tor - Transit encryption and privacy out of the box

Age	Commit message (Collapse)	Author
2016-11-07	Merge branch 'maint-0.2.9'	Nick Mathewson
	Conflicts: src/or/rendservice.c
2016-11-04	Merge branch 'ticket17238_029_02-resquash'	Nick Mathewson
	Conflicts: src/or/rendclient.c src/or/rendcommon.c src/or/routerparse.c src/test/test_dir.c src/trunnel/ed25519_cert.h
2016-11-04	Make check-spaces happy :)	George Kadianakis
	Signed-off-by: David Goulet <dgoulet@torproject.org> Signed-off-by: George Kadianakis <desnacked@riseup.net>
2016-11-04	hs: Refactor rend_data_t for multi version support	David Goulet
	In order to implement proposal 224, we need the data structure rend_data_t to be able to accomodate versionning that is the current version of hidden service (2) and the new version (3) and future version. For that, we implement a series of accessors and a downcast function to get the v2 data structure. rend_data_t becomes a top level generic place holder. The entire rend_data_t API has been moved to hs_common.{c\|h} in order to seperate code that is shared from between HS versions and unshared code (in rendcommon.c). Closes #19024 Signed-off-by: David Goulet <dgoulet@torproject.org> Signed-off-by: George Kadianakis <desnacked@riseup.net>
2016-11-02	Test single onion service configs where the directory does not exist	teor
	Runs a test for each combination of create/don't create directories. Tests #20484.
2016-11-02	Use check_private_dir in test_single_onion_poisoning	teor
	This avoids Win32 conditionals for mkdir.
2016-09-14	Ensure that dir1 and dir2 are freed at the end of poisoning test	Nick Mathewson
	Found by coverity.
2016-09-13	Replace OnionService* with HiddenService* in option names	teor
	And make consequential line-length adjustments.
2016-09-13	Implement Prop #260: Single Onion Services	teor (Tim Wilson-Brown)
	Add experimental OnionServiceSingleHopMode and OnionServiceNonAnonymousMode options. When both are set to 1, every hidden service on a tor instance becomes a non-anonymous Single Onion Service. Single Onions make one-hop (direct) connections to their introduction and renzedvous points. One-hop circuits make Single Onion servers easily locatable, but clients remain location-anonymous. This is compatible with the existing hidden service implementation, and works on the current tor network without any changes to older relays or clients. Implements proposal #260, completes ticket #17178. Patch by teor & asn. squash! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! Implement Prop #260: Single Onion Services Redesign single onion service poisoning. When in OnionServiceSingleHopMode, each hidden service key is poisoned (marked as non-anonymous) on creation by creating a poison file in the hidden service directory. Existing keys are considered non-anonymous if this file exists, and anonymous if it does not. Tor refuses to launch in OnionServiceSingleHopMode if any existing keys are anonymous. Similarly, it refuses to launch in anonymous client mode if any existing keys are non-anonymous. Rewrite the unit tests to match and be more comprehensive. Adds a bonus unit test for rend_service_load_all_keys().
2016-05-09	Merge branch 'feature15588_squashed'	Nick Mathewson

2016-05-09	Move rend auth cookie en-/decoding to a function	John Brooks
	Tor stores client authorization cookies in two slightly different forms. The service's client_keys file has the standard base64-encoded cookie, including two chars of padding. The hostname file and the client remove the two padding chars, and store an auth type flag in the unused bits. The distinction makes no sense. Refactor all decoding to use the same function, which will accept either form, and use a helper function for encoding the truncated format.
2016-02-27	Update the copyright year.	Nick Mathewson

2015-08-18	Refactor our logic for sending events to controllers	Nick Mathewson
	Previously we'd put these strings right on the controllers' outbufs. But this could cause some trouble, for these reasons: 1) Calling the network stack directly here would make a huge portion of our networking code (from which so much of the rest of Tor is reachable) reachable from everything that potentially generated controller events. 2) Since _some_ events (EVENT_ERR for instance) would cause us to call connection_flush(), every control_event_* function would appear to be able to reach even _more_ of the network stack in our cllgraph. 3) Every time we generated an event, we'd have to walk the whole connection list, which isn't exactly fast. This is an attempt to break down the "blob" described in http://archives.seul.org/tor/dev/Mar-2015/msg00197.html -- the set of functions from which nearly all the other functions in Tor are reachable. Closes ticket 16695.
2015-06-01	Appease make check-spaces	Andrea Shepard

2015-05-28	There sure are a lot of these in test_hs.c. CID 1301385	Nick Mathewson

2015-05-28	Another test_hs leak. CID 1301383.	Nick Mathewson

2015-05-28	Memory leak in test_hs_rend_data	Nick Mathewson
	CID 1301377
2015-05-18	Fix some compilation warnings	Nick Mathewson

