aboutsummaryrefslogtreecommitdiff
path: root/src/trunnel
AgeCommit message (Collapse)Author
2017-05-08Merge branch 'netflow_padding-v6-rebased2-squashed'Nick Mathewson
2017-05-08Netflow record collapsing defense.Mike Perry
This defense will cause Cisco, Juniper, Fortinet, and other routers operating in the default configuration to collapse netflow records that would normally be split due to the 15 second flow idle timeout. Collapsing these records should greatly reduce the utility of default netflow data for correlation attacks, since all client-side records should become 30 minute chunks of total bytes sent/received, rather than creating multiple separate records for every webpage load/ssh command interaction/XMPP chat/whatever else happens to be inactive for more than 15 seconds. The defense adds consensus parameters to govern the range of timeout values for sending padding packets, as well as for keeping connections open. The defense only sends padding when connections are otherwise inactive, and it does not pad connections used solely for directory traffic at all. By default it also doesn't pad inter-relay connections. Statistics on the total padding in the last 24 hours are exported to the extra-info descriptors.
2017-04-11hs: Change trunnel prop224 cell's namespaceDavid Goulet
One of the goals of this change is to have trunnel API/ABI being more explicit so we namespace them with "trn_*". Furthermore, we can now create hs_cells.[ch] without having to confuse it with trunnel which used to be "hs_cell_*" before that change. Here are the perl line that were used for this rename: perl -i -pe 's/cell_extension/trn_cell_extension/g;' src/*/*.[ch] perl -i -pe 's/cell_extension/trn_cell_extension/g;' src/trunnel/hs/*.trunnel perl -i -pe 's/hs_cell_/trn_cell_/g;' src/*/*.[ch] perl -i -pe 's/hs_cell_/trn_cell_/g;' src/trunnel/hs/*.trunnel And then "./scripts/codegen/run_trunnel.sh" with trunnel commit id 613fb1b98e58504e2b84ef56b1602b6380629043. Fixes #21919 Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-12-16trunnel: Move ESTABLISH_INTRO cell sig_len after the end_sig_fieldsDavid Goulet
Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-12-08Update to trunnel 1.5.1Nick Mathewson
2016-11-10Trunnel-side: start migrating extend/extend2 to trunnelNick Mathewson
2016-11-04Merge branch 'ticket17238_029_02-resquash'Nick Mathewson
Conflicts: src/or/rendclient.c src/or/rendcommon.c src/or/routerparse.c src/test/test_dir.c src/trunnel/ed25519_cert.h
2016-11-04trunnel: Uncomment link_specifier so we can use itDavid Goulet
Also add a trunnel definition for link_specifier_list Signed-off-by: John Brooks <special@torproject.org> Signed-off-by: David Goulet <dgoulet@torproject.org> Signed-off-by: George Kadianakis <desnacked@riseup.net>
2016-10-31Re-run trunnel.Nick Mathewson
2016-10-31prop224: Add INTRODUCE1 and INTRODUCE_ACK trunnel definitionDavid Goulet
Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-10-31prop224: Add ESTABLISH_INTRO and INTRO_ESTABLISHED trunnel definitionDavid Goulet
Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-10-26Regenerate trunnel code with trunnel 1.5Nick Mathewson
2016-07-28Re-run trunnel.Nick Mathewson
2016-02-22Update to trunnel 1.4.4 to fix 18373Nick Mathewson
2015-10-14Mention trunnel in CodingStandards; describe how in trunnel/READMENick Mathewson
2015-09-29Add a README for the trunnel directoryNick Mathewson
2015-08-18Update to latest trunnelNick Mathewson
2015-07-23Re-run trunnel to capture change for msvc.Nick Mathewson
2015-05-28Update trunnel code.Nick Mathewson
This gets the minor change in trunnel 1.4.1, which should avoid deadcode warnings from Coverity.
2015-05-28Merge branch '12498_ed25519_keys_v6'Nick Mathewson
Fixed numerous conflicts, and ported code to use new base64 api.
2015-05-28Add trunnel-generated items for link handshake code.Nick Mathewson
This includes the link handshake variations for proposal220. We'll use this for testing first, and then use it to extend our current code to support prop220.
2015-05-28prop220: Implement certificates and key storage/creationNick Mathewson
For prop220, we have a new ed25519 certificate type. This patch implements the code to create, parse, and validate those, along with code for routers to maintain their own sets of certificates and keys. (Some parts of master identity key encryption are done, but the implementation of that isn't finished)
2015-03-21Disable assertions during coverage buildsSebastian Hahn
This removes roughly 5000 branches in my testing. We never want to trigger assertions even during tests, so this is sane. Implements #15400.
2014-09-26Regenerate pwbox.c with the latest trunnelNick Mathewson
This one should no longer generate dead-code warnings with coverity. Fingers crossed? This was CID 1241498
2014-09-25Use --require-version to prevent running trunnel pre-1.2Nick Mathewson
(Also, regenerate trunnel stuff with trunnel 1.2. This just adds a few comments to our output.)
2014-09-25Add a script to run trunnel on the trunnel files.Nick Mathewson
Also, re-run the latest trunnel. Closes ticket 13242
2014-09-25Use trunnel for crypto_pwbox encoding/decoding.Nick Mathewson
This reduces the likelihood that I have made any exploitable errors in the encoding/decoding. This commit also imports the trunnel runtime source into Tor.