1. 30 Jan, 2018 1 commit
    • David Goulet's avatar
      dos: Initial code of Denial of Service mitigation · 64149353
      David Goulet authored
      This commit introduces the src/or/dos.{c|h} files that contains the code for
      the Denial of Service mitigation subsystem. It currently contains basic
      functions to initialize and free the subsystem. They are used at this commit.
      The torrc options and consensus parameters are defined at this commit and
      getters are implemented.
      Signed-off-by: David Goulet's avatarDavid Goulet <dgoulet@torproject.org>
  2. 05 Dec, 2016 1 commit
  3. 26 Sep, 2016 1 commit
  4. 04 Jul, 2016 2 commits
  5. 20 Jun, 2016 1 commit
  6. 12 May, 2016 1 commit
    • Nick Mathewson's avatar
      Add -ftrapv to gcc-hardening ... mostly! · ce854a8d
      Nick Mathewson authored
      We know there are overflows in curve25519-donna-c32, so we'll have
      to have that one be fwrapv.
      Only apply the asan, ubsan, and trapv options to the code that does
      not need to run in constant time.  Those options introduce branches
      to the code they instrument.
      (These introduced branches should never actually be taken, so it
      might _still_ be constant time after all, but branch predictors are
      complicated enough that I'm not really confident here. Let's aim for
      Closes 17983.
  7. 08 Jan, 2016 1 commit
  8. 26 Dec, 2015 1 commit
  9. 19 Dec, 2015 1 commit
    • Yawning Angel's avatar
      Add the SHA-3 hash functions to common/crypto.h. · 687f9b3b
      Yawning Angel authored
       * DIGEST_SHA3_[256,512] added as supported algorithms, which do
         exactly what is said on the tin.
       * test/bench now benchmarks all of the supported digest algorithms,
         so it's possible to see just how slow SHA-3 is, though the message
         sizes could probably use tweaking since this is very dependent on
         the message size vs the SHA-3 rate.
  10. 15 Dec, 2015 1 commit
    • teor's avatar
      Add Fallback Directory Candidate Selection Script · 4c1c2a31
      teor authored
      "Tor has included a feature to fetch the initial consensus from nodes
       other than the authorities for a while now. We just haven't shipped a
       list of alternate locations for clients to go to yet.
       Reasons why we might want to ship tor with a list of additional places
       where clients can find the consensus is that it makes authority
       reachability and BW less important.
       We want them to have been around and using their current key, address,
       and port for a while now (120 days), and have been running, a guard,
       and a v2 directory mirror for most of that time."
      * whitelist and blacklist for an opt-in/opt-out trial.
      * excludes BadExits, tor versions that aren't recommended, and low
        consensus weight directory mirrors.
      * reduces the weighting of Exits to avoid overloading them.
      * places limits on the weight of any one fallback.
      * includes an IPv6 address and orport for each FallbackDir, as
        implemented in #17327. (Tor won't bootstrap using IPv6 fallbacks
        until #17840 is merged.)
      * generated output includes timestamps & Onionoo URL for traceability.
      * unit test ensures that we successfully load all included default
        fallback directories.
      Closes ticket #15775. Patch by "teor".
      OnionOO script by "weasel", "teor", "gsathya", and "karsten".
  11. 14 Dec, 2015 1 commit
  12. 13 Nov, 2015 1 commit
  13. 29 Sep, 2015 1 commit
  14. 02 Sep, 2015 1 commit
  15. 21 Aug, 2015 1 commit
  16. 18 Aug, 2015 1 commit
  17. 18 Jun, 2015 1 commit
    • David Goulet's avatar
      Add rendcache.{c|h} · 33b1a33c
      David Goulet authored
      For now, rend_cache_entry_t has been moved from or.h to rendcache.h and
      those files have been added to the build system.
      In the next commit, these will contain hidden service descriptor cache ABI
      and API for both client and directory side. The goal is to consolidate the
      descriptor caches in one location to ease development, maintenance, review
      and improve documentation for each cache behavior and algorithm.
      Signed-off-by: default avatarDavid Goulet <dgoulet@ev0ke.net>
  18. 28 May, 2015 3 commits
    • Nick Mathewson's avatar
      Refactor code that matches up routers with the same identity in votes · 6c564e6c
      Nick Mathewson authored
      This makes 'routerstatus collation' into a first-class concept, so
      we can change how that works for prop220.
    • Nick Mathewson's avatar
      Key-pinning back-end for directory authorities. · eacbe03c
      Nick Mathewson authored
      This module implements a key-pinning mechanism to ensure that it's
      safe to use RSA keys as identitifers even as we migrate to Ed25519
      keys.  It remembers, for every Ed25519 key we've seen, what the
      associated Ed25519 key is.  This way, if we see a different Ed25519
      key with that RSA key, we'll know that there's a mismatch.
