aboutsummaryrefslogtreecommitdiff
path: root/src/common
Commit message (Expand)AuthorAge
* r16573@catbus: nickm | 2007-11-08 11:57:16 -0500••• Mess with the formula for the Guard flag again. Now it requires that you be in the most familiar 7/8 of nodes, and have above median wfu for that 7/8th. See spec for details. Also, log thresholds better. svn:r12440 Nick Mathewson2007-11-08
* r16523@catbus: nickm | 2007-11-07 11:35:49 -0500••• Improve "tls error. breaking" message a little. svn:r12411 Nick Mathewson2007-11-07
* a note from steven about how to set up a private test network•••without link encryption. svn:r12410 Roger Dingledine2007-11-07
* r16455@catbus: nickm | 2007-11-06 12:48:00 -0500••• Parse CERT cells and act correctly when we get them. svn:r12396 Nick Mathewson2007-11-06
* r16450@catbus: nickm | 2007-11-06 09:18:11 -0500••• Fix compile on sparc64 svn:r12394 Nick Mathewson2007-11-06
* r16432@catbus: nickm | 2007-11-05 14:18:57 -0500••• Send and parse link_auth cells properly. svn:r12386 Nick Mathewson2007-11-05
* r16413@catbus: nickm | 2007-11-05 13:14:18 -0500••• Add functions to encode certificates svn:r12384 Nick Mathewson2007-11-05
* r16412@catbus: nickm | 2007-11-05 11:45:17 -0500••• Make TLS contexts reference-counted, and add a reference from TLS objects to their corresponding context. This lets us reliably get the certificates for a given TLS connection, even if we have rotated TLS contexts. svn:r12383 Nick Mathewson2007-11-05
* r16411@catbus: nickm | 2007-11-05 11:27:37 -0500••• Remember X509 certificates in the context. Store peer/self certificate digests in handshake state. svn:r12382 Nick Mathewson2007-11-05
* r16410@catbus: nickm | 2007-11-05 10:54:29 -0500••• Code to remember client_random and server_random values, and to compute hmac using TLS master secret. svn:r12381 Nick Mathewson2007-11-05
* r14677@tombo: nickm | 2007-11-03 15:16:27 -0400••• Add a smartlist_bsearch_idx function that gives more useful output than regular bsearch for the value-not-found case. svn:r12360 Nick Mathewson2007-11-03
* r16367@catbus: nickm | 2007-11-02 13:13:15 -0400••• Space fixes. svn:r12345 Nick Mathewson2007-11-02
* r14652@tombo: nickm | 2007-11-02 12:02:13 -0400••• If setting our rlimit to rlim_max or cap fails, fall back to OPEN_FILES if defiled. This makes Tor run on OSX 10.5, while allowing OSX to mend its ways in the future. svn:r12341 Nick Mathewson2007-11-02
* r14647@tombo: nickm | 2007-11-02 10:48:37 -0400••• Use rlim_t instead of unsigned long to manipulate rlimit values. svn:r12339 Nick Mathewson2007-11-02
* r16317@catbus: nickm | 2007-10-31 23:52:52 -0400••• Use HMAC() function from openssl. Oops. svn:r12304 Nick Mathewson2007-11-01
* r16302@catbus: nickm | 2007-10-31 16:45:16 -0400••• Clean spaces. svn:r12301 Nick Mathewson2007-10-31
* r16287@catbus: nickm | 2007-10-31 00:53:53 -0400••• HMAC-SHA-1 implementation, with unit tests based on vectors from RVFC2202. Steven's stuff will need this. svn:r12289 Nick Mathewson2007-10-31
* r16285@catbus: nickm | 2007-10-30 17:43:25 -0400••• Implement (but do not enable) link connection version negotiation svn:r12286 Nick Mathewson2007-10-30
* r16279@catbus: nickm | 2007-10-30 11:14:29 -0400••• Improved skew reporting: "You are 365 days in the duture" is more useful than "You are 525600 minutes in the future". Also, when we get something that proves we are at least an hour in the past, tell the controller "CLOCK_SKEW MIN_SKEW=-3600" rather than just "CLOCK_SKEW" svn:r12283 Nick Mathewson2007-10-30
