From c3a5e6b4363eba5157c7cccc049f31f6ae144fcf Mon Sep 17 00:00:00 2001 From: George Kadianakis Date: Mon, 8 Apr 2019 14:35:02 +0300 Subject: Hiding crypt_path_t: Introduce opaque crypt_path_private_t . This will be our base for incrementally hiding crypt_path_t. --- src/core/or/crypt_path_st.h | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/src/core/or/crypt_path_st.h b/src/core/or/crypt_path_st.h index 429480f8ab..90f6a37881 100644 --- a/src/core/or/crypt_path_st.h +++ b/src/core/or/crypt_path_st.h @@ -24,6 +24,15 @@ struct onion_handshake_state_t { } u; }; +#ifdef CRYPT_PATH_PRIVATE + +/* The private parts of crypt path that don't need to be exposed to all the + * modules. */ +struct crypt_path_private_t { +}; + +#endif + /** Holds accounting information for a single step in the layered encryption * performed by a circuit. Used only at the client edge of a circuit. */ struct crypt_path_t { @@ -65,6 +74,10 @@ struct crypt_path_t { * at this step? */ int deliver_window; /**< How many cells are we willing to deliver originating * at this step? */ + + /* Private parts of the crypt_path. Eventually everything should be + * private. */ + struct crypt_path_private_t *private; }; #endif -- cgit v1.2.3-54-g00ecf From 9584798e57f2e5525e01b8bec51de61ff0c256b9 Mon Sep 17 00:00:00 2001 From: George Kadianakis Date: Mon, 8 Apr 2019 12:46:40 +0300 Subject: Hiding crypt_path_t: Move assert functions in crypt_path.c. This commit only moves code, and makes one function public. --- src/core/include.am | 2 ++ src/core/mainloop/connection.c | 1 + src/core/or/circuitlist.c | 54 +----------------------------- src/core/or/circuitlist.h | 1 - src/core/or/crypt_path.c | 74 ++++++++++++++++++++++++++++++++++++++++++ src/core/or/crypt_path.h | 11 +++++++ 6 files changed, 89 insertions(+), 54 deletions(-) create mode 100644 src/core/or/crypt_path.c create mode 100644 src/core/or/crypt_path.h diff --git a/src/core/include.am b/src/core/include.am index 9493f79552..8435ce0415 100644 --- a/src/core/include.am +++ b/src/core/include.am @@ -39,6 +39,7 @@ LIBTOR_APP_A_SOURCES = \ src/core/or/circuitpadding.c \ src/core/or/circuitstats.c \ src/core/or/circuituse.c \ + src/core/or/crypt_path.c \ src/core/or/command.c \ src/core/or/connection_edge.c \ src/core/or/connection_or.c \ @@ -247,6 +248,7 @@ noinst_HEADERS += \ src/core/or/connection_edge.h \ src/core/or/connection_or.h \ src/core/or/connection_st.h \ + src/core/or/crypt_path.h \ src/core/or/cpath_build_state_st.h \ src/core/or/crypt_path_reference_st.h \ src/core/or/crypt_path_st.h \ diff --git a/src/core/mainloop/connection.c b/src/core/mainloop/connection.c index 30504e4edb..f6adfa765a 100644 --- a/src/core/mainloop/connection.c +++ b/src/core/mainloop/connection.c @@ -82,6 +82,7 @@ #include "core/or/policies.h" #include "core/or/reasons.h" #include "core/or/relay.h" +#include "core/or/crypt_path.h" #include "core/proto/proto_http.h" #include "core/proto/proto_socks.h" #include "feature/client/dnsserv.h" diff --git a/src/core/or/circuitlist.c b/src/core/or/circuitlist.c index 6428cdb8a7..ee9e89f380 100644 --- a/src/core/or/circuitlist.c +++ b/src/core/or/circuitlist.c @@ -63,6 +63,7 @@ #include "core/or/circuituse.h" #include "core/or/circuitstats.h" #include "core/or/circuitpadding.h" +#include "core/or/crypt_path.h" #include "core/mainloop/connection.h" #include "app/config/config.h" #include "core/or/connection_edge.h" @@ -2785,59 +2786,6 @@ circuits_handle_oom(size_t current_allocation) n_dirconns_killed); } -/** Verify that cpath layer cp has all of its invariants - * correct. Trigger an assert if anything is invalid. - */ -void -assert_cpath_layer_ok(const crypt_path_t *cp) -{ -// tor_assert(cp->addr); /* these are zero for rendezvous extra-hops */ -// tor_assert(cp->port); - tor_assert(cp); - tor_assert(cp->magic == CRYPT_PATH_MAGIC); - switch (cp->state) - { - case CPATH_STATE_OPEN: - relay_crypto_assert_ok(&cp->crypto); - /* fall through */ - case CPATH_STATE_CLOSED: - /*XXXX Assert that there's no handshake_state either. */ - tor_assert(!cp->rend_dh_handshake_state); - break; - case CPATH_STATE_AWAITING_KEYS: - /* tor_assert(cp->dh_handshake_state); */ - break; - default: - log_fn(LOG_ERR, LD_BUG, "Unexpected state %d", cp->state); - tor_assert(0); - } - tor_assert(cp->package_window >= 0); - tor_assert(cp->deliver_window >= 0); -} - -/** Verify that cpath cp has all of its invariants - * correct. Trigger an assert if anything is invalid. - */ -static void -assert_cpath_ok(const crypt_path_t *cp) -{ - const crypt_path_t *start = cp; - - do { - assert_cpath_layer_ok(cp); - /* layers must be in sequence of: "open* awaiting? closed*" */ - if (cp != start) { - if (cp->state == CPATH_STATE_AWAITING_KEYS) { - tor_assert(cp->prev->state == CPATH_STATE_OPEN); - } else if (cp->state == CPATH_STATE_OPEN) { - tor_assert(cp->prev->state == CPATH_STATE_OPEN); - } - } - cp = cp->next; - tor_assert(cp); - } while (cp != start); -} - /** Verify that circuit c has all of its invariants * correct. Trigger an assert if anything is invalid. */ diff --git a/src/core/or/circuitlist.h b/src/core/or/circuitlist.h index f34f4ed6b7..a50e23716a 100644 --- a/src/core/or/circuitlist.h +++ b/src/core/or/circuitlist.h @@ -228,7 +228,6 @@ int circuit_count_pending_on_channel(channel_t *chan); #define circuit_mark_for_close(c, reason) \ circuit_mark_for_close_((c), (reason), __LINE__, SHORT_FILE__) -void assert_cpath_layer_ok(const crypt_path_t *cp); MOCK_DECL(void, assert_circuit_ok,(const circuit_t *c)); void circuit_free_all(void); void circuits_handle_oom(size_t current_allocation); diff --git a/src/core/or/crypt_path.c b/src/core/or/crypt_path.c new file mode 100644 index 0000000000..d4fc59630a --- /dev/null +++ b/src/core/or/crypt_path.c @@ -0,0 +1,74 @@ +/* + * Copyright (c) 2019, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file crypt_path.c + * + * \brief Functions dealing with layered circuit encryption. This file aims to + * provide an API around the crypt_path_t structure which holds crypto + * information about a specific hop of a circuit. + **/ + +#define CRYPT_PATH_PRIVATE + +#include "core/or/or.h" +#include "core/or/crypt_path.h" + +#include "core/crypto/relay_crypto.h" + +#include "core/or/crypt_path_st.h" + +/** Verify that cpath cp has all of its invariants + * correct. Trigger an assert if anything is invalid. + */ +void +assert_cpath_ok(const crypt_path_t *cp) +{ + const crypt_path_t *start = cp; + + do { + assert_cpath_layer_ok(cp); + /* layers must be in sequence of: "open* awaiting? closed*" */ + if (cp != start) { + if (cp->state == CPATH_STATE_AWAITING_KEYS) { + tor_assert(cp->prev->state == CPATH_STATE_OPEN); + } else if (cp->state == CPATH_STATE_OPEN) { + tor_assert(cp->prev->state == CPATH_STATE_OPEN); + } + } + cp = cp->next; + tor_assert(cp); + } while (cp != start); +} + +/** Verify that cpath layer cp has all of its invariants + * correct. Trigger an assert if anything is invalid. + */ +void +assert_cpath_layer_ok(const crypt_path_t *cp) +{ +// tor_assert(cp->addr); /* these are zero for rendezvous extra-hops */ +// tor_assert(cp->port); + tor_assert(cp); + tor_assert(cp->magic == CRYPT_PATH_MAGIC); + switch (cp->state) + { + case CPATH_STATE_OPEN: + relay_crypto_assert_ok(&cp->crypto); + /* fall through */ + case CPATH_STATE_CLOSED: + /*XXXX Assert that there's no handshake_state either. */ + tor_assert(!cp->rend_dh_handshake_state); + break; + case CPATH_STATE_AWAITING_KEYS: + /* tor_assert(cp->dh_handshake_state); */ + break; + default: + log_fn(LOG_ERR, LD_BUG, "Unexpected state %d", cp->state); + tor_assert(0); + } + tor_assert(cp->package_window >= 0); + tor_assert(cp->deliver_window >= 0); +} + diff --git a/src/core/or/crypt_path.h b/src/core/or/crypt_path.h new file mode 100644 index 0000000000..a9b9aae43d --- /dev/null +++ b/src/core/or/crypt_path.h @@ -0,0 +1,11 @@ +/** + * \file crypt_path.h + * \brief Header file for crypt_path.c. + **/ + +/* rename */ +void assert_cpath_layer_ok(const crypt_path_t *cp); + +/* rename */ +void assert_cpath_ok(const crypt_path_t *cp); + -- cgit v1.2.3-54-g00ecf From f74a80dc3b2ada940e72cd174af5779cac3c3948 Mon Sep 17 00:00:00 2001 From: George Kadianakis Date: Mon, 8 Apr 2019 13:01:18 +0300 Subject: Hiding crypt_path_t: Move init functions to crypt_path.c. This commit only moves code. --- src/core/or/circuitbuild.c | 41 +---------------------------------------- src/core/or/circuitbuild.h | 1 - src/core/or/crypt_path.c | 41 +++++++++++++++++++++++++++++++++++++++++ src/core/or/crypt_path.h | 6 ++++++ src/feature/hs/hs_circuit.c | 1 + src/feature/rend/rendservice.c | 1 + src/test/test_circuitpadding.c | 1 + src/test/test_relaycrypt.c | 2 +- 8 files changed, 52 insertions(+), 42 deletions(-) diff --git a/src/core/or/circuitbuild.c b/src/core/or/circuitbuild.c index cfe0a97bcf..7216b813bd 100644 --- a/src/core/or/circuitbuild.c +++ b/src/core/or/circuitbuild.c @@ -51,6 +51,7 @@ #include "core/or/ocirc_event.h" #include "core/or/policies.h" #include "core/or/relay.h" +#include "core/or/crypt_path.h" #include "feature/client/bridges.h" #include "feature/client/circpathbias.h" #include "feature/client/entrynodes.h" @@ -91,7 +92,6 @@ static int circuit_deliver_create_cell(circuit_t *circ, const create_cell_t *create_cell, int relayed); static crypt_path_t *onion_next_hop_in_cpath(crypt_path_t *cpath); -STATIC int onion_append_hop(crypt_path_t **head_ptr, extend_info_t *choice); static int circuit_send_first_onion_skin(origin_circuit_t *circ); static int circuit_build_no_more_hops(origin_circuit_t *circ); static int circuit_send_intermediate_onion_skin(origin_circuit_t *circ, @@ -2373,23 +2373,6 @@ count_acceptable_nodes, (const smartlist_t *nodes, int direct)) return num; } -/** Add new_hop to the end of the doubly-linked-list head_ptr. - * This function is used to extend cpath by another hop. - */ -void -onion_append_to_cpath(crypt_path_t **head_ptr, crypt_path_t *new_hop) -{ - if (*head_ptr) { - new_hop->next = (*head_ptr); - new_hop->prev = (*head_ptr)->prev; - (*head_ptr)->prev->next = new_hop; - (*head_ptr)->prev = new_hop; - } else { - *head_ptr = new_hop; - new_hop->prev = new_hop->next = new_hop; - } -} - #ifdef TOR_UNIT_TESTS /** Unittest helper function: Count number of hops in cpath linked list. */ @@ -2763,28 +2746,6 @@ onion_extend_cpath(origin_circuit_t *circ) return 0; } -/** Create a new hop, annotate it with information about its - * corresponding router choice, and append it to the - * end of the cpath head_ptr. */ -STATIC int -onion_append_hop(crypt_path_t **head_ptr, extend_info_t *choice) -{ - crypt_path_t *hop = tor_malloc_zero(sizeof(crypt_path_t)); - - /* link hop into the cpath, at the end. */ - onion_append_to_cpath(head_ptr, hop); - - hop->magic = CRYPT_PATH_MAGIC; - hop->state = CPATH_STATE_CLOSED; - - hop->extend_info = extend_info_dup(choice); - - hop->package_window = circuit_initial_package_window(); - hop->deliver_window = CIRCWINDOW_START; - - return 0; -} - /** Allocate a new extend_info object based on the various arguments. */ extend_info_t * extend_info_new(const char *nickname, diff --git a/src/core/or/circuitbuild.h b/src/core/or/circuitbuild.h index b45bc816a3..e6f4f4b496 100644 --- a/src/core/or/circuitbuild.h +++ b/src/core/or/circuitbuild.h @@ -51,7 +51,6 @@ MOCK_DECL(int, circuit_all_predicted_ports_handled, (time_t now, int circuit_append_new_exit(origin_circuit_t *circ, extend_info_t *info); int circuit_extend_to_new_exit(origin_circuit_t *circ, extend_info_t *info); -void onion_append_to_cpath(crypt_path_t **head_ptr, crypt_path_t *new_hop); extend_info_t *extend_info_new(const char *nickname, const char *rsa_id_digest, const struct ed25519_public_key_t *ed_id, diff --git a/src/core/or/crypt_path.c b/src/core/or/crypt_path.c index d4fc59630a..ad1255c865 100644 --- a/src/core/or/crypt_path.c +++ b/src/core/or/crypt_path.c @@ -16,9 +16,50 @@ #include "core/or/crypt_path.h" #include "core/crypto/relay_crypto.h" +#include "core/or/circuitbuild.h" +#include "core/or/circuitlist.h" #include "core/or/crypt_path_st.h" +/** Add new_hop to the end of the doubly-linked-list head_ptr. + * This function is used to extend cpath by another hop. + */ +void +onion_append_to_cpath(crypt_path_t **head_ptr, crypt_path_t *new_hop) +{ + if (*head_ptr) { + new_hop->next = (*head_ptr); + new_hop->prev = (*head_ptr)->prev; + (*head_ptr)->prev->next = new_hop; + (*head_ptr)->prev = new_hop; + } else { + *head_ptr = new_hop; + new_hop->prev = new_hop->next = new_hop; + } +} + +/** Create a new hop, annotate it with information about its + * corresponding router choice, and append it to the + * end of the cpath head_ptr. */ +int +onion_append_hop(crypt_path_t **head_ptr, extend_info_t *choice) +{ + crypt_path_t *hop = tor_malloc_zero(sizeof(crypt_path_t)); + + /* link hop into the cpath, at the end. */ + onion_append_to_cpath(head_ptr, hop); + + hop->magic = CRYPT_PATH_MAGIC; + hop->state = CPATH_STATE_CLOSED; + + hop->extend_info = extend_info_dup(choice); + + hop->package_window = circuit_initial_package_window(); + hop->deliver_window = CIRCWINDOW_START; + + return 0; +} + /** Verify that cpath cp has all of its invariants * correct. Trigger an assert if anything is invalid. */ diff --git a/src/core/or/crypt_path.h b/src/core/or/crypt_path.h index a9b9aae43d..7614aaff28 100644 --- a/src/core/or/crypt_path.h +++ b/src/core/or/crypt_path.h @@ -9,3 +9,9 @@ void assert_cpath_layer_ok(const crypt_path_t *cp); /* rename */ void assert_cpath_ok(const crypt_path_t *cp); +/* rename */ +int onion_append_hop(crypt_path_t **head_ptr, extend_info_t *choice); + +/* rename */ +void onion_append_to_cpath(crypt_path_t **head_ptr, crypt_path_t *new_hop); + diff --git a/src/feature/hs/hs_circuit.c b/src/feature/hs/hs_circuit.c index 253c24d643..a42228d362 100644 --- a/src/feature/hs/hs_circuit.c +++ b/src/feature/hs/hs_circuit.c @@ -15,6 +15,7 @@ #include "core/or/circuituse.h" #include "core/or/policies.h" #include "core/or/relay.h" +#include "core/or/crypt_path.h" #include "feature/client/circpathbias.h" #include "feature/hs/hs_cell.h" #include "feature/hs/hs_circuit.h" diff --git a/src/feature/rend/rendservice.c b/src/feature/rend/rendservice.c index 996e7b9a28..5c267f8e34 100644 --- a/src/feature/rend/rendservice.c +++ b/src/feature/rend/rendservice.c @@ -18,6 +18,7 @@ #include "core/or/circuituse.h" #include "core/or/policies.h" #include "core/or/relay.h" +#include "core/or/crypt_path.h" #include "feature/client/circpathbias.h" #include "feature/control/control_events.h" #include "feature/dirclient/dirclient.h" diff --git a/src/test/test_circuitpadding.c b/src/test/test_circuitpadding.c index 3289c866cf..e24506d9bb 100644 --- a/src/test/test_circuitpadding.c +++ b/src/test/test_circuitpadding.c @@ -9,6 +9,7 @@ #include "core/or/connection_or.h" #include "core/or/channel.h" #include "core/or/channeltls.h" +#include "core/or/crypt_path.h" #include #include "lib/evloop/compat_libevent.h" #include "lib/time/compat_time.h" diff --git a/src/test/test_relaycrypt.c b/src/test/test_relaycrypt.c index fe6889e521..cd58094b10 100644 --- a/src/test/test_relaycrypt.c +++ b/src/test/test_relaycrypt.c @@ -10,7 +10,7 @@ #include "lib/crypt_ops/crypto_rand.h" #include "core/or/relay.h" #include "core/crypto/relay_crypto.h" - +#include "core/or/crypt_path.h" #include "core/or/cell_st.h" #include "core/or/or_circuit_st.h" #include "core/or/origin_circuit_st.h" -- cgit v1.2.3-54-g00ecf From 0c5176d00cfe44e645175c23ed48eccbc74b4842 Mon Sep 17 00:00:00 2001 From: George Kadianakis Date: Mon, 8 Apr 2019 15:16:37 +0300 Subject: Hiding crypt_path_t: Start with crypt_path.crypto . Create some functions to eventually be able to hide crypt_path_t.crypto. --- src/core/crypto/relay_crypto.c | 13 +++++++------ src/core/crypto/relay_crypto.h | 5 +++++ src/core/or/crypt_path.c | 31 ++++++++++++++++++++++++++++++- src/core/or/crypt_path.h | 11 +++++++++++ src/core/or/crypt_path_st.h | 7 +++---- 5 files changed, 56 insertions(+), 11 deletions(-) diff --git a/src/core/crypto/relay_crypto.c b/src/core/crypto/relay_crypto.c index 8931163161..96b1002cab 100644 --- a/src/core/crypto/relay_crypto.c +++ b/src/core/crypto/relay_crypto.c @@ -6,6 +6,7 @@ #include "core/or/or.h" #include "core/or/circuitlist.h" +#include "core/or/crypt_path.h" #include "app/config/config.h" #include "lib/crypt_ops/crypto_cipher.h" #include "lib/crypt_ops/crypto_util.h" @@ -21,7 +22,7 @@ /** Update digest from the payload of cell. Assign integrity part to * cell. */ -static void +void relay_set_digest(crypto_digest_t *digest, cell_t *cell) { char integrity[4]; @@ -85,7 +86,7 @@ relay_digest_matches(crypto_digest_t *digest, cell_t *cell) * * Note that we use the same operation for encrypting and for decrypting. */ -static void +void relay_crypt_one_payload(crypto_cipher_t *cipher, uint8_t *in) { crypto_cipher_crypt_inplace(cipher, (char*) in, CELL_PAYLOAD_SIZE); @@ -152,12 +153,12 @@ relay_decrypt_cell(circuit_t *circ, cell_t *cell, tor_assert(thishop); /* decrypt one layer */ - relay_crypt_one_payload(thishop->crypto.b_crypto, cell->payload); + cpath_crypt_cell(thishop, cell->payload, true); relay_header_unpack(&rh, cell->payload); if (rh.recognized == 0) { /* it's possibly recognized. have to check digest to be sure. */ - if (relay_digest_matches(thishop->crypto.b_digest, cell)) { + if (relay_digest_matches(cpath_get_incoming_digest(thishop), cell)) { *recognized = 1; *layer_hint = thishop; /* This cell is for us. Keep a record of this cell because we will @@ -210,14 +211,14 @@ relay_encrypt_cell_outbound(cell_t *cell, crypt_path_t *layer_hint) { crypt_path_t *thishop; /* counter for repeated crypts */ - relay_set_digest(layer_hint->crypto.f_digest, cell); + cpath_set_cell_forward_digest(layer_hint, cell); thishop = layer_hint; /* moving from farthest to nearest hop */ do { tor_assert(thishop); log_debug(LD_OR,"encrypting a layer of the relay cell."); - relay_crypt_one_payload(thishop->crypto.f_crypto, cell->payload); + cpath_crypt_cell(thishop, cell->payload, false); thishop = thishop->prev; } while (thishop != circ->cpath->prev); diff --git a/src/core/crypto/relay_crypto.h b/src/core/crypto/relay_crypto.h index bcc1531838..7f09219c7f 100644 --- a/src/core/crypto/relay_crypto.h +++ b/src/core/crypto/relay_crypto.h @@ -29,6 +29,11 @@ void relay_crypto_assert_ok(const relay_crypto_t *crypto); uint8_t *relay_crypto_get_sendme_digest(relay_crypto_t *crypto); void relay_crypto_record_sendme_digest(relay_crypto_t *crypto); +void +relay_crypt_one_payload(crypto_cipher_t *cipher, uint8_t *in); + +void +relay_set_digest(crypto_digest_t *digest, cell_t *cell); #endif /* !defined(TOR_RELAY_CRYPTO_H) */ diff --git a/src/core/or/crypt_path.c b/src/core/or/crypt_path.c index ad1255c865..9fc3e013b2 100644 --- a/src/core/or/crypt_path.c +++ b/src/core/or/crypt_path.c @@ -20,6 +20,7 @@ #include "core/or/circuitlist.h" #include "core/or/crypt_path_st.h" +#include "core/or/cell_st.h" /** Add new_hop to the end of the doubly-linked-list head_ptr. * This function is used to extend cpath by another hop. @@ -96,7 +97,7 @@ assert_cpath_layer_ok(const crypt_path_t *cp) switch (cp->state) { case CPATH_STATE_OPEN: - relay_crypto_assert_ok(&cp->crypto); + relay_crypto_assert_ok(&cp->private->crypto); /* fall through */ case CPATH_STATE_CLOSED: /*XXXX Assert that there's no handshake_state either. */ @@ -113,3 +114,31 @@ assert_cpath_layer_ok(const crypt_path_t *cp) tor_assert(cp->deliver_window >= 0); } +/********************** cpath crypto API *******************************/ + +/** Encrypt or decrypt payload using the crypto of cpath. Actual + * operation decided by is_decrypt. */ +void +cpath_crypt_cell(const crypt_path_t *cpath, uint8_t *payload, bool is_decrypt) +{ + if (is_decrypt) { + relay_crypt_one_payload(cpath->private->crypto.b_crypto, payload); + } else { + relay_crypt_one_payload(cpath->private->crypto.f_crypto, payload); + } +} + +/** Getter for the incoming digest of cpath. */ +struct crypto_digest_t * +cpath_get_incoming_digest(const crypt_path_t *cpath) +{ + return cpath->private->crypto.b_digest; +} + +/** Set the right integrity digest on the outgoing cell based on the + * cell payload and update the forward digest of cpath. */ +void +cpath_set_cell_forward_digest(crypt_path_t *cpath, cell_t *cell) +{ + relay_set_digest(cpath->private->crypto.f_digest, cell); +} diff --git a/src/core/or/crypt_path.h b/src/core/or/crypt_path.h index 7614aaff28..fe25d85cfe 100644 --- a/src/core/or/crypt_path.h +++ b/src/core/or/crypt_path.h @@ -15,3 +15,14 @@ int onion_append_hop(crypt_path_t **head_ptr, extend_info_t *choice); /* rename */ void onion_append_to_cpath(crypt_path_t **head_ptr, crypt_path_t *new_hop); + +void +cpath_crypt_cell(const crypt_path_t *cpath, uint8_t *payload, bool is_decrypt); + +struct crypto_digest_t * +cpath_get_incoming_digest(const crypt_path_t *cpath); + +void +cpath_set_cell_forward_digest(crypt_path_t *cpath, cell_t *cell); + + diff --git a/src/core/or/crypt_path_st.h b/src/core/or/crypt_path_st.h index 90f6a37881..833cfefad1 100644 --- a/src/core/or/crypt_path_st.h +++ b/src/core/or/crypt_path_st.h @@ -29,6 +29,9 @@ struct onion_handshake_state_t { /* The private parts of crypt path that don't need to be exposed to all the * modules. */ struct crypt_path_private_t { + /** Cryptographic state used for encrypting and authenticating relay + * cells to and from this hop. */ + relay_crypto_t crypto; }; #endif @@ -38,10 +41,6 @@ struct crypt_path_private_t { struct crypt_path_t { uint32_t magic; - /** Cryptographic state used for encrypting and authenticating relay - * cells to and from this hop. */ - relay_crypto_t crypto; - /** Current state of the handshake as performed with the OR at this * step. */ onion_handshake_state_t handshake_state; -- cgit v1.2.3-54-g00ecf From 5f96b7abccc8e393c7f5e370ab3bf838dc3f8d4f Mon Sep 17 00:00:00 2001 From: George Kadianakis Date: Mon, 8 Apr 2019 15:32:23 +0300 Subject: Hiding crypt_path_t: Move some more init funcs in crypt_path.c. Everything is moved, but the argument of the function is edited to access ->private->crypto. --- src/core/or/circuitbuild.c | 28 ---------------------------- src/core/or/circuitbuild.h | 3 --- src/core/or/crypt_path.c | 30 ++++++++++++++++++++++++++++++ src/core/or/crypt_path.h | 4 ++++ 4 files changed, 34 insertions(+), 31 deletions(-) diff --git a/src/core/or/circuitbuild.c b/src/core/or/circuitbuild.c index 7216b813bd..1ceb77c4ad 100644 --- a/src/core/or/circuitbuild.c +++ b/src/core/or/circuitbuild.c @@ -1360,34 +1360,6 @@ circuit_extend(cell_t *cell, circuit_t *circ) return 0; } -/** Initialize cpath-\>{f|b}_{crypto|digest} from the key material in key_data. - * - * If is_hs_v3 is set, this cpath will be used for next gen hidden - * service circuits and key_data must be at least - * HS_NTOR_KEY_EXPANSION_KDF_OUT_LEN bytes in length. - * - * If is_hs_v3 is not set, key_data must contain CPATH_KEY_MATERIAL_LEN - * bytes, which are used as follows: - * - 20 to initialize f_digest - * - 20 to initialize b_digest - * - 16 to key f_crypto - * - 16 to key b_crypto - * - * (If 'reverse' is true, then f_XX and b_XX are swapped.) - * - * Return 0 if init was successful, else -1 if it failed. - */ -int -circuit_init_cpath_crypto(crypt_path_t *cpath, - const char *key_data, size_t key_data_len, - int reverse, int is_hs_v3) -{ - - tor_assert(cpath); - return relay_crypto_init(&cpath->crypto, key_data, key_data_len, reverse, - is_hs_v3); -} - /** A "created" cell reply came back to us on circuit circ. * (The body of reply varies depending on what sort of handshake * this is.) diff --git a/src/core/or/circuitbuild.h b/src/core/or/circuitbuild.h index e6f4f4b496..f6403955ba 100644 --- a/src/core/or/circuitbuild.h +++ b/src/core/or/circuitbuild.h @@ -34,9 +34,6 @@ int circuit_timeout_want_to_count_circ(const origin_circuit_t *circ); int circuit_send_next_onion_skin(origin_circuit_t *circ); void circuit_note_clock_jumped(int64_t seconds_elapsed, bool was_idle); int circuit_extend(cell_t *cell, circuit_t *circ); -int circuit_init_cpath_crypto(crypt_path_t *cpath, - const char *key_data, size_t key_data_len, - int reverse, int is_hs_v3); struct created_cell_t; int circuit_finish_handshake(origin_circuit_t *circ, const struct created_cell_t *created_cell); diff --git a/src/core/or/crypt_path.c b/src/core/or/crypt_path.c index 9fc3e013b2..77f129eff3 100644 --- a/src/core/or/crypt_path.c +++ b/src/core/or/crypt_path.c @@ -114,6 +114,36 @@ assert_cpath_layer_ok(const crypt_path_t *cp) tor_assert(cp->deliver_window >= 0); } +/** Initialize cpath-\>{f|b}_{crypto|digest} from the key material in key_data. + * + * If is_hs_v3 is set, this cpath will be used for next gen hidden + * service circuits and key_data must be at least + * HS_NTOR_KEY_EXPANSION_KDF_OUT_LEN bytes in length. + * + * If is_hs_v3 is not set, key_data must contain CPATH_KEY_MATERIAL_LEN + * bytes, which are used as follows: + * - 20 to initialize f_digest + * - 20 to initialize b_digest + * - 16 to key f_crypto + * - 16 to key b_crypto + * + * (If 'reverse' is true, then f_XX and b_XX are swapped.) + * + * Return 0 if init was successful, else -1 if it failed. + */ +int +circuit_init_cpath_crypto(crypt_path_t *cpath, + const char *key_data, size_t key_data_len, + int reverse, int is_hs_v3) +{ + + tor_assert(cpath); + return relay_crypto_init(&cpath->private->crypto, key_data, key_data_len, reverse, + is_hs_v3); +} + + + /********************** cpath crypto API *******************************/ /** Encrypt or decrypt payload using the crypto of cpath. Actual diff --git a/src/core/or/crypt_path.h b/src/core/or/crypt_path.h index fe25d85cfe..a7ebe604f5 100644 --- a/src/core/or/crypt_path.h +++ b/src/core/or/crypt_path.h @@ -12,6 +12,10 @@ void assert_cpath_ok(const crypt_path_t *cp); /* rename */ int onion_append_hop(crypt_path_t **head_ptr, extend_info_t *choice); +int circuit_init_cpath_crypto(crypt_path_t *cpath, + const char *key_data, size_t key_data_len, + int reverse, int is_hs_v3); + /* rename */ void onion_append_to_cpath(crypt_path_t **head_ptr, crypt_path_t *new_hop); -- cgit v1.2.3-54-g00ecf From 4bd0c4852aad724fd9639f5250c5893341cd5935 Mon Sep 17 00:00:00 2001 From: George Kadianakis Date: Mon, 8 Apr 2019 15:37:02 +0300 Subject: Hiding crypt_path_t: Move the free func in crypt_path.c. Again everything is moved, apart from a free line using ->private. --- src/core/or/circuitlist.c | 17 ----------------- src/core/or/crypt_path.c | 19 +++++++++++++++++++ src/core/or/crypt_path.h | 3 +++ 3 files changed, 22 insertions(+), 17 deletions(-) diff --git a/src/core/or/circuitlist.c b/src/core/or/circuitlist.c index ee9e89f380..83c651ff17 100644 --- a/src/core/or/circuitlist.c +++ b/src/core/or/circuitlist.c @@ -133,7 +133,6 @@ static smartlist_t *circuits_pending_other_guards = NULL; * circuit_mark_for_close and which are waiting for circuit_about_to_free. */ static smartlist_t *circuits_pending_close = NULL; -static void circuit_free_cpath_node(crypt_path_t *victim); static void cpath_ref_decref(crypt_path_reference_t *cpath_ref); static void circuit_about_to_free_atexit(circuit_t *circ); static void circuit_about_to_free(circuit_t *circ); @@ -1333,22 +1332,6 @@ circuit_free_all(void) HT_CLEAR(chan_circid_map, &chan_circid_map); } -/** Deallocate space associated with the cpath node victim. */ -static void -circuit_free_cpath_node(crypt_path_t *victim) -{ - if (!victim) - return; - - relay_crypto_clear(&victim->crypto); - onion_handshake_state_release(&victim->handshake_state); - crypto_dh_free(victim->rend_dh_handshake_state); - extend_info_free(victim->extend_info); - - memwipe(victim, 0xBB, sizeof(crypt_path_t)); /* poison memory */ - tor_free(victim); -} - /** Release a crypt_path_reference_t*, which may be NULL. */ static void cpath_ref_decref(crypt_path_reference_t *cpath_ref) diff --git a/src/core/or/crypt_path.c b/src/core/or/crypt_path.c index 77f129eff3..54f5623d32 100644 --- a/src/core/or/crypt_path.c +++ b/src/core/or/crypt_path.c @@ -16,9 +16,13 @@ #include "core/or/crypt_path.h" #include "core/crypto/relay_crypto.h" +#include "core/crypto/onion_crypto.h" #include "core/or/circuitbuild.h" #include "core/or/circuitlist.h" +#include "lib/crypt_ops/crypto_dh.h" +#include "lib/crypt_ops/crypto_util.h" + #include "core/or/crypt_path_st.h" #include "core/or/cell_st.h" @@ -143,6 +147,21 @@ circuit_init_cpath_crypto(crypt_path_t *cpath, } +/** Deallocate space associated with the cpath node victim. */ +void +circuit_free_cpath_node(crypt_path_t *victim) +{ + if (!victim) + return; + + relay_crypto_clear(&victim->private->crypto); + onion_handshake_state_release(&victim->handshake_state); + crypto_dh_free(victim->rend_dh_handshake_state); + extend_info_free(victim->extend_info); + + memwipe(victim, 0xBB, sizeof(crypt_path_t)); /* poison memory */ + tor_free(victim); +} /********************** cpath crypto API *******************************/ diff --git a/src/core/or/crypt_path.h b/src/core/or/crypt_path.h index a7ebe604f5..e8455c6326 100644 --- a/src/core/or/crypt_path.h +++ b/src/core/or/crypt_path.h @@ -16,6 +16,9 @@ int circuit_init_cpath_crypto(crypt_path_t *cpath, const char *key_data, size_t key_data_len, int reverse, int is_hs_v3); +void +circuit_free_cpath_node(crypt_path_t *victim); + /* rename */ void onion_append_to_cpath(crypt_path_t **head_ptr, crypt_path_t *new_hop); -- cgit v1.2.3-54-g00ecf From 18d61c0e6e71dace189384c8af7f4fec158969b3 Mon Sep 17 00:00:00 2001 From: George Kadianakis Date: Mon, 8 Apr 2019 15:43:23 +0300 Subject: Hiding crypt_path_t: Fixup broken unittests. --- src/test/test_circuitpadding.c | 3 ++- src/test/test_hs_client.c | 17 +++++++++-------- src/test/test_hs_service.c | 9 +++++---- src/test/test_relaycrypt.c | 4 +++- 4 files changed, 19 insertions(+), 14 deletions(-) diff --git a/src/test/test_circuitpadding.c b/src/test/test_circuitpadding.c index e24506d9bb..8a2667e802 100644 --- a/src/test/test_circuitpadding.c +++ b/src/test/test_circuitpadding.c @@ -2,6 +2,7 @@ #define TOR_TIMERS_PRIVATE #define CIRCUITPADDING_PRIVATE #define NETWORKSTATUS_PRIVATE +#define CRYPT_PATH_PRIVATE #include "core/or/or.h" #include "test.h" @@ -149,7 +150,7 @@ new_fake_orcirc(channel_t *nchan, channel_t *pchan) log_warn(LD_BUG,"Circuit initialization failed"); return NULL; } - orcirc->crypto = tmp_cpath.crypto; + orcirc->crypto = tmp_cpath.private->crypto; return orcirc; } diff --git a/src/test/test_hs_client.c b/src/test/test_hs_client.c index 8362b6cbda..607be339a9 100644 --- a/src/test/test_hs_client.c +++ b/src/test/test_hs_client.c @@ -14,6 +14,7 @@ #define CIRCUITBUILD_PRIVATE #define CIRCUITLIST_PRIVATE #define CONNECTION_PRIVATE +#define CRYPT_PATH_PRIVATE #include "test/test.h" #include "test/test_helpers.h" @@ -241,12 +242,12 @@ test_e2e_rend_circuit_setup_legacy(void *arg) tt_int_op(retval, OP_EQ, 1); /* Check the digest algo */ - tt_int_op(crypto_digest_get_algorithm(or_circ->cpath->crypto.f_digest), + tt_int_op(crypto_digest_get_algorithm(or_circ->cpath->private->crypto.f_digest), OP_EQ, DIGEST_SHA1); - tt_int_op(crypto_digest_get_algorithm(or_circ->cpath->crypto.b_digest), + tt_int_op(crypto_digest_get_algorithm(or_circ->cpath->private->crypto.b_digest), OP_EQ, DIGEST_SHA1); - tt_assert(or_circ->cpath->crypto.f_crypto); - tt_assert(or_circ->cpath->crypto.b_crypto); + tt_assert(or_circ->cpath->private->crypto.f_crypto); + tt_assert(or_circ->cpath->private->crypto.b_crypto); /* Ensure that circ purpose was changed */ tt_int_op(or_circ->base_.purpose, OP_EQ, CIRCUIT_PURPOSE_C_REND_JOINED); @@ -311,12 +312,12 @@ test_e2e_rend_circuit_setup(void *arg) tt_int_op(retval, OP_EQ, 1); /* Check that the crypt path has prop224 algorithm parameters */ - tt_int_op(crypto_digest_get_algorithm(or_circ->cpath->crypto.f_digest), + tt_int_op(crypto_digest_get_algorithm(or_circ->cpath->private->crypto.f_digest), OP_EQ, DIGEST_SHA3_256); - tt_int_op(crypto_digest_get_algorithm(or_circ->cpath->crypto.b_digest), + tt_int_op(crypto_digest_get_algorithm(or_circ->cpath->private->crypto.b_digest), OP_EQ, DIGEST_SHA3_256); - tt_assert(or_circ->cpath->crypto.f_crypto); - tt_assert(or_circ->cpath->crypto.b_crypto); + tt_assert(or_circ->cpath->private->crypto.f_crypto); + tt_assert(or_circ->cpath->private->crypto.b_crypto); /* Ensure that circ purpose was changed */ tt_int_op(or_circ->base_.purpose, OP_EQ, CIRCUIT_PURPOSE_C_REND_JOINED); diff --git a/src/test/test_hs_service.c b/src/test/test_hs_service.c index 57132e6197..bfa66f551a 100644 --- a/src/test/test_hs_service.c +++ b/src/test/test_hs_service.c @@ -21,6 +21,7 @@ #define STATEFILE_PRIVATE #define TOR_CHANNEL_INTERNAL_ #define HS_CLIENT_PRIVATE +#define CRYPT_PATH_PRIVATE #include "test/test.h" #include "test/test_helpers.h" @@ -193,12 +194,12 @@ test_e2e_rend_circuit_setup(void *arg) tt_int_op(retval, OP_EQ, 1); /* Check the digest algo */ - tt_int_op(crypto_digest_get_algorithm(or_circ->cpath->crypto.f_digest), + tt_int_op(crypto_digest_get_algorithm(or_circ->cpath->private->crypto.f_digest), OP_EQ, DIGEST_SHA3_256); - tt_int_op(crypto_digest_get_algorithm(or_circ->cpath->crypto.b_digest), + tt_int_op(crypto_digest_get_algorithm(or_circ->cpath->private->crypto.b_digest), OP_EQ, DIGEST_SHA3_256); - tt_assert(or_circ->cpath->crypto.f_crypto); - tt_assert(or_circ->cpath->crypto.b_crypto); + tt_assert(or_circ->cpath->private->crypto.f_crypto); + tt_assert(or_circ->cpath->private->crypto.b_crypto); /* Ensure that circ purpose was changed */ tt_int_op(or_circ->base_.purpose, OP_EQ, CIRCUIT_PURPOSE_S_REND_JOINED); diff --git a/src/test/test_relaycrypt.c b/src/test/test_relaycrypt.c index cd58094b10..b94ee07abc 100644 --- a/src/test/test_relaycrypt.c +++ b/src/test/test_relaycrypt.c @@ -3,6 +3,8 @@ * Copyright (c) 2007-2019, The Tor Project, Inc. */ /* See LICENSE for licensing information */ +#define CRYPT_PATH_PRIVATE + #include "core/or/or.h" #include "core/or/circuitbuild.h" #define CIRCUITLIST_PRIVATE @@ -49,7 +51,7 @@ testing_circuitset_setup(const struct testcase_t *testcase) cs->origin_circ->base_.purpose = CIRCUIT_PURPOSE_C_GENERAL; for (i=0; i<3; ++i) { crypt_path_t *hop = tor_malloc_zero(sizeof(*hop)); - relay_crypto_init(&hop->crypto, KEY_MATERIAL[i], sizeof(KEY_MATERIAL[i]), + relay_crypto_init(&hop->private->crypto, KEY_MATERIAL[i], sizeof(KEY_MATERIAL[i]), 0, 0); hop->state = CPATH_STATE_OPEN; onion_append_to_cpath(&cs->origin_circ->cpath, hop); -- cgit v1.2.3-54-g00ecf From f5635989b06260710b282e75be7b731e2846f700 Mon Sep 17 00:00:00 2001 From: George Kadianakis Date: Mon, 8 Apr 2019 16:18:44 +0300 Subject: Hiding crypt_path_t: Create a constructor for crypt_path_t. We are using an opaque pointer so the structure needs to be allocated on the heap. This means we now need a constructor for crypt_path_t. Also modify all places initializing a crypt_path_t to use the constructor. --- src/core/or/crypt_path.c | 15 +++++++++++++-- src/core/or/crypt_path.h | 2 ++ src/core/or/crypt_path_st.h | 5 ++--- src/feature/hs/hs_circuit.c | 3 +-- src/feature/rend/rendclient.c | 5 ++--- src/feature/rend/rendservice.c | 3 +-- src/test/test_circuitpadding.c | 13 +++++++------ src/test/test_hs_client.c | 5 ++--- src/test/test_hs_service.c | 4 ++-- src/test/test_relaycell.c | 4 ++-- src/test/test_relaycrypt.c | 2 +- 11 files changed, 35 insertions(+), 26 deletions(-) diff --git a/src/core/or/crypt_path.c b/src/core/or/crypt_path.c index 54f5623d32..975af6c16d 100644 --- a/src/core/or/crypt_path.c +++ b/src/core/or/crypt_path.c @@ -26,6 +26,17 @@ #include "core/or/crypt_path_st.h" #include "core/or/cell_st.h" +/** Initialize and return a minimal crypt_path_t */ +crypt_path_t * +crypt_path_new(void) +{ + crypt_path_t *cpath = tor_malloc_zero(sizeof(crypt_path_t)); + cpath->magic = CRYPT_PATH_MAGIC; + cpath->private = tor_malloc_zero(sizeof(struct crypt_path_private_t)); + + return cpath; +} + /** Add new_hop to the end of the doubly-linked-list head_ptr. * This function is used to extend cpath by another hop. */ @@ -49,12 +60,11 @@ onion_append_to_cpath(crypt_path_t **head_ptr, crypt_path_t *new_hop) int onion_append_hop(crypt_path_t **head_ptr, extend_info_t *choice) { - crypt_path_t *hop = tor_malloc_zero(sizeof(crypt_path_t)); + crypt_path_t *hop = crypt_path_new(); /* link hop into the cpath, at the end. */ onion_append_to_cpath(head_ptr, hop); - hop->magic = CRYPT_PATH_MAGIC; hop->state = CPATH_STATE_CLOSED; hop->extend_info = extend_info_dup(choice); @@ -158,6 +168,7 @@ circuit_free_cpath_node(crypt_path_t *victim) onion_handshake_state_release(&victim->handshake_state); crypto_dh_free(victim->rend_dh_handshake_state); extend_info_free(victim->extend_info); + tor_free(victim->private); memwipe(victim, 0xBB, sizeof(crypt_path_t)); /* poison memory */ tor_free(victim); diff --git a/src/core/or/crypt_path.h b/src/core/or/crypt_path.h index e8455c6326..c6d1cd1400 100644 --- a/src/core/or/crypt_path.h +++ b/src/core/or/crypt_path.h @@ -3,6 +3,8 @@ * \brief Header file for crypt_path.c. **/ +crypt_path_t *crypt_path_new(void); + /* rename */ void assert_cpath_layer_ok(const crypt_path_t *cp); diff --git a/src/core/or/crypt_path_st.h b/src/core/or/crypt_path_st.h index 833cfefad1..7da3c57f49 100644 --- a/src/core/or/crypt_path_st.h +++ b/src/core/or/crypt_path_st.h @@ -8,9 +8,6 @@ #define CRYPT_PATH_ST_H #include "core/or/relay_crypto_st.h" -struct crypto_dh_t; - -#define CRYPT_PATH_MAGIC 0x70127012u struct fast_handshake_state_t; struct ntor_handshake_state_t; @@ -26,6 +23,8 @@ struct onion_handshake_state_t { #ifdef CRYPT_PATH_PRIVATE +#define CRYPT_PATH_MAGIC 0x70127012u + /* The private parts of crypt path that don't need to be exposed to all the * modules. */ struct crypt_path_private_t { diff --git a/src/feature/hs/hs_circuit.c b/src/feature/hs/hs_circuit.c index a42228d362..3356db9d90 100644 --- a/src/feature/hs/hs_circuit.c +++ b/src/feature/hs/hs_circuit.c @@ -87,8 +87,7 @@ create_rend_cpath(const uint8_t *ntor_key_seed, size_t seed_len, } /* Setup the cpath */ - cpath = tor_malloc_zero(sizeof(crypt_path_t)); - cpath->magic = CRYPT_PATH_MAGIC; + cpath = crypt_path_new(); if (circuit_init_cpath_crypto(cpath, (char*)keys, sizeof(keys), is_service_side, 1) < 0) { diff --git a/src/feature/rend/rendclient.c b/src/feature/rend/rendclient.c index f84d221b1a..c6e9dde878 100644 --- a/src/feature/rend/rendclient.c +++ b/src/feature/rend/rendclient.c @@ -16,6 +16,7 @@ #include "core/or/circuituse.h" #include "core/or/connection_edge.h" #include "core/or/relay.h" +#include "core/or/crypt_path.h" #include "feature/client/circpathbias.h" #include "feature/control/control_events.h" #include "feature/dirclient/dirclient.h" @@ -194,9 +195,7 @@ rend_client_send_introduction(origin_circuit_t *introcirc, /* Initialize the pending_final_cpath and start the DH handshake. */ cpath = rendcirc->build_state->pending_final_cpath; if (!cpath) { - cpath = rendcirc->build_state->pending_final_cpath = - tor_malloc_zero(sizeof(crypt_path_t)); - cpath->magic = CRYPT_PATH_MAGIC; + cpath = rendcirc->build_state->pending_final_cpath = crypt_path_new(); if (!(cpath->rend_dh_handshake_state = crypto_dh_new(DH_TYPE_REND))) { log_warn(LD_BUG, "Internal error: couldn't allocate DH."); status = -2; diff --git a/src/feature/rend/rendservice.c b/src/feature/rend/rendservice.c index 5c267f8e34..38da4cfe7a 100644 --- a/src/feature/rend/rendservice.c +++ b/src/feature/rend/rendservice.c @@ -2158,8 +2158,7 @@ rend_service_receive_introduction(origin_circuit_t *circuit, launched->build_state->service_pending_final_cpath_ref->refcount = 1; launched->build_state->service_pending_final_cpath_ref->cpath = cpath = - tor_malloc_zero(sizeof(crypt_path_t)); - cpath->magic = CRYPT_PATH_MAGIC; + crypt_path_new(); launched->build_state->expiry_time = now + MAX_REND_TIMEOUT; cpath->rend_dh_handshake_state = dh; diff --git a/src/test/test_circuitpadding.c b/src/test/test_circuitpadding.c index 8a2667e802..6fa790c40d 100644 --- a/src/test/test_circuitpadding.c +++ b/src/test/test_circuitpadding.c @@ -115,7 +115,7 @@ new_fake_orcirc(channel_t *nchan, channel_t *pchan) { or_circuit_t *orcirc = NULL; circuit_t *circ = NULL; - crypt_path_t tmp_cpath; + crypt_path_t *tmp_cpath; char whatevs_key[CPATH_KEY_MATERIAL_LEN]; orcirc = tor_malloc_zero(sizeof(*orcirc)); @@ -144,13 +144,15 @@ new_fake_orcirc(channel_t *nchan, channel_t *pchan) circuit_set_p_circid_chan(orcirc, orcirc->p_circ_id, pchan); circuit_set_n_circid_chan(circ, circ->n_circ_id, nchan); - memset(&tmp_cpath, 0, sizeof(tmp_cpath)); - if (circuit_init_cpath_crypto(&tmp_cpath, whatevs_key, + tmp_cpath = crypt_path_new(); + if (circuit_init_cpath_crypto(tmp_cpath, whatevs_key, sizeof(whatevs_key), 0, 0)<0) { log_warn(LD_BUG,"Circuit initialization failed"); return NULL; } - orcirc->crypto = tmp_cpath.private->crypto; + orcirc->crypto = tmp_cpath->private->crypto; + tor_free(tmp_cpath->private); + tor_free(tmp_cpath); return orcirc; } @@ -1618,10 +1620,9 @@ simulate_single_hop_extend(circuit_t *client, circuit_t *mid_relay, circpad_cell_event_nonpadding_received((circuit_t*)client); // Add a hop to cpath - crypt_path_t *hop = tor_malloc_zero(sizeof(crypt_path_t)); + crypt_path_t *hop = crypt_path_new(); onion_append_to_cpath(&TO_ORIGIN_CIRCUIT(client)->cpath, hop); - hop->magic = CRYPT_PATH_MAGIC; hop->state = CPATH_STATE_OPEN; // add an extend info to indicate if this node supports padding or not. diff --git a/src/test/test_hs_client.c b/src/test/test_hs_client.c index 607be339a9..9e1d73a855 100644 --- a/src/test/test_hs_client.c +++ b/src/test/test_hs_client.c @@ -39,6 +39,7 @@ #include "feature/hs/hs_cache.h" #include "core/or/circuitlist.h" #include "core/or/circuitbuild.h" +#include "core/or/crypt_path.h" #include "core/mainloop/connection.h" #include "core/or/connection_edge.h" #include "feature/nodelist/networkstatus.h" @@ -145,9 +146,7 @@ helper_get_circ_and_stream_for_test(origin_circuit_t **circ_out, if (is_legacy) { /* Legacy: Setup rend data and final cpath */ - or_circ->build_state->pending_final_cpath = - tor_malloc_zero(sizeof(crypt_path_t)); - or_circ->build_state->pending_final_cpath->magic = CRYPT_PATH_MAGIC; + or_circ->build_state->pending_final_cpath = crypt_path_new(); or_circ->build_state->pending_final_cpath->rend_dh_handshake_state = crypto_dh_new(DH_TYPE_REND); tt_assert( diff --git a/src/test/test_hs_service.c b/src/test/test_hs_service.c index bfa66f551a..357db89040 100644 --- a/src/test/test_hs_service.c +++ b/src/test/test_hs_service.c @@ -38,6 +38,7 @@ #include "core/or/circuitbuild.h" #include "core/or/circuitlist.h" #include "core/or/circuituse.h" +#include "core/or/crypt_path.h" #include "core/or/connection_edge.h" #include "core/or/edge_connection_st.h" #include "core/or/relay.h" @@ -218,8 +219,7 @@ helper_create_origin_circuit(int purpose, int flags) circ = origin_circuit_init(purpose, flags); tor_assert(circ); - circ->cpath = tor_malloc_zero(sizeof(crypt_path_t)); - circ->cpath->magic = CRYPT_PATH_MAGIC; + circ->cpath = crypt_path_new(); circ->cpath->state = CPATH_STATE_OPEN; circ->cpath->package_window = circuit_initial_package_window(); circ->cpath->deliver_window = CIRCWINDOW_START; diff --git a/src/test/test_relaycell.c b/src/test/test_relaycell.c index 0623583511..b48c7ca8ac 100644 --- a/src/test/test_relaycell.c +++ b/src/test/test_relaycell.c @@ -16,6 +16,7 @@ #include "lib/crypt_ops/crypto_rand.h" #include "core/or/circuitbuild.h" #include "core/or/circuitlist.h" +#include "core/or/crypt_path.h" #include "core/or/connection_edge.h" #include "core/or/relay.h" #include "test/test.h" @@ -90,8 +91,7 @@ helper_create_origin_circuit(int purpose, int flags) circ = origin_circuit_init(purpose, flags); tor_assert(circ); - circ->cpath = tor_malloc_zero(sizeof(crypt_path_t)); - circ->cpath->magic = CRYPT_PATH_MAGIC; + circ->cpath = crypt_path_new(); circ->cpath->state = CPATH_STATE_OPEN; circ->cpath->package_window = circuit_initial_package_window(); circ->cpath->deliver_window = CIRCWINDOW_START; diff --git a/src/test/test_relaycrypt.c b/src/test/test_relaycrypt.c index b94ee07abc..1fe5df96ed 100644 --- a/src/test/test_relaycrypt.c +++ b/src/test/test_relaycrypt.c @@ -50,7 +50,7 @@ testing_circuitset_setup(const struct testcase_t *testcase) cs->origin_circ = origin_circuit_new(); cs->origin_circ->base_.purpose = CIRCUIT_PURPOSE_C_GENERAL; for (i=0; i<3; ++i) { - crypt_path_t *hop = tor_malloc_zero(sizeof(*hop)); + crypt_path_t *hop = crypt_path_new(); relay_crypto_init(&hop->private->crypto, KEY_MATERIAL[i], sizeof(KEY_MATERIAL[i]), 0, 0); hop->state = CPATH_STATE_OPEN; -- cgit v1.2.3-54-g00ecf From cd38e41620120a11a70ebe059f3adbaa05e4c1ff Mon Sep 17 00:00:00 2001 From: George Kadianakis Date: Wed, 10 Apr 2019 16:28:29 +0300 Subject: Hiding crypt_path_t: Ensure that ->private is initialized. Now that we are using a constructor we should be more careful that we are always using the constructor to initialize crypt_path_t, so make sure that ->private is initialized. --- src/core/or/crypt_path.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/src/core/or/crypt_path.c b/src/core/or/crypt_path.c index 975af6c16d..e24712ed89 100644 --- a/src/core/or/crypt_path.c +++ b/src/core/or/crypt_path.c @@ -108,6 +108,7 @@ assert_cpath_layer_ok(const crypt_path_t *cp) // tor_assert(cp->port); tor_assert(cp); tor_assert(cp->magic == CRYPT_PATH_MAGIC); + tor_assert(cp->private); switch (cp->state) { case CPATH_STATE_OPEN: @@ -152,6 +153,7 @@ circuit_init_cpath_crypto(crypt_path_t *cpath, { tor_assert(cpath); + tor_assert(cpath->private); return relay_crypto_init(&cpath->private->crypto, key_data, key_data_len, reverse, is_hs_v3); } @@ -161,7 +163,7 @@ circuit_init_cpath_crypto(crypt_path_t *cpath, void circuit_free_cpath_node(crypt_path_t *victim) { - if (!victim) + if (!victim || BUG(!victim->private)) return; relay_crypto_clear(&victim->private->crypto); @@ -181,6 +183,9 @@ circuit_free_cpath_node(crypt_path_t *victim) void cpath_crypt_cell(const crypt_path_t *cpath, uint8_t *payload, bool is_decrypt) { + tor_assert(cpath); + tor_assert(cpath->private); + if (is_decrypt) { relay_crypt_one_payload(cpath->private->crypto.b_crypto, payload); } else { @@ -192,6 +197,8 @@ cpath_crypt_cell(const crypt_path_t *cpath, uint8_t *payload, bool is_decrypt) struct crypto_digest_t * cpath_get_incoming_digest(const crypt_path_t *cpath) { + tor_assert(cpath); + tor_assert(cpath->private); return cpath->private->crypto.b_digest; } @@ -200,5 +207,7 @@ cpath_get_incoming_digest(const crypt_path_t *cpath) void cpath_set_cell_forward_digest(crypt_path_t *cpath, cell_t *cell) { + tor_assert(cpath); + tor_assert(cpath->private); relay_set_digest(cpath->private->crypto.f_digest, cell); } -- cgit v1.2.3-54-g00ecf From 593b7726e98fd68cccadb3da219d9f31692e8c80 Mon Sep 17 00:00:00 2001 From: George Kadianakis Date: Mon, 8 Apr 2019 16:36:12 +0300 Subject: Hiding crypt_path_t: Trivial changes to satisfy check-local. --- scripts/maint/practracker/exceptions.txt | 7 ++++--- src/core/or/crypt_path.c | 5 ++--- src/core/or/crypt_path.h | 6 ++++-- src/test/test_hs_client.c | 12 ++++++++---- src/test/test_hs_service.c | 6 ++++-- src/test/test_relaycrypt.c | 4 ++-- 6 files changed, 24 insertions(+), 16 deletions(-) diff --git a/scripts/maint/practracker/exceptions.txt b/scripts/maint/practracker/exceptions.txt index 21fe9ec351..a2b6d36ea8 100644 --- a/scripts/maint/practracker/exceptions.txt +++ b/scripts/maint/practracker/exceptions.txt @@ -55,8 +55,8 @@ problem function-size /src/app/main/main.c:run_tor_main_loop() 105 problem function-size /src/app/main/ntmain.c:nt_service_install() 125 problem include-count /src/app/main/shutdown.c 52 problem file-size /src/core/mainloop/connection.c 5559 -problem include-count /src/core/mainloop/connection.c 61 -problem function-size /src/core/mainloop/connection.c:connection_free_minimal() 185 +problem include-count /src/core/mainloop/connection.c 62 +problem function-size /src/core/mainloop/connection.c:connection_free_minimal() 184 problem function-size /src/core/mainloop/connection.c:connection_listener_new() 328 problem function-size /src/core/mainloop/connection.c:connection_handle_listener_read() 161 problem function-size /src/core/mainloop/connection.c:connection_connect_sockaddr() 103 @@ -80,10 +80,11 @@ problem function-size /src/core/or/channeltls.c:channel_tls_process_certs_cell() problem function-size /src/core/or/channeltls.c:channel_tls_process_authenticate_cell() 202 problem file-size /src/core/or/circuitbuild.c 3061 problem include-count /src/core/or/circuitbuild.c 53 +problem include-count /src/core/or/circuitbuild.c 54 problem function-size /src/core/or/circuitbuild.c:get_unique_circ_id_by_chan() 128 problem function-size /src/core/or/circuitbuild.c:circuit_extend() 147 problem function-size /src/core/or/circuitbuild.c:choose_good_exit_server_general() 206 -problem include-count /src/core/or/circuitlist.c 54 +problem include-count /src/core/or/circuitlist.c 55 problem function-size /src/core/or/circuitlist.c:HT_PROTOTYPE() 128 problem function-size /src/core/or/circuitlist.c:circuit_free_() 143 problem function-size /src/core/or/circuitlist.c:circuit_find_to_cannibalize() 102 diff --git a/src/core/or/crypt_path.c b/src/core/or/crypt_path.c index e24712ed89..ea07ec495f 100644 --- a/src/core/or/crypt_path.c +++ b/src/core/or/crypt_path.c @@ -154,11 +154,10 @@ circuit_init_cpath_crypto(crypt_path_t *cpath, tor_assert(cpath); tor_assert(cpath->private); - return relay_crypto_init(&cpath->private->crypto, key_data, key_data_len, reverse, - is_hs_v3); + return relay_crypto_init(&cpath->private->crypto, key_data, key_data_len, + reverse, is_hs_v3); } - /** Deallocate space associated with the cpath node victim. */ void circuit_free_cpath_node(crypt_path_t *victim) diff --git a/src/core/or/crypt_path.h b/src/core/or/crypt_path.h index c6d1cd1400..874ff2b2ad 100644 --- a/src/core/or/crypt_path.h +++ b/src/core/or/crypt_path.h @@ -3,6 +3,9 @@ * \brief Header file for crypt_path.c. **/ +#ifndef CRYPT_PATH_H +#define CRYPT_PATH_H + crypt_path_t *crypt_path_new(void); /* rename */ @@ -24,7 +27,6 @@ circuit_free_cpath_node(crypt_path_t *victim); /* rename */ void onion_append_to_cpath(crypt_path_t **head_ptr, crypt_path_t *new_hop); - void cpath_crypt_cell(const crypt_path_t *cpath, uint8_t *payload, bool is_decrypt); @@ -34,4 +36,4 @@ cpath_get_incoming_digest(const crypt_path_t *cpath); void cpath_set_cell_forward_digest(crypt_path_t *cpath, cell_t *cell); - +#endif diff --git a/src/test/test_hs_client.c b/src/test/test_hs_client.c index 9e1d73a855..cd049b7c47 100644 --- a/src/test/test_hs_client.c +++ b/src/test/test_hs_client.c @@ -241,9 +241,11 @@ test_e2e_rend_circuit_setup_legacy(void *arg) tt_int_op(retval, OP_EQ, 1); /* Check the digest algo */ - tt_int_op(crypto_digest_get_algorithm(or_circ->cpath->private->crypto.f_digest), + tt_int_op( + crypto_digest_get_algorithm(or_circ->cpath->private->crypto.f_digest), OP_EQ, DIGEST_SHA1); - tt_int_op(crypto_digest_get_algorithm(or_circ->cpath->private->crypto.b_digest), + tt_int_op( + crypto_digest_get_algorithm(or_circ->cpath->private->crypto.b_digest), OP_EQ, DIGEST_SHA1); tt_assert(or_circ->cpath->private->crypto.f_crypto); tt_assert(or_circ->cpath->private->crypto.b_crypto); @@ -311,9 +313,11 @@ test_e2e_rend_circuit_setup(void *arg) tt_int_op(retval, OP_EQ, 1); /* Check that the crypt path has prop224 algorithm parameters */ - tt_int_op(crypto_digest_get_algorithm(or_circ->cpath->private->crypto.f_digest), + tt_int_op( + crypto_digest_get_algorithm(or_circ->cpath->private->crypto.f_digest), OP_EQ, DIGEST_SHA3_256); - tt_int_op(crypto_digest_get_algorithm(or_circ->cpath->private->crypto.b_digest), + tt_int_op( + crypto_digest_get_algorithm(or_circ->cpath->private->crypto.b_digest), OP_EQ, DIGEST_SHA3_256); tt_assert(or_circ->cpath->private->crypto.f_crypto); tt_assert(or_circ->cpath->private->crypto.b_crypto); diff --git a/src/test/test_hs_service.c b/src/test/test_hs_service.c index 357db89040..08dac04d21 100644 --- a/src/test/test_hs_service.c +++ b/src/test/test_hs_service.c @@ -195,9 +195,11 @@ test_e2e_rend_circuit_setup(void *arg) tt_int_op(retval, OP_EQ, 1); /* Check the digest algo */ - tt_int_op(crypto_digest_get_algorithm(or_circ->cpath->private->crypto.f_digest), + tt_int_op( + crypto_digest_get_algorithm(or_circ->cpath->private->crypto.f_digest), OP_EQ, DIGEST_SHA3_256); - tt_int_op(crypto_digest_get_algorithm(or_circ->cpath->private->crypto.b_digest), + tt_int_op( + crypto_digest_get_algorithm(or_circ->cpath->private->crypto.b_digest), OP_EQ, DIGEST_SHA3_256); tt_assert(or_circ->cpath->private->crypto.f_crypto); tt_assert(or_circ->cpath->private->crypto.b_crypto); diff --git a/src/test/test_relaycrypt.c b/src/test/test_relaycrypt.c index 1fe5df96ed..a3a102e73b 100644 --- a/src/test/test_relaycrypt.c +++ b/src/test/test_relaycrypt.c @@ -51,8 +51,8 @@ testing_circuitset_setup(const struct testcase_t *testcase) cs->origin_circ->base_.purpose = CIRCUIT_PURPOSE_C_GENERAL; for (i=0; i<3; ++i) { crypt_path_t *hop = crypt_path_new(); - relay_crypto_init(&hop->private->crypto, KEY_MATERIAL[i], sizeof(KEY_MATERIAL[i]), - 0, 0); + relay_crypto_init(&hop->private->crypto, KEY_MATERIAL[i], + sizeof(KEY_MATERIAL[i]), 0, 0); hop->state = CPATH_STATE_OPEN; onion_append_to_cpath(&cs->origin_circ->cpath, hop); tt_ptr_op(hop, OP_EQ, cs->origin_circ->cpath->prev); -- cgit v1.2.3-54-g00ecf From 58fbbc1409f65bbb65c9da03a035a5767820146b Mon Sep 17 00:00:00 2001 From: George Kadianakis Date: Tue, 9 Apr 2019 12:38:19 +0300 Subject: Hiding crypt_path_t: Rename some functions to fit the crypt_path API. Some of these functions are now public and cpath-specific so their name should signify the fact they are part of the cpath module: assert_cpath_layer_ok -> cpath_assert_layer_ok assert_cpath_ok -> cpath_assert_ok onion_append_hop -> cpath_append_hop circuit_init_cpath_crypto -> cpath_init_circuit_crypto circuit_free_cpath_node -> cpath_free onion_append_to_cpath -> cpath_extend_linked_list --- src/core/mainloop/connection.c | 2 +- src/core/or/circuitbuild.c | 8 ++++---- src/core/or/circuitlist.c | 10 +++++----- src/core/or/crypt_path.c | 16 ++++++++-------- src/core/or/crypt_path.h | 16 ++++++---------- src/feature/hs/hs_circuit.c | 6 +++--- src/feature/rend/rendservice.c | 4 ++-- src/test/test_circuitpadding.c | 6 +++--- src/test/test_circuitstats.c | 16 ++++++++-------- src/test/test_relaycrypt.c | 2 +- 10 files changed, 41 insertions(+), 45 deletions(-) diff --git a/src/core/mainloop/connection.c b/src/core/mainloop/connection.c index f6adfa765a..de49a1b7ef 100644 --- a/src/core/mainloop/connection.c +++ b/src/core/mainloop/connection.c @@ -5331,7 +5331,7 @@ assert_connection_ok(connection_t *conn, time_t now) tor_assert(entry_conn->socks_request->has_finished); if (!conn->marked_for_close) { tor_assert(ENTRY_TO_EDGE_CONN(entry_conn)->cpath_layer); - assert_cpath_layer_ok(ENTRY_TO_EDGE_CONN(entry_conn)->cpath_layer); + cpath_assert_layer_ok(ENTRY_TO_EDGE_CONN(entry_conn)->cpath_layer); } } } diff --git a/src/core/or/circuitbuild.c b/src/core/or/circuitbuild.c index 1ceb77c4ad..b445b94637 100644 --- a/src/core/or/circuitbuild.c +++ b/src/core/or/circuitbuild.c @@ -1409,7 +1409,7 @@ circuit_finish_handshake(origin_circuit_t *circ, onion_handshake_state_release(&hop->handshake_state); - if (circuit_init_cpath_crypto(hop, keys, sizeof(keys), 0, 0)<0) { + if (cpath_init_circuit_crypto(hop, keys, sizeof(keys), 0, 0)<0) { return -END_CIRC_REASON_TORPROTOCOL; } @@ -1461,7 +1461,7 @@ circuit_truncated(origin_circuit_t *circ, int reason) } layer->next = victim->next; - circuit_free_cpath_node(victim); + cpath_free(victim); } log_info(LD_CIRC, "finished"); @@ -2280,7 +2280,7 @@ circuit_append_new_exit(origin_circuit_t *circ, extend_info_t *exit_ei) state->chosen_exit = extend_info_dup(exit_ei); ++circ->build_state->desired_path_len; - onion_append_hop(&circ->cpath, exit_ei); + cpath_append_hop(&circ->cpath, exit_ei); return 0; } @@ -2713,7 +2713,7 @@ onion_extend_cpath(origin_circuit_t *circ) extend_info_describe(info), cur_len+1, build_state_get_exit_nickname(state)); - onion_append_hop(&circ->cpath, info); + cpath_append_hop(&circ->cpath, info); extend_info_free(info); return 0; } diff --git a/src/core/or/circuitlist.c b/src/core/or/circuitlist.c index 83c651ff17..cd2259c98d 100644 --- a/src/core/or/circuitlist.c +++ b/src/core/or/circuitlist.c @@ -1148,7 +1148,7 @@ circuit_free_(circuit_t *circ) if (ocirc->build_state) { extend_info_free(ocirc->build_state->chosen_exit); - circuit_free_cpath_node(ocirc->build_state->pending_final_cpath); + cpath_free(ocirc->build_state->pending_final_cpath); cpath_ref_decref(ocirc->build_state->service_pending_final_cpath_ref); } tor_free(ocirc->build_state); @@ -1272,10 +1272,10 @@ circuit_clear_cpath(origin_circuit_t *circ) while (cpath->next && cpath->next != head) { victim = cpath; cpath = victim->next; - circuit_free_cpath_node(victim); + cpath_free(victim); } - circuit_free_cpath_node(cpath); + cpath_free(cpath); circ->cpath = NULL; } @@ -1338,7 +1338,7 @@ cpath_ref_decref(crypt_path_reference_t *cpath_ref) { if (cpath_ref != NULL) { if (--(cpath_ref->refcount) == 0) { - circuit_free_cpath_node(cpath_ref->cpath); + cpath_free(cpath_ref->cpath); tor_free(cpath_ref); } } @@ -2830,7 +2830,7 @@ assert_circuit_ok,(const circuit_t *c)) !smartlist_contains(circuits_pending_chans, c)); } if (origin_circ && origin_circ->cpath) { - assert_cpath_ok(origin_circ->cpath); + cpath_assert_ok(origin_circ->cpath); } if (c->purpose == CIRCUIT_PURPOSE_REND_ESTABLISHED) { tor_assert(or_circ); diff --git a/src/core/or/crypt_path.c b/src/core/or/crypt_path.c index ea07ec495f..13063e5da8 100644 --- a/src/core/or/crypt_path.c +++ b/src/core/or/crypt_path.c @@ -41,7 +41,7 @@ crypt_path_new(void) * This function is used to extend cpath by another hop. */ void -onion_append_to_cpath(crypt_path_t **head_ptr, crypt_path_t *new_hop) +cpath_extend_linked_list(crypt_path_t **head_ptr, crypt_path_t *new_hop) { if (*head_ptr) { new_hop->next = (*head_ptr); @@ -58,12 +58,12 @@ onion_append_to_cpath(crypt_path_t **head_ptr, crypt_path_t *new_hop) * corresponding router choice, and append it to the * end of the cpath head_ptr. */ int -onion_append_hop(crypt_path_t **head_ptr, extend_info_t *choice) +cpath_append_hop(crypt_path_t **head_ptr, extend_info_t *choice) { crypt_path_t *hop = crypt_path_new(); /* link hop into the cpath, at the end. */ - onion_append_to_cpath(head_ptr, hop); + cpath_extend_linked_list(head_ptr, hop); hop->state = CPATH_STATE_CLOSED; @@ -79,12 +79,12 @@ onion_append_hop(crypt_path_t **head_ptr, extend_info_t *choice) * correct. Trigger an assert if anything is invalid. */ void -assert_cpath_ok(const crypt_path_t *cp) +cpath_assert_ok(const crypt_path_t *cp) { const crypt_path_t *start = cp; do { - assert_cpath_layer_ok(cp); + cpath_assert_layer_ok(cp); /* layers must be in sequence of: "open* awaiting? closed*" */ if (cp != start) { if (cp->state == CPATH_STATE_AWAITING_KEYS) { @@ -102,7 +102,7 @@ assert_cpath_ok(const crypt_path_t *cp) * correct. Trigger an assert if anything is invalid. */ void -assert_cpath_layer_ok(const crypt_path_t *cp) +cpath_assert_layer_ok(const crypt_path_t *cp) { // tor_assert(cp->addr); /* these are zero for rendezvous extra-hops */ // tor_assert(cp->port); @@ -147,7 +147,7 @@ assert_cpath_layer_ok(const crypt_path_t *cp) * Return 0 if init was successful, else -1 if it failed. */ int -circuit_init_cpath_crypto(crypt_path_t *cpath, +cpath_init_circuit_crypto(crypt_path_t *cpath, const char *key_data, size_t key_data_len, int reverse, int is_hs_v3) { @@ -160,7 +160,7 @@ circuit_init_cpath_crypto(crypt_path_t *cpath, /** Deallocate space associated with the cpath node victim. */ void -circuit_free_cpath_node(crypt_path_t *victim) +cpath_free(crypt_path_t *victim) { if (!victim || BUG(!victim->private)) return; diff --git a/src/core/or/crypt_path.h b/src/core/or/crypt_path.h index 874ff2b2ad..4a0117360e 100644 --- a/src/core/or/crypt_path.h +++ b/src/core/or/crypt_path.h @@ -8,24 +8,20 @@ crypt_path_t *crypt_path_new(void); -/* rename */ -void assert_cpath_layer_ok(const crypt_path_t *cp); +void cpath_assert_layer_ok(const crypt_path_t *cp); -/* rename */ -void assert_cpath_ok(const crypt_path_t *cp); +void cpath_assert_ok(const crypt_path_t *cp); -/* rename */ -int onion_append_hop(crypt_path_t **head_ptr, extend_info_t *choice); +int cpath_append_hop(crypt_path_t **head_ptr, extend_info_t *choice); -int circuit_init_cpath_crypto(crypt_path_t *cpath, +int cpath_init_circuit_crypto(crypt_path_t *cpath, const char *key_data, size_t key_data_len, int reverse, int is_hs_v3); void -circuit_free_cpath_node(crypt_path_t *victim); +cpath_free(crypt_path_t *victim); -/* rename */ -void onion_append_to_cpath(crypt_path_t **head_ptr, crypt_path_t *new_hop); +void cpath_extend_linked_list(crypt_path_t **head_ptr, crypt_path_t *new_hop); void cpath_crypt_cell(const crypt_path_t *cpath, uint8_t *payload, bool is_decrypt); diff --git a/src/feature/hs/hs_circuit.c b/src/feature/hs/hs_circuit.c index 3356db9d90..7d17aff72f 100644 --- a/src/feature/hs/hs_circuit.c +++ b/src/feature/hs/hs_circuit.c @@ -89,7 +89,7 @@ create_rend_cpath(const uint8_t *ntor_key_seed, size_t seed_len, /* Setup the cpath */ cpath = crypt_path_new(); - if (circuit_init_cpath_crypto(cpath, (char*)keys, sizeof(keys), + if (cpath_init_circuit_crypto(cpath, (char*)keys, sizeof(keys), is_service_side, 1) < 0) { tor_free(cpath); goto err; @@ -126,7 +126,7 @@ create_rend_cpath_legacy(origin_circuit_t *circ, const uint8_t *rend_cell_body) goto err; } /* ... and set up cpath. */ - if (circuit_init_cpath_crypto(hop, + if (cpath_init_circuit_crypto(hop, keys+DIGEST_LEN, sizeof(keys)-DIGEST_LEN, 0, 0) < 0) goto err; @@ -177,7 +177,7 @@ finalize_rend_circuit(origin_circuit_t *circ, crypt_path_t *hop, circ->hs_circ_has_timed_out = 0; /* Append the hop to the cpath of this circuit */ - onion_append_to_cpath(&circ->cpath, hop); + cpath_extend_linked_list(&circ->cpath, hop); /* In legacy code, 'pending_final_cpath' points to the final hop we just * appended to the cpath. We set the original pointer to NULL so that we diff --git a/src/feature/rend/rendservice.c b/src/feature/rend/rendservice.c index 38da4cfe7a..0ecd0e6ff6 100644 --- a/src/feature/rend/rendservice.c +++ b/src/feature/rend/rendservice.c @@ -2163,7 +2163,7 @@ rend_service_receive_introduction(origin_circuit_t *circuit, cpath->rend_dh_handshake_state = dh; dh = NULL; - if (circuit_init_cpath_crypto(cpath, + if (cpath_init_circuit_crypto(cpath, keys+DIGEST_LEN, sizeof(keys)-DIGEST_LEN, 1, 0)<0) goto err; @@ -3547,7 +3547,7 @@ rend_service_rendezvous_has_opened(origin_circuit_t *circuit) hop->package_window = circuit_initial_package_window(); hop->deliver_window = CIRCWINDOW_START; - onion_append_to_cpath(&circuit->cpath, hop); + cpath_extend_linked_list(&circuit->cpath, hop); circuit->build_state->pending_final_cpath = NULL; /* prevent double-free */ /* Change the circuit purpose. */ diff --git a/src/test/test_circuitpadding.c b/src/test/test_circuitpadding.c index 6fa790c40d..e33e56af3f 100644 --- a/src/test/test_circuitpadding.c +++ b/src/test/test_circuitpadding.c @@ -145,7 +145,7 @@ new_fake_orcirc(channel_t *nchan, channel_t *pchan) circuit_set_n_circid_chan(circ, circ->n_circ_id, nchan); tmp_cpath = crypt_path_new(); - if (circuit_init_cpath_crypto(tmp_cpath, whatevs_key, + if (cpath_init_circuit_crypto(tmp_cpath, whatevs_key, sizeof(whatevs_key), 0, 0)<0) { log_warn(LD_BUG,"Circuit initialization failed"); return NULL; @@ -1621,7 +1621,7 @@ simulate_single_hop_extend(circuit_t *client, circuit_t *mid_relay, // Add a hop to cpath crypt_path_t *hop = crypt_path_new(); - onion_append_to_cpath(&TO_ORIGIN_CIRCUIT(client)->cpath, hop); + cpath_extend_linked_list(&TO_ORIGIN_CIRCUIT(client)->cpath, hop); hop->state = CPATH_STATE_OPEN; @@ -1634,7 +1634,7 @@ simulate_single_hop_extend(circuit_t *client, circuit_t *mid_relay, digest, NULL, NULL, NULL, &addr, padding); - circuit_init_cpath_crypto(hop, whatevs_key, sizeof(whatevs_key), 0, 0); + cpath_init_circuit_crypto(hop, whatevs_key, sizeof(whatevs_key), 0, 0); hop->package_window = circuit_initial_package_window(); hop->deliver_window = CIRCWINDOW_START; diff --git a/src/test/test_circuitstats.c b/src/test/test_circuitstats.c index 1cbcb14f2b..2a09622f09 100644 --- a/src/test/test_circuitstats.c +++ b/src/test/test_circuitstats.c @@ -28,7 +28,7 @@ origin_circuit_t *subtest_fourhop_circuit(struct timeval, int); origin_circuit_t *add_opened_threehop(void); origin_circuit_t *build_unopened_fourhop(struct timeval); -int onion_append_hop(crypt_path_t **head_ptr, extend_info_t *choice); +int cpath_append_hop(crypt_path_t **head_ptr, extend_info_t *choice); static int marked_for_close; /* Mock function because we are not trying to test the close circuit that does @@ -57,9 +57,9 @@ add_opened_threehop(void) or_circ->build_state = tor_malloc_zero(sizeof(cpath_build_state_t)); or_circ->build_state->desired_path_len = DEFAULT_ROUTE_LEN; - onion_append_hop(&or_circ->cpath, &fakehop); - onion_append_hop(&or_circ->cpath, &fakehop); - onion_append_hop(&or_circ->cpath, &fakehop); + cpath_append_hop(&or_circ->cpath, &fakehop); + cpath_append_hop(&or_circ->cpath, &fakehop); + cpath_append_hop(&or_circ->cpath, &fakehop); or_circ->has_opened = 1; TO_CIRCUIT(or_circ)->state = CIRCUIT_STATE_OPEN; @@ -82,10 +82,10 @@ build_unopened_fourhop(struct timeval circ_start_time) or_circ->build_state = tor_malloc_zero(sizeof(cpath_build_state_t)); or_circ->build_state->desired_path_len = 4; - onion_append_hop(&or_circ->cpath, fakehop); - onion_append_hop(&or_circ->cpath, fakehop); - onion_append_hop(&or_circ->cpath, fakehop); - onion_append_hop(&or_circ->cpath, fakehop); + cpath_append_hop(&or_circ->cpath, fakehop); + cpath_append_hop(&or_circ->cpath, fakehop); + cpath_append_hop(&or_circ->cpath, fakehop); + cpath_append_hop(&or_circ->cpath, fakehop); tor_free(fakehop); diff --git a/src/test/test_relaycrypt.c b/src/test/test_relaycrypt.c index a3a102e73b..1977958d1f 100644 --- a/src/test/test_relaycrypt.c +++ b/src/test/test_relaycrypt.c @@ -54,7 +54,7 @@ testing_circuitset_setup(const struct testcase_t *testcase) relay_crypto_init(&hop->private->crypto, KEY_MATERIAL[i], sizeof(KEY_MATERIAL[i]), 0, 0); hop->state = CPATH_STATE_OPEN; - onion_append_to_cpath(&cs->origin_circ->cpath, hop); + cpath_extend_linked_list(&cs->origin_circ->cpath, hop); tt_ptr_op(hop, OP_EQ, cs->origin_circ->cpath->prev); } -- cgit v1.2.3-54-g00ecf From 0ed5c6edf9c905276d462ed2402568216ecb1dee Mon Sep 17 00:00:00 2001 From: George Kadianakis Date: Tue, 9 Apr 2019 17:57:04 +0300 Subject: Hiding crypt_path_t: Move some more crypt_path-specific functions. - Move test-only cpath_get_n_hops() to crypt_path.c. - Move onion_next_hop_in_cpath() and rename to cpath_get_next_non_open_hop(). The latter function was directly accessing cpath->state, and it's a first step at hiding ->state. --- src/core/or/circuitbuild.c | 45 +++------------------------------------------ src/core/or/circuitbuild.h | 5 ----- src/core/or/crypt_path.c | 41 +++++++++++++++++++++++++++++++++++++++++ src/core/or/crypt_path.h | 6 ++++++ 4 files changed, 50 insertions(+), 47 deletions(-) diff --git a/src/core/or/circuitbuild.c b/src/core/or/circuitbuild.c index b445b94637..e59aca0e25 100644 --- a/src/core/or/circuitbuild.c +++ b/src/core/or/circuitbuild.c @@ -91,7 +91,6 @@ static channel_t * channel_connect_for_circuit(const tor_addr_t *addr, static int circuit_deliver_create_cell(circuit_t *circ, const create_cell_t *create_cell, int relayed); -static crypt_path_t *onion_next_hop_in_cpath(crypt_path_t *cpath); static int circuit_send_first_onion_skin(origin_circuit_t *circ); static int circuit_build_no_more_hops(origin_circuit_t *circ); static int circuit_send_intermediate_onion_skin(origin_circuit_t *circ, @@ -547,7 +546,7 @@ circuit_handle_first_hop(origin_circuit_t *circ) int should_launch = 0; const or_options_t *options = get_options(); - firsthop = onion_next_hop_in_cpath(circ->cpath); + firsthop = cpath_get_next_non_open_hop(circ->cpath); tor_assert(firsthop); tor_assert(firsthop->extend_info); @@ -948,7 +947,7 @@ circuit_send_next_onion_skin(origin_circuit_t *circ) tor_assert(circ->cpath->state == CPATH_STATE_OPEN); tor_assert(circ->base_.state == CIRCUIT_STATE_BUILDING); - crypt_path_t *hop = onion_next_hop_in_cpath(circ->cpath); + crypt_path_t *hop = cpath_get_next_non_open_hop(circ->cpath); circuit_build_times_handle_completed_hop(circ); circpad_machine_event_circ_added_hop(circ); @@ -1385,7 +1384,7 @@ circuit_finish_handshake(origin_circuit_t *circ, if (circ->cpath->state == CPATH_STATE_AWAITING_KEYS) { hop = circ->cpath; } else { - hop = onion_next_hop_in_cpath(circ->cpath); + hop = cpath_get_next_non_open_hop(circ->cpath); if (!hop) { /* got an extended when we're all done? */ log_warn(LD_PROTOCOL,"got extended when circ already built? Closing."); return - END_CIRC_REASON_TORPROTOCOL; @@ -2345,30 +2344,6 @@ count_acceptable_nodes, (const smartlist_t *nodes, int direct)) return num; } -#ifdef TOR_UNIT_TESTS - -/** Unittest helper function: Count number of hops in cpath linked list. */ -unsigned int -cpath_get_n_hops(crypt_path_t **head_ptr) -{ - unsigned int n_hops = 0; - crypt_path_t *tmp; - - if (!*head_ptr) { - return 0; - } - - tmp = *head_ptr; - do { - n_hops++; - tmp = tmp->next; - } while (tmp != *head_ptr); - - return n_hops; -} - -#endif /* defined(TOR_UNIT_TESTS) */ - /** * Build the exclude list for vanguard circuits. * @@ -2643,20 +2618,6 @@ choose_good_entry_server(uint8_t purpose, cpath_build_state_t *state, return choice; } -/** Return the first non-open hop in cpath, or return NULL if all - * hops are open. */ -static crypt_path_t * -onion_next_hop_in_cpath(crypt_path_t *cpath) -{ - crypt_path_t *hop = cpath; - do { - if (hop->state != CPATH_STATE_OPEN) - return hop; - hop = hop->next; - } while (hop != cpath); - return NULL; -} - /** Choose a suitable next hop for the circuit circ. * Append the hop info to circ->cpath. * diff --git a/src/core/or/circuitbuild.h b/src/core/or/circuitbuild.h index f6403955ba..ad7d032cd4 100644 --- a/src/core/or/circuitbuild.h +++ b/src/core/or/circuitbuild.h @@ -89,11 +89,6 @@ STATIC int onion_pick_cpath_exit(origin_circuit_t *circ, extend_info_t *exit_ei, int is_hs_v3_rp_circuit); -#if defined(TOR_UNIT_TESTS) -unsigned int cpath_get_n_hops(crypt_path_t **head_ptr); - -#endif /* defined(TOR_UNIT_TESTS) */ - #endif /* defined(CIRCUITBUILD_PRIVATE) */ #endif /* !defined(TOR_CIRCUITBUILD_H) */ diff --git a/src/core/or/crypt_path.c b/src/core/or/crypt_path.c index 13063e5da8..8fcbcc2a12 100644 --- a/src/core/or/crypt_path.c +++ b/src/core/or/crypt_path.c @@ -210,3 +210,44 @@ cpath_set_cell_forward_digest(crypt_path_t *cpath, cell_t *cell) tor_assert(cpath->private); relay_set_digest(cpath->private->crypto.f_digest, cell); } + +/************ other cpath functions ***************************/ + +/** Return the first non-open hop in cpath, or return NULL if all + * hops are open. */ +crypt_path_t * +cpath_get_next_non_open_hop(crypt_path_t *cpath) +{ + crypt_path_t *hop = cpath; + do { + if (hop->state != CPATH_STATE_OPEN) + return hop; + hop = hop->next; + } while (hop != cpath); + return NULL; +} + +#ifdef TOR_UNIT_TESTS + +/** Unittest helper function: Count number of hops in cpath linked list. */ +unsigned int +cpath_get_n_hops(crypt_path_t **head_ptr) +{ + unsigned int n_hops = 0; + crypt_path_t *tmp; + + if (!*head_ptr) { + return 0; + } + + tmp = *head_ptr; + do { + n_hops++; + tmp = tmp->next; + } while (tmp != *head_ptr); + + return n_hops; +} + +#endif /* defined(TOR_UNIT_TESTS) */ + diff --git a/src/core/or/crypt_path.h b/src/core/or/crypt_path.h index 4a0117360e..ed59037760 100644 --- a/src/core/or/crypt_path.h +++ b/src/core/or/crypt_path.h @@ -32,4 +32,10 @@ cpath_get_incoming_digest(const crypt_path_t *cpath); void cpath_set_cell_forward_digest(crypt_path_t *cpath, cell_t *cell); +crypt_path_t *cpath_get_next_non_open_hop(crypt_path_t *cpath); + +#if defined(TOR_UNIT_TESTS) +unsigned int cpath_get_n_hops(crypt_path_t **head_ptr); +#endif /* defined(TOR_UNIT_TESTS) */ + #endif -- cgit v1.2.3-54-g00ecf From 2e9e3e7d4198ff75e6bd12bc7a38c0f288fbe381 Mon Sep 17 00:00:00 2001 From: George Kadianakis Date: Tue, 9 Apr 2019 18:04:15 +0300 Subject: Hiding crypt_path_t: Some TODO notes for future directions. --- src/core/or/crypt_path.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/src/core/or/crypt_path.c b/src/core/or/crypt_path.c index 8fcbcc2a12..c7ff8690de 100644 --- a/src/core/or/crypt_path.c +++ b/src/core/or/crypt_path.c @@ -8,6 +8,17 @@ * \brief Functions dealing with layered circuit encryption. This file aims to * provide an API around the crypt_path_t structure which holds crypto * information about a specific hop of a circuit. + * + * TODO: We should eventually move all functions dealing and manipulating + * crypt_path_t to this file, so that eventually we encapsulate more and more + * of crypt_path_t. Here are some more functions that can be moved here with + * some more effort: + * + * - circuit_list_path_impl() + * - Functions dealing with cpaths in HSv2 create_rend_cpath() and + * create_rend_cpath_legacy() + * - The cpath related parts of rend_service_receive_introduction() and + * rend_client_send_introduction(). **/ #define CRYPT_PATH_PRIVATE -- cgit v1.2.3-54-g00ecf From 4060b7623d3845a4d4ecdbf8f9c219e0148e1380 Mon Sep 17 00:00:00 2001 From: George Kadianakis Date: Fri, 26 Apr 2019 14:26:22 +0300 Subject: Revert "Hiding crypt_path_t: Create a constructor for crypt_path_t." This reverts commit ab8b80944967ee5a6a0c45dbf61839cf257bfe44. --- src/core/or/crypt_path.c | 15 ++------------- src/core/or/crypt_path.h | 2 -- src/core/or/crypt_path_st.h | 5 +++-- src/feature/hs/hs_circuit.c | 3 ++- src/feature/rend/rendclient.c | 5 +++-- src/feature/rend/rendservice.c | 3 ++- src/test/test_circuitpadding.c | 13 ++++++------- src/test/test_hs_client.c | 6 ++++-- src/test/test_hs_service.c | 5 +++-- src/test/test_relaycell.c | 4 ++-- src/test/test_relaycrypt.c | 2 +- 11 files changed, 28 insertions(+), 35 deletions(-) diff --git a/src/core/or/crypt_path.c b/src/core/or/crypt_path.c index c7ff8690de..c44d65231d 100644 --- a/src/core/or/crypt_path.c +++ b/src/core/or/crypt_path.c @@ -37,17 +37,6 @@ #include "core/or/crypt_path_st.h" #include "core/or/cell_st.h" -/** Initialize and return a minimal crypt_path_t */ -crypt_path_t * -crypt_path_new(void) -{ - crypt_path_t *cpath = tor_malloc_zero(sizeof(crypt_path_t)); - cpath->magic = CRYPT_PATH_MAGIC; - cpath->private = tor_malloc_zero(sizeof(struct crypt_path_private_t)); - - return cpath; -} - /** Add new_hop to the end of the doubly-linked-list head_ptr. * This function is used to extend cpath by another hop. */ @@ -71,11 +60,12 @@ cpath_extend_linked_list(crypt_path_t **head_ptr, crypt_path_t *new_hop) int cpath_append_hop(crypt_path_t **head_ptr, extend_info_t *choice) { - crypt_path_t *hop = crypt_path_new(); + crypt_path_t *hop = tor_malloc_zero(sizeof(crypt_path_t)); /* link hop into the cpath, at the end. */ cpath_extend_linked_list(head_ptr, hop); + hop->magic = CRYPT_PATH_MAGIC; hop->state = CPATH_STATE_CLOSED; hop->extend_info = extend_info_dup(choice); @@ -180,7 +170,6 @@ cpath_free(crypt_path_t *victim) onion_handshake_state_release(&victim->handshake_state); crypto_dh_free(victim->rend_dh_handshake_state); extend_info_free(victim->extend_info); - tor_free(victim->private); memwipe(victim, 0xBB, sizeof(crypt_path_t)); /* poison memory */ tor_free(victim); diff --git a/src/core/or/crypt_path.h b/src/core/or/crypt_path.h index ed59037760..19c8571d06 100644 --- a/src/core/or/crypt_path.h +++ b/src/core/or/crypt_path.h @@ -6,8 +6,6 @@ #ifndef CRYPT_PATH_H #define CRYPT_PATH_H -crypt_path_t *crypt_path_new(void); - void cpath_assert_layer_ok(const crypt_path_t *cp); void cpath_assert_ok(const crypt_path_t *cp); diff --git a/src/core/or/crypt_path_st.h b/src/core/or/crypt_path_st.h index 7da3c57f49..833cfefad1 100644 --- a/src/core/or/crypt_path_st.h +++ b/src/core/or/crypt_path_st.h @@ -8,6 +8,9 @@ #define CRYPT_PATH_ST_H #include "core/or/relay_crypto_st.h" +struct crypto_dh_t; + +#define CRYPT_PATH_MAGIC 0x70127012u struct fast_handshake_state_t; struct ntor_handshake_state_t; @@ -23,8 +26,6 @@ struct onion_handshake_state_t { #ifdef CRYPT_PATH_PRIVATE -#define CRYPT_PATH_MAGIC 0x70127012u - /* The private parts of crypt path that don't need to be exposed to all the * modules. */ struct crypt_path_private_t { diff --git a/src/feature/hs/hs_circuit.c b/src/feature/hs/hs_circuit.c index 7d17aff72f..a6e86c5ab3 100644 --- a/src/feature/hs/hs_circuit.c +++ b/src/feature/hs/hs_circuit.c @@ -87,7 +87,8 @@ create_rend_cpath(const uint8_t *ntor_key_seed, size_t seed_len, } /* Setup the cpath */ - cpath = crypt_path_new(); + cpath = tor_malloc_zero(sizeof(crypt_path_t)); + cpath->magic = CRYPT_PATH_MAGIC; if (cpath_init_circuit_crypto(cpath, (char*)keys, sizeof(keys), is_service_side, 1) < 0) { diff --git a/src/feature/rend/rendclient.c b/src/feature/rend/rendclient.c index c6e9dde878..f84d221b1a 100644 --- a/src/feature/rend/rendclient.c +++ b/src/feature/rend/rendclient.c @@ -16,7 +16,6 @@ #include "core/or/circuituse.h" #include "core/or/connection_edge.h" #include "core/or/relay.h" -#include "core/or/crypt_path.h" #include "feature/client/circpathbias.h" #include "feature/control/control_events.h" #include "feature/dirclient/dirclient.h" @@ -195,7 +194,9 @@ rend_client_send_introduction(origin_circuit_t *introcirc, /* Initialize the pending_final_cpath and start the DH handshake. */ cpath = rendcirc->build_state->pending_final_cpath; if (!cpath) { - cpath = rendcirc->build_state->pending_final_cpath = crypt_path_new(); + cpath = rendcirc->build_state->pending_final_cpath = + tor_malloc_zero(sizeof(crypt_path_t)); + cpath->magic = CRYPT_PATH_MAGIC; if (!