summaryrefslogtreecommitdiff
path: root/src/common
diff options
context:
space:
mode:
Diffstat (limited to 'src/common')
-rw-r--r--src/common/aes.c6
-rw-r--r--src/common/compat.h1
-rw-r--r--src/common/mempool.c30
-rw-r--r--src/common/mempool.h2
-rw-r--r--src/common/tortls.c16
-rw-r--r--src/common/tortls.h3
6 files changed, 33 insertions, 25 deletions
diff --git a/src/common/aes.c b/src/common/aes.c
index 96d5ca4126..d1698604cd 100644
--- a/src/common/aes.c
+++ b/src/common/aes.c
@@ -28,8 +28,13 @@ const char aes_c_id[] = "$Id$";
/* We have 3 strategies for getting AES: Via OpenSSL's AES_encrypt function,
* via OpenSSL's EVP_EncryptUpdate function, or via the built-in AES
* implementation below. */
+
+/** Defined iff we're using openssl's AES functions for AES. */
#undef USE_OPENSSL_AES
+/** Defined iff we're using openssl's EVP code for AES. */
#undef USE_OPENSSL_EVP
+/** Defined iff we're using Tor's internal AES implementation, defined
+ * below. */
#undef USE_BUILTIN_AES
/* Figure out our CPU type. We use this to pick an AES implementation.
@@ -130,6 +135,7 @@ static void rijndaelEncrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr,
/*======================================================================*/
/* Interface to AES code, and counter implementation */
+/** Implements an aes counter-mode cipher. */
struct aes_cnt_cipher {
/** This next element (howevever it's defined) is the AES key. */
#if defined(USE_OPENSSL_EVP)
diff --git a/src/common/compat.h b/src/common/compat.h
index 919f542768..d8a9826826 100644
--- a/src/common/compat.h
+++ b/src/common/compat.h
@@ -330,6 +330,7 @@ struct sockaddr_in6 {
typedef uint8_t maskbits_t;
struct in_addr;
+/** DOCDOC */
typedef struct tor_addr_t
{
sa_family_t family;
diff --git a/src/common/mempool.c b/src/common/mempool.c
index 081009b9d2..7c8092de71 100644
--- a/src/common/mempool.c
+++ b/src/common/mempool.c
@@ -12,7 +12,7 @@
#define MEMPOOL_PRIVATE
#include "mempool.h"
-//#define LAZY_CHUNK_SORT
+#define LAZY_CHUNK_SORT
/* OVERVIEW:
*
@@ -193,7 +193,9 @@ mp_chunk_new(mp_pool_t *pool)
return chunk;
}
-/** DOCDOC */
+/** Take a <b>chunk</b> that has just been allocated or removed from
+ * <b>pool</b>'s empty chunk list, and add it to the head of the used chunk
+ * list. */
static INLINE void
add_newly_used_chunk_to_used_list(mp_pool_t *pool, mp_chunk_t *chunk)
{
@@ -347,7 +349,6 @@ mp_pool_release(void *item)
++pool->n_empty_chunks;
}
-
--chunk->n_allocated;
}
@@ -404,7 +405,8 @@ mp_pool_new(size_t item_size, size_t chunk_capacity)
}
#ifdef LAZY_CHUNK_SORT
-/** DOCDOC */
+/** Helper function for qsort: used to sort pointers to mp_chunk_t into
+ * descending order of fullness. */
static int
mp_pool_sort_used_chunks_helper(const void *_a, const void *_b)
{
@@ -413,7 +415,9 @@ mp_pool_sort_used_chunks_helper(const void *_a, const void *_b)
return b->n_allocated - a->n_allocated;
}
-/** DOCDOC */
+/** Sort the used chunks in <b>pool</b> into descending order of fullness,
+ * so that we preferentially fill up mostly full chunks before we make
+ * nearly empty chunks less nearly empty. */
static void
mp_pool_sort_used_chunks(mp_pool_t *pool)
{
@@ -426,7 +430,6 @@ mp_pool_sort_used_chunks(mp_pool_t *pool)
}
if (!inverted)
return;
- ASSERT(n);
//printf("Sort %d/%d\n",inverted,n);
chunks = ALLOC(sizeof(mp_chunk_t *)*n);
#ifdef ALLOC_CAN_RETURN_NULL
@@ -456,12 +459,9 @@ mp_pool_sort_used_chunks(mp_pool_t *pool)
#endif
/** If there are more than <b>n</b> empty chunks in <b>pool</b>, free the
- * excess ones that have been empty for the longest. (If <b>n</b> is less
- * than zero, free only empty chunks that were not used since the last
- * call to mp_pool_clean(), leaving only -<b>n</b>.)
- * DOCDOC Keep_recently_used, n_to_keep
- * XXXX020 maybe dump negative n_to_keep behavior, if k_r_u turns out to be
- * smarter.
+ * excess ones that have been empty for the longest. If
+ * <b>keep_recently_used</b> is true, do not free chunks unless they have been
+ * empty since the last call to this function.
**/
void
mp_pool_clean(mp_pool_t *pool, int n_to_keep, int keep_recently_used)
@@ -471,12 +471,8 @@ mp_pool_clean(mp_pool_t *pool, int n_to_keep, int keep_recently_used)
#ifdef LAZY_CHUNK_SORT
mp_pool_sort_used_chunks(pool);
#endif
+ ASSERT(n_to_keep >= 0);
- if (n_to_keep < 0) {
- /* As said in the documentation, "negative n" means "leave an additional
- * -n chunks". So replace n with a positive number. */
- n_to_keep = pool->min_empty_chunks + (-n_to_keep);
- }
if (keep_recently_used) {
int n_recently_used = pool->n_empty_chunks - pool->min_empty_chunks;
if (n_to_keep < n_recently_used)
diff --git a/src/common/mempool.h b/src/common/mempool.h
index 2344c01cba..67e3785ec0 100644
--- a/src/common/mempool.h
+++ b/src/common/mempool.h
@@ -3,7 +3,7 @@
/* $Id$ */
/**
- * \file util.h
+ * \file mempool.h
* \brief Headers for mempool.c
**/
diff --git a/src/common/tortls.c b/src/common/tortls.c
index 210214d072..a2ad919b0b 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -1105,8 +1105,13 @@ log_cert_lifetime(X509 *cert, const char *problem)
tor_free(s2);
}
-/** DOCDOC helper.
- * cert_out needs to be freed. id_cert_out doesn't. */
+/** Helper function: try to extract a link certificate and an identity
+ * certificate from <b>tls</b>, and store them in *<b>cert_out</b> and
+ * *<b>id_cert_out</b> respectively. Log all messages at level
+ * <b>severity</b>.
+ *
+ * Note that a reference is added to cert_out, so it needs to be
+ * freed. id_cert_out doesn't. */
static void
try_to_extract_certs_from_tls(int severity, tor_tls_t *tls,
X509 **cert_out, X509 **id_cert_out)
@@ -1141,12 +1146,12 @@ try_to_extract_certs_from_tls(int severity, tor_tls_t *tls,
}
/** If the provided tls connection is authenticated and has a
- * certificate that is currently valid and signed, then set
+ * certificate chain that is currently valid and signed, then set
* *<b>identity_key</b> to the identity certificate's key and return
* 0. Else, return -1 and log complaints with log-level <b>severity</b>.
*/
int
-tor_tls_verify_v1(int severity, tor_tls_t *tls, crypto_pk_env_t **identity_key)
+tor_tls_verify(int severity, tor_tls_t *tls, crypto_pk_env_t **identity_key)
{
X509 *cert = NULL, *id_cert = NULL;
EVP_PKEY *id_pkey = NULL;
@@ -1279,7 +1284,8 @@ _check_no_tls_errors(const char *fname, int line)
tls_log_errors(LOG_WARN, NULL);
}
-/**DOCDOC */
+/** Return true iff the initial TLS connection at <b>tls</b> did not use a v2
+ * TLS handshake. Output undefined if the handshake isn't finished. */
int
tor_tls_used_v1_handshake(tor_tls_t *tls)
{
diff --git a/src/common/tortls.h b/src/common/tortls.h
index a41f4dfb27..57ecbbe4dd 100644
--- a/src/common/tortls.h
+++ b/src/common/tortls.h
@@ -55,8 +55,7 @@ void tor_tls_set_renegotiate_callback(tor_tls_t *tls,
int tor_tls_is_server(tor_tls_t *tls);
void tor_tls_free(tor_tls_t *tls);
int tor_tls_peer_has_cert(tor_tls_t *tls);
-int tor_tls_verify_v1(int severity, tor_tls_t *tls,
- crypto_pk_env_t **identity);
+int tor_tls_verify(int severity, tor_tls_t *tls, crypto_pk_env_t **identity);
int tor_tls_check_lifetime(tor_tls_t *tls, int tolerance);
int tor_tls_read(tor_tls_t *tls, char *cp, size_t len);
int tor_tls_write(tor_tls_t *tls, const char *cp, size_t n);
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion