summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
...
| * | | | | | | | | | | Tone down the logging.George Kadianakis2011-11-24
| | | | | | | | | | | |
| * | | | | | | | | | | Implement dynamic prime reading and storing to disk.George Kadianakis2011-11-24
| | | | | | | | | | | |
| * | | | | | | | | | | Make DynamicPrimes SIGHUP-able.George Kadianakis2011-11-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Instead of passing the DynamicPrimes configuration option to crypto_global_init(), generate and set a new TLS DH prime when we read the torrc.
| * | | | | | | | | | | Document DynamicPrimes in the manual page.George Kadianakis2011-11-24
| | | | | | | | | | | |
| * | | | | | | | | | | Improve code in the dynamic primes realm.George Kadianakis2011-11-24
| | | | | | | | | | | |
| * | | | | | | | | | | Improve logging.George Kadianakis2011-11-24
| | | | | | | | | | | |
| * | | | | | | | | | | Make it compile.George Kadianakis2011-11-24
| | | | | | | | | | | |
| * | | | | | | | | | | Rename "Rakshasa" to "Dynamic Prime".George Kadianakis2011-11-24
| | | | | | | | | | | |
| * | | | | | | | | | | Introduce the DynamicPrimes configuration option.George Kadianakis2011-11-24
| | | | | | | | | | | |
| * | | | | | | | | | | Copy/Paste Jake's stuff.George Kadianakis2011-11-24
| | |_|_|_|/ / / / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit copies parts of Jake's f3bb6846975193d9a6649c31f94bda47e4014070 commit verbatim to the current master.
* | | | | | | | | | | Merge branch 'disable_network'Nick Mathewson2011-11-29
|\ \ \ \ \ \ \ \ \ \ \
| * | | | | | | | | | | Fix some DOCDOCsNick Mathewson2011-11-29
| | | | | | | | | | | |
| * | | | | | | | | | | Make sure we never launch an evdns resolve when DisableNetwork is 1Nick Mathewson2011-11-29
| | | | | | | | | | | |
| * | | | | | | | | | | log a notice when disablenetwork is setNick Mathewson2011-11-28
| | | | | | | | | | | |
| * | | | | | | | | | | Manpage for DisableNetworkNick Mathewson2011-11-28
| | | | | | | | | | | |
| * | | | | | | | | | | New 'DisableNetwork' option to prevent Tor from using the networkNick Mathewson2011-11-28
| | |_|_|_|_|/ / / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some controllers want this so they can mess with Tor's configuration for a while via the control port before actually letting Tor out of the house. We do this with a new DisableNetwork option, that prevents Tor from making any outbound connections or binding any non-control listeners. Additionally, it shuts down the same functionality as shuts down when we are hibernating, plus the code that launches directory downloads. To make sure I didn't miss anything, I added a clause straight to connection_connect, so that we won't even try to open an outbound socket when the network is disabled. In my testing, I made this an assert, but since I probably missed something, I've turned it into a BUG warning for testing.
* | | | | | | | | | | Merge branch 'multilevel_cfg'Nick Mathewson2011-11-29
|\ \ \ \ \ \ \ \ \ \ \
| * | | | | | | | | | | Support for a defaults torrc file.Nick Mathewson2011-11-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This will mainly help distributors by giving a way to set system or package defaults that a user can override, and that a later package can replace. No promises about the particular future location or semantics for this: we will probably want to tweak it some before 0.2.3.x-rc The file is searched for in CONFDIR/torrc-defaults , which can be overridden with the "--defaults-torrc" option on the command line.
| * | | | | | | | | | | Add the ability to append and clear linelist options from cmdlineNick Mathewson2011-11-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This will be important for getting stuff to work right across zones.
| * | | | | | | | | | | Make linelists always overridden by the command lineNick Mathewson2011-11-27
| |/ / / / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This starts an effort to refactor torrc handling code to make it easier to live with. It makes it possible to override exit policies from the command line, and possible to override (rather than append to) socksport lists from the command line. It'll be necessary to make a "base" torrc implementation work at all.
* | | | | | | | | | | Make pending libevent actions cancelableNick Mathewson2011-11-29
|/ / / / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This avoids a dangling pointer issue in the 3412 code, and should fix bug 4599.
* | | | | | | | | | Merge branch 'safer_params_squashed'Nick Mathewson2011-11-27
|\ \ \ \ \ \ \ \ \ \
| * | | | | | | | | | Implement consensus method 12 (proposal 178)Sebastian Hahn2011-11-27
|/ / / / / / / / / /
* | | | | | | | | | indent; add commentNick Mathewson2011-11-27
| | | | | | | | | |
* | | | | | | | | | Merge remote-tracking branch 'asn/bug4584'Nick Mathewson2011-11-27
|\ \ \ \ \ \ \ \ \ \ | |_|/ / / / / / / / |/| | | | | | | | |
| * | | | | | | | | Add a changes file.George Kadianakis2011-11-27
| | | | | | | | | |
| * | | | | | | | | Use random bytes as our certificate serial numbers.George Kadianakis2011-11-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Instead of using time(NULL) in our certificate serial numbers, use eight random bytes as suggested in proposal 179.
* | | | | | | | | | Don't schedule excess_renegotiations_callback unless it's setNick Mathewson2011-11-27
|/ / / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | Partial fix for bug 4587; reported by "frosty_un".
* | | | | | | | | fold in changes files so farRoger Dingledine2011-11-25
| | | | | | | | |
* | | | | | | | | use event_free() wrapper; fix bug 4582Nick Mathewson2011-11-25
| | | | | | | | |
* | | | | | | | | Fix some wide lines in tortls.cNick Mathewson2011-11-25
| | | | | | | | |
* | | | | | | | | Avoid a double-mark in connection_or_close_connection_cbNick Mathewson2011-11-25
| | | | | | | | |
* | | | | | | | | Refactor tor_event_base_once to do what we actually wantNick Mathewson2011-11-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This version avoids the timeout system entirely, gives a nicer interface, and lets us manage allocation explicitly.
* | | | | | | | | Merge remote-tracking branch 'asn/bug4312'Nick Mathewson2011-11-25
|\ \ \ \ \ \ \ \ \
| * | | | | | | | | Use callback-driven approach to block renegotiations.George Kadianakis2011-11-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Also use this new approach in the bufferevents-enabled case.
| * | | | | | | | | Fix issues pointed out by nickm.George Kadianakis2011-11-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Rename tor_tls_got_server_hello() to tor_tls_got_client_hello(). - Replaced some aggressive asserts with LD_BUG logging. They were the innocent "I believe I understand how these callbacks work, and this assert proves it" type of callbacks, and not the "If this statement is not true, computer is exploding." type of callbacks. - Added a changes file.
| * | | | | | | | | Also handle needless renegotiations in SSL_write().George Kadianakis2011-10-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | SSL_read(), SSL_write() and SSL_do_handshake() can always progress the SSL protocol instead of their normal operation, this means that we must be checking for needless renegotiations after they return. Introduce tor_tls_got_excess_renegotiations() which makes the tls->server_handshake_count > 2 check for us, and use it in tor_tls_read() and tor_tls_write(). Cases that should not be handled: * SSL_do_handshake() is only called by tor_tls_renegotiate() which is a client-only function. * The SSL_read() in tor_tls_shutdown() does not need to be handled, since SSL_shutdown() will be called if SSL_read() returns an error.
| * | | | | | | | | Get rid of tor_tls_block_renegotiation().George Kadianakis2011-10-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Since we check for naughty renegotiations using tor_tls_t.server_handshake_count we don't need that semi-broken function (at least till there is a way to disable rfc5746 renegotiations too).
| * | | | | | | | | Detect and deny excess renegotiations attempts.George Kadianakis2011-10-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Switch 'server_handshake_count' from a uint8_t to 2 unsigned int bits. Since we won't ever be doing more than 3 handshakes, we don't need the extra space. Toggle tor_tls_t.got_renegotiate based on the server_handshake_count. Also assert that when we've done two handshakes as a server (the initial SSL handshake, and the renegotiation handshake) we've just renegotiated. Finally, in tor_tls_read() return an error if we see more than 2 handshakes.
| * | | | | | | | | Detect renegotiation when it actually happens.George Kadianakis2011-10-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The renegotiation callback was called only when the first Application Data arrived, instead of when the renegotiation took place. This happened because SSL_read() returns -1 and sets the error to SSL_ERROR_WANT_READ when a renegotiation happens instead of reading data [0]. I also added a commented out aggressive assert that I won't enable yet because I don't feel I understand SSL_ERROR_WANT_READ enough. [0]: Look at documentation of SSL_read(), SSL_get_error() and SSL_CTX_set_mode() (SSL_MODE_AUTO_RETRY section).
| * | | | | | | | | Refactor the SSL_set_info_callback() callbacks.George Kadianakis2011-10-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Introduce tor_tls_state_changed_callback(), which handles every SSL state change. The new function tor_tls_got_server_hello() is called every time we send a ServerHello during a v2 handshake, and plays the role of the previous tor_tls_server_info_callback() function.
* | | | | | | | | | Make the pt/transports test not crash.Nick Mathewson2011-11-25
| | | | | | | | | |
* | | | | | | | | | Make process_handle_t private and fix some unit testsNick Mathewson2011-11-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Let's *not* expose more cross-platform-compatibility structures, or expect code to use them right. Also, don't fclose() stdout_handle and stdin_handle until we do tor_process_handle_destroy, or we risk a double-fclose.
* | | | | | | | | | Merge remote-tracking branch 'asn/bug3472_act2'Nick Mathewson2011-11-25
|\ \ \ \ \ \ \ \ \ \
| * | | | | | | | | | Tell the bridge operator on what ports his transports spawned.George Kadianakis2011-11-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Add a LOG_WARN message when registering the transports of a server managed proxy, so that the bridge operator can see in what ports the transports spawned and notify his/her clients.
| * | | | | | | | | | Rename tor_process_destroy() to tor_process_handle_destroy().George Kadianakis2011-10-24
| | | | | | | | | | |
| * | | | | | | | | | Add a changes file in changes/bug3472.George Kadianakis2011-10-24
| | | | | | | | | | |
| * | | | | | | | | | Improve general code quality.George Kadianakis2011-10-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Add a tor_process_get_pid() function that returns the PID of a process_handle_t. - Conform to make check-spaces. - Add some more documentation. - Improve some log messages.
| * | | | | | | | | | Add PT_PROTO_FAILED_LAUNCH managed proxy state.George Kadianakis2011-10-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We used to try to terminate the managed proxy process even if it failed while launching. We introduce a new managed proxy state, to represent a *broken* and *not launched* proxy.
| * | | | | | | | | | Make set_managed_proxy_environment() work on Windows.George Kadianakis2011-10-24
| | | | | | | | | | |