[tor-commits] [tor/master] Move rend client name checks to one function

nickm at torproject.org nickm at torproject.org
Mon May 9 18:41:48 UTC 2016


commit 162aa14eef69bc97233d6b2c47bc1317e30f9364
Author: John Brooks <john.brooks at dereferenced.net>
Date:   Fri Feb 19 16:32:25 2016 -0700

    Move rend client name checks to one function
---
 src/or/rendcommon.c  | 16 ++++++++++++++++
 src/or/rendcommon.h  |  1 +
 src/or/rendservice.c | 18 ++++--------------
 src/or/routerparse.c |  9 +++------
 4 files changed, 24 insertions(+), 20 deletions(-)

diff --git a/src/or/rendcommon.c b/src/or/rendcommon.c
index a9fdf84..dfa6c1e 100644
--- a/src/or/rendcommon.c
+++ b/src/or/rendcommon.c
@@ -750,6 +750,22 @@ rend_valid_descriptor_id(const char *query)
   return 0;
 }
 
+/** Return true iff <b>client_name</b> is a syntactically valid name
+ * for rendezvous client authentication. */
+int
+rend_valid_client_name(const char *client_name)
+{
+  size_t len = strlen(client_name);
+  if (len < 1 || len > REND_CLIENTNAME_MAX_LEN) {
+    return 0;
+  }
+  if (strspn(client_name, REND_LEGAL_CLIENTNAME_CHARACTERS) != len) {
+    return 0;
+  }
+
+  return 1;
+}
+
 /** Called when we get a rendezvous-related relay cell on circuit
  * <b>circ</b>.  Dispatch on rendezvous relay command. */
 void
diff --git a/src/or/rendcommon.h b/src/or/rendcommon.h
index 983cd73..f0a740b 100644
--- a/src/or/rendcommon.h
+++ b/src/or/rendcommon.h
@@ -45,6 +45,7 @@ void rend_intro_point_free(rend_intro_point_t *intro);
 
 int rend_valid_service_id(const char *query);
 int rend_valid_descriptor_id(const char *query);
+int rend_valid_client_name(const char *client_name);
 int rend_encode_v2_descriptors(smartlist_t *descs_out,
                                rend_service_descriptor_t *desc, time_t now,
                                uint8_t period, rend_auth_type_t auth_type,
diff --git a/src/or/rendservice.c b/src/or/rendservice.c
index 5b93209..030c836 100644
--- a/src/or/rendservice.c
+++ b/src/or/rendservice.c
@@ -672,27 +672,17 @@ rend_config_services(const or_options_t *options, int validate_only)
       SMARTLIST_FOREACH_BEGIN(clients, const char *, client_name)
       {
         rend_authorized_client_t *client;
-        size_t len = strlen(client_name);
-        if (len < 1 || len > REND_CLIENTNAME_MAX_LEN) {
+        if (!rend_valid_client_name(client_name)) {
           log_warn(LD_CONFIG, "HiddenServiceAuthorizeClient contains an "
-                              "illegal client name: '%s'. Length must be "
-                              "between 1 and %d characters.",
+                              "illegal client name: '%s'. Names must be "
+                              "between 1 and %d characters and contain "
+                              "only [A-Za-z0-9+_-].",
                    client_name, REND_CLIENTNAME_MAX_LEN);
           SMARTLIST_FOREACH(clients, char *, cp, tor_free(cp));
           smartlist_free(clients);
           rend_service_free(service);
           return -1;
         }
-        if (strspn(client_name, REND_LEGAL_CLIENTNAME_CHARACTERS) != len) {
-          log_warn(LD_CONFIG, "HiddenServiceAuthorizeClient contains an "
-                              "illegal client name: '%s'. Valid "
-                              "characters are [A-Za-z0-9+_-].",
-                   client_name);
-          SMARTLIST_FOREACH(clients, char *, cp, tor_free(cp));
-          smartlist_free(clients);
-          rend_service_free(service);
-          return -1;
-        }
         client = tor_malloc_zero(sizeof(rend_authorized_client_t));
         client->client_name = tor_strdup(client_name);
         smartlist_add(service->clients, client);
diff --git a/src/or/routerparse.c b/src/or/routerparse.c
index 35f76cd..b1ac3df 100644
--- a/src/or/routerparse.c
+++ b/src/or/routerparse.c
@@ -5300,7 +5300,6 @@ rend_parse_client_keys(strmap_t *parsed_clients, const char *ckstr)
   current_entry = eat_whitespace(ckstr);
   while (!strcmpstart(current_entry, "client-name ")) {
     rend_authorized_client_t *parsed_entry;
-    size_t len;
     /* Determine end of string. */
     const char *eos = strstr(current_entry, "\nclient-name ");
     if (!eos)
@@ -5329,12 +5328,10 @@ rend_parse_client_keys(strmap_t *parsed_clients, const char *ckstr)
     tor_assert(tok == smartlist_get(tokens, 0));
     tor_assert(tok->n_args == 1);
 
-    len = strlen(tok->args[0]);
-    if (len < 1 || len > 19 ||
-      strspn(tok->args[0], REND_LEGAL_CLIENTNAME_CHARACTERS) != len) {
+    if (!rend_valid_client_name(tok->args[0])) {
       log_warn(LD_CONFIG, "Illegal client name: %s. (Length must be "
-               "between 1 and 19, and valid characters are "
-               "[A-Za-z0-9+-_].)", tok->args[0]);
+               "between 1 and %d, and valid characters are "
+               "[A-Za-z0-9+-_].)", tok->args[0], REND_CLIENTNAME_MAX_LEN);
       goto err;
     }
     /* Check if client name is duplicate. */





More information about the tor-commits mailing list