Commit 7ace28c9 authored by haxxpop's avatar haxxpop Committed by David Goulet
Browse files

hs-v3: Log client auth load activities service side


Signed-off-by: David Goulet's avatarDavid Goulet <dgoulet@torproject.org>
parent 83c8419e
......@@ -1141,6 +1141,7 @@ parse_authorized_client(const char *client_key_str)
SPLIT_SKIP_SPACE, 0);
/* Wrong number of fields. */
if (smartlist_len(fields) != 3) {
log_warn(LD_REND, "The file is in a wrong format.");
goto err;
}
......@@ -1148,9 +1149,15 @@ parse_authorized_client(const char *client_key_str)
key_type = smartlist_get(fields, 1);
pubkey_b32 = smartlist_get(fields, 2);
/* Currently, the only supported auth type is "descriptor" and the only
* supported key type is "x25519". */
if (strcmp(auth_type, "descriptor") || strcmp(key_type, "x25519")) {
/* Currently, the only supported auth type is "descriptor". */
if (strcmp(auth_type, "descriptor")) {
log_warn(LD_REND, "The auth type '%s' is not supported.", auth_type);
goto err;
}
/* Currently, the only supported key type is "x25519". */
if (strcmp(key_type, "x25519")) {
log_warn(LD_REND, "The key type '%s' is not supported.", key_type);
goto err;
}
......@@ -1168,6 +1175,7 @@ parse_authorized_client(const char *client_key_str)
if (base32_decode((char *) client->client_pk.public_key,
sizeof(client->client_pk.public_key),
pubkey_b32, strlen(pubkey_b32)) < 0) {
log_warn(LD_REND, "The public key cannot be decoded.");
goto err;
}
......@@ -1233,27 +1241,36 @@ load_client_keys(hs_service_t *service)
SMARTLIST_FOREACH_BEGIN(file_list, const char *, filename) {
hs_service_authorized_client_t *client = NULL;
log_info(LD_REND, "Loading a client authorization key file %s...",
filename);
if (client_filename_is_valid(filename)) {
/* Create a full path for a file. */
client_key_file_path = hs_path_from_filename(client_keys_dir_path,
filename);
client_key_str = read_file_to_str(client_key_file_path, 0, NULL);
/* Free immediately after using it. */
tor_free(client_key_file_path);
if (!client_filename_is_valid(filename)) {
log_warn(LD_REND, "The filename is invalid.");
continue;
}
/* If we cannot read the file, continue with the next file. */
if (!client_key_str) {
continue;
}
/* Create a full path for a file. */
client_key_file_path = hs_path_from_filename(client_keys_dir_path,
filename);
client_key_str = read_file_to_str(client_key_file_path, 0, NULL);
/* Free immediately after using it. */
tor_free(client_key_file_path);
/* If we cannot read the file, continue with the next file. */
if (!client_key_str) {
log_warn(LD_REND, "The file cannot be read.");
continue;
}
client = parse_authorized_client(client_key_str);
/* Free immediately after using it. */
tor_free(client_key_str);
client = parse_authorized_client(client_key_str);
/* Wipe and free immediately after using it. */
memwipe(client_key_str, 0, strlen(client_key_str));
tor_free(client_key_str);
if (client) {
smartlist_add(config->clients, client);
}
if (client) {
smartlist_add(config->clients, client);
log_info(LD_REND, "Loaded a client authorization key file %s.",
filename);
}
} SMARTLIST_FOREACH_END(filename);
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment