diff options
| author | George Kadianakis <desnacked@riseup.net> | 2013-06-04 20:00:28 +0300 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2013-08-15 12:03:37 -0400 |
| commit | 33c3e60a376291faed073dcfb6c9b8a0098572a0 (patch) | |
| tree | 85c817c417797c276b1a5849493773c5a5285408 /src/or/config.c | |
| parent | 13784d47536704e8b2fea918ffe4f9bf8c019f88 (diff) | |
| download | tor-33c3e60a376291faed073dcfb6c9b8a0098572a0.tar.gz tor-33c3e60a376291faed073dcfb6c9b8a0098572a0.zip | |
Implement and use a generic auth. cookie initialization function.
Use the generic function for both the ControlPort cookie and the
ExtORPort cookie.
Also, place the global cookie variables in the heap so that we can
pass them around more easily as pointers.
Also also, fix the unit tests that broke by this change.
Conflicts:
src/or/config.h
src/or/ext_orport.c
Diffstat (limited to 'src/or/config.c')
| -rw-r--r-- | src/or/config.c | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/src/or/config.c b/src/or/config.c index f13db3011f..8b89cc4045 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -6464,3 +6464,58 @@ config_maybe_load_geoip_files_(const or_options_t *options, config_load_geoip_file_(AF_INET6, options->GeoIPv6File, "geoip6"); } +/** Initialize cookie authentication (used so far by the ControlPort + * and Extended ORPort). + * + * Allocate memory and create a cookie (of length <b>cookie_len</b>) + * in <b>cookie_out</b>. + * Then write it down to <b>fname</b> and prepend it with <b>header</b>. + * + * If the whole procedure was successful, set + * <b>cookie_is_set_out</b> to True. */ +int +init_cookie_authentication(const char *fname, const char *header, + int cookie_len, + uint8_t **cookie_out, int *cookie_is_set_out) +{ + char cookie_file_str_len = strlen(header) + cookie_len; + char *cookie_file_str = tor_malloc(cookie_file_str_len); + int retval = -1; + + /* We don't want to generate a new cookie every time we call + * options_act(). One should be enough. */ + if (*cookie_is_set_out) { + retval = 0; /* we are all set */ + goto done; + } + + /* If we've already set the cookie, free it before re-setting + it. This can happen if we previously generated a cookie, but + couldn't write it to a disk. */ + if (*cookie_out) + tor_free(*cookie_out); + + /* Generate the cookie */ + *cookie_out = tor_malloc(cookie_len); + if (crypto_rand((char *)*cookie_out, cookie_len) < 0) + goto done; + + /* Create the string that should be written on the file. */ + memcpy(cookie_file_str, header, strlen(header)); + memcpy(cookie_file_str+strlen(header), *cookie_out, cookie_len); + if (write_bytes_to_file(fname, cookie_file_str, cookie_file_str_len, 1)) { + log_warn(LD_FS,"Error writing auth cookie to %s.", escaped(fname)); + goto done; + } + + /* Success! */ + log_info(LD_GENERAL, "Generated auth cookie file in '%s'.", escaped(fname)); + *cookie_is_set_out = 1; + retval = 0; + + done: + memwipe(cookie_file_str, 0, cookie_file_str_len); + tor_free(cookie_file_str); + return retval; +} + |