sarah
/
tor
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge branch 'maint-0.2.1' into release-0.2.1

This commit is contained in:
Roger Dingledine 2011-01-15 14:45:07 -05:00
parent 3936267fd9 ef6fa07e48
commit 73a7028a11
83 changed files with 3914 additions and 1968 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
LICENSE
View File

@ -13,7 +13,7 @@ Tor is distributed under this license:
Copyright (c) 2001-2004, Roger Dingledine
Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson
Copyright (c) 2007-2010, The Tor Project, Inc.
Copyright (c) 2007-2011, The Tor Project, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are

4
Makefile.am
View File

@ -1,10 +1,10 @@
# $Id$
# Copyright (c) 2001-2004, Roger Dingledine
# Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson
# Copyright (c) 2007-2010, The Tor Project, Inc.
# Copyright (c) 2007-2011, The Tor Project, Inc.
# See LICENSE for licensing information
AUTOMAKE_OPTIONS = foreign
AUTOMAKE_OPTIONS = foreign 1.7
# else it keeps trying to put COPYING back in
SUBDIRS = src doc contrib

6
changes/bug2190 Normal file
View File

@ -0,0 +1,6 @@
o Minor bugfixes
- Prevent calls from Libevent from inside Libevent log handlers.
This had potential to cause a nasty set of crashes, especially if
running Libevent with debug logging enabled, and running Tor
with a controller watching for low-severity log messages.
Bugfix on 0.1.0.2-rc. Fixes bug 2190.

5
changes/bug2305 Normal file
View File

@ -0,0 +1,5 @@
o Build changes
- Tor does not build packages correctly with Automake 1.6 and earlier;
added a check to Makefile.am to make sure that we're building with
Automake 1.7 or later.

4
changes/bug2313 Normal file
View File

@ -0,0 +1,4 @@
o Minor bugfixes
- Fix compilation on mingw when a pthreads compatibility library
has been installed. (We don't want to use it, so we shouldn't
be including pthread.h.) Fixes bug 2313; bugfix on 0.1.0.1-rc.

4
changes/bug2324 Normal file
View File

@ -0,0 +1,4 @@
o Minor bugfixes
- Add a check for SIZE_T_MAX to tor_realloc to try to avoid
underflow errors there too. Fixes bug 2324.

5
changes/bug2324_uncompress Normal file
View File

@ -0,0 +1,5 @@
o Major bugfixes (security):
- Prevent a DoS attack by disallowing any zlib-compressed data
whose compression factor is implausibly high. Fixes the
second part of bug2324; found by doors.

6
changes/bug2326 Normal file
View File

@ -0,0 +1,6 @@
o Minor bugfixes
- Fix a bug where we would assert if we ever had a
cached-descriptors.new file (or another file read directly into
memory) of exactly SIZE_T_CEILING bytes. Found by doors; fixes
bug 2326; bugfix on 0.2.1.25.

9
changes/bug2328 Normal file
View File

@ -0,0 +1,9 @@
o Minor bugfixes
- Fix a bug where we would declare that we had run out of virtual
addresses when the address space was only half-exhausted. Bugfix
on 0.1.2.1-alpha.
- Correctly handle the case where AutomapHostsOnResolve is set but no
virtual addresses are available. Fixes bug2328, bugfix on
0.1.2.1-alpha. Bug found by doorss.
- Correctly handle wrapping around to when we run out of virtual address
space. Found by cypherpunks, bugfix on 0.2.0.5-alpha.

4
changes/bug2332 Normal file
View File

@ -0,0 +1,4 @@
o Minor bugfixes
- Fix a bug with handling misformed replies to reverse DNS lookup
requests in DNSPort. Bugfix on Tor 0.2.0.1-alpha. Related to a bug
reported by doorss.

6
changes/bug2352 Normal file
View File

@ -0,0 +1,6 @@
o Minor bugfixes
- Fix some potential asserts and partsing issues with grossly
malformed router caches. Fixes bug 2352. Found by doorss.
Bugfix on Tor 0.2.1.27.

6
changes/bug2384 Normal file
View File

@ -0,0 +1,6 @@
o Minor bugfixes
- Zero out a few more keys in memory before freeing them. Fixes bug
2384 and part of bug 2385. These key instances found by
"cypherpunks". Bugfix on 0.0.2pre9.

3
changes/geoip-jan2011 Normal file
View File

@ -0,0 +1,3 @@
o Minor features:
- Update to the January 1 2011 Maxmind GeoLite Country database.

8
changes/tolen_asserts Normal file
View File

@ -0,0 +1,8 @@
o Major bugfixes (security)
- Fix a heap overflow bug where an adversary could cause heap
corruption. This bug potentially allows remote code execution
attacks. Found by debuger. Fixes CVE-2011-0427. Bugfix on
0.1.2.10-rc.
o Defensive programming
- Introduce output size checks on all of our decryption functions.

2
contrib/bundle.nsi
View File

@ -22,7 +22,7 @@ VIProductVersion "${VERSION}"
VIAddVersionKey "ProductName" "Tor"
VIAddVersionKey "Comments" "${WEBSITE}"
VIAddVersionKey "LegalTrademarks" "Three line BSD"
VIAddVersionKey "LegalCopyright" "©2004-2010, Roger Dingledine, Nick Mathewson, The Tor Project, Inc."
VIAddVersionKey "LegalCopyright" "©2004-2011, Roger Dingledine, Nick Mathewson, The Tor Project, Inc."
VIAddVersionKey "FileDescription" "Tor is an implementation of Onion Routing. You can read more at ${WEBSITE}"
VIAddVersionKey "FileVersion" "${VERSION}"

2
contrib/netinst.nsi
View File

@ -22,7 +22,7 @@ VIProductVersion "${VERSION}"
VIAddVersionKey "ProductName" "Tor"
VIAddVersionKey "Comments" "${WEBSITE}"
VIAddVersionKey "LegalTrademarks" "Three line BSD"
VIAddVersionKey "LegalCopyright" "©2004-2010, Roger Dingledine, Nick Mathewson, The Tor Project, Inc."
VIAddVersionKey "LegalCopyright" "©2004-2011, Roger Dingledine, Nick Mathewson, The Tor Project, Inc."
VIAddVersionKey "FileDescription" "Tor is an implementation of Onion Routing. You can read more at ${WEBSITE}"
VIAddVersionKey "FileVersion" "${VERSION}"

4
contrib/polipo/README
View File

@ -1,5 +1,5 @@
Copyright 2007-2008 Andrew Lewman
Copyright 2009-2010 The Tor Project
Copyright 2007-2008, Andrew Lewman
Copyright 2009-2011, The Tor Project
----------------
General Comments

2
src/common/address.c
View File

@ -1,6 +1,6 @@
/* Copyright (c) 2003-2004, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**

2
src/common/address.h
View File

@ -1,6 +1,6 @@
/* Copyright (c) 2003-2004, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**

2
src/common/aes.c
View File

@ -1,7 +1,7 @@
/* Copyright (c) 2001, Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**

2
src/common/aes.h
View File

@ -1,6 +1,6 @@
/* Copyright (c) 2003, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/* Implements a minimal interface to counter-mode AES. */

2
src/common/compat.c
View File

@ -1,6 +1,6 @@
/* Copyright (c) 2003-2004, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**

4
src/common/compat.h
View File

@ -1,6 +1,6 @@
/* Copyright (c) 2003-2004, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef _TOR_COMPAT_H
@ -31,7 +31,7 @@
#ifdef HAVE_STRING_H
#include <string.h>
#endif
#ifdef HAVE_PTHREAD_H
#if defined(HAVE_PTHREAD_H) && !defined(MS_WINDOWS)
#include <pthread.h>
#endif
#include <stdarg.h>

