diff options
author | Nick Mathewson <nickm@torproject.org> | 2018-08-12 17:54:06 -0400 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2018-08-21 12:25:33 -0400 |
commit | 108d9879eb814bc06095a1819d98b1c7c9a38e88 (patch) | |
tree | 0403f8a412f2e7bfddb1d171d122fe627aef81e3 /src/lib/tls | |
parent | 96f8e1980204e83bb943fbff31e308a03b41160c (diff) | |
download | tor-108d9879eb814bc06095a1819d98b1c7c9a38e88.tar.gz tor-108d9879eb814bc06095a1819d98b1c7c9a38e88.zip |
Extract the non-generic part of tor_tls_context_decref().
Diffstat (limited to 'src/lib/tls')
-rw-r--r-- | src/lib/tls/tortls.c | 19 | ||||
-rw-r--r-- | src/lib/tls/tortls_internal.h | 7 | ||||
-rw-r--r-- | src/lib/tls/tortls_nss.c | 7 | ||||
-rw-r--r-- | src/lib/tls/tortls_openssl.c | 28 |
4 files changed, 42 insertions, 19 deletions
diff --git a/src/lib/tls/tortls.c b/src/lib/tls/tortls.c index 4b35177df9..395f0148e2 100644 --- a/src/lib/tls/tortls.c +++ b/src/lib/tls/tortls.c @@ -35,6 +35,25 @@ tor_tls_context_incref(tor_tls_context_t *ctx) ++ctx->refcnt; } +/** Remove a reference to <b>ctx</b>, and free it if it has no more + * references. */ +void +tor_tls_context_decref(tor_tls_context_t *ctx) +{ + tor_assert(ctx); + if (--ctx->refcnt == 0) { + tor_tls_context_impl_free(ctx->ctx); + tor_x509_cert_free(ctx->my_link_cert); + tor_x509_cert_free(ctx->my_id_cert); + tor_x509_cert_free(ctx->my_auth_cert); + crypto_pk_free(ctx->link_key); + crypto_pk_free(ctx->auth_key); + /* LCOV_EXCL_BR_START since ctx will never be NULL here */ + tor_free(ctx); + /* LCOV_EXCL_BR_STOP */ + } +} + /** Free all global TLS structures. */ void tor_tls_free_all(void) diff --git a/src/lib/tls/tortls_internal.h b/src/lib/tls/tortls_internal.h index c58379e19b..b997ee3e4a 100644 --- a/src/lib/tls/tortls_internal.h +++ b/src/lib/tls/tortls_internal.h @@ -29,6 +29,13 @@ int tor_tls_context_init_one(tor_tls_context_t **ppcontext, int is_client); #ifdef ENABLE_OPENSSL +void tor_tls_context_impl_free(struct ssl_ctx_st *); +#else +struct ssl_ctx_st; // XXXX replace +void tor_tls_context_impl_free(struct ssl_ctx_st *); +#endif + +#ifdef ENABLE_OPENSSL tor_tls_t *tor_tls_get_by_ssl(const struct ssl_st *ssl); int tor_tls_client_is_using_v2_ciphers(const struct ssl_st *ssl); void tor_tls_debug_state_callback(const struct ssl_st *ssl, diff --git a/src/lib/tls/tortls_nss.c b/src/lib/tls/tortls_nss.c index 98fecdaf16..3ab5c753d0 100644 --- a/src/lib/tls/tortls_nss.c +++ b/src/lib/tls/tortls_nss.c @@ -85,6 +85,13 @@ tor_tls_context_init_one(tor_tls_context_t **ppcontext, // XXXX return -1; } +void +tor_tls_context_impl_free(struct ssl_ctx_st *ctx) +{ + (void)ctx; + // XXXX + // XXXX openssl type. +} void tor_tls_get_state_description(tor_tls_t *tls, char *buf, size_t sz) diff --git a/src/lib/tls/tortls_openssl.c b/src/lib/tls/tortls_openssl.c index 333b86481e..5f54312355 100644 --- a/src/lib/tls/tortls_openssl.c +++ b/src/lib/tls/tortls_openssl.c @@ -30,6 +30,7 @@ #include "lib/crypt_ops/crypto_util.h" #include "lib/crypt_ops/compat_openssl.h" #include "lib/tls/x509.h" +#include "lib/tls/x509_internal.h" /* Some versions of OpenSSL declare SSL_get_selected_srtp_profile twice in * srtp.h. Suppress the GCC warning so we can build with -Wredundant-decl. */ @@ -488,25 +489,6 @@ static const char CLIENT_CIPHER_LIST[] = #undef CIPHER #undef XCIPHER -/** Remove a reference to <b>ctx</b>, and free it if it has no more - * references. */ -void -tor_tls_context_decref(tor_tls_context_t *ctx) -{ - tor_assert(ctx); - if (--ctx->refcnt == 0) { - SSL_CTX_free(ctx->ctx); - tor_x509_cert_free(ctx->my_link_cert); - tor_x509_cert_free(ctx->my_id_cert); - tor_x509_cert_free(ctx->my_auth_cert); - crypto_pk_free(ctx->link_key); - crypto_pk_free(ctx->auth_key); - /* LCOV_EXCL_BR_START since ctx will never be NULL here */ - tor_free(ctx); - /* LCOV_EXCL_BR_STOP */ - } -} - /** Set *<b>link_cert_out</b> and *<b>id_cert_out</b> to the link certificate * and ID certificate that we're currently using for our V3 in-protocol * handshake's certificate chain. If <b>server</b> is true, provide the certs @@ -599,6 +581,14 @@ tor_tls_context_init_one(tor_tls_context_t **ppcontext, return ((new_ctx != NULL) ? 0 : -1); } +void +tor_tls_context_impl_free(struct ssl_ctx_st *ctx) +{ + if (!ctx) + return; + SSL_CTX_free(ctx); +} + /** The group we should use for ecdhe when none was selected. */ #define NID_tor_default_ecdhe_group NID_X9_62_prime256v1 |