2015-05-14	Test: add unit test for rend_data_t object and functions	David Goulet
	Closes #16021 Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-05-14	Test: fix HS_DESC to expect descriptor ID	David Goulet
	With #15881 implemented, this adds the missing descriptor ID at the end of the expected control message. Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-05-14	Add missing descriptor ID to HS_DESC control event	David Goulet
	For FAILED and RECEIVED action of the HS_DESC event, we now sends back the descriptor ID at the end like specified in the control-spec section 4.1.25. Fixes #15881 Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-21	Test: fix HSFETCH control command with latest change	David Goulet
	The expected message of the command now expects "650+" and "650 OK". Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-21	Control: unbolt rend_data from HS desc event	David Goulet
	The HS_DESC event was using rend_data_t from the dir connection to reply the onion address and authentication type. With the new HSFETCH command, it's now possible to fetch a descriptor only using the descriptor id thus resulting in not having an onion address in any HS_DESC event. This patch removes rend_query from the hs desc control functions and replace it by an onion address string and an auth type. On a successful fetch, the service id is taken from the fetched descriptor. For that, an extra parameter is added to "store as a client" function that contains the cache entry stored. This will make the control event functions scale more easily over time if other values not present in rend_data_t are needed since the rend_data from the dir connection might not contained everything we need. Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-21	Control: add HS_DESC_CONTENT event	David Goulet
	As defined in section 4.1.26 in the control-spec.txt, this new event replies the content of a successfully fetched HS descriptor. This also adds a unit test for the controller event. Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-02-18	Combine test_helpers.[ch] and testhelper.[ch]	Nick Mathewson

2015-02-11	Merge branch 'bug12844'	Nick Mathewson
	Conflicts: src/or/circuituse.c src/test/include.am src/test/test_entrynodes.c
2015-01-02	Bump copyright dates to 2015, in case someday this matters.	Nick Mathewson

