- Jul 09, 2020
-
-
Nick Mathewson authored
-
Nick Mathewson authored
-
Nick Mathewson authored
-
Nick Mathewson authored
-
Nick Mathewson authored
-
Nick Mathewson authored
-
- Jul 08, 2020
-
-
Alexander Hansen Færøy authored
-
- Jul 07, 2020
-
-
Nick Mathewson authored
This warning only affects platforms (like win32) with 32-bit time_t. Fixes bug 40028; bugfix on 0.3.2.8-rc.
-
Alexander Hansen Færøy authored
-
David Goulet authored
For some reasons, Appveyor started to use the stdio printf format for 64 bit values (PRIu64, ...). Mingw doesn't like that so force it to use the Windows specific macros by setting D__USE_MINGW_ANSI_STDIO=0. Fixes #40026
-
- Jul 06, 2020
-
-
Nick Mathewson authored
-
Nick Mathewson authored
-
This patch changes our bits-to-bytes conversion logic in the NSS implementation of `tor_tls_cert_matches_key()` from using (x >> 3) to ((x + 7) >> 3) since DER bit-strings are allowed to contain a number of bits that is not a multiple of 8. Additionally, we add a comment on why we cannot use the `DER_ConvertBitString()` macro from NSS, as we would potentially apply the bits-to-bytes conversion logic twice, which would lead to an insignificant amount of bytes being compared in `SECITEM_ItemsAreEqual()` and thus turn the logic into being a prefix match instead of a full match. The `DER_ConvertBitString()` macro is defined in NSS as: /* ** Macro to convert der decoded bit string into a decoded octet ** string. All it needs to do is fiddle with the length code. */ #define DER_ConvertBitString(item) \ { \ (item)->len = ((item)->len + 7) >> 3; \ } Thanks to Taylor Yu for spotting this problem. This patch is part of the fix for TROVE-2020-001. See: https://bugs.torproject.org/33119
-
We add constness to `peer_info_orig_len` and `cert_info_orig_len` in `tor_tls_cert_matches_key` to ensure that we don't accidentally alter the variables. This patch is part of the fix for TROVE-2020-001. See: https://bugs.torproject.org/33119
-
This patch fixes an out-of-bound memory read in `tor_tls_cert_matches_key()` when Tor is compiled to use Mozilla's NSS instead of OpenSSL. The NSS library stores some length fields in bits instead of bytes, but the comparison function found in `SECITEM_ItemsAreEqual()` needs the length to be encoded in bytes. This means that for a 140-byte, DER-encoded, SubjectPublicKeyInfo struct (with a 1024-bit RSA public key in it), we would ask `SECITEM_ItemsAreEqual()` to compare the first 1120 bytes instead of 140 (140bytes * 8bits = 1120bits). This patch fixes the issue by converting from bits to bytes before calling `SECITEM_ItemsAreEqual()` and convert the `len`-fields back to bits before we leave the function. This patch is part of the fix for TROVE-2020-001. See: https://bugs.torproject.org/33119
-
This patch lifts the `tor_tls_cert_matches_key()` tests out of the OpenSSL specific TLS test suite and moves it into the generic TLS test suite that is executed for both OpenSSL and NSS. This patch is largely a code movement, but we had to rewrite parts of the test to avoid using OpenSSL specific data-types (such as `X509 *`) and replace it with the generic Tor abstraction type (`tor_x509_cert_impl_t *`). This patch is part of the fix for TROVE-2020-001. See: https://bugs.torproject.org/33119
-
- Jul 02, 2020
-
-
David Goulet authored
-
- Jun 30, 2020
-
-
Nick Mathewson authored
This is not actually a bug! It can happen for a bunch of reasons, which all boil down to "trying to add an extrainfo for which we no longer have the corresponding routerinfo". Fixes #16016; bugfix on 0.2.6.3-alpha.
-
Alexander Hansen Færøy authored
-
Alexander Hansen Færøy authored
-
Alexander Hansen Færøy authored
-
Alexander Hansen Færøy authored
-
Alexander Hansen Færøy authored
-
Alexander Hansen Færøy authored
-
Alexander Hansen Færøy authored
-
Alexander Hansen Færøy authored
-
- Jun 29, 2020
-
-
Nick Mathewson authored
-
Nick Mathewson authored
-
- Jun 12, 2020
-
-
David Goulet authored
-
David Goulet authored
-
- Jun 05, 2020
-
-
Nick Mathewson authored
-
This patch makes sures that AppVeyor upgrades its Pacman (the package manager) before installing the Tor dependencies. See: https://bugs.torproject.org/34384
-
- Jun 03, 2020
-
-
Nick Mathewson authored
This reverts commit e63bfca5, now that Stem has been upgraded to fix the underlying issue.
-
- May 30, 2020
-
-
Roger Dingledine authored
Resume being willing to use preemptively-built circuits when UseEntryGuards is set to 0. We accidentally disabled this feature with that config setting (in our fix for #24469), leading to slower load times. Fixes bug 34303; bugfix on 0.3.3.2-alpha.
-
- May 15, 2020
-
-
Nick Mathewson authored
-
Nick Mathewson authored
Fixes bug 34233. (This has bug has been backported to 0.3.5, but only released in 0.4.3, so it only needs a changes file there.)
-
- May 14, 2020
-
-
Nick Mathewson authored
-
Nick Mathewson authored
This is a workaround for https://github.com/torproject/stem/issues/63
-
- May 06, 2020
-
-
Nick Mathewson authored
-
Nick Mathewson authored
-