| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2016-11-03 | Make the current time an argument to x509 cert-checking functions | Nick Mathewson | |
| This makes the code a bit cleaner by having more of the functions be pure functions that don't depend on the current time. | |||
| 2016-11-03 | Add function to check RSA->Ed cross-certifications | Nick Mathewson | |
| Also, adjust signing approach to more closely match the signing scheme in the proposal. (The format doesn't quite match the format in the proposal, since RSA signatures aren't fixed-length.) Closes 19020. | |||
| 2016-11-03 | Refactor RSA certificate checking into its own function. | Nick Mathewson | |
| 2016-11-03 | Free rsa_ed_crosscert at exit. | Nick Mathewson | |
| Fixes bug 17779; bugfix on 0.2.7.2-alpha. | |||
| 2016-11-03 | Migrate certificates into a sub-structure of or_handshake_state | Nick Mathewson | |
| This will help us do cert-checking in the background in the future, perhaps. | |||
| 2016-11-03 | Refactor ...compute_authenticate_cell_body() to return a var_cell_t. | Nick Mathewson | |
| This means we don't need to precompute the length. Helps simplify the implementation of 19156. | |||
| 2016-11-03 | Code to send correct authentication data when we are using AUTHTYPE>2 | Nick Mathewson | |
| Implements the major part of 19156, except doesn't actually send the new cell type yet. | |||
| 2016-11-03 | New authentication types to use RFC5705. | Nick Mathewson | |
| See proposal 244. This feature lets us stop looking at the internals of SSL objects, *and* should let us port better to more SSL libraries, if they have RFC5705 support. Preparatory for #19156 | |||
| 2016-11-03 | Send ed25519 certificates in certs cell, when we have them. | Nick Mathewson | |
| Implements 19155 (send CERTS cells correctly for Ed25519) Also send RSA->Ed crosscert | |||
| 2016-11-03 | Refactor connection_or_send_certs_cell() to use trunnel | Nick Mathewson | |
| We no longer generate certs cells by pasting the certs together one by one. Instead we use trunnel to generate them. Preliminary work for 19155 (send CERTS cell with ed certs) | |||
| 2016-11-03 | When parsing certs cells, allow more certs types | Nick Mathewson | |
| Implements the parsing part of #19157 | |||
| 2016-09-08 | Fix typo error in bug warning in relay.c | Nick Mathewson | |
| 2016-09-08 | capture and detect expected BUG messages in shared-random tests | Nick Mathewson | |
| 2016-09-07 | Merge remote-tracking branch 'dgoulet/ticket18693_029_01' | Nick Mathewson | |
| 2016-09-07 | Merge remote-tracking branch 'sebastian/bug20064' | Nick Mathewson | |
| 2016-09-06 | Merge remote-tracking branch 'teor/bug20012' | Nick Mathewson | |
| 2016-09-06 | Merge remote-tracking branch 'public/ticket20002' | Nick Mathewson | |
| 2016-09-06 | checkSpace.pl now forbids more identifiers. | Nick Mathewson | |
| The functions it warns about are: assert, memcmp, strcat, strcpy, sprintf, malloc, free, realloc, strdup, strndup, calloc. Also, fix a few lingering instances of these in the code. Use other conventions to indicate _intended_ use of assert and malloc/realloc/etc. | |||
| 2016-09-06 | Merge remote-tracking branch 'sebastian/bug20065' | Nick Mathewson | |
| 2016-09-06 | Fix an indentation issue in rend_config_services | teor | |
| 2016-09-06 | Give useful error if authority_signing_key doesn't exist | Sebastian Hahn | |
| 2016-09-05 | Vote Exit correctly with DirAllowPrivateAddresses set | Sebastian Hahn | |
| When allowing private addresses, mark Exits that only exit to private locations as such. Fixes bug 20064; bugfix on 0.2.2.9-alpha. | |||
| 2016-09-05 | Appease make check-spaces | Andrea Shepard | |
| 2016-08-31 | Don't warn on unlink(bw_accounting) when errno == ENOENT | Nick Mathewson | |
| Patch from pastly; fixes bug 19964. | |||
| 2016-08-31 | Fix a deref-before-null-check complaint | Nick Mathewson | |
| Found by coverity scan; this is CID 1372329. Also, reindent some oddly indented code. | |||
| 2016-08-31 | Stop inadvertently upgrading client intro connections to ntor | teor | |
| Also stop logging the intro point details on error by default. Fixes #20012, introduced with ntor in tor 0.2.4.8-alpha. | |||
| 2016-08-29 | We no longer need to tag UseNTorHandshake as deprecated, since it is obsolete | Nick Mathewson | |
| 2016-08-29 | Merge remote-tracking branch 'teor/reject-tap-v6' | Nick Mathewson | |
| 2016-08-26 | prop272: When voting, include no non-Valid relays in consensus | Nick Mathewson | |
| Implements ticket 20002, and part of proposal 272. | |||
| 2016-08-26 | Fix OOS comparator fix | Andrea Shepard | |
| 2016-08-25 | Fix duplicated if condition in connection.c | David Goulet | |
| Furthermore, fix a test that could returned an uninitialized value. Signed-off-by: David Goulet <dgoulet@torproject.org> | |||
| 2016-08-25 | Merge remote-tracking branch 'andrea/ticket18640_v3' | Nick Mathewson | |
| 2016-08-24 | Check onion hostnames against client port flags | teor (Tim Wilson-Brown) | |
| Check NoOnionTraffic before attaching a stream. NoOnionTraffic refuses connections to all onion hostnames, but permits non-onion hostnames and IP addresses. | |||
| 2016-08-24 | Check non-onion hostnames & IP addresses against client port flags | teor (Tim Wilson-Brown) | |
| Check NoDNSRequest, NoIPv4Traffic, and NoIPv6Traffic before attaching a stream. NoDNSRequest refuses connections to all non-onion hostnames, but permits IP addresses. NoIPv4Traffic refuses connections to IPv4 addresses, but resolves hostnames. NoIPv6Traffic refuses connections to IPv6 addresses, but resolves hostnames. Combined, they refuse all non-onion hostnames and IP addresses. | |||
| 2016-08-24 | Make Tor2Web error message clearer | teor (Tim Wilson-Brown) | |
| Tor2Web refuses non-onion hostnames and IP addresses. | |||
| 2016-08-24 | Comment-only punctuation fix | teor (Tim Wilson-Brown) | |
| 2016-08-24 | Parse *Port flags NoDNSRequest, NoOnionTraffic & OnionTrafficOnly | teor (Tim Wilson-Brown) | |
| OnionTrafficOnly is equivalent to NoDNSRequest, NoIPv4Traffic, and NoIPv6Traffic. Add unit tests for parsing and checking option validity. Add documentation for each flag to the man page. Add changes file for all of #18693. Parsing only: the flags do not change client behaviour (yet!) | |||
| 2016-08-24 | make check-spaces fixes | Nick Mathewson | |
| 2016-08-24 | Merge branch 'maint-0.2.8' | Nick Mathewson | |
| 2016-08-24 | Fix path selection on firewalled clients | teor | |
| Signed-off-by: teor <teor2345@gmail.com> | |||
| 2016-08-24 | Merge branch 'maint-0.2.8' | Nick Mathewson | |
| 2016-08-24 | Merge branch 'maint-0.2.7' into maint-0.2.8 | Nick Mathewson | |
| 2016-08-24 | Replace Tonga with Bifroest. | Isis Lovecruft | |
| * FIXES #19728: https://bugs.torproject.org/19728 * CLOSES #19690: https://bugs.torproject.org/19690 | |||
| 2016-08-24 | Add a stub for rend_service_allow_direct_connection | teor | |
| It always returns 0. It should be replaced with the Single Onion version from #17178 when both are merged. | |||
| 2016-08-24 | Client & HS ignore UseNTorHandshake, all non-HS handshakes use ntor | teor (Tim Wilson-Brown) | |
| Rely on onion_populate_cpath to check that we're only using TAP for the rare hidden service cases. Check and log if handshakes only support TAP when they should support ntor. | |||
| 2016-08-24 | Improve comments in circuit_get_cpath_* | teor (Tim Wilson-Brown) | |
| 2016-08-24 | Client & HS make sure every hop in every non-HS path supports ntor | teor (Tim Wilson-Brown) | |
| When a client connects to an intro point not in the client's consensus, or a hidden service connects to a rend point not in the hidden service's consensus, we are stuck with using TAP, because there is no ntor link specifier. | |||
| 2016-08-23 | Merge remote-tracking branch 'jigsaw/fix-17758' | Nick Mathewson | |
| 2016-08-23 | Merge remote-tracking branch 'jigsaw/fix-15381' | Nick Mathewson | |
| 2016-08-23 | Use tor_assert, not assert. | Nick Mathewson | |
 |
index : tor | |
| Transit encryption and privacy out of the box | The Tor Project |
| summaryrefslogtreecommitdiff |