2
src/common/container.c
View File

@ -1,6 +1,6 @@
/* Copyright (c) 2003-2004, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**

2
src/common/container.h
View File

@ -1,6 +1,6 @@
/* Copyright (c) 2003-2004, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef _TOR_CONTAINER_H

81
src/common/crypto.c
View File

@ -1,7 +1,7 @@
/* Copyright (c) 2001, Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@ -439,21 +439,23 @@ crypto_pk_generate_key(crypto_pk_env_t *env)
return 0;
}
/** Read a PEM-encoded private key from the string <b>s</b> into <b>env</b>.
* Return 0 on success, -1 on failure.
/** Read a PEM-encoded private key from the <b>len</b>-byte string <b>s</b>
* into <b>env</b>. Return 0 on success, -1 on failure. If len is -1,
* the string is nul-terminated.
*/
/* Used here, and used for testing. */
int
crypto_pk_read_private_key_from_string(crypto_pk_env_t *env,
const char *s)
const char *s, ssize_t len)
{
BIO *b;
tor_assert(env);
tor_assert(s);
tor_assert(len < INT_MAX && len < SIZE_T_CEILING);
/* Create a read-only memory BIO, backed by the NUL-terminated string 's' */
b = BIO_new_mem_buf((char*)s, -1);
/* Create a read-only memory BIO, backed by the string 's' */
b = BIO_new_mem_buf((char*)s, (int)len);
if (env->key)
RSA_free(env->key);
@ -487,7 +489,8 @@ crypto_pk_read_private_key_from_filename(crypto_pk_env_t *env,
}
/* Try to parse it. */
r = crypto_pk_read_private_key_from_string(env, contents);
r = crypto_pk_read_private_key_from_string(env, contents, -1);
memset(contents, 0, strlen(contents));
tor_free(contents);
if (r)
return -1; /* read_private_key_from_string already warned, so we don't.*/
@ -625,6 +628,7 @@ crypto_pk_write_private_key_to_filename(crypto_pk_env_t *env,
s[len]='\0';
r = write_str_to_file(fname, s, 0);
BIO_free(bio);
memset(s, 0, strlen(s));
tor_free(s);
return r;
}
@ -717,9 +721,12 @@ crypto_pk_copy_full(crypto_pk_env_t *env)
* in <b>env</b>, using the padding method <b>padding</b>. On success,
* write the result to <b>to</b>, and return the number of bytes
* written. On failure, return -1.
*
* <b>tolen</b> is the number of writable bytes in <b>to</b>, and must be
* at least the length of the modulus of <b>env</b>.
*/
int
crypto_pk_public_encrypt(crypto_pk_env_t *env, char *to,
crypto_pk_public_encrypt(crypto_pk_env_t *env, char *to, size_t tolen,
const char *from, size_t fromlen, int padding)
{
int r;
@ -727,6 +734,7 @@ crypto_pk_public_encrypt(crypto_pk_env_t *env, char *to,
tor_assert(from);
tor_assert(to);
tor_assert(fromlen<INT_MAX);
tor_assert(tolen >= crypto_pk_keysize(env));
r = RSA_public_encrypt((int)fromlen,
(unsigned char*)from, (unsigned char*)to,
@ -742,9 +750,13 @@ crypto_pk_public_encrypt(crypto_pk_env_t *env, char *to,
* in <b>env</b>, using the padding method <b>padding</b>. On success,
* write the result to <b>to</b>, and return the number of bytes
* written. On failure, return -1.
*
* <b>tolen</b> is the number of writable bytes in <b>to</b>, and must be
* at least the length of the modulus of <b>env</b>.
*/
int
crypto_pk_private_decrypt(crypto_pk_env_t *env, char *to,
size_t tolen,
const char *from, size_t fromlen,
int padding, int warnOnFailure)
{
@ -754,6 +766,7 @@ crypto_pk_private_decrypt(crypto_pk_env_t *env, char *to,
tor_assert(to);
tor_assert(env->key);
tor_assert(fromlen<INT_MAX);
tor_assert(tolen >= crypto_pk_keysize(env));
if (!env->key->p)
/* Not a private key */
return -1;
@ -774,9 +787,13 @@ crypto_pk_private_decrypt(crypto_pk_env_t *env, char *to,
* public key in <b>env</b>, using PKCS1 padding. On success, write the
* signed data to <b>to</b>, and return the number of bytes written.
* On failure, return -1.
*
* <b>tolen</b> is the number of writable bytes in <b>to</b>, and must be
* at least the length of the modulus of <b>env</b>.
*/
int
crypto_pk_public_checksig(crypto_pk_env_t *env, char *to,
size_t tolen,
const char *from, size_t fromlen)
{
int r;
@ -784,6 +801,7 @@ crypto_pk_public_checksig(crypto_pk_env_t *env, char *to,
tor_assert(from);
tor_assert(to);
tor_assert(fromlen < INT_MAX);
tor_assert(tolen >= crypto_pk_keysize(env));
r = RSA_public_decrypt((int)fromlen,
(unsigned char*)from, (unsigned char*)to,
env->key, RSA_PKCS1_PADDING);
@ -806,6 +824,7 @@ crypto_pk_public_checksig_digest(crypto_pk_env_t *env, const char *data,
{
char digest[DIGEST_LEN];
char *buf;
size_t buflen;
int r;
tor_assert(env);
@ -818,8 +837,9 @@ crypto_pk_public_checksig_digest(crypto_pk_env_t *env, const char *data,
log_warn(LD_BUG, "couldn't compute digest");
return -1;
}
buf = tor_malloc(crypto_pk_keysize(env)+1);
r = crypto_pk_public_checksig(env,buf,sig,siglen);
buflen = crypto_pk_keysize(env)+1;
buf = tor_malloc(buflen);
r = crypto_pk_public_checksig(env,buf,buflen,sig,siglen);
if (r != DIGEST_LEN) {
log_warn(LD_CRYPTO, "Invalid signature");
tor_free(buf);
@ -839,9 +859,12 @@ crypto_pk_public_checksig_digest(crypto_pk_env_t *env, const char *data,
* <b>env</b>, using PKCS1 padding. On success, write the signature to
* <b>to</b>, and return the number of bytes written. On failure, return
* -1.
*
* <b>tolen</b> is the number of writable bytes in <b>to</b>, and must be
* at least the length of the modulus of <b>env</b>.
*/
int
crypto_pk_private_sign(crypto_pk_env_t *env, char *to,
crypto_pk_private_sign(crypto_pk_env_t *env, char *to, size_t tolen,
const char *from, size_t fromlen)
{
int r;
@ -849,6 +872,7 @@ crypto_pk_private_sign(crypto_pk_env_t *env, char *to,
tor_assert(from);
tor_assert(to);
tor_assert(fromlen < INT_MAX);
tor_assert(tolen >= crypto_pk_keysize(env));
if (!env->key->p)
/* Not a private key */
return -1;
@ -867,16 +891,19 @@ crypto_pk_private_sign(crypto_pk_env_t *env, char *to,
* <b>from</b>; sign the data with the private key in <b>env</b>, and
* store it in <b>to</b>. Return the number of bytes written on
* success, and -1 on failure.
*
* <b>tolen</b> is the number of writable bytes in <b>to</b>, and must be
* at least the length of the modulus of <b>env</b>.
*/
int
crypto_pk_private_sign_digest(crypto_pk_env_t *env, char *to,
crypto_pk_private_sign_digest(crypto_pk_env_t *env, char *to, size_t tolen,
const char *from, size_t fromlen)
{
int r;
char digest[DIGEST_LEN];
if (crypto_digest(digest,from,fromlen)<0)
return -1;
r = crypto_pk_private_sign(env,to,digest,DIGEST_LEN);
r = crypto_pk_private_sign(env,to,tolen,digest,DIGEST_LEN);
memset(digest, 0, sizeof(digest));
return r;
}
@ -900,7 +927,7 @@ crypto_pk_private_sign_digest(crypto_pk_env_t *env, char *to,
*/
int
crypto_pk_public_hybrid_encrypt(crypto_pk_env_t *env,
char *to,
char *to, size_t tolen,
const char *from,
size_t fromlen,
int padding, int force)
@ -923,8 +950,13 @@ crypto_pk_public_hybrid_encrypt(crypto_pk_env_t *env,
if (!force && fromlen+overhead <= pkeylen) {
/* It all fits in a single encrypt. */
return crypto_pk_public_encrypt(env,to,from,fromlen,padding);
return crypto_pk_public_encrypt(env,to,
tolen,
from,fromlen,padding);
}
tor_assert(tolen >= fromlen + overhead + CIPHER_KEY_LEN);
tor_assert(tolen >= pkeylen);
cipher = crypto_new_cipher_env();
if (!cipher) return -1;
if (crypto_cipher_generate_key(cipher)<0)
@ -946,7 +978,7 @@ crypto_pk_public_hybrid_encrypt(crypto_pk_env_t *env,
/* Length of symmetrically encrypted data. */
symlen = fromlen-(pkeylen-overhead-CIPHER_KEY_LEN);
outlen = crypto_pk_public_encrypt(env,to,buf,pkeylen-overhead,padding);
outlen = crypto_pk_public_encrypt(env,to,tolen,buf,pkeylen-overhead,padding);
if (outlen!=(int)pkeylen) {
goto err;
}
@ -972,6 +1004,7 @@ crypto_pk_public_hybrid_encrypt(crypto_pk_env_t *env,
int
crypto_pk_private_hybrid_decrypt(crypto_pk_env_t *env,
char *to,
size_t tolen,
const char *from,
size_t fromlen,
int padding, int warnOnFailure)
@ -985,11 +1018,12 @@ crypto_pk_private_hybrid_decrypt(crypto_pk_env_t *env,
pkeylen = crypto_pk_keysize(env);
if (fromlen <= pkeylen) {
return crypto_pk_private_decrypt(env,to,from,fromlen,padding,
return crypto_pk_private_decrypt(env,to,tolen,from,fromlen,padding,
warnOnFailure);
}
buf = tor_malloc(pkeylen+1);
outlen = crypto_pk_private_decrypt(env,buf,from,pkeylen,padding,
outlen = crypto_pk_private_decrypt(env,buf,pkeylen+1,from,pkeylen,padding,
warnOnFailure);
if (outlen<0) {
log_fn(warnOnFailure?LOG_WARN:LOG_DEBUG, LD_CRYPTO,
@ -1007,6 +1041,7 @@ crypto_pk_private_hybrid_decrypt(crypto_pk_env_t *env,
}
memcpy(to,buf+CIPHER_KEY_LEN,outlen-CIPHER_KEY_LEN);
outlen -= CIPHER_KEY_LEN;
tor_assert(tolen - outlen >= fromlen - pkeylen);
r = crypto_cipher_decrypt(cipher, to+outlen, from+pkeylen, fromlen-pkeylen);
if (r<0)
goto err;
@ -1655,7 +1690,7 @@ crypto_dh_compute_secret(crypto_dh_env_t *dh,
{
char *secret_tmp = NULL;
BIGNUM *pubkey_bn = NULL;
size_t secret_len=0;
size_t secret_len=0, secret_tmp_len=0;
int result=0;
tor_assert(dh);
tor_assert(secret_bytes_out/DIGEST_LEN <= 255);
@ -1669,7 +1704,8 @@ crypto_dh_compute_secret(crypto_dh_env_t *dh,
log_warn(LD_CRYPTO,"Rejected invalid g^x");
goto error;
}
secret_tmp = tor_malloc(crypto_dh_get_bytes(dh));
secret_tmp_len = crypto_dh_get_bytes(dh);
secret_tmp = tor_malloc(secret_tmp_len);
result = DH_compute_key((unsigned char*)secret_tmp, pubkey_bn, dh->dh);
if (result < 0) {
log_warn(LD_CRYPTO,"DH_compute_key() failed.");
@ -1688,7 +1724,10 @@ crypto_dh_compute_secret(crypto_dh_env_t *dh,
crypto_log_errors(LOG_WARN, "completing DH handshake");
if (pubkey_bn)
BN_free(pubkey_bn);
tor_free(secret_tmp);
if (secret_tmp) {
memset(secret_tmp, 0, secret_tmp_len);
tor_free(secret_tmp);
}
if (result < 0)
return result;
else

16
src/common/crypto.h
View File

@ -1,7 +1,7 @@
/* Copyright (c) 2001, Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@ -82,7 +82,7 @@ int crypto_pk_write_private_key_to_string(crypto_pk_env_t *env,
int crypto_pk_read_public_key_from_string(crypto_pk_env_t *env,
const char *src, size_t len);
int crypto_pk_read_private_key_from_string(crypto_pk_env_t *env,
const char *s);
const char *s, ssize_t len);
int crypto_pk_write_private_key_to_filename(crypto_pk_env_t *env,
const char *fname);
@ -93,23 +93,25 @@ crypto_pk_env_t *crypto_pk_dup_key(crypto_pk_env_t *orig);
crypto_pk_env_t *crypto_pk_copy_full(crypto_pk_env_t *orig);
int crypto_pk_key_is_private(const crypto_pk_env_t *key);
int crypto_pk_public_encrypt(crypto_pk_env_t *env, char *to,
int crypto_pk_public_encrypt(crypto_pk_env_t *env, char *to, size_t tolen,
const char *from, size_t fromlen, int padding);
int crypto_pk_private_decrypt(crypto_pk_env_t *env, char *to,
int crypto_pk_private_decrypt(crypto_pk_env_t *env, char *to, size_t tolen,
const char *from, size_t fromlen,
int padding, int warnOnFailure);
int crypto_pk_public_checksig(crypto_pk_env_t *env, char *to,
int crypto_pk_public_checksig(crypto_pk_env_t *env, char *to, size_t tolen,
const char *from, size_t fromlen);
int crypto_pk_public_checksig_digest(crypto_pk_env_t *env, const char *data,
size_t datalen, const char *sig, size_t siglen);
int crypto_pk_private_sign(crypto_pk_env_t *env, char *to,
int crypto_pk_private_sign(crypto_pk_env_t *env, char *to, size_t tolen,
const char *from, size_t fromlen);
int crypto_pk_private_sign_digest(crypto_pk_env_t *env, char *to,
int crypto_pk_private_sign_digest(crypto_pk_env_t *env, char *to, size_t tolen,
const char *from, size_t fromlen);
int crypto_pk_public_hybrid_encrypt(crypto_pk_env_t *env, char *to,
size_t tolen,
const char *from, size_t fromlen,
int padding, int force);
int crypto_pk_private_hybrid_decrypt(crypto_pk_env_t *env, char *to,
size_t tolen,
const char *from, size_t fromlen,
int padding, int warnOnFailure);

2
src/common/ht.h
View File

@ -1,6 +1,6 @@
/* Copyright (c) 2002, Christopher Clark.
* Copyright (c) 2005-2006, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See license at end. */
/* Based on ideas by Christopher Clark and interfaces from Niels Provos. */

16
src/common/log.c
View File

@ -1,7 +1,7 @@
/* Copyright (c) 2001, Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@ -280,6 +280,10 @@ logv(int severity, log_domain_mask_t domain, const char *funcname,
lf = lf->next;
continue;
}
if (lf->callback && (domain & LD_NOCB)) {
lf = lf->next;
continue;
}
if (lf->seems_dead) {
lf = lf->next;
continue;
@ -943,19 +947,19 @@ libevent_logging_callback(int severity, const char *msg)
}
switch (severity) {
case _EVENT_LOG_DEBUG:
log(LOG_DEBUG, LD_NET, "Message from libevent: %s", buf);
log(LOG_DEBUG, LD_NOCB|LD_NET, "Message from libevent: %s", buf);
break;
case _EVENT_LOG_MSG:
log(LOG_INFO, LD_NET, "Message from libevent: %s", buf);
log(LOG_INFO, LD_NOCB|LD_NET, "Message from libevent: %s", buf);
break;
case _EVENT_LOG_WARN:
log(LOG_WARN, LD_GENERAL, "Warning from libevent: %s", buf);
log(LOG_WARN, LD_NOCB|LD_GENERAL, "Warning from libevent: %s", buf);
break;
case _EVENT_LOG_ERR:
log(LOG_ERR, LD_GENERAL, "Error from libevent: %s", buf);
log(LOG_ERR, LD_NOCB|LD_GENERAL, "Error from libevent: %s", buf);
break;
default:
log(LOG_WARN, LD_GENERAL, "Message [%d] from libevent: %s",
log(LOG_WARN, LD_NOCB|LD_GENERAL, "Message [%d] from libevent: %s",
severity, buf);
break;
}

6
src/common/log.h
View File

@ -1,7 +1,7 @@
/* Copyright (c) 2001, Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@ -94,6 +94,10 @@
/** Number of logging domains in the code. */
#define N_LOGGING_DOMAINS 19
/** This log message is not safe to send to a callback-based logger.
* Used as a flag, not a log domain. */
#define LD_NOCB (1u<<31)
typedef uint32_t log_domain_mask_t;
/** Configures which severities are logged for each logging domain for a given

2
src/common/memarea.c
View File

@ -1,4 +1,4 @@
/* Copyright (c) 2008-2010, The Tor Project, Inc. */
/* Copyright (c) 2008-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/** \file memarea.c

2
src/common/memarea.h
View File

@ -1,4 +1,4 @@
/* Copyright (c) 2008-2010, The Tor Project, Inc. */
/* Copyright (c) 2008-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/* Tor dependencies */

2
src/common/mempool.c
View File

@ -1,4 +1,4 @@
/* Copyright (c) 2007-2010, The Tor Project, Inc. */
/* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#if 1
/* Tor dependencies */

2
src/common/mempool.h
View File

@ -1,4 +1,4 @@
/* Copyright (c) 2007-2010, The Tor Project, Inc. */
/* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**

2
src/common/test.h
View File

@ -1,6 +1,6 @@
/* Copyright (c) 2001-2003, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef _TOR_TEST_H

62
src/common/torgzip.c
View File

@ -1,6 +1,6 @@
/* Copyright (c) 2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@ -57,6 +57,33 @@ method_bits(compress_method_t method)
return method == GZIP_METHOD ? 15+16 : 15;
}
/* These macros define the maximum allowable compression factor. Anything of
* size greater than CHECK_FOR_COMPRESSION_BOMB_AFTER is not allowed to
* have an uncompression factor (uncompressed size:compressed size ratio) of
* any greater than MAX_UNCOMPRESSION_FACTOR.
*
* Picking a value for MAX_UNCOMPRESSION_FACTOR is a trade-off: we want it to
* be small to limit the attack multiplier, but we also want it to be large
* enough so that no legitimate document --even ones we might invent in the
* future -- ever compresses by a factor of greater than
* MAX_UNCOMPRESSION_FACTOR. Within those parameters, there's a reasonably
* large range of possible values. IMO, anything over 8 is probably safe; IMO
* anything under 50 is probably sufficient.
*/
#define MAX_UNCOMPRESSION_FACTOR 25
#define CHECK_FOR_COMPRESSION_BOMB_AFTER (1024*64)
/** Return true if uncompressing an input of size <b>in_size</b> to an input
* of size at least <b>size_out</b> looks like a compression bomb. */
static int
is_compression_bomb(size_t size_in, size_t size_out)
{
if (size_in == 0 || size_out < CHECK_FOR_COMPRESSION_BOMB_AFTER)
return 0;
return (size_out / size_in > MAX_UNCOMPRESSION_FACTOR);
}
/** Given <b>in_len</b> bytes at <b>in</b>, compress them into a newly
* allocated buffer, using the method described in <b>method</b>. Store the
* compressed string in *<b>out</b>, and its length in *<b>out_len</b>.
@ -159,6 +186,12 @@ tor_gzip_compress(char **out, size_t *out_len,
}
tor_free(stream);
if (is_compression_bomb(*out_len, in_len)) {
log_warn(LD_BUG, "We compressed something and got an insanely high "
"compression factor; other Tors would think this was a zlib bomb.");
goto err;
}
return 0;
err:
if (stream) {
@ -223,7 +256,7 @@ tor_gzip_uncompress(char **out, size_t *out_len,
out_size = in_len * 2; /* guess 50% compression. */
if (out_size < 1024) out_size = 1024;
if (out_size > UINT_MAX)
if (out_size >= SIZE_T_CEILING || out_size > UINT_MAX)
goto err;
*out = tor_malloc(out_size);
@ -263,7 +296,16 @@ tor_gzip_uncompress(char **out, size_t *out_len,
old_size = out_size;
out_size *= 2;
if (out_size < old_size) {
log_warn(LD_GENERAL, "Size overflow in compression.");
log_warn(LD_GENERAL, "Size overflow in uncompression.");
goto err;
}
if (is_compression_bomb(in_len, out_size)) {
log_warn(LD_GENERAL, "Input looks like a possible zlib bomb; "
"not proceeding.");
goto err;
}
if (out_size >= SIZE_T_CEILING) {
log_warn(LD_BUG, "Hit SIZE_T_CEILING limit while uncompressing.");
goto err;
}
*out = tor_realloc(*out, out_size);
@ -329,6 +371,11 @@ detect_compression_method(const char *in, size_t in_len)
struct tor_zlib_state_t {
struct z_stream_s stream;
int compress;
/* Number of bytes read so far. Used to detect zlib bombs. */
size_t input_so_far;
/* Number of bytes written so far. Used to detect zlib bombs. */
size_t output_so_far;
};
/** Construct and return a tor_zlib_state_t object using <b>method</b>. If
@ -395,11 +442,20 @@ tor_zlib_process(tor_zlib_state_t *state,
err = inflate(&state->stream, finish ? Z_FINISH : Z_SYNC_FLUSH);
}
state->input_so_far += state->stream.next_in - ((unsigned char*)*in);
state->output_so_far += state->stream.next_out - ((unsigned char*)*out);
*out = (char*) state->stream.next_out;
*out_len = state->stream.avail_out;
*in = (const char *) state->stream.next_in;
*in_len = state->stream.avail_in;
if (! state->compress &&
is_compression_bomb(state->input_so_far, state->output_so_far)) {
log_warn(LD_DIR, "Possible zlib bomb; abandoning stream.");
return TOR_ZLIB_ERR;
}
switch (err)
{
case Z_STREAM_END:

2
src/common/torgzip.h
View File

@ -1,6 +1,6 @@
/* Copyright (c) 2003, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**

4
src/common/torint.h
View File

@ -1,6 +1,6 @@
/* Copyright (c) 2003, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@ -115,7 +115,7 @@ typedef unsigned int uint32_t;
#define UINT32_MAX 0xffffffffu
#endif
#ifndef INT32_MAX
#define INT32_MAX 0x7fffffffu
#define INT32_MAX 0x7fffffff
#endif
#endif

2
src/common/tortls.c
View File

@ -1,6 +1,6 @@
/* Copyright (c) 2003, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**

2
src/common/tortls.h
View File

@ -1,6 +1,6 @@
/* Copyright (c) 2003, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef _TOR_TORTLS_H

6
src/common/util.c
View File

@ -1,6 +1,6 @@
/* Copyright (c) 2003, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@ -167,6 +167,8 @@ _tor_realloc(void *ptr, size_t size DMALLOC_PARAMS)
{
void *result;
tor_assert(size < SIZE_T_CEILING);
#ifdef USE_DMALLOC
result = dmalloc_realloc(file, line, ptr, size, DMALLOC_FUNC_REALLOC, 0);
#else
@ -1934,7 +1936,7 @@ read_file_to_str(const char *filename, int flags, struct stat *stat_out)
return NULL;
}
if ((uint64_t)(statbuf.st_size)+1 > SIZE_T_CEILING)
if ((uint64_t)(statbuf.st_size)+1 >= SIZE_T_CEILING)
return NULL;
string = tor_malloc((size_t)(statbuf.st_size+1));

2
src/common/util.h
View File

@ -1,6 +1,6 @@
/* Copyright (c) 2003-2004, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**

5317
src/config/geoip
View File

File diff suppressed because it is too large Load Diff

2
src/or/buffers.c
View File

@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**

7
src/or/circuitbuild.c
View File

@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@ -768,7 +768,8 @@ circuit_extend(cell_t *cell, circuit_t *circ)
n_addr32 = ntohl(get_uint32(cell->payload+RELAY_HEADER_SIZE));
n_port = ntohs(get_uint16(cell->payload+RELAY_HEADER_SIZE+4));
onionskin = (char*) cell->payload+RELAY_HEADER_SIZE+4+2;
id_digest = (char*) cell->payload+RELAY_HEADER_SIZE+4+2+ONIONSKIN_CHALLENGE_LEN;
id_digest = (char*) cell->payload+RELAY_HEADER_SIZE+4+2+
ONIONSKIN_CHALLENGE_LEN;
tor_addr_from_ipv4h(&n_addr, n_addr32);
if (!n_port || !n_addr32) {
@ -923,7 +924,7 @@ circuit_finish_handshake(origin_circuit_t *circ, uint8_t reply_type,
tor_assert(hop->state == CPATH_STATE_AWAITING_KEYS);
if (reply_type == CELL_CREATED && hop->dh_handshake_state) {
if (onion_skin_client_handshake(hop->dh_handshake_state, (char*)reply, keys,
if (onion_skin_client_handshake(hop->dh_handshake_state, (char*)reply,keys,
DIGEST_LEN*2+CIPHER_KEY_LEN*2) < 0) {
log_warn(LD_CIRC,"onion_skin_client_handshake failed.");
return -END_CIRC_REASON_TORPROTOCOL;

2
src/or/circuitlist.c
View File

@ -1,7 +1,7 @@
/* Copyright 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**

2
src/or/circuituse.c
View File

@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**

5
src/or/command.c
View File

@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@ -576,7 +576,8 @@ command_process_netinfo_cell(cell_t *cell, or_connection_t *conn)
/* Consider all the other addresses; if any matches, this connection is
* "canonical." */
tor_addr_t addr;
const uint8_t *next = decode_address_from_payload(&addr, cp, (int)(end-cp));
const uint8_t *next =
decode_address_from_payload(&addr, cp, (int)(end-cp));
if (next == NULL) {
log_fn(LOG_PROTOCOL_WARN, LD_OR,
"Bad address in netinfo cell; closing connection.");

7
src/or/config.c
View File

@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@ -2294,7 +2294,7 @@ print_usage(void)
printf(
"Copyright (c) 2001-2004, Roger Dingledine\n"
"Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson\n"
"Copyright (c) 2007-2010, The Tor Project, Inc.\n\n"
"Copyright (c) 2007-2011, The Tor Project, Inc.\n\n"
"tor -f <torrc> [args]\n"
"See man page for options, or https://www.torproject.org/ for "
"documentation.\n");
@ -5321,7 +5321,8 @@ or_state_save(time_t now)
tor_free(state);
fname = get_datadir_fname("state");
if (write_str_to_file(fname, contents, 0)<0) {
log_warn(LD_FS, "Unable to write state to file \"%s\"", fname);
log_warn(LD_FS, "Unable to write state to file \"%s\"; "
"will try again later", fname);
tor_free(fname);
tor_free(contents);
return -1;

2
src/or/connection.c
View File

@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**

55
src/or/connection_edge.c
View File

@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@ -1139,9 +1139,23 @@ address_is_in_virtual_range(const char *address)
return 0;
}
/** Increment the value of next_virtual_addr; reset it to the start of the
* virtual address range if it wraps around.
*/
static INLINE void
increment_virtual_addr(void)
{
++next_virtual_addr;
if (addr_mask_cmp_bits(next_virtual_addr, virtual_addr_network,
virtual_addr_netmask_bits))
next_virtual_addr = virtual_addr_network;
}
/** Return a newly allocated string holding an address of <b>type</b>
* (one of RESOLVED_TYPE_{IPV4|HOSTNAME}) that has not yet been mapped,
* and that is very unlikely to be the address of any real host.
*
* May return NULL if we have run out of virtual addresses.
*/
static char *
addressmap_get_virtual_address(int type)
@ -1166,25 +1180,26 @@ addressmap_get_virtual_address(int type)
/* Don't hand out any .0 or .255 address. */
while ((next_virtual_addr & 0xff) == 0 ||
(next_virtual_addr & 0xff) == 0xff) {
++next_virtual_addr;
increment_virtual_addr();
if (! --available) {
log_warn(LD_CONFIG, "Ran out of virtual addresses!");
return NULL;
}
}
in.s_addr = htonl(next_virtual_addr);
tor_inet_ntoa(&in, buf, sizeof(buf));
if (!strmap_get(addressmap, buf)) {
++next_virtual_addr;
increment_virtual_addr();
break;
}
++next_virtual_addr;
increment_virtual_addr();
--available;
log_info(LD_CONFIG, "%d addrs available", (int)available);
if (! --available) {
// log_info(LD_CONFIG, "%d addrs available", (int)available);
if (! available) {
log_warn(LD_CONFIG, "Ran out of virtual addresses!");
return NULL;
}
if (addr_mask_cmp_bits(next_virtual_addr, virtual_addr_network,
virtual_addr_netmask_bits))
next_virtual_addr = virtual_addr_network;
}
return tor_strdup(buf);
} else {
@ -1199,14 +1214,15 @@ addressmap_get_virtual_address(int type)
* allocated string. If another address of the same type is already
* mapped to <b>new_address</b>, try to return a copy of that address.
*
* The string in <b>new_address</b> may be freed, or inserted into a map
* as appropriate.
* The string in <b>new_address</b> may be freed or inserted into a map
* as appropriate. May return NULL if are out of virtual addresses.
**/
const char *
addressmap_register_virtual_address(int type, char *new_address)
{
char **addrp;
virtaddress_entry_t *vent;
int vent_needs_to_be_added = 0;
tor_assert(new_address);
tor_assert(addressmap);
@ -1215,7 +1231,7 @@ addressmap_register_virtual_address(int type, char *new_address)
vent = strmap_get(virtaddress_reversemap, new_address);
if (!vent) {
vent = tor_malloc_zero(sizeof(virtaddress_entry_t));
strmap_set(virtaddress_reversemap, new_address, vent);
vent_needs_to_be_added = 1;
}
addrp = (type == RESOLVED_TYPE_IPV4) ?
@ -1225,6 +1241,7 @@ addressmap_register_virtual_address(int type, char *new_address)
if (ent && ent->new_address &&
!strcasecmp(new_address, ent->new_address)) {
tor_free(new_address);
tor_assert(!vent_needs_to_be_added);
return tor_strdup(*addrp);
} else
log_warn(LD_BUG,
@ -1236,7 +1253,14 @@ addressmap_register_virtual_address(int type, char *new_address)
tor_free(*addrp);
*addrp = addressmap_get_virtual_address(type);
if (!*addrp) {
tor_free(vent);
tor_free(new_address);
return NULL;
}
log_info(LD_APP, "Registering map from %s to %s", *addrp, new_address);
if (vent_needs_to_be_added)
strmap_set(virtaddress_reversemap, new_address, vent);
addressmap_register(*addrp, new_address, 2, ADDRMAPSRC_CONTROLLER);
#if 0
@ -1415,7 +1439,12 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
const char *new_addr;
new_addr = addressmap_register_virtual_address(
RESOLVED_TYPE_IPV4, tor_strdup(socks->address));
tor_assert(new_addr);
if (! new_addr) {
log_warn(LD_APP, "Unable to automap address %s",
escaped_safe_str(socks->address));
connection_mark_unattached_ap(conn, END_STREAM_REASON_INTERNAL);
return -1;
}
log_info(LD_APP, "Automapping %s to %s",
escaped_safe_str(socks->address), safe_str(new_addr));
strlcpy(socks->address, new_addr, sizeof(socks->address));

2
src/or/connection_or.c
View File

@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**

2
src/or/control.c
View File

@ -1,5 +1,5 @@
/* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**

2
src/or/cpuworker.c
View File

@ -1,6 +1,6 @@
/* Copyright (c) 2003-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**

2
src/or/directory.c
View File

@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "or.h"

2
src/or/dirserv.c
View File

@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define DIRSERV_PRIVATE

2
src/or/dirvote.c
View File

@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define DIRVOTE_PRIVATE

2
src/or/dns.c
View File

@ -1,6 +1,6 @@
/* Copyright (c) 2003-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**

5
src/or/dnsserv.c
View File

@ -1,4 +1,4 @@
/* Copyright (c) 2007-2010, The Tor Project, Inc. */
/* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@ -271,11 +271,12 @@ dnsserv_resolved(edge_connection_t *conn,
name,
1, (char*)answer, ttl);
} else if (answer_type == RESOLVED_TYPE_HOSTNAME &&
answer_len < 256 &&
conn->socks_request->command == SOCKS_COMMAND_RESOLVE_PTR) {
char *ans = tor_strndup(answer, answer_len);
evdns_server_request_add_ptr_reply(req, NULL,
name,
(char*)answer, ttl);
ans, ttl);
tor_free(ans);
} else if (answer_type == RESOLVED_TYPE_ERROR) {
err = DNS_ERR_NOTEXIST;

2
src/or/eventdns_tor.h
View File

@ -1,4 +1,4 @@
/* Copyright (c) 2007-2010, The Tor Project, Inc. */
/* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"

2
src/or/geoip.c
View File

@ -1,4 +1,4 @@
/* Copyright (c) 2007-2010, The Tor Project, Inc. */
/* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**

2
src/or/hibernate.c
View File

@ -1,5 +1,5 @@
/* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**

2
src/or/main.c
View File

@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**

3
src/or/networkstatus.c
View File

@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@ -362,6 +362,7 @@ networkstatus_check_voter_signature(networkstatus_t *consensus,
signed_digest = tor_malloc(signed_digest_len);
if (crypto_pk_public_checksig(cert->signing_key,
signed_digest,
signed_digest_len,
voter->signature,
voter->signature_len) != DIGEST_LEN ||
memcmp(signed_digest, consensus->networkstatus_digest, DIGEST_LEN)) {

2
src/or/ntmain.c
View File

@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define MAIN_PRIVATE

8
src/or/onion.c
View File

@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@ -188,6 +188,7 @@ onion_skin_create(crypto_pk_env_t *dest_router_key,
/* set meeting point, meeting cookie, etc here. Leave zero for now. */
if (crypto_pk_public_hybrid_encrypt(dest_router_key, onion_skin_out,
ONIONSKIN_CHALLENGE_LEN,
challenge, DH_KEY_LEN,
PK_PKCS1_OAEP_PADDING, 1)<0)
goto err;
@ -230,6 +231,7 @@ onion_skin_server_handshake(const char *onion_skin, /*ONIONSKIN_CHALLENGE_LEN*/
break;
note_crypto_pk_op(DEC_ONIONSKIN);
len = crypto_pk_private_hybrid_decrypt(k, challenge,
ONIONSKIN_CHALLENGE_LEN,
onion_skin, ONIONSKIN_CHALLENGE_LEN,
PK_PKCS1_OAEP_PADDING,0);
if (len>0)
@ -379,8 +381,8 @@ fast_server_handshake(const uint8_t *key_in, /* DIGEST_LEN bytes */
* and protected by TLS).
*/
int
fast_client_handshake(const uint8_t *handshake_state, /* DIGEST_LEN bytes */
const uint8_t *handshake_reply_out, /* DIGEST_LEN*2 bytes */
fast_client_handshake(const uint8_t *handshake_state,/*DIGEST_LEN bytes*/
const uint8_t *handshake_reply_out,/*DIGEST_LEN*2 bytes*/
uint8_t *key_out,
size_t key_out_len)
{

2
src/or/or.h
View File

@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**

2
src/or/policies.c
View File

@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**

2
src/or/reasons.c
View File

@ -1,5 +1,5 @@
/* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**

2
src/or/relay.c
View File

@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**

5
src/or/rendclient.c
View File

@ -1,5 +1,5 @@
/* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@ -193,6 +193,7 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
/*XXX maybe give crypto_pk_public_hybrid_encrypt a max_len arg,
* to avoid buffer overflows? */
r = crypto_pk_public_hybrid_encrypt(intro_key, payload+DIGEST_LEN,
sizeof(payload)-DIGEST_LEN,
tmp,
(int)(dh_offset+DH_KEY_LEN),
PK_PKCS1_OAEP_PADDING, 0);
@ -716,8 +717,10 @@ rend_client_receive_rendezvous(origin_circuit_t *circ, const uint8_t *request,
* attach only the connections that are waiting on this circuit, rather
* than trying to attach them all. See comments bug 743. */
connection_ap_attach_pending();
memset(keys, 0, sizeof(keys));
return 0;
err:
memset(keys, 0, sizeof(keys));
circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_TORPROTOCOL);
return -1;
}

6
src/or/rendcommon.c
View File

@ -1,5 +1,5 @@
/* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@ -700,7 +700,9 @@ rend_encode_service_descriptor(rend_service_descriptor_t *desc,
cp += ipoint_len+1;
}
note_crypto_pk_op(REND_SERVER);
r = crypto_pk_private_sign_digest(key, cp, *str_out, cp-*str_out);
r = crypto_pk_private_sign_digest(key,
cp, buflen - (cp - *str_out),
*str_out, cp-*str_out);
if (r<0) {
tor_free(*str_out);
return -1;

8
src/or/rendmid.c
View File

@ -1,5 +1,5 @@
/* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@ -64,7 +64,8 @@ rend_mid_establish_intro(or_circuit_t *circ, const uint8_t *request,
}
/* Rest of body: signature of previous data */
note_crypto_pk_op(REND_MID);
if (crypto_pk_public_checksig_digest(pk, (char*)request, 2+asn1len+DIGEST_LEN,
if (crypto_pk_public_checksig_digest(pk,
(char*)request, 2+asn1len+DIGEST_LEN,
(char*)(request+2+DIGEST_LEN+asn1len),
request_len-(2+DIGEST_LEN+asn1len))<0) {
log_warn(LD_PROTOCOL,
@ -125,7 +126,8 @@ rend_mid_establish_intro(or_circuit_t *circ, const uint8_t *request,
* INTRODUCE2 cell.
*/
int
rend_mid_introduce(or_circuit_t *circ, const uint8_t *request, size_t request_len)
rend_mid_introduce(or_circuit_t *circ, const uint8_t *request,
size_t request_len)
{
or_circuit_t *intro_circ;
char serviceid[REND_SERVICE_ID_LEN_BASE32+1];

10
src/or/rendservice.c
View File

@ -1,5 +1,5 @@
/* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@ -979,7 +979,8 @@ rend_service_introduce(origin_circuit_t *circuit, const uint8_t *request,
/* Next N bytes is encrypted with service key */
note_crypto_pk_op(REND_SERVER);
r = crypto_pk_private_hybrid_decrypt(
intro_key,buf,(char*)(request+DIGEST_LEN),request_len-DIGEST_LEN,
intro_key,buf,sizeof(buf),
(char*)(request+DIGEST_LEN),request_len-DIGEST_LEN,
PK_PKCS1_OAEP_PADDING,1);
if (r<0) {
log_warn(LD_PROTOCOL, "Couldn't decrypt INTRODUCE2 cell.");
@ -1213,8 +1214,10 @@ rend_service_introduce(origin_circuit_t *circuit, const uint8_t *request,
memcpy(cpath->handshake_digest, keys, DIGEST_LEN);
if (extend_info) extend_info_free(extend_info);
memset(keys, 0, sizeof(keys));
return 0;
err:
memset(keys, 0, sizeof(keys));
if (dh) crypto_dh_free(dh);
if (launched)
circuit_mark_for_close(TO_CIRCUIT(launched), reason);
@ -1424,7 +1427,8 @@ rend_service_intro_has_opened(origin_circuit_t *circuit)
goto err;
len += 20;
note_crypto_pk_op(REND_SERVER);
r = crypto_pk_private_sign_digest(intro_key, buf+len, buf, len);
r = crypto_pk_private_sign_digest(intro_key, buf+len, sizeof(buf)-len,
buf, len);
if (r<0) {
log_warn(LD_BUG, "Internal error: couldn't sign introduction request.");
reason = END_CIRC_REASON_INTERNAL;

2
src/or/rephist.c
View File

@ -1,5 +1,5 @@
/* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**

2
src/or/router.c
View File

@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define ROUTER_PRIVATE

5
src/or/routerlist.c
View File

@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@ -4676,7 +4676,8 @@ routerinfo_incompatible_with_extrainfo(routerinfo_t *ri, extrainfo_t *ei,
if (ei->pending_sig) {
char signed_digest[128];
if (crypto_pk_public_checksig(ri->identity_pkey, signed_digest,
if (crypto_pk_public_checksig(ri->identity_pkey,
signed_digest, sizeof(signed_digest),
ei->pending_sig, ei->pending_sig_len) != DIGEST_LEN ||
memcmp(signed_digest, ei->cache_info.signed_descriptor_digest,
DIGEST_LEN)) {

35
src/or/routerparse.c
View File

@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@ -571,10 +571,12 @@ router_append_dirobj_signature(char *buf, size_t buf_len, const char *digest,
crypto_pk_env_t *private_key)
{
char *signature;
size_t i;
size_t i, keysize;
signature = tor_malloc(crypto_pk_keysize(private_key));
if (crypto_pk_private_sign(private_key, signature, digest, DIGEST_LEN) < 0) {
keysize = crypto_pk_keysize(private_key);
signature = tor_malloc(keysize);
if (crypto_pk_private_sign(private_key, signature, keysize,
digest, DIGEST_LEN) < 0) {
log_warn(LD_BUG,"Couldn't sign digest.");
goto err;
@ -924,6 +926,7 @@ check_signature_token(const char *digest,
const char *doctype)
{
char *signed_digest;
size_t keysize;
const int check_authority = (flags & CST_CHECK_AUTHORITY);
const int check_objtype = ! (flags & CST_NO_CHECK_OBJTYPE);
@ -945,9 +948,10 @@ check_signature_token(const char *digest,
}
}
signed_digest = tor_malloc(tok->object_size);
if (crypto_pk_public_checksig(pkey, signed_digest, tok->object_body,
tok->object_size)
keysize = crypto_pk_keysize(pkey);
signed_digest = tor_malloc(keysize);
if (crypto_pk_public_checksig(pkey, signed_digest, keysize,
tok->object_body, tok->object_size)
!= DIGEST_LEN) {
log_warn(LD_DIR, "Error reading %s: invalid signature.", doctype);
tor_free(signed_digest);
@ -2170,7 +2174,6 @@ networkstatus_v2_parse_from_string(const char *s)
return ns;
}
/** Parse a v3 networkstatus vote, opinion, or consensus (depending on
* ns_type), from <b>s</b>, and return the result. Return NULL on failure. */
networkstatus_t *
@ -2550,7 +2553,7 @@ networkstatus_parse_vote_from_string(const char *s, const char **eos_out,
goto err;
v->good_signature = 1;
} else {
if (tok->object_size >= INT_MAX)
if (tok->object_size >= INT_MAX || tok->object_size >= SIZE_T_CEILING)
goto err;
/* We already parsed a vote from this voter. Use the first one. */
if (v->signature) {
@ -2701,7 +2704,7 @@ networkstatus_parse_detached_signatures(const char *s, const char *eos)
voter = tor_malloc_zero(sizeof(networkstatus_voter_info_t));
memcpy(voter->identity_digest, id_digest, DIGEST_LEN);
memcpy(voter->signing_key_digest, sk_digest, DIGEST_LEN);
if (tok->object_size >= INT_MAX)
if (tok->object_size >= INT_MAX || tok->object_size >= SIZE_T_CEILING)
goto err;
voter->signature = tor_memdup(tok->object_body, tok->object_size);
voter->signature_len = (int) tok->object_size;
@ -3018,6 +3021,10 @@ static directory_token_t *
get_next_token(memarea_t *area,
const char **s, const char *eos, token_rule_t *table)
{
/** Reject any object at least this big; it is probably an overflow, an
* attack, a bug, or some other nonsense. */
#define MAX_UNPARSED_OBJECT_SIZE (128*1024)
const char *next, *eol, *obstart;
size_t obname_len;
int i;
@ -3102,7 +3109,8 @@ get_next_token(memarea_t *area,
obstart = *s; /* Set obstart to start of object spec */
if (*s+16 >= eol || memchr(*s+11,'\0',eol-*s-16) || /* no short lines, */
strcmp_len(eol-5, "-----", 5)) { /* nuls or invalid endings */
strcmp_len(eol-5, "-----", 5) || /* nuls or invalid endings */
(eol-*s) > MAX_UNPARSED_OBJECT_SIZE) { /* name too long */
RET_ERR("Malformed object: bad begin line");
}
tok->object_type = STRNDUP(*s+11, eol-*s-16);
@ -3127,13 +3135,16 @@ get_next_token(memarea_t *area,
ebuf[sizeof(ebuf)-1] = '\0';
RET_ERR(ebuf);
}
if (next - *s > MAX_UNPARSED_OBJECT_SIZE)
RET_ERR("Couldn't parse object: missing footer or object much too big.");
if (!strcmp(tok->object_type, "RSA PUBLIC KEY")) { /* If it's a public key */
tok->key = crypto_new_pk_env();
if (crypto_pk_read_public_key_from_string(tok->key, obstart, eol-obstart))
RET_ERR("Couldn't parse public key.");
} else if (!strcmp(tok->object_type, "RSA PRIVATE KEY")) { /* private key */
tok->key = crypto_new_pk_env();
if (crypto_pk_read_private_key_from_string(tok->key, obstart))
if (crypto_pk_read_private_key_from_string(tok->key, obstart, eol-obstart))
RET_ERR("Couldn't parse private key.");
} else { /* If it's something else, try to base64-decode it */
int r;

45
src/or/test.c
View File

@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/* Ordinarily defined in tor_main.c; this bit is just here to provide one
@ -701,25 +701,27 @@ test_crypto_pk(void)
test_eq(128, crypto_pk_keysize(pk1));
test_eq(128, crypto_pk_keysize(pk2));
test_eq(128, crypto_pk_public_encrypt(pk2, data1, "Hello whirled.", 15,
test_eq(128, crypto_pk_public_encrypt(pk2, data1, sizeof(data1),
"Hello whirled.", 15,
PK_PKCS1_OAEP_PADDING));
test_eq(128, crypto_pk_public_encrypt(pk1, data2, "Hello whirled.", 15,
test_eq(128, crypto_pk_public_encrypt(pk1, data2, sizeof(data2),
"Hello whirled.", 15,
PK_PKCS1_OAEP_PADDING));
/* oaep padding should make encryption not match */
test_memneq(data1, data2, 128);
test_eq(15, crypto_pk_private_decrypt(pk1, data3, data1, 128,
test_eq(15, crypto_pk_private_decrypt(pk1, data3, sizeof(data3), data1, 128,
PK_PKCS1_OAEP_PADDING,1));
test_streq(data3, "Hello whirled.");
memset(data3, 0, 1024);
test_eq(15, crypto_pk_private_decrypt(pk1, data3, data2, 128,
test_eq(15, crypto_pk_private_decrypt(pk1, data3, sizeof(data3), data2, 128,
PK_PKCS1_OAEP_PADDING,1));
test_streq(data3, "Hello whirled.");
/* Can't decrypt with public key. */
test_eq(-1, crypto_pk_private_decrypt(pk2, data3, data2, 128,
test_eq(-1, crypto_pk_private_decrypt(pk2, data3, sizeof(data3), data2, 128,
PK_PKCS1_OAEP_PADDING,1));
/* Try again with bad padding */
memcpy(data2+1, "XYZZY", 5); /* This has fails ~ once-in-2^40 */
test_eq(-1, crypto_pk_private_decrypt(pk1, data3, data2, 128,
test_eq(-1, crypto_pk_private_decrypt(pk1, data3, sizeof(data3), data2, 128,
PK_PKCS1_OAEP_PADDING,1));
/* File operations: save and load private key */
@ -734,19 +736,22 @@ test_crypto_pk(void)
get_fname("xyzzy")) < 0);
test_assert(! crypto_pk_read_private_key_from_filename(pk2,
get_fname("pkey1")));
test_eq(15, crypto_pk_private_decrypt(pk2, data3, data1, 128,
test_eq(15, crypto_pk_private_decrypt(pk2, data3, sizeof(data3), data1, 128,
PK_PKCS1_OAEP_PADDING,1));
/* Now try signing. */
strlcpy(data1, "Ossifrage", 1024);
test_eq(128, crypto_pk_private_sign(pk1, data2, data1, 10));
test_eq(10, crypto_pk_public_checksig(pk1, data3, data2, 128));
test_eq(128, crypto_pk_private_sign(pk1, data2, sizeof(data2), data1, 10));
test_eq(10, crypto_pk_public_checksig(pk1, data3, sizeof(data3), data2, 128));
test_streq(data3, "Ossifrage");
/* Try signing digests. */
test_eq(128, crypto_pk_private_sign_digest(pk1, data2, data1, 10));
test_eq(20, crypto_pk_public_checksig(pk1, data3, data2, 128));
test_eq(0, crypto_pk_public_checksig_digest(pk1, data1, 10, data2, 128));
test_eq(-1, crypto_pk_public_checksig_digest(pk1, data1, 11, data2, 128));
test_eq(128, crypto_pk_private_sign_digest(pk1, data2, sizeof(data2),
data1, 10));
test_eq(20, crypto_pk_public_checksig(pk1, data3, sizeof(data1), data2, 128));
test_eq(0, crypto_pk_public_checksig_digest(pk1, data1,
10, data2, 128));
test_eq(-1, crypto_pk_public_checksig_digest(pk1, data1,
11, data2, 128));
/*XXXX test failed signing*/
/* Try encoding */
@ -767,9 +772,11 @@ test_crypto_pk(void)
continue;
p = (i==0)?PK_NO_PADDING:
(i==1)?PK_PKCS1_PADDING:PK_PKCS1_OAEP_PADDING;
len = crypto_pk_public_hybrid_encrypt(pk1,data2,data1,j,p,0);
len = crypto_pk_public_hybrid_encrypt(pk1,data2,sizeof(data2),
data1,j,p,0);
test_assert(len>=0);
len = crypto_pk_private_hybrid_decrypt(pk1,data3,data2,len,p,1);
len = crypto_pk_private_hybrid_decrypt(pk1,data3,sizeof(data3),
data2,len,p,1);
test_eq(len,j);
test_memeq(data1,data3,j);
}
@ -3361,11 +3368,11 @@ test_v3_networkstatus(void)
sign_skey_leg1 = pk_generate(4);
test_assert(!crypto_pk_read_private_key_from_string(sign_skey_1,
AUTHORITY_SIGNKEY_1));
AUTHORITY_SIGNKEY_1,-1));
test_assert(!crypto_pk_read_private_key_from_string(sign_skey_2,
AUTHORITY_SIGNKEY_2));
AUTHORITY_SIGNKEY_2,-1));
test_assert(!crypto_pk_read_private_key_from_string(sign_skey_3,
AUTHORITY_SIGNKEY_3));
AUTHORITY_SIGNKEY_3,-1));
test_assert(!crypto_pk_cmp_keys(sign_skey_1, cert1->signing_key));
test_assert(!crypto_pk_cmp_keys(sign_skey_2, cert2->signing_key));

2
src/or/test_data.c
View File

@ -1,6 +1,6 @@
/* Copyright 2001-2004 Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/** First of 3 example authority certificates for unit testing. */

2
src/or/tor_main.c
View File

@ -1,6 +1,6 @@
/* Copyright 2001-2004 Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2010, The Tor Project, Inc. */
* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/** String describing which Tor subversion repository version the source was

2
src/tools/tor-gencert.c
View File

@ -1,4 +1,4 @@
/* Copyright (c) 2007-2010 The Tor Project, Inc. */
/* Copyright (c) 2007-2011, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"

2
src/tools/tor-resolve.c
View File

@ -1,5 +1,5 @@
/* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson
* Copyright (c) 2007-2010, The Tor Project, Inc.
* Copyright (c) 2007-2011, The Tor Project, Inc.
*/
/* See LICENSE for licensing information */