* r16159@catbus: nickm | 2007-10-25 12:53:38 -0400••• Drop support for OpenSSL 0.9.6. svn:r12191 Nick Mathewson2007-10-25
* r16128@catbus: nickm | 2007-10-24 22:52:16 -0400••• Fix windows mmap changes. svn:r12171 Nick Mathewson2007-10-25
* r16100@catbus: nickm | 2007-10-24 11:33:52 -0400••• Make tor_mmap_file() set and preserve errno in a useful way. svn:r12153 Nick Mathewson2007-10-24
* r16016@catbus: nickm | 2007-10-21 20:44:19 -0400••• Check a platform assumption we have made without checking for too long: "Characters are represented in ascii." svn:r12088 Nick Mathewson2007-10-22
* r15997@catbus: nickm | 2007-10-21 20:25:40 -0400••• New code (disabled for now) to use the SSL context's cert store instead of using its "extra chain cert" list to get our identity certificate sent. This is a little close to what OpenSSL expects people to do, and it has the advantage that we should be able to keep the id cert from being sent by setting the NO_CHAIN_CERT bit. I have tried turning new code on, and it seemed to work fine. svn:r12086 Nick Mathewson2007-10-22
* r15989@catbus: nickm | 2007-10-20 19:48:29 -0400••• Fix implementation of sdmap_size and rimap_size() and eimap_size(). Nobody was using them, so no backport needed. svn:r12068 Nick Mathewson2007-10-20
* r15967@catbus: nickm | 2007-10-19 14:14:47 -0400••• Change meaning of "freefn" argument to smartlist_uniq so that we can remove duplicates from a list without freeing them. svn:r12053 Nick Mathewson2007-10-19
* r15882@catbus: nickm | 2007-10-17 15:23:05 -0400••• oprofile was telling me that a fair bit of our time in openssl was spent in base64_decode, so replace base64_decode with an all-at-once fairly optimized implementation. For decoding keys and digests, it seems 3-3.5x faster than calling out to openssl. (Yes, I wrote it from scratch.) svn:r12002 Nick Mathewson2007-10-17
* r15861@catbus: nickm | 2007-10-16 13:10:22 -0400••• Fix example use of hash table iterators svn:r11991 Nick Mathewson2007-10-16
* r15790@catbus: nickm | 2007-10-15 11:38:28 -0400••• Fix bug 528: fix memory leak in base32_decode(). While there, also make base32_decode() accept upper-case inputs. svn:r11946 Nick Mathewson2007-10-15
* r15702@catbus: nickm | 2007-10-11 17:29:20 -0400••• Remove a bunch of redundant includes in crypto.c svn:r11885 Nick Mathewson2007-10-11
* bugfix on r11301:•••Fix a minor memory leak whenever we wrote out a file. Bugfix on 0.2.0.7-alpha. svn:r11863 Roger Dingledine2007-10-11
* bugfix on r11298:•••Fix a minor memory leak whenever we parse guards from our state file. Bugfix on 0.2.0.7-alpha. svn:r11862 Roger Dingledine2007-10-11
* r15530@catbus: nickm | 2007-10-04 12:16:27 -0400••• Add a bunch of function documentation; clean up a little code; fix some XXXXs; tag the nonsensical EXTRAINFO_PURPOSE_GENERAL as nonsesnse; note another bit of "do not cache special routers" code to nuke. svn:r11761 Nick Mathewson2007-10-04
* r15512@catbus: nickm | 2007-10-02 16:27:43 -0400••• Make some functions static; remove some dead code. svn:r11750 Nick Mathewson2007-10-02
* r14682@Kushana: nickm | 2007-09-28 15:23:38 -0400••• From little acorns: redo our string and digest hashing code to be faster, since this stuff may be critical-path. svn:r11700 Nick Mathewson2007-09-28
* r15231@catbus: nickm | 2007-09-20 16:04:30 -0400••• Patch from karsten: remove cbc and make unit tests handle aes-ctr-with-iv. svn:r11538 Nick Mathewson2007-09-20
* r14532@Kushana: nickm | 2007-09-20 13:25:38 -0400••• Clean up some macros in aes.c svn:r11537 Nick Mathewson2007-09-20
* r15210@catbus: nickm | 2007-09-20 13:04:05 -0400••• Re-optimize counter-mode: save about 15% on my core2 by (1) not regenerating the entire counter buffer every time we encrypt a block of keystream (2) using the platform-optimized htonl to convert to big-endian (It's a single instruction on 486 and later ) and (3) not even keeping a separate "counter" and "buffer" when the platform is big-endian. The third still needs testing. svn:r11536 Nick Mathewson2007-09-20
* poke at svn until it compiles. nick, you should decide if this•••is what you meant to do. svn:r11529 Roger Dingledine2007-09-20
* r15172@catbus: nickm | 2007-09-19 11:50:02 -0400••• New (untested) code to implement AES-with-IV. Currently, IVs are generated randomly. Once tested, should be (almost) a drop-in replacement for the CBC functions. svn:r11519 Nick Mathewson2007-09-19
* r15171@catbus: nickm | 2007-09-19 11:44:54 -0400••• Switch our AES implementation from "128 bit counter with to 64 bits set to 0" to a proper implementation of counter mode. Also, add an aes_set_iv function to initialize the counter to a nonzero value. svn:r11518 Nick Mathewson2007-09-19
* minor style tweaks•••svn:r11490 Roger Dingledine2007-09-18
* add some crypto/util functions from karsten, as the first•••step of integrating his new hidden service stuff svn:r11489 Roger Dingledine2007-09-18
* r14448@Kushana: nickm | 2007-09-17 14:26:56 -0400••• Unify all of the divergent median/nth-percentile code in container.[ch] svn:r11457 Nick Mathewson2007-09-17
* r14363@Kushana: nickm | 2007-09-08 16:25:45 -0400••• Another round of whitespeace fixes. svn:r11407 Nick Mathewson2007-09-08
* r14359@Kushana: nickm | 2007-09-08 15:07:17 -0400••• Add some generic skew-and-tolerance functions so we can handle time more sanely. svn:r11406 Nick Mathewson2007-09-08
* r14869@catbus: nickm | 2007-08-31 08:49:26 -0400••• Fix a segfault in expand_filename("~"). Found by lindi. svn:r11332 Nick Mathewson2007-08-31
* r14832@catbus: nickm | 2007-08-29 15:00:27 -0400••• Use (and debug) new file-writing functions in order to simplify code that formerly built big strings in RAM. svn:r11301 Nick Mathewson2007-08-29
* r14831@catbus: nickm | 2007-08-29 14:17:42 -0400••• Refactor write_chunks_to_file_impl: break out the "pick a temporary name if it makes sense, and open the right filename" logic and the "close the file and unlink or rename if necessary" logic. This will let us write big files in a smarter way than "Build a big string" or "make a list of chunks", once we get around to using it. svn:r11300 Nick Mathewson2007-08-29
* r14227@Kushana: nickm | 2007-08-27 11:33:28 -0400••• Add a new ClientDNSRejectInternalAddresses option (default: on) to refuse to believe that any address can map to or from an internal address. This blocks some kinds of potential browser-based attacks, especially on hosts using DNSPort. Also clarify behavior in some comments. Backport candiate? svn:r11287 Nick Mathewson2007-08-27
generated by cgit v1.2.3 (git 2.48.1) at 2025-03-28 21:33:34 +0000