| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
| |
svn:r12786
|
| |
|
|
|
|
|
| |
Add support to get a callback invoked when the client renegotiate a connection. Also, make clients renegotiate. (not enabled yet, until they detect that the server acted like a v2 server)
svn:r12623
|
| |
|
|
|
|
|
| |
Start getting freaky with openssl callbacks in tortls.c: detect client ciphers, and if the list doesn't look like the list current Tors use, present only a single cert do not ask for a client cert. Also, support for client-side renegotiation. None of this is enabled unless you define V2_HANDSHAKE_SERVER.
svn:r12622
|
| |
|
|
|
|
|
| |
When we complete an OR handshake, set up all the internal fields and mark the connection as open.
svn:r12495
|
| |
|
|
|
|
|
| |
Improve "tls error. breaking" message a little.
svn:r12411
|
| |
|
|
|
|
|
| |
Parse CERT cells and act correctly when we get them.
svn:r12396
|
| |
|
|
|
|
|
| |
Send and parse link_auth cells properly.
svn:r12386
|
| |
|
|
|
|
|
| |
Add functions to encode certificates
svn:r12384
|
| |
|
|
|
|
|
| |
Remember X509 certificates in the context. Store peer/self certificate digests in handshake state.
svn:r12382
|
| |
|
|
|
|
|
| |
Code to remember client_random and server_random values, and to compute hmac using TLS master secret.
svn:r12381
|
| |
|
|
|
|
|
| |
Implement (but do not enable) link connection version negotiation
svn:r12286
|
| |
|
|
|
|
|
| |
Include fewer redundant headers; use the compiler search paths better.
svn:r11060
|
| |
|
|
|
|
|
| |
Update copyright dates.
svn:r9570
|
| |
|
|
|
|
|
| |
Removing the last DOCDOC comment hurt so much that I had to use Doxygen to identify undocumented macros and comments, and add 150 more DOCDOCs to point out where they were. Oops. Hey, kids! Fixing some of these could be your first Tor patch!
svn:r9477
|
| |
|
|
|
|
|
| |
Audit non-const char arguments; make a lot more of them const.
svn:r9466
|
| |
|
|
|
|
|
| |
Tidy up ORCONN reason patch from Mike Perry. Changes: make some of the handling of TLS error codes less error prone. Enforce house style wrt spaces. Make it compile with --enable-gcc-warnings. Only set or_conn->tls_error in the case of an actual error. Add a changelog entry.
svn:r9355
|
| |
|
|
|
|
|
| |
Patch from Mike Perry: Track reasons for OR connection failure; display them in control events. Needs review and revision.
svn:r9354
|
| |
|
|
|
|
|
| |
Count TLS bytes accurately: previously, we counted only the number of bytes read or transmitted via tls, not the number of extra bytes used to do so. This has been a lonstanding wart. The fix "Works for me".
svn:r9207
|
| |
|
|
|
|
|
| |
Try to fix an assert failure in new write limiting code: make buffers.c aware of previous "forced" write sizes from tortls.
svn:r9105
|
| |
|
|
|
|
|
| |
a client-only tls, that is, one with no certs.
svn:r6558
|
| |
|
|
|
|
|
|
|
|
| |
is, even tor clients do the same sort of handshake.
this has been true for years, so it's best to get rid of the
stale code.
svn:r6557
|
| |
|
|
|
|
|
| |
shout about it unless we want to hear about protocol violations.
svn:r6507
|
| |
|
|
| |
svn:r5949
|
| |
|
|
|
|
| |
domain. Domains are now bitmasks... just in case. Make some err msgs non-general.
svn:r5309
|
| |
|
|
| |
svn:r5253
|
| |
|
|
| |
svn:r5208
|
| |
|
|
| |
svn:r4382
|
| |
|
|
| |
svn:r4378
|
| |
|
|
|
|
| |
TLS errors when handling certs. Fix2: stop assert(0)ing on uncaught TLS errors.)
svn:r4085
|
| |
|
|
| |
svn:r3982
|
| |
|
|
|
|
|
| |
was an initiator or a receiver
svn:r3931
|
| |
|
|
| |
svn:r3615
|
| |
|
|
|
|
|
| |
of the warning messages.
svn:r3199
|
| |
|
|
|
|
| |
every file.
svn:r3019
|
| |
|
|
| |
svn:r2989
|
| |
|
|
| |
svn:r2873
|
| |
|
|
| |
svn:r2483
|
| |
|
|
| |
svn:r2096
|
| |
|
|
|
|
| |
behavior
svn:r2073
|
| |
|
|
| |
svn:r1840
|
| |
|
|
| |
svn:r1756
|
| |
|
|
| |
svn:r1724
|
| |
|
|
| |
svn:r1723
|
| |
|
|
| |
svn:r1683
|
| |
|
|
| |
svn:r1502
|
| |
|
|
|
|
| |
use; add 2 functions to help resolve.
svn:r986
|
| |
|
|
| |
svn:r627
|
| |
|
|
| |
svn:r504
|
| |
|
|
| |
svn:r501
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
'buf_t' is now an opaque type defined in buffers.c .
Router descriptors now include all keys; routers generate keys as
needed on startup (in a newly defined "data directory"), and generate
their own descriptors. Descriptors are now self-signed.
Implementation is not complete: descriptors are never published; and
upon receiving a descriptor, the directory doesn't do anything with
it.
At least "routers.or" and orkeygen are now obsolete, BTW.
svn:r483
|