summaryrefslogtreecommitdiff
path: root/src/or
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2017-04-13 09:38:59 -0400
committerNick Mathewson <nickm@torproject.org>2017-04-13 09:38:59 -0400
commit28ec2d9c2cbb300af8ba467898626020add977c4 (patch)
treefe4a55646b06e255bddc2f31fb6533485513bc86 /src/or
parent755c88a4746b8b58d1b36486a611abc2d4f44144 (diff)
parentbf68c78e942b196e65e2d8ae6f172a5a6a363561 (diff)
downloadtor-28ec2d9c2cbb300af8ba467898626020add977c4.tar.gz
tor-28ec2d9c2cbb300af8ba467898626020add977c4.zip
Merge remote-tracking branch 'dgoulet/ticket21919_031_01'
Diffstat (limited to 'src/or')
-rw-r--r--src/or/hs_intropoint.c91
-rw-r--r--src/or/hs_intropoint.h4
-rw-r--r--src/or/hs_service.c42
-rw-r--r--src/or/hs_service.h4
4 files changed, 71 insertions, 70 deletions
diff --git a/src/or/hs_intropoint.c b/src/or/hs_intropoint.c
index a7282aba8f..c32d24480a 100644
--- a/src/or/hs_intropoint.c
+++ b/src/or/hs_intropoint.c
@@ -43,16 +43,16 @@ get_auth_key_from_cell(ed25519_public_key_t *auth_key_out,
switch (cell_type) {
case RELAY_COMMAND_ESTABLISH_INTRO:
{
- const hs_cell_establish_intro_t *c_cell = cell;
- key_array = hs_cell_establish_intro_getconstarray_auth_key(c_cell);
- auth_key_len = hs_cell_establish_intro_getlen_auth_key(c_cell);
+ const trn_cell_establish_intro_t *c_cell = cell;
+ key_array = trn_cell_establish_intro_getconstarray_auth_key(c_cell);
+ auth_key_len = trn_cell_establish_intro_getlen_auth_key(c_cell);
break;
}
case RELAY_COMMAND_INTRODUCE1:
{
- const hs_cell_introduce1_t *c_cell = cell;
- key_array = hs_cell_introduce1_getconstarray_auth_key(cell);
- auth_key_len = hs_cell_introduce1_getlen_auth_key(c_cell);
+ const trn_cell_introduce1_t *c_cell = cell;
+ key_array = trn_cell_introduce1_getconstarray_auth_key(cell);
+ auth_key_len = trn_cell_introduce1_getlen_auth_key(c_cell);
break;
}
default:
@@ -68,7 +68,7 @@ get_auth_key_from_cell(ed25519_public_key_t *auth_key_out,
/** We received an ESTABLISH_INTRO <b>cell</b>. Verify its signature and MAC,
* given <b>circuit_key_material</b>. Return 0 on success else -1 on error. */
STATIC int
-verify_establish_intro_cell(const hs_cell_establish_intro_t *cell,
+verify_establish_intro_cell(const trn_cell_establish_intro_t *cell,
const uint8_t *circuit_key_material,
size_t circuit_key_material_len)
{
@@ -82,8 +82,8 @@ verify_establish_intro_cell(const hs_cell_establish_intro_t *cell,
/* Make sure the auth key length is of the right size for this type. For
* EXTRA safety, we check both the size of the array and the length which
* must be the same. Safety first!*/
- if (hs_cell_establish_intro_getlen_auth_key(cell) != ED25519_PUBKEY_LEN ||
- hs_cell_establish_intro_get_auth_key_len(cell) != ED25519_PUBKEY_LEN) {
+ if (trn_cell_establish_intro_getlen_auth_key(cell) != ED25519_PUBKEY_LEN ||
+ trn_cell_establish_intro_get_auth_key_len(cell) != ED25519_PUBKEY_LEN) {
log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
"ESTABLISH_INTRO auth key length is invalid");
return -1;
@@ -94,13 +94,14 @@ verify_establish_intro_cell(const hs_cell_establish_intro_t *cell,
/* Verify the sig */
{
ed25519_signature_t sig_struct;
- const uint8_t *sig_array = hs_cell_establish_intro_getconstarray_sig(cell);
+ const uint8_t *sig_array =
+ trn_cell_establish_intro_getconstarray_sig(cell);
/* Make sure the signature length is of the right size. For EXTRA safety,
* we check both the size of the array and the length which must be the
* same. Safety first!*/
- if (hs_cell_establish_intro_getlen_sig(cell) != sizeof(sig_struct.sig) ||
- hs_cell_establish_intro_get_sig_len(cell) != sizeof(sig_struct.sig)) {
+ if (trn_cell_establish_intro_getlen_sig(cell) != sizeof(sig_struct.sig) ||
+ trn_cell_establish_intro_get_sig_len(cell) != sizeof(sig_struct.sig)) {
log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
"ESTABLISH_INTRO sig len is invalid");
return -1;
@@ -147,21 +148,21 @@ hs_intro_send_intro_established_cell,(or_circuit_t *circ))
int ret;
uint8_t *encoded_cell = NULL;
ssize_t encoded_len, result_len;
- hs_cell_intro_established_t *cell;
- cell_extension_t *ext;
+ trn_cell_intro_established_t *cell;
+ trn_cell_extension_t *ext;
tor_assert(circ);
/* Build the cell payload. */
- cell = hs_cell_intro_established_new();
- ext = cell_extension_new();
- cell_extension_set_num(ext, 0);
- hs_cell_intro_established_set_extensions(cell, ext);
+ cell = trn_cell_intro_established_new();
+ ext = trn_cell_extension_new();
+ trn_cell_extension_set_num(ext, 0);
+ trn_cell_intro_established_set_extensions(cell, ext);
/* Encode the cell to binary format. */
- encoded_len = hs_cell_intro_established_encoded_len(cell);
+ encoded_len = trn_cell_intro_established_encoded_len(cell);
tor_assert(encoded_len > 0);
encoded_cell = tor_malloc_zero(encoded_len);
- result_len = hs_cell_intro_established_encode(encoded_cell, encoded_len,
+ result_len = trn_cell_intro_established_encode(encoded_cell, encoded_len,
cell);
tor_assert(encoded_len == result_len);
@@ -170,7 +171,7 @@ hs_intro_send_intro_established_cell,(or_circuit_t *circ))
(char *) encoded_cell, encoded_len,
NULL);
/* On failure, the above function will close the circuit. */
- hs_cell_intro_established_free(cell);
+ trn_cell_intro_established_free(cell);
tor_free(encoded_cell);
return ret;
}
@@ -180,7 +181,7 @@ hs_intro_send_intro_established_cell,(or_circuit_t *circ))
* establish an intro point. */
static int
handle_verified_establish_intro_cell(or_circuit_t *circ,
- const hs_cell_establish_intro_t *parsed_cell)
+ const trn_cell_establish_intro_t *parsed_cell)
{
/* Get the auth key of this intro point */
ed25519_public_key_t auth_key;
@@ -210,7 +211,7 @@ handle_establish_intro(or_circuit_t *circ, const uint8_t *request,
size_t request_len)
{
int cell_ok, retval = -1;
- hs_cell_establish_intro_t *parsed_cell = NULL;
+ trn_cell_establish_intro_t *parsed_cell = NULL;
tor_assert(circ);
tor_assert(request);
@@ -224,7 +225,7 @@ handle_establish_intro(or_circuit_t *circ, const uint8_t *request,
}
/* Parse the cell */
- ssize_t parsing_result = hs_cell_establish_intro_parse(&parsed_cell,
+ ssize_t parsing_result = trn_cell_establish_intro_parse(&parsed_cell,
request, request_len);
if (parsing_result < 0) {
log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
@@ -259,7 +260,7 @@ handle_establish_intro(or_circuit_t *circ, const uint8_t *request,
circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_TORPROTOCOL);
done:
- hs_cell_establish_intro_free(parsed_cell);
+ trn_cell_establish_intro_free(parsed_cell);
return retval;
}
@@ -339,28 +340,28 @@ send_introduce_ack_cell(or_circuit_t *circ, hs_intro_ack_status_t status)
int ret = -1;
uint8_t *encoded_cell = NULL;
ssize_t encoded_len, result_len;
- hs_cell_introduce_ack_t *cell;
- cell_extension_t *ext;
+ trn_cell_introduce_ack_t *cell;
+ trn_cell_extension_t *ext;
tor_assert(circ);
/* Setup the INTRODUCE_ACK cell. We have no extensions so the N_EXTENSIONS
* field is set to 0 by default with a new object. */
- cell = hs_cell_introduce_ack_new();
- ret = hs_cell_introduce_ack_set_status(cell, status);
+ cell = trn_cell_introduce_ack_new();
+ ret = trn_cell_introduce_ack_set_status(cell, status);
/* We have no cell extensions in an INTRODUCE_ACK cell. */
- ext = cell_extension_new();
- cell_extension_set_num(ext, 0);
- hs_cell_introduce_ack_set_extensions(cell, ext);
+ ext = trn_cell_extension_new();
+ trn_cell_extension_set_num(ext, 0);
+ trn_cell_introduce_ack_set_extensions(cell, ext);
/* A wrong status is a very bad code flow error as this value is controlled
* by the code in this file and not an external input. This means we use a
* code that is not known by the trunnel ABI. */
tor_assert(ret == 0);
/* Encode the payload. We should never fail to get the encoded length. */
- encoded_len = hs_cell_introduce_ack_encoded_len(cell);
+ encoded_len = trn_cell_introduce_ack_encoded_len(cell);
tor_assert(encoded_len > 0);
encoded_cell = tor_malloc_zero(encoded_len);
- result_len = hs_cell_introduce_ack_encode(encoded_cell, encoded_len, cell);
+ result_len = trn_cell_introduce_ack_encode(encoded_cell, encoded_len, cell);
tor_assert(encoded_len == result_len);
ret = relay_send_command_from_edge(CONTROL_CELL_ID, TO_CIRCUIT(circ),
@@ -368,7 +369,7 @@ send_introduce_ack_cell(or_circuit_t *circ, hs_intro_ack_status_t status)
(char *) encoded_cell, encoded_len,
NULL);
/* On failure, the above function will close the circuit. */
- hs_cell_introduce_ack_free(cell);
+ trn_cell_introduce_ack_free(cell);
tor_free(encoded_cell);
return ret;
}
@@ -376,7 +377,7 @@ send_introduce_ack_cell(or_circuit_t *circ, hs_intro_ack_status_t status)
/* Validate a parsed INTRODUCE1 <b>cell</b>. Return 0 if valid or else a
* negative value for an invalid cell that should be NACKed. */
STATIC int
-validate_introduce1_parsed_cell(const hs_cell_introduce1_t *cell)
+validate_introduce1_parsed_cell(const trn_cell_introduce1_t *cell)
{
size_t legacy_key_id_len;
const uint8_t *legacy_key_id;
@@ -385,29 +386,29 @@ validate_introduce1_parsed_cell(const hs_cell_introduce1_t *cell)
/* This code path SHOULD NEVER be reached if the cell is a legacy type so
* safety net here. The legacy ID must be zeroes in this case. */
- legacy_key_id_len = hs_cell_introduce1_getlen_legacy_key_id(cell);
- legacy_key_id = hs_cell_introduce1_getconstarray_legacy_key_id(cell);
+ legacy_key_id_len = trn_cell_introduce1_getlen_legacy_key_id(cell);
+ legacy_key_id = trn_cell_introduce1_getconstarray_legacy_key_id(cell);
if (BUG(!tor_mem_is_zero((char *) legacy_key_id, legacy_key_id_len))) {
goto invalid;
}
/* The auth key of an INTRODUCE1 should be of type ed25519 thus leading to a
* known fixed length as well. */
- if (hs_cell_introduce1_get_auth_key_type(cell) !=
+ if (trn_cell_introduce1_get_auth_key_type(cell) !=
HS_INTRO_AUTH_KEY_TYPE_ED25519) {
log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
"Rejecting invalid INTRODUCE1 cell auth key type. "
"Responding with NACK.");
goto invalid;
}
- if (hs_cell_introduce1_get_auth_key_len(cell) != ED25519_PUBKEY_LEN ||
- hs_cell_introduce1_getlen_auth_key(cell) != ED25519_PUBKEY_LEN) {
+ if (trn_cell_introduce1_get_auth_key_len(cell) != ED25519_PUBKEY_LEN ||
+ trn_cell_introduce1_getlen_auth_key(cell) != ED25519_PUBKEY_LEN) {
log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
"Rejecting invalid INTRODUCE1 cell auth key length. "
"Responding with NACK.");
goto invalid;
}
- if (hs_cell_introduce1_getlen_encrypted(cell) == 0) {
+ if (trn_cell_introduce1_getlen_encrypted(cell) == 0) {
log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
"Rejecting invalid INTRODUCE1 cell encrypted length. "
"Responding with NACK.");
@@ -430,7 +431,7 @@ handle_introduce1(or_circuit_t *client_circ, const uint8_t *request,
{
int ret = -1;
or_circuit_t *service_circ;
- hs_cell_introduce1_t *parsed_cell;
+ trn_cell_introduce1_t *parsed_cell;
hs_intro_ack_status_t status = HS_INTRO_ACK_STATUS_SUCCESS;
tor_assert(client_circ);
@@ -439,7 +440,7 @@ handle_introduce1(or_circuit_t *client_circ, const uint8_t *request,
/* Parse cell. Note that we can only parse the non encrypted section for
* which we'll use the authentication key to find the service introduction
* circuit and relay the cell on it. */
- ssize_t cell_size = hs_cell_introduce1_parse(&parsed_cell, request,
+ ssize_t cell_size = trn_cell_introduce1_parse(&parsed_cell, request,
request_len);
if (cell_size < 0) {
log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
@@ -505,7 +506,7 @@ handle_introduce1(or_circuit_t *client_circ, const uint8_t *request,
circuit_mark_for_close(TO_CIRCUIT(client_circ), END_CIRC_REASON_INTERNAL);
}
done:
- hs_cell_introduce1_free(parsed_cell);
+ trn_cell_introduce1_free(parsed_cell);
return ret;
}
diff --git a/src/or/hs_intropoint.h b/src/or/hs_intropoint.h
index 3a84a48dd8..163ed810e7 100644
--- a/src/or/hs_intropoint.h
+++ b/src/or/hs_intropoint.h
@@ -41,7 +41,7 @@ int hs_intro_circuit_is_suitable_for_establish_intro(const or_circuit_t *circ);
#include "hs/cell_introduce1.h"
STATIC int
-verify_establish_intro_cell(const hs_cell_establish_intro_t *out,
+verify_establish_intro_cell(const trn_cell_establish_intro_t *out,
const uint8_t *circuit_key_material,
size_t circuit_key_material_len);
@@ -52,7 +52,7 @@ get_auth_key_from_cell(ed25519_public_key_t *auth_key_out,
STATIC int introduce1_cell_is_legacy(const uint8_t *request);
STATIC int handle_introduce1(or_circuit_t *client_circ,
const uint8_t *request, size_t request_len);
-STATIC int validate_introduce1_parsed_cell(const hs_cell_introduce1_t *cell);
+STATIC int validate_introduce1_parsed_cell(const trn_cell_introduce1_t *cell);
STATIC int circuit_is_suitable_for_introduce1(const or_circuit_t *circ);
#endif /* HS_INTROPOINT_PRIVATE */
diff --git a/src/or/hs_service.c b/src/or/hs_service.c
index 52de2bfa9d..71939e236b 100644
--- a/src/or/hs_service.c
+++ b/src/or/hs_service.c
@@ -27,7 +27,7 @@
* bytes written, or a negative integer if there was an error. */
ssize_t
get_establish_intro_payload(uint8_t *buf_out, size_t buf_out_len,
- const hs_cell_establish_intro_t *cell)
+ const trn_cell_establish_intro_t *cell)
{
ssize_t bytes_used = 0;
@@ -35,31 +35,31 @@ get_establish_intro_payload(uint8_t *buf_out, size_t buf_out_len,
return -1;
}
- bytes_used = hs_cell_establish_intro_encode(buf_out, buf_out_len,
+ bytes_used = trn_cell_establish_intro_encode(buf_out, buf_out_len,
cell);
return bytes_used;
}
/* Set the cell extensions of <b>cell</b>. */
static void
-set_cell_extensions(hs_cell_establish_intro_t *cell)
+set_trn_cell_extensions(trn_cell_establish_intro_t *cell)
{
- cell_extension_t *cell_extensions = cell_extension_new();
+ trn_cell_extension_t *trn_cell_extensions = trn_cell_extension_new();
/* For now, we don't use extensions at all. */
- cell_extensions->num = 0; /* It's already zeroed, but be explicit. */
- hs_cell_establish_intro_set_extensions(cell, cell_extensions);
+ trn_cell_extensions->num = 0; /* It's already zeroed, but be explicit. */
+ trn_cell_establish_intro_set_extensions(cell, trn_cell_extensions);
}
/** Given the circuit handshake info in <b>circuit_key_material</b>, create and
* return an ESTABLISH_INTRO cell. Return NULL if something went wrong. The
* returned cell is allocated on the heap and it's the responsibility of the
* caller to free it. */
-hs_cell_establish_intro_t *
+trn_cell_establish_intro_t *
generate_establish_intro_cell(const uint8_t *circuit_key_material,
size_t circuit_key_material_len)
{
- hs_cell_establish_intro_t *cell = NULL;
+ trn_cell_establish_intro_t *cell = NULL;
ssize_t encoded_len;
log_warn(LD_GENERAL,
@@ -72,31 +72,31 @@ generate_establish_intro_cell(const uint8_t *circuit_key_material,
goto err;
}
- cell = hs_cell_establish_intro_new();
+ cell = trn_cell_establish_intro_new();
/* Set AUTH_KEY_TYPE: 2 means ed25519 */
- hs_cell_establish_intro_set_auth_key_type(cell, AUTH_KEY_ED25519);
+ trn_cell_establish_intro_set_auth_key_type(cell, AUTH_KEY_ED25519);
/* Set AUTH_KEY_LEN field */
/* Must also set byte-length of AUTH_KEY to match */
int auth_key_len = ED25519_PUBKEY_LEN;
- hs_cell_establish_intro_set_auth_key_len(cell, auth_key_len);
- hs_cell_establish_intro_setlen_auth_key(cell, auth_key_len);
+ trn_cell_establish_intro_set_auth_key_len(cell, auth_key_len);
+ trn_cell_establish_intro_setlen_auth_key(cell, auth_key_len);
/* Set AUTH_KEY field */
- uint8_t *auth_key_ptr = hs_cell_establish_intro_getarray_auth_key(cell);
+ uint8_t *auth_key_ptr = trn_cell_establish_intro_getarray_auth_key(cell);
memcpy(auth_key_ptr, key_struct.pubkey.pubkey, auth_key_len);
/* No cell extensions needed */
- set_cell_extensions(cell);
+ set_trn_cell_extensions(cell);
/* Set signature size.
We need to do this up here, because _encode() needs it and we need to call
_encode() to calculate the MAC and signature.
*/
int sig_len = ED25519_SIG_LEN;
- hs_cell_establish_intro_set_sig_len(cell, sig_len);
- hs_cell_establish_intro_setlen_sig(cell, sig_len);
+ trn_cell_establish_intro_set_sig_len(cell, sig_len);
+ trn_cell_establish_intro_setlen_sig(cell, sig_len);
/* XXX How to make this process easier and nicer? */
@@ -107,7 +107,7 @@ generate_establish_intro_cell(const uint8_t *circuit_key_material,
uint8_t cell_bytes_tmp[RELAY_PAYLOAD_SIZE] = {0};
uint8_t mac[TRUNNEL_SHA3_256_LEN];
- encoded_len = hs_cell_establish_intro_encode(cell_bytes_tmp,
+ encoded_len = trn_cell_establish_intro_encode(cell_bytes_tmp,
sizeof(cell_bytes_tmp),
cell);
if (encoded_len < 0) {
@@ -126,7 +126,7 @@ generate_establish_intro_cell(const uint8_t *circuit_key_material,
(ED25519_SIG_LEN + 2 + TRUNNEL_SHA3_256_LEN));
/* Write the MAC to the cell */
uint8_t *handshake_ptr =
- hs_cell_establish_intro_getarray_handshake_mac(cell);
+ trn_cell_establish_intro_getarray_handshake_mac(cell);
memcpy(handshake_ptr, mac, sizeof(mac));
}
@@ -137,7 +137,7 @@ generate_establish_intro_cell(const uint8_t *circuit_key_material,
uint8_t cell_bytes_tmp[RELAY_PAYLOAD_SIZE] = {0};
ed25519_signature_t sig;
- encoded_len = hs_cell_establish_intro_encode(cell_bytes_tmp,
+ encoded_len = trn_cell_establish_intro_encode(cell_bytes_tmp,
sizeof(cell_bytes_tmp),
cell);
if (encoded_len < 0) {
@@ -158,7 +158,7 @@ generate_establish_intro_cell(const uint8_t *circuit_key_material,
}
/* And write the signature to the cell */
- uint8_t *sig_ptr = hs_cell_establish_intro_getarray_sig(cell);
+ uint8_t *sig_ptr = trn_cell_establish_intro_getarray_sig(cell);
memcpy(sig_ptr, sig.sig, sig_len);
}
@@ -166,7 +166,7 @@ generate_establish_intro_cell(const uint8_t *circuit_key_material,
return cell;
err:
- hs_cell_establish_intro_free(cell);
+ trn_cell_establish_intro_free(cell);
return NULL;
}
diff --git a/src/or/hs_service.h b/src/or/hs_service.h
index 1405b26cc8..3302592762 100644
--- a/src/or/hs_service.h
+++ b/src/or/hs_service.h
@@ -16,12 +16,12 @@
* hs_service.o ends up with no symbols in libor.a which makes clang throw a
* warning at compile time. See #21825. */
-hs_cell_establish_intro_t *
+trn_cell_establish_intro_t *
generate_establish_intro_cell(const uint8_t *circuit_key_material,
size_t circuit_key_material_len);
ssize_t
get_establish_intro_payload(uint8_t *buf, size_t buf_len,
- const hs_cell_establish_intro_t *cell);
+ const trn_cell_establish_intro_t *cell);
#endif /* TOR_HS_SERVICE_H */