diff options
Diffstat (limited to 'src/common')
| -rw-r--r-- | src/common/compat.c | 6 | ||||
| -rw-r--r-- | src/common/compat.h | 1 | ||||
| -rw-r--r-- | src/common/container.c | 7 | ||||
| -rw-r--r-- | src/common/crypto.c | 5 | ||||
| -rw-r--r-- | src/common/crypto.h | 3 | ||||
| -rw-r--r-- | src/common/tortls.c | 45 | ||||
| -rw-r--r-- | src/common/tortls.h | 32 | ||||
| -rw-r--r-- | src/common/util.h | 2 |
8 files changed, 59 insertions, 42 deletions
diff --git a/src/common/compat.c b/src/common/compat.c index 607f19668..0fc2dc0dd 100644 --- a/src/common/compat.c +++ b/src/common/compat.c @@ -776,6 +776,9 @@ get_uname(void) */ #if defined(USE_PTHREADS) +/** Wraps a an int (*)(void*) function and its argument so we can + * invoke them in a way pthreads would expect. + */ typedef struct tor_pthread_data_t { int (*func)(void *); void *data; @@ -961,6 +964,7 @@ tor_gmtime_r(const time_t *timep, struct tm *result) #endif #ifdef USE_WIN32_THREADS +/** A generic lock structure for multithreaded builds. */ struct tor_mutex_t { HANDLE handle; }; @@ -1010,6 +1014,7 @@ tor_get_thread_id(void) return (unsigned long)GetCurrentThreadId(); } #elif defined(USE_PTHREADS) +/** A generic lock structure for multithreaded builds. */ struct tor_mutex_t { pthread_mutex_t mutex; }; @@ -1050,6 +1055,7 @@ tor_get_thread_id(void) return r.id; } #else +/** A generic lock structure for multithreaded builds. */ struct tor_mutex_t { int _unused; }; diff --git a/src/common/compat.h b/src/common/compat.h index 6bccf98c1..4e8d4b180 100644 --- a/src/common/compat.h +++ b/src/common/compat.h @@ -236,6 +236,7 @@ void spawn_exit(void); /* Because we use threads instead of processes on Windows, we need locking on * Windows. On Unixy platforms, these functions are no-ops. */ + typedef struct tor_mutex_t tor_mutex_t; #ifdef TOR_IS_MULTITHREADED tor_mutex_t *tor_mutex_new(void); diff --git a/src/common/container.c b/src/common/container.c index 88f0ca433..e681a5df1 100644 --- a/src/common/container.c +++ b/src/common/container.c @@ -29,8 +29,9 @@ const char container_c_id[] = "$Id$"; #define SMARTLIST_DEFAULT_CAPACITY 32 #ifndef FAST_SMARTLIST +/** A resizeable list of pointers, with associated helpful functionality. */ struct smartlist_t { - /** <b>list</b> has enough capacity to store exactly <b>capacity</b> elements + /* <b>list</b> has enough capacity to store exactly <b>capacity</b> elements * before it needs to be resized. Only the first <b>num_used</b> (\<= * capacity) elements point to valid data. */ @@ -484,14 +485,14 @@ smartlist_sort_strings(smartlist_t *sl) smartlist_sort(sl, _compare_string_ptrs); } -/** Splay-tree implementation of string-to-void* map - */ +/** A node in a strmap_t string-to-void* map. */ typedef struct strmap_entry_t { SPLAY_ENTRY(strmap_entry_t) node; char *key; void *val; } strmap_entry_t; +/** Splay-tree implementation of string-to-void* map */ struct strmap_t { SPLAY_HEAD(strmap_tree, strmap_entry_t) head; }; diff --git a/src/common/crypto.c b/src/common/crypto.c index 168abeb72..120d0c1ca 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -91,18 +91,22 @@ static tor_mutex_t **_openssl_mutexes = NULL; static int _n_openssl_mutexes = -1; #endif +/** A public key, or a public/private keypair. */ struct crypto_pk_env_t { int refs; /* reference counting so we don't have to copy keys */ RSA *key; }; +/** Key and stream information for a stream cipher. */ struct crypto_cipher_env_t { char key[CIPHER_KEY_LEN]; aes_cnt_cipher_t *cipher; }; +/** A structure to hold the first half (x, g^x) of a Diffie-Hellman handshake + * while we're waiting for the second.*/ struct crypto_dh_env_t { DH *dh; }; @@ -1220,6 +1224,7 @@ crypto_digest(char *digest, const char *m, size_t len) return (SHA1((const unsigned char*)m,len,(unsigned char*)digest) == NULL); } +/** Intermediate information about the digest of a stream of data. */ struct crypto_digest_env_t { SHA_CTX d; }; diff --git a/src/common/crypto.h b/src/common/crypto.h index ce01fee10..f7a3fa697 100644 --- a/src/common/crypto.h +++ b/src/common/crypto.h @@ -24,7 +24,8 @@ /** Length of our DH keys. */ #define DH_BYTES (1024/8) -/* DOCDOC */ +/** Length of a message digest when encoded in base64 with trailing = signs + * removed. */ #define BASE64_DIGEST_LEN 27 /** Constants used to indicate no padding for public-key encryption */ diff --git a/src/common/tortls.c b/src/common/tortls.c index 84bcf5a5a..f647053ee 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -35,15 +35,16 @@ const char tortls_c_id[] = "$Id$"; /** How long do identity certificates live? (sec) */ #define IDENTITY_CERT_LIFETIME (365*24*60*60) -typedef struct tor_tls_context_st { +/* DOCDOC */ +typedef struct tor_tls_context_t { SSL_CTX *ctx; SSL_CTX *client_only_ctx; -} tor_tls_context; +} tor_tls_context_t; /** Holds a SSL object and its associated data. Members are only * accessed from within tortls.c. */ -struct tor_tls_st { +struct tor_tls_t { SSL *ssl; /**< An OpenSSL SSL object. */ int socket; /**< The underlying file descriptor for this TLS connection. */ enum { @@ -63,7 +64,7 @@ static X509* tor_tls_create_certificate(crypto_pk_env_t *rsa, /** Global tls context. We keep it here because nobody else needs to * touch it. */ -static tor_tls_context *global_tls_context = NULL; +static tor_tls_context_t *global_tls_context = NULL; /** True iff tor_tls_init() has been called. */ static int tls_library_is_initialized = 0; @@ -111,7 +112,7 @@ tls_log_errors(int severity, const char *doing) * current action as <b>doing</b>. */ static int -tor_tls_get_error(tor_tls *tls, int r, int extra, +tor_tls_get_error(tor_tls_t *tls, int r, int extra, const char *doing, int severity) { int err = SSL_get_error(tls->ssl, r); @@ -308,7 +309,7 @@ tor_tls_context_new(crypto_pk_env_t *identity, crypto_pk_env_t *rsa = NULL; crypto_dh_env_t *dh = NULL; EVP_PKEY *pkey = NULL; - tor_tls_context *result = NULL; + tor_tls_context_t *result = NULL; X509 *cert = NULL, *idcert = NULL; char nn2[128]; int client_only; @@ -337,7 +338,7 @@ tor_tls_context_new(crypto_pk_env_t *identity, } } - result = tor_malloc(sizeof(tor_tls_context)); + result = tor_malloc(sizeof(tor_tls_context_t)); result->ctx = result->client_only_ctx = NULL; for (client_only=0; client_only <= 1; ++client_only) { ctx = client_only ? &result->client_only_ctx : &result->ctx; @@ -419,10 +420,10 @@ tor_tls_context_new(crypto_pk_env_t *identity, /** Create a new TLS object from a file descriptor, and a flag to * determine whether it is functioning as a server. */ -tor_tls * +tor_tls_t * tor_tls_new(int sock, int isServer, int use_no_cert) { - tor_tls *result = tor_malloc(sizeof(tor_tls)); + tor_tls_t *result = tor_malloc(sizeof(tor_tls_t)); SSL_CTX *ctx; tor_assert(global_tls_context); /* make sure somebody made it first */ ctx = use_no_cert ? global_tls_context->client_only_ctx @@ -445,7 +446,7 @@ tor_tls_new(int sock, int isServer, int use_no_cert) /** Return whether this tls initiated the connect (client) or * received it (server). */ int -tor_tls_is_server(tor_tls *tls) +tor_tls_is_server(tor_tls_t *tls) { tor_assert(tls); return tls->isServer; @@ -455,7 +456,7 @@ tor_tls_is_server(tor_tls *tls) * underlying file descriptor. */ void -tor_tls_free(tor_tls *tls) +tor_tls_free(tor_tls_t *tls) { tor_assert(tls && tls->ssl); SSL_free(tls->ssl); @@ -469,7 +470,7 @@ tor_tls_free(tor_tls *tls) * TOR_TLS_CLOSE, TOR_TLS_WANTREAD, or TOR_TLS_WANTWRITE. */ int -tor_tls_read(tor_tls *tls, char *cp, size_t len) +tor_tls_read(tor_tls_t *tls, char *cp, size_t len) { int r, err; tor_assert(tls); @@ -496,7 +497,7 @@ tor_tls_read(tor_tls *tls, char *cp, size_t len) * TOR_TLS_WANTREAD, or TOR_TLS_WANTWRITE. */ int -tor_tls_write(tor_tls *tls, char *cp, size_t n) +tor_tls_write(tor_tls_t *tls, char *cp, size_t n) { int r, err; tor_assert(tls); @@ -528,7 +529,7 @@ tor_tls_write(tor_tls *tls, char *cp, size_t n) * or TOR_TLS_WANTWRITE. */ int -tor_tls_handshake(tor_tls *tls) +tor_tls_handshake(tor_tls_t *tls) { int r; tor_assert(tls); @@ -556,7 +557,7 @@ tor_tls_handshake(tor_tls *tls) * or TOR_TLS_WANTWRITE. */ int -tor_tls_shutdown(tor_tls *tls) +tor_tls_shutdown(tor_tls_t *tls) { int r, err; char buf[128]; @@ -616,7 +617,7 @@ tor_tls_shutdown(tor_tls *tls) /** Return true iff this TLS connection is authenticated. */ int -tor_tls_peer_has_cert(tor_tls *tls) +tor_tls_peer_has_cert(tor_tls_t *tls) { X509 *cert; cert = SSL_get_peer_certificate(tls->ssl); @@ -633,7 +634,7 @@ tor_tls_peer_has_cert(tor_tls *tls) * NUL-terminate. Return 0 on success, -1 on failure. */ int -tor_tls_get_peer_cert_nickname(tor_tls *tls, char *buf, size_t buflen) +tor_tls_get_peer_cert_nickname(tor_tls_t *tls, char *buf, size_t buflen) { X509 *cert = NULL; X509_NAME *name = NULL; @@ -726,7 +727,7 @@ log_cert_lifetime(X509 *cert, const char *problem) * 0. Else, return -1. */ int -tor_tls_verify(tor_tls *tls, crypto_pk_env_t **identity_key) +tor_tls_verify(tor_tls_t *tls, crypto_pk_env_t **identity_key) { X509 *cert = NULL, *id_cert = NULL; STACK_OF(X509) *chain = NULL; @@ -795,7 +796,7 @@ tor_tls_verify(tor_tls *tls, crypto_pk_env_t **identity_key) * NOTE: you should call tor_tls_verify before tor_tls_check_lifetime. */ int -tor_tls_check_lifetime(tor_tls *tls, int tolerance) +tor_tls_check_lifetime(tor_tls_t *tls, int tolerance) { time_t now, t; X509 *cert; @@ -830,7 +831,7 @@ tor_tls_check_lifetime(tor_tls *tls, int tolerance) /** Return the number of bytes available for reading from <b>tls</b>. */ int -tor_tls_get_pending_bytes(tor_tls *tls) +tor_tls_get_pending_bytes(tor_tls_t *tls) { tor_assert(tls); #if OPENSSL_VERSION_NUMBER < 0x0090700fl @@ -845,14 +846,14 @@ tor_tls_get_pending_bytes(tor_tls *tls) /** Return the number of bytes read across the underlying socket. */ unsigned long -tor_tls_get_n_bytes_read(tor_tls *tls) +tor_tls_get_n_bytes_read(tor_tls_t *tls) { tor_assert(tls); return BIO_number_read(SSL_get_rbio(tls->ssl)); } /** Return the number of bytes written across the underlying socket. */ unsigned long -tor_tls_get_n_bytes_written(tor_tls *tls) +tor_tls_get_n_bytes_written(tor_tls_t *tls) { tor_assert(tls); return BIO_number_written(SSL_get_wbio(tls->ssl)); diff --git a/src/common/tortls.h b/src/common/tortls.h index 4d8aba264..d5cf49387 100644 --- a/src/common/tortls.h +++ b/src/common/tortls.h @@ -16,7 +16,7 @@ #include "../common/compat.h" /* Opaque structure to hold a TLS connection. */ -typedef struct tor_tls_st tor_tls; +typedef struct tor_tls_t tor_tls_t; /* Possible return values for most tor_tls_* functions. */ #define TOR_TLS_ERROR -4 @@ -28,21 +28,21 @@ typedef struct tor_tls_st tor_tls; void tor_tls_free_all(void); int tor_tls_context_new(crypto_pk_env_t *rsa, int isServer, const char *nickname, unsigned int key_lifetime); -tor_tls *tor_tls_new(int sock, int is_server, int use_no_cert); -int tor_tls_is_server(tor_tls *tls); -void tor_tls_free(tor_tls *tls); -int tor_tls_peer_has_cert(tor_tls *tls); -int tor_tls_get_peer_cert_nickname(tor_tls *tls, char *buf, size_t buflen); -int tor_tls_verify(tor_tls *tls, crypto_pk_env_t **identity); -int tor_tls_check_lifetime(tor_tls *tls, int tolerance); -int tor_tls_read(tor_tls *tls, char *cp, size_t len); -int tor_tls_write(tor_tls *tls, char *cp, size_t n); -int tor_tls_handshake(tor_tls *tls); -int tor_tls_shutdown(tor_tls *tls); -int tor_tls_get_pending_bytes(tor_tls *tls); - -unsigned long tor_tls_get_n_bytes_read(tor_tls *tls); -unsigned long tor_tls_get_n_bytes_written(tor_tls *tls); +tor_tls_t *tor_tls_new(int sock, int is_server, int use_no_cert); +int tor_tls_is_server(tor_tls_t *tls); +void tor_tls_free(tor_tls_t *tls); +int tor_tls_peer_has_cert(tor_tls_t *tls); +int tor_tls_get_peer_cert_nickname(tor_tls_t *tls, char *buf, size_t buflen); +int tor_tls_verify(tor_tls_t *tls, crypto_pk_env_t **identity); +int tor_tls_check_lifetime(tor_tls_t *tls, int tolerance); +int tor_tls_read(tor_tls_t *tls, char *cp, size_t len); +int tor_tls_write(tor_tls_t *tls, char *cp, size_t n); +int tor_tls_handshake(tor_tls_t *tls); +int tor_tls_shutdown(tor_tls_t *tls); +int tor_tls_get_pending_bytes(tor_tls_t *tls); + +unsigned long tor_tls_get_n_bytes_read(tor_tls_t *tls); +unsigned long tor_tls_get_n_bytes_written(tor_tls_t *tls); /* Log and abort if there are unhandled TLS errors in OpenSSL's error stack. */ diff --git a/src/common/util.h b/src/common/util.h index 786a3eee9..b506651a6 100644 --- a/src/common/util.h +++ b/src/common/util.h @@ -140,6 +140,8 @@ int check_private_dir(const char *dirname, cpd_check_t check); int write_str_to_file(const char *fname, const char *str, int bin); int write_bytes_to_file(const char *fname, const char *str, size_t len, int bin); +/** An ad-hoc type to hold a string of characters and a count; used by + * write_chunks_to_file. */ typedef struct sized_chunk_t { const char *bytes; size_t len; |