(cpath->rend_dh_handshake_state = crypto_dh_new(DH_TYPE_REND))) { log_warn(LD_BUG, "Internal error: couldn't allocate DH."); status = -2; diff --git a/src/feature/rend/rendservice.c b/src/feature/rend/rendservice.c index 0ecd0e6ff6..98c7253bcc 100644 --- a/src/feature/rend/rendservice.c +++ b/src/feature/rend/rendservice.c @@ -2158,7 +2158,8 @@ rend_service_receive_introduction(origin_circuit_t *circuit, launched->build_state->service_pending_final_cpath_ref->refcount = 1; launched->build_state->service_pending_final_cpath_ref->cpath = cpath = - crypt_path_new(); + tor_malloc_zero(sizeof(crypt_path_t)); + cpath->magic = CRYPT_PATH_MAGIC; launched->build_state->expiry_time = now + MAX_REND_TIMEOUT; cpath->rend_dh_handshake_state = dh; diff --git a/src/test/test_circuitpadding.c b/src/test/test_circuitpadding.c index e33e56af3f..5550488d0f 100644 --- a/src/test/test_circuitpadding.c +++ b/src/test/test_circuitpadding.c @@ -115,7 +115,7 @@ new_fake_orcirc(channel_t *nchan, channel_t *pchan) { or_circuit_t *orcirc = NULL; circuit_t *circ = NULL; - crypt_path_t *tmp_cpath; + crypt_path_t tmp_cpath; char whatevs_key[CPATH_KEY_MATERIAL_LEN]; orcirc = tor_malloc_zero(sizeof(*orcirc)); @@ -144,15 +144,13 @@ new_fake_orcirc(channel_t *nchan, channel_t *pchan) circuit_set_p_circid_chan(orcirc, orcirc->p_circ_id, pchan); circuit_set_n_circid_chan(circ, circ->n_circ_id, nchan); - tmp_cpath = crypt_path_new(); - if (cpath_init_circuit_crypto(tmp_cpath, whatevs_key, + memset(&tmp_cpath, 0, sizeof(tmp_cpath)); + if (cpath_init_circuit_crypto(&tmp_cpath, whatevs_key, sizeof(whatevs_key), 0, 0)<0) { log_warn(LD_BUG,"Circuit initialization failed"); return NULL; } - orcirc->crypto = tmp_cpath->private->crypto; - tor_free(tmp_cpath->private); - tor_free(tmp_cpath); + orcirc->crypto = tmp_cpath.private->crypto; return orcirc; } @@ -1620,9 +1618,10 @@ simulate_single_hop_extend(circuit_t *client, circuit_t *mid_relay, circpad_cell_event_nonpadding_received((circuit_t*)client); // Add a hop to cpath - crypt_path_t *hop = crypt_path_new(); + crypt_path_t *hop = tor_malloc_zero(sizeof(crypt_path_t)); cpath_extend_linked_list(&TO_ORIGIN_CIRCUIT(client)->cpath, hop); + hop->magic = CRYPT_PATH_MAGIC; hop->state = CPATH_STATE_OPEN; // add an extend info to indicate if this node supports padding or not. diff --git a/src/test/test_hs_client.c b/src/test/test_hs_client.c index cd049b7c47..7f5f255076 100644 --- a/src/test/test_hs_client.c +++ b/src/test/test_hs_client.c @@ -39,13 +39,13 @@ #include "feature/hs/hs_cache.h" #include "core/or/circuitlist.h" #include "core/or/circuitbuild.h" -#include "core/or/crypt_path.h" #include "core/mainloop/connection.h" #include "core/or/connection_edge.h" #include "feature/nodelist/networkstatus.h" #include "core/or/cpath_build_state_st.h" #include "core/or/crypt_path_st.h" +#include "core/or/crypt_path.h" #include "feature/dircommon/dir_connection_st.h" #include "core/or/entry_connection_st.h" #include "core/or/extend_info_st.h" @@ -146,7 +146,9 @@ helper_get_circ_and_stream_for_test(origin_circuit_t **circ_out, if (is_legacy) { /* Legacy: Setup rend data and final cpath */ - or_circ->build_state->pending_final_cpath = crypt_path_new(); + or_circ->build_state->pending_final_cpath = + tor_malloc_zero(sizeof(crypt_path_t)); + or_circ->build_state->pending_final_cpath->magic = CRYPT_PATH_MAGIC; or_circ->build_state->pending_final_cpath->rend_dh_handshake_state = crypto_dh_new(DH_TYPE_REND); tt_assert( diff --git a/src/test/test_hs_service.c b/src/test/test_hs_service.c index 08dac04d21..8a22e4d590 100644 --- a/src/test/test_hs_service.c +++ b/src/test/test_hs_service.c @@ -38,7 +38,6 @@ #include "core/or/circuitbuild.h" #include "core/or/circuitlist.h" #include "core/or/circuituse.h" -#include "core/or/crypt_path.h" #include "core/or/connection_edge.h" #include "core/or/edge_connection_st.h" #include "core/or/relay.h" @@ -62,6 +61,7 @@ #include "core/or/cpath_build_state_st.h" #include "core/or/crypt_path_st.h" +#include "core/or/crypt_path.h" #include "feature/nodelist/networkstatus_st.h" #include "feature/nodelist/node_st.h" #include "core/or/origin_circuit_st.h" @@ -221,7 +221,8 @@ helper_create_origin_circuit(int purpose, int flags) circ = origin_circuit_init(purpose, flags); tor_assert(circ); - circ->cpath = crypt_path_new(); + circ->cpath = tor_malloc_zero(sizeof(crypt_path_t)); + circ->cpath->magic = CRYPT_PATH_MAGIC; circ->cpath->state = CPATH_STATE_OPEN; circ->cpath->package_window = circuit_initial_package_window(); circ->cpath->deliver_window = CIRCWINDOW_START; diff --git a/src/test/test_relaycell.c b/src/test/test_relaycell.c index b48c7ca8ac..0623583511 100644 --- a/src/test/test_relaycell.c +++ b/src/test/test_relaycell.c @@ -16,7 +16,6 @@ #include "lib/crypt_ops/crypto_rand.h" #include "core/or/circuitbuild.h" #include "core/or/circuitlist.h" -#include "core/or/crypt_path.h" #include "core/or/connection_edge.h" #include "core/or/relay.h" #include "test/test.h" @@ -91,7 +90,8 @@ helper_create_origin_circuit(int purpose, int flags) circ = origin_circuit_init(purpose, flags); tor_assert(circ); - circ->cpath = crypt_path_new(); + circ->cpath = tor_malloc_zero(sizeof(crypt_path_t)); + circ->cpath->magic = CRYPT_PATH_MAGIC; circ->cpath->state = CPATH_STATE_OPEN; circ->cpath->package_window = circuit_initial_package_window(); circ->cpath->deliver_window = CIRCWINDOW_START; diff --git a/src/test/test_relaycrypt.c b/src/test/test_relaycrypt.c index 1977958d1f..5dc6b47d74 100644 --- a/src/test/test_relaycrypt.c +++ b/src/test/test_relaycrypt.c @@ -50,7 +50,7 @@ testing_circuitset_setup(const struct testcase_t *testcase) cs->origin_circ = origin_circuit_new(); cs->origin_circ->base_.purpose = CIRCUIT_PURPOSE_C_GENERAL; for (i=0; i<3; ++i) { - crypt_path_t *hop = crypt_path_new(); + crypt_path_t *hop = tor_malloc_zero(sizeof(*hop)); relay_crypto_init(&hop->private->crypto, KEY_MATERIAL[i], sizeof(KEY_MATERIAL[i]), 0, 0); hop->state = CPATH_STATE_OPEN; -- cgit v1.2.3-54-g00ecf From 2ef0324639dd2e2c551be039c7f449eb6cab6703 Mon Sep 17 00:00:00 2001 From: George Kadianakis Date: Fri, 26 Apr 2019 14:28:03 +0300 Subject: Revert "Hiding crypt_path_t: Ensure that ->private is initialized." This reverts commit 7497c9193a0f2c891a0802bf5fbe73cf7ec1ca99. --- src/core/or/crypt_path.c | 11 +---------- 1 file changed, 1 insertion(+), 10 deletions(-) diff --git a/src/core/or/crypt_path.c b/src/core/or/crypt_path.c index c44d65231d..b7068fd67a 100644 --- a/src/core/or/crypt_path.c +++ b/src/core/or/crypt_path.c @@ -109,7 +109,6 @@ cpath_assert_layer_ok(const crypt_path_t *cp) // tor_assert(cp->port); tor_assert(cp); tor_assert(cp->magic == CRYPT_PATH_MAGIC); - tor_assert(cp->private); switch (cp->state) { case CPATH_STATE_OPEN: @@ -154,7 +153,6 @@ cpath_init_circuit_crypto(crypt_path_t *cpath, { tor_assert(cpath); - tor_assert(cpath->private); return relay_crypto_init(&cpath->private->crypto, key_data, key_data_len, reverse, is_hs_v3); } @@ -163,7 +161,7 @@ cpath_init_circuit_crypto(crypt_path_t *cpath, void cpath_free(crypt_path_t *victim) { - if (!victim || BUG(!victim->private)) + if (!victim) return; relay_crypto_clear(&victim->private->crypto); @@ -182,9 +180,6 @@ cpath_free(crypt_path_t *victim) void cpath_crypt_cell(const crypt_path_t *cpath, uint8_t *payload, bool is_decrypt) { - tor_assert(cpath); - tor_assert(cpath->private); - if (is_decrypt) { relay_crypt_one_payload(cpath->private->crypto.b_crypto, payload); } else { @@ -196,8 +191,6 @@ cpath_crypt_cell(const crypt_path_t *cpath, uint8_t *payload, bool is_decrypt) struct crypto_digest_t * cpath_get_incoming_digest(const crypt_path_t *cpath) { - tor_assert(cpath); - tor_assert(cpath->private); return cpath->private->crypto.b_digest; } @@ -206,8 +199,6 @@ cpath_get_incoming_digest(const crypt_path_t *cpath) void cpath_set_cell_forward_digest(crypt_path_t *cpath, cell_t *cell) { - tor_assert(cpath); - tor_assert(cpath->private); relay_set_digest(cpath->private->crypto.f_digest, cell); } -- cgit v1.2.3-54-g00ecf From 55d35c0caa4142f92e2efd85bffe52568c173100 Mon Sep 17 00:00:00 2001 From: George Kadianakis Date: Fri, 26 Apr 2019 14:19:14 +0300 Subject: Hiding crypt_path_t: Hiding 'crypto' using a macro. --- src/core/or/crypt_path_st.h | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) diff --git a/src/core/or/crypt_path_st.h b/src/core/or/crypt_path_st.h index 833cfefad1..d18d23e939 100644 --- a/src/core/or/crypt_path_st.h +++ b/src/core/or/crypt_path_st.h @@ -24,15 +24,16 @@ struct onion_handshake_state_t { } u; }; +/** Macro to encapsulate private members of a struct. + * + * Renames 'x' to 'x_crypt_path_private_field'. + */ +#define CRYPT_PATH_PRIV_FIELD(x) x ## _crypt_path_private_field + #ifdef CRYPT_PATH_PRIVATE -/* The private parts of crypt path that don't need to be exposed to all the - * modules. */ -struct crypt_path_private_t { - /** Cryptographic state used for encrypting and authenticating relay - * cells to and from this hop. */ - relay_crypto_t crypto; -}; +/* Helper macro to access private members of a struct. */ +#define pvt_crypto CRYPT_PATH_PRIV_FIELD(crypto) #endif @@ -74,9 +75,11 @@ struct crypt_path_t { int deliver_window; /**< How many cells are we willing to deliver originating * at this step? */ - /* Private parts of the crypt_path. Eventually everything should be - * private. */ - struct crypt_path_private_t *private; + /*********************** Private members ****************************/ + + /** Private member: Cryptographic state used for encrypting and + * authenticating relay cells to and from this hop. */ + relay_crypto_t CRYPT_PATH_PRIV_FIELD(crypto); }; #endif -- cgit v1.2.3-54-g00ecf From ea5f355fc96b6c61b40dafaea05f147f6d9ba57b Mon Sep 17 00:00:00 2001 From: George Kadianakis Date: Fri, 26 Apr 2019 14:20:26 +0300 Subject: Hiding crypt_path_t: Change code to use the privatization macro. --- src/core/or/crypt_path.c | 14 +++++++------- src/test/test_circuitpadding.c | 2 +- src/test/test_hs_client.c | 16 ++++++++-------- src/test/test_hs_service.c | 8 ++++---- src/test/test_relaycrypt.c | 2 +- 5 files changed, 21 insertions(+), 21 deletions(-) diff --git a/src/core/or/crypt_path.c b/src/core/or/crypt_path.c index b7068fd67a..e2234cc2a6 100644 --- a/src/core/or/crypt_path.c +++ b/src/core/or/crypt_path.c @@ -112,7 +112,7 @@ cpath_assert_layer_ok(const crypt_path_t *cp) switch (cp->state) { case CPATH_STATE_OPEN: - relay_crypto_assert_ok(&cp->private->crypto); + relay_crypto_assert_ok(&cp->pvt_crypto); /* fall through */ case CPATH_STATE_CLOSED: /*XXXX Assert that there's no handshake_state either. */ @@ -153,7 +153,7 @@ cpath_init_circuit_crypto(crypt_path_t *cpath, { tor_assert(cpath); - return relay_crypto_init(&cpath->private->crypto, key_data, key_data_len, + return relay_crypto_init(&cpath->pvt_crypto, key_data, key_data_len, reverse, is_hs_v3); } @@ -164,7 +164,7 @@ cpath_free(crypt_path_t *victim) if (!victim) return; - relay_crypto_clear(&victim->private->crypto); + relay_crypto_clear(&victim->pvt_crypto); onion_handshake_state_release(&victim->handshake_state); crypto_dh_free(victim->rend_dh_handshake_state); extend_info_free(victim->extend_info); @@ -181,9 +181,9 @@ void cpath_crypt_cell(const crypt_path_t *cpath, uint8_t *payload, bool is_decrypt) { if (is_decrypt) { - relay_crypt_one_payload(cpath->private->crypto.b_crypto, payload); + relay_crypt_one_payload(cpath->pvt_crypto.b_crypto, payload); } else { - relay_crypt_one_payload(cpath->private->crypto.f_crypto, payload); + relay_crypt_one_payload(cpath->pvt_crypto.f_crypto, payload); } } @@ -191,7 +191,7 @@ cpath_crypt_cell(const crypt_path_t *cpath, uint8_t *payload, bool is_decrypt) struct crypto_digest_t * cpath_get_incoming_digest(const crypt_path_t *cpath) { - return cpath->private->crypto.b_digest; + return cpath->pvt_crypto.b_digest; } /** Set the right integrity digest on the outgoing cell based on the @@ -199,7 +199,7 @@ cpath_get_incoming_digest(const crypt_path_t *cpath) void cpath_set_cell_forward_digest(crypt_path_t *cpath, cell_t *cell) { - relay_set_digest(cpath->private->crypto.f_digest, cell); + relay_set_digest(cpath->pvt_crypto.f_digest, cell); } /************ other cpath functions ***************************/ diff --git a/src/test/test_circuitpadding.c b/src/test/test_circuitpadding.c index 5550488d0f..914bcb97d7 100644 --- a/src/test/test_circuitpadding.c +++ b/src/test/test_circuitpadding.c @@ -150,7 +150,7 @@ new_fake_orcirc(channel_t *nchan, channel_t *pchan) log_warn(LD_BUG,"Circuit initialization failed"); return NULL; } - orcirc->crypto = tmp_cpath.private->crypto; + orcirc->crypto = tmp_cpath.pvt_crypto; return orcirc; } diff --git a/src/test/test_hs_client.c b/src/test/test_hs_client.c index 7f5f255076..6cf0b68e98 100644 --- a/src/test/test_hs_client.c +++ b/src/test/test_hs_client.c @@ -244,13 +244,13 @@ test_e2e_rend_circuit_setup_legacy(void *arg) /* Check the digest algo */ tt_int_op( - crypto_digest_get_algorithm(or_circ->cpath->private->crypto.f_digest), + crypto_digest_get_algorithm(or_circ->cpath->pvt_crypto.f_digest), OP_EQ, DIGEST_SHA1); tt_int_op( - crypto_digest_get_algorithm(or_circ->cpath->private->crypto.b_digest), + crypto_digest_get_algorithm(or_circ->cpath->pvt_crypto.b_digest), OP_EQ, DIGEST_SHA1); - tt_assert(or_circ->cpath->private->crypto.f_crypto); - tt_assert(or_circ->cpath->private->crypto.b_crypto); + tt_assert(or_circ->cpath->pvt_crypto.f_crypto); + tt_assert(or_circ->cpath->pvt_crypto.b_crypto); /* Ensure that circ purpose was changed */ tt_int_op(or_circ->base_.purpose, OP_EQ, CIRCUIT_PURPOSE_C_REND_JOINED); @@ -316,13 +316,13 @@ test_e2e_rend_circuit_setup(void *arg) /* Check that the crypt path has prop224 algorithm parameters */ tt_int_op( - crypto_digest_get_algorithm(or_circ->cpath->private->crypto.f_digest), + crypto_digest_get_algorithm(or_circ->cpath->pvt_crypto.f_digest), OP_EQ, DIGEST_SHA3_256); tt_int_op( - crypto_digest_get_algorithm(or_circ->cpath->private->crypto.b_digest), + crypto_digest_get_algorithm(or_circ->cpath->pvt_crypto.b_digest), OP_EQ, DIGEST_SHA3_256); - tt_assert(or_circ->cpath->private->crypto.f_crypto); - tt_assert(or_circ->cpath->private->crypto.b_crypto); + tt_assert(or_circ->cpath->pvt_crypto.f_crypto); + tt_assert(or_circ->cpath->pvt_crypto.b_crypto); /* Ensure that circ purpose was changed */ tt_int_op(or_circ->base_.purpose, OP_EQ, CIRCUIT_PURPOSE_C_REND_JOINED); diff --git a/src/test/test_hs_service.c b/src/test/test_hs_service.c index 8a22e4d590..2a6aa5c63c 100644 --- a/src/test/test_hs_service.c +++ b/src/test/test_hs_service.c @@ -196,13 +196,13 @@ test_e2e_rend_circuit_setup(void *arg) /* Check the digest algo */ tt_int_op( - crypto_digest_get_algorithm(or_circ->cpath->private->crypto.f_digest), + crypto_digest_get_algorithm(or_circ->cpath->pvt_crypto.f_digest), OP_EQ, DIGEST_SHA3_256); tt_int_op( - crypto_digest_get_algorithm(or_circ->cpath->private->crypto.b_digest), + crypto_digest_get_algorithm(or_circ->cpath->pvt_crypto.b_digest), OP_EQ, DIGEST_SHA3_256); - tt_assert(or_circ->cpath->private->crypto.f_crypto); - tt_assert(or_circ->cpath->private->crypto.b_crypto); + tt_assert(or_circ->cpath->pvt_crypto.f_crypto); + tt_assert(or_circ->cpath->pvt_crypto.b_crypto); /* Ensure that circ purpose was changed */ tt_int_op(or_circ->base_.purpose, OP_EQ, CIRCUIT_PURPOSE_S_REND_JOINED); diff --git a/src/test/test_relaycrypt.c b/src/test/test_relaycrypt.c index 5dc6b47d74..4bbf07c3ec 100644 --- a/src/test/test_relaycrypt.c +++ b/src/test/test_relaycrypt.c @@ -51,7 +51,7 @@ testing_circuitset_setup(const struct testcase_t *testcase) cs->origin_circ->base_.purpose = CIRCUIT_PURPOSE_C_GENERAL; for (i=0; i<3; ++i) { crypt_path_t *hop = tor_malloc_zero(sizeof(*hop)); - relay_crypto_init(&hop->private->crypto, KEY_MATERIAL[i], + relay_crypto_init(&hop->pvt_crypto, KEY_MATERIAL[i], sizeof(KEY_MATERIAL[i]), 0, 0); hop->state = CPATH_STATE_OPEN; cpath_extend_linked_list(&cs->origin_circ->cpath, hop); -- cgit v1.2.3-54-g00ecf From 7f2cd6545ce324b5241f002e7c412408ca5902b7 Mon Sep 17 00:00:00 2001 From: George Kadianakis Date: Fri, 3 May 2019 18:27:58 +0300 Subject: Hiding crypt_path_t: Hide 'crypto' usage in sendme.c --- scripts/maint/practracker/exceptions.txt | 7 +++---- src/core/crypto/relay_crypto.c | 2 +- src/core/or/crypt_path.c | 18 ++++++++++++++++++ src/core/or/crypt_path.h | 4 ++++ src/core/or/sendme.c | 12 ++---------- src/core/or/sendme.h | 1 - 6 files changed, 28 insertions(+), 16 deletions(-) diff --git a/scripts/maint/practracker/exceptions.txt b/scripts/maint/practracker/exceptions.txt index a2b6d36ea8..70176ad896 100644 --- a/scripts/maint/practracker/exceptions.txt +++ b/scripts/maint/practracker/exceptions.txt @@ -54,9 +54,9 @@ problem function-size /src/app/main/main.c:sandbox_init_filter() 291 problem function-size /src/app/main/main.c:run_tor_main_loop() 105 problem function-size /src/app/main/ntmain.c:nt_service_install() 125 problem include-count /src/app/main/shutdown.c 52 -problem file-size /src/core/mainloop/connection.c 5559 +problem file-size /src/core/mainloop/connection.c 5560 problem include-count /src/core/mainloop/connection.c 62 -problem function-size /src/core/mainloop/connection.c:connection_free_minimal() 184 +problem function-size /src/core/mainloop/connection.c:connection_free_minimal() 185 problem function-size /src/core/mainloop/connection.c:connection_listener_new() 328 problem function-size /src/core/mainloop/connection.c:connection_handle_listener_read() 161 problem function-size /src/core/mainloop/connection.c:connection_connect_sockaddr() 103 @@ -79,7 +79,6 @@ problem function-size /src/core/or/channeltls.c:channel_tls_process_netinfo_cell problem function-size /src/core/or/channeltls.c:channel_tls_process_certs_cell() 246 problem function-size /src/core/or/channeltls.c:channel_tls_process_authenticate_cell() 202 problem file-size /src/core/or/circuitbuild.c 3061 -problem include-count /src/core/or/circuitbuild.c 53 problem include-count /src/core/or/circuitbuild.c 54 problem function-size /src/core/or/circuitbuild.c:get_unique_circ_id_by_chan() 128 problem function-size /src/core/or/circuitbuild.c:circuit_extend() 147 @@ -246,7 +245,7 @@ problem function-size /src/feature/rend/rendmid.c:rend_mid_establish_intro_legac problem function-size /src/feature/rend/rendparse.c:rend_parse_v2_service_descriptor() 187 problem function-size /src/feature/rend/rendparse.c:rend_decrypt_introduction_points() 104 problem function-size /src/feature/rend/rendparse.c:rend_parse_introduction_points() 131 -problem file-size /src/feature/rend/rendservice.c 4510 +problem file-size /src/feature/rend/rendservice.c 4511 problem function-size /src/feature/rend/rendservice.c:rend_service_prune_list_impl_() 107 problem function-size /src/feature/rend/rendservice.c:rend_config_service() 164 problem function-size /src/feature/rend/rendservice.c:rend_service_load_auth_keys() 178 diff --git a/src/core/crypto/relay_crypto.c b/src/core/crypto/relay_crypto.c index 96b1002cab..74cccd2223 100644 --- a/src/core/crypto/relay_crypto.c +++ b/src/core/crypto/relay_crypto.c @@ -164,7 +164,7 @@ relay_decrypt_cell(circuit_t *circ, cell_t *cell, /* This cell is for us. Keep a record of this cell because we will * use it in the next SENDME cell. */ if (sendme_circuit_cell_is_next(thishop->deliver_window)) { - sendme_circuit_record_inbound_cell(thishop); + cpath_sendme_circuit_record_inbound_cell(thishop); } return 0; } diff --git a/src/core/or/crypt_path.c b/src/core/or/crypt_path.c index e2234cc2a6..a4b7190e21 100644 --- a/src/core/or/crypt_path.c +++ b/src/core/or/crypt_path.c @@ -202,6 +202,24 @@ cpath_set_cell_forward_digest(crypt_path_t *cpath, cell_t *cell) relay_set_digest(cpath->pvt_crypto.f_digest, cell); } +/************ cpath sendme API ***************************/ + +/** Keep the current inbound cell digest for the next SENDME digest. This part + * is only done by the client as the circuit came back from the Exit. */ +void +cpath_sendme_circuit_record_inbound_cell(crypt_path_t *cpath) +{ + tor_assert(cpath); + relay_crypto_record_sendme_digest(&cpath->pvt_crypto); +} + +/** Return the sendme_digest of this cpath. */ +uint8_t * +cpath_get_sendme_digest(crypt_path_t *cpath) +{ + return relay_crypto_get_sendme_digest(&cpath->pvt_crypto); +} + /************ other cpath functions ***************************/ /** Return the first non-open hop in cpath, or return NULL if all diff --git a/src/core/or/crypt_path.h b/src/core/or/crypt_path.h index 19c8571d06..30c14b3dce 100644 --- a/src/core/or/crypt_path.h +++ b/src/core/or/crypt_path.h @@ -32,6 +32,10 @@ cpath_set_cell_forward_digest(crypt_path_t *cpath, cell_t *cell); crypt_path_t *cpath_get_next_non_open_hop(crypt_path_t *cpath); +void cpath_sendme_circuit_record_inbound_cell(crypt_path_t *cpath); + +uint8_t *cpath_get_sendme_digest(crypt_path_t *cpath); + #if defined(TOR_UNIT_TESTS) unsigned int cpath_get_n_hops(crypt_path_t **head_ptr); #endif /* defined(TOR_UNIT_TESTS) */ diff --git a/src/core/or/sendme.c b/src/core/or/sendme.c index 70ff3798ba..46fdc3ca1c 100644 --- a/src/core/or/sendme.c +++ b/src/core/or/sendme.c @@ -15,6 +15,7 @@ #include "core/crypto/relay_crypto.h" #include "core/mainloop/connection.h" #include "core/or/cell_st.h" +#include "core/or/crypt_path.h" #include "core/or/circuitlist.h" #include "core/or/circuituse.h" #include "core/or/or_circuit_st.h" @@ -299,15 +300,6 @@ sendme_circuit_record_outbound_cell(or_circuit_t *or_circ) relay_crypto_record_sendme_digest(&or_circ->crypto); } -/** Keep the current inbound cell digest for the next SENDME digest. This part - * is only done by the client as the circuit came back from the Exit. */ -void -sendme_circuit_record_inbound_cell(crypt_path_t *cpath) -{ - tor_assert(cpath); - relay_crypto_record_sendme_digest(&cpath->crypto); -} - /** Return true iff the next cell for the given cell window is expected to be * a SENDME. * @@ -387,7 +379,7 @@ sendme_circuit_consider_sending(circuit_t *circ, crypt_path_t *layer_hint) log_debug(LD_CIRC,"Queuing circuit sendme."); if (layer_hint) { layer_hint->deliver_window += CIRCWINDOW_INCREMENT; - digest = relay_crypto_get_sendme_digest(&layer_hint->crypto); + digest = cpath_get_sendme_digest(layer_hint); } else { circ->deliver_window += CIRCWINDOW_INCREMENT; digest = relay_crypto_get_sendme_digest(&TO_OR_CIRCUIT(circ)->crypto); diff --git a/src/core/or/sendme.h b/src/core/or/sendme.h index 78273eb9a8..ac18bbdd31 100644 --- a/src/core/or/sendme.h +++ b/src/core/or/sendme.h @@ -36,7 +36,6 @@ int sendme_note_stream_data_packaged(edge_connection_t *conn); /* Track cell digest. */ void sendme_record_cell_digest(circuit_t *circ); -void sendme_circuit_record_inbound_cell(crypt_path_t *cpath); void sendme_circuit_record_outbound_cell(or_circuit_t *or_circ); /* Circuit level information. */ -- cgit v1.2.3-54-g00ecf From e9769d621769c2ee31657b6da25032d86f79b15d Mon Sep 17 00:00:00 2001 From: George Kadianakis Date: Mon, 6 May 2019 17:54:51 +0300 Subject: Hiding crypt_path_t: Add changes file. --- changes/bug30236 | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 changes/bug30236 diff --git a/changes/bug30236 b/changes/bug30236 new file mode 100644 index 0000000000..ceaa98c8f1 --- /dev/null +++ b/changes/bug30236 @@ -0,0 +1,3 @@ + o Code simplification and refactoring: + - Refactor and encapsulate parts of the codebase that manipulate + crypt_path_t objects. Resolves issue 30236. \ No newline at end of file -- cgit v1.2.3-54-g00ecf