summaryrefslogtreecommitdiff
path: root/src/lib
AgeCommit message (Collapse)Author
2018-09-04Merge branch 'nss_squashed' into nss_mergeNick Mathewson
2018-09-04Resolve openssl-only memory leaksNick Mathewson
2018-09-04Fix a pair of remaining leaks in tortls_nss.cNick Mathewson
Fun fact: PR_Close leaks memory if its socket is not valid.
2018-09-04Use FREE_AND_NULL for impl typesNick Mathewson
2018-09-04Port test_tortls_verify to not depend on openssl internalsNick Mathewson
2018-09-04Remove tor_tls_check_lifetime as unused.Nick Mathewson
Everything that might have used it, uses tor_tls_cert_is_valid() instead.
2018-09-04Document winsock includes betterNick Mathewson
2018-09-04Fix documentation of initialized fields in crypto_init.cNick Mathewson
2018-09-04Make some additional RSA functions constNick Mathewson
2018-09-04Rename crypto_pk_check_key(), use it more reasonably, add testsNick Mathewson
This function was a wrapper around RSA_check_key() in openssl, which checks for invalid RSA private keys (like those where p or q are composite, or where d is not the inverse of e, or where n != p*q). We don't need a function like this in NSS, since unlike OpenSSL, NSS won't let you import a bogus private key. I've renamed the function and changed its return type to make it more reasonable, and added a unit test for trying to read a key where n != p*q.
2018-09-04Unify functions for reading/writing PEM keys, to avoid duplication.Nick Mathewson
2018-09-04Do not leak a reference to "slot" when decoding private key.Nick Mathewson
2018-09-04Update prefork and postfork NSS code for unit tests.Nick Mathewson
2018-09-04Test a few more tortls.c functionsNick Mathewson
2018-09-04Several unit tests to improve test coverage of x509*.cNick Mathewson
2018-09-04Remove tor_x509_get_cert_impl as unneeded.Nick Mathewson
2018-09-04Avoid double-close on TCP sockets under NSS.Nick Mathewson
2018-09-04Avoid spurious error logs when using NSSNick Mathewson
The tls_log_errors() function now behaves differently for NSS than it did for OpenSSL, so we need to tweak it a bit.
2018-09-04Remove tor_tls_shutdown()Nick Mathewson
This function was supposed to implement a half-duplex mode for our TLS connections. However, nothing in Tor actually uses it (besides some unit tests), and the implementation looks really questionable to me. It's probably best to remove it. We can add a tested one later if we need one in the future.
2018-09-04Initial NSS support for TLS.Nick Mathewson
This is enough to get a chutney network to bootstrap, though a bunch of work remains.
2018-09-04Merge branch 'tor_api_owning_control'Nick Mathewson
2018-08-28Fix log.c comments about assert vs tor_assert vs raw_assert.Nick Mathewson
2018-08-22NSS support for x509 certsNick Mathewson
7 unit tests are failing at this point, but they're all TLS-related.
2018-08-22Log error strings in crypto_nss_log_errors().Nick Mathewson
I'll need this for debugging.
2018-08-21Merge branch 'maint-0.3.4'Nick Mathewson
2018-08-21Make some x509 functions generic; remove some fields NSS doesn't needNick Mathewson
2018-08-21Extract internal-only parts of x509.hNick Mathewson
2018-08-21Extract the non-generic part of tor_tls_context_decref().Nick Mathewson
2018-08-21Implement PBKDF2 with NSS.Nick Mathewson
This was a gap that we left in the last commit.
2018-08-21When enabling NSS, disable OpenSSL.Nick Mathewson
We used to link both libraries at once, but now that I'm working on TLS, there's nothing left to keep OpenSSL around for when NSS is enabled. Note that this patch causes a couple of places that still assumed OpenSSL to be disabled when NSS is enabled - tor-gencert - pbkdf2
2018-08-21Split tls modules and their tests into openssl and generic.Nick Mathewson
Also, add a stubbed-out nss version of the modules. The tests won't pass with NSS yet since the NSS modules don't do anything. This is a good patch to read with --color-moved.
2018-08-21Refactor some of the certificate-manipulation logicNick Mathewson
2018-08-21Extract tortls structures into a new header; clean up a littleNick Mathewson
2018-08-21Split X509 code out of tortls.cNick Mathewson
2018-08-21Implement RSA for NSS.Nick Mathewson
2018-08-21Refactor crypto_rsa to use pem module.Nick Mathewson
This cleans up a lot of junk from crypto_rsa_openssl, and will save us duplicated code in crypto_rsa_nss (when it exists). (Actually, it already exists, but I am going to use git rebase so that this commit precedes the creation of crypto_rsa_nss.)
2018-08-21Add rudimentary support for PEM-encoding, since NSS doesn't do that.Nick Mathewson
2018-08-21Use a constant for "65537"Nick Mathewson
2018-08-21Rename openssl-bridging functions in crypto_rsaNick Mathewson
These functions exist only to expose RSA keys to other places in Tor that use OpenSSL; let's be specific about their purpose.
2018-08-21Remove a redundant function.Nick Mathewson
2018-08-21Rename functions that encode/decode private keysNick Mathewson
It is not nice to expose a private key's contents without having the function name advertise the fact. Fortunately, we weren't misusing these yet.
2018-08-21Extract openssl RSA functionality into its own file.Nick Mathewson
2018-08-14Adjust windows stubs for new start/finish_daemon() return typesNick Mathewson
2018-08-08Call crypto_postfork on start_daemon() instead.Nick Mathewson
2018-08-08Make finish_daemon() return a boolean to say whether it did anything.Nick Mathewson
2018-08-08Merge branch 'bug26779_033' into bug26779_035Nick Mathewson
2018-08-08Merge branch 'maint-0.3.4'Nick Mathewson
2018-08-03Merge remote-tracking branch 'public/string_coverage'Nick Mathewson
2018-08-02Suppress strict-prototypes warning in crypto_nss_mgt.cNick Mathewson
2018-08-02Fix double-link of crypto_openssl_mgt.cNick Mathewson
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion