aboutsummaryrefslogtreecommitdiff
Commit message (Expand)AuthorAge
* Set renegotiation callbacks immediately on tls inititation•••This way, we can't miss a renegotiation attempt in a v2 handshake, or miss excess renegotiation attempts. Partial fix for bug 4587. Nick Mathewson2011-11-29
* Don't schedule excess_renegotiations_callback unless it's set•••Partial fix for bug 4587; reported by "frosty_un". Nick Mathewson2011-11-27
* fold in changes files so farRoger Dingledine2011-11-25
* use event_free() wrapper; fix bug 4582Nick Mathewson2011-11-25
* Fix some wide lines in tortls.cNick Mathewson2011-11-25
* Avoid a double-mark in connection_or_close_connection_cbNick Mathewson2011-11-25
* Refactor tor_event_base_once to do what we actually want•••This version avoids the timeout system entirely, gives a nicer interface, and lets us manage allocation explicitly. Nick Mathewson2011-11-25
* Merge remote-tracking branch 'asn/bug4312'Nick Mathewson2011-11-25
|\
| * Use callback-driven approach to block renegotiations.•••Also use this new approach in the bufferevents-enabled case. George Kadianakis2011-11-13
| * Fix issues pointed out by nickm.•••- Rename tor_tls_got_server_hello() to tor_tls_got_client_hello(). - Replaced some aggressive asserts with LD_BUG logging. They were the innocent "I believe I understand how these callbacks work, and this assert proves it" type of callbacks, and not the "If this statement is not true, computer is exploding." type of callbacks. - Added a changes file. George Kadianakis2011-11-03
| * Also handle needless renegotiations in SSL_write().•••SSL_read(), SSL_write() and SSL_do_handshake() can always progress the SSL protocol instead of their normal operation, this means that we must be checking for needless renegotiations after they return. Introduce tor_tls_got_excess_renegotiations() which makes the tls->server_handshake_count > 2 check for us, and use it in tor_tls_read() and tor_tls_write(). Cases that should not be handled: * SSL_do_handshake() is only called by tor_tls_renegotiate() which is a client-only function. * The SSL_read() in tor_tls_shutdown() does not need to be handled, since SSL_shutdown() will be called if SSL_read() returns an error. George Kadianakis2011-10-26
| * Get rid of tor_tls_block_renegotiation().•••Since we check for naughty renegotiations using tor_tls_t.server_handshake_count we don't need that semi-broken function (at least till there is a way to disable rfc5746 renegotiations too). George Kadianakis2011-10-26
| * Detect and deny excess renegotiations attempts.•••Switch 'server_handshake_count' from a uint8_t to 2 unsigned int bits. Since we won't ever be doing more than 3 handshakes, we don't need the extra space. Toggle tor_tls_t.got_renegotiate based on the server_handshake_count. Also assert that when we've done two handshakes as a server (the initial SSL handshake, and the renegotiation handshake) we've just renegotiated. Finally, in tor_tls_read() return an error if we see more than 2 handshakes. George Kadianakis2011-10-26
| * Detect renegotiation when it actually happens.•••The renegotiation callback was called only when the first Application Data arrived, instead of when the renegotiation took place. This happened because SSL_read() returns -1 and sets the error to SSL_ERROR_WANT_READ when a renegotiation happens instead of reading data [0]. I also added a commented out aggressive assert that I won't enable yet because I don't feel I understand SSL_ERROR_WANT_READ enough. [0]: Look at documentation of SSL_read(), SSL_get_error() and SSL_CTX_set_mode() (SSL_MODE_AUTO_RETRY section). George Kadianakis2011-10-26
| * Refactor the SSL_set_info_callback() callbacks.•••Introduce tor_tls_state_changed_callback(), which handles every SSL state change. The new function tor_tls_got_server_hello() is called every time we send a ServerHello during a v2 handshake, and plays the role of the previous tor_tls_server_info_callback() function. George Kadianakis2011-10-26
* | Make the pt/transports test not crash.Nick Mathewson2011-11-25
* | Make process_handle_t private and fix some unit tests•••Let's *not* expose more cross-platform-compatibility structures, or expect code to use them right. Also, don't fclose() stdout_handle and stdin_handle until we do tor_process_handle_destroy, or we risk a double-fclose. Nick Mathewson2011-11-25
* | Merge remote-tracking branch 'asn/bug3472_act2'Nick Mathewson2011-11-25
|\ \
| * | Tell the bridge operator on what ports his transports spawned.•••- Add a LOG_WARN message when registering the transports of a server managed proxy, so that the bridge operator can see in what ports the transports spawned and notify his/her clients. George Kadianakis2011-11-02
| * | Rename tor_process_destroy() to tor_process_handle_destroy().George Kadianakis2011-10-24
| * | Add a changes file in changes/bug3472.George Kadianakis2011-10-24
| * | Improve general code quality.•••- Add a tor_process_get_pid() function that returns the PID of a process_handle_t. - Conform to make check-spaces. - Add some more documentation. - Improve some log messages. George Kadianakis2011-10-24
| * | Add PT_PROTO_FAILED_LAUNCH managed proxy state.•••We used to try to terminate the managed proxy process even if it failed while launching. We introduce a new managed proxy state, to represent a *broken* and *not launched* proxy. George Kadianakis2011-10-24
| * | Make set_managed_proxy_environment() work on Windows.George Kadianakis2011-10-24
| * | Prepare util.[ch] to use the new process_handle_t API.•••Also, create tor_process_destroy() which destroys a process_handle_t. George Kadianakis2011-10-24
| * | Port managed proxy launching code to the new subprocess API.George Kadianakis2011-10-17
| |/
* | Merge remote-tracking branch 'sebastian/pure_removal'Nick Mathewson2011-11-25
|\ \
| * | Purge ATTR_PURE from the code•••We're using it incorrectly in many cases, and it doesn't help as far as we know. Sebastian Hahn2011-11-25
* | | Merge branch 'more_aes_hackery_rebased'•••Conflicts: changes/aes_hackery Nick Mathewson2011-11-25
|\ \ \
| * | | Make AES unit tests cover the AES and the EVP case.Nick Mathewson2011-11-25
| * | | Use openssl's counter mode implementation when we have 1.0.0 or later•••This shaves about 7% off our per-cell AES crypto time for me; the effect for accelerated AES crypto should be even more, since the AES calculation itself will make an even smaller portion of the counter-mode performance. (We don't want to do this for pre-1.0.0 OpenSSL, since our AES_CTR implementation was actually faster than OpenSSL's there, by about 10%.) Fixes issue #4526. Nick Mathewson2011-11-25
| * | | Use EVP for AES only when hardware accel is present•••Fixes bug 4525, fix on 0.2.3.8-alpha. Nick Mathewson2011-11-25
* | | | And add a changelog entry for the 4574 fix. (closes: #4574)Peter Palfrader2011-11-25
* | | | tor-gencert: Fix a minor formatting issue in an error message (re: #4574)Peter Palfrader2011-11-25
* | | | And a changes file for bug3953Peter Palfrader2011-11-24
* | | | Handle build-trees better.•••Properly create git revision and source file sha1sums include files when building tor not in its source tree but in a dedicated build tree. Peter Palfrader2011-11-24
* | | | Basic support for a "make version" target to declare the source version•••This is katmagic's idea. See issue 4400. Nick Mathewson2011-11-24
* | | | Move disable-debugger-attachment fn to compat where it belongs. Fix whitespaceNick Mathewson2011-11-24
* | | | Tweak disable_debugger_attachment a little•••Don't warn when we have no implementation of this function (since it's on-by-default); reformat the changes entry; fix an overlong line. Nick Mathewson2011-11-24
* | | | Merge remote-tracking branch 'ioerror/DisableDebuggerAttachment'•••Conflicts: src/or/config.c Nick Mathewson2011-11-24
|\ \ \ \
| * | | | New configuration option: DisableDebuggerAttachment•••If set to 1, Tor will attempt to prevent basic debugging attachment attempts by other processes. (Default: 1) Supports Mac OS X and Gnu/Linux. Sebastian provided useful feedback and refactoring suggestions. Signed-off-by: Jacob Appelbaum <jacob@appelbaum.net> Jacob Appelbaum2011-06-01
* | | | | Merge remote-tracking branch 'public/feature4516'Nick Mathewson2011-11-24
|\ \ \ \ \ | |_|_|/ / |/| | | |
| * | | | New UserspaceIOCPBuffers option to set SO_{SND,RCV}BUF to zero•••When running with IOCP, we are in theory able to use userspace- allocated buffers to avoid filling up the stingy amount of kernel space allocated for sockets buffers. The bufferevent_async implementation in Libevent provides this ability, in theory. (There are likely to be remaining bugs). This patch adds a new option that, when using IOCP bufferevents, sets each socket's send and receive buffers to 0, so that we should use this ability. When all the bugs are worked out here, if we are right about bug 98, this might solve or mitigate bug 98. This option is experimental and will likely require lots of testing and debugging. Nick Mathewson2011-11-18
* | | | | Update check-spaces to remove false positive for timercmp macro•••The timercmp macro uses triggers a "space between function name and opening parentheses" warning for the check spaces script. Work around this by simply disabling the check for all "functions" named 'op()'. Sebastian Hahn2011-11-24
* | | | | appease check-spacesSebastian Hahn2011-11-24
* | | | | Fix compile warning in tor_inet_pton() (on 64bit)•••This slipped through into 0.2.3.8-alpha unfortunately. Sebastian Hahn2011-11-24
* | | | | Merge branch 'bug2474'•••Had to resolve conflicts wrt the " (using bufferevents)" addition to the startup string. Conflicts: src/or/main.c Nick Mathewson2011-11-23
|\ \ \ \ \
| * | | | | Tweak the "this is not a stable release" warning some moreNick Mathewson2011-11-23
| * | | | | Tweak the startup message to be more helpful•••Instead of just saying "boogity boogity!" let's actually warn people that they need to configure stuff right to be safe, and point them at instructions for how to do that. Resolves bug 2474. Nick Mathewson2011-04-28
* | | | | | Merge remote-tracking branch 'origin/maint-0.2.2'Nick Mathewson2011-11-23
|\ \ \ \ \ \
generated by cgit v1.2.3 (git 2.48.1) at 2025-03-27 21:45:27 +0000