      We persist these entries to disk using a simple format, where each
      line has a base64-encoded RSA SHA1 hash, then a base64-endoded
      Ed25519 key.  Empty lines, misformed lines, and lines beginning with
      a # are ignored. Lines beginning with @ are reserved for future
    • Nick Mathewson's avatar
      prop220: Implement certificates and key storage/creation · 818e6f93
      Nick Mathewson authored
      For prop220, we have a new ed25519 certificate type. This patch
      implements the code to create, parse, and validate those, along with
      code for routers to maintain their own sets of certificates and
      keys.  (Some parts of master identity key encryption are done, but
      the implementation of that isn't finished)
  19. 18 May, 2015 1 commit
  20. 01 Apr, 2015 1 commit
    • Nick Mathewson's avatar
      Drop support for --digests · c66dd179
      Nick Mathewson authored
      This is a fair amount of maintainance burden, and doesn't help much
      more than the git microversion.
      Closes ticket 14742.
  21. 21 Mar, 2015 1 commit
  22. 14 Mar, 2015 3 commits
    • cypherpunks's avatar
      Do not distribute common_sha1.i and or_sha1.i. · ce9bd4e0
      cypherpunks authored and Nick Mathewson's avatar Nick Mathewson committed
      These files get generated automatically so there is need to include them in the
    • cypherpunks's avatar
      Clean up generated files. · 7a86d53d
      cypherpunks authored and Nick Mathewson's avatar Nick Mathewson committed
      Remove src/or/or_sha1.i and src/common/common_sha1.i on `make clean` and remove
      the temporary micro-revision file when its no longer needed.
      Additional changes;
      - show a message when generating the micro-revision file.
      - add the temporary micro revision file to the list of files to be removed on
        `make clean` just in case.
      - fix indentation of the make rule to improve readability.
    • cypherpunks's avatar
      Use output variables instead of relative paths. · 17cbc435
      cypherpunks authored and Nick Mathewson's avatar Nick Mathewson committed
      Fixes the following rules in out-of-tree builds;
      - check-spaces
      - check-docs
      - check-logs
      - Doxygen
      - coverage-html
      And cleans up additional directories;
      - coverage_html
      - doc/doxygen
  23. 04 Mar, 2015 2 commits
  24. 06 Jan, 2015 1 commit
  25. 23 Dec, 2014 1 commit
  26. 27 Oct, 2014 1 commit
    • Sebastian Hahn's avatar
      Remove configure option to disable curve25519 · 909aa51b
      Sebastian Hahn authored
      By now, support in the network is widespread and it's time to require
      more modern crypto on all Tor instances, whether they're clients or
      servers. By doing this early in 0.2.6, we can be sure that at some point
      all clients will have reasonable support.
  27. 01 Oct, 2014 1 commit
  28. 31 Oct, 2013 1 commit
  29. 18 Jul, 2013 1 commit
  30. 10 Jul, 2013 2 commits
    • Nick Mathewson's avatar
      Coverage support: build with --enable-coverage to have tests run with gcov · 17e9fc09
      Nick Mathewson authored
      If you pass the --enable-coverage flag on the command line, we build
      our testing binaries with appropriate options eo enable coverage
      testing.  We also build a "tor-cov" binary that has coverage enabled,
      for integration tests.
      On recent OSX versions, test coverage only works with clang, not gcc.
      So we warn about that.
      Also add a contrib/coverage script to actually run gcov with the
      appropriate options to generate useful .gcov files.  (Thanks to
      automake, the .o files will not have the names that gcov expects to
      Also, remove generated gcda and gcno files on clean.
    • Nick Mathewson's avatar
      Start work on fancy compiler tricks to expose extra stuff to our tests · f7d654b8
      Nick Mathewson authored
      This is mainly a matter of automake trickery: we build each static
      library in two versions now: one with the TOR_UNIT_TESTS macro
      defined, and one without.  When TOR_UNIT_TESTS is defined, we can
      enable mocking and expose more functions. When it's not defined, we
      can lock the binary down more.
      The alternatives would be to have alternate build modes: a "testing
      configuration" for building the libraries with test support, and a
      "production configuration" for building them without.  I don't favor
      that approach, since I think it would mean more people runnning
      binaries build for testing, or more people not running unit tests.
  31. 19 Feb, 2013 1 commit
  32. 16 Jan, 2013 1 commit
  33. 03 Jan, 2013 1 commit