCE() check for this case.
|
|
|
|
Fixes bug 19903; bugfix on 0.2.8.1-alpha.
|
|
|
|
|
|
This is a logging onlu change, we were suppressing the severity down to
INFO when it occured (treating it as "Mostly harmless"). Now it is no
more.
|
|
There's accessors to get at things, but it ends up being rather
cumbersome. The only place where behavior should change is that the
code will fail instead of attempting to generate a new DH key if our
internal sanity check fails.
Like the previous commit, this probably breaks snapshots prior to pre5.
|
|
This is a big-ish patch, but it's very straightforward. Under this
clang warning, we're not actually allowed to have a global variable
without a previous extern declaration for it. The cases where we
violated this rule fall into three roughly equal groups:
* Stuff that should have been static.
* Stuff that was global but where the extern was local to some
other C file.
* Stuff that was only global when built for the unit tests, that
needed a conditional extern in the headers.
The first two were IMO genuine problems; the last is a wart of how
we build tests.
|
|
This gives more accurate results under Clang, which can only help us
detect more warnings in more places.
Fixes bug 19216; bugfix on 0.2.0.1-alpha
|
|
Previously we'd done this ad hoc.
|
|
Detect newer versions and fix our TLS code to use the new API.
|
