cypherpunks authored 9 years ago and Nick Mathewson committed 9 years ago

The tor_cert_get_checkable_sig function uses the signing key included in
the certificate (if available) when a separate public key is not given.

When the signature is valid, the tor_cert_checksig function copies the
public key from the checkable structure to the public key field of the
certificate signing key.

In situations where the separate public key is not given but the
certificate includes a signing key, the source and destination pointers
in the copy operation are equal and invoke undefined behavior.

Undefined behaviour is avoided by ensuring both pointers are different.

Closes ticket 17724. Bug fix on ade50058 and 5e9f2384,
not in any released version of Tor. Patch by "teor".

teor (Tim Wilson-Brown) authored 9 years ago and Nick Mathewson committed 9 years ago

Change the function names & comments to make the copying explicit.

Bugfix on a tor version before the refactoring in git commit
cea12251 (23 Sep 2009). Patch by "teor".

Nobody likes a stack overflow, even in unit tests.

Closes 17699; but not in any released tor.

(crypto_rand is no longer allowed to fail.)

Closes bug 17686; bug not in any released tor.  (No backport, since
the tortls tests aren't in 0.2.7)

Check that crypto_rand doesn't return all zeroes, identical values,
or incrementing values (OpenSSL's rand_predictable feature).

These functions must really never fail; so have crypto_rand() assert
that it's working okay, and have crypto_seed_rng() demand that
callers check its return value.  Also have crypto_seed_rng() check
RAND_status() before returning.

teor (Tim Wilson-Brown) authored 9 years ago and Nick Mathewson committed 9 years ago

Stop ignoring ExitPolicyRejectPrivate in getinfo
exit-policy/reject-private. Fix a memory leak.

Set ExitPolicyRejectPrivate in the unit tests, and make a mock
function declaration static.

Fixes bug #17658; bugfix on commit in fdbb9cdf (11 Oct 2011)
in tor version 0.2.3.5-alpha-dev.

Fix for bug 16651; patch from "rubiate".

cypherpunks authored 9 years ago and Nick Mathewson committed 9 years ago

The initialization of libevent interferes with other tests so we also
fork the circuit_timeout test.

teor (Tim Wilson-Brown) authored 9 years ago and Nick Mathewson committed 9 years ago

Fix unit tests for get_interface_address6_list to assume less
about the interface addresses on the system.

Instead, mock get_interface_address6_list and use the mocked
function to provide a range of address combinations.

Patch from rubiate; fixes bug 17551.

(If we take the branch above this assertion, than we *didn't* have a
v1 handshake.  So if we don't take the branch, we did.  So if we
reach this assertion, we must be running as a server, since clients
no longer attempt v1 handshakes.)

Fix for bug 17654; bugfix on 9d019a7d.

Bug not in any released Tor.