diff options
| -rw-r--r-- | src/feature/hs/hs_descriptor.c | 128 | ||||
| -rw-r--r-- | src/feature/hs/hs_descriptor.h | 5 | ||||
| -rw-r--r-- | src/test/test_hs_descriptor.c | 2 |
3 files changed, 69 insertions, 66 deletions
diff --git a/src/feature/hs/hs_descriptor.c b/src/feature/hs/hs_descriptor.c index 52b0802714..dc7012ec44 100644 --- a/src/feature/hs/hs_descriptor.c +++ b/src/feature/hs/hs_descriptor.c @@ -152,62 +152,6 @@ static token_rule_t hs_desc_intro_point_v3_token_table[] = { END_OF_TABLE }; -/* Free the content of the plaintext section of a descriptor. */ -STATIC void -desc_plaintext_data_free_contents(hs_desc_plaintext_data_t *desc) -{ - if (!desc) { - return; - } - - if (desc->superencrypted_blob) { - tor_free(desc->superencrypted_blob); - } - tor_cert_free(desc->signing_key_cert); - - memwipe(desc, 0, sizeof(*desc)); -} - -/* Free the content of the superencrypted section of a descriptor. */ -static void -desc_superencrypted_data_free_contents(hs_desc_superencrypted_data_t *desc) -{ - if (!desc) { - return; - } - - if (desc->encrypted_blob) { - tor_free(desc->encrypted_blob); - } - if (desc->clients) { - SMARTLIST_FOREACH(desc->clients, hs_desc_authorized_client_t *, client, - hs_desc_authorized_client_free(client)); - smartlist_free(desc->clients); - } - - memwipe(desc, 0, sizeof(*desc)); -} - -/* Free the content of the encrypted section of a descriptor. */ -static void -desc_encrypted_data_free_contents(hs_desc_encrypted_data_t *desc) -{ - if (!desc) { - return; - } - - if (desc->intro_auth_types) { - SMARTLIST_FOREACH(desc->intro_auth_types, char *, a, tor_free(a)); - smartlist_free(desc->intro_auth_types); - } - if (desc->intro_points) { - SMARTLIST_FOREACH(desc->intro_points, hs_desc_intro_point_t *, ip, - hs_desc_intro_point_free(ip)); - smartlist_free(desc->intro_points); - } - memwipe(desc, 0, sizeof(*desc)); -} - /* Using a key, salt and encrypted payload, build a MAC and put it in mac_out. * We use SHA3-256 for the MAC computation. * This function can't fail. */ @@ -2288,7 +2232,7 @@ desc_decode_superencrypted_v3(const hs_descriptor_t *desc, err: tor_assert(ret < 0); - desc_superencrypted_data_free_contents(desc_superencrypted_out); + hs_desc_superencrypted_data_free_contents(desc_superencrypted_out); done: if (tokens) { @@ -2388,7 +2332,7 @@ desc_decode_encrypted_v3(const hs_descriptor_t *desc, err: tor_assert(ret < 0); - desc_encrypted_data_free_contents(desc_encrypted_out); + hs_desc_encrypted_data_free_contents(desc_encrypted_out); done: if (tokens) { @@ -2723,11 +2667,67 @@ hs_desc_encode_descriptor,(const hs_descriptor_t *desc, return ret; } +/* Free the content of the plaintext section of a descriptor. */ +void +hs_desc_plaintext_data_free_contents(hs_desc_plaintext_data_t *desc) +{ + if (!desc) { + return; + } + + if (desc->superencrypted_blob) { + tor_free(desc->superencrypted_blob); + } + tor_cert_free(desc->signing_key_cert); + + memwipe(desc, 0, sizeof(*desc)); +} + +/* Free the content of the superencrypted section of a descriptor. */ +void +hs_desc_superencrypted_data_free_contents(hs_desc_superencrypted_data_t *desc) +{ + if (!desc) { + return; + } + + if (desc->encrypted_blob) { + tor_free(desc->encrypted_blob); + } + if (desc->clients) { + SMARTLIST_FOREACH(desc->clients, hs_desc_authorized_client_t *, client, + hs_desc_authorized_client_free(client)); + smartlist_free(desc->clients); + } + + memwipe(desc, 0, sizeof(*desc)); +} + +/* Free the content of the encrypted section of a descriptor. */ +void +hs_desc_encrypted_data_free_contents(hs_desc_encrypted_data_t *desc) +{ + if (!desc) { + return; + } + + if (desc->intro_auth_types) { + SMARTLIST_FOREACH(desc->intro_auth_types, char *, a, tor_free(a)); + smartlist_free(desc->intro_auth_types); + } + if (desc->intro_points) { + SMARTLIST_FOREACH(desc->intro_points, hs_desc_intro_point_t *, ip, + hs_desc_intro_point_free(ip)); + smartlist_free(desc->intro_points); + } + memwipe(desc, 0, sizeof(*desc)); +} + /* Free the descriptor plaintext data object. */ void hs_desc_plaintext_data_free_(hs_desc_plaintext_data_t *desc) { - desc_plaintext_data_free_contents(desc); + hs_desc_plaintext_data_free_contents(desc); tor_free(desc); } @@ -2735,7 +2735,7 @@ hs_desc_plaintext_data_free_(hs_desc_plaintext_data_t *desc) void hs_desc_superencrypted_data_free_(hs_desc_superencrypted_data_t *desc) { - desc_superencrypted_data_free_contents(desc); + hs_desc_superencrypted_data_free_contents(desc); tor_free(desc); } @@ -2743,7 +2743,7 @@ hs_desc_superencrypted_data_free_(hs_desc_superencrypted_data_t *desc) void hs_desc_encrypted_data_free_(hs_desc_encrypted_data_t *desc) { - desc_encrypted_data_free_contents(desc); + hs_desc_encrypted_data_free_contents(desc); tor_free(desc); } @@ -2755,9 +2755,9 @@ hs_descriptor_free_(hs_descriptor_t *desc) return; } - desc_plaintext_data_free_contents(&desc->plaintext_data); - desc_superencrypted_data_free_contents(&desc->superencrypted_data); - desc_encrypted_data_free_contents(&desc->encrypted_data); + hs_desc_plaintext_data_free_contents(&desc->plaintext_data); + hs_desc_superencrypted_data_free_contents(&desc->superencrypted_data); + hs_desc_encrypted_data_free_contents(&desc->encrypted_data); tor_free(desc); } diff --git a/src/feature/hs/hs_descriptor.h b/src/feature/hs/hs_descriptor.h index 64a5a8f7f1..5f589f9277 100644 --- a/src/feature/hs/hs_descriptor.h +++ b/src/feature/hs/hs_descriptor.h @@ -309,6 +309,10 @@ void hs_desc_build_authorized_client(const curve25519_public_key_t *client_pk, auth_ephemeral_sk, const uint8_t *descriptor_cookie, hs_desc_authorized_client_t *client_out); +void hs_desc_plaintext_data_free_contents(hs_desc_plaintext_data_t *desc); +void hs_desc_superencrypted_data_free_contents( + hs_desc_superencrypted_data_t *desc); +void hs_desc_encrypted_data_free_contents(hs_desc_encrypted_data_t *desc); #ifdef HS_DESCRIPTOR_PRIVATE @@ -328,7 +332,6 @@ STATIC int cert_is_valid(tor_cert_t *cert, uint8_t type, STATIC int desc_sig_is_valid(const char *b64_sig, const ed25519_public_key_t *signing_pubkey, const char *encoded_desc, size_t encoded_len); -STATIC void desc_plaintext_data_free_contents(hs_desc_plaintext_data_t *desc); MOCK_DECL(STATIC size_t, decrypt_desc_layer,(const hs_descriptor_t *desc, const uint8_t *encrypted_blob, diff --git a/src/test/test_hs_descriptor.c b/src/test/test_hs_descriptor.c index 952499a2cf..2a2e3a5271 100644 --- a/src/test/test_hs_descriptor.c +++ b/src/test/test_hs_descriptor.c @@ -684,7 +684,7 @@ test_decode_bad_signature(void *arg) teardown_capture_of_logs(); done: - desc_plaintext_data_free_contents(&desc_plaintext); + hs_desc_plaintext_data_free_contents(&desc_plaintext); } static void |