| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2016-02-27 | Update the copyright year. | Nick Mathewson | |
| 2016-02-27 | Make sure that every module in src/or has a brief description. | Nick Mathewson | |
| 2016-02-10 | Rename crypto_digest_all, and digests_t. | Nick Mathewson | |
| They are no longer "all" digests, but only the "common" digests. Part of 17795. This is an automated patch I made with a couple of perl one-liners: perl -i -pe 's/crypto_digest_all/crypto_common_digests/g;' src/*/*.[ch] perl -i -pe 's/\bdigests_t\b/common_digests_t/g;' src/*/*.[ch] | |||
| 2015-10-21 | Fix a memory leak in reading an expired ed signing key. | Nick Mathewson | |
| Closes 17403. | |||
| 2015-09-22 | Merge branch 'feature16769_squashed' | Nick Mathewson | |
| 2015-09-22 | Add a --master-key option | Nick Mathewson | |
| This lets the user override the default location for the master key when used with --keygen Part of 16769. | |||
| 2015-09-22 | Add a new --newpass option to add or remove secret key passphrases. | Nick Mathewson | |
| 2015-09-22 | Merge branch 'feature16944_v2' | Nick Mathewson | |
| 2015-09-13 | Convince coverity that we do not have a particular memory leak | Nick Mathewson | |
| 2015-09-10 | Merge remote-tracking branch 'public/ed25519_hup_v2' | Nick Mathewson | |
| 2015-09-04 | Never ever try to load the secret key if offline_master is set | Nick Mathewson | |
| (Not even if we can't find the public key.) | |||
| 2015-09-04 | Add "OfflineMasterKey" option | Nick Mathewson | |
| When this is set, and Tor is running as a relay, it will not generate or load its secret identity key. You can manage the secret identity key with --keygen. Implements ticket 16944. | |||
| 2015-09-01 | Fix a false-positive in coverity scan with an assertion | Nick Mathewson | |
| CID 1301373 | |||
| 2015-09-01 | Fix code for checking expired certificates on load | Nick Mathewson | |
| Fixes CID 1306915, which noticed that the check was dead. | |||
| 2015-08-19 | Reload Ed25519 keys on sighup. | Nick Mathewson | |
| Closes ticket 16790. | |||
| 2015-08-19 | More log messages for keygen problems | Nick Mathewson | |
| 2015-08-19 | Explain better why we are about to load the master key. | Nick Mathewson | |
| 2015-08-19 | When we infer the master key from the certificate, save it to disk. | Nick Mathewson | |
| 2015-08-19 | Add test_keygen tests for all log outputs; improve keygen outputs. | Nick Mathewson | |
| 2015-08-19 | Resolve failing test_keygen tests. | Nick Mathewson | |
| 2015-08-19 | Checkpoint work on ed25519 keygen improvements. | Nick Mathewson | |
| Needs changes file, documentation, test integration, more tests. | |||
| 2015-07-16 | Fix most check-spaces issues | Nick Mathewson | |
| 2015-07-15 | Merge branches 'feature_16582' and 'feature_16581' | Nick Mathewson | |
| 2015-07-15 | Don't allow INIT_ED_KEY_{NO_REPAIR,NEEDCERT} to be used together. | Nick Mathewson | |
| We haven't implemented NO_REPAIR for NEEDCERT, and we don't need it: but it's safest to stop any attempt to use it that way. | |||
| 2015-07-15 | Add more EINVAL errno setting on key read failures | Nick Mathewson | |
| Teor found these. This is for part of #16582. | |||
| 2015-07-14 | Add more consistency checks in load_ed_keys | Nick Mathewson | |
| Make sure that signing certs are signed by the right identity key, to prevent a recurrence of #16530. Also make sure that the master identity key we find on disk matches the one we have in RAM, if we have one. This is for #16581. | |||
| 2015-07-14 | Do more consistency checks in ed_key_init_from_file() | Nick Mathewson | |
| When there is a signing key and the certificate lists a key, make sure that the certificate lists the same signing key. When there are public key and secret key stored in separate files, make sure they match. Use the right file name when we load an encrypted secret key and then find a problem with it. This is part of 16581. | |||
| 2015-07-14 | If loading an ed25519 master key fails with errno != ENOENT, give up. | Nick Mathewson | |
| This implements feature 16582: if we get EMFILE or something when loading our master key, we should not at that point attempt to overwrite it. | |||
| 2015-07-14 | Preserve errno when loading encrypted ed25519 keys. | Nick Mathewson | |
| 2015-06-27 | Avoid a segfault when reading an encrypted key that isn't there | Nick Mathewson | |
| Patch from cypherpunks. Fixes bug 16449. Bug not in any released tor. | |||
| 2015-06-19 | fix some memory leaks that coverity found | Nick Mathewson | |
| 2015-06-17 | Handle "keygen" if datadir does not yet exist | Nick Mathewson | |
| 2015-06-17 | Merge branch '13642_offline_master_v2_squashed' | Nick Mathewson | |
| 2015-06-17 | Support encrypted offline master keys with a new --keygen flag | Nick Mathewson | |
| When --keygen is provided, we prompt for a passphrase when we make a new master key; if it is nonempty, we store the secret key in a new crypto_pwbox. Also, if --keygen is provided and there *is* an encrypted master key, we load it and prompt for a passphrase unconditionally. We make a new signing key unconditionally when --keygen is provided. We never overwrite a master key. | |||
| 2015-06-03 | Ensure signing_key is non-NULL before accessing one of its members | teor | |
| signing_key can be NULL in ed_key_init_from_file in routerkeys.c. Discovered by clang 3.7 address sanitizer. Fix on c03694938ed0, not in any released version of Tor. | |||
| 2015-06-01 | Fix a memory leak in routerkeys.c | Nick Mathewson | |
| 2015-06-01 | Appease make check-spaces | Andrea Shepard | |
| 2015-05-29 | Another memory leak bytes the dust. | Nick Mathewson | |
| 2015-05-28 | Small leak in ed_key_init_from_file. CID 1301373 | Nick Mathewson | |
| 2015-05-28 | Fix null dereference on key setup error. | Nick Mathewson | |
| CID 1301369 | |||
| 2015-05-28 | Fix a bug when we fail to read a cert from a file. | Nick Mathewson | |
| Found by coverity -- CID 1301366. | |||
| 2015-05-28 | Do not allocate our ed-link crosscert till after tls ctx | Nick Mathewson | |
| We need this to prevent some annoying chutney crash-at-starts | |||
| 2015-05-28 | Generate weird certificates correctly | Nick Mathewson | |
| (Our link protocol assumes that the link cert certifies the TLS key, and there is an RSA->Ed25519 crosscert) | |||
| 2015-05-28 | # This is a combination of 2 commits. | Nick Mathewson | |
| # The first commit's message is: Regenerate ed25519 keys when they will expire soon. Also, have testing-level options to set the lifetimes and expiration-tolerances of all key types, plus a non-testing-level option to set the lifetime of any auto-generated signing key. # The 2nd commit message will be skipped: # fixup! Regenerate ed25519 keys when they will expire soon. | |||
| 2015-05-28 | Only load master ed25519 secret keys when we absolutely must. | Nick Mathewson | |
| 2015-05-28 | Implement proposal 228: cross-certification with onion keys | Nick Mathewson | |
| Routers now use TAP and ntor onion keys to sign their identity keys, and put these signatures in their descriptors. That allows other parties to be confident that the onion keys are indeed controlled by the router that generated the descriptor. | |||
| 2015-05-28 | Implement ed25519-signed descriptors | Nick Mathewson | |
| Now that we have ed25519 keys, we can sign descriptors with them and check those signatures as documented in proposal 220. | |||
| 2015-05-28 | prop220: Implement certificates and key storage/creation | Nick Mathewson | |
| For prop220, we have a new ed25519 certificate type. This patch implements the code to create, parse, and validate those, along with code for routers to maintain their own sets of certificates and keys. (Some parts of master identity key encryption are done, but the implementation of that isn't finished) | |||
 |
index : tor | |
| Transit encryption and privacy out of the box | The Tor Project |
| summaryrefslogtreecommitdiff |