| Commit message (Expand) | Author | Age |
|---|
| * | Add a sha256 hmac function, with tests•••(cherry picked from commit fdbb9cdf746bbf0c39c34188baa8872471183ff7)
| Nick Mathewson | 2012-02-22 |
| * | Make internal error check for unrecognized digest algorithm more robust•••Fixes Coverity CID 479.
| Nick Mathewson | 2011-10-06 |
| * | Check maximum properly in crypto_rand_int()•••George Kadianakis notes that if you give crypto_rand_int() a value
above INT_MAX, it can return a negative number, which is not what
the documentation would imply.
The simple solution is to assert that the input is in [1,INT_MAX+1].
If in the future we need a random-value function that can return
values up to UINT_MAX, we can add one.
Fixes bug 3306; bugfix on 0.2.2pre14.
| Nick Mathewson | 2011-06-06 |
| * | Reject 128-byte keys that are not 1024-bit•••When we added the check for key size, we required that the keys be
128 bytes. But RSA_size (which defers to BN_num_bytes) will return
128 for keys of length 1017..1024. This patch adds a new
crypto_pk_num_bits() that returns the actual number of significant
bits in the modulus, and uses that to enforce key sizes.
Also, credit the original bug3318 in the changes file.
| Nick Mathewson | 2011-06-03 |
| * | Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2•••Fixed trivial conflict due to headers moving into their own .h files
from or.h.
Conflicts:
src/or/or.h
| Nick Mathewson | 2011-05-16 |
| |\ |
|
| | * | squash! Add crypto_pk_check_key_public_exponent function•••Rename crypto_pk_check_key_public_exponent to crypto_pk_public_exponent_ok:
it's nice to name predicates s.t. you can tell how to interpret true
and false.
| Nick Mathewson | 2011-05-16 |
| | * | Add crypto_pk_check_key_public_exponent function | Robert Ransom | 2011-05-16 |
| * | | Merge remote-tracking branch 'public/3122_memcmp_squashed' into bug3122_memcm...•••Conflicts throughout. All resolved in favor of taking HEAD and
adding tor_mem* or fast_mem* ops as appropriate.
src/common/Makefile.am
src/or/circuitbuild.c
src/or/directory.c
src/or/dirserv.c
src/or/dirvote.c
src/or/networkstatus.c
src/or/rendclient.c
src/or/rendservice.c
src/or/router.c
src/or/routerlist.c
src/or/routerparse.c
src/or/test.c
| Nick Mathewson | 2011-05-11 |
| |\| |
|
| | * | Hand-conversion and audit phase of memcmp transition•••Here I looked at the results of the automated conversion and cleaned
them up as follows:
If there was a tor_memcmp or tor_memeq that was in fact "safe"[*] I
changed it to a fast_memcmp or fast_memeq.
Otherwise if there was a tor_memcmp that could turn into a
tor_memneq or tor_memeq, I converted it.
This wants close attention.
[*] I'm erring on the side of caution here, and leaving some things
as tor_memcmp that could in my opinion use the data-dependent
fast_memcmp variant.
| Nick Mathewson | 2011-05-11 |
| | * | Automated conversion of memcmp to tor_memcmp/tor_mem[n]eq•••This commit is _exactly_ the result of
perl -i -pe 's/\bmemcmp\(/tor_memcmp\(/g' src/*/*.[ch]
perl -i -pe 's/\!\s*tor_memcmp\(/tor_memeq\(/g' src/*/*.[ch]
perl -i -pe 's/0\s*==\s*tor_memcmp\(/tor_memeq\(/g' src/*/*.[ch]
perl -i -pe 's/0\s*!=\s*tor_memcmp\(/tor_memneq\(/g' src/*/*.[ch]
git checkout src/common/di_ops.[ch]
git checkout src/or/test.c
git checkout src/common/test.h
| Nick Mathewson | 2011-05-11 |
| * | | Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2•••Conflicts:
src/common/torint.h
| Nick Mathewson | 2011-04-27 |
| |\| |
|
| | * | Make SIZE_T_CEILING unsigned; add a signed SSIZE_T_CEILING•••None of the comparisons were _broken_ previously, but avoiding
signed/unsigned comparisons makes everybody happier.
Fixes bug2475.
| Nick Mathewson | 2011-04-26 |
| | * | Make the DH parameter we use for TLS match the one from Apache's mod_ssl•••Our regular DH parameters that we use for circuit and rendezvous
crypto are unchanged. This is yet another small step on the path of
protocol fingerprinting resistance.
(Backport from 0.2.2's 5ed73e3807d90dd0a3)
| Nick Mathewson | 2011-02-10 |
| * | | Clean up whitespace | Nick Mathewson | 2011-03-16 |
| * | | Doxygen documentation for about 100 things that didn't have any•••About 860 doxygen-less things remain in 0.2.2
| Nick Mathewson | 2011-03-16 |
| * | | Correctly detect BIO_new failures•••This bug was noticed by cypherpunks; fixes bug 2378.
Bugfix on svn commit r110.
| Nick Mathewson | 2011-01-25 |
| * | | Always treat failure to allocate an RSA key as an unrecoverable allocation error | Nick Mathewson | 2011-01-25 |
| * | | Remove an unused function in crypto.c | Nick Mathewson | 2011-01-25 |
| * | | Make the DH parameter we use for TLS match the one from Apache's mod_ssl•••Our regular DH parameters that we use for circuit and rendezvous
crypto are unchanged. This is yet another small step on the path of
protocol fingerprinting resistance.
| Nick Mathewson | 2011-01-24 |
| * | | Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 | Nick Mathewson | 2011-01-15 |
| |\| |
|
| | * | Zero out some more key data before freeing it•••Found by cypherpunks; fixes bug 2384.
| Nick Mathewson | 2011-01-15 |
| * | | Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2•••Conflicts:
src/or/routerparse.c
src/or/test.c
| Nick Mathewson | 2011-01-15 |
| |\| |
|
| | * | Merge branch 'bug2352_obsize' into maint-0.2.1 | Nick Mathewson | 2011-01-15 |
| | |\ |
|
| | | * | Add logic in routerparse to not read overlong private keys•••I am not at all sure that it is possible to trigger a bug here,
but better safe than sorry.
| Nick Mathewson | 2011-01-10 |
| * | | | Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2•••Conflicts:
src/or/config.c
src/or/networkstatus.c
src/or/rendcommon.c
src/or/routerparse.c
src/or/test.c
| Nick Mathewson | 2011-01-15 |
| |\| | |
|
| | * | | Fix a heap overflow found by debuger, and make it harder to make that mistake...•••Our public key functions assumed that they were always writing into a
large enough buffer. In one case, they weren't.
(Incorporates fixes from sebastian)
| Nick Mathewson | 2011-01-15 |
| | |/ |
|
| * | | Fix size_t vs unsigned comparison too | Nick Mathewson | 2011-01-05 |
| * | | Fix up size and sign issues in base32 code•••Fixes bug 2331.
| Nick Mathewson | 2011-01-03 |
| * | | Merge remote branch 'sebastian/bug2314' into maint-0.2.2 | Nick Mathewson | 2011-01-03 |
| |\ \ |
|
| | * | | Fix compile wanrings revealed by gcc 4.5 on mingw | Sebastian Hahn | 2010-12-27 |
| * | | | Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2•••Conflicts:
src/common/test.h
src/or/test.c
| Nick Mathewson | 2011-01-03 |
| |\ \ \
| |/ /
|/| /
| |/ |
|
| | * | Bump copyright statements to 2011 | Nick Mathewson | 2011-01-03 |
| * | | Merge remote branch fix_security_bug_021 into fix_security_bug_022•••Conflicts:
src/common/memarea.c
src/or/or.h
src/or/rendclient.c
| Nick Mathewson | 2010-12-15 |
| |\| |
|
| | * | Have all of our allocation functions and a few others check for underflow•••It's all too easy in C to convert an unsigned value to a signed one,
which will (on all modern computers) give you a huge signed value. If
you have a size_t value of size greater than SSIZE_T_MAX, that is way
likelier to be an underflow than it is to be an actual request for
more than 2gb of memory in one go. (There's nothing in Tor that
should be trying to allocate >2gb chunks.)
| Nick Mathewson | 2010-12-13 |
| * | | Add wrappers function for libc random()•••On windows, it's called something different.
| Nick Mathewson | 2010-11-29 |
| * | | Properly refcount client_identity_key•••In a2bb0bf we started using a separate client identity key. When we are
in "public server mode" (that means not a bridge) we will use the same
key. Reusing the key without doing the proper refcounting leads to a
segfault on cleanup during shutdown. Fix that.
Also introduce an assert that triggers if our refcount falls below 0.
That should never happen.
| Sebastian Hahn | 2010-10-26 |
| * | | Rename log.h to torlog.h•••This should make us conflict less with system files named "log.h".
Yes, we shouldn't have been conflicting with those anyway, but some
people's compilers act very oddly.
The actual change was done with one "git mv", by editing
Makefile.am, and running
find . -name '*.[ch]' | xargs perl -i -pe 'if (/^#include.*\Wlog.h/) {s/log.h/torlog.h/; }'
| Nick Mathewson | 2010-07-09 |
| * | | Merge remote branch 'public/rand_double2' | Nick Mathewson | 2010-06-29 |
| |\ \ |
|
| | * | | Make cbt_generate_sample use crypto_rand_double()•••Possible workaround for bug 1139, if anybody cares.
| Nick Mathewson | 2010-06-25 |
| | * | | Add a function to return a double in range [0,1). | Nick Mathewson | 2010-06-22 |
| * | | | Log an error if openssl fails to copy a key for us•••This should never happen unless openssl is buggy or some of our
assumptions are deeply wrong, but one of those might have been the
cause of the not-yet-reproducible bug 1209. If it ever happens again,
let's get some info we can use.
| Nick Mathewson | 2010-06-22 |
| |/ / |
|
| * | | Merge remote branch 'origin/maint-0.2.1'•••Conflicts:
src/common/test.h
src/or/test.c
| Nick Mathewson | 2010-02-27 |
| |\| |
|
| | * | Update Tor Project copyright years | Nick Mathewson | 2010-02-27 |
| * | | Merge commit 'origin/maint-0.2.1' | Nick Mathewson | 2009-12-15 |
| |\| |
|
| | * | Fix bug 1173: remove an assert(unsigned >= 0). | Nick Mathewson | 2009-12-15 |
| * | | Merge commit 'sebastian/coverity' | Nick Mathewson | 2009-12-12 |
| |\ \ |
|
| | * | | crypto_cipher_set_key cannot fail•••In 5e4d53d535a3cc9903250b3df0caa829f1c5e4bf we made it so that
crypto_cipher_set_key cannot fail. The call will now
always succeed, to returning a boolean for success/failure makes
no sense.
| Sebastian Hahn | 2009-10-27 |
| * | | | *_free functions now accept NULL•••Some *_free functions threw asserts when passed NULL. Now all of them
accept NULL as input and perform no action when called that way.
This gains us consistence for our free functions, and allows some
code simplifications where an explicit null check is no longer necessary.
| Sebastian Hahn | 2009-12-12 |
| |/ / |
|
| * | | Remove checks for array existence. (CID 410..415)•••In C, the code "char x[10]; if (x) {...}" always takes the true branch of
the if statement. Coverity notices this now.
In some cases, we were testing arrays to make sure that an operation
we wanted to do would suceed. Those cases are now always-true.
In some cases, we were testing arrays to see if something was _set_.
Those caes are now tests for strlen(s), or tests for
!tor_mem_is_zero(d,len).
| Nick Mathewson | 2009-10-26 |
| * | | Reduce log level for someone else sending us weak DH keys.•••See task 1114. The most plausible explanation for someone sending us weak
DH keys is that they experiment with their Tor code or implement a new Tor
client. Usually, we don't care about such events, especially not on warn
level. If we really care about someone not following the Tor protocol, we
can set ProtocolWarnings to 1.
| Karsten Loesing | 2009-10-25 |