diff options
author | David Goulet <dgoulet@torproject.org> | 2019-05-28 13:49:03 -0400 |
---|---|---|
committer | George Kadianakis <desnacked@riseup.net> | 2019-11-18 19:06:43 +0200 |
commit | 542402cd60bc6b26f43c399b238602a1f3c18d85 (patch) | |
tree | f01022bb3efb2de38933c4ec3a5b6dd71c0b30bc /src/feature/hs | |
parent | fb1d2120212bef100f2b5e90d27b8c251280cb0c (diff) | |
download | tor-542402cd60bc6b26f43c399b238602a1f3c18d85.tar.gz tor-542402cd60bc6b26f43c399b238602a1f3c18d85.zip |
hs-v3: Set extended error when missing/bad client auth
Part of #30382
Signed-off-by: David Goulet <dgoulet@torproject.org>
Diffstat (limited to 'src/feature/hs')
-rw-r--r-- | src/feature/hs/hs_client.c | 31 | ||||
-rw-r--r-- | src/feature/hs/hs_client.h | 2 |
2 files changed, 33 insertions, 0 deletions
diff --git a/src/feature/hs/hs_client.c b/src/feature/hs/hs_client.c index 0e4df73b9f..0a10492e07 100644 --- a/src/feature/hs/hs_client.c +++ b/src/feature/hs/hs_client.c @@ -1782,6 +1782,37 @@ hs_client_desc_not_found(const hs_ident_dir_conn_t *ident) smartlist_free(entry_conns); } +/* This is called when a descriptor fetch was successful but the descriptor + * couldn't be decrypted due to missing or bad client authorization. */ +void +hs_client_desc_missing_bad_client_auth(const hs_ident_dir_conn_t *ident, + hs_desc_decode_status_t status) +{ + smartlist_t *entry_conns; + + tor_assert(ident); + + entry_conns = find_entry_conns(&ident->identity_pk); + + SMARTLIST_FOREACH_BEGIN(entry_conns, entry_connection_t *, entry_conn) { + socks5_reply_status_t code; + if (status == HS_DESC_DECODE_BAD_CLIENT_AUTH) { + code = SOCKS5_HS_BAD_CLIENT_AUTH; + } else if (status == HS_DESC_DECODE_NEED_CLIENT_AUTH) { + code = SOCKS5_HS_MISSING_CLIENT_AUTH; + } else { + /* We should not be called with another type of status. Recover by + * sending a generic error. */ + tor_assert_nonfatal_unreached(); + code = HS_DESC_DECODE_GENERIC_ERROR; + } + entry_conn->socks_request->socks_extended_error_code = code; + } SMARTLIST_FOREACH_END(entry_conn); + + /* We don't have ownership of the objects in this list. */ + smartlist_free(entry_conns); +} + /** Return a newly allocated extend_info_t for a randomly chosen introduction * point for the given edge connection identifier ident. Return NULL if we * can't pick any usable introduction points. */ diff --git a/src/feature/hs/hs_client.h b/src/feature/hs/hs_client.h index 6bd6e5748f..616d31a011 100644 --- a/src/feature/hs/hs_client.h +++ b/src/feature/hs/hs_client.h @@ -74,6 +74,8 @@ int hs_client_receive_rendezvous2(origin_circuit_t *circ, void hs_client_desc_has_arrived(const hs_ident_dir_conn_t *ident); void hs_client_desc_not_found(const hs_ident_dir_conn_t *ident); +void hs_client_desc_missing_bad_client_auth(const hs_ident_dir_conn_t *ident, + hs_desc_decode_status_t status); extend_info_t *hs_client_get_random_intro_from_edge( const edge_connection_t *edge_conn); |