[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [tor/master] Mechanical rename: tor_cert_t -> tor_x509_cert_t



commit f253aef14faf7640f94e9e76947b6a4461c3c1a4
Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date:   Tue Sep 30 08:31:08 2014 -0400

    Mechanical rename: tor_cert_t -> tor_x509_cert_t
---
 src/common/tortls.c    |   66 ++++++++++++++++++++++++------------------------
 src/common/tortls.h    |   26 +++++++++----------
 src/or/channeltls.c    |   26 +++++++++----------
 src/or/connection_or.c |   24 +++++++++---------
 src/or/or.h            |    4 +--
 5 files changed, 73 insertions(+), 73 deletions(-)

diff --git a/src/common/tortls.c b/src/common/tortls.c
index 97a82bf..b4d50cd 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -122,7 +122,7 @@ static int use_unsafe_renegotiation_op = 0;
 static int use_unsafe_renegotiation_flag = 0;
 
 /** Structure that we use for a single certificate. */
-struct tor_cert_t {
+struct tor_x509_cert_t {
   X509 *cert;
   uint8_t *encoded;
   size_t encoded_len;
@@ -137,9 +137,9 @@ struct tor_cert_t {
 typedef struct tor_tls_context_t {
   int refcnt;
   SSL_CTX *ctx;
-  tor_cert_t *my_link_cert;
-  tor_cert_t *my_id_cert;
-  tor_cert_t *my_auth_cert;
+  tor_x509_cert_t *my_link_cert;
+  tor_x509_cert_t *my_id_cert;
+  tor_x509_cert_t *my_auth_cert;
   crypto_pk_t *link_key;
   crypto_pk_t *auth_key;
 } tor_tls_context_t;
@@ -821,7 +821,7 @@ static const int N_CLIENT_CIPHERS = ARRAY_LENGTH(CLIENT_CIPHER_INFO_LIST);
 
 /** Free all storage held in <b>cert</b> */
 void
-tor_cert_free(tor_cert_t *cert)
+tor_x509_cert_free(tor_x509_cert_t *cert)
 {
   if (! cert)
     return;
@@ -833,14 +833,14 @@ tor_cert_free(tor_cert_t *cert)
 }
 
 /**
- * Allocate a new tor_cert_t to hold the certificate "x509_cert".
+ * Allocate a new tor_x509_cert_t to hold the certificate "x509_cert".
  *
  * Steals a reference to x509_cert.
  */
-static tor_cert_t *
-tor_cert_new(X509 *x509_cert)
+static tor_x509_cert_t *
+tor_x509_cert_new(X509 *x509_cert)
 {
-  tor_cert_t *cert;
+  tor_x509_cert_t *cert;
   EVP_PKEY *pkey;
   RSA *rsa;
   int length;
@@ -850,7 +850,7 @@ tor_cert_new(X509 *x509_cert)
     return NULL;
 
   length = i2d_X509(x509_cert, &buf);
-  cert = tor_malloc_zero(sizeof(tor_cert_t));
+  cert = tor_malloc_zero(sizeof(tor_x509_cert_t));
   if (length <= 0 || buf == NULL) {
     tor_free(cert);
     log_err(LD_CRYPTO, "Couldn't get length of encoded x509 certificate");
@@ -880,14 +880,14 @@ tor_cert_new(X509 *x509_cert)
 }
 
 /** Read a DER-encoded X509 cert, of length exactly <b>certificate_len</b>,
- * from a <b>certificate</b>.  Return a newly allocated tor_cert_t on success
+ * from a <b>certificate</b>.  Return a newly allocated tor_x509_cert_t on success
  * and NULL on failure. */
-tor_cert_t *
-tor_cert_decode(const uint8_t *certificate, size_t certificate_len)
+tor_x509_cert_t *
+tor_x509_cert_decode(const uint8_t *certificate, size_t certificate_len)
 {
   X509 *x509;
   const unsigned char *cp = (const unsigned char *)certificate;
-  tor_cert_t *newcert;
+  tor_x509_cert_t *newcert;
   tor_assert(certificate);
   check_no_tls_errors();
 
@@ -902,14 +902,14 @@ tor_cert_decode(const uint8_t *certificate, size_t certificate_len)
     X509_free(x509);
     goto err; /* Didn't use all the bytes */
   }
-  newcert = tor_cert_new(x509);
+  newcert = tor_x509_cert_new(x509);
   if (!newcert) {
     goto err;
   }
   if (newcert->encoded_len != certificate_len ||
       fast_memneq(newcert->encoded, certificate, certificate_len)) {
     /* Cert wasn't in DER */
-    tor_cert_free(newcert);
+    tor_x509_cert_free(newcert);
     goto err;
   }
   return newcert;
@@ -921,7 +921,7 @@ tor_cert_decode(const uint8_t *certificate, size_t certificate_len)
 /** Set *<b>encoded_out</b> and *<b>size_out</b> to <b>cert</b>'s encoded DER
  * representation and length, respectively. */
 void
-tor_cert_get_der(const tor_cert_t *cert,
+tor_x509_cert_get_der(const tor_x509_cert_t *cert,
                  const uint8_t **encoded_out, size_t *size_out)
 {
   tor_assert(cert);
@@ -934,7 +934,7 @@ tor_cert_get_der(const tor_cert_t *cert,
 /** Return a set of digests for the public key in <b>cert</b>, or NULL if this
  * cert's public key is not one we know how to take the digest of. */
 const digests_t *
-tor_cert_get_id_digests(const tor_cert_t *cert)
+tor_x509_cert_get_id_digests(const tor_x509_cert_t *cert)
 {
   if (cert->pkey_digests_set)
     return &cert->pkey_digests;
@@ -944,7 +944,7 @@ tor_cert_get_id_digests(const tor_cert_t *cert)
 
 /** Return a set of digests for the public key in <b>cert</b>. */
 const digests_t *
-tor_cert_get_cert_digests(const tor_cert_t *cert)
+tor_x509_cert_get_cert_digests(const tor_x509_cert_t *cert)
 {
   return &cert->cert_digests;
 }
@@ -957,9 +957,9 @@ tor_tls_context_decref(tor_tls_context_t *ctx)
   tor_assert(ctx);
   if (--ctx->refcnt == 0) {
     SSL_CTX_free(ctx->ctx);
-    tor_cert_free(ctx->my_link_cert);
-    tor_cert_free(ctx->my_id_cert);
-    tor_cert_free(ctx->my_auth_cert);
+    tor_x509_cert_free(ctx->my_link_cert);
+    tor_x509_cert_free(ctx->my_id_cert);
+    tor_x509_cert_free(ctx->my_auth_cert);
     crypto_pk_free(ctx->link_key);
     crypto_pk_free(ctx->auth_key);
     tor_free(ctx);
@@ -973,8 +973,8 @@ tor_tls_context_decref(tor_tls_context_t *ctx)
  * client mode. */
 int
 tor_tls_get_my_certs(int server,
-                     const tor_cert_t **link_cert_out,
-                     const tor_cert_t **id_cert_out)
+                     const tor_x509_cert_t **link_cert_out,
+                     const tor_x509_cert_t **id_cert_out)
 {
   tor_tls_context_t *ctx = server ? server_tls_context : client_tls_context;
   if (! ctx)
@@ -1003,7 +1003,7 @@ tor_tls_get_my_client_auth_key(void)
  * certifies.  Return NULL if the cert's key is not RSA.
  */
 crypto_pk_t *
-tor_tls_cert_get_key(tor_cert_t *cert)
+tor_tls_cert_get_key(tor_x509_cert_t *cert)
 {
   crypto_pk_t *result = NULL;
   EVP_PKEY *pkey = X509_get_pubkey(cert->cert);
@@ -1024,7 +1024,7 @@ tor_tls_cert_get_key(tor_cert_t *cert)
  * the key certified in <b>cert</b> is the same as the key they used to do it.
  */
 int
-tor_tls_cert_matches_key(const tor_tls_t *tls, const tor_cert_t *cert)
+tor_tls_cert_matches_key(const tor_tls_t *tls, const tor_x509_cert_t *cert)
 {
   X509 *peercert = SSL_get_peer_certificate(tls->ssl);
   EVP_PKEY *link_key = NULL, *cert_key = NULL;
@@ -1053,8 +1053,8 @@ tor_tls_cert_matches_key(const tor_tls_t *tls, const tor_cert_t *cert)
  * we couldn't check it. */
 int
 tor_tls_cert_is_valid(int severity,
-                      const tor_cert_t *cert,
-                      const tor_cert_t *signing_cert,
+                      const tor_x509_cert_t *cert,
+                      const tor_x509_cert_t *signing_cert,
                       int check_rsa_1024)
 {
   check_no_tls_errors();
@@ -1265,9 +1265,9 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime,
   result = tor_malloc_zero(sizeof(tor_tls_context_t));
   result->refcnt = 1;
   if (!is_client) {
-    result->my_link_cert = tor_cert_new(X509_dup(cert));
-    result->my_id_cert = tor_cert_new(X509_dup(idcert));
-    result->my_auth_cert = tor_cert_new(X509_dup(authcert));
+    result->my_link_cert = tor_x509_cert_new(X509_dup(cert));
+    result->my_id_cert = tor_x509_cert_new(X509_dup(idcert));
+    result->my_auth_cert = tor_x509_cert_new(X509_dup(authcert));
     if (!result->my_link_cert || !result->my_id_cert || !result->my_auth_cert)
       goto error;
     result->link_key = crypto_pk_dup_key(rsa);
@@ -2394,7 +2394,7 @@ tor_tls_peer_has_cert(tor_tls_t *tls)
 }
 
 /** Return the peer certificate, or NULL if there isn't one. */
-tor_cert_t *
+tor_x509_cert_t *
 tor_tls_get_peer_cert(tor_tls_t *tls)
 {
   X509 *cert;
@@ -2402,7 +2402,7 @@ tor_tls_get_peer_cert(tor_tls_t *tls)
   tls_log_errors(tls, LOG_WARN, LD_HANDSHAKE, "getting peer certificate");
   if (!cert)
     return NULL;
-  return tor_cert_new(cert);
+  return tor_x509_cert_new(cert);
 }
 
 /** Warn that a certificate lifetime extends through a certain range. */
diff --git a/src/common/tortls.h b/src/common/tortls.h
index f8c6d59..22b1a9e 100644
--- a/src/common/tortls.h
+++ b/src/common/tortls.h
@@ -19,7 +19,7 @@
 typedef struct tor_tls_t tor_tls_t;
 
 /* Opaque structure to hold an X509 certificate. */
-typedef struct tor_cert_t tor_cert_t;
+typedef struct tor_x509_cert_t tor_x509_cert_t;
 
 /* Possible return values for most tor_tls_* functions. */
 #define MIN_TOR_TLS_ERROR_VAL_     -9
@@ -72,7 +72,7 @@ void tor_tls_set_renegotiate_callback(tor_tls_t *tls,
 int tor_tls_is_server(tor_tls_t *tls);
 void tor_tls_free(tor_tls_t *tls);
 int tor_tls_peer_has_cert(tor_tls_t *tls);
-tor_cert_t *tor_tls_get_peer_cert(tor_tls_t *tls);
+tor_x509_cert_t *tor_tls_get_peer_cert(tor_tls_t *tls);
 int tor_tls_verify(int severity, tor_tls_t *tls, crypto_pk_t **identity);
 int tor_tls_check_lifetime(int severity,
                            tor_tls_t *tls, int past_tolerance,
@@ -120,22 +120,22 @@ struct bufferevent *tor_tls_init_bufferevent(tor_tls_t *tls,
                                      int filter);
 #endif
 
-void tor_cert_free(tor_cert_t *cert);
-tor_cert_t *tor_cert_decode(const uint8_t *certificate,
+void tor_x509_cert_free(tor_x509_cert_t *cert);
+tor_x509_cert_t *tor_x509_cert_decode(const uint8_t *certificate,
                             size_t certificate_len);
-void tor_cert_get_der(const tor_cert_t *cert,
+void tor_x509_cert_get_der(const tor_x509_cert_t *cert,
                       const uint8_t **encoded_out, size_t *size_out);
-const digests_t *tor_cert_get_id_digests(const tor_cert_t *cert);
-const digests_t *tor_cert_get_cert_digests(const tor_cert_t *cert);
+const digests_t *tor_x509_cert_get_id_digests(const tor_x509_cert_t *cert);
+const digests_t *tor_x509_cert_get_cert_digests(const tor_x509_cert_t *cert);
 int tor_tls_get_my_certs(int server,
-                         const tor_cert_t **link_cert_out,
-                         const tor_cert_t **id_cert_out);
+                         const tor_x509_cert_t **link_cert_out,
+                         const tor_x509_cert_t **id_cert_out);
 crypto_pk_t *tor_tls_get_my_client_auth_key(void);
-crypto_pk_t *tor_tls_cert_get_key(tor_cert_t *cert);
-int tor_tls_cert_matches_key(const tor_tls_t *tls, const tor_cert_t *cert);
+crypto_pk_t *tor_tls_cert_get_key(tor_x509_cert_t *cert);
+int tor_tls_cert_matches_key(const tor_tls_t *tls, const tor_x509_cert_t *cert);
 int tor_tls_cert_is_valid(int severity,
-                          const tor_cert_t *cert,
-                          const tor_cert_t *signing_cert,
+                          const tor_x509_cert_t *cert,
+                          const tor_x509_cert_t *signing_cert,
                           int check_rsa_1024);
 const char *tor_tls_get_ciphersuite_name(tor_tls_t *tls);
 
diff --git a/src/or/channeltls.c b/src/or/channeltls.c
index e194c1c..10fcb28 100644
--- a/src/or/channeltls.c
+++ b/src/or/channeltls.c
@@ -1747,9 +1747,9 @@ channel_tls_process_netinfo_cell(cell_t *cell, channel_tls_t *chan)
 static void
 channel_tls_process_certs_cell(var_cell_t *cell, channel_tls_t *chan)
 {
-  tor_cert_t *link_cert = NULL;
-  tor_cert_t *id_cert = NULL;
-  tor_cert_t *auth_cert = NULL;
+  tor_x509_cert_t *link_cert = NULL;
+  tor_x509_cert_t *id_cert = NULL;
+  tor_x509_cert_t *auth_cert = NULL;
   uint8_t *ptr;
   int n_certs, i;
   int send_netinfo = 0;
@@ -1803,7 +1803,7 @@ channel_tls_process_certs_cell(var_cell_t *cell, channel_tls_t *chan)
     if (cert_type == OR_CERT_TYPE_TLS_LINK ||
         cert_type == OR_CERT_TYPE_ID_1024 ||
         cert_type == OR_CERT_TYPE_AUTH_1024) {
-      tor_cert_t *cert = tor_cert_decode(ptr + 3, cert_len);
+      tor_x509_cert_t *cert = tor_x509_cert_decode(ptr + 3, cert_len);
       if (!cert) {
         log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
                "Received undecodable certificate in CERTS cell from %s:%d",
@@ -1812,24 +1812,24 @@ channel_tls_process_certs_cell(var_cell_t *cell, channel_tls_t *chan)
       } else {
         if (cert_type == OR_CERT_TYPE_TLS_LINK) {
           if (link_cert) {
-            tor_cert_free(cert);
+            tor_x509_cert_free(cert);
             ERR("Too many TLS_LINK certificates");
           }
           link_cert = cert;
         } else if (cert_type == OR_CERT_TYPE_ID_1024) {
           if (id_cert) {
-            tor_cert_free(cert);
+            tor_x509_cert_free(cert);
             ERR("Too many ID_1024 certificates");
           }
           id_cert = cert;
         } else if (cert_type == OR_CERT_TYPE_AUTH_1024) {
           if (auth_cert) {
-            tor_cert_free(cert);
+            tor_x509_cert_free(cert);
             ERR("Too many AUTH_1024 certificates");
           }
           auth_cert = cert;
         } else {
-          tor_cert_free(cert);
+          tor_x509_cert_free(cert);
         }
       }
     }
@@ -1864,7 +1864,7 @@ channel_tls_process_certs_cell(var_cell_t *cell, channel_tls_t *chan)
 
     chan->conn->handshake_state->authenticated = 1;
     {
-      const digests_t *id_digests = tor_cert_get_id_digests(id_cert);
+      const digests_t *id_digests = tor_x509_cert_get_id_digests(id_cert);
       crypto_pk_t *identity_rcvd;
       if (!id_digests)
         ERR("Couldn't compute digests for key in ID cert");
@@ -1929,9 +1929,9 @@ channel_tls_process_certs_cell(var_cell_t *cell, channel_tls_t *chan)
   }
 
  err:
-  tor_cert_free(id_cert);
-  tor_cert_free(link_cert);
-  tor_cert_free(auth_cert);
+  tor_x509_cert_free(id_cert);
+  tor_x509_cert_free(link_cert);
+  tor_x509_cert_free(auth_cert);
 #undef ERR
 }
 
@@ -2151,7 +2151,7 @@ channel_tls_process_authenticate_cell(var_cell_t *cell, channel_tls_t *chan)
     crypto_pk_t *identity_rcvd =
       tor_tls_cert_get_key(chan->conn->handshake_state->id_cert);
     const digests_t *id_digests =
-      tor_cert_get_id_digests(chan->conn->handshake_state->id_cert);
+      tor_x509_cert_get_id_digests(chan->conn->handshake_state->id_cert);
 
     /* This must exist; we checked key type when reading the cert. */
     tor_assert(id_digests);
diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index 85462d8..6c584a5 100644
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -1878,8 +1878,8 @@ or_handshake_state_free(or_handshake_state_t *state)
     return;
   crypto_digest_free(state->digest_sent);
   crypto_digest_free(state->digest_received);
-  tor_cert_free(state->auth_cert);
-  tor_cert_free(state->id_cert);
+  tor_x509_cert_free(state->auth_cert);
+  tor_x509_cert_free(state->id_cert);
   memwipe(state, 0xBE, sizeof(or_handshake_state_t));
   tor_free(state);
 }
@@ -2227,7 +2227,7 @@ connection_or_send_netinfo(or_connection_t *conn)
 int
 connection_or_send_certs_cell(or_connection_t *conn)
 {
-  const tor_cert_t *link_cert = NULL, *id_cert = NULL;
+  const tor_x509_cert_t *link_cert = NULL, *id_cert = NULL;
   const uint8_t *link_encoded = NULL, *id_encoded = NULL;
   size_t link_len, id_len;
   var_cell_t *cell;
@@ -2242,8 +2242,8 @@ connection_or_send_certs_cell(or_connection_t *conn)
   server_mode = ! conn->handshake_state->started_here;
   if (tor_tls_get_my_certs(server_mode, &link_cert, &id_cert) < 0)
     return -1;
-  tor_cert_get_der(link_cert, &link_encoded, &link_len);
-  tor_cert_get_der(id_cert, &id_encoded, &id_len);
+  tor_x509_cert_get_der(link_cert, &link_encoded, &link_len);
+  tor_x509_cert_get_der(id_cert, &id_encoded, &id_len);
 
   cell_len = 1 /* 1 byte: num certs in cell */ +
              2 * ( 1 + 2 ) /* For each cert: 1 byte for type, 2 for length */ +
@@ -2342,13 +2342,13 @@ connection_or_compute_authenticate_cell_body(or_connection_t *conn,
   ptr += 8;
 
   {
-    const tor_cert_t *id_cert=NULL, *link_cert=NULL;
+    const tor_x509_cert_t *id_cert=NULL, *link_cert=NULL;
     const digests_t *my_digests, *their_digests;
     const uint8_t *my_id, *their_id, *client_id, *server_id;
     if (tor_tls_get_my_certs(server, &link_cert, &id_cert))
       return -1;
-    my_digests = tor_cert_get_id_digests(id_cert);
-    their_digests = tor_cert_get_id_digests(conn->handshake_state->id_cert);
+    my_digests = tor_x509_cert_get_id_digests(id_cert);
+    their_digests = tor_x509_cert_get_id_digests(conn->handshake_state->id_cert);
     tor_assert(my_digests);
     tor_assert(their_digests);
     my_id = (uint8_t*)my_digests->d[DIGEST_SHA256];
@@ -2387,8 +2387,8 @@ connection_or_compute_authenticate_cell_body(or_connection_t *conn,
 
   {
     /* Digest of cert used on TLS link : 32 octets. */
-    const tor_cert_t *cert = NULL;
-    tor_cert_t *freecert = NULL;
+    const tor_x509_cert_t *cert = NULL;
+    tor_x509_cert_t *freecert = NULL;
     if (server) {
       tor_tls_get_my_certs(1, &cert, NULL);
     } else {
@@ -2397,10 +2397,10 @@ connection_or_compute_authenticate_cell_body(or_connection_t *conn,
     }
     if (!cert)
       return -1;
-    memcpy(ptr, tor_cert_get_cert_digests(cert)->d[DIGEST_SHA256], 32);
+    memcpy(ptr, tor_x509_cert_get_cert_digests(cert)->d[DIGEST_SHA256], 32);
 
     if (freecert)
-      tor_cert_free(freecert);
+      tor_x509_cert_free(freecert);
     ptr += 32;
   }
 
diff --git a/src/or/or.h b/src/or/or.h
index 6723f93..19694a0 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -1411,9 +1411,9 @@ typedef struct or_handshake_state_t {
    * @{
    */
   /** The cert for the key that's supposed to sign the AUTHENTICATE cell */
-  tor_cert_t *auth_cert;
+  tor_x509_cert_t *auth_cert;
   /** A self-signed identity certificate */
-  tor_cert_t *id_cert;
+  tor_x509_cert_t *id_cert;
   /**@}*/
 } or_handshake_state_t;
 



_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits