| Commit message (Expand) | Author | Age |
|---|
| ... | |
| * | | Merge commit 'sebastian/fixes' | Nick Mathewson | 2009-12-12 |
| |\ \ |
|
| | * | | Fix typo in a comment | Sebastian Hahn | 2009-12-12 |
| * | | | Merge commit 'sebastian/coverity' | Nick Mathewson | 2009-12-12 |
| |\ \ \ |
|
| | * | | | crypto_cipher_set_key cannot fail•••In 5e4d53d535a3cc9903250b3df0caa829f1c5e4bf we made it so that
crypto_cipher_set_key cannot fail. The call will now
always succeed, to returning a boolean for success/failure makes
no sense.
| Sebastian Hahn | 2009-10-27 |
| * | | | | Now that FOO_free(NULL) always works, remove checks before calling it. | Nick Mathewson | 2009-12-12 |
| * | | | | *_free functions now accept NULL•••Some *_free functions threw asserts when passed NULL. Now all of them
accept NULL as input and perform no action when called that way.
This gains us consistence for our free functions, and allows some
code simplifications where an explicit null check is no longer necessary.
| Sebastian Hahn | 2009-12-12 |
| | |/ /
|/| | |
|
| * | | | Merge commit 'origin/maint-0.2.1' | Nick Mathewson | 2009-12-04 |
| |\ \ \
| | |/
| |/| |
|
| | * | | Improved workaround for disabled OpenSSL renegotiation.•••It turns out that OpenSSL 0.9.8m is likely to take a completely
different approach for reenabling renegotiation than OpenSSL 0.9.8l
did, so we need to work with both. :p Fixes bug 1158.
(patch by coderman; commit message by nickm)
| Martin Peck | 2009-12-04 |
| * | | | add a minimum for CircuitStreamTimeout, plus a man page•••plus some other unrelated touchups that have been sitting in my
sandbox
| Roger Dingledine | 2009-11-22 |
| * | | | Use the same mlockall checks with tor_set_max_memlock | Nick Mathewson | 2009-11-20 |
| * | | | Fix compilation on OSX 10.3.•••On this OSX version, there is a stub mlockall() function
that doesn't work, *and* the declaration for it is hidden by
an '#ifdef _P1003_1B_VISIBLE'. This would make autoconf
successfully find the function, but our code fail to build
when no declaration was found.
This patch adds an additional test for the declaration.
| Nick Mathewson | 2009-11-20 |
| * | | | Fix compilation with with bionic libc.•••This fixes bug 1147:
bionic doesn't have an actual implementation of mlockall();
mlockall() is merely in the headers but not actually in the library.
This prevents Tor compilation with the bionic libc for Android handsets.
| Jacob Appelbaum | 2009-11-14 |
| * | | | Merge commit 'origin/maint-0.2.1'•••Conflicts:
src/common/tortls.c
| Nick Mathewson | 2009-11-06 |
| |\| | |
|
| | * | | Make Tor work with OpenSSL 0.9.8l•••To fix a major security problem related to incorrect use of
SSL/TLS renegotiation, OpenSSL has turned off renegotiation by
default. We are not affected by this security problem, however,
since we do renegotiation right. (Specifically, we never treat a
renegotiated credential as authenticating previous communication.)
Nevertheless, OpenSSL's new behavior requires us to explicitly
turn renegotiation back on in order to get our protocol working
again.
Amusingly, this is not so simple as "set the flag when you create
the SSL object" , since calling connect or accept seems to clear
the flags.
For belt-and-suspenders purposes, we clear the flag once the Tor
handshake is done. There's no way to exploit a second handshake
either, but we might as well not allow it.
| Nick Mathewson | 2009-11-05 |
| | * | | Code to parse and access network parameters.•••Partial backport of 381766ce4b1145460.
Partial backport of 56c6d78520a98fb64.
| Nick Mathewson | 2009-10-14 |
| * | | | Implement DisableAllSwap to avoid putting secret info in page files.•••This commit implements a new config option: 'DisableAllSwap'
This option probably only works properly when Tor is started as root.
We added two new functions: tor_mlockall() and tor_set_max_memlock().
tor_mlockall() attempts to mlock() all current and all future memory pages.
For tor_mlockall() to work properly we set the process rlimits for memory to
RLIM_INFINITY (and beyond) inside of tor_set_max_memlock().
We behave differently from mlockall() by only allowing tor_mlockall() to be
called one single time. All other calls will result in a return code of 1.
It is not possible to change DisableAllSwap while running.
A sample configuration item was added to the torrc.complete.in config file.
A new item in the man page for DisableAllSwap was added.
Thanks to Moxie Marlinspike and Chris Palmer for their feedback on this patch.
Please note that we make no guarantees about the quality of your OS and its
mlock/mlockall implementation. It is possible that this will do nothing at all.
It is also possible that you can ulimit the mlock properties of a given user
such that root is not required. This has not been extensively tested and is
unsupported. I have included some comments for possible ways we can handle
this on win32.
| Jacob Appelbaum | 2009-10-27 |
| | |/
|/| |
|
| * | | Remove checks for array existence. (CID 410..415)•••In C, the code "char x[10]; if (x) {...}" always takes the true branch of
the if statement. Coverity notices this now.
In some cases, we were testing arrays to make sure that an operation
we wanted to do would suceed. Those cases are now always-true.
In some cases, we were testing arrays to see if something was _set_.
Those caes are now tests for strlen(s), or tests for
!tor_mem_is_zero(d,len).
| Nick Mathewson | 2009-10-26 |
| * | | Reduce log level for someone else sending us weak DH keys.•••See task 1114. The most plausible explanation for someone sending us weak
DH keys is that they experiment with their Tor code or implement a new Tor
client. Usually, we don't care about such events, especially not on warn
level. If we really care about someone not following the Tor protocol, we
can set ProtocolWarnings to 1.
| Karsten Loesing | 2009-10-25 |
| * | | Fix two bugs found by Coverity scan.•••One was a simple buffer overrun; the other was a high-speed pointer
collision. Both were introduced by my microdescs branch.
| Nick Mathewson | 2009-10-19 |
| * | | Merge branch 'microdesc' | Nick Mathewson | 2009-10-19 |
| |\ \ |
|
| | * | | Document the microdescriptor code better. | Nick Mathewson | 2009-10-18 |
| | * | | Make start_writing_to_stdio_file() respect O_BINARY. | Nick Mathewson | 2009-10-15 |
| | * | | Parse detached signature documents with multiple flavors and algorithms. | Nick Mathewson | 2009-10-15 |
| | * | | Refactor consensus signature storage for multiple digests and flavors.•••This patch introduces a new type called document_signature_t to represent the
signature of a consensus document. Now, each consensus document can have up
to one document signature per voter per digest algorithm. Also, each
detached-signatures document can have up to one signature per <voter,
algorithm, flavor>.
| Nick Mathewson | 2009-10-15 |
| | * | | Code to generate, store, and parse microdescriptors and consensuses.•••The consensus documents are not signed properly, not served, and not
exchanged yet.
| Nick Mathewson | 2009-10-15 |
| | * | | Add a function to get the most frequent member of a list. | Nick Mathewson | 2009-10-15 |
| | * | | Support for encoding and decoding 256-bit digests in base64 | Nick Mathewson | 2009-10-15 |
| * | | | Document some formerly undocumented functions. | Nick Mathewson | 2009-10-19 |
| |/ / |
|
| * | | Alter keygen function to generate keys of different lengths. | Nick Mathewson | 2009-09-29 |
| * | | Disable OpenSSL engines when building for Android.•••Apparently the Android developers dumped OpenSSL's support for hardware
acceleration in order to save some memory, so you can't build programs using
engines on Android.
[Patch revised by nickm]
| Nathan Freitas | 2009-09-29 |
| * | | Include util.h and log.h as relative paths.•••This shouldn't be necessary, but apparently the Android cross-compiler
doesn't respect -I as well as it should. (-I is supposed to add to the
*front* of the search path. Android's gcc wrapper apparently likes to add to
the end. This is broken, but we need to work around it.)
| Nathan Freitas | 2009-09-29 |
| * | | Describe how to regenerate the TLS state name table. | Nick Mathewson | 2009-09-25 |
| * | | Fix compilation on OpenSSLs with unusual state lists.•••"Unusual" in this context means "not the same as nickm's." We should grow a
better list later.
(Also, move TLS state table to a separate header.)
| Nick Mathewson | 2009-09-24 |
| * | | Debugging logs for TLS handshake•••The big change is to add a function to display the current SSL handshake
state, and to log it everywhere reasonable. (A failure in
SSL23_ST_CR_SRVR_HELLO_A is different from one in
SSL3_ST_CR_SESSION_TICKET_A.)
This patch also adds a new log domain for OR handshaking, so you can pull out
all the handshake log messages without having to run at debug for everything.
For example, you'd just say "log notice-err [handshake]debug-err file
tor.log".
| Nick Mathewson | 2009-09-24 |
| * | | Refactor unit tests to use the tinytest framework.•••"Tinytest" is a minimalist C unit testing framework I wrote for
Libevent. It supports some generally useful features, like being able
to run separate unit tests in their own processes.
I tried to do the refactoring to change test.c as little as possible.
Thus, we mostly don't call the tinytest macros directly. Instead, the
test.h header is now a wrapper on tinytest.h to make our existing
test_foo() macros work.
The next step(s) here will be:
- To break test.c into separate files, each with its own test group.
- To look into which things we can test
- To refactor the more fiddly tests to use the tinytest macros
directly and/or run forked.
- To see about writing unit tests for things we couldn't previously
test without forking.
| Nick Mathewson | 2009-09-23 |
| * | | Fix compile on Snow Leopard | Sebastian Hahn | 2009-09-20 |
| * | | Add a couple of time helper functions.•••Also add rounding support to tv_mdiff().
| Mike Perry | 2009-09-20 |
| * | | Merge commit 'origin/maint-0.2.1' | Nick Mathewson | 2009-09-17 |
| |\| |
|
| | * | Work around a memory leak in openssl 0.9.8g (and maybe others) | Nick Mathewson | 2009-09-17 |
| * | | some cleanups:•••documentation fix for get_uint64
remove extra "." from a log line
fix a long line
| Sebastian Hahn | 2009-09-15 |
| * | | Implement proposal 167: Authorities vote on network parameters.•••This code adds a new field to vote on: "params". It consists of a list of
sorted key=int pairs. The output is computed as the median of all the
integers for any key on which anybody voted.
Improved with input from Roger.
| Nick Mathewson | 2009-09-14 |
| * | | Add a median_int32 and find_nth_int32 | Nick Mathewson | 2009-09-14 |
| * | | Fix compile warnings on Snow Leopard•••Big thanks to nickm and arma for helping me with this!
| Sebastian Hahn | 2009-09-01 |
| * | | Merge commit 'origin/maint-0.2.1' | Nick Mathewson | 2009-09-01 |
| |\| |
|
| | * | Use an _actual_ fix for the byte-reverse warning.•••(Given that we're pretty much assuming that int is 32 bits, and given that
hex values are always unsigned, taking out the "ul" from 0xff000000 should
be fine.)
| Nick Mathewson | 2009-09-01 |
| | * | Use a simpler fix for the byte-reversing warning | Nick Mathewson | 2009-09-01 |
| | * | Fix compile warnings on Snow Leopard•••Big thanks to nickm and arma for helping me with this!
| Sebastian Hahn | 2009-09-01 |
| * | | typo | Sebastian Hahn | 2009-09-01 |
| * | | Revise parsing of time and memory units to handle spaces.•••When we added support for fractional units (like 1.5 MB) I broke
support for giving units with no space (like 2MB). This patch should
fix that. It also adds a propoer tor_parse_double().
Fix for bug 1076. Bugfix on 0.2.2.1-alpha.
| Nick Mathewson | 2009-08-31 |
| * | | Merge branch 'maint-0.2.1' | Roger Dingledine | 2009-08-27 |
| |\| |
|