mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-30 23:53:32 +01:00
hs-v3: Log client auth load activities service side
Signed-off-by: David Goulet <dgoulet@torproject.org>
This commit is contained in:
parent
83c8419e73
commit
7ace28c952
@ -1141,6 +1141,7 @@ parse_authorized_client(const char *client_key_str)
|
||||
SPLIT_SKIP_SPACE, 0);
|
||||
/* Wrong number of fields. */
|
||||
if (smartlist_len(fields) != 3) {
|
||||
log_warn(LD_REND, "The file is in a wrong format.");
|
||||
goto err;
|
||||
}
|
||||
|
||||
@ -1148,9 +1149,15 @@ parse_authorized_client(const char *client_key_str)
|
||||
key_type = smartlist_get(fields, 1);
|
||||
pubkey_b32 = smartlist_get(fields, 2);
|
||||
|
||||
/* Currently, the only supported auth type is "descriptor" and the only
|
||||
* supported key type is "x25519". */
|
||||
if (strcmp(auth_type, "descriptor") || strcmp(key_type, "x25519")) {
|
||||
/* Currently, the only supported auth type is "descriptor". */
|
||||
if (strcmp(auth_type, "descriptor")) {
|
||||
log_warn(LD_REND, "The auth type '%s' is not supported.", auth_type);
|
||||
goto err;
|
||||
}
|
||||
|
||||
/* Currently, the only supported key type is "x25519". */
|
||||
if (strcmp(key_type, "x25519")) {
|
||||
log_warn(LD_REND, "The key type '%s' is not supported.", key_type);
|
||||
goto err;
|
||||
}
|
||||
|
||||
@ -1168,6 +1175,7 @@ parse_authorized_client(const char *client_key_str)
|
||||
if (base32_decode((char *) client->client_pk.public_key,
|
||||
sizeof(client->client_pk.public_key),
|
||||
pubkey_b32, strlen(pubkey_b32)) < 0) {
|
||||
log_warn(LD_REND, "The public key cannot be decoded.");
|
||||
goto err;
|
||||
}
|
||||
|
||||
@ -1233,8 +1241,14 @@ load_client_keys(hs_service_t *service)
|
||||
|
||||
SMARTLIST_FOREACH_BEGIN(file_list, const char *, filename) {
|
||||
hs_service_authorized_client_t *client = NULL;
|
||||
log_info(LD_REND, "Loading a client authorization key file %s...",
|
||||
filename);
|
||||
|
||||
if (!client_filename_is_valid(filename)) {
|
||||
log_warn(LD_REND, "The filename is invalid.");
|
||||
continue;
|
||||
}
|
||||
|
||||
if (client_filename_is_valid(filename)) {
|
||||
/* Create a full path for a file. */
|
||||
client_key_file_path = hs_path_from_filename(client_keys_dir_path,
|
||||
filename);
|
||||
@ -1244,16 +1258,19 @@ load_client_keys(hs_service_t *service)
|
||||
|
||||
/* If we cannot read the file, continue with the next file. */
|
||||
if (!client_key_str) {
|
||||
log_warn(LD_REND, "The file cannot be read.");
|
||||
continue;
|
||||
}
|
||||
|
||||
client = parse_authorized_client(client_key_str);
|
||||
/* Free immediately after using it. */
|
||||
/* Wipe and free immediately after using it. */
|
||||
memwipe(client_key_str, 0, strlen(client_key_str));
|
||||
tor_free(client_key_str);
|
||||
|
||||
if (client) {
|
||||
smartlist_add(config->clients, client);
|
||||
}
|
||||
log_info(LD_REND, "Loaded a client authorization key file %s.",
|
||||
filename);
|
||||
}
|
||||
|
||||
} SMARTLIST_FOREACH_END(filename);
|
||||
|
Loading…
Reference in New Issue
Block a user