Resolve some XXXs

svn:r1889
This commit is contained in:
Nick Mathewson 2004-05-18 15:35:21 +00:00
parent 9da1714676
commit 7511fbf993
11 changed files with 73 additions and 65 deletions

View File

@ -375,7 +375,10 @@ tor_tls_context_new(crypto_pk_env_t *identity,
SSL_CTX_free(result->ctx);
if (result)
free(result);
/* leak certs XXXX ? */
if (cert)
X509_free(cert);
if (idcert)
X509_free(cert);
return -1;
}
@ -641,7 +644,8 @@ tor_tls_verify(tor_tls *tls, crypto_pk_env_t *identity_key)
if (id_pkey)
EVP_PKEY_free(id_pkey);
/* XXXX This should never get invoked, but let's make sure for now. */
/* This should never get invoked, but let's make sure in case OpenSSL
* acts unexpectedly. */
tls_log_errors(LOG_WARN, "finishing tor_tls_verify");
return r;

View File

@ -1323,7 +1323,28 @@ write_str_to_file(const char *fname, const char *str)
return -1;
}
fclose(file);
/* XXXX This won't work on windows: you can't use rename to replace a file.*/
#ifdef MS_WINDOWS
/* On Windows, rename doesn't replace. We could call ReplaceFile, but
* that's hard, and we can probably sneak by without atomicity. */
switch (file_status(fname)) {
case FN_ERROR:
log(LOG_WARN, "Error replacing %s: %s", fname, strerror(errno));
return -1;
case FN_DIR:
log(LOG_WARN, "Error replacing %s: is directory", fname);
return -1;
case FN_FILE:
if (unlink(fname)) {
log(LOG_WARN, "Error replacing %s while removing old copy: %s",
fname, strerror(errno));
return -1;
}
break;
case FN_NOENT:
;
}
#endif
if (rename(tempname, fname)) {
log(LOG_WARN, "Error replacing %s: %s", fname, strerror(errno));
return -1;

View File

@ -77,10 +77,12 @@
#define tor_close_socket(s) close(s)
#endif
/* XXXX This isn't so on windows. */
/** Legal characters in a filename */
#define CONFIG_LEGAL_FILENAME_CHARACTERS "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_/"
#ifdef MS_WINDOWS
#define CONFIG_LEGAL_FILENAME_CHARACTERS "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_/\\ "
#else
#define CONFIG_LEGAL_FILENAME_CHARACTERS "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_/ "
#endif
size_t strlcat(char *dst, const char *src, size_t siz);
size_t strlcpy(char *dst, const char *src, size_t siz);

View File

@ -91,29 +91,13 @@ static INLINE void buf_remove_from_front(buf_t *buf, size_t n) {
buf_shrink_if_underfull(buf);
}
/** Find the first instance of the str_len byte string <b>str</b> on the
* buf_len byte string <b>bufstr</b>. Strings are not necessary
* NUL-terminated. If none exists, return -1. Otherwise, return index
* of the first character in bufstr _after_ the first instance of str.
*/
/* XXXX The way this function is used, we could always get away with
* XXXX assuming that str is NUL terminated, and use strstr instead. */
static int find_mem_in_mem(const char *str, int str_len,
const char *bufstr, int buf_len)
/** Make sure that the memory in buf ends with a zero byte. */
static INLINE int buf_nul_terminate(buf_t *buf)
{
const char *location;
const char *last_possible = bufstr + buf_len - str_len;
tor_assert(str && str_len > 0 && bufstr);
if(buf_len < str_len)
if (buf_ensure_capacity(buf,buf->len+1)<0)
return -1;
for(location = bufstr; location <= last_possible; location++)
if((*location == *str) && !memcmp(location+1, str+1, str_len-1))
return location-bufstr+str_len;
return -1;
buf->mem[buf->len] = '\0';
return 0;
}
/** Create and return a new buf with capacity <b>size</b>.
@ -366,19 +350,22 @@ int fetch_from_buf(char *string, size_t string_len, buf_t *buf) {
int fetch_from_buf_http(buf_t *buf,
char **headers_out, int max_headerlen,
char **body_out, int *body_used, int max_bodylen) {
char *headers, *body;
int i;
char *headers, *body, *p;
int headerlen, bodylen, contentlen;
assert_buf_ok(buf);
headers = buf->mem;
i = find_mem_in_mem("\r\n\r\n", 4, buf->mem, buf->datalen);
if(i < 0) {
if (buf_nul_terminate(buf)<0) {
log_fn(LOG_WARN,"Couldn't nul-terminate buffer");
return -1;
}
body = strstr(headers,"\r\n\r\n");
if (!body) {
log_fn(LOG_DEBUG,"headers not all here yet.");
return 0;
}
body = buf->mem+i;
body += 4; /* Skip the the CRLFCRLF */
headerlen = body-headers; /* includes the CRLFCRLF */
bodylen = buf->datalen - headerlen;
log_fn(LOG_DEBUG,"headerlen %d, bodylen %d.", headerlen, bodylen);
@ -393,10 +380,9 @@ int fetch_from_buf_http(buf_t *buf,
}
#define CONTENT_LENGTH "\r\nContent-Length: "
i = find_mem_in_mem(CONTENT_LENGTH, strlen(CONTENT_LENGTH),
headers, headerlen);
if(i > 0) {
contentlen = atoi(headers+i);
p = strstr(headers, CONTENT_LENGTH);
if (p) {
contentlen = atoi(p+strlen(CONTENT_LENGTH));
/* if content-length is malformed, then our body length is 0. fine. */
log_fn(LOG_DEBUG,"Got a contentlen of %d.",contentlen);
if(bodylen < contentlen) {

View File

@ -419,25 +419,23 @@ void assert_cpath_layer_ok(const crypt_path_t *cp)
* correct. Trigger an assert if anything is invalid.
*/
static void
assert_cpath_ok(const crypt_path_t *cp)
assert_cpath_ok(const crypt_path_t *cp)
{
while(cp->prev)
cp = cp->prev;
//XXX this is broken. cp is a doubly linked list.
const crypt_path_t *start = cp;
while(cp->next) {
do {
assert_cpath_layer_ok(cp);
/* layers must be in sequence of: "open* awaiting? closed*" */
if (cp->prev) {
if (cp->prev->state == CPATH_STATE_OPEN) {
tor_assert(cp->state == CPATH_STATE_CLOSED ||
cp->state == CPATH_STATE_AWAITING_KEYS);
} else {
tor_assert(cp->state == CPATH_STATE_CLOSED);
if (cp != start) {
if (cp->state == CPATH_STATE_AWAITING_KEYS) {
tor_assert(cp->prev->state == CPATH_STATE_OPEN);
} else if (cp->state == CPATH_STATE_OPEN) {
tor_assert(cp->prev->state == CPATH_STATE_OPEN);
}
}
cp = cp->next;
}
tor_assert(cp);
} while (cp != start);
}
/** Verify that circuit <b>c</b> has all of its invariants
@ -479,8 +477,7 @@ void assert_circuit_ok(const circuit_t *c)
}
}
if (c->cpath) {
// assert_cpath_ok(c->cpath);
// XXX the above call causes an infinite loop.
assert_cpath_ok(c->cpath);
}
if (c->purpose == CIRCUIT_PURPOSE_REND_ESTABLISHED) {
if (!c->marked_for_close) {

View File

@ -331,9 +331,12 @@ dirserv_add_descriptor(const char **desc)
free_descriptor_entry(*desc_ent_ptr);
} else {
/* Add this at the end. */
log_fn(LOG_INFO,"Dirserv adding desc for nickname %s",ri->nickname);
desc_ent_ptr = &descriptor_list[n_descriptors++];
/* XXX check if n_descriptors is too big */
if (n_descriptors >= MAX_ROUTERS_IN_DIR) {
log_fn(LOG_WARN,"Too many descriptors in directory; can't add another.");
} else {
log_fn(LOG_INFO,"Dirserv adding desc for nickname %s",ri->nickname);
desc_ent_ptr = &descriptor_list[n_descriptors++];
}
}
(*desc_ent_ptr) = tor_malloc(sizeof(descriptor_entry_t));

View File

@ -215,8 +215,6 @@ static void conn_read(int i) {
connection_handle_read(conn) < 0) {
if (!conn->marked_for_close) {
/* this connection is broken. remove it */
/* XXX This shouldn't ever happen anymore. */
/* XXX but it'll clearly happen on MS_WINDOWS from POLLERR, right? */
log_fn(LOG_ERR,"Unhandled error on read for %s connection (fd %d); removing",
CONN_TYPE_TO_STRING(conn->type), conn->s);
connection_mark_for_close(conn);
@ -289,7 +287,6 @@ static void conn_close_if_marked(int i) {
if(connection_speaks_cells(conn)) {
if(conn->state == OR_CONN_STATE_OPEN) {
retval = flush_buf_tls(conn->tls, conn->outbuf, &conn->outbuf_flushlen);
/* XXX actually, some non-zero results are maybe ok. which ones? */
} else
retval = -1; /* never flush non-open broken tls connections */
} else {

View File

@ -44,7 +44,7 @@ rend_encode_service_descriptor(rend_service_descriptor_t *desc,
char *buf, *cp, *ipoint;
int i, keylen, asn1len;
keylen = crypto_pk_keysize(desc->pk);
buf = tor_malloc(keylen*2); /* XXXX */
buf = tor_malloc(keylen*2); /* Too long, but that's okay. */
asn1len = crypto_pk_asn1_encode(desc->pk, buf, keylen*2);
if (asn1len<0) {
tor_free(buf);

View File

@ -482,7 +482,7 @@ rend_service_relaunch_rendezvous(circuit_t *oldcirc)
circuit_t *newcirc;
cpath_build_state_t *newstate, *oldstate;
/* XXXX assert type and build_state */
tor_assert(oldcirc->purpose == CIRCUIT_PURPOSE_S_CONNECT_REND);
if (!oldcirc->build_state ||
oldcirc->build_state->failure_count > MAX_REND_FAILURES) {

View File

@ -154,10 +154,9 @@ void rep_hist_note_connection_died(const char* nickname, time_t when)
{
or_history_t *hist;
if(!nickname) {
/* XXX
* If conn has no nickname, it's either an OP, or it is an OR
/* If conn has no nickname, it's either an OP, or it is an OR
* which didn't complete its handshake (or did and was unapproved).
* Ignore it. Is there anything better we could do?
* Ignore it.
*/
return;
}

View File

@ -8,10 +8,9 @@
* \brief Code to parse and validate router descriptors and directories.
**/
#define _GNU_SOURCE
/* XXX this is required on rh7 to make strptime not complain. how bad
* is this for portability?
/* This is required on rh7 to make strptime not complain.
*/
#define _GNU_SOURCE
#include "or.h"
@ -32,7 +31,7 @@ typedef enum {
K_SIGNED_DIRECTORY,
K_SIGNING_KEY,
K_ONION_KEY,
K_LINK_KEY, /* XXXX obsolete */
K_LINK_KEY, /* XXXX obsolete; remove in June. */
K_ROUTER_SIGNATURE,
K_PUBLISHED,
K_RUNNING_ROUTERS,