| Commit message (Collapse) | Author | Age |
|---|
| |\
| |
| |
| |
| |
| |
| | |
Conflicts:
src/common/tortls.c
Conflict on comment near use of the new OPENSSL_V macro
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This commit is completely mechanical; I used this perl script to make it:
#!/usr/bin/perl -w -i.bak -p
if (/^\s*\#/) {
s/MS_WINDOWS/_WIN32/g;
s/\bWIN32\b/_WIN32/g;
}
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fixes bug 4893.
These changes are pure mechanical, and were generated with this
perl script:
/usr/bin/perl -w -i.bak -p
s/crypto_pk_env_t/crypto_pk_t/g;
s/crypto_dh_env_t/crypto_dh_t/g;
s/crypto_cipher_env_t/crypto_cipher_t/g;
s/crypto_digest_env_t/crypto_digest_t/g;
s/aes_free_cipher/aes_cipher_free/g;
s/crypto_free_cipher_env/crypto_cipher_free/g;
s/crypto_free_digest_env/crypto_digest_free/g;
s/crypto_free_pk_env/crypto_pk_free/g;
s/_crypto_dh_env_get_dh/_crypto_dh_get_dh/g;
s/_crypto_new_pk_env_rsa/_crypto_new_pk_from_rsa/g;
s/_crypto_pk_env_get_evp_pkey/_crypto_pk_get_evp_pkey/g;
s/_crypto_pk_env_get_rsa/_crypto_pk_get_rsa/g;
s/crypto_new_cipher_env/crypto_cipher_new/g;
s/crypto_new_digest_env/crypto_digest_new/g;
s/crypto_new_digest256_env/crypto_digest256_new/g;
s/crypto_new_pk_env/crypto_pk_new/g;
s/crypto_create_crypto_env/crypto_cipher_new/g;
s/connection_create_listener/connection_listener_new/g;
s/smartlist_create/smartlist_new/g;
s/transport_create/transport_new/g;
|
| | |
| |
| |
| | |
fixes 4837
|
| |\| |
|
| | |\ |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | | |
It's a pain to convert 0x0090813f to and from 0.9.8s-release on the
fly, so these macros should help.
|
| |\| | |
|
| | | | |
|
| |\| | |
|
| | | |
| | |
| | |
| | | |
he disagrees about what the code that we decided not to use would do
|
| | | |
| | |
| | |
| | | |
ssl_state_to_string() function.
|
| |\| | |
|
| | |\| |
|
| | | | |
|
| | | |
| | |
| | |
| | | |
This is to address bug 4822, and CVE-2011-4576.
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | | |
This re-applies 40a87c4c08be0cdd87a3df283f285b3c2a0c8445 which got
accidentally reverted in 75134c6c86e54c10fd9e11c4345aadcdabc0f8fb.
Thanks asn for spotting this.
|
| | | |
| | |
| | |
| | | |
This reverts commit 69a821ea1c9357acdd5aa1c9e23fd030b01cb5a9.
|
| | | |
| | |
| | |
| | | |
This reverts commit 4fd79f9def28996552b5739792f428c2514de1f6.
|
| | | |
| | |
| | |
| | | |
This reverts commit ecd239e3b577705e0669d47293a2e755cf93cec0.
|
| | | |
| | |
| | |
| | | |
This reverts commit 340809dd224b244675496e301d3ba154a6fe68d0.
|
| | | |
| | |
| | |
| | | |
This reverts commit e2b3527106e0747f652e2f28fa087d9874e0e2ce.
|
| | | |
| | |
| | |
| | | |
This reverts commit e097bffaed72af6b19f7293722021196bb94de1e.
|
| | | |
| | |
| | |
| | | |
This reverts commit 406ae1ba5ad529a4d0e710229dab6ed645d42b50.
|
| | | |
| | |
| | |
| | | |
This reverts commit 7920ea55b8d994268d2b07f27316b0f34d8f27e5.
|
| | | |
| | |
| | |
| | | |
This reverts commit e8dde3aabd3e1292d381eb4269c6457548dca6b9.
|
| | | |
| | |
| | |
| | | |
This reverts commit 617617e21a2d30a86cea9c8f7043333078f2e8f8.
|
| | | |
| | |
| | |
| | | |
This reverts commit 40a87c4c08be0cdd87a3df283f285b3c2a0c8445.
|
| | | |
| | |
| | |
| | | |
This reverts commit aba25a6939a5907d40dbcff7433a8c130ffd12ad.
|
| | | |
| | |
| | |
| | | |
This reverts commit e27a26d568a257cf350814a9abfa47d3b41ad9f3.
|
| |\ \ \ |
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
This way, we can't miss a renegotiation attempt in a v2 handshake,
or miss excess renegotiation attempts. Partial fix for bug 4587.
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
This avoids a dangling pointer issue in the 3412 code, and should
fix bug 4599.
|
| | | | | |
|
| |\ \ \ \
| |/ / /
|/| | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
Instead of using time(NULL) in our certificate serial numbers, use
eight random bytes as suggested in proposal 179.
|
| |/ / /
| | |
| | |
| | | |
Partial fix for bug 4587; reported by "frosty_un".
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | | |
This version avoids the timeout system entirely, gives a nicer
interface, and lets us manage allocation explicitly.
|
| |\ \ \ |
|
| | | | |
| | | |
| | | |
| | | | |
Also use this new approach in the bufferevents-enabled case.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
- Rename tor_tls_got_server_hello() to tor_tls_got_client_hello().
- Replaced some aggressive asserts with LD_BUG logging.
They were the innocent "I believe I understand how these callbacks
work, and this assert proves it" type of callbacks, and not the "If
this statement is not true, computer is exploding." type of
callbacks.
- Added a changes file.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
SSL_read(), SSL_write() and SSL_do_handshake() can always progress the
SSL protocol instead of their normal operation, this means that we
must be checking for needless renegotiations after they return.
Introduce tor_tls_got_excess_renegotiations() which makes the
tls->server_handshake_count > 2
check for us, and use it in tor_tls_read() and tor_tls_write().
Cases that should not be handled:
* SSL_do_handshake() is only called by tor_tls_renegotiate() which is a
client-only function.
* The SSL_read() in tor_tls_shutdown() does not need to be handled,
since SSL_shutdown() will be called if SSL_read() returns an error.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Since we check for naughty renegotiations using
tor_tls_t.server_handshake_count we don't need that semi-broken
function (at least till there is a way to disable rfc5746
renegotiations too).
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Switch 'server_handshake_count' from a uint8_t to 2 unsigned int bits.
Since we won't ever be doing more than 3 handshakes, we don't need the
extra space.
Toggle tor_tls_t.got_renegotiate based on the server_handshake_count.
Also assert that when we've done two handshakes as a server (the initial
SSL handshake, and the renegotiation handshake) we've just
renegotiated.
Finally, in tor_tls_read() return an error if we see more than 2
handshakes.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The renegotiation callback was called only when the first Application
Data arrived, instead of when the renegotiation took place.
This happened because SSL_read() returns -1 and sets the error to
SSL_ERROR_WANT_READ when a renegotiation happens instead of reading
data [0].
I also added a commented out aggressive assert that I won't enable yet
because I don't feel I understand SSL_ERROR_WANT_READ enough.
[0]: Look at documentation of SSL_read(), SSL_get_error() and
SSL_CTX_set_mode() (SSL_MODE_AUTO_RETRY section).
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Introduce tor_tls_state_changed_callback(), which handles every SSL
state change.
The new function tor_tls_got_server_hello() is called every time we
send a ServerHello during a v2 handshake, and plays the role of the
previous tor_tls_server_info_callback() function.
|