diff options
author | David Goulet <dgoulet@torproject.org> | 2019-12-11 09:50:43 -0500 |
---|---|---|
committer | David Goulet <dgoulet@torproject.org> | 2020-04-08 07:56:54 -0400 |
commit | fdd6352506ccf3d085238d970bef962b592da35d (patch) | |
tree | e1db49e35e501e21cd9c2404f581231ec5302b52 /src | |
parent | 1720a2191d6b94e1847a2ad3a2c45c5e8de53bcd (diff) | |
download | tor-fdd6352506ccf3d085238d970bef962b592da35d.tar.gz tor-fdd6352506ccf3d085238d970bef962b592da35d.zip |
hs-v3: Report introduction failure SOCKS ExtendedErrors
Signed-off-by: David Goulet <dgoulet@torproject.org>
Diffstat (limited to 'src')
-rw-r--r-- | src/feature/hs/hs_client.c | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/src/feature/hs/hs_client.c b/src/feature/hs/hs_client.c index cc1b01d2ef..4b9c9cb186 100644 --- a/src/feature/hs/hs_client.c +++ b/src/feature/hs/hs_client.c @@ -961,6 +961,20 @@ client_get_random_intro(const ed25519_public_key_t *service_pk) return ei; } +/** Called when introduction has failed meaning there is no more usable + * introduction points to be used (either NACKed or failed) for the given + * entry connection. + * + * This function only reports back the SOCKS5_HS_INTRO_FAILED (0xF2) code. The + * caller has to make sure to close the entry connections. */ +static void +socks_report_introduction_failed(entry_connection_t *conn) +{ + tor_assert(conn); + tor_assert(conn->socks_request); + conn->socks_request->socks_extended_error_code = SOCKS5_HS_INTRO_FAILED; +} + /** For this introduction circuit, we'll look at if we have any usable * introduction point left for this service. If so, we'll use the circuit to * re-extend to a new intro point. Else, we'll close the circuit and its @@ -1313,6 +1327,10 @@ client_desc_has_arrived(const smartlist_t *entry_conns) if (!hs_client_any_intro_points_usable(identity_pk, desc)) { log_info(LD_REND, "Hidden service descriptor is unusable. " "Closing streams."); + /* Report the extended socks error code that we were unable to introduce + * to the service. */ + socks_report_introduction_failed(entry_conn); + connection_mark_unattached_ap(entry_conn, END_STREAM_REASON_RESOLVEFAILED); /* We are unable to use the descriptor so remove the directory request |