summaryrefslogtreecommitdiff
path: root/src/tools
AgeCommit message (Collapse)Author
2017-02-07Do not truncate too long hostnamesjunglefowl
If a hostname is supplied to tor-resolve which is too long, it will be silently truncated, resulting in a different hostname lookup: $ tor-resolve $(python -c 'print("google.com" + "m" * 256)') If tor-resolve uses SOCKS5, the length is stored in an unsigned char, which overflows in this case and leads to the hostname "google.com". As this one is a valid hostname, it returns an address instead of giving an error due to the invalid supplied hostname.
2016-11-03Merge branch 'maint-0.2.8' into maint-0.2.9Nick Mathewson
2016-11-03Work around a behavior change in openssl's BUF_MEM codeNick Mathewson
In our code to write public keys to a string, for some unfathomable reason since 253f0f160e1185c, we would allocate a memory BIO, then set the NOCLOSE flag on it, extract its memory buffer, and free it. Then a little while later we'd free the memory buffer with BUF_MEM_free(). As of openssl 1.1 this doesn't work any more, since there is now a BIO_BUF_MEM structure that wraps the BUF_MEM structure. This BIO_BUF_MEM doesn't get freed in our code. So, we had a memory leak! Is this an openssl bug? Maybe. But our code was already pretty silly. Why mess around with the NOCLOSE flag here when we can just keep the BIO object around until we don't need the buffer any more? Fixes bug 20553; bugfix on 0.0.2pre8
2016-06-27Merge branch 'maint-0.2.8'Nick Mathewson
2016-06-24Bug19499: Fix GCC warnings when building against bleeding edge OpenSSL.Yawning Angel
The previous version of the new accessors didn't specify const but it was changed in master.
2016-06-14use new-form macros to disable -Wredundant-declsNick Mathewson
2016-06-14Merge branch 'maint-0.2.8'Nick Mathewson
2016-06-14Suppress the Wredundant-decls warning in another set of openssl headersNick Mathewson
2016-06-14Bug 19406: OpenSSL made RSA and DH opaque in 1.1.0.Yawning Angel
There's accessors to get at things, but it ends up being rather cumbersome. The only place where behavior should change is that the code will fail instead of attempting to generate a new DH key if our internal sanity check fails. Like the previous commit, this probably breaks snapshots prior to pre5.
2016-06-11Add -Wmissing-variable-declarations, with attendant fixesNick Mathewson
This is a big-ish patch, but it's very straightforward. Under this clang warning, we're not actually allowed to have a global variable without a previous extern declaration for it. The cases where we violated this rule fall into three roughly equal groups: * Stuff that should have been static. * Stuff that was global but where the extern was local to some other C file. * Stuff that was only global when built for the unit tests, that needed a conditional extern in the headers. The first two were IMO genuine problems; the last is a wart of how we build tests.
2016-05-12Fix inconsistent tab/space mixing in include.am files.Nick Mathewson
This is a whitespace only, cosmetic fix. There is still some inconsistency between lists, but less inconsistency inside individual lists.
2016-05-12Merge branch 'ftrapv_v3'Nick Mathewson
There were some conflicts here, and some breakage to fix concerning library link order in newer targets.
2016-05-12Add -ftrapv to gcc-hardening ... mostly!Nick Mathewson
We know there are overflows in curve25519-donna-c32, so we'll have to have that one be fwrapv. Only apply the asan, ubsan, and trapv options to the code that does not need to run in constant time. Those options introduce branches to the code they instrument. (These introduced branches should never actually be taken, so it might _still_ be constant time after all, but branch predictors are complicated enough that I'm not really confident here. Let's aim for safety.) Closes 17983.
2016-03-28Fix a memory leak in tor-gencert.Nick Mathewson
This way I can run chutney under asan. Fixes part of 18672.
2016-02-12Handle the case where tor-gencert gets a passphrase with no NLNick Mathewson
Closes ticket 17443.
2015-12-19Add the SHA-3 hash functions to common/crypto.h.Yawning Angel
* DIGEST_SHA3_[256,512] added as supported algorithms, which do exactly what is said on the tin. * test/bench now benchmarks all of the supported digest algorithms, so it's possible to see just how slow SHA-3 is, though the message sizes could probably use tweaking since this is very dependent on the message size vs the SHA-3 rate.
2015-08-30Remove -F from tor-resolve(1) usage message.rl1987
2015-08-05Update tor-fw-helper URLNick Mathewson
2015-08-04Merge remote-tracking branch 'public/bug13338'Nick Mathewson
2015-07-31Move formatting functions around.Nick Mathewson
The base64 and base32 functions used to be in crypto.c; crypto_format.h had no header; some general-purpose functions were in crypto_curve25519.c. This patch makes a {crypto,util}_format.[ch], and puts more functions there. Small modules are beautiful!
2015-07-14Remove tor-fw-helper codeNick Mathewson
It did a good idea, but the code-quality of libupnpc and libnatpnp is so dodgy that I'm not really comfortable including them alongside Tor proper. Instead, we'll recommend that people do the pure-go reimplementation instead. Closes ticket 13338.
2015-06-29Remove checks for visual C 6.Nick Mathewson
2015-05-20Merge branch 'bug16034_no_more_openssl_098_squashed'Nick Mathewson
Conflicts: src/test/testing_common.c
2015-05-20Now that OpenSSL 0.9.8 is dead, crypto_seed_rng() needs no argsNick Mathewson
It needed an argument before because it wasn't safe to call RAND_poll() on openssl 0.9.8c if you had already opened more fds than would fit in fd_set.
2015-05-05Fix a harmless memory leak in tor-gencertNick Mathewson
2015-04-23Use a custom Base64 encoder with more control over the output format.Yawning Angel
2015-03-22build tor-cov-{resolve,gencert}Sebastian Hahn
This allows us to run tor-cov-gencert from chutney for coverage builds.
2015-03-14Remove relative paths to header files.cypherpunks
The paths are already in the directory search path of the compiler therefore no need to include them in the source code.
2015-01-28Tweak tor-resolve docs and logsNick Mathewson
Resolves 14325
2015-01-02Bump copyright dates to 2015, in case someday this matters.Nick Mathewson
2014-10-28Add another year to our copyright dates.Nick Mathewson
Because in 95 years, we or our successors will surely care about enforcing the BSD license terms on this code. Right?
2014-10-22Merge remote-tracking branch 'public/ticket6938'Nick Mathewson
Conflicts: src/tools/tor-resolve.c
2014-09-29Merge remote-tracking branch 'origin/maint-0.2.5'Nick Mathewson
2014-09-29Don't use the getaddrinfo sandbox cache from tor-resolveNick Mathewson
Fixes bug 13295; bugfix on 0.2.5.3-alpha. The alternative here is to call crypto_global_init() from tor-resolve, but let's avoid linking openssl into tor-resolve for as long as we can.
2014-09-10Remember log messages that happen before logs are configuredNick Mathewson
(And replay them once we know our first real logs.) This is an implementation for issue 6938. It solves the problem of early log mesages not getting sent to log files, but not the issue of early log messages not getting sent to controllers.
2014-08-21Check for duplicate arguments to tor-gencertNick Mathewson
Found by coverity, which noticed that if you said tor-gencert -i identity1 -i identity2 we would leak "identity1". [CID 1198201, 1198202, 1198203]
2014-04-19scan-build: close stdio FILEs on error in tor-gencertNick Mathewson
This is harmless, since tor-gencert exits right afterwards, but it's best to clean up after ourselves.
2014-04-07Fix some harmless/untriggerable memory leaks found by coverityNick Mathewson
2014-03-25Add missing -Isrc/ext to tor-fw-helper/include.amNick Mathewson
We need this now that tor-fw-helper will pull in siphash.h Fixes bug 11296; bugfix on 0.2.5.4-alpha where siphash.h was introduced.
2013-12-12Make tor-gencert create 2048 bit signing keys.Linus Nordberg
2013-07-10Completely refactor how FILENAME_PRIVATE worksNick Mathewson
We previously used FILENAME_PRIVATE identifiers mostly for identifiers exposed only to the unit tests... but also for identifiers exposed to the benchmarker, and sometimes for identifiers exposed to a similar module, and occasionally for no really good reason at all. Now, we use FILENAME_PRIVATE identifiers for identifiers shared by Tor and the unit tests. They should be defined static when we aren't building the unit test, and globally visible otherwise. (The STATIC macro will keep us honest here.) For identifiers used only by the unit tests and never by Tor at all, on the other hand, we wrap them in #ifdef TOR_UNIT_TESTS. This is not the motivating use case for the split test/non-test build system; it's just a test example to see how it works, and to take a chance to clean up the code a little.
2013-06-10Fix tor-fw-helper exit code.Arlo Breault
It's returning the number of initialized backends. (changes file added by nickm; this is a fix for bug #9030)
2013-03-19Merge remote-tracking branch 'public/bug7768' into maint-0.2.4Nick Mathewson
2013-03-19Use option name --test-commandline in tor-fw-helper.David Fifield
It was previously --Test in the help output and --test-commandline in the getopt call. The man page already had --test. (Originally by David, who resolved the tie in favor of "--test"; I chose --test-commandline" instead so that nothing that depended on it could break. -Nick)
2013-03-15Fix some basic socket issues with tor-fw-helper-natpmp on windowsNick Mathewson
This isn't going to be the last of these issues, but we might as well take the fixes as we find them. Patch from Gisle Vanem, fixes bug 7280.
2013-03-15Fix brackets in tor-fw-helper help output.David Fifield
Change nesting from [(]) to [()]. Formerly it made it look to me at first glance that "internal port" was optional. [Trivial change; fixes #7767 --nickm]
2013-02-11Don't tor_close_socket(-1) in tor-resolve.Nick Mathewson
Bugfix on 96b1bd4fb8e64. Not in any released Tor.
2013-02-11Fix a very short-lived socket leak in tor-resolveNick Mathewson
This shouldn't actually matter, since tor-resolve will return soon after this function exits, but it's nice to be warning-free Found by coverity, fixes CID 718633
2013-02-01fix wide lines from tor_log renameNick Mathewson
2013-02-01Rename log() to tor_log() for loggingNick Mathewson
This is meant to avoid conflict with the built-in log() function in math.h. It resolves ticket 7599. First reported by dhill. This was generated with the following perl script: #!/usr/bin/perl -w -i -p s/\blog\(LOG_(ERR|WARN|NOTICE|INFO|DEBUG)\s*,\s*/log_\L$1\(/g; s/\blog\(/tor_log\(/g;