| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
|
|
|
|
Unmeasured=1 issue
|
|
|
|
|
|
Apparently there is a compiler that believes this is something to
warn about.
|
|
If geoip_format_bridge_stats() returned NULL when it should have
returned a string, we would have tried to deref NULL, and died. Not
a big deal in the unit tests, but still worth fixing.
Found by coverity; This is CID 743384.
|
|
Found by coverity
|
|
These shouldn't really matter, but it's nice to be leak-free.
|
|
This test was accounting for about 2/3 of our unit tests' runtime,
even on systems with a fast curve25519. No test should take so long.
|
|
|
|
|
|
Right now, all our curve25519 backends ignore the high bit of the
public key. But possibly, others could treat the high bit of the
public key as encoding out-of-bounds values, or as something to be
preserved. This could be used to distinguish clients with different
backends, at the cost of killing a circuit.
As a workaround, let's just clear the high bit of each public key
indiscriminately before we use it. Fix for bug 8121, reported by
rransom. Bugfix on 0.2.4.8-alpha.
|
|
|
|
When we implemented #5823 and removed v2 directory request info, we
never actually changed the unit tests not to expect it.
Fixes bug 8084; bug not in any released version of Tor.
|
|
|
|
Fix by "ultramage".
This already has a changes entry.
|
|
Implements the rest of #5823.
|
|
The implementation is pretty straightforward: parse_extended_hostname() is
modified to drop any leading components from an address like
'foo.aaaaaaaaaaaaaaaa.onion'.
|
|
Conflicts:
src/or/or.h
srcwin32/orconfig.h
|
|
|
|
|
|
Fixes 7309
|
|
|
|
Fixes bugs 7312 and 7310.
|
|
Fix wide lines and comments, and add a changes file
|
|
This is an automatically generated commit, from the following perl script,
run with the options "-w -i -p".
s/smartlist_string_num_isin/smartlist_contains_int_as_string/g;
s/smartlist_string_isin((?:_case)?)/smartlist_contains_string$1/g;
s/smartlist_digest_isin/smartlist_contains_digest/g;
s/smartlist_isin/smartlist_contains/g;
s/digestset_isin/digestset_contains/g;
|
|
Fixes more of bug 7972
|
|
|
|
Makes bug 7869 more easily fixable if we ever choose to do so.
|
|
|
|
|
|
Conflicts:
src/or/cpuworker.c
src/or/or.h
src/test/bench.c
|
|
|
|
Before I started coding ntor in C, I did another one in Python.
Turns out, they interoperate just fine.
|
|
|
|
This lets us give it compiler flags differing from the rest of
libor-crypto.a
|
|
We want to sanity-check our own create cells carefully, and other
people's loosely.
|
|
|
|
As elsewhere, it makes sense when adding or extending a cell type to
actually make the code to parse it into a separate tested function.
This commit doesn't actually make anything use these new functions;
that's for a later commit.
|
|
The three handshake types are now accessed from a unified interface;
their state is abstracted from the rest of the cpath state, and so on.
|
|
I'm going to want a generic "onionskin" type and set of wrappers, and
for that, it will be helpful to isolate the different circuit creation
handshakes. Now the original handshake is in onion_tap.[ch], the
CREATE_FAST handshake is in onion_fast.[ch], and onion.[ch] now
handles the onion queue.
This commit does nothing but move code and adjust header files.
|
|
Previously, we only used the strong OS entropy source as part of
seeding OpenSSL's RNG. But with curve25519, we'll have occasion to
want to generate some keys using extremely-good entopy, as well as the
means to do so. So let's!
This patch refactors the OS-entropy wrapper into its own
crypto_strongest_rand() function, and makes our new
curve25519_secret_key_generate function try it as appropriate.
|
|
The ntor handshake--described in proposal 216 and in a paper by
Goldberg, Stebila, and Ustaoglu--gets us much better performance than
our current approach.
|
|
We want to use donna-c64 when we have a GCC with support for
64x64->uint128_t multiplying. If not, we want to use libnacl if we
can, unless it's giving us the unsafe "ref" implementation. And if
that isn't going to work, we'd like to use the
portable-and-safe-but-slow 32-bit "donna" implementation.
We might need more library searching for the correct libnacl,
especially once the next libnacl release is out -- it's likely to have
bunches of better curve25519 implementations.
I also define a set of curve25519 wrapper functions, though it really
shouldn't be necessary.
We should eventually make the -donna*.c files get build with
-fomit-frame-pointer, since that can make a difference.
|
|
I'm going to use this for looking op keys server-side for ntor.
|
|
|
|
With an IPv6 virtual address map, we can basically hand out a new
IPv6 address for _every_ address we connect to. That'll be cool, and
will let us maybe get around prop205 issues.
This uses some fancy logic to try to make the code paths in the ipv4
and the ipv6 case as close as possible, and moves to randomly
generated addresses so we don't need to maintain those stupid counters
that will collide if Tor restarts but apps don't.
Also has some XXXX items to fix to make this useful. More design
needed.
|
