| Commit message (Collapse) | Author | Age |
|---|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Most of these are simple. The only nontrivial part is that our
pattern for using ENUM_BF was confusing doxygen by making declarations
that didn't look like declarations.
|
| | |
|
| | |
|
| |\ |
|
| | |
| |
| |
| | |
late; fixes bug 9602
|
| |\| |
|
| | | |
|
| |\| |
|
| | |
| |
| |
| |
| |
| | |
This avoids skew warnings as authorities test reachability.
Fix 9798; fix not on any released Tor.
|
| |\| |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
this was causing directory authorities to send a time of 0 on all
connections they generated themselves, which means everybody reachability
test caused a time skew warning in the log for that relay.
(i didn't just revert, because the changes file has been modified by
other later commits.)
|
| |\| |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This isn't actually much of an issue, since only relays send
AUTHENTICATE cells, but while we're removing timestamps, we might as
well do this too.
Part of proposal 222. I didn't take the approach in the proposal of
using a time-based HMAC, since that was a bad-prng-mitigation hack
from SSL3, and in real life, if you don't have a good RNG, you're
hopeless as a Tor server.
|
| | |
| |
| |
| | |
Implements part of proposal 222.
|
| |\| |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
The spec requires them to do so, and not doing so creates a situation
where they can't send-test because relays won't extend to them because
of the other part of bug 9546.
Fixes bug 9546; bugfix on 0.2.3.6-alpha.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Relays previously, when initiating a connection, would only send a
NETINFO after sending an AUTHENTICATE. But bridges, when receiving a
connection, would never send AUTH_CHALLENGE. So relays wouldn't
AUTHENTICATE, and wouldn't NETINFO, and then bridges would be
surprised to be receiving CREATE cells on a non-open circuit.
Fixes bug 9546.
|
| | |
| |
| |
| | |
(These have proved invaluable for other global accessors.)
|
| | |
| |
| |
| |
| |
| | |
Change the global circ_times to a static variable and use
accessor functions throughout the code, instead of
accessing it directly.
|
| | |
| |
| |
| |
| | |
(Okay, white-box plus mocking enough other functions so they don't
crash.)
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| | |
Move the code from the connection_or module to ext_orport.
This commit only moves code: it shouldn't modify anything.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| | |
* Add documentation.
* Free ext_or_auth_correct_client_hash.
* Use VPORT(ExtORPort) instead of V(ExtORPOrt).
See dfe03d36c8749eb07e9bb2ea47e88ff05e9e3127 for details.
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| |/
|
|
| |
Does not implement TransportControlPort yet.
|
| |
|
|
|
|
|
|
|
| |
Now that circid_t is 4 bytes long, the default integer promotions will
leave it alone when sizeof(int) == 4, which will leave us formatting an
unsigned as an int. That's technically undefined behavior.
Fixes bug 8447 on bfffc1f0fc7616a25c32da2eb759dade4651659e. Bug not
in any released Tor.
|
| |\
| |
| |
| |
| |
| |
| | |
Conflicts:
src/or/channel.h
src/or/connection_or.c
src/or/cpuworker.c
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| | |
There is probably no code that can write the 2 bytes at the end of the
packed_cell_t when the cell is only a 512-byte cell, but let's not get
overconfident there.
|
| | |
| |
| |
| |
| |
| | |
Implements proposal 214.
Needs testing.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is meant to avoid conflict with the built-in log() function in
math.h. It resolves ticket 7599. First reported by dhill.
This was generated with the following perl script:
#!/usr/bin/perl -w -i -p
s/\blog\(LOG_(ERR|WARN|NOTICE|INFO|DEBUG)\s*,\s*/log_\L$1\(/g;
s/\blog\(/tor_log\(/g;
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This implements the server-side of proposal 198 by detecting when
clients lack the magic list of ciphersuites that indicates that
they're lying faking some ciphers they don't really have. When
clients lack this list, we can choose any cipher that we'd actually
like. The newly allowed ciphersuites are, currently, "All ECDHE-RSA
ciphers that openssl supports, except for ECDHE-RSA-RC4".
The code to detect the cipher list relies on on (ab)use of
SSL_set_session_secret_cb.
|
| | | |
|
| |\ \
| | |
| | |
| | |
| | | |
Conflicts:
src/or/dns.c
|
| | |/
| |
| |
| |
| |
| | |
We need this since win64 has a 64-bit SOCKET type.
Based on a patch from yayooo for 7260, forward-ported to 0.2.4.
|
| |\ \
| | |
| | |
| | | |
ssh://git-rw.torproject.org/user/andrea/tor
|
| | |/
| |
| |
| | |
connection_mark_and_flush, and pass the call through channel_close_for_error with a warning to avoid asserts
|
| |\ \
| |/
|/|
| |
| |
| | |
Conflicts:
src/common/crypto.c
src/or/rendservice.c
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Apparently some compilers like to eliminate memset() operations on
data that's about to go out-of-scope. I've gone with the safest
possible replacement, which might be a bit slow. I don't think this
is critical path in any way that will affect performance, but if it
is, we can work on that in 0.2.4.
Fixes bug 7352.
|
| | |
| |
| |
| |
| |
| | |
Failure to do so left us open to a remotely triggerable assertion
failure. Fixes CVE-2012-2249; bugfix on 0.2.3.6-alpha. Reported by
"some guy from France".
|