| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
| |
This will let the unit tests fail in a less mystifying way if the
crypto subsystem is b0rken, and will also make Coverity happier.
CID # 429.
|
| |\ |
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
This lets us make a lot of other stuff const, allows the compiler to
generate (slightly) better code, and will make me get slightly fewer
patches from folks who stick mutable stuff into or_options_t.
const: because not every input is an output!
|
| |\| |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| |\| |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When we added the check for key size, we required that the keys be
128 bytes. But RSA_size (which defers to BN_num_bytes) will return
128 for keys of length 1017..1024. This patch adds a new
crypto_pk_num_bits() that returns the actual number of significant
bits in the modulus, and uses that to enforce key sizes.
Also, credit the original bug3318 in the changes file.
|
| |\| |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Most instances were dead code; for those, I removed the assignments.
Some were pieces of info we don't currently plan to use, but which
we might in the future. For those, I added an explicit cast-to-void
to indicate that we know that the thing's unused. Finally, one was
a case where we were testing the wrong variable in a unit test.
That one I fixed.
This resolves bug 3208.
|
| |\| |
|
| | | |
|
| | | |
|
| |\|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Conflicts in various places, mainly node-related. Resolved them in
favor of HEAD, with copying of tor_mem* operations from bug3122_memcmp_022.
src/common/Makefile.am
src/or/circuitlist.c
src/or/connection_edge.c
src/or/directory.c
src/or/microdesc.c
src/or/networkstatus.c
src/or/router.c
src/or/routerlist.c
src/test/test_util.c
|
| | | |
|
| | |
| |
| |
| |
| |
| | |
When configure tor with --enable-bufferevents and
--enable-static-libevent, libevent_openssl would still be linked
dynamically. Fix this and refactor src/or/Makefile.am along the way.
|
| | |
| |
| |
| |
| |
| | |
Using read() is an invitation to get some of the data you want, not all.
Possible fix for bug 2462
|
| |\|
| |
| |
| |
| | |
Conflicts:
src/or/microdesc.c
|
| |\| |
|
| | | |
|
| |\| |
|
| | | |
|
| |\|
| |
| |
| |
| | |
Conflicts:
src/common/crypto.c
|
| | | |
|
| |\| |
|
| | |
| |
| |
| |
| |
| | |
Our regular DH parameters that we use for circuit and rendezvous
crypto are unchanged. This is yet another small step on the path of
protocol fingerprinting resistance.
|
| |\| |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We need to make sure that the worst thing that a weird consensus param
can do to us is to break our Tor (and only if the other Tors are
reliably broken in the same way) so that the majority of directory
authorities can't pull any attacks that are worse than the DoS that
they can trigger by simply shutting down.
One of these worse things was the cbtnummodes parameter, which could
lead to heap corruption on some systems if the value was sufficiently
large.
This commit fixes this particular issue and also introduces sanity
checking for all consensus parameters.
|
| |\| |
|
| | |
| |
| |
| |
| |
| | |
Conflicts:
src/or/routerparse.c
src/or/test.c
|
| |\| |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
src/or/config.c
src/or/networkstatus.c
src/or/rendcommon.c
src/or/routerparse.c
src/or/test.c
|
| |\| |
|
| | |\ |
|
| | | | |
|
| | | | |
|
| |\| | |
|
| | | | |
|
| | |/
| |
| |
| |
| |
| | |
Conflicts:
src/common/test.h
src/or/test.c
|
| | |
| |
| |
| |
| | |
There's no need to have a separate line conn-stats-end for the end date
and interval length with only a single line conn-bi-direct following.
|
| | | |
|
| |\| |
|
| | | |
|
| |\|
| |
| |
| |
| | |
Conflicts:
src/or/router.c
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Having very long single lines with lots and lots of things in them
tends to make files hard to diff and hard to merge. Since our tools
are one-line-at-a-time, we should try to construct lists that way too,
within reason.
This incidentally turned up a few headers in configure.in that we were
for some reason searching for twice.
|