| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
Some ".c" files define *_PRIVATE macros, but those macros are
not used in any header file. Delete them.
These changes were created using the "make autostyle" from
32522, and then split into commits.
|
|
This is an automated commit, generated by this command:
./scripts/maint/rename_c_identifier.py \
address_ttl_s address_ttl_t \
aes_cnt_cipher aes_cnt_cipher_t \
authchallenge_data_s authchallenge_data_t \
authenticate_data_s authenticate_data_t \
cached_bw_event_s cached_bw_event_t \
cbuf cbuf_t \
cell_ewma_s cell_ewma_t \
certs_data_s certs_data_t \
channel_idmap_entry_s channel_idmap_entry_t \
channel_listener_s channel_listener_t \
channel_s channel_t \
channel_tls_s channel_tls_t \
circuit_build_times_s circuit_build_times_t \
circuit_muxinfo_s circuit_muxinfo_t \
circuitmux_policy_circ_data_s circuitmux_policy_circ_data_t \
circuitmux_policy_data_s circuitmux_policy_data_t \
circuitmux_policy_s circuitmux_policy_t \
circuitmux_s circuitmux_t \
coord coord_t \
cpuworker_job_u cpuworker_job_u_t \
cv_testinfo_s cv_testinfo_t \
ddmap_entry_s ddmap_entry_t \
dircollator_s dircollator_t \
dist_ops dist_ops_t \
ecdh_work_s ecdh_work_t \
ewma_policy_circ_data_s ewma_policy_circ_data_t \
ewma_policy_data_s ewma_policy_data_t \
fp_pair_map_entry_s fp_pair_map_entry_t \
fp_pair_map_s fp_pair_map_t \
guard_selection_s guard_selection_t \
mbw_cache_entry_s mbw_cache_entry_t \
outbuf_table_ent_s outbuf_table_ent_t \
queued_event_s queued_event_t \
replyqueue_s replyqueue_t \
rsa_work_s rsa_work_t \
sandbox_cfg_elem sandbox_cfg_elem_t \
scheduler_s scheduler_t \
smp_param smp_param_t \
socket_table_ent_s socket_table_ent_t \
state_s state_t \
threadpool_s threadpool_t \
timeout_cb timeout_cb_t \
tor_libevent_cfg tor_libevent_cfg_t \
tor_threadlocal_s tor_threadlocal_t \
url_table_ent_s url_table_ent_t \
worker_state_s worker_state_t \
workerthread_s workerthread_t \
workqueue_entry_s workqueue_entry_t
|
|
|
|
Part of ticket 30686.
|
|
|
|
|
|
|
|
|
|
getpid() can be really expensive sometimes, and it can fail to
detect some kind of fork+prng mistakes, so we need to avoid it if
it's safe to do so.
This patch might slow down fast_prng a lot on any old operating
system that lacks a way to prevent ram from being inherited, AND
requires a syscall for any getpid() calls. But it should make sure
that we either crash or continue safely on incorrect fork+prng usage
elsewhere in the future.
|
|
Previously we did this for tests only, but it's valuable for getting
proper fork behavior in rand_fast.
|
|
The subsystems API makes this really simple, fortunately.
Closes ticket 29536
|
|
This module is currently implemented to use the same technique as
libottery (later used by the bsds' arc4random replacement), using
AES-CTR-256 as its underlying stream cipher. It's backtracking-
resistant immediately after each call, and prediction-resistant
after a while.
Here's how it works:
We generate psuedorandom bytes using AES-CTR-256. We generate BUFLEN bytes
at a time. When we do this, we keep the first SEED_LEN bytes as the key
and the IV for our next invocation of AES_CTR, and yield the remaining
BUFLEN - SEED_LEN bytes to the user as they invoke the PRNG. As we yield
bytes to the user, we clear them from the buffer.
Every RESEED_AFTER times we refill the buffer, we mix in an additional
SEED_LEN bytes from our strong PRNG into the seed.
If the user ever asks for a huge number of bytes at once, we pull SEED_LEN
bytes from the PRNG and use them with our stream cipher to fill the user's
request.
|
