1. 11 Aug, 2020 1 commit
  2. 10 Aug, 2020 1 commit
  3. 30 Jul, 2020 2 commits
  4. 28 Jul, 2020 1 commit
  5. 24 Jul, 2020 1 commit
  6. 23 Jul, 2020 1 commit
  7. 09 Jul, 2020 2 commits
  8. 07 Jul, 2020 1 commit
  9. 06 Jul, 2020 4 commits
    • Alexander Færøy's avatar
      Use ((x + 7) >> 3) instead of (x >> 3) when converting from bits to bytes. · 7b2d1070
      Alexander Færøy authored and Nick Mathewson's avatar Nick Mathewson committed
      This patch changes our bits-to-bytes conversion logic in the NSS
      implementation of `tor_tls_cert_matches_key()` from using (x >> 3) to
      ((x + 7) >> 3) since DER bit-strings are allowed to contain a number of
      bits that is not a multiple of 8.
      
      Additionally, we add a comment on why we cannot use the
      `DER_ConvertBitString()` macro from NSS, as we would potentially apply
      the bits-to-bytes conversion logic twice, which would lead to an
      insignificant amount of bytes being compared in
      `SECITEM_ItemsAreEqual()` and thus turn the logic into being a
      prefix match instead of a full match.
      
      The `DER_ConvertBitString()` macro is defined in NSS as:
      
          /*
          ** Macro to convert der decoded bit string into a decoded octet
          ** string. All it needs to do is fiddle with the length code.
          */
          #define DER_ConvertBitString(item)            \
              {                                         \
                  (item)->len = ((item)->len + 7) >> 3; \
              }
      
      Thanks to Taylor Yu for spotting this problem.
      
      This patch is part of the fix for TROVE-2020-001.
      
      See: https://bugs.torproject.org/33119
      7b2d1070
    • Alexander Færøy's avatar
      Add constness to length variables in `tor_tls_cert_matches_key`. · 06f1e959
      Alexander Færøy authored and Nick Mathewson's avatar Nick Mathewson committed
      We add constness to `peer_info_orig_len` and `cert_info_orig_len` in
      `tor_tls_cert_matches_key` to ensure that we don't accidentally alter
      the variables.
      
      This patch is part of the fix for TROVE-2020-001.
      
      See: https://bugs.torproject.org/33119
      06f1e959
    • Alexander Færøy's avatar
      Fix out-of-bound memory read in `tor_tls_cert_matches_key()` for NSS. · b46984e9
      Alexander Færøy authored and Nick Mathewson's avatar Nick Mathewson committed
      This patch fixes an out-of-bound memory read in
      `tor_tls_cert_matches_key()` when Tor is compiled to use Mozilla's NSS
      instead of OpenSSL.
      
      The NSS library stores some length fields in bits instead of bytes, but
      the comparison function found in `SECITEM_ItemsAreEqual()` needs the
      length to be encoded in bytes. This means that for a 140-byte,
      DER-encoded, SubjectPublicKeyInfo struct (with a 1024-bit RSA public key
      in it), we would ask `SECITEM_ItemsAreEqual()` to compare the first 1120
      bytes instead of 140 (140bytes * 8bits = 1120bits).
      
      This patch fixes the issue by converting from bits to bytes before
      calling `SECITEM_ItemsAreEqual()` and convert the `len`-fields back to
      bits before we leave the function.
      
      This patch is part of the fix for TROVE-2020-001.
      
      See: https://bugs.torproject.org/33119
      b46984e9
    • Alexander Færøy's avatar
      Run `tor_tls_cert_matches_key()` Test Suite with both OpenSSL and NSS. · 33e1c2e6
      Alexander Færøy authored and Nick Mathewson's avatar Nick Mathewson committed
      This patch lifts the `tor_tls_cert_matches_key()` tests out of the
      OpenSSL specific TLS test suite and moves it into the generic TLS test
      suite that is executed for both OpenSSL and NSS.
      
      This patch is largely a code movement, but we had to rewrite parts of
      the test to avoid using OpenSSL specific data-types (such as `X509 *`)
      and replace it with the generic Tor abstraction type
      (`tor_x509_cert_impl_t *`).
      
      This patch is part of the fix for TROVE-2020-001.
      
      See: https://bugs.torproject.org/33119
      33e1c2e6
  10. 30 Jun, 2020 1 commit
  11. 30 May, 2020 1 commit
    • Roger Dingledine's avatar
      Preemptive circs should work with UseEntryGuards 0 · 39f2411b
      Roger Dingledine authored
      Resume being willing to use preemptively-built circuits when
      UseEntryGuards is set to 0. We accidentally disabled this feature with
      that config setting (in our fix for #24469), leading to slower load times.
      
      Fixes bug 34303; bugfix on 0.3.3.2-alpha.
      39f2411b
  12. 06 May, 2020 7 commits
  13. 19 Mar, 2020 1 commit
  14. 18 Mar, 2020 2 commits
  15. 17 Mar, 2020 5 commits
  16. 14 Mar, 2020 3 commits
  17. 13 Mar, 2020 1 commit
  18. 12 Mar, 2020 2 commits
  19. 11 Mar, 2020 1 commit
  20. 10 Mar, 2020 1 commit
    • David Goulet's avatar
      dos: Pass transport name on new client connection · 894ff2dc
      David Goulet authored
      
      
      For a bridge configured with a pluggable transport, the transport name is
      used, with the IP address, for the GeoIP client cache entry.
      
      However, the DoS subsystem was not aware of it and always passing NULL when
      doing a lookup into the GeoIP cache.
      
      This resulted in bridges with a PT are never able to apply DoS defenses for
      newly created connections.
      
      Fixes #33491
      Signed-off-by: David Goulet's avatarDavid Goulet <dgoulet@torproject.org>
      894ff2dc
  21. 12 Feb, 2020 1 commit