diff options
author | David Goulet <dgoulet@torproject.org> | 2019-06-11 08:28:13 -0400 |
---|---|---|
committer | David Goulet <dgoulet@torproject.org> | 2019-08-06 07:58:14 -0400 |
commit | c5b00c5a514a6b40e5245bc1fd78fe5490922739 (patch) | |
tree | 52c2c6791d959c84c7c2b0d538e8aac1d5cb913a /src/feature | |
parent | fec0a7b7cbae344bd813152c8a04b6e87b6fa9a7 (diff) | |
download | tor-c5b00c5a514a6b40e5245bc1fd78fe5490922739.tar.gz tor-c5b00c5a514a6b40e5245bc1fd78fe5490922739.zip |
hs-v3: Add consensus parameters for DoS defenses
Part of #15516
Signed-off-by: David Goulet <dgoulet@torproject.org>
Diffstat (limited to 'src/feature')
-rw-r--r-- | src/feature/hs/hs_common.c | 2 | ||||
-rw-r--r-- | src/feature/hs/hs_dos.c | 85 | ||||
-rw-r--r-- | src/feature/hs/hs_dos.h | 25 | ||||
-rw-r--r-- | src/feature/nodelist/networkstatus.c | 2 |
4 files changed, 98 insertions, 16 deletions
diff --git a/src/feature/hs/hs_common.c b/src/feature/hs/hs_common.c index a5747fe170..8661ce046a 100644 --- a/src/feature/hs/hs_common.c +++ b/src/feature/hs/hs_common.c @@ -21,6 +21,7 @@ #include "feature/hs/hs_circuitmap.h" #include "feature/hs/hs_client.h" #include "feature/hs/hs_common.h" +#include "feature/hs/hs_dos.h" #include "feature/hs/hs_ident.h" #include "feature/hs/hs_service.h" #include "feature/hs_common/shared_random_client.h" @@ -30,6 +31,7 @@ #include "feature/nodelist/routerset.h" #include "feature/rend/rendcommon.h" #include "feature/rend/rendservice.h" +#include "feature/relay/routermode.h" #include "lib/crypt_ops/crypto_rand.h" #include "lib/crypt_ops/crypto_util.h" diff --git a/src/feature/hs/hs_dos.c b/src/feature/hs/hs_dos.c index ad9d044f48..25d282adbc 100644 --- a/src/feature/hs/hs_dos.c +++ b/src/feature/hs/hs_dos.c @@ -18,14 +18,92 @@ #define HS_DOS_PRIVATE +#include "core/or/or.h" +#include "app/config/config.h" + #include "core/or/circuitlist.h" +#include "feature/nodelist/networkstatus.h" +#include "feature/relay/routermode.h" + +#include "lib/evloop/token_bucket.h" + #include "hs_dos.h" +/* Default value of the allowed INTRODUCE2 cell rate per second. Above that + * value per second, the introduction is denied. */ +#define HS_DOS_INTRODUCE_CELL_RATE_PER_SEC 25 + +/* Default value of the allowed INTRODUCE2 cell burst per second. This is the + * maximum value a token bucket has per second. We thus allow up to this value + * of INTRODUCE2 cell per second but the bucket is refilled by the rate value + * but never goes above that burst value. */ +#define HS_DOS_INTRODUCE_CELL_BURST_PER_SEC 200 + +/* Consensus parameters. */ +static uint32_t hs_dos_introduce_rate_per_sec = + HS_DOS_INTRODUCE_CELL_RATE_PER_SEC; +static uint32_t hs_dos_introduce_burst_per_sec = + HS_DOS_INTRODUCE_CELL_BURST_PER_SEC; + +/* Return the parameter for the introduction rate per sec. */ +static uint32_t +get_param_rate_per_sec(const networkstatus_t *ns) +{ + return networkstatus_get_param(ns, "HiddenServiceEnableIntroDoSRatePerSec", + HS_DOS_INTRODUCE_CELL_RATE_PER_SEC, + 0, INT32_MAX); +} + +/* Return the parameter for the introduction burst per sec. */ +static uint32_t +get_param_burst_per_sec(const networkstatus_t *ns) +{ + return networkstatus_get_param(ns, "HiddenServiceEnableIntroDoSBurstPerSec", + HS_DOS_INTRODUCE_CELL_BURST_PER_SEC, + 0, INT32_MAX); +} + +/* Set consensus parameters. */ +static void +set_consensus_parameters(const networkstatus_t *ns) +{ + hs_dos_introduce_rate_per_sec = get_param_rate_per_sec(ns); + hs_dos_introduce_burst_per_sec = get_param_burst_per_sec(ns); +} + /* * Public API. */ +/* Return the INTRODUCE2 cell rate per second. */ +uint32_t +hs_dos_get_intro2_rate(void) +{ + return hs_dos_introduce_rate_per_sec; +} + +/* Return the INTRODUCE2 cell burst per second. */ +uint32_t +hs_dos_get_intro2_burst(void) +{ + return hs_dos_introduce_burst_per_sec; +} + +/* Called when the consensus has changed. We might have new consensus + * parameters to look at. */ +void +hs_dos_consensus_has_changed(const networkstatus_t *ns) +{ + /* No point on updating these values if we are not a public relay that can + * be picked to be an introduction point. */ + if (!public_server_mode(get_options())) { + return; + } + + set_consensus_parameters(ns); +} + /* Return true iff an INTRODUCE2 cell can be sent on the given service * introduction circuit. */ bool @@ -58,3 +136,10 @@ hs_dos_can_send_intro2(or_circuit_t *s_intro_circ) /* Finally, we can send a new INTRODUCE2 if there are still tokens. */ return token_bucket_ctr_get(&s_intro_circ->introduce2_bucket) > 0; } + +/* Initialize the onion service Denial of Service subsystem. */ +void +hs_dos_init(void) +{ + set_consensus_parameters(NULL); +} diff --git a/src/feature/hs/hs_dos.h b/src/feature/hs/hs_dos.h index e3a83a1039..9fba00b52b 100644 --- a/src/feature/hs/hs_dos.h +++ b/src/feature/hs/hs_dos.h @@ -12,26 +12,19 @@ #include "core/or/or_circuit_st.h" -#include "lib/evloop/token_bucket.h" +#include "feature/nodelist/networkstatus_st.h" -#define HS_DOS_INTRODUCE_CELL_RATE_PER_SEC 25 -#define HS_DOS_INTRODUCE_CELL_BURST_PER_SEC 200 +/* Init */ +void hs_dos_init(void); + +/* Consensus. */ +void hs_dos_consensus_has_changed(const networkstatus_t *ns); bool hs_dos_can_send_intro2(or_circuit_t *s_intro_circ); -/* Return the INTRODUCE2 cell rate per second. */ -static inline -uint32_t hs_dos_get_intro2_rate(void) -{ - return HS_DOS_INTRODUCE_CELL_RATE_PER_SEC; -} - -/* Return the INTRODUCE2 cell burst per second. */ -static inline -uint32_t hs_dos_get_intro2_burst(void) -{ - return HS_DOS_INTRODUCE_CELL_BURST_PER_SEC; -} +/* Getters. */ +uint32_t hs_dos_get_intro2_rate(void); +uint32_t hs_dos_get_intro2_burst(void); #ifdef HS_DOS_PRIVATE diff --git a/src/feature/nodelist/networkstatus.c b/src/feature/nodelist/networkstatus.c index 2db293a8af..496bafb865 100644 --- a/src/feature/nodelist/networkstatus.c +++ b/src/feature/nodelist/networkstatus.c @@ -68,6 +68,7 @@ #include "feature/dircommon/voting_schedule.h" #include "feature/dirparse/ns_parse.h" #include "feature/hibernate/hibernate.h" +#include "feature/hs/hs_dos.h" #include "feature/nodelist/authcert.h" #include "feature/nodelist/dirlist.h" #include "feature/nodelist/fmt_routerstatus.h" @@ -1674,6 +1675,7 @@ notify_before_networkstatus_changes(const networkstatus_t *old_c, notify_control_networkstatus_changed(old_c, new_c); dos_consensus_has_changed(new_c); relay_consensus_has_changed(new_c); + hs_dos_consensus_has_changed(new_c); } /* Called after a new consensus has been put in the global state. It is safe |