hs: Limit the amount of relayed INTRODUCE2

This commit add the hs_dos.{c|h} file that has the purpose of having the
anti-DoS code for onion services.

At this commit, it only has one which is a function that decides if an
INTRODUCE2 can be sent on the given introduction service circuit (S<->IP)
using a simple token bucket.

The rate per second is 25 and allowed burst to 200.

Basic defenses on #15516.

Signed-off-by: David Goulet <dgoulet@torproject.org>

1 files changed, 44 insertions, 0 deletions

diff --git a/src/feature/hs/hs_dos.h b/src/feature/hs/hs_dos.h
new file mode 100644
index 0000000000..e3a83a1039
--- /dev/null
+++ b/src/feature/hs/hs_dos.h
@@ -0,0 +1,44 @@
+/* Copyright (c) 2019, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+/**
+ * \file hs_dos.h
+ * \brief Header file containing denial of service defenses for the HS
+ *        subsystem for all versions.
+ **/
+
+#ifndef TOR_HS_DOS_H
+#define TOR_HS_DOS_H
+
+#include "core/or/or_circuit_st.h"
+
+#include "lib/evloop/token_bucket.h"
+
+#define HS_DOS_INTRODUCE_CELL_RATE_PER_SEC 25
+#define HS_DOS_INTRODUCE_CELL_BURST_PER_SEC 200
+
+bool hs_dos_can_send_intro2(or_circuit_t *s_intro_circ);
+
+/* Return the INTRODUCE2 cell rate per second. */
+static inline
+uint32_t hs_dos_get_intro2_rate(void)
+{
+  return HS_DOS_INTRODUCE_CELL_RATE_PER_SEC;
+}
+
+/* Return the INTRODUCE2 cell burst per second. */
+static inline
+uint32_t hs_dos_get_intro2_burst(void)
+{
+  return HS_DOS_INTRODUCE_CELL_BURST_PER_SEC;
+}
+
+#ifdef HS_DOS_PRIVATE
+
+#ifdef TOR_UNIT_TESTS
+
+#endif /* define(TOR_UNIT_TESTS) */
+
+#endif /* defined(HS_DOS_PRIVATE) */
+
+#endif /* !defined(TOR_HS_DOS_H) */