2014-11-16	Adding REASON field to HS_DESC FAILED controller event.	rl1987

2014-11-12	Replace operators used as macro arguments with OP_XX macros	Nick Mathewson
	Part of fix for 13172
2014-10-28	Add another year to our copyright dates.	Nick Mathewson
	Because in 95 years, we or our successors will surely care about enforcing the BSD license terms on this code. Right?
2014-09-15	Use coccinelle scripts to clean up our unit tests	Nick Mathewson
	This should get rid of most of the users of the old test_* functions. Some are in macros and will need manual cleanup, though. This patch is for 13119, and was automatically generated with these scripts. The perl scripts are there because coccinelle hates operators as macro arguments. ------------------------------ s/==,/_X_EQ_,/g; s/!=,/_X_NE_,/g; s/<,/_X_LT_,/g; s/>,/_X_GT_,/g; s/>=,/_X_GEQ_,/g; s/<=,/_X_LEQ_,/g; ------------------------------ @@ expression a; identifier func; @@ func (...) { <... -test_fail_msg +TT_DIE ( +( a +) ) ...> } @@ identifier func; @@ func (...) { <... -test_fail() +TT_DIE(("Assertion failed.")) ...> } @@ expression a; identifier func; @@ func (...) { <... -test_assert +tt_assert (a) ...> } @@ expression a, b; identifier func; @@ func (...) { <... -test_eq +tt_int_op (a, +_X_EQ_, b) ...> } @@ expression a, b; identifier func; @@ func (...) { <... -test_neq +tt_int_op (a, +_X_NEQ_, b) ...> } @@ expression a, b; identifier func; @@ func (...) { <... -test_streq +tt_str_op (a, +_X_EQ_, b) ...> } @@ expression a, b; identifier func; @@ func (...) { <... -test_strneq +tt_str_op (a, +_X_NEQ_, b) ...> } @@ expression a, b; identifier func; @@ func (...) { <... -test_eq_ptr +tt_ptr_op (a, +_X_EQ_, b) ...> } @@ expression a, b; identifier func; @@ func() { <... -test_neq_ptr +tt_ptr_op (a, +_X_NEQ_, b) ...> } @@ expression a, b, len; identifier func; @@ func (...) { <... -test_memeq +tt_mem_op (a, +_X_EQ_, b, len) ...> } @@ expression a, b, len; identifier func; @@ func (...) { <... -test_memneq +tt_mem_op (a, +_X_NEQ_, b, len) ...> } ------------------------------ @@ char a, b; identifier func; @@ func (...) { <... -tt_assert +tt_int_op ( -a == b +a, _X_EQ_, b ) ...> } @@ int a, b; identifier func; @@ func (...) { <... -tt_assert +tt_int_op ( -a == b +a, _X_EQ_, b ) ...> } @@ long a, b; identifier func; @@ func (...) { <... -tt_assert +tt_int_op ( -a == b +a, _X_EQ_, b ) ...> } @@ unsigned int a, b; identifier func; @@ func (...) { <... -tt_assert +tt_uint_op ( -a == b +a, _X_EQ_, b ) ...> } @@ unsigned long a, b; identifier func; @@ func (...) { <... -tt_assert +tt_uint_op ( -a == b +a, _X_EQ_, b ) ...> } @@ char a, b; identifier func; @@ func (...) { <... -tt_assert +tt_int_op ( -a != b +a, _X_NEQ_, b ) ...> } @@ int a, b; identifier func; @@ func (...) { <... -tt_assert +tt_int_op ( -a != b +a, _X_NEQ_, b ) ...> } @@ long a, b; identifier func; @@ func (...) { <... -tt_assert +tt_int_op ( -a != b +a, _X_NEQ_, b ) ...> } @@ unsigned int a, b; identifier func; @@ func (...) { <... -tt_assert +tt_uint_op ( -a != b +a, _X_NEQ_, b ) ...> } @@ unsigned long a, b; identifier func; @@ func (...) { <... -tt_assert +tt_uint_op ( -a != b +a, _X_NEQ_, b ) ...> } @@ char a, b; identifier func; @@ func (...) { <... -tt_assert +tt_int_op ( -a >= b +a, _X_GEQ_, b ) ...> } @@ int a, b; identifier func; @@ func (...) { <... -tt_assert +tt_int_op ( -a >= b +a, _X_GEQ_, b ) ...> } @@ long a, b; identifier func; @@ func (...) { <... -tt_assert +tt_int_op ( -a >= b +a, _X_GEQ_, b ) ...> } @@ unsigned int a, b; identifier func; @@ func (...) { <... -tt_assert +tt_uint_op ( -a >= b +a, _X_GEQ_, b ) ...> } @@ unsigned long a, b; identifier func; @@ func (...) { <... -tt_assert +tt_uint_op ( -a >= b +a, _X_GEQ_, b ) ...> } @@ char a, b; identifier func; @@ func (...) { <... -tt_assert +tt_int_op ( -a <= b +a, _X_LEQ_, b ) ...> } @@ int a, b; identifier func; @@ func (...) { <... -tt_assert +tt_int_op ( -a <= b +a, _X_LEQ_, b ) ...> } @@ long a, b; identifier func; @@ func (...) { <... -tt_assert +tt_int_op ( -a <= b +a, _X_LEQ_, b ) ...> } @@ unsigned int a, b; identifier func; @@ func (...) { <... -tt_assert +tt_uint_op ( -a <= b +a, _X_LEQ_, b ) ...> } @@ unsigned long a, b; identifier func; @@ func (...) { <... -tt_assert +tt_uint_op ( -a <= b +a, _X_LEQ_, b ) ...> } @@ char a, b; identifier func; @@ func (...) { <... -tt_assert +tt_int_op ( -a > b +a, _X_GT_, b ) ...> } @@ int a, b; identifier func; @@ func (...) { <... -tt_assert +tt_int_op ( -a > b +a, _X_GT_, b ) ...> } @@ long a, b; identifier func; @@ func (...) { <... -tt_assert +tt_int_op ( -a > b +a, _X_GT_, b ) ...> } @@ unsigned int a, b; identifier func; @@ func (...) { <... -tt_assert +tt_uint_op ( -a > b +a, _X_GT_, b ) ...> } @@ unsigned long a, b; identifier func; @@ func (...) { <... -tt_assert +tt_uint_op ( -a > b +a, _X_GT_, b ) ...> } @@ char a, b; identifier func; @@ func (...) { <... -tt_assert +tt_int_op ( -a < b +a, _X_LT_, b ) ...> } @@ int a, b; identifier func; @@ func (...) { <... -tt_assert +tt_int_op ( -a < b +a, _X_LT_, b ) ...> } @@ long a, b; identifier func; @@ func (...) { <... -tt_assert +tt_int_op ( -a < b +a, _X_LT_, b ) ...> } @@ unsigned int a, b; identifier func; @@ func (...) { <... -tt_assert +tt_uint_op ( -a < b +a, _X_LT_, b ) ...> } @@ unsigned long a, b; identifier func; @@ func (...) { <... -tt_assert +tt_uint_op ( -a < b +a, _X_LT_, b ) ...> } ------------------------------ s/_X_NEQ_/!=/g; s/_X_NE_/!=/g; s/_X_EQ_/==/g; s/_X_GT_/>/g; s/_X_LT_/</g; s/_X_GEQ_/>=/g; s/_X_LEQ_/<=/g; s/test_mem_op\(/tt_mem_op\(/g;
2014-09-15	Write some unittests for Tor2webRendezvousPoints.	George Kadianakis

2014-02-06	fix longname returned in HS_DESC control events	Qingping Hou
	According to control spec, longname should not contain any spaces and is consists only of identy_digest + nickname added two functions: * node_get_verbose_nickname_by_id() * node_describe_longname_by_id()
2014-02-03	Clean up test_hs.c: warning fix; tor_free() usage.	Nick Mathewson
	My OSX laptop rightly gave a warning because of sticking strlen() into an int, but once I took a closer look... it appears that the strlen() was part of a needlessly verbose implementation for tor_strdup(). While I was there, I fixed the usage of tor_free() in test_hs.c: It checks for NULL, and it zeros its argument. So instead of if (foo) { tor_free(foo); foo = NULL; } we should just say tor_free(foo);
2014-01-29	add test case for hidden service async events	Qingping Hou