aboutsummaryrefslogtreecommitdiff
path: root/src/or/rendservice.c
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2011-05-10 16:58:38 -0400
committerNick Mathewson <nickm@torproject.org>2011-05-11 16:12:51 -0400
commit59f9097d5c3dc010847c359888d31757d1c97904 (patch)
treebaed5184d13d62645e00d1ed815ffc0861b2ff87 /src/or/rendservice.c
parentdb7b2a33eef9c8d432442b072f9c8868a068bb91 (diff)
downloadtor-59f9097d5c3dc010847c359888d31757d1c97904.tar.gz
tor-59f9097d5c3dc010847c359888d31757d1c97904.zip
Hand-conversion and audit phase of memcmp transition
Here I looked at the results of the automated conversion and cleaned them up as follows: If there was a tor_memcmp or tor_memeq that was in fact "safe"[*] I changed it to a fast_memcmp or fast_memeq. Otherwise if there was a tor_memcmp that could turn into a tor_memneq or tor_memeq, I converted it. This wants close attention. [*] I'm erring on the side of caution here, and leaving some things as tor_memcmp that could in my opinion use the data-dependent fast_memcmp variant.
Diffstat (limited to 'src/or/rendservice.c')
-rw-r--r--src/or/rendservice.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/src/or/rendservice.c b/src/or/rendservice.c
index 2c5eb9780a..d1cc7f4f11 100644
--- a/src/or/rendservice.c
+++ b/src/or/rendservice.c
@@ -962,7 +962,7 @@ rend_service_introduce(origin_circuit_t *circuit, const uint8_t *request,
/* first DIGEST_LEN bytes of request is intro or service pk digest */
crypto_pk_get_digest(intro_key, intro_key_digest);
- if (tor_memcmp(intro_key_digest, request, DIGEST_LEN)) {
+ if (tor_memneq(intro_key_digest, request, DIGEST_LEN)) {
base32_encode(serviceid, REND_SERVICE_ID_LEN_BASE32+1,
(char*)request, REND_SERVICE_ID_LEN);
log_warn(LD_REND, "Got an INTRODUCE2 cell for the wrong service (%s).",
@@ -1306,7 +1306,7 @@ rend_service_launch_establish_intro(rend_service_t *service,
return -1;
}
- if (tor_memcmp(intro->extend_info->identity_digest,
+ if (tor_memneq(intro->extend_info->identity_digest,
launched->build_state->chosen_exit->identity_digest, DIGEST_LEN)) {
char cann[HEX_DIGEST_LEN+1], orig[HEX_DIGEST_LEN+1];
base16_encode(cann, sizeof(cann),