1. 16 Apr, 2021 1 commit
    • Nick Mathewson's avatar
      Stop calling evdns_set_random_bytes_fn() · f20f5a4e
      Nick Mathewson authored
      This function has been a no-op since Libevent 2.0.4-alpha, when
      libevent got an arc4random() implementation.  Libevent has finally
      removed it, which will break our compilation unless we stop calling
      it.  (This is currently breaking compilation in OSS-fuzz.)
      
      Closes #40371.
      f20f5a4e
  2. 22 Jul, 2020 1 commit
  3. 06 May, 2020 2 commits
    • Nick Mathewson's avatar
      Use __attribute__((fallthrough)) rather than magic GCC comments. · cc397449
      Nick Mathewson authored
      GCC added an implicit-fallthrough warning a while back, where it
      would complain if you had a nontrivial "case:" block that didn't end
      with break, return, or something like that.  Clang recently added
      the same thing.
      
      GCC, however, would let you annotate a fall-through as intended by
      any of various magic "/* fall through */" comments.  Clang, however,
      only seems to like "__attribute__((fallthrough))".  Fortunately, GCC
      accepts that too.
      
      A previous commit in this branch defined a FALLTHROUGH macro to do
      the right thing if GNUC is defined; here we replace all of our "fall
      through" comments with uses of that macro.
      
      This is an automated commit, made with the following perl one-liner:
      
        #!/usr/bin/perl -i -p
        s#/\* *falls? ?thr.*?\*/#FALLTHROUGH;#i;
      cc397449
    • Nick Mathewson's avatar
  4. 20 Mar, 2020 2 commits
    • teor's avatar
      router: Refactor IPv6 ORPort function logic · bac8bc0f
      teor authored
      Return early when there is no suitable IPv6 ORPort.
      Show the address and port on error, using a convenience function.
      
      Code simplification and refactoring.
      
      Cleanup after 32588.
      bac8bc0f
    • teor's avatar
      router: Stop advertising incorrect auto IPv6 ORPorts · 861337fd
      teor authored
      When IPv6 ORPorts are set to "auto", tor relays and bridges would
      advertise an incorrect port in their descriptor.
      
      This may be a low-severity memory safety issue, because the published
      port number may be derived from uninitialised or out-of-bounds memory
      reads.
      
      Fixes bug 32588; bugfix on 0.2.3.9-alpha.
      861337fd
  5. 12 Feb, 2020 1 commit
  6. 18 Sep, 2019 2 commits
  7. 17 May, 2019 1 commit
  8. 16 Jan, 2019 1 commit
  9. 17 Dec, 2018 1 commit
  10. 01 Oct, 2018 2 commits
  11. 27 Sep, 2018 2 commits
  12. 25 Sep, 2018 11 commits
  13. 21 Sep, 2018 3 commits
  14. 20 Sep, 2018 1 commit
    • Nick Mathewson's avatar
      Split most of dirserv.c into several new modules · b54a5e70
      Nick Mathewson authored
      In dirauth:
        * bwauth.c reads and uses bandwidth files
        * guardfraction.c reads and uses the guardfraction file
        * reachability.c tests relay reachability
        * recommend_pkg.c handles the recommended-packages lines.
        * recv_descs.c handles fingerprint files and processing incoming
          routerinfos that relays upload to us
        * voteflag.c computes flag thresholds and sets those thresholds on
          routerstatuses when computing votes
      
      In control:
        * fmt_serverstatus.c generates the ancient "v1 server status"
          format that controllers expect.
      
      In nodelist:
        * routerstatus_fmt.c formats routerstatus entries for a consensus,
          a vote, or for the controller.
      b54a5e70
  15. 19 Sep, 2018 1 commit
  16. 04 Sep, 2018 1 commit
    • Nick Mathewson's avatar
      Rename crypto_pk_check_key(), use it more reasonably, add tests · 600e046e
      Nick Mathewson authored
      This function was a wrapper around RSA_check_key() in openssl, which
      checks for invalid RSA private keys (like those where p or q are
      composite, or where d is not the inverse of e, or where n != p*q).
      We don't need a function like this in NSS, since unlike OpenSSL, NSS
      won't let you import a bogus private key.
      
      I've renamed the function and changed its return type to make it
      more reasonable, and added a unit test for trying to read a key
      where n != p*q.
      600e046e
  17. 29 Aug, 2018 1 commit
    • David Goulet's avatar
      router: Keep RSA onion public key in ASN.1 format · 2f6bc749
      David Goulet authored and Nick Mathewson's avatar Nick Mathewson committed
      
      
      The OpenSSL "RSA" object is currently 408 bytes compares to the ASN.1 encoding
      which is 140 for a 1024 RSA key.
      
      We save 268 bytes per descriptor (routerinfo_t) *and* microdescriptor
      (microdesc_t). Scaling this to 6000 relays, and considering client usually
      only have microdescriptors, we save 1.608 MB of RAM which is considerable for
      mobile client.
      
      This commit makes it that we keep the RSA onion public key (used for TAP
      handshake) in ASN.1 format instead of an OpenSSL RSA object.
      
      Changes is done in both routerinfo_t and microdesc_t.
      
      Closes #27246
      Signed-off-by: David Goulet's avatarDavid Goulet <dgoulet@torproject.org>
      2f6bc749
  18. 22 Aug, 2018 1 commit
  19. 21 Aug, 2018 1 commit
  20. 08 Aug, 2018 2 commits
  21. 26 Jul, 2018 1 commit
  22. 17 Jul, 2018 1 commit