Some test and logic corrections

4 files changed, 22 insertions, 18 deletions

diff --git a/src/feature/control/control_cmd.c b/src/feature/control/control_cmd.c
index 739577c506..8df9598c9f 100644
--- a/src/feature/control/control_cmd.c
+++ b/src/feature/control/control_cmd.c
@@ -1831,8 +1831,9 @@ handle_control_add_onion(control_connection_t *conn,
       }
     } else if (!strcasecmp(arg->key, "ClientAuthV3")) {
       hs_service_authorized_client_t *client_v3 =
-                                       parse_authorized_client_key(arg->value);
+                                parse_authorized_client_key(arg->value, false);
       if (!client_v3) {
+        control_write_endreply(conn, 512, "Cannot decode v3 client auth key");
         goto out;
       }
 
@@ -1925,7 +1926,6 @@ handle_control_add_onion(control_connection_t *conn,
                                    auth_clients, auth_clients_v3, &service_id);
   port_cfgs = NULL; /* port_cfgs is now owned by the rendservice code. */
   auth_clients = NULL; /* so is auth_clients */
-  auth_clients_v3 = NULL; /* so is auth_clients_v3 */
   switch (ret) {
   case RSAE_OKAY:
   {
diff --git a/src/feature/hs/hs_service.c b/src/feature/hs/hs_service.c
index 53b90ce374..c173dbcbfe 100644
--- a/src/feature/hs/hs_service.c
+++ b/src/feature/hs/hs_service.c
@@ -1119,17 +1119,19 @@ client_filename_is_valid(const char *filename)
  *
  * Return the key on success, return NULL, otherwise. */
 hs_service_authorized_client_t *
-parse_authorized_client_key(const char *key_str)
+parse_authorized_client_key(const char *key_str, bool log)
 {
   hs_service_authorized_client_t *client = NULL;
 
-  /* We expect a specific length of the base32 encoded key so make sure we
+  /* We expect a specific length of the base64 encoded key so make sure we
    * have that so we don't successfully decode a value with a different length
    * and end up in trouble when copying the decoded key into a fixed length
    * buffer. */
   if (strlen(key_str) != BASE32_NOPAD_LEN(CURVE25519_PUBKEY_LEN)) {
-    log_warn(LD_REND, "Client authorization encoded base32 public key "
-                      "length is invalid: %s", key_str);
+    if (log) {
+      log_warn(LD_REND, "Client authorization encoded base32 public key "
+                        "length is invalid: %s", key_str);
+    }
     goto err;
   }
 
@@ -1138,8 +1140,10 @@ parse_authorized_client_key(const char *key_str)
                     sizeof(client->client_pk.public_key),
                     key_str, strlen(key_str)) !=
       sizeof(client->client_pk.public_key)) {
-    log_warn(LD_REND, "Client authorization public key cannot be decoded: %s",
-             key_str);
+    if (log) {
+      log_warn(LD_REND, "Client authorization public key cannot be decoded: "
+               "%s", key_str);
+    }
     goto err;
   }
 
@@ -1198,7 +1202,7 @@ parse_authorized_client(const char *client_key_str)
     goto err;
   }
 
-  if ((client = parse_authorized_client_key(pubkey_b32)) == NULL) {
+  if ((client = parse_authorized_client_key(pubkey_b32, true)) == NULL) {
     goto err;
   }
 
@@ -3753,14 +3757,14 @@ hs_service_add_ephemeral(ed25519_secret_key_t *sk, smartlist_t *ports,
     goto err;
   }
 
-  if (service->config.clients == NULL) {
-    service->config.clients = smartlist_new();
-  }
-  SMARTLIST_FOREACH(auth_clients_v3, hs_service_authorized_client_t *, c, {
-    if (c != NULL) {
-      smartlist_add(service->config.clients, c);
+  if (auth_clients_v3) {
+    if (service->config.clients == NULL) {
+      service->config.clients = smartlist_new();
     }
-  });
+    SMARTLIST_FOREACH(auth_clients_v3, hs_service_authorized_client_t *, c, {
+      smartlist_add(service->config.clients, c);
+    });
+  }
 
   /* Build the onion address for logging purposes but also the control port
    * uses it for the HS_DESC event. */
diff --git a/src/feature/hs/hs_service.h b/src/feature/hs/hs_service.h
index 4d49929127..12698a483c 100644
--- a/src/feature/hs/hs_service.h
+++ b/src/feature/hs/hs_service.h
@@ -390,7 +390,7 @@ void hs_service_dump_stats(int severity);
 void hs_service_circuit_cleanup_on_close(const circuit_t *circ);
 
 hs_service_authorized_client_t *
-parse_authorized_client_key(const char *key_str);
+parse_authorized_client_key(const char *key_str, bool log);
 
 void
 service_authorized_client_free_(hs_service_authorized_client_t *client);
diff --git a/src/feature/rend/rendservice.c b/src/feature/rend/rendservice.c
index 45b1d3d822..add25579b3 100644
--- a/src/feature/rend/rendservice.c
+++ b/src/feature/rend/rendservice.c
@@ -3818,7 +3818,7 @@ upload_service_descriptor(rend_service_t *service)
       smartlist_clear(client_cookies);
       switch (service->auth_type) {
         case REND_NO_AUTH:
-	case REND_V3_AUTH:
+        case REND_V3_AUTH:
           /* Do nothing here. */
           break;
         case REND_BASIC_AUTH: