Merge branch 'maint-0.2.1' into release-0.2.1
This commit is contained in:
commit
73a7028a11
2
LICENSE
2
LICENSE
|
@ -13,7 +13,7 @@ Tor is distributed under this license:
|
|||
|
||||
Copyright (c) 2001-2004, Roger Dingledine
|
||||
Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson
|
||||
Copyright (c) 2007-2010, The Tor Project, Inc.
|
||||
Copyright (c) 2007-2011, The Tor Project, Inc.
|
||||
|
||||
Redistribution and use in source and binary forms, with or without
|
||||
modification, are permitted provided that the following conditions are
|
||||
|
|
|
@ -1,10 +1,10 @@
|
|||
# $Id$
|
||||
# Copyright (c) 2001-2004, Roger Dingledine
|
||||
# Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson
|
||||
# Copyright (c) 2007-2010, The Tor Project, Inc.
|
||||
# Copyright (c) 2007-2011, The Tor Project, Inc.
|
||||
# See LICENSE for licensing information
|
||||
|
||||
AUTOMAKE_OPTIONS = foreign
|
||||
AUTOMAKE_OPTIONS = foreign 1.7
|
||||
# else it keeps trying to put COPYING back in
|
||||
|
||||
SUBDIRS = src doc contrib
|
||||
|
|
|
@ -0,0 +1,6 @@
|
|||
o Minor bugfixes
|
||||
- Prevent calls from Libevent from inside Libevent log handlers.
|
||||
This had potential to cause a nasty set of crashes, especially if
|
||||
running Libevent with debug logging enabled, and running Tor
|
||||
with a controller watching for low-severity log messages.
|
||||
Bugfix on 0.1.0.2-rc. Fixes bug 2190.
|
|
@ -0,0 +1,5 @@
|
|||
o Build changes
|
||||
- Tor does not build packages correctly with Automake 1.6 and earlier;
|
||||
added a check to Makefile.am to make sure that we're building with
|
||||
Automake 1.7 or later.
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes
|
||||
- Fix compilation on mingw when a pthreads compatibility library
|
||||
has been installed. (We don't want to use it, so we shouldn't
|
||||
be including pthread.h.) Fixes bug 2313; bugfix on 0.1.0.1-rc.
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes
|
||||
- Add a check for SIZE_T_MAX to tor_realloc to try to avoid
|
||||
underflow errors there too. Fixes bug 2324.
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
o Major bugfixes (security):
|
||||
- Prevent a DoS attack by disallowing any zlib-compressed data
|
||||
whose compression factor is implausibly high. Fixes the
|
||||
second part of bug2324; found by doors.
|
||||
|
|
@ -0,0 +1,6 @@
|
|||
o Minor bugfixes
|
||||
- Fix a bug where we would assert if we ever had a
|
||||
cached-descriptors.new file (or another file read directly into
|
||||
memory) of exactly SIZE_T_CEILING bytes. Found by doors; fixes
|
||||
bug 2326; bugfix on 0.2.1.25.
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
o Minor bugfixes
|
||||
- Fix a bug where we would declare that we had run out of virtual
|
||||
addresses when the address space was only half-exhausted. Bugfix
|
||||
on 0.1.2.1-alpha.
|
||||
- Correctly handle the case where AutomapHostsOnResolve is set but no
|
||||
virtual addresses are available. Fixes bug2328, bugfix on
|
||||
0.1.2.1-alpha. Bug found by doorss.
|
||||
- Correctly handle wrapping around to when we run out of virtual address
|
||||
space. Found by cypherpunks, bugfix on 0.2.0.5-alpha.
|
|
@ -0,0 +1,4 @@
|
|||
o Minor bugfixes
|
||||
- Fix a bug with handling misformed replies to reverse DNS lookup
|
||||
requests in DNSPort. Bugfix on Tor 0.2.0.1-alpha. Related to a bug
|
||||
reported by doorss.
|
|
@ -0,0 +1,6 @@
|
|||
o Minor bugfixes
|
||||
- Fix some potential asserts and partsing issues with grossly
|
||||
malformed router caches. Fixes bug 2352. Found by doorss.
|
||||
Bugfix on Tor 0.2.1.27.
|
||||
|
||||
|
|
@ -0,0 +1,6 @@
|
|||
o Minor bugfixes
|
||||
- Zero out a few more keys in memory before freeing them. Fixes bug
|
||||
2384 and part of bug 2385. These key instances found by
|
||||
"cypherpunks". Bugfix on 0.0.2pre9.
|
||||
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
o Minor features:
|
||||
- Update to the January 1 2011 Maxmind GeoLite Country database.
|
||||
|
|
@ -0,0 +1,8 @@
|
|||
o Major bugfixes (security)
|
||||
- Fix a heap overflow bug where an adversary could cause heap
|
||||
corruption. This bug potentially allows remote code execution
|
||||
attacks. Found by debuger. Fixes CVE-2011-0427. Bugfix on
|
||||
0.1.2.10-rc.
|
||||
o Defensive programming
|
||||
- Introduce output size checks on all of our decryption functions.
|
||||
|
|
@ -22,7 +22,7 @@ VIProductVersion "${VERSION}"
|
|||
VIAddVersionKey "ProductName" "Tor"
|
||||
VIAddVersionKey "Comments" "${WEBSITE}"
|
||||
VIAddVersionKey "LegalTrademarks" "Three line BSD"
|
||||
VIAddVersionKey "LegalCopyright" "©2004-2010, Roger Dingledine, Nick Mathewson, The Tor Project, Inc."
|
||||
VIAddVersionKey "LegalCopyright" "©2004-2011, Roger Dingledine, Nick Mathewson, The Tor Project, Inc."
|
||||
VIAddVersionKey "FileDescription" "Tor is an implementation of Onion Routing. You can read more at ${WEBSITE}"
|
||||
VIAddVersionKey "FileVersion" "${VERSION}"
|
||||
|
||||
|
|
|
@ -22,7 +22,7 @@ VIProductVersion "${VERSION}"
|
|||
VIAddVersionKey "ProductName" "Tor"
|
||||
VIAddVersionKey "Comments" "${WEBSITE}"
|
||||
VIAddVersionKey "LegalTrademarks" "Three line BSD"
|
||||
VIAddVersionKey "LegalCopyright" "©2004-2010, Roger Dingledine, Nick Mathewson, The Tor Project, Inc."
|
||||
VIAddVersionKey "LegalCopyright" "©2004-2011, Roger Dingledine, Nick Mathewson, The Tor Project, Inc."
|
||||
VIAddVersionKey "FileDescription" "Tor is an implementation of Onion Routing. You can read more at ${WEBSITE}"
|
||||
VIAddVersionKey "FileVersion" "${VERSION}"
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
Copyright 2007-2008 Andrew Lewman
|
||||
Copyright 2009-2010 The Tor Project
|
||||
Copyright 2007-2008, Andrew Lewman
|
||||
Copyright 2009-2011, The Tor Project
|
||||
|
||||
----------------
|
||||
General Comments
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2003-2004, Roger Dingledine
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2003-2004, Roger Dingledine
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001, Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2003, Roger Dingledine
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/* Implements a minimal interface to counter-mode AES. */
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2003-2004, Roger Dingledine
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2003-2004, Roger Dingledine
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
#ifndef _TOR_COMPAT_H
|
||||
|
@ -31,7 +31,7 @@
|
|||
#ifdef HAVE_STRING_H
|
||||
#include <string.h>
|
||||
#endif
|
||||
#ifdef HAVE_PTHREAD_H
|
||||
#if defined(HAVE_PTHREAD_H) && !defined(MS_WINDOWS)
|
||||
#include <pthread.h>
|
||||
#endif
|
||||
#include <stdarg.h>
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2003-2004, Roger Dingledine
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2003-2004, Roger Dingledine
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
#ifndef _TOR_CONTAINER_H
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001, Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
@ -439,21 +439,23 @@ crypto_pk_generate_key(crypto_pk_env_t *env)
|
|||
return 0;
|
||||
}
|
||||
|
||||
/** Read a PEM-encoded private key from the string <b>s</b> into <b>env</b>.
|
||||
* Return 0 on success, -1 on failure.
|
||||
/** Read a PEM-encoded private key from the <b>len</b>-byte string <b>s</b>
|
||||
* into <b>env</b>. Return 0 on success, -1 on failure. If len is -1,
|
||||
* the string is nul-terminated.
|
||||
*/
|
||||
/* Used here, and used for testing. */
|
||||
int
|
||||
crypto_pk_read_private_key_from_string(crypto_pk_env_t *env,
|
||||
const char *s)
|
||||
const char *s, ssize_t len)
|
||||
{
|
||||
BIO *b;
|
||||
|
||||
tor_assert(env);
|
||||
tor_assert(s);
|
||||
tor_assert(len < INT_MAX && len < SIZE_T_CEILING);
|
||||
|
||||
/* Create a read-only memory BIO, backed by the NUL-terminated string 's' */
|
||||
b = BIO_new_mem_buf((char*)s, -1);
|
||||
/* Create a read-only memory BIO, backed by the string 's' */
|
||||
b = BIO_new_mem_buf((char*)s, (int)len);
|
||||
|
||||
if (env->key)
|
||||
RSA_free(env->key);
|
||||
|
@ -487,7 +489,8 @@ crypto_pk_read_private_key_from_filename(crypto_pk_env_t *env,
|
|||
}
|
||||
|
||||
/* Try to parse it. */
|
||||
r = crypto_pk_read_private_key_from_string(env, contents);
|
||||
r = crypto_pk_read_private_key_from_string(env, contents, -1);
|
||||
memset(contents, 0, strlen(contents));
|
||||
tor_free(contents);
|
||||
if (r)
|
||||
return -1; /* read_private_key_from_string already warned, so we don't.*/
|
||||
|
@ -625,6 +628,7 @@ crypto_pk_write_private_key_to_filename(crypto_pk_env_t *env,
|
|||
s[len]='\0';
|
||||
r = write_str_to_file(fname, s, 0);
|
||||
BIO_free(bio);
|
||||
memset(s, 0, strlen(s));
|
||||
tor_free(s);
|
||||
return r;
|
||||
}
|
||||
|
@ -717,9 +721,12 @@ crypto_pk_copy_full(crypto_pk_env_t *env)
|
|||
* in <b>env</b>, using the padding method <b>padding</b>. On success,
|
||||
* write the result to <b>to</b>, and return the number of bytes
|
||||
* written. On failure, return -1.
|
||||
*
|
||||
* <b>tolen</b> is the number of writable bytes in <b>to</b>, and must be
|
||||
* at least the length of the modulus of <b>env</b>.
|
||||
*/
|
||||
int
|
||||
crypto_pk_public_encrypt(crypto_pk_env_t *env, char *to,
|
||||
crypto_pk_public_encrypt(crypto_pk_env_t *env, char *to, size_t tolen,
|
||||
const char *from, size_t fromlen, int padding)
|
||||
{
|
||||
int r;
|
||||
|
@ -727,6 +734,7 @@ crypto_pk_public_encrypt(crypto_pk_env_t *env, char *to,
|
|||
tor_assert(from);
|
||||
tor_assert(to);
|
||||
tor_assert(fromlen<INT_MAX);
|
||||
tor_assert(tolen >= crypto_pk_keysize(env));
|
||||
|
||||
r = RSA_public_encrypt((int)fromlen,
|
||||
(unsigned char*)from, (unsigned char*)to,
|
||||
|
@ -742,9 +750,13 @@ crypto_pk_public_encrypt(crypto_pk_env_t *env, char *to,
|
|||
* in <b>env</b>, using the padding method <b>padding</b>. On success,
|
||||
* write the result to <b>to</b>, and return the number of bytes
|
||||
* written. On failure, return -1.
|
||||
*
|
||||
* <b>tolen</b> is the number of writable bytes in <b>to</b>, and must be
|
||||
* at least the length of the modulus of <b>env</b>.
|
||||
*/
|
||||
int
|
||||
crypto_pk_private_decrypt(crypto_pk_env_t *env, char *to,
|
||||
size_t tolen,
|
||||
const char *from, size_t fromlen,
|
||||
int padding, int warnOnFailure)
|
||||
{
|
||||
|
@ -754,6 +766,7 @@ crypto_pk_private_decrypt(crypto_pk_env_t *env, char *to,
|
|||
tor_assert(to);
|
||||
tor_assert(env->key);
|
||||
tor_assert(fromlen<INT_MAX);
|
||||
tor_assert(tolen >= crypto_pk_keysize(env));
|
||||
if (!env->key->p)
|
||||
/* Not a private key */
|
||||
return -1;
|
||||
|
@ -774,9 +787,13 @@ crypto_pk_private_decrypt(crypto_pk_env_t *env, char *to,
|
|||
* public key in <b>env</b>, using PKCS1 padding. On success, write the
|
||||
* signed data to <b>to</b>, and return the number of bytes written.
|
||||
* On failure, return -1.
|
||||
*
|
||||
* <b>tolen</b> is the number of writable bytes in <b>to</b>, and must be
|
||||
* at least the length of the modulus of <b>env</b>.
|
||||
*/
|
||||
int
|
||||
crypto_pk_public_checksig(crypto_pk_env_t *env, char *to,
|
||||
size_t tolen,
|
||||
const char *from, size_t fromlen)
|
||||
{
|
||||
int r;
|
||||
|
@ -784,6 +801,7 @@ crypto_pk_public_checksig(crypto_pk_env_t *env, char *to,
|
|||
tor_assert(from);
|
||||
tor_assert(to);
|
||||
tor_assert(fromlen < INT_MAX);
|
||||
tor_assert(tolen >= crypto_pk_keysize(env));
|
||||
r = RSA_public_decrypt((int)fromlen,
|
||||
(unsigned char*)from, (unsigned char*)to,
|
||||
env->key, RSA_PKCS1_PADDING);
|
||||
|
@ -806,6 +824,7 @@ crypto_pk_public_checksig_digest(crypto_pk_env_t *env, const char *data,
|
|||
{
|
||||
char digest[DIGEST_LEN];
|
||||
char *buf;
|
||||
size_t buflen;
|
||||
int r;
|
||||
|
||||
tor_assert(env);
|
||||
|
@ -818,8 +837,9 @@ crypto_pk_public_checksig_digest(crypto_pk_env_t *env, const char *data,
|
|||
log_warn(LD_BUG, "couldn't compute digest");
|
||||
return -1;
|
||||
}
|
||||
buf = tor_malloc(crypto_pk_keysize(env)+1);
|
||||
r = crypto_pk_public_checksig(env,buf,sig,siglen);
|
||||
buflen = crypto_pk_keysize(env)+1;
|
||||
buf = tor_malloc(buflen);
|
||||
r = crypto_pk_public_checksig(env,buf,buflen,sig,siglen);
|
||||
if (r != DIGEST_LEN) {
|
||||
log_warn(LD_CRYPTO, "Invalid signature");
|
||||
tor_free(buf);
|
||||
|
@ -839,9 +859,12 @@ crypto_pk_public_checksig_digest(crypto_pk_env_t *env, const char *data,
|
|||
* <b>env</b>, using PKCS1 padding. On success, write the signature to
|
||||
* <b>to</b>, and return the number of bytes written. On failure, return
|
||||
* -1.
|
||||
*
|
||||
* <b>tolen</b> is the number of writable bytes in <b>to</b>, and must be
|
||||
* at least the length of the modulus of <b>env</b>.
|
||||
*/
|
||||
int
|
||||
crypto_pk_private_sign(crypto_pk_env_t *env, char *to,
|
||||
crypto_pk_private_sign(crypto_pk_env_t *env, char *to, size_t tolen,
|
||||
const char *from, size_t fromlen)
|
||||
{
|
||||
int r;
|
||||
|
@ -849,6 +872,7 @@ crypto_pk_private_sign(crypto_pk_env_t *env, char *to,
|
|||
tor_assert(from);
|
||||
tor_assert(to);
|
||||
tor_assert(fromlen < INT_MAX);
|
||||
tor_assert(tolen >= crypto_pk_keysize(env));
|
||||
if (!env->key->p)
|
||||
/* Not a private key */
|
||||
return -1;
|
||||
|
@ -867,16 +891,19 @@ crypto_pk_private_sign(crypto_pk_env_t *env, char *to,
|
|||
* <b>from</b>; sign the data with the private key in <b>env</b>, and
|
||||
* store it in <b>to</b>. Return the number of bytes written on
|
||||
* success, and -1 on failure.
|
||||
*
|
||||
* <b>tolen</b> is the number of writable bytes in <b>to</b>, and must be
|
||||
* at least the length of the modulus of <b>env</b>.
|
||||
*/
|
||||
int
|
||||
crypto_pk_private_sign_digest(crypto_pk_env_t *env, char *to,
|
||||
crypto_pk_private_sign_digest(crypto_pk_env_t *env, char *to, size_t tolen,
|
||||
const char *from, size_t fromlen)
|
||||
{
|
||||
int r;
|
||||
char digest[DIGEST_LEN];
|
||||
if (crypto_digest(digest,from,fromlen)<0)
|
||||
return -1;
|
||||
r = crypto_pk_private_sign(env,to,digest,DIGEST_LEN);
|
||||
r = crypto_pk_private_sign(env,to,tolen,digest,DIGEST_LEN);
|
||||
memset(digest, 0, sizeof(digest));
|
||||
return r;
|
||||
}
|
||||
|
@ -900,7 +927,7 @@ crypto_pk_private_sign_digest(crypto_pk_env_t *env, char *to,
|
|||
*/
|
||||
int
|
||||
crypto_pk_public_hybrid_encrypt(crypto_pk_env_t *env,
|
||||
char *to,
|
||||
char *to, size_t tolen,
|
||||
const char *from,
|
||||
size_t fromlen,
|
||||
int padding, int force)
|
||||
|
@ -923,8 +950,13 @@ crypto_pk_public_hybrid_encrypt(crypto_pk_env_t *env,
|
|||
|
||||
if (!force && fromlen+overhead <= pkeylen) {
|
||||
/* It all fits in a single encrypt. */
|
||||
return crypto_pk_public_encrypt(env,to,from,fromlen,padding);
|
||||
return crypto_pk_public_encrypt(env,to,
|
||||
tolen,
|
||||
from,fromlen,padding);
|
||||
}
|
||||
tor_assert(tolen >= fromlen + overhead + CIPHER_KEY_LEN);
|
||||
tor_assert(tolen >= pkeylen);
|
||||
|
||||
cipher = crypto_new_cipher_env();
|
||||
if (!cipher) return -1;
|
||||
if (crypto_cipher_generate_key(cipher)<0)
|
||||
|
@ -946,7 +978,7 @@ crypto_pk_public_hybrid_encrypt(crypto_pk_env_t *env,
|
|||
/* Length of symmetrically encrypted data. */
|
||||
symlen = fromlen-(pkeylen-overhead-CIPHER_KEY_LEN);
|
||||
|
||||
outlen = crypto_pk_public_encrypt(env,to,buf,pkeylen-overhead,padding);
|
||||
outlen = crypto_pk_public_encrypt(env,to,tolen,buf,pkeylen-overhead,padding);
|
||||
if (outlen!=(int)pkeylen) {
|
||||
goto err;
|
||||
}
|
||||
|
@ -972,6 +1004,7 @@ crypto_pk_public_hybrid_encrypt(crypto_pk_env_t *env,
|
|||
int
|
||||
crypto_pk_private_hybrid_decrypt(crypto_pk_env_t *env,
|
||||
char *to,
|
||||
size_t tolen,
|
||||
const char *from,
|
||||
size_t fromlen,
|
||||
int padding, int warnOnFailure)
|
||||
|
@ -985,11 +1018,12 @@ crypto_pk_private_hybrid_decrypt(crypto_pk_env_t *env,
|
|||
pkeylen = crypto_pk_keysize(env);
|
||||
|
||||
if (fromlen <= pkeylen) {
|
||||
return crypto_pk_private_decrypt(env,to,from,fromlen,padding,
|
||||
return crypto_pk_private_decrypt(env,to,tolen,from,fromlen,padding,
|
||||
warnOnFailure);
|
||||
}
|
||||
|
||||
buf = tor_malloc(pkeylen+1);
|
||||
outlen = crypto_pk_private_decrypt(env,buf,from,pkeylen,padding,
|
||||
outlen = crypto_pk_private_decrypt(env,buf,pkeylen+1,from,pkeylen,padding,
|
||||
warnOnFailure);
|
||||
if (outlen<0) {
|
||||
log_fn(warnOnFailure?LOG_WARN:LOG_DEBUG, LD_CRYPTO,
|
||||
|
@ -1007,6 +1041,7 @@ crypto_pk_private_hybrid_decrypt(crypto_pk_env_t *env,
|
|||
}
|
||||
memcpy(to,buf+CIPHER_KEY_LEN,outlen-CIPHER_KEY_LEN);
|
||||
outlen -= CIPHER_KEY_LEN;
|
||||
tor_assert(tolen - outlen >= fromlen - pkeylen);
|
||||
r = crypto_cipher_decrypt(cipher, to+outlen, from+pkeylen, fromlen-pkeylen);
|
||||
if (r<0)
|
||||
goto err;
|
||||
|
@ -1655,7 +1690,7 @@ crypto_dh_compute_secret(crypto_dh_env_t *dh,
|
|||
{
|
||||
char *secret_tmp = NULL;
|
||||
BIGNUM *pubkey_bn = NULL;
|
||||
size_t secret_len=0;
|
||||
size_t secret_len=0, secret_tmp_len=0;
|
||||
int result=0;
|
||||
tor_assert(dh);
|
||||
tor_assert(secret_bytes_out/DIGEST_LEN <= 255);
|
||||
|
@ -1669,7 +1704,8 @@ crypto_dh_compute_secret(crypto_dh_env_t *dh,
|
|||
log_warn(LD_CRYPTO,"Rejected invalid g^x");
|
||||
goto error;
|
||||
}
|
||||
secret_tmp = tor_malloc(crypto_dh_get_bytes(dh));
|
||||
secret_tmp_len = crypto_dh_get_bytes(dh);
|
||||
secret_tmp = tor_malloc(secret_tmp_len);
|
||||
result = DH_compute_key((unsigned char*)secret_tmp, pubkey_bn, dh->dh);
|
||||
if (result < 0) {
|
||||
log_warn(LD_CRYPTO,"DH_compute_key() failed.");
|
||||
|
@ -1688,7 +1724,10 @@ crypto_dh_compute_secret(crypto_dh_env_t *dh,
|
|||
crypto_log_errors(LOG_WARN, "completing DH handshake");
|
||||
if (pubkey_bn)
|
||||
BN_free(pubkey_bn);
|
||||
tor_free(secret_tmp);
|
||||
if (secret_tmp) {
|
||||
memset(secret_tmp, 0, secret_tmp_len);
|
||||
tor_free(secret_tmp);
|
||||
}
|
||||
if (result < 0)
|
||||
return result;
|
||||
else
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001, Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
@ -82,7 +82,7 @@ int crypto_pk_write_private_key_to_string(crypto_pk_env_t *env,
|
|||
int crypto_pk_read_public_key_from_string(crypto_pk_env_t *env,
|
||||
const char *src, size_t len);
|
||||
int crypto_pk_read_private_key_from_string(crypto_pk_env_t *env,
|
||||
const char *s);
|
||||
const char *s, ssize_t len);
|
||||
int crypto_pk_write_private_key_to_filename(crypto_pk_env_t *env,
|
||||
const char *fname);
|
||||
|
||||
|
@ -93,23 +93,25 @@ crypto_pk_env_t *crypto_pk_dup_key(crypto_pk_env_t *orig);
|
|||
crypto_pk_env_t *crypto_pk_copy_full(crypto_pk_env_t *orig);
|
||||
int crypto_pk_key_is_private(const crypto_pk_env_t *key);
|
||||
|
||||
int crypto_pk_public_encrypt(crypto_pk_env_t *env, char *to,
|
||||
int crypto_pk_public_encrypt(crypto_pk_env_t *env, char *to, size_t tolen,
|
||||
const char *from, size_t fromlen, int padding);
|
||||
int crypto_pk_private_decrypt(crypto_pk_env_t *env, char *to,
|
||||
int crypto_pk_private_decrypt(crypto_pk_env_t *env, char *to, size_t tolen,
|
||||
const char *from, size_t fromlen,
|
||||
int padding, int warnOnFailure);
|
||||
int crypto_pk_public_checksig(crypto_pk_env_t *env, char *to,
|
||||
int crypto_pk_public_checksig(crypto_pk_env_t *env, char *to, size_t tolen,
|
||||
const char *from, size_t fromlen);
|
||||
int crypto_pk_public_checksig_digest(crypto_pk_env_t *env, const char *data,
|
||||
size_t datalen, const char *sig, size_t siglen);
|
||||
int crypto_pk_private_sign(crypto_pk_env_t *env, char *to,
|
||||
int crypto_pk_private_sign(crypto_pk_env_t *env, char *to, size_t tolen,
|
||||
const char *from, size_t fromlen);
|
||||
int crypto_pk_private_sign_digest(crypto_pk_env_t *env, char *to,
|
||||
int crypto_pk_private_sign_digest(crypto_pk_env_t *env, char *to, size_t tolen,
|
||||
const char *from, size_t fromlen);
|
||||
int crypto_pk_public_hybrid_encrypt(crypto_pk_env_t *env, char *to,
|
||||
size_t tolen,
|
||||
const char *from, size_t fromlen,
|
||||
int padding, int force);
|
||||
int crypto_pk_private_hybrid_decrypt(crypto_pk_env_t *env, char *to,
|
||||
size_t tolen,
|
||||
const char *from, size_t fromlen,
|
||||
int padding, int warnOnFailure);
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2002, Christopher Clark.
|
||||
* Copyright (c) 2005-2006, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See license at end. */
|
||||
|
||||
/* Based on ideas by Christopher Clark and interfaces from Niels Provos. */
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001, Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
@ -280,6 +280,10 @@ logv(int severity, log_domain_mask_t domain, const char *funcname,
|
|||
lf = lf->next;
|
||||
continue;
|
||||
}
|
||||
if (lf->callback && (domain & LD_NOCB)) {
|
||||
lf = lf->next;
|
||||
continue;
|
||||
}
|
||||
if (lf->seems_dead) {
|
||||
lf = lf->next;
|
||||
continue;
|
||||
|
@ -943,19 +947,19 @@ libevent_logging_callback(int severity, const char *msg)
|
|||
}
|
||||
switch (severity) {
|
||||
case _EVENT_LOG_DEBUG:
|
||||
log(LOG_DEBUG, LD_NET, "Message from libevent: %s", buf);
|
||||
log(LOG_DEBUG, LD_NOCB|LD_NET, "Message from libevent: %s", buf);
|
||||
break;
|
||||
case _EVENT_LOG_MSG:
|
||||
log(LOG_INFO, LD_NET, "Message from libevent: %s", buf);
|
||||
log(LOG_INFO, LD_NOCB|LD_NET, "Message from libevent: %s", buf);
|
||||
break;
|
||||
case _EVENT_LOG_WARN:
|
||||
log(LOG_WARN, LD_GENERAL, "Warning from libevent: %s", buf);
|
||||
log(LOG_WARN, LD_NOCB|LD_GENERAL, "Warning from libevent: %s", buf);
|
||||
break;
|
||||
case _EVENT_LOG_ERR:
|
||||
log(LOG_ERR, LD_GENERAL, "Error from libevent: %s", buf);
|
||||
log(LOG_ERR, LD_NOCB|LD_GENERAL, "Error from libevent: %s", buf);
|
||||
break;
|
||||
default:
|
||||
log(LOG_WARN, LD_GENERAL, "Message [%d] from libevent: %s",
|
||||
log(LOG_WARN, LD_NOCB|LD_GENERAL, "Message [%d] from libevent: %s",
|
||||
severity, buf);
|
||||
break;
|
||||
}
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001, Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
@ -94,6 +94,10 @@
|
|||
/** Number of logging domains in the code. */
|
||||
#define N_LOGGING_DOMAINS 19
|
||||
|
||||
/** This log message is not safe to send to a callback-based logger.
|
||||
* Used as a flag, not a log domain. */
|
||||
#define LD_NOCB (1u<<31)
|
||||
|
||||
typedef uint32_t log_domain_mask_t;
|
||||
|
||||
/** Configures which severities are logged for each logging domain for a given
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* Copyright (c) 2008-2010, The Tor Project, Inc. */
|
||||
/* Copyright (c) 2008-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/** \file memarea.c
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* Copyright (c) 2008-2010, The Tor Project, Inc. */
|
||||
/* Copyright (c) 2008-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
/* Tor dependencies */
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
/* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
#if 1
|
||||
/* Tor dependencies */
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
/* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2001-2003, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
#ifndef _TOR_TEST_H
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
@ -57,6 +57,33 @@ method_bits(compress_method_t method)
|
|||
return method == GZIP_METHOD ? 15+16 : 15;
|
||||
}
|
||||
|
||||
/* These macros define the maximum allowable compression factor. Anything of
|
||||
* size greater than CHECK_FOR_COMPRESSION_BOMB_AFTER is not allowed to
|
||||
* have an uncompression factor (uncompressed size:compressed size ratio) of
|
||||
* any greater than MAX_UNCOMPRESSION_FACTOR.
|
||||
*
|
||||
* Picking a value for MAX_UNCOMPRESSION_FACTOR is a trade-off: we want it to
|
||||
* be small to limit the attack multiplier, but we also want it to be large
|
||||
* enough so that no legitimate document --even ones we might invent in the
|
||||
* future -- ever compresses by a factor of greater than
|
||||
* MAX_UNCOMPRESSION_FACTOR. Within those parameters, there's a reasonably
|
||||
* large range of possible values. IMO, anything over 8 is probably safe; IMO
|
||||
* anything under 50 is probably sufficient.
|
||||
*/
|
||||
#define MAX_UNCOMPRESSION_FACTOR 25
|
||||
#define CHECK_FOR_COMPRESSION_BOMB_AFTER (1024*64)
|
||||
|
||||
/** Return true if uncompressing an input of size <b>in_size</b> to an input
|
||||
* of size at least <b>size_out</b> looks like a compression bomb. */
|
||||
static int
|
||||
is_compression_bomb(size_t size_in, size_t size_out)
|
||||
{
|
||||
if (size_in == 0 || size_out < CHECK_FOR_COMPRESSION_BOMB_AFTER)
|
||||
return 0;
|
||||
|
||||
return (size_out / size_in > MAX_UNCOMPRESSION_FACTOR);
|
||||
}
|
||||
|
||||
/** Given <b>in_len</b> bytes at <b>in</b>, compress them into a newly
|
||||
* allocated buffer, using the method described in <b>method</b>. Store the
|
||||
* compressed string in *<b>out</b>, and its length in *<b>out_len</b>.
|
||||
|
@ -159,6 +186,12 @@ tor_gzip_compress(char **out, size_t *out_len,
|
|||
}
|
||||
tor_free(stream);
|
||||
|
||||
if (is_compression_bomb(*out_len, in_len)) {
|
||||
log_warn(LD_BUG, "We compressed something and got an insanely high "
|
||||
"compression factor; other Tors would think this was a zlib bomb.");
|
||||
goto err;
|
||||
}
|
||||
|
||||
return 0;
|
||||
err:
|
||||
if (stream) {
|
||||
|
@ -223,7 +256,7 @@ tor_gzip_uncompress(char **out, size_t *out_len,
|
|||
|
||||
out_size = in_len * 2; /* guess 50% compression. */
|
||||
if (out_size < 1024) out_size = 1024;
|
||||
if (out_size > UINT_MAX)
|
||||
if (out_size >= SIZE_T_CEILING || out_size > UINT_MAX)
|
||||
goto err;
|
||||
|
||||
*out = tor_malloc(out_size);
|
||||
|
@ -263,7 +296,16 @@ tor_gzip_uncompress(char **out, size_t *out_len,
|
|||
old_size = out_size;
|
||||
out_size *= 2;
|
||||
if (out_size < old_size) {
|
||||
log_warn(LD_GENERAL, "Size overflow in compression.");
|
||||
log_warn(LD_GENERAL, "Size overflow in uncompression.");
|
||||
goto err;
|
||||
}
|
||||
if (is_compression_bomb(in_len, out_size)) {
|
||||
log_warn(LD_GENERAL, "Input looks like a possible zlib bomb; "
|
||||
"not proceeding.");
|
||||
goto err;
|
||||
}
|
||||
if (out_size >= SIZE_T_CEILING) {
|
||||
log_warn(LD_BUG, "Hit SIZE_T_CEILING limit while uncompressing.");
|
||||
goto err;
|
||||
}
|
||||
*out = tor_realloc(*out, out_size);
|
||||
|
@ -329,6 +371,11 @@ detect_compression_method(const char *in, size_t in_len)
|
|||
struct tor_zlib_state_t {
|
||||
struct z_stream_s stream;
|
||||
int compress;
|
||||
|
||||
/* Number of bytes read so far. Used to detect zlib bombs. */
|
||||
size_t input_so_far;
|
||||
/* Number of bytes written so far. Used to detect zlib bombs. */
|
||||
size_t output_so_far;
|
||||
};
|
||||
|
||||
/** Construct and return a tor_zlib_state_t object using <b>method</b>. If
|
||||
|
@ -395,11 +442,20 @@ tor_zlib_process(tor_zlib_state_t *state,
|
|||
err = inflate(&state->stream, finish ? Z_FINISH : Z_SYNC_FLUSH);
|
||||
}
|
||||
|
||||
state->input_so_far += state->stream.next_in - ((unsigned char*)*in);
|
||||
state->output_so_far += state->stream.next_out - ((unsigned char*)*out);
|
||||
|
||||
*out = (char*) state->stream.next_out;
|
||||
*out_len = state->stream.avail_out;
|
||||
*in = (const char *) state->stream.next_in;
|
||||
*in_len = state->stream.avail_in;
|
||||
|
||||
if (! state->compress &&
|
||||
is_compression_bomb(state->input_so_far, state->output_so_far)) {
|
||||
log_warn(LD_DIR, "Possible zlib bomb; abandoning stream.");
|
||||
return TOR_ZLIB_ERR;
|
||||
}
|
||||
|
||||
switch (err)
|
||||
{
|
||||
case Z_STREAM_END:
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2003, Roger Dingledine
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2003, Roger Dingledine
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
@ -115,7 +115,7 @@ typedef unsigned int uint32_t;
|
|||
#define UINT32_MAX 0xffffffffu
|
||||
#endif
|
||||
#ifndef INT32_MAX
|
||||
#define INT32_MAX 0x7fffffffu
|
||||
#define INT32_MAX 0x7fffffff
|
||||
#endif
|
||||
#endif
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2003, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2003, Roger Dingledine
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
#ifndef _TOR_TORTLS_H
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2003, Roger Dingledine
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
@ -167,6 +167,8 @@ _tor_realloc(void *ptr, size_t size DMALLOC_PARAMS)
|
|||
{
|
||||
void *result;
|
||||
|
||||
tor_assert(size < SIZE_T_CEILING);
|
||||
|
||||
#ifdef USE_DMALLOC
|
||||
result = dmalloc_realloc(file, line, ptr, size, DMALLOC_FUNC_REALLOC, 0);
|
||||
#else
|
||||
|
@ -1934,7 +1936,7 @@ read_file_to_str(const char *filename, int flags, struct stat *stat_out)
|
|||
return NULL;
|
||||
}
|
||||
|
||||
if ((uint64_t)(statbuf.st_size)+1 > SIZE_T_CEILING)
|
||||
if ((uint64_t)(statbuf.st_size)+1 >= SIZE_T_CEILING)
|
||||
return NULL;
|
||||
|
||||
string = tor_malloc((size_t)(statbuf.st_size+1));
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2003-2004, Roger Dingledine
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
|
5317
src/config/geoip
5317
src/config/geoip
File diff suppressed because it is too large
Load Diff
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001 Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001 Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
@ -768,7 +768,8 @@ circuit_extend(cell_t *cell, circuit_t *circ)
|
|||
n_addr32 = ntohl(get_uint32(cell->payload+RELAY_HEADER_SIZE));
|
||||
n_port = ntohs(get_uint16(cell->payload+RELAY_HEADER_SIZE+4));
|
||||
onionskin = (char*) cell->payload+RELAY_HEADER_SIZE+4+2;
|
||||
id_digest = (char*) cell->payload+RELAY_HEADER_SIZE+4+2+ONIONSKIN_CHALLENGE_LEN;
|
||||
id_digest = (char*) cell->payload+RELAY_HEADER_SIZE+4+2+
|
||||
ONIONSKIN_CHALLENGE_LEN;
|
||||
tor_addr_from_ipv4h(&n_addr, n_addr32);
|
||||
|
||||
if (!n_port || !n_addr32) {
|
||||
|
@ -923,7 +924,7 @@ circuit_finish_handshake(origin_circuit_t *circ, uint8_t reply_type,
|
|||
tor_assert(hop->state == CPATH_STATE_AWAITING_KEYS);
|
||||
|
||||
if (reply_type == CELL_CREATED && hop->dh_handshake_state) {
|
||||
if (onion_skin_client_handshake(hop->dh_handshake_state, (char*)reply, keys,
|
||||
if (onion_skin_client_handshake(hop->dh_handshake_state, (char*)reply,keys,
|
||||
DIGEST_LEN*2+CIPHER_KEY_LEN*2) < 0) {
|
||||
log_warn(LD_CIRC,"onion_skin_client_handshake failed.");
|
||||
return -END_CIRC_REASON_TORPROTOCOL;
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Copyright 2001 Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001 Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001 Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
@ -576,7 +576,8 @@ command_process_netinfo_cell(cell_t *cell, or_connection_t *conn)
|
|||
/* Consider all the other addresses; if any matches, this connection is
|
||||
* "canonical." */
|
||||
tor_addr_t addr;
|
||||
const uint8_t *next = decode_address_from_payload(&addr, cp, (int)(end-cp));
|
||||
const uint8_t *next =
|
||||
decode_address_from_payload(&addr, cp, (int)(end-cp));
|
||||
if (next == NULL) {
|
||||
log_fn(LOG_PROTOCOL_WARN, LD_OR,
|
||||
"Bad address in netinfo cell; closing connection.");
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001 Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
@ -2294,7 +2294,7 @@ print_usage(void)
|
|||
printf(
|
||||
"Copyright (c) 2001-2004, Roger Dingledine\n"
|
||||
"Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson\n"
|
||||
"Copyright (c) 2007-2010, The Tor Project, Inc.\n\n"
|
||||
"Copyright (c) 2007-2011, The Tor Project, Inc.\n\n"
|
||||
"tor -f <torrc> [args]\n"
|
||||
"See man page for options, or https://www.torproject.org/ for "
|
||||
"documentation.\n");
|
||||
|
@ -5321,7 +5321,8 @@ or_state_save(time_t now)
|
|||
tor_free(state);
|
||||
fname = get_datadir_fname("state");
|
||||
if (write_str_to_file(fname, contents, 0)<0) {
|
||||
log_warn(LD_FS, "Unable to write state to file \"%s\"", fname);
|
||||
log_warn(LD_FS, "Unable to write state to file \"%s\"; "
|
||||
"will try again later", fname);
|
||||
tor_free(fname);
|
||||
tor_free(contents);
|
||||
return -1;
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001 Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001 Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
@ -1139,9 +1139,23 @@ address_is_in_virtual_range(const char *address)
|
|||
return 0;
|
||||
}
|
||||
|
||||
/** Increment the value of next_virtual_addr; reset it to the start of the
|
||||
* virtual address range if it wraps around.
|
||||
*/
|
||||
static INLINE void
|
||||
increment_virtual_addr(void)
|
||||
{
|
||||
++next_virtual_addr;
|
||||
if (addr_mask_cmp_bits(next_virtual_addr, virtual_addr_network,
|
||||
virtual_addr_netmask_bits))
|
||||
next_virtual_addr = virtual_addr_network;
|
||||
}
|
||||
|
||||
/** Return a newly allocated string holding an address of <b>type</b>
|
||||
* (one of RESOLVED_TYPE_{IPV4|HOSTNAME}) that has not yet been mapped,
|
||||
* and that is very unlikely to be the address of any real host.
|
||||
*
|
||||
* May return NULL if we have run out of virtual addresses.
|
||||
*/
|
||||
static char *
|
||||
addressmap_get_virtual_address(int type)
|
||||
|
@ -1166,25 +1180,26 @@ addressmap_get_virtual_address(int type)
|
|||
/* Don't hand out any .0 or .255 address. */
|
||||
while ((next_virtual_addr & 0xff) == 0 ||
|
||||
(next_virtual_addr & 0xff) == 0xff) {
|
||||
++next_virtual_addr;
|
||||
increment_virtual_addr();
|
||||
if (! --available) {
|
||||
log_warn(LD_CONFIG, "Ran out of virtual addresses!");
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
in.s_addr = htonl(next_virtual_addr);
|
||||
tor_inet_ntoa(&in, buf, sizeof(buf));
|
||||
if (!strmap_get(addressmap, buf)) {
|
||||
++next_virtual_addr;
|
||||
increment_virtual_addr();
|
||||
break;
|
||||
}
|
||||
|
||||
++next_virtual_addr;
|
||||
increment_virtual_addr();
|
||||
--available;
|
||||
log_info(LD_CONFIG, "%d addrs available", (int)available);
|
||||
if (! --available) {
|
||||
// log_info(LD_CONFIG, "%d addrs available", (int)available);
|
||||
if (! available) {
|
||||
log_warn(LD_CONFIG, "Ran out of virtual addresses!");
|
||||
return NULL;
|
||||
}
|
||||
if (addr_mask_cmp_bits(next_virtual_addr, virtual_addr_network,
|
||||
virtual_addr_netmask_bits))
|
||||
next_virtual_addr = virtual_addr_network;
|
||||
}
|
||||
return tor_strdup(buf);
|
||||
} else {
|
||||
|
@ -1199,14 +1214,15 @@ addressmap_get_virtual_address(int type)
|
|||
* allocated string. If another address of the same type is already
|
||||
* mapped to <b>new_address</b>, try to return a copy of that address.
|
||||
*
|
||||
* The string in <b>new_address</b> may be freed, or inserted into a map
|
||||
* as appropriate.
|
||||
* The string in <b>new_address</b> may be freed or inserted into a map
|
||||
* as appropriate. May return NULL if are out of virtual addresses.
|
||||
**/
|
||||
const char *
|
||||
addressmap_register_virtual_address(int type, char *new_address)
|
||||
{
|
||||
char **addrp;
|
||||
virtaddress_entry_t *vent;
|
||||
int vent_needs_to_be_added = 0;
|
||||
|
||||
tor_assert(new_address);
|
||||
tor_assert(addressmap);
|
||||
|
@ -1215,7 +1231,7 @@ addressmap_register_virtual_address(int type, char *new_address)
|
|||
vent = strmap_get(virtaddress_reversemap, new_address);
|
||||
if (!vent) {
|
||||
vent = tor_malloc_zero(sizeof(virtaddress_entry_t));
|
||||
strmap_set(virtaddress_reversemap, new_address, vent);
|
||||
vent_needs_to_be_added = 1;
|
||||
}
|
||||
|
||||
addrp = (type == RESOLVED_TYPE_IPV4) ?
|
||||
|
@ -1225,6 +1241,7 @@ addressmap_register_virtual_address(int type, char *new_address)
|
|||
if (ent && ent->new_address &&
|
||||
!strcasecmp(new_address, ent->new_address)) {
|
||||
tor_free(new_address);
|
||||
tor_assert(!vent_needs_to_be_added);
|
||||
return tor_strdup(*addrp);
|
||||
} else
|
||||
log_warn(LD_BUG,
|
||||
|
@ -1236,7 +1253,14 @@ addressmap_register_virtual_address(int type, char *new_address)
|
|||
|
||||
tor_free(*addrp);
|
||||
*addrp = addressmap_get_virtual_address(type);
|
||||
if (!*addrp) {
|
||||
tor_free(vent);
|
||||
tor_free(new_address);
|
||||
return NULL;
|
||||
}
|
||||
log_info(LD_APP, "Registering map from %s to %s", *addrp, new_address);
|
||||
if (vent_needs_to_be_added)
|
||||
strmap_set(virtaddress_reversemap, new_address, vent);
|
||||
addressmap_register(*addrp, new_address, 2, ADDRMAPSRC_CONTROLLER);
|
||||
|
||||
#if 0
|
||||
|
@ -1415,7 +1439,12 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
|
|||
const char *new_addr;
|
||||
new_addr = addressmap_register_virtual_address(
|
||||
RESOLVED_TYPE_IPV4, tor_strdup(socks->address));
|
||||
tor_assert(new_addr);
|
||||
if (! new_addr) {
|
||||
log_warn(LD_APP, "Unable to automap address %s",
|
||||
escaped_safe_str(socks->address));
|
||||
connection_mark_unattached_ap(conn, END_STREAM_REASON_INTERNAL);
|
||||
return -1;
|
||||
}
|
||||
log_info(LD_APP, "Automapping %s to %s",
|
||||
escaped_safe_str(socks->address), safe_str(new_addr));
|
||||
strlcpy(socks->address, new_addr, sizeof(socks->address));
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001 Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2003-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
#include "or.h"
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
#define DIRSERV_PRIVATE
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
#define DIRVOTE_PRIVATE
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2003-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
/* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
@ -271,11 +271,12 @@ dnsserv_resolved(edge_connection_t *conn,
|
|||
name,
|
||||
1, (char*)answer, ttl);
|
||||
} else if (answer_type == RESOLVED_TYPE_HOSTNAME &&
|
||||
answer_len < 256 &&
|
||||
conn->socks_request->command == SOCKS_COMMAND_RESOLVE_PTR) {
|
||||
char *ans = tor_strndup(answer, answer_len);
|
||||
evdns_server_request_add_ptr_reply(req, NULL,
|
||||
name,
|
||||
(char*)answer, ttl);
|
||||
ans, ttl);
|
||||
tor_free(ans);
|
||||
} else if (answer_type == RESOLVED_TYPE_ERROR) {
|
||||
err = DNS_ERR_NOTEXIST;
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
/* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
#include "orconfig.h"
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
/* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001 Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001 Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
@ -362,6 +362,7 @@ networkstatus_check_voter_signature(networkstatus_t *consensus,
|
|||
signed_digest = tor_malloc(signed_digest_len);
|
||||
if (crypto_pk_public_checksig(cert->signing_key,
|
||||
signed_digest,
|
||||
signed_digest_len,
|
||||
voter->signature,
|
||||
voter->signature_len) != DIGEST_LEN ||
|
||||
memcmp(signed_digest, consensus->networkstatus_digest, DIGEST_LEN)) {
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
#define MAIN_PRIVATE
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001 Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
@ -188,6 +188,7 @@ onion_skin_create(crypto_pk_env_t *dest_router_key,
|
|||
|
||||
/* set meeting point, meeting cookie, etc here. Leave zero for now. */
|
||||
if (crypto_pk_public_hybrid_encrypt(dest_router_key, onion_skin_out,
|
||||
ONIONSKIN_CHALLENGE_LEN,
|
||||
challenge, DH_KEY_LEN,
|
||||
PK_PKCS1_OAEP_PADDING, 1)<0)
|
||||
goto err;
|
||||
|
@ -230,6 +231,7 @@ onion_skin_server_handshake(const char *onion_skin, /*ONIONSKIN_CHALLENGE_LEN*/
|
|||
break;
|
||||
note_crypto_pk_op(DEC_ONIONSKIN);
|
||||
len = crypto_pk_private_hybrid_decrypt(k, challenge,
|
||||
ONIONSKIN_CHALLENGE_LEN,
|
||||
onion_skin, ONIONSKIN_CHALLENGE_LEN,
|
||||
PK_PKCS1_OAEP_PADDING,0);
|
||||
if (len>0)
|
||||
|
@ -379,8 +381,8 @@ fast_server_handshake(const uint8_t *key_in, /* DIGEST_LEN bytes */
|
|||
* and protected by TLS).
|
||||
*/
|
||||
int
|
||||
fast_client_handshake(const uint8_t *handshake_state, /* DIGEST_LEN bytes */
|
||||
const uint8_t *handshake_reply_out, /* DIGEST_LEN*2 bytes */
|
||||
fast_client_handshake(const uint8_t *handshake_state,/*DIGEST_LEN bytes*/
|
||||
const uint8_t *handshake_reply_out,/*DIGEST_LEN*2 bytes*/
|
||||
uint8_t *key_out,
|
||||
size_t key_out_len)
|
||||
{
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001 Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001 Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
@ -193,6 +193,7 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
|
|||
/*XXX maybe give crypto_pk_public_hybrid_encrypt a max_len arg,
|
||||
* to avoid buffer overflows? */
|
||||
r = crypto_pk_public_hybrid_encrypt(intro_key, payload+DIGEST_LEN,
|
||||
sizeof(payload)-DIGEST_LEN,
|
||||
tmp,
|
||||
(int)(dh_offset+DH_KEY_LEN),
|
||||
PK_PKCS1_OAEP_PADDING, 0);
|
||||
|
@ -716,8 +717,10 @@ rend_client_receive_rendezvous(origin_circuit_t *circ, const uint8_t *request,
|
|||
* attach only the connections that are waiting on this circuit, rather
|
||||
* than trying to attach them all. See comments bug 743. */
|
||||
connection_ap_attach_pending();
|
||||
memset(keys, 0, sizeof(keys));
|
||||
return 0;
|
||||
err:
|
||||
memset(keys, 0, sizeof(keys));
|
||||
circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_TORPROTOCOL);
|
||||
return -1;
|
||||
}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
@ -700,7 +700,9 @@ rend_encode_service_descriptor(rend_service_descriptor_t *desc,
|
|||
cp += ipoint_len+1;
|
||||
}
|
||||
note_crypto_pk_op(REND_SERVER);
|
||||
r = crypto_pk_private_sign_digest(key, cp, *str_out, cp-*str_out);
|
||||
r = crypto_pk_private_sign_digest(key,
|
||||
cp, buflen - (cp - *str_out),
|
||||
*str_out, cp-*str_out);
|
||||
if (r<0) {
|
||||
tor_free(*str_out);
|
||||
return -1;
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
@ -64,7 +64,8 @@ rend_mid_establish_intro(or_circuit_t *circ, const uint8_t *request,
|
|||
}
|
||||
/* Rest of body: signature of previous data */
|
||||
note_crypto_pk_op(REND_MID);
|
||||
if (crypto_pk_public_checksig_digest(pk, (char*)request, 2+asn1len+DIGEST_LEN,
|
||||
if (crypto_pk_public_checksig_digest(pk,
|
||||
(char*)request, 2+asn1len+DIGEST_LEN,
|
||||
(char*)(request+2+DIGEST_LEN+asn1len),
|
||||
request_len-(2+DIGEST_LEN+asn1len))<0) {
|
||||
log_warn(LD_PROTOCOL,
|
||||
|
@ -125,7 +126,8 @@ rend_mid_establish_intro(or_circuit_t *circ, const uint8_t *request,
|
|||
* INTRODUCE2 cell.
|
||||
*/
|
||||
int
|
||||
rend_mid_introduce(or_circuit_t *circ, const uint8_t *request, size_t request_len)
|
||||
rend_mid_introduce(or_circuit_t *circ, const uint8_t *request,
|
||||
size_t request_len)
|
||||
{
|
||||
or_circuit_t *intro_circ;
|
||||
char serviceid[REND_SERVICE_ID_LEN_BASE32+1];
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
@ -979,7 +979,8 @@ rend_service_introduce(origin_circuit_t *circuit, const uint8_t *request,
|
|||
/* Next N bytes is encrypted with service key */
|
||||
note_crypto_pk_op(REND_SERVER);
|
||||
r = crypto_pk_private_hybrid_decrypt(
|
||||
intro_key,buf,(char*)(request+DIGEST_LEN),request_len-DIGEST_LEN,
|
||||
intro_key,buf,sizeof(buf),
|
||||
(char*)(request+DIGEST_LEN),request_len-DIGEST_LEN,
|
||||
PK_PKCS1_OAEP_PADDING,1);
|
||||
if (r<0) {
|
||||
log_warn(LD_PROTOCOL, "Couldn't decrypt INTRODUCE2 cell.");
|
||||
|
@ -1213,8 +1214,10 @@ rend_service_introduce(origin_circuit_t *circuit, const uint8_t *request,
|
|||
memcpy(cpath->handshake_digest, keys, DIGEST_LEN);
|
||||
if (extend_info) extend_info_free(extend_info);
|
||||
|
||||
memset(keys, 0, sizeof(keys));
|
||||
return 0;
|
||||
err:
|
||||
memset(keys, 0, sizeof(keys));
|
||||
if (dh) crypto_dh_free(dh);
|
||||
if (launched)
|
||||
circuit_mark_for_close(TO_CIRCUIT(launched), reason);
|
||||
|
@ -1424,7 +1427,8 @@ rend_service_intro_has_opened(origin_circuit_t *circuit)
|
|||
goto err;
|
||||
len += 20;
|
||||
note_crypto_pk_op(REND_SERVER);
|
||||
r = crypto_pk_private_sign_digest(intro_key, buf+len, buf, len);
|
||||
r = crypto_pk_private_sign_digest(intro_key, buf+len, sizeof(buf)-len,
|
||||
buf, len);
|
||||
if (r<0) {
|
||||
log_warn(LD_BUG, "Internal error: couldn't sign introduction request.");
|
||||
reason = END_CIRC_REASON_INTERNAL;
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001 Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
#define ROUTER_PRIVATE
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001 Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
@ -4676,7 +4676,8 @@ routerinfo_incompatible_with_extrainfo(routerinfo_t *ri, extrainfo_t *ei,
|
|||
|
||||
if (ei->pending_sig) {
|
||||
char signed_digest[128];
|
||||
if (crypto_pk_public_checksig(ri->identity_pkey, signed_digest,
|
||||
if (crypto_pk_public_checksig(ri->identity_pkey,
|
||||
signed_digest, sizeof(signed_digest),
|
||||
ei->pending_sig, ei->pending_sig_len) != DIGEST_LEN ||
|
||||
memcmp(signed_digest, ei->cache_info.signed_descriptor_digest,
|
||||
DIGEST_LEN)) {
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
/* Copyright (c) 2001 Matej Pfajfar.
|
||||
* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/**
|
||||
|
@ -571,10 +571,12 @@ router_append_dirobj_signature(char *buf, size_t buf_len, const char *digest,
|
|||
crypto_pk_env_t *private_key)
|
||||
{
|
||||
char *signature;
|
||||
size_t i;
|
||||
size_t i, keysize;
|
||||
|
||||
signature = tor_malloc(crypto_pk_keysize(private_key));
|
||||
if (crypto_pk_private_sign(private_key, signature, digest, DIGEST_LEN) < 0) {
|
||||
keysize = crypto_pk_keysize(private_key);
|
||||
signature = tor_malloc(keysize);
|
||||
if (crypto_pk_private_sign(private_key, signature, keysize,
|
||||
digest, DIGEST_LEN) < 0) {
|
||||
|
||||
log_warn(LD_BUG,"Couldn't sign digest.");
|
||||
goto err;
|
||||
|
@ -924,6 +926,7 @@ check_signature_token(const char *digest,
|
|||
const char *doctype)
|
||||
{
|
||||
char *signed_digest;
|
||||
size_t keysize;
|
||||
const int check_authority = (flags & CST_CHECK_AUTHORITY);
|
||||
const int check_objtype = ! (flags & CST_NO_CHECK_OBJTYPE);
|
||||
|
||||
|
@ -945,9 +948,10 @@ check_signature_token(const char *digest,
|
|||
}
|
||||
}
|
||||
|
||||
signed_digest = tor_malloc(tok->object_size);
|
||||
if (crypto_pk_public_checksig(pkey, signed_digest, tok->object_body,
|
||||
tok->object_size)
|
||||
keysize = crypto_pk_keysize(pkey);
|
||||
signed_digest = tor_malloc(keysize);
|
||||
if (crypto_pk_public_checksig(pkey, signed_digest, keysize,
|
||||
tok->object_body, tok->object_size)
|
||||
!= DIGEST_LEN) {
|
||||
log_warn(LD_DIR, "Error reading %s: invalid signature.", doctype);
|
||||
tor_free(signed_digest);
|
||||
|
@ -2170,7 +2174,6 @@ networkstatus_v2_parse_from_string(const char *s)
|
|||
return ns;
|
||||
}
|
||||
|
||||
|
||||
/** Parse a v3 networkstatus vote, opinion, or consensus (depending on
|
||||
* ns_type), from <b>s</b>, and return the result. Return NULL on failure. */
|
||||
networkstatus_t *
|
||||
|
@ -2550,7 +2553,7 @@ networkstatus_parse_vote_from_string(const char *s, const char **eos_out,
|
|||
goto err;
|
||||
v->good_signature = 1;
|
||||
} else {
|
||||
if (tok->object_size >= INT_MAX)
|
||||
if (tok->object_size >= INT_MAX || tok->object_size >= SIZE_T_CEILING)
|
||||
goto err;
|
||||
/* We already parsed a vote from this voter. Use the first one. */
|
||||
if (v->signature) {
|
||||
|
@ -2701,7 +2704,7 @@ networkstatus_parse_detached_signatures(const char *s, const char *eos)
|
|||
voter = tor_malloc_zero(sizeof(networkstatus_voter_info_t));
|
||||
memcpy(voter->identity_digest, id_digest, DIGEST_LEN);
|
||||
memcpy(voter->signing_key_digest, sk_digest, DIGEST_LEN);
|
||||
if (tok->object_size >= INT_MAX)
|
||||
if (tok->object_size >= INT_MAX || tok->object_size >= SIZE_T_CEILING)
|
||||
goto err;
|
||||
voter->signature = tor_memdup(tok->object_body, tok->object_size);
|
||||
voter->signature_len = (int) tok->object_size;
|
||||
|
@ -3018,6 +3021,10 @@ static directory_token_t *
|
|||
get_next_token(memarea_t *area,
|
||||
const char **s, const char *eos, token_rule_t *table)
|
||||
{
|
||||
/** Reject any object at least this big; it is probably an overflow, an
|
||||
* attack, a bug, or some other nonsense. */
|
||||
#define MAX_UNPARSED_OBJECT_SIZE (128*1024)
|
||||
|
||||
const char *next, *eol, *obstart;
|
||||
size_t obname_len;
|
||||
int i;
|
||||
|
@ -3102,7 +3109,8 @@ get_next_token(memarea_t *area,
|
|||
|
||||
obstart = *s; /* Set obstart to start of object spec */
|
||||
if (*s+16 >= eol || memchr(*s+11,'\0',eol-*s-16) || /* no short lines, */
|
||||
strcmp_len(eol-5, "-----", 5)) { /* nuls or invalid endings */
|
||||
strcmp_len(eol-5, "-----", 5) || /* nuls or invalid endings */
|
||||
(eol-*s) > MAX_UNPARSED_OBJECT_SIZE) { /* name too long */
|
||||
RET_ERR("Malformed object: bad begin line");
|
||||
}
|
||||
tok->object_type = STRNDUP(*s+11, eol-*s-16);
|
||||
|
@ -3127,13 +3135,16 @@ get_next_token(memarea_t *area,
|
|||
ebuf[sizeof(ebuf)-1] = '\0';
|
||||
RET_ERR(ebuf);
|
||||
}
|
||||
if (next - *s > MAX_UNPARSED_OBJECT_SIZE)
|
||||
RET_ERR("Couldn't parse object: missing footer or object much too big.");
|
||||
|
||||
if (!strcmp(tok->object_type, "RSA PUBLIC KEY")) { /* If it's a public key */
|
||||
tok->key = crypto_new_pk_env();
|
||||
if (crypto_pk_read_public_key_from_string(tok->key, obstart, eol-obstart))
|
||||
RET_ERR("Couldn't parse public key.");
|
||||
} else if (!strcmp(tok->object_type, "RSA PRIVATE KEY")) { /* private key */
|
||||
tok->key = crypto_new_pk_env();
|
||||
if (crypto_pk_read_private_key_from_string(tok->key, obstart))
|
||||
if (crypto_pk_read_private_key_from_string(tok->key, obstart, eol-obstart))
|
||||
RET_ERR("Couldn't parse private key.");
|
||||
} else { /* If it's something else, try to base64-decode it */
|
||||
int r;
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright (c) 2001-2004, Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/* Ordinarily defined in tor_main.c; this bit is just here to provide one
|
||||
|
@ -701,25 +701,27 @@ test_crypto_pk(void)
|
|||
test_eq(128, crypto_pk_keysize(pk1));
|
||||
test_eq(128, crypto_pk_keysize(pk2));
|
||||
|
||||
test_eq(128, crypto_pk_public_encrypt(pk2, data1, "Hello whirled.", 15,
|
||||
test_eq(128, crypto_pk_public_encrypt(pk2, data1, sizeof(data1),
|
||||
"Hello whirled.", 15,
|
||||
PK_PKCS1_OAEP_PADDING));
|
||||
test_eq(128, crypto_pk_public_encrypt(pk1, data2, "Hello whirled.", 15,
|
||||
test_eq(128, crypto_pk_public_encrypt(pk1, data2, sizeof(data2),
|
||||
"Hello whirled.", 15,
|
||||
PK_PKCS1_OAEP_PADDING));
|
||||
/* oaep padding should make encryption not match */
|
||||
test_memneq(data1, data2, 128);
|
||||
test_eq(15, crypto_pk_private_decrypt(pk1, data3, data1, 128,
|
||||
test_eq(15, crypto_pk_private_decrypt(pk1, data3, sizeof(data3), data1, 128,
|
||||
PK_PKCS1_OAEP_PADDING,1));
|
||||
test_streq(data3, "Hello whirled.");
|
||||
memset(data3, 0, 1024);
|
||||
test_eq(15, crypto_pk_private_decrypt(pk1, data3, data2, 128,
|
||||
test_eq(15, crypto_pk_private_decrypt(pk1, data3, sizeof(data3), data2, 128,
|
||||
PK_PKCS1_OAEP_PADDING,1));
|
||||
test_streq(data3, "Hello whirled.");
|
||||
/* Can't decrypt with public key. */
|
||||
test_eq(-1, crypto_pk_private_decrypt(pk2, data3, data2, 128,
|
||||
test_eq(-1, crypto_pk_private_decrypt(pk2, data3, sizeof(data3), data2, 128,
|
||||
PK_PKCS1_OAEP_PADDING,1));
|
||||
/* Try again with bad padding */
|
||||
memcpy(data2+1, "XYZZY", 5); /* This has fails ~ once-in-2^40 */
|
||||
test_eq(-1, crypto_pk_private_decrypt(pk1, data3, data2, 128,
|
||||
test_eq(-1, crypto_pk_private_decrypt(pk1, data3, sizeof(data3), data2, 128,
|
||||
PK_PKCS1_OAEP_PADDING,1));
|
||||
|
||||
/* File operations: save and load private key */
|
||||
|
@ -734,19 +736,22 @@ test_crypto_pk(void)
|
|||
get_fname("xyzzy")) < 0);
|
||||
test_assert(! crypto_pk_read_private_key_from_filename(pk2,
|
||||
get_fname("pkey1")));
|
||||
test_eq(15, crypto_pk_private_decrypt(pk2, data3, data1, 128,
|
||||
test_eq(15, crypto_pk_private_decrypt(pk2, data3, sizeof(data3), data1, 128,
|
||||
PK_PKCS1_OAEP_PADDING,1));
|
||||
|
||||
/* Now try signing. */
|
||||
strlcpy(data1, "Ossifrage", 1024);
|
||||
test_eq(128, crypto_pk_private_sign(pk1, data2, data1, 10));
|
||||
test_eq(10, crypto_pk_public_checksig(pk1, data3, data2, 128));
|
||||
test_eq(128, crypto_pk_private_sign(pk1, data2, sizeof(data2), data1, 10));
|
||||
test_eq(10, crypto_pk_public_checksig(pk1, data3, sizeof(data3), data2, 128));
|
||||
test_streq(data3, "Ossifrage");
|
||||
/* Try signing digests. */
|
||||
test_eq(128, crypto_pk_private_sign_digest(pk1, data2, data1, 10));
|
||||
test_eq(20, crypto_pk_public_checksig(pk1, data3, data2, 128));
|
||||
test_eq(0, crypto_pk_public_checksig_digest(pk1, data1, 10, data2, 128));
|
||||
test_eq(-1, crypto_pk_public_checksig_digest(pk1, data1, 11, data2, 128));
|
||||
test_eq(128, crypto_pk_private_sign_digest(pk1, data2, sizeof(data2),
|
||||
data1, 10));
|
||||
test_eq(20, crypto_pk_public_checksig(pk1, data3, sizeof(data1), data2, 128));
|
||||
test_eq(0, crypto_pk_public_checksig_digest(pk1, data1,
|
||||
10, data2, 128));
|
||||
test_eq(-1, crypto_pk_public_checksig_digest(pk1, data1,
|
||||
11, data2, 128));
|
||||
/*XXXX test failed signing*/
|
||||
|
||||
/* Try encoding */
|
||||
|
@ -767,9 +772,11 @@ test_crypto_pk(void)
|
|||
continue;
|
||||
p = (i==0)?PK_NO_PADDING:
|
||||
(i==1)?PK_PKCS1_PADDING:PK_PKCS1_OAEP_PADDING;
|
||||
len = crypto_pk_public_hybrid_encrypt(pk1,data2,data1,j,p,0);
|
||||
len = crypto_pk_public_hybrid_encrypt(pk1,data2,sizeof(data2),
|
||||
data1,j,p,0);
|
||||
test_assert(len>=0);
|
||||
len = crypto_pk_private_hybrid_decrypt(pk1,data3,data2,len,p,1);
|
||||
len = crypto_pk_private_hybrid_decrypt(pk1,data3,sizeof(data3),
|
||||
data2,len,p,1);
|
||||
test_eq(len,j);
|
||||
test_memeq(data1,data3,j);
|
||||
}
|
||||
|
@ -3361,11 +3368,11 @@ test_v3_networkstatus(void)
|
|||
sign_skey_leg1 = pk_generate(4);
|
||||
|
||||
test_assert(!crypto_pk_read_private_key_from_string(sign_skey_1,
|
||||
AUTHORITY_SIGNKEY_1));
|
||||
AUTHORITY_SIGNKEY_1,-1));
|
||||
test_assert(!crypto_pk_read_private_key_from_string(sign_skey_2,
|
||||
AUTHORITY_SIGNKEY_2));
|
||||
AUTHORITY_SIGNKEY_2,-1));
|
||||
test_assert(!crypto_pk_read_private_key_from_string(sign_skey_3,
|
||||
AUTHORITY_SIGNKEY_3));
|
||||
AUTHORITY_SIGNKEY_3,-1));
|
||||
|
||||
test_assert(!crypto_pk_cmp_keys(sign_skey_1, cert1->signing_key));
|
||||
test_assert(!crypto_pk_cmp_keys(sign_skey_2, cert2->signing_key));
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright 2001-2004 Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/** First of 3 example authority certificates for unit testing. */
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
/* Copyright 2001-2004 Roger Dingledine.
|
||||
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc. */
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
/** String describing which Tor subversion repository version the source was
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* Copyright (c) 2007-2010 The Tor Project, Inc. */
|
||||
/* Copyright (c) 2007-2011, The Tor Project, Inc. */
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
#include "orconfig.h"
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson
|
||||
* Copyright (c) 2007-2010, The Tor Project, Inc.
|
||||
* Copyright (c) 2007-2011, The Tor Project, Inc.
|
||||
*/
|
||||
/* See LICENSE for licensing information */
|
||||
|
||||
|
|
Loading…
Reference in New Issue