11cd138c74
Fix a security issue (!) in link handshake validation.
...
When making sure that the peer had the right RSA identity, we
were comparing the RSA identity with itself, not with the RSA
identity we expected.
Found via unit testing (!).
2020-10-21 15:37:55 -04:00
29464c4559
Fix comments in tor-cert.
2020-10-21 15:37:05 -04:00
53c27f7956
Infrastructure for testing handshake cert-validation code
2020-10-21 14:48:19 -04:00
48d0984d2f
More tests for handshake connect function
2020-10-21 14:09:20 -04:00
e0344dd78b
Start a basic test for the first part of the handshake.
2020-10-21 14:09:20 -04:00
a94dc1c7f1
LogId test: tolerate concurrent tests.
2020-10-21 14:09:20 -04:00
b528c914ff
Start on some tests for pieces of tor-proto::channel
2020-10-21 12:45:36 -04:00
4bddde1b83
A few coverage-driven tests in tor-cell.
2020-10-21 10:49:04 -04:00
9a9e2fe43b
Specify and test correct handling for bogus netinfo addrs
2020-10-21 10:30:56 -04:00
150ed235c4
Add a fuzzer for our x509_rsa_kludge function.
2020-10-21 10:05:42 -04:00
1316028485
Ed25519 batch verification test.
2020-10-21 09:21:47 -04:00
0cd6e38623
More tests for ed25519identity
2020-10-21 09:06:12 -04:00
bcfbe99d2b
Add a test for Reader::advance
2020-10-21 08:47:20 -04:00
3f3e98d190
Follow API convention about mutable getters.
...
They're supposed to be called field_mut().
2020-10-21 08:12:46 -04:00
743c3167e8
Rename as_message to into_message.
...
According to the API guidelines, "as_" is only for
borrowed->borrowed conversions.
2020-10-21 08:05:33 -04:00
486693115a
Add a close() method for streams
2020-10-20 14:46:59 -04:00
425ee8376b
Add new `terminate()` method to circuits and channels.
...
These aren't called "close" because they're more destructive than
that: they can be called even if other parties are using the circuit
or channel.
This is for arti#21.
2020-10-20 14:28:44 -04:00
c554db9881
Missing file and docs
2020-10-20 13:46:43 -04:00
6e5d248418
Add a TODO for register_meta_handler API
2020-10-20 13:41:34 -04:00
4f567e4a94
Work on closing flooding-based side-channels
...
We need to make sure that we're dropping cells that we don't
recognize or want, so that we can't be flooded with bogus junk.
2020-10-20 13:22:16 -04:00
b0cdd025a1
Add some helpful logs in circuit code.
2020-10-20 12:40:08 -04:00
31cde26138
main.rs: Add a flag for trace-level logs
2020-10-20 11:49:23 -04:00
7ce158ed1e
Add reasonable logging (I hope!) to channel
2020-10-20 11:45:53 -04:00
ebdd2c0318
Test new error type from caret
2020-10-19 18:25:16 -04:00
1dc3fc214a
Implement From, not Into.
...
These traits are inverses of one another, but implementing From is
always preferred since rust 1.41 relaxed the "orphan rules".
2020-10-19 17:40:43 -04:00
16d8b267bc
Resolve remaining XXXXM3 stuff in tor-cell
2020-10-19 14:36:31 -04:00
88a012a9b0
Add assertions for overflow cases in relaycell::msg
2020-10-19 14:25:12 -04:00
3d35f64742
Add assertions for overflow cases in chancell::msg
2020-10-19 14:22:59 -04:00
c7a2efe72b
Add and use remaining CertType values in tor-cert
2020-10-19 14:17:25 -04:00
2bd30f2db3
Use DestroyReason for Truncated messages.
2020-10-19 13:38:15 -04:00
e83d8ec3c2
Turn End reasons into a caret enumeration.
2020-10-19 13:31:46 -04:00
f2ebc94088
Add relay commands for circuit padding.
2020-10-19 13:30:36 -04:00
378aa6d639
Add an enumeration for destroy reasons.
2020-10-19 13:13:55 -04:00
f3e1fafca2
Validate master-key-ed25519 field in routerdescs
2020-10-19 09:44:38 -04:00
57637f3644
netdir: don't use relays with NoEdConsensus flag set.
2020-10-19 09:31:36 -04:00
295a791a82
Improvements to Relay type in tor-netdir.
...
Now, a Relay is always valid. This required some changes to the
API: all_relays() has to return a new UncheckedRelay type that might
or might not be valid, and the functions on Relay and ChanTarget
that return ed25519 identities need to return an Ed25519Identity,
not an ed25519::PublicKey.
This change required some new encoding/decoding/conversion functions
on Ed25519Identity.
2020-10-19 09:22:49 -04:00
3798891b36
Calculate digest correctly when microdesc ends with base64 object.
2020-10-19 08:42:35 -04:00
df406f5319
Netdoc: validate objects even on unrecognized items.
2020-10-19 08:09:20 -04:00
6f3d5d061d
portpolicy: note a spec issue
2020-10-19 08:08:38 -04:00
9d6d26d310
Explain problems with APIs in linkspec::traits.
2020-10-18 21:12:58 -04:00
9c0d2ac20d
Resolve XXXXM3 comments in caret crate
2020-10-18 20:34:38 -04:00
5523134607
Mark must-resolve XXXX issues with "XXXXM3".
...
"M3" is for "milestone 3" -- my target to fix the technical debt
that I think will be bad if we ship even a pre-alpha with it.
These aren't necessarily _all_ must-resolve, but they're all
must-look-at.
Closes #15
2020-10-18 17:38:59 -04:00
582cb945e4
More notes in README.md: assumed proposals, stability (non)guarantee
2020-10-18 17:38:28 -04:00
32bfeb84eb
Update microdesc parsing: ed25519 keys are no longer optional.
2020-10-18 17:12:47 -04:00
32c2bc4bc1
Clarify TODOs in tor-protover
2020-10-18 17:06:15 -04:00
0bd6d62951
tor-linkspec: remove a completed TODO
2020-10-18 17:03:11 -04:00
311d060037
Remove a comment about a spec clarification
...
This was fixed as torspec#30
2020-10-18 16:59:45 -04:00
5f4eff6338
Resolve XXXX items in tor-cert crate.
2020-10-18 16:54:51 -04:00
1abd93d696
Clarify kludgey magic in our to_der() function.
2020-10-18 16:50:40 -04:00
bc8a32f618
List supported/unsupported subprotocols in the README
2020-10-18 15:59:45 -04:00
Nick Mathewson