Extract the non-generic part of tor_tls_context_decref().

2024-09-21 21:44:58 +02:00 · 2018-08-12 17:54:06 -04:00 · 2018-08-12 17:54:06 -04:00 · 108d9879eb
commit 108d9879eb
parent 96f8e19802
4 changed files with 42 additions and 19 deletions
--- a/src/lib/tls/tortls.c
+++ b/src/lib/tls/tortls.c
@ -35,6 +35,25 @@ tor_tls_context_incref(tor_tls_context_t *ctx)
  ++ctx->refcnt;
 }

+/** Remove a reference to <b>ctx</b>, and free it if it has no more
+ * references. */
+void
+tor_tls_context_decref(tor_tls_context_t *ctx)
+{
+  tor_assert(ctx);
+  if (--ctx->refcnt == 0) {
+    tor_tls_context_impl_free(ctx->ctx);
+    tor_x509_cert_free(ctx->my_link_cert);
+    tor_x509_cert_free(ctx->my_id_cert);
+    tor_x509_cert_free(ctx->my_auth_cert);
+    crypto_pk_free(ctx->link_key);
+    crypto_pk_free(ctx->auth_key);
+    /* LCOV_EXCL_BR_START since ctx will never be NULL here */
+    tor_free(ctx);
+    /* LCOV_EXCL_BR_STOP */
+  }
+}
+
 /** Free all global TLS structures. */
 void
 tor_tls_free_all(void)
--- a/src/lib/tls/tortls_internal.h
+++ b/src/lib/tls/tortls_internal.h
@ -28,6 +28,13 @@ int tor_tls_context_init_one(tor_tls_context_t **ppcontext,
                             unsigned int flags,
                             int is_client);

+#ifdef ENABLE_OPENSSL
+void tor_tls_context_impl_free(struct ssl_ctx_st *);
+#else
+struct ssl_ctx_st; // XXXX replace
+void tor_tls_context_impl_free(struct ssl_ctx_st *);
+#endif
+
 #ifdef ENABLE_OPENSSL
 tor_tls_t *tor_tls_get_by_ssl(const struct ssl_st *ssl);
 int tor_tls_client_is_using_v2_ciphers(const struct ssl_st *ssl);
--- a/src/lib/tls/tortls_nss.c
+++ b/src/lib/tls/tortls_nss.c
@ -85,6 +85,13 @@ tor_tls_context_init_one(tor_tls_context_t **ppcontext,
  // XXXX
  return -1;
 }
+void
+tor_tls_context_impl_free(struct ssl_ctx_st *ctx)
+{
+  (void)ctx;
+  // XXXX
+  // XXXX openssl type.
+}

 void
 tor_tls_get_state_description(tor_tls_t *tls, char *buf, size_t sz)
--- a/src/lib/tls/tortls_openssl.c
+++ b/src/lib/tls/tortls_openssl.c
@ -30,6 +30,7 @@
 #include "lib/crypt_ops/crypto_util.h"
 #include "lib/crypt_ops/compat_openssl.h"
 #include "lib/tls/x509.h"
+#include "lib/tls/x509_internal.h"

 /* Some versions of OpenSSL declare SSL_get_selected_srtp_profile twice in
 * srtp.h. Suppress the GCC warning so we can build with -Wredundant-decl. */
@ -488,25 +489,6 @@ static const char CLIENT_CIPHER_LIST[] =
 #undef CIPHER
 #undef XCIPHER

-/** Remove a reference to <b>ctx</b>, and free it if it has no more
- * references. */
-void
-tor_tls_context_decref(tor_tls_context_t *ctx)
-{
-  tor_assert(ctx);
-  if (--ctx->refcnt == 0) {
-    SSL_CTX_free(ctx->ctx);
-    tor_x509_cert_free(ctx->my_link_cert);
-    tor_x509_cert_free(ctx->my_id_cert);
-    tor_x509_cert_free(ctx->my_auth_cert);
-    crypto_pk_free(ctx->link_key);
-    crypto_pk_free(ctx->auth_key);
-    /* LCOV_EXCL_BR_START since ctx will never be NULL here */
-    tor_free(ctx);
-    /* LCOV_EXCL_BR_STOP */
-  }
-}
-
 /** Set *<b>link_cert_out</b> and *<b>id_cert_out</b> to the link certificate
 * and ID certificate that we're currently using for our V3 in-protocol
 * handshake's certificate chain.  If <b>server</b> is true, provide the certs
@ -599,6 +581,14 @@ tor_tls_context_init_one(tor_tls_context_t **ppcontext,
  return ((new_ctx != NULL) ? 0 : -1);
 }

+void
+tor_tls_context_impl_free(struct ssl_ctx_st *ctx)
+{
+  if (!ctx)
+    return;
+  SSL_CTX_free(ctx);
+}
+
 /** The group we should use for ecdhe when none was selected. */
 #define  NID_tor_default_ecdhe_group NID_X9_62_prime256v1