Skip to content
GitLab
Menu
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
The Tor Project
Core
Tor
Commits
8e57986e
Commit
8e57986e
authored
Aug 30, 2018
by
David Goulet
Browse files
hs-v3: Improve v3 client authorization logging
Part of
#20700
. Signed-off-by:
David Goulet
<
dgoulet@torproject.org
>
parent
5b2871d2
Changes
2
Hide whitespace changes
Inline
Side-by-side
src/feature/hs/hs_client.c
View file @
8e57986e
...
...
@@ -1571,7 +1571,9 @@ hs_config_client_authorization(const or_options_t *options,
filename
);
if
(
!
auth_key_filename_is_valid
(
filename
))
{
log_warn
(
LD_REND
,
"The filename is invalid."
);
log_notice
(
LD_REND
,
"Client authorization unrecognized filename %s. "
"File must end in .auth_private. Ignoring."
,
filename
);
continue
;
}
...
...
@@ -1583,7 +1585,7 @@ hs_config_client_authorization(const or_options_t *options,
/* If we cannot read the file, continue with the next file. */
if
(
!
client_key_str
)
{
log_warn
(
LD_REND
,
"The file cannot be read."
);
log_warn
(
LD_REND
,
"The file
%s
cannot be read."
,
filename
);
continue
;
}
...
...
@@ -1597,15 +1599,16 @@ hs_config_client_authorization(const or_options_t *options,
if
(
hs_parse_address
(
auth
->
onion_address
,
&
identity_pk
,
NULL
,
NULL
)
<
0
)
{
client_service_authorization_free
(
auth
);
log_warn
(
LD_REND
,
"The onion address is invalid."
);
log_warn
(
LD_REND
,
"The onion address
\"
%s
\"
is invalid in "
"file %s"
,
filename
,
auth
->
onion_address
);
continue
;
}
if
(
digest256map_get
(
auths
,
identity_pk
.
pubkey
))
{
client_service_authorization_free
(
auth
);
log_warn
(
LD_REND
,
"Duplicate authorization for the same hidden "
"service."
);
"service address %s."
,
safe_str_client
(
auth
->
onion_address
));
goto
end
;
}
...
...
@@ -1613,7 +1616,6 @@ hs_config_client_authorization(const or_options_t *options,
log_info
(
LD_REND
,
"Loaded a client authorization key file %s."
,
filename
);
}
}
SMARTLIST_FOREACH_END
(
filename
);
/* Success. */
...
...
src/feature/hs/hs_service.c
View file @
8e57986e
...
...
@@ -1141,7 +1141,7 @@ parse_authorized_client(const char *client_key_str)
SPLIT_SKIP_SPACE
,
0
);
/* Wrong number of fields. */
if
(
smartlist_len
(
fields
)
!=
3
)
{
log_warn
(
LD_REND
,
"
The file is in a wr
on
g
f
ormat
."
);
log_warn
(
LD_REND
,
"
Unknown format of client authorizati
on f
ile
."
);
goto
err
;
}
...
...
@@ -1151,13 +1151,15 @@ parse_authorized_client(const char *client_key_str)
/* Currently, the only supported auth type is "descriptor". */
if
(
strcmp
(
auth_type
,
"descriptor"
))
{
log_warn
(
LD_REND
,
"The auth type '%s' is not supported."
,
auth_type
);
log_warn
(
LD_REND
,
"Client authorization auth type '%s' not supported."
,
auth_type
);
goto
err
;
}
/* Currently, the only supported key type is "x25519". */
if
(
strcmp
(
key_type
,
"x25519"
))
{
log_warn
(
LD_REND
,
"The key type '%s' is not supported."
,
key_type
);
log_warn
(
LD_REND
,
"Client authorization key type '%s' not supported."
,
key_type
);
goto
err
;
}
...
...
@@ -1175,7 +1177,8 @@ parse_authorized_client(const char *client_key_str)
if
(
base32_decode
((
char
*
)
client
->
client_pk
.
public_key
,
sizeof
(
client
->
client_pk
.
public_key
),
pubkey_b32
,
strlen
(
pubkey_b32
))
<
0
)
{
log_warn
(
LD_REND
,
"The public key cannot be decoded."
);
log_warn
(
LD_REND
,
"Client authorization public key cannot be decoded: %s"
,
pubkey_b32
);
goto
err
;
}
...
...
@@ -1245,7 +1248,8 @@ load_client_keys(hs_service_t *service)
filename
);
if
(
!
client_filename_is_valid
(
filename
))
{
log_warn
(
LD_REND
,
"The filename is invalid."
);
log_warn
(
LD_REND
,
"Client authorization unrecognized filename %s. "
"File must end in .auth. Ignoring."
,
filename
);
continue
;
}
...
...
@@ -1258,7 +1262,9 @@ load_client_keys(hs_service_t *service)
/* If we cannot read the file, continue with the next file. */
if
(
!
client_key_str
)
{
log_warn
(
LD_REND
,
"The file cannot be read."
);
log_warn
(
LD_REND
,
"Client authorization file %s can't be read. "
"Corrupted or verify permission? Ignoring."
,
client_key_file_path
);
continue
;
}
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment