summaryrefslogtreecommitdiff
path: root/src/or/channeltls.c
AgeCommit message (Collapse)Author
2015-06-01Appease make check-spacesAndrea Shepard
2015-05-28Merge branch '12498_ed25519_keys_v6'Nick Mathewson
Fixed numerous conflicts, and ported code to use new base64 api.
2015-05-28Refactor link handshake cell type implementations to use trunnelNick Mathewson
Unit tests still pass.
2015-05-28Tests for AUTHENTICATE cell functionality.Nick Mathewson
2015-05-28Start testing cell encoders/processers for the v3 handshake.Nick Mathewson
An earlier version of these tests was broken; now they're a nicer, more robust, more black-box set of tests. The key is to have each test check a handshake message that is wrong in _one_ way.
2015-03-10Add link protocol version counts to the heartbeat messageNick Mathewson
Closes ticket 15212
2015-02-24Mechanical rename: tor_cert_t -> tor_x509_cert_tNick Mathewson
2015-01-02Bump copyright dates to 2015, in case someday this matters.Nick Mathewson
2014-12-21Merge branch 'ticket7356_squashed'Nick Mathewson
2014-12-21Fixing mistake in comment.rl1987
2014-12-21Using channel state lookup macros in channeltls.crl1987
2014-11-27Fix a 64-bit clang warningNick Mathewson
2014-11-27Merge remote-tracking branch 'andrea/cmux_refactor_configurable_threshold'Nick Mathewson
Conflicts: src/or/or.h src/test/Makefile.nmake
2014-10-30Silence spurious clang warningsteor
Silence clang warnings under --enable-expensive-hardening, including: + implicit truncation of 64 bit values to 32 bit; + const char assignment to self; + tautological compare; and + additional parentheses around equality tests. (gcc uses these to silence assignment, so clang warns when they're present in an equality test. But we need to use extra parentheses in macros to isolate them from other code).
2014-10-28Add another year to our copyright dates.Nick Mathewson
Because in 95 years, we or our successors will surely care about enforcing the BSD license terms on this code. Right?
2014-09-30Track total queue size per channel, with overhead estimates, and global ↵Andrea Shepard
queue total
2014-09-30Remove no-longer-used channel_tls_t functionsAndrea Shepard
2014-09-30Provide generic mechanism for scheduler to query writeable cells on a channelAndrea Shepard
2014-09-30Implement scheduler mechanism to track lists of channels wanting cells or ↵Andrea Shepard
writes; doesn't actually drive the cell flow from it yet
2014-09-05Correctly update channel local mark when address of incoming connection ↵Andrea Shepard
changes after handshake; fixes bug #12160
2014-06-11Merge remote-tracking branch 'public/ticket6799_024_v2_squashed'Nick Mathewson
Conflicts: src/or/channel.c src/or/circuitlist.c src/or/connection.c Conflicts involved removal of next_circ_id and addition of unusable-circid tracking.
2014-06-11Give each or_connection_t a slightly randomized idle_timeoutNick Mathewson
Instead of killing an or_connection_t that has had no circuits for the last 3 minutes, give every or_connection_t a randomized timeout, so that an observer can't so easily infer from the connection close time the time at which its last circuit closed. Also, increase the base timeout for canonical connections from 3 minutes to 15 minutes. Fix for ticket 6799.
2014-04-07Merge remote-tracking branch 'public/bug10363_024_squashed'Nick Mathewson
2014-04-07Fix undefined behavior with pointer addition in channeltls.cNick Mathewson
In C, it's a bad idea to do this: char *cp = array; char *end = array + array_len; /* .... */ if (cp + 3 >= end) { /* out of bounds */ } because cp+3 might be more than one off the end of the array, and you are only allowed to construct pointers to the array elements, and to an element one past the end. Instead you have to say if (cp - array + 3 >= array_len) { /* ... */ } or something like that. This patch fixes two of these: one in process_versions_cell introduced in 0.2.0.10-alpha, and one in process_certs_cell introduced in 0.2.3.6-alpha. These are both tracked under bug 10363. "bobnomnom" found and reported both. See also 10313. In our code, this is likely to be a problem as we used it only if we get a nasty allocator that makes allocations end close to (void*)-1. But it's best not to have to worry about such things at all, so let's just fix all of these we can find.
2014-02-09Merge remote-tracking branch 'origin/maint-0.2.4'Nick Mathewson
2014-02-08Make sure orconn->chan gets nulled out when channels exit from ↵Andrea Shepard
channel_free_all() too
2014-02-07Remove a needless check in channel_tls_handle_incomingNick Mathewson
This patch removes an "if (chan)" that occurred at a place where chan was definitely non-NULL. Having it there made some static analysis tools conclude that we were up to shenanigans. This resolves #9979.
2014-02-07Merge remote-tracking branch 'origin/maint-0.2.4'Nick Mathewson
2014-02-06NULL out conns on tlschans when freeing in case channel_run_cleanup() is ↵Andrea Shepard
late; fixes bug 9602
2014-02-0310365: Close connections if the VERSIONS cell has an odd length.rl1987
Fixes issue 10365.
2013-12-09Merge remote-tracking branch 'public/bug10131_024'Nick Mathewson
2013-12-09Remove a check in channeltls.c that could never fail.Nick Mathewson
We were checking whether a 8-bit length field had overflowed a 503-byte buffer. Unless somebody has found a way to store "504" in a single byte, it seems unlikely. Fix for 10313 and 9980. Based on a pach by Jared L Wong. First found by David Fifield with STACK.
2013-08-25Merge remote-tracking branch 'origin/maint-0.2.4'Nick Mathewson
2013-08-21Make bridges send AUTH_CHALLENGE cellsNick Mathewson
The spec requires them to do so, and not doing so creates a situation where they can't send-test because relays won't extend to them because of the other part of bug 9546. Fixes bug 9546; bugfix on 0.2.3.6-alpha.
2013-08-20Send NETINFO on receiving a NETINFO if we have not yet sent one.Nick Mathewson
Relays previously, when initiating a connection, would only send a NETINFO after sending an AUTHENTICATE. But bridges, when receiving a connection, would never send AUTH_CHALLENGE. So relays wouldn't AUTHENTICATE, and wouldn't NETINFO, and then bridges would be surprised to be receiving CREATE cells on a non-open circuit. Fixes bug 9546.
2013-08-15Merge branch 'bug5040_4773_rebase_3'Nick Mathewson
2013-07-23Fix bug9309, and n_noncanonical count/continue codeNick Mathewson
When we moved channel_matches_target_addr_for_extend() into a separate function, its sense was inverted from what one might expect, and we didn't have a ! in one place where we should have. Found by skruffy.
2013-07-23Fix bug9309, and n_noncanonical count/continue codeNick Mathewson
When we moved channel_matches_target_addr_for_extend() into a separate function, its sense was inverted from what one might expect, and we didn't have a ! in one place where we should have. Found by skruffy.
2013-07-18Make a channel getter method to retrieve transport names.George Kadianakis
2013-03-11Fix a framing bug when reading versions from a versions cell.Nick Mathewson
Our ++ should have been += 2. This means that we'd accept version numbers even when they started at an odd position. This bug should be harmless in practice for so long as every version number we allow begins with a 0 byte, but if we ever have a version number starting with 1, 2, 3, or 4, there will be trouble here. Fix for bug 8059, reported pseudonymously. Bugfix on 0.2.0.10-alpha -- specifically, commit 6fcda529, where during development I increased the width of a version to 16 bits without changing the loop step.
2013-02-15Merge remote-tracking branch 'public/wide_circ_ids'Nick Mathewson
Conflicts: src/or/channel.h src/or/connection_or.c src/or/cpuworker.c
2013-02-09Replace magic constants for wide_circ_ids with inline function callsNick Mathewson
2013-01-16Update the copyright date to 201.Nick Mathewson
2013-01-03Enable the ntor handshake on the client side.Nick Mathewson
"works for me"
2012-11-08Fix a memory leak in handling errors on CERTS cells. bug 7422Nick Mathewson
2012-11-06Implement proposal-214 rules for CircID checking.Nick Mathewson
2012-11-06Allow a v4 link protocol for 4-byte circuit IDs.Nick Mathewson
Implements proposal 214. Needs testing.
2012-10-23Fix a remotely triggerable assertion failure (CVE-2012-2250)Nick Mathewson
If we completed the handshake for the v2 link protocol but wound up negotiating the wong protocol version, we'd become so confused about what part of the handshake we were in that we'd promptly die with an assertion. This is a fix for CVE-2012-2250; it's a bugfix on 0.2.3.6-alpha. All servers running that version or later should really upgrade. Bug and fix from "some guy from France." I tweaked his code slightly to make it log the IP of the offending node, and to forward-port it to 0.2.4.
2012-10-19Merge branch 'block_renegotiate_024'Nick Mathewson
2012-10-18Factor out common parts of channel_tls_connect() and ↵Andrea Shepard
channel_tls_handle_incoming(); fixes get_remote_addr problem with incoming connections